login.microsoftonline.com Open in urlscan Pro
2603:1026:3000:d0:: Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://dh5305-euq1.iphmx.com:4431/quarantine?email=ljones%40foxcu.org
Effective URL:
https://login.microsoftonline.com/127e6452-8c8f-49db-897d-9de8caf20410/saml2?SAMLRequest=fVJdb9sgFP0rFu%2BOMf7ARkkkx0m0SN0WNdke9hI...
Submission: On July 18 via manual (July 18th 2023, 5:20:03 pm UTC) from US — Scanned from DE

Summary HTTP 53 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 9 IPs in 4 countries across 9 domains to perform 53 HTTP transactions. The main IP is 2603:1026:3000:d0::, located in Dublin, Ireland and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.microsoftonline.com. The Cisco Umbrella rank of the primary domain is 23.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on June 1st 2023. Valid for: a year.

This is the only time login.microsoftonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 33	68.232.128.201 68.232.128.201	16417 (IRONPORT-...) (IRONPORT-SYSTEMS-INC)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1 2	2600:9000:225... 2600:9000:2250:ae00:19:a7d3:e1c0:93a1	() ()
3	2603:1026:300... 2603:1026:3000:d0::	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2620:1ec:46::64 2620:1ec:46::64	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
11	2606:2800:233... 2606:2800:233:78b9:f44e:2c1f:31aa:d9ef	15133 (EDGECAST) (EDGECAST)
1	40.126.32.140 40.126.32.140	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2603:1026:300... 2603:1026:3000:c8::9	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
53	9

33 68.232.128.201 (United States) 1 redirects

ASN16417 (IRONPORT-SYSTEMS-INC, US)
PTR: f4-proxy.iphmx.com

dh5305-euq1.iphmx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2250:ae00:19:a7d3:e1c0:93a1 (United States) 1 redirects

ASN- ()

cdn.security.cisco.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2603:1026:3000:d0:: (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.microsoftonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:46::64 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

aadcdn.msauth.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
aadcdn.msftauthimages.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:2800:233:78b9:f44e:2c1f:31aa:d9ef (United States)

ASN15133 (EDGECAST, US)

aadcdn.msftauth.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.126.32.140 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2603:1026:3000:c8::9 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

autologon.microsoftazuread-sso.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	iphmx.com 1 redirects dh5305-euq1.iphmx.com	8 MB
11	msftauth.net aadcdn.msftauth.net — Cisco Umbrella Rank: 1175	236 KB
3	microsoftonline.com login.microsoftonline.com — Cisco Umbrella Rank: 23	27 KB
2	msftauthimages.net aadcdn.msftauthimages.net — Cisco Umbrella Rank: 4943	240 KB
2	cisco.com 1 redirects cdn.security.cisco.com — Cisco Umbrella Rank: 299768	1 MB
1	microsoftazuread-sso.com autologon.microsoftazuread-sso.com — Cisco Umbrella Rank: 1409	1 KB
1	live.com login.live.com — Cisco Umbrella Rank: 89
1	msauth.net aadcdn.msauth.net — Cisco Umbrella Rank: 1163	48 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	41 KB
53	9

	Domain	Requested by
33	dh5305-euq1.iphmx.com	1 redirects dh5305-euq1.iphmx.com
11	aadcdn.msftauth.net	login.microsoftonline.com aadcdn.msftauth.net
3	login.microsoftonline.com	dh5305-euq1.iphmx.com aadcdn.msauth.net aadcdn.msftauth.net
2	aadcdn.msftauthimages.net
2	cdn.security.cisco.com	1 redirects dh5305-euq1.iphmx.com
1	autologon.microsoftazuread-sso.com
1	login.live.com	login.microsoftonline.com
1	aadcdn.msauth.net	login.microsoftonline.com
1	www.googletagmanager.com	dh5305-euq1.iphmx.com
53	9

This site contains links to these domains. Also see Links.

Domain
www.microsoft.com
privacy.microsoft.com

Subject Issuer	Validity	Valid
*.iphmx.com HydrantID Server CA O1	`2022-11-30` - `2023-11-30`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA	`2023-06-01` - `2024-06-01`	a year	crt.sh
aadcdn.msauth.net DigiCert SHA2 Secure Server CA	`2023-04-28` - `2024-04-28`	a year	crt.sh
aadcdn.msftauth.net DigiCert SHA2 Secure Server CA	`2023-01-31` - `2024-01-31`	a year	crt.sh
login.live.com DigiCert SHA2 Secure Server CA	`2023-07-02` - `2024-07-02`	a year	crt.sh
aadcdn.msftauthimages.net Microsoft Azure TLS Issuing CA 02	`2023-06-10` - `2024-06-04`	a year	crt.sh
autologon.microsoftazuread-sso.com DigiCert SHA2 Secure Server CA	`2023-07-04` - `2024-07-04`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://login.microsoftonline.com/127e6452-8c8f-49db-897d-9de8caf20410/saml2?SAMLRequest=fVJdb9sgFP0rFu%2BOMf7ARkkkx0m0SN0WNdke9hIR%2B6ZBwpAC7tp%2FP2x3XSdtFS9wz7lwzrnMLe%2FkjVW9u6p7eOzBuuC5k8qyEVig3iimuRWWKd6BZa5hh%2BrzHSMzzG5GO91oid61fNzBrQXjhFYo2K0X6LSttvWqWm%2BKol7llG625aYuiwQnNV1lMd6cjD2RIk8pTmLMs4RQmuQJJXnmFxCKuUfIhIynZNjl4O%2FK8vIVTyY8Sz3F971W04FNAAXfwVivaIG8QC%2FL2h52yjqunC9hkoSYhnFxjCmLS5aVP1Cw9ikJxd3YdXXuZlkUSf0g1KwTjdFWX5xWUiiYNbqLYkIhTzMSFk1xCdOyPYdFSduwbKFo%2BIXgNMbRkB1BQa2VheHlIUUpzj6tF9ZMRabPjvtLWxRstWlgHNoCXbi0MAjf%2B3TFE7xV9q%2FjWQnVCvXw8WTOE8myT8fjPtx%2FPRxRUP2e1qCq78AcwDyJBr7d3%2F3x3V6zBGch9I%2FxTNyu3fPoGS3ngyM2xmmW%2FyTNo%2FeU%2BfQTv3hlu%2FVeS9G8DDY77v4vPJ7FY0W04WWkMui4kFXbGrDWG5BS%2F6wNcPeWSrScnv37zy9%2FAQ%3D%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=wJzsZFqX1n0issl3E1%2B6FJVkeDfjT7MXRz6HdYWlOwyaUr5bQQq%2FLlgUyh%2FbMKHFbtK7woC%2FTkLlC6Z%2F7IsBVcx7ZRdxkfJI8ZZRSjuoQYUIqk6B2EXc3ilRStWcVbjwd5ep6KnjpOEOUt0QuxxXgD245B87pZpinSulX5AJvXE%2By%2BcdKpDWrzy2BaQAusk%2FAltTRn9vRjJ49MaCF69rM9CchQyGQZ6F7AnYYUSJzd%2FDOD0Q%2BZ%2FDS3yaBbnxfey7M%2FB9jGDU%2FrvS2%2FfZjl4C8kjMj8GjBVNRz6vnHLWgBEtSmyIGBVPB6khHlzE7deiMFOLgppayUoF7%2B9nx%2FMMBww%3D%3D&sso_reload=true
Frame ID: AC0A520F2B2AC3154DDD7D080A1CD87B
Requests: 54 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bei Ihrem Konto anmelden

Page URL History Show full URLs

https://dh5305-euq1.iphmx.com:4431/quarantine?email=ljones%40foxcu.org Page URL
https://dh5305-euq1.iphmx.com/?ngui=True HTTP 303
https://login.microsoftonline.com/127e6452-8c8f-49db-897d-9de8caf20410/saml2?SAMLRequest=fVJdb9sgFP0rFu%2BOMf7... Page URL
https://login.microsoftonline.com/127e6452-8c8f-49db-897d-9de8caf20410/saml2?SAMLRequest=fVJdb9sgFP0rFu%2BOMf7... Page URL

Detected technologies

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

53
Requests

98 %
HTTPS

75 %
IPv6

9
Domains

9
Subdomains

9
IPs

4
Countries

10112 kB
Transfer

13891 kB
Size

14
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.microsoft.com/de-DE/servicesagreement/
Title: Nutzungsbedingungen

Search URL Search Domain Scan URL

URL: https://privacy.microsoft.com/de-DE/privacystatement
Title: Datenschutz & Cookies

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/de-de/corporate/rechtliche-hinweise/impressum.aspx
Title: Haftungsausschluss

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://dh5305-euq1.iphmx.com:4431/quarantine?email=ljones%40foxcu.org Page URL
https://dh5305-euq1.iphmx.com/?ngui=True HTTP 303
https://login.microsoftonline.com/127e6452-8c8f-49db-897d-9de8caf20410/saml2?SAMLRequest=fVJdb9sgFP0rFu%2BOMf7ARkkkx0m0SN0WNdke9hIR%2B6ZBwpAC7tp%2FP2x3XSdtFS9wz7lwzrnMLe%2FkjVW9u6p7eOzBuuC5k8qyEVig3iimuRWWKd6BZa5hh%2BrzHSMzzG5GO91oid61fNzBrQXjhFYo2K0X6LSttvWqWm%2BKol7llG625aYuiwQnNV1lMd6cjD2RIk8pTmLMs4RQmuQJJXnmFxCKuUfIhIynZNjl4O%2FK8vIVTyY8Sz3F971W04FNAAXfwVivaIG8QC%2FL2h52yjqunC9hkoSYhnFxjCmLS5aVP1Cw9ikJxd3YdXXuZlkUSf0g1KwTjdFWX5xWUiiYNbqLYkIhTzMSFk1xCdOyPYdFSduwbKFo%2BIXgNMbRkB1BQa2VheHlIUUpzj6tF9ZMRabPjvtLWxRstWlgHNoCXbi0MAjf%2B3TFE7xV9q%2FjWQnVCvXw8WTOE8myT8fjPtx%2FPRxRUP2e1qCq78AcwDyJBr7d3%2F3x3V6zBGch9I%2FxTNyu3fPoGS3ngyM2xmmW%2FyTNo%2FeU%2BfQTv3hlu%2FVeS9G8DDY77v4vPJ7FY0W04WWkMui4kFXbGrDWG5BS%2F6wNcPeWSrScnv37zy9%2FAQ%3D%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=wJzsZFqX1n0issl3E1%2B6FJVkeDfjT7MXRz6HdYWlOwyaUr5bQQq%2FLlgUyh%2FbMKHFbtK7woC%2FTkLlC6Z%2F7IsBVcx7ZRdxkfJI8ZZRSjuoQYUIqk6B2EXc3ilRStWcVbjwd5ep6KnjpOEOUt0QuxxXgD245B87pZpinSulX5AJvXE%2By%2BcdKpDWrzy2BaQAusk%2FAltTRn9vRjJ49MaCF69rM9CchQyGQZ6F7AnYYUSJzd%2FDOD0Q%2BZ%2FDS3yaBbnxfey7M%2FB9jGDU%2FrvS2%2FfZjl4C8kjMj8GjBVNRz6vnHLWgBEtSmyIGBVPB6khHlzE7deiMFOLgppayUoF7%2B9nx%2FMMBww%3D%3D Page URL
https://login.microsoftonline.com/127e6452-8c8f-49db-897d-9de8caf20410/saml2?SAMLRequest=fVJdb9sgFP0rFu%2BOMf7ARkkkx0m0SN0WNdke9hIR%2B6ZBwpAC7tp%2FP2x3XSdtFS9wz7lwzrnMLe%2FkjVW9u6p7eOzBuuC5k8qyEVig3iimuRWWKd6BZa5hh%2BrzHSMzzG5GO91oid61fNzBrQXjhFYo2K0X6LSttvWqWm%2BKol7llG625aYuiwQnNV1lMd6cjD2RIk8pTmLMs4RQmuQJJXnmFxCKuUfIhIynZNjl4O%2FK8vIVTyY8Sz3F971W04FNAAXfwVivaIG8QC%2FL2h52yjqunC9hkoSYhnFxjCmLS5aVP1Cw9ikJxd3YdXXuZlkUSf0g1KwTjdFWX5xWUiiYNbqLYkIhTzMSFk1xCdOyPYdFSduwbKFo%2BIXgNMbRkB1BQa2VheHlIUUpzj6tF9ZMRabPjvtLWxRstWlgHNoCXbi0MAjf%2B3TFE7xV9q%2FjWQnVCvXw8WTOE8myT8fjPtx%2FPRxRUP2e1qCq78AcwDyJBr7d3%2F3x3V6zBGch9I%2FxTNyu3fPoGS3ngyM2xmmW%2FyTNo%2FeU%2BfQTv3hlu%2FVeS9G8DDY77v4vPJ7FY0W04WWkMui4kFXbGrDWG5BS%2F6wNcPeWSrScnv37zy9%2FAQ%3D%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=wJzsZFqX1n0issl3E1%2B6FJVkeDfjT7MXRz6HdYWlOwyaUr5bQQq%2FLlgUyh%2FbMKHFbtK7woC%2FTkLlC6Z%2F7IsBVcx7ZRdxkfJI8ZZRSjuoQYUIqk6B2EXc3ilRStWcVbjwd5ep6KnjpOEOUt0QuxxXgD245B87pZpinSulX5AJvXE%2By%2BcdKpDWrzy2BaQAusk%2FAltTRn9vRjJ49MaCF69rM9CchQyGQZ6F7AnYYUSJzd%2FDOD0Q%2BZ%2FDS3yaBbnxfey7M%2FB9jGDU%2FrvS2%2FfZjl4C8kjMj8GjBVNRz6vnHLWgBEtSmyIGBVPB6khHlzE7deiMFOLgppayUoF7%2B9nx%2FMMBww%3D%3D&sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://cdn.security.cisco.com/@cisco-ats/ribbon@%5E1.0.0/dist/ats-ribbon.js HTTP 302
https://cdn.security.cisco.com/@cisco-ats/ribbon@1.10.2/dist/ats-ribbon.js

Request Chain 35

https://dh5305-euq1.iphmx.com/?ngui=True HTTP 303
https://login.microsoftonline.com/127e6452-8c8f-49db-897d-9de8caf20410/saml2?SAMLRequest=fVJdb9sgFP0rFu%2BOMf7ARkkkx0m0SN0WNdke9hIR%2B6ZBwpAC7tp%2FP2x3XSdtFS9wz7lwzrnMLe%2FkjVW9u6p7eOzBuuC5k8qyEVig3iimuRWWKd6BZa5hh%2BrzHSMzzG5GO91oid61fNzBrQXjhFYo2K0X6LSttvWqWm%2BKol7llG625aYuiwQnNV1lMd6cjD2RIk8pTmLMs4RQmuQJJXnmFxCKuUfIhIynZNjl4O%2FK8vIVTyY8Sz3F971W04FNAAXfwVivaIG8QC%2FL2h52yjqunC9hkoSYhnFxjCmLS5aVP1Cw9ikJxd3YdXXuZlkUSf0g1KwTjdFWX5xWUiiYNbqLYkIhTzMSFk1xCdOyPYdFSduwbKFo%2BIXgNMbRkB1BQa2VheHlIUUpzj6tF9ZMRabPjvtLWxRstWlgHNoCXbi0MAjf%2B3TFE7xV9q%2FjWQnVCvXw8WTOE8myT8fjPtx%2FPRxRUP2e1qCq78AcwDyJBr7d3%2F3x3V6zBGch9I%2FxTNyu3fPoGS3ngyM2xmmW%2FyTNo%2FeU%2BfQTv3hlu%2FVeS9G8DDY77v4vPJ7FY0W04WWkMui4kFXbGrDWG5BS%2F6wNcPeWSrScnv37zy9%2FAQ%3D%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=wJzsZFqX1n0issl3E1%2B6FJVkeDfjT7MXRz6HdYWlOwyaUr5bQQq%2FLlgUyh%2FbMKHFbtK7woC%2FTkLlC6Z%2F7IsBVcx7ZRdxkfJI8ZZRSjuoQYUIqk6B2EXc3ilRStWcVbjwd5ep6KnjpOEOUt0QuxxXgD245B87pZpinSulX5AJvXE%2By%2BcdKpDWrzy2BaQAusk%2FAltTRn9vRjJ49MaCF69rM9CchQyGQZ6F7AnYYUSJzd%2FDOD0Q%2BZ%2FDS3yaBbnxfey7M%2FB9jGDU%2FrvS2%2FfZjl4C8kjMj8GjBVNRz6vnHLWgBEtSmyIGBVPB6khHlzE7deiMFOLgppayUoF7%2B9nx%2FMMBww%3D%3D

53 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK quarantine Show response
dh5305-euq1.iphmx.com/ 5 KB
6 KB 667ms
215ms Document
text/html 68.232.128.201
IRONPORT-SYSTEMS-INC

General

Check archive.org

Show headers Download Go to

Full URL

https://dh5305-euq1.iphmx.com:4431/quarantine?email=ljones%40foxcu.org

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

68.232.128.201 , United States, ASN16417 (IRONPORT-SYSTEMS-INC, US),

Reverse DNS

f4-proxy.iphmx.com

Software

nginx /

Resource Hash

a40922d8093e1dfcef32fc18783aeef456c8b85539e4c4e89a7a8a545b8e0efe

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1 1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Security-Policy: default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Content-Type: text/html; charset=UTF-8
Date: Tue, 18 Jul 2023 17:19:53 GMT
Last-Modified: Fri, 11 Nov 2022 12:17:25 GMT
Server: nginx
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload max-age=15768000
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN SAMEORIGIN
X-XSS-Protection: 1 1; mode=block

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 105 KB
41 KB 82ms
31ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js

Requested by

Host: dh5305-euq1.iphmx.com
URL: https://dh5305-euq1.iphmx.com:4431/quarantine?email=ljones%40foxcu.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4306ae539d4278985df604f026557e1bab77d7efa48173af850f8f26770555c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dh5305-euq1.iphmx.com:4431/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:19:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41920
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 16:54:28 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 18 Jul 2023 17:19:53 GMT

GET
H/1.1 200
OK 6fe2d8eff3060566fcd8.ttf
dh5305-euq1.iphmx.com/quarantine/fonts/ 172 KB
174 KB 199ms
195ms Font
text/plain 68.232.128.201
IRONPORT-SYSTEMS-INC

General

Check archive.org

Show headers Download Go to

Full URL

https://dh5305-euq1.iphmx.com:4431/quarantine/fonts/6fe2d8eff3060566fcd8.ttf

Requested by

Host: dh5305-euq1.iphmx.com
URL: https://dh5305-euq1.iphmx.com:4431/quarantine?email=ljones%40foxcu.org

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

68.232.128.201 , United States, ASN16417 (IRONPORT-SYSTEMS-INC, US),

Reverse DNS

f4-proxy.iphmx.com

Software

nginx /

Resource Hash

d13e305faa48324c4dcb6f98fe2409c1d668e42db2607953c3bcdb629dd7689e

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1, 1; mode=block

Request headers

Referer: https://dh5305-euq1.iphmx.com:4431/quarantine?email=ljones%40foxcu.org
Origin: https://dh5305-euq1.iphmx.com:4431
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 18 Jul 2023 17:19:54 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload, max-age=15768000
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Last-Modified: Fri, 11 Nov 2022 12:17:25 GMT
Server: nginx
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: text/plain; charset=UTF-8
Connection: keep-alive
X-XSS-Protection: 1, 1; mode=block

GET
H/1.1 200
OK 551d61d85642806b1eb4.ttf
dh5305-euq1.iphmx.com/quarantine/fonts/ 175 KB
176 KB 571ms
219ms Font
text/plain 68.232.128.201
IRONPORT-SYSTEMS-INC

General

Check archive.org

Show headers Download Go to

Full URL

https://dh5305-euq1.iphmx.com:4431/quarantine/fonts/551d61d85642806b1eb4.ttf

Requested by

Host: dh5305-euq1.iphmx.com
URL: https://dh5305-euq1.iphmx.com:4431/quarantine?email=ljones%40foxcu.org

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

68.232.128.201 , United States, ASN16417 (IRONPORT-SYSTEMS-INC, US),

Reverse DNS

f4-proxy.iphmx.com

Software

nginx /

Resource Hash

167a1dd646b4c58fa221abd6f5c94f3d9589ead569b26b85ad8f56826b0e2e0b

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1, 1; mode=block

Request headers

Referer: https://dh5305-euq1.iphmx.com:4431/quarantine?email=ljones%40foxcu.org
Origin: https://dh5305-euq1.iphmx.com:4431
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 18 Jul 2023 17:19:54 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload, max-age=15768000
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Last-Modified: Fri, 11 Nov 2022 12:17:25 GMT
Server: nginx
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: text/plain; charset=UTF-8
Connection: keep-alive
X-XSS-Protection: 1, 1; mode=block

GET
H/1.1 200
OK a353775e8ccc7c92df5d.ttf
dh5305-euq1.iphmx.com/quarantine/fonts/ 180 KB
182 KB 616ms
249ms Font
text/plain 68.232.128.201
IRONPORT-SYSTEMS-INC

General

Check archive.org

Show headers Download Go to

Full URL

https://dh5305-euq1.iphmx.com:4431/quarantine/fonts/a353775e8ccc7c92df5d.ttf

Requested by

Host: dh5305-euq1.iphmx.com
URL: https://dh5305-euq1.iphmx.com:4431/quarantine?email=ljones%40foxcu.org

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

68.232.128.201 , United States, ASN16417 (IRONPORT-SYSTEMS-INC, US),

Reverse DNS

f4-proxy.iphmx.com

Software

nginx /

Resource Hash

a2ae21c10dbd4bcf016582e2e9d046f92b62914a10fccc554e6e939f1e56a41c

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1, 1; mode=block

Request headers

Referer: https://dh5305-euq1.iphmx.com:4431/quarantine?email=ljones%40foxcu.org
Origin: https://dh5305-euq1.iphmx.com:4431
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 18 Jul 2023 17:19:54 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload, max-age=15768000
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Last-Modified: Fri, 11 Nov 2022 12:17:25 GMT
Server: nginx
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: text/plain; charset=UTF-8
Connection: keep-alive
X-XSS-Protection: 1, 1; mode=block

GET
H/1.1 200
OK d2eff700e3825a7b4eb8.ttf
dh5305-euq1.iphmx.com/quarantine/fonts/ 175 KB
176 KB 607ms
240ms Font
text/plain 68.232.128.201
IRONPORT-SYSTEMS-INC

General

Check archive.org

Show headers Download Go to

Full URL

https://dh5305-euq1.iphmx.com:4431/quarantine/fonts/d2eff700e3825a7b4eb8.ttf

Requested by

Host: dh5305-euq1.iphmx.com
URL: https://dh5305-euq1.iphmx.com:4431/quarantine?email=ljones%40foxcu.org

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

68.232.128.201 , United States, ASN16417 (IRONPORT-SYSTEMS-INC, US),

Reverse DNS

f4-proxy.iphmx.com

Software

nginx /

Resource Hash

b748f8b4820e579b1b841feee27e1734012d5084a54a872ad5657620fc6a4c16

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1, 1; mode=block

Request headers

Referer: https://dh5305-euq1.iphmx.com:4431/quarantine?email=ljones%40foxcu.org
Origin: https://dh5305-euq1.iphmx.com:4431
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 18 Jul 2023 17:19:54 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload, max-age=15768000
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Last-Modified: Fri, 11 Nov 2022 12:17:25 GMT
Server: nginx
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: text/plain; charset=UTF-8
Connection: keep-alive
X-XSS-Protection: 1, 1; mode=block

GET
H/1.1 200
OK 1fce311df2cf4fad51ee.ttf
dh5305-euq1.iphmx.com/quarantine/fonts/ 177 KB
178 KB 972ms
251ms Font
text/plain 68.232.128.201
IRONPORT-SYSTEMS-INC

General

Check archive.org

Show headers Download Go to

Full URL

https://dh5305-euq1.iphmx.com:4431/quarantine/fonts/1fce311df2cf4fad51ee.ttf

Requested by

Host: dh5305-euq1.iphmx.com
URL: https://dh5305-euq1.iphmx.com:4431/quarantine?email=ljones%40foxcu.org

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

68.232.128.201 , United States, ASN16417 (IRONPORT-SYSTEMS-INC, US),

Reverse DNS

f4-proxy.iphmx.com

Software

nginx /

Resource Hash

2843634c6eb402ee71054b8b49843610d9a1032980352faadae0eee95029b19b

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1, 1; mode=block

Request headers

Referer: https://dh5305-euq1.iphmx.com:4431/quarantine?email=ljones%40foxcu.org
Origin: https://dh5305-euq1.iphmx.com:4431
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 18 Jul 2023 17:19:54 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload, max-age=15768000
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Last-Modified: Fri, 11 Nov 2022 12:17:25 GMT
Server: nginx
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: text/plain; charset=UTF-8
Connection: keep-alive
X-XSS-Protection: 1, 1; mode=block

GET
H/1.1 200
OK 391432e2abfd51718112.ttf
dh5305-euq1.iphmx.com/quarantine/fonts/ 179 KB
180 KB 1119ms
189ms Font
text/plain 68.232.128.201
IRONPORT-SYSTEMS-INC

General

Check archive.org

Show headers Download Go to

Full URL

https://dh5305-euq1.iphmx.com:4431/quarantine/fonts/391432e2abfd51718112.ttf

Requested by

Host: dh5305-euq1.iphmx.com
URL: https://dh5305-euq1.iphmx.com:4431/quarantine?email=ljones%40foxcu.org

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

68.232.128.201 , United States, ASN16417 (IRONPORT-SYSTEMS-INC, US),

Reverse DNS

f4-proxy.iphmx.com

Software

nginx /

Resource Hash

562f56f0462b428215af29b41be83c519a297192f43d2f2c942035911bf022c7

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1, 1; mode=block

Request headers

Referer: https://dh5305-euq1.iphmx.com:4431/quarantine?email=ljones%40foxcu.org
Origin: https://dh5305-euq1.iphmx.com:4431
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 18 Jul 2023 17:19:54 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload, max-age=15768000
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Last-Modified: Fri, 11 Nov 2022 12:17:25 GMT
Server: nginx
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: text/plain; charset=UTF-8
Connection: keep-alive
X-XSS-Protection: 1, 1; mode=block

GET
H/1.1 200
OK 27452bd0217dbb3492f6.ttf
dh5305-euq1.iphmx.com/quarantine/fonts/ 186 KB
187 KB 1174ms
197ms Font
text/plain 68.232.128.201
IRONPORT-SYSTEMS-INC

General

Check archive.org

Show headers Download Go to

Full URL

https://dh5305-euq1.iphmx.com:4431/quarantine/fonts/27452bd0217dbb3492f6.ttf

Requested by

Host: dh5305-euq1.iphmx.com
URL: https://dh5305-euq1.iphmx.com:4431/quarantine?email=ljones%40foxcu.org

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

68.232.128.201 , United States, ASN16417 (IRONPORT-SYSTEMS-INC, US),

Reverse DNS

f4-proxy.iphmx.com

Software

nginx /

Resource Hash

a47ca96c8280b6a85f2fc0c10db92b0d1a90e3f285af2d046906ca95836eb04b

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1, 1; mode=block

Request headers

Referer: https://dh5305-euq1.iphmx.com:4431/quarantine?email=ljones%40foxcu.org
Origin: https://dh5305-euq1.iphmx.com:4431
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 18 Jul 2023 17:19:54 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload, max-age=15768000
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Last-Modified: Fri, 11 Nov 2022 12:17:25 GMT
Server: nginx
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: text/plain; charset=UTF-8
Connection: keep-alive
X-XSS-Protection: 1, 1; mode=block

GET
H/1.1 200
OK 2a9b7bb7f260f878eea3.ttf
dh5305-euq1.iphmx.com/quarantine/fonts/ 186 KB
187 KB 1298ms
200ms Font
text/plain 68.232.128.201
IRONPORT-SYSTEMS-INC

General

Check archive.org

Show headers Download Go to

Full URL

https://dh5305-euq1.iphmx.com:4431/quarantine/fonts/2a9b7bb7f260f878eea3.ttf

Requested by

Host: dh5305-euq1.iphmx.com
URL: https://dh5305-euq1.iphmx.com:4431/quarantine?email=ljones%40foxcu.org

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

68.232.128.201 , United States, ASN16417 (IRONPORT-SYSTEMS-INC, US),

Reverse DNS

f4-proxy.iphmx.com

Software

nginx /

Resource Hash

e72c01ae3a181c588adc10c6b704327bd60d9da64df4093c46b6238c3e568c68

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1, 1; mode=block

Request headers

Referer: https://dh5305-euq1.iphmx.com:4431/quarantine?email=ljones%40foxcu.org
Origin: https://dh5305-euq1.iphmx.com:4431
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 18 Jul 2023 17:19:55 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload, max-age=15768000
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Last-Modified: Fri, 11 Nov 2022 12:17:25 GMT
Server: nginx
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: text/plain; charset=UTF-8
Connection: keep-alive
X-XSS-Protection: 1, 1; mode=block

GET
H/1.1 200
OK 10ade40df398d7a1dc9c.ttf
dh5305-euq1.iphmx.com/quarantine/fonts/ 198 KB
200 KB 1344ms
210ms Font
text/plain 68.232.128.201
IRONPORT-SYSTEMS-INC

General

Check archive.org

Show headers Download Go to

Full URL

https://dh5305-euq1.iphmx.com:4431/quarantine/fonts/10ade40df398d7a1dc9c.ttf

Requested by

Host: dh5305-euq1.iphmx.com
URL: https://dh5305-euq1.iphmx.com:4431/quarantine?email=ljones%40foxcu.org

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

68.232.128.201 , United States, ASN16417 (IRONPORT-SYSTEMS-INC, US),

Reverse DNS

f4-proxy.iphmx.com

Software

nginx /

Resource Hash

651c0822a54675b6a2708bad5831d9c3455eadf789863d8e814f8f75e09ab664

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1, 1; mode=block

Request headers

Referer: https://dh5305-euq1.iphmx.com:4431/quarantine?email=ljones%40foxcu.org
Origin: https://dh5305-euq1.iphmx.com:4431
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 18 Jul 2023 17:19:55 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload, max-age=15768000
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Last-Modified: Fri, 11 Nov 2022 12:17:25 GMT
Server: nginx
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: text/plain; charset=UTF-8
Connection: keep-alive
X-XSS-Protection: 1, 1; mode=block

GET
H/1.1 200
OK a6a6b7a83a7327418ee1.ttf
dh5305-euq1.iphmx.com/quarantine/fonts/ 198 KB
199 KB 1371ms
220ms Font
text/plain 68.232.128.201
IRONPORT-SYSTEMS-INC

General

Check archive.org

Show headers Download Go to

Full URL

https://dh5305-euq1.iphmx.com:4431/quarantine/fonts/a6a6b7a83a7327418ee1.ttf

Requested by

Host: dh5305-euq1.iphmx.com
URL: https://dh5305-euq1.iphmx.com:4431/quarantine?email=ljones%40foxcu.org

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

68.232.128.201 , United States, ASN16417 (IRONPORT-SYSTEMS-INC, US),

Reverse DNS

f4-proxy.iphmx.com

Software

nginx /

Resource Hash

ac40d8215455a37047388a2e01e42f2cc35c308d31e1c36f906bbdd81abb52f9

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1, 1; mode=block

Request headers

Referer: https://dh5305-euq1.iphmx.com:4431/quarantine?email=ljones%40foxcu.org
Origin: https://dh5305-euq1.iphmx.com:4431
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 18 Jul 2023 17:19:55 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload, max-age=15768000
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Last-Modified: Fri, 11 Nov 2022 12:17:25 GMT
Server: nginx
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: text/plain; charset=UTF-8
Connection: keep-alive
X-XSS-Protection: 1, 1; mode=block

GET
H/1.1 200
OK 8996201684ac43ebf0dc.ttf
dh5305-euq1.iphmx.com/quarantine/fonts/ 240 KB
241 KB 1398ms
239ms Font
text/plain 68.232.128.201
IRONPORT-SYSTEMS-INC

General

Check archive.org

Show headers Download Go to

Full URL

https://dh5305-euq1.iphmx.com:4431/quarantine/fonts/8996201684ac43ebf0dc.ttf

Requested by

Host: dh5305-euq1.iphmx.com
URL: https://dh5305-euq1.iphmx.com:4431/quarantine?email=ljones%40foxcu.org

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

68.232.128.201 , United States, ASN16417 (IRONPORT-SYSTEMS-INC, US),

Reverse DNS

f4-proxy.iphmx.com

Software

nginx /

Resource Hash

d0663a18419ef93ea23f8c848c7cece8249d759af79d3f66048948985648f803

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1, 1; mode=block

Request headers

Referer: https://dh5305-euq1.iphmx.com:4431/quarantine?email=ljones%40foxcu.org
Origin: https://dh5305-euq1.iphmx.com:4431
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 18 Jul 2023 17:19:55 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload, max-age=15768000
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Last-Modified: Fri, 11 Nov 2022 12:17:25 GMT
Server: nginx
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: text/plain; charset=UTF-8
Connection: keep-alive
X-XSS-Protection: 1, 1; mode=block

GET
H/1.1 200
OK 0a1d77c4b69c3c66302a.ttf
dh5305-euq1.iphmx.com/quarantine/fonts/ 242 KB
243 KB 1449ms
271ms Font
text/plain 68.232.128.201
IRONPORT-SYSTEMS-INC

General

Check archive.org

Show headers Download Go to

Full URL

https://dh5305-euq1.iphmx.com:4431/quarantine/fonts/0a1d77c4b69c3c66302a.ttf

Requested by

Host: dh5305-euq1.iphmx.com
URL: https://dh5305-euq1.iphmx.com:4431/quarantine?email=ljones%40foxcu.org

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

68.232.128.201 , United States, ASN16417 (IRONPORT-SYSTEMS-INC, US),

Reverse DNS

f4-proxy.iphmx.com

Software

nginx /

Resource Hash

e97934651080134f310d344cbbbe756396d2054966e2ed5085a4e6fcf8a00d98

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1, 1; mode=block

Request headers

Referer: https://dh5305-euq1.iphmx.com:4431/quarantine?email=ljones%40foxcu.org
Origin: https://dh5305-euq1.iphmx.com:4431
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 18 Jul 2023 17:19:55 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload, max-age=15768000
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Last-Modified: Fri, 11 Nov 2022 12:17:25 GMT
Server: nginx
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: text/plain; charset=UTF-8
Connection: keep-alive
X-XSS-Protection: 1, 1; mode=block

GET
H/1.1 200
OK 40970c37c6c54d4d573b.ttf
dh5305-euq1.iphmx.com/quarantine/fonts/ 196 KB
197 KB 1550ms
192ms Font
text/plain 68.232.128.201
IRONPORT-SYSTEMS-INC

General

Check archive.org

Show headers Download Go to

Full URL

https://dh5305-euq1.iphmx.com:4431/quarantine/fonts/40970c37c6c54d4d573b.ttf

Requested by

Host: dh5305-euq1.iphmx.com
URL: https://dh5305-euq1.iphmx.com:4431/quarantine?email=ljones%40foxcu.org

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

68.232.128.201 , United States, ASN16417 (IRONPORT-SYSTEMS-INC, US),

Reverse DNS

f4-proxy.iphmx.com

Software

nginx /

Resource Hash

63ff6b44c5afcf573acf27a410b90525ff6acabf270af93b6e0d4911450a0df0

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1, 1; mode=block

Request headers

Referer: https://dh5305-euq1.iphmx.com:4431/quarantine?email=ljones%40foxcu.org
Origin: https://dh5305-euq1.iphmx.com:4431
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 18 Jul 2023 17:19:55 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload, max-age=15768000
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Last-Modified: Fri, 11 Nov 2022 12:17:25 GMT
Server: nginx
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: text/plain; charset=UTF-8
Connection: keep-alive
X-XSS-Protection: 1, 1; mode=block

GET
H/1.1 200
OK e452ead4c517f686176f.ttf
dh5305-euq1.iphmx.com/quarantine/fonts/ 196 KB
197 KB 1635ms
223ms Font
text/plain 68.232.128.201
IRONPORT-SYSTEMS-INC

General

Check archive.org

Show headers Download Go to

Full URL

https://dh5305-euq1.iphmx.com:4431/quarantine/fonts/e452ead4c517f686176f.ttf

Requested by

Host: dh5305-euq1.iphmx.com
URL: https://dh5305-euq1.iphmx.com:4431/quarantine?email=ljones%40foxcu.org

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

68.232.128.201 , United States, ASN16417 (IRONPORT-SYSTEMS-INC, US),

Reverse DNS

f4-proxy.iphmx.com

Software

nginx /

Resource Hash

ebfdf31f29a58b8bbafd57f9e5616f3ee8e6c54d2e31753c247bcd35ef12b6d2

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1, 1; mode=block

Request headers

Referer: https://dh5305-euq1.iphmx.com:4431/quarantine?email=ljones%40foxcu.org
Origin: https://dh5305-euq1.iphmx.com:4431
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 18 Jul 2023 17:19:55 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload, max-age=15768000
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Last-Modified: Fri, 11 Nov 2022 12:17:25 GMT
Server: nginx
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: text/plain; charset=UTF-8
Connection: keep-alive
X-XSS-Protection: 1, 1; mode=block

GET
H/1.1 200
OK f2dabe0b8066eb875f95.ttf
dh5305-euq1.iphmx.com/quarantine/fonts/ 214 KB
215 KB 1680ms
207ms Font
text/plain 68.232.128.201
IRONPORT-SYSTEMS-INC

General

Check archive.org

Show headers Download Go to

Full URL

https://dh5305-euq1.iphmx.com:4431/quarantine/fonts/f2dabe0b8066eb875f95.ttf

Requested by

Host: dh5305-euq1.iphmx.com
URL: https://dh5305-euq1.iphmx.com:4431/quarantine?email=ljones%40foxcu.org

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

68.232.128.201 , United States, ASN16417 (IRONPORT-SYSTEMS-INC, US),

Reverse DNS

f4-proxy.iphmx.com

Software

nginx /

Resource Hash

76131c25164feac11a876fe61702cdbc505ae9665269aeb414acc432e44ae4b6

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1, 1; mode=block

Request headers

Referer: https://dh5305-euq1.iphmx.com:4431/quarantine?email=ljones%40foxcu.org
Origin: https://dh5305-euq1.iphmx.com:4431
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 18 Jul 2023 17:19:55 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload, max-age=15768000
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Last-Modified: Fri, 11 Nov 2022 12:17:25 GMT
Server: nginx
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: text/plain; charset=UTF-8
Connection: keep-alive
X-XSS-Protection: 1, 1; mode=block

GET
H/1.1 200
OK 7312133e39aa2d7211fe.ttf
dh5305-euq1.iphmx.com/quarantine/fonts/ 212 KB
214 KB 1839ms
286ms Font
text/plain 68.232.128.201
IRONPORT-SYSTEMS-INC

General

Check archive.org

Show headers Download Go to

Full URL

https://dh5305-euq1.iphmx.com:4431/quarantine/fonts/7312133e39aa2d7211fe.ttf

Requested by

Host: dh5305-euq1.iphmx.com
URL: https://dh5305-euq1.iphmx.com:4431/quarantine?email=ljones%40foxcu.org

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

68.232.128.201 , United States, ASN16417 (IRONPORT-SYSTEMS-INC, US),

Reverse DNS

f4-proxy.iphmx.com

Software

nginx /

Resource Hash

7e242e4c6e64eec9508c3be5a1e5f7bddae36b70c6c4decc7faab9ac80dac08b

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1, 1; mode=block

Request headers

Referer: https://dh5305-euq1.iphmx.com:4431/quarantine?email=ljones%40foxcu.org
Origin: https://dh5305-euq1.iphmx.com:4431
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 18 Jul 2023 17:19:55 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload, max-age=15768000
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Last-Modified: Fri, 11 Nov 2022 12:17:25 GMT
Server: nginx
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: text/plain; charset=UTF-8
Connection: keep-alive
X-XSS-Protection: 1, 1; mode=block

GET
H/1.1 200
OK 98ece92e76784330efb9.ttf
dh5305-euq1.iphmx.com/quarantine/fonts/ 213 KB
214 KB 1837ms
256ms Font
text/plain 68.232.128.201
IRONPORT-SYSTEMS-INC

General

Check archive.org

Show headers Download Go to

Full URL

https://dh5305-euq1.iphmx.com:4431/quarantine/fonts/98ece92e76784330efb9.ttf

Requested by

Host: dh5305-euq1.iphmx.com
URL: https://dh5305-euq1.iphmx.com:4431/quarantine?email=ljones%40foxcu.org

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

68.232.128.201 , United States, ASN16417 (IRONPORT-SYSTEMS-INC, US),

Reverse DNS

f4-proxy.iphmx.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1, 1; mode=block

Request headers

Referer: https://dh5305-euq1.iphmx.com:4431/quarantine?email=ljones%40foxcu.org
Origin: https://dh5305-euq1.iphmx.com:4431
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 18 Jul 2023 17:19:55 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload, max-age=15768000
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Last-Modified: Fri, 11 Nov 2022 12:17:25 GMT
Server: nginx
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: text/plain; charset=UTF-8
Connection: keep-alive
X-XSS-Protection: 1, 1; mode=block

GET
H/1.1 200
OK 5cccf33da32d5f62079c.ttf
dh5305-euq1.iphmx.com/quarantine/fonts/ 209 KB
210 KB 1840ms
217ms Font
text/plain 68.232.128.201
IRONPORT-SYSTEMS-INC

General

Check archive.org

Show headers Download Go to

Full URL

https://dh5305-euq1.iphmx.com:4431/quarantine/fonts/5cccf33da32d5f62079c.ttf

Requested by

Host: dh5305-euq1.iphmx.com
URL: https://dh5305-euq1.iphmx.com:4431/quarantine?email=ljones%40foxcu.org

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

68.232.128.201 , United States, ASN16417 (IRONPORT-SYSTEMS-INC, US),

Reverse DNS

f4-proxy.iphmx.com

Software

nginx /

Resource Hash

3f434d0e1102284b0cd00ea6fdc1c5e2c7e441bbb77f39f677405bb347e5ca3b

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1, 1; mode=block

Request headers

Referer: https://dh5305-euq1.iphmx.com:4431/quarantine?email=ljones%40foxcu.org
Origin: https://dh5305-euq1.iphmx.com:4431
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 18 Jul 2023 17:19:55 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload, max-age=15768000
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Last-Modified: Fri, 11 Nov 2022 12:17:25 GMT
Server: nginx
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: text/plain; charset=UTF-8
Connection: keep-alive
X-XSS-Protection: 1, 1; mode=block

GET
H/1.1 200
OK 263c9cd0726b2528ac4a.ttf
dh5305-euq1.iphmx.com/quarantine/fonts/ 265 KB
267 KB 1841ms
209ms Font
text/plain 68.232.128.201
IRONPORT-SYSTEMS-INC

General

Check archive.org

Show headers Download Go to

Full URL

https://dh5305-euq1.iphmx.com:4431/quarantine/fonts/263c9cd0726b2528ac4a.ttf

Requested by

Host: dh5305-euq1.iphmx.com
URL: https://dh5305-euq1.iphmx.com:4431/quarantine?email=ljones%40foxcu.org

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

68.232.128.201 , United States, ASN16417 (IRONPORT-SYSTEMS-INC, US),

Reverse DNS

f4-proxy.iphmx.com

Software

nginx /

Resource Hash

7e088acf001979d053655169b06221f08769346b9770d410d98d2f3a0df6e3f1

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1, 1; mode=block

Request headers

Referer: https://dh5305-euq1.iphmx.com:4431/quarantine?email=ljones%40foxcu.org
Origin: https://dh5305-euq1.iphmx.com:4431
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 18 Jul 2023 17:19:55 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload, max-age=15768000
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Last-Modified: Fri, 11 Nov 2022 12:17:25 GMT
Server: nginx
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: text/plain; charset=UTF-8
Connection: keep-alive
X-XSS-Protection: 1, 1; mode=block

GET
H/1.1 200
OK 4631fbf9149dfa65af13.ttf
dh5305-euq1.iphmx.com/quarantine/fonts/ 272 KB
274 KB 1855ms
211ms Font
text/plain 68.232.128.201
IRONPORT-SYSTEMS-INC

General

Check archive.org

Show headers Download Go to

Full URL

https://dh5305-euq1.iphmx.com:4431/quarantine/fonts/4631fbf9149dfa65af13.ttf

Requested by

Host: dh5305-euq1.iphmx.com
URL: https://dh5305-euq1.iphmx.com:4431/quarantine?email=ljones%40foxcu.org

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

68.232.128.201 , United States, ASN16417 (IRONPORT-SYSTEMS-INC, US),

Reverse DNS

f4-proxy.iphmx.com

Software

nginx /

Resource Hash

262a5f604c317fe4439c397c0f7df17664acad1d64d283fd825a9a770a64f450

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1, 1; mode=block

Request headers

Referer: https://dh5305-euq1.iphmx.com:4431/quarantine?email=ljones%40foxcu.org
Origin: https://dh5305-euq1.iphmx.com:4431
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 18 Jul 2023 17:19:55 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload, max-age=15768000
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Last-Modified: Fri, 11 Nov 2022 12:17:25 GMT
Server: nginx
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: text/plain; charset=UTF-8
Connection: keep-alive
X-XSS-Protection: 1, 1; mode=block

GET
H/1.1 200
OK apiConfig.json
dh5305-euq1.iphmx.com/ng-login/ 243 B
1 KB 2042ms
192ms Other
text/plain 68.232.128.201
IRONPORT-SYSTEMS-INC

General

Check archive.org

Show headers Download Go to

Full URL

https://dh5305-euq1.iphmx.com:4431/ng-login/apiConfig.json

Requested by

Host: dh5305-euq1.iphmx.com
URL: https://dh5305-euq1.iphmx.com:4431/quarantine?email=ljones%40foxcu.org

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

68.232.128.201 , United States, ASN16417 (IRONPORT-SYSTEMS-INC, US),

Reverse DNS

f4-proxy.iphmx.com

Software

nginx /

Resource Hash

77bed2cdf7222737f240491655a32e9714725f7d02188e1fbe690ba7dc065ebb

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1, 1; mode=block

Request headers

Referer: https://dh5305-euq1.iphmx.com:4431/quarantine?email=ljones%40foxcu.org
Origin: https://dh5305-euq1.iphmx.com:4431
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 18 Jul 2023 17:19:55 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload, max-age=15768000
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Last-Modified: Mon, 30 Jan 2023 02:21:52 GMT
Server: nginx
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: text/plain; charset=UTF-8
Connection: keep-alive
X-XSS-Protection: 1, 1; mode=block

GET
H/1.1 200
OK locale-en.json
dh5305-euq1.iphmx.com/quarantine/i18n/ 41 KB
42 KB 2055ms
200ms Other
text/plain 68.232.128.201
IRONPORT-SYSTEMS-INC

General

Check archive.org

Show headers Download Go to

Full URL

https://dh5305-euq1.iphmx.com:4431/quarantine/i18n/locale-en.json

Requested by

Host: dh5305-euq1.iphmx.com
URL: https://dh5305-euq1.iphmx.com:4431/quarantine?email=ljones%40foxcu.org

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

68.232.128.201 , United States, ASN16417 (IRONPORT-SYSTEMS-INC, US),

Reverse DNS

f4-proxy.iphmx.com

Software

nginx /

Resource Hash

f5a655f7b78ed26a2b9b2acf2239d3e4a84a84d0a5ce0aece09866e2441747d7

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1, 1; mode=block

Request headers

Referer: https://dh5305-euq1.iphmx.com:4431/quarantine?email=ljones%40foxcu.org
Origin: https://dh5305-euq1.iphmx.com:4431
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 18 Jul 2023 17:19:55 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload, max-age=15768000
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Last-Modified: Fri, 11 Nov 2022 12:17:25 GMT
Server: nginx
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: text/plain; charset=UTF-8
Connection: keep-alive
X-XSS-Protection: 1, 1; mode=block

GET
H/1.1 200
OK env_head.d2bf2eaba9fb584b6010.js Show response
dh5305-euq1.iphmx.com/quarantine/ 2 KB
3 KB 224ms
223ms Script
application/x-javascript 68.232.128.201
IRONPORT-SYSTEMS-INC

General

Check archive.org

Show headers Download Go to

Full URL

https://dh5305-euq1.iphmx.com:4431/quarantine/env_head.d2bf2eaba9fb584b6010.js

Requested by

Host: dh5305-euq1.iphmx.com
URL: https://dh5305-euq1.iphmx.com:4431/quarantine?email=ljones%40foxcu.org

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

68.232.128.201 , United States, ASN16417 (IRONPORT-SYSTEMS-INC, US),

Reverse DNS

f4-proxy.iphmx.com

Software

nginx /

Resource Hash

9b3565e5ade37585c4d4bcaa221b487d99f842f9fce0b98873c1adb9ebdea5e6

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1, 1; mode=block

Request headers

Referer: https://dh5305-euq1.iphmx.com:4431/quarantine?email=ljones%40foxcu.org
Origin: https://dh5305-euq1.iphmx.com:4431
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 18 Jul 2023 17:19:55 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload, max-age=15768000
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Last-Modified: Fri, 11 Nov 2022 12:17:25 GMT
Server: nginx
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: application/x-javascript; charset=UTF-8
Connection: keep-alive
X-XSS-Protection: 1, 1; mode=block

GET
H/1.1 200
OK vendor.e10747a5e17a6be14a33.css
dh5305-euq1.iphmx.com/quarantine/css/ 358 KB
359 KB 231ms
209ms Stylesheet
text/css 68.232.128.201
IRONPORT-SYSTEMS-INC

General

Check archive.org

Show headers Download Go to

Full URL

https://dh5305-euq1.iphmx.com:4431/quarantine/css/vendor.e10747a5e17a6be14a33.css

Requested by

Host: dh5305-euq1.iphmx.com
URL: https://dh5305-euq1.iphmx.com:4431/quarantine?email=ljones%40foxcu.org

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

68.232.128.201 , United States, ASN16417 (IRONPORT-SYSTEMS-INC, US),

Reverse DNS

f4-proxy.iphmx.com

Software

nginx /

Resource Hash

51b77d0b4b52b5ff7be5a45e5e2d4c552ee448083c84063b48976d6a62f2eb33

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1, 1; mode=block

Request headers

Referer: https://dh5305-euq1.iphmx.com:4431/quarantine?email=ljones%40foxcu.org
Origin: https://dh5305-euq1.iphmx.com:4431
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 18 Jul 2023 17:19:54 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload, max-age=15768000
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Last-Modified: Fri, 11 Nov 2022 12:17:25 GMT
Server: nginx
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: text/css; charset=UTF-8
Connection: keep-alive
X-XSS-Protection: 1, 1; mode=block

GET
H/1.1 200
OK main.84346936698c6e417592.css
dh5305-euq1.iphmx.com/quarantine/css/ 744 KB
747 KB 539ms
190ms Stylesheet
text/css 68.232.128.201
IRONPORT-SYSTEMS-INC

General

Check archive.org

Show headers Download Go to

Full URL

https://dh5305-euq1.iphmx.com:4431/quarantine/css/main.84346936698c6e417592.css

Requested by

Host: dh5305-euq1.iphmx.com
URL: https://dh5305-euq1.iphmx.com:4431/quarantine?email=ljones%40foxcu.org

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

68.232.128.201 , United States, ASN16417 (IRONPORT-SYSTEMS-INC, US),

Reverse DNS

f4-proxy.iphmx.com

Software

nginx /

Resource Hash

4d0b1a9fb67e24f673e7e0cd036f57674267c789d8e1a025fe92dc464e76eb05

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1, 1; mode=block

Request headers

Referer: https://dh5305-euq1.iphmx.com:4431/quarantine?email=ljones%40foxcu.org
Origin: https://dh5305-euq1.iphmx.com:4431
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 18 Jul 2023 17:19:54 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload, max-age=15768000
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Last-Modified: Fri, 11 Nov 2022 12:17:25 GMT
Server: nginx
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: text/css; charset=UTF-8
Connection: keep-alive
X-XSS-Protection: 1, 1; mode=block

GET
H/1.1 200
OK vendor.0e554207647b8b5f5607.js Show response
dh5305-euq1.iphmx.com/quarantine/ 2 MB
2 MB 1120ms
1120ms Script
application/x-javascript 68.232.128.201
IRONPORT-SYSTEMS-INC

General

Check archive.org

Show headers Download Go to

Full URL

https://dh5305-euq1.iphmx.com:4431/quarantine/vendor.0e554207647b8b5f5607.js

Requested by

Host: dh5305-euq1.iphmx.com
URL: https://dh5305-euq1.iphmx.com:4431/quarantine?email=ljones%40foxcu.org

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

68.232.128.201 , United States, ASN16417 (IRONPORT-SYSTEMS-INC, US),

Reverse DNS

f4-proxy.iphmx.com

Software

nginx /

Resource Hash

eff9e09e4238ef11695ef2aa8729cf849d21ab9252684560d2e1611344133eb1

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1, 1; mode=block

Request headers

Referer: https://dh5305-euq1.iphmx.com:4431/quarantine?email=ljones%40foxcu.org
Origin: https://dh5305-euq1.iphmx.com:4431
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 18 Jul 2023 17:19:55 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload, max-age=15768000
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Last-Modified: Fri, 11 Nov 2022 12:17:25 GMT
Server: nginx
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: application/x-javascript; charset=UTF-8
Connection: keep-alive
X-XSS-Protection: 1, 1; mode=block

GET
H/1.1 200
OK commons.c1de855d1de0decbaf0a.js Show response
dh5305-euq1.iphmx.com/quarantine/ 188 KB
189 KB 1135ms
1134ms Script
application/x-javascript 68.232.128.201
IRONPORT-SYSTEMS-INC

General

Check archive.org

Show headers Download Go to

Full URL

https://dh5305-euq1.iphmx.com:4431/quarantine/commons.c1de855d1de0decbaf0a.js

Requested by

Host: dh5305-euq1.iphmx.com
URL: https://dh5305-euq1.iphmx.com:4431/quarantine?email=ljones%40foxcu.org

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

68.232.128.201 , United States, ASN16417 (IRONPORT-SYSTEMS-INC, US),

Reverse DNS

f4-proxy.iphmx.com

Software

nginx /

Resource Hash

ad14e944598c1f2ef55298051ccea7350b70c8cd9175f5174e321ac96d6e6ef0

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1, 1; mode=block

Request headers

Referer: https://dh5305-euq1.iphmx.com:4431/quarantine?email=ljones%40foxcu.org
Origin: https://dh5305-euq1.iphmx.com:4431
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 18 Jul 2023 17:19:56 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload, max-age=15768000
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Last-Modified: Fri, 11 Nov 2022 12:17:25 GMT
Server: nginx
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: application/x-javascript; charset=UTF-8
Connection: keep-alive
X-XSS-Protection: 1, 1; mode=block

GET
H/1.1 200
OK main.8c02ed63691d729daeaa.js Show response
dh5305-euq1.iphmx.com/quarantine/ 480 KB
482 KB 1119ms
1118ms Script
application/x-javascript 68.232.128.201
IRONPORT-SYSTEMS-INC

General

Check archive.org

Show headers Download Go to

Full URL

https://dh5305-euq1.iphmx.com:4431/quarantine/main.8c02ed63691d729daeaa.js

Requested by

Host: dh5305-euq1.iphmx.com
URL: https://dh5305-euq1.iphmx.com:4431/quarantine?email=ljones%40foxcu.org

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

68.232.128.201 , United States, ASN16417 (IRONPORT-SYSTEMS-INC, US),

Reverse DNS

f4-proxy.iphmx.com

Software

nginx /

Resource Hash

b4b73e14bc1eb66e65c9f899c77e52a391c8898246b90acea415200e92c4c9af

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1, 1; mode=block

Request headers

Referer: https://dh5305-euq1.iphmx.com:4431/quarantine?email=ljones%40foxcu.org
Origin: https://dh5305-euq1.iphmx.com:4431
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 18 Jul 2023 17:19:56 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload, max-age=15768000
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Last-Modified: Fri, 11 Nov 2022 12:17:25 GMT
Server: nginx
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: application/x-javascript; charset=UTF-8
Connection: keep-alive
X-XSS-Protection: 1, 1; mode=block

GET
H/1.1 200
OK apiConfig.json Show response
dh5305-euq1.iphmx.com/ng-login/ 243 B
1 KB 181ms
180ms XHR
text/plain 68.232.128.201
IRONPORT-SYSTEMS-INC

General

Check archive.org

Show headers Download Go to

Full URL

https://dh5305-euq1.iphmx.com:4431/ng-login/apiConfig.json

Requested by

Host: dh5305-euq1.iphmx.com
URL: https://dh5305-euq1.iphmx.com:4431/quarantine/vendor.0e554207647b8b5f5607.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

68.232.128.201 , United States, ASN16417 (IRONPORT-SYSTEMS-INC, US),

Reverse DNS

f4-proxy.iphmx.com

Software

nginx /

Resource Hash

77bed2cdf7222737f240491655a32e9714725f7d02188e1fbe690ba7dc065ebb

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1, 1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://dh5305-euq1.iphmx.com:4431/quarantine?email=ljones%40foxcu.org
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 18 Jul 2023 17:19:57 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload, max-age=15768000
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Last-Modified: Mon, 30 Jan 2023 02:21:52 GMT
Server: nginx
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: text/plain; charset=UTF-8
Connection: keep-alive
X-XSS-Protection: 1, 1; mode=block

GET
H2

200

ats-ribbon.js
cdn.security.cisco.com/@cisco-ats/ribbon@1.10.2/dist/
Redirect Chain

https://cdn.security.cisco.com/@cisco-ats/ribbon@%5E1.0.0/dist/ats-ribbon.js
https://cdn.security.cisco.com/@cisco-ats/ribbon@1.10.2/dist/ats-ribbon.js

4 MB
1 MB

25ms
24ms

Script
application/javascript

2600:9000:2250:ae00:19:a7d3:e1c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.security.cisco.com/@cisco-ats/ribbon@1.10.2/dist/ats-ribbon.js

Requested by

Host: dh5305-euq1.iphmx.com
URL: https://dh5305-euq1.iphmx.com:4431/quarantine/search

Protocol

Server

2600:9000:2250:ae00:19:a7d3:e1c0:93a1 , United States, ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dh5305-euq1.iphmx.com:4431/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 05:28:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 21642677
x-cdn-cache-status: miss
x-cache: Hit from cloudfront
cache-tag: file, js-file
content-length: 1227999
x-request-id: 825cc57557bc4e7b8416516743f6adfa
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: "4287c0-ozN0h/JtuNxh77X+oRfLMmgXImk"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
x-amz-cf-id: VvpouiuLQoYP8N5up4X0ivBREi4b0tMWWVTJIQcgWNbcVTr_Q3uSxQ==

Redirect headers

date: Tue, 18 Jul 2023 17:10:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 571
x-cdn-cache-status: skip
x-cache: Hit from cloudfront
cache-tag: redirect, semver-redirect
content-length: 66
x-request-id: e82c6c62cb624bc693872d36646a48a6
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /@cisco-ats/ribbon@1.10.2/dist/ats-ribbon.js
cache-control: public, s-maxage=600, max-age=60
x-amz-cf-id: FJopd1Dw1vXCxml-EiCeTTDntbcsxkYWUpKmk-SWL-qiwWDjKFe8Rg==

GET
H/1.1 200
OK euq_url_details
dh5305-euq1.iphmx.com/sma/api/v2.0/config/ 88 B
730 B 255ms
255ms XHR
application/json 68.232.128.201
IRONPORT-SYSTEMS-INC

General

Check archive.org

Show headers Download Go to

Full URL

https://dh5305-euq1.iphmx.com:4431/sma/api/v2.0/config/euq_url_details?device_type=sma

Requested by

Host: dh5305-euq1.iphmx.com
URL: https://dh5305-euq1.iphmx.com:4431/quarantine/vendor.0e554207647b8b5f5607.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

68.232.128.201 , United States, ASN16417 (IRONPORT-SYSTEMS-INC, US),

Reverse DNS

f4-proxy.iphmx.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
portal: euq
Referer: https://dh5305-euq1.iphmx.com:4431/quarantine?email=ljones@foxcu.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 18 Jul 2023 17:19:58 GMT
Strict-Transport-Security: max-age=15768000
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 88
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: nginx
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Disposition, jwtToken
Cache-control: no-store
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type, jwttoken, mid, h, email, portal, cache-control, pragma

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK euq_authentication_method
dh5305-euq1.iphmx.com/sma/api/v2.0/config/ 43 B
685 B 193ms
193ms XHR
application/json 68.232.128.201
IRONPORT-SYSTEMS-INC

General

Check archive.org

Show headers Download Go to

Full URL

https://dh5305-euq1.iphmx.com:4431/sma/api/v2.0/config/euq_authentication_method?device_type=sma

Requested by

Host: dh5305-euq1.iphmx.com
URL: https://dh5305-euq1.iphmx.com:4431/quarantine/vendor.0e554207647b8b5f5607.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

68.232.128.201 , United States, ASN16417 (IRONPORT-SYSTEMS-INC, US),

Reverse DNS

f4-proxy.iphmx.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
portal: euq
Referer: https://dh5305-euq1.iphmx.com:4431/quarantine/search
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 18 Jul 2023 17:19:58 GMT
Strict-Transport-Security: max-age=15768000
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: nginx
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Disposition, jwtToken
Cache-control: no-store
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type, jwttoken, mid, h, email, portal, cache-control, pragma

GET
H/1.1

200
OK

saml2 Show response
login.microsoftonline.com/127e6452-8c8f-49db-897d-9de8caf20410/
Redirect Chain

https://dh5305-euq1.iphmx.com/?ngui=True
https://login.microsoftonline.com/127e6452-8c8f-49db-897d-9de8caf20410/saml2?SAMLRequest=fVJdb9sgFP0rFu%2BOMf7ARkkkx0m0SN0WNdke9hIR%2B6ZBwpAC7tp%2FP2x3XSdtFS9wz7lwzrnMLe%2FkjVW9u6p7eOzBuuC5k8qyEVig...

20 KB
10 KB

222ms
91ms

Document
text/html

2603:1026:3000:d0::
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.microsoftonline.com/127e6452-8c8f-49db-897d-9de8caf20410/saml2?SAMLRequest=fVJdb9sgFP0rFu%2BOMf7ARkkkx0m0SN0WNdke9hIR%2B6ZBwpAC7tp%2FP2x3XSdtFS9wz7lwzrnMLe%2FkjVW9u6p7eOzBuuC5k8qyEVig3iimuRWWKd6BZa5hh%2BrzHSMzzG5GO91oid61fNzBrQXjhFYo2K0X6LSttvWqWm%2BKol7llG625aYuiwQnNV1lMd6cjD2RIk8pTmLMs4RQmuQJJXnmFxCKuUfIhIynZNjl4O%2FK8vIVTyY8Sz3F971W04FNAAXfwVivaIG8QC%2FL2h52yjqunC9hkoSYhnFxjCmLS5aVP1Cw9ikJxd3YdXXuZlkUSf0g1KwTjdFWX5xWUiiYNbqLYkIhTzMSFk1xCdOyPYdFSduwbKFo%2BIXgNMbRkB1BQa2VheHlIUUpzj6tF9ZMRabPjvtLWxRstWlgHNoCXbi0MAjf%2B3TFE7xV9q%2FjWQnVCvXw8WTOE8myT8fjPtx%2FPRxRUP2e1qCq78AcwDyJBr7d3%2F3x3V6zBGch9I%2FxTNyu3fPoGS3ngyM2xmmW%2FyTNo%2FeU%2BfQTv3hlu%2FVeS9G8DDY77v4vPJ7FY0W04WWkMui4kFXbGrDWG5BS%2F6wNcPeWSrScnv37zy9%2FAQ%3D%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=wJzsZFqX1n0issl3E1%2B6FJVkeDfjT7MXRz6HdYWlOwyaUr5bQQq%2FLlgUyh%2FbMKHFbtK7woC%2FTkLlC6Z%2F7IsBVcx7ZRdxkfJI8ZZRSjuoQYUIqk6B2EXc3ilRStWcVbjwd5ep6KnjpOEOUt0QuxxXgD245B87pZpinSulX5AJvXE%2By%2BcdKpDWrzy2BaQAusk%2FAltTRn9vRjJ49MaCF69rM9CchQyGQZ6F7AnYYUSJzd%2FDOD0Q%2BZ%2FDS3yaBbnxfey7M%2FB9jGDU%2FrvS2%2FfZjl4C8kjMj8GjBVNRz6vnHLWgBEtSmyIGBVPB6khHlzE7deiMFOLgppayUoF7%2B9nx%2FMMBww%3D%3D

Requested by

Host: dh5305-euq1.iphmx.com
URL: https://dh5305-euq1.iphmx.com:4431/quarantine/main.8c02ed63691d729daeaa.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2603:1026:3000:d0:: Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

db6e9986c49d646869b6f7fa435eccc31a0393ee741806f1f36cc5d81cfea965

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dh5305-euq1.iphmx.com:4431/quarantine/search
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache
Content-Encoding: gzip
Content-Length: 8969
Content-Type: text/html; charset=utf-8
Date: Tue, 18 Jul 2023 17:19:58 GMT
Expires: -1
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub2"}]}
x-ms-ests-server: 2.1.15811.5 - SEC ProdSlices
x-ms-request-id: 184b5e80-dcc2-4c7b-9987-2c462ff46100

Redirect headers

cache-control: no-cache,must-revalidate,max-age=0,post-check=0,pre-check=0
content-security-policy: default-src 'unsafe-eval' 'unsafe-inline' blob: data: resource://pdf.js/web/ resource://pdf.js/build/ 'self' dh5305-euq1.iphmx.com:*; script-src 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io 'unsafe-inline' 'unsafe-eval'; object-src 'self'; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
content-type: text/html
date: Tue, 18 Jul 2023 17:19:59 GMT
expires: Tue, 18 Jul 2023 17:19:58 GMT
last-modified: Tue, 18 Jul 2023 17:19:58 GMT
location: https://login.microsoftonline.com/127e6452-8c8f-49db-897d-9de8caf20410/saml2?SAMLRequest=fVJdb9sgFP0rFu%2BOMf7ARkkkx0m0SN0WNdke9hIR%2B6ZBwpAC7tp%2FP2x3XSdtFS9wz7lwzrnMLe%2FkjVW9u6p7eOzBuuC5k8qyEVig3iimuRWWKd6BZa5hh%2BrzHSMzzG5GO91oid61fNzBrQXjhFYo2K0X6LSttvWqWm%2BKol7llG625aYuiwQnNV1lMd6cjD2RIk8pTmLMs4RQmuQJJXnmFxCKuUfIhIynZNjl4O%2FK8vIVTyY8Sz3F971W04FNAAXfwVivaIG8QC%2FL2h52yjqunC9hkoSYhnFxjCmLS5aVP1Cw9ikJxd3YdXXuZlkUSf0g1KwTjdFWX5xWUiiYNbqLYkIhTzMSFk1xCdOyPYdFSduwbKFo%2BIXgNMbRkB1BQa2VheHlIUUpzj6tF9ZMRabPjvtLWxRstWlgHNoCXbi0MAjf%2B3TFE7xV9q%2FjWQnVCvXw8WTOE8myT8fjPtx%2FPRxRUP2e1qCq78AcwDyJBr7d3%2F3x3V6zBGch9I%2FxTNyu3fPoGS3ngyM2xmmW%2FyTNo%2FeU%2BfQTv3hlu%2FVeS9G8DDY77v4vPJ7FY0W04WWkMui4kFXbGrDWG5BS%2F6wNcPeWSrScnv37zy9%2FAQ%3D%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=wJzsZFqX1n0issl3E1%2B6FJVkeDfjT7MXRz6HdYWlOwyaUr5bQQq%2FLlgUyh%2FbMKHFbtK7woC%2FTkLlC6Z%2F7IsBVcx7ZRdxkfJI8ZZRSjuoQYUIqk6B2EXc3ilRStWcVbjwd5ep6KnjpOEOUt0QuxxXgD245B87pZpinSulX5AJvXE%2By%2BcdKpDWrzy2BaQAusk%2FAltTRn9vRjJ49MaCF69rM9CchQyGQZ6F7AnYYUSJzd%2FDOD0Q%2BZ%2FDS3yaBbnxfey7M%2FB9jGDU%2FrvS2%2FfZjl4C8kjMj8GjBVNRz6vnHLWgBEtSmyIGBVPB6khHlzE7deiMFOLgppayUoF7%2B9nx%2FMMBww%3D%3D
pragma: no-cache
server: nginx
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN SAMEORIGIN
x-xss-protection: 1 1; mode=block

GET
H2 200 BssoInterrupt_Core_Idq2Hj-dVynnBd7zEp44UQ2.js Show response
aadcdn.msauth.net/shared/1.0/content/js/ 135 KB
48 KB 200ms
87ms Script
application/x-javascript 2620:1ec:46::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msauth.net/shared/1.0/content/js/BssoInterrupt_Core_Idq2Hj-dVynnBd7zEp44UQ2.js
Requested by: Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/127e6452-8c8f-49db-897d-9de8caf20410/saml2?SAMLRequest=fVJdb9sgFP0rFu%2BOMf7ARkkkx0m0SN0WNdke9hIR%2B6ZBwpAC7tp%2FP2x3XSdtFS9wz7lwzrnMLe%2FkjVW9u6p7eOzBuuC5k8qyEVig3iimuRWWKd6BZa5hh%2BrzHSMzzG5GO91oid61fNzBrQXjhFYo2K0X6LSttvWqWm%2BKol7llG625aYuiwQnNV1lMd6cjD2RIk8pTmLMs4RQmuQJJXnmFxCKuUfIhIynZNjl4O%2FK8vIVTyY8Sz3F971W04FNAAXfwVivaIG8QC%2FL2h52yjqunC9hkoSYhnFxjCmLS5aVP1Cw9ikJxd3YdXXuZlkUSf0g1KwTjdFWX5xWUiiYNbqLYkIhTzMSFk1xCdOyPYdFSduwbKFo%2BIXgNMbRkB1BQa2VheHlIUUpzj6tF9ZMRabPjvtLWxRstWlgHNoCXbi0MAjf%2B3TFE7xV9q%2FjWQnVCvXw8WTOE8myT8fjPtx%2FPRxRUP2e1qCq78AcwDyJBr7d3%2F3x3V6zBGch9I%2FxTNyu3fPoGS3ngyM2xmmW%2FyTNo%2FeU%2BfQTv3hlu%2FVeS9G8DDY77v4vPJ7FY0W04WWkMui4kFXbGrDWG5BS%2F6wNcPeWSrScnv37zy9%2FAQ%3D%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=wJzsZFqX1n0issl3E1%2B6FJVkeDfjT7MXRz6HdYWlOwyaUr5bQQq%2FLlgUyh%2FbMKHFbtK7woC%2FTkLlC6Z%2F7IsBVcx7ZRdxkfJI8ZZRSjuoQYUIqk6B2EXc3ilRStWcVbjwd5ep6KnjpOEOUt0QuxxXgD245B87pZpinSulX5AJvXE%2By%2BcdKpDWrzy2BaQAusk%2FAltTRn9vRjJ49MaCF69rM9CchQyGQZ6F7AnYYUSJzd%2FDOD0Q%2BZ%2FDS3yaBbnxfey7M%2FB9jGDU%2FrvS2%2FfZjl4C8kjMj8GjBVNRz6vnHLWgBEtSmyIGBVPB6khHlzE7deiMFOLgppayUoF7%2B9nx%2FMMBww%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: b9971c126e784f8ebd1c49e506bdae14af53c240928cb9ae615f5a0908d9d296

Request headers

Referer: https://login.microsoftonline.com/
Origin: https://login.microsoftonline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 18 Jul 2023 17:19:59 GMT
content-encoding: gzip
x-cache: TCP_HIT
content-length: 48709
x-ms-lease-status: unlocked
last-modified: Wed, 28 Jun 2023 03:12:44 GMT
etag: 0x8DB77858AAB8576
x-azure-ref: 20230718T171959Z-7cd4y06rwx4xh6ad1nz02g55sw00000003qg00000000f8t1
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: a17fc76c-301e-008c-765e-b7943f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H/1.1 200
OK Primary Request saml2 Show response
login.microsoftonline.com/127e6452-8c8f-49db-897d-9de8caf20410/ 38 KB
16 KB 244ms
244ms Document
text/html 2603:1026:3000:d0::
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/BssoInterrupt_Core_Idq2Hj-dVynnBd7zEp44UQ2.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2603:1026:3000:d0:: Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3c97287678c6a26969d9679c70a4c5990dcdb7e187b147058fdb101a53c331ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://login.microsoftonline.com/127e6452-8c8f-49db-897d-9de8caf20410/saml2?SAMLRequest=fVJdb9sgFP0rFu%2BOMf7ARkkkx0m0SN0WNdke9hIR%2B6ZBwpAC7tp%2FP2x3XSdtFS9wz7lwzrnMLe%2FkjVW9u6p7eOzBuuC5k8qyEVig3iimuRWWKd6BZa5hh%2BrzHSMzzG5GO91oid61fNzBrQXjhFYo2K0X6LSttvWqWm%2BKol7llG625aYuiwQnNV1lMd6cjD2RIk8pTmLMs4RQmuQJJXnmFxCKuUfIhIynZNjl4O%2FK8vIVTyY8Sz3F971W04FNAAXfwVivaIG8QC%2FL2h52yjqunC9hkoSYhnFxjCmLS5aVP1Cw9ikJxd3YdXXuZlkUSf0g1KwTjdFWX5xWUiiYNbqLYkIhTzMSFk1xCdOyPYdFSduwbKFo%2BIXgNMbRkB1BQa2VheHlIUUpzj6tF9ZMRabPjvtLWxRstWlgHNoCXbi0MAjf%2B3TFE7xV9q%2FjWQnVCvXw8WTOE8myT8fjPtx%2FPRxRUP2e1qCq78AcwDyJBr7d3%2F3x3V6zBGch9I%2FxTNyu3fPoGS3ngyM2xmmW%2FyTNo%2FeU%2BfQTv3hlu%2FVeS9G8DDY77v4vPJ7FY0W04WWkMui4kFXbGrDWG5BS%2F6wNcPeWSrScnv37zy9%2FAQ%3D%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=wJzsZFqX1n0issl3E1%2B6FJVkeDfjT7MXRz6HdYWlOwyaUr5bQQq%2FLlgUyh%2FbMKHFbtK7woC%2FTkLlC6Z%2F7IsBVcx7ZRdxkfJI8ZZRSjuoQYUIqk6B2EXc3ilRStWcVbjwd5ep6KnjpOEOUt0QuxxXgD245B87pZpinSulX5AJvXE%2By%2BcdKpDWrzy2BaQAusk%2FAltTRn9vRjJ49MaCF69rM9CchQyGQZ6F7AnYYUSJzd%2FDOD0Q%2BZ%2FDS3yaBbnxfey7M%2FB9jGDU%2FrvS2%2FfZjl4C8kjMj8GjBVNRz6vnHLWgBEtSmyIGBVPB6khHlzE7deiMFOLgppayUoF7%2B9nx%2FMMBww%3D%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache
Content-Encoding: gzip
Content-Length: 14679
Content-Type: text/html; charset=utf-8
Date: Tue, 18 Jul 2023 17:19:59 GMT
Expires: -1
Link: <https://aadcdn.msftauth.net>; rel=preconnect; crossorigin <https://aadcdn.msftauth.net>; rel=dns-prefetch <https://aadcdn.msauth.net>; rel=dns-prefetch
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-DNS-Prefetch-Control: on
X-Frame-Options: DENY
X-XSS-Protection: 0
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub2"}]}
x-ms-ests-server: 2.1.15771.4 - NCUS ProdSlices
x-ms-request-id: 52febc46-7c37-4d29-8e55-81d1dcde2f01

GET
H2 200 converged.v2.login.min_xs4q-enqjizb-pd0ha63sw2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 108 KB
20 KB 78ms
20ms Stylesheet
text/css 2606:2800:233:78b9:f44e:2c1f:31aa:d9ef
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_xs4q-enqjizb-pd0ha63sw2.css
Requested by: Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/127e6452-8c8f-49db-897d-9de8caf20410/saml2?SAMLRequest=fVJdb9sgFP0rFu%2BOMf7ARkkkx0m0SN0WNdke9hIR%2B6ZBwpAC7tp%2FP2x3XSdtFS9wz7lwzrnMLe%2FkjVW9u6p7eOzBuuC5k8qyEVig3iimuRWWKd6BZa5hh%2BrzHSMzzG5GO91oid61fNzBrQXjhFYo2K0X6LSttvWqWm%2BKol7llG625aYuiwQnNV1lMd6cjD2RIk8pTmLMs4RQmuQJJXnmFxCKuUfIhIynZNjl4O%2FK8vIVTyY8Sz3F971W04FNAAXfwVivaIG8QC%2FL2h52yjqunC9hkoSYhnFxjCmLS5aVP1Cw9ikJxd3YdXXuZlkUSf0g1KwTjdFWX5xWUiiYNbqLYkIhTzMSFk1xCdOyPYdFSduwbKFo%2BIXgNMbRkB1BQa2VheHlIUUpzj6tF9ZMRabPjvtLWxRstWlgHNoCXbi0MAjf%2B3TFE7xV9q%2FjWQnVCvXw8WTOE8myT8fjPtx%2FPRxRUP2e1qCq78AcwDyJBr7d3%2F3x3V6zBGch9I%2FxTNyu3fPoGS3ngyM2xmmW%2FyTNo%2FeU%2BfQTv3hlu%2FVeS9G8DDY77v4vPJ7FY0W04WWkMui4kFXbGrDWG5BS%2F6wNcPeWSrScnv37zy9%2FAQ%3D%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=wJzsZFqX1n0issl3E1%2B6FJVkeDfjT7MXRz6HdYWlOwyaUr5bQQq%2FLlgUyh%2FbMKHFbtK7woC%2FTkLlC6Z%2F7IsBVcx7ZRdxkfJI8ZZRSjuoQYUIqk6B2EXc3ilRStWcVbjwd5ep6KnjpOEOUt0QuxxXgD245B87pZpinSulX5AJvXE%2By%2BcdKpDWrzy2BaQAusk%2FAltTRn9vRjJ49MaCF69rM9CchQyGQZ6F7AnYYUSJzd%2FDOD0Q%2BZ%2FDS3yaBbnxfey7M%2FB9jGDU%2FrvS2%2FfZjl4C8kjMj8GjBVNRz6vnHLWgBEtSmyIGBVPB6khHlzE7deiMFOLgppayUoF7%2B9nx%2FMMBww%3D%3D&sso_reload=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:78b9:f44e:2c1f:31aa:d9ef , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CE2) /
Resource Hash: 09bcfd473f343f606206e638d6aa7c7436ab54f40fca8f3ea2247fc068147ffe

Request headers

Referer: https://login.microsoftonline.com/
Origin: https://login.microsoftonline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 18 Jul 2023 17:19:59 GMT
content-encoding: gzip
content-md5: 51nXYTkRfeACFNqVw7bA7Q==
age: 5273492
x-cache: HIT
content-length: 20105
x-ms-lease-status: unlocked
last-modified: Wed, 17 May 2023 19:53:45 GMT
server: ECAcc (frc/4CE2)
etag: 0x8DB57106C9FE01F
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: d33a21e2-101e-0001-51a5-892088000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 ConvergedLogin_PCore_fq9Dgd1s0yjVHEKfFgpcEQ2.js Show response
aadcdn.msftauth.net/shared/1.0/content/js/ 411 KB
114 KB 79ms
21ms Script
application/x-javascript 2606:2800:233:78b9:f44e:2c1f:31aa:d9ef
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_fq9Dgd1s0yjVHEKfFgpcEQ2.js
Requested by: Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/127e6452-8c8f-49db-897d-9de8caf20410/saml2?SAMLRequest=fVJdb9sgFP0rFu%2BOMf7ARkkkx0m0SN0WNdke9hIR%2B6ZBwpAC7tp%2FP2x3XSdtFS9wz7lwzrnMLe%2FkjVW9u6p7eOzBuuC5k8qyEVig3iimuRWWKd6BZa5hh%2BrzHSMzzG5GO91oid61fNzBrQXjhFYo2K0X6LSttvWqWm%2BKol7llG625aYuiwQnNV1lMd6cjD2RIk8pTmLMs4RQmuQJJXnmFxCKuUfIhIynZNjl4O%2FK8vIVTyY8Sz3F971W04FNAAXfwVivaIG8QC%2FL2h52yjqunC9hkoSYhnFxjCmLS5aVP1Cw9ikJxd3YdXXuZlkUSf0g1KwTjdFWX5xWUiiYNbqLYkIhTzMSFk1xCdOyPYdFSduwbKFo%2BIXgNMbRkB1BQa2VheHlIUUpzj6tF9ZMRabPjvtLWxRstWlgHNoCXbi0MAjf%2B3TFE7xV9q%2FjWQnVCvXw8WTOE8myT8fjPtx%2FPRxRUP2e1qCq78AcwDyJBr7d3%2F3x3V6zBGch9I%2FxTNyu3fPoGS3ngyM2xmmW%2FyTNo%2FeU%2BfQTv3hlu%2FVeS9G8DDY77v4vPJ7FY0W04WWkMui4kFXbGrDWG5BS%2F6wNcPeWSrScnv37zy9%2FAQ%3D%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=wJzsZFqX1n0issl3E1%2B6FJVkeDfjT7MXRz6HdYWlOwyaUr5bQQq%2FLlgUyh%2FbMKHFbtK7woC%2FTkLlC6Z%2F7IsBVcx7ZRdxkfJI8ZZRSjuoQYUIqk6B2EXc3ilRStWcVbjwd5ep6KnjpOEOUt0QuxxXgD245B87pZpinSulX5AJvXE%2By%2BcdKpDWrzy2BaQAusk%2FAltTRn9vRjJ49MaCF69rM9CchQyGQZ6F7AnYYUSJzd%2FDOD0Q%2BZ%2FDS3yaBbnxfey7M%2FB9jGDU%2FrvS2%2FfZjl4C8kjMj8GjBVNRz6vnHLWgBEtSmyIGBVPB6khHlzE7deiMFOLgppayUoF7%2B9nx%2FMMBww%3D%3D&sso_reload=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:78b9:f44e:2c1f:31aa:d9ef , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CE9) /
Resource Hash: 586583f558bbe95986997a8b2fd6769e834243412d3e6d015019dcdce91b9c70

Request headers

Referer: https://login.microsoftonline.com/
Origin: https://login.microsoftonline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 18 Jul 2023 17:19:59 GMT
content-encoding: gzip
content-md5: yywoV+0jNhM0h//k/b4t9g==
age: 2251344
x-cache: HIT
content-length: 116403
x-ms-lease-status: unlocked
last-modified: Tue, 20 Jun 2023 15:42:05 GMT
server: ECAcc (frc/4CE9)
etag: 0x8DB71A4E683EBB6
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 27c8eeb6-601e-0097-4f22-a58124000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 ux.converged.login.strings-de.min_fqlcntte-m135qx9hyxtxg2.js Show response
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 54 KB
16 KB 117ms
58ms Script
application/x-javascript 2606:2800:233:78b9:f44e:2c1f:31aa:d9ef
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-de.min_fqlcntte-m135qx9hyxtxg2.js
Requested by: Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/127e6452-8c8f-49db-897d-9de8caf20410/saml2?SAMLRequest=fVJdb9sgFP0rFu%2BOMf7ARkkkx0m0SN0WNdke9hIR%2B6ZBwpAC7tp%2FP2x3XSdtFS9wz7lwzrnMLe%2FkjVW9u6p7eOzBuuC5k8qyEVig3iimuRWWKd6BZa5hh%2BrzHSMzzG5GO91oid61fNzBrQXjhFYo2K0X6LSttvWqWm%2BKol7llG625aYuiwQnNV1lMd6cjD2RIk8pTmLMs4RQmuQJJXnmFxCKuUfIhIynZNjl4O%2FK8vIVTyY8Sz3F971W04FNAAXfwVivaIG8QC%2FL2h52yjqunC9hkoSYhnFxjCmLS5aVP1Cw9ikJxd3YdXXuZlkUSf0g1KwTjdFWX5xWUiiYNbqLYkIhTzMSFk1xCdOyPYdFSduwbKFo%2BIXgNMbRkB1BQa2VheHlIUUpzj6tF9ZMRabPjvtLWxRstWlgHNoCXbi0MAjf%2B3TFE7xV9q%2FjWQnVCvXw8WTOE8myT8fjPtx%2FPRxRUP2e1qCq78AcwDyJBr7d3%2F3x3V6zBGch9I%2FxTNyu3fPoGS3ngyM2xmmW%2FyTNo%2FeU%2BfQTv3hlu%2FVeS9G8DDY77v4vPJ7FY0W04WWkMui4kFXbGrDWG5BS%2F6wNcPeWSrScnv37zy9%2FAQ%3D%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=wJzsZFqX1n0issl3E1%2B6FJVkeDfjT7MXRz6HdYWlOwyaUr5bQQq%2FLlgUyh%2FbMKHFbtK7woC%2FTkLlC6Z%2F7IsBVcx7ZRdxkfJI8ZZRSjuoQYUIqk6B2EXc3ilRStWcVbjwd5ep6KnjpOEOUt0QuxxXgD245B87pZpinSulX5AJvXE%2By%2BcdKpDWrzy2BaQAusk%2FAltTRn9vRjJ49MaCF69rM9CchQyGQZ6F7AnYYUSJzd%2FDOD0Q%2BZ%2FDS3yaBbnxfey7M%2FB9jGDU%2FrvS2%2FfZjl4C8kjMj8GjBVNRz6vnHLWgBEtSmyIGBVPB6khHlzE7deiMFOLgppayUoF7%2B9nx%2FMMBww%3D%3D&sso_reload=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:78b9:f44e:2c1f:31aa:d9ef , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CCC) /
Resource Hash: 157fb47ad3475660a8d6991397f68ac37562bf48de59b4b47a8723e288b7d90d

Request headers

Referer: https://login.microsoftonline.com/
Origin: https://login.microsoftonline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 18 Jul 2023 17:19:59 GMT
content-encoding: gzip
content-md5: jaoqTApQhJPAUKSCBtxG0Q==
age: 2541590
x-cache: HIT
content-length: 15904
x-ms-lease-status: unlocked
last-modified: Fri, 16 Jun 2023 19:09:21 GMT
server: ECAcc (frc/4CCC)
etag: 0x8DB6E9D30D0B0A6
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: e2cda36b-201e-003e-7a7e-a2de12000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H/1.1 200
OK Me.htm
login.live.com/ 0
0 312ms
120ms Other
text/html 40.126.32.140
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://login.live.com/Me.htm?v=3
Requested by: Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/127e6452-8c8f-49db-897d-9de8caf20410/saml2?SAMLRequest=fVJdb9sgFP0rFu%2BOMf7ARkkkx0m0SN0WNdke9hIR%2B6ZBwpAC7tp%2FP2x3XSdtFS9wz7lwzrnMLe%2FkjVW9u6p7eOzBuuC5k8qyEVig3iimuRWWKd6BZa5hh%2BrzHSMzzG5GO91oid61fNzBrQXjhFYo2K0X6LSttvWqWm%2BKol7llG625aYuiwQnNV1lMd6cjD2RIk8pTmLMs4RQmuQJJXnmFxCKuUfIhIynZNjl4O%2FK8vIVTyY8Sz3F971W04FNAAXfwVivaIG8QC%2FL2h52yjqunC9hkoSYhnFxjCmLS5aVP1Cw9ikJxd3YdXXuZlkUSf0g1KwTjdFWX5xWUiiYNbqLYkIhTzMSFk1xCdOyPYdFSduwbKFo%2BIXgNMbRkB1BQa2VheHlIUUpzj6tF9ZMRabPjvtLWxRstWlgHNoCXbi0MAjf%2B3TFE7xV9q%2FjWQnVCvXw8WTOE8myT8fjPtx%2FPRxRUP2e1qCq78AcwDyJBr7d3%2F3x3V6zBGch9I%2FxTNyu3fPoGS3ngyM2xmmW%2FyTNo%2FeU%2BfQTv3hlu%2FVeS9G8DDY77v4vPJ7FY0W04WWkMui4kFXbGrDWG5BS%2F6wNcPeWSrScnv37zy9%2FAQ%3D%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=wJzsZFqX1n0issl3E1%2B6FJVkeDfjT7MXRz6HdYWlOwyaUr5bQQq%2FLlgUyh%2FbMKHFbtK7woC%2FTkLlC6Z%2F7IsBVcx7ZRdxkfJI8ZZRSjuoQYUIqk6B2EXc3ilRStWcVbjwd5ep6KnjpOEOUt0QuxxXgD245B87pZpinSulX5AJvXE%2By%2BcdKpDWrzy2BaQAusk%2FAltTRn9vRjJ49MaCF69rM9CchQyGQZ6F7AnYYUSJzd%2FDOD0Q%2BZ%2FDS3yaBbnxfey7M%2FB9jGDU%2FrvS2%2FfZjl4C8kjMj8GjBVNRz6vnHLWgBEtSmyIGBVPB6khHlzE7deiMFOLgppayUoF7%2B9nx%2FMMBww%3D%3D&sso_reload=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.126.32.140 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 200 convergedlogin_pcustomizationloader_9c8fa7b7be17121cabe1.js Show response
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 107 KB
32 KB 158ms
21ms Script
application/x-javascript 2606:2800:233:78b9:f44e:2c1f:31aa:d9ef
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_9c8fa7b7be17121cabe1.js
Requested by: Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_fq9Dgd1s0yjVHEKfFgpcEQ2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:78b9:f44e:2c1f:31aa:d9ef , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CF7) /
Resource Hash: 83e31656be5bd43730be156d66b3b53a6e2debbf8f48b7cb26166e5e73a349e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 18 Jul 2023 17:20:00 GMT
content-encoding: gzip
content-md5: 2bI1Berv2EWLfhOTg8ynrg==
age: 2815225
x-cache: HIT
content-length: 32254
x-ms-lease-status: unlocked
last-modified: Tue, 13 Jun 2023 17:22:33 GMT
server: ECAcc (frc/4CF7)
etag: 0x8DB6C32C6A12948
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 1e526848-e01e-0018-3001-a04682000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 convergedlogin_pfetchsessionsprogress_60df628074b7f1533459.js Show response
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 15 KB
6 KB 20ms
19ms Script
application/x-javascript 2606:2800:233:78b9:f44e:2c1f:31aa:d9ef
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_60df628074b7f1533459.js
Requested by: Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_fq9Dgd1s0yjVHEKfFgpcEQ2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:78b9:f44e:2c1f:31aa:d9ef , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CD1) /
Resource Hash: c7a7c8e6f13b280c32ec45b602c6d6229493f07152f9b99fde464f76fa4b971f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 18 Jul 2023 17:20:00 GMT
content-encoding: gzip
content-md5: yILHp7/KFM7LtWbnfR6aCw==
age: 2787663
x-cache: HIT
content-length: 5534
x-ms-lease-status: unlocked
last-modified: Tue, 13 Jun 2023 17:22:34 GMT
server: ECAcc (frc/4CD1)
etag: 0x8DB6C32C6B6D251
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: bf563acb-201e-007b-1241-a03711000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
aadcdn.msftauth.net/shared/1.0/content/images/ 3 KB
3 KB 21ms
20ms Image
image/gif 2606:2800:233:78b9:f44e:2c1f:31aa:d9ef
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:78b9:f44e:2c1f:31aa:d9ef , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CDE) /
Resource Hash: a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 18 Jul 2023 17:20:00 GMT
content-md5: Fm3lNHEmUlOrOkVt7+baIw==
age: 4232601
x-cache: HIT
content-length: 2672
x-ms-lease-status: unlocked
last-modified: Wed, 24 May 2023 10:11:48 GMT
server: ECAcc (frc/4CDE)
etag: 0x8DB5C3F4982FD30
content-type: image/gif
access-control-allow-origin: *
x-ms-request-id: 0da61581-a01e-001a-151d-934bef000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
aadcdn.msftauth.net/shared/1.0/content/images/ 4 KB
4 KB 21ms
21ms Image
image/gif 2606:2800:233:78b9:f44e:2c1f:31aa:d9ef
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:78b9:f44e:2c1f:31aa:d9ef , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4D04) /
Resource Hash: 8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 18 Jul 2023 17:20:00 GMT
content-md5: tUCo5RgDcZLjLE/li/Lbqw==
age: 4232601
x-cache: HIT
content-length: 3620
x-ms-lease-status: unlocked
last-modified: Wed, 24 May 2023 10:11:48 GMT
server: ECAcc (frc/4D04)
etag: 0x8DB5C3F492F3EE5
content-type: image/gif
access-control-allow-origin: *
x-ms-request-id: 0969de91-901e-0047-551d-933aeb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 illustration
aadcdn.msftauthimages.net/dbd5a2dd-uagb8eiiusjmhz2rypfcfyjfpbkfhiub7uvymbhwy14/logintenantbranding/0/ 230 KB
230 KB 302ms
223ms Image
image/* 2620:1ec:46::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msftauthimages.net/dbd5a2dd-uagb8eiiusjmhz2rypfcfyjfpbkfhiub7uvymbhwy14/logintenantbranding/0/illustration?ts=637999100801667790
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 141270189af11f1bb6b51901dc83d0877c6373f243f09e9df1fa1ae817885d36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Tue, 18 Jul 2023 17:20:00 GMT
last-modified: Tue, 27 Sep 2022 21:14:40 GMT
etag: 0x8DAA0CD4A9B31B8
vary: Origin
x-azure-ref: 20230718T172000Z-k4b4u9q2k1657d4v62pst9819w00000003k00000000244yd
content-type: image/*
x-ms-request-id: 1983112b-f01e-0021-369c-b92328000000
cache-control: public, max-age=86400
x-cache: TCP_MISS
x-ms-version: 2009-09-19
accept-ranges: bytes
content-length: 235200

GET
H2 200 bannerlogo
aadcdn.msftauthimages.net/dbd5a2dd-uagb8eiiusjmhz2rypfcfyjfpbkfhiub7uvymbhwy14/logintenantbranding/0/ 10 KB
10 KB 473ms
395ms Image
image/* 2620:1ec:46::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msftauthimages.net/dbd5a2dd-uagb8eiiusjmhz2rypfcfyjfpbkfhiub7uvymbhwy14/logintenantbranding/0/bannerlogo?ts=636349566586975755
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c057b4fbf9be4053bdf8d3759ea19e391716cdf1ed2c65c48aeb8217c11359ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Tue, 18 Jul 2023 17:20:00 GMT
last-modified: Thu, 06 Jul 2017 16:50:59 GMT
etag: 0x8D4C48F2D93C970
vary: Origin
x-azure-ref: 20230718T172000Z-k4b4u9q2k1657d4v62pst9819w00000003k00000000244ye
content-type: image/*
x-ms-request-id: 7778697f-601e-0041-3f9c-b95fb7000000
cache-control: public, max-age=86400
x-cache: TCP_MISS
x-ms-version: 2009-09-19
accept-ranges: bytes
content-length: 9941

GET
H2 200 marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
aadcdn.msftauth.net/shared/1.0/content/images/ 3 KB
3 KB 20ms
20ms Image
image/gif 2606:2800:233:78b9:f44e:2c1f:31aa:d9ef
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
Requested by: Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_fq9Dgd1s0yjVHEKfFgpcEQ2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:78b9:f44e:2c1f:31aa:d9ef , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CDE) /
Resource Hash: a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 18 Jul 2023 17:20:00 GMT
content-md5: Fm3lNHEmUlOrOkVt7+baIw==
age: 4232601
x-cache: HIT
content-length: 2672
x-ms-lease-status: unlocked
last-modified: Wed, 24 May 2023 10:11:48 GMT
server: ECAcc (frc/4CDE)
etag: 0x8DB5C3F4982FD30
content-type: image/gif
access-control-allow-origin: *
x-ms-request-id: 0da61581-a01e-001a-151d-934bef000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
aadcdn.msftauth.net/shared/1.0/content/images/ 4 KB
4 KB 32ms
32ms Image
image/gif 2606:2800:233:78b9:f44e:2c1f:31aa:d9ef
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
Requested by: Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_fq9Dgd1s0yjVHEKfFgpcEQ2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:78b9:f44e:2c1f:31aa:d9ef , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4D04) /
Resource Hash: 8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 18 Jul 2023 17:20:00 GMT
content-md5: tUCo5RgDcZLjLE/li/Lbqw==
age: 4232601
x-cache: HIT
content-length: 3620
x-ms-lease-status: unlocked
last-modified: Wed, 24 May 2023 10:11:48 GMT
server: ECAcc (frc/4D04)
etag: 0x8DB5C3F492F3EE5
content-type: image/gif
access-control-allow-origin: *
x-ms-request-id: 0969de91-901e-0047-551d-933aeb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H/1.1 401
Unauthorized ssoprobe
autologon.microsoftazuread-sso.com/127e6452-8c8f-49db-897d-9de8caf20410/winauth/ 12 B
1 KB 197ms
45ms Image
image/png 2603:1026:3000:c8::9
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://autologon.microsoftazuread-sso.com/127e6452-8c8f-49db-897d-9de8caf20410/winauth/ssoprobe?client-request-id=008331bd-41d9-4618-aa0e-be82ea228ef0&_=1689700800239

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2603:1026:3000:c8::9 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 18 Jul 2023 17:20:00 GMT
X-Content-Type-Options: nosniff
WWW-Authenticate: Negotiate
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Content-Length: 12
X-XSS-Protection: 0
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Vary: Origin
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: image/png; charset=utf-8
Access-Control-Allow-Origin: https://login.microsoftonline.com
x-ms-request-id: c9e5e864-95ab-423f-9156-5b5423b72600
Cache-Control: no-store, no-cache
Access-Control-Allow-Credentials: true
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub2"}]}
x-ms-ests-server: 2.1.15811.5 - NEULR1 ProdSlices
Expires: -1

POST
H/1.1 200
OK dssostatus Show response
login.microsoftonline.com/common/instrumentation/ 265 B
1 KB 140ms
139ms XHR
application/json 2603:1026:3000:d0::
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.microsoftonline.com/common/instrumentation/dssostatus

Requested by

Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_fq9Dgd1s0yjVHEKfFgpcEQ2.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2603:1026:3000:d0:: Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2abe2f5fffd7e57296f24898d0928ba3145e867b4bdab0ba54b76221c311a924

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

hpgrequestid: 52febc46-7c37-4d29-8e55-81d1dcde2f01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
client-request-id: 008331bd-41d9-4618-aa0e-be82ea228ef0
canary: PAQABAAEAAAD--DLA3VO7QrddgJg7Wevr46IUzco3PWPeN0TjFaogVsJzPYLk6CkDm4kdLyfRWbksuVGNymMr29yIOxD-rbLM9N5_qzqXl7fgpA6IYj7ltrTPjbCzHR_SW5jAsf4bDj_7_hUkYmf2BthUv5gwYrYTedtbBrqA0TtMZkYPpadzzzPhGTCOJ13y3sbR7orMr-vE8iyToQnVN4oP4vD8h6iKSfK6fBUEUqGkUoq7crfF7SAA
Content-type: application/json; charset=UTF-8
hpgid: 1104
Accept: application/json
Referer: https://login.microsoftonline.com/127e6452-8c8f-49db-897d-9de8caf20410/saml2?SAMLRequest=fVJdb9sgFP0rFu%2BOMf7ARkkkx0m0SN0WNdke9hIR%2B6ZBwpAC7tp%2FP2x3XSdtFS9wz7lwzrnMLe%2FkjVW9u6p7eOzBuuC5k8qyEVig3iimuRWWKd6BZa5hh%2BrzHSMzzG5GO91oid61fNzBrQXjhFYo2K0X6LSttvWqWm%2BKol7llG625aYuiwQnNV1lMd6cjD2RIk8pTmLMs4RQmuQJJXnmFxCKuUfIhIynZNjl4O%2FK8vIVTyY8Sz3F971W04FNAAXfwVivaIG8QC%2FL2h52yjqunC9hkoSYhnFxjCmLS5aVP1Cw9ikJxd3YdXXuZlkUSf0g1KwTjdFWX5xWUiiYNbqLYkIhTzMSFk1xCdOyPYdFSduwbKFo%2BIXgNMbRkB1BQa2VheHlIUUpzj6tF9ZMRabPjvtLWxRstWlgHNoCXbi0MAjf%2B3TFE7xV9q%2FjWQnVCvXw8WTOE8myT8fjPtx%2FPRxRUP2e1qCq78AcwDyJBr7d3%2F3x3V6zBGch9I%2FxTNyu3fPoGS3ngyM2xmmW%2FyTNo%2FeU%2BfQTv3hlu%2FVeS9G8DDY77v4vPJ7FY0W04WWkMui4kFXbGrDWG5BS%2F6wNcPeWSrScnv37zy9%2FAQ%3D%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=wJzsZFqX1n0issl3E1%2B6FJVkeDfjT7MXRz6HdYWlOwyaUr5bQQq%2FLlgUyh%2FbMKHFbtK7woC%2FTkLlC6Z%2F7IsBVcx7ZRdxkfJI8ZZRSjuoQYUIqk6B2EXc3ilRStWcVbjwd5ep6KnjpOEOUt0QuxxXgD245B87pZpinSulX5AJvXE%2By%2BcdKpDWrzy2BaQAusk%2FAltTRn9vRjJ49MaCF69rM9CchQyGQZ6F7AnYYUSJzd%2FDOD0Q%2BZ%2FDS3yaBbnxfey7M%2FB9jGDU%2FrvS2%2FfZjl4C8kjMj8GjBVNRz6vnHLWgBEtSmyIGBVPB6khHlzE7deiMFOLgppayUoF7%2B9nx%2FMMBww%3D%3D&sso_reload=true
hpgact: 1900

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Date: Tue, 18 Jul 2023 17:20:00 GMT
X-Content-Type-Options: nosniff
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
client-request-id: 008331bd-41d9-4618-aa0e-be82ea228ef0
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Content-Length: 265
X-XSS-Protection: 0
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Access-Control-Allow-Methods: POST, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://autologon.microsoftazuread-sso.com/
x-ms-request-id: 1c37c1f0-a904-4f16-b522-98a5040cef00
Cache-Control: no-store, no-cache
Access-Control-Allow-Credentials: true
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub2"}]}
x-ms-ests-server: 2.1.15771.4 - SCUS ProdSlices
Expires: -1

GET
H2 200 convergedlogin_pstringcustomizationhelper_a19e6314cee4851e0a13.js Show response
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 111 KB
35 KB 20ms
20ms Script
application/x-javascript 2606:2800:233:78b9:f44e:2c1f:31aa:d9ef
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_a19e6314cee4851e0a13.js
Requested by: Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_fq9Dgd1s0yjVHEKfFgpcEQ2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:78b9:f44e:2c1f:31aa:d9ef , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CB2) /
Resource Hash: 829da443b43110fada28b8eebe47ba2a4f8a012c88f9a2ca355570bdcdcb4acd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 18 Jul 2023 17:20:00 GMT
content-encoding: gzip
content-md5: Adc2Toi5EeUeXRIO4fBe3g==
age: 2815225
x-cache: HIT
content-length: 35820
x-ms-lease-status: unlocked
last-modified: Tue, 13 Jun 2023 17:22:35 GMT
server: ECAcc (frc/4CB2)
etag: 0x8DB6C32C761F807
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: adad6379-001e-0048-2601-a00508000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
aadcdn.msftauth.net/shared/1.0/content/images/ 2 KB
784 B 21ms
20ms Image
image/svg+xml 2606:2800:233:78b9:f44e:2c1f:31aa:d9ef
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:78b9:f44e:2c1f:31aa:d9ef , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CA2) /
Resource Hash: 8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 18 Jul 2023 17:20:00 GMT
content-encoding: gzip
content-md5: R2FAVxfpONfnQAuxVxXbHg==
age: 4232602
x-cache: HIT
content-length: 621
x-ms-lease-status: unlocked
last-modified: Wed, 24 May 2023 10:11:52 GMT
server: ECAcc (frc/4CA2)
etag: 0x8DB5C3F4BB4F03C
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: b2ae10f3-901e-0060-141d-935c76000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
dh5305-euq1.iphmx.com/	1969-12-31 23:59:59	Name: sid Value: HM8dSSTJQlPrOJa5Kzzu
login.microsoftonline.com/	1969-12-31 23:59:59	Name: x-ms-gateway-slice Value: estsfd
login.microsoftonline.com/	1969-12-31 23:59:59	Name: stsservicecookie Value: estsfd
.login.microsoftonline.com/	1969-12-31 23:59:59	Name: AADSSO Value: NA\|NoExtension
login.microsoftonline.com/	1970-01-20 13:21:40	Name: SSOCOOKIEPULLED Value: 1
login.microsoftonline.com/	1970-01-20 14:04:52	Name: buid Value: 0.ASgAUmR-Eo-M20mJfZ3oyvIEEIRls9o0e8xNsGcLBFMmV-TZAAA.AQABAAEAAAD--DLA3VO7QrddgJg7WevrEdre693bTKwVWvspcrmT3TESBQbTKV_GIvNAiJeiSPG_KVVjth-iufBT7rOgUsIy1MnAEKcFBMX-Z36ii63IA3uUh0bvIq1U5zCM-pXrA-4gAA
.login.microsoftonline.com/	1969-12-31 23:59:59	Name: esctx Value: PAQABAAEAAAD--DLA3VO7QrddgJg7WevrznFp6oKGcxVA3v--iGG--iZXyHREz3Et9U1rXtERlYsH3QeK_H-uHErJsaxjsIQL2pUrTyN4H98Bgu69cUhBKm48pvE9tvcFf4BHwTqNX0AXA7JIJzRzvvT8k85xEgPPvnxrDkC0UgL7voE0L935qo3EsqJ9qs3qkbRKdvEgSZVR0zaZYOslKZJBs6YXlmFvI1qlYlu71mqPIBpQLj8ZSJgE4vhc73c826h04tEV6sIgAA
login.microsoftonline.com/	1970-01-20 14:04:52	Name: fpc Value: AvlX1FM7tXJElVNDZy4tEjBXNX3BAQAAAL_ASNwOAAAA
.login.microsoftonline.com/	1970-01-20 22:43:16	Name: brcap Value: 0
.login.live.com/	1969-12-31 23:59:59	Name: uaid Value: d83cdf63296b468dbf7cca4a900f8373
.login.live.com/	1969-12-31 23:59:59	Name: MSPRequ Value: id=N&lt=1689700800&co=1
autologon.microsoftazuread-sso.com/	1970-01-20 14:04:52	Name: fpc Value: ArI2x2NDathEr73pudDmwok
autologon.microsoftazuread-sso.com/	1969-12-31 23:59:59	Name: x-ms-gateway-slice Value: estsfd
autologon.microsoftazuread-sso.com/	1969-12-31 23:59:59	Name: stsservicecookie Value: estsfd

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://dh5305-euq1.iphmx.com:4431/quarantine?email=ljones%40foxcu.org Message: The value "1user-scalable" for key "initial-scale" was truncated to its numeric prefix.
rendering	warning	URL: https://dh5305-euq1.iphmx.com:4431/quarantine?email=ljones%40foxcu.org Message: The key "no" is not recognized and ignored.
other	warning	URL: https://dh5305-euq1.iphmx.com:4431/quarantine/vendor.0e554207647b8b5f5607.js Message: A preload for 'https://dh5305-euq1.iphmx.com:4431/ng-login/apiConfig.json' is found, but is not used because the new request is synchronous.
network	error	URL: https://autologon.microsoftazuread-sso.com/127e6452-8c8f-49db-897d-9de8caf20410/winauth/ssoprobe?client-request-id=008331bd-41d9-4618-aa0e-be82ea228ef0&_=1689700800239 Message: Failed to load resource: the server responded with a status of 401 (Unauthorized)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msauth.net
aadcdn.msftauth.net
aadcdn.msftauthimages.net
autologon.microsoftazuread-sso.com
cdn.security.cisco.com
dh5305-euq1.iphmx.com
login.live.com
login.microsoftonline.com
www.googletagmanager.com
2600:9000:2250:ae00:19:a7d3:e1c0:93a1
2603:1026:3000:c8::9
2603:1026:3000:d0::
2606:2800:233:78b9:f44e:2c1f:31aa:d9ef
2620:1ec:46::64
2a00:1450:4001:82b::2008
40.126.32.140
68.232.128.201
09bcfd473f343f606206e638d6aa7c7436ab54f40fca8f3ea2247fc068147ffe
141270189af11f1bb6b51901dc83d0877c6373f243f09e9df1fa1ae817885d36
157fb47ad3475660a8d6991397f68ac37562bf48de59b4b47a8723e288b7d90d
167a1dd646b4c58fa221abd6f5c94f3d9589ead569b26b85ad8f56826b0e2e0b
262a5f604c317fe4439c397c0f7df17664acad1d64d283fd825a9a770a64f450
2843634c6eb402ee71054b8b49843610d9a1032980352faadae0eee95029b19b
2abe2f5fffd7e57296f24898d0928ba3145e867b4bdab0ba54b76221c311a924
3c97287678c6a26969d9679c70a4c5990dcdb7e187b147058fdb101a53c331ee
3f434d0e1102284b0cd00ea6fdc1c5e2c7e441bbb77f39f677405bb347e5ca3b
4306ae539d4278985df604f026557e1bab77d7efa48173af850f8f26770555c2
4d0b1a9fb67e24f673e7e0cd036f57674267c789d8e1a025fe92dc464e76eb05
51b77d0b4b52b5ff7be5a45e5e2d4c552ee448083c84063b48976d6a62f2eb33
562f56f0462b428215af29b41be83c519a297192f43d2f2c942035911bf022c7
586583f558bbe95986997a8b2fd6769e834243412d3e6d015019dcdce91b9c70
63ff6b44c5afcf573acf27a410b90525ff6acabf270af93b6e0d4911450a0df0
651c0822a54675b6a2708bad5831d9c3455eadf789863d8e814f8f75e09ab664
76131c25164feac11a876fe61702cdbc505ae9665269aeb414acc432e44ae4b6
77bed2cdf7222737f240491655a32e9714725f7d02188e1fbe690ba7dc065ebb
7e088acf001979d053655169b06221f08769346b9770d410d98d2f3a0df6e3f1
7e242e4c6e64eec9508c3be5a1e5f7bddae36b70c6c4decc7faab9ac80dac08b
829da443b43110fada28b8eebe47ba2a4f8a012c88f9a2ca355570bdcdcb4acd
83e31656be5bd43730be156d66b3b53a6e2debbf8f48b7cb26166e5e73a349e9
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
9b3565e5ade37585c4d4bcaa221b487d99f842f9fce0b98873c1adb9ebdea5e6
a2ae21c10dbd4bcf016582e2e9d046f92b62914a10fccc554e6e939f1e56a41c
a40922d8093e1dfcef32fc18783aeef456c8b85539e4c4e89a7a8a545b8e0efe
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13
a47ca96c8280b6a85f2fc0c10db92b0d1a90e3f285af2d046906ca95836eb04b
ac40d8215455a37047388a2e01e42f2cc35c308d31e1c36f906bbdd81abb52f9
ad14e944598c1f2ef55298051ccea7350b70c8cd9175f5174e321ac96d6e6ef0
b4b73e14bc1eb66e65c9f899c77e52a391c8898246b90acea415200e92c4c9af
b748f8b4820e579b1b841feee27e1734012d5084a54a872ad5657620fc6a4c16
b9971c126e784f8ebd1c49e506bdae14af53c240928cb9ae615f5a0908d9d296
c057b4fbf9be4053bdf8d3759ea19e391716cdf1ed2c65c48aeb8217c11359ce
c7a7c8e6f13b280c32ec45b602c6d6229493f07152f9b99fde464f76fa4b971f
d0663a18419ef93ea23f8c848c7cece8249d759af79d3f66048948985648f803
d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f
d13e305faa48324c4dcb6f98fe2409c1d668e42db2607953c3bcdb629dd7689e
db6e9986c49d646869b6f7fa435eccc31a0393ee741806f1f36cc5d81cfea965
e72c01ae3a181c588adc10c6b704327bd60d9da64df4093c46b6238c3e568c68
e97934651080134f310d344cbbbe756396d2054966e2ed5085a4e6fcf8a00d98
ebfdf31f29a58b8bbafd57f9e5616f3ee8e6c54d2e31753c247bcd35ef12b6d2
eff9e09e4238ef11695ef2aa8729cf849d21ab9252684560d2e1611344133eb1
f5a655f7b78ed26a2b9b2acf2239d3e4a84a84d0a5ce0aece09866e2441747d7

login.microsoftonline.com Open in urlscan Pro 2603:1026:3000:d0:: Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

53 Requests

98 %HTTPS

75 %IPv6

9 Domains

9 Subdomains

9 IPs

4 Countries

10112 kBTransfer

13891 kBSize

14 Cookies

3 Outgoing links

Page URL History

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

login.microsoftonline.com Open in urlscan Pro
2603:1026:3000:d0:: Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

98 %
HTTPS

75 %
IPv6

9
Domains

9
Subdomains

9
IPs

4
Countries

10112 kB
Transfer

13891 kB
Size

14
Cookies

53 HTTP transactions
1 data transactions