urlscan.io logo urlscan.io
SecurityTrails logo

login.microsoftonline.com Open in urlscan Pro
20.190.154.17  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://qbe.zycus.com/home
Effective URL: https://login.microsoftonline.com/ce56fae6-055d-4c9f-b6c9-9d341506a491/saml2?sso_reload=true
Submission: On March 01 via manual from PH — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 7 domains to perform 42 HTTP transactions. The main IP is 20.190.154.17, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.microsoftonline.com. The Cisco Umbrella rank of the primary domain is 23.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on February 16th 2023. Valid for: a year.
This is the only time login.microsoftonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 14 92.123.36.164 16625 (AKAMAI-AS)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 12 207.211.10.92 14135 (NAVISITE-...)
3 20.190.154.17 8075 (MICROSOFT...)
12 2620:1ec:4e:1... 8075 (MICROSOFT...)
1 20.190.159.69 ()
1 152.199.4.73 ()
1 2603:1026:300... ()
42 8
14    92.123.36.164 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-36-164.deploy.static.akamaitechnologies.com
qbe.zycus.com
1    2a02:26f0:6c00::210:ba4b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
ds-aksb-a.akamaihd.net
12    207.211.10.92 (Providence, United States)

ASN14135 (NAVISITE-EAST-2, US)
zauth.zycus.com
zauth-admin.zycus.com
3    20.190.154.17 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com
12    2620:1ec:4e:1::69 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aadcdn.msauth.net
1    20.190.159.69 (None, )

ASN- ()
login.live.com
1    152.199.4.73 (None, )

ASN- ()
aadcdn.msauthimages.net
1    2603:1026:3000:d0:: (None, )

ASN- ()
autologon.microsoftazuread-sso.com
Apex Domain
Subdomains		 Transfer
26 zycus.com
qbe.zycus.com
zauth.zycus.com — Cisco Umbrella Rank: 762177
zauth-admin.zycus.com — Cisco Umbrella Rank: 929860
2 MB
12 msauth.net
aadcdn.msauth.net — Cisco Umbrella Rank: 1131
236 KB
3 microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 23
112 KB
1 microsoftazuread-sso.com
autologon.microsoftazuread-sso.com
1 KB
1 msauthimages.net
aadcdn.msauthimages.net
7 KB
1 live.com
login.live.com
1 akamaihd.net
ds-aksb-a.akamaihd.net — Cisco Umbrella Rank: 5364
5 KB
42 7
Domain Requested by
14 qbe.zycus.com 1 redirects qbe.zycus.com
12 aadcdn.msauth.net login.microsoftonline.com
aadcdn.msauth.net
11 zauth-admin.zycus.com 1 redirects qbe.zycus.com
zauth-admin.zycus.com
3 login.microsoftonline.com aadcdn.msauth.net
1 autologon.microsoftazuread-sso.com
1 aadcdn.msauthimages.net
1 login.live.com login.microsoftonline.com
1 zauth.zycus.com 1 redirects
1 ds-aksb-a.akamaihd.net qbe.zycus.com
42 9

This site contains no links.

Subject Issuer Validity Valid
*.zycus.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-10 -
2023-09-13		 a year crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-28 -
2023-06-30		 a year crt.sh
stamp2.login.microsoftonline.com
DigiCert SHA2 Secure Server CA		 2023-02-16 -
2024-02-16		 a year crt.sh
aadcdn.msauth.net
DigiCert SHA2 Secure Server CA		 2023-01-27 -
2024-01-27		 a year crt.sh
login.live.com
DigiCert SHA2 Secure Server CA		 2022-12-30 -
2023-12-30		 a year crt.sh
aadcdn.msauthimages.net
Microsoft Azure TLS Issuing CA 02		 2022-05-11 -
2023-05-06		 a year crt.sh
autologon.microsoftazuread-sso.com
DigiCert SHA2 Secure Server CA		 2023-01-03 -
2024-01-03		 a year crt.sh

This page contains 1 frames:

Primary Page: https://login.microsoftonline.com/ce56fae6-055d-4c9f-b6c9-9d341506a491/saml2?sso_reload=true
Frame ID: 5D741751966E035EEC5643297CC727B4
Requests: 42 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bei Ihrem Konto anmelden

Page URL History Show full URLs

  1. https://qbe.zycus.com/home HTTP 301
    https://qbe.zycus.com/home/ Page URL
  2. https://zauth.zycus.com/oauth2/authorize-client/zycusopenid?action=login&Delegated=true&serviceName=... HTTP 302
    https://zauth-admin.zycus.com/auth/realms/ZycusRealm/protocol/openid-connect/auth?response_type=code&clien... HTTP 303
    https://zauth-admin.zycus.com/auth/realms/ZycusRealm/broker/qbe/login?session_code=Hibe1Rs1kWr2VSIHpd8-E11... Page URL
  3. https://login.microsoftonline.com/ce56fae6-055d-4c9f-b6c9-9d341506a491/saml2 Page URL
  4. https://login.microsoftonline.com/ce56fae6-055d-4c9f-b6c9-9d341506a491/saml2?sso_reload=true Page URL

Page Statistics

42
Requests

100 %
HTTPS

38 %
IPv6

7
Domains

9
Subdomains

8
IPs

3
Countries

2043 kB
Transfer

7275 kB
Size

22
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://qbe.zycus.com/home HTTP 301
    https://qbe.zycus.com/home/ Page URL
  2. https://zauth.zycus.com/oauth2/authorize-client/zycusopenid?action=login&Delegated=true&serviceName=https%3A%2F%2Fqbe.zycus.com%2Fhome%2F%3F&kc_idp_hint=qbe HTTP 302
    https://zauth-admin.zycus.com/auth/realms/ZycusRealm/protocol/openid-connect/auth?response_type=code&client_id=zycusopenid&scope=openid%20email&state=xpWB6yVlUsC7qNS9HaEma3ghGCL3uG0anV0JD6qj0XM%3D&redirect_uri=https://zauth.zycus.com/login/oauth2/code/zycusopenid&kc_idp_hint=qbe HTTP 303
    https://zauth-admin.zycus.com/auth/realms/ZycusRealm/broker/qbe/login?session_code=Hibe1Rs1kWr2VSIHpd8-E11lrDNRByQxnIc10HZ4YrE&client_id=zycusopenid&tab_id=0AwGFb8gAB0 Page URL
  3. https://login.microsoftonline.com/ce56fae6-055d-4c9f-b6c9-9d341506a491/saml2 Page URL
  4. https://login.microsoftonline.com/ce56fae6-055d-4c9f-b6c9-9d341506a491/saml2?sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://qbe.zycus.com/home HTTP 301
  • https://qbe.zycus.com/home/
Request Chain 13
  • https://zauth.zycus.com/oauth2/authorize-client/zycusopenid?action=login&Delegated=true&serviceName=https%3A%2F%2Fqbe.zycus.com%2Fhome%2F%3F&kc_idp_hint=qbe HTTP 302
  • https://zauth-admin.zycus.com/auth/realms/ZycusRealm/protocol/openid-connect/auth?response_type=code&client_id=zycusopenid&scope=openid%20email&state=xpWB6yVlUsC7qNS9HaEma3ghGCL3uG0anV0JD6qj0XM%3D&redirect_uri=https://zauth.zycus.com/login/oauth2/code/zycusopenid&kc_idp_hint=qbe HTTP 303
  • https://zauth-admin.zycus.com/auth/realms/ZycusRealm/broker/qbe/login?session_code=Hibe1Rs1kWr2VSIHpd8-E11lrDNRByQxnIc10HZ4YrE&client_id=zycusopenid&tab_id=0AwGFb8gAB0

42 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
qbe.zycus.com/home/
Redirect Chain
  • https://qbe.zycus.com/home
  • https://qbe.zycus.com/home/
3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://qbe.zycus.com/home/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.36.164 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-36-164.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e8259c6b58837e0aa72bc4d52f562a6ee4350d37eae1aff276991227ea60a223

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-type
text/html; charset=utf-8
date
Wed, 01 Mar 2023 10:38:38 GMT
etag
"63d7b036-4d1:dtagent102572212220941476nHm"
expires
Wed, 01 Mar 2023 10:38:38 GMT
last-modified
Mon, 30 Jan 2023 11:55:34 GMT
pragma
no-cache
server
nginx
server-timing
dtSInfo;desc="0", dtRpid;desc="-537508463"
x-akamai-transformed
9 1744 0 pmb=mRUM,1
x-oneagent-js-injection
true
x-ruxit-js-agent
true

Redirect headers

cache-control
max-age=0, no-cache
content-length
673
content-type
text/html
date
Wed, 01 Mar 2023 10:38:38 GMT
expires
Wed, 01 Mar 2023 10:38:38 GMT
location
/home/
pragma
no-cache
server
nginx
server-timing
dtSInfo;desc="0", dtRpid;desc="1779306052"
strict-transport-security
max-age=31536000
x-frame-options
SAMEORIGIN
x-oneagent-js-injection
true
x-ruxit-js-agent
true
x-ua-compatible
IE=Edge
ruxitagentjs_ICA27NVfghqrux_10257221222094147.js
qbe.zycus.com/ 		248 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qbe.zycus.com/ruxitagentjs_ICA27NVfghqrux_10257221222094147.js
Requested by
Host: qbe.zycus.com
URL: https://qbe.zycus.com/home/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.36.164 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-36-164.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
54eed4761f8a91ebc80e49f3182e13e055e412464571278d015ffe3b7f79ab11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qbe.zycus.com/home/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ua-compatible
IE=Edge
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Wed, 01 Mar 2023 10:38:39 GMT
last-modified
Wed, 03 Mar 2010 07:01:40 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=31462026
content-length
95610
expires
Wed, 28 Feb 2024 14:05:45 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
qbe.zycus.com/home/assets/fonts/roboto/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://qbe.zycus.com/home/assets/fonts/roboto/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: qbe.zycus.com
URL: https://qbe.zycus.com/home/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.36.164 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-36-164.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Request headers

Referer
https://qbe.zycus.com/home/
Origin
https://qbe.zycus.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 10:38:39 GMT
content-encoding
gzip
last-modified
Wed, 07 Dec 2022 07:36:58 GMT
server
nginx
etag
"6390429a-3bf0:dtagent10253221019152312kXjH"
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=31536000
server-timing
dtSInfo;desc="0", dtRpid;desc="-68415712"
accept-ranges
bytes
expires
Thu, 29 Feb 2024 10:38:39 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
qbe.zycus.com/home/assets/fonts/roboto/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://qbe.zycus.com/home/assets/fonts/roboto/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: qbe.zycus.com
URL: https://qbe.zycus.com/home/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.36.164 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-36-164.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
1d5b7c64458f4af91dcfee0354be47adde1f739b5aded03a7ab6068a1bb6ca97

Request headers

Referer
https://qbe.zycus.com/home/
Origin
https://qbe.zycus.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 10:38:39 GMT
content-encoding
gzip
last-modified
Thu, 15 Sep 2022 15:41:29 GMT
server
nginx
etag
"632347a9-3c4c:dtagent10249220905100923FvHA"
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=31178729
server-timing
dtSInfo;desc="0", dtRpid;desc="-1597296062"
accept-ranges
bytes
expires
Sun, 25 Feb 2024 07:24:08 GMT
styles.34e03e98e258a91fd67f.css
qbe.zycus.com/home/ 		385 KB
54 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://qbe.zycus.com/home/styles.34e03e98e258a91fd67f.css
Requested by
Host: qbe.zycus.com
URL: https://qbe.zycus.com/home/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.36.164 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-36-164.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
c50c89524ff1ba3f70a937843c1259d549da25c9642fc0febbf7ddc47c9de962

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qbe.zycus.com/home/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 10:38:39 GMT
content-encoding
gzip
last-modified
Mon, 30 Jan 2023 11:55:32 GMT
server
nginx
etag
"63d7b034-60344"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=315360000
server-timing
dtSInfo;desc="0", dtRpid;desc="-1285425634"
accept-ranges
bytes
expires
Sat, 26 Feb 2033 10:38:39 GMT
runtime.4a19117f8488b37a8e0f.js
qbe.zycus.com/home/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qbe.zycus.com/home/runtime.4a19117f8488b37a8e0f.js
Requested by
Host: qbe.zycus.com
URL: https://qbe.zycus.com/home/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.36.164 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-36-164.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
88c253cfc65cf3324d8a4dc130085d7bc8f57a79313f3a2d5bffecae2eb0fea1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qbe.zycus.com/home/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 10:38:39 GMT
content-encoding
gzip
last-modified
Wed, 07 Dec 2022 07:36:57 GMT
server
nginx
etag
"63904299-bd7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=315360000
server-timing
dtSInfo;desc="0", dtRpid;desc="-495272636"
accept-ranges
bytes
content-length
1376
expires
Sat, 26 Feb 2033 10:38:39 GMT
polyfills.708197da22be5bb09b21.js
qbe.zycus.com/home/ 		133 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qbe.zycus.com/home/polyfills.708197da22be5bb09b21.js
Requested by
Host: qbe.zycus.com
URL: https://qbe.zycus.com/home/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.36.164 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-36-164.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
7c6fe2e2441814a5c6f4d955a582bc81d6af39d6d3350041dd9029b659d145b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qbe.zycus.com/home/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 10:38:39 GMT
content-encoding
gzip
last-modified
Thu, 15 Sep 2022 15:41:29 GMT
server
nginx
etag
"632347a9-214e9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=315360000
server-timing
dtSInfo;desc="0", dtRpid;desc="-1620260578"
accept-ranges
bytes
content-length
31830
expires
Sat, 26 Feb 2033 10:38:39 GMT
vendor.e7c05a88984ba6d06aa7.js
qbe.zycus.com/home/ 		4 MB
893 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qbe.zycus.com/home/vendor.e7c05a88984ba6d06aa7.js
Requested by
Host: qbe.zycus.com
URL: https://qbe.zycus.com/home/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.36.164 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-36-164.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
1f2bda8df86b24dd92379a406bec6df051fe020d3beb9082473618b4abab853e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qbe.zycus.com/home/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 10:38:39 GMT
content-encoding
gzip
last-modified
Mon, 30 Jan 2023 11:55:32 GMT
server
nginx
etag
"63d7b034-3e43a8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=315267434
server-timing
dtSInfo;desc="0", dtRpid;desc="-38147173"
accept-ranges
bytes
expires
Fri, 25 Feb 2033 08:55:53 GMT
main.8a482b20be2920197254.js
qbe.zycus.com/home/ 		418 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qbe.zycus.com/home/main.8a482b20be2920197254.js
Requested by
Host: qbe.zycus.com
URL: https://qbe.zycus.com/home/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.36.164 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-36-164.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b99f57e8fcc43577c4f79dbc5b38771db3e4a80c0cbef5cb050642925e5d7f52

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qbe.zycus.com/home/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 10:38:39 GMT
content-encoding
gzip
last-modified
Wed, 07 Dec 2022 07:36:57 GMT
server
nginx
etag
"63904299-6860d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=315298657
server-timing
dtSInfo;desc="0", dtRpid;desc="1920997617"
accept-ranges
bytes
content-length
78399
expires
Fri, 25 Feb 2033 17:36:16 GMT
aksb.min.js
ds-aksb-a.akamaihd.net/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ds-aksb-a.akamaihd.net/aksb.min.js
Requested by
Host: qbe.zycus.com
URL: https://qbe.zycus.com/home/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba4b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
7f06def529e0076b37f65c60085a6b1c65f1bbab0b1f87c72c188018b5094966

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qbe.zycus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 10:38:40 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Aug 2018 18:25:26 GMT
Server
Apache
ETag
"15de19f42b35806faf815298644157e0:1535653526"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=43200
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
4826
isLogin
qbe.zycus.com/home/api/u/tms/auth/ 		652 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://qbe.zycus.com/home/api/u/tms/auth/isLogin
Requested by
Host: qbe.zycus.com
URL: https://qbe.zycus.com/ruxitagentjs_ICA27NVfghqrux_10257221222094147.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.36.164 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-36-164.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b57d40d260664696dcdd11cfb2c135ed620d12c34e7d5d76e565fede2a210edd
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains, max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://qbe.zycus.com/home/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
strict-transport-security
max-age=15552000; includeSubDomains, max-age=31536000
x-content-type-options
nosniff
date
Wed, 01 Mar 2023 10:38:40 GMT
x-permitted-cross-domain-policies
none
buildno
x-dns-prefetch-control
off
server-timing
dtSInfo;desc="0", dtRpid;desc="242231956"
content-length
652
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
referrer-policy
no-referrer
server
nginx
etag
W/"28c-0ejVjofuyXkdZJhaZ9brTqhkhTs:dtagent102572212220941476nHm:dtagent102572212220941476nHm"
expect-ct
max-age=0
x-frame-options
SAMEORIGIN, SAMEORIGIN
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
.zycus.com
x-download-options
noopen
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
version
0.0.0
dd-loader.gif
qbe.zycus.com/home/assets/images/ 		89 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qbe.zycus.com/home/assets/images/dd-loader.gif
Requested by
Host: qbe.zycus.com
URL: https://qbe.zycus.com/home/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.36.164 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-36-164.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qbe.zycus.com/home/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 10:38:40 GMT
last-modified
Mon, 30 Jan 2023 11:55:32 GMT
server
nginx
etag
"63d7b034-16537"
content-type
image/gif
cache-control
public, max-age=31536000
server-timing
dtSInfo;desc="0", dtRpid;desc="540643499"
accept-ranges
bytes
content-length
91447
expires
Thu, 29 Feb 2024 10:38:40 GMT
isDSSO
qbe.zycus.com/home/api/u/tms/users/ 		458 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://qbe.zycus.com/home/api/u/tms/users/isDSSO?requestUrl=https%3A%2F%2Fqbe.zycus.com%2Fhome%2F
Requested by
Host: qbe.zycus.com
URL: https://qbe.zycus.com/ruxitagentjs_ICA27NVfghqrux_10257221222094147.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.36.164 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-36-164.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains, max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://qbe.zycus.com/home/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
strict-transport-security
max-age=15552000; includeSubDomains, max-age=31536000
x-content-type-options
nosniff
date
Wed, 01 Mar 2023 10:38:40 GMT
x-permitted-cross-domain-policies
none
buildno
x-dns-prefetch-control
off
server-timing
dtSInfo;desc="0", dtRpid;desc="1908104345"
content-length
458
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
referrer-policy
no-referrer
server
nginx
etag
W/"1ca-wP3u3n+i5dnXxo2DX7BNAgf4O9E:dtagent102572212220941476nHm:dtagent102572212220941476nHm"
expect-ct
max-age=0
x-frame-options
SAMEORIGIN, SAMEORIGIN
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
.zycus.com
x-download-options
noopen
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
version
0.0.0
login
zauth-admin.zycus.com/auth/realms/ZycusRealm/broker/qbe/
Redirect Chain
  • https://zauth.zycus.com/oauth2/authorize-client/zycusopenid?action=login&Delegated=true&serviceName=https%3A%2F%2Fqbe.zycus.com%2Fhome%2F%3F&kc_idp_hint=qbe
  • https://zauth-admin.zycus.com/auth/realms/ZycusRealm/protocol/openid-connect/auth?response_type=code&client_id=zycusopenid&scope=openid%20email&state=xpWB6yVlUsC7qNS9HaEma3ghGCL3uG0anV0JD6qj0XM%3D&...
  • https://zauth-admin.zycus.com/auth/realms/ZycusRealm/broker/qbe/login?session_code=Hibe1Rs1kWr2VSIHpd8-E11lrDNRByQxnIc10HZ4YrE&client_id=zycusopenid&tab_id=0AwGFb8gAB0
9 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://zauth-admin.zycus.com/auth/realms/ZycusRealm/broker/qbe/login?session_code=Hibe1Rs1kWr2VSIHpd8-E11lrDNRByQxnIc10HZ4YrE&client_id=zycusopenid&tab_id=0AwGFb8gAB0
Requested by
Host: qbe.zycus.com
URL: https://qbe.zycus.com/home/main.8a482b20be2920197254.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
207.211.10.92 Providence, United States, ASN14135 (NAVISITE-EAST-2, US),
Reverse DNS
Software
nginx /
Resource Hash
d284580cc0567deca60baa1f6e59d6999f5ebcf130e3086b3ad13a0b87aae720
Security Headers
Name Value
Content-Security-Policy frame-src 'self'; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qbe.zycus.com/home/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-language
en
content-length
8833
content-security-policy
frame-src 'self'; frame-ancestors 'self'; object-src 'none';
content-type
text/html;charset=utf-8
date
Wed, 01 Mar 2023 10:38:41 GMT
server
nginx
server-timing
dtRpid;desc="-52735136", dtSInfo;desc="0"
strict-transport-security
max-age=31536000; includeSubDomains max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN SAMEORIGIN
x-oneagent-js-injection
true
x-robots-tag
none
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-store, must-revalidate, max-age=0
content-length
0
date
Wed, 01 Mar 2023 10:38:41 GMT
location
https://zauth-admin.zycus.com/auth/realms/ZycusRealm/broker/qbe/login?session_code=Hibe1Rs1kWr2VSIHpd8-E11lrDNRByQxnIc10HZ4YrE&client_id=zycusopenid&tab_id=0AwGFb8gAB0
server
nginx
server-timing
dtRpid;desc="6970561", dtSInfo;desc="0"
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-frame-options
SAMEORIGIN
x-oneagent-js-injection
true
rb_70e25386-e957-484e-a933-f0a2cdb48780
qbe.zycus.com/ 		121 B
275 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://qbe.zycus.com/rb_70e25386-e957-484e-a933-f0a2cdb48780?type=js3&sn=v_4_srv_1_sn_F5E7BD7D8E72993E7399272CDC0B8739_perc_100000_ol_0_mul_1_app-3A84cadf32af08c79d_1&svrid=1&flavor=post&vi=ARFMSIRBDNNACIBKUIMRJUQBRSBORCBJ-0&modifiedSince=1677644741918&rf=https%3A%2F%2Fqbe.zycus.com%2Fhome%2F&bp=3&app=84cadf32af08c79d&crc=3709338226&en=9zaw02q6&end=1
Requested by
Host: qbe.zycus.com
URL: https://qbe.zycus.com/ruxitagentjs_ICA27NVfghqrux_10257221222094147.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.36.164 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-36-164.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://qbe.zycus.com/home/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=31536000
date
Wed, 01 Mar 2023 10:38:40 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
x-n
S
content-length
121
x-ua-compatible
IE=Edge
ruxitagentjs_ICA27NVafgjqrux_10257221222094147.js
zauth-admin.zycus.com/auth/ 		249 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zauth-admin.zycus.com/auth/ruxitagentjs_ICA27NVafgjqrux_10257221222094147.js
Requested by
Host: zauth-admin.zycus.com
URL: https://zauth-admin.zycus.com/auth/realms/ZycusRealm/broker/qbe/login?session_code=Hibe1Rs1kWr2VSIHpd8-E11lrDNRByQxnIc10HZ4YrE&client_id=zycusopenid&tab_id=0AwGFb8gAB0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
207.211.10.92 Providence, United States, ASN14135 (NAVISITE-EAST-2, US),
Reverse DNS
Software
nginx /
Resource Hash
923959ac0e7011c00c70c4819433b70b0a1052d580463fd1ad3398074e7c2f65
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zauth-admin.zycus.com/auth/realms/ZycusRealm/broker/qbe/login?session_code=Hibe1Rs1kWr2VSIHpd8-E11lrDNRByQxnIc10HZ4YrE&client_id=zycusopenid&tab_id=0AwGFb8gAB0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 10:38:41 GMT
content-encoding
gzip
strict-transport-security
max-age=63072000; includeSubdomains; preload
last-modified
Wed, 03 Mar 2010 07:01:40 GMT
server
nginx
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=31536000, immutable
content-length
95593
expires
Thu, 29 Feb 2024 10:38:41 GMT
patternfly.css
zauth-admin.zycus.com/auth/resources/7.0.0/login/keycloak/node_modules/patternfly/dist/css/ 		214 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://zauth-admin.zycus.com/auth/resources/7.0.0/login/keycloak/node_modules/patternfly/dist/css/patternfly.css
Requested by
Host: zauth-admin.zycus.com
URL: https://zauth-admin.zycus.com/auth/realms/ZycusRealm/broker/qbe/login?session_code=Hibe1Rs1kWr2VSIHpd8-E11lrDNRByQxnIc10HZ4YrE&client_id=zycusopenid&tab_id=0AwGFb8gAB0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
207.211.10.92 Providence, United States, ASN14135 (NAVISITE-EAST-2, US),
Reverse DNS
Software
nginx /
Resource Hash
0a40b3b2ff66e275054bcb357b43c2fa33c6874dfc251536ffc9b73aba441bb4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zauth-admin.zycus.com/auth/realms/ZycusRealm/broker/qbe/login?session_code=Hibe1Rs1kWr2VSIHpd8-E11lrDNRByQxnIc10HZ4YrE&client_id=zycusopenid&tab_id=0AwGFb8gAB0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 10:38:41 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-encoding
gzip
server
nginx
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css;charset=UTF-8
x-oneagent-js-injection
true
cache-control
max-age=2592000
server-timing
dtSInfo;desc="0", dtRpid;desc="-1209857934"
patternfly-additions.css
zauth-admin.zycus.com/auth/resources/7.0.0/login/keycloak/node_modules/patternfly/dist/css/ 		228 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://zauth-admin.zycus.com/auth/resources/7.0.0/login/keycloak/node_modules/patternfly/dist/css/patternfly-additions.css
Requested by
Host: zauth-admin.zycus.com
URL: https://zauth-admin.zycus.com/auth/realms/ZycusRealm/broker/qbe/login?session_code=Hibe1Rs1kWr2VSIHpd8-E11lrDNRByQxnIc10HZ4YrE&client_id=zycusopenid&tab_id=0AwGFb8gAB0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
207.211.10.92 Providence, United States, ASN14135 (NAVISITE-EAST-2, US),
Reverse DNS
Software
nginx /
Resource Hash
7e77fcc753baca61311f1708f06c79d8af592f5a2e3c80dc014e36c292c1e954
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zauth-admin.zycus.com/auth/realms/ZycusRealm/broker/qbe/login?session_code=Hibe1Rs1kWr2VSIHpd8-E11lrDNRByQxnIc10HZ4YrE&client_id=zycusopenid&tab_id=0AwGFb8gAB0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 10:38:41 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-encoding
gzip
server
nginx
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css;charset=UTF-8
x-oneagent-js-injection
true
cache-control
max-age=2592000
zocial.css
zauth-admin.zycus.com/auth/resources/7.0.0/login/keycloak/lib/zocial/ 		43 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://zauth-admin.zycus.com/auth/resources/7.0.0/login/keycloak/lib/zocial/zocial.css
Requested by
Host: zauth-admin.zycus.com
URL: https://zauth-admin.zycus.com/auth/realms/ZycusRealm/broker/qbe/login?session_code=Hibe1Rs1kWr2VSIHpd8-E11lrDNRByQxnIc10HZ4YrE&client_id=zycusopenid&tab_id=0AwGFb8gAB0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
207.211.10.92 Providence, United States, ASN14135 (NAVISITE-EAST-2, US),
Reverse DNS
Software
nginx /
Resource Hash
bae41ff593e0cfd5d25ce72edf6731524c8eb91c21e4757ce725e01dafceddb5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zauth-admin.zycus.com/auth/realms/ZycusRealm/broker/qbe/login?session_code=Hibe1Rs1kWr2VSIHpd8-E11lrDNRByQxnIc10HZ4YrE&client_id=zycusopenid&tab_id=0AwGFb8gAB0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 10:38:41 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-encoding
gzip
server
nginx
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css;charset=UTF-8
x-oneagent-js-injection
true
cache-control
max-age=2592000
server-timing
dtSInfo;desc="0", dtRpid;desc="-117373771"
login.css
zauth-admin.zycus.com/auth/resources/7.0.0/login/keycloak/css/ 		7 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://zauth-admin.zycus.com/auth/resources/7.0.0/login/keycloak/css/login.css
Requested by
Host: zauth-admin.zycus.com
URL: https://zauth-admin.zycus.com/auth/realms/ZycusRealm/broker/qbe/login?session_code=Hibe1Rs1kWr2VSIHpd8-E11lrDNRByQxnIc10HZ4YrE&client_id=zycusopenid&tab_id=0AwGFb8gAB0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
207.211.10.92 Providence, United States, ASN14135 (NAVISITE-EAST-2, US),
Reverse DNS
Software
nginx /
Resource Hash
d3d488b75ee902649cd6fa61f05b6b882e0270f8b07e09bd48c72b6910b79643
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zauth-admin.zycus.com/auth/realms/ZycusRealm/broker/qbe/login?session_code=Hibe1Rs1kWr2VSIHpd8-E11lrDNRByQxnIc10HZ4YrE&client_id=zycusopenid&tab_id=0AwGFb8gAB0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 10:38:41 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
server
nginx
x-frame-options
SAMEORIGIN
content-type
text/css;charset=UTF-8
x-oneagent-js-injection
true
cache-control
max-age=2592000
content-length
7227
keycloak-bg.png
zauth-admin.zycus.com/auth/resources/7.0.0/login/keycloak/img/ 		80 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zauth-admin.zycus.com/auth/resources/7.0.0/login/keycloak/img/keycloak-bg.png
Requested by
Host: zauth-admin.zycus.com
URL: https://zauth-admin.zycus.com/auth/resources/7.0.0/login/keycloak/css/login.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
207.211.10.92 Providence, United States, ASN14135 (NAVISITE-EAST-2, US),
Reverse DNS
Software
nginx /
Resource Hash
0825175291be11f7689e8718295e422bb6fa4f8fefccc5610292b720c701ac4e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zauth-admin.zycus.com/auth/resources/7.0.0/login/keycloak/css/login.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-oneagent-js-injection
true
date
Wed, 01 Mar 2023 10:38:42 GMT
cache-control
max-age=2592000
strict-transport-security
max-age=63072000; includeSubdomains; preload
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/png
OpenSans-Regular-webfont.woff2
zauth-admin.zycus.com/auth/resources/7.0.0/login/keycloak/node_modules/patternfly/dist/fonts/ 		61 KB
61 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://zauth-admin.zycus.com/auth/resources/7.0.0/login/keycloak/node_modules/patternfly/dist/fonts/OpenSans-Regular-webfont.woff2
Requested by
Host: zauth-admin.zycus.com
URL: https://zauth-admin.zycus.com/auth/resources/7.0.0/login/keycloak/node_modules/patternfly/dist/css/patternfly.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
207.211.10.92 Providence, United States, ASN14135 (NAVISITE-EAST-2, US),
Reverse DNS
Software
nginx /
Resource Hash
3cfb28778895d6adca324710b2000c6e15ef5a7b88d461f39b29ff6fb877b778
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://zauth-admin.zycus.com/auth/resources/7.0.0/login/keycloak/node_modules/patternfly/dist/css/patternfly.css
Origin
https://zauth-admin.zycus.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 10:38:42 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
server
nginx
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
x-oneagent-js-injection
true
cache-control
max-age=2592000
server-timing
dtSInfo;desc="0", dtRpid;desc="1314488808", dtTao;desc="1"
timing-allow-origin
*
OpenSans-Light-webfont.woff2
zauth-admin.zycus.com/auth/resources/7.0.0/login/keycloak/node_modules/patternfly/dist/fonts/ 		62 KB
62 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://zauth-admin.zycus.com/auth/resources/7.0.0/login/keycloak/node_modules/patternfly/dist/fonts/OpenSans-Light-webfont.woff2
Requested by
Host: zauth-admin.zycus.com
URL: https://zauth-admin.zycus.com/auth/resources/7.0.0/login/keycloak/node_modules/patternfly/dist/css/patternfly.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
207.211.10.92 Providence, United States, ASN14135 (NAVISITE-EAST-2, US),
Reverse DNS
Software
nginx /
Resource Hash
19edd2b018063320559188548b225aa63914bbc90fb756bc26872db1669e89f0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://zauth-admin.zycus.com/auth/resources/7.0.0/login/keycloak/node_modules/patternfly/dist/css/patternfly.css
Origin
https://zauth-admin.zycus.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 10:38:42 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
server
nginx
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
x-oneagent-js-injection
true
cache-control
max-age=2592000
server-timing
dtRpid;desc="-416100418", dtTao;desc="1", dtSInfo;desc="0"
timing-allow-origin
*
rb_70e25386-e957-484e-a933-f0a2cdb48780
zauth-admin.zycus.com/auth/ 		113 B
284 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://zauth-admin.zycus.com/auth/rb_70e25386-e957-484e-a933-f0a2cdb48780?type=js3&sn=v_4_srv_1_sn_F5E7BD7D8E72993E7399272CDC0B8739_perc_100000_ol_0_mul_1_app-3A84cadf32af08c79d_1_app-3Ae03aff2debe058b5_1&svrid=1&flavor=post&vi=ARFMSIRBDNNACIBKUIMRJUQBRSBORCBJ-0&modifiedSince=1677644741918&rf=https%3A%2F%2Fzauth-admin.zycus.com%2Fauth%2Frealms%2FZycusRealm%2Fbroker%2Fqbe%2Flogin%3Fsession_code%3DHibe1Rs1kWr2VSIHpd8-E11lrDNRByQxnIc10HZ4YrE%26client_id%3Dzycusopenid%26tab_id%3D0AwGFb8gAB0&bp=3&app=e03aff2debe058b5&crc=3634341602&en=9zaw02q6&end=1
Requested by
Host: zauth-admin.zycus.com
URL: https://zauth-admin.zycus.com/auth/ruxitagentjs_ICA27NVafgjqrux_10257221222094147.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
207.211.10.92 Providence, United States, ASN14135 (NAVISITE-EAST-2, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://zauth-admin.zycus.com/auth/realms/ZycusRealm/broker/qbe/login?session_code=Hibe1Rs1kWr2VSIHpd8-E11lrDNRByQxnIc10HZ4YrE&client_id=zycusopenid&tab_id=0AwGFb8gAB0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 01 Mar 2023 10:38:42 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
server
nginx
content-length
113
x-frame-options
SAMEORIGIN
content-type
text/plain;charset=utf-8
saml2
login.microsoftonline.com/ce56fae6-055d-4c9f-b6c9-9d341506a491/ 		158 KB
59 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/ce56fae6-055d-4c9f-b6c9-9d341506a491/saml2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.154.17 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
898c58c1aea3effeaf7441eb5a826329e69e74b1b384ae8c4b2245fb86637c4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://zauth-admin.zycus.com
Referer
https://zauth-admin.zycus.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
59251
Content-Type
text/html; charset=utf-8
Date
Wed, 01 Mar 2023 10:38:43 GMT
Expires
-1
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+wst"}]}
x-ms-ests-server
2.1.14649.20 - EUS ProdSlices
x-ms-request-id
a9b1a57a-fad5-4e9f-91dc-2a972d250800
Primary Request saml2
login.microsoftonline.com/ce56fae6-055d-4c9f-b6c9-9d341506a491/ 		200 KB
52 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/ce56fae6-055d-4c9f-b6c9-9d341506a491/saml2?sso_reload=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.154.17 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
10e59e4cf132ab78043d39892d3bb040d5d2c4dcc3706948e61e24690b74d85a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://login.microsoftonline.com
Referer
https://login.microsoftonline.com/ce56fae6-055d-4c9f-b6c9-9d341506a491/saml2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
51512
Content-Type
text/html; charset=utf-8
Date
Wed, 01 Mar 2023 10:38:44 GMT
Expires
-1
Link
<https://aadcdn.msauth.net>; rel=preconnect; crossorigin <https://aadcdn.msauth.net>; rel=dns-prefetch <https://aadcdn.msftauth.net>; rel=dns-prefetch
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
on
X-Frame-Options
DENY
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+wst"}]}
x-ms-ests-server
2.1.14649.20 - EUS ProdSlices
x-ms-request-id
284c88f7-f2f5-481b-a4ee-e331e3270d00
ConvergedLogin_PCore_2y56dY7EZ4K0Z5BmC6OMyg2.js
aadcdn.msauth.net/shared/1.0/content/js/ 		401 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_2y56dY7EZ4K0Z5BmC6OMyg2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/ce56fae6-055d-4c9f-b6c9-9d341506a491/saml2?sso_reload=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4e:1::69 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b12e862a8e4489c99304a04d61f61b08995f47699811ab785f791374805f5f12

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 01 Mar 2023 10:38:43 GMT
content-encoding
gzip
x-azure-ref-originshield
0ws3+YwAAAACSlZASpJT8Qb/DB2SJDIFHRlJBMjMxMDUwNDE3MDMxADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
hr0cDEuDmS74/sss2l7JXQ==
x-cache
TCP_HIT
content-length
113908
x-ms-lease-status
unlocked
last-modified
Fri, 10 Feb 2023 02:38:07 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB0B0FD7BEBD2F
x-azure-ref
0NCv/YwAAAAA2JmROo+74Qra4UMmhp2FMRlJBMzFFREdFMDQwNgAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
389fd842-d01e-0006-60f1-4acd7f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
Me.htm
login.live.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://login.live.com/Me.htm?v=3
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/ce56fae6-055d-4c9f-b6c9-9d341506a491/saml2?sso_reload=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.159.69 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers
convergedlogin_pcustomizationloader_086a128d5c29a4968a7b.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ 		107 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_086a128d5c29a4968a7b.js
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_2y56dY7EZ4K0Z5BmC6OMyg2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4e:1::69 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
397f77ce4d1850a7f7988228df747be85fd05fd39378e75dd6b415c0a4ff694a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 01 Mar 2023 10:38:43 GMT
content-encoding
gzip
x-azure-ref-originshield
0gKD+YwAAAADOXCKycxRAT541vLBAZFQKRlJBMjMxMDUwNDE4MDIxADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
8ICF9qFMKUOBDjwyCYq/PQ==
x-cache
TCP_HIT
content-length
32190
x-ms-lease-status
unlocked
last-modified
Tue, 17 Jan 2023 23:52:08 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAF8E5D82BF94C
x-azure-ref
0NCv/YwAAAAD6Dum2SHYdRoKRrsFy39q7RlJBMzFFREdFMDQxNwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
bbe9dbb0-601e-0081-43c5-4a4b24000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ 		0
20 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/ce56fae6-055d-4c9f-b6c9-9d341506a491/saml2?sso_reload=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4e:1::69 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 01 Mar 2023 10:38:43 GMT
content-encoding
gzip
x-azure-ref-originshield
0BQz9YwAAAAAUgFMHwCaATa2wuSu+mIV5RlJBMjMxMDUwNDE4MDIxADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
9K2/nGCj75WAmmAI9nZNCA==
x-cache
TCP_HIT
content-length
19970
x-ms-lease-status
unlocked
last-modified
Thu, 04 Aug 2022 19:37:00 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA7650B37ACC3D
x-azure-ref
0NCv/YwAAAADh3MnBmNLNT6vczXoGnsd9RlJBMzFFREdFMDQxNwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
96b240d2-201e-0001-72d2-4a1c71000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
ux.converged.login.strings-de.min_ohljixxvakjaqkintkumjg2.js
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ 		0
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-de.min_ohljixxvakjaqkintkumjg2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/ce56fae6-055d-4c9f-b6c9-9d341506a491/saml2?sso_reload=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4e:1::69 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 01 Mar 2023 10:38:43 GMT
content-encoding
gzip
x-azure-ref-originshield
0mNb8YwAAAAAK7/fiaoEfTLpeO/RmrnuKRlJBMjMxMDUwNDE3MDM3ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
o1/rFbsTFiIvaHxjFATcuQ==
x-cache
TCP_HIT
content-length
15221
x-ms-lease-status
unlocked
last-modified
Wed, 18 Jan 2023 23:28:44 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAF9ABBD800A6D
x-azure-ref
0NCv/YwAAAADnXUS5YbiJQbULR5v6fKIGRlJBMzFFREdFMDQxNwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
1ab82857-101e-0062-4154-402355000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
convergedlogin_pfetchsessionsprogress_befe0f249641abeb26ae.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_befe0f249641abeb26ae.js
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_2y56dY7EZ4K0Z5BmC6OMyg2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4e:1::69 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
7cef1555f26026f2ebc658740622375ba51a72f991dd181f5adf454711dbe976

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 01 Mar 2023 10:38:43 GMT
content-encoding
gzip
x-azure-ref-originshield
0ETv9YwAAAACFB43Wf/OaS71AsanH0s3mRlJBMjMxMDUwNDE3MDM1ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
1o9NAo6wtV6ONRo2Q1n2lw==
x-cache
TCP_HIT
content-length
5530
x-ms-lease-status
unlocked
last-modified
Tue, 17 Jan 2023 23:52:08 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAF8E5D8800068
x-azure-ref
0NCv/YwAAAAA/tLOY7YWORYCyeBhKJCqIRlJBMzFFREdFMDQxNwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
4770a0ba-d01e-003a-38f9-4a1877000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
marching_ants_white_166de53471265253ab3a456defe6da23.gif
aadcdn.msauth.net/shared/1.0/content/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/marching_ants_white_166de53471265253ab3a456defe6da23.gif
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4e:1::69 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 01 Mar 2023 10:38:43 GMT
x-azure-ref-originshield
0aQP9YwAAAADErhyGc2V0SoCJUmHkYyFeRlJBMjMxMDUwNDE4MDA5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
Fm3lNHEmUlOrOkVt7+baIw==
x-cache
TCP_HIT
content-length
2672
x-ms-lease-status
unlocked
last-modified
Fri, 17 Jan 2020 19:28:37 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D79B83739984DD
x-azure-ref
0NCv/YwAAAAADBqOFRaV5S6NQb3KF4pJmRlJBMzFFREdFMDQxNwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
192233e7-501e-004a-0961-3bea77000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
aadcdn.msauth.net/shared/1.0/content/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4e:1::69 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 01 Mar 2023 10:38:43 GMT
x-azure-ref-originshield
06gv9YwAAAABwwS/uqphFSJ8swkwYFlkURlJBMjMxMDUwNDE4MDA5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
tUCo5RgDcZLjLE/li/Lbqw==
x-cache
TCP_HIT
content-length
3620
x-ms-lease-status
unlocked
last-modified
Fri, 17 Jan 2020 19:28:38 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D79B8373B17F89
x-azure-ref
0NCv/YwAAAAABB+mgLb6oRKHgqWcBpJmBRlJBMzFFREdFMDQxNwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
36c45e2c-001e-0013-3ee3-42fa57000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
2_bc3d32a696895f78c19df6c717586a5d.svg
aadcdn.msauth.net/shared/1.0/content/images/backgrounds/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4e:1::69 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 01 Mar 2023 10:38:43 GMT
content-encoding
gzip
x-azure-ref-originshield
0EQP+YwAAAABBhoEP3qawQ7NwOLoovSaTRlJBMjMxMDUwNDE4MDUzADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
DhdidjYrlCeaRJJRG/y9mA==
x-cache
TCP_HIT
content-length
673
x-ms-lease-status
unlocked
last-modified
Wed, 12 Feb 2020 22:01:30 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D7B0071D86E386
x-azure-ref
0NCv/YwAAAACXhh1c/eveToub9EFGKdFARlJBMzFFREdFMDQxNwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
19aae3e8-201e-0045-66c8-4a6368000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
bannerlogo
aadcdn.msauthimages.net/dbd5a2dd-iin1ylrugg5jt2iumz3a1vjxvjzds72dcsgsxvahkvg/logintenantbranding/0/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauthimages.net/dbd5a2dd-iin1ylrugg5jt2iumz3a1vjxvjzds72dcsgsxvahkvg/logintenantbranding/0/bannerlogo?ts=636882709058508462
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.73 -, , ASN (),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
088563ce800fc91ca8a141c85d2d18737c6e9928e9292d98c8756786011630fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 01 Mar 2023 10:38:44 GMT
last-modified
Fri, 15 Mar 2019 18:21:46 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
wSsDPzz9gjpOUgbBNkdmIA==
etag
0x8D6A9731569B348
vary
Origin
content-type
image/*
x-ms-request-id
b8862bd4-701e-00e6-6929-4c91a9000000
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
7079
marching_ants_white_166de53471265253ab3a456defe6da23.gif
aadcdn.msauth.net/shared/1.0/content/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/marching_ants_white_166de53471265253ab3a456defe6da23.gif
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_2y56dY7EZ4K0Z5BmC6OMyg2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4e:1::69 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 01 Mar 2023 10:38:43 GMT
x-azure-ref-originshield
0aQP9YwAAAADErhyGc2V0SoCJUmHkYyFeRlJBMjMxMDUwNDE4MDA5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
Fm3lNHEmUlOrOkVt7+baIw==
x-cache
TCP_HIT
content-length
2672
x-ms-lease-status
unlocked
last-modified
Fri, 17 Jan 2020 19:28:37 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D79B83739984DD
x-azure-ref
0NCv/YwAAAAB3mAmvH1MpTK1SWjymGcI3RlJBMzFFREdFMDQxNwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
192233e7-501e-004a-0961-3bea77000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
aadcdn.msauth.net/shared/1.0/content/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_2y56dY7EZ4K0Z5BmC6OMyg2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4e:1::69 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 01 Mar 2023 10:38:43 GMT
x-azure-ref-originshield
06gv9YwAAAABwwS/uqphFSJ8swkwYFlkURlJBMjMxMDUwNDE4MDA5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
tUCo5RgDcZLjLE/li/Lbqw==
x-cache
TCP_HIT
content-length
3620
x-ms-lease-status
unlocked
last-modified
Fri, 17 Jan 2020 19:28:38 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D79B8373B17F89
x-azure-ref
0NCv/YwAAAAD/eQwbKfKvRKN9We4GYqm7RlJBMzFFREdFMDQxNwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
36c45e2c-001e-0013-3ee3-42fa57000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
ssoprobe
autologon.microsoftazuread-sso.com/ce56fae6-055d-4c9f-b6c9-9d341506a491/winauth/ 		12 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://autologon.microsoftazuread-sso.com/ce56fae6-055d-4c9f-b6c9-9d341506a491/winauth/ssoprobe?client-request-id=ceb739ba-fd18-4e14-9d81-18e2dacff514&_=1677667124632
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1026:3000:d0:: -, , ASN (),
Reverse DNS
Software
/
Resource Hash
d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 10:38:44 GMT
X-Content-Type-Options
nosniff
WWW-Authenticate
Negotiate
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Content-Length
12
X-XSS-Protection
0
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Vary
Origin
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png; charset=utf-8
Access-Control-Allow-Origin
https://login.microsoftonline.com
x-ms-request-id
f4c98dd2-c33c-4271-9fa7-abd3b7500d00
Cache-Control
no-store, no-cache
Access-Control-Allow-Credentials
true
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub2"}]}
x-ms-ests-server
2.1.14649.20 - EUS ProdSlices
Expires
-1
dssostatus
login.microsoftonline.com/common/instrumentation/ 		264 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/common/instrumentation/dssostatus
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_2y56dY7EZ4K0Z5BmC6OMyg2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.154.17 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
080ecc19ab7ce9dbf0d8f32a42255101440823cf02a7a25aa3a1b3b9a18cd06d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

hpgrequestid
284c88f7-f2f5-481b-a4ee-e331e3270d00
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
client-request-id
ceb739ba-fd18-4e14-9d81-18e2dacff514
canary
AQABAAAAAAD--DLA3VO7QrddgJg7WevrCrCMhHlaAtuOISJvoqGn0kIRS99rnZfmC1rKo0dzw5K7fJgfz6Ceu2QO2rgyDWkORsFss1JH9CrENdmER_nhFW2zTEjtNLTK8JoQQi8RyMze60ympjHFgy6Vq-YYJeT9JGSnzx5ls93CbgI4rOZTjxyQjqWcXH9UajiQs3sR76j4cmSw0_CbEb6M5d4szUUecFXt5YY1KnRLIucd2C-i9SAA
Content-type
application/json; charset=UTF-8
hpgid
1104
Accept
application/json
Referer
https://login.microsoftonline.com/ce56fae6-055d-4c9f-b6c9-9d341506a491/saml2?sso_reload=true
hpgact
1900

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Wed, 01 Mar 2023 10:38:44 GMT
X-Content-Type-Options
nosniff
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
client-request-id
ceb739ba-fd18-4e14-9d81-18e2dacff514
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Content-Length
264
X-XSS-Protection
0
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Access-Control-Allow-Methods
POST, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://autologon.microsoftazuread-sso.com/
x-ms-request-id
fa428631-3575-4ec4-aa44-52998106bc00
Cache-Control
no-store, no-cache
Access-Control-Allow-Credentials
true
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+wst"}]}
x-ms-ests-server
2.1.14649.20 - SCUS ProdSlices
Expires
-1
convergedlogin_pstringcustomizationhelper_f53bef4ba0ed443dd8c9.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ 		111 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_f53bef4ba0ed443dd8c9.js
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_2y56dY7EZ4K0Z5BmC6OMyg2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4e:1::69 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
0c15268fe179052bffdf2a3d26f41e6acb3bbb6ddb08bb9614b2e6b7878f02b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 01 Mar 2023 10:38:43 GMT
content-encoding
gzip
x-azure-ref-originshield
0uxT9YwAAAABbpEdhEruHRr+5VqHMoWp2RlJBMjMxMDUwNDE3MDIxADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
pkqYz65/eisZkYX+719VTw==
x-cache
TCP_HIT
content-length
35789
x-ms-lease-status
unlocked
last-modified
Tue, 17 Jan 2023 23:52:09 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAF8E5D9106B61
x-azure-ref
0NCv/YwAAAADPmBV0bIvNS6xDpa83JXQSRlJBMzFFREdFMDQxNwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
8a72b4e9-801e-0073-243e-40b875000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
signin-options_4e48046ce74f4b89d45037c90576bfac.svg
aadcdn.msauth.net/shared/1.0/content/images/ 		2 KB
953 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4e:1::69 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 01 Mar 2023 10:38:44 GMT
content-encoding
gzip
x-azure-ref-originshield
0s6D+YwAAAAD26Ny0ctWvSIGk7kKtem51RlJBMjMxMDUwNDE3MDQ5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
R2FAVxfpONfnQAuxVxXbHg==
x-cache
TCP_HIT
content-length
621
x-ms-lease-status
unlocked
last-modified
Tue, 10 Nov 2020 03:41:24 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D8852A7FA6B761
x-azure-ref
0NCv/YwAAAAC4BA7GansnQb0ygbfVC+cjRlJBMzFFREdFMDQxNwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
a5719a30-701e-0048-18c6-4abc73000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository object| Telemetry object| telemetry_webpackJsonp boolean| __ConvergedLogin_PCore boolean| __

22 Cookies

Domain/Path Name / Value
zauth-admin.zycus.com/auth/realms/ZycusRealm/ Name: AUTH_SESSION_ID
Value: e271249c-fb2f-4e1e-bdd9-36b75eddd937.122
zauth-admin.zycus.com/auth/realms/ZycusRealm/ Name: KC_RESTART
Value: eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJlYWNhNjE1Zi1jNDk3LTQzNTQtODBmZi05YmZlMzMxYWZmNzMifQ.eyJjaWQiOiJ6eWN1c29wZW5pZCIsInB0eSI6Im9wZW5pZC1jb25uZWN0IiwicnVyaSI6Imh0dHBzOi8vemF1dGguenljdXMuY29tL2xvZ2luL29hdXRoMi9jb2RlL3p5Y3Vzb3BlbmlkIiwiYWN0IjoiQVVUSEVOVElDQVRFIiwibm90ZXMiOnsic2NvcGUiOiJvcGVuaWQgZW1haWwiLCJpc3MiOiJodHRwczovL3phdXRoLWFkbWluLnp5Y3VzLmNvbS9hdXRoL3JlYWxtcy9aeWN1c1JlYWxtIiwicmVzcG9uc2VfdHlwZSI6ImNvZGUiLCJyZWRpcmVjdF91cmkiOiJodHRwczovL3phdXRoLnp5Y3VzLmNvbS9sb2dpbi9vYXV0aDIvY29kZS96eWN1c29wZW5pZCIsInN0YXRlIjoieHBXQjZ5VmxVc0M3cU5TOUhhRW1hM2doR0NMM3VHMGFuVjBKRDZxajBYTT0iLCJrY19pZHBfaGludCI6InFiZSJ9fQ.2GB-DCLd3hwjqc2Ygrr0Of_ALdag5pbMdBQdiPLvGXo
.zycus.com/ Name: rxVisitor
Value: 1677667119131C0K7E7IJDKHE9UPGT3NOPP29L443PVEP
.zycus.com/ Name: isDelegatedSSO
Value: true
.zycus.com/ Name: BRIDGE_URL
Value: https%3A%2F%2Fzauth.zycus.com
.zycus.com/ Name: ZAUTH_REDIRECT_URL
Value: https%3A%2F%2Fqbe.zycus.com%2Fhome%2F
.zycus.com/ Name: logoutURL
Value: https%3A%2F%2Fzauth.zycus.com%2Fsession%2Flogout
.zycus.com/ Name: dtCookie
Value: v_4_srv_1_sn_F5E7BD7D8E72993E7399272CDC0B8739_perc_100000_ol_0_mul_1_app-3A84cadf32af08c79d_1_app-3Ae03aff2debe058b5_1
zauth.zycus.com/ Name: JSESSIONID
Value: 73CEA2CCBEF2BD2F693C8CBD20EE4E68
zauth-admin.zycus.com/ Name: SERVERID
Value: kc01
.zycus.com/ Name: dtLatC
Value: 340
.zycus.com/ Name: rxvt
Value: 1677668922685|1677667119133
.zycus.com/ Name: dtPC
Value: 1$67122443_362h-vARFMSIRBDNNACIBKUIMRJUQBRSBORCBJ-0e0
.zycus.com/ Name: dtSa
Value: false%7C_load_%7C2%7C_onload_%7C-%7C1677667122685%7C67122443_362%7Chttps%3A%2F%2Fzauth-admin.zycus.com%2Fauth%2Frealms%2FZycusRealm%2Fbroker%2Fqbe%2Flogin%3Fsession_5Fcode%3DHibe1Rs1kWr2VSIHpd8-E11lrDNRByQxnIc10HZ4YrE%26client_5Fid%3Dzycusopenid%26tab_5Fid%3D0AwGFb8gAB0%7C%7C%7C%7C
login.microsoftonline.com/ Name: x-ms-gateway-slice
Value: estsfd
login.microsoftonline.com/ Name: stsservicecookie
Value: estsfd
.login.microsoftonline.com/ Name: AADSSO
Value: NA|NoExtension
login.microsoftonline.com/ Name: SSOCOOKIEPULLED
Value: 1
login.microsoftonline.com/ Name: buid
Value: 0.ARMA5vpWzl0Fn0y2yZ00FQakkVpZ-iZszRlDuteCQwnXGeITAAA.AQABAAEAAAD--DLA3VO7QrddgJg7WevrT83eekUxLL4kY6NASstzA_R2nsLi3cRdmG-Gb_JN7kfNJXsB5eAEGEWA-sO1YGahNUmNW93xEGAGqA2EdIMuUhaWwM8_i0ess4ePPqV8PzIgAA
login.microsoftonline.com/ Name: fpc
Value: AlE_lhplDN9PlrsxU6J5M2cdK8ExAQAAADMikdsOAAAA
.login.microsoftonline.com/ Name: esctx
Value: PAQABAAEAAAD--DLA3VO7QrddgJg7WevrJgJbtTlYOORUeMgh503cUNGjB2GAGWnDvSeswdo4xiraO83V3bLPTvrcIiVSZChT-SXwxBEdHy7UmsEb8SlTSiGAt_KBk59lhLhHQI30QCD04pR9YV4qLr2BWdo3pLqaICKCn6ZJC-gomhRdW3iv1Uko59tipdX5vNFXtT1C1fsgAA
.login.microsoftonline.com/ Name: brcap
Value: 0

1 Console Messages

Source Level URL
Text
network error URL: https://autologon.microsoftazuread-sso.com/ce56fae6-055d-4c9f-b6c9-9d341506a491/winauth/ssoprobe?client-request-id=ceb739ba-fd18-4e14-9d81-18e2dacff514&_=1677667124632
Message:
Failed to load resource: the server responded with a status of 401 (Unauthorized)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msauth.net
aadcdn.msauthimages.net
autologon.microsoftazuread-sso.com
ds-aksb-a.akamaihd.net
login.live.com
login.microsoftonline.com
qbe.zycus.com
zauth-admin.zycus.com
zauth.zycus.com
152.199.4.73
20.190.154.17
20.190.159.69
207.211.10.92
2603:1026:3000:d0::
2620:1ec:4e:1::69
2a02:26f0:6c00::210:ba4b
92.123.36.164
080ecc19ab7ce9dbf0d8f32a42255101440823cf02a7a25aa3a1b3b9a18cd06d
0825175291be11f7689e8718295e422bb6fa4f8fefccc5610292b720c701ac4e
088563ce800fc91ca8a141c85d2d18737c6e9928e9292d98c8756786011630fe
0a40b3b2ff66e275054bcb357b43c2fa33c6874dfc251536ffc9b73aba441bb4
0c15268fe179052bffdf2a3d26f41e6acb3bbb6ddb08bb9614b2e6b7878f02b3
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
10e59e4cf132ab78043d39892d3bb040d5d2c4dcc3706948e61e24690b74d85a
19edd2b018063320559188548b225aa63914bbc90fb756bc26872db1669e89f0
1d5b7c64458f4af91dcfee0354be47adde1f739b5aded03a7ab6068a1bb6ca97
1f2bda8df86b24dd92379a406bec6df051fe020d3beb9082473618b4abab853e
397f77ce4d1850a7f7988228df747be85fd05fd39378e75dd6b415c0a4ff694a
3cfb28778895d6adca324710b2000c6e15ef5a7b88d461f39b29ff6fb877b778
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
54eed4761f8a91ebc80e49f3182e13e055e412464571278d015ffe3b7f79ab11
7c6fe2e2441814a5c6f4d955a582bc81d6af39d6d3350041dd9029b659d145b6
7cef1555f26026f2ebc658740622375ba51a72f991dd181f5adf454711dbe976
7e77fcc753baca61311f1708f06c79d8af592f5a2e3c80dc014e36c292c1e954
7f06def529e0076b37f65c60085a6b1c65f1bbab0b1f87c72c188018b5094966
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d
88c253cfc65cf3324d8a4dc130085d7bc8f57a79313f3a2d5bffecae2eb0fea1
898c58c1aea3effeaf7441eb5a826329e69e74b1b384ae8c4b2245fb86637c4a
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
923959ac0e7011c00c70c4819433b70b0a1052d580463fd1ad3398074e7c2f65
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13
b12e862a8e4489c99304a04d61f61b08995f47699811ab785f791374805f5f12
b57d40d260664696dcdd11cfb2c135ed620d12c34e7d5d76e565fede2a210edd
b99f57e8fcc43577c4f79dbc5b38771db3e4a80c0cbef5cb050642925e5d7f52
bae41ff593e0cfd5d25ce72edf6731524c8eb91c21e4757ce725e01dafceddb5
c50c89524ff1ba3f70a937843c1259d549da25c9642fc0febbf7ddc47c9de962
d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f
d284580cc0567deca60baa1f6e59d6999f5ebcf130e3086b3ad13a0b87aae720
d3d488b75ee902649cd6fa61f05b6b882e0270f8b07e09bd48c72b6910b79643
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8259c6b58837e0aa72bc4d52f562a6ee4350d37eae1aff276991227ea60a223