login.microsoftonline.com Open in urlscan Pro
20.190.160.15 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://u3905472.ct.sendgrid.net/ls/click?upn=joTa8bJob2uzDvvowAapkiXUCSZ6yAI2OhsTF4DnzsQ-3DFxi4_mrNBAcrtURdDOI8wNleqXvGEiG-2FmzY...
Effective URL:
https://login.microsoftonline.com/5b973f99-77df-4beb-b27d-aa0c70b8482c/saml2?sso_reload=true
Submission: On September 07 via manual (September 7th 2022, 12:16:37 pm UTC) from US — Scanned from DE

Summary HTTP 50 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 2 countries across 12 domains to perform 50 HTTP transactions. The main IP is 20.190.160.15, located in and belongs to . The main domain is login.microsoftonline.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on August 24th 2022. Valid for: a year.

This is the only time login.microsoftonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.118.35 167.89.118.35	11377 (SENDGRID) (SENDGRID)
18	94.236.55.123 94.236.55.123	15395 (RACKSPACE...) (RACKSPACE-LON)
4	94.236.55.122 94.236.55.122	() ()
7	2a0b:4d07:401::1 2a0b:4d07:401::1	() ()
5	151.101.64.176 151.101.64.176	() ()
1	2a00:1450:400... 2a00:1450:4001:812::200a	() ()
1	2a00:1450:400... 2a00:1450:4001:82a::2008	() ()
3	20.190.160.15 20.190.160.15	() ()
1	40.126.32.134 40.126.32.134	() ()
1	2620:1ec:bdf::44 2620:1ec:bdf::44	() ()
50	10

1 167.89.118.35 (Las Vegas, United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789118x35.outbound-mail.sendgrid.net

u3905472.ct.sendgrid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 94.236.55.123 (United Kingdom)

ASN15395 (RACKSPACE-LON, GB)

eymerci.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 94.236.55.122 (None, )

ASN- ()

eychsso.xexec.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a0b:4d07:401::1 (None, )

ASN- ()

v3cdn-9f91.kxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.64.176 (None, )

ASN- ()

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (None, )

ASN- ()

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (None, )

ASN- ()

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.190.160.15 (None, )

ASN- ()

login.microsoftonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.126.32.134 (None, )

ASN- ()

login.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:bdf::44 (None, )

ASN- ()

aadcdn.msauth.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	eymerci.com eymerci.com	695 KB
7	kxcdn.com v3cdn-9f91.kxcdn.com	238 KB
4	xexec.com eychsso.xexec.com	253 KB
3	microsoftonline.com login.microsoftonline.com Failed	107 KB
3	stripe.com js.stripe.com q.stripe.com Failed	81 KB
2	stripe.network m.stripe.network	17 KB
1	msauth.net aadcdn.msauth.net	109 KB
1	live.com login.live.com
1	google-analytics.com ssl.google-analytics.com
1	googleapis.com fonts.googleapis.com	2 KB
1	sendgrid.net 1 redirects u3905472.ct.sendgrid.net	223 B
0	msauthimages.net Failed aadcdn.msauthimages.net Failed
50	12

	Domain	Requested by
18	eymerci.com	eymerci.com
7	v3cdn-9f91.kxcdn.com	eychsso.xexec.com v3cdn-9f91.kxcdn.com
4	eychsso.xexec.com	eymerci.com eychsso.xexec.com
3	login.microsoftonline.com	login.microsoftonline.com
3	js.stripe.com	eychsso.xexec.com js.stripe.com
2	m.stripe.network	js.stripe.com m.stripe.network
1	aadcdn.msauth.net	login.microsoftonline.com aadcdn.msauth.net
1	login.live.com	login.microsoftonline.com
1	ssl.google-analytics.com	eychsso.xexec.com
1	fonts.googleapis.com	v3cdn-9f91.kxcdn.com
1	u3905472.ct.sendgrid.net	1 redirects
0	aadcdn.msauthimages.net Failed
0	q.stripe.com Failed	eymerci.com
50	13

This site contains no links.

Subject Issuer	Validity	Valid
eymerci.com R3	`2022-08-22` - `2022-11-20`	3 months	crt.sh
*.xexec.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-08-30` - `2023-09-09`	a year	crt.sh
*.kxcdn.com Thawte RSA CA 2018	`2022-07-28` - `2023-07-24`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2022-08-31` - `2023-01-10`	4 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA	`2022-08-24` - `2023-08-24`	a year	crt.sh
graph.windows.net DigiCert SHA2 Secure Server CA	`2022-06-01` - `2023-06-01`	a year	crt.sh
aadcdn.msauth.net DigiCert SHA2 Secure Server CA	`2022-08-23` - `2023-08-23`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://login.microsoftonline.com/5b973f99-77df-4beb-b27d-aa0c70b8482c/saml2?sso_reload=true
Frame ID: 7B422E535C95C6BFEDC665AC6F5388EB
Requests: 44 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-32e959c98c4c0c17724528b7bd74ae2c.html
Frame ID: DBAB0091E4FE463AA4974BB228558620
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 192100C047B3B7DE90D7F5150083AD45
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

EY Merci

Page URL History Show full URLs

https://u3905472.ct.sendgrid.net/ls/click?upn=joTa8bJob2uzDvvowAapkiXUCSZ6yAI2OhsTF4DnzsQ-3DFxi4_mrNBAcrtURdD... HTTP 302
https://eymerci.com/ Page URL
https://eychsso.xexec.com/sso/saml Page URL
https://login.microsoftonline.com/5b973f99-77df-4beb-b27d-aa0c70b8482c/saml2 Page URL
https://login.microsoftonline.com/5b973f99-77df-4beb-b27d-aa0c70b8482c/saml2?sso_reload=true Page URL

Detected technologies

ZURB Foundation (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+foundation[^>"]+css

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

50
Requests

82 %
HTTPS

40 %
IPv6

12
Domains

13
Subdomains

10
IPs

2
Countries

1502 kB
Transfer

3563 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://u3905472.ct.sendgrid.net/ls/click?upn=joTa8bJob2uzDvvowAapkiXUCSZ6yAI2OhsTF4DnzsQ-3DFxi4_mrNBAcrtURdDOI8wNleqXvGEiG-2FmzYTy84MagZ0j1Ydpf8MzXhZNkQXAI4vBN0C0u6LFjRbjqXu6aWNIW3TV0vr9ha4HKdGN-2BnpDgic7NN21xA2oMuAz25GFvzMvJDdt93Ff4sEpEbMstP9-2F13A9U7C1x-2Fu2LlFn2fATTtNJbVq6f9oODulWarGRv26lF6OYx6vMqHB7umQduepISfAfmA-3D-3D HTTP 302
https://eymerci.com/ Page URL
https://eychsso.xexec.com/sso/saml Page URL
https://login.microsoftonline.com/5b973f99-77df-4beb-b27d-aa0c70b8482c/saml2 Page URL
https://login.microsoftonline.com/5b973f99-77df-4beb-b27d-aa0c70b8482c/saml2?sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://u3905472.ct.sendgrid.net/ls/click?upn=joTa8bJob2uzDvvowAapkiXUCSZ6yAI2OhsTF4DnzsQ-3DFxi4_mrNBAcrtURdDOI8wNleqXvGEiG-2FmzYTy84MagZ0j1Ydpf8MzXhZNkQXAI4vBN0C0u6LFjRbjqXu6aWNIW3TV0vr9ha4HKdGN-2BnpDgic7NN21xA2oMuAz25GFvzMvJDdt93Ff4sEpEbMstP9-2F13A9U7C1x-2Fu2LlFn2fATTtNJbVq6f9oODulWarGRv26lF6OYx6vMqHB7umQduepISfAfmA-3D-3D HTTP 302
https://eymerci.com/

50 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
eymerci.com/
Redirect Chain

https://u3905472.ct.sendgrid.net/ls/click?upn=joTa8bJob2uzDvvowAapkiXUCSZ6yAI2OhsTF4DnzsQ-3DFxi4_mrNBAcrtURdDOI8wNleqXvGEiG-2FmzYTy84MagZ0j1Ydpf8MzXhZNkQXAI4vBN0C0u6LFjRbjqXu6aWNIW3TV0vr9ha4HKdGN-2...
https://eymerci.com/

2 KB
2 KB

312ms
38ms

Document
text/html

94.236.55.123
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL

https://eymerci.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

94.236.55.123 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),

Reverse DNS

Software

nginx / PHP/7.2.34 PleskLin

Resource Hash

0de8f12ffb12a3c3903692bec803bcad938030feffe1a5466e4a6fa764ca5b3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1014
Content-Type: text/html; charset=UTF-8
Date: Wed, 07 Sep 2022 12:16:31 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Permissions-Policy: none
Pragma: no-cache
Referrer-Policy: origin
Server: nginx
Strict-Transport-Security: max-age=31536000
Vary: Accept-Encoding,User-Agent
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Powered-By: PHP/7.2.34 PleskLin
X-XSS-Protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 43
Content-Type: text/html; charset=utf-8
Date: Wed, 07 Sep 2022 12:16:31 GMT
Location: https://eymerci.com/
Server: nginx
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK foundation.css
eymerci.com/css/ 204 KB
23 KB 42ms
41ms Stylesheet
text/css 94.236.55.123
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://eymerci.com/css/foundation.css
Requested by: Host: eymerci.com
URL: https://eymerci.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.236.55.123 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: b2db7c3ae7cd22694b281044ff10805c3c40eb3262ffa4d26a4a90d38197585f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eymerci.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 07 Sep 2022 12:16:31 GMT
Content-Encoding: br
ETag: W/"621f63ca-32e2f"
Last-Modified: Wed, 02 Mar 2022 12:32:10 GMT
Server: nginx
X-Powered-By: PleskLin
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK styles.css
eymerci.com/css/ 16 KB
4 KB 27ms
26ms Stylesheet
text/css 94.236.55.123
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://eymerci.com/css/styles.css?v=1
Requested by: Host: eymerci.com
URL: https://eymerci.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.236.55.123 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 12454a6c65b3db3996db960869bdba995246654c7c030a1a601d6d3af314cdc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eymerci.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 07 Sep 2022 12:16:31 GMT
Content-Encoding: br
ETag: W/"621f63ca-3f40"
Last-Modified: Wed, 02 Mar 2022 12:32:10 GMT
Server: nginx
X-Powered-By: PleskLin
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK sitespecific.css
eymerci.com/css/ 55 KB
12 KB 50ms
21ms Stylesheet
text/css 94.236.55.123
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://eymerci.com/css/sitespecific.css?v=1
Requested by: Host: eymerci.com
URL: https://eymerci.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.236.55.123 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 4fbbe28e3cc77c174d4b4b7575b04e503ba0c7f9e66c311beab8b24689ec1eb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eymerci.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 07 Sep 2022 12:16:31 GMT
Content-Encoding: br
ETag: W/"621f63ca-dbcf"
Last-Modified: Wed, 02 Mar 2022 12:32:10 GMT
Server: nginx
X-Powered-By: PleskLin
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK login.css
eymerci.com/css/ 3 KB
1 KB 54ms
19ms Stylesheet
text/css 94.236.55.123
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://eymerci.com/css/login.css
Requested by: Host: eymerci.com
URL: https://eymerci.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.236.55.123 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 5c4971c06edd330bf17a45303ba2efd078281a3f30fe22546b84a8d2d7e564d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eymerci.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 07 Sep 2022 12:16:31 GMT
Content-Encoding: br
ETag: W/"621f63ca-cfb"
Last-Modified: Wed, 02 Mar 2022 12:32:10 GMT
Server: nginx
X-Powered-By: PleskLin
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK mobile.css
eymerci.com/css/ 22 KB
5 KB 56ms
20ms Stylesheet
text/css 94.236.55.123
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://eymerci.com/css/mobile.css?v=1
Requested by: Host: eymerci.com
URL: https://eymerci.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.236.55.123 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 643bcf82eff29f6041a62e2fa51f725fc147d9c2d46aeba01196d214a5e0abef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eymerci.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 07 Sep 2022 12:16:31 GMT
Content-Encoding: br
ETag: W/"621f63ca-5930"
Last-Modified: Wed, 02 Mar 2022 12:32:10 GMT
Server: nginx
X-Powered-By: PleskLin
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK logo_login.png
eymerci.com/images/ 6 KB
6 KB 27ms
27ms Image
image/png 94.236.55.123
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eymerci.com/images/logo_login.png
Requested by: Host: eymerci.com
URL: https://eymerci.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.236.55.123 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 3397a17040efda4cdc1b2db007c14ada30f1cf0ff1addc6a4a2a5d0a6365d769

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eymerci.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 07 Sep 2022 12:16:31 GMT
Last-Modified: Wed, 02 Mar 2022 12:32:11 GMT
Server: nginx
X-Powered-By: PleskLin
ETag: "621f63cb-18d8"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6360

GET
H/1.1 200
OK jquery-3.5.1.min.js Show response
eymerci.com/js/ 87 KB
30 KB 81ms
44ms Script
application/javascript 94.236.55.123
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://eymerci.com/js/jquery-3.5.1.min.js
Requested by: Host: eymerci.com
URL: https://eymerci.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.236.55.123 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eymerci.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 07 Sep 2022 12:16:31 GMT
Content-Encoding: br
ETag: W/"621f63cb-15d84"
Last-Modified: Wed, 02 Mar 2022 12:32:11 GMT
Server: nginx
X-Powered-By: PleskLin
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK jquery.validate.min.js Show response
eymerci.com/js/ 21 KB
7 KB 51ms
24ms Script
application/javascript 94.236.55.123
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://eymerci.com/js/jquery.validate.min.js
Requested by: Host: eymerci.com
URL: https://eymerci.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.236.55.123 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 2e3e3b2660cbfaac5febf7a50b31d0494159989626a84102b2c3792cffe27d13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eymerci.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 07 Sep 2022 12:16:31 GMT
Content-Encoding: br
ETag: W/"621f63cb-5262"
Last-Modified: Wed, 02 Mar 2022 12:32:11 GMT
Server: nginx
X-Powered-By: PleskLin
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK foundation.min.js Show response
eymerci.com/js/ 107 KB
26 KB 45ms
44ms Script
application/javascript 94.236.55.123
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://eymerci.com/js/foundation.min.js
Requested by: Host: eymerci.com
URL: https://eymerci.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.236.55.123 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 297ca9748cbbe4f3c7b1b11a564ae106f95083c5d3432f0dbda973ac8c4cadca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eymerci.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 07 Sep 2022 12:16:31 GMT
Content-Encoding: br
ETag: W/"621f63cb-1aaae"
Last-Modified: Wed, 02 Mar 2022 12:32:11 GMT
Server: nginx
X-Powered-By: PleskLin
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK icomoon.css
eymerci.com/css/ 3 KB
973 B 29ms
21ms Stylesheet
text/css 94.236.55.123
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://eymerci.com/css/icomoon.css
Requested by: Host: eymerci.com
URL: https://eymerci.com/css/styles.css?v=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.236.55.123 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: dbba6c97c32458d414e1fefd1ec15ea0267a3d5aa3e5f7512357963a57665e1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eymerci.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 07 Sep 2022 12:16:31 GMT
Content-Encoding: br
ETag: W/"621f63ca-acf"
Last-Modified: Wed, 02 Mar 2022 12:32:10 GMT
Server: nginx
X-Powered-By: PleskLin
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK fonts.css
eymerci.com/css/ 5 KB
746 B 33ms
19ms Stylesheet
text/css 94.236.55.123
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://eymerci.com/css/fonts.css
Requested by: Host: eymerci.com
URL: https://eymerci.com/css/styles.css?v=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.236.55.123 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 79449e0b5227c3e7b1be58122cbc0599f1f27625de3c7284662011c47991027f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eymerci.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 07 Sep 2022 12:16:31 GMT
Content-Encoding: br
ETag: W/"621f63ca-1225"
Last-Modified: Wed, 02 Mar 2022 12:32:10 GMT
Server: nginx
X-Powered-By: PleskLin
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK spinners.css
eymerci.com/css/ 2 KB
875 B 40ms
18ms Stylesheet
text/css 94.236.55.123
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://eymerci.com/css/spinners.css
Requested by: Host: eymerci.com
URL: https://eymerci.com/css/styles.css?v=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.236.55.123 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 4253b64487b79ac9851d6fd9acb7c7a7cde450bb15c315fe65eb7d69adc64a3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eymerci.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 07 Sep 2022 12:16:31 GMT
Content-Encoding: br
ETag: W/"621f63ca-65c"
Last-Modified: Wed, 02 Mar 2022 12:32:10 GMT
Server: nginx
X-Powered-By: PleskLin
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK image_landingpage.jpg
eymerci.com/images/ 457 KB
457 KB 19ms
19ms Image
image/jpeg 94.236.55.123
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eymerci.com/images/image_landingpage.jpg
Requested by: Host: eymerci.com
URL: https://eymerci.com/css/login.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.236.55.123 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: b0584b5e7c9ab5c46b7c97af9793b5556d7ad850630b0c2305131236f7100c92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eymerci.com/css/login.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 07 Sep 2022 12:16:31 GMT
Last-Modified: Wed, 02 Mar 2022 12:32:11 GMT
Server: nginx
X-Powered-By: PleskLin
ETag: "621f63cb-724eb"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 468203

GET
H/1.1 200
OK image_login_eypanel.png
eymerci.com/images/ 2 KB
2 KB 18ms
18ms Image
image/png 94.236.55.123
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eymerci.com/images/image_login_eypanel.png
Requested by: Host: eymerci.com
URL: https://eymerci.com/css/login.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.236.55.123 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 053e72c23f03812ba818ed4a4dca7d2fe321f0d02e981b81a57ecd3bf3c70bb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eymerci.com/css/login.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 07 Sep 2022 12:16:31 GMT
Last-Modified: Wed, 02 Mar 2022 12:32:11 GMT
Server: nginx
X-Powered-By: PleskLin
ETag: "621f63cb-6e0"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1760

GET
H/1.1 200
OK EYInterstate-Light.woff2
eymerci.com/css/fonts/ 57 KB
57 KB 43ms
36ms Font
font/woff2 94.236.55.123
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://eymerci.com/css/fonts/EYInterstate-Light.woff2
Requested by: Host: eymerci.com
URL: https://eymerci.com/css/fonts.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.236.55.123 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: df7b66f412e1921ca0b01b12f6bf1c9dfda4958c78a1b35d27ba6769eee4fe7e

Request headers

Referer: https://eymerci.com/css/fonts.css
Origin: https://eymerci.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 07 Sep 2022 12:16:31 GMT
Last-Modified: Wed, 02 Mar 2022 12:32:10 GMT
Server: nginx
X-Powered-By: PleskLin
ETag: "621f63ca-e4b4"
Content-Type: font/woff2
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 58548

GET
H/1.1 200
OK EYInterstate-Regular.woff2
eymerci.com/css/fonts/ 60 KB
60 KB 19ms
19ms Font
font/woff2 94.236.55.123
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://eymerci.com/css/fonts/EYInterstate-Regular.woff2
Requested by: Host: eymerci.com
URL: https://eymerci.com/css/fonts.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.236.55.123 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 1e13244df3af35594206072d7b43cfeb2fde754f1aa0a664449ff74fac9674fe

Request headers

Referer: https://eymerci.com/css/fonts.css
Origin: https://eymerci.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 07 Sep 2022 12:16:31 GMT
Last-Modified: Wed, 02 Mar 2022 12:32:10 GMT
Server: nginx
X-Powered-By: PleskLin
ETag: "621f63ca-f050"
Content-Type: font/woff2
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 61520

POST
H/1.1 200
OK login.php Show response
eymerci.com/inc/ 2 B
446 B 31ms
31ms XHR
text/html 94.236.55.123
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://eymerci.com/inc/login.php
Requested by: Host: eymerci.com
URL: https://eymerci.com/js/jquery-3.5.1.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.236.55.123 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software: nginx / PHP/7.2.34, PleskLin
Resource Hash: 23794d91c53ae875c8e247d72561e35d9d06ee07c70c9e0dbcc977a6d161504a

Request headers

Accept: */*
Referer: https://eymerci.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 07 Sep 2022 12:16:31 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: PHP/7.2.34, PleskLin
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 22
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK saml Show response
eychsso.xexec.com/sso/ 33 KB
15 KB 236ms
73ms Document
text/html 94.236.55.122

General

Check archive.org

Show headers Download Go to

Full URL

https://eychsso.xexec.com/sso/saml

Requested by

Host: eymerci.com
URL: https://eymerci.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

94.236.55.122 -, , ASN (),

Reverse DNS

Software

Resource Hash

a4ecfee062e52efaa461ada904724bf072d2e2e2aafca510224c40cf730698a3

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval';img-src * 'self' data: https:
Public-Key-Pins	pin-sha256="b2vDaHWNkXOdWejbseU2T5fXn0yLOlVeif3Z4JcarXI="; pin-sha256="iWJTvHlLsSs2wB7UaSc660rsZikFjXf/mxtYjzFdRX8="; pin-sha256="M1HBAoIDc1qkiLEUp+5ars5ijti0dvBY+rBnNPLxy/g=; max-age=2592000; includeSubdomains
Strict-Transport-Security	max-age=86400;
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eymerci.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, must-revalidate, proxy-revalidate
Content-Encoding: gzip
Content-Length: 14647
Content-Security-Policy: default-src * 'unsafe-inline' 'unsafe-eval';img-src * 'self' data: https:
Content-Type: text/html; charset=utf-8
Date: Wed, 07 Sep 2022 12:16:36 GMT
Expires: -1
Pragma: no-cache
Public-Key-Pins: pin-sha256="b2vDaHWNkXOdWejbseU2T5fXn0yLOlVeif3Z4JcarXI="; pin-sha256="iWJTvHlLsSs2wB7UaSc660rsZikFjXf/mxtYjzFdRX8="; pin-sha256="M1HBAoIDc1qkiLEUp+5ars5ijti0dvBY+rBnNPLxy/g=; max-age=2592000; includeSubdomains
Referrer-Policy: origin
Strict-Transport-Security: max-age=86400;
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
X-Robots-Tag: noindex
X-XSS-Protection: 1; mode=block

GET
H2 200 bundle
v3cdn-9f91.kxcdn.com/assets/css/ 315 KB
60 KB 119ms
17ms Stylesheet
text/css 2a0b:4d07:401::1

General

Check archive.org

Show headers Download Go to

Full URL

https://v3cdn-9f91.kxcdn.com/assets/css/bundle?v=hBFFgrImwvYOHQZU7zMWikE3TWSENtm9qx5tI0fveAg1

Requested by

Host: eychsso.xexec.com
URL: https://eychsso.xexec.com/sso/saml

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:401::1 -, , ASN (),

Reverse DNS

Software

keycdn-engine /

Resource Hash

83f05539e52d214f5a4526ca7f5b0d342beba8c9b94758b8894b0722ae8af05d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eychsso.xexec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 12:16:36 GMT
content-encoding: gzip
last-modified: Tue, 06 Sep 2022 13:15:51 GMT
server: keycdn-engine
x-edge-location: atvi
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
link: <https://team.xexec.com/assets/css/bundle?v=hBFFgrImwvYOHQZU7zMWikE3TWSENtm9qx5tI0fveAg1>; rel="canonical"
content-length: 61084
expires: Wed, 14 Sep 2022 12:16:36 GMT

GET
H2 200 main
v3cdn-9f91.kxcdn.com/bundles/css/ 139 KB
30 KB 154ms
52ms Stylesheet
text/css 2a0b:4d07:401::1

General

Check archive.org

Show headers Download Go to

Full URL

https://v3cdn-9f91.kxcdn.com/bundles/css/main?v=yVBZkwGzgueVmqc-XcKoUCabGznSBrDcE5KLBXiLAkw1

Requested by

Host: eychsso.xexec.com
URL: https://eychsso.xexec.com/sso/saml

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:401::1 -, , ASN (),

Reverse DNS

Software

keycdn-engine /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eychsso.xexec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 12:16:36 GMT
content-encoding: gzip
last-modified: Tue, 06 Sep 2022 13:15:51 GMT
server: keycdn-engine
x-edge-location: atvi
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
link: <https://team.xexec.com/bundles/css/main?v=yVBZkwGzgueVmqc-XcKoUCabGznSBrDcE5KLBXiLAkw1>; rel="canonical"
content-length: 30786
expires: Wed, 14 Sep 2022 12:16:36 GMT

GET
H2 200 theme
v3cdn-9f91.kxcdn.com/layout/ 6 KB
2 KB 169ms
67ms Stylesheet
text/css 2a0b:4d07:401::1

General

Check archive.org

Show headers Download Go to

Full URL

https://v3cdn-9f91.kxcdn.com/layout/theme?c=422&v=

Requested by

Host: eychsso.xexec.com
URL: https://eychsso.xexec.com/sso/saml

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:401::1 -, , ASN (),

Reverse DNS

Software

keycdn-engine /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-inline' v3cdn-9f91.kxcdn.com .googleapis.com .gstatic.com .customer.io js.stripe.com ssl.google-analytics.com js-agent.newrelic.com .nr-data.net .youtube.com;img-src 'self' data: https:
Public-Key-Pins	pin-sha256="b2vDaHWNkXOdWejbseU2T5fXn0yLOlVeif3Z4JcarXI="; pin-sha256="iWJTvHlLsSs2wB7UaSc660rsZikFjXf/mxtYjzFdRX8="; pin-sha256="M1HBAoIDc1qkiLEUp+5ars5ijti0dvBY+rBnNPLxy/g=; max-age=2592000; includeSubdomains
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eychsso.xexec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 12:16:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-edge-location: atvi
x-cache: STALE
vary: Accept-Encoding
content-length: 1700
x-xss-protection: 1; mode=block
public-key-pins: pin-sha256="b2vDaHWNkXOdWejbseU2T5fXn0yLOlVeif3Z4JcarXI="; pin-sha256="iWJTvHlLsSs2wB7UaSc660rsZikFjXf/mxtYjzFdRX8="; pin-sha256="M1HBAoIDc1qkiLEUp+5ars5ijti0dvBY+rBnNPLxy/g=; max-age=2592000; includeSubdomains
pragma: no-cache
referrer-policy: origin
server: keycdn-engine
x-frame-options: sameorigin
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-inline' v3cdn-9f91.kxcdn.com *.googleapis.com *.gstatic.com *.customer.io js.stripe.com ssl.google-analytics.com js-agent.newrelic.com *.nr-data.net *.youtube.com;img-src * 'self' data: https:
accept-ranges: bytes
x-robots-tag: noindex
link: <https://team.xexec.com/layout/theme?c=422&v=>; rel="canonical"
expires: Wed, 14 Sep 2022 12:16:36 GMT

GET
H/1.1 200
OK jquery Show response
eychsso.xexec.com/bundles/ 95 KB
43 KB 28ms
26ms Script
text/javascript 94.236.55.122

General

Check archive.org

Show headers Download Go to

Full URL

https://eychsso.xexec.com/bundles/jquery?v=v76fAns59-4kGkYyDyEXyw9RgnmvJyXSd0eFBt05RzE1

Requested by

Host: eychsso.xexec.com
URL: https://eychsso.xexec.com/sso/saml

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

94.236.55.122 -, , ASN (),

Reverse DNS

Software

Resource Hash

e3e41f46ea755a6842650e2c97ad2bf67b1005289bf8371a034e683a5c82b4e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eychsso.xexec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 07 Sep 2022 12:16:36 GMT
Content-Encoding: gzip
Last-Modified: Wed, 07 Sep 2022 12:16:36 GMT
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 43762
Expires: Thu, 07 Sep 2023 12:16:36 GMT

GET
H/1.1 200
OK frontend Show response
eychsso.xexec.com/bundles/ 415 KB
164 KB 62ms
27ms Script
text/javascript 94.236.55.122

General

Check archive.org

Show headers Download Go to

Full URL

https://eychsso.xexec.com/bundles/frontend?v=aXhjLA-dNzLwuZSx1iM_l3vjfNDFunDabbhB7o2sMXc1

Requested by

Host: eychsso.xexec.com
URL: https://eychsso.xexec.com/sso/saml

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

94.236.55.122 -, , ASN (),

Reverse DNS

Software

Resource Hash

88aa446a080db238f86df298e0dd0205f4469f8d0fb6341d4bb8f4d0d5d95c74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eychsso.xexec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 07 Sep 2022 12:16:36 GMT
Content-Encoding: gzip
Last-Modified: Wed, 07 Sep 2022 12:16:36 GMT
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains
Expires: Thu, 07 Sep 2023 12:16:36 GMT

GET
H/1.1 200
OK xexec Show response
eychsso.xexec.com/bundles/ 89 KB
31 KB 65ms
26ms Script
text/javascript 94.236.55.122

General

Check archive.org

Show headers Download Go to

Full URL

https://eychsso.xexec.com/bundles/xexec?v=3hjpPi63UHZYc2wr6DLJLgmMhPk2lO5To-CAIXHSbQU1

Requested by

Host: eychsso.xexec.com
URL: https://eychsso.xexec.com/sso/saml

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

94.236.55.122 -, , ASN (),

Reverse DNS

Software

Resource Hash

110fedba4ce6fc166f7d2cbef1f5c63b9c8e2ad1b7aa46ab02635578c347ebdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eychsso.xexec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 07 Sep 2022 12:16:36 GMT
Content-Encoding: gzip
Last-Modified: Wed, 07 Sep 2022 12:16:37 GMT
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 30893
Expires: Thu, 07 Sep 2023 12:16:37 GMT

GET
H2 200 / Show response
js.stripe.com/v3/ 328 KB
80 KB 99ms
10ms Script
text/javascript 151.101.64.176

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: eychsso.xexec.com
URL: https://eychsso.xexec.com/sso/saml

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 -, , ASN (),

Reverse DNS

Software

Fastly /

Resource Hash

f6e7178a181c0843cb1b48b0bc94d10b2159fe5fcd5c67280e133ea0aaf4e1cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eychsso.xexec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 60
x-cache: HIT
content-length: 81175
etag: "ecc51acb63952cabcf47d27636ef5eed"
x-request-id: d9e4e27d-6191-4464-801e-2e555f20e7c6
x-served-by: cache-hhn4082-HHN
access-control-allow-origin: *
last-modified: Tue, 06 Sep 2022 18:43:28 GMT
server: Fastly
date: Wed, 07 Sep 2022 12:16:36 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1

GET
H2 200 xexec.jpg
v3cdn-9f91.kxcdn.com/assets/images/ 59 KB
59 KB 19ms
18ms Image
image/jpeg 2a0b:4d07:401::1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v3cdn-9f91.kxcdn.com/assets/images/xexec.jpg

Requested by

Host: eychsso.xexec.com
URL: https://eychsso.xexec.com/sso/saml

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:401::1 -, , ASN (),

Reverse DNS

Software

keycdn-engine /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eychsso.xexec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 12:16:37 GMT
last-modified: Tue, 28 Mar 2017 18:52:52 GMT
server: keycdn-engine
x-edge-location: atvi
etag: "1D2A7F480AF5A00"
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <https://team.xexec.com/assets/images/xexec.jpg>; rel="canonical"
content-length: 60481
expires: Wed, 14 Sep 2022 12:16:37 GMT

GET
H2 200 xexec.png
v3cdn-9f91.kxcdn.com/assets/images/ 5 KB
5 KB 18ms
17ms Image
image/png 2a0b:4d07:401::1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v3cdn-9f91.kxcdn.com/assets/images/xexec.png

Requested by

Host: eychsso.xexec.com
URL: https://eychsso.xexec.com/sso/saml

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:401::1 -, , ASN (),

Reverse DNS

Software

keycdn-engine /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eychsso.xexec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 12:16:37 GMT
last-modified: Tue, 28 Mar 2017 18:52:52 GMT
server: keycdn-engine
x-edge-location: atvi
etag: "05aaf80f4a7d21:0"
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <https://team.xexec.com/assets/images/xexec.png>; rel="canonical"
content-length: 4943
expires: Wed, 14 Sep 2022 12:16:37 GMT

GET
H2 200 css2
fonts.googleapis.com/ 28 KB
2 KB 129ms
45ms Stylesheet
text/css 2a00:1450:4001:812::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;1,300;1,400;1,600;1,700;1,800&display=swap

Requested by

Host: v3cdn-9f91.kxcdn.com
URL: https://v3cdn-9f91.kxcdn.com/bundles/css/main?v=yVBZkwGzgueVmqc-XcKoUCabGznSBrDcE5KLBXiLAkw1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://v3cdn-9f91.kxcdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 07 Sep 2022 10:48:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 07 Sep 2022 12:16:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Sep 2022 12:16:37 GMT

GET
H2 200 ga.js
ssl.google-analytics.com/ 45 KB
0 117ms
36ms Script
text/javascript 2a00:1450:4001:82a::2008

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: eychsso.xexec.com
URL: https://eychsso.xexec.com/sso/saml

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 -, , ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eychsso.xexec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 5144
date: Wed, 07 Sep 2022 10:50:53 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Wed, 07 Sep 2022 12:50:53 GMT

GET
DATA 200
OK truncated
/ 83 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 302C42_7_0.woff2
v3cdn-9f91.kxcdn.com/assets/fonts/ 40 KB
40 KB 55ms
18ms Font
font/woff2 2a0b:4d07:401::1

General

Check archive.org

Show headers Download Go to

Full URL

https://v3cdn-9f91.kxcdn.com/assets/fonts/302C42_7_0.woff2

Requested by

Host: v3cdn-9f91.kxcdn.com
URL: https://v3cdn-9f91.kxcdn.com/assets/css/bundle?v=hBFFgrImwvYOHQZU7zMWikE3TWSENtm9qx5tI0fveAg1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:401::1 -, , ASN (),

Reverse DNS

Software

keycdn-engine /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://v3cdn-9f91.kxcdn.com/assets/css/bundle?v=hBFFgrImwvYOHQZU7zMWikE3TWSENtm9qx5tI0fveAg1
Origin: https://eychsso.xexec.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 12:16:37 GMT
last-modified: Tue, 28 Mar 2017 18:52:50 GMT
server: keycdn-engine
x-edge-location: atvi
etag: "02d7e7ff4a7d21:0"
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <https://team.xexec.com/assets/fonts/302C42_7_0.woff2>; rel="canonical"
content-length: 40613
expires: Wed, 14 Sep 2022 12:16:37 GMT

GET
H2 200 302C42_6_0.woff2
v3cdn-9f91.kxcdn.com/assets/fonts/ 40 KB
40 KB 89ms
52ms Font
font/woff2 2a0b:4d07:401::1

General

Check archive.org

Show headers Download Go to

Full URL

https://v3cdn-9f91.kxcdn.com/assets/fonts/302C42_6_0.woff2

Requested by

Host: v3cdn-9f91.kxcdn.com
URL: https://v3cdn-9f91.kxcdn.com/assets/css/bundle?v=hBFFgrImwvYOHQZU7zMWikE3TWSENtm9qx5tI0fveAg1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:401::1 -, , ASN (),

Reverse DNS

Software

keycdn-engine /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://v3cdn-9f91.kxcdn.com/assets/css/bundle?v=hBFFgrImwvYOHQZU7zMWikE3TWSENtm9qx5tI0fveAg1
Origin: https://eychsso.xexec.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 12:16:37 GMT
last-modified: Tue, 28 Mar 2017 18:52:50 GMT
server: keycdn-engine
x-edge-location: atvi
etag: "02d7e7ff4a7d21:0"
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <https://team.xexec.com/assets/fonts/302C42_6_0.woff2>; rel="canonical"
content-length: 40907
expires: Wed, 14 Sep 2022 12:16:37 GMT

GET
H2 200 m-outer-32e959c98c4c0c17724528b7bd74ae2c.html
js.stripe.com/v3/ Frame DBAB 186 B
841 B 14ms
13ms Document
text/html 151.101.64.176

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-32e959c98c4c0c17724528b7bd74ae2c.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 -, , ASN (),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://eychsso.xexec.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 63660
cache-control: max-age=31536000
content-encoding: br
content-length: 114
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 07 Sep 2022 12:16:37 GMT
etag: "32e959c98c4c0c17724528b7bd74ae2c"
last-modified: Tue, 06 Sep 2022 18:34:38 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 33361
x-content-type-options: nosniff
x-request-id: db274af5-4131-4817-8cd0-e371fde83fe1
x-served-by: cache-hhn4082-HHN

POST saml2
login.microsoftonline.com/5b973f99-77df-4beb-b27d-aa0c70b8482c/ 0
0

POST csp-report
q.stripe.com/ Frame DBAB 0
0

GET
H2 200 m-outer-2b475bd91e0df7e195cf27f4f40365b0.js
js.stripe.com/v3/fingerprinted/js/ Frame DBAB 526 B
362 B 8ms
8ms Script
text/javascript 151.101.64.176

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-2b475bd91e0df7e195cf27f4f40365b0.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-32e959c98c4c0c17724528b7bd74ae2c.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 -, , ASN (),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-32e959c98c4c0c17724528b7bd74ae2c.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 26
x-cache: HIT
content-length: 256
etag: "d96c709017743c0759cf3853d1806ba5"
x-request-id: 57ab1e62-5317-4e97-a2e5-5afbbe00f69b
x-served-by: cache-hhn4082-HHN
access-control-allow-origin: *
last-modified: Tue, 06 Sep 2022 18:34:38 GMT
server: Fastly
date: Wed, 07 Sep 2022 12:16:37 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 49

GET
H2 200 inner.html
m.stripe.network/ Frame 1921 930 B
1 KB 35ms
7ms Document
text/html 151.101.64.176

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-2b475bd91e0df7e195cf27f4f40365b0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 -, , ASN (),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 94
cache-control: max-age=300, public
content-encoding: gzip
content-length: 527
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 07 Sep 2022 12:16:37 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 127
x-content-type-options: nosniff
x-request-id: 5ec36114-91ed-4e40-b519-78e4d0dd52e0
x-served-by: cache-hhn4082-HHN
x-timer: S1662552997.267500,VS0,VE0

POST
H/1.1 200
OK saml2 Show response
login.microsoftonline.com/5b973f99-77df-4beb-b27d-aa0c70b8482c/ 151 KB
55 KB 55ms
36ms Document
text/html 20.190.160.15

General

Check archive.org

Show headers Download Go to

Full URL

https://login.microsoftonline.com/5b973f99-77df-4beb-b27d-aa0c70b8482c/saml2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.190.160.15 -, , ASN (),

Reverse DNS

Software

Resource Hash

6b6c817aa8accf35abb9bfb66a7db59a3097eea37e9fa1aa0180cb3f6c258494

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://eychsso.xexec.com
Referer: https://eychsso.xexec.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache
Content-Encoding: gzip
Content-Length: 55213
Content-Type: text/html; charset=utf-8
Date: Wed, 07 Sep 2022 12:16:37 GMT
Expires: -1
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams1"}]}
x-ms-ests-server: 2.1.13562.12 - WEULR1 ProdSlices
x-ms-request-id: 91097c33-b518-4ba4-86e6-b59096b7ac00

POST csp-report
q.stripe.com/ Frame 1921 0
0

GET
H2 200 out-4.5.42.js
m.stripe.network/ Frame 1921 86 KB
16 KB 7ms
7ms Script
text/javascript 151.101.64.176

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 -, , ASN (),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 241
x-cache: HIT
content-length: 16031
x-request-id: 2f3ecf41-4d5c-4153-a146-567bf49f8e55
x-served-by: cache-hhn4082-HHN
server: Fastly
x-timer: S1662552997.284378,VS0,VE0
date: Wed, 07 Sep 2022 12:16:37 GMT
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 341

POST
H/1.1 200
OK reportbssotelemetry
login.microsoftonline.com/common/instrumentation/ 264 B
1 KB 17ms
17ms Ping
application/json 20.190.160.15

General

Check archive.org

Show headers Download Go to

Full URL

https://login.microsoftonline.com/common/instrumentation/reportbssotelemetry?hpgid=6&hpgact=1900&client-request-id=05953887-75ba-46fe-a1b3-d72edfb7aaed&hpgrequestid=91097c33-b518-4ba4-86e6-b59096b7ac00

Requested by

Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/5b973f99-77df-4beb-b27d-aa0c70b8482c/saml2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.190.160.15 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.microsoftonline.com/5b973f99-77df-4beb-b27d-aa0c70b8482c/saml2
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
Date: Wed, 07 Sep 2022 12:16:37 GMT
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams1"}]}
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
x-ms-request-id: 77136882-e4f3-426b-9133-b340cef18700
Cache-Control: no-store, no-cache
x-ms-ests-server: 2.1.13562.12 - WEULR2 ProdSlices
Content-Type: application/json; charset=utf-8
Content-Length: 264
X-XSS-Protection: 0
Referrer-Policy: strict-origin-when-cross-origin
Expires: -1

POST
H/1.1 200
OK Primary Request saml2 Show response
login.microsoftonline.com/5b973f99-77df-4beb-b27d-aa0c70b8482c/ 197 KB
51 KB 91ms
91ms Document
text/html 20.190.160.15

General

Check archive.org

Show headers Download Go to

Full URL

https://login.microsoftonline.com/5b973f99-77df-4beb-b27d-aa0c70b8482c/saml2?sso_reload=true

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.190.160.15 -, , ASN (),

Reverse DNS

Software

Resource Hash

177ec95a2a3ea22132d1a6c6147619914af11c33652d4809da811ee1e639dc6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://login.microsoftonline.com
Referer: https://login.microsoftonline.com/5b973f99-77df-4beb-b27d-aa0c70b8482c/saml2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache
Content-Encoding: gzip
Content-Length: 50487
Content-Type: text/html; charset=utf-8
Date: Wed, 07 Sep 2022 12:16:37 GMT
Expires: -1
Link: <https://aadcdn.msauth.net>; rel=preconnect; crossorigin <https://aadcdn.msauth.net>; rel=dns-prefetch <https://aadcdn.msftauth.net>; rel=dns-prefetch
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-DNS-Prefetch-Control: on
X-Frame-Options: DENY
X-XSS-Protection: 0
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams1"}]}
x-ms-ests-server: 2.1.13562.12 - NEULR2 ProdSlices
x-ms-request-id: ad2a00ea-b32d-4bdc-905e-850f5bdf7c00

GET
H/1.1 200
OK Me.htm
login.live.com/ 0
0 222ms
100ms Other
text/html 40.126.32.134

General

Check archive.org

Show headers Download Go to

Full URL: https://login.live.com/Me.htm?v=3
Requested by: Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/5b973f99-77df-4beb-b27d-aa0c70b8482c/saml2?sso_reload=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.126.32.134 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H2 200 ConvergedLogin_PCore_rEkixmwXrnf1ZoXlPzTPPA2.js Show response
aadcdn.msauth.net/shared/1.0/content/js/ 383 KB
109 KB 117ms
21ms Script
application/x-javascript 2620:1ec:bdf::44

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_rEkixmwXrnf1ZoXlPzTPPA2.js
Requested by: Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/5b973f99-77df-4beb-b27d-aa0c70b8482c/saml2?sso_reload=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 -, , ASN (),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 564118b5f28d90632e7ca3487f8a208b0e7b5fe68fcda0c950986107a5ce2c65

Request headers

Referer: https://login.microsoftonline.com/
Origin: https://login.microsoftonline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Sep 2022 12:16:36 GMT
content-encoding: gzip
content-md5: fK2AK6jDg6/4KCAAbseoGQ==
x-cache: TCP_HIT
content-length: 111291
x-ms-lease-status: unlocked
last-modified: Thu, 04 Aug 2022 19:51:55 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA7652C8B9183C
x-azure-ref: 0pYsYYwAAAAB2imBKPhwHS6ucZ1y5zCu1TE9OMjFFREdFMTcwNQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: b567b718-101e-000a-58d8-c03966000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ 0
0

GET ux.converged.login.strings-de.min_lhhrovnn534e-c0nfmglxq2.js
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ 0
0

GET convergedlogin_pcustomizationloader_ce7e28197b4125ce53e0.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ 0
0

GET illustration
aadcdn.msauthimages.net/c1c6b6c8-mx1untacnteaumiivbotk1dujm09msajjxlhdxdme8/logintenantbranding/0/ 0
0

GET bannerlogo
aadcdn.msauthimages.net/c1c6b6c8-mx1untacnteaumiivbotk1dujm09msajjxlhdxdme8/logintenantbranding/0/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: login.microsoftonline.com
URL: https://login.microsoftonline.com/5b973f99-77df-4beb-b27d-aa0c70b8482c/saml2

Domain: q.stripe.com
URL: https://q.stripe.com/csp-report

Domain: q.stripe.com
URL: https://q.stripe.com/csp-report

Domain: q.stripe.com
URL: https://q.stripe.com/csp-report

Domain: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css

Domain: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-de.min_lhhrovnn534e-c0nfmglxq2.js

Domain: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_ce7e28197b4125ce53e0.js

Domain: aadcdn.msauthimages.net
URL: https://aadcdn.msauthimages.net/c1c6b6c8-mx1untacnteaumiivbotk1dujm09msajjxlhdxdme8/logintenantbranding/0/illustration?ts=637026203063059838

Domain: aadcdn.msauthimages.net
URL: https://aadcdn.msauthimages.net/c1c6b6c8-mx1untacnteaumiivbotk1dujm09msajjxlhdxdme8/logintenantbranding/0/bannerlogo?ts=636259366676582175

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			eymerci.com/	1969-12-31 23:59:59	Name: EY Value: 994d1bqgdgcqr5bijsfm3pkr0g

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Invalid allowlist item for feature none. Allowlist item must be *, self, or quoted url.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'none'.
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msauth.net
aadcdn.msauthimages.net
eychsso.xexec.com
eymerci.com
fonts.googleapis.com
js.stripe.com
login.live.com
login.microsoftonline.com
m.stripe.network
q.stripe.com
ssl.google-analytics.com
u3905472.ct.sendgrid.net
v3cdn-9f91.kxcdn.com
aadcdn.msauth.net
aadcdn.msauthimages.net
login.microsoftonline.com
q.stripe.com
151.101.64.176
167.89.118.35
20.190.160.15
2620:1ec:bdf::44
2a00:1450:4001:812::200a
2a00:1450:4001:82a::2008
2a0b:4d07:401::1
40.126.32.134
94.236.55.122
94.236.55.123
053e72c23f03812ba818ed4a4dca7d2fe321f0d02e981b81a57ecd3bf3c70bb8
0de8f12ffb12a3c3903692bec803bcad938030feffe1a5466e4a6fa764ca5b3f
110fedba4ce6fc166f7d2cbef1f5c63b9c8e2ad1b7aa46ab02635578c347ebdb
12454a6c65b3db3996db960869bdba995246654c7c030a1a601d6d3af314cdc1
177ec95a2a3ea22132d1a6c6147619914af11c33652d4809da811ee1e639dc6b
1e13244df3af35594206072d7b43cfeb2fde754f1aa0a664449ff74fac9674fe
23794d91c53ae875c8e247d72561e35d9d06ee07c70c9e0dbcc977a6d161504a
297ca9748cbbe4f3c7b1b11a564ae106f95083c5d3432f0dbda973ac8c4cadca
2e3e3b2660cbfaac5febf7a50b31d0494159989626a84102b2c3792cffe27d13
3397a17040efda4cdc1b2db007c14ada30f1cf0ff1addc6a4a2a5d0a6365d769
4253b64487b79ac9851d6fd9acb7c7a7cde450bb15c315fe65eb7d69adc64a3c
4fbbe28e3cc77c174d4b4b7575b04e503ba0c7f9e66c311beab8b24689ec1eb4
564118b5f28d90632e7ca3487f8a208b0e7b5fe68fcda0c950986107a5ce2c65
5c4971c06edd330bf17a45303ba2efd078281a3f30fe22546b84a8d2d7e564d5
643bcf82eff29f6041a62e2fa51f725fc147d9c2d46aeba01196d214a5e0abef
6b6c817aa8accf35abb9bfb66a7db59a3097eea37e9fa1aa0180cb3f6c258494
79449e0b5227c3e7b1be58122cbc0599f1f27625de3c7284662011c47991027f
83f05539e52d214f5a4526ca7f5b0d342beba8c9b94758b8894b0722ae8af05d
88aa446a080db238f86df298e0dd0205f4469f8d0fb6341d4bb8f4d0d5d95c74
a4ecfee062e52efaa461ada904724bf072d2e2e2aafca510224c40cf730698a3
b0584b5e7c9ab5c46b7c97af9793b5556d7ad850630b0c2305131236f7100c92
b2db7c3ae7cd22694b281044ff10805c3c40eb3262ffa4d26a4a90d38197585f
dbba6c97c32458d414e1fefd1ec15ea0267a3d5aa3e5f7512357963a57665e1c
df7b66f412e1921ca0b01b12f6bf1c9dfda4958c78a1b35d27ba6769eee4fe7e
e3e41f46ea755a6842650e2c97ad2bf67b1005289bf8371a034e683a5c82b4e8
f6e7178a181c0843cb1b48b0bc94d10b2159fe5fcd5c67280e133ea0aaf4e1cc
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

login.microsoftonline.com Open in urlscan Pro 20.190.160.15 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

50 Requests

82 %HTTPS

40 %IPv6

12 Domains

13 Subdomains

10 IPs

2 Countries

1502 kBTransfer

3563 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

login.microsoftonline.com Open in urlscan Pro
20.190.160.15 Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

82 %
HTTPS

40 %
IPv6

12
Domains

13
Subdomains

10
IPs

2
Countries

1502 kB
Transfer

3563 kB
Size

1
Cookies

50 HTTP transactions
1 data transactions