urlscan.io logo urlscan.io
SecurityTrails logo

signon.rezidor.com Open in urlscan Pro
104.126.37.185  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://rhg.audimex-hosting.com/app/cgi-bin/wal.fcgi?action=self_assessment_start.pl&1=1
Effective URL: https://signon.rezidor.com/adfs/ls/?SAMLRequest=hZLNbsIwEIRfJfI9cRL%2BLUACAhISrSpoe%2BilspwFLCW267Up7dPXCWpLL%2FRkaXfGO9%2F...
Submission: On May 02 via manual from HK — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 3 domains to perform 9 HTTP transactions. The main IP is 104.126.37.185, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is signon.rezidor.com.
TLS certificate: Issued by R3 on April 17th 2024. Valid for: 3 months.
This is the only time signon.rezidor.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 195.82.63.61 8375 (Telehouse...)
7 104.126.37.185 20940 (AKAMAI-ASN1)
9 2
Apex Domain
Subdomains		 Transfer
7 rezidor.com
signon.rezidor.com
427 KB
2 audimex-hosting.com
rhg.audimex-hosting.com
2 KB
0 go-mpulse.net Failed
s.go-mpulse.net Failed
9 3
Domain Requested by
7 signon.rezidor.com signon.rezidor.com
2 rhg.audimex-hosting.com 2 redirects
0 s.go-mpulse.net Failed signon.rezidor.com
9 3

This site contains no links.

Subject Issuer Validity Valid
san3.radissonhotels.com
R3		 2024-04-17 -
2024-07-16		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://signon.rezidor.com/adfs/ls/?SAMLRequest=hZLNbsIwEIRfJfI9cRL%2BLUACAhISrSpoe%2BilspwFLCW267Up7dPXCWpLL%2FRkaXfGO9%2FaY%2BR1ZdjMu6PawpsHdNG5rhSytjEh3iqmOUpkiteAzAm2m91tWJ6kzFjttNAVubLcdnBEsE5qRaJ1MSGvw9EgH3ZW8242yJdFNsz7i2XRGWXdYX%2FZz3pzEj2DxaCfkGAPJkQPa4WOKxdKad6N016c5o9pn3UGLB%2B8kKgIDFJx17qOzhlklKI8KK0SC5%2By1DYRuqa83COtkJJooRVCc%2BGt6OIiYsJbG85Y1qaSQjoSrbQV0G5wQva8QmhyPgRUeYKfyuybvBnma7A7sCcp4Gm7%2BU1pj4eE%2B1LWcI6PusE4XKIaQ0GVRkvlqAmNLaBp8pDpuFk6a%2Fdip%2F%2Fd02jH9Noxvrz%2FfcBdFw86EH00PDW%2FsY0sydqKLON9K2VeoQEh9xLKQFpV%2Bn1hgbtA76wHQqeXoX%2F%2F2fQL&RelayState=https%3A%2F%2Frhg.audimex-hosting.com%2Fapp%2Fcgi-bin%2Fwal.fcgi%3Faction%3Dself_assessment_start.pl%261%3D1
Frame ID: 5C2FF5B1F2E6B142314AAB322550D554
Requests: 10 HTTP requests in this frame

Frame: https://s.go-mpulse.net/boomerang/FULDB-JCY2L-HEBHF-3GKNC-5TQJ5
Frame ID: EDC4F22AFA8D7DB869940F13B0416C8D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Anmelden

Page URL History Show full URLs

  1. https://rhg.audimex-hosting.com/app/cgi-bin/wal.fcgi?action=self_assessment_start.pl&1=1 HTTP 303
    https://rhg.audimex-hosting.com/app/endpoint/login?ReturnTo=https%3A%2F%2Frhg.audimex%2Dhosting.com%2Fapp%2F... HTTP 303
    https://signon.rezidor.com/adfs/ls/?SAMLRequest=hZLNbsIwEIRfJfI9cRL%2BLUACAhISrSpoe%2BilspwFLCW267Up7dP... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns

Page Statistics

9
Requests

78 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

1
Countries

427 kB
Transfer

514 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://rhg.audimex-hosting.com/app/cgi-bin/wal.fcgi?action=self_assessment_start.pl&1=1 HTTP 303
    https://rhg.audimex-hosting.com/app/endpoint/login?ReturnTo=https%3A%2F%2Frhg.audimex%2Dhosting.com%2Fapp%2Fcgi%2Dbin%2Fwal.fcgi%3Faction%3Dself_assessment_start.pl%261%3D1&IdP=http%3A%2F%2Fsignon.rezidor.com%2Fadfs%2Fservices%2Ftrust HTTP 303
    https://signon.rezidor.com/adfs/ls/?SAMLRequest=hZLNbsIwEIRfJfI9cRL%2BLUACAhISrSpoe%2BilspwFLCW267Up7dPXCWpLL%2FRkaXfGO9%2FaY%2BR1ZdjMu6PawpsHdNG5rhSytjEh3iqmOUpkiteAzAm2m91tWJ6kzFjttNAVubLcdnBEsE5qRaJ1MSGvw9EgH3ZW8242yJdFNsz7i2XRGWXdYX%2FZz3pzEj2DxaCfkGAPJkQPa4WOKxdKad6N016c5o9pn3UGLB%2B8kKgIDFJx17qOzhlklKI8KK0SC5%2By1DYRuqa83COtkJJooRVCc%2BGt6OIiYsJbG85Y1qaSQjoSrbQV0G5wQva8QmhyPgRUeYKfyuybvBnma7A7sCcp4Gm7%2BU1pj4eE%2B1LWcI6PusE4XKIaQ0GVRkvlqAmNLaBp8pDpuFk6a%2Fdip%2F%2Fd02jH9Noxvrz%2FfcBdFw86EH00PDW%2FsY0sydqKLON9K2VeoQEh9xLKQFpV%2Bn1hgbtA76wHQqeXoX%2F%2F2fQL&RelayState=https%3A%2F%2Frhg.audimex-hosting.com%2Fapp%2Fcgi-bin%2Fwal.fcgi%3Faction%3Dself_assessment_start.pl%261%3D1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
signon.rezidor.com/adfs/ls/
Redirect Chain
  • https://rhg.audimex-hosting.com/app/cgi-bin/wal.fcgi?action=self_assessment_start.pl&1=1
  • https://rhg.audimex-hosting.com/app/endpoint/login?ReturnTo=https%3A%2F%2Frhg.audimex%2Dhosting.com%2Fapp%2Fcgi%2Dbin%2Fwal.fcgi%3Faction%3Dself_assessment_start.pl%261%3D1&IdP=http%3A%2F%2Fsignon....
  • https://signon.rezidor.com/adfs/ls/?SAMLRequest=hZLNbsIwEIRfJfI9cRL%2BLUACAhISrSpoe%2BilspwFLCW267Up7dPXCWpLL%2FRkaXfGO9%2FaY%2BR1ZdjMu6PawpsHdNG5rhSytjEh3iqmOUpkiteAzAm2m91tWJ6kzFjttNAVubLcdnBEsE5...
40 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://signon.rezidor.com/adfs/ls/?SAMLRequest=hZLNbsIwEIRfJfI9cRL%2BLUACAhISrSpoe%2BilspwFLCW267Up7dPXCWpLL%2FRkaXfGO9%2FaY%2BR1ZdjMu6PawpsHdNG5rhSytjEh3iqmOUpkiteAzAm2m91tWJ6kzFjttNAVubLcdnBEsE5qRaJ1MSGvw9EgH3ZW8242yJdFNsz7i2XRGWXdYX%2FZz3pzEj2DxaCfkGAPJkQPa4WOKxdKad6N016c5o9pn3UGLB%2B8kKgIDFJx17qOzhlklKI8KK0SC5%2By1DYRuqa83COtkJJooRVCc%2BGt6OIiYsJbG85Y1qaSQjoSrbQV0G5wQva8QmhyPgRUeYKfyuybvBnma7A7sCcp4Gm7%2BU1pj4eE%2B1LWcI6PusE4XKIaQ0GVRkvlqAmNLaBp8pDpuFk6a%2Fdip%2F%2Fd02jH9Noxvrz%2FfcBdFw86EH00PDW%2FsY0sydqKLON9K2VeoQEh9xLKQFpV%2Bn1hgbtA76wHQqeXoX%2F%2F2fQL&RelayState=https%3A%2F%2Frhg.audimex-hosting.com%2Fapp%2Fcgi-bin%2Fwal.fcgi%3Faction%3Dself_assessment_start.pl%261%3D1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fd5536b7c8460104619f44319a6bd52395f752b925e1ccc8adbded05aad41a2a
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options allow-from https://app.powerbi.com
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
11277
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;
content-type
text/html; charset=utf-8
date
Thu, 02 May 2024 06:37:28 GMT
expires
Thu, 02 May 2024 06:37:28 GMT
pragma
no-cache
server-timing
cdn-cache; desc=MISS edge; dur=142 origin; dur=102 ak_p; desc="1714631847838_1753097653_930299445_24400_22466_37_103_255";dur=1
strict-transport-security
max-age=16070400; includeSubDomains
vary
Accept-Encoding
x-akamai-transformed
9 36248 0 pmb=mTOE,2mRUM,2
x-content-type-options
nosniff
x-frame-options
allow-from https://app.powerbi.com
x-xss-protection
1; mode=block

Redirect headers

Cache-Control
no-cache private, max-age=0, must-revalidate no-cache
Connection
keep-alive
Content-Length
897
Content-Security-Policy
script-src 'unsafe-inline' 'unsafe-eval' *.audimex-hosting.com *.audimex.com;
Content-Type
text/html; charset=iso-8859-1
Date
Thu, 02 May 2024 06:37:27 GMT
Expect-CT
enforce, max-age=21600
Host
rhg.audimex-hosting.com
Location
https://signon.rezidor.com/adfs/ls/?SAMLRequest=hZLNbsIwEIRfJfI9cRL%2BLUACAhISrSpoe%2BilspwFLCW267Up7dPXCWpLL%2FRkaXfGO9%2FaY%2BR1ZdjMu6PawpsHdNG5rhSytjEh3iqmOUpkiteAzAm2m91tWJ6kzFjttNAVubLcdnBEsE5qRaJ1MSGvw9EgH3ZW8242yJdFNsz7i2XRGWXdYX%2FZz3pzEj2DxaCfkGAPJkQPa4WOKxdKad6N016c5o9pn3UGLB%2B8kKgIDFJx17qOzhlklKI8KK0SC5%2By1DYRuqa83COtkJJooRVCc%2BGt6OIiYsJbG85Y1qaSQjoSrbQV0G5wQva8QmhyPgRUeYKfyuybvBnma7A7sCcp4Gm7%2BU1pj4eE%2B1LWcI6PusE4XKIaQ0GVRkvlqAmNLaBp8pDpuFk6a%2Fdip%2F%2Fd02jH9Noxvrz%2FfcBdFw86EH00PDW%2FsY0sydqKLON9K2VeoQEh9xLKQFpV%2Bn1hgbtA76wHQqeXoX%2F%2F2fQL&RelayState=https%3A%2F%2Frhg.audimex-hosting.com%2Fapp%2Fcgi-bin%2Fwal.fcgi%3Faction%3Dself_assessment_start.pl%261%3D1
Referrer-Policy
same-origin
Server
nginx
X-Frame-Options
sameorigin sameorigin
X-XSS-Protection
1; mode=block
style.css
signon.rezidor.com/adfs/portal/css/ 		17 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://signon.rezidor.com/adfs/portal/css/style.css?id=6AAD013B692734A474DE794BB7C98BE2A27E7714B6D9E96799629CE6257EE0AB
Requested by
Host: signon.rezidor.com
URL: https://signon.rezidor.com/adfs/ls/?SAMLRequest=hZLNbsIwEIRfJfI9cRL%2BLUACAhISrSpoe%2BilspwFLCW267Up7dPXCWpLL%2FRkaXfGO9%2FaY%2BR1ZdjMu6PawpsHdNG5rhSytjEh3iqmOUpkiteAzAm2m91tWJ6kzFjttNAVubLcdnBEsE5qRaJ1MSGvw9EgH3ZW8242yJdFNsz7i2XRGWXdYX%2FZz3pzEj2DxaCfkGAPJkQPa4WOKxdKad6N016c5o9pn3UGLB%2B8kKgIDFJx17qOzhlklKI8KK0SC5%2By1DYRuqa83COtkJJooRVCc%2BGt6OIiYsJbG85Y1qaSQjoSrbQV0G5wQva8QmhyPgRUeYKfyuybvBnma7A7sCcp4Gm7%2BU1pj4eE%2B1LWcI6PusE4XKIaQ0GVRkvlqAmNLaBp8pDpuFk6a%2Fdip%2F%2Fd02jH9Noxvrz%2FfcBdFw86EH00PDW%2FsY0sydqKLON9K2VeoQEh9xLKQFpV%2Bn1hgbtA76wHQqeXoX%2F%2F2fQL&RelayState=https%3A%2F%2Frhg.audimex-hosting.com%2Fapp%2Fcgi-bin%2Fwal.fcgi%3Faction%3Dself_assessment_start.pl%261%3D1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
cfd1e4719689946f2a0fc20e60d4808963c8061b4aea5cc21cdb4bda80180371
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://signon.rezidor.com/adfs/ls/?SAMLRequest=hZLNbsIwEIRfJfI9cRL%2BLUACAhISrSpoe%2BilspwFLCW267Up7dPXCWpLL%2FRkaXfGO9%2FaY%2BR1ZdjMu6PawpsHdNG5rhSytjEh3iqmOUpkiteAzAm2m91tWJ6kzFjttNAVubLcdnBEsE5qRaJ1MSGvw9EgH3ZW8242yJdFNsz7i2XRGWXdYX%2FZz3pzEj2DxaCfkGAPJkQPa4WOKxdKad6N016c5o9pn3UGLB%2B8kKgIDFJx17qOzhlklKI8KK0SC5%2By1DYRuqa83COtkJJooRVCc%2BGt6OIiYsJbG85Y1qaSQjoSrbQV0G5wQva8QmhyPgRUeYKfyuybvBnma7A7sCcp4Gm7%2BU1pj4eE%2B1LWcI6PusE4XKIaQ0GVRkvlqAmNLaBp8pDpuFk6a%2Fdip%2F%2Fd02jH9Noxvrz%2FfcBdFw86EH00PDW%2FsY0sydqKLON9K2VeoQEh9xLKQFpV%2Bn1hgbtA76wHQqeXoX%2F%2F2fQL&RelayState=https%3A%2F%2Frhg.audimex-hosting.com%2Fapp%2Fcgi-bin%2Fwal.fcgi%3Faction%3Dself_assessment_start.pl%261%3D1
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=16070400; includeSubDomains
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;
x-content-type-options
nosniff
date
Thu, 02 May 2024 06:37:28 GMT
content-encoding
gzip
etag
6AAD013B692734A474DE794BB7C98BE2A27E7714B6D9E96799629CE6257EE0AB
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=357106
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714631848428_1753097653_930301578_6764_22115_38_0_255";dur=1
content-length
2731
x-xss-protection
1; mode=block
5a54f7d1
signon.rezidor.com/akam/13/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signon.rezidor.com/akam/13/5a54f7d1
Requested by
Host: signon.rezidor.com
URL: https://signon.rezidor.com/adfs/ls/?SAMLRequest=hZLNbsIwEIRfJfI9cRL%2BLUACAhISrSpoe%2BilspwFLCW267Up7dPXCWpLL%2FRkaXfGO9%2FaY%2BR1ZdjMu6PawpsHdNG5rhSytjEh3iqmOUpkiteAzAm2m91tWJ6kzFjttNAVubLcdnBEsE5qRaJ1MSGvw9EgH3ZW8242yJdFNsz7i2XRGWXdYX%2FZz3pzEj2DxaCfkGAPJkQPa4WOKxdKad6N016c5o9pn3UGLB%2B8kKgIDFJx17qOzhlklKI8KK0SC5%2By1DYRuqa83COtkJJooRVCc%2BGt6OIiYsJbG85Y1qaSQjoSrbQV0G5wQva8QmhyPgRUeYKfyuybvBnma7A7sCcp4Gm7%2BU1pj4eE%2B1LWcI6PusE4XKIaQ0GVRkvlqAmNLaBp8pDpuFk6a%2Fdip%2F%2Fd02jH9Noxvrz%2FfcBdFw86EH00PDW%2FsY0sydqKLON9K2VeoQEh9xLKQFpV%2Bn1hgbtA76wHQqeXoX%2F%2F2fQL&RelayState=https%3A%2F%2Frhg.audimex-hosting.com%2Fapp%2Fcgi-bin%2Fwal.fcgi%3Faction%3Dself_assessment_start.pl%261%3D1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5a5c11b2b4c817b60f1e5d59142991490c8d0760d92887744c212696680d017e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://signon.rezidor.com/adfs/ls/?SAMLRequest=hZLNbsIwEIRfJfI9cRL%2BLUACAhISrSpoe%2BilspwFLCW267Up7dPXCWpLL%2FRkaXfGO9%2FaY%2BR1ZdjMu6PawpsHdNG5rhSytjEh3iqmOUpkiteAzAm2m91tWJ6kzFjttNAVubLcdnBEsE5qRaJ1MSGvw9EgH3ZW8242yJdFNsz7i2XRGWXdYX%2FZz3pzEj2DxaCfkGAPJkQPa4WOKxdKad6N016c5o9pn3UGLB%2B8kKgIDFJx17qOzhlklKI8KK0SC5%2By1DYRuqa83COtkJJooRVCc%2BGt6OIiYsJbG85Y1qaSQjoSrbQV0G5wQva8QmhyPgRUeYKfyuybvBnma7A7sCcp4Gm7%2BU1pj4eE%2B1LWcI6PusE4XKIaQ0GVRkvlqAmNLaBp8pDpuFk6a%2Fdip%2F%2Fd02jH9Noxvrz%2FfcBdFw86EH00PDW%2FsY0sydqKLON9K2VeoQEh9xLKQFpV%2Bn1hgbtA76wHQqeXoX%2F%2F2fQL&RelayState=https%3A%2F%2Frhg.audimex-hosting.com%2Fapp%2Fcgi-bin%2Fwal.fcgi%3Faction%3Dself_assessment_start.pl%261%3D1
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 02 May 2024 06:37:28 GMT
content-encoding
gzip
last-modified
Thu, 22 Feb 2024 19:40:00 GMT
etag
"4a766588e86ef0e99aa942325a96006fa74921fbb22a25d473327d0482ad7238"
stored-attribute-sha-checksum
5a5c11b2b4c817b60f1e5d59142991490c8d0760d92887744c212696680d017e
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=21600
server-timing
cdn-cache; desc=HIT, edge; dur=191, origin; dur=0, ak_p; desc="1714631848385_1753097653_930301580_21579_12960_39_0_146";dur=1
content-length
8740
expires
Thu, 02 May 2024 06:37:28 GMT
logo.png
signon.rezidor.com/adfs/portal/logo/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://signon.rezidor.com/adfs/portal/logo/logo.png?id=3A5E40710CE0D8EBB4DF0EE35BDE44472DCA17721B576F13D7B9ECAE38809A91
Requested by
Host: signon.rezidor.com
URL: https://signon.rezidor.com/adfs/ls/?SAMLRequest=hZLNbsIwEIRfJfI9cRL%2BLUACAhISrSpoe%2BilspwFLCW267Up7dPXCWpLL%2FRkaXfGO9%2FaY%2BR1ZdjMu6PawpsHdNG5rhSytjEh3iqmOUpkiteAzAm2m91tWJ6kzFjttNAVubLcdnBEsE5qRaJ1MSGvw9EgH3ZW8242yJdFNsz7i2XRGWXdYX%2FZz3pzEj2DxaCfkGAPJkQPa4WOKxdKad6N016c5o9pn3UGLB%2B8kKgIDFJx17qOzhlklKI8KK0SC5%2By1DYRuqa83COtkJJooRVCc%2BGt6OIiYsJbG85Y1qaSQjoSrbQV0G5wQva8QmhyPgRUeYKfyuybvBnma7A7sCcp4Gm7%2BU1pj4eE%2B1LWcI6PusE4XKIaQ0GVRkvlqAmNLaBp8pDpuFk6a%2Fdip%2F%2Fd02jH9Noxvrz%2FfcBdFw86EH00PDW%2FsY0sydqKLON9K2VeoQEh9xLKQFpV%2Bn1hgbtA76wHQqeXoX%2F%2F2fQL&RelayState=https%3A%2F%2Frhg.audimex-hosting.com%2Fapp%2Fcgi-bin%2Fwal.fcgi%3Faction%3Dself_assessment_start.pl%261%3D1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3a5e40710ce0d8ebb4df0ee35bde44472dca17721b576f13d7b9ecae38809a91
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://signon.rezidor.com/adfs/ls/?SAMLRequest=hZLNbsIwEIRfJfI9cRL%2BLUACAhISrSpoe%2BilspwFLCW267Up7dPXCWpLL%2FRkaXfGO9%2FaY%2BR1ZdjMu6PawpsHdNG5rhSytjEh3iqmOUpkiteAzAm2m91tWJ6kzFjttNAVubLcdnBEsE5qRaJ1MSGvw9EgH3ZW8242yJdFNsz7i2XRGWXdYX%2FZz3pzEj2DxaCfkGAPJkQPa4WOKxdKad6N016c5o9pn3UGLB%2B8kKgIDFJx17qOzhlklKI8KK0SC5%2By1DYRuqa83COtkJJooRVCc%2BGt6OIiYsJbG85Y1qaSQjoSrbQV0G5wQva8QmhyPgRUeYKfyuybvBnma7A7sCcp4Gm7%2BU1pj4eE%2B1LWcI6PusE4XKIaQ0GVRkvlqAmNLaBp8pDpuFk6a%2Fdip%2F%2Fd02jH9Noxvrz%2FfcBdFw86EH00PDW%2FsY0sydqKLON9K2VeoQEh9xLKQFpV%2Bn1hgbtA76wHQqeXoX%2F%2F2fQL&RelayState=https%3A%2F%2Frhg.audimex-hosting.com%2Fapp%2Fcgi-bin%2Fwal.fcgi%3Faction%3Dself_assessment_start.pl%261%3D1
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=16070400; includeSubDomains
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;
x-content-type-options
nosniff
date
Thu, 02 May 2024 06:37:28 GMT
etag
3A5E40710CE0D8EBB4DF0EE35BDE44472DCA17721B576F13D7B9ECAE38809A91
content-type
image/png
cache-control
max-age=2344308
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714631848406_1753097653_930301579_4637_20319_38_0_182";dur=1
content-length
24646
x-xss-protection
1; mode=block
FULDB-JCY2L-HEBHF-3GKNC-5TQJ5
s.go-mpulse.net/boomerang/ 		0
0
FULDB-JCY2L-HEBHF-3GKNC-5TQJ5
s.go-mpulse.net/boomerang/ Frame EDC4 		0
0
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d554361630709572f4c9e33d02ca5ae56275756099a62195513017a0421f73c2

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		157 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
illustration.jpg
signon.rezidor.com/adfs/portal/illustration/ 		371 KB
372 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://signon.rezidor.com/adfs/portal/illustration/illustration.jpg?id=13D8B24D9F546981287467C50B64C3452F7E46AE4CADD24A2F58B11D1D2E4537
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
13d8b24d9f546981287467c50b64c3452f7e46ae4cadd24a2f58b11d1d2e4537
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://signon.rezidor.com/adfs/ls/?SAMLRequest=hZLNbsIwEIRfJfI9cRL%2BLUACAhISrSpoe%2BilspwFLCW267Up7dPXCWpLL%2FRkaXfGO9%2FaY%2BR1ZdjMu6PawpsHdNG5rhSytjEh3iqmOUpkiteAzAm2m91tWJ6kzFjttNAVubLcdnBEsE5qRaJ1MSGvw9EgH3ZW8242yJdFNsz7i2XRGWXdYX%2FZz3pzEj2DxaCfkGAPJkQPa4WOKxdKad6N016c5o9pn3UGLB%2B8kKgIDFJx17qOzhlklKI8KK0SC5%2By1DYRuqa83COtkJJooRVCc%2BGt6OIiYsJbG85Y1qaSQjoSrbQV0G5wQva8QmhyPgRUeYKfyuybvBnma7A7sCcp4Gm7%2BU1pj4eE%2B1LWcI6PusE4XKIaQ0GVRkvlqAmNLaBp8pDpuFk6a%2Fdip%2F%2Fd02jH9Noxvrz%2FfcBdFw86EH00PDW%2FsY0sydqKLON9K2VeoQEh9xLKQFpV%2Bn1hgbtA76wHQqeXoX%2F%2F2fQL&RelayState=https%3A%2F%2Frhg.audimex-hosting.com%2Fapp%2Fcgi-bin%2Fwal.fcgi%3Faction%3Dself_assessment_start.pl%261%3D1
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=16070400; includeSubDomains
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;
x-content-type-options
nosniff
date
Thu, 02 May 2024 06:37:28 GMT
etag
13D8B24D9F546981287467C50B64C3452F7E46AE4CADD24A2F58B11D1D2E4537
content-type
image/jpeg
cache-control
max-age=2344548
server-timing
cdn-cache; desc=HIT, edge; dur=37, ak_p; desc="1714631848763_1753097653_930303277_8081_20552_38_0_146";dur=1
content-length
380022
x-xss-protection
1; mode=block
favicon.ico
signon.rezidor.com/ 		26 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://signon.rezidor.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
afb833ff35a3f7e2481dc878053453db75132fc5c15bfe9d2452395f82e44e71

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://signon.rezidor.com/adfs/ls/?SAMLRequest=hZLNbsIwEIRfJfI9cRL%2BLUACAhISrSpoe%2BilspwFLCW267Up7dPXCWpLL%2FRkaXfGO9%2FaY%2BR1ZdjMu6PawpsHdNG5rhSytjEh3iqmOUpkiteAzAm2m91tWJ6kzFjttNAVubLcdnBEsE5qRaJ1MSGvw9EgH3ZW8242yJdFNsz7i2XRGWXdYX%2FZz3pzEj2DxaCfkGAPJkQPa4WOKxdKad6N016c5o9pn3UGLB%2B8kKgIDFJx17qOzhlklKI8KK0SC5%2By1DYRuqa83COtkJJooRVCc%2BGt6OIiYsJbG85Y1qaSQjoSrbQV0G5wQva8QmhyPgRUeYKfyuybvBnma7A7sCcp4Gm7%2BU1pj4eE%2B1LWcI6PusE4XKIaQ0GVRkvlqAmNLaBp8pDpuFk6a%2Fdip%2F%2Fd02jH9Noxvrz%2FfcBdFw86EH00PDW%2FsY0sydqKLON9K2VeoQEh9xLKQFpV%2Bn1hgbtA76wHQqeXoX%2F%2F2fQL&RelayState=https%3A%2F%2Frhg.audimex-hosting.com%2Fapp%2Fcgi-bin%2Fwal.fcgi%3Faction%3Dself_assessment_start.pl%261%3D1
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 02 May 2024 06:37:28 GMT
content-encoding
gzip
cache-control
max-age=2400633
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714631848738_1753097653_930303278_2036_20473_38_0_219";dur=1
content-length
4526
vary
Accept-Encoding
pixel_5a54f7d1
signon.rezidor.com/akam/13/ 		0
739 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://signon.rezidor.com/akam/13/pixel_5a54f7d1
Requested by
Host: signon.rezidor.com
URL: https://signon.rezidor.com/akam/13/5a54f7d1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://signon.rezidor.com/adfs/ls/?SAMLRequest=hZLNbsIwEIRfJfI9cRL%2BLUACAhISrSpoe%2BilspwFLCW267Up7dPXCWpLL%2FRkaXfGO9%2FaY%2BR1ZdjMu6PawpsHdNG5rhSytjEh3iqmOUpkiteAzAm2m91tWJ6kzFjttNAVubLcdnBEsE5qRaJ1MSGvw9EgH3ZW8242yJdFNsz7i2XRGWXdYX%2FZz3pzEj2DxaCfkGAPJkQPa4WOKxdKad6N016c5o9pn3UGLB%2B8kKgIDFJx17qOzhlklKI8KK0SC5%2By1DYRuqa83COtkJJooRVCc%2BGt6OIiYsJbG85Y1qaSQjoSrbQV0G5wQva8QmhyPgRUeYKfyuybvBnma7A7sCcp4Gm7%2BU1pj4eE%2B1LWcI6PusE4XKIaQ0GVRkvlqAmNLaBp8pDpuFk6a%2Fdip%2F%2Fd02jH9Noxvrz%2FfcBdFw86EH00PDW%2FsY0sydqKLON9K2VeoQEh9xLKQFpV%2Bn1hgbtA76wHQqeXoX%2F%2F2fQL&RelayState=https%3A%2F%2Frhg.audimex-hosting.com%2Fapp%2Fcgi-bin%2Fwal.fcgi%3Faction%3Dself_assessment_start.pl%261%3D1
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

expires
Thu, 02 May 2024 06:37:29 GMT
pragma
no-cache
date
Thu, 02 May 2024 06:37:29 GMT
cache-control
max-age=0, no-cache, no-store
server-timing
cdn-cache; desc=HIT, edge; dur=4, ak_p; desc="1714631849256_1753097653_930305672_3508_14985_38_0_219";dur=1
content-length
0
content-type
text/html

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s.go-mpulse.net
URL
https://s.go-mpulse.net/boomerang/FULDB-JCY2L-HEBHF-3GKNC-5TQJ5
Domain
s.go-mpulse.net
URL
https://s.go-mpulse.net/boomerang/FULDB-JCY2L-HEBHF-3GKNC-5TQJ5

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| LoginErrors number| maxPasswordLength function| InputUtil object| BOOMR_mq string| BOOMR_API_key object| BOOMR number| BOOMR_lstart string| bazadebezolkohpepadr function| SelectOption function| Login undefined| emails undefined| msViewportStyle undefined| viewport function| getStyle function| computeLoadIllustration object| loginMessage function| insertAfter undefined| el undefined| div function| resetPassword function| hideForm undefined| mode undefined| d object| descriptions undefined| description function| getQueryVariabled function| getQueryVariablemode undefined| x undefined| hr undefined| p undefined| br undefined| desc function| insertAfterelv function| inputlistener undefined| legacyinput undefined| outerDiv undefined| input string| urhehlevkedkilrobacf number| BOOMR_onload

3 Cookies

Domain/Path Name / Value
.rhg.audimex-hosting.com/ Name: mellon-cookie
Value: cookietest
.rezidor.com/ Name: AKA_A2
Value: A
.rezidor.com/ Name: ak_bmsc
Value: C8186FFA7F4F3DE9950668D8F4990B86~000000000000000000000000000000~YAAQtSV+aFWDYCiPAQAAPLUFOBfnb64F752O/dcQiOScGp/1rdxFmAxje/KdZwlaGZkZ6QI6YYWB6+kZsz8CRL2WFoE9NQdveolvAPm8eXNw4hZGtwGM6aVlGNzEfnSRQR9TWytiA1/Pek2p18hvXOGBMW8BFPOasC3tc8I8LJSLFmnsgUueSEasI4dK3/6rn/V1RNGKWUhSQIQrwrx1bSSrQIPjI0CYy1qH+SX8tnr1lSkq7u8OeLEBVvJMop8xzLp11QQMd5RTrGH4RiBlnXrZ/UTW3N+LobGPUd9X5mX45rLbsXjYZG4l2bxL8fxgnWMLu9dLsGVnRS+RoIPDcButmlUoB3ofNcxhCPN4RD2/vPyAYw5T4gEwvDbo0yJb+X+GWO2J2NOOBwf2Ax6qTcL90/Vb0Q7qtPmHVQDtbvE5LWZcXQLnDfoEpatqbFwhEA6w4fVZ3gYetQZ1gw==

2 Console Messages

Source Level URL
Text
security error URL: https://signon.rezidor.com/adfs/ls/?SAMLRequest=hZLNbsIwEIRfJfI9cRL%2BLUACAhISrSpoe%2BilspwFLCW267Up7dPXCWpLL%2FRkaXfGO9%2FaY%2BR1ZdjMu6PawpsHdNG5rhSytjEh3iqmOUpkiteAzAm2m91tWJ6kzFjttNAVubLcdnBEsE5qRaJ1MSGvw9EgH3ZW8242yJdFNsz7i2XRGWXdYX%2FZz3pzEj2DxaCfkGAPJkQPa4WOKxdKad6N016c5o9pn3UGLB%2B8kKgIDFJx17qOzhlklKI8KK0SC5%2By1DYRuqa83COtkJJooRVCc%2BGt6OIiYsJbG85Y1qaSQjoSrbQV0G5wQva8QmhyPgRUeYKfyuybvBnma7A7sCcp4Gm7%2BU1pj4eE%2B1LWcI6PusE4XKIaQ0GVRkvlqAmNLaBp8pDpuFk6a%2Fdip%2F%2Fd02jH9Noxvrz%2FfcBdFw86EH00PDW%2FsY0sydqKLON9K2VeoQEh9xLKQFpV%2Bn1hgbtA76wHQqeXoX%2F%2F2fQL&RelayState=https%3A%2F%2Frhg.audimex-hosting.com%2Fapp%2Fcgi-bin%2Fwal.fcgi%3Faction%3Dself_assessment_start.pl%261%3D1(Line 160)
Message:
Refused to load the script 'https://s.go-mpulse.net/boomerang/FULDB-JCY2L-HEBHF-3GKNC-5TQJ5' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' 'unsafe-eval'". Note that 'script-src-elem' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://signon.rezidor.com/adfs/ls/?SAMLRequest=hZLNbsIwEIRfJfI9cRL%2BLUACAhISrSpoe%2BilspwFLCW267Up7dPXCWpLL%2FRkaXfGO9%2FaY%2BR1ZdjMu6PawpsHdNG5rhSytjEh3iqmOUpkiteAzAm2m91tWJ6kzFjttNAVubLcdnBEsE5qRaJ1MSGvw9EgH3ZW8242yJdFNsz7i2XRGWXdYX%2FZz3pzEj2DxaCfkGAPJkQPa4WOKxdKad6N016c5o9pn3UGLB%2B8kKgIDFJx17qOzhlklKI8KK0SC5%2By1DYRuqa83COtkJJooRVCc%2BGt6OIiYsJbG85Y1qaSQjoSrbQV0G5wQva8QmhyPgRUeYKfyuybvBnma7A7sCcp4Gm7%2BU1pj4eE%2B1LWcI6PusE4XKIaQ0GVRkvlqAmNLaBp8pDpuFk6a%2Fdip%2F%2Fd02jH9Noxvrz%2FfcBdFw86EH00PDW%2FsY0sydqKLON9K2VeoQEh9xLKQFpV%2Bn1hgbtA76wHQqeXoX%2F%2F2fQL&RelayState=https%3A%2F%2Frhg.audimex-hosting.com%2Fapp%2Fcgi-bin%2Fwal.fcgi%3Faction%3Dself_assessment_start.pl%261%3D1(Line 160)
Message:
Refused to load the script 'https://s.go-mpulse.net/boomerang/FULDB-JCY2L-HEBHF-3GKNC-5TQJ5' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' 'unsafe-eval'". Note that 'script-src-elem' was not explicitly set, so 'default-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options allow-from https://app.powerbi.com
X-Xss-Protection 1; mode=block