urlscan.io logo urlscan.io
SecurityTrails logo

login.microsoftonline.com Open in urlscan Pro
20.190.160.21  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://perigmbh1.plateau.com/
Effective URL: https://login.microsoftonline.com/975d243a-4e65-46df-b77f-8f73a893ca23/saml2?SAMLRequest=fZJPj9MwEMW%2FiuW7k9RJE6%2FVdFWoVlTiT8QGD...
Submission: On December 26 via api from DE — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 7 domains to perform 21 HTTP transactions. The main IP is 20.190.160.21, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.microsoftonline.com. The Cisco Umbrella rank of the primary domain is 28.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on November 23rd 2022. Valid for: a year.
This is the only time login.microsoftonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 3 104.70.105.211 16625 (AKAMAI-AS)
1 4 2.23.97.104 20940 (AKAMAI-ASN1)
3 20.190.160.21 8075 (MICROSOFT...)
10 152.199.23.37 15133 (EDGECAST)
1 20.190.159.19 8075 (MICROSOFT...)
2 2620:1ec:4f:1... 8075 (MICROSOFT...)
1 2603:1026:300... 8075 (MICROSOFT...)
21 7
3    104.70.105.211 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-70-105-211.deploy.static.akamaitechnologies.com
perigmbh1.plateau.com
4    2.23.97.104 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-23-97-104.deploy.static.akamaitechnologies.com
performancemanager.successfactors.eu
3    20.190.160.21 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com
10    152.199.23.37 (United States)

ASN15133 (EDGECAST, US)
aadcdn.msftauth.net
1    20.190.159.19 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.live.com
2    2620:1ec:4f:1::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aadcdn.msftauthimages.net
1    2603:1026:3000:150::4 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
autologon.microsoftazuread-sso.com
Apex Domain
Subdomains		 Transfer
10 msftauth.net
aadcdn.msftauth.net — Cisco Umbrella Rank: 1820
196 KB
4 successfactors.eu
performancemanager.successfactors.eu — Cisco Umbrella Rank: 59080
11 KB
3 microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 28
108 KB
3 plateau.com
perigmbh1.plateau.com
2 KB
2 msftauthimages.net
aadcdn.msftauthimages.net — Cisco Umbrella Rank: 5420
395 KB
1 microsoftazuread-sso.com
autologon.microsoftazuread-sso.com — Cisco Umbrella Rank: 1437
1 KB
1 live.com
login.live.com — Cisco Umbrella Rank: 60
21 7
Domain Requested by
10 aadcdn.msftauth.net login.microsoftonline.com
aadcdn.msftauth.net
4 performancemanager.successfactors.eu 1 redirects performancemanager.successfactors.eu
3 login.microsoftonline.com login.microsoftonline.com
aadcdn.msftauth.net
3 perigmbh1.plateau.com 2 redirects
2 aadcdn.msftauthimages.net
1 autologon.microsoftazuread-sso.com
1 login.live.com login.microsoftonline.com
21 7

This site contains links to these domains. Also see Links.

Domain
www.microsoft.com
privacy.microsoft.com
Subject Issuer Validity Valid
*.plateau.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-28 -
2023-03-29		 a year crt.sh
eu-only.successfactors.eu
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-14 -
2023-04-14		 a year crt.sh
stamp2.login.microsoftonline.com
DigiCert SHA2 Secure Server CA		 2022-11-23 -
2023-11-23		 a year crt.sh
aadcdn.msftauth.net
DigiCert SHA2 Secure Server CA		 2022-04-01 -
2023-04-01		 a year crt.sh
login.live.com
DigiCert SHA2 Secure Server CA		 2022-09-30 -
2023-09-30		 a year crt.sh
aadcdn.msftauthimages.net
Microsoft Azure TLS Issuing CA 05		 2022-12-23 -
2023-12-18		 a year crt.sh
autologon.microsoftazuread-sso.com
DigiCert SHA2 Secure Server CA		 2022-10-04 -
2023-10-04		 a year crt.sh

This page contains 1 frames:

Primary Page: https://login.microsoftonline.com/975d243a-4e65-46df-b77f-8f73a893ca23/saml2?SAMLRequest=fZJPj9MwEMW%2FiuW7k9RJE6%2FVdFWoVlTiT8QGDlyQ64xbS4kdPA6Fb0827aLlwF7tN%2FPe%2FGY297%2BGnvyEgNa7mq6SjBJw2nfWnWr6pX1ggt5vN6iGno9yN8Wz%2Bww%2FJsBI5kKH8vpT0yk46RValE4NgDJq%2Bbj78F7yJJNj8NFr31OynwutU3ExO8c4okzT3p%2BsSwarg0dvone9dZBoP6R31brjRa5YAeWaFWVn2LGqDBOmypW4y7XiebokoOTBBw1LwJoa1SNQctjX9DtXRgswwMqq46yoRMGOWQmMr0EUSlRlJ9QsRZzg4DAqF2vKM87ZijNetlkpCyGzKily8Y2S5jbKG%2BuuiF6b%2B3gVoXzXtg1rPj22lHx9Rj0L6A2sXNzDS6KvN1aIEJ4g0u0zxMvlkuCkNSAapaMPmMCUjhDsaTieG75JX1r93ejHufdh3%2Fje6t9k1%2Ff%2B8jaAilDTGCZYqA4q%2Fj%2FNKlktL7ZjZpHKyeEI2hoLHU23N9t%2FT2f7Bw%3D%3D&RelayState=%2Flogin%3Fcompany%3DperigmbhP2&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=GKAsromSbioJn%2FcM2EwnlCfl%2FC2dHthKieVUctJWrxUi%2BH4%2Bk4r%2BrQH2BEBzPK4cgpdxJrOeQi3axvV%2BWpux%2B%2BmBmSV%2BZ9Db77XMfktA6y0HvfOQgU3DzIdK9Z2OdkG2Hqt62ZLT%2FHNW7KJhN%2Fdad8opLb7QsfC1aARPGPsuQXk%3D&sso_reload=true
Frame ID: 7E9405AB24FE94D3CAA4320940B953CF
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Aanmelden bij uw account

Page URL History Show full URLs

  1. http://perigmbh1.plateau.com/ HTTP 302
    https://perigmbh1.plateau.com/ Page URL
  2. https://perigmbh1.plateau.com/learning/user/login.jsp HTTP 302
    https://performancemanager.successfactors.eu/login?company=perigmbhP2 HTTP 302
    https://performancemanager.successfactors.eu/saml2/Login?company=perigmbhP2&RelayState=/login?company=perigmbhP2&_s.crb=Z... Page URL
  3. https://login.microsoftonline.com/975d243a-4e65-46df-b77f-8f73a893ca23/saml2?SAMLRequest=fZJPj9MwEMW%2FiuW7k9R... Page URL
  4. https://login.microsoftonline.com/975d243a-4e65-46df-b77f-8f73a893ca23/saml2?SAMLRequest=fZJPj9MwEMW%2FiuW7k9R... Page URL

Page Statistics

21
Requests

100 %
HTTPS

29 %
IPv6

7
Domains

7
Subdomains

7
IPs

4
Countries

710 kB
Transfer

1291 kB
Size

23
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://perigmbh1.plateau.com/ HTTP 302
    https://perigmbh1.plateau.com/ Page URL
  2. https://perigmbh1.plateau.com/learning/user/login.jsp HTTP 302
    https://performancemanager.successfactors.eu/login?company=perigmbhP2 HTTP 302
    https://performancemanager.successfactors.eu/saml2/Login?company=perigmbhP2&RelayState=/login?company=perigmbhP2&_s.crb=ZmGUyLimNL8jUsfpwaxz%252f4ijmLOsQnLt9lNcsYoNgeI%253d Page URL
  3. https://login.microsoftonline.com/975d243a-4e65-46df-b77f-8f73a893ca23/saml2?SAMLRequest=fZJPj9MwEMW%2FiuW7k9RJE6%2FVdFWoVlTiT8QGDlyQ64xbS4kdPA6Fb0827aLlwF7tN%2FPe%2FGY297%2BGnvyEgNa7mq6SjBJw2nfWnWr6pX1ggt5vN6iGno9yN8Wz%2Bww%2FJsBI5kKH8vpT0yk46RValE4NgDJq%2Bbj78F7yJJNj8NFr31OynwutU3ExO8c4okzT3p%2BsSwarg0dvone9dZBoP6R31brjRa5YAeWaFWVn2LGqDBOmypW4y7XiebokoOTBBw1LwJoa1SNQctjX9DtXRgswwMqq46yoRMGOWQmMr0EUSlRlJ9QsRZzg4DAqF2vKM87ZijNetlkpCyGzKily8Y2S5jbKG%2BuuiF6b%2B3gVoXzXtg1rPj22lHx9Rj0L6A2sXNzDS6KvN1aIEJ4g0u0zxMvlkuCkNSAapaMPmMCUjhDsaTieG75JX1r93ejHufdh3%2Fje6t9k1%2Ff%2B8jaAilDTGCZYqA4q%2Fj%2FNKlktL7ZjZpHKyeEI2hoLHU23N9t%2FT2f7Bw%3D%3D&RelayState=%2Flogin%3Fcompany%3DperigmbhP2&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=GKAsromSbioJn%2FcM2EwnlCfl%2FC2dHthKieVUctJWrxUi%2BH4%2Bk4r%2BrQH2BEBzPK4cgpdxJrOeQi3axvV%2BWpux%2B%2BmBmSV%2BZ9Db77XMfktA6y0HvfOQgU3DzIdK9Z2OdkG2Hqt62ZLT%2FHNW7KJhN%2Fdad8opLb7QsfC1aARPGPsuQXk%3D Page URL
  4. https://login.microsoftonline.com/975d243a-4e65-46df-b77f-8f73a893ca23/saml2?SAMLRequest=fZJPj9MwEMW%2FiuW7k9RJE6%2FVdFWoVlTiT8QGDlyQ64xbS4kdPA6Fb0827aLlwF7tN%2FPe%2FGY297%2BGnvyEgNa7mq6SjBJw2nfWnWr6pX1ggt5vN6iGno9yN8Wz%2Bww%2FJsBI5kKH8vpT0yk46RValE4NgDJq%2Bbj78F7yJJNj8NFr31OynwutU3ExO8c4okzT3p%2BsSwarg0dvone9dZBoP6R31brjRa5YAeWaFWVn2LGqDBOmypW4y7XiebokoOTBBw1LwJoa1SNQctjX9DtXRgswwMqq46yoRMGOWQmMr0EUSlRlJ9QsRZzg4DAqF2vKM87ZijNetlkpCyGzKily8Y2S5jbKG%2BuuiF6b%2B3gVoXzXtg1rPj22lHx9Rj0L6A2sXNzDS6KvN1aIEJ4g0u0zxMvlkuCkNSAapaMPmMCUjhDsaTieG75JX1r93ejHufdh3%2Fje6t9k1%2Ff%2B8jaAilDTGCZYqA4q%2Fj%2FNKlktL7ZjZpHKyeEI2hoLHU23N9t%2FT2f7Bw%3D%3D&RelayState=%2Flogin%3Fcompany%3DperigmbhP2&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=GKAsromSbioJn%2FcM2EwnlCfl%2FC2dHthKieVUctJWrxUi%2BH4%2Bk4r%2BrQH2BEBzPK4cgpdxJrOeQi3axvV%2BWpux%2B%2BmBmSV%2BZ9Db77XMfktA6y0HvfOQgU3DzIdK9Z2OdkG2Hqt62ZLT%2FHNW7KJhN%2Fdad8opLb7QsfC1aARPGPsuQXk%3D&sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://perigmbh1.plateau.com/ HTTP 302
  • https://perigmbh1.plateau.com/
Request Chain 1
  • https://perigmbh1.plateau.com/learning/user/login.jsp HTTP 302
  • https://performancemanager.successfactors.eu/login?company=perigmbhP2 HTTP 302
  • https://performancemanager.successfactors.eu/saml2/Login?company=perigmbhP2&RelayState=/login?company=perigmbhP2&_s.crb=ZmGUyLimNL8jUsfpwaxz%252f4ijmLOsQnLt9lNcsYoNgeI%253d

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
perigmbh1.plateau.com/
Redirect Chain
  • http://perigmbh1.plateau.com/
  • https://perigmbh1.plateau.com/
68 B
325 B 		Document
General
Check archive.org
Download Go to
Full URL
https://perigmbh1.plateau.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.70.105.211 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-70-105-211.deploy.static.akamaitechnologies.com
Software
Successfactors /
Resource Hash
40280b8b1243ceeb3bd1c49f0268c0975276d13c42c8c08ba873e46ad9a5d9a8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
content-length
68
content-type
text/html
date
Mon, 26 Dec 2022 06:48:06 GMT
etag
"6366277e-44"
last-modified
Sat, 05 Nov 2022 09:06:06 GMT
server
Successfactors
x-robots-tag
noindex,nofollow

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Mon, 26 Dec 2022 06:48:06 GMT
Location
https://perigmbh1.plateau.com/
Server
BigIP
Login
performancemanager.successfactors.eu/saml2/
Redirect Chain
  • https://perigmbh1.plateau.com/learning/user/login.jsp
  • https://performancemanager.successfactors.eu/login?company=perigmbhP2
  • https://performancemanager.successfactors.eu/saml2/Login?company=perigmbhP2&RelayState=/login?company=perigmbhP2&_s.crb=ZmGUyLimNL8jUsfpwaxz%252f4ijmLOsQnLt9lNcsYoNgeI%253d
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://performancemanager.successfactors.eu/saml2/Login?company=perigmbhP2&RelayState=/login?company=perigmbhP2&_s.crb=ZmGUyLimNL8jUsfpwaxz%252f4ijmLOsQnLt9lNcsYoNgeI%253d
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.97.104 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-97-104.deploy.static.akamaitechnologies.com
Software
Successfactors /
Resource Hash
390f2aebb4daff418f9c6913b6facc5fbe10dafb506fd6f33e3a3c5fa2402bb6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://perigmbh1.plateau.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-store,no-cache
content-length
1716
content-type
text/html;charset=UTF-8
date
Mon, 26 Dec 2022 06:48:07 GMT
expires
Mon, 26 Dec 2022 06:48:07 GMT Wed, 31 Dec 1969 23:59:59 GMT
optr_cxt
0100010000412feea5-84e9-11ed-9d55-2da2d4a1631e00000000-0000-0000-0000-000000000001-1 HTTP ;
pragma
no-cache no-cache
referrer-policy
strict-origin-when-cross-origin
server
Successfactors
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-correlation-id
f4ed8afa3f2501c3ca847452fda1d2ec
x-event-id
EVENT-UNKNOWN-UNKNOWN-ob46abe17-20221226074807-415726
x-itr-server
1daa7f207bc7401fe5a72511314f4b11b5feb811
x-itr-target-cluster
defaultCluster
x-request-stats
SQLT=3&CCON=0&FWR=0&NRE=0&CEXT=0&ST=1672037287428&EID=EVENT-UNKNOWN-UNKNOWN-ob46abe17-20221226074807-415726&CLOC=0&CREM=0&NWR=0&CPU=19&SVT=23&SQLC=2&SCPU=0&CSUP=0&MEM=6275&UCPU=19&FRE=0
x-unique-id
f4ed8afa3f2501c3ca847452fda1d2ec
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-store,no-cache
date
Mon, 26 Dec 2022 06:48:07 GMT
expires
Mon, 26 Dec 2022 06:48:07 GMT
location
/saml2/Login?company=perigmbhP2&RelayState=/login?company=perigmbhP2&_s.crb=ZmGUyLimNL8jUsfpwaxz%252f4ijmLOsQnLt9lNcsYoNgeI%253d
optr_cxt
010001000041208553-84e9-11ed-9d55-2da2d4a1631e00000000-0000-0000-0000-000000000001-1 HTTP ;
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
Successfactors
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-correlation-id
61eec137ee6ded9c54d79d7a4ad54eaa
x-event-id
EVENT-PLT-LOGINPAGE-ob46abe17-20221226074807-415725
x-itr-server
1daa7f207bc7401fe5a72511314f4b11b5feb811
x-itr-target-cluster
defaultCluster
x-unique-id
61eec137ee6ded9c54d79d7a4ad54eaa
x-xss-protection
1; mode=block
XMLHttpRequest.js
performancemanager.successfactors.eu/ui/extlib/XMLHttpRequest_1.0.5_sf.18/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://performancemanager.successfactors.eu/ui/extlib/XMLHttpRequest_1.0.5_sf.18/XMLHttpRequest.js
Requested by
Host: performancemanager.successfactors.eu
URL: https://performancemanager.successfactors.eu/saml2/Login?company=perigmbhP2&RelayState=/login?company=perigmbhP2&_s.crb=ZmGUyLimNL8jUsfpwaxz%252f4ijmLOsQnLt9lNcsYoNgeI%253d
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.97.104 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-97-104.deploy.static.akamaitechnologies.com
Software
Successfactors /
Resource Hash
e2aaec9826f489c85b078bbbec0efdb872fcbd16c74677111288bd7b02e807a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://performancemanager.successfactors.eu/saml2/Login?company=perigmbhP2&RelayState=/login?company=perigmbhP2&_s.crb=ZmGUyLimNL8jUsfpwaxz%252f4ijmLOsQnLt9lNcsYoNgeI%253d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 09 Dec 2022 22:36:30 GMT
server
Successfactors
date
Mon, 26 Dec 2022 06:48:07 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=313961941
content-length
2704
x-xss-protection
1; mode=block
expires
Tue, 07 Dec 2032 02:27:08 GMT
perflog_6afbc835fd7bc8ec51a93324df511558.js
performancemanager.successfactors.eu/ui/perflog/js/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://performancemanager.successfactors.eu/ui/perflog/js/perflog_6afbc835fd7bc8ec51a93324df511558.js
Requested by
Host: performancemanager.successfactors.eu
URL: https://performancemanager.successfactors.eu/saml2/Login?company=perigmbhP2&RelayState=/login?company=perigmbhP2&_s.crb=ZmGUyLimNL8jUsfpwaxz%252f4ijmLOsQnLt9lNcsYoNgeI%253d
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.97.104 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-97-104.deploy.static.akamaitechnologies.com
Software
Successfactors /
Resource Hash
2ee483c6c8ac0a1a070fa2a1af9ef0c46fca385b84ffad5a0abba2b48e226e02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://performancemanager.successfactors.eu/saml2/Login?company=perigmbhP2&RelayState=/login?company=perigmbhP2&_s.crb=ZmGUyLimNL8jUsfpwaxz%252f4ijmLOsQnLt9lNcsYoNgeI%253d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 20 May 2022 23:32:07 GMT
server
Successfactors
date
Mon, 26 Dec 2022 06:48:07 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=309314433
content-length
4421
x-xss-protection
1; mode=block
expires
Thu, 14 Oct 2032 07:28:40 GMT
saml2
login.microsoftonline.com/975d243a-4e65-46df-b77f-8f73a893ca23/ 		152 KB
55 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/975d243a-4e65-46df-b77f-8f73a893ca23/saml2?SAMLRequest=fZJPj9MwEMW%2FiuW7k9RJE6%2FVdFWoVlTiT8QGDlyQ64xbS4kdPA6Fb0827aLlwF7tN%2FPe%2FGY297%2BGnvyEgNa7mq6SjBJw2nfWnWr6pX1ggt5vN6iGno9yN8Wz%2Bww%2FJsBI5kKH8vpT0yk46RValE4NgDJq%2Bbj78F7yJJNj8NFr31OynwutU3ExO8c4okzT3p%2BsSwarg0dvone9dZBoP6R31brjRa5YAeWaFWVn2LGqDBOmypW4y7XiebokoOTBBw1LwJoa1SNQctjX9DtXRgswwMqq46yoRMGOWQmMr0EUSlRlJ9QsRZzg4DAqF2vKM87ZijNetlkpCyGzKily8Y2S5jbKG%2BuuiF6b%2B3gVoXzXtg1rPj22lHx9Rj0L6A2sXNzDS6KvN1aIEJ4g0u0zxMvlkuCkNSAapaMPmMCUjhDsaTieG75JX1r93ejHufdh3%2Fje6t9k1%2Ff%2B8jaAilDTGCZYqA4q%2Fj%2FNKlktL7ZjZpHKyeEI2hoLHU23N9t%2FT2f7Bw%3D%3D&RelayState=%2Flogin%3Fcompany%3DperigmbhP2&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=GKAsromSbioJn%2FcM2EwnlCfl%2FC2dHthKieVUctJWrxUi%2BH4%2Bk4r%2BrQH2BEBzPK4cgpdxJrOeQi3axvV%2BWpux%2B%2BmBmSV%2BZ9Db77XMfktA6y0HvfOQgU3DzIdK9Z2OdkG2Hqt62ZLT%2FHNW7KJhN%2Fdad8opLb7QsfC1aARPGPsuQXk%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.160.21 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
84fde9b132b605c6a30908fdf9b0507d5aa72fc7c1c1c16174a327ae45312364
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://performancemanager.successfactors.eu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
55554
Content-Type
text/html; charset=utf-8
Date
Mon, 26 Dec 2022 06:48:06 GMT
Expires
-1
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams1"}]}
x-ms-ests-server
2.1.14357.7 - NEULR2 ProdSlices
x-ms-request-id
d83f423b-35bc-4bd6-a8ab-36a1d4a00600
Primary Request saml2
login.microsoftonline.com/975d243a-4e65-46df-b77f-8f73a893ca23/ 		197 KB
51 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/975d243a-4e65-46df-b77f-8f73a893ca23/saml2?SAMLRequest=fZJPj9MwEMW%2FiuW7k9RJE6%2FVdFWoVlTiT8QGDlyQ64xbS4kdPA6Fb0827aLlwF7tN%2FPe%2FGY297%2BGnvyEgNa7mq6SjBJw2nfWnWr6pX1ggt5vN6iGno9yN8Wz%2Bww%2FJsBI5kKH8vpT0yk46RValE4NgDJq%2Bbj78F7yJJNj8NFr31OynwutU3ExO8c4okzT3p%2BsSwarg0dvone9dZBoP6R31brjRa5YAeWaFWVn2LGqDBOmypW4y7XiebokoOTBBw1LwJoa1SNQctjX9DtXRgswwMqq46yoRMGOWQmMr0EUSlRlJ9QsRZzg4DAqF2vKM87ZijNetlkpCyGzKily8Y2S5jbKG%2BuuiF6b%2B3gVoXzXtg1rPj22lHx9Rj0L6A2sXNzDS6KvN1aIEJ4g0u0zxMvlkuCkNSAapaMPmMCUjhDsaTieG75JX1r93ejHufdh3%2Fje6t9k1%2Ff%2B8jaAilDTGCZYqA4q%2Fj%2FNKlktL7ZjZpHKyeEI2hoLHU23N9t%2FT2f7Bw%3D%3D&RelayState=%2Flogin%3Fcompany%3DperigmbhP2&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=GKAsromSbioJn%2FcM2EwnlCfl%2FC2dHthKieVUctJWrxUi%2BH4%2Bk4r%2BrQH2BEBzPK4cgpdxJrOeQi3axvV%2BWpux%2B%2BmBmSV%2BZ9Db77XMfktA6y0HvfOQgU3DzIdK9Z2OdkG2Hqt62ZLT%2FHNW7KJhN%2Fdad8opLb7QsfC1aARPGPsuQXk%3D&sso_reload=true
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/975d243a-4e65-46df-b77f-8f73a893ca23/saml2?SAMLRequest=fZJPj9MwEMW%2FiuW7k9RJE6%2FVdFWoVlTiT8QGDlyQ64xbS4kdPA6Fb0827aLlwF7tN%2FPe%2FGY297%2BGnvyEgNa7mq6SjBJw2nfWnWr6pX1ggt5vN6iGno9yN8Wz%2Bww%2FJsBI5kKH8vpT0yk46RValE4NgDJq%2Bbj78F7yJJNj8NFr31OynwutU3ExO8c4okzT3p%2BsSwarg0dvone9dZBoP6R31brjRa5YAeWaFWVn2LGqDBOmypW4y7XiebokoOTBBw1LwJoa1SNQctjX9DtXRgswwMqq46yoRMGOWQmMr0EUSlRlJ9QsRZzg4DAqF2vKM87ZijNetlkpCyGzKily8Y2S5jbKG%2BuuiF6b%2B3gVoXzXtg1rPj22lHx9Rj0L6A2sXNzDS6KvN1aIEJ4g0u0zxMvlkuCkNSAapaMPmMCUjhDsaTieG75JX1r93ejHufdh3%2Fje6t9k1%2Ff%2B8jaAilDTGCZYqA4q%2Fj%2FNKlktL7ZjZpHKyeEI2hoLHU23N9t%2FT2f7Bw%3D%3D&RelayState=%2Flogin%3Fcompany%3DperigmbhP2&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=GKAsromSbioJn%2FcM2EwnlCfl%2FC2dHthKieVUctJWrxUi%2BH4%2Bk4r%2BrQH2BEBzPK4cgpdxJrOeQi3axvV%2BWpux%2B%2BmBmSV%2BZ9Db77XMfktA6y0HvfOQgU3DzIdK9Z2OdkG2Hqt62ZLT%2FHNW7KJhN%2Fdad8opLb7QsfC1aARPGPsuQXk%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.160.21 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2b15d89a681d69c57edf0a164caa561485c4f7bbbe2933655f9100377dad819d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://login.microsoftonline.com/975d243a-4e65-46df-b77f-8f73a893ca23/saml2?SAMLRequest=fZJPj9MwEMW%2FiuW7k9RJE6%2FVdFWoVlTiT8QGDlyQ64xbS4kdPA6Fb0827aLlwF7tN%2FPe%2FGY297%2BGnvyEgNa7mq6SjBJw2nfWnWr6pX1ggt5vN6iGno9yN8Wz%2Bww%2FJsBI5kKH8vpT0yk46RValE4NgDJq%2Bbj78F7yJJNj8NFr31OynwutU3ExO8c4okzT3p%2BsSwarg0dvone9dZBoP6R31brjRa5YAeWaFWVn2LGqDBOmypW4y7XiebokoOTBBw1LwJoa1SNQctjX9DtXRgswwMqq46yoRMGOWQmMr0EUSlRlJ9QsRZzg4DAqF2vKM87ZijNetlkpCyGzKily8Y2S5jbKG%2BuuiF6b%2B3gVoXzXtg1rPj22lHx9Rj0L6A2sXNzDS6KvN1aIEJ4g0u0zxMvlkuCkNSAapaMPmMCUjhDsaTieG75JX1r93ejHufdh3%2Fje6t9k1%2Ff%2B8jaAilDTGCZYqA4q%2Fj%2FNKlktL7ZjZpHKyeEI2hoLHU23N9t%2FT2f7Bw%3D%3D&RelayState=%2Flogin%3Fcompany%3DperigmbhP2&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=GKAsromSbioJn%2FcM2EwnlCfl%2FC2dHthKieVUctJWrxUi%2BH4%2Bk4r%2BrQH2BEBzPK4cgpdxJrOeQi3axvV%2BWpux%2B%2BmBmSV%2BZ9Db77XMfktA6y0HvfOQgU3DzIdK9Z2OdkG2Hqt62ZLT%2FHNW7KJhN%2Fdad8opLb7QsfC1aARPGPsuQXk%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
50472
Content-Type
text/html; charset=utf-8
Date
Mon, 26 Dec 2022 06:48:07 GMT
Expires
-1
Link
<https://aadcdn.msftauth.net>; rel=preconnect; crossorigin <https://aadcdn.msftauth.net>; rel=dns-prefetch <https://aadcdn.msauth.net>; rel=dns-prefetch
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
on
X-Frame-Options
DENY
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams1"}]}
x-ms-ests-server
2.1.14357.7 - WEULR1 ProdSlices
x-ms-request-id
8a07f78b-c3c1-47b5-a5cf-b20b033b2f01
ConvergedLogin_PCore_uKA_y1fjqWvYkTaFMejIZQ2.js
aadcdn.msftauth.net/shared/1.0/content/js/ 		391 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_uKA_y1fjqWvYkTaFMejIZQ2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/975d243a-4e65-46df-b77f-8f73a893ca23/saml2?SAMLRequest=fZJPj9MwEMW%2FiuW7k9RJE6%2FVdFWoVlTiT8QGDlyQ64xbS4kdPA6Fb0827aLlwF7tN%2FPe%2FGY297%2BGnvyEgNa7mq6SjBJw2nfWnWr6pX1ggt5vN6iGno9yN8Wz%2Bww%2FJsBI5kKH8vpT0yk46RValE4NgDJq%2Bbj78F7yJJNj8NFr31OynwutU3ExO8c4okzT3p%2BsSwarg0dvone9dZBoP6R31brjRa5YAeWaFWVn2LGqDBOmypW4y7XiebokoOTBBw1LwJoa1SNQctjX9DtXRgswwMqq46yoRMGOWQmMr0EUSlRlJ9QsRZzg4DAqF2vKM87ZijNetlkpCyGzKily8Y2S5jbKG%2BuuiF6b%2B3gVoXzXtg1rPj22lHx9Rj0L6A2sXNzDS6KvN1aIEJ4g0u0zxMvlkuCkNSAapaMPmMCUjhDsaTieG75JX1r93ejHufdh3%2Fje6t9k1%2Ff%2B8jaAilDTGCZYqA4q%2Fj%2FNKlktL7ZjZpHKyeEI2hoLHU23N9t%2FT2f7Bw%3D%3D&RelayState=%2Flogin%3Fcompany%3DperigmbhP2&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=GKAsromSbioJn%2FcM2EwnlCfl%2FC2dHthKieVUctJWrxUi%2BH4%2Bk4r%2BrQH2BEBzPK4cgpdxJrOeQi3axvV%2BWpux%2B%2BmBmSV%2BZ9Db77XMfktA6y0HvfOQgU3DzIdK9Z2OdkG2Hqt62ZLT%2FHNW7KJhN%2Fdad8opLb7QsfC1aARPGPsuQXk%3D&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48D2) /
Resource Hash
6dc9810fa0a9551a31d7a5ad428952b917c211475113620a461cdb5efb2d5993

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 26 Dec 2022 06:48:08 GMT
content-encoding
gzip
content-md5
zcwWfFMjU4sF0R3R+wJipw==
age
1419636
x-cache
HIT
content-length
112662
x-ms-lease-status
unlocked
last-modified
Thu, 17 Nov 2022 22:31:51 GMT
server
ECAcc (ama/48D2)
etag
0x8DAC8EB85A3BE54
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
c659b012-901e-0088-230c-0c01ef000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
Me.htm
login.live.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://login.live.com/Me.htm?v=3
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/975d243a-4e65-46df-b77f-8f73a893ca23/saml2?SAMLRequest=fZJPj9MwEMW%2FiuW7k9RJE6%2FVdFWoVlTiT8QGDlyQ64xbS4kdPA6Fb0827aLlwF7tN%2FPe%2FGY297%2BGnvyEgNa7mq6SjBJw2nfWnWr6pX1ggt5vN6iGno9yN8Wz%2Bww%2FJsBI5kKH8vpT0yk46RValE4NgDJq%2Bbj78F7yJJNj8NFr31OynwutU3ExO8c4okzT3p%2BsSwarg0dvone9dZBoP6R31brjRa5YAeWaFWVn2LGqDBOmypW4y7XiebokoOTBBw1LwJoa1SNQctjX9DtXRgswwMqq46yoRMGOWQmMr0EUSlRlJ9QsRZzg4DAqF2vKM87ZijNetlkpCyGzKily8Y2S5jbKG%2BuuiF6b%2B3gVoXzXtg1rPj22lHx9Rj0L6A2sXNzDS6KvN1aIEJ4g0u0zxMvlkuCkNSAapaMPmMCUjhDsaTieG75JX1r93ejHufdh3%2Fje6t9k1%2Ff%2B8jaAilDTGCZYqA4q%2Fj%2FNKlktL7ZjZpHKyeEI2hoLHU23N9t%2FT2f7Bw%3D%3D&RelayState=%2Flogin%3Fcompany%3DperigmbhP2&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=GKAsromSbioJn%2FcM2EwnlCfl%2FC2dHthKieVUctJWrxUi%2BH4%2Bk4r%2BrQH2BEBzPK4cgpdxJrOeQi3axvV%2BWpux%2B%2BmBmSV%2BZ9Db77XMfktA6y0HvfOQgU3DzIdK9Z2OdkG2Hqt62ZLT%2FHNW7KJhN%2Fdad8opLb7QsfC1aARPGPsuQXk%3D&sso_reload=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.159.19 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 		0
20 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/975d243a-4e65-46df-b77f-8f73a893ca23/saml2?SAMLRequest=fZJPj9MwEMW%2FiuW7k9RJE6%2FVdFWoVlTiT8QGDlyQ64xbS4kdPA6Fb0827aLlwF7tN%2FPe%2FGY297%2BGnvyEgNa7mq6SjBJw2nfWnWr6pX1ggt5vN6iGno9yN8Wz%2Bww%2FJsBI5kKH8vpT0yk46RValE4NgDJq%2Bbj78F7yJJNj8NFr31OynwutU3ExO8c4okzT3p%2BsSwarg0dvone9dZBoP6R31brjRa5YAeWaFWVn2LGqDBOmypW4y7XiebokoOTBBw1LwJoa1SNQctjX9DtXRgswwMqq46yoRMGOWQmMr0EUSlRlJ9QsRZzg4DAqF2vKM87ZijNetlkpCyGzKily8Y2S5jbKG%2BuuiF6b%2B3gVoXzXtg1rPj22lHx9Rj0L6A2sXNzDS6KvN1aIEJ4g0u0zxMvlkuCkNSAapaMPmMCUjhDsaTieG75JX1r93ejHufdh3%2Fje6t9k1%2Ff%2B8jaAilDTGCZYqA4q%2Fj%2FNKlktL7ZjZpHKyeEI2hoLHU23N9t%2FT2f7Bw%3D%3D&RelayState=%2Flogin%3Fcompany%3DperigmbhP2&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=GKAsromSbioJn%2FcM2EwnlCfl%2FC2dHthKieVUctJWrxUi%2BH4%2Bk4r%2BrQH2BEBzPK4cgpdxJrOeQi3axvV%2BWpux%2B%2BmBmSV%2BZ9Db77XMfktA6y0HvfOQgU3DzIdK9Z2OdkG2Hqt62ZLT%2FHNW7KJhN%2Fdad8opLb7QsfC1aARPGPsuQXk%3D&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48D6) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 26 Dec 2022 06:48:08 GMT
content-encoding
gzip
content-md5
9K2/nGCj75WAmmAI9nZNCA==
age
1487849
x-cache
HIT
content-length
19970
x-ms-lease-status
unlocked
last-modified
Thu, 04 Aug 2022 19:37:00 GMT
server
ECAcc (ama/48D6)
etag
0x8DA7650B375AC9B
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
a8ff09ea-801e-0082-326d-0b2bad000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
ux.converged.login.strings-nl.min_7nevftcgjw_sznuc3yablq2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 		0
14 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-nl.min_7nevftcgjw_sznuc3yablq2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/975d243a-4e65-46df-b77f-8f73a893ca23/saml2?SAMLRequest=fZJPj9MwEMW%2FiuW7k9RJE6%2FVdFWoVlTiT8QGDlyQ64xbS4kdPA6Fb0827aLlwF7tN%2FPe%2FGY297%2BGnvyEgNa7mq6SjBJw2nfWnWr6pX1ggt5vN6iGno9yN8Wz%2Bww%2FJsBI5kKH8vpT0yk46RValE4NgDJq%2Bbj78F7yJJNj8NFr31OynwutU3ExO8c4okzT3p%2BsSwarg0dvone9dZBoP6R31brjRa5YAeWaFWVn2LGqDBOmypW4y7XiebokoOTBBw1LwJoa1SNQctjX9DtXRgswwMqq46yoRMGOWQmMr0EUSlRlJ9QsRZzg4DAqF2vKM87ZijNetlkpCyGzKily8Y2S5jbKG%2BuuiF6b%2B3gVoXzXtg1rPj22lHx9Rj0L6A2sXNzDS6KvN1aIEJ4g0u0zxMvlkuCkNSAapaMPmMCUjhDsaTieG75JX1r93ejHufdh3%2Fje6t9k1%2Ff%2B8jaAilDTGCZYqA4q%2Fj%2FNKlktL7ZjZpHKyeEI2hoLHU23N9t%2FT2f7Bw%3D%3D&RelayState=%2Flogin%3Fcompany%3DperigmbhP2&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=GKAsromSbioJn%2FcM2EwnlCfl%2FC2dHthKieVUctJWrxUi%2BH4%2Bk4r%2BrQH2BEBzPK4cgpdxJrOeQi3axvV%2BWpux%2B%2BmBmSV%2BZ9Db77XMfktA6y0HvfOQgU3DzIdK9Z2OdkG2Hqt62ZLT%2FHNW7KJhN%2Fdad8opLb7QsfC1aARPGPsuQXk%3D&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48D8) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 26 Dec 2022 06:48:08 GMT
content-encoding
gzip
content-md5
4/TMjnQguJ4oEqsCIKnfwg==
age
1442458
x-cache
HIT
content-length
14522
x-ms-lease-status
unlocked
last-modified
Wed, 16 Nov 2022 00:33:29 GMT
server
ECAcc (ama/48D8)
etag
0x8DAC76A2F0F493F
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
527336fb-801e-0084-61d7-0bcd6c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
convergedlogin_pfetchsessionsprogress_85acbcb9234972130506.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_85acbcb9234972130506.js
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_uKA_y1fjqWvYkTaFMejIZQ2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48BC) /
Resource Hash
28fa8f3ba41d8801e3d95e7128f5b2189a4344ebee1a56d4be7a313959f608e1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 26 Dec 2022 06:48:08 GMT
content-encoding
gzip
content-md5
4CzbHQsOMg8rU5bCeKMGlw==
age
1442457
x-cache
HIT
content-length
5530
x-ms-lease-status
unlocked
last-modified
Tue, 15 Nov 2022 20:11:58 GMT
server
ECAcc (ama/48BC)
etag
0x8DAC745A6527E64
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
29499165-c01e-006e-33d7-0b9d98000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
marching_ants_white_166de53471265253ab3a456defe6da23.gif
aadcdn.msftauth.net/shared/1.0/content/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/marching_ants_white_166de53471265253ab3a456defe6da23.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48B2) /
Resource Hash
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 26 Dec 2022 06:48:08 GMT
content-md5
Fm3lNHEmUlOrOkVt7+baIw==
age
1487846
x-cache
HIT
content-length
2672
x-ms-lease-status
unlocked
last-modified
Thu, 16 Jan 2020 00:32:52 GMT
server
ECAcc (ama/48B2)
etag
0x8D79A1B9F2C6EC8
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
7f4aa7f7-d01e-0006-336d-0b3844000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
aadcdn.msftauth.net/shared/1.0/content/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/4894) /
Resource Hash
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 26 Dec 2022 06:48:08 GMT
content-md5
tUCo5RgDcZLjLE/li/Lbqw==
age
1487846
x-cache
HIT
content-length
3620
x-ms-lease-status
unlocked
last-modified
Thu, 16 Jan 2020 00:32:52 GMT
server
ECAcc (ama/4894)
etag
0x8D79A1B9F8A840E
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
996a1b1c-501e-008f-5d6d-0b1923000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
convergedlogin_pcustomizationloader_442ad4dbc9101c033d33.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 		107 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_442ad4dbc9101c033d33.js
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_uKA_y1fjqWvYkTaFMejIZQ2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48E4) /
Resource Hash
4393c9a3f71c27bbf7fd0275513d128f1effdf2a88dbb4bf27c710daa30165ea

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 26 Dec 2022 06:48:08 GMT
content-encoding
gzip
content-md5
W8lUw496uzczhL0u7372yg==
age
1315849
x-cache
HIT
content-length
32191
x-ms-lease-status
unlocked
last-modified
Tue, 15 Nov 2022 20:11:57 GMT
server
ECAcc (ama/48E4)
etag
0x8DAC745A5F8364F
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
8f37b66d-e01e-007a-41fe-0cc91c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
illustration
aadcdn.msftauthimages.net/c1c6b6c8-a2txg0xtytg-1mb531rhdmrf-4o3ztlhjjhpnbie3oc/logintenantbranding/0/ 		393 KB
393 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauthimages.net/c1c6b6c8-a2txg0xtytg-1mb531rhdmrf-4o3ztlhjjhpnbie3oc/logintenantbranding/0/illustration?ts=636358852726595077
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4f:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a2b0fc58870cf223fe3476e27dfad84d9f3bedb09e1ad26c97e0b3e80f3e541f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 26 Dec 2022 06:48:08 GMT
last-modified
Mon, 17 Jul 2017 10:47:53 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
trHc8JIBK1Jf5ZXXDicm2g==
etag
0x8D4CD0147283817
vary
Origin
x-cache
TCP_HIT
content-type
image/*
x-azure-ref
0qEOpYwAAAADs2POX4YMCTq5JH/g9fgi9QU1TMDRFREdFMTgxNwA1OTY2NTcxNS00MjZhLTRmMWMtYTA1OS1kNWRmZDQwYWU2Yjk=
x-ms-request-id
ca0cf36b-901e-0068-6f3c-183d3c000000
cache-control
public, max-age=86400
x-ms-version
2009-09-19
content-length
402338
bannerlogo
aadcdn.msftauthimages.net/c1c6b6c8-a2txg0xtytg-1mb531rhdmrf-4o3ztlhjjhpnbie3oc/logintenantbranding/0/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauthimages.net/c1c6b6c8-a2txg0xtytg-1mb531rhdmrf-4o3ztlhjjhpnbie3oc/logintenantbranding/0/bannerlogo?ts=637632324374208549
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4f:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e017a22e1cd8c07ed14663d0b4ca427cb9255cdaf5f8108a740e15688485a988

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 26 Dec 2022 06:48:08 GMT
last-modified
Fri, 30 Jul 2021 09:00:37 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
J/2Mv5fy9ryZgrLLPOPBHg==
etag
0x8D953387FBECBD7
vary
Origin
x-cache
TCP_HIT
content-type
image/*
x-azure-ref
0qEOpYwAAAABvGDbPsR0NQK/+i21cobYqQU1TMDRFREdFMTgxNwA1OTY2NTcxNS00MjZhLTRmMWMtYTA1OS1kNWRmZDQwYWU2Yjk=
x-ms-request-id
630f9c9a-601e-006c-093c-18b03b000000
cache-control
public, max-age=86400
x-ms-version
2009-09-19
content-length
1694
marching_ants_white_166de53471265253ab3a456defe6da23.gif
aadcdn.msftauth.net/shared/1.0/content/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/marching_ants_white_166de53471265253ab3a456defe6da23.gif
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_uKA_y1fjqWvYkTaFMejIZQ2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48B2) /
Resource Hash
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 26 Dec 2022 06:48:08 GMT
content-md5
Fm3lNHEmUlOrOkVt7+baIw==
age
1487846
x-cache
HIT
content-length
2672
x-ms-lease-status
unlocked
last-modified
Thu, 16 Jan 2020 00:32:52 GMT
server
ECAcc (ama/48B2)
etag
0x8D79A1B9F2C6EC8
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
7f4aa7f7-d01e-0006-336d-0b3844000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
aadcdn.msftauth.net/shared/1.0/content/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_uKA_y1fjqWvYkTaFMejIZQ2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/4894) /
Resource Hash
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 26 Dec 2022 06:48:08 GMT
content-md5
tUCo5RgDcZLjLE/li/Lbqw==
age
1487846
x-cache
HIT
content-length
3620
x-ms-lease-status
unlocked
last-modified
Thu, 16 Jan 2020 00:32:52 GMT
server
ECAcc (ama/4894)
etag
0x8D79A1B9F8A840E
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
996a1b1c-501e-008f-5d6d-0b1923000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
ssoprobe
autologon.microsoftazuread-sso.com/975d243a-4e65-46df-b77f-8f73a893ca23/winauth/ 		12 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://autologon.microsoftazuread-sso.com/975d243a-4e65-46df-b77f-8f73a893ca23/winauth/ssoprobe?client-request-id=abfa8626-bb98-492c-a522-5b4d4830e11f&_=1672037288313
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1026:3000:150::4 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Mon, 26 Dec 2022 06:48:08 GMT
X-Content-Type-Options
nosniff
WWW-Authenticate
Negotiate
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Content-Length
12
X-XSS-Protection
0
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Vary
Origin
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png; charset=utf-8
Access-Control-Allow-Origin
https://login.microsoftonline.com
x-ms-request-id
b6ee0c62-e86c-494d-a5a1-e9acf7bbf000
Cache-Control
no-store, no-cache
Access-Control-Allow-Credentials
true
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams1"}]}
x-ms-ests-server
2.1.14357.7 - NEULR1 ProdSlices
Expires
-1
dssostatus
login.microsoftonline.com/common/instrumentation/ 		264 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/common/instrumentation/dssostatus
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_uKA_y1fjqWvYkTaFMejIZQ2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.160.21 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5a01881a87daa80359816dac804d027368fc784e81f31d5a5c1a7c0509c812eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

hpgrequestid
8a07f78b-c3c1-47b5-a5cf-b20b033b2f01
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
client-request-id
abfa8626-bb98-492c-a522-5b4d4830e11f
canary
AQABAAAAAAD--DLA3VO7QrddgJg7Wevr2HoVT6QNFO-jKPJYZmRFBAqDAWe0zVStksLaVF5cMdB41MPQA2rlNE-uSYjrhS9F8gNYvex1NlneV9EAsfzZssI0-MPZvQCgmJpVXZHRjkd3TSbLCint-P3d-AchkiMgpiShH8BeG9E_BjBAOzI2WlWv9uRfogCbEAmrM33UAW7wBSe1PLBHfgJvsP0UdMVeKw9oIi7tyBuHfTdRTyNN3yAA
Content-type
application/json; charset=UTF-8
hpgid
1104
Accept
application/json
Referer
https://login.microsoftonline.com/975d243a-4e65-46df-b77f-8f73a893ca23/saml2?SAMLRequest=fZJPj9MwEMW%2FiuW7k9RJE6%2FVdFWoVlTiT8QGDlyQ64xbS4kdPA6Fb0827aLlwF7tN%2FPe%2FGY297%2BGnvyEgNa7mq6SjBJw2nfWnWr6pX1ggt5vN6iGno9yN8Wz%2Bww%2FJsBI5kKH8vpT0yk46RValE4NgDJq%2Bbj78F7yJJNj8NFr31OynwutU3ExO8c4okzT3p%2BsSwarg0dvone9dZBoP6R31brjRa5YAeWaFWVn2LGqDBOmypW4y7XiebokoOTBBw1LwJoa1SNQctjX9DtXRgswwMqq46yoRMGOWQmMr0EUSlRlJ9QsRZzg4DAqF2vKM87ZijNetlkpCyGzKily8Y2S5jbKG%2BuuiF6b%2B3gVoXzXtg1rPj22lHx9Rj0L6A2sXNzDS6KvN1aIEJ4g0u0zxMvlkuCkNSAapaMPmMCUjhDsaTieG75JX1r93ejHufdh3%2Fje6t9k1%2Ff%2B8jaAilDTGCZYqA4q%2Fj%2FNKlktL7ZjZpHKyeEI2hoLHU23N9t%2FT2f7Bw%3D%3D&RelayState=%2Flogin%3Fcompany%3DperigmbhP2&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=GKAsromSbioJn%2FcM2EwnlCfl%2FC2dHthKieVUctJWrxUi%2BH4%2Bk4r%2BrQH2BEBzPK4cgpdxJrOeQi3axvV%2BWpux%2B%2BmBmSV%2BZ9Db77XMfktA6y0HvfOQgU3DzIdK9Z2OdkG2Hqt62ZLT%2FHNW7KJhN%2Fdad8opLb7QsfC1aARPGPsuQXk%3D&sso_reload=true
hpgact
1900

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Mon, 26 Dec 2022 06:48:07 GMT
X-Content-Type-Options
nosniff
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
client-request-id
abfa8626-bb98-492c-a522-5b4d4830e11f
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Content-Length
264
X-XSS-Protection
0
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Access-Control-Allow-Methods
POST, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://autologon.microsoftazuread-sso.com/
x-ms-request-id
feba433d-2781-473f-9e30-2f57122d3a01
Cache-Control
no-store, no-cache
Access-Control-Allow-Credentials
true
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams1"}]}
x-ms-ests-server
2.1.14357.7 - WEULR1 ProdSlices
Expires
-1
signin-options_4e48046ce74f4b89d45037c90576bfac.svg
aadcdn.msftauth.net/shared/1.0/content/images/ 		2 KB
784 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48C2) /
Resource Hash
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 26 Dec 2022 06:48:08 GMT
content-encoding
gzip
content-md5
R2FAVxfpONfnQAuxVxXbHg==
age
1487848
x-cache
HIT
content-length
621
x-ms-lease-status
unlocked
last-modified
Tue, 10 Nov 2020 03:41:05 GMT
server
ECAcc (ama/48C2)
etag
0x8D8852A740F01B9
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
fbad164b-e01e-0092-046d-0b9485000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository object| Telemetry object| telemetry_webpackJsonp boolean| __ConvergedLogin_PCore boolean| __ boolean| __convergedlogin_pfetchsessionsprogress_85acbcb9234972130506 boolean| __convergedlogin_pcustomizationloader_442ad4dbc9101c033d33

23 Cookies

Domain/Path Name / Value
perigmbh1.plateau.com/learning Name: JSESSIONID
Value: 6F32001EE8761D22792C0C21EC0F35C9
perigmbh1.plateau.com/ Name: BIGipServerP_lms_sapsf_com_80
Value: !82ipA9DXxamfoXd8v4KArBS8hpbV4TbGIygXssrW7UIdsvWI3YRfSBPyOfN6UguRLj8ANYu2MxzXlw==
perigmbh1.plateau.com/ Name: route
Value: 3d3abeb4ff825cc4e57ee291aa6857ada64082d1
perigmbh1.plateau.com/ Name: BIGipServerlms.plateau.com-learning-help-pqe
Value: 194590986.20480.0000
performancemanager.successfactors.eu/ Name: route
Value: 09312898fcde4cbc597cedcdd1c79b94f2fc1005
performancemanager.successfactors.eu/ Name: %2Flogin-markFromServer
Value: true
performancemanager.successfactors.eu/ Name: bizxCompanyId
Value: perigmbhP2
performancemanager.successfactors.eu/ Name: JSESSIONID
Value: 6FC0D542178249B21E82A93520B6EE96.pc57bcf28
performancemanager.successfactors.eu/ Name: BIGipServerhcm57.sapsf.com
Value: 260585738.20480.0000
performancemanager.successfactors.eu/ Name: oiosaml-fragment
Value:
login.microsoftonline.com/ Name: x-ms-gateway-slice
Value: estsfd
login.microsoftonline.com/ Name: stsservicecookie
Value: estsfd
.login.microsoftonline.com/ Name: AADSSO
Value: NA|NoExtension
login.microsoftonline.com/ Name: SSOCOOKIEPULLED
Value: 1
login.microsoftonline.com/ Name: buid
Value: 0.AXMAOiRdl2VO30a3f49zqJPKIyffpRYFJchDmvf97I3OyJRzAAA.AQABAAEAAAD--DLA3VO7QrddgJg7WevreOZMgi47AT-9FiEdRAoXy8B_l68nJBQueKDZGN8YRphbOv1tiUIJEpPLl37OP-lyabhUgxm2s2NCgNT4xNYZCYMf9yiWAlMkjHQC0Dprpr0gAA
login.microsoftonline.com/ Name: fpc
Value: AmPqX6exwcxGrVU5MT_57va-rv_nAQAAAKc6O9sOAAAA
.login.microsoftonline.com/ Name: esctx
Value: PAQABAAEAAAD--DLA3VO7QrddgJg7Wevr9RNhHnksEIlJTs0PgYFLygEIcenn--1n9YmIuRwXiJf91BMgFKUr29FL1swS0CL-RQJNIQT1qcWrBJP2--xXieZiZlQQPO1INyeWT-XOIuNz5Ti0NUcuuZk3sgvuH4ln6AezdZEM3HXcc63yQZx-JMygQ2XfO2HNuzPx6DJPCLogAA
.login.microsoftonline.com/ Name: brcap
Value: 0
.login.live.com/ Name: uaid
Value: 759db42b5169488fa7dcd23084083a20
.login.live.com/ Name: MSPRequ
Value: id=N&lt=1672037288&co=1
autologon.microsoftazuread-sso.com/ Name: fpc
Value: ArK9V6jZLs5DtDOr2G4uQ3E
autologon.microsoftazuread-sso.com/ Name: x-ms-gateway-slice
Value: estsfd
autologon.microsoftazuread-sso.com/ Name: stsservicecookie
Value: estsfd

1 Console Messages

Source Level URL
Text
network error URL: https://autologon.microsoftazuread-sso.com/975d243a-4e65-46df-b77f-8f73a893ca23/winauth/ssoprobe?client-request-id=abfa8626-bb98-492c-a522-5b4d4830e11f&_=1672037288313
Message:
Failed to load resource: the server responded with a status of 401 (Unauthorized)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msftauth.net
aadcdn.msftauthimages.net
autologon.microsoftazuread-sso.com
login.live.com
login.microsoftonline.com
performancemanager.successfactors.eu
perigmbh1.plateau.com
104.70.105.211
152.199.23.37
2.23.97.104
20.190.159.19
20.190.160.21
2603:1026:3000:150::4
2620:1ec:4f:1::45
28fa8f3ba41d8801e3d95e7128f5b2189a4344ebee1a56d4be7a313959f608e1
2b15d89a681d69c57edf0a164caa561485c4f7bbbe2933655f9100377dad819d
2ee483c6c8ac0a1a070fa2a1af9ef0c46fca385b84ffad5a0abba2b48e226e02
390f2aebb4daff418f9c6913b6facc5fbe10dafb506fd6f33e3a3c5fa2402bb6
40280b8b1243ceeb3bd1c49f0268c0975276d13c42c8c08ba873e46ad9a5d9a8
4393c9a3f71c27bbf7fd0275513d128f1effdf2a88dbb4bf27c710daa30165ea
5a01881a87daa80359816dac804d027368fc784e81f31d5a5c1a7c0509c812eb
6dc9810fa0a9551a31d7a5ad428952b917c211475113620a461cdb5efb2d5993
84fde9b132b605c6a30908fdf9b0507d5aa72fc7c1c1c16174a327ae45312364
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
a2b0fc58870cf223fe3476e27dfad84d9f3bedb09e1ad26c97e0b3e80f3e541f
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13
d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f
e017a22e1cd8c07ed14663d0b4ca427cb9255cdaf5f8108a740e15688485a988
e2aaec9826f489c85b078bbbec0efdb872fcbd16c74677111288bd7b02e807a9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855