login.microsoftonline.com Open in urlscan Pro
2603:1026:3000:c8::6 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=veda.gc%40sapiens.com
Effective URL:
https://login.microsoftonline.com/3d918542-68a9-4e89-ac7a-0f74754ddb24/saml2?SAMLRequest=fVLRbtsgFP0Vi3fb2MFgoySSEydapG6zmmwPe4mIf...
Submission: On January 19 via api (January 19th 2024, 4:46:07 am UTC) from IL — Scanned from DE

Summary HTTP 53 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 9 IPs in 4 countries across 9 domains to perform 53 HTTP transactions. The main IP is 2603:1026:3000:c8::6, located in Dublin, Ireland and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.microsoftonline.com. The Cisco Umbrella rank of the primary domain is 11.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on November 28th 2023. Valid for: a year.

This is the only time login.microsoftonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 33	207.54.66.120 207.54.66.120	30238 (AS-IRONP-...) (AS-IRONP-VEGA)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
3	2603:1026:300... 2603:1026:3000:c8::6	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:2800:233... 2606:2800:233:78b9:f44e:2c1f:31aa:d9ef	15133 (EDGECAST) (EDGECAST)
11	2620:1ec:46::45 2620:1ec:46::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	40.126.31.71 40.126.31.71	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2606:2800:233... 2606:2800:233:3d10:442f:fac8:6d32:4c87	15133 (EDGECAST) (EDGECAST)
1	2603:1027:1:1... 2603:1027:1:158::c	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
53	9

33 207.54.66.120 (United States) 1 redirects

ASN30238 (AS-IRONP-VEGA, US)

dh578-euq1.eu.iphmx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2603:1026:3000:c8::6 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.microsoftonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:78b9:f44e:2c1f:31aa:d9ef (United States)

ASN15133 (EDGECAST, US)

aadcdn.msftauth.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

aadcdn.msauth.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.126.31.71 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:233:3d10:442f:fac8:6d32:4c87 (United States)

ASN15133 (EDGECAST, US)

aadcdn.msauthimages.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2603:1027:1:158::c (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

autologon.microsoftazuread-sso.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	iphmx.com 1 redirects dh578-euq1.eu.iphmx.com	8 MB
11	msauth.net aadcdn.msauth.net — Cisco Umbrella Rank: 921	245 KB
3	microsoftonline.com login.microsoftonline.com — Cisco Umbrella Rank: 11	29 KB
2	msauthimages.net aadcdn.msauthimages.net — Cisco Umbrella Rank: 3661	285 KB
1	microsoftazuread-sso.com autologon.microsoftazuread-sso.com — Cisco Umbrella Rank: 1290	1 KB
1	live.com login.live.com — Cisco Umbrella Rank: 63
1	msftauth.net aadcdn.msftauth.net — Cisco Umbrella Rank: 943	48 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	44 KB
0	cisco.com Failed cdn.security.cisco.com Failed
53	9

	Domain	Requested by
33	dh578-euq1.eu.iphmx.com	1 redirects dh578-euq1.eu.iphmx.com
11	aadcdn.msauth.net	login.microsoftonline.com aadcdn.msauth.net
3	login.microsoftonline.com	dh578-euq1.eu.iphmx.com aadcdn.msftauth.net aadcdn.msauth.net
2	aadcdn.msauthimages.net
1	autologon.microsoftazuread-sso.com
1	login.live.com	login.microsoftonline.com
1	aadcdn.msftauth.net	login.microsoftonline.com
1	www.googletagmanager.com	dh578-euq1.eu.iphmx.com
0	cdn.security.cisco.com Failed	dh578-euq1.eu.iphmx.com
53	9

This site contains links to these domains. Also see Links.

Domain
www.microsoft.com
privacy.microsoft.com

Subject Issuer	Validity	Valid
*.eu.iphmx.com HydrantID Server CA O1	`2023-10-16` - `2024-10-15`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA	`2023-11-28` - `2024-11-28`	a year	crt.sh
aadcdn.msftauth.net DigiCert SHA2 Secure Server CA	`2023-12-01` - `2024-12-01`	a year	crt.sh
aadcdn.msauth.net DigiCert SHA2 Secure Server CA	`2023-10-29` - `2024-10-29`	a year	crt.sh
login.live.com DigiCert SHA2 Secure Server CA	`2023-11-10` - `2024-11-10`	a year	crt.sh
aadcdn.msauthimages.net Microsoft Azure TLS Issuing CA 02	`2023-03-08` - `2024-03-02`	a year	crt.sh
autologon.microsoftazuread-sso.com DigiCert SHA2 Secure Server CA	`2023-11-11` - `2024-11-11`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://login.microsoftonline.com/3d918542-68a9-4e89-ac7a-0f74754ddb24/saml2?SAMLRequest=fVLRbtsgFP0Vi3fb2MFgoySSEydapG6zmmwPe4mIfdMg2ZAC7tq%2FH3a2rn1oQUK6h3u555zL3Iq%2Bu%2FJycBd1D48DWBc8952yfLpYoMEoroWVlivRg%2BWu4fvy6x1PI8yvRjvd6A69Kfm8QlgLxkmtULCrFui4KtOEZhWu6IbiVbUut6t1vmEk2yTblG3I0dhjjjEpsuSM3y3WFiTN8wZTNqMzltLMbyiIR%2FB0EgqUsYwWtygjLPVRVhCWpYCCn2Cs57FAnpYnY%2B0AO2WdUM5DOCUhTsKkOGDCCeV49gsFlfdGKuGmqotzV8vjuNMPUkW9bIy2%2Buy06qSCqNF9PGuLJM9IGtJcFCGBvAhFw0SIz8xTIG17Skk8OpaiYK2VhbHz6F0nT96jF97cQK5PTvhHWxRstWlgGtUCnUVnYSRee0%2FlE7wi9d%2BhrKRqpXr4fB6nW5LlXw6HOqy%2F7w8oKP%2FNaGQ19GD2YJ5kAz%2Fu7%2F7rbi8Zy0MYHpMIhkheL%2F3zpBot56MmPhlqlh%2BkzeO3SfPbH%2Fzm2e2qWneyeRml9sJ9TD6JkgmRbXieUjn0QnZl2xqw1ovoOv17bUC4V2fi5a3t%2B9%2B%2B%2FAM%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=M%2FKLtCk4Gm%2FZdWOhocXDLqFXTD0u1zQXaASIdEw6%2Bj6sNIR1zhQfrnR%2FCLuTKm9iGIAfaI8CnLy%2FXR63nSYkjKKzdfg7fT4cjLMW%2Fy5YB7QPkBG%2FJdAh8tji8V%2Bsn9OoAefoSRlzrbwV0I8tHrcMv8tdjpKqSYfqaTYCtY%2BDCmRwbN7jyRAx%2BfQP%2B7reYS1ukAggajXfTCyRK0SwK%2BQav%2BgnmpcVD2ogiTAIhBJCBBAZwb2z9jszg1t2oSPGBsLO9WIMeaU6fCK6PHAm%2BINsuNbyZK6q8Uou%2B0wXQ7L4BjH16zAqeHKc3U4q1wHbikg2N7WO%2Fs1Fq08eZ61XSweTFw%3D%3D&sso_reload=true
Frame ID: 2AF95A6A15CBC1B1F63F7F9B0DB5D4FD
Requests: 53 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bei Ihrem Konto anmelden

Page URL History Show full URLs

https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=veda.gc%40sapiens.com Page URL
https://dh578-euq1.eu.iphmx.com/?ngui=True HTTP 303
https://login.microsoftonline.com/3d918542-68a9-4e89-ac7a-0f74754ddb24/saml2?SAMLRequest=fVLRbtsgFP0Vi3fb2MFgo... Page URL
https://login.microsoftonline.com/3d918542-68a9-4e89-ac7a-0f74754ddb24/saml2?SAMLRequest=fVLRbtsgFP0Vi3fb2MFgo... Page URL

Detected technologies

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

53
Requests

98 %
HTTPS

75 %
IPv6

9
Domains

9
Subdomains

9
IPs

4
Countries

8964 kB
Transfer

9747 kB
Size

16
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.microsoft.com/de-DE/servicesagreement/
Title: Nutzungsbedingungen

Search URL Search Domain Scan URL

URL: https://privacy.microsoft.com/de-DE/privacystatement
Title: Datenschutz und Cookies

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/de-de/corporate/rechtliche-hinweise/impressum.aspx
Title: Haftungsausschluss

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=veda.gc%40sapiens.com Page URL
https://dh578-euq1.eu.iphmx.com/?ngui=True HTTP 303
https://login.microsoftonline.com/3d918542-68a9-4e89-ac7a-0f74754ddb24/saml2?SAMLRequest=fVLRbtsgFP0Vi3fb2MFgoySSEydapG6zmmwPe4mIfdMg2ZAC7tq%2FH3a2rn1oQUK6h3u555zL3Iq%2Bu%2FJycBd1D48DWBc8952yfLpYoMEoroWVlivRg%2BWu4fvy6x1PI8yvRjvd6A69Kfm8QlgLxkmtULCrFui4KtOEZhWu6IbiVbUut6t1vmEk2yTblG3I0dhjjjEpsuSM3y3WFiTN8wZTNqMzltLMbyiIR%2FB0EgqUsYwWtygjLPVRVhCWpYCCn2Cs57FAnpYnY%2B0AO2WdUM5DOCUhTsKkOGDCCeV49gsFlfdGKuGmqotzV8vjuNMPUkW9bIy2%2Buy06qSCqNF9PGuLJM9IGtJcFCGBvAhFw0SIz8xTIG17Skk8OpaiYK2VhbHz6F0nT96jF97cQK5PTvhHWxRstWlgGtUCnUVnYSRee0%2FlE7wi9d%2BhrKRqpXr4fB6nW5LlXw6HOqy%2F7w8oKP%2FNaGQ19GD2YJ5kAz%2Fu7%2F7rbi8Zy0MYHpMIhkheL%2F3zpBot56MmPhlqlh%2BkzeO3SfPbH%2Fzm2e2qWneyeRml9sJ9TD6JkgmRbXieUjn0QnZl2xqw1ovoOv17bUC4V2fi5a3t%2B9%2B%2B%2FAM%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=M%2FKLtCk4Gm%2FZdWOhocXDLqFXTD0u1zQXaASIdEw6%2Bj6sNIR1zhQfrnR%2FCLuTKm9iGIAfaI8CnLy%2FXR63nSYkjKKzdfg7fT4cjLMW%2Fy5YB7QPkBG%2FJdAh8tji8V%2Bsn9OoAefoSRlzrbwV0I8tHrcMv8tdjpKqSYfqaTYCtY%2BDCmRwbN7jyRAx%2BfQP%2B7reYS1ukAggajXfTCyRK0SwK%2BQav%2BgnmpcVD2ogiTAIhBJCBBAZwb2z9jszg1t2oSPGBsLO9WIMeaU6fCK6PHAm%2BINsuNbyZK6q8Uou%2B0wXQ7L4BjH16zAqeHKc3U4q1wHbikg2N7WO%2Fs1Fq08eZ61XSweTFw%3D%3D Page URL
https://login.microsoftonline.com/3d918542-68a9-4e89-ac7a-0f74754ddb24/saml2?SAMLRequest=fVLRbtsgFP0Vi3fb2MFgoySSEydapG6zmmwPe4mIfdMg2ZAC7tq%2FH3a2rn1oQUK6h3u555zL3Iq%2Bu%2FJycBd1D48DWBc8952yfLpYoMEoroWVlivRg%2BWu4fvy6x1PI8yvRjvd6A69Kfm8QlgLxkmtULCrFui4KtOEZhWu6IbiVbUut6t1vmEk2yTblG3I0dhjjjEpsuSM3y3WFiTN8wZTNqMzltLMbyiIR%2FB0EgqUsYwWtygjLPVRVhCWpYCCn2Cs57FAnpYnY%2B0AO2WdUM5DOCUhTsKkOGDCCeV49gsFlfdGKuGmqotzV8vjuNMPUkW9bIy2%2Buy06qSCqNF9PGuLJM9IGtJcFCGBvAhFw0SIz8xTIG17Skk8OpaiYK2VhbHz6F0nT96jF97cQK5PTvhHWxRstWlgGtUCnUVnYSRee0%2FlE7wi9d%2BhrKRqpXr4fB6nW5LlXw6HOqy%2F7w8oKP%2FNaGQ19GD2YJ5kAz%2Fu7%2F7rbi8Zy0MYHpMIhkheL%2F3zpBot56MmPhlqlh%2BkzeO3SfPbH%2Fzm2e2qWneyeRml9sJ9TD6JkgmRbXieUjn0QnZl2xqw1ovoOv17bUC4V2fi5a3t%2B9%2B%2B%2FAM%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=M%2FKLtCk4Gm%2FZdWOhocXDLqFXTD0u1zQXaASIdEw6%2Bj6sNIR1zhQfrnR%2FCLuTKm9iGIAfaI8CnLy%2FXR63nSYkjKKzdfg7fT4cjLMW%2Fy5YB7QPkBG%2FJdAh8tji8V%2Bsn9OoAefoSRlzrbwV0I8tHrcMv8tdjpKqSYfqaTYCtY%2BDCmRwbN7jyRAx%2BfQP%2B7reYS1ukAggajXfTCyRK0SwK%2BQav%2BgnmpcVD2ogiTAIhBJCBBAZwb2z9jszg1t2oSPGBsLO9WIMeaU6fCK6PHAm%2BINsuNbyZK6q8Uou%2B0wXQ7L4BjH16zAqeHKc3U4q1wHbikg2N7WO%2Fs1Fq08eZ61XSweTFw%3D%3D&sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34

https://dh578-euq1.eu.iphmx.com/?ngui=True HTTP 303
https://login.microsoftonline.com/3d918542-68a9-4e89-ac7a-0f74754ddb24/saml2?SAMLRequest=fVLRbtsgFP0Vi3fb2MFgoySSEydapG6zmmwPe4mIfdMg2ZAC7tq%2FH3a2rn1oQUK6h3u555zL3Iq%2Bu%2FJycBd1D48DWBc8952yfLpYoMEoroWVlivRg%2BWu4fvy6x1PI8yvRjvd6A69Kfm8QlgLxkmtULCrFui4KtOEZhWu6IbiVbUut6t1vmEk2yTblG3I0dhjjjEpsuSM3y3WFiTN8wZTNqMzltLMbyiIR%2FB0EgqUsYwWtygjLPVRVhCWpYCCn2Cs57FAnpYnY%2B0AO2WdUM5DOCUhTsKkOGDCCeV49gsFlfdGKuGmqotzV8vjuNMPUkW9bIy2%2Buy06qSCqNF9PGuLJM9IGtJcFCGBvAhFw0SIz8xTIG17Skk8OpaiYK2VhbHz6F0nT96jF97cQK5PTvhHWxRstWlgGtUCnUVnYSRee0%2FlE7wi9d%2BhrKRqpXr4fB6nW5LlXw6HOqy%2F7w8oKP%2FNaGQ19GD2YJ5kAz%2Fu7%2F7rbi8Zy0MYHpMIhkheL%2F3zpBot56MmPhlqlh%2BkzeO3SfPbH%2Fzm2e2qWneyeRml9sJ9TD6JkgmRbXieUjn0QnZl2xqw1ovoOv17bUC4V2fi5a3t%2B9%2B%2B%2FAM%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=M%2FKLtCk4Gm%2FZdWOhocXDLqFXTD0u1zQXaASIdEw6%2Bj6sNIR1zhQfrnR%2FCLuTKm9iGIAfaI8CnLy%2FXR63nSYkjKKzdfg7fT4cjLMW%2Fy5YB7QPkBG%2FJdAh8tji8V%2Bsn9OoAefoSRlzrbwV0I8tHrcMv8tdjpKqSYfqaTYCtY%2BDCmRwbN7jyRAx%2BfQP%2B7reYS1ukAggajXfTCyRK0SwK%2BQav%2BgnmpcVD2ogiTAIhBJCBBAZwb2z9jszg1t2oSPGBsLO9WIMeaU6fCK6PHAm%2BINsuNbyZK6q8Uou%2B0wXQ7L4BjH16zAqeHKc3U4q1wHbikg2N7WO%2Fs1Fq08eZ61XSweTFw%3D%3D

53 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK quarantine Show response
dh578-euq1.eu.iphmx.com/ 5 KB
6 KB 132ms
47ms Document
text/html 207.54.66.120
AS-IRONP-VEGA

General

Check archive.org

Show headers Download Go to

Full URL

https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=veda.gc%40sapiens.com

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

207.54.66.120 , United States, ASN30238 (AS-IRONP-VEGA, US),

Reverse DNS

Software

nginx /

Resource Hash

3ef2866d5cca4f75e3ea8be04ecb58d27a71e5f122a01282e0615c6c9831a0f0

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Security-Policy: default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Content-Type: text/html; charset=UTF-8
Date: Fri, 19 Jan 2024 04:46:02 GMT
Last-Modified: Fri, 10 Nov 2023 13:01:40 GMT
Server: nginx
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 113 KB
44 KB 191ms
65ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js

Requested by

Host: dh578-euq1.eu.iphmx.com
URL: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=veda.gc%40sapiens.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

61bf4c3e7e14309d28ec21cfee62470a88a4b8799fc93b2f9e922708224c6f73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dh578-euq1.eu.iphmx.com:4431/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 04:46:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44296
x-xss-protection: 0
last-modified: Fri, 19 Jan 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 19 Jan 2024 04:46:02 GMT

GET
H/1.1 200
OK 6fe2d8eff3060566fcd8.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/ 172 KB
173 KB 45ms
42ms Font
text/plain 207.54.66.120
AS-IRONP-VEGA

General

Check archive.org

Show headers Download Go to

Full URL

https://dh578-euq1.eu.iphmx.com:4431/quarantine/fonts/6fe2d8eff3060566fcd8.ttf

Requested by

Host: dh578-euq1.eu.iphmx.com
URL: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=veda.gc%40sapiens.com

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

207.54.66.120 , United States, ASN30238 (AS-IRONP-VEGA, US),

Reverse DNS

Software

nginx /

Resource Hash

d13e305faa48324c4dcb6f98fe2409c1d668e42db2607953c3bcdb629dd7689e

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=veda.gc%40sapiens.com
Origin: https://dh578-euq1.eu.iphmx.com:4431
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 19 Jan 2024 04:46:02 GMT
Content-Security-Policy: default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Fri, 10 Nov 2023 13:01:40 GMT
Server: nginx
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: text/plain; charset=UTF-8
Connection: keep-alive
X-XSS-Protection: 0

GET
H/1.1 200
OK 551d61d85642806b1eb4.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/ 175 KB
176 KB 116ms
47ms Font
text/plain 207.54.66.120
AS-IRONP-VEGA

General

Check archive.org

Show headers Download Go to

Full URL

https://dh578-euq1.eu.iphmx.com:4431/quarantine/fonts/551d61d85642806b1eb4.ttf

Requested by

Host: dh578-euq1.eu.iphmx.com
URL: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=veda.gc%40sapiens.com

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

207.54.66.120 , United States, ASN30238 (AS-IRONP-VEGA, US),

Reverse DNS

Software

nginx /

Resource Hash

167a1dd646b4c58fa221abd6f5c94f3d9589ead569b26b85ad8f56826b0e2e0b

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=veda.gc%40sapiens.com
Origin: https://dh578-euq1.eu.iphmx.com:4431
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 19 Jan 2024 04:46:02 GMT
Content-Security-Policy: default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Fri, 10 Nov 2023 13:01:40 GMT
Server: nginx
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: text/plain; charset=UTF-8
Connection: keep-alive
X-XSS-Protection: 0

GET
H/1.1 200
OK a353775e8ccc7c92df5d.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/ 180 KB
182 KB 114ms
45ms Font
text/plain 207.54.66.120
AS-IRONP-VEGA

General

Check archive.org

Show headers Download Go to

Full URL

https://dh578-euq1.eu.iphmx.com:4431/quarantine/fonts/a353775e8ccc7c92df5d.ttf

Requested by

Host: dh578-euq1.eu.iphmx.com
URL: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=veda.gc%40sapiens.com

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

207.54.66.120 , United States, ASN30238 (AS-IRONP-VEGA, US),

Reverse DNS

Software

nginx /

Resource Hash

a2ae21c10dbd4bcf016582e2e9d046f92b62914a10fccc554e6e939f1e56a41c

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=veda.gc%40sapiens.com
Origin: https://dh578-euq1.eu.iphmx.com:4431
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 19 Jan 2024 04:46:02 GMT
Content-Security-Policy: default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Fri, 10 Nov 2023 13:01:40 GMT
Server: nginx
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: text/plain; charset=UTF-8
Connection: keep-alive
X-XSS-Protection: 0

GET
H/1.1 200
OK d2eff700e3825a7b4eb8.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/ 175 KB
176 KB 121ms
51ms Font
text/plain 207.54.66.120
AS-IRONP-VEGA

General

Check archive.org

Show headers Download Go to

Full URL

https://dh578-euq1.eu.iphmx.com:4431/quarantine/fonts/d2eff700e3825a7b4eb8.ttf

Requested by

Host: dh578-euq1.eu.iphmx.com
URL: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=veda.gc%40sapiens.com

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

207.54.66.120 , United States, ASN30238 (AS-IRONP-VEGA, US),

Reverse DNS

Software

nginx /

Resource Hash

b748f8b4820e579b1b841feee27e1734012d5084a54a872ad5657620fc6a4c16

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=veda.gc%40sapiens.com
Origin: https://dh578-euq1.eu.iphmx.com:4431
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 19 Jan 2024 04:46:02 GMT
Content-Security-Policy: default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Fri, 10 Nov 2023 13:01:40 GMT
Server: nginx
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: text/plain; charset=UTF-8
Connection: keep-alive
X-XSS-Protection: 0

GET
H/1.1 200
OK 1fce311df2cf4fad51ee.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/ 177 KB
178 KB 189ms
45ms Font
text/plain 207.54.66.120
AS-IRONP-VEGA

General

Check archive.org

Show headers Download Go to

Full URL

https://dh578-euq1.eu.iphmx.com:4431/quarantine/fonts/1fce311df2cf4fad51ee.ttf

Requested by

Host: dh578-euq1.eu.iphmx.com
URL: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=veda.gc%40sapiens.com

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

207.54.66.120 , United States, ASN30238 (AS-IRONP-VEGA, US),

Reverse DNS

Software

nginx /

Resource Hash

2843634c6eb402ee71054b8b49843610d9a1032980352faadae0eee95029b19b

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=veda.gc%40sapiens.com
Origin: https://dh578-euq1.eu.iphmx.com:4431
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 19 Jan 2024 04:46:02 GMT
Content-Security-Policy: default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Fri, 10 Nov 2023 13:01:40 GMT
Server: nginx
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: text/plain; charset=UTF-8
Connection: keep-alive
X-XSS-Protection: 0

GET
H/1.1 200
OK 391432e2abfd51718112.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/ 179 KB
180 KB 258ms
45ms Font
text/plain 207.54.66.120
AS-IRONP-VEGA

General

Check archive.org

Show headers Download Go to

Full URL

https://dh578-euq1.eu.iphmx.com:4431/quarantine/fonts/391432e2abfd51718112.ttf

Requested by

Host: dh578-euq1.eu.iphmx.com
URL: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=veda.gc%40sapiens.com

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

207.54.66.120 , United States, ASN30238 (AS-IRONP-VEGA, US),

Reverse DNS

Software

nginx /

Resource Hash

ee29eaeab603c86599bf1be8c76f8b05060f3911fd74a18a6d1ec420ca9b0106

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=veda.gc%40sapiens.com
Origin: https://dh578-euq1.eu.iphmx.com:4431
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 19 Jan 2024 04:46:02 GMT
Content-Security-Policy: default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Fri, 10 Nov 2023 13:01:40 GMT
Server: nginx
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: text/plain; charset=UTF-8
Connection: keep-alive
X-XSS-Protection: 0

GET
H/1.1 200
OK 27452bd0217dbb3492f6.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/ 186 KB
187 KB 259ms
45ms Font
text/plain 207.54.66.120
AS-IRONP-VEGA

General

Check archive.org

Show headers Download Go to

Full URL

https://dh578-euq1.eu.iphmx.com:4431/quarantine/fonts/27452bd0217dbb3492f6.ttf

Requested by

Host: dh578-euq1.eu.iphmx.com
URL: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=veda.gc%40sapiens.com

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

207.54.66.120 , United States, ASN30238 (AS-IRONP-VEGA, US),

Reverse DNS

Software

nginx /

Resource Hash

2614802c405c877ecce5eb625cc94ce98fa38318b722f2f8f9df9589ead362be

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=veda.gc%40sapiens.com
Origin: https://dh578-euq1.eu.iphmx.com:4431
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 19 Jan 2024 04:46:02 GMT
Content-Security-Policy: default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Fri, 10 Nov 2023 13:01:40 GMT
Server: nginx
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: text/plain; charset=UTF-8
Connection: keep-alive
X-XSS-Protection: 0

GET
H/1.1 200
OK 2a9b7bb7f260f878eea3.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/ 186 KB
187 KB 267ms
48ms Font
text/plain 207.54.66.120
AS-IRONP-VEGA

General

Check archive.org

Show headers Download Go to

Full URL

https://dh578-euq1.eu.iphmx.com:4431/quarantine/fonts/2a9b7bb7f260f878eea3.ttf

Requested by

Host: dh578-euq1.eu.iphmx.com
URL: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=veda.gc%40sapiens.com

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

207.54.66.120 , United States, ASN30238 (AS-IRONP-VEGA, US),

Reverse DNS

Software

nginx /

Resource Hash

e72c01ae3a181c588adc10c6b704327bd60d9da64df4093c46b6238c3e568c68

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=veda.gc%40sapiens.com
Origin: https://dh578-euq1.eu.iphmx.com:4431
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 19 Jan 2024 04:46:02 GMT
Content-Security-Policy: default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Fri, 10 Nov 2023 13:01:40 GMT
Server: nginx
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: text/plain; charset=UTF-8
Connection: keep-alive
X-XSS-Protection: 0

GET
H/1.1 200
OK 10ade40df398d7a1dc9c.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/ 198 KB
199 KB 264ms
42ms Font
text/plain 207.54.66.120
AS-IRONP-VEGA

General

Check archive.org

Show headers Download Go to

Full URL

https://dh578-euq1.eu.iphmx.com:4431/quarantine/fonts/10ade40df398d7a1dc9c.ttf

Requested by

Host: dh578-euq1.eu.iphmx.com
URL: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=veda.gc%40sapiens.com

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

207.54.66.120 , United States, ASN30238 (AS-IRONP-VEGA, US),

Reverse DNS

Software

nginx /

Resource Hash

651c0822a54675b6a2708bad5831d9c3455eadf789863d8e814f8f75e09ab664

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=veda.gc%40sapiens.com
Origin: https://dh578-euq1.eu.iphmx.com:4431
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 19 Jan 2024 04:46:02 GMT
Content-Security-Policy: default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Fri, 10 Nov 2023 13:01:40 GMT
Server: nginx
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: text/plain; charset=UTF-8
Connection: keep-alive
X-XSS-Protection: 0

GET
H/1.1 200
OK a6a6b7a83a7327418ee1.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/ 198 KB
199 KB 288ms
39ms Font
text/plain 207.54.66.120
AS-IRONP-VEGA

General

Check archive.org

Show headers Download Go to

Full URL

https://dh578-euq1.eu.iphmx.com:4431/quarantine/fonts/a6a6b7a83a7327418ee1.ttf

Requested by

Host: dh578-euq1.eu.iphmx.com
URL: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=veda.gc%40sapiens.com

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

207.54.66.120 , United States, ASN30238 (AS-IRONP-VEGA, US),

Reverse DNS

Software

nginx /

Resource Hash

ac40d8215455a37047388a2e01e42f2cc35c308d31e1c36f906bbdd81abb52f9

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=veda.gc%40sapiens.com
Origin: https://dh578-euq1.eu.iphmx.com:4431
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 19 Jan 2024 04:46:02 GMT
Content-Security-Policy: default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Fri, 10 Nov 2023 13:01:40 GMT
Server: nginx
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: text/plain; charset=UTF-8
Connection: keep-alive
X-XSS-Protection: 0

GET
H/1.1 200
OK 8996201684ac43ebf0dc.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/ 240 KB
241 KB 308ms
39ms Font
text/plain 207.54.66.120
AS-IRONP-VEGA

General

Check archive.org

Show headers Download Go to

Full URL

https://dh578-euq1.eu.iphmx.com:4431/quarantine/fonts/8996201684ac43ebf0dc.ttf

Requested by

Host: dh578-euq1.eu.iphmx.com
URL: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=veda.gc%40sapiens.com

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

207.54.66.120 , United States, ASN30238 (AS-IRONP-VEGA, US),

Reverse DNS

Software

nginx /

Resource Hash

d0663a18419ef93ea23f8c848c7cece8249d759af79d3f66048948985648f803

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=veda.gc%40sapiens.com
Origin: https://dh578-euq1.eu.iphmx.com:4431
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 19 Jan 2024 04:46:02 GMT
Content-Security-Policy: default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Fri, 10 Nov 2023 13:01:40 GMT
Server: nginx
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: text/plain; charset=UTF-8
Connection: keep-alive
X-XSS-Protection: 0

GET
H/1.1 200
OK 0a1d77c4b69c3c66302a.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/ 242 KB
243 KB 326ms
41ms Font
text/plain 207.54.66.120
AS-IRONP-VEGA

General

Check archive.org

Show headers Download Go to

Full URL

https://dh578-euq1.eu.iphmx.com:4431/quarantine/fonts/0a1d77c4b69c3c66302a.ttf

Requested by

Host: dh578-euq1.eu.iphmx.com
URL: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=veda.gc%40sapiens.com

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

207.54.66.120 , United States, ASN30238 (AS-IRONP-VEGA, US),

Reverse DNS

Software

nginx /

Resource Hash

e97934651080134f310d344cbbbe756396d2054966e2ed5085a4e6fcf8a00d98

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=veda.gc%40sapiens.com
Origin: https://dh578-euq1.eu.iphmx.com:4431
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 19 Jan 2024 04:46:02 GMT
Content-Security-Policy: default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Fri, 10 Nov 2023 13:01:40 GMT
Server: nginx
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: text/plain; charset=UTF-8
Connection: keep-alive
X-XSS-Protection: 0

GET
H/1.1 200
OK 40970c37c6c54d4d573b.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/ 196 KB
197 KB 333ms
41ms Font
text/plain 207.54.66.120
AS-IRONP-VEGA

General

Check archive.org

Show headers Download Go to

Full URL

https://dh578-euq1.eu.iphmx.com:4431/quarantine/fonts/40970c37c6c54d4d573b.ttf

Requested by

Host: dh578-euq1.eu.iphmx.com
URL: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=veda.gc%40sapiens.com

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

207.54.66.120 , United States, ASN30238 (AS-IRONP-VEGA, US),

Reverse DNS

Software

nginx /

Resource Hash

63ff6b44c5afcf573acf27a410b90525ff6acabf270af93b6e0d4911450a0df0

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=veda.gc%40sapiens.com
Origin: https://dh578-euq1.eu.iphmx.com:4431
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 19 Jan 2024 04:46:02 GMT
Content-Security-Policy: default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Fri, 10 Nov 2023 13:01:40 GMT
Server: nginx
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: text/plain; charset=UTF-8
Connection: keep-alive
X-XSS-Protection: 0

GET
H/1.1 200
OK e452ead4c517f686176f.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/ 196 KB
197 KB 338ms
46ms Font
text/plain 207.54.66.120
AS-IRONP-VEGA

General

Check archive.org

Show headers Download Go to

Full URL

https://dh578-euq1.eu.iphmx.com:4431/quarantine/fonts/e452ead4c517f686176f.ttf

Requested by

Host: dh578-euq1.eu.iphmx.com
URL: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=veda.gc%40sapiens.com

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

207.54.66.120 , United States, ASN30238 (AS-IRONP-VEGA, US),

Reverse DNS

Software

nginx /

Resource Hash

ebfdf31f29a58b8bbafd57f9e5616f3ee8e6c54d2e31753c247bcd35ef12b6d2

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=veda.gc%40sapiens.com
Origin: https://dh578-euq1.eu.iphmx.com:4431
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 19 Jan 2024 04:46:02 GMT
Content-Security-Policy: default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Fri, 10 Nov 2023 13:01:40 GMT
Server: nginx
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: text/plain; charset=UTF-8
Connection: keep-alive
X-XSS-Protection: 0

GET
H/1.1 200
OK f2dabe0b8066eb875f95.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/ 214 KB
215 KB 339ms
47ms Font
text/plain 207.54.66.120
AS-IRONP-VEGA

General

Check archive.org

Show headers Download Go to

Full URL

https://dh578-euq1.eu.iphmx.com:4431/quarantine/fonts/f2dabe0b8066eb875f95.ttf

Requested by

Host: dh578-euq1.eu.iphmx.com
URL: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=veda.gc%40sapiens.com

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

207.54.66.120 , United States, ASN30238 (AS-IRONP-VEGA, US),

Reverse DNS

Software

nginx /

Resource Hash

76131c25164feac11a876fe61702cdbc505ae9665269aeb414acc432e44ae4b6

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=veda.gc%40sapiens.com
Origin: https://dh578-euq1.eu.iphmx.com:4431
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 19 Jan 2024 04:46:02 GMT
Content-Security-Policy: default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Fri, 10 Nov 2023 13:01:40 GMT
Server: nginx
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: text/plain; charset=UTF-8
Connection: keep-alive
X-XSS-Protection: 0

GET
H/1.1 200
OK 7312133e39aa2d7211fe.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/ 212 KB
214 KB 344ms
43ms Font
text/plain 207.54.66.120
AS-IRONP-VEGA

General

Check archive.org

Show headers Download Go to

Full URL

https://dh578-euq1.eu.iphmx.com:4431/quarantine/fonts/7312133e39aa2d7211fe.ttf

Requested by

Host: dh578-euq1.eu.iphmx.com
URL: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=veda.gc%40sapiens.com

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

207.54.66.120 , United States, ASN30238 (AS-IRONP-VEGA, US),

Reverse DNS

Software

nginx /

Resource Hash

7e242e4c6e64eec9508c3be5a1e5f7bddae36b70c6c4decc7faab9ac80dac08b

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=veda.gc%40sapiens.com
Origin: https://dh578-euq1.eu.iphmx.com:4431
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 19 Jan 2024 04:46:02 GMT
Content-Security-Policy: default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Fri, 10 Nov 2023 13:01:40 GMT
Server: nginx
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: text/plain; charset=UTF-8
Connection: keep-alive
X-XSS-Protection: 0

GET
H/1.1 200
OK 98ece92e76784330efb9.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/ 213 KB
214 KB 349ms
39ms Font
text/plain 207.54.66.120
AS-IRONP-VEGA

General

Check archive.org

Show headers Download Go to

Full URL

https://dh578-euq1.eu.iphmx.com:4431/quarantine/fonts/98ece92e76784330efb9.ttf

Requested by

Host: dh578-euq1.eu.iphmx.com
URL: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=veda.gc%40sapiens.com

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

207.54.66.120 , United States, ASN30238 (AS-IRONP-VEGA, US),

Reverse DNS

Software

nginx /

Resource Hash

9865b88e576e55eb9c587cd897b51afd691aacf7292da1432cb863cdda3c556f

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=veda.gc%40sapiens.com
Origin: https://dh578-euq1.eu.iphmx.com:4431
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 19 Jan 2024 04:46:02 GMT
Content-Security-Policy: default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Fri, 10 Nov 2023 13:01:40 GMT
Server: nginx
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: text/plain; charset=UTF-8
Connection: keep-alive
X-XSS-Protection: 0

GET
H/1.1 200
OK 5cccf33da32d5f62079c.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/ 209 KB
210 KB 368ms
38ms Font
text/plain 207.54.66.120
AS-IRONP-VEGA

General

Check archive.org

Show headers Download Go to

Full URL

https://dh578-euq1.eu.iphmx.com:4431/quarantine/fonts/5cccf33da32d5f62079c.ttf

Requested by

Host: dh578-euq1.eu.iphmx.com
URL: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=veda.gc%40sapiens.com

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

207.54.66.120 , United States, ASN30238 (AS-IRONP-VEGA, US),

Reverse DNS

Software

nginx /

Resource Hash

3f434d0e1102284b0cd00ea6fdc1c5e2c7e441bbb77f39f677405bb347e5ca3b

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=veda.gc%40sapiens.com
Origin: https://dh578-euq1.eu.iphmx.com:4431
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 19 Jan 2024 04:46:02 GMT
Content-Security-Policy: default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Fri, 10 Nov 2023 13:01:40 GMT
Server: nginx
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: text/plain; charset=UTF-8
Connection: keep-alive
X-XSS-Protection: 0

GET
H/1.1 200
OK 263c9cd0726b2528ac4a.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/ 265 KB
267 KB 373ms
39ms Font
text/plain 207.54.66.120
AS-IRONP-VEGA

General

Check archive.org

Show headers Download Go to

Full URL

https://dh578-euq1.eu.iphmx.com:4431/quarantine/fonts/263c9cd0726b2528ac4a.ttf

Requested by

Host: dh578-euq1.eu.iphmx.com
URL: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=veda.gc%40sapiens.com

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

207.54.66.120 , United States, ASN30238 (AS-IRONP-VEGA, US),

Reverse DNS

Software

nginx /

Resource Hash

7e088acf001979d053655169b06221f08769346b9770d410d98d2f3a0df6e3f1

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=veda.gc%40sapiens.com
Origin: https://dh578-euq1.eu.iphmx.com:4431
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 19 Jan 2024 04:46:02 GMT
Content-Security-Policy: default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Fri, 10 Nov 2023 13:01:40 GMT
Server: nginx
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: text/plain; charset=UTF-8
Connection: keep-alive
X-XSS-Protection: 0

GET
H/1.1 200
OK 4631fbf9149dfa65af13.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/ 272 KB
273 KB 381ms
39ms Font
text/plain 207.54.66.120
AS-IRONP-VEGA

General

Check archive.org

Show headers Download Go to

Full URL

https://dh578-euq1.eu.iphmx.com:4431/quarantine/fonts/4631fbf9149dfa65af13.ttf

Requested by

Host: dh578-euq1.eu.iphmx.com
URL: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=veda.gc%40sapiens.com

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

207.54.66.120 , United States, ASN30238 (AS-IRONP-VEGA, US),

Reverse DNS

Software

nginx /

Resource Hash

262a5f604c317fe4439c397c0f7df17664acad1d64d283fd825a9a770a64f450

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=veda.gc%40sapiens.com
Origin: https://dh578-euq1.eu.iphmx.com:4431
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 19 Jan 2024 04:46:02 GMT
Content-Security-Policy: default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Fri, 10 Nov 2023 13:01:40 GMT
Server: nginx
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: text/plain; charset=UTF-8
Connection: keep-alive
X-XSS-Protection: 0

GET
H/1.1 200
OK apiConfig.json
dh578-euq1.eu.iphmx.com/ng-login/ 243 B
1 KB 385ms
39ms Other
text/plain 207.54.66.120
AS-IRONP-VEGA

General

Check archive.org

Show headers Download Go to

Full URL

https://dh578-euq1.eu.iphmx.com:4431/ng-login/apiConfig.json

Requested by

Host: dh578-euq1.eu.iphmx.com
URL: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=veda.gc%40sapiens.com

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

207.54.66.120 , United States, ASN30238 (AS-IRONP-VEGA, US),

Reverse DNS

Software

nginx /

Resource Hash

77bed2cdf7222737f240491655a32e9714725f7d02188e1fbe690ba7dc065ebb

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=veda.gc%40sapiens.com
Origin: https://dh578-euq1.eu.iphmx.com:4431
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 19 Jan 2024 04:46:02 GMT
Content-Security-Policy: default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Wed, 17 Jan 2024 21:23:27 GMT
Server: nginx
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: text/plain; charset=UTF-8
Connection: keep-alive
X-XSS-Protection: 0

GET
H/1.1 200
OK locale-en.json
dh578-euq1.eu.iphmx.com/quarantine/i18n/ 41 KB
41 KB 392ms
41ms Other
text/plain 207.54.66.120
AS-IRONP-VEGA

General

Check archive.org

Show headers Download Go to

Full URL

https://dh578-euq1.eu.iphmx.com:4431/quarantine/i18n/locale-en.json

Requested by

Host: dh578-euq1.eu.iphmx.com
URL: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=veda.gc%40sapiens.com

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

207.54.66.120 , United States, ASN30238 (AS-IRONP-VEGA, US),

Reverse DNS

Software

nginx /

Resource Hash

f5a655f7b78ed26a2b9b2acf2239d3e4a84a84d0a5ce0aece09866e2441747d7

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=veda.gc%40sapiens.com
Origin: https://dh578-euq1.eu.iphmx.com:4431
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 19 Jan 2024 04:46:02 GMT
Content-Security-Policy: default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Fri, 10 Nov 2023 13:01:40 GMT
Server: nginx
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: text/plain; charset=UTF-8
Connection: keep-alive
X-XSS-Protection: 0

GET
H/1.1 200
OK env_head.d2bf2eaba9fb584b6010.js Show response
dh578-euq1.eu.iphmx.com/quarantine/ 2 KB
3 KB 39ms
39ms Script
application/x-javascript 207.54.66.120
AS-IRONP-VEGA

General

Check archive.org

Show headers Download Go to

Full URL

https://dh578-euq1.eu.iphmx.com:4431/quarantine/env_head.d2bf2eaba9fb584b6010.js

Requested by

Host: dh578-euq1.eu.iphmx.com
URL: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=veda.gc%40sapiens.com

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

207.54.66.120 , United States, ASN30238 (AS-IRONP-VEGA, US),

Reverse DNS

Software

nginx /

Resource Hash

9b3565e5ade37585c4d4bcaa221b487d99f842f9fce0b98873c1adb9ebdea5e6

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=veda.gc%40sapiens.com
Origin: https://dh578-euq1.eu.iphmx.com:4431
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 19 Jan 2024 04:46:02 GMT
Content-Security-Policy: default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Fri, 10 Nov 2023 13:01:40 GMT
Server: nginx
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript; charset=UTF-8
Connection: keep-alive
X-XSS-Protection: 0

GET
H/1.1 200
OK vendor.e10747a5e17a6be14a33.css
dh578-euq1.eu.iphmx.com/quarantine/css/ 358 KB
359 KB 114ms
50ms Stylesheet
text/css 207.54.66.120
AS-IRONP-VEGA

General

Check archive.org

Show headers Download Go to

Full URL

https://dh578-euq1.eu.iphmx.com:4431/quarantine/css/vendor.e10747a5e17a6be14a33.css

Requested by

Host: dh578-euq1.eu.iphmx.com
URL: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=veda.gc%40sapiens.com

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

207.54.66.120 , United States, ASN30238 (AS-IRONP-VEGA, US),

Reverse DNS

Software

nginx /

Resource Hash

51b77d0b4b52b5ff7be5a45e5e2d4c552ee448083c84063b48976d6a62f2eb33

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=veda.gc%40sapiens.com
Origin: https://dh578-euq1.eu.iphmx.com:4431
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 19 Jan 2024 04:46:02 GMT
Content-Security-Policy: default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Fri, 10 Nov 2023 13:01:40 GMT
Server: nginx
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=UTF-8
Connection: keep-alive
X-XSS-Protection: 0

GET
H/1.1 200
OK main.84346936698c6e417592.css
dh578-euq1.eu.iphmx.com/quarantine/css/ 744 KB
747 KB 116ms
51ms Stylesheet
text/css 207.54.66.120
AS-IRONP-VEGA

General

Check archive.org

Show headers Download Go to

Full URL

https://dh578-euq1.eu.iphmx.com:4431/quarantine/css/main.84346936698c6e417592.css

Requested by

Host: dh578-euq1.eu.iphmx.com
URL: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=veda.gc%40sapiens.com

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

207.54.66.120 , United States, ASN30238 (AS-IRONP-VEGA, US),

Reverse DNS

Software

nginx /

Resource Hash

4d0b1a9fb67e24f673e7e0cd036f57674267c789d8e1a025fe92dc464e76eb05

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=veda.gc%40sapiens.com
Origin: https://dh578-euq1.eu.iphmx.com:4431
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 19 Jan 2024 04:46:02 GMT
Content-Security-Policy: default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Fri, 10 Nov 2023 13:01:40 GMT
Server: nginx
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=UTF-8
Connection: keep-alive
X-XSS-Protection: 0

GET
H/1.1 200
OK vendor.0e554207647b8b5f5607.js Show response
dh578-euq1.eu.iphmx.com/quarantine/ 2 MB
2 MB 40ms
40ms Script
application/x-javascript 207.54.66.120
AS-IRONP-VEGA

General

Check archive.org

Show headers Download Go to

Full URL

https://dh578-euq1.eu.iphmx.com:4431/quarantine/vendor.0e554207647b8b5f5607.js

Requested by

Host: dh578-euq1.eu.iphmx.com
URL: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=veda.gc%40sapiens.com

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

207.54.66.120 , United States, ASN30238 (AS-IRONP-VEGA, US),

Reverse DNS

Software

nginx /

Resource Hash

eff9e09e4238ef11695ef2aa8729cf849d21ab9252684560d2e1611344133eb1

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=veda.gc%40sapiens.com
Origin: https://dh578-euq1.eu.iphmx.com:4431
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 19 Jan 2024 04:46:02 GMT
Content-Security-Policy: default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Fri, 10 Nov 2023 13:01:40 GMT
Server: nginx
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript; charset=UTF-8
Connection: keep-alive
X-XSS-Protection: 0

GET
H/1.1 200
OK commons.4a5b68aeb88279c7c4c8.js Show response
dh578-euq1.eu.iphmx.com/quarantine/ 188 KB
189 KB 45ms
44ms Script
application/x-javascript 207.54.66.120
AS-IRONP-VEGA

General

Check archive.org

Show headers Download Go to

Full URL

https://dh578-euq1.eu.iphmx.com:4431/quarantine/commons.4a5b68aeb88279c7c4c8.js

Requested by

Host: dh578-euq1.eu.iphmx.com
URL: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=veda.gc%40sapiens.com

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

207.54.66.120 , United States, ASN30238 (AS-IRONP-VEGA, US),

Reverse DNS

Software

nginx /

Resource Hash

d987e276c171ba11d3fb1f4f1059f930ba2d710a576767b9664761f6748da18e

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=veda.gc%40sapiens.com
Origin: https://dh578-euq1.eu.iphmx.com:4431
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 19 Jan 2024 04:46:02 GMT
Content-Security-Policy: default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Fri, 10 Nov 2023 13:01:40 GMT
Server: nginx
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript; charset=UTF-8
Connection: keep-alive
X-XSS-Protection: 0

GET
H/1.1 200
OK main.8c02ed63691d729daeaa.js Show response
dh578-euq1.eu.iphmx.com/quarantine/ 480 KB
482 KB 50ms
50ms Script
application/x-javascript 207.54.66.120
AS-IRONP-VEGA

General

Check archive.org

Show headers Download Go to

Full URL

https://dh578-euq1.eu.iphmx.com:4431/quarantine/main.8c02ed63691d729daeaa.js

Requested by

Host: dh578-euq1.eu.iphmx.com
URL: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=veda.gc%40sapiens.com

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

207.54.66.120 , United States, ASN30238 (AS-IRONP-VEGA, US),

Reverse DNS

Software

nginx /

Resource Hash

b4b73e14bc1eb66e65c9f899c77e52a391c8898246b90acea415200e92c4c9af

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=veda.gc%40sapiens.com
Origin: https://dh578-euq1.eu.iphmx.com:4431
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 19 Jan 2024 04:46:02 GMT
Content-Security-Policy: default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Fri, 10 Nov 2023 13:01:40 GMT
Server: nginx
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript; charset=UTF-8
Connection: keep-alive
X-XSS-Protection: 0

GET
H/1.1 200
OK apiConfig.json Show response
dh578-euq1.eu.iphmx.com/ng-login/ 243 B
1 KB 39ms
38ms XHR
text/plain 207.54.66.120
AS-IRONP-VEGA

General

Check archive.org

Show headers Download Go to

Full URL

https://dh578-euq1.eu.iphmx.com:4431/ng-login/apiConfig.json

Requested by

Host: dh578-euq1.eu.iphmx.com
URL: https://dh578-euq1.eu.iphmx.com:4431/quarantine/vendor.0e554207647b8b5f5607.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

207.54.66.120 , United States, ASN30238 (AS-IRONP-VEGA, US),

Reverse DNS

Software

nginx /

Resource Hash

77bed2cdf7222737f240491655a32e9714725f7d02188e1fbe690ba7dc065ebb

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=veda.gc%40sapiens.com
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 19 Jan 2024 04:46:02 GMT
Content-Security-Policy: default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Wed, 17 Jan 2024 21:23:27 GMT
Server: nginx
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: text/plain; charset=UTF-8
Connection: keep-alive
X-XSS-Protection: 0

GET ats-ribbon.js
cdn.security.cisco.com/@cisco-ats/ribbon@%5E1.0.0/dist/ 0
0

GET
H/1.1 200
OK euq_url_details
dh578-euq1.eu.iphmx.com/sma/api/v2.0/config/ 90 B
748 B 98ms
97ms XHR
application/json 207.54.66.120
AS-IRONP-VEGA

General

Check archive.org

Show headers Download Go to

Full URL

https://dh578-euq1.eu.iphmx.com:4431/sma/api/v2.0/config/euq_url_details?device_type=sma

Requested by

Host: dh578-euq1.eu.iphmx.com
URL: https://dh578-euq1.eu.iphmx.com:4431/quarantine/vendor.0e554207647b8b5f5607.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

207.54.66.120 , United States, ASN30238 (AS-IRONP-VEGA, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
portal: euq
Referer: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=veda.gc@sapiens.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 19 Jan 2024 04:46:03 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 90
X-XSS-Protection: 0
Pragma: no-cache
Server: nginx
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Disposition, jwtToken
Cache-control: no-store
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type, jwttoken, mid, h, email, portal, cache-control, pragma

GET
H/1.1 200
OK euq_authentication_method
dh578-euq1.eu.iphmx.com/sma/api/v2.0/config/ 43 B
701 B 94ms
93ms XHR
application/json 207.54.66.120
AS-IRONP-VEGA

General

Check archive.org

Show headers Download Go to

Full URL

https://dh578-euq1.eu.iphmx.com:4431/sma/api/v2.0/config/euq_authentication_method?device_type=sma

Requested by

Host: dh578-euq1.eu.iphmx.com
URL: https://dh578-euq1.eu.iphmx.com:4431/quarantine/vendor.0e554207647b8b5f5607.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

207.54.66.120 , United States, ASN30238 (AS-IRONP-VEGA, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
portal: euq
Referer: https://dh578-euq1.eu.iphmx.com:4431/quarantine/search
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 19 Jan 2024 04:46:03 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 0
Pragma: no-cache
Server: nginx
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Disposition, jwtToken
Cache-control: no-store
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type, jwttoken, mid, h, email, portal, cache-control, pragma

GET
H/1.1

200
OK

saml2 Show response
login.microsoftonline.com/3d918542-68a9-4e89-ac7a-0f74754ddb24/
Redirect Chain

https://dh578-euq1.eu.iphmx.com/?ngui=True
https://login.microsoftonline.com/3d918542-68a9-4e89-ac7a-0f74754ddb24/saml2?SAMLRequest=fVLRbtsgFP0Vi3fb2MFgoySSEydapG6zmmwPe4mIfdMg2ZAC7tq%2FH3a2rn1oQUK6h3u555zL3Iq%2Bu%2FJycBd1D48DWBc8952yfLpYoM...

21 KB
10 KB

255ms
97ms

Document
text/html

2603:1026:3000:c8::6
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.microsoftonline.com/3d918542-68a9-4e89-ac7a-0f74754ddb24/saml2?SAMLRequest=fVLRbtsgFP0Vi3fb2MFgoySSEydapG6zmmwPe4mIfdMg2ZAC7tq%2FH3a2rn1oQUK6h3u555zL3Iq%2Bu%2FJycBd1D48DWBc8952yfLpYoMEoroWVlivRg%2BWu4fvy6x1PI8yvRjvd6A69Kfm8QlgLxkmtULCrFui4KtOEZhWu6IbiVbUut6t1vmEk2yTblG3I0dhjjjEpsuSM3y3WFiTN8wZTNqMzltLMbyiIR%2FB0EgqUsYwWtygjLPVRVhCWpYCCn2Cs57FAnpYnY%2B0AO2WdUM5DOCUhTsKkOGDCCeV49gsFlfdGKuGmqotzV8vjuNMPUkW9bIy2%2Buy06qSCqNF9PGuLJM9IGtJcFCGBvAhFw0SIz8xTIG17Skk8OpaiYK2VhbHz6F0nT96jF97cQK5PTvhHWxRstWlgGtUCnUVnYSRee0%2FlE7wi9d%2BhrKRqpXr4fB6nW5LlXw6HOqy%2F7w8oKP%2FNaGQ19GD2YJ5kAz%2Fu7%2F7rbi8Zy0MYHpMIhkheL%2F3zpBot56MmPhlqlh%2BkzeO3SfPbH%2Fzm2e2qWneyeRml9sJ9TD6JkgmRbXieUjn0QnZl2xqw1ovoOv17bUC4V2fi5a3t%2B9%2B%2B%2FAM%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=M%2FKLtCk4Gm%2FZdWOhocXDLqFXTD0u1zQXaASIdEw6%2Bj6sNIR1zhQfrnR%2FCLuTKm9iGIAfaI8CnLy%2FXR63nSYkjKKzdfg7fT4cjLMW%2Fy5YB7QPkBG%2FJdAh8tji8V%2Bsn9OoAefoSRlzrbwV0I8tHrcMv8tdjpKqSYfqaTYCtY%2BDCmRwbN7jyRAx%2BfQP%2B7reYS1ukAggajXfTCyRK0SwK%2BQav%2BgnmpcVD2ogiTAIhBJCBBAZwb2z9jszg1t2oSPGBsLO9WIMeaU6fCK6PHAm%2BINsuNbyZK6q8Uou%2B0wXQ7L4BjH16zAqeHKc3U4q1wHbikg2N7WO%2Fs1Fq08eZ61XSweTFw%3D%3D

Requested by

Host: dh578-euq1.eu.iphmx.com
URL: https://dh578-euq1.eu.iphmx.com:4431/quarantine/main.8c02ed63691d729daeaa.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2603:1026:3000:c8::6 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

037d48ce82a783cb08bdff061bb1c0fd3392a7fd684926713a98a7064e75d936

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dh578-euq1.eu.iphmx.com:4431/quarantine/search
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache
Content-Encoding: gzip
Content-Length: 9048
Content-Type: text/html; charset=utf-8
Date: Fri, 19 Jan 2024 04:46:03 GMT
Expires: -1
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub2"}]}
x-ms-ests-server: 2.1.17097.4 - SEC ProdSlices
x-ms-request-id: 64918939-4432-42fd-a908-916f39772600

Redirect headers

cache-control: no-cache,must-revalidate,max-age=0,post-check=0,pre-check=0
content-security-policy: default-src 'unsafe-eval' 'unsafe-inline' blob: data: resource://pdf.js/web/ resource://pdf.js/build/ 'self' dh578-euq1.eu.iphmx.com:*; script-src 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io 'unsafe-inline' 'unsafe-eval'; object-src 'self'; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
content-type: text/html
date: Fri, 19 Jan 2024 04:46:03 GMT
expires: Fri, 19 Jan 2024 04:46:03 GMT
last-modified: Fri, 19 Jan 2024 04:46:03 GMT
location: https://login.microsoftonline.com/3d918542-68a9-4e89-ac7a-0f74754ddb24/saml2?SAMLRequest=fVLRbtsgFP0Vi3fb2MFgoySSEydapG6zmmwPe4mIfdMg2ZAC7tq%2FH3a2rn1oQUK6h3u555zL3Iq%2Bu%2FJycBd1D48DWBc8952yfLpYoMEoroWVlivRg%2BWu4fvy6x1PI8yvRjvd6A69Kfm8QlgLxkmtULCrFui4KtOEZhWu6IbiVbUut6t1vmEk2yTblG3I0dhjjjEpsuSM3y3WFiTN8wZTNqMzltLMbyiIR%2FB0EgqUsYwWtygjLPVRVhCWpYCCn2Cs57FAnpYnY%2B0AO2WdUM5DOCUhTsKkOGDCCeV49gsFlfdGKuGmqotzV8vjuNMPUkW9bIy2%2Buy06qSCqNF9PGuLJM9IGtJcFCGBvAhFw0SIz8xTIG17Skk8OpaiYK2VhbHz6F0nT96jF97cQK5PTvhHWxRstWlgGtUCnUVnYSRee0%2FlE7wi9d%2BhrKRqpXr4fB6nW5LlXw6HOqy%2F7w8oKP%2FNaGQ19GD2YJ5kAz%2Fu7%2F7rbi8Zy0MYHpMIhkheL%2F3zpBot56MmPhlqlh%2BkzeO3SfPbH%2Fzm2e2qWneyeRml9sJ9TD6JkgmRbXieUjn0QnZl2xqw1ovoOv17bUC4V2fi5a3t%2B9%2B%2B%2FAM%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=M%2FKLtCk4Gm%2FZdWOhocXDLqFXTD0u1zQXaASIdEw6%2Bj6sNIR1zhQfrnR%2FCLuTKm9iGIAfaI8CnLy%2FXR63nSYkjKKzdfg7fT4cjLMW%2Fy5YB7QPkBG%2FJdAh8tji8V%2Bsn9OoAefoSRlzrbwV0I8tHrcMv8tdjpKqSYfqaTYCtY%2BDCmRwbN7jyRAx%2BfQP%2B7reYS1ukAggajXfTCyRK0SwK%2BQav%2BgnmpcVD2ogiTAIhBJCBBAZwb2z9jszg1t2oSPGBsLO9WIMeaU6fCK6PHAm%2BINsuNbyZK6q8Uou%2B0wXQ7L4BjH16zAqeHKc3U4q1wHbikg2N7WO%2Fs1Fq08eZ61XSweTFw%3D%3D
pragma: no-cache
server: nginx
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 BssoInterrupt_Core_vh-Mo3E5zaJqWI-ycPlvOw2.js Show response
aadcdn.msftauth.net/shared/1.0/content/js/ 136 KB
48 KB 136ms
33ms Script
application/x-javascript 2606:2800:233:78b9:f44e:2c1f:31aa:d9ef
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/js/BssoInterrupt_Core_vh-Mo3E5zaJqWI-ycPlvOw2.js
Requested by: Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/3d918542-68a9-4e89-ac7a-0f74754ddb24/saml2?SAMLRequest=fVLRbtsgFP0Vi3fb2MFgoySSEydapG6zmmwPe4mIfdMg2ZAC7tq%2FH3a2rn1oQUK6h3u555zL3Iq%2Bu%2FJycBd1D48DWBc8952yfLpYoMEoroWVlivRg%2BWu4fvy6x1PI8yvRjvd6A69Kfm8QlgLxkmtULCrFui4KtOEZhWu6IbiVbUut6t1vmEk2yTblG3I0dhjjjEpsuSM3y3WFiTN8wZTNqMzltLMbyiIR%2FB0EgqUsYwWtygjLPVRVhCWpYCCn2Cs57FAnpYnY%2B0AO2WdUM5DOCUhTsKkOGDCCeV49gsFlfdGKuGmqotzV8vjuNMPUkW9bIy2%2Buy06qSCqNF9PGuLJM9IGtJcFCGBvAhFw0SIz8xTIG17Skk8OpaiYK2VhbHz6F0nT96jF97cQK5PTvhHWxRstWlgGtUCnUVnYSRee0%2FlE7wi9d%2BhrKRqpXr4fB6nW5LlXw6HOqy%2F7w8oKP%2FNaGQ19GD2YJ5kAz%2Fu7%2F7rbi8Zy0MYHpMIhkheL%2F3zpBot56MmPhlqlh%2BkzeO3SfPbH%2Fzm2e2qWneyeRml9sJ9TD6JkgmRbXieUjn0QnZl2xqw1ovoOv17bUC4V2fi5a3t%2B9%2B%2B%2FAM%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=M%2FKLtCk4Gm%2FZdWOhocXDLqFXTD0u1zQXaASIdEw6%2Bj6sNIR1zhQfrnR%2FCLuTKm9iGIAfaI8CnLy%2FXR63nSYkjKKzdfg7fT4cjLMW%2Fy5YB7QPkBG%2FJdAh8tji8V%2Bsn9OoAefoSRlzrbwV0I8tHrcMv8tdjpKqSYfqaTYCtY%2BDCmRwbN7jyRAx%2BfQP%2B7reYS1ukAggajXfTCyRK0SwK%2BQav%2BgnmpcVD2ogiTAIhBJCBBAZwb2z9jszg1t2oSPGBsLO9WIMeaU6fCK6PHAm%2BINsuNbyZK6q8Uou%2B0wXQ7L4BjH16zAqeHKc3U4q1wHbikg2N7WO%2Fs1Fq08eZ61XSweTFw%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:78b9:f44e:2c1f:31aa:d9ef , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ska/F7B0) /
Resource Hash: fc5452d1ab8ed5f72e44043cd02b351c6855046ae2558e015f0dede9e8011d78

Request headers

Referer: https://login.microsoftonline.com/
Origin: https://login.microsoftonline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 19 Jan 2024 04:46:03 GMT
content-encoding: gzip
content-md5: XeeqhhOQ0TQMibhz+Toyvg==
age: 4351756
x-cache: HIT
content-length: 48868
x-ms-lease-status: unlocked
last-modified: Mon, 27 Nov 2023 23:32:21 GMT
server: ECAcc (ska/F7B0)
etag: 0x8DBEFA11A51DC95
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 9bf466f3-c01e-002f-7afe-22420a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H/1.1 200
OK Primary Request saml2 Show response
login.microsoftonline.com/3d918542-68a9-4e89-ac7a-0f74754ddb24/ 39 KB
17 KB 138ms
138ms Document
text/html 2603:1026:3000:c8::6
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/BssoInterrupt_Core_vh-Mo3E5zaJqWI-ycPlvOw2.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2603:1026:3000:c8::6 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

96a6e101b1effc4a76187ec591c503162c838ef08a438ae7ef0f26eda81c04d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://login.microsoftonline.com/3d918542-68a9-4e89-ac7a-0f74754ddb24/saml2?SAMLRequest=fVLRbtsgFP0Vi3fb2MFgoySSEydapG6zmmwPe4mIfdMg2ZAC7tq%2FH3a2rn1oQUK6h3u555zL3Iq%2Bu%2FJycBd1D48DWBc8952yfLpYoMEoroWVlivRg%2BWu4fvy6x1PI8yvRjvd6A69Kfm8QlgLxkmtULCrFui4KtOEZhWu6IbiVbUut6t1vmEk2yTblG3I0dhjjjEpsuSM3y3WFiTN8wZTNqMzltLMbyiIR%2FB0EgqUsYwWtygjLPVRVhCWpYCCn2Cs57FAnpYnY%2B0AO2WdUM5DOCUhTsKkOGDCCeV49gsFlfdGKuGmqotzV8vjuNMPUkW9bIy2%2Buy06qSCqNF9PGuLJM9IGtJcFCGBvAhFw0SIz8xTIG17Skk8OpaiYK2VhbHz6F0nT96jF97cQK5PTvhHWxRstWlgGtUCnUVnYSRee0%2FlE7wi9d%2BhrKRqpXr4fB6nW5LlXw6HOqy%2F7w8oKP%2FNaGQ19GD2YJ5kAz%2Fu7%2F7rbi8Zy0MYHpMIhkheL%2F3zpBot56MmPhlqlh%2BkzeO3SfPbH%2Fzm2e2qWneyeRml9sJ9TD6JkgmRbXieUjn0QnZl2xqw1ovoOv17bUC4V2fi5a3t%2B9%2B%2B%2FAM%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=M%2FKLtCk4Gm%2FZdWOhocXDLqFXTD0u1zQXaASIdEw6%2Bj6sNIR1zhQfrnR%2FCLuTKm9iGIAfaI8CnLy%2FXR63nSYkjKKzdfg7fT4cjLMW%2Fy5YB7QPkBG%2FJdAh8tji8V%2Bsn9OoAefoSRlzrbwV0I8tHrcMv8tdjpKqSYfqaTYCtY%2BDCmRwbN7jyRAx%2BfQP%2B7reYS1ukAggajXfTCyRK0SwK%2BQav%2BgnmpcVD2ogiTAIhBJCBBAZwb2z9jszg1t2oSPGBsLO9WIMeaU6fCK6PHAm%2BINsuNbyZK6q8Uou%2B0wXQ7L4BjH16zAqeHKc3U4q1wHbikg2N7WO%2Fs1Fq08eZ61XSweTFw%3D%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache
Content-Encoding: gzip
Content-Length: 14967
Content-Type: text/html; charset=utf-8
Date: Fri, 19 Jan 2024 04:46:03 GMT
Expires: -1
Link: <https://aadcdn.msauth.net>; rel=preconnect; crossorigin <https://aadcdn.msauth.net>; rel=dns-prefetch <https://aadcdn.msftauth.net>; rel=dns-prefetch
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-DNS-Prefetch-Control: on
X-Frame-Options: DENY
X-XSS-Protection: 0
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub2"}]}
x-ms-ests-server: 2.1.17097.4 - SEC ProdSlices
x-ms-request-id: 64918939-4432-42fd-a908-916f53772600

GET
H2 200 converged.v2.login.min_chy_qb6g1qbjbxlng2ytiq2.css
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ 109 KB
20 KB 146ms
49ms Stylesheet
text/css 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_chy_qb6g1qbjbxlng2ytiq2.css
Requested by: Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/3d918542-68a9-4e89-ac7a-0f74754ddb24/saml2?SAMLRequest=fVLRbtsgFP0Vi3fb2MFgoySSEydapG6zmmwPe4mIfdMg2ZAC7tq%2FH3a2rn1oQUK6h3u555zL3Iq%2Bu%2FJycBd1D48DWBc8952yfLpYoMEoroWVlivRg%2BWu4fvy6x1PI8yvRjvd6A69Kfm8QlgLxkmtULCrFui4KtOEZhWu6IbiVbUut6t1vmEk2yTblG3I0dhjjjEpsuSM3y3WFiTN8wZTNqMzltLMbyiIR%2FB0EgqUsYwWtygjLPVRVhCWpYCCn2Cs57FAnpYnY%2B0AO2WdUM5DOCUhTsKkOGDCCeV49gsFlfdGKuGmqotzV8vjuNMPUkW9bIy2%2Buy06qSCqNF9PGuLJM9IGtJcFCGBvAhFw0SIz8xTIG17Skk8OpaiYK2VhbHz6F0nT96jF97cQK5PTvhHWxRstWlgGtUCnUVnYSRee0%2FlE7wi9d%2BhrKRqpXr4fB6nW5LlXw6HOqy%2F7w8oKP%2FNaGQ19GD2YJ5kAz%2Fu7%2F7rbi8Zy0MYHpMIhkheL%2F3zpBot56MmPhlqlh%2BkzeO3SfPbH%2Fzm2e2qWneyeRml9sJ9TD6JkgmRbXieUjn0QnZl2xqw1ovoOv17bUC4V2fi5a3t%2B9%2B%2B%2FAM%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=M%2FKLtCk4Gm%2FZdWOhocXDLqFXTD0u1zQXaASIdEw6%2Bj6sNIR1zhQfrnR%2FCLuTKm9iGIAfaI8CnLy%2FXR63nSYkjKKzdfg7fT4cjLMW%2Fy5YB7QPkBG%2FJdAh8tji8V%2Bsn9OoAefoSRlzrbwV0I8tHrcMv8tdjpKqSYfqaTYCtY%2BDCmRwbN7jyRAx%2BfQP%2B7reYS1ukAggajXfTCyRK0SwK%2BQav%2BgnmpcVD2ogiTAIhBJCBBAZwb2z9jszg1t2oSPGBsLO9WIMeaU6fCK6PHAm%2BINsuNbyZK6q8Uou%2B0wXQ7L4BjH16zAqeHKc3U4q1wHbikg2N7WO%2Fs1Fq08eZ61XSweTFw%3D%3D&sso_reload=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5e47dd51ca94efccd58f4a7dc95a51744493292586fbe031e78f72508f0f4f89

Request headers

Referer: https://login.microsoftonline.com/
Origin: https://login.microsoftonline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 19 Jan 2024 04:46:04 GMT
content-encoding: gzip
x-cache: TCP_HIT
content-length: 20226
x-ms-lease-status: unlocked
last-modified: Fri, 17 Nov 2023 00:24:07 GMT
etag: 0x8DBE703830C8407
x-azure-ref: 20240119T044604Z-qeqbz9wr05407bf88q9v5v6m5w000000019g000000000bm3
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 941fce90-701e-0048-532a-49bc73000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 ConvergedLogin_PCore_AC8RqhTjxXTydsiCL53szg2.js Show response
aadcdn.msauth.net/shared/1.0/content/js/ 421 KB
116 KB 146ms
49ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_AC8RqhTjxXTydsiCL53szg2.js
Requested by: Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/3d918542-68a9-4e89-ac7a-0f74754ddb24/saml2?SAMLRequest=fVLRbtsgFP0Vi3fb2MFgoySSEydapG6zmmwPe4mIfdMg2ZAC7tq%2FH3a2rn1oQUK6h3u555zL3Iq%2Bu%2FJycBd1D48DWBc8952yfLpYoMEoroWVlivRg%2BWu4fvy6x1PI8yvRjvd6A69Kfm8QlgLxkmtULCrFui4KtOEZhWu6IbiVbUut6t1vmEk2yTblG3I0dhjjjEpsuSM3y3WFiTN8wZTNqMzltLMbyiIR%2FB0EgqUsYwWtygjLPVRVhCWpYCCn2Cs57FAnpYnY%2B0AO2WdUM5DOCUhTsKkOGDCCeV49gsFlfdGKuGmqotzV8vjuNMPUkW9bIy2%2Buy06qSCqNF9PGuLJM9IGtJcFCGBvAhFw0SIz8xTIG17Skk8OpaiYK2VhbHz6F0nT96jF97cQK5PTvhHWxRstWlgGtUCnUVnYSRee0%2FlE7wi9d%2BhrKRqpXr4fB6nW5LlXw6HOqy%2F7w8oKP%2FNaGQ19GD2YJ5kAz%2Fu7%2F7rbi8Zy0MYHpMIhkheL%2F3zpBot56MmPhlqlh%2BkzeO3SfPbH%2Fzm2e2qWneyeRml9sJ9TD6JkgmRbXieUjn0QnZl2xqw1ovoOv17bUC4V2fi5a3t%2B9%2B%2B%2FAM%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=M%2FKLtCk4Gm%2FZdWOhocXDLqFXTD0u1zQXaASIdEw6%2Bj6sNIR1zhQfrnR%2FCLuTKm9iGIAfaI8CnLy%2FXR63nSYkjKKzdfg7fT4cjLMW%2Fy5YB7QPkBG%2FJdAh8tji8V%2Bsn9OoAefoSRlzrbwV0I8tHrcMv8tdjpKqSYfqaTYCtY%2BDCmRwbN7jyRAx%2BfQP%2B7reYS1ukAggajXfTCyRK0SwK%2BQav%2BgnmpcVD2ogiTAIhBJCBBAZwb2z9jszg1t2oSPGBsLO9WIMeaU6fCK6PHAm%2BINsuNbyZK6q8Uou%2B0wXQ7L4BjH16zAqeHKc3U4q1wHbikg2N7WO%2Fs1Fq08eZ61XSweTFw%3D%3D&sso_reload=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f5176725356190fbc493f38f2143954f009d01d6a2a79def1fae0548a7cb314a

Request headers

Referer: https://login.microsoftonline.com/
Origin: https://login.microsoftonline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 19 Jan 2024 04:46:04 GMT
content-encoding: gzip
x-cache: TCP_HIT
content-length: 118303
x-ms-lease-status: unlocked
last-modified: Fri, 22 Dec 2023 07:51:28 GMT
etag: 0x8DC02C2CE272565
x-azure-ref: 20240119T044604Z-qeqbz9wr05407bf88q9v5v6m5w000000019g000000000bm5
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: d40ad8ca-401e-0017-6f09-49565f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 ux.converged.login.strings-de.min_ejinblwk_mimxsc4lkii7w2.js Show response
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ 58 KB
17 KB 145ms
49ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-de.min_ejinblwk_mimxsc4lkii7w2.js
Requested by: Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/3d918542-68a9-4e89-ac7a-0f74754ddb24/saml2?SAMLRequest=fVLRbtsgFP0Vi3fb2MFgoySSEydapG6zmmwPe4mIfdMg2ZAC7tq%2FH3a2rn1oQUK6h3u555zL3Iq%2Bu%2FJycBd1D48DWBc8952yfLpYoMEoroWVlivRg%2BWu4fvy6x1PI8yvRjvd6A69Kfm8QlgLxkmtULCrFui4KtOEZhWu6IbiVbUut6t1vmEk2yTblG3I0dhjjjEpsuSM3y3WFiTN8wZTNqMzltLMbyiIR%2FB0EgqUsYwWtygjLPVRVhCWpYCCn2Cs57FAnpYnY%2B0AO2WdUM5DOCUhTsKkOGDCCeV49gsFlfdGKuGmqotzV8vjuNMPUkW9bIy2%2Buy06qSCqNF9PGuLJM9IGtJcFCGBvAhFw0SIz8xTIG17Skk8OpaiYK2VhbHz6F0nT96jF97cQK5PTvhHWxRstWlgGtUCnUVnYSRee0%2FlE7wi9d%2BhrKRqpXr4fB6nW5LlXw6HOqy%2F7w8oKP%2FNaGQ19GD2YJ5kAz%2Fu7%2F7rbi8Zy0MYHpMIhkheL%2F3zpBot56MmPhlqlh%2BkzeO3SfPbH%2Fzm2e2qWneyeRml9sJ9TD6JkgmRbXieUjn0QnZl2xqw1ovoOv17bUC4V2fi5a3t%2B9%2B%2B%2FAM%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=M%2FKLtCk4Gm%2FZdWOhocXDLqFXTD0u1zQXaASIdEw6%2Bj6sNIR1zhQfrnR%2FCLuTKm9iGIAfaI8CnLy%2FXR63nSYkjKKzdfg7fT4cjLMW%2Fy5YB7QPkBG%2FJdAh8tji8V%2Bsn9OoAefoSRlzrbwV0I8tHrcMv8tdjpKqSYfqaTYCtY%2BDCmRwbN7jyRAx%2BfQP%2B7reYS1ukAggajXfTCyRK0SwK%2BQav%2BgnmpcVD2ogiTAIhBJCBBAZwb2z9jszg1t2oSPGBsLO9WIMeaU6fCK6PHAm%2BINsuNbyZK6q8Uou%2B0wXQ7L4BjH16zAqeHKc3U4q1wHbikg2N7WO%2Fs1Fq08eZ61XSweTFw%3D%3D&sso_reload=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 2b9c25a4f1f50e3bd8f868967751f09e8b95f97852155e81faac830e3bb383d9

Request headers

Referer: https://login.microsoftonline.com/
Origin: https://login.microsoftonline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 19 Jan 2024 04:46:04 GMT
content-encoding: gzip
x-cache: TCP_HIT
content-length: 16736
x-ms-lease-status: unlocked
last-modified: Thu, 07 Dec 2023 23:23:14 GMT
etag: 0x8DBF77B7C673657
x-azure-ref: 20240119T044604Z-qeqbz9wr05407bf88q9v5v6m5w000000019g000000000bm4
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: c91aa8c9-601e-0039-0bf1-496571000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H/1.1 200
OK Me.htm
login.live.com/ 0
0 336ms
161ms Other
text/html 40.126.31.71
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://login.live.com/Me.htm?v=3
Requested by: Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/3d918542-68a9-4e89-ac7a-0f74754ddb24/saml2?SAMLRequest=fVLRbtsgFP0Vi3fb2MFgoySSEydapG6zmmwPe4mIfdMg2ZAC7tq%2FH3a2rn1oQUK6h3u555zL3Iq%2Bu%2FJycBd1D48DWBc8952yfLpYoMEoroWVlivRg%2BWu4fvy6x1PI8yvRjvd6A69Kfm8QlgLxkmtULCrFui4KtOEZhWu6IbiVbUut6t1vmEk2yTblG3I0dhjjjEpsuSM3y3WFiTN8wZTNqMzltLMbyiIR%2FB0EgqUsYwWtygjLPVRVhCWpYCCn2Cs57FAnpYnY%2B0AO2WdUM5DOCUhTsKkOGDCCeV49gsFlfdGKuGmqotzV8vjuNMPUkW9bIy2%2Buy06qSCqNF9PGuLJM9IGtJcFCGBvAhFw0SIz8xTIG17Skk8OpaiYK2VhbHz6F0nT96jF97cQK5PTvhHWxRstWlgGtUCnUVnYSRee0%2FlE7wi9d%2BhrKRqpXr4fB6nW5LlXw6HOqy%2F7w8oKP%2FNaGQ19GD2YJ5kAz%2Fu7%2F7rbi8Zy0MYHpMIhkheL%2F3zpBot56MmPhlqlh%2BkzeO3SfPbH%2Fzm2e2qWneyeRml9sJ9TD6JkgmRbXieUjn0QnZl2xqw1ovoOv17bUC4V2fi5a3t%2B9%2B%2B%2FAM%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=M%2FKLtCk4Gm%2FZdWOhocXDLqFXTD0u1zQXaASIdEw6%2Bj6sNIR1zhQfrnR%2FCLuTKm9iGIAfaI8CnLy%2FXR63nSYkjKKzdfg7fT4cjLMW%2Fy5YB7QPkBG%2FJdAh8tji8V%2Bsn9OoAefoSRlzrbwV0I8tHrcMv8tdjpKqSYfqaTYCtY%2BDCmRwbN7jyRAx%2BfQP%2B7reYS1ukAggajXfTCyRK0SwK%2BQav%2BgnmpcVD2ogiTAIhBJCBBAZwb2z9jszg1t2oSPGBsLO9WIMeaU6fCK6PHAm%2BINsuNbyZK6q8Uou%2B0wXQ7L4BjH16zAqeHKc3U4q1wHbikg2N7WO%2Fs1Fq08eZ61XSweTFw%3D%3D&sso_reload=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.126.31.71 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H2 200 convergedlogin_pcustomizationloader_3c4dade0e77065ef0ebe.js Show response
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ 153 KB
34 KB 98ms
48ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_3c4dade0e77065ef0ebe.js
Requested by: Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_AC8RqhTjxXTydsiCL53szg2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f4d950c649876fb897ae9732dc13e17fd19303c2bbe7fb628141c096c9f02949

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 19 Jan 2024 04:46:04 GMT
content-encoding: gzip
x-cache: TCP_HIT
content-length: 34606
x-ms-lease-status: unlocked
last-modified: Fri, 22 Dec 2023 07:51:22 GMT
etag: 0x8DC02C2CA538961
x-azure-ref: 20240119T044604Z-4s3dvgf6a577p25u4d5ya96t3c00000001bg00000000b5tx
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 079918d3-d01e-0042-53ff-48b266000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 convergedlogin_pfetchsessionsprogress_f0fabc6618095076a644.js Show response
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ 15 KB
6 KB 24ms
24ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_f0fabc6618095076a644.js
Requested by: Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_AC8RqhTjxXTydsiCL53szg2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5cd0bde775a1d72da0a15a121d3b16c53bbfc06e64ad79d5deb11a965711e8a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 19 Jan 2024 04:46:04 GMT
content-encoding: gzip
x-cache: TCP_HIT
content-length: 5516
x-ms-lease-status: unlocked
last-modified: Sat, 09 Dec 2023 02:52:36 GMT
etag: 0x8DBF861E6341ED5
x-azure-ref: 20240119T044604Z-4s3dvgf6a577p25u4d5ya96t3c00000001bg00000000b5u3
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 2f421525-f01e-0080-4007-496026000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
aadcdn.msauth.net/shared/1.0/content/images/ 3 KB
3 KB 25ms
24ms Image
image/gif 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msauth.net/shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Fri, 19 Jan 2024 04:46:04 GMT
last-modified: Wed, 24 May 2023 10:11:47 GMT
etag: 0x8DB5C3F48EC4154
x-azure-ref: 20240119T044604Z-4s3dvgf6a577p25u4d5ya96t3c00000001bg00000000b5u4
x-cache: TCP_HIT
content-type: image/gif
access-control-allow-origin: *
x-ms-request-id: 812bd33b-a01e-0009-46f1-494460000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes
content-length: 2672

GET
H2 200 marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
aadcdn.msauth.net/shared/1.0/content/images/ 4 KB
4 KB 25ms
25ms Image
image/gif 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msauth.net/shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Fri, 19 Jan 2024 04:46:04 GMT
last-modified: Wed, 24 May 2023 10:11:48 GMT
etag: 0x8DB5C3F4904824B
x-azure-ref: 20240119T044604Z-4s3dvgf6a577p25u4d5ya96t3c00000001bg00000000b5u5
x-cache: TCP_HIT
content-type: image/gif
access-control-allow-origin: *
x-ms-request-id: 41405290-101e-005e-50f1-49f65d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes
content-length: 3620

GET
H2 200 illustration
aadcdn.msauthimages.net/dbd5a2dd-vb7vabhwtpkojvnwgyos3ioixpo3v4c94gfezxv4-qq/logintenantbranding/0/ 217 KB
217 KB 166ms
38ms Image
image/jpeg 2606:2800:233:3d10:442f:fac8:6d32:4c87
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msauthimages.net/dbd5a2dd-vb7vabhwtpkojvnwgyos3ioixpo3v4c94gfezxv4-qq/logintenantbranding/0/illustration?ts=635881038543277806
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:3d10:442f:fac8:6d32:4c87 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ska/F7A1) /
Resource Hash: 1b23870d8263953a6e3c786c7d964f47afd4270c40b48cfe241ab71c7e73cff4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 19 Jan 2024 04:46:04 GMT
content-md5: O0rACjVJBNib5rDT6YjUMg==
age: 62116
x-cache: HIT
content-length: 222088
x-ms-lease-status: unlocked
last-modified: Mon, 11 Jan 2016 10:10:56 GMT
server: ECAcc (ska/F7A1)
etag: 0x8D31A6F7EC82EFD
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: a7f660ab-c01e-002c-3d01-4aaf4d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
access-control-allow-credentials: true
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 bannerlogo
aadcdn.msauthimages.net/dbd5a2dd-vb7vabhwtpkojvnwgyos3ioixpo3v4c94gfezxv4-qq/logintenantbranding/0/ 68 KB
68 KB 254ms
126ms Image
image/jpeg 2606:2800:233:3d10:442f:fac8:6d32:4c87
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msauthimages.net/dbd5a2dd-vb7vabhwtpkojvnwgyos3ioixpo3v4c94gfezxv4-qq/logintenantbranding/0/bannerlogo?ts=635881007224409597
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:3d10:442f:fac8:6d32:4c87 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ska/F7B5) /
Resource Hash: 7af82e94c56dd54d15e6cd7513c454d5ba3089f689805928a6f8b034d3b92ffc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 19 Jan 2024 04:46:04 GMT
content-md5: cMIkLrVXacgz8pRGJmahEQ==
age: 62330
x-cache: HIT
content-length: 69291
x-ms-lease-status: unlocked
last-modified: Mon, 11 Jan 2016 09:18:52 GMT
server: ECAcc (ska/F7B5)
etag: 0x8D31A683911F209
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 439b85c6-b01e-0009-4801-4a0631000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
aadcdn.msauth.net/shared/1.0/content/images/ 3 KB
3 KB 26ms
25ms Image
image/gif 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msauth.net/shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
Requested by: Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_AC8RqhTjxXTydsiCL53szg2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Fri, 19 Jan 2024 04:46:04 GMT
last-modified: Wed, 24 May 2023 10:11:47 GMT
etag: 0x8DB5C3F48EC4154
x-azure-ref: 20240119T044604Z-4s3dvgf6a577p25u4d5ya96t3c00000001bg00000000b5uc
x-cache: TCP_HIT
content-type: image/gif
access-control-allow-origin: *
x-ms-request-id: 812bd33b-a01e-0009-46f1-494460000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes
content-length: 2672

GET
H2 200 marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
aadcdn.msauth.net/shared/1.0/content/images/ 4 KB
4 KB 26ms
26ms Image
image/gif 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msauth.net/shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
Requested by: Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_AC8RqhTjxXTydsiCL53szg2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Fri, 19 Jan 2024 04:46:04 GMT
last-modified: Wed, 24 May 2023 10:11:48 GMT
etag: 0x8DB5C3F4904824B
x-azure-ref: 20240119T044604Z-4s3dvgf6a577p25u4d5ya96t3c00000001bg00000000b5ud
x-cache: TCP_HIT
content-type: image/gif
access-control-allow-origin: *
x-ms-request-id: 41405290-101e-005e-50f1-49f65d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes
content-length: 3620

GET
H/1.1 401
Unauthorized ssoprobe
autologon.microsoftazuread-sso.com/3d918542-68a9-4e89-ac7a-0f74754ddb24/winauth/ 12 B
1 KB 157ms
39ms Image
image/png 2603:1027:1:158::c
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://autologon.microsoftazuread-sso.com/3d918542-68a9-4e89-ac7a-0f74754ddb24/winauth/ssoprobe?client-request-id=92a5751c-0df3-4646-ada8-dbf07df20b5e&_=1705639564303

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2603:1027:1:158::c Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 19 Jan 2024 04:46:03 GMT
X-Content-Type-Options: nosniff
WWW-Authenticate: Negotiate
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Content-Length: 12
X-XSS-Protection: 0
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Vary: Origin
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: image/png; charset=utf-8
Access-Control-Allow-Origin: https://login.microsoftonline.com
x-ms-request-id: 6832ca39-457f-4cae-9100-59308e99b700
Cache-Control: no-store, no-cache
Access-Control-Allow-Credentials: true
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
x-ms-ests-server: 2.1.17097.4 - WEULR1 ProdSlices
Expires: -1

POST
H/1.1 200
OK dssostatus Show response
login.microsoftonline.com/common/instrumentation/ 265 B
1 KB 69ms
69ms XHR
application/json 2603:1026:3000:c8::6
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.microsoftonline.com/common/instrumentation/dssostatus

Requested by

Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_AC8RqhTjxXTydsiCL53szg2.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2603:1026:3000:c8::6 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

543119b471cacc4355e7a2869e638c36afc4eb3cbfe557502faaf7ec4739da2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

hpgrequestid: 64918939-4432-42fd-a908-916f53772600
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
client-request-id: 92a5751c-0df3-4646-ada8-dbf07df20b5e
canary: PAQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-OrvWKHrx-Shk4nlP9yESvyNA2POOdN9GzIjeRhid44E9yoQUOVBqUGJ8O3RBnypy7eEXA7zayb_soZpAePugqsadQ5IJg0uf_xwrLzPv2pocpCUwd-75KlLgzCGubI3l8f68EURMW63AdUdDpV55v9-QvplWl9O7wYv84KhrPUdzEPUcT4kk84-YEWu221w8ekB6k47wIQCzSxTL_sf1YiAA
Content-type: application/json; charset=UTF-8
hpgid: 1104
Accept: application/json
Referer: https://login.microsoftonline.com/3d918542-68a9-4e89-ac7a-0f74754ddb24/saml2?SAMLRequest=fVLRbtsgFP0Vi3fb2MFgoySSEydapG6zmmwPe4mIfdMg2ZAC7tq%2FH3a2rn1oQUK6h3u555zL3Iq%2Bu%2FJycBd1D48DWBc8952yfLpYoMEoroWVlivRg%2BWu4fvy6x1PI8yvRjvd6A69Kfm8QlgLxkmtULCrFui4KtOEZhWu6IbiVbUut6t1vmEk2yTblG3I0dhjjjEpsuSM3y3WFiTN8wZTNqMzltLMbyiIR%2FB0EgqUsYwWtygjLPVRVhCWpYCCn2Cs57FAnpYnY%2B0AO2WdUM5DOCUhTsKkOGDCCeV49gsFlfdGKuGmqotzV8vjuNMPUkW9bIy2%2Buy06qSCqNF9PGuLJM9IGtJcFCGBvAhFw0SIz8xTIG17Skk8OpaiYK2VhbHz6F0nT96jF97cQK5PTvhHWxRstWlgGtUCnUVnYSRee0%2FlE7wi9d%2BhrKRqpXr4fB6nW5LlXw6HOqy%2F7w8oKP%2FNaGQ19GD2YJ5kAz%2Fu7%2F7rbi8Zy0MYHpMIhkheL%2F3zpBot56MmPhlqlh%2BkzeO3SfPbH%2Fzm2e2qWneyeRml9sJ9TD6JkgmRbXieUjn0QnZl2xqw1ovoOv17bUC4V2fi5a3t%2B9%2B%2B%2FAM%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=M%2FKLtCk4Gm%2FZdWOhocXDLqFXTD0u1zQXaASIdEw6%2Bj6sNIR1zhQfrnR%2FCLuTKm9iGIAfaI8CnLy%2FXR63nSYkjKKzdfg7fT4cjLMW%2Fy5YB7QPkBG%2FJdAh8tji8V%2Bsn9OoAefoSRlzrbwV0I8tHrcMv8tdjpKqSYfqaTYCtY%2BDCmRwbN7jyRAx%2BfQP%2B7reYS1ukAggajXfTCyRK0SwK%2BQav%2BgnmpcVD2ogiTAIhBJCBBAZwb2z9jszg1t2oSPGBsLO9WIMeaU6fCK6PHAm%2BINsuNbyZK6q8Uou%2B0wXQ7L4BjH16zAqeHKc3U4q1wHbikg2N7WO%2Fs1Fq08eZ61XSweTFw%3D%3D&sso_reload=true
hpgact: 1900

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Date: Fri, 19 Jan 2024 04:46:04 GMT
X-Content-Type-Options: nosniff
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
client-request-id: 92a5751c-0df3-4646-ada8-dbf07df20b5e
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Content-Length: 265
X-XSS-Protection: 0
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Access-Control-Allow-Methods: POST, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://autologon.microsoftazuread-sso.com/
x-ms-request-id: 28cd4e13-b84a-4cad-82d2-fdd8de591900
Cache-Control: no-store, no-cache
Access-Control-Allow-Credentials: true
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub2"}]}
x-ms-ests-server: 2.1.17097.4 - FRC ProdSlices
Expires: -1

GET
H2 200 convergedlogin_pstringcustomizationhelper_e1c340cfb6c159379a9a.js Show response
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ 111 KB
36 KB 25ms
25ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_e1c340cfb6c159379a9a.js
Requested by: Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_AC8RqhTjxXTydsiCL53szg2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c87dafb24d33a259dc38fd50c3ac11d90f4dc1d770e32bedecabdb33ca25be61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 19 Jan 2024 04:46:04 GMT
content-encoding: gzip
x-cache: TCP_HIT
content-length: 35907
x-ms-lease-status: unlocked
last-modified: Fri, 22 Dec 2023 07:51:22 GMT
etag: 0x8DC02C2CA97B8C7
x-azure-ref: 20240119T044604Z-4s3dvgf6a577p25u4d5ya96t3c00000001bg00000000b5v6
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 3ea5c5f0-001e-006b-3c0f-495046000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
aadcdn.msauth.net/shared/1.0/content/images/ 2 KB
1 KB 37ms
37ms Image
image/svg+xml 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msauth.net/shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 19 Jan 2024 04:46:04 GMT
content-encoding: gzip
x-cache: TCP_HIT
content-length: 621
x-ms-lease-status: unlocked
last-modified: Wed, 24 May 2023 10:11:49 GMT
etag: 0x8DB5C3F49ED96E0
x-azure-ref: 20240119T044604Z-4s3dvgf6a577p25u4d5ya96t3c00000001bg00000000b5va
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 474fedd7-101e-0026-481e-495c4c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn.security.cisco.com
URL: https://cdn.security.cisco.com/@cisco-ats/ribbon@%5E1.0.0/dist/ats-ribbon.js

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
dh578-euq1.eu.iphmx.com/	1969-12-31 23:59:59	Name: sid Value: 0G0VVj3jFyrPLaPpGFsv
.login.microsoftonline.com/	1969-12-31 23:59:59	Name: esctx-010wJ0ju7g Value: AQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-HGtt9qt9mKdqAKOjWdmxJgv_cjUSOigArIw_FfmE9osU4plkgOUKW2rwN_2AAZ2jJEY2TCLYvWVD2GTSmuXoC2xtJ6JWgHyX2f0NzW0rtWBXHblkgfcL_26-36Lws0vbOT3UHoSdzaNs8VLLtuFmWSAA
login.microsoftonline.com/	1969-12-31 23:59:59	Name: x-ms-gateway-slice Value: estsfd
login.microsoftonline.com/	1969-12-31 23:59:59	Name: stsservicecookie Value: estsfd
.login.microsoftonline.com/	1969-12-31 23:59:59	Name: AADSSO Value: NA\|NoExtension
login.microsoftonline.com/	1970-01-20 17:47:19	Name: SSOCOOKIEPULLED Value: 1
login.microsoftonline.com/	1970-01-20 18:30:31	Name: buid Value: 0.AQYAQoWRPaloiU6seg90dU3bJBeqDZPoV2dMhqwnhWrbTFwGAAA.AQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-qXu8BaQYP2Tgs2aU2Krkyqr96emGHKp8hM7002DrWgHStpJ8Gy9Tw5-1EwzZi_iJfyenQekRpY9cWcX4zd75P7XK59nfRnAZQUEgpDOYeikgAA
.login.microsoftonline.com/	1969-12-31 23:59:59	Name: esctx Value: PAQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-E6bUYqj1yKaWFJwrB6u5nhrbbiqT7Jy_HcK5QrFbwilzscOfiuC16uHRQC8ou-D7sT3LiYl4oj6rf9Sj4OyUx2LDLF1SQ_mjM0r3DdktwNw2sewgQCGHAFZbQNOK56bH_lY4adUFPLGn6BoxlSq1V_38CQKrT3Bs-eGS-PnBNBcgAA
.login.microsoftonline.com/	1969-12-31 23:59:59	Name: esctx-DFGRD06bcDA Value: AQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-tjZ7XaiYUsK1PzqkTovb-EcqSWSjCb__VCI7bQ1gwjMoBP6D7YC-B36H6iPc4-sn900o-LMQjLUJoMqbjDh_niUQ2bCsGloJtQVTo5Gc53xUxsDG09jl0U7dqC_XaGtApC3CVjUb5j_eJCRCeqo0oyAA
login.microsoftonline.com/	1970-01-20 18:30:31	Name: fpc Value: AusaXjhsUBxLvsFH5C3NCZcsyLwtAQAAAIv1O90OAAAA
.login.microsoftonline.com/	1970-01-21 03:08:55	Name: brcap Value: 0
.login.live.com/	1969-12-31 23:59:59	Name: uaid Value: 56f00033c96041bebd115eb21863e1ed
.login.live.com/	1969-12-31 23:59:59	Name: MSPRequ Value: id=N&lt=1705639564&co=1
autologon.microsoftazuread-sso.com/	1970-01-20 18:30:31	Name: fpc Value: ApXKp9mA7JNEqUu_Y6Q6Smc
autologon.microsoftazuread-sso.com/	1969-12-31 23:59:59	Name: x-ms-gateway-slice Value: estsfd
autologon.microsoftazuread-sso.com/	1969-12-31 23:59:59	Name: stsservicecookie Value: estsfd

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=veda.gc%40sapiens.com Message: The value "1user-scalable" for key "initial-scale" was truncated to its numeric prefix.
rendering	warning	URL: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=veda.gc%40sapiens.com Message: The key "no" is not recognized and ignored.
other	warning	URL: https://dh578-euq1.eu.iphmx.com:4431/quarantine/vendor.0e554207647b8b5f5607.js Message: A preload for 'https://dh578-euq1.eu.iphmx.com:4431/ng-login/apiConfig.json' is found, but is not used because the new request is synchronous.
network	error	URL: https://autologon.microsoftazuread-sso.com/3d918542-68a9-4e89-ac7a-0f74754ddb24/winauth/ssoprobe?client-request-id=92a5751c-0df3-4646-ada8-dbf07df20b5e&_=1705639564303 Message: Failed to load resource: the server responded with a status of 401 (Unauthorized)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msauth.net
aadcdn.msauthimages.net
aadcdn.msftauth.net
autologon.microsoftazuread-sso.com
cdn.security.cisco.com
dh578-euq1.eu.iphmx.com
login.live.com
login.microsoftonline.com
www.googletagmanager.com
cdn.security.cisco.com
207.54.66.120
2603:1026:3000:c8::6
2603:1027:1:158::c
2606:2800:233:3d10:442f:fac8:6d32:4c87
2606:2800:233:78b9:f44e:2c1f:31aa:d9ef
2620:1ec:46::45
2a00:1450:4001:811::2008
40.126.31.71
037d48ce82a783cb08bdff061bb1c0fd3392a7fd684926713a98a7064e75d936
167a1dd646b4c58fa221abd6f5c94f3d9589ead569b26b85ad8f56826b0e2e0b
1b23870d8263953a6e3c786c7d964f47afd4270c40b48cfe241ab71c7e73cff4
2614802c405c877ecce5eb625cc94ce98fa38318b722f2f8f9df9589ead362be
262a5f604c317fe4439c397c0f7df17664acad1d64d283fd825a9a770a64f450
2843634c6eb402ee71054b8b49843610d9a1032980352faadae0eee95029b19b
2b9c25a4f1f50e3bd8f868967751f09e8b95f97852155e81faac830e3bb383d9
3ef2866d5cca4f75e3ea8be04ecb58d27a71e5f122a01282e0615c6c9831a0f0
3f434d0e1102284b0cd00ea6fdc1c5e2c7e441bbb77f39f677405bb347e5ca3b
4d0b1a9fb67e24f673e7e0cd036f57674267c789d8e1a025fe92dc464e76eb05
51b77d0b4b52b5ff7be5a45e5e2d4c552ee448083c84063b48976d6a62f2eb33
543119b471cacc4355e7a2869e638c36afc4eb3cbfe557502faaf7ec4739da2b
5cd0bde775a1d72da0a15a121d3b16c53bbfc06e64ad79d5deb11a965711e8a8
5e47dd51ca94efccd58f4a7dc95a51744493292586fbe031e78f72508f0f4f89
61bf4c3e7e14309d28ec21cfee62470a88a4b8799fc93b2f9e922708224c6f73
63ff6b44c5afcf573acf27a410b90525ff6acabf270af93b6e0d4911450a0df0
651c0822a54675b6a2708bad5831d9c3455eadf789863d8e814f8f75e09ab664
76131c25164feac11a876fe61702cdbc505ae9665269aeb414acc432e44ae4b6
77bed2cdf7222737f240491655a32e9714725f7d02188e1fbe690ba7dc065ebb
7af82e94c56dd54d15e6cd7513c454d5ba3089f689805928a6f8b034d3b92ffc
7e088acf001979d053655169b06221f08769346b9770d410d98d2f3a0df6e3f1
7e242e4c6e64eec9508c3be5a1e5f7bddae36b70c6c4decc7faab9ac80dac08b
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
96a6e101b1effc4a76187ec591c503162c838ef08a438ae7ef0f26eda81c04d6
9865b88e576e55eb9c587cd897b51afd691aacf7292da1432cb863cdda3c556f
9b3565e5ade37585c4d4bcaa221b487d99f842f9fce0b98873c1adb9ebdea5e6
a2ae21c10dbd4bcf016582e2e9d046f92b62914a10fccc554e6e939f1e56a41c
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13
ac40d8215455a37047388a2e01e42f2cc35c308d31e1c36f906bbdd81abb52f9
b4b73e14bc1eb66e65c9f899c77e52a391c8898246b90acea415200e92c4c9af
b748f8b4820e579b1b841feee27e1734012d5084a54a872ad5657620fc6a4c16
c87dafb24d33a259dc38fd50c3ac11d90f4dc1d770e32bedecabdb33ca25be61
d0663a18419ef93ea23f8c848c7cece8249d759af79d3f66048948985648f803
d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f
d13e305faa48324c4dcb6f98fe2409c1d668e42db2607953c3bcdb629dd7689e
d987e276c171ba11d3fb1f4f1059f930ba2d710a576767b9664761f6748da18e
e72c01ae3a181c588adc10c6b704327bd60d9da64df4093c46b6238c3e568c68
e97934651080134f310d344cbbbe756396d2054966e2ed5085a4e6fcf8a00d98
ebfdf31f29a58b8bbafd57f9e5616f3ee8e6c54d2e31753c247bcd35ef12b6d2
ee29eaeab603c86599bf1be8c76f8b05060f3911fd74a18a6d1ec420ca9b0106
eff9e09e4238ef11695ef2aa8729cf849d21ab9252684560d2e1611344133eb1
f4d950c649876fb897ae9732dc13e17fd19303c2bbe7fb628141c096c9f02949
f5176725356190fbc493f38f2143954f009d01d6a2a79def1fae0548a7cb314a
f5a655f7b78ed26a2b9b2acf2239d3e4a84a84d0a5ce0aece09866e2441747d7
fc5452d1ab8ed5f72e44043cd02b351c6855046ae2558e015f0dede9e8011d78

login.microsoftonline.com Open in urlscan Pro 2603:1026:3000:c8::6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

53 Requests

98 %HTTPS

75 %IPv6

9 Domains

9 Subdomains

9 IPs

4 Countries

8964 kBTransfer

9747 kBSize

16 Cookies

3 Outgoing links

Page URL History

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

login.microsoftonline.com Open in urlscan Pro
2603:1026:3000:c8::6 Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

98 %
HTTPS

75 %
IPv6

9
Domains

9
Subdomains

9
IPs

4
Countries

8964 kB
Transfer

9747 kB
Size

16
Cookies

53 HTTP transactions
0 data transactions