Submitted URL: https://tst-naturapakket.monuta.nl/
Effective URL: https://login.microsoftonline.com/5a9bd7ec-baa6-432f-8504-e0bbcb90b4e6/saml2
Submission: On August 07 via automatic, source certstream-suspicious — Scanned from NL

Summary

This website contacted 9 IPs in 3 countries across 8 domains to perform 42 HTTP transactions. The main IP is 2603:1026:3000:148::e, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.microsoftonline.com. The Cisco Umbrella rank of the primary domain is 15.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on May 21st 2024. Valid for: a year.
This is the only time login.microsoftonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
22 108.143.123.129 8075 (MICROSOFT...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2603:1026:300... 8075 (MICROSOFT...)
10 2620:1ec:bdf::42 8075 (MICROSOFT...)
1 40.126.32.136 8075 (MICROSOFT...)
2 2606:2800:233... 15133 (EDGECAST)
1 2603:1026:300... 8075 (MICROSOFT...)
42 9
Apex Domain
Subdomains
Transfer
22 monuta.nl
tst-naturapakket.monuta.nl
2 MB
10 msauth.net
aadcdn.msauth.net — Cisco Umbrella Rank: 2218
338 KB
2 msauthimages.net
aadcdn.msauthimages.net — Cisco Umbrella Rank: 6532
140 KB
2 microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 15
16 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
2 KB
1 microsoftazuread-sso.com
autologon.microsoftazuread-sso.com — Cisco Umbrella Rank: 1014
1 KB
1 live.com
login.live.com — Cisco Umbrella Rank: 37
1 gstatic.com
fonts.gstatic.com
48 KB
42 8
Domain Requested by
22 tst-naturapakket.monuta.nl tst-naturapakket.monuta.nl
10 aadcdn.msauth.net login.microsoftonline.com
aadcdn.msauth.net
2 aadcdn.msauthimages.net
2 login.microsoftonline.com aadcdn.msauth.net
2 fonts.googleapis.com tst-naturapakket.monuta.nl
1 autologon.microsoftazuread-sso.com
1 login.live.com login.microsoftonline.com
1 fonts.gstatic.com fonts.googleapis.com
42 8

This site contains links to these domains. Also see Links.

Domain
www.microsoft.com
privacy.microsoft.com
Subject Issuer Validity Valid
tst-naturapakket.monuta.nl
Sectigo RSA Domain Validation Secure Server CA
2023-09-01 -
2024-09-01
a year crt.sh
upload.video.google.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
*.gstatic.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
stamp2.login.microsoftonline.com
DigiCert SHA2 Secure Server CA
2024-05-21 -
2025-05-21
a year crt.sh
aadcdn.msauth.net
DigiCert SHA2 Secure Server CA
2024-04-30 -
2025-04-30
a year crt.sh
login.live.com
DigiCert SHA2 Secure Server CA
2024-05-21 -
2025-05-21
a year crt.sh
aadcdn.msauthimages.net
Microsoft Azure RSA TLS Issuing CA 03
2024-06-04 -
2025-05-30
a year crt.sh
autologon.microsoftazuread-sso.com
DigiCert SHA2 Secure Server CA
2024-05-21 -
2025-05-21
a year crt.sh

This page contains 1 frames:

Primary Page: https://login.microsoftonline.com/5a9bd7ec-baa6-432f-8504-e0bbcb90b4e6/saml2
Frame ID: 4A06D3E5983EB33CC025CCACC0D062C1
Requests: 43 HTTP requests in this frame

Screenshot

Page Title

Aanmelden bij uw account

Page URL History Show full URLs

  1. https://tst-naturapakket.monuta.nl/ Page URL
  2. https://tst-naturapakket.monuta.nl/login.html Page URL
  3. https://tst-naturapakket.monuta.nl/SSO/ Page URL
  4. https://login.microsoftonline.com/5a9bd7ec-baa6-432f-8504-e0bbcb90b4e6/saml2 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Page Statistics

42
Requests

98 %
HTTPS

75 %
IPv6

8
Domains

8
Subdomains

9
IPs

3
Countries

2366 kB
Transfer

3584 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://tst-naturapakket.monuta.nl/ Page URL
  2. https://tst-naturapakket.monuta.nl/login.html Page URL
  3. https://tst-naturapakket.monuta.nl/SSO/ Page URL
  4. https://login.microsoftonline.com/5a9bd7ec-baa6-432f-8504-e0bbcb90b4e6/saml2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

42 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
tst-naturapakket.monuta.nl/
2 KB
2 KB
Document
General
Full URL
https://tst-naturapakket.monuta.nl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
108.143.123.129 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
bd10eb4932ddbad6eb7edef32ab4a1537233985947d8be7e7e7611331d33d651
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.monuta.nl
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache
Connection
keep-alive
Content-Length
1831
Content-Security-Policy
frame-ancestors 'self' https://*.monuta.nl
Content-Type
text/html
Date
Wed, 07 Aug 2024 10:36:50 GMT
ETag
"a6a9b94a92bd71:0"
Last-Modified
Thu, 25 Feb 2021 16:21:37 GMT
Referrer-Policy
same-origin
Server
Microsoft-IIS/10.0
Strict-Transport-Security
max-age=86400; includeSubDomains
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Permitted-Cross-Domain-Policies
none
X-XSS-Protection
1; mode=block
access-control-allow-origin
*.monuta.nl
bootstrap.min.css
tst-naturapakket.monuta.nl/lib/bootstrap/css/
115 KB
115 KB
Stylesheet
General
Full URL
https://tst-naturapakket.monuta.nl/lib/bootstrap/css/bootstrap.min.css?637498704617721360
Requested by
Host: tst-naturapakket.monuta.nl
URL: https://tst-naturapakket.monuta.nl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
108.143.123.129 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.monuta.nl
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tst-naturapakket.monuta.nl/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 07 Aug 2024 10:36:50 GMT
Content-Security-Policy
frame-ancestors 'self' https://*.monuta.nl
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=86400; includeSubDomains
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Content-Length
117305
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Thu, 25 Feb 2021 16:21:07 GMT
Server
Microsoft-IIS/10.0
ETag
"4df5683892bd71:0"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
access-control-allow-origin
*.monuta.nl
Cache-Control
no-cache
Accept-Ranges
bytes
mxui.css
tst-naturapakket.monuta.nl/mxclientsystem/mxui/ui/
103 KB
104 KB
Stylesheet
General
Full URL
https://tst-naturapakket.monuta.nl/mxclientsystem/mxui/ui/mxui.css?637498704617721360
Requested by
Host: tst-naturapakket.monuta.nl
URL: https://tst-naturapakket.monuta.nl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
108.143.123.129 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
3065f5a28e029d9862ac7f4c8ac9d3886184d72777619ec08e02b77a65939a9b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.monuta.nl
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tst-naturapakket.monuta.nl/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 07 Aug 2024 10:36:50 GMT
Content-Security-Policy
frame-ancestors 'self' https://*.monuta.nl
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=86400; includeSubDomains
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Content-Length
105813
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Wed, 16 Dec 2020 08:32:21 GMT
Server
Microsoft-IIS/10.0
ETag
"80d8a9f885d3d61:0"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
access-control-allow-origin
*.monuta.nl
Cache-Control
no-cache
Accept-Ranges
bytes
lib.css
tst-naturapakket.monuta.nl/styles/css/lib/
172 KB
173 KB
Stylesheet
General
Full URL
https://tst-naturapakket.monuta.nl/styles/css/lib/lib.css?637498704617721360
Requested by
Host: tst-naturapakket.monuta.nl
URL: https://tst-naturapakket.monuta.nl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
108.143.123.129 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
2e2efa9780c4ccf8757ef41ace38217d63927f810eef75d195b8f2a18d812e84
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.monuta.nl
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tst-naturapakket.monuta.nl/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 07 Aug 2024 10:36:50 GMT
Content-Security-Policy
frame-ancestors 'self' https://*.monuta.nl
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=86400; includeSubDomains
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Content-Length
176322
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Wed, 29 Jan 2020 12:11:56 GMT
Server
Microsoft-IIS/10.0
ETag
"8c6d134d9dd6d51:0"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
access-control-allow-origin
*.monuta.nl
Cache-Control
no-cache
Accept-Ranges
bytes
custom.css
tst-naturapakket.monuta.nl/styles/css/custom/
3 KB
4 KB
Stylesheet
General
Full URL
https://tst-naturapakket.monuta.nl/styles/css/custom/custom.css?637498704617721360
Requested by
Host: tst-naturapakket.monuta.nl
URL: https://tst-naturapakket.monuta.nl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
108.143.123.129 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ab941eafbd78225b07b4775e2b99b3cc09bdd4dd298c50707e0885201bb7929f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.monuta.nl
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tst-naturapakket.monuta.nl/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 07 Aug 2024 10:36:50 GMT
Content-Security-Policy
frame-ancestors 'self' https://*.monuta.nl
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=86400; includeSubDomains
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Content-Length
3157
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Wed, 29 Jan 2020 12:11:56 GMT
Server
Microsoft-IIS/10.0
ETag
"8c6d134d9dd6d51:0"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
access-control-allow-origin
*.monuta.nl
Cache-Control
no-cache
Accept-Ranges
bytes
mxui.js
tst-naturapakket.monuta.nl/mxclientsystem/mxui/
1 MB
1 MB
Script
General
Full URL
https://tst-naturapakket.monuta.nl/mxclientsystem/mxui/mxui.js?637498704617721360
Requested by
Host: tst-naturapakket.monuta.nl
URL: https://tst-naturapakket.monuta.nl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
108.143.123.129 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
d4e15f537fa7e3707ea38ec71aa094fca28cf1b804d83c44d19449a50e6ddb23
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.monuta.nl
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tst-naturapakket.monuta.nl/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 07 Aug 2024 10:36:50 GMT
Content-Security-Policy
frame-ancestors 'self' https://*.monuta.nl
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=86400; includeSubDomains
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Content-Length
1233162
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Wed, 16 Dec 2020 08:32:21 GMT
Server
Microsoft-IIS/10.0
ETag
"80d8a9f885d3d61:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
access-control-allow-origin
*.monuta.nl
Cache-Control
no-cache
Accept-Ranges
bytes
css
fonts.googleapis.com/
22 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
Requested by
Host: tst-naturapakket.monuta.nl
URL: https://tst-naturapakket.monuta.nl/styles/css/lib/lib.css?637498704617721360
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
31fe46164ce2459191ca1f7727fd742ce01833ee4f705459e88d43f53fcc9f80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 07 Aug 2024 10:36:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 07 Aug 2024 10:06:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 07 Aug 2024 10:36:51 GMT
/
tst-naturapakket.monuta.nl/xas/
2 B
0
Fetch
General
Full URL
https://tst-naturapakket.monuta.nl/xas/
Requested by
Host: tst-naturapakket.monuta.nl
URL: https://tst-naturapakket.monuta.nl/mxclientsystem/mxui/mxui.js?637498704617721360
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
108.143.123.129 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.monuta.nl
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

x-mx-reqtoken
1723027011432-0
accept
application/json
Referer
https://tst-naturapakket.monuta.nl/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
application/json

Response headers

Date
Wed, 07 Aug 2024 10:36:51 GMT
Content-Security-Policy
frame-ancestors 'self' https://*.monuta.nl
Referrer-Policy
same-origin
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Strict-Transport-Security
max-age=86400; includeSubDomains
X-Powered-By
ARR/3.0
X-Frame-Options
SAMEORIGIN
Content-Type
application/json;charset=utf-8
access-control-allow-origin
*.monuta.nl
Cache-Control
no-store
Connection
keep-alive
Content-Length
2
X-XSS-Protection
1; mode=block
truncated
/
43 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
/
tst-naturapakket.monuta.nl/SSO/
0
0

favicon.ico
tst-naturapakket.monuta.nl/
4 KB
5 KB
Other
General
Full URL
https://tst-naturapakket.monuta.nl/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
108.143.123.129 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
37a0c57a4bf12356acd50573503cd688394868cb359475bc1878fd2d4f9337d9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.monuta.nl
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tst-naturapakket.monuta.nl/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 07 Aug 2024 10:36:51 GMT
Content-Security-Policy
frame-ancestors 'self' https://*.monuta.nl
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=86400; includeSubDomains
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Content-Length
4286
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Wed, 29 Jan 2020 12:11:56 GMT
Server
Microsoft-IIS/10.0
ETag
"8c6d134d9dd6d51:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/x-icon
access-control-allow-origin
*.monuta.nl
Cache-Control
no-cache
Accept-Ranges
bytes
login.html
tst-naturapakket.monuta.nl/
4 KB
4 KB
Document
General
Full URL
https://tst-naturapakket.monuta.nl/login.html
Requested by
Host: tst-naturapakket.monuta.nl
URL: https://tst-naturapakket.monuta.nl/mxclientsystem/mxui/mxui.js?637498704617721360
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
108.143.123.129 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
b27314f8dcb0af2ead797d9920d9160a43f135bf825b3e89a743821d4eac3abe
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.monuta.nl
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tst-naturapakket.monuta.nl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache
Connection
keep-alive
Content-Length
3606
Content-Security-Policy
frame-ancestors 'self' https://*.monuta.nl
Content-Type
text/html
Date
Wed, 07 Aug 2024 10:36:51 GMT
ETag
"5fffbc4a92bd71:0"
Last-Modified
Thu, 25 Feb 2021 16:21:37 GMT
Referrer-Policy
same-origin
Server
Microsoft-IIS/10.0
Strict-Transport-Security
max-age=86400; includeSubDomains
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Permitted-Cross-Domain-Policies
none
X-XSS-Protection
1; mode=block
access-control-allow-origin
*.monuta.nl
bootstrap.min.css
tst-naturapakket.monuta.nl/lib/bootstrap/css/
115 KB
19 KB
Stylesheet
General
Full URL
https://tst-naturapakket.monuta.nl/lib/bootstrap/css/bootstrap.min.css?637498704617721360
Requested by
Host: tst-naturapakket.monuta.nl
URL: https://tst-naturapakket.monuta.nl/login.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
108.143.123.129 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.monuta.nl
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tst-naturapakket.monuta.nl/login.html
If-None-Match
"4df5683892bd71:0"
If-Modified-Since
Thu, 25 Feb 2021 16:21:07 GMT
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 07 Aug 2024 10:36:51 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self' https://*.monuta.nl
X-Permitted-Cross-Domain-Policies
none
Strict-Transport-Security
max-age=86400; includeSubDomains
Connection
keep-alive
Content-Length
19147
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Thu, 25 Feb 2021 16:21:07 GMT
Server
Microsoft-IIS/10.0
ETag
"801b653892bd71:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
access-control-allow-origin
*.monuta.nl
Cache-Control
no-cache
Accept-Ranges
bytes
lib.css
tst-naturapakket.monuta.nl/styles/css/lib/
172 KB
23 KB
Stylesheet
General
Full URL
https://tst-naturapakket.monuta.nl/styles/css/lib/lib.css?637498704617721360
Requested by
Host: tst-naturapakket.monuta.nl
URL: https://tst-naturapakket.monuta.nl/login.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
108.143.123.129 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
2e2efa9780c4ccf8757ef41ace38217d63927f810eef75d195b8f2a18d812e84
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.monuta.nl
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tst-naturapakket.monuta.nl/login.html
If-None-Match
"8c6d134d9dd6d51:0"
If-Modified-Since
Wed, 29 Jan 2020 12:11:56 GMT
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 07 Aug 2024 10:36:51 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self' https://*.monuta.nl
X-Permitted-Cross-Domain-Policies
none
Strict-Transport-Security
max-age=86400; includeSubDomains
Connection
keep-alive
Content-Length
22392
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Wed, 29 Jan 2020 12:11:56 GMT
Server
Microsoft-IIS/10.0
ETag
"0ce8f4c9dd6d51:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
access-control-allow-origin
*.monuta.nl
Cache-Control
no-cache
Accept-Ranges
bytes
custom.css
tst-naturapakket.monuta.nl/styles/css/custom/
3 KB
1 KB
Stylesheet
General
Full URL
https://tst-naturapakket.monuta.nl/styles/css/custom/custom.css?637498704617721360
Requested by
Host: tst-naturapakket.monuta.nl
URL: https://tst-naturapakket.monuta.nl/login.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
108.143.123.129 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ab941eafbd78225b07b4775e2b99b3cc09bdd4dd298c50707e0885201bb7929f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.monuta.nl
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tst-naturapakket.monuta.nl/login.html
If-None-Match
"8c6d134d9dd6d51:0"
If-Modified-Since
Wed, 29 Jan 2020 12:11:56 GMT
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 07 Aug 2024 10:36:51 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self' https://*.monuta.nl
X-Permitted-Cross-Domain-Policies
none
Strict-Transport-Security
max-age=86400; includeSubDomains
Connection
keep-alive
Content-Length
839
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Wed, 29 Jan 2020 12:11:56 GMT
Server
Microsoft-IIS/10.0
ETag
"0ce8f4c9dd6d51:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
access-control-allow-origin
*.monuta.nl
Cache-Control
no-cache
Accept-Ranges
bytes
monuta_logo.png
tst-naturapakket.monuta.nl/resources/
21 KB
21 KB
Image
General
Full URL
https://tst-naturapakket.monuta.nl/resources/monuta_logo.png
Requested by
Host: tst-naturapakket.monuta.nl
URL: https://tst-naturapakket.monuta.nl/login.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
108.143.123.129 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
5bc4446d11d964665b0f886943376e383ea177e43de45125a6a844032fd1175e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.monuta.nl
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tst-naturapakket.monuta.nl/login.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 07 Aug 2024 10:36:51 GMT
Content-Security-Policy
frame-ancestors 'self' https://*.monuta.nl
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=86400; includeSubDomains
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Content-Length
21232
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Wed, 29 Jan 2020 12:11:56 GMT
Server
Microsoft-IIS/10.0
ETag
"8c6d134d9dd6d51:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
access-control-allow-origin
*.monuta.nl
Cache-Control
no-cache
Accept-Ranges
bytes
login_i18n.js
tst-naturapakket.monuta.nl/js/
764 B
1 KB
Script
General
Full URL
https://tst-naturapakket.monuta.nl/js/login_i18n.js?{{%20cachebust%20}}
Requested by
Host: tst-naturapakket.monuta.nl
URL: https://tst-naturapakket.monuta.nl/login.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
108.143.123.129 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
21c66a971995d09e9744ddc9d10906d5eb843527254428e69b86622ee30edd84
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.monuta.nl
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tst-naturapakket.monuta.nl/login.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 07 Aug 2024 10:36:51 GMT
Content-Security-Policy
frame-ancestors 'self' https://*.monuta.nl
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=86400; includeSubDomains
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Content-Length
764
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Thu, 25 Feb 2021 16:21:37 GMT
Server
Microsoft-IIS/10.0
ETag
"fc99af4a92bd71:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
access-control-allow-origin
*.monuta.nl
Cache-Control
no-cache
Accept-Ranges
bytes
login.js
tst-naturapakket.monuta.nl/js/
4 KB
5 KB
Script
General
Full URL
https://tst-naturapakket.monuta.nl/js/login.js?{{%20cachebust%20}}
Requested by
Host: tst-naturapakket.monuta.nl
URL: https://tst-naturapakket.monuta.nl/login.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
108.143.123.129 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
c8506102ec234ecc5d730848d99244553323e96824e68c0343fa72e634a640e6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.monuta.nl
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tst-naturapakket.monuta.nl/login.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 07 Aug 2024 10:36:51 GMT
Content-Security-Policy
frame-ancestors 'self' https://*.monuta.nl
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=86400; includeSubDomains
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Content-Length
4519
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Thu, 25 Feb 2021 16:21:06 GMT
Server
Microsoft-IIS/10.0
ETag
"d011fd3792bd71:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
access-control-allow-origin
*.monuta.nl
Cache-Control
no-cache
Accept-Ranges
bytes
css
fonts.googleapis.com/
22 KB
0
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
Requested by
Host: tst-naturapakket.monuta.nl
URL: https://tst-naturapakket.monuta.nl/styles/css/lib/lib.css?637498704617721360
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
31fe46164ce2459191ca1f7727fd742ce01833ee4f705459e88d43f53fcc9f80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 07 Aug 2024 10:36:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 07 Aug 2024 10:06:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 07 Aug 2024 10:36:51 GMT
monuta-login.jpeg
tst-naturapakket.monuta.nl/resources/
92 KB
92 KB
Image
General
Full URL
https://tst-naturapakket.monuta.nl/resources/monuta-login.jpeg
Requested by
Host: tst-naturapakket.monuta.nl
URL: https://tst-naturapakket.monuta.nl/styles/css/custom/custom.css?637498704617721360
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
108.143.123.129 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
32c5a0f4edb75c06542c8e0fc8c615a631041566fed1884369f06dc872c0bd5c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.monuta.nl
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tst-naturapakket.monuta.nl/styles/css/custom/custom.css?637498704617721360
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 07 Aug 2024 10:36:51 GMT
Content-Security-Policy
frame-ancestors 'self' https://*.monuta.nl
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=86400; includeSubDomains
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Content-Length
93934
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Wed, 29 Jan 2020 12:11:56 GMT
Server
Microsoft-IIS/10.0
ETag
"8c6d134d9dd6d51:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
access-control-allow-origin
*.monuta.nl
Cache-Control
no-cache
Accept-Ranges
bytes
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/
47 KB
48 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://tst-naturapakket.monuta.nl
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 14:56:39 GMT
x-content-type-options
nosniff
age
70813
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Aug 2025 14:56:39 GMT
glyphicons-halflings-regular.woff2
tst-naturapakket.monuta.nl/lib/bootstrap/fonts/
18 KB
18 KB
Font
General
Full URL
https://tst-naturapakket.monuta.nl/lib/bootstrap/fonts/glyphicons-halflings-regular.woff2
Requested by
Host: tst-naturapakket.monuta.nl
URL: https://tst-naturapakket.monuta.nl/lib/bootstrap/css/bootstrap.min.css?637498704617721360
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
108.143.123.129 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.monuta.nl
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tst-naturapakket.monuta.nl/lib/bootstrap/css/bootstrap.min.css?637498704617721360
Origin
https://tst-naturapakket.monuta.nl
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 07 Aug 2024 10:36:51 GMT
Content-Security-Policy
frame-ancestors 'self' https://*.monuta.nl
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=86400; includeSubDomains
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Content-Length
18028
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Thu, 25 Feb 2021 16:21:06 GMT
Server
Microsoft-IIS/10.0
ETag
"b2865b3892bd71:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/font-woff2
access-control-allow-origin
*.monuta.nl
Cache-Control
no-cache
Accept-Ranges
bytes
/
tst-naturapakket.monuta.nl/SSO/
5 KB
6 KB
Document
General
Full URL
https://tst-naturapakket.monuta.nl/SSO/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
108.143.123.129 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
5ff51799c70bccd8f17b154766021b2879b58efe959595f32865306b384391e7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.monuta.nl
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tst-naturapakket.monuta.nl/login.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Cache-Control
no-cache, no-store
Connection
keep-alive
Content-Length
5470
Content-Security-Policy
frame-ancestors 'self' https://*.monuta.nl
Content-Type
text/html;charset=utf-8
Date
Wed, 07 Aug 2024 10:36:53 GMT
Pragma
no-cache
Referrer-Policy
same-origin
Strict-Transport-Security
max-age=86400; includeSubDomains
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Permitted-Cross-Domain-Policies
none
X-Powered-By
ARR/3.0
X-XSS-Protection
1; mode=block
access-control-allow-origin
*.monuta.nl
favicon.ico
tst-naturapakket.monuta.nl/
4 KB
530 B
Other
General
Full URL
https://tst-naturapakket.monuta.nl/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
108.143.123.129 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.monuta.nl
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tst-naturapakket.monuta.nl/login.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 07 Aug 2024 10:36:52 GMT
Content-Security-Policy
frame-ancestors 'self' https://*.monuta.nl
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=86400; includeSubDomains
X-Permitted-Cross-Domain-Policies
none
Content-Length
4286
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Wed, 29 Jan 2020 12:11:56 GMT
Server
Microsoft-IIS/10.0
ETag
"8c6d134d9dd6d51:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/x-icon
access-control-allow-origin
*.monuta.nl
Cache-Control
no-cache
Accept-Ranges
bytes
bootstrap.min.css
tst-naturapakket.monuta.nl/lib/bootstrap/css/
115 KB
19 KB
Stylesheet
General
Full URL
https://tst-naturapakket.monuta.nl/lib/bootstrap/css/bootstrap.min.css
Requested by
Host: tst-naturapakket.monuta.nl
URL: https://tst-naturapakket.monuta.nl/SSO/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
108.143.123.129 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.monuta.nl
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tst-naturapakket.monuta.nl/SSO/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 07 Aug 2024 10:36:53 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self' https://*.monuta.nl
X-Permitted-Cross-Domain-Policies
none
Strict-Transport-Security
max-age=86400; includeSubDomains
Connection
keep-alive
Content-Length
19147
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Thu, 25 Feb 2021 16:21:07 GMT
Server
Microsoft-IIS/10.0
ETag
"801b653892bd71:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
access-control-allow-origin
*.monuta.nl
Cache-Control
no-cache
Accept-Ranges
bytes
login.css
tst-naturapakket.monuta.nl/css/
625 B
1 KB
Stylesheet
General
Full URL
https://tst-naturapakket.monuta.nl/css/login.css
Requested by
Host: tst-naturapakket.monuta.nl
URL: https://tst-naturapakket.monuta.nl/SSO/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
108.143.123.129 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
f35ebb8e7e57aad053123f6b3d1f9641c1fb558219aae0ab9361f03709996d05
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.monuta.nl
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tst-naturapakket.monuta.nl/SSO/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 07 Aug 2024 10:36:53 GMT
Content-Security-Policy
frame-ancestors 'self' https://*.monuta.nl
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=86400; includeSubDomains
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Content-Length
625
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Thu, 25 Feb 2021 16:21:06 GMT
Server
Microsoft-IIS/10.0
ETag
"8afef43792bd71:0"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
access-control-allow-origin
*.monuta.nl
Cache-Control
no-cache
Accept-Ranges
bytes
Primary Request saml2
login.microsoftonline.com/5a9bd7ec-baa6-432f-8504-e0bbcb90b4e6/
37 KB
16 KB
Document
General
Full URL
https://login.microsoftonline.com/5a9bd7ec-baa6-432f-8504-e0bbcb90b4e6/saml2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2603:1026:3000:148::e Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
73fd9b057fd13d0ce7cf38b7be64754268bec95697f1702080d6768954898242
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
null
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache
content-encoding
gzip
content-length
14423
content-type
text/html; charset=utf-8
date
Wed, 07 Aug 2024 10:36:52 GMT
expires
-1
link
<https://aadcdn.msauth.net>; rel=preconnect; crossorigin,<https://aadcdn.msauth.net>; rel=dns-prefetch,<https://aadcdn.msftauth.net>; rel=dns-prefetch
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
p3p
CP="DSP CUR OTPi IND OTRi ONL FIN"
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
on
x-frame-options
DENY
x-ms-ests-server
2.1.18662.4 - SEC ProdSlices
x-ms-request-id
781ea2c4-573a-4ba9-b798-8f91765e1900
x-ms-srs
1.P
x-xss-protection
0
favicon.ico
tst-naturapakket.monuta.nl/
4 KB
530 B
Other
General
Full URL
https://tst-naturapakket.monuta.nl/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
108.143.123.129 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.monuta.nl
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tst-naturapakket.monuta.nl/SSO/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 07 Aug 2024 10:36:53 GMT
Content-Security-Policy
frame-ancestors 'self' https://*.monuta.nl
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=86400; includeSubDomains
X-Permitted-Cross-Domain-Policies
none
Content-Length
4286
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Wed, 29 Jan 2020 12:11:56 GMT
Server
Microsoft-IIS/10.0
ETag
"8c6d134d9dd6d51:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/x-icon
access-control-allow-origin
*.monuta.nl
Cache-Control
no-cache
Accept-Ranges
bytes
converged.v2.login.min_qzvqnltrxpy99ajspyxbgq2.css
aadcdn.msauth.net/ests/2.1/content/cdnbundles/
111 KB
20 KB
Stylesheet
General
Full URL
https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_qzvqnltrxpy99ajspyxbgq2.css
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/5a9bd7ec-baa6-432f-8504-e0bbcb90b4e6/saml2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1f8ceb44fe7cfcf7e71dbd5122210335ca3821d697a851d2900b95af7d92d69d

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 07 Aug 2024 10:36:53 GMT
content-encoding
gzip
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
0
content-length
20414
x-ms-lease-status
unlocked
last-modified
Wed, 03 Jul 2024 21:48:08 GMT
etag
0x8DC9BA9D4131BFD
x-azure-ref
20240807T103653Z-17c4bf6c47dcsbkhnc15zx8m3n00000009u000000000htpx
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
105b661f-301e-0015-1ad0-e3d2b6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
ConvergedLogin_PCore_Zq224xFJAG8RoxrKyx8tfA2.js
aadcdn.msauth.net/shared/1.0/content/js/
439 KB
120 KB
Script
General
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_Zq224xFJAG8RoxrKyx8tfA2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/5a9bd7ec-baa6-432f-8504-e0bbcb90b4e6/saml2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d691b4ab664bb80c23139c56326062c868d1bc9cf1a9e32422b2d28c2ec95456

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 07 Aug 2024 10:36:53 GMT
content-encoding
gzip
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
4554691
content-length
122075
x-ms-lease-status
unlocked
last-modified
Thu, 18 Jul 2024 21:52:45 GMT
etag
0x8DCA773F4ED8F83
x-azure-ref
20240807T103653Z-17c4bf6c47dcsbkhnc15zx8m3n00000009u000000000htpy
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
e067a937-e01e-002e-67dd-e39141000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
ux.converged.login.strings-nl.min_fg752l6p1r15hza8l-a3aa2.js
aadcdn.msauth.net/ests/2.1/content/cdnbundles/
58 KB
17 KB
Script
General
Full URL
https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-nl.min_fg752l6p1r15hza8l-a3aa2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/5a9bd7ec-baa6-432f-8504-e0bbcb90b4e6/saml2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2471901f0d975b7a8a4207bb8de6efd99710d2556e82e62496989adfc86dba6e

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 07 Aug 2024 10:36:53 GMT
content-encoding
gzip
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
0
content-length
16863
x-ms-lease-status
unlocked
last-modified
Tue, 09 Jul 2024 17:43:34 GMT
etag
0x8DCA03EA81D958F
x-azure-ref
20240807T103653Z-17c4bf6c47dcsbkhnc15zx8m3n00000009u000000000htpz
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
db835eb7-001e-005c-52d5-e3e1b1000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
Me.htm
login.live.com/
0
0
Other
General
Full URL
https://login.live.com/Me.htm?v=3
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/5a9bd7ec-baa6-432f-8504-e0bbcb90b4e6/saml2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.126.32.136 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

convergedlogin_pcustomizationloader_6c7dc46bb93924417b57.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/
397 KB
114 KB
Script
General
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_6c7dc46bb93924417b57.js
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_Zq224xFJAG8RoxrKyx8tfA2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1ec87632ee58734951aa02813ef07ad377126a39a16f063c181519b98ffffc07

Request headers

Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 07 Aug 2024 10:36:54 GMT
content-encoding
gzip
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
0
content-length
116351
x-ms-lease-status
unlocked
last-modified
Thu, 20 Jun 2024 02:13:44 GMT
etag
0x8DC90CE9C53BCDF
x-azure-ref
20240807T103654Z-167f4bf9998nx85mdb3r0vfs74000000019000000000p40y
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
c2f21bb9-b01e-0066-18d2-e7fbc9000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
favicon_a_eupayfgghqiai7k9sol6lg2.ico
aadcdn.msauth.net/shared/1.0/content/images/
17 KB
17 KB
Other
General
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21

Request headers

Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 07 Aug 2024 10:36:54 GMT
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
0
content-length
17174
x-ms-lease-status
unlocked
last-modified
Sun, 18 Oct 2020 03:02:03 GMT
etag
0x8D8731230C851A6
x-azure-ref
20240807T103654Z-167f4bf9998nx85mdb3r0vfs74000000019000000000p40x
content-type
image/x-icon
access-control-allow-origin
*
x-ms-request-id
7d882c7e-f01e-006f-67eb-e7c9a5000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
convergedlogin_pfetchsessionsprogress_758d4d3367a37038a3b2.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/
15 KB
6 KB
Script
General
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_758d4d3367a37038a3b2.js
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_Zq224xFJAG8RoxrKyx8tfA2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8d31dbc6089dc6195b1945b85a7225a01dcf031bd8cbc3df86029022fe64a5e5

Request headers

Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 07 Aug 2024 10:36:54 GMT
content-encoding
gzip
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
4554691
content-length
5531
x-ms-lease-status
unlocked
last-modified
Thu, 20 Jun 2024 02:13:44 GMT
etag
0x8DC90CE9C8E6126
x-azure-ref
20240807T103654Z-167f4bf9998nx85mdb3r0vfs74000000019000000000p424
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
aca5dd45-301e-002d-6ec9-e77025000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
aadcdn.msauth.net/shared/1.0/content/images/
3 KB
3 KB
Image
General
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13

Request headers

Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 07 Aug 2024 10:36:54 GMT
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
4554691
content-length
2672
x-ms-lease-status
unlocked
last-modified
Wed, 24 May 2023 10:11:47 GMT
etag
0x8DB5C3F48EC4154
x-azure-ref
20240807T103654Z-167f4bf9998nx85mdb3r0vfs74000000019000000000p425
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
e6a20043-001e-0036-58c6-e74e26000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
aadcdn.msauth.net/shared/1.0/content/images/
4 KB
4 KB
Image
General
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d

Request headers

Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 07 Aug 2024 10:36:54 GMT
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
0
content-length
3620
x-ms-lease-status
unlocked
last-modified
Wed, 24 May 2023 10:11:48 GMT
etag
0x8DB5C3F4904824B
x-azure-ref
20240807T103654Z-167f4bf9998nx85mdb3r0vfs74000000019000000000p426
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
3e170620-801e-000f-48d2-e7c285000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
illustration
aadcdn.msauthimages.net/c1c6b6c8-bkaodz6abilnlvyi3ueplvj9fwnoc7znrvzgwtunmka/logintenantbranding/0/
134 KB
135 KB
Image
General
Full URL
https://aadcdn.msauthimages.net/c1c6b6c8-bkaodz6abilnlvyi3ueplvj9fwnoc7znrvzgwtunmka/logintenantbranding/0/illustration?ts=636555954246423182
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/4898) /
Resource Hash
ba48e5a04be5816e94bf836847712698d74a9635c5cedc1d59c2a310f8302027
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 07 Aug 2024 10:36:54 GMT
x-content-type-options
nosniff
content-md5
HdGLNPy6qFDZMs7N3MbfRQ==
age
5498
x-cache
HIT
content-length
137654
x-ms-lease-status
unlocked
last-modified
Fri, 02 Mar 2018 13:50:24 GMT
server
ECAcc (ama/4898)
etag
0x8D580448CA03869
content-type
image/*
access-control-allow-origin
*
x-ms-request-id
54a5acf3-401e-0065-3ca8-e89d6f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
bannerlogo
aadcdn.msauthimages.net/c1c6b6c8-bkaodz6abilnlvyi3ueplvj9fwnoc7znrvzgwtunmka/logintenantbranding/0/
5 KB
5 KB
Image
General
Full URL
https://aadcdn.msauthimages.net/c1c6b6c8-bkaodz6abilnlvyi3ueplvj9fwnoc7znrvzgwtunmka/logintenantbranding/0/bannerlogo?ts=636555954262841751
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48EF) /
Resource Hash
89e2c90f97fef19efd428a8770a7f713b3ea6bff5eeea59e15ccf6754abda815
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 07 Aug 2024 10:36:54 GMT
x-content-type-options
nosniff
content-md5
1ic6vLyEAchg0IZ7IFG6UQ==
age
5498
x-cache
HIT
content-length
5015
x-ms-lease-status
unlocked
last-modified
Fri, 02 Mar 2018 13:50:26 GMT
server
ECAcc (ama/48EF)
etag
0x8D580448D8418EC
content-type
image/*
access-control-allow-origin
*
x-ms-request-id
a569928f-f01e-0038-53a8-e86d6b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
ssoprobe
autologon.microsoftazuread-sso.com/5a9bd7ec-baa6-432f-8504-e0bbcb90b4e6/winauth/
12 B
1 KB
Image
General
Full URL
https://autologon.microsoftazuread-sso.com/5a9bd7ec-baa6-432f-8504-e0bbcb90b4e6/winauth/ssoprobe?client-request-id=8e6a27aa-ba97-4128-8342-93e54ed3d430&_=1723027014556
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2603:1026:3000:148::12 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 07 Aug 2024 10:36:54 GMT
X-Content-Type-Options
nosniff
WWW-Authenticate
Negotiate
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Content-Length
12
X-XSS-Protection
0
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Vary
Origin
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png; charset=utf-8
Access-Control-Allow-Origin
https://login.microsoftonline.com
x-ms-request-id
66cec749-14bb-4104-9518-fa1265331900
Cache-Control
no-store, no-cache
Access-Control-Allow-Credentials
true
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
x-ms-ests-server
2.1.18662.4 - SEC ProdSlices
Expires
-1
dssostatus
login.microsoftonline.com/common/instrumentation/
265 B
651 B
XHR
General
Full URL
https://login.microsoftonline.com/common/instrumentation/dssostatus
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_Zq224xFJAG8RoxrKyx8tfA2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2603:1026:3000:148::e Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
17e75a9c2462bfd92a9bc29cc6bc0a452bb127280b799a30a52ff2699a3e2488
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

hpgrequestid
781ea2c4-573a-4ba9-b798-8f91765e1900
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
client-request-id
8e6a27aa-ba97-4128-8342-93e54ed3d430
canary
PAQABDgEAAAApTwJmzXqdR4BN2miheQMYER3xfa7pz1HhKgtWhHmuyhoSTZ7EKpoCcAYrQhQ1jkMXPqPAp8RRdpi63ro5GXZV7IBxBrNSdjcvPG6X7pXEAPkRtMX58WRbQpmkcL7nubGKP63N88PW8eylVHK5Ni8MVpmlTdGorDlyMetALLtcBvf6XRnCA922HI77QrS4zjHBD9g0Q13Y80VA_CD1vLZg8uDFEkdlf1w0vG26tPh8pCAA
Content-type
application/json; charset=UTF-8
hpgid
1104
Accept
application/json
Referer
https://login.microsoftonline.com/5a9bd7ec-baa6-432f-8504-e0bbcb90b4e6/saml2
hpgact
1900

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 07 Aug 2024 10:36:54 GMT
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
client-request-id
8e6a27aa-ba97-4128-8342-93e54ed3d430
p3p
CP="DSP CUR OTPi IND OTRi ONL FIN"
content-length
265
x-xss-protection
0
pragma
no-cache
x-ms-srs
1.P
referrer-policy
strict-origin-when-cross-origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://autologon.microsoftazuread-sso.com/
x-ms-request-id
9a18f3e8-dbf3-46c3-8d37-d264d5642c00
cache-control
no-store, no-cache
access-control-allow-credentials
true
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
x-ms-ests-server
2.1.18662.4 - WEULR1 ProdSlices
expires
-1
convergedlogin_pstringcustomizationhelper_92013fd9f2f609d397ae.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/
111 KB
35 KB
Script
General
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_92013fd9f2f609d397ae.js
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_Zq224xFJAG8RoxrKyx8tfA2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
bab311bf22661b153353a159f0ec931dbcb79f950fa37daf9d0ff180cbf45deb

Request headers

Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 07 Aug 2024 10:36:54 GMT
content-encoding
gzip
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
0
content-length
35167
x-ms-lease-status
unlocked
last-modified
Thu, 20 Jun 2024 02:13:45 GMT
etag
0x8DC90CE9CFCD37E
x-azure-ref
20240807T103654Z-167f4bf9998nx85mdb3r0vfs74000000019000000000p44b
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
1c7b16d8-701e-003c-69d2-e7ea91000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
aadcdn.msauth.net/shared/1.0/content/images/
2 KB
1 KB
Image
General
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93

Request headers

Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 07 Aug 2024 10:36:54 GMT
content-encoding
gzip
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
0
content-length
621
x-ms-lease-status
unlocked
last-modified
Wed, 24 May 2023 10:11:49 GMT
etag
0x8DB5C3F49ED96E0
x-azure-ref
20240807T103654Z-167f4bf9998nx85mdb3r0vfs74000000019000000000p44c
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
8f5eec9f-301e-003d-07b2-e7b54d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
tst-naturapakket.monuta.nl
URL
https://tst-naturapakket.monuta.nl/SSO/

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository object| Telemetry object| telemetry_webpackJsonp boolean| __ConvergedLogin_PCore boolean| __ boolean| __convergedlogin_pcustomizationloader_6c7dc46bb93924417b57 boolean| __convergedlogin_pfetchsessionsprogress_758d4d3367a37038a3b2 boolean| __convergedlogin_pstringcustomizationhelper_92013fd9f2f609d397ae

13 Cookies

Domain/Path Name / Value
tst-naturapakket.monuta.nl/ Name: originURI
Value: /login.html
login.microsoftonline.com/ Name: buid
Value: 0.ASAA7NebWqa6L0OFBOC7y5C05sRFiVJrUyVHslwf8fOnrAHkAAA.AQABGgEAAAApTwJmzXqdR4BN2miheQMYOxaHczHEqNhbRl4-CdqxUZZxD1uA_lBEaOlFSeJSafB9faL8Uftjk4Hs1IiPMCcTYfq6F9bBlEuqPSzi6biTJz83i0NhaCpRT1VXTznlYswgAA
.login.microsoftonline.com/ Name: esctx
Value: PAQABBwEAAAApTwJmzXqdR4BN2miheQMYOL9b5issETmLPDOltYpHZZYZ7r3-2tJzYcWu-thAD0QXdnAMqw3fGBSK7l2m8It3oE1W0mhJEg9SW5Sode2SVut_KOsMuXLw32vZy4YitrX_0TUzlWIqCqcmrIND5kEBD-Op7P767sUMJxfUfHBx12wHYKiJ9G8zxOj8Otvz7swgAA
.login.microsoftonline.com/ Name: esctx-3XjPHjPJiE
Value: AQABCQEAAAApTwJmzXqdR4BN2miheQMY-4sKNLIzTWDN1odsxbnsttlIGNAhXtqsXpfaLvtESItts9mIVm8DUA2lgUN9Qw0XIgWL5ZDLl3WCrlrgZDQruz1Pdl0jxQOSyrV3DjaFvP5BrjxVauMXeZaRNGFermaWveTAW2mxhOjnYeVoF4gsEyAA
login.microsoftonline.com/ Name: fpc
Value: Al0QNF5zG_ZPjB5ThaqVZ_EBpbc1AQAAAERFRd4OAAAA
login.microsoftonline.com/ Name: x-ms-gateway-slice
Value: estsfd
login.microsoftonline.com/ Name: stsservicecookie
Value: estsfd
.login.microsoftonline.com/ Name: brcap
Value: 0
.login.live.com/ Name: uaid
Value: 39cecb2e38234a5f8eb68a8e726a0483
.login.live.com/ Name: MSPRequ
Value: id=N&lt=1723027014&co=1
autologon.microsoftazuread-sso.com/ Name: fpc
Value: AqJB5qjdzSdNoxzv0n_yQzs
autologon.microsoftazuread-sso.com/ Name: x-ms-gateway-slice
Value: estsfd
autologon.microsoftazuread-sso.com/ Name: stsservicecookie
Value: estsfd

3 Console Messages

Source Level URL
Text
network error URL: https://tst-naturapakket.monuta.nl/xas/
Message:
Failed to load resource: the server responded with a status of 401 (Unauthorized)
network error URL: https://autologon.microsoftazuread-sso.com/5a9bd7ec-baa6-432f-8504-e0bbcb90b4e6/winauth/ssoprobe?client-request-id=8e6a27aa-ba97-4128-8342-93e54ed3d430&_=1723027014556
Message:
Failed to load resource: the server responded with a status of 401 (Unauthorized)
recommendation verbose URL: https://login.microsoftonline.com/5a9bd7ec-baa6-432f-8504-e0bbcb90b4e6/saml2
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' https://*.monuta.nl
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msauth.net
aadcdn.msauthimages.net
autologon.microsoftazuread-sso.com
fonts.googleapis.com
fonts.gstatic.com
login.live.com
login.microsoftonline.com
tst-naturapakket.monuta.nl
tst-naturapakket.monuta.nl
108.143.123.129
2603:1026:3000:148::12
2603:1026:3000:148::e
2606:2800:233:1cb7:261b:1f9c:2074:3c
2620:1ec:bdf::42
2a00:1450:4001:806::200a
2a00:1450:4001:828::2003
40.126.32.136
17e75a9c2462bfd92a9bc29cc6bc0a452bb127280b799a30a52ff2699a3e2488
1ec87632ee58734951aa02813ef07ad377126a39a16f063c181519b98ffffc07
1f8ceb44fe7cfcf7e71dbd5122210335ca3821d697a851d2900b95af7d92d69d
21c66a971995d09e9744ddc9d10906d5eb843527254428e69b86622ee30edd84
2471901f0d975b7a8a4207bb8de6efd99710d2556e82e62496989adfc86dba6e
2e2efa9780c4ccf8757ef41ace38217d63927f810eef75d195b8f2a18d812e84
3065f5a28e029d9862ac7f4c8ac9d3886184d72777619ec08e02b77a65939a9b
31fe46164ce2459191ca1f7727fd742ce01833ee4f705459e88d43f53fcc9f80
32c5a0f4edb75c06542c8e0fc8c615a631041566fed1884369f06dc872c0bd5c
37a0c57a4bf12356acd50573503cd688394868cb359475bc1878fd2d4f9337d9
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
5bc4446d11d964665b0f886943376e383ea177e43de45125a6a844032fd1175e
5ff51799c70bccd8f17b154766021b2879b58efe959595f32865306b384391e7
73fd9b057fd13d0ce7cf38b7be64754268bec95697f1702080d6768954898242
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d
89e2c90f97fef19efd428a8770a7f713b3ea6bff5eeea59e15ccf6754abda815
8d31dbc6089dc6195b1945b85a7225a01dcf031bd8cbc3df86029022fe64a5e5
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13
ab941eafbd78225b07b4775e2b99b3cc09bdd4dd298c50707e0885201bb7929f
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b27314f8dcb0af2ead797d9920d9160a43f135bf825b3e89a743821d4eac3abe
ba48e5a04be5816e94bf836847712698d74a9635c5cedc1d59c2a310f8302027
bab311bf22661b153353a159f0ec931dbcb79f950fa37daf9d0ff180cbf45deb
bd10eb4932ddbad6eb7edef32ab4a1537233985947d8be7e7e7611331d33d651
c8506102ec234ecc5d730848d99244553323e96824e68c0343fa72e634a640e6
d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f
d4e15f537fa7e3707ea38ec71aa094fca28cf1b804d83c44d19449a50e6ddb23
d691b4ab664bb80c23139c56326062c868d1bc9cf1a9e32422b2d28c2ec95456
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5
f35ebb8e7e57aad053123f6b3d1f9641c1fb558219aae0ab9361f03709996d05
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c