urlscan.io logo urlscan.io
SecurityTrails logo

login.microsoftonline.com Open in urlscan Pro
2603:1027:1:158::2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://removery.zenoti.com/sso/redirect.aspx
Effective URL: https://login.microsoftonline.com/b15c8315-c491-4a72-8ffd-e035d4f96cce/saml2?SAMLRequest=fZFBb8IwDIX%2fSpR72jQqgka0qBpCQtqmaTAOu0x...
Submission: On February 04 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 8 domains to perform 27 HTTP transactions. The main IP is 2603:1027:1:158::2, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.microsoftonline.com. The Cisco Umbrella rank of the primary domain is 11.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on November 23rd 2023. Valid for: a year.
This is the only time login.microsoftonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 99.83.226.71 16509 (AMAZON-02)
2 3 76.223.55.70 16509 (AMAZON-02)
1 151.101.194.137 54113 (FASTLY)
2 162.247.243.29 54113 (FASTLY)
2 2603:1027:1:1... 8075 (MICROSOFT...)
3 2620:1ec:46::45 8075 (MICROSOFT...)
6 2606:2800:233... 15133 (EDGECAST)
1 20.190.160.22 8075 (MICROSOFT...)
27 9
8    99.83.226.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: ae6daf7601cc9aa9f.awsglobalaccelerator.com
removery.zenoti.com
3    76.223.55.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: a949402a9f1e834c3.awsglobalaccelerator.com
ids.zenoti.com
1    151.101.194.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
2    162.247.243.29 (United States)

ASN54113 (FASTLY, US)
bam.nr-data.net
2    2603:1027:1:158::2 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com
3    2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aadcdn.msauth.net
aadcdn.msftauthimages.net
6    2606:2800:233:78b9:f44e:2c1f:31aa:d9ef (United States)

ASN15133 (EDGECAST, US)
aadcdn.msftauth.net
1    20.190.160.22 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.live.com
Apex Domain
Subdomains		 Transfer
11 zenoti.com
removery.zenoti.com
ids.zenoti.com — Cisco Umbrella Rank: 345241
301 KB
6 msftauth.net
aadcdn.msftauth.net — Cisco Umbrella Rank: 943
223 KB
2 msftauthimages.net
aadcdn.msftauthimages.net — Cisco Umbrella Rank: 3382
166 KB
2 microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 11
27 KB
2 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 236
841 B
1 live.com
login.live.com — Cisco Umbrella Rank: 63
1 msauth.net
aadcdn.msauth.net — Cisco Umbrella Rank: 921
49 KB
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 600
19 KB
27 8
Domain Requested by
8 removery.zenoti.com removery.zenoti.com
6 aadcdn.msftauth.net login.microsoftonline.com
aadcdn.msftauth.net
3 ids.zenoti.com 2 redirects removery.zenoti.com
2 aadcdn.msftauthimages.net
2 login.microsoftonline.com removery.zenoti.com
aadcdn.msauth.net
2 bam.nr-data.net removery.zenoti.com
js-agent.newrelic.com
1 login.live.com login.microsoftonline.com
1 aadcdn.msauth.net login.microsoftonline.com
1 js-agent.newrelic.com removery.zenoti.com
27 9

This site contains links to these domains. Also see Links.

Domain
www.microsoft.com
privacy.microsoft.com
Subject Issuer Validity Valid
*.zenoti.com
Go Daddy Secure Certificate Authority - G2		 2023-07-26 -
2024-08-26		 a year crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1		 2024-01-15 -
2025-02-15		 a year crt.sh
*.nr-data.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-29 -
2024-10-01		 a year crt.sh
stamp2.login.microsoftonline.com
DigiCert SHA2 Secure Server CA		 2023-11-23 -
2024-11-23		 a year crt.sh
aadcdn.msauth.net
DigiCert SHA2 Secure Server CA		 2024-01-29 -
2025-01-29		 a year crt.sh
aadcdn.msftauth.net
DigiCert SHA2 Secure Server CA		 2023-12-01 -
2024-12-01		 a year crt.sh
login.live.com
DigiCert SHA2 Secure Server CA		 2023-11-11 -
2024-11-11		 a year crt.sh
aadcdn.msftauthimages.net
Microsoft Azure RSA TLS Issuing CA 03		 2023-11-25 -
2024-11-19		 a year crt.sh

This page contains 1 frames:

Primary Page: https://login.microsoftonline.com/b15c8315-c491-4a72-8ffd-e035d4f96cce/saml2?SAMLRequest=fZFBb8IwDIX%2fSpR72jQqgka0qBpCQtqmaTAOu0xp645ITcLiFMF%2b%2fboyJHbYrvZ7tr%2fn%2beJkOnIEj9rZnCYRpwRs7Rpt33P6sl2xGV0Uc1SmO8iyD3v7DB89YCCDz6IcGzntvZVOoUZplQGUoZab8uFeiojLg3fB1a6jN5b%2fHQoRfBgOomS9zOmbaqqJyECwWcunLOUKWKbajCUqS1tQSVVN00GK2MPaYlA25FRwkTIuGE%2b3PJMilRPxSsnuCiq%2bQcvrnjtnsTfgN%2bCPuh6GNHDKKacXcDlO9sU%2bhAPKOPZg3JDYOfoE64KOamfm8a3wJ67HAWy9fHKdrs9k5bxR4W%2fuJErGim5YO0olGKW7smk8IFISF5cdv79QfAE%3d&sso_reload=true
Frame ID: A4CD6C2C5EAC6DA89D5D7019973FE041
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bei Ihrem Konto anmelden

Page URL History Show full URLs

  1. https://removery.zenoti.com/sso/redirect.aspx Page URL
  2. https://ids.zenoti.com/connect/authorize?client_id=2360e9af-16d1-11ec-bbe9-0adc2855f3fb&redirect_ur... HTTP 302
    https://ids.zenoti.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3D2360... HTTP 302
    https://login.microsoftonline.com/b15c8315-c491-4a72-8ffd-e035d4f96cce/saml2?SAMLRequest=fZFBb8IwDIX%2fSpR72jQ... Page URL
  3. https://login.microsoftonline.com/b15c8315-c491-4a72-8ffd-e035d4f96cce/saml2?SAMLRequest=fZFBb8IwDIX%2fSpR72jQ... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js

Page Statistics

27
Requests

89 %
HTTPS

38 %
IPv6

8
Domains

9
Subdomains

9
IPs

2
Countries

783 kB
Transfer

2068 kB
Size

20
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://removery.zenoti.com/sso/redirect.aspx Page URL
  2. https://ids.zenoti.com/connect/authorize?client_id=2360e9af-16d1-11ec-bbe9-0adc2855f3fb&redirect_uri=https%3A%2F%2Fremovery.zenoti.com%2Fsso%2Fredirect_callback.aspx%3Fids_error%3D%26ids_relate_state%3D%26ids_reply_url%3D%26ids_machine_auth_only%3Dfalse%26ids_machine_auth_id%3D28918124-c5c0-408d-9363-ed428cf9946f&response_type=code&scope=api%20openid&state=9366e9d41478404d8e91f349ade91a98&code_challenge=b1_Hxq7ARKluLUi_cNVKniQvRNb43Oi5e6R_CLa-nwU&code_challenge_method=S256&acr_values=tenant%3Aremovery&response_mode=query&display_banner=True&enable_machine_authentication=true&machine_auth_only=False&use_ids_machine_auth=True&machine_auth_id=28918124-c5c0-408d-9363-ed428cf9946f&machine_auth_key=&banner_message=AMRS05a%20%2F%202024.1.25.753&ids_error_message=&is_chat_enabled=True&intercom_app_id=mv4uo5xy&zenoti_req_id=%24S2D%23k%2Fj15K1iroY6QX%2FS%2B0u03PYG44jqiSSqD5KcFWy1RGijknaMorstvzmT77xGWIFo2IY2YXCjdOs%3D&req_dt=1707081891 HTTP 302
    https://ids.zenoti.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3D2360e9af-16d1-11ec-bbe9-0adc2855f3fb%26redirect_uri%3Dhttps%253A%252F%252Fremovery.zenoti.com%252Fsso%252Fredirect_callback.aspx%253Fids_error%253D%2526ids_relate_state%253D%2526ids_reply_url%253D%2526ids_machine_auth_only%253Dfalse%2526ids_machine_auth_id%253D28918124-c5c0-408d-9363-ed428cf9946f%26response_type%3Dcode%26scope%3Dapi%2520openid%26state%3D9366e9d41478404d8e91f349ade91a98%26code_challenge%3Db1_Hxq7ARKluLUi_cNVKniQvRNb43Oi5e6R_CLa-nwU%26code_challenge_method%3DS256%26acr_values%3Dtenant%253Aremovery%26response_mode%3Dquery%26display_banner%3DTrue%26enable_machine_authentication%3Dtrue%26machine_auth_only%3DFalse%26use_ids_machine_auth%3DTrue%26machine_auth_id%3D28918124-c5c0-408d-9363-ed428cf9946f%26machine_auth_key%26banner_message%3DAMRS05a%2520%252F%25202024.1.25.753%26ids_error_message%26is_chat_enabled%3DTrue%26intercom_app_id%3Dmv4uo5xy%26zenoti_req_id%3D$S2D%2523k%252Fj15K1iroY6QX%252FS%252B0u03PYG44jqiSSqD5KcFWy1RGijknaMorstvzmT77xGWIFo2IY2YXCjdOs%253D%26req_dt%3D1707081891%26prompted%3Dtrue HTTP 302
    https://login.microsoftonline.com/b15c8315-c491-4a72-8ffd-e035d4f96cce/saml2?SAMLRequest=fZFBb8IwDIX%2fSpR72jQqgka0qBpCQtqmaTAOu0xp645ITcLiFMF%2b%2fboyJHbYrvZ7tr%2fn%2beJkOnIEj9rZnCYRpwRs7Rpt33P6sl2xGV0Uc1SmO8iyD3v7DB89YCCDz6IcGzntvZVOoUZplQGUoZab8uFeiojLg3fB1a6jN5b%2fHQoRfBgOomS9zOmbaqqJyECwWcunLOUKWKbajCUqS1tQSVVN00GK2MPaYlA25FRwkTIuGE%2b3PJMilRPxSsnuCiq%2bQcvrnjtnsTfgN%2bCPuh6GNHDKKacXcDlO9sU%2bhAPKOPZg3JDYOfoE64KOamfm8a3wJ67HAWy9fHKdrs9k5bxR4W%2fuJErGim5YO0olGKW7smk8IFISF5cdv79QfAE%3d Page URL
  3. https://login.microsoftonline.com/b15c8315-c491-4a72-8ffd-e035d4f96cce/saml2?SAMLRequest=fZFBb8IwDIX%2fSpR72jQqgka0qBpCQtqmaTAOu0xp645ITcLiFMF%2b%2fboyJHbYrvZ7tr%2fn%2beJkOnIEj9rZnCYRpwRs7Rpt33P6sl2xGV0Uc1SmO8iyD3v7DB89YCCDz6IcGzntvZVOoUZplQGUoZab8uFeiojLg3fB1a6jN5b%2fHQoRfBgOomS9zOmbaqqJyECwWcunLOUKWKbajCUqS1tQSVVN00GK2MPaYlA25FRwkTIuGE%2b3PJMilRPxSsnuCiq%2bQcvrnjtnsTfgN%2bCPuh6GNHDKKacXcDlO9sU%2bhAPKOPZg3JDYOfoE64KOamfm8a3wJ67HAWy9fHKdrs9k5bxR4W%2fuJErGim5YO0olGKW7smk8IFISF5cdv79QfAE%3d&sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • https://ids.zenoti.com/connect/authorize?client_id=2360e9af-16d1-11ec-bbe9-0adc2855f3fb&redirect_uri=https%3A%2F%2Fremovery.zenoti.com%2Fsso%2Fredirect_callback.aspx%3Fids_error%3D%26ids_relate_state%3D%26ids_reply_url%3D%26ids_machine_auth_only%3Dfalse%26ids_machine_auth_id%3D28918124-c5c0-408d-9363-ed428cf9946f&response_type=code&scope=api%20openid&state=9366e9d41478404d8e91f349ade91a98&code_challenge=b1_Hxq7ARKluLUi_cNVKniQvRNb43Oi5e6R_CLa-nwU&code_challenge_method=S256&acr_values=tenant%3Aremovery&response_mode=query&display_banner=True&enable_machine_authentication=true&machine_auth_only=False&use_ids_machine_auth=True&machine_auth_id=28918124-c5c0-408d-9363-ed428cf9946f&machine_auth_key=&banner_message=AMRS05a%20%2F%202024.1.25.753&ids_error_message=&is_chat_enabled=True&intercom_app_id=mv4uo5xy&zenoti_req_id=%24S2D%23k%2Fj15K1iroY6QX%2FS%2B0u03PYG44jqiSSqD5KcFWy1RGijknaMorstvzmT77xGWIFo2IY2YXCjdOs%3D&req_dt=1707081891 HTTP 302
  • https://ids.zenoti.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3D2360e9af-16d1-11ec-bbe9-0adc2855f3fb%26redirect_uri%3Dhttps%253A%252F%252Fremovery.zenoti.com%252Fsso%252Fredirect_callback.aspx%253Fids_error%253D%2526ids_relate_state%253D%2526ids_reply_url%253D%2526ids_machine_auth_only%253Dfalse%2526ids_machine_auth_id%253D28918124-c5c0-408d-9363-ed428cf9946f%26response_type%3Dcode%26scope%3Dapi%2520openid%26state%3D9366e9d41478404d8e91f349ade91a98%26code_challenge%3Db1_Hxq7ARKluLUi_cNVKniQvRNb43Oi5e6R_CLa-nwU%26code_challenge_method%3DS256%26acr_values%3Dtenant%253Aremovery%26response_mode%3Dquery%26display_banner%3DTrue%26enable_machine_authentication%3Dtrue%26machine_auth_only%3DFalse%26use_ids_machine_auth%3DTrue%26machine_auth_id%3D28918124-c5c0-408d-9363-ed428cf9946f%26machine_auth_key%26banner_message%3DAMRS05a%2520%252F%25202024.1.25.753%26ids_error_message%26is_chat_enabled%3DTrue%26intercom_app_id%3Dmv4uo5xy%26zenoti_req_id%3D$S2D%2523k%252Fj15K1iroY6QX%252FS%252B0u03PYG44jqiSSqD5KcFWy1RGijknaMorstvzmT77xGWIFo2IY2YXCjdOs%253D%26req_dt%3D1707081891%26prompted%3Dtrue HTTP 302
  • https://login.microsoftonline.com/b15c8315-c491-4a72-8ffd-e035d4f96cce/saml2?SAMLRequest=fZFBb8IwDIX%2fSpR72jQqgka0qBpCQtqmaTAOu0xp645ITcLiFMF%2b%2fboyJHbYrvZ7tr%2fn%2beJkOnIEj9rZnCYRpwRs7Rpt33P6sl2xGV0Uc1SmO8iyD3v7DB89YCCDz6IcGzntvZVOoUZplQGUoZab8uFeiojLg3fB1a6jN5b%2fHQoRfBgOomS9zOmbaqqJyECwWcunLOUKWKbajCUqS1tQSVVN00GK2MPaYlA25FRwkTIuGE%2b3PJMilRPxSsnuCiq%2bQcvrnjtnsTfgN%2bCPuh6GNHDKKacXcDlO9sU%2bhAPKOPZg3JDYOfoE64KOamfm8a3wJ67HAWy9fHKdrs9k5bxR4W%2fuJErGim5YO0olGKW7smk8IFISF5cdv79QfAE%3d

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
redirect.aspx
removery.zenoti.com/sso/ 		45 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://removery.zenoti.com/sso/redirect.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.83.226.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ae6daf7601cc9aa9f.awsglobalaccelerator.com
Software
/
Resource Hash
156e28ca3b3ba4d3f74f0e4673a2eb48ca7245e28d8d5b4ad23de7ee63f851ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS
cache-control
private
content-encoding
gzip
content-length
19741
content-type
text/html; charset=utf-8
date
Sun, 04 Feb 2024 21:24:51 GMT
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
1; mode=block
jquery.min.js
removery.zenoti.com/Common/Scripts/lib/jquery/3.5.1/ 		87 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://removery.zenoti.com/Common/Scripts/lib/jquery/3.5.1/jquery.min.js?v=20240124120746
Requested by
Host: removery.zenoti.com
URL: https://removery.zenoti.com/sso/redirect.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.83.226.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ae6daf7601cc9aa9f.awsglobalaccelerator.com
Software
/
Resource Hash
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://removery.zenoti.com/sso/redirect.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 21:24:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Wed, 24 Jan 2024 06:37:46 GMT
referrer-policy
strict-origin-when-cross-origin
etag
"09948d78f4eda1:0"
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
content-length
39750
x-xss-protection
1; mode=block
jquery-ui.min.js
removery.zenoti.com/Common/Scripts/lib/jquery-ui/1.12.1/ 		248 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://removery.zenoti.com/Common/Scripts/lib/jquery-ui/1.12.1/jquery-ui.min.js?v=20240124120746
Requested by
Host: removery.zenoti.com
URL: https://removery.zenoti.com/sso/redirect.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.83.226.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ae6daf7601cc9aa9f.awsglobalaccelerator.com
Software
/
Resource Hash
21cacca8e9eb98f1f32702b4176685f2f941af51ab5bc7cf88ccb5435a1bb080
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://removery.zenoti.com/sso/redirect.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 21:24:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Wed, 24 Jan 2024 06:37:46 GMT
referrer-policy
strict-origin-when-cross-origin
etag
"09948d78f4eda1:0"
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
content-length
91280
x-xss-protection
1; mode=block
zen.js
removery.zenoti.com/Common/Scripts/lib/utility/1.0/ 		509 B
848 B 		Script
General
Check archive.org
Download Go to
Full URL
https://removery.zenoti.com/Common/Scripts/lib/utility/1.0/zen.js?v=20240124120746
Requested by
Host: removery.zenoti.com
URL: https://removery.zenoti.com/sso/redirect.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.83.226.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ae6daf7601cc9aa9f.awsglobalaccelerator.com
Software
/
Resource Hash
ed6e16e7298f81a7abe0aaadbc2ad63a3074164f119c1193c518fb377d005f3c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://removery.zenoti.com/sso/redirect.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 21:24:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Wed, 24 Jan 2024 06:37:46 GMT
referrer-policy
strict-origin-when-cross-origin
etag
"09948d78f4eda1:0"
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
content-length
434
x-xss-protection
1; mode=block
nonLocalizeTheme.css
removery.zenoti.com/Common/Styles/Css/Custom/ThemeVariables/ 		35 B
548 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://removery.zenoti.com/Common/Styles/Css/Custom/ThemeVariables/nonLocalizeTheme.css?v=20240125123438
Requested by
Host: removery.zenoti.com
URL: https://removery.zenoti.com/sso/redirect.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.83.226.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ae6daf7601cc9aa9f.awsglobalaccelerator.com
Software
/
Resource Hash
9ebb83176d7f96c7bcd4149c02d92f8c480bd233294e383638cfd0cdbcf9c0c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://removery.zenoti.com/sso/redirect.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 21:24:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thu, 25 Jan 2024 07:04:38 GMT
referrer-policy
strict-origin-when-cross-origin
etag
"0786c25c4fda1:0"
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/css
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
content-length
145
x-xss-protection
1; mode=block
platform.js
removery.zenoti.com/Common/Scripts/lib/ 		46 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://removery.zenoti.com/Common/Scripts/lib/platform.js?v=20240124120744
Requested by
Host: removery.zenoti.com
URL: https://removery.zenoti.com/sso/redirect.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.83.226.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ae6daf7601cc9aa9f.awsglobalaccelerator.com
Software
/
Resource Hash
84e22a2917685d8beed1c9ceb257d5c7f806ebc6cc0aaa00b93a6b657027857c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://removery.zenoti.com/sso/redirect.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 21:24:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Wed, 24 Jan 2024 06:37:44 GMT
referrer-policy
strict-origin-when-cross-origin
etag
"06c17d68f4eda1:0"
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
content-length
11632
x-xss-protection
1; mode=block
jquery.cookie.js
removery.zenoti.com/Common/Scripts/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://removery.zenoti.com/Common/Scripts/jquery.cookie.js?v=20240124120744
Requested by
Host: removery.zenoti.com
URL: https://removery.zenoti.com/sso/redirect.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.83.226.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ae6daf7601cc9aa9f.awsglobalaccelerator.com
Software
/
Resource Hash
b79eb7c9ef16adb16dee61399af9e86cd3fa260a7711fc9c4e70dafbb8901ef8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://removery.zenoti.com/sso/redirect.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 21:24:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Wed, 24 Jan 2024 06:37:44 GMT
referrer-policy
strict-origin-when-cross-origin
etag
"06c17d68f4eda1:0"
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
content-length
1275
x-xss-protection
1; mode=block
OpenIdConnect.js
removery.zenoti.com/Common/Scripts/ 		372 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://removery.zenoti.com/Common/Scripts/OpenIdConnect.js?v=20240124120744
Requested by
Host: removery.zenoti.com
URL: https://removery.zenoti.com/sso/redirect.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.83.226.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ae6daf7601cc9aa9f.awsglobalaccelerator.com
Software
/
Resource Hash
9d04540b9edb1022e9a36a95d2b76c458056f90949cd7f35074edd8b51832ce6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://removery.zenoti.com/sso/redirect.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 21:24:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Wed, 24 Jan 2024 06:37:44 GMT
referrer-policy
strict-origin-when-cross-origin
etag
"06c17d68f4eda1:0"
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
content-length
135017
x-xss-protection
1; mode=block
openid-configuration
ids.zenoti.com/.well-known/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ids.zenoti.com/.well-known/openid-configuration
Requested by
Host: removery.zenoti.com
URL: https://removery.zenoti.com/sso/redirect.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.223.55.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a949402a9f1e834c3.awsglobalaccelerator.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://removery.zenoti.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-origin
https://removery.zenoti.com
date
Sun, 04 Feb 2024 21:24:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
nr-spa-1216.min.js
js-agent.newrelic.com/ 		49 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-spa-1216.min.js
Requested by
Host: removery.zenoti.com
URL: https://removery.zenoti.com/sso/redirect.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://removery.zenoti.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id
MElzWumrf8lREc3kORDlSWHVtEZAK4m8
content-encoding
br
via
1.1 varnish
date
Sun, 04 Feb 2024 21:24:51 GMT
strict-transport-security
max-age=300
x-amz-request-id
TY9JRGV4PP0WZF1F
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
19141
x-amz-id-2
hEx4r1hU0Wtc9uyNqrGzlfmOtUja5/eGieVcA+fwEhwWqw6lxZH8PA35IqgTThXsiATCjwG/mzc=
x-served-by
cache-fra-etou8220025-FRA
last-modified
Wed, 18 Oct 2023 21:31:16 GMT
server
AmazonS3
x-timer
S1707081892.895341,VS0,VE0
etag
"63e2df852d15ab21d7ff8fc4363222e8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
x-cache-hits
40475
NRBR-e555e75eef5cf9016dd
bam.nr-data.net/1/ 		56 B
495 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/NRBR-e555e75eef5cf9016dd?a=353720476&v=1216.487a282&to=Z1BWYkRWXUIFARBaX14adWVmGEBCC00WVlRZR1FVQhlSQhQa&rst=767&ck=1&ref=https://removery.zenoti.com/sso/redirect.aspx&ap=6&be=640&fe=708&dc=708&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1707081891144,%22n%22:0,%22f%22:0,%22dn%22:53,%22dne%22:53,%22c%22:53,%22s%22:63,%22ce%22:247,%22rq%22:247,%22rp%22:357,%22rpe%22:360,%22dl%22:366,%22di%22:708,%22ds%22:708,%22de%22:708,%22dc%22:708,%22l%22:708,%22le%22:708%7D,%22navigation%22:%7B%7D%7D&fp=678&fcp=678&jsonp=NREUM.setToken
Requested by
Host: removery.zenoti.com
URL: https://removery.zenoti.com/sso/redirect.aspx
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f9745c48d0b4c918d466da4acdb3f786ef5cda4c69ac0b6009d76cff67e6325d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://removery.zenoti.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 21:24:52 GMT
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
Connection
keep-alive
Content-Length
56
x-served-by
cache-fra-etou8220092-FRA
saml2
login.microsoftonline.com/b15c8315-c491-4a72-8ffd-e035d4f96cce/
Redirect Chain
  • https://ids.zenoti.com/connect/authorize?client_id=2360e9af-16d1-11ec-bbe9-0adc2855f3fb&redirect_uri=https%3A%2F%2Fremovery.zenoti.com%2Fsso%2Fredirect_callback.aspx%3Fids_error%3D%26ids_relate_sta...
  • https://ids.zenoti.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3D2360e9af-16d1-11ec-bbe9-0adc2855f3fb%26redirect_uri%3Dhttps%253A%252F%252Fremovery.zenoti.com%252Fsso%...
  • https://login.microsoftonline.com/b15c8315-c491-4a72-8ffd-e035d4f96cce/saml2?SAMLRequest=fZFBb8IwDIX%2fSpR72jQqgka0qBpCQtqmaTAOu0xp645ITcLiFMF%2b%2fboyJHbYrvZ7tr%2fn%2beJkOnIEj9rZnCYRpwRs7Rpt33P6sl...
20 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/b15c8315-c491-4a72-8ffd-e035d4f96cce/saml2?SAMLRequest=fZFBb8IwDIX%2fSpR72jQqgka0qBpCQtqmaTAOu0xp645ITcLiFMF%2b%2fboyJHbYrvZ7tr%2fn%2beJkOnIEj9rZnCYRpwRs7Rpt33P6sl2xGV0Uc1SmO8iyD3v7DB89YCCDz6IcGzntvZVOoUZplQGUoZab8uFeiojLg3fB1a6jN5b%2fHQoRfBgOomS9zOmbaqqJyECwWcunLOUKWKbajCUqS1tQSVVN00GK2MPaYlA25FRwkTIuGE%2b3PJMilRPxSsnuCiq%2bQcvrnjtnsTfgN%2bCPuh6GNHDKKacXcDlO9sU%2bhAPKOPZg3JDYOfoE64KOamfm8a3wJ67HAWy9fHKdrs9k5bxR4W%2fuJErGim5YO0olGKW7smk8IFISF5cdv79QfAE%3d
Requested by
Host: removery.zenoti.com
URL: https://removery.zenoti.com/Common/Scripts/OpenIdConnect.js?v=20240124120744
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2603:1027:1:158::2 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c983a85945550d48118962a0a03b2bc2fc9ba549f00296c7ff6f80c9a6b04584
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://removery.zenoti.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
9094
Content-Type
text/html; charset=utf-8
Date
Sun, 04 Feb 2024 21:24:52 GMT
Expires
-1
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
x-ms-ests-server
2.1.17216.2 - WUS3 ProdSlices
x-ms-request-id
39c6d995-7511-4511-ac2f-e7c42fb4c500

Redirect headers

cache-control
no-cache,no-store
content-length
0
date
Sun, 04 Feb 2024 21:24:52 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://login.microsoftonline.com/b15c8315-c491-4a72-8ffd-e035d4f96cce/saml2?SAMLRequest=fZFBb8IwDIX%2fSpR72jQqgka0qBpCQtqmaTAOu0xp645ITcLiFMF%2b%2fboyJHbYrvZ7tr%2fn%2beJkOnIEj9rZnCYRpwRs7Rpt33P6sl2xGV0Uc1SmO8iyD3v7DB89YCCDz6IcGzntvZVOoUZplQGUoZab8uFeiojLg3fB1a6jN5b%2fHQoRfBgOomS9zOmbaqqJyECwWcunLOUKWKbajCUqS1tQSVVN00GK2MPaYlA25FRwkTIuGE%2b3PJMilRPxSsnuCiq%2bQcvrnjtnsTfgN%2bCPuh6GNHDKKacXcDlO9sU%2bhAPKOPZg3JDYOfoE64KOamfm8a3wJ67HAWy9fHKdrs9k5bxR4W%2fuJErGim5YO0olGKW7smk8IFISF5cdv79QfAE%3d
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-robots-tag
noindex, nofollow
NRBR-e555e75eef5cf9016dd
bam.nr-data.net/events/1/ 		24 B
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/events/1/NRBR-e555e75eef5cf9016dd?a=353720476&v=1216.487a282&to=Z1BWYkRWXUIFARBaX14adWVmGEBCC00WVlRZR1FVQhlSQhQa&rst=1066&ck=1&ref=https://removery.zenoti.com/sso/redirect.aspx
Requested by
Host: removery.zenoti.com
URL: https://removery.zenoti.com/sso/redirect.aspx
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://removery.zenoti.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 04 Feb 2024 21:24:52 GMT
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
content-type
image/gif
access-control-allow-origin
https://removery.zenoti.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
24
x-served-by
cache-fra-etou8220092-FRA
NRBR-e555e75eef5cf9016dd
bam.nr-data.net/events/1/ 		0
0
NRBR-e555e75eef5cf9016dd
bam.nr-data.net/jserrors/1/ 		0
0
NRBR-e555e75eef5cf9016dd
bam.nr-data.net/events/1/ 		0
0
BssoInterrupt_Core_woM16NkhFmyyNr9BVJmFXQ2.js
aadcdn.msauth.net/shared/1.0/content/js/ 		136 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/BssoInterrupt_Core_woM16NkhFmyyNr9BVJmFXQ2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/b15c8315-c491-4a72-8ffd-e035d4f96cce/saml2?SAMLRequest=fZFBb8IwDIX%2fSpR72jQqgka0qBpCQtqmaTAOu0xp645ITcLiFMF%2b%2fboyJHbYrvZ7tr%2fn%2beJkOnIEj9rZnCYRpwRs7Rpt33P6sl2xGV0Uc1SmO8iyD3v7DB89YCCDz6IcGzntvZVOoUZplQGUoZab8uFeiojLg3fB1a6jN5b%2fHQoRfBgOomS9zOmbaqqJyECwWcunLOUKWKbajCUqS1tQSVVN00GK2MPaYlA25FRwkTIuGE%2b3PJMilRPxSsnuCiq%2bQcvrnjtnsTfgN%2bCPuh6GNHDKKacXcDlO9sU%2bhAPKOPZg3JDYOfoE64KOamfm8a3wJ67HAWy9fHKdrs9k5bxR4W%2fuJErGim5YO0olGKW7smk8IFISF5cdv79QfAE%3d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
339f4756c028e8f9b3ac337ece8ababefa558d874156ec0950c29ea765507b4c

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 04 Feb 2024 21:24:53 GMT
content-encoding
gzip
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
4554691
content-length
49115
x-ms-lease-status
unlocked
last-modified
Thu, 11 Jan 2024 22:22:12 GMT
etag
0x8DC12F3C2647378
x-azure-ref
20240204T212453Z-s0r7sg0r3520t52920agnh5fy000000003v0000000005x33
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
3a285412-d01e-0027-1162-55a5a3000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
Primary Request saml2
login.microsoftonline.com/b15c8315-c491-4a72-8ffd-e035d4f96cce/ 		38 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/b15c8315-c491-4a72-8ffd-e035d4f96cce/saml2?SAMLRequest=fZFBb8IwDIX%2fSpR72jQqgka0qBpCQtqmaTAOu0xp645ITcLiFMF%2b%2fboyJHbYrvZ7tr%2fn%2beJkOnIEj9rZnCYRpwRs7Rpt33P6sl2xGV0Uc1SmO8iyD3v7DB89YCCDz6IcGzntvZVOoUZplQGUoZab8uFeiojLg3fB1a6jN5b%2fHQoRfBgOomS9zOmbaqqJyECwWcunLOUKWKbajCUqS1tQSVVN00GK2MPaYlA25FRwkTIuGE%2b3PJMilRPxSsnuCiq%2bQcvrnjtnsTfgN%2bCPuh6GNHDKKacXcDlO9sU%2bhAPKOPZg3JDYOfoE64KOamfm8a3wJ67HAWy9fHKdrs9k5bxR4W%2fuJErGim5YO0olGKW7smk8IFISF5cdv79QfAE%3d&sso_reload=true
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/BssoInterrupt_Core_woM16NkhFmyyNr9BVJmFXQ2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2603:1027:1:158::2 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d57e3973c9204f26d05e1dc80023b8a8aca019bbba0dd2a8c6c7a44d0838dc10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://login.microsoftonline.com/b15c8315-c491-4a72-8ffd-e035d4f96cce/saml2?SAMLRequest=fZFBb8IwDIX%2fSpR72jQqgka0qBpCQtqmaTAOu0xp645ITcLiFMF%2b%2fboyJHbYrvZ7tr%2fn%2beJkOnIEj9rZnCYRpwRs7Rpt33P6sl2xGV0Uc1SmO8iyD3v7DB89YCCDz6IcGzntvZVOoUZplQGUoZab8uFeiojLg3fB1a6jN5b%2fHQoRfBgOomS9zOmbaqqJyECwWcunLOUKWKbajCUqS1tQSVVN00GK2MPaYlA25FRwkTIuGE%2b3PJMilRPxSsnuCiq%2bQcvrnjtnsTfgN%2bCPuh6GNHDKKacXcDlO9sU%2bhAPKOPZg3JDYOfoE64KOamfm8a3wJ67HAWy9fHKdrs9k5bxR4W%2fuJErGim5YO0olGKW7smk8IFISF5cdv79QfAE%3d
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
14600
Content-Type
text/html; charset=utf-8
Date
Sun, 04 Feb 2024 21:24:52 GMT
Expires
-1
Link
<https://aadcdn.msftauth.net>; rel=preconnect; crossorigin <https://aadcdn.msftauth.net>; rel=dns-prefetch <https://aadcdn.msauth.net>; rel=dns-prefetch
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
on
X-Frame-Options
DENY
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
x-ms-ests-server
2.1.17216.2 - SCUS ProdSlices
x-ms-request-id
a46246b4-f415-4b5a-9c2b-f5bde6cc9500
converged.v2.login.min_1ito3russhq-9gioj-zd4w2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 		110 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_1ito3russhq-9gioj-zd4w2.css
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/b15c8315-c491-4a72-8ffd-e035d4f96cce/saml2?SAMLRequest=fZFBb8IwDIX%2fSpR72jQqgka0qBpCQtqmaTAOu0xp645ITcLiFMF%2b%2fboyJHbYrvZ7tr%2fn%2beJkOnIEj9rZnCYRpwRs7Rpt33P6sl2xGV0Uc1SmO8iyD3v7DB89YCCDz6IcGzntvZVOoUZplQGUoZab8uFeiojLg3fB1a6jN5b%2fHQoRfBgOomS9zOmbaqqJyECwWcunLOUKWKbajCUqS1tQSVVN00GK2MPaYlA25FRwkTIuGE%2b3PJMilRPxSsnuCiq%2bQcvrnjtnsTfgN%2bCPuh6GNHDKKacXcDlO9sU%2bhAPKOPZg3JDYOfoE64KOamfm8a3wJ67HAWy9fHKdrs9k5bxR4W%2fuJErGim5YO0olGKW7smk8IFISF5cdv79QfAE%3d&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:78b9:f44e:2c1f:31aa:d9ef , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CBB) /
Resource Hash
4b01a0a34ce8ed4bc8a8713be0442d49da6a756236b7b4424622ca3dee820f41

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 04 Feb 2024 21:24:53 GMT
content-encoding
gzip
content-md5
kqhA3D0Xczna4D/t8ioitQ==
age
3266189
x-cache
HIT
content-length
20314
x-ms-lease-status
unlocked
last-modified
Wed, 27 Dec 2023 18:19:21 GMT
server
ECAcc (frc/4CBB)
etag
0x8DC070858CA028D
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
433c843e-301e-0028-1ffb-399304000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
ConvergedLogin_PCore_rT0zkaZkTfaSAkKPThHEog2.js
aadcdn.msftauth.net/shared/1.0/content/js/ 		422 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_rT0zkaZkTfaSAkKPThHEog2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/b15c8315-c491-4a72-8ffd-e035d4f96cce/saml2?SAMLRequest=fZFBb8IwDIX%2fSpR72jQqgka0qBpCQtqmaTAOu0xp645ITcLiFMF%2b%2fboyJHbYrvZ7tr%2fn%2beJkOnIEj9rZnCYRpwRs7Rpt33P6sl2xGV0Uc1SmO8iyD3v7DB89YCCDz6IcGzntvZVOoUZplQGUoZab8uFeiojLg3fB1a6jN5b%2fHQoRfBgOomS9zOmbaqqJyECwWcunLOUKWKbajCUqS1tQSVVN00GK2MPaYlA25FRwkTIuGE%2b3PJMilRPxSsnuCiq%2bQcvrnjtnsTfgN%2bCPuh6GNHDKKacXcDlO9sU%2bhAPKOPZg3JDYOfoE64KOamfm8a3wJ67HAWy9fHKdrs9k5bxR4W%2fuJErGim5YO0olGKW7smk8IFISF5cdv79QfAE%3d&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:78b9:f44e:2c1f:31aa:d9ef , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CF1) /
Resource Hash
ef6fa330008e245a4a7d432b9227402119c373708c8a59203d46ee10113865eb

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 04 Feb 2024 21:24:53 GMT
content-encoding
gzip
content-md5
RMeXXxzd9RR9j99J9A/YZA==
age
1921602
x-cache
HIT
content-length
118802
x-ms-lease-status
unlocked
last-modified
Thu, 11 Jan 2024 22:21:50 GMT
server
ECAcc (frc/4CF1)
etag
0x8DC12F3B5202B34
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
e386dd54-501e-00c2-5636-468866000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
ux.converged.login.strings-de.min_ejinblwk_mimxsc4lkii7w2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-de.min_ejinblwk_mimxsc4lkii7w2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/b15c8315-c491-4a72-8ffd-e035d4f96cce/saml2?SAMLRequest=fZFBb8IwDIX%2fSpR72jQqgka0qBpCQtqmaTAOu0xp645ITcLiFMF%2b%2fboyJHbYrvZ7tr%2fn%2beJkOnIEj9rZnCYRpwRs7Rpt33P6sl2xGV0Uc1SmO8iyD3v7DB89YCCDz6IcGzntvZVOoUZplQGUoZab8uFeiojLg3fB1a6jN5b%2fHQoRfBgOomS9zOmbaqqJyECwWcunLOUKWKbajCUqS1tQSVVN00GK2MPaYlA25FRwkTIuGE%2b3PJMilRPxSsnuCiq%2bQcvrnjtnsTfgN%2bCPuh6GNHDKKacXcDlO9sU%2bhAPKOPZg3JDYOfoE64KOamfm8a3wJ67HAWy9fHKdrs9k5bxR4W%2fuJErGim5YO0olGKW7smk8IFISF5cdv79QfAE%3d&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:78b9:f44e:2c1f:31aa:d9ef , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4C9D) /
Resource Hash
2b9c25a4f1f50e3bd8f868967751f09e8b95f97852155e81faac830e3bb383d9

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 04 Feb 2024 21:24:53 GMT
content-encoding
gzip
content-md5
xzBhZ8dNO/XnUvJuRRdbgA==
age
4801276
x-cache
HIT
content-length
16736
x-ms-lease-status
unlocked
last-modified
Thu, 07 Dec 2023 23:24:57 GMT
server
ECAcc (frc/4C9D)
etag
0x8DBF77BB9A87B12
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
aa4e7435-601e-00c9-5a05-2cad71000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
Me.htm
login.live.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://login.live.com/Me.htm?v=3
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/b15c8315-c491-4a72-8ffd-e035d4f96cce/saml2?SAMLRequest=fZFBb8IwDIX%2fSpR72jQqgka0qBpCQtqmaTAOu0xp645ITcLiFMF%2b%2fboyJHbYrvZ7tr%2fn%2beJkOnIEj9rZnCYRpwRs7Rpt33P6sl2xGV0Uc1SmO8iyD3v7DB89YCCDz6IcGzntvZVOoUZplQGUoZab8uFeiojLg3fB1a6jN5b%2fHQoRfBgOomS9zOmbaqqJyECwWcunLOUKWKbajCUqS1tQSVVN00GK2MPaYlA25FRwkTIuGE%2b3PJMilRPxSsnuCiq%2bQcvrnjtnsTfgN%2bCPuh6GNHDKKacXcDlO9sU%2bhAPKOPZg3JDYOfoE64KOamfm8a3wJ67HAWy9fHKdrs9k5bxR4W%2fuJErGim5YO0olGKW7smk8IFISF5cdv79QfAE%3d&sso_reload=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.160.22 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers
convergedlogin_pcustomizationloader_6a0a7b7c69bd86706a39.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 		153 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_6a0a7b7c69bd86706a39.js
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_rT0zkaZkTfaSAkKPThHEog2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:78b9:f44e:2c1f:31aa:d9ef , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CD8) /
Resource Hash
688a2d42350796280657d4bfee504616c104fc5af822938dd79425f467c3b5bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 04 Feb 2024 21:24:54 GMT
content-encoding
gzip
content-md5
ZeQH0cIatjmBJ7hqKoBn0Q==
age
2595547
x-cache
HIT
content-length
34606
x-ms-lease-status
unlocked
last-modified
Thu, 04 Jan 2024 04:42:14 GMT
server
ECAcc (frc/4CD8)
etag
0x8DC0CDF85D41F36
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
7de3c2fe-a01e-0005-7515-40dd2c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
illustration
aadcdn.msftauthimages.net/dbd5a2dd-mhvo-pdvolibcawkihf92wjcsrfd8tcho6gifh9g3ea/logintenantbranding/0/ 		161 KB
161 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauthimages.net/dbd5a2dd-mhvo-pdvolibcawkihf92wjcsrfd8tcho6gifh9g3ea/logintenantbranding/0/illustration?ts=637281315202840207
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9e030406baf03162d5403c8a563f812814590b170a20912d85ec10de6eedd409

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 04 Feb 2024 21:24:54 GMT
x-cache
TCP_MISS
x-fd-int-roxy-purgeid
0
content-length
164352
x-ms-lease-status
unlocked
last-modified
Fri, 19 Jun 2020 02:45:20 GMT
etag
0x8D813FACEF88DBF
x-azure-ref
20240204T212454Z-m13r22k91p6rz8tgrd9szkd5tw00000003p000000000fsaa
content-type
image/*
access-control-allow-origin
*
x-ms-request-id
42ef2fe8-501e-0028-63b0-5766fb000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
bannerlogo
aadcdn.msftauthimages.net/dbd5a2dd-mhvo-pdvolibcawkihf92wjcsrfd8tcho6gifh9g3ea/logintenantbranding/0/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauthimages.net/dbd5a2dd-mhvo-pdvolibcawkihf92wjcsrfd8tcho6gifh9g3ea/logintenantbranding/0/bannerlogo?ts=637214637964203229
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cbcb7f13da2bd4c347da1cb18ebfd44b50baf264fcb1b4d68701c684cf5ebfe8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 04 Feb 2024 21:24:54 GMT
x-cache
TCP_MISS
x-fd-int-roxy-purgeid
0
content-length
4797
x-ms-lease-status
unlocked
last-modified
Thu, 02 Apr 2020 22:36:36 GMT
etag
0x8D7D7564DD9B958
x-azure-ref
20240204T212454Z-m13r22k91p6rz8tgrd9szkd5tw00000003p000000000fsab
content-type
image/*
access-control-allow-origin
*
x-ms-request-id
bf18f3e0-a01e-003c-63b0-572e94000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
convergedlogin_pstringcustomizationhelper_7582d7648944aa49d261.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 		111 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_7582d7648944aa49d261.js
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_rT0zkaZkTfaSAkKPThHEog2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:78b9:f44e:2c1f:31aa:d9ef , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CF9) /
Resource Hash
c2735f54f9ea5b4009fb3f28e9013d3be1645466fd79d0fd06387c5c39438d0a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 04 Feb 2024 21:24:54 GMT
content-encoding
gzip
content-md5
2VGb7WsUGKsKvDHsvFoXPg==
age
2593181
x-cache
HIT
content-length
35913
x-ms-lease-status
unlocked
last-modified
Thu, 04 Jan 2024 04:42:15 GMT
server
ECAcc (frc/4CF9)
etag
0x8DC0CDF86C4011A
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
ae31fa97-501e-00fe-081a-405d6e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
aadcdn.msftauth.net/shared/1.0/content/images/ 		2 KB
785 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:78b9:f44e:2c1f:31aa:d9ef , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CA2) /
Resource Hash
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 04 Feb 2024 21:24:54 GMT
content-encoding
gzip
content-md5
R2FAVxfpONfnQAuxVxXbHg==
age
21613696
x-cache
HIT
content-length
621
x-ms-lease-status
unlocked
last-modified
Wed, 24 May 2023 10:11:52 GMT
server
ECAcc (frc/4CA2)
etag
0x8DB5C3F4BB4F03C
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
b2ae10f3-901e-0060-141d-935c76000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
bam.nr-data.net
URL
https://bam.nr-data.net/events/1/NRBR-e555e75eef5cf9016dd?a=353720476&v=1216.487a282&to=Z1BWYkRWXUIFARBaX14adWVmGEBCC00WVlRZR1FVQhlSQhQa&rst=1998&ck=1&ref=https://removery.zenoti.com/sso/redirect.aspx
Domain
bam.nr-data.net
URL
https://bam.nr-data.net/jserrors/1/NRBR-e555e75eef5cf9016dd?a=353720476&v=1216.487a282&to=Z1BWYkRWXUIFARBaX14adWVmGEBCC00WVlRZR1FVQhlSQhQa&rst=1999&ck=1&ref=https://removery.zenoti.com/sso/redirect.aspx
Domain
bam.nr-data.net
URL
https://bam.nr-data.net/events/1/NRBR-e555e75eef5cf9016dd?a=353720476&v=1216.487a282&to=Z1BWYkRWXUIFARBaX14adWVmGEBCC00WVlRZR1FVQhlSQhQa&rst=2000&ck=1&ref=https://removery.zenoti.com/sso/redirect.aspx

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository object| Telemetry object| telemetry_webpackJsonp boolean| __ConvergedLogin_PCore boolean| __ boolean| __convergedlogin_pcustomizationloader_6a0a7b7c69bd86706a39 boolean| __convergedlogin_pstringcustomizationhelper_7582d7648944aa49d261

20 Cookies

Domain/Path Name / Value
removery.zenoti.com/ Name: MMSRequestContext
Value: 2ae67612-a64d-47b7-a906-6b6615fe1df2
removery.zenoti.com/ Name: MMSContext
Value: ContextId=2ae67612-a64d-47b7-a906-6b6615fe1df2
removery.zenoti.com/ Name: Zenoti_Browser_Context
Value: 4838dcf4-6873-4c62-812b-cff7071899fb
removery.zenoti.com/ Name: LastAccessedTime
Value: 2024-02-04 21:24:51
.nr-data.net/ Name: JSESSIONID
Value: bc780eb4f158aba2
ids.zenoti.com/ Name: zenoti_ids_context
Value: 4d6030a5-6a56-4586-8496-b830f22311a6
ids.zenoti.com/ Name: idsrv.external
Value: CfDJ8FdMv8dGQu5Hvk8GEBRFSPfqXNHmXfYxvBcKQYQ69biN-prV5pBV7So4KdxJ_5bY9ONW3P-EvsmH7blUPSbx-IR-hEstN7g4k0GRYMMvq7wY-c5cIFiGS0PddePPZf1zNPglQCjIWigtJk-UdDo7gNevLHtpwVVsKjoSqe3mSje1T7MuUDb4yHGUiM79PcG2TsYrRKbqxIKEKiSZnvR5gHbhwx6m_mbdM0JQ21569ZVC1L3JkrkOrHyeWDEL3LYObnkwbn0t_zuWy3BLMZMws89XCvKJB6jB4vWFtz8uakVyf2rfB5zujRAyCFK2-imYVE3YH7GhZou-AJIRhq_Aebg68ac0Da8RZNKF79D8D1m0PeZlbUu8zTMpzp-64i6T8YXi91pL3IVB7NQ00zllziZx01flEvmLA2SwYjo7NGB_zHvPn8QBc73zEEb8BzV07mcOLwWsoPrsxa255n1m6A_kMLHX_GiAXCAFYmimRTHmb9j0qlBu-rchraUsj_lfEQX9gcxsfVl0lLS6rnv8F-CgzcEqDC6rkF31uLowRMN_IEWdFdl0C6F9Dq9BNxU_rL8lFmGOPxSqzwTAQtdPFQjrpXYiuWdjCpX7h6sJafNShxy4GQrLlyaPO5x_lIdQQSlYIrJFy4nc3bwJGZ8_SXFh9hiDhNlyJlm66muzWwdcR3TUVkGxsyVXQFbhd5bHT7_G7iXN7bzlSSL8lnncsL0k7ChCAyh59k6B_WiqiT-Nxgv4mov6qtk0NOwMAmALz4KUvadiyRdns3p2HLrgDCj7fFNSL9sVx8EbJ3jmTAEkqDcxmiqkHpanEC7i-yHlzcX2VTJ6StZLh2xaAezNoL0IeR-CMzakv3mq-qn1EtZBPCyZDSzrXQSRrvoWYvuvYJAF4_TG9_4CO2YBaiMPJzWG9lIAutJitZuHNExpB5w7Ps_0-Nz-VHKEer3e095xuBVEwP3F50LJd8RBP5gB37WOoiZTcViYVU14wO6cjQslScQPvk6sxtomkuObMRI92-eqTv2uqeBze22ofzk2PQAVmHs18HmMZz7xMB0IYjLh-q3SZ5O6vVfMfSk0L4--yQ1IeyqxWNC8MNkbILkDTbrbotNo-Q40iulQElVGNrSeJNaFD_SW7gQYqWDHf5fYV2E9s13c-0LDn4AMRf8qDBFSqhI78ulw78qhAFcX62qXdpXTFoBsX9wNCHSKmMe1KTQ_7hRhelXKytr7EnkRMiKulRuaLbNLjCjW_jM277gxfNxp_Hx3N6JZ1f8asOdyMlJ6G1lixg_NfhOVwgg7Z3OaDnddW9R1ktgoOA1rQN3B-HuK-k8wzLPbfp4XbJuOWVa8EXRS25DwnqJCVAdKYGB4F96H-2kQVOJx0dFl_9GyIJ98REwDXv9_FVvDuB4FzxEbMBEgLq_ezMJfbOYnT3DX0Yu8ewOXNMgh98VGs7EkYjyQkdvSjMJkrRG7MR4FtHMDAcej6MCqB8Xwz4WU0oezIZIW0N1TyFVK-lS67phhk1OuVHFvdIYH0WeEShgTg9T4OkdxWgxqNwKiDV9fvvi_8SN5R2FmcTFxREpDMheZ6cnHOGt7-fITVlKslJWpFcY262jrh1oYdS1J1maNooRBXlm1Fouj8SOtIaL3gjUu
ids.zenoti.com/ Name: SSO_Browser_ID
Value: fa8c0a04-cba1-4e5b-9c2a-758d05c4630f
.login.microsoftonline.com/ Name: esctx-StI0Hd6QW5w
Value: AQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-PMv5gQuTfxCvvvSovg1slVTugptnpGbbm6sZZu1LFBICX0t3igyp7EeQF78oHrvcaA2fQ5bKlqGvtP5NIgtPYRr8y8Odf5cqabHHExXFnGcV14o3Ig4eGWgWZAv5yxyO0JHXBQl6Vl476yUjyFBUxSAA
login.microsoftonline.com/ Name: x-ms-gateway-slice
Value: estsfd
login.microsoftonline.com/ Name: stsservicecookie
Value: estsfd
.login.microsoftonline.com/ Name: AADSSO
Value: NA|NoExtension
login.microsoftonline.com/ Name: SSOCOOKIEPULLED
Value: 1
login.microsoftonline.com/ Name: buid
Value: 0.ATcAFYNcsZHEckqP_eA11PlszvF9trKLEe5OmfmatGeigrc3AAA.AQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-whJbaOKJHmBQ_7aId3R0bV8af02EyWl2Xs4Z69q0gTm90E5yzh5AKBxXgrpP3-yaIjkeBQrZ4aqH0NYUby4GcD904q4tZ28K806CBxHQH0UgAA
.login.microsoftonline.com/ Name: esctx
Value: PAQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-lY9FgiWMuZU1iocU9p80w6JzQOqARmzzt9aOvchaLzOsQXHNaN6oEzhENLS-V01VGce6dBHnOn0HKGdKBXgbh9TLOVeG9uzaXHcC80BcMhAeKcdkTcuQRBwq76GnL3db7nJQuofFP7oYNe7EdkrGnaxrDIAHD4QKBExWq7CPEWEgAA
.login.microsoftonline.com/ Name: esctx-4sT4iOOsjaw
Value: AQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-10dxLWzBfHNSi0pTF40qaHGMZ6kOaWzPEYS7BnvuIGfrLNDjTTMXCfKE68L4cF3evPeR0XRVQuDc5fYMAdFUKG9yVAG7tqYtNA2Jh5MXv5fcEHdTMpOO0Sh0fC0HZH2AXtMdiBzJSu4c9944oUns8yAA
login.microsoftonline.com/ Name: fpc
Value: AolziBxlRGpKgnSk94iJJg0ROYo7AQAAAKT3Ud0OAAAA
.login.microsoftonline.com/ Name: brcap
Value: 0
.login.live.com/ Name: uaid
Value: 056659d7f24e47f3a01da08224b7893b
.login.live.com/ Name: MSPRequ
Value: id=N&lt=1707081893&co=1

7 Console Messages

Source Level URL
Text
other warning URL: https://removery.zenoti.com/sso/redirect.aspx
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://removery.zenoti.com/sso/redirect.aspx
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://login.microsoftonline.com/b15c8315-c491-4a72-8ffd-e035d4f96cce/saml2?SAMLRequest=fZFBb8IwDIX%2fSpR72jQqgka0qBpCQtqmaTAOu0xp645ITcLiFMF%2b%2fboyJHbYrvZ7tr%2fn%2beJkOnIEj9rZnCYRpwRs7Rpt33P6sl2xGV0Uc1SmO8iyD3v7DB89YCCDz6IcGzntvZVOoUZplQGUoZab8uFeiojLg3fB1a6jN5b%2fHQoRfBgOomS9zOmbaqqJyECwWcunLOUKWKbajCUqS1tQSVVN00GK2MPaYlA25FRwkTIuGE%2b3PJMilRPxSsnuCiq%2bQcvrnjtnsTfgN%2bCPuh6GNHDKKacXcDlO9sU%2bhAPKOPZg3JDYOfoE64KOamfm8a3wJ67HAWy9fHKdrs9k5bxR4W%2fuJErGim5YO0olGKW7smk8IFISF5cdv79QfAE%3d
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://login.microsoftonline.com/b15c8315-c491-4a72-8ffd-e035d4f96cce/saml2?SAMLRequest=fZFBb8IwDIX%2fSpR72jQqgka0qBpCQtqmaTAOu0xp645ITcLiFMF%2b%2fboyJHbYrvZ7tr%2fn%2beJkOnIEj9rZnCYRpwRs7Rpt33P6sl2xGV0Uc1SmO8iyD3v7DB89YCCDz6IcGzntvZVOoUZplQGUoZab8uFeiojLg3fB1a6jN5b%2fHQoRfBgOomS9zOmbaqqJyECwWcunLOUKWKbajCUqS1tQSVVN00GK2MPaYlA25FRwkTIuGE%2b3PJMilRPxSsnuCiq%2bQcvrnjtnsTfgN%2bCPuh6GNHDKKacXcDlO9sU%2bhAPKOPZg3JDYOfoE64KOamfm8a3wJ67HAWy9fHKdrs9k5bxR4W%2fuJErGim5YO0olGKW7smk8IFISF5cdv79QfAE%3d
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://login.microsoftonline.com/b15c8315-c491-4a72-8ffd-e035d4f96cce/saml2?SAMLRequest=fZFBb8IwDIX%2fSpR72jQqgka0qBpCQtqmaTAOu0xp645ITcLiFMF%2b%2fboyJHbYrvZ7tr%2fn%2beJkOnIEj9rZnCYRpwRs7Rpt33P6sl2xGV0Uc1SmO8iyD3v7DB89YCCDz6IcGzntvZVOoUZplQGUoZab8uFeiojLg3fB1a6jN5b%2fHQoRfBgOomS9zOmbaqqJyECwWcunLOUKWKbajCUqS1tQSVVN00GK2MPaYlA25FRwkTIuGE%2b3PJMilRPxSsnuCiq%2bQcvrnjtnsTfgN%2bCPuh6GNHDKKacXcDlO9sU%2bhAPKOPZg3JDYOfoE64KOamfm8a3wJ67HAWy9fHKdrs9k5bxR4W%2fuJErGim5YO0olGKW7smk8IFISF5cdv79QfAE%3d
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://login.microsoftonline.com/b15c8315-c491-4a72-8ffd-e035d4f96cce/saml2?SAMLRequest=fZFBb8IwDIX%2fSpR72jQqgka0qBpCQtqmaTAOu0xp645ITcLiFMF%2b%2fboyJHbYrvZ7tr%2fn%2beJkOnIEj9rZnCYRpwRs7Rpt33P6sl2xGV0Uc1SmO8iyD3v7DB89YCCDz6IcGzntvZVOoUZplQGUoZab8uFeiojLg3fB1a6jN5b%2fHQoRfBgOomS9zOmbaqqJyECwWcunLOUKWKbajCUqS1tQSVVN00GK2MPaYlA25FRwkTIuGE%2b3PJMilRPxSsnuCiq%2bQcvrnjtnsTfgN%2bCPuh6GNHDKKacXcDlO9sU%2bhAPKOPZg3JDYOfoE64KOamfm8a3wJ67HAWy9fHKdrs9k5bxR4W%2fuJErGim5YO0olGKW7smk8IFISF5cdv79QfAE%3d&sso_reload=true
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://login.microsoftonline.com/b15c8315-c491-4a72-8ffd-e035d4f96cce/saml2?SAMLRequest=fZFBb8IwDIX%2fSpR72jQqgka0qBpCQtqmaTAOu0xp645ITcLiFMF%2b%2fboyJHbYrvZ7tr%2fn%2beJkOnIEj9rZnCYRpwRs7Rpt33P6sl2xGV0Uc1SmO8iyD3v7DB89YCCDz6IcGzntvZVOoUZplQGUoZab8uFeiojLg3fB1a6jN5b%2fHQoRfBgOomS9zOmbaqqJyECwWcunLOUKWKbajCUqS1tQSVVN00GK2MPaYlA25FRwkTIuGE%2b3PJMilRPxSsnuCiq%2bQcvrnjtnsTfgN%2bCPuh6GNHDKKacXcDlO9sU%2bhAPKOPZg3JDYOfoE64KOamfm8a3wJ67HAWy9fHKdrs9k5bxR4W%2fuJErGim5YO0olGKW7smk8IFISF5cdv79QfAE%3d&sso_reload=true
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msauth.net
aadcdn.msftauth.net
aadcdn.msftauthimages.net
bam.nr-data.net
ids.zenoti.com
js-agent.newrelic.com
login.live.com
login.microsoftonline.com
removery.zenoti.com
bam.nr-data.net
151.101.194.137
162.247.243.29
20.190.160.22
2603:1027:1:158::2
2606:2800:233:78b9:f44e:2c1f:31aa:d9ef
2620:1ec:46::45
76.223.55.70
99.83.226.71
156e28ca3b3ba4d3f74f0e4673a2eb48ca7245e28d8d5b4ad23de7ee63f851ff
21cacca8e9eb98f1f32702b4176685f2f941af51ab5bc7cf88ccb5435a1bb080
2b9c25a4f1f50e3bd8f868967751f09e8b95f97852155e81faac830e3bb383d9
339f4756c028e8f9b3ac337ece8ababefa558d874156ec0950c29ea765507b4c
4b01a0a34ce8ed4bc8a8713be0442d49da6a756236b7b4424622ca3dee820f41
545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe
688a2d42350796280657d4bfee504616c104fc5af822938dd79425f467c3b5bc
84e22a2917685d8beed1c9ceb257d5c7f806ebc6cc0aaa00b93a6b657027857c
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
9d04540b9edb1022e9a36a95d2b76c458056f90949cd7f35074edd8b51832ce6
9e030406baf03162d5403c8a563f812814590b170a20912d85ec10de6eedd409
9ebb83176d7f96c7bcd4149c02d92f8c480bd233294e383638cfd0cdbcf9c0c4
b79eb7c9ef16adb16dee61399af9e86cd3fa260a7711fc9c4e70dafbb8901ef8
c2735f54f9ea5b4009fb3f28e9013d3be1645466fd79d0fd06387c5c39438d0a
c983a85945550d48118962a0a03b2bc2fc9ba549f00296c7ff6f80c9a6b04584
cbcb7f13da2bd4c347da1cb18ebfd44b50baf264fcb1b4d68701c684cf5ebfe8
d57e3973c9204f26d05e1dc80023b8a8aca019bbba0dd2a8c6c7a44d0838dc10
ed6e16e7298f81a7abe0aaadbc2ad63a3074164f119c1193c518fb377d005f3c
ef6fa330008e245a4a7d432b9227402119c373708c8a59203d46ee10113865eb
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b
f9745c48d0b4c918d466da4acdb3f786ef5cda4c69ac0b6009d76cff67e6325d