urlscan.io logo urlscan.io
SecurityTrails logo

fed.messe-duesseldorf.de Open in urlscan Pro
194.9.88.77  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://mdus-login.eu.nexthink.cloud/
Effective URL: https://fed.messe-duesseldorf.de/adfs/ls/?SAMLRequest=jZLNTuMwFEZfJfI%2B8Q8NSa2mqKJilBGDUIFZsHPjG2rh2B1fGzFvP2mgqCxAs7JkXX%2Fn87E...
Submission: On August 17 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 30 HTTP transactions. The main IP is 194.9.88.77, located in Düsseldorf, Germany and belongs to MESSE-DUESSELDORF-AS, DE. The main domain is fed.messe-duesseldorf.de.
TLS certificate: Issued by Thawte TLS RSA CA G1 on January 4th 2023. Valid for: a year.
This is the only time fed.messe-duesseldorf.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 15.197.195.200 16509 (AMAZON-02)
7 108.139.29.19 16509 (AMAZON-02)
2 15 18.194.116.146 16509 (AMAZON-02)
2 54.230.163.7 16509 (AMAZON-02)
1 34.102.158.97 396982 (GOOGLE-CL...)
4 194.9.88.77 29494 (MESSE-DUE...)
30 6
4    15.197.195.200 (United States)

ASN16509 (AMAZON-02, US)
PTR: ac4b547508e00da8e.awsglobalaccelerator.com
mdus-login.eu.nexthink.cloud
7    108.139.29.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-29-19.jfk50.r.cloudfront.net
ok9static.oktacdn.com
15    18.194.116.146 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-116-146.eu-central-1.compute.amazonaws.com
mdus.eu.nexthink.cloud
2    54.230.163.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-163-7.ewr53.r.cloudfront.net
login.okta.com
1    34.102.158.97 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 97.158.102.34.bc.googleusercontent.com
content.insights.nexthink.com
4    194.9.88.77 (Düsseldorf, Germany)

ASN29494 (MESSE-DUESSELDORF-AS, DE)
fed.messe-duesseldorf.de
Apex Domain
Subdomains		 Transfer
19 nexthink.cloud
mdus-login.eu.nexthink.cloud
mdus.eu.nexthink.cloud
943 KB
7 oktacdn.com
ok9static.oktacdn.com — Cisco Umbrella Rank: 46145
696 KB
4 messe-duesseldorf.de
fed.messe-duesseldorf.de
79 KB
2 okta.com
login.okta.com — Cisco Umbrella Rank: 5641
97 KB
1 nexthink.com
content.insights.nexthink.com — Cisco Umbrella Rank: 666811
139 KB
30 5
Domain Requested by
15 mdus.eu.nexthink.cloud 2 redirects mdus-login.eu.nexthink.cloud
mdus.eu.nexthink.cloud
7 ok9static.oktacdn.com mdus-login.eu.nexthink.cloud
4 fed.messe-duesseldorf.de fed.messe-duesseldorf.de
4 mdus-login.eu.nexthink.cloud 1 redirects mdus-login.eu.nexthink.cloud
mdus.eu.nexthink.cloud
2 login.okta.com ok9static.oktacdn.com
login.okta.com
1 content.insights.nexthink.com mdus.eu.nexthink.cloud
30 6

This site contains no links.

Subject Issuer Validity Valid
mdus-login.eu.nexthink.cloud
R3		 2023-07-18 -
2023-10-16		 3 months crt.sh
*.oktacdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-03 -
2024-01-02		 a year crt.sh
*.eu.nexthink.cloud
Amazon RSA 2048 M01		 2023-06-24 -
2024-07-22		 a year crt.sh
accounts.okta.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2024-07-24		 a year crt.sh
content.insights.nexthink.com
GTS CA 1D4		 2023-07-31 -
2023-10-29		 3 months crt.sh
*.messe-duesseldorf.de
Thawte TLS RSA CA G1		 2023-01-04 -
2024-01-03		 a year crt.sh

This page contains 2 frames:

Primary Page: https://fed.messe-duesseldorf.de/adfs/ls/?SAMLRequest=jZLNTuMwFEZfJfI%2B8Q8NSa2mqKJilBGDUIFZsHPjG2rh2B1fGzFvP2mgqCxAs7JkXX%2Fn87EXF6%2BDzV4goPGuIbxgJAPXeW3cU0Me7q%2FymlwsF6gGK%2FZyleLObeBPAozZChFCHI9deodpgHAH4cV08LC5bsguxj1KSgedMLf%2BybgCUuHgNe6Mey4665OmiJ5OyZR5VW%2BNrysBz2b7s%2F0x4xXJ1iPGOBWnasfEHnQxwMjOdTosVvvQFxqo0j1Si5RkVz50MHVtSK8sAsnadUOMrmasFKKqeckrUbI5F2w%2BO6%2FmfLx1i5igdRiViw0RTJzlrM55dc%2FP5VkpGSvK2fyRZL%2BPrsTB1WjPoXzT05AUnPQKDUqnxo4ydvJu9etajqNyH3z0nbfk3aacgOE04fsAdfRNlv9jd0FPMR9PeDPmtutbb0339yBqUPFrLC%2F4tGN03k%2BjMjncQ2d6A5rQ5Tvj88dY%2FgM%3D&RelayState=%252Fapp%252Fnx-mdus_nexthink_1%252Fexk8biuymfJlfaZ3l417%252Fsso%252Fsaml%253FSigAlg%253Dhttp%25253A%25252F%25252Fwww.w3.org%25252F2001%25252F04%25252Fxmldsig-more%252523rsa-sha256%2526RelayState%253D%2525257B%25252522finder%25252522%2525253Afalse%2525252C%25252522uuid%25252522%2525253A%25252522c30ff8aa-dafd-469c-b8ec-e9fa4a21180c%25252522%2525252C%25252522redirectTo%25252522%2525253A%25252522%2525252F%25252522%2525257D%2526SAMLRequest%253DjVLbbtswDP0VQ%25252B%25252ByfMnFE5IAXrOh2bo0aLxi6Euh2EwjVJY8UWrTv6%25252FstEALbEUfSZ5DHh5yhqJVHS%25252B9O%25252Bgr%25252BOsBXXRslUY%25252BFObEW82NQIlcixaQu5pvy18XPIsT3lnjTG0UeUP5mCEQwTppNIlWyzlZf%25252FtTna%25252FWP5MGxtNsVNBskhZ0lBQ5LSY7Qfdf6nGW7ab5OBckugaLgTonoVPgI3pYaXRCu5BKspwmBU2nVTrh%25252BZgnyQ2JNtY8yAbsOggJ0%25252BDoDlLfR9uSRMuwqdTCDQ0PznXIGWsbj1SZO6lj8LF%25252Bwce1Mr5houuYPtIec%25252Ftauk0ZHO%25252BLnfRP7f6H2oubXI3SKUM0rHdjkDB49FXqRuq7j%25252B3ZnUDIz6tqQzeX24pE5atlZ0ajb8FuwT7IGn5fXbwX%25252Fg%25252FJvQT2KN1BhPuSxayP%25252BWCcXXyCOmNvCbPTq%25252FRerpYbo2T9FH03thXu%25252F0ulcTpkZEP3A5RDK6Qqm8YCYlhOKfN4ZkG4cB9nPZCILU5j3z%25252Fl4hk%25253D%2526Signature%253DFDWFQjMhUEmTI91g9XDk11TB7jdq62C3M71ZkYTnRDD6WbVewXy%25252BjVfZPaMkoQki2GAFTY3WURgACHXwK3zeVE9Z%25252FudInys2gAM2taFU6REgZREE%25252B6iIILlyiqFsVbc0KQfgv4KcEPtHgGLG3HvRVAAi0bXEXT5V0crowRg1dBrwLz1cWALKNj%25252BEaiFNyvpnha5rtCicwfJPNhOT2mld6Ts8wEHQ3WOF0o9nXOQcB6dQEo2ugb46A%25252FJjlhQDQlEX1zXV4gcPTobEseaYqpk01%25252B%25252F8d8DLl%25252F0kgCuVrMe7Dx7KSv%25252B4PAmhosqOFwnmh%25252B4f1TJE%25252FZIva9UtLpspfSK50VzoYNKL7PfxHYgo57D6abQVovmsKbwVpxqgl2qiilpQsMxT8pV7nxyeCYqqvf64RI7fjdRtAf1wWSYS97Ezyx5K2NdFG5laXy4GfLAymWrKUNX5VNZszGfCjN20BpGF2l21rjNQi%25252FNt7khP2c9jTVsuUhwifsB7Yd6yckmRGviigYPZRn3AAdq1cderG2%25252FFdoQV3R%25252FDyZtieLZse3tJ%25252F0BB6HkicL94mJ1i2zT%25252FowroYgymP98oHgA7p49Pl8ZxIt%25252BKjbuHX0bV74RYHRVoSOUF38lgpHu8nVYbVkKIdAoGOSxsO3SphV7oRu8Fi8dXSBvSyZTs98C1jBejUjIlYxg%25253D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=Fek18XpXF5jAJBuO67Av9ATyVGTjtmpG4CckoC%2BG8RLTOgMvZq00eUyUmnm7Zpa5U9yramX8%2BWENsdyNiOJAXBQB83wkpiZg9oPMYTW2HoVjJOp6f9O9lBABIv7CQFggIDN4r5wBlojnHkwRFUCG1nD5muAEmbToByJ4w03SugWfCvsFmswu5a69%2F6Q55K2%2BoPieTageD1KK%2Bb5ZlEvExidARQSX6LKFaroMR5ujIdg5uBMjjZS54sqL35Iwhhz0iWQxpPwMuZCEjeVcpmq0Qs5h54lcZ6DbwgWVmvL4KrG2Ga88F7MC89Ba06LknTWcIVqXTxnxDcNgsOunNO8mSA%3D%3D
Frame ID: 22163D846987D465138EF97599833C8E
Requests: 28 HTTP requests in this frame

Frame: https://login.okta.com/discovery/iframe.html
Frame ID: 372D0CD0B3E4A1241CB6E5A2403CBD51
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign In

Page URL History Show full URLs

  1. https://mdus-login.eu.nexthink.cloud/ Page URL
  2. https://mdus.eu.nexthink.cloud/ Page URL
  3. https://mdus.eu.nexthink.cloud/hierarchy?redirectTo=%2F HTTP 302
    https://mdus.eu.nexthink.cloud/saml/redirect?redirectTo=%2F HTTP 302
    https://mdus-login.eu.nexthink.cloud/app/nx-mdus_nexthink_1/exk8biuymfJlfaZ3l417/sso/saml?SigAlg=http%3A%2F%2Fwww... HTTP 302
    https://mdus-login.eu.nexthink.cloud/login/login.htm?fromURI=%2Fapp%2Fnx-mdus_nexthink_1%2Fexk8biuymfJlfaZ3l417%2... Page URL
  4. https://fed.messe-duesseldorf.de/adfs/ls/?SAMLRequest=jZLNTuMwFEZfJfI%2B8Q8NSa2mqKJilBGDUIFZsHPjG2rh2B1fGzFvP... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • highcharts.*\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

30
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

6
Subdomains

6
IPs

2
Countries

1947 kB
Transfer

7447 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://mdus-login.eu.nexthink.cloud/ Page URL
  2. https://mdus.eu.nexthink.cloud/ Page URL
  3. https://mdus.eu.nexthink.cloud/hierarchy?redirectTo=%2F HTTP 302
    https://mdus.eu.nexthink.cloud/saml/redirect?redirectTo=%2F HTTP 302
    https://mdus-login.eu.nexthink.cloud/app/nx-mdus_nexthink_1/exk8biuymfJlfaZ3l417/sso/saml?SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&SAMLRequest=jVLbbtswDP0VQ%2B%2ByfMnFE5IAXrOh2bo0aLxi6Euh2EwjVJY8UWrTv6%2FstEALbEUfSZ5DHh5yhqJVHS%2B9O%2Bgr%2BOsBXXRslUY%2BFObEW82NQIlcixaQu5pvy18XPIsT3lnjTG0UeUP5mCEQwTppNIlWyzlZf%2FtTna%2FWP5MGxtNsVNBskhZ0lBQ5LSY7Qfdf6nGW7ab5OBckugaLgTonoVPgI3pYaXRCu5BKspwmBU2nVTrh%2BZgnyQ2JNtY8yAbsOggJ0%2BDoDlLfR9uSRMuwqdTCDQ0PznXIGWsbj1SZO6lj8LF%2Bwce1Mr5houuYPtIec%2Ftauk0ZHO%2BLnfRP7f6H2oubXI3SKUM0rHdjkDB49FXqRuq7j%2B3ZnUDIz6tqQzeX24pE5atlZ0ajb8FuwT7IGn5fXbwX%2Fg%2FJvQT2KN1BhPuSxayP%2BWCcXXyCOmNvCbPTq%2FRerpYbo2T9FH03thXu%2F0ulcTpkZEP3A5RDK6Qqm8YCYlhOKfN4ZkG4cB9nPZCILU5j3z%2Fl4hk%3D&RelayState=%257B%2522finder%2522%253Afalse%252C%2522uuid%2522%253A%2522c30ff8aa-dafd-469c-b8ec-e9fa4a21180c%2522%252C%2522redirectTo%2522%253A%2522%252F%2522%257D&Signature=FDWFQjMhUEmTI91g9XDk11TB7jdq62C3M71ZkYTnRDD6WbVewXy%2BjVfZPaMkoQki2GAFTY3WURgACHXwK3zeVE9Z%2FudInys2gAM2taFU6REgZREE%2B6iIILlyiqFsVbc0KQfgv4KcEPtHgGLG3HvRVAAi0bXEXT5V0crowRg1dBrwLz1cWALKNj%2BEaiFNyvpnha5rtCicwfJPNhOT2mld6Ts8wEHQ3WOF0o9nXOQcB6dQEo2ugb46A%2FJjlhQDQlEX1zXV4gcPTobEseaYqpk01%2B%2F8d8DLl%2F0kgCuVrMe7Dx7KSv%2B4PAmhosqOFwnmh%2B4f1TJE%2FZIva9UtLpspfSK50VzoYNKL7PfxHYgo57D6abQVovmsKbwVpxqgl2qiilpQsMxT8pV7nxyeCYqqvf64RI7fjdRtAf1wWSYS97Ezyx5K2NdFG5laXy4GfLAymWrKUNX5VNZszGfCjN20BpGF2l21rjNQi%2FNt7khP2c9jTVsuUhwifsB7Yd6yckmRGviigYPZRn3AAdq1cderG2%2FFdoQV3R%2FDyZtieLZse3tJ%2F0BB6HkicL94mJ1i2zT%2FowroYgymP98oHgA7p49Pl8ZxIt%2BKjbuHX0bV74RYHRVoSOUF38lgpHu8nVYbVkKIdAoGOSxsO3SphV7oRu8Fi8dXSBvSyZTs98C1jBejUjIlYxg%3D HTTP 302
    https://mdus-login.eu.nexthink.cloud/login/login.htm?fromURI=%2Fapp%2Fnx-mdus_nexthink_1%2Fexk8biuymfJlfaZ3l417%2Fsso%2Fsaml%3FSigAlg%3Dhttp%253A%252F%252Fwww.w3.org%252F2001%252F04%252Fxmldsig-more%2523rsa-sha256%26SAMLRequest%3DjVLbbtswDP0VQ%252B%252ByfMnFE5IAXrOh2bo0aLxi6Euh2EwjVJY8UWrTv6%252FstEALbEUfSZ5DHh5yhqJVHS%252B9O%252Bgr%252BOsBXXRslUY%252BFObEW82NQIlcixaQu5pvy18XPIsT3lnjTG0UeUP5mCEQwTppNIlWyzlZf%252FtTna%252FWP5MGxtNsVNBskhZ0lBQ5LSY7Qfdf6nGW7ab5OBckugaLgTonoVPgI3pYaXRCu5BKspwmBU2nVTrh%252BZgnyQ2JNtY8yAbsOggJ0%252BDoDlLfR9uSRMuwqdTCDQ0PznXIGWsbj1SZO6lj8LF%252Bwce1Mr5houuYPtIec%252Ftauk0ZHO%252BLnfRP7f6H2oubXI3SKUM0rHdjkDB49FXqRuq7j%252B3ZnUDIz6tqQzeX24pE5atlZ0ajb8FuwT7IGn5fXbwX%252Fg%252FJvQT2KN1BhPuSxayP%252BWCcXXyCOmNvCbPTq%252FRerpYbo2T9FH03thXu%252F0ulcTpkZEP3A5RDK6Qqm8YCYlhOKfN4ZkG4cB9nPZCILU5j3z%252Fl4hk%253D%26RelayState%3D%25257B%252522finder%252522%25253Afalse%25252C%252522uuid%252522%25253A%252522c30ff8aa-dafd-469c-b8ec-e9fa4a21180c%252522%25252C%252522redirectTo%252522%25253A%252522%25252F%252522%25257D%26Signature%3DFDWFQjMhUEmTI91g9XDk11TB7jdq62C3M71ZkYTnRDD6WbVewXy%252BjVfZPaMkoQki2GAFTY3WURgACHXwK3zeVE9Z%252FudInys2gAM2taFU6REgZREE%252B6iIILlyiqFsVbc0KQfgv4KcEPtHgGLG3HvRVAAi0bXEXT5V0crowRg1dBrwLz1cWALKNj%252BEaiFNyvpnha5rtCicwfJPNhOT2mld6Ts8wEHQ3WOF0o9nXOQcB6dQEo2ugb46A%252FJjlhQDQlEX1zXV4gcPTobEseaYqpk01%252B%252F8d8DLl%252F0kgCuVrMe7Dx7KSv%252B4PAmhosqOFwnmh%252B4f1TJE%252FZIva9UtLpspfSK50VzoYNKL7PfxHYgo57D6abQVovmsKbwVpxqgl2qiilpQsMxT8pV7nxyeCYqqvf64RI7fjdRtAf1wWSYS97Ezyx5K2NdFG5laXy4GfLAymWrKUNX5VNZszGfCjN20BpGF2l21rjNQi%252FNt7khP2c9jTVsuUhwifsB7Yd6yckmRGviigYPZRn3AAdq1cderG2%252FFdoQV3R%252FDyZtieLZse3tJ%252F0BB6HkicL94mJ1i2zT%252FowroYgymP98oHgA7p49Pl8ZxIt%252BKjbuHX0bV74RYHRVoSOUF38lgpHu8nVYbVkKIdAoGOSxsO3SphV7oRu8Fi8dXSBvSyZTs98C1jBejUjIlYxg%253D Page URL
  4. https://fed.messe-duesseldorf.de/adfs/ls/?SAMLRequest=jZLNTuMwFEZfJfI%2B8Q8NSa2mqKJilBGDUIFZsHPjG2rh2B1fGzFvP2mgqCxAs7JkXX%2Fn87EXF6%2BDzV4goPGuIbxgJAPXeW3cU0Me7q%2FymlwsF6gGK%2FZyleLObeBPAozZChFCHI9deodpgHAH4cV08LC5bsguxj1KSgedMLf%2BybgCUuHgNe6Mey4665OmiJ5OyZR5VW%2BNrysBz2b7s%2F0x4xXJ1iPGOBWnasfEHnQxwMjOdTosVvvQFxqo0j1Si5RkVz50MHVtSK8sAsnadUOMrmasFKKqeckrUbI5F2w%2BO6%2FmfLx1i5igdRiViw0RTJzlrM55dc%2FP5VkpGSvK2fyRZL%2BPrsTB1WjPoXzT05AUnPQKDUqnxo4ydvJu9etajqNyH3z0nbfk3aacgOE04fsAdfRNlv9jd0FPMR9PeDPmtutbb0339yBqUPFrLC%2F4tGN03k%2BjMjncQ2d6A5rQ5Tvj88dY%2FgM%3D&RelayState=%252Fapp%252Fnx-mdus_nexthink_1%252Fexk8biuymfJlfaZ3l417%252Fsso%252Fsaml%253FSigAlg%253Dhttp%25253A%25252F%25252Fwww.w3.org%25252F2001%25252F04%25252Fxmldsig-more%252523rsa-sha256%2526RelayState%253D%2525257B%25252522finder%25252522%2525253Afalse%2525252C%25252522uuid%25252522%2525253A%25252522c30ff8aa-dafd-469c-b8ec-e9fa4a21180c%25252522%2525252C%25252522redirectTo%25252522%2525253A%25252522%2525252F%25252522%2525257D%2526SAMLRequest%253DjVLbbtswDP0VQ%25252B%25252ByfMnFE5IAXrOh2bo0aLxi6Euh2EwjVJY8UWrTv6%25252FstEALbEUfSZ5DHh5yhqJVHS%25252B9O%25252Bgr%25252BOsBXXRslUY%25252BFObEW82NQIlcixaQu5pvy18XPIsT3lnjTG0UeUP5mCEQwTppNIlWyzlZf%25252FtTna%25252FWP5MGxtNsVNBskhZ0lBQ5LSY7Qfdf6nGW7ab5OBckugaLgTonoVPgI3pYaXRCu5BKspwmBU2nVTrh%25252BZgnyQ2JNtY8yAbsOggJ0%25252BDoDlLfR9uSRMuwqdTCDQ0PznXIGWsbj1SZO6lj8LF%25252Bwce1Mr5houuYPtIec%25252Ftauk0ZHO%25252BLnfRP7f6H2oubXI3SKUM0rHdjkDB49FXqRuq7j%25252B3ZnUDIz6tqQzeX24pE5atlZ0ajb8FuwT7IGn5fXbwX%25252Fg%25252FJvQT2KN1BhPuSxayP%25252BWCcXXyCOmNvCbPTq%25252FRerpYbo2T9FH03thXu%25252F0ulcTpkZEP3A5RDK6Qqm8YCYlhOKfN4ZkG4cB9nPZCILU5j3z%25252Fl4hk%25253D%2526Signature%253DFDWFQjMhUEmTI91g9XDk11TB7jdq62C3M71ZkYTnRDD6WbVewXy%25252BjVfZPaMkoQki2GAFTY3WURgACHXwK3zeVE9Z%25252FudInys2gAM2taFU6REgZREE%25252B6iIILlyiqFsVbc0KQfgv4KcEPtHgGLG3HvRVAAi0bXEXT5V0crowRg1dBrwLz1cWALKNj%25252BEaiFNyvpnha5rtCicwfJPNhOT2mld6Ts8wEHQ3WOF0o9nXOQcB6dQEo2ugb46A%25252FJjlhQDQlEX1zXV4gcPTobEseaYqpk01%25252B%25252F8d8DLl%25252F0kgCuVrMe7Dx7KSv%25252B4PAmhosqOFwnmh%25252B4f1TJE%25252FZIva9UtLpspfSK50VzoYNKL7PfxHYgo57D6abQVovmsKbwVpxqgl2qiilpQsMxT8pV7nxyeCYqqvf64RI7fjdRtAf1wWSYS97Ezyx5K2NdFG5laXy4GfLAymWrKUNX5VNZszGfCjN20BpGF2l21rjNQi%25252FNt7khP2c9jTVsuUhwifsB7Yd6yckmRGviigYPZRn3AAdq1cderG2%25252FFdoQV3R%25252FDyZtieLZse3tJ%25252F0BB6HkicL94mJ1i2zT%25252FowroYgymP98oHgA7p49Pl8ZxIt%25252BKjbuHX0bV74RYHRVoSOUF38lgpHu8nVYbVkKIdAoGOSxsO3SphV7oRu8Fi8dXSBvSyZTs98C1jBejUjIlYxg%25253D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=Fek18XpXF5jAJBuO67Av9ATyVGTjtmpG4CckoC%2BG8RLTOgMvZq00eUyUmnm7Zpa5U9yramX8%2BWENsdyNiOJAXBQB83wkpiZg9oPMYTW2HoVjJOp6f9O9lBABIv7CQFggIDN4r5wBlojnHkwRFUCG1nD5muAEmbToByJ4w03SugWfCvsFmswu5a69%2F6Q55K2%2BoPieTageD1KK%2Bb5ZlEvExidARQSX6LKFaroMR5ujIdg5uBMjjZS54sqL35Iwhhz0iWQxpPwMuZCEjeVcpmq0Qs5h54lcZ6DbwgWVmvL4KrG2Ga88F7MC89Ba06LknTWcIVqXTxnxDcNgsOunNO8mSA%3D%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22
  • https://mdus.eu.nexthink.cloud/hierarchy?redirectTo=%2F HTTP 302
  • https://mdus.eu.nexthink.cloud/saml/redirect?redirectTo=%2F HTTP 302
  • https://mdus-login.eu.nexthink.cloud/app/nx-mdus_nexthink_1/exk8biuymfJlfaZ3l417/sso/saml?SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&SAMLRequest=jVLbbtswDP0VQ%2B%2ByfMnFE5IAXrOh2bo0aLxi6Euh2EwjVJY8UWrTv6%2FstEALbEUfSZ5DHh5yhqJVHS%2B9O%2Bgr%2BOsBXXRslUY%2BFObEW82NQIlcixaQu5pvy18XPIsT3lnjTG0UeUP5mCEQwTppNIlWyzlZf%2FtTna%2FWP5MGxtNsVNBskhZ0lBQ5LSY7Qfdf6nGW7ab5OBckugaLgTonoVPgI3pYaXRCu5BKspwmBU2nVTrh%2BZgnyQ2JNtY8yAbsOggJ0%2BDoDlLfR9uSRMuwqdTCDQ0PznXIGWsbj1SZO6lj8LF%2Bwce1Mr5houuYPtIec%2Ftauk0ZHO%2BLnfRP7f6H2oubXI3SKUM0rHdjkDB49FXqRuq7j%2B3ZnUDIz6tqQzeX24pE5atlZ0ajb8FuwT7IGn5fXbwX%2Fg%2FJvQT2KN1BhPuSxayP%2BWCcXXyCOmNvCbPTq%2FRerpYbo2T9FH03thXu%2F0ulcTpkZEP3A5RDK6Qqm8YCYlhOKfN4ZkG4cB9nPZCILU5j3z%2Fl4hk%3D&RelayState=%257B%2522finder%2522%253Afalse%252C%2522uuid%2522%253A%2522c30ff8aa-dafd-469c-b8ec-e9fa4a21180c%2522%252C%2522redirectTo%2522%253A%2522%252F%2522%257D&Signature=FDWFQjMhUEmTI91g9XDk11TB7jdq62C3M71ZkYTnRDD6WbVewXy%2BjVfZPaMkoQki2GAFTY3WURgACHXwK3zeVE9Z%2FudInys2gAM2taFU6REgZREE%2B6iIILlyiqFsVbc0KQfgv4KcEPtHgGLG3HvRVAAi0bXEXT5V0crowRg1dBrwLz1cWALKNj%2BEaiFNyvpnha5rtCicwfJPNhOT2mld6Ts8wEHQ3WOF0o9nXOQcB6dQEo2ugb46A%2FJjlhQDQlEX1zXV4gcPTobEseaYqpk01%2B%2F8d8DLl%2F0kgCuVrMe7Dx7KSv%2B4PAmhosqOFwnmh%2B4f1TJE%2FZIva9UtLpspfSK50VzoYNKL7PfxHYgo57D6abQVovmsKbwVpxqgl2qiilpQsMxT8pV7nxyeCYqqvf64RI7fjdRtAf1wWSYS97Ezyx5K2NdFG5laXy4GfLAymWrKUNX5VNZszGfCjN20BpGF2l21rjNQi%2FNt7khP2c9jTVsuUhwifsB7Yd6yckmRGviigYPZRn3AAdq1cderG2%2FFdoQV3R%2FDyZtieLZse3tJ%2F0BB6HkicL94mJ1i2zT%2FowroYgymP98oHgA7p49Pl8ZxIt%2BKjbuHX0bV74RYHRVoSOUF38lgpHu8nVYbVkKIdAoGOSxsO3SphV7oRu8Fi8dXSBvSyZTs98C1jBejUjIlYxg%3D HTTP 302
  • https://mdus-login.eu.nexthink.cloud/login/login.htm?fromURI=%2Fapp%2Fnx-mdus_nexthink_1%2Fexk8biuymfJlfaZ3l417%2Fsso%2Fsaml%3FSigAlg%3Dhttp%253A%252F%252Fwww.w3.org%252F2001%252F04%252Fxmldsig-more%2523rsa-sha256%26SAMLRequest%3DjVLbbtswDP0VQ%252B%252ByfMnFE5IAXrOh2bo0aLxi6Euh2EwjVJY8UWrTv6%252FstEALbEUfSZ5DHh5yhqJVHS%252B9O%252Bgr%252BOsBXXRslUY%252BFObEW82NQIlcixaQu5pvy18XPIsT3lnjTG0UeUP5mCEQwTppNIlWyzlZf%252FtTna%252FWP5MGxtNsVNBskhZ0lBQ5LSY7Qfdf6nGW7ab5OBckugaLgTonoVPgI3pYaXRCu5BKspwmBU2nVTrh%252BZgnyQ2JNtY8yAbsOggJ0%252BDoDlLfR9uSRMuwqdTCDQ0PznXIGWsbj1SZO6lj8LF%252Bwce1Mr5houuYPtIec%252Ftauk0ZHO%252BLnfRP7f6H2oubXI3SKUM0rHdjkDB49FXqRuq7j%252B3ZnUDIz6tqQzeX24pE5atlZ0ajb8FuwT7IGn5fXbwX%252Fg%252FJvQT2KN1BhPuSxayP%252BWCcXXyCOmNvCbPTq%252FRerpYbo2T9FH03thXu%252F0ulcTpkZEP3A5RDK6Qqm8YCYlhOKfN4ZkG4cB9nPZCILU5j3z%252Fl4hk%253D%26RelayState%3D%25257B%252522finder%252522%25253Afalse%25252C%252522uuid%252522%25253A%252522c30ff8aa-dafd-469c-b8ec-e9fa4a21180c%252522%25252C%252522redirectTo%252522%25253A%252522%25252F%252522%25257D%26Signature%3DFDWFQjMhUEmTI91g9XDk11TB7jdq62C3M71ZkYTnRDD6WbVewXy%252BjVfZPaMkoQki2GAFTY3WURgACHXwK3zeVE9Z%252FudInys2gAM2taFU6REgZREE%252B6iIILlyiqFsVbc0KQfgv4KcEPtHgGLG3HvRVAAi0bXEXT5V0crowRg1dBrwLz1cWALKNj%252BEaiFNyvpnha5rtCicwfJPNhOT2mld6Ts8wEHQ3WOF0o9nXOQcB6dQEo2ugb46A%252FJjlhQDQlEX1zXV4gcPTobEseaYqpk01%252B%252F8d8DLl%252F0kgCuVrMe7Dx7KSv%252B4PAmhosqOFwnmh%252B4f1TJE%252FZIva9UtLpspfSK50VzoYNKL7PfxHYgo57D6abQVovmsKbwVpxqgl2qiilpQsMxT8pV7nxyeCYqqvf64RI7fjdRtAf1wWSYS97Ezyx5K2NdFG5laXy4GfLAymWrKUNX5VNZszGfCjN20BpGF2l21rjNQi%252FNt7khP2c9jTVsuUhwifsB7Yd6yckmRGviigYPZRn3AAdq1cderG2%252FFdoQV3R%252FDyZtieLZse3tJ%252F0BB6HkicL94mJ1i2zT%252FowroYgymP98oHgA7p49Pl8ZxIt%252BKjbuHX0bV74RYHRVoSOUF38lgpHu8nVYbVkKIdAoGOSxsO3SphV7oRu8Fi8dXSBvSyZTs98C1jBejUjIlYxg%253D

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
mdus-login.eu.nexthink.cloud/ 		9 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mdus-login.eu.nexthink.cloud/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.195.200 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ac4b547508e00da8e.awsglobalaccelerator.com
Software
nginx /
Resource Hash
6f9f671b311286a029041b3bfce6530d0f4851db1fdb466ee4869a37369f6d17
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Type
text/html;charset=utf-8
Date
Thu, 17 Aug 2023 16:34:57 GMT
Keep-Alive
timeout=5, max=100
Server
nginx
Strict-Transport-Security
max-age=315360000; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Robots-Tag
noindex,nofollow
cache-control
no-cache, no-store
content-language
en
content-security-policy
frame-ancestors 'self'
content-security-policy-report-only
frame-ancestors 'self'
expires
0
p3p
CP="HONK"
pragma
no-cache
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-okta-request-id
ZN5MMRbhBaSaW2NPmkiyawAAAbI
x-rate-limit-limit
60
x-rate-limit-remaining
59
x-rate-limit-reset
1692290157
x-ua-compatible
IE=edge
x-xss-protection
0
style-sheet
mdus-login.eu.nexthink.cloud/api/internal/brand/theme/ 		556 B
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mdus-login.eu.nexthink.cloud/api/internal/brand/theme/style-sheet?touch-point=SIGN_IN_PAGE&v=cc32bab7f9503f3f7fed663483b1c4b3b2208359593c7a01ab78d6fe44b43615929d08194364f5847ba64139827eac05
Requested by
Host: mdus-login.eu.nexthink.cloud
URL: https://mdus-login.eu.nexthink.cloud/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.195.200 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ac4b547508e00da8e.awsglobalaccelerator.com
Software
nginx /
Resource Hash
def1bb171895402e944395a139202730ce78b7c2ce8ebfeb3d79f4150ee2236b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mdus-login.eu.nexthink.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-okta-request-id
ZN5MMRbhBaSaW2NPmkiybgAAAbI
Date
Thu, 17 Aug 2023 16:34:57 GMT
content-security-policy
frame-ancestors 'self'
x-rate-limit-limit
2400
x-content-type-options
nosniff
Content-Encoding
gzip
x-rate-limit-remaining
2399
Strict-Transport-Security
max-age=315360000; includeSubDomains
content-security-policy-report-only
default-src 'self' nx-mdus.okta.com mdus-login.eu.nexthink.cloud *.oktacdn.com; connect-src 'self' nx-mdus.okta.com nx-mdus-admin.okta.com mdus-login.eu.nexthink.cloud *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com *.mtls.okta.com nx-mdus.kerberos.okta.com https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' nx-mdus.okta.com mdus-login.eu.nexthink.cloud *.oktacdn.com; style-src 'unsafe-inline' 'self' nx-mdus.okta.com mdus-login.eu.nexthink.cloud *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' nx-mdus.okta.com nx-mdus-admin.okta.com mdus-login.eu.nexthink.cloud login.okta.com; img-src 'self' nx-mdus.okta.com mdus-login.eu.nexthink.cloud *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' nx-mdus.okta.com mdus-login.eu.nexthink.cloud data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
Transfer-Encoding
chunked
p3p
CP="HONK"
Connection
Keep-Alive
x-xss-protection
0
Server
nginx
Vary
Accept-Encoding
Content-Type
text/css
x-rate-limit-reset
1692290157
cache-control
max-age=31536000, must-revalidate
Keep-Alive
timeout=5, max=99
expires
Fri, 16 Aug 2024 16:34:57 GMT
okta-sign-in.min.js
ok9static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.9.0/js/ 		2 MB
476 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ok9static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.9.0/js/okta-sign-in.min.js
Requested by
Host: mdus-login.eu.nexthink.cloud
URL: https://mdus-login.eu.nexthink.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-19.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
b4a623dacebe252a71c621ae1581d9b035d2f1ae19cd70cb493e12598b167b7a
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mdus-login.eu.nexthink.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 18:03:15 GMT
x-amz-meta-sha1sum
8c3266fc67a3fa4172056bf30d08708dfd2db2a4
content-encoding
gzip
strict-transport-security
max-age=315360000; includeSubDomains
via
1.1 d50d90bbddca57e02d6288d86c88470a.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P2
age
167502
x-cache
Hit from cloudfront
last-modified
Tue, 15 Aug 2023 17:36:06 GMT
server
nginx
etag
W/"6aad49dbf009f9aa852c1dd4aea4bed4"
vary
Accept-Encoding
content-type
application/javascript
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id
ECk7JlYvP7F8UbhVw7sOTle6jXkgwRm7qml0HvEkwzOTeb3L0PtDgA==
expires
Wed, 14 Aug 2024 18:03:15 GMT
okta-sign-in.min.css
ok9static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.9.0/css/ 		216 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ok9static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.9.0/css/okta-sign-in.min.css
Requested by
Host: mdus-login.eu.nexthink.cloud
URL: https://mdus-login.eu.nexthink.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-19.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
9339ac13c07c72d18804336161788269b6c3183c99d07ba788a1428577a5571a
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mdus-login.eu.nexthink.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 18:03:15 GMT
x-amz-meta-sha1sum
0f0223ca0338a22b7580da0bc04df8dfcfb0f071
content-encoding
gzip
strict-transport-security
max-age=315360000; includeSubDomains
via
1.1 d50d90bbddca57e02d6288d86c88470a.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P2
age
167502
x-cache
Hit from cloudfront
last-modified
Tue, 15 Aug 2023 17:35:17 GMT
server
nginx
etag
W/"55c5506d7af5fb6428142a505b5e82f2"
vary
Accept-Encoding
content-type
text/css
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id
bigje-n5GVHgDta7AomtoAzf-ANAxRXPhVNV2rrNbgxhGZEDlh9yrQ==
expires
Wed, 14 Aug 2024 18:03:15 GMT
custom-signin.241e0fb439244dc50c5929c0513a6765.css
ok9static.oktacdn.com/assets/loginpage/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ok9static.oktacdn.com/assets/loginpage/css/custom-signin.241e0fb439244dc50c5929c0513a6765.css
Requested by
Host: mdus-login.eu.nexthink.cloud
URL: https://mdus-login.eu.nexthink.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-19.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
dcc89f32e3f978bd4c2e313916b6267abd287eea87daec0e5c049150fd9062aa
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mdus-login.eu.nexthink.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 03:45:06 GMT
strict-transport-security
max-age=315360000; includeSubDomains
content-encoding
gzip
via
1.1 d50d90bbddca57e02d6288d86c88470a.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P2
age
1342191
x-cache
Hit from cloudfront
last-modified
Tue, 22 Mar 2022 17:34:30 GMT
server
nginx
etag
W/"241e0fb439244dc50c5929c0513a6765"
vary
Accept-Encoding
content-type
text/css
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id
Q6gs8UZ5F8SDHx4I7ECV9C3AnUcQXyn7eFsXRthSyKQCBITGsfYWdA==
expires
Thu, 01 Aug 2024 03:45:06 GMT
initLoginPage.pack.d05a8c2e6bdf6d212b92af4d6b9cfefe.js
ok9static.oktacdn.com/assets/js/mvc/loginpage/ 		204 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ok9static.oktacdn.com/assets/js/mvc/loginpage/initLoginPage.pack.d05a8c2e6bdf6d212b92af4d6b9cfefe.js
Requested by
Host:
URL: OktaUtil.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-19.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mdus-login.eu.nexthink.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 02:37:57 GMT
x-amz-meta-sha1sum
34f075e4d0f6b20eb712a2053d423869bb60771b
content-encoding
gzip
strict-transport-security
max-age=315360000; includeSubDomains
via
1.1 d50d90bbddca57e02d6288d86c88470a.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P2
age
1778221
x-cache
Hit from cloudfront
last-modified
Tue, 11 Jul 2023 18:51:47 GMT
server
nginx
etag
W/"d05a8c2e6bdf6d212b92af4d6b9cfefe"
vary
Accept-Encoding
content-type
application/javascript
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id
EJk90Ifsw81HowoPrmBfi3D70-Mu31NbOSXqteVFjlcZjEV-RODtsQ==
expires
Sat, 27 Jul 2024 02:37:57 GMT
/
mdus.eu.nexthink.cloud/ 		32 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mdus.eu.nexthink.cloud/
Requested by
Host: mdus-login.eu.nexthink.cloud
URL: https://mdus-login.eu.nexthink.cloud/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.116.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-116-146.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
524269362ddf8351b47e25fdfba45cfb4f5fbfd61f6d68c8a05d8c6fe76c09b2
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://js-agent.newrelic.com https://data.insights.nexthink.com https://content.insights.nexthink.com https://app.eu.pendo.io https://pendo-eu-static.storage.googleapis.com https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; style-src 'self' 'unsafe-inline' https://content.insights.nexthink.com https://app.eu.pendo.io https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; img-src 'self' blob: data: https://content.insights.nexthink.com https://data.insights.nexthink.com https://cdn.eu.pendo.io https://app.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; connect-src 'self' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://data.insights.nexthink.com https://app.eu.pendo.io https://data.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; frame-ancestors 'self' https://app.eu.pendo.io; child-src 'self' https://app.eu.pendo.io blob:; font-src 'self' data:; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mdus-login.eu.nexthink.cloud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

allow
GET, POST, HEAD
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-encoding
gzip
content-security-policy
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://js-agent.newrelic.com https://data.insights.nexthink.com https://content.insights.nexthink.com https://app.eu.pendo.io https://pendo-eu-static.storage.googleapis.com https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; style-src 'self' 'unsafe-inline' https://content.insights.nexthink.com https://app.eu.pendo.io https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; img-src 'self' blob: data: https://content.insights.nexthink.com https://data.insights.nexthink.com https://cdn.eu.pendo.io https://app.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; connect-src 'self' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://data.insights.nexthink.com https://app.eu.pendo.io https://data.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; frame-ancestors 'self' https://app.eu.pendo.io; child-src 'self' https://app.eu.pendo.io blob:; font-src 'self' data:; worker-src 'self' blob:;
content-type
text/html; charset=utf-8
date
Thu, 17 Aug 2023 16:34:58 GMT
etag
W/"64c25b0d-8088"
last-modified
Thu, 27 Jul 2023 11:54:53 GMT
referrer-policy
no-referrer
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-security-policy
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
x-content-type-options
nosniff
x-envoy-upstream-service-time
1
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-webkit-csp
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
x-xss-protection
1; mode=block
iframe.html
login.okta.com/discovery/ Frame 372D 		451 B
955 B 		Document
General
Check archive.org
Download Go to
Full URL
https://login.okta.com/discovery/iframe.html
Requested by
Host: ok9static.oktacdn.com
URL: https://ok9static.oktacdn.com/assets/js/mvc/loginpage/initLoginPage.pack.d05a8c2e6bdf6d212b92af4d6b9cfefe.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-7.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://mdus-login.eu.nexthink.cloud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Age
42576
Connection
keep-alive
Content-Length
451
Content-Type
text/html
Date
Thu, 17 Aug 2023 04:45:23 GMT
ETag
"f8b177440411e7269b647ae1012388bb"
Last-Modified
Thu, 01 Jun 2023 17:31:02 GMT
Server
AmazonS3
Strict-Transport-Security
max-age=31536000; includeSubDomains
Via
1.1 6379df80d5ecc173a4813b7bdfb4bbd4.cloudfront.net (CloudFront)
X-Amz-Cf-Id
yFpzTyWvDaZ8rwoPXMLKHyfN6mNedwVTI5VST7Esoiz05zlHe8c1gw==
X-Amz-Cf-Pop
EWR53-C3
X-Cache
Hit from cloudfront
discoveryIframe-88dc7396afa19c320b05.min.js
login.okta.com/lib/ Frame 372D 		96 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.okta.com/lib/discoveryIframe-88dc7396afa19c320b05.min.js
Requested by
Host: login.okta.com
URL: https://login.okta.com/discovery/iframe.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-7.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://login.okta.com/discovery/iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Thu, 17 Aug 2023 09:04:04 GMT
Via
1.1 6379df80d5ecc173a4813b7bdfb4bbd4.cloudfront.net (CloudFront)
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Thu, 01 Jun 2023 17:31:03 GMT
Server
AmazonS3
X-Amz-Cf-Pop
EWR53-C3
Age
27055
ETag
"19953e3854535d02dccdbf809bacf44a"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Content-Length
98194
X-Amz-Cf-Id
J2nFIxsnhFPkjYVlomQ45f_DPfm9N8eR0HYLrrSJ9fPwymTdK0sonA==
new-relic-browser-config.js
mdus.eu.nexthink.cloud/nxaws/product-shell/ 		237 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mdus.eu.nexthink.cloud/nxaws/product-shell/new-relic-browser-config.js?version=1.0.0
Requested by
Host: mdus.eu.nexthink.cloud
URL: https://mdus.eu.nexthink.cloud/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.116.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-116-146.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
41007cca25365e6a00174b3f4a155e7ba866fce519287970c3261cbd7e35ac75
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://js-agent.newrelic.com https://data.insights.nexthink.com https://content.insights.nexthink.com https://app.eu.pendo.io https://pendo-eu-static.storage.googleapis.com https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; style-src 'self' 'unsafe-inline' https://content.insights.nexthink.com https://app.eu.pendo.io https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; img-src 'self' blob: data: https://content.insights.nexthink.com https://data.insights.nexthink.com https://cdn.eu.pendo.io https://app.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; connect-src 'self' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://data.insights.nexthink.com https://app.eu.pendo.io https://data.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; frame-ancestors 'self' https://app.eu.pendo.io; child-src 'self' https://app.eu.pendo.io blob:; font-src 'self' data:; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://mdus.eu.nexthink.cloud
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 16:34:58 GMT
content-security-policy
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://js-agent.newrelic.com https://data.insights.nexthink.com https://content.insights.nexthink.com https://app.eu.pendo.io https://pendo-eu-static.storage.googleapis.com https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; style-src 'self' 'unsafe-inline' https://content.insights.nexthink.com https://app.eu.pendo.io https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; img-src 'self' blob: data: https://content.insights.nexthink.com https://data.insights.nexthink.com https://cdn.eu.pendo.io https://app.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; connect-src 'self' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://data.insights.nexthink.com https://app.eu.pendo.io https://data.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; frame-ancestors 'self' https://app.eu.pendo.io; child-src 'self' https://app.eu.pendo.io blob:; font-src 'self' data:; worker-src 'self' blob:;
x-content-type-options
nosniff
referrer-policy
no-referrer
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains; preload
etag
W/"ed-kpBT7cDuudInHeH30+5w6/xmxzg"
x-frame-options
SAMEORIGIN
allow
GET, POST, HEAD
content-type
text/javascript; charset=utf-8
cache-control
public, immutable, max-age=31536000
x-envoy-upstream-service-time
3
content-length
237
x-xss-protection
1; mode=block
react.production.min-16.9.0.js
mdus.eu.nexthink.cloud/ps/lib/ 		13 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mdus.eu.nexthink.cloud/ps/lib/react.production.min-16.9.0.js
Requested by
Host: mdus.eu.nexthink.cloud
URL: https://mdus.eu.nexthink.cloud/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.116.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-116-146.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
391cd178cdf171d1ffbaee2a203d3bdae7851b9d4939ba10f5b54210cd039882
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://js-agent.newrelic.com https://data.insights.nexthink.com https://content.insights.nexthink.com https://app.eu.pendo.io https://pendo-eu-static.storage.googleapis.com https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; style-src 'self' 'unsafe-inline' https://content.insights.nexthink.com https://app.eu.pendo.io https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; img-src 'self' blob: data: https://content.insights.nexthink.com https://data.insights.nexthink.com https://cdn.eu.pendo.io https://app.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; connect-src 'self' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://data.insights.nexthink.com https://app.eu.pendo.io https://data.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; frame-ancestors 'self' https://app.eu.pendo.io; child-src 'self' https://app.eu.pendo.io blob:; font-src 'self' data:; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://mdus.eu.nexthink.cloud
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 16:34:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://js-agent.newrelic.com https://data.insights.nexthink.com https://content.insights.nexthink.com https://app.eu.pendo.io https://pendo-eu-static.storage.googleapis.com https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; style-src 'self' 'unsafe-inline' https://content.insights.nexthink.com https://app.eu.pendo.io https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; img-src 'self' blob: data: https://content.insights.nexthink.com https://data.insights.nexthink.com https://cdn.eu.pendo.io https://app.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; connect-src 'self' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://data.insights.nexthink.com https://app.eu.pendo.io https://data.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; frame-ancestors 'self' https://app.eu.pendo.io; child-src 'self' https://app.eu.pendo.io blob:; font-src 'self' data:; worker-src 'self' blob:;
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-envoy-upstream-service-time
1
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Thu, 27 Jul 2023 11:54:53 GMT
etag
W/"64c25b0d-33b8"
x-frame-options
SAMEORIGIN
allow
GET, POST, HEAD
content-type
application/javascript; charset=utf-8
cache-control
public, immutable, max-age=31536000
x-webkit-csp
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
x-content-security-policy
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
react-dom.production.min-16.9.0.js
mdus.eu.nexthink.cloud/ps/lib/ 		110 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mdus.eu.nexthink.cloud/ps/lib/react-dom.production.min-16.9.0.js
Requested by
Host: mdus.eu.nexthink.cloud
URL: https://mdus.eu.nexthink.cloud/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.116.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-116-146.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
ab11bcb142c336d213ee6e9c574db61880e421a9a82ac1a5c37fe7f4f721d32e
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://js-agent.newrelic.com https://data.insights.nexthink.com https://content.insights.nexthink.com https://app.eu.pendo.io https://pendo-eu-static.storage.googleapis.com https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; style-src 'self' 'unsafe-inline' https://content.insights.nexthink.com https://app.eu.pendo.io https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; img-src 'self' blob: data: https://content.insights.nexthink.com https://data.insights.nexthink.com https://cdn.eu.pendo.io https://app.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; connect-src 'self' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://data.insights.nexthink.com https://app.eu.pendo.io https://data.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; frame-ancestors 'self' https://app.eu.pendo.io; child-src 'self' https://app.eu.pendo.io blob:; font-src 'self' data:; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://mdus.eu.nexthink.cloud
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 16:34:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://js-agent.newrelic.com https://data.insights.nexthink.com https://content.insights.nexthink.com https://app.eu.pendo.io https://pendo-eu-static.storage.googleapis.com https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; style-src 'self' 'unsafe-inline' https://content.insights.nexthink.com https://app.eu.pendo.io https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; img-src 'self' blob: data: https://content.insights.nexthink.com https://data.insights.nexthink.com https://cdn.eu.pendo.io https://app.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; connect-src 'self' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://data.insights.nexthink.com https://app.eu.pendo.io https://data.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; frame-ancestors 'self' https://app.eu.pendo.io; child-src 'self' https://app.eu.pendo.io blob:; font-src 'self' data:; worker-src 'self' blob:;
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-envoy-upstream-service-time
2
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Thu, 27 Jul 2023 11:53:16 GMT
etag
W/"64c25aac-1b6ce"
x-frame-options
SAMEORIGIN
allow
GET, POST, HEAD
content-type
application/javascript; charset=utf-8
cache-control
public, immutable, max-age=31536000
x-webkit-csp
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
x-content-security-policy
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
highcharts-9.2.2.js
mdus.eu.nexthink.cloud/ps/lib/highcharts/ 		291 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mdus.eu.nexthink.cloud/ps/lib/highcharts/highcharts-9.2.2.js
Requested by
Host: mdus.eu.nexthink.cloud
URL: https://mdus.eu.nexthink.cloud/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.116.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-116-146.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
32500251349a69f3281061abc9ba20a6231151499e209b11c2a4de603ec6ffe5
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://js-agent.newrelic.com https://data.insights.nexthink.com https://content.insights.nexthink.com https://app.eu.pendo.io https://pendo-eu-static.storage.googleapis.com https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; style-src 'self' 'unsafe-inline' https://content.insights.nexthink.com https://app.eu.pendo.io https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; img-src 'self' blob: data: https://content.insights.nexthink.com https://data.insights.nexthink.com https://cdn.eu.pendo.io https://app.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; connect-src 'self' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://data.insights.nexthink.com https://app.eu.pendo.io https://data.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; frame-ancestors 'self' https://app.eu.pendo.io; child-src 'self' https://app.eu.pendo.io blob:; font-src 'self' data:; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://mdus.eu.nexthink.cloud
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 16:34:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://js-agent.newrelic.com https://data.insights.nexthink.com https://content.insights.nexthink.com https://app.eu.pendo.io https://pendo-eu-static.storage.googleapis.com https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; style-src 'self' 'unsafe-inline' https://content.insights.nexthink.com https://app.eu.pendo.io https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; img-src 'self' blob: data: https://content.insights.nexthink.com https://data.insights.nexthink.com https://cdn.eu.pendo.io https://app.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; connect-src 'self' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://data.insights.nexthink.com https://app.eu.pendo.io https://data.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; frame-ancestors 'self' https://app.eu.pendo.io; child-src 'self' https://app.eu.pendo.io blob:; font-src 'self' data:; worker-src 'self' blob:;
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-envoy-upstream-service-time
2
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Thu, 27 Jul 2023 11:54:53 GMT
etag
W/"64c25b0d-48d52"
x-frame-options
SAMEORIGIN
allow
GET, POST, HEAD
content-type
application/javascript; charset=utf-8
cache-control
public, immutable, max-age=31536000
x-webkit-csp
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
x-content-security-policy
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
accessibility-9.2.2.js
mdus.eu.nexthink.cloud/ps/lib/highcharts/ 		111 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mdus.eu.nexthink.cloud/ps/lib/highcharts/accessibility-9.2.2.js
Requested by
Host: mdus.eu.nexthink.cloud
URL: https://mdus.eu.nexthink.cloud/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.116.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-116-146.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
772b077603d928097e004440afc64d75bbc23a97e0ef7dd4d0d1948dddd8b89d
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://js-agent.newrelic.com https://data.insights.nexthink.com https://content.insights.nexthink.com https://app.eu.pendo.io https://pendo-eu-static.storage.googleapis.com https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; style-src 'self' 'unsafe-inline' https://content.insights.nexthink.com https://app.eu.pendo.io https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; img-src 'self' blob: data: https://content.insights.nexthink.com https://data.insights.nexthink.com https://cdn.eu.pendo.io https://app.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; connect-src 'self' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://data.insights.nexthink.com https://app.eu.pendo.io https://data.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; frame-ancestors 'self' https://app.eu.pendo.io; child-src 'self' https://app.eu.pendo.io blob:; font-src 'self' data:; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://mdus.eu.nexthink.cloud
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 16:34:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://js-agent.newrelic.com https://data.insights.nexthink.com https://content.insights.nexthink.com https://app.eu.pendo.io https://pendo-eu-static.storage.googleapis.com https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; style-src 'self' 'unsafe-inline' https://content.insights.nexthink.com https://app.eu.pendo.io https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; img-src 'self' blob: data: https://content.insights.nexthink.com https://data.insights.nexthink.com https://cdn.eu.pendo.io https://app.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; connect-src 'self' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://data.insights.nexthink.com https://app.eu.pendo.io https://data.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; frame-ancestors 'self' https://app.eu.pendo.io; child-src 'self' https://app.eu.pendo.io blob:; font-src 'self' data:; worker-src 'self' blob:;
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-envoy-upstream-service-time
6
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Thu, 27 Jul 2023 11:54:53 GMT
etag
W/"64c25b0d-1baeb"
x-frame-options
SAMEORIGIN
allow
GET, POST, HEAD
content-type
application/javascript; charset=utf-8
cache-control
public, immutable, max-age=31536000
x-webkit-csp
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
x-content-security-policy
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
runtime.7fc6e0ee2a7f826c496f.js
mdus.eu.nexthink.cloud/ps/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mdus.eu.nexthink.cloud/ps/runtime.7fc6e0ee2a7f826c496f.js
Requested by
Host: mdus.eu.nexthink.cloud
URL: https://mdus.eu.nexthink.cloud/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.116.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-116-146.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
eaf19e99f3717c6a96a22bafb2b52eb1c0177ac035012cb187346b143730f27a
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://js-agent.newrelic.com https://data.insights.nexthink.com https://content.insights.nexthink.com https://app.eu.pendo.io https://pendo-eu-static.storage.googleapis.com https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; style-src 'self' 'unsafe-inline' https://content.insights.nexthink.com https://app.eu.pendo.io https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; img-src 'self' blob: data: https://content.insights.nexthink.com https://data.insights.nexthink.com https://cdn.eu.pendo.io https://app.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; connect-src 'self' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://data.insights.nexthink.com https://app.eu.pendo.io https://data.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; frame-ancestors 'self' https://app.eu.pendo.io; child-src 'self' https://app.eu.pendo.io blob:; font-src 'self' data:; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 16:34:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://js-agent.newrelic.com https://data.insights.nexthink.com https://content.insights.nexthink.com https://app.eu.pendo.io https://pendo-eu-static.storage.googleapis.com https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; style-src 'self' 'unsafe-inline' https://content.insights.nexthink.com https://app.eu.pendo.io https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; img-src 'self' blob: data: https://content.insights.nexthink.com https://data.insights.nexthink.com https://cdn.eu.pendo.io https://app.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; connect-src 'self' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://data.insights.nexthink.com https://app.eu.pendo.io https://data.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; frame-ancestors 'self' https://app.eu.pendo.io; child-src 'self' https://app.eu.pendo.io blob:; font-src 'self' data:; worker-src 'self' blob:;
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-envoy-upstream-service-time
1
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Thu, 27 Jul 2023 11:54:53 GMT
etag
W/"64c25b0d-6af"
x-frame-options
SAMEORIGIN
allow
GET, POST, HEAD
content-type
application/javascript; charset=utf-8
cache-control
public, immutable, max-age=31536000
x-webkit-csp
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
x-content-security-policy
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
nxVendor.a8da449069c3ab5908e1.js
mdus.eu.nexthink.cloud/ps/ 		1 MB
392 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mdus.eu.nexthink.cloud/ps/nxVendor.a8da449069c3ab5908e1.js
Requested by
Host: mdus.eu.nexthink.cloud
URL: https://mdus.eu.nexthink.cloud/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.116.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-116-146.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
90b1a5f59fdf925609000aac9693eea2612c2e62bd84804ad1da395cef67658b
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://js-agent.newrelic.com https://data.insights.nexthink.com https://content.insights.nexthink.com https://app.eu.pendo.io https://pendo-eu-static.storage.googleapis.com https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; style-src 'self' 'unsafe-inline' https://content.insights.nexthink.com https://app.eu.pendo.io https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; img-src 'self' blob: data: https://content.insights.nexthink.com https://data.insights.nexthink.com https://cdn.eu.pendo.io https://app.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; connect-src 'self' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://data.insights.nexthink.com https://app.eu.pendo.io https://data.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; frame-ancestors 'self' https://app.eu.pendo.io; child-src 'self' https://app.eu.pendo.io blob:; font-src 'self' data:; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 16:34:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://js-agent.newrelic.com https://data.insights.nexthink.com https://content.insights.nexthink.com https://app.eu.pendo.io https://pendo-eu-static.storage.googleapis.com https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; style-src 'self' 'unsafe-inline' https://content.insights.nexthink.com https://app.eu.pendo.io https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; img-src 'self' blob: data: https://content.insights.nexthink.com https://data.insights.nexthink.com https://cdn.eu.pendo.io https://app.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; connect-src 'self' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://data.insights.nexthink.com https://app.eu.pendo.io https://data.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; frame-ancestors 'self' https://app.eu.pendo.io; child-src 'self' https://app.eu.pendo.io blob:; font-src 'self' data:; worker-src 'self' blob:;
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-envoy-upstream-service-time
2
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Thu, 27 Jul 2023 11:53:16 GMT
etag
W/"64c25aac-1342ef"
x-frame-options
SAMEORIGIN
allow
GET, POST, HEAD
content-type
application/javascript; charset=utf-8
cache-control
public, immutable, max-age=31536000
x-webkit-csp
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
x-content-security-policy
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
vendor.74b558e397a0212db604.js
mdus.eu.nexthink.cloud/ps/ 		402 KB
148 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mdus.eu.nexthink.cloud/ps/vendor.74b558e397a0212db604.js
Requested by
Host: mdus.eu.nexthink.cloud
URL: https://mdus.eu.nexthink.cloud/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.116.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-116-146.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
35333a6ae8caf8d43fd0ced892900123516440bd2bf2740ea976cfed147c6ec0
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://js-agent.newrelic.com https://data.insights.nexthink.com https://content.insights.nexthink.com https://app.eu.pendo.io https://pendo-eu-static.storage.googleapis.com https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; style-src 'self' 'unsafe-inline' https://content.insights.nexthink.com https://app.eu.pendo.io https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; img-src 'self' blob: data: https://content.insights.nexthink.com https://data.insights.nexthink.com https://cdn.eu.pendo.io https://app.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; connect-src 'self' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://data.insights.nexthink.com https://app.eu.pendo.io https://data.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; frame-ancestors 'self' https://app.eu.pendo.io; child-src 'self' https://app.eu.pendo.io blob:; font-src 'self' data:; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 16:34:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://js-agent.newrelic.com https://data.insights.nexthink.com https://content.insights.nexthink.com https://app.eu.pendo.io https://pendo-eu-static.storage.googleapis.com https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; style-src 'self' 'unsafe-inline' https://content.insights.nexthink.com https://app.eu.pendo.io https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; img-src 'self' blob: data: https://content.insights.nexthink.com https://data.insights.nexthink.com https://cdn.eu.pendo.io https://app.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; connect-src 'self' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://data.insights.nexthink.com https://app.eu.pendo.io https://data.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; frame-ancestors 'self' https://app.eu.pendo.io; child-src 'self' https://app.eu.pendo.io blob:; font-src 'self' data:; worker-src 'self' blob:;
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-envoy-upstream-service-time
2
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Thu, 27 Jul 2023 11:54:53 GMT
etag
W/"64c25b0d-649c5"
x-frame-options
SAMEORIGIN
allow
GET, POST, HEAD
content-type
application/javascript; charset=utf-8
cache-control
public, immutable, max-age=31536000
x-webkit-csp
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
x-content-security-policy
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
productShell.8eb36c1392bab55ce452.js
mdus.eu.nexthink.cloud/ps/ 		200 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mdus.eu.nexthink.cloud/ps/productShell.8eb36c1392bab55ce452.js
Requested by
Host: mdus.eu.nexthink.cloud
URL: https://mdus.eu.nexthink.cloud/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.116.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-116-146.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
458a39a61c8f8303f37986cb6e69ec250a587c22285e4db459d5f138a052b887
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://js-agent.newrelic.com https://data.insights.nexthink.com https://content.insights.nexthink.com https://app.eu.pendo.io https://pendo-eu-static.storage.googleapis.com https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; style-src 'self' 'unsafe-inline' https://content.insights.nexthink.com https://app.eu.pendo.io https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; img-src 'self' blob: data: https://content.insights.nexthink.com https://data.insights.nexthink.com https://cdn.eu.pendo.io https://app.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; connect-src 'self' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://data.insights.nexthink.com https://app.eu.pendo.io https://data.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; frame-ancestors 'self' https://app.eu.pendo.io; child-src 'self' https://app.eu.pendo.io blob:; font-src 'self' data:; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 16:34:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://js-agent.newrelic.com https://data.insights.nexthink.com https://content.insights.nexthink.com https://app.eu.pendo.io https://pendo-eu-static.storage.googleapis.com https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; style-src 'self' 'unsafe-inline' https://content.insights.nexthink.com https://app.eu.pendo.io https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; img-src 'self' blob: data: https://content.insights.nexthink.com https://data.insights.nexthink.com https://cdn.eu.pendo.io https://app.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; connect-src 'self' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://data.insights.nexthink.com https://app.eu.pendo.io https://data.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; frame-ancestors 'self' https://app.eu.pendo.io; child-src 'self' https://app.eu.pendo.io blob:; font-src 'self' data:; worker-src 'self' blob:;
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-envoy-upstream-service-time
2
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Thu, 27 Jul 2023 11:53:16 GMT
etag
W/"64c25aac-31f72"
x-frame-options
SAMEORIGIN
allow
GET, POST, HEAD
content-type
application/javascript; charset=utf-8
cache-control
public, immutable, max-age=31536000
x-webkit-csp
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
x-content-security-policy
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
pendo.js
content.insights.nexthink.com/agent/static/1a612c3e-c872-4dbb-4aba-3a4830d1951a/ 		418 KB
139 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.insights.nexthink.com/agent/static/1a612c3e-c872-4dbb-4aba-3a4830d1951a/pendo.js
Requested by
Host: mdus.eu.nexthink.cloud
URL: https://mdus.eu.nexthink.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.158.97 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
97.158.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 16:27:35 GMT
content-encoding
gzip
age
445
x-guploader-uploadid
ADPycdume4FeaJffVddyoEWAR55or87pXMAm1MfECMrLvOa6DMd9yHXdFCgm1QBLJoFUBcl3Fh_3dRMJOxCenmIxVFjD0Q
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141653
last-modified
Wed, 16 Aug 2023 15:09:38 GMT
server
UploadServer
etag
"4cb039f7418428dcd29b3fd77f5f26eb"
vary
Accept-Encoding
x-goog-generation
1692198578214649
x-goog-hash
crc32c=XKQirg==, md5=TLA590GEKNzSmz/Xf18m6w==
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=450,public
x-goog-stored-content-length
141653
accept-ranges
bytes
content-type
application/javascript
PortalServlet
mdus.eu.nexthink.cloud/ 		73 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mdus.eu.nexthink.cloud/PortalServlet
Requested by
Host: mdus.eu.nexthink.cloud
URL: https://mdus.eu.nexthink.cloud/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.116.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-116-146.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://js-agent.newrelic.com https://data.insights.nexthink.com https://content.insights.nexthink.com https://app.eu.pendo.io https://pendo-eu-static.storage.googleapis.com https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; style-src 'self' 'unsafe-inline' https://content.insights.nexthink.com https://app.eu.pendo.io https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; img-src 'self' blob: data: https://content.insights.nexthink.com https://data.insights.nexthink.com https://cdn.eu.pendo.io https://app.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; connect-src 'self' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://data.insights.nexthink.com https://app.eu.pendo.io https://data.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; frame-ancestors 'self' https://app.eu.pendo.io; child-src 'self' https://app.eu.pendo.io blob:; font-src 'self' data:; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

tracestate
2729005@nr=0-1-2820182-Trusted key for NR Browser app-e0c00865ff908129----1692290099828
traceparent
00-94351acbe55b40961024877630946c0c-e0c00865ff908129-01
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI4MjAxODIiLCJhcCI6IlRydXN0ZWQga2V5IGZvciBOUiBCcm93c2VyIGFwcCIsImlkIjoiZTBjMDA4NjVmZjkwODEyOSIsInRyIjoiOTQzNTFhY2JlNTViNDA5NjEwMjQ4Nzc2MzA5NDZjMGMiLCJ0aSI6MTY5MjI5MDA5OTgyOCwidGsiOiIyNzI5MDA1In19
Content-Type
application/x-www-form-urlencoded;charset=UTF-8
Accept
application/json, text/plain, */*
Referer

Response headers

date
Thu, 17 Aug 2023 16:34:59 GMT
content-security-policy
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://js-agent.newrelic.com https://data.insights.nexthink.com https://content.insights.nexthink.com https://app.eu.pendo.io https://pendo-eu-static.storage.googleapis.com https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; style-src 'self' 'unsafe-inline' https://content.insights.nexthink.com https://app.eu.pendo.io https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; img-src 'self' blob: data: https://content.insights.nexthink.com https://data.insights.nexthink.com https://cdn.eu.pendo.io https://app.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; connect-src 'self' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://data.insights.nexthink.com https://app.eu.pendo.io https://data.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; frame-ancestors 'self' https://app.eu.pendo.io; child-src 'self' https://app.eu.pendo.io blob:; font-src 'self' data:; worker-src 'self' blob:;
x-content-type-options
nosniff
referrer-policy
no-referrer
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-frame-options
SAMEORIGIN
allow
GET, POST, HEAD
content-type
application/json
cache-control
must-revalidate,no-cache,no-store, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
73
x-xss-protection
1; mode=block
2505c0d4b34ffca98f8f.woff2
mdus.eu.nexthink.cloud/ps/assets/ 		98 KB
99 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://mdus.eu.nexthink.cloud/ps/assets/2505c0d4b34ffca98f8f.woff2
Requested by
Host: mdus.eu.nexthink.cloud
URL: https://mdus.eu.nexthink.cloud/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.116.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-116-146.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://js-agent.newrelic.com https://data.insights.nexthink.com https://content.insights.nexthink.com https://app.eu.pendo.io https://pendo-eu-static.storage.googleapis.com https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; style-src 'self' 'unsafe-inline' https://content.insights.nexthink.com https://app.eu.pendo.io https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; img-src 'self' blob: data: https://content.insights.nexthink.com https://data.insights.nexthink.com https://cdn.eu.pendo.io https://app.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; connect-src 'self' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://data.insights.nexthink.com https://app.eu.pendo.io https://data.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; frame-ancestors 'self' https://app.eu.pendo.io; child-src 'self' https://app.eu.pendo.io blob:; font-src 'self' data:; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mdus.eu.nexthink.cloud/
Origin
https://mdus.eu.nexthink.cloud
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 16:34:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://js-agent.newrelic.com https://data.insights.nexthink.com https://content.insights.nexthink.com https://app.eu.pendo.io https://pendo-eu-static.storage.googleapis.com https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; style-src 'self' 'unsafe-inline' https://content.insights.nexthink.com https://app.eu.pendo.io https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; img-src 'self' blob: data: https://content.insights.nexthink.com https://data.insights.nexthink.com https://cdn.eu.pendo.io https://app.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; connect-src 'self' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://data.insights.nexthink.com https://app.eu.pendo.io https://data.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; frame-ancestors 'self' https://app.eu.pendo.io; child-src 'self' https://app.eu.pendo.io blob:; font-src 'self' data:; worker-src 'self' blob:;
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-envoy-upstream-service-time
1
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Thu, 27 Jul 2023 11:54:53 GMT
etag
W/"64c25b0d-18810"
x-frame-options
SAMEORIGIN
allow
GET, POST, HEAD
content-type
text/plain; charset=utf-8
cache-control
public, immutable, max-age=31536000
x-webkit-csp
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
x-content-security-policy
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
logout
mdus.eu.nexthink.cloud/login/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mdus.eu.nexthink.cloud/login/logout
Requested by
Host: mdus.eu.nexthink.cloud
URL: https://mdus.eu.nexthink.cloud/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.116.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-116-146.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
application/json, text/plain, */*
Referer
tracestate
2729005@nr=0-1-2820182-Trusted key for NR Browser app-0eb9facc7530b805----1692290099954
traceparent
00-e96faee5a1a5afccbbf75bfd50c8ba2f-0eb9facc7530b805-01
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI4MjAxODIiLCJhcCI6IlRydXN0ZWQga2V5IGZvciBOUiBCcm93c2VyIGFwcCIsImlkIjoiMGViOWZhY2M3NTMwYjgwNSIsInRyIjoiZTk2ZmFlZTVhMWE1YWZjY2JiZjc1YmZkNTBjOGJhMmYiLCJ0aSI6MTY5MjI5MDA5OTk1NCwidGsiOiIyNzI5MDA1In19

Response headers

date
Thu, 17 Aug 2023 16:35:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
etag
"64b98c72-6b2"
content-length
1714
allow
GET, POST, HEAD
content-type
text/html
login.htm
mdus-login.eu.nexthink.cloud/login/
Redirect Chain
  • https://mdus.eu.nexthink.cloud/hierarchy?redirectTo=%2F
  • https://mdus.eu.nexthink.cloud/saml/redirect?redirectTo=%2F
  • https://mdus-login.eu.nexthink.cloud/app/nx-mdus_nexthink_1/exk8biuymfJlfaZ3l417/sso/saml?SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&SAMLRequest=jVLbbtswDP0VQ%2B%2ByfMnF...
  • https://mdus-login.eu.nexthink.cloud/login/login.htm?fromURI=%2Fapp%2Fnx-mdus_nexthink_1%2Fexk8biuymfJlfaZ3l417%2Fsso%2Fsaml%3FSigAlg%3Dhttp%253A%252F%252Fwww.w3.org%252F2001%252F04%252Fxmldsig-mor...
8 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mdus-login.eu.nexthink.cloud/login/login.htm?fromURI=%2Fapp%2Fnx-mdus_nexthink_1%2Fexk8biuymfJlfaZ3l417%2Fsso%2Fsaml%3FSigAlg%3Dhttp%253A%252F%252Fwww.w3.org%252F2001%252F04%252Fxmldsig-more%2523rsa-sha256%26SAMLRequest%3DjVLbbtswDP0VQ%252B%252ByfMnFE5IAXrOh2bo0aLxi6Euh2EwjVJY8UWrTv6%252FstEALbEUfSZ5DHh5yhqJVHS%252B9O%252Bgr%252BOsBXXRslUY%252BFObEW82NQIlcixaQu5pvy18XPIsT3lnjTG0UeUP5mCEQwTppNIlWyzlZf%252FtTna%252FWP5MGxtNsVNBskhZ0lBQ5LSY7Qfdf6nGW7ab5OBckugaLgTonoVPgI3pYaXRCu5BKspwmBU2nVTrh%252BZgnyQ2JNtY8yAbsOggJ0%252BDoDlLfR9uSRMuwqdTCDQ0PznXIGWsbj1SZO6lj8LF%252Bwce1Mr5houuYPtIec%252Ftauk0ZHO%252BLnfRP7f6H2oubXI3SKUM0rHdjkDB49FXqRuq7j%252B3ZnUDIz6tqQzeX24pE5atlZ0ajb8FuwT7IGn5fXbwX%252Fg%252FJvQT2KN1BhPuSxayP%252BWCcXXyCOmNvCbPTq%252FRerpYbo2T9FH03thXu%252F0ulcTpkZEP3A5RDK6Qqm8YCYlhOKfN4ZkG4cB9nPZCILU5j3z%252Fl4hk%253D%26RelayState%3D%25257B%252522finder%252522%25253Afalse%25252C%252522uuid%252522%25253A%252522c30ff8aa-dafd-469c-b8ec-e9fa4a21180c%252522%25252C%252522redirectTo%252522%25253A%252522%25252F%252522%25257D%26Signature%3DFDWFQjMhUEmTI91g9XDk11TB7jdq62C3M71ZkYTnRDD6WbVewXy%252BjVfZPaMkoQki2GAFTY3WURgACHXwK3zeVE9Z%252FudInys2gAM2taFU6REgZREE%252B6iIILlyiqFsVbc0KQfgv4KcEPtHgGLG3HvRVAAi0bXEXT5V0crowRg1dBrwLz1cWALKNj%252BEaiFNyvpnha5rtCicwfJPNhOT2mld6Ts8wEHQ3WOF0o9nXOQcB6dQEo2ugb46A%252FJjlhQDQlEX1zXV4gcPTobEseaYqpk01%252B%252F8d8DLl%252F0kgCuVrMe7Dx7KSv%252B4PAmhosqOFwnmh%252B4f1TJE%252FZIva9UtLpspfSK50VzoYNKL7PfxHYgo57D6abQVovmsKbwVpxqgl2qiilpQsMxT8pV7nxyeCYqqvf64RI7fjdRtAf1wWSYS97Ezyx5K2NdFG5laXy4GfLAymWrKUNX5VNZszGfCjN20BpGF2l21rjNQi%252FNt7khP2c9jTVsuUhwifsB7Yd6yckmRGviigYPZRn3AAdq1cderG2%252FFdoQV3R%252FDyZtieLZse3tJ%252F0BB6HkicL94mJ1i2zT%252FowroYgymP98oHgA7p49Pl8ZxIt%252BKjbuHX0bV74RYHRVoSOUF38lgpHu8nVYbVkKIdAoGOSxsO3SphV7oRu8Fi8dXSBvSyZTs98C1jBejUjIlYxg%253D
Requested by
Host: mdus.eu.nexthink.cloud
URL: https://mdus.eu.nexthink.cloud/ps/productShell.8eb36c1392bab55ce452.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.195.200 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ac4b547508e00da8e.awsglobalaccelerator.com
Software
nginx /
Resource Hash
c47f3ee2b4abca5e4b23b14f63c9e3e8d901ed873368a4fd95d124b64464d2fd
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://mdus.eu.nexthink.cloud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Type
text/html;charset=utf-8
Date
Thu, 17 Aug 2023 16:35:00 GMT
Keep-Alive
timeout=5, max=97
Server
nginx
Strict-Transport-Security
max-age=315360000; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Robots-Tag
noindex,nofollow
cache-control
no-cache, no-store
content-language
en
content-security-policy
frame-ancestors 'self'
content-security-policy-report-only
default-src 'self' nx-mdus.okta.com mdus-login.eu.nexthink.cloud *.oktacdn.com; connect-src 'self' nx-mdus.okta.com nx-mdus-admin.okta.com mdus-login.eu.nexthink.cloud *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com *.mtls.okta.com nx-mdus.kerberos.okta.com nx-mdus.mtls.okta.com https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' nx-mdus.okta.com mdus-login.eu.nexthink.cloud *.oktacdn.com; style-src 'unsafe-inline' 'self' nx-mdus.okta.com mdus-login.eu.nexthink.cloud *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' nx-mdus.okta.com nx-mdus-admin.okta.com mdus-login.eu.nexthink.cloud login.okta.com; img-src 'self' nx-mdus.okta.com mdus-login.eu.nexthink.cloud *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' nx-mdus.okta.com mdus-login.eu.nexthink.cloud data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
expires
0
p3p
CP="HONK"
pragma
no-cache
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-okta-request-id
ZN5MNBbhBaSaW2NPmkiymAAAAbI
x-rate-limit-limit
60
x-rate-limit-remaining
59
x-rate-limit-reset
1692290160
x-xss-protection
0

Redirect headers

Connection
Keep-Alive
Content-Length
0
Date
Thu, 17 Aug 2023 16:35:00 GMT
Keep-Alive
timeout=5, max=98
Server
nginx
Strict-Transport-Security
max-age=315360000; includeSubDomains
X-Robots-Tag
noindex,nofollow
content-language
en
content-security-policy
frame-ancestors 'self'
content-security-policy-report-only
default-src 'self' nx-mdus.okta.com mdus-login.eu.nexthink.cloud *.oktacdn.com; connect-src 'self' nx-mdus.okta.com nx-mdus-admin.okta.com mdus-login.eu.nexthink.cloud *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com *.mtls.okta.com nx-mdus.kerberos.okta.com https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' nx-mdus.okta.com mdus-login.eu.nexthink.cloud *.oktacdn.com; style-src 'unsafe-inline' 'self' nx-mdus.okta.com mdus-login.eu.nexthink.cloud *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' nx-mdus.okta.com nx-mdus-admin.okta.com mdus-login.eu.nexthink.cloud login.okta.com; img-src 'self' nx-mdus.okta.com mdus-login.eu.nexthink.cloud *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' nx-mdus.okta.com mdus-login.eu.nexthink.cloud data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
location
https://mdus-login.eu.nexthink.cloud/login/login.htm?fromURI=%2Fapp%2Fnx-mdus_nexthink_1%2Fexk8biuymfJlfaZ3l417%2Fsso%2Fsaml%3FSigAlg%3Dhttp%253A%252F%252Fwww.w3.org%252F2001%252F04%252Fxmldsig-more%2523rsa-sha256%26SAMLRequest%3DjVLbbtswDP0VQ%252B%252ByfMnFE5IAXrOh2bo0aLxi6Euh2EwjVJY8UWrTv6%252FstEALbEUfSZ5DHh5yhqJVHS%252B9O%252Bgr%252BOsBXXRslUY%252BFObEW82NQIlcixaQu5pvy18XPIsT3lnjTG0UeUP5mCEQwTppNIlWyzlZf%252FtTna%252FWP5MGxtNsVNBskhZ0lBQ5LSY7Qfdf6nGW7ab5OBckugaLgTonoVPgI3pYaXRCu5BKspwmBU2nVTrh%252BZgnyQ2JNtY8yAbsOggJ0%252BDoDlLfR9uSRMuwqdTCDQ0PznXIGWsbj1SZO6lj8LF%252Bwce1Mr5houuYPtIec%252Ftauk0ZHO%252BLnfRP7f6H2oubXI3SKUM0rHdjkDB49FXqRuq7j%252B3ZnUDIz6tqQzeX24pE5atlZ0ajb8FuwT7IGn5fXbwX%252Fg%252FJvQT2KN1BhPuSxayP%252BWCcXXyCOmNvCbPTq%252FRerpYbo2T9FH03thXu%252F0ulcTpkZEP3A5RDK6Qqm8YCYlhOKfN4ZkG4cB9nPZCILU5j3z%252Fl4hk%253D%26RelayState%3D%25257B%252522finder%252522%25253Afalse%25252C%252522uuid%252522%25253A%252522c30ff8aa-dafd-469c-b8ec-e9fa4a21180c%252522%25252C%252522redirectTo%252522%25253A%252522%25252F%252522%25257D%26Signature%3DFDWFQjMhUEmTI91g9XDk11TB7jdq62C3M71ZkYTnRDD6WbVewXy%252BjVfZPaMkoQki2GAFTY3WURgACHXwK3zeVE9Z%252FudInys2gAM2taFU6REgZREE%252B6iIILlyiqFsVbc0KQfgv4KcEPtHgGLG3HvRVAAi0bXEXT5V0crowRg1dBrwLz1cWALKNj%252BEaiFNyvpnha5rtCicwfJPNhOT2mld6Ts8wEHQ3WOF0o9nXOQcB6dQEo2ugb46A%252FJjlhQDQlEX1zXV4gcPTobEseaYqpk01%252B%252F8d8DLl%252F0kgCuVrMe7Dx7KSv%252B4PAmhosqOFwnmh%252B4f1TJE%252FZIva9UtLpspfSK50VzoYNKL7PfxHYgo57D6abQVovmsKbwVpxqgl2qiilpQsMxT8pV7nxyeCYqqvf64RI7fjdRtAf1wWSYS97Ezyx5K2NdFG5laXy4GfLAymWrKUNX5VNZszGfCjN20BpGF2l21rjNQi%252FNt7khP2c9jTVsuUhwifsB7Yd6yckmRGviigYPZRn3AAdq1cderG2%252FFdoQV3R%252FDyZtieLZse3tJ%252F0BB6HkicL94mJ1i2zT%252FowroYgymP98oHgA7p49Pl8ZxIt%252BKjbuHX0bV74RYHRVoSOUF38lgpHu8nVYbVkKIdAoGOSxsO3SphV7oRu8Fi8dXSBvSyZTs98C1jBejUjIlYxg%253D
p3p
CP="HONK"
x-okta-request-id
ZN5MNBbhBaSaW2NPmkiylQAAAbI
x-xss-protection
0
jquery-1.12.4.2ef93d9aedc4198ec425a799a371292d.js
ok9static.oktacdn.com/assets/js/ 		289 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ok9static.oktacdn.com/assets/js/jquery-1.12.4.2ef93d9aedc4198ec425a799a371292d.js
Requested by
Host: mdus-login.eu.nexthink.cloud
URL: https://mdus-login.eu.nexthink.cloud/login/login.htm?fromURI=%2Fapp%2Fnx-mdus_nexthink_1%2Fexk8biuymfJlfaZ3l417%2Fsso%2Fsaml%3FSigAlg%3Dhttp%253A%252F%252Fwww.w3.org%252F2001%252F04%252Fxmldsig-more%2523rsa-sha256%26SAMLRequest%3DjVLbbtswDP0VQ%252B%252ByfMnFE5IAXrOh2bo0aLxi6Euh2EwjVJY8UWrTv6%252FstEALbEUfSZ5DHh5yhqJVHS%252B9O%252Bgr%252BOsBXXRslUY%252BFObEW82NQIlcixaQu5pvy18XPIsT3lnjTG0UeUP5mCEQwTppNIlWyzlZf%252FtTna%252FWP5MGxtNsVNBskhZ0lBQ5LSY7Qfdf6nGW7ab5OBckugaLgTonoVPgI3pYaXRCu5BKspwmBU2nVTrh%252BZgnyQ2JNtY8yAbsOggJ0%252BDoDlLfR9uSRMuwqdTCDQ0PznXIGWsbj1SZO6lj8LF%252Bwce1Mr5houuYPtIec%252Ftauk0ZHO%252BLnfRP7f6H2oubXI3SKUM0rHdjkDB49FXqRuq7j%252B3ZnUDIz6tqQzeX24pE5atlZ0ajb8FuwT7IGn5fXbwX%252Fg%252FJvQT2KN1BhPuSxayP%252BWCcXXyCOmNvCbPTq%252FRerpYbo2T9FH03thXu%252F0ulcTpkZEP3A5RDK6Qqm8YCYlhOKfN4ZkG4cB9nPZCILU5j3z%252Fl4hk%253D%26RelayState%3D%25257B%252522finder%252522%25253Afalse%25252C%252522uuid%252522%25253A%252522c30ff8aa-dafd-469c-b8ec-e9fa4a21180c%252522%25252C%252522redirectTo%252522%25253A%252522%25252F%252522%25257D%26Signature%3DFDWFQjMhUEmTI91g9XDk11TB7jdq62C3M71ZkYTnRDD6WbVewXy%252BjVfZPaMkoQki2GAFTY3WURgACHXwK3zeVE9Z%252FudInys2gAM2taFU6REgZREE%252B6iIILlyiqFsVbc0KQfgv4KcEPtHgGLG3HvRVAAi0bXEXT5V0crowRg1dBrwLz1cWALKNj%252BEaiFNyvpnha5rtCicwfJPNhOT2mld6Ts8wEHQ3WOF0o9nXOQcB6dQEo2ugb46A%252FJjlhQDQlEX1zXV4gcPTobEseaYqpk01%252B%252F8d8DLl%252F0kgCuVrMe7Dx7KSv%252B4PAmhosqOFwnmh%252B4f1TJE%252FZIva9UtLpspfSK50VzoYNKL7PfxHYgo57D6abQVovmsKbwVpxqgl2qiilpQsMxT8pV7nxyeCYqqvf64RI7fjdRtAf1wWSYS97Ezyx5K2NdFG5laXy4GfLAymWrKUNX5VNZszGfCjN20BpGF2l21rjNQi%252FNt7khP2c9jTVsuUhwifsB7Yd6yckmRGviigYPZRn3AAdq1cderG2%252FFdoQV3R%252FDyZtieLZse3tJ%252F0BB6HkicL94mJ1i2zT%252FowroYgymP98oHgA7p49Pl8ZxIt%252BKjbuHX0bV74RYHRVoSOUF38lgpHu8nVYbVkKIdAoGOSxsO3SphV7oRu8Fi8dXSBvSyZTs98C1jBejUjIlYxg%253D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-19.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
43e51f129fb6eb0f52aee5fb4857f14796f9a5b38e66f445658db1ac1fb7298e
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

Referer
https://mdus-login.eu.nexthink.cloud/
Origin
https://mdus-login.eu.nexthink.cloud
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-meta-sha1sum
26667ee897b9e91a9b54c3d4aa445649aa92543d
strict-transport-security
max-age=315360000; includeSubDomains
content-encoding
gzip
date
Sun, 13 Aug 2023 08:46:55 GMT
via
1.1 c4ce298584668e99f320a46c88c4a04a.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P2
age
373686
x-cache
Hit from cloudfront
last-modified
Tue, 06 Dec 2022 19:28:37 GMT
server
nginx
etag
W/"2ef93d9aedc4198ec425a799a371292d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id
jOicHf_DD8hbSxaUsF8Zazl8Ya_Ta9-QILcB9MsQCL_jd18vOMab0w==
expires
Mon, 12 Aug 2024 08:46:55 GMT
interstitial.feb135ed7f21adf41b7543c04f346635.css
ok9static.oktacdn.com/assets/css/sections/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ok9static.oktacdn.com/assets/css/sections/interstitial.feb135ed7f21adf41b7543c04f346635.css
Requested by
Host: mdus-login.eu.nexthink.cloud
URL: https://mdus-login.eu.nexthink.cloud/login/login.htm?fromURI=%2Fapp%2Fnx-mdus_nexthink_1%2Fexk8biuymfJlfaZ3l417%2Fsso%2Fsaml%3FSigAlg%3Dhttp%253A%252F%252Fwww.w3.org%252F2001%252F04%252Fxmldsig-more%2523rsa-sha256%26SAMLRequest%3DjVLbbtswDP0VQ%252B%252ByfMnFE5IAXrOh2bo0aLxi6Euh2EwjVJY8UWrTv6%252FstEALbEUfSZ5DHh5yhqJVHS%252B9O%252Bgr%252BOsBXXRslUY%252BFObEW82NQIlcixaQu5pvy18XPIsT3lnjTG0UeUP5mCEQwTppNIlWyzlZf%252FtTna%252FWP5MGxtNsVNBskhZ0lBQ5LSY7Qfdf6nGW7ab5OBckugaLgTonoVPgI3pYaXRCu5BKspwmBU2nVTrh%252BZgnyQ2JNtY8yAbsOggJ0%252BDoDlLfR9uSRMuwqdTCDQ0PznXIGWsbj1SZO6lj8LF%252Bwce1Mr5houuYPtIec%252Ftauk0ZHO%252BLnfRP7f6H2oubXI3SKUM0rHdjkDB49FXqRuq7j%252B3ZnUDIz6tqQzeX24pE5atlZ0ajb8FuwT7IGn5fXbwX%252Fg%252FJvQT2KN1BhPuSxayP%252BWCcXXyCOmNvCbPTq%252FRerpYbo2T9FH03thXu%252F0ulcTpkZEP3A5RDK6Qqm8YCYlhOKfN4ZkG4cB9nPZCILU5j3z%252Fl4hk%253D%26RelayState%3D%25257B%252522finder%252522%25253Afalse%25252C%252522uuid%252522%25253A%252522c30ff8aa-dafd-469c-b8ec-e9fa4a21180c%252522%25252C%252522redirectTo%252522%25253A%252522%25252F%252522%25257D%26Signature%3DFDWFQjMhUEmTI91g9XDk11TB7jdq62C3M71ZkYTnRDD6WbVewXy%252BjVfZPaMkoQki2GAFTY3WURgACHXwK3zeVE9Z%252FudInys2gAM2taFU6REgZREE%252B6iIILlyiqFsVbc0KQfgv4KcEPtHgGLG3HvRVAAi0bXEXT5V0crowRg1dBrwLz1cWALKNj%252BEaiFNyvpnha5rtCicwfJPNhOT2mld6Ts8wEHQ3WOF0o9nXOQcB6dQEo2ugb46A%252FJjlhQDQlEX1zXV4gcPTobEseaYqpk01%252B%252F8d8DLl%252F0kgCuVrMe7Dx7KSv%252B4PAmhosqOFwnmh%252B4f1TJE%252FZIva9UtLpspfSK50VzoYNKL7PfxHYgo57D6abQVovmsKbwVpxqgl2qiilpQsMxT8pV7nxyeCYqqvf64RI7fjdRtAf1wWSYS97Ezyx5K2NdFG5laXy4GfLAymWrKUNX5VNZszGfCjN20BpGF2l21rjNQi%252FNt7khP2c9jTVsuUhwifsB7Yd6yckmRGviigYPZRn3AAdq1cderG2%252FFdoQV3R%252FDyZtieLZse3tJ%252F0BB6HkicL94mJ1i2zT%252FowroYgymP98oHgA7p49Pl8ZxIt%252BKjbuHX0bV74RYHRVoSOUF38lgpHu8nVYbVkKIdAoGOSxsO3SphV7oRu8Fi8dXSBvSyZTs98C1jBejUjIlYxg%253D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-19.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
362334ea318c3797894fe20715a4aa04d56c94ca0853ceeb0898dca803c3d159
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mdus-login.eu.nexthink.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-meta-sha1sum
d1175a250e20657a3e18ccfca2fb14a9e792cb6e
strict-transport-security
max-age=315360000; includeSubDomains
content-encoding
gzip
date
Fri, 11 Aug 2023 10:00:45 GMT
via
1.1 d50d90bbddca57e02d6288d86c88470a.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P2
age
542058
x-cache
Hit from cloudfront
last-modified
Tue, 11 Apr 2023 17:41:30 GMT
server
nginx
etag
W/"feb135ed7f21adf41b7543c04f346635"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id
1Vdvjz1ug1yFBzIxEFOU14WApzj6m-__jdrZu__LWee7AWb3fxtnSg==
expires
Sat, 10 Aug 2024 10:00:42 GMT
interstitial.474dce61acfac4a4d016921943cf2a68.js
ok9static.oktacdn.com/assets/js/app/sso/ 		678 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ok9static.oktacdn.com/assets/js/app/sso/interstitial.474dce61acfac4a4d016921943cf2a68.js
Requested by
Host: mdus-login.eu.nexthink.cloud
URL: https://mdus-login.eu.nexthink.cloud/login/login.htm?fromURI=%2Fapp%2Fnx-mdus_nexthink_1%2Fexk8biuymfJlfaZ3l417%2Fsso%2Fsaml%3FSigAlg%3Dhttp%253A%252F%252Fwww.w3.org%252F2001%252F04%252Fxmldsig-more%2523rsa-sha256%26SAMLRequest%3DjVLbbtswDP0VQ%252B%252ByfMnFE5IAXrOh2bo0aLxi6Euh2EwjVJY8UWrTv6%252FstEALbEUfSZ5DHh5yhqJVHS%252B9O%252Bgr%252BOsBXXRslUY%252BFObEW82NQIlcixaQu5pvy18XPIsT3lnjTG0UeUP5mCEQwTppNIlWyzlZf%252FtTna%252FWP5MGxtNsVNBskhZ0lBQ5LSY7Qfdf6nGW7ab5OBckugaLgTonoVPgI3pYaXRCu5BKspwmBU2nVTrh%252BZgnyQ2JNtY8yAbsOggJ0%252BDoDlLfR9uSRMuwqdTCDQ0PznXIGWsbj1SZO6lj8LF%252Bwce1Mr5houuYPtIec%252Ftauk0ZHO%252BLnfRP7f6H2oubXI3SKUM0rHdjkDB49FXqRuq7j%252B3ZnUDIz6tqQzeX24pE5atlZ0ajb8FuwT7IGn5fXbwX%252Fg%252FJvQT2KN1BhPuSxayP%252BWCcXXyCOmNvCbPTq%252FRerpYbo2T9FH03thXu%252F0ulcTpkZEP3A5RDK6Qqm8YCYlhOKfN4ZkG4cB9nPZCILU5j3z%252Fl4hk%253D%26RelayState%3D%25257B%252522finder%252522%25253Afalse%25252C%252522uuid%252522%25253A%252522c30ff8aa-dafd-469c-b8ec-e9fa4a21180c%252522%25252C%252522redirectTo%252522%25253A%252522%25252F%252522%25257D%26Signature%3DFDWFQjMhUEmTI91g9XDk11TB7jdq62C3M71ZkYTnRDD6WbVewXy%252BjVfZPaMkoQki2GAFTY3WURgACHXwK3zeVE9Z%252FudInys2gAM2taFU6REgZREE%252B6iIILlyiqFsVbc0KQfgv4KcEPtHgGLG3HvRVAAi0bXEXT5V0crowRg1dBrwLz1cWALKNj%252BEaiFNyvpnha5rtCicwfJPNhOT2mld6Ts8wEHQ3WOF0o9nXOQcB6dQEo2ugb46A%252FJjlhQDQlEX1zXV4gcPTobEseaYqpk01%252B%252F8d8DLl%252F0kgCuVrMe7Dx7KSv%252B4PAmhosqOFwnmh%252B4f1TJE%252FZIva9UtLpspfSK50VzoYNKL7PfxHYgo57D6abQVovmsKbwVpxqgl2qiilpQsMxT8pV7nxyeCYqqvf64RI7fjdRtAf1wWSYS97Ezyx5K2NdFG5laXy4GfLAymWrKUNX5VNZszGfCjN20BpGF2l21rjNQi%252FNt7khP2c9jTVsuUhwifsB7Yd6yckmRGviigYPZRn3AAdq1cderG2%252FFdoQV3R%252FDyZtieLZse3tJ%252F0BB6HkicL94mJ1i2zT%252FowroYgymP98oHgA7p49Pl8ZxIt%252BKjbuHX0bV74RYHRVoSOUF38lgpHu8nVYbVkKIdAoGOSxsO3SphV7oRu8Fi8dXSBvSyZTs98C1jBejUjIlYxg%253D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-19.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
77b5ff765ff7653b7756896e3951eb246f500edea52c79e0c64a6ef085e4c14e
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

Referer
https://mdus-login.eu.nexthink.cloud/
Origin
https://mdus-login.eu.nexthink.cloud
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=315360000; includeSubDomains
content-encoding
gzip
via
1.1 c4ce298584668e99f320a46c88c4a04a.cloudfront.net (CloudFront)
date
Sun, 13 Aug 2023 09:07:38 GMT
x-amz-cf-pop
JFK50-P2
age
372443
x-cache
Hit from cloudfront
last-modified
Mon, 15 Apr 2019 20:53:29 GMT
server
nginx
etag
W/"474dce61acfac4a4d016921943cf2a68"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id
o2LbXzfo_6rwPfB1eok0DLt2hXAHXrUsNjKgY0oqdjmvMetw1S-uVQ==
expires
Mon, 12 Aug 2024 09:07:38 GMT
Primary Request /
fed.messe-duesseldorf.de/adfs/ls/ 		29 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fed.messe-duesseldorf.de/adfs/ls/?SAMLRequest=jZLNTuMwFEZfJfI%2B8Q8NSa2mqKJilBGDUIFZsHPjG2rh2B1fGzFvP2mgqCxAs7JkXX%2Fn87EXF6%2BDzV4goPGuIbxgJAPXeW3cU0Me7q%2FymlwsF6gGK%2FZyleLObeBPAozZChFCHI9deodpgHAH4cV08LC5bsguxj1KSgedMLf%2BybgCUuHgNe6Mey4665OmiJ5OyZR5VW%2BNrysBz2b7s%2F0x4xXJ1iPGOBWnasfEHnQxwMjOdTosVvvQFxqo0j1Si5RkVz50MHVtSK8sAsnadUOMrmasFKKqeckrUbI5F2w%2BO6%2FmfLx1i5igdRiViw0RTJzlrM55dc%2FP5VkpGSvK2fyRZL%2BPrsTB1WjPoXzT05AUnPQKDUqnxo4ydvJu9etajqNyH3z0nbfk3aacgOE04fsAdfRNlv9jd0FPMR9PeDPmtutbb0339yBqUPFrLC%2F4tGN03k%2BjMjncQ2d6A5rQ5Tvj88dY%2FgM%3D&RelayState=%252Fapp%252Fnx-mdus_nexthink_1%252Fexk8biuymfJlfaZ3l417%252Fsso%252Fsaml%253FSigAlg%253Dhttp%25253A%25252F%25252Fwww.w3.org%25252F2001%25252F04%25252Fxmldsig-more%252523rsa-sha256%2526RelayState%253D%2525257B%25252522finder%25252522%2525253Afalse%2525252C%25252522uuid%25252522%2525253A%25252522c30ff8aa-dafd-469c-b8ec-e9fa4a21180c%25252522%2525252C%25252522redirectTo%25252522%2525253A%25252522%2525252F%25252522%2525257D%2526SAMLRequest%253DjVLbbtswDP0VQ%25252B%25252ByfMnFE5IAXrOh2bo0aLxi6Euh2EwjVJY8UWrTv6%25252FstEALbEUfSZ5DHh5yhqJVHS%25252B9O%25252Bgr%25252BOsBXXRslUY%25252BFObEW82NQIlcixaQu5pvy18XPIsT3lnjTG0UeUP5mCEQwTppNIlWyzlZf%25252FtTna%25252FWP5MGxtNsVNBskhZ0lBQ5LSY7Qfdf6nGW7ab5OBckugaLgTonoVPgI3pYaXRCu5BKspwmBU2nVTrh%25252BZgnyQ2JNtY8yAbsOggJ0%25252BDoDlLfR9uSRMuwqdTCDQ0PznXIGWsbj1SZO6lj8LF%25252Bwce1Mr5houuYPtIec%25252Ftauk0ZHO%25252BLnfRP7f6H2oubXI3SKUM0rHdjkDB49FXqRuq7j%25252B3ZnUDIz6tqQzeX24pE5atlZ0ajb8FuwT7IGn5fXbwX%25252Fg%25252FJvQT2KN1BhPuSxayP%25252BWCcXXyCOmNvCbPTq%25252FRerpYbo2T9FH03thXu%25252F0ulcTpkZEP3A5RDK6Qqm8YCYlhOKfN4ZkG4cB9nPZCILU5j3z%25252Fl4hk%25253D%2526Signature%253DFDWFQjMhUEmTI91g9XDk11TB7jdq62C3M71ZkYTnRDD6WbVewXy%25252BjVfZPaMkoQki2GAFTY3WURgACHXwK3zeVE9Z%25252FudInys2gAM2taFU6REgZREE%25252B6iIILlyiqFsVbc0KQfgv4KcEPtHgGLG3HvRVAAi0bXEXT5V0crowRg1dBrwLz1cWALKNj%25252BEaiFNyvpnha5rtCicwfJPNhOT2mld6Ts8wEHQ3WOF0o9nXOQcB6dQEo2ugb46A%25252FJjlhQDQlEX1zXV4gcPTobEseaYqpk01%25252B%25252F8d8DLl%25252F0kgCuVrMe7Dx7KSv%25252B4PAmhosqOFwnmh%25252B4f1TJE%25252FZIva9UtLpspfSK50VzoYNKL7PfxHYgo57D6abQVovmsKbwVpxqgl2qiilpQsMxT8pV7nxyeCYqqvf64RI7fjdRtAf1wWSYS97Ezyx5K2NdFG5laXy4GfLAymWrKUNX5VNZszGfCjN20BpGF2l21rjNQi%25252FNt7khP2c9jTVsuUhwifsB7Yd6yckmRGviigYPZRn3AAdq1cderG2%25252FFdoQV3R%25252FDyZtieLZse3tJ%25252F0BB6HkicL94mJ1i2zT%25252FowroYgymP98oHgA7p49Pl8ZxIt%25252BKjbuHX0bV74RYHRVoSOUF38lgpHu8nVYbVkKIdAoGOSxsO3SphV7oRu8Fi8dXSBvSyZTs98C1jBejUjIlYxg%25253D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=Fek18XpXF5jAJBuO67Av9ATyVGTjtmpG4CckoC%2BG8RLTOgMvZq00eUyUmnm7Zpa5U9yramX8%2BWENsdyNiOJAXBQB83wkpiZg9oPMYTW2HoVjJOp6f9O9lBABIv7CQFggIDN4r5wBlojnHkwRFUCG1nD5muAEmbToByJ4w03SugWfCvsFmswu5a69%2F6Q55K2%2BoPieTageD1KK%2Bb5ZlEvExidARQSX6LKFaroMR5ujIdg5uBMjjZS54sqL35Iwhhz0iWQxpPwMuZCEjeVcpmq0Qs5h54lcZ6DbwgWVmvL4KrG2Ga88F7MC89Ba06LknTWcIVqXTxnxDcNgsOunNO8mSA%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.9.88.77 Düsseldorf, Germany, ASN29494 (MESSE-DUESSELDORF-AS, DE),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
fa8067fd00f089930f652e4515d6c58c1477535794bb0767b3bdc96196ead4ca
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: https://*.messe-duesseldorf.de;
Strict-Transport-Security max-age = 31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mdus-login.eu.nexthink.cloud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache,no-store
Content-Length
30026
Content-Security-Policy
default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: https://*.messe-duesseldorf.de;
Content-Type
text/html; charset=utf-8
Date
Thu, 17 Aug 2023 16:35:01 GMT
Expires
-1
Permissions-Policy
geolocation=(),microphone=(),fullscreen=(self), vibrate=(self)
Pragma
no-cache
Referrer-Policy
strict-origin
Server
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age = 31536000
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-XSS-Protection
1; mode=block
style.css
fed.messe-duesseldorf.de/adfs/portal/css/ 		10 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fed.messe-duesseldorf.de/adfs/portal/css/style.css?id=3B1A0C704CDAE8ECD48AA8F0D50409D981CEF21D7AE6DC85B0797D270101B151
Requested by
Host: fed.messe-duesseldorf.de
URL: https://fed.messe-duesseldorf.de/adfs/ls/?SAMLRequest=jZLNTuMwFEZfJfI%2B8Q8NSa2mqKJilBGDUIFZsHPjG2rh2B1fGzFvP2mgqCxAs7JkXX%2Fn87EXF6%2BDzV4goPGuIbxgJAPXeW3cU0Me7q%2FymlwsF6gGK%2FZyleLObeBPAozZChFCHI9deodpgHAH4cV08LC5bsguxj1KSgedMLf%2BybgCUuHgNe6Mey4665OmiJ5OyZR5VW%2BNrysBz2b7s%2F0x4xXJ1iPGOBWnasfEHnQxwMjOdTosVvvQFxqo0j1Si5RkVz50MHVtSK8sAsnadUOMrmasFKKqeckrUbI5F2w%2BO6%2FmfLx1i5igdRiViw0RTJzlrM55dc%2FP5VkpGSvK2fyRZL%2BPrsTB1WjPoXzT05AUnPQKDUqnxo4ydvJu9etajqNyH3z0nbfk3aacgOE04fsAdfRNlv9jd0FPMR9PeDPmtutbb0339yBqUPFrLC%2F4tGN03k%2BjMjncQ2d6A5rQ5Tvj88dY%2FgM%3D&RelayState=%252Fapp%252Fnx-mdus_nexthink_1%252Fexk8biuymfJlfaZ3l417%252Fsso%252Fsaml%253FSigAlg%253Dhttp%25253A%25252F%25252Fwww.w3.org%25252F2001%25252F04%25252Fxmldsig-more%252523rsa-sha256%2526RelayState%253D%2525257B%25252522finder%25252522%2525253Afalse%2525252C%25252522uuid%25252522%2525253A%25252522c30ff8aa-dafd-469c-b8ec-e9fa4a21180c%25252522%2525252C%25252522redirectTo%25252522%2525253A%25252522%2525252F%25252522%2525257D%2526SAMLRequest%253DjVLbbtswDP0VQ%25252B%25252ByfMnFE5IAXrOh2bo0aLxi6Euh2EwjVJY8UWrTv6%25252FstEALbEUfSZ5DHh5yhqJVHS%25252B9O%25252Bgr%25252BOsBXXRslUY%25252BFObEW82NQIlcixaQu5pvy18XPIsT3lnjTG0UeUP5mCEQwTppNIlWyzlZf%25252FtTna%25252FWP5MGxtNsVNBskhZ0lBQ5LSY7Qfdf6nGW7ab5OBckugaLgTonoVPgI3pYaXRCu5BKspwmBU2nVTrh%25252BZgnyQ2JNtY8yAbsOggJ0%25252BDoDlLfR9uSRMuwqdTCDQ0PznXIGWsbj1SZO6lj8LF%25252Bwce1Mr5houuYPtIec%25252Ftauk0ZHO%25252BLnfRP7f6H2oubXI3SKUM0rHdjkDB49FXqRuq7j%25252B3ZnUDIz6tqQzeX24pE5atlZ0ajb8FuwT7IGn5fXbwX%25252Fg%25252FJvQT2KN1BhPuSxayP%25252BWCcXXyCOmNvCbPTq%25252FRerpYbo2T9FH03thXu%25252F0ulcTpkZEP3A5RDK6Qqm8YCYlhOKfN4ZkG4cB9nPZCILU5j3z%25252Fl4hk%25253D%2526Signature%253DFDWFQjMhUEmTI91g9XDk11TB7jdq62C3M71ZkYTnRDD6WbVewXy%25252BjVfZPaMkoQki2GAFTY3WURgACHXwK3zeVE9Z%25252FudInys2gAM2taFU6REgZREE%25252B6iIILlyiqFsVbc0KQfgv4KcEPtHgGLG3HvRVAAi0bXEXT5V0crowRg1dBrwLz1cWALKNj%25252BEaiFNyvpnha5rtCicwfJPNhOT2mld6Ts8wEHQ3WOF0o9nXOQcB6dQEo2ugb46A%25252FJjlhQDQlEX1zXV4gcPTobEseaYqpk01%25252B%25252F8d8DLl%25252F0kgCuVrMe7Dx7KSv%25252B4PAmhosqOFwnmh%25252B4f1TJE%25252FZIva9UtLpspfSK50VzoYNKL7PfxHYgo57D6abQVovmsKbwVpxqgl2qiilpQsMxT8pV7nxyeCYqqvf64RI7fjdRtAf1wWSYS97Ezyx5K2NdFG5laXy4GfLAymWrKUNX5VNZszGfCjN20BpGF2l21rjNQi%25252FNt7khP2c9jTVsuUhwifsB7Yd6yckmRGviigYPZRn3AAdq1cderG2%25252FFdoQV3R%25252FDyZtieLZse3tJ%25252F0BB6HkicL94mJ1i2zT%25252FowroYgymP98oHgA7p49Pl8ZxIt%25252BKjbuHX0bV74RYHRVoSOUF38lgpHu8nVYbVkKIdAoGOSxsO3SphV7oRu8Fi8dXSBvSyZTs98C1jBejUjIlYxg%25253D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=Fek18XpXF5jAJBuO67Av9ATyVGTjtmpG4CckoC%2BG8RLTOgMvZq00eUyUmnm7Zpa5U9yramX8%2BWENsdyNiOJAXBQB83wkpiZg9oPMYTW2HoVjJOp6f9O9lBABIv7CQFggIDN4r5wBlojnHkwRFUCG1nD5muAEmbToByJ4w03SugWfCvsFmswu5a69%2F6Q55K2%2BoPieTageD1KK%2Bb5ZlEvExidARQSX6LKFaroMR5ujIdg5uBMjjZS54sqL35Iwhhz0iWQxpPwMuZCEjeVcpmq0Qs5h54lcZ6DbwgWVmvL4KrG2Ga88F7MC89Ba06LknTWcIVqXTxnxDcNgsOunNO8mSA%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.9.88.77 Düsseldorf, Germany, ASN29494 (MESSE-DUESSELDORF-AS, DE),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
3b1a0c704cdae8ecd48aa8f0d50409d981cef21d7ae6dc85b0797d270101b151
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: https://*.messe-duesseldorf.de;
Strict-Transport-Security max-age = 31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fed.messe-duesseldorf.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Strict-Transport-Security
max-age = 31536000
Content-Security-Policy
default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: https://*.messe-duesseldorf.de;
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin
Server
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
Date
Thu, 17 Aug 2023 16:35:01 GMT
ETag
3B1A0C704CDAE8ECD48AA8F0D50409D981CEF21D7AE6DC85B0797D270101B151
Content-Type
text/css
Permissions-Policy
geolocation=(),microphone=(),fullscreen=(self), vibrate=(self)
Content-Length
10462
X-XSS-Protection
1; mode=block
Expires
Sat, 16 Sep 2023 16:35:02 GMT
logo.png
fed.messe-duesseldorf.de/adfs/portal/logo/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fed.messe-duesseldorf.de/adfs/portal/logo/logo.png?id=92560F60A71C2EDAE59AC001B26AA671020FC4B4DB4EC16D91E5CA73A22EC14B
Requested by
Host: fed.messe-duesseldorf.de
URL: https://fed.messe-duesseldorf.de/adfs/ls/?SAMLRequest=jZLNTuMwFEZfJfI%2B8Q8NSa2mqKJilBGDUIFZsHPjG2rh2B1fGzFvP2mgqCxAs7JkXX%2Fn87EXF6%2BDzV4goPGuIbxgJAPXeW3cU0Me7q%2FymlwsF6gGK%2FZyleLObeBPAozZChFCHI9deodpgHAH4cV08LC5bsguxj1KSgedMLf%2BybgCUuHgNe6Mey4665OmiJ5OyZR5VW%2BNrysBz2b7s%2F0x4xXJ1iPGOBWnasfEHnQxwMjOdTosVvvQFxqo0j1Si5RkVz50MHVtSK8sAsnadUOMrmasFKKqeckrUbI5F2w%2BO6%2FmfLx1i5igdRiViw0RTJzlrM55dc%2FP5VkpGSvK2fyRZL%2BPrsTB1WjPoXzT05AUnPQKDUqnxo4ydvJu9etajqNyH3z0nbfk3aacgOE04fsAdfRNlv9jd0FPMR9PeDPmtutbb0339yBqUPFrLC%2F4tGN03k%2BjMjncQ2d6A5rQ5Tvj88dY%2FgM%3D&RelayState=%252Fapp%252Fnx-mdus_nexthink_1%252Fexk8biuymfJlfaZ3l417%252Fsso%252Fsaml%253FSigAlg%253Dhttp%25253A%25252F%25252Fwww.w3.org%25252F2001%25252F04%25252Fxmldsig-more%252523rsa-sha256%2526RelayState%253D%2525257B%25252522finder%25252522%2525253Afalse%2525252C%25252522uuid%25252522%2525253A%25252522c30ff8aa-dafd-469c-b8ec-e9fa4a21180c%25252522%2525252C%25252522redirectTo%25252522%2525253A%25252522%2525252F%25252522%2525257D%2526SAMLRequest%253DjVLbbtswDP0VQ%25252B%25252ByfMnFE5IAXrOh2bo0aLxi6Euh2EwjVJY8UWrTv6%25252FstEALbEUfSZ5DHh5yhqJVHS%25252B9O%25252Bgr%25252BOsBXXRslUY%25252BFObEW82NQIlcixaQu5pvy18XPIsT3lnjTG0UeUP5mCEQwTppNIlWyzlZf%25252FtTna%25252FWP5MGxtNsVNBskhZ0lBQ5LSY7Qfdf6nGW7ab5OBckugaLgTonoVPgI3pYaXRCu5BKspwmBU2nVTrh%25252BZgnyQ2JNtY8yAbsOggJ0%25252BDoDlLfR9uSRMuwqdTCDQ0PznXIGWsbj1SZO6lj8LF%25252Bwce1Mr5houuYPtIec%25252Ftauk0ZHO%25252BLnfRP7f6H2oubXI3SKUM0rHdjkDB49FXqRuq7j%25252B3ZnUDIz6tqQzeX24pE5atlZ0ajb8FuwT7IGn5fXbwX%25252Fg%25252FJvQT2KN1BhPuSxayP%25252BWCcXXyCOmNvCbPTq%25252FRerpYbo2T9FH03thXu%25252F0ulcTpkZEP3A5RDK6Qqm8YCYlhOKfN4ZkG4cB9nPZCILU5j3z%25252Fl4hk%25253D%2526Signature%253DFDWFQjMhUEmTI91g9XDk11TB7jdq62C3M71ZkYTnRDD6WbVewXy%25252BjVfZPaMkoQki2GAFTY3WURgACHXwK3zeVE9Z%25252FudInys2gAM2taFU6REgZREE%25252B6iIILlyiqFsVbc0KQfgv4KcEPtHgGLG3HvRVAAi0bXEXT5V0crowRg1dBrwLz1cWALKNj%25252BEaiFNyvpnha5rtCicwfJPNhOT2mld6Ts8wEHQ3WOF0o9nXOQcB6dQEo2ugb46A%25252FJjlhQDQlEX1zXV4gcPTobEseaYqpk01%25252B%25252F8d8DLl%25252F0kgCuVrMe7Dx7KSv%25252B4PAmhosqOFwnmh%25252B4f1TJE%25252FZIva9UtLpspfSK50VzoYNKL7PfxHYgo57D6abQVovmsKbwVpxqgl2qiilpQsMxT8pV7nxyeCYqqvf64RI7fjdRtAf1wWSYS97Ezyx5K2NdFG5laXy4GfLAymWrKUNX5VNZszGfCjN20BpGF2l21rjNQi%25252FNt7khP2c9jTVsuUhwifsB7Yd6yckmRGviigYPZRn3AAdq1cderG2%25252FFdoQV3R%25252FDyZtieLZse3tJ%25252F0BB6HkicL94mJ1i2zT%25252FowroYgymP98oHgA7p49Pl8ZxIt%25252BKjbuHX0bV74RYHRVoSOUF38lgpHu8nVYbVkKIdAoGOSxsO3SphV7oRu8Fi8dXSBvSyZTs98C1jBejUjIlYxg%25253D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=Fek18XpXF5jAJBuO67Av9ATyVGTjtmpG4CckoC%2BG8RLTOgMvZq00eUyUmnm7Zpa5U9yramX8%2BWENsdyNiOJAXBQB83wkpiZg9oPMYTW2HoVjJOp6f9O9lBABIv7CQFggIDN4r5wBlojnHkwRFUCG1nD5muAEmbToByJ4w03SugWfCvsFmswu5a69%2F6Q55K2%2BoPieTageD1KK%2Bb5ZlEvExidARQSX6LKFaroMR5ujIdg5uBMjjZS54sqL35Iwhhz0iWQxpPwMuZCEjeVcpmq0Qs5h54lcZ6DbwgWVmvL4KrG2Ga88F7MC89Ba06LknTWcIVqXTxnxDcNgsOunNO8mSA%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.9.88.77 Düsseldorf, Germany, ASN29494 (MESSE-DUESSELDORF-AS, DE),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
92560f60a71c2edae59ac001b26aa671020fc4b4db4ec16d91e5ca73a22ec14b
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: https://*.messe-duesseldorf.de;
Strict-Transport-Security max-age = 31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fed.messe-duesseldorf.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Strict-Transport-Security
max-age = 31536000
Content-Security-Policy
default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: https://*.messe-duesseldorf.de;
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin
Server
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
Date
Thu, 17 Aug 2023 16:35:01 GMT
ETag
92560F60A71C2EDAE59AC001B26AA671020FC4B4DB4EC16D91E5CA73A22EC14B
Content-Type
image/png
Permissions-Policy
geolocation=(),microphone=(),fullscreen=(self), vibrate=(self)
Content-Length
38465
X-XSS-Protection
1; mode=block
Expires
Sat, 16 Sep 2023 16:35:02 GMT
illustration.png
fed.messe-duesseldorf.de/adfs/portal/illustration/ 		2 MB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fed.messe-duesseldorf.de/adfs/portal/illustration/illustration.png?id=4929EDC5FCD87D93446FBA058630E2847C57D5648DF03A621223AAF94C95C8CD
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.9.88.77 Düsseldorf, Germany, ASN29494 (MESSE-DUESSELDORF-AS, DE),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: https://*.messe-duesseldorf.de;
Strict-Transport-Security max-age = 31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fed.messe-duesseldorf.de/adfs/ls/?SAMLRequest=jZLNTuMwFEZfJfI%2B8Q8NSa2mqKJilBGDUIFZsHPjG2rh2B1fGzFvP2mgqCxAs7JkXX%2Fn87EXF6%2BDzV4goPGuIbxgJAPXeW3cU0Me7q%2FymlwsF6gGK%2FZyleLObeBPAozZChFCHI9deodpgHAH4cV08LC5bsguxj1KSgedMLf%2BybgCUuHgNe6Mey4665OmiJ5OyZR5VW%2BNrysBz2b7s%2F0x4xXJ1iPGOBWnasfEHnQxwMjOdTosVvvQFxqo0j1Si5RkVz50MHVtSK8sAsnadUOMrmasFKKqeckrUbI5F2w%2BO6%2FmfLx1i5igdRiViw0RTJzlrM55dc%2FP5VkpGSvK2fyRZL%2BPrsTB1WjPoXzT05AUnPQKDUqnxo4ydvJu9etajqNyH3z0nbfk3aacgOE04fsAdfRNlv9jd0FPMR9PeDPmtutbb0339yBqUPFrLC%2F4tGN03k%2BjMjncQ2d6A5rQ5Tvj88dY%2FgM%3D&RelayState=%252Fapp%252Fnx-mdus_nexthink_1%252Fexk8biuymfJlfaZ3l417%252Fsso%252Fsaml%253FSigAlg%253Dhttp%25253A%25252F%25252Fwww.w3.org%25252F2001%25252F04%25252Fxmldsig-more%252523rsa-sha256%2526RelayState%253D%2525257B%25252522finder%25252522%2525253Afalse%2525252C%25252522uuid%25252522%2525253A%25252522c30ff8aa-dafd-469c-b8ec-e9fa4a21180c%25252522%2525252C%25252522redirectTo%25252522%2525253A%25252522%2525252F%25252522%2525257D%2526SAMLRequest%253DjVLbbtswDP0VQ%25252B%25252ByfMnFE5IAXrOh2bo0aLxi6Euh2EwjVJY8UWrTv6%25252FstEALbEUfSZ5DHh5yhqJVHS%25252B9O%25252Bgr%25252BOsBXXRslUY%25252BFObEW82NQIlcixaQu5pvy18XPIsT3lnjTG0UeUP5mCEQwTppNIlWyzlZf%25252FtTna%25252FWP5MGxtNsVNBskhZ0lBQ5LSY7Qfdf6nGW7ab5OBckugaLgTonoVPgI3pYaXRCu5BKspwmBU2nVTrh%25252BZgnyQ2JNtY8yAbsOggJ0%25252BDoDlLfR9uSRMuwqdTCDQ0PznXIGWsbj1SZO6lj8LF%25252Bwce1Mr5houuYPtIec%25252Ftauk0ZHO%25252BLnfRP7f6H2oubXI3SKUM0rHdjkDB49FXqRuq7j%25252B3ZnUDIz6tqQzeX24pE5atlZ0ajb8FuwT7IGn5fXbwX%25252Fg%25252FJvQT2KN1BhPuSxayP%25252BWCcXXyCOmNvCbPTq%25252FRerpYbo2T9FH03thXu%25252F0ulcTpkZEP3A5RDK6Qqm8YCYlhOKfN4ZkG4cB9nPZCILU5j3z%25252Fl4hk%25253D%2526Signature%253DFDWFQjMhUEmTI91g9XDk11TB7jdq62C3M71ZkYTnRDD6WbVewXy%25252BjVfZPaMkoQki2GAFTY3WURgACHXwK3zeVE9Z%25252FudInys2gAM2taFU6REgZREE%25252B6iIILlyiqFsVbc0KQfgv4KcEPtHgGLG3HvRVAAi0bXEXT5V0crowRg1dBrwLz1cWALKNj%25252BEaiFNyvpnha5rtCicwfJPNhOT2mld6Ts8wEHQ3WOF0o9nXOQcB6dQEo2ugb46A%25252FJjlhQDQlEX1zXV4gcPTobEseaYqpk01%25252B%25252F8d8DLl%25252F0kgCuVrMe7Dx7KSv%25252B4PAmhosqOFwnmh%25252B4f1TJE%25252FZIva9UtLpspfSK50VzoYNKL7PfxHYgo57D6abQVovmsKbwVpxqgl2qiilpQsMxT8pV7nxyeCYqqvf64RI7fjdRtAf1wWSYS97Ezyx5K2NdFG5laXy4GfLAymWrKUNX5VNZszGfCjN20BpGF2l21rjNQi%25252FNt7khP2c9jTVsuUhwifsB7Yd6yckmRGviigYPZRn3AAdq1cderG2%25252FFdoQV3R%25252FDyZtieLZse3tJ%25252F0BB6HkicL94mJ1i2zT%25252FowroYgymP98oHgA7p49Pl8ZxIt%25252BKjbuHX0bV74RYHRVoSOUF38lgpHu8nVYbVkKIdAoGOSxsO3SphV7oRu8Fi8dXSBvSyZTs98C1jBejUjIlYxg%25253D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=Fek18XpXF5jAJBuO67Av9ATyVGTjtmpG4CckoC%2BG8RLTOgMvZq00eUyUmnm7Zpa5U9yramX8%2BWENsdyNiOJAXBQB83wkpiZg9oPMYTW2HoVjJOp6f9O9lBABIv7CQFggIDN4r5wBlojnHkwRFUCG1nD5muAEmbToByJ4w03SugWfCvsFmswu5a69%2F6Q55K2%2BoPieTageD1KK%2Bb5ZlEvExidARQSX6LKFaroMR5ujIdg5uBMjjZS54sqL35Iwhhz0iWQxpPwMuZCEjeVcpmq0Qs5h54lcZ6DbwgWVmvL4KrG2Ga88F7MC89Ba06LknTWcIVqXTxnxDcNgsOunNO8mSA%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Strict-Transport-Security
max-age = 31536000
Content-Security-Policy
default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: https://*.messe-duesseldorf.de;
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin
Server
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
Date
Thu, 17 Aug 2023 16:35:01 GMT
ETag
4929EDC5FCD87D93446FBA058630E2847C57D5648DF03A621223AAF94C95C8CD
Content-Type
image/png
Permissions-Policy
geolocation=(),microphone=(),fullscreen=(self), vibrate=(self)
Content-Length
2248008
X-XSS-Protection
1; mode=block
Expires
Sat, 16 Sep 2023 16:35:02 GMT

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| LoginErrors number| maxPasswordLength function| InputUtil function| SelectOption function| Login undefined| emails undefined| msViewportStyle undefined| viewport function| getStyle function| computeLoadIllustration function| SetIllustrationImage function| customfavicon

3 Cookies

Domain/Path Name / Value
mdus-login.eu.nexthink.cloud/ Name: t
Value: default
mdus-login.eu.nexthink.cloud/ Name: DT
Value: DI1jPe3HmDiRierBeVQN0ygoQ
mdus-login.eu.nexthink.cloud/ Name: JSESSIONID
Value: 6B971D73A6DD3513800DE5E55912327D

3 Console Messages

Source Level URL
Text
network error URL: https://mdus.eu.nexthink.cloud/PortalServlet
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://mdus.eu.nexthink.cloud/login/logout
Message:
Failed to load resource: the server responded with a status of 500 ()
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'vibrate'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

content.insights.nexthink.com
fed.messe-duesseldorf.de
login.okta.com
mdus-login.eu.nexthink.cloud
mdus.eu.nexthink.cloud
ok9static.oktacdn.com
108.139.29.19
15.197.195.200
18.194.116.146
194.9.88.77
34.102.158.97
54.230.163.7
32500251349a69f3281061abc9ba20a6231151499e209b11c2a4de603ec6ffe5
35333a6ae8caf8d43fd0ced892900123516440bd2bf2740ea976cfed147c6ec0
362334ea318c3797894fe20715a4aa04d56c94ca0853ceeb0898dca803c3d159
391cd178cdf171d1ffbaee2a203d3bdae7851b9d4939ba10f5b54210cd039882
3b1a0c704cdae8ecd48aa8f0d50409d981cef21d7ae6dc85b0797d270101b151
41007cca25365e6a00174b3f4a155e7ba866fce519287970c3261cbd7e35ac75
43e51f129fb6eb0f52aee5fb4857f14796f9a5b38e66f445658db1ac1fb7298e
458a39a61c8f8303f37986cb6e69ec250a587c22285e4db459d5f138a052b887
524269362ddf8351b47e25fdfba45cfb4f5fbfd61f6d68c8a05d8c6fe76c09b2
6f9f671b311286a029041b3bfce6530d0f4851db1fdb466ee4869a37369f6d17
772b077603d928097e004440afc64d75bbc23a97e0ef7dd4d0d1948dddd8b89d
77b5ff765ff7653b7756896e3951eb246f500edea52c79e0c64a6ef085e4c14e
90b1a5f59fdf925609000aac9693eea2612c2e62bd84804ad1da395cef67658b
92560f60a71c2edae59ac001b26aa671020fc4b4db4ec16d91e5ca73a22ec14b
9339ac13c07c72d18804336161788269b6c3183c99d07ba788a1428577a5571a
ab11bcb142c336d213ee6e9c574db61880e421a9a82ac1a5c37fe7f4f721d32e
b4a623dacebe252a71c621ae1581d9b035d2f1ae19cd70cb493e12598b167b7a
c47f3ee2b4abca5e4b23b14f63c9e3e8d901ed873368a4fd95d124b64464d2fd
dcc89f32e3f978bd4c2e313916b6267abd287eea87daec0e5c049150fd9062aa
def1bb171895402e944395a139202730ce78b7c2ce8ebfeb3d79f4150ee2236b
eaf19e99f3717c6a96a22bafb2b52eb1c0177ac035012cb187346b143730f27a
fa8067fd00f089930f652e4515d6c58c1477535794bb0767b3bdc96196ead4ca