urlscan.io logo urlscan.io
SecurityTrails logo

connectug.ah.org Open in urlscan Pro
206.210.160.241  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://adventistadmin365.com/wprr68k4vlcbzfo6
Effective URL: https://connectug.ah.org/logon/LogonPoint/tmindex.html
Submission: On July 13 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 5 domains to perform 18 HTTP transactions. The main IP is 206.210.160.241, located in Sonora, United States and belongs to AHSW-ROSEVILLE, US. The main domain is connectug.ah.org.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on March 22nd 2022. Valid for: a year.
This is the only time connectug.ah.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 94.130.224.254 24940 (HETZNER-AS)
3 3 13.107.136.9 8068 (MICROSOFT...)
2 3 20.190.159.71 8075 (MICROSOFT...)
1 1 206.210.162.214 23431 (AHSW-ROSE...)
2 15 206.210.160.241 23431 (AHSW-ROSE...)
18 4
1    94.130.224.254 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: mail.adventistadmin365.com
adventistadmin365.com
3    13.107.136.9 (Redmond, United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
adventisthealthwest.sharepoint.com
3    20.190.159.71 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.windows.net
login.microsoftonline.com
1    206.210.162.214 (Palmdale, United States)

ASN23431 (AHSW-ROSEVILLE, US)
saml.ah.org
15    206.210.160.241 (Sonora, United States)

ASN23431 (AHSW-ROSEVILLE, US)
PTR: host160-241.ah.org
connectug.ah.org
Apex Domain
Subdomains		 Transfer
16 ah.org
saml.ah.org
connectug.ah.org
172 KB
3 sharepoint.com
adventisthealthwest.sharepoint.com — Cisco Umbrella Rank: 40075
4 KB
2 microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 23
58 KB
1 windows.net
login.windows.net — Cisco Umbrella Rank: 342
1 KB
1 adventistadmin365.com
adventistadmin365.com
835 B
18 5
Domain Requested by
15 connectug.ah.org 2 redirects login.microsoftonline.com
connectug.ah.org
3 adventisthealthwest.sharepoint.com 3 redirects
2 login.microsoftonline.com 1 redirects
1 saml.ah.org 1 redirects
1 login.windows.net 1 redirects
1 adventistadmin365.com
18 6

This site contains no links.

Subject Issuer Validity Valid
stamp2.login.microsoftonline.com
DigiCert SHA2 Secure Server CA		 2022-06-02 -
2023-06-02		 a year crt.sh
*.ah.org
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-22 -
2023-04-18		 a year crt.sh

This page contains 1 frames:

Primary Page: https://connectug.ah.org/logon/LogonPoint/tmindex.html
Frame ID: C1C33D7B166B2057FB0EAF9778874A6E
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://adventistadmin365.com/wprr68k4vlcbzfo6 Page URL
  2. https://adventisthealthwest.sharepoint.com/sites/AH-News/SitePages/Beware-of-phishing.aspx HTTP 302
    https://adventisthealthwest.sharepoint.com/sites/AH-News/_layouts/15/Authenticate.aspx?Source=%2Fsites%2FAH%2DNews%2FSi... HTTP 302
    https://adventisthealthwest.sharepoint.com/_forms/default.aspx?ReturnUrl=%2fsites%2fAH-News%2f_layouts%2f15%2fAuthentic... HTTP 302
    https://login.windows.net/d931cb4a-3984-4328-9fb6-96d7d7fd51b0/oauth2/authorize?client%5Fid=00000003%2... HTTP 302
    https://login.microsoftonline.com/d931cb4a-3984-4328-9fb6-96d7d7fd51b0/oauth2/authorize?client_id=00000003-000... Page URL
  3. https://login.microsoftonline.com/d931cb4a-3984-4328-9fb6-96d7d7fd51b0/oauth2/authorize?client_id=00000003-000... HTTP 302
    https://saml.ah.org/adfs/ls/?client-request-id=1fb450a0-b009-2000-1b68-8943cdc02ec5&username=&wa... HTTP 302
    https://connectug.ah.org/cgi/tm?code=b1d918814ec7b3cc HTTP 302
    https://connectug.ah.org/vpn/index.html HTTP 302
    https://connectug.ah.org/logon/LogonPoint/tmindex.html Page URL

Page Statistics

18
Requests

78 %
HTTPS

0 %
IPv6

5
Domains

6
Subdomains

4
IPs

3
Countries

225 kB
Transfer

454 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://adventistadmin365.com/wprr68k4vlcbzfo6 Page URL
  2. https://adventisthealthwest.sharepoint.com/sites/AH-News/SitePages/Beware-of-phishing.aspx HTTP 302
    https://adventisthealthwest.sharepoint.com/sites/AH-News/_layouts/15/Authenticate.aspx?Source=%2Fsites%2FAH%2DNews%2FSitePages%2FBeware%2Dof%2Dphishing%2Easpx HTTP 302
    https://adventisthealthwest.sharepoint.com/_forms/default.aspx?ReturnUrl=%2fsites%2fAH-News%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252Fsites%252FAH%252DNews%252FSitePages%252FBeware%252Dof%252Dphishing%252Easpx&Source=cookie HTTP 302
    https://login.windows.net/d931cb4a-3984-4328-9fb6-96d7d7fd51b0/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&protectedtoken=true&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=E827C6066170646552B9C755556C7032E4DD0AED8F9B11FF%2D2756533937F9D10E0280F33DFD2105FDA5D538AB3A7A5373B05CA03E75852947&redirect%5Furi=https%3A%2F%2Fadventisthealthwest%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&domain%5Fhint=ah%2Eorg&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=1fb450a0%2Db009%2D2000%2D1b68%2D8943cdc02ec5 HTTP 302
    https://login.microsoftonline.com/d931cb4a-3984-4328-9fb6-96d7d7fd51b0/oauth2/authorize?client_id=00000003-0000-0ff1-ce00-000000000000&response_mode=form_post&protectedtoken=true&response_type=code%20id_token&resource=00000003-0000-0ff1-ce00-000000000000&scope=openid&nonce=E827C6066170646552B9C755556C7032E4DD0AED8F9B11FF-2756533937F9D10E0280F33DFD2105FDA5D538AB3A7A5373B05CA03E75852947&redirect_uri=https%3A%2F%2Fadventisthealthwest.sharepoint.com%2F_forms%2Fdefault.aspx&domain_hint=ah.org&state=OD0w&claims=%7B%22id_token%22%3A%7B%22xms_cc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083-87e0-41b5-bb78-0bc43c8a8e8a&client-request-id=1fb450a0-b009-2000-1b68-8943cdc02ec5 Page URL
  3. https://login.microsoftonline.com/d931cb4a-3984-4328-9fb6-96d7d7fd51b0/oauth2/authorize?client_id=00000003-0000-0ff1-ce00-000000000000&response_mode=form_post&protectedtoken=true&response_type=code%20id_token&resource=00000003-0000-0ff1-ce00-000000000000&scope=openid&nonce=E827C6066170646552B9C755556C7032E4DD0AED8F9B11FF-2756533937F9D10E0280F33DFD2105FDA5D538AB3A7A5373B05CA03E75852947&redirect_uri=https%3A%2F%2Fadventisthealthwest.sharepoint.com%2F_forms%2Fdefault.aspx&domain_hint=ah.org&state=OD0w&claims=%7B%22id_token%22%3A%7B%22xms_cc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083-87e0-41b5-bb78-0bc43c8a8e8a&client-request-id=1fb450a0-b009-2000-1b68-8943cdc02ec5&sso_reload=true HTTP 302
    https://saml.ah.org/adfs/ls/?client-request-id=1fb450a0-b009-2000-1b68-8943cdc02ec5&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAApZE_aBNRAMbv5dIzia2GTIKDQTIpd3nv3r177wIKl_tDFDRJKWK7lPvbC7S58-5itZtOumUTOxXHuIgolA7SRZCCkMXBgntRBHEq6GCDi2PB3_DxDd_w8X1XeCShVgP-BYszFWEYItELZu4f0lqlutN7c6n8iqtfjJ4aH_el99tAcCIpTtcm4HqU50nWajYd_34wzAdZHgXOeh5tBlkuZZGTBkk8GOaSF280V8M43ciafhA6o_VccrLkwS4AUwCOAJgU7llMpoYKVRVRqCoqIXJbMyg5QTUoxLKlmCbULZPZWhsh2xZlSlSCsYaprZkIWlBm0MbYtE0ZQWKbOjEJZnob61QnmOI2JIYOsUUJI7Km0MPC-a4-yiN5JnE62Ap-FsqzjqtJnOXbfLFrws0Jf6qZXvMNX8PIcxVHxBpTRAXLTNRCVxU11ac-DX2CXHjAC3ESDAf-tAi-Fuch3yqVKlXuAlfnjovgxdzJ2C_rteKvD587Y-nZt87bd9zBXHNxxe4nyz24pKb92xaK7KU0iLvo4a3esnz3zs21rZXFG6PMvRqE_WushcYCGAvCnlAu8VXuMm_00JEAfgjgyRlur_yfh03PgsN5VCl7sZs6Q3_g1xoIuT6DDIuMBlBUkEtE16VMhK6nYI85LGDO44VTxfYXuONzu18-Pfq98_x75w81 HTTP 302
    https://connectug.ah.org/cgi/tm?code=b1d918814ec7b3cc HTTP 302
    https://connectug.ah.org/vpn/index.html HTTP 302
    https://connectug.ah.org/logon/LogonPoint/tmindex.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://adventisthealthwest.sharepoint.com/sites/AH-News/SitePages/Beware-of-phishing.aspx HTTP 302
  • https://adventisthealthwest.sharepoint.com/sites/AH-News/_layouts/15/Authenticate.aspx?Source=%2Fsites%2FAH%2DNews%2FSitePages%2FBeware%2Dof%2Dphishing%2Easpx HTTP 302
  • https://adventisthealthwest.sharepoint.com/_forms/default.aspx?ReturnUrl=%2fsites%2fAH-News%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252Fsites%252FAH%252DNews%252FSitePages%252FBeware%252Dof%252Dphishing%252Easpx&Source=cookie HTTP 302
  • https://login.windows.net/d931cb4a-3984-4328-9fb6-96d7d7fd51b0/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&protectedtoken=true&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=E827C6066170646552B9C755556C7032E4DD0AED8F9B11FF%2D2756533937F9D10E0280F33DFD2105FDA5D538AB3A7A5373B05CA03E75852947&redirect%5Furi=https%3A%2F%2Fadventisthealthwest%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&domain%5Fhint=ah%2Eorg&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=1fb450a0%2Db009%2D2000%2D1b68%2D8943cdc02ec5 HTTP 302
  • https://login.microsoftonline.com/d931cb4a-3984-4328-9fb6-96d7d7fd51b0/oauth2/authorize?client_id=00000003-0000-0ff1-ce00-000000000000&response_mode=form_post&protectedtoken=true&response_type=code%20id_token&resource=00000003-0000-0ff1-ce00-000000000000&scope=openid&nonce=E827C6066170646552B9C755556C7032E4DD0AED8F9B11FF-2756533937F9D10E0280F33DFD2105FDA5D538AB3A7A5373B05CA03E75852947&redirect_uri=https%3A%2F%2Fadventisthealthwest.sharepoint.com%2F_forms%2Fdefault.aspx&domain_hint=ah.org&state=OD0w&claims=%7B%22id_token%22%3A%7B%22xms_cc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083-87e0-41b5-bb78-0bc43c8a8e8a&client-request-id=1fb450a0-b009-2000-1b68-8943cdc02ec5

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
wprr68k4vlcbzfo6
adventistadmin365.com/ 		221 B
835 B 		Document
General
Check archive.org
Download Go to
Full URL
http://adventistadmin365.com/wprr68k4vlcbzfo6
Protocol
HTTP/1.1
Server
94.130.224.254 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mail.adventistadmin365.com
Software
Lucy /
Resource Hash
c5d666b17d1f5b05fd1165b1d234ba29640b18d8c7e7b8423322643bf2c07424

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Headers
*
Access-Control-Allow-Methods
*
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
191
Content-Type
text/html; charset=UTF-8
Date
Wed, 13 Jul 2022 19:41:57 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=100
Pragma
no-cache
Server
Lucy
Vary
Accept-Encoding
authorize
login.microsoftonline.com/d931cb4a-3984-4328-9fb6-96d7d7fd51b0/oauth2/
Redirect Chain
  • https://adventisthealthwest.sharepoint.com/sites/AH-News/SitePages/Beware-of-phishing.aspx
  • https://adventisthealthwest.sharepoint.com/sites/AH-News/_layouts/15/Authenticate.aspx?Source=%2Fsites%2FAH%2DNews%2FSitePages%2FBeware%2Dof%2Dphishing%2Easpx
  • https://adventisthealthwest.sharepoint.com/_forms/default.aspx?ReturnUrl=%2fsites%2fAH-News%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252Fsites%252FAH%252DNews%252FSitePages%252FBeware%252Dof...
  • https://login.windows.net/d931cb4a-3984-4328-9fb6-96d7d7fd51b0/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&protectedtoken=true&response%5Ft...
  • https://login.microsoftonline.com/d931cb4a-3984-4328-9fb6-96d7d7fd51b0/oauth2/authorize?client_id=00000003-0000-0ff1-ce00-000000000000&response_mode=form_post&protectedtoken=true&response_type=code...
151 KB
55 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/d931cb4a-3984-4328-9fb6-96d7d7fd51b0/oauth2/authorize?client_id=00000003-0000-0ff1-ce00-000000000000&response_mode=form_post&protectedtoken=true&response_type=code%20id_token&resource=00000003-0000-0ff1-ce00-000000000000&scope=openid&nonce=E827C6066170646552B9C755556C7032E4DD0AED8F9B11FF-2756533937F9D10E0280F33DFD2105FDA5D538AB3A7A5373B05CA03E75852947&redirect_uri=https%3A%2F%2Fadventisthealthwest.sharepoint.com%2F_forms%2Fdefault.aspx&domain_hint=ah.org&state=OD0w&claims=%7B%22id_token%22%3A%7B%22xms_cc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083-87e0-41b5-bb78-0bc43c8a8e8a&client-request-id=1fb450a0-b009-2000-1b68-8943cdc02ec5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.159.71 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://adventistadmin365.com/wprr68k4vlcbzfo6
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
54843
Content-Type
text/html; charset=utf-8
Date
Wed, 13 Jul 2022 19:41:58 GMT
Expires
-1
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub2"}]}
x-ms-ests-server
2.1.13156.10 - SCUS ProdSlices
x-ms-request-id
86f3b8f6-766c-4c1f-9024-11367bf26900

Redirect headers

Cache-Control
private
Content-Encoding
gzip
Content-Length
565
Content-Type
text/html; charset=utf-8
Date
Wed, 13 Jul 2022 19:41:58 GMT
Location
https://login.microsoftonline.com/d931cb4a-3984-4328-9fb6-96d7d7fd51b0/oauth2/authorize?client_id=00000003-0000-0ff1-ce00-000000000000&response_mode=form_post&protectedtoken=true&response_type=code%20id_token&resource=00000003-0000-0ff1-ce00-000000000000&scope=openid&nonce=E827C6066170646552B9C755556C7032E4DD0AED8F9B11FF-2756533937F9D10E0280F33DFD2105FDA5D538AB3A7A5373B05CA03E75852947&redirect_uri=https%3A%2F%2Fadventisthealthwest.sharepoint.com%2F_forms%2Fdefault.aspx&domain_hint=ah.org&state=OD0w&claims=%7B%22id_token%22%3A%7B%22xms_cc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083-87e0-41b5-bb78-0bc43c8a8e8a&client-request-id=1fb450a0-b009-2000-1b68-8943cdc02ec5
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
x-ms-ests-server
2.1.13156.10 - EUS ProdSlices
x-ms-request-id
ecf39e40-0396-47f5-9054-800faf8a5f00
Primary Request tmindex.html
connectug.ah.org/logon/LogonPoint/
Redirect Chain
  • https://login.microsoftonline.com/d931cb4a-3984-4328-9fb6-96d7d7fd51b0/oauth2/authorize?client_id=00000003-0000-0ff1-ce00-000000000000&response_mode=form_post&protectedtoken=true&response_type=code...
  • https://saml.ah.org/adfs/ls/?client-request-id=1fb450a0-b009-2000-1b68-8943cdc02ec5&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAA...
  • https://connectug.ah.org/cgi/tm?code=b1d918814ec7b3cc
  • https://connectug.ah.org/vpn/index.html
  • https://connectug.ah.org/logon/LogonPoint/tmindex.html
49 KB
50 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://connectug.ah.org/logon/LogonPoint/tmindex.html
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/d931cb4a-3984-4328-9fb6-96d7d7fd51b0/oauth2/authorize?client_id=00000003-0000-0ff1-ce00-000000000000&response_mode=form_post&protectedtoken=true&response_type=code%20id_token&resource=00000003-0000-0ff1-ce00-000000000000&scope=openid&nonce=E827C6066170646552B9C755556C7032E4DD0AED8F9B11FF-2756533937F9D10E0280F33DFD2105FDA5D538AB3A7A5373B05CA03E75852947&redirect_uri=https%3A%2F%2Fadventisthealthwest.sharepoint.com%2F_forms%2Fdefault.aspx&domain_hint=ah.org&state=OD0w&claims=%7B%22id_token%22%3A%7B%22xms_cc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083-87e0-41b5-bb78-0bc43c8a8e8a&client-request-id=1fb450a0-b009-2000-1b68-8943cdc02ec5
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
206.210.160.241 Sonora, United States, ASN23431 (AHSW-ROSEVILLE, US),
Reverse DNS
host160-241.ah.org
Software
Apache /
Resource Hash
a6e6cf6102429f984db583c7a5b795cd5ee51534ff8e80f5e4f4aafd2ed097cd
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://login.microsoftonline.com/d931cb4a-3984-4328-9fb6-96d7d7fd51b0/oauth2/authorize?client_id=00000003-0000-0ff1-ce00-000000000000&response_mode=form_post&protectedtoken=true&response_type=code%20id_token&resource=00000003-0000-0ff1-ce00-000000000000&scope=openid&nonce=E827C6066170646552B9C755556C7032E4DD0AED8F9B11FF-2756533937F9D10E0280F33DFD2105FDA5D538AB3A7A5373B05CA03E75852947&redirect_uri=https%3A%2F%2Fadventisthealthwest.sharepoint.com%2F_forms%2Fdefault.aspx&domain_hint=ah.org&state=OD0w&claims=%7B%22id_token%22%3A%7B%22xms_cc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083-87e0-41b5-bb78-0bc43c8a8e8a&client-request-id=1fb450a0-b009-2000-1b68-8943cdc02ec5
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-store, must-revalidate no-cache
Connection
Keep-Alive
Content-Length
50245
Content-Type
text/html; charset=UTF-8
Date
Wed, 13 Jul 2022 19:42:01 GMT
ETag
"c445-5b76225a80680"
Expires
0
Keep-Alive
timeout=15, max=96
Last-Modified
Sat, 26 Dec 2020 18:24:10 GMT
Pragma
no-cache
Server
Apache
X-Frame-Options
SAMEORIGIN

Redirect headers

Cache-control
no-cache, no-store, must-revalidate
Connection
close
Content-Length
566
Content-Type
text/html
Location
/logon/LogonPoint/tmindex.html
Pragma
no-cache
X-Frame-Options
SAMEORIGIN
ctxs.large-ui.min.css
connectug.ah.org/logon/LogonPoint/receiver/css/ 		77 KB
78 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://connectug.ah.org/logon/LogonPoint/receiver/css/ctxs.large-ui.min.css
Requested by
Host: connectug.ah.org
URL: https://connectug.ah.org/logon/LogonPoint/tmindex.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
206.210.160.241 Sonora, United States, ASN23431 (AHSW-ROSEVILLE, US),
Reverse DNS
host160-241.ah.org
Software
Apache /
Resource Hash
47e3ac64f81f00bd7e70a97f49b14b298eb664eeafe61c5667a6191f154d30c6
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://connectug.ah.org/logon/LogonPoint/tmindex.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Jul 2022 19:42:01 GMT
Via
NS-CACHE-10.0: 12
Last-Modified
Sat, 26 Dec 2020 19:02:32 GMT
Server
Apache
Age
1
ETag
"135b9-5b762aeddc200"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
no-store,must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
79289
Expires
Thu, 01 Jan 1970 00:00:01 GMT
theme.css
connectug.ah.org/logon/themes/Default/css/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://connectug.ah.org/logon/themes/Default/css/theme.css
Requested by
Host: connectug.ah.org
URL: https://connectug.ah.org/logon/LogonPoint/tmindex.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
206.210.160.241 Sonora, United States, ASN23431 (AHSW-ROSEVILLE, US),
Reverse DNS
host160-241.ah.org
Software
Apache /
Resource Hash
4c282c5ed133e6367d0f7b64bbf932a8dfcf2efa554d93426302d668d1922d8b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://connectug.ah.org/logon/LogonPoint/tmindex.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Jul 2022 19:40:57 GMT
Via
NS-CACHE-10.0: 12
Last-Modified
Fri, 26 Apr 2019 00:38:52 GMT
Server
Apache
Age
65
ETag
"74f-5876428a5ff00"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
no-store,must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
1871
Expires
Thu, 01 Jan 1970 00:00:01 GMT
style.css
connectug.ah.org/logon/LogonPoint/custom/ 		0
434 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://connectug.ah.org/logon/LogonPoint/custom/style.css
Requested by
Host: connectug.ah.org
URL: https://connectug.ah.org/logon/LogonPoint/tmindex.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
206.210.160.241 Sonora, United States, ASN23431 (AHSW-ROSEVILLE, US),
Reverse DNS
host160-241.ah.org
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://connectug.ah.org/logon/LogonPoint/tmindex.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Jul 2022 19:41:57 GMT
Via
NS-CACHE-10.0: 12
Last-Modified
Wed, 24 Apr 2019 16:26:37 GMT
Server
Apache
Age
6
ETag
"0-587492a624940"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
no-store,must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=70
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
wspinner@2x.gif
connectug.ah.org/logon/LogonPoint/receiver/images/common/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://connectug.ah.org/logon/LogonPoint/receiver/images/common/wspinner@2x.gif
Requested by
Host: connectug.ah.org
URL: https://connectug.ah.org/logon/LogonPoint/tmindex.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
206.210.160.241 Sonora, United States, ASN23431 (AHSW-ROSEVILLE, US),
Reverse DNS
host160-241.ah.org
Software
Apache /
Resource Hash
111ce0995fd5170b4289d22d9bac264ffba149c4eda9377a5403423a22d3b76c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://connectug.ah.org/logon/LogonPoint/tmindex.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Jul 2022 19:40:48 GMT
Via
NS-CACHE-10.0: 12
Last-Modified
Sat, 26 Dec 2020 19:02:17 GMT
Server
Apache
Age
74
ETag
"8af-5b762adf8e040"
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif
Cache-Control
no-store,must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Content-Length
2223
Expires
Thu, 01 Jan 1970 00:00:01 GMT
jquery.min.js
connectug.ah.org/logon/LogonPoint/receiver/js/external/ 		68 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://connectug.ah.org/logon/LogonPoint/receiver/js/external/jquery.min.js
Requested by
Host: connectug.ah.org
URL: https://connectug.ah.org/logon/LogonPoint/tmindex.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
206.210.160.241 Sonora, United States, ASN23431 (AHSW-ROSEVILLE, US),
Reverse DNS
host160-241.ah.org
Software
Apache /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://connectug.ah.org/logon/LogonPoint/tmindex.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 19:42:02 GMT
Via
NS-CACHE-10.0: 12
Age
1
Connection
Keep-Alive
Content-Length
106504
X-Citrix-Application
Receiver for Web
Pragma
no-cache
Last-Modified
Sat, 26 Dec 2020 19:02:45 GMT
Server
Apache
ETag
"1a008-5b762afa41f40"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
no-store,must-revalidate
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=72
Expires
Thu, 01 Jan 1970 00:00:01 GMT
jquery-ui.min.js
connectug.ah.org/logon/LogonPoint/receiver/js/external/ 		42 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://connectug.ah.org/logon/LogonPoint/receiver/js/external/jquery-ui.min.js
Requested by
Host: connectug.ah.org
URL: https://connectug.ah.org/logon/LogonPoint/tmindex.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
206.210.160.241 Sonora, United States, ASN23431 (AHSW-ROSEVILLE, US),
Reverse DNS
host160-241.ah.org
Software
Apache /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://connectug.ah.org/logon/LogonPoint/tmindex.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 19:42:02 GMT
Via
NS-CACHE-10.0: 12
Age
1
Connection
Keep-Alive
Content-Length
251704
X-Citrix-Application
Receiver for Web
Pragma
no-cache
Last-Modified
Sat, 26 Dec 2020 19:02:54 GMT
Server
Apache
ETag
"3d738-5b762b02d7380"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
no-store,must-revalidate
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=83
Expires
Thu, 01 Jan 1970 00:00:01 GMT
jquery.ui.touch-punch.min.js
connectug.ah.org/logon/LogonPoint/receiver/js/external/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connectug.ah.org/logon/LogonPoint/receiver/js/external/jquery.ui.touch-punch.min.js
Requested by
Host: connectug.ah.org
URL: https://connectug.ah.org/logon/LogonPoint/tmindex.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
206.210.160.241 Sonora, United States, ASN23431 (AHSW-ROSEVILLE, US),
Reverse DNS
host160-241.ah.org
Software
Apache /
Resource Hash
ba4e6af952ad38ed336e34950ac7dd236db7238c315418431a53263a84760305
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://connectug.ah.org/logon/LogonPoint/tmindex.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 19:41:20 GMT
Via
NS-CACHE-10.0: 12
Age
43
Connection
Keep-Alive
Content-Length
1097
X-Citrix-Application
Receiver for Web
Pragma
no-cache
Last-Modified
Sat, 26 Dec 2020 19:03:00 GMT
Server
Apache
ETag
"449-5b762b0890100"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
no-store,must-revalidate
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Expires
Thu, 01 Jan 1970 00:00:01 GMT
jquery-migrate.min.js
connectug.ah.org/logon/LogonPoint/receiver/js/external/ 		8 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connectug.ah.org/logon/LogonPoint/receiver/js/external/jquery-migrate.min.js
Requested by
Host: connectug.ah.org
URL: https://connectug.ah.org/logon/LogonPoint/tmindex.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
206.210.160.241 Sonora, United States, ASN23431 (AHSW-ROSEVILLE, US),
Reverse DNS
host160-241.ah.org
Software
Apache /
Resource Hash
128c510c9d60eea7ad93b3d1122a3a20b49e3ada4ff468026ca7642799a477a2
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://connectug.ah.org/logon/LogonPoint/tmindex.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 19:40:27 GMT
Via
NS-CACHE-10.0: 12
Age
94
Connection
Keep-Alive
Content-Length
8406
X-Citrix-Application
Receiver for Web
Pragma
no-cache
Last-Modified
Sat, 26 Dec 2020 19:02:57 GMT
Server
Apache
ETag
"20d6-5b762b05b3a40"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
no-store,must-revalidate
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=73
Expires
Thu, 01 Jan 1970 00:00:01 GMT
hammer.min.js
connectug.ah.org/logon/LogonPoint/receiver/js/external/ 		19 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connectug.ah.org/logon/LogonPoint/receiver/js/external/hammer.min.js
Requested by
Host: connectug.ah.org
URL: https://connectug.ah.org/logon/LogonPoint/tmindex.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
206.210.160.241 Sonora, United States, ASN23431 (AHSW-ROSEVILLE, US),
Reverse DNS
host160-241.ah.org
Software
Apache /
Resource Hash
75169f9c62b4bc6d546c9b59ee59d0c93ae3f88437777cc0a3e67c254f13a382
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://connectug.ah.org/logon/LogonPoint/tmindex.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 19:40:48 GMT
Via
NS-CACHE-10.0: 12
Age
74
Connection
Keep-Alive
Content-Length
19853
X-Citrix-Application
Receiver for Web
Pragma
no-cache
Last-Modified
Sat, 26 Dec 2020 19:03:04 GMT
Server
Apache
ETag
"4d8d-5b762b0c60a00"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
no-store,must-revalidate
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=94
Expires
Thu, 01 Jan 1970 00:00:01 GMT
jquery.dotdotdot.min.js
connectug.ah.org/logon/LogonPoint/receiver/js/external/ 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connectug.ah.org/logon/LogonPoint/receiver/js/external/jquery.dotdotdot.min.js
Requested by
Host: connectug.ah.org
URL: https://connectug.ah.org/logon/LogonPoint/tmindex.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
206.210.160.241 Sonora, United States, ASN23431 (AHSW-ROSEVILLE, US),
Reverse DNS
host160-241.ah.org
Software
Apache /
Resource Hash
0ccc391385db07d263046d352e64c23fb5721461637a83ef097f975b409e6d60
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://connectug.ah.org/logon/LogonPoint/tmindex.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 19:41:58 GMT
Via
NS-CACHE-10.0: 12
Age
5
Connection
Keep-Alive
Content-Length
6484
X-Citrix-Application
Receiver for Web
Pragma
no-cache
Last-Modified
Sat, 26 Dec 2020 19:03:07 GMT
Server
Apache
ETag
"1954-5b762b0f3d0c0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
no-store,must-revalidate
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=93
Expires
Thu, 01 Jan 1970 00:00:01 GMT
velocity.min.js
connectug.ah.org/logon/LogonPoint/receiver/js/external/ 		14 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://connectug.ah.org/logon/LogonPoint/receiver/js/external/velocity.min.js
Requested by
Host: connectug.ah.org
URL: https://connectug.ah.org/logon/LogonPoint/tmindex.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
206.210.160.241 Sonora, United States, ASN23431 (AHSW-ROSEVILLE, US),
Reverse DNS
host160-241.ah.org
Software
Apache /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://connectug.ah.org/logon/LogonPoint/tmindex.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 19:41:56 GMT
Via
NS-CACHE-10.0: 12
Age
7
Connection
Keep-Alive
Content-Length
34210
X-Citrix-Application
Receiver for Web
Pragma
no-cache
Last-Modified
Sat, 26 Dec 2020 19:03:12 GMT
Server
Apache
ETag
"85a2-5b762b1401c00"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
no-store,must-revalidate
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=98
Expires
Thu, 01 Jan 1970 00:00:01 GMT
slick.min.js
connectug.ah.org/logon/LogonPoint/receiver/js/external/ 		14 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://connectug.ah.org/logon/LogonPoint/receiver/js/external/slick.min.js
Requested by
Host: connectug.ah.org
URL: https://connectug.ah.org/logon/LogonPoint/tmindex.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
206.210.160.241 Sonora, United States, ASN23431 (AHSW-ROSEVILLE, US),
Reverse DNS
host160-241.ah.org
Software
Apache /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://connectug.ah.org/logon/LogonPoint/tmindex.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 19:41:57 GMT
Via
NS-CACHE-10.0: 12
Age
5
Connection
Keep-Alive
Content-Length
38584
X-Citrix-Application
Receiver for Web
Pragma
no-cache
Last-Modified
Sat, 26 Dec 2020 19:03:18 GMT
Server
Apache
ETag
"96b8-5b762b19ba980"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
no-store,must-revalidate
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=98
Expires
Thu, 01 Jan 1970 00:00:01 GMT
elliptic.min.js
connectug.ah.org/logon/LogonPoint/receiver/js/external/ 		0
0
ctxs.core.min.js
connectug.ah.org/logon/LogonPoint/receiver/js/ 		0
0
ctxs.webui.min.js
connectug.ah.org/logon/LogonPoint/receiver/js/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
connectug.ah.org
URL
https://connectug.ah.org/logon/LogonPoint/receiver/js/external/elliptic.min.js
Domain
connectug.ah.org
URL
https://connectug.ah.org/logon/LogonPoint/receiver/js/ctxs.core.min.js
Domain
connectug.ah.org
URL
https://connectug.ah.org/logon/LogonPoint/receiver/js/ctxs.webui.min.js

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation

17 Cookies

Domain/Path Name / Value
adventistadmin365.com/ Name: link
Value: wprr68k4vlcbzfo6
adventisthealthwest.sharepoint.com/ Name: nSGt-E827C6066170646552B9C755556C7032E4DD0AED8F9B11FF
Value: gYEwRDY3NTk0ODYxRDM0RTJFOTc2RDUzRDlDODkxMDMzQTU1QzlEODBBOTcxQTQ2MUJCMEU4MjdDNjA2NjE3MDY0NjU1MkI5Qzc1NTU1NkM3MDMyRTRERDBBRUQ4RjlCMTFGRhIxMzMwMjIxNTUxODMxNTQxOTMiYWR2ZW50aXN0aGVhbHRod2VzdC5zaGFyZXBvaW50LmNvbVhYk4I23Ro9HrCrCPofw09wst9csStKlIFgqvz1sh72RsOaZJ5I1qM8hRdj2Cd0KOrxzP5sg+kEfuUF4/vtHjH28/+1pSjoX1bIt09id++kiCFdKYfDrHTPLAjS8Be+T0eJW7FP8JoxYPkJaqVNLzFIxzegOqtTfG1ntU3NGa5i2iX5XyfDeu9cbIvyRAheD9Ht0ftCvlLdxFfl2YouqReUjN3bfHps6nh9VCRj5tULl9B+wGb/bmIIL8fYgfgpR8Ota5ISChcTPNSEtD0yzx7klx8apHH8Ob0a+Ibxx5D3g4u3bi4k5Jf2Nep2RQT0RIITn99+XuGRKwHakepsuQGaAAAA
adventisthealthwest.sharepoint.com/ Name: RpsContextCookie
Value: U291cmNlPSUyRnNpdGVzJTJGQUglMkROZXdzJTJGU2l0ZVBhZ2VzJTJGQmV3YXJlJTJEb2YlMkRwaGlzaGluZyUyRWFzcHgmUHJldmlvdXNSZXF1ZXN0Q29ycmVsYXRpb25JZD0xZmI0NTBhMCUyRGIwMDklMkQyMDAwJTJEMWI2OCUyRDg5NDNjZGMwMmVjNSZSZXR1cm5Vcmw9JTJGc2l0ZXMlMkZBSCUyRE5ld3MlMkYlNUZsYXlvdXRzJTJGMTUlMkZBdXRoZW50aWNhdGUlMkVhc3B4JTNGU291cmNlJTNEJTI1MkZzaXRlcyUyNTJGQUglMjUyRE5ld3MlMjUyRlNpdGVQYWdlcyUyNTJGQmV3YXJlJTI1MkRvZiUyNTJEcGhpc2hpbmclMjUyRWFzcHg=
login.windows.net/ Name: x-ms-gateway-slice
Value: estsfd
login.windows.net/ Name: stsservicecookie
Value: estsfd
login.microsoftonline.com/ Name: x-ms-gateway-slice
Value: estsfd
login.microsoftonline.com/ Name: stsservicecookie
Value: estsfd
.login.microsoftonline.com/ Name: AADSSO
Value: NA|NoExtension
login.microsoftonline.com/ Name: SSOCOOKIEPULLED
Value: 1
login.microsoftonline.com/ Name: buid
Value: 0.ARIASssx2YQ5KEOftpbX1_1RsAMAAAAAAPEPzgAAAAAAAAASAAA.AQABAAEAAAD--DLA3VO7QrddgJg7Wevrm6E0aLNWy6TuvTnsMSCazyHUuXMGPZe36BciM2ws8n6nKYcmOxpiA2hpkmkyxrTokDWkqVdvntUvuBdcukPSUbjLr6YjGX3xy_PXkkWusa8gAA
.login.microsoftonline.com/ Name: ESTSWCTXFLOWTOKEN
Value: AQABAAEAAAD--DLA3VO7QrddgJg7WevrLwywla3Vr6hYGUXTki-__28j9yDvBSRXUzQW6mJwSa8ncrStnsdYmVLWHDmX33bsyVUl8BbOUZlEC5TJCtQ1XRXK0t8bq1uXPLf9f9rt99VchWpC7Yo4ixwcdc_xs5BcdPIoSoUI7SZsOniNCteSDkhZXCh4U8OdnuIIiX9PulnUY6ILMqmG3q6OP6r2BCY2bfoIfFxAHMm1wkCafDWwFecjaOF7SBr5WqBFNJ38WWBk4n356b8c_trSYu9SZtzpd7kaZQWNmqKApI7tFjcewi7NZtOIPcZNYXjfDAnrtICErgfwyidGoFppBQx00Fqr6s4DpgRusRqQNmZDhHr7ZrL6VKOj5AQjFJ8B8suLK3Ed1KDghZJo62J8FMkuiE-MHrZfimawNfWlecesilHjzx80QFZ5-m7v0vOjfJfXXJ0CmPFfmSmLjBnxlDrBe_JKxTGUONBtd5UeEuD0zO2YuGy06PXMZt1yN__NF1wsNlM1ODaqJL7mtqnyWTfCwc7ve-Z3Dyt34oNr0x_BGYFUsEYPktyxI_Ap0l8Ddj2pY-c3PC62qXBSQug1U4n9-B9JIAA
login.microsoftonline.com/ Name: fpc
Value: Ai3YLoXl4OREgiNteP7RwwIzKSASAQAAAAYXYdoOAAAA
.login.microsoftonline.com/ Name: esctx
Value: AQABAAAAAAD--DLA3VO7QrddgJg7WevrAQAknBO1OGoph6t6BWhzrvOXbBbDFvupCOKb_SUCYqoFCi6m_63tzy94lt2BjdByLzjEDkPdetDtlYyIaI1-fKkvF8UcDnyyon0sl388dfPUAujI9ccnXAIFb7bUegJW5kq7Fa8My2MJuc7MXLktY0l3vxJ3H769nYqSFIaFGRggAA
connectug.ah.org/ Name: NSC_TASS
Value: https://saml.ah.org/adfs/ls/?client-request-id=1fb450a0-b009-2000-1b68-8943cdc02ec5&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAApZE_aBNRAMbv5dIzia2GTIKDQTIpd3nv3r177wIKl_tDFDRJKWK7lPvbC7S58-5itZtOumUTOxXHuIgolA7SRZCCkMXBgntRBHEq6GCDi2PB3_DxDd_w8X1XeCShVgP-BYszFWEYItELZu4f0lqlutN7c6n8iqtfjJ4aH_el99tAcCIpTtcm4HqU50nWajYd_34wzAdZHgXOeh5tBlkuZZGTBkk8GOaSF280V8M43ciafhA6o_VccrLkwS4AUwCOAJgU7llMpoYKVRVRqCoqIXJbMyg5QTUoxLKlmCbULZPZWhsh2xZlSlSCsYaprZkIWlBm0MbYtE0ZQWKbOjEJZnob61QnmOI2JIYOsUUJI7Km0MPC-a4-yiN5JnE62Ap-FsqzjqtJnOXbfLFrws0Jf6qZXvMNX8PIcxVHxBpTRAXLTNRCVxU11ac-DX2CXHjAC3ESDAf-tAi-Fuch3yqVKlXuAlfnjovgxdzJ2C_rteKvD587Y-nZt87bd9zBXHNxxe4nyz24pKb92xaK7KU0iLvo4a3esnz3zs21rZXFG6PMvRqE_WushcYCGAvCnlAu8VXuMm_00JEAfgjgyRlur_yfh03PgsN5VCl7sZs6Q3_g1xoIuT6DDIuMBlBUkEtE16VMhK6nYI85LGDO44VTxfYXuONzu18-Pfq98_x75w81&code=b1d918814ec7b3cc
connectug.ah.org/ Name: NSC_SAMS
Value: None
connectug.ah.org/ Name: NSC_TMAP
Value: auth.ah.org
connectug.ah.org/ Name: NSC_TMAC
Value: /cgi/tmlogin