urlscan.io logo urlscan.io
SecurityTrails logo

login.microsoftonline.com Open in urlscan Pro
2603:1026:3000:150::6  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://pharma.zycus.com/
Effective URL: https://login.microsoftonline.com/ebc65a9c-d996-4923-8db2-d9dd25f63770/saml2?sso_reload=true
Submission: On December 15 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 39 HTTP transactions. The main IP is 2603:1026:3000:150::6, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.microsoftonline.com. The Cisco Umbrella rank of the primary domain is 16.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on November 23rd 2023. Valid for: a year.
This is the only time login.microsoftonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 26 88.221.124.60 16625 (AKAMAI-AS)
2 2603:1026:300... 8075 (MICROSOFT...)
12 2620:1ec:46::45 8075 (MICROSOFT...)
1 20.190.160.20 ()
39 5
26    88.221.124.60 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-124-60.deploy.static.akamaitechnologies.com
pharma.zycus.com
zauth.zycus.com
zauth-admin.zycus.com
2    2603:1026:3000:150::6 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com
12    2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aadcdn.msauth.net
1    20.190.160.20 (None, )

ASN- ()
login.live.com
Apex Domain
Subdomains		 Transfer
26 zycus.com
pharma.zycus.com
zauth.zycus.com — Cisco Umbrella Rank: 710041
zauth-admin.zycus.com — Cisco Umbrella Rank: 520331
2 MB
12 msauth.net
aadcdn.msauth.net — Cisco Umbrella Rank: 961
259 KB
2 microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 16
26 KB
1 live.com
login.live.com
0 microsoftazuread-sso.com Failed
autologon.microsoftazuread-sso.com Failed
39 5
Domain Requested by
14 pharma.zycus.com 1 redirects pharma.zycus.com
12 aadcdn.msauth.net login.microsoftonline.com
aadcdn.msauth.net
11 zauth-admin.zycus.com 1 redirects pharma.zycus.com
zauth-admin.zycus.com
2 login.microsoftonline.com
1 login.live.com login.microsoftonline.com
1 zauth.zycus.com 1 redirects
0 autologon.microsoftazuread-sso.com Failed
39 7

This site contains no links.

Subject Issuer Validity Valid
*.zycus.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-08-01 -
2024-07-31		 a year crt.sh
stamp2.login.microsoftonline.com
DigiCert SHA2 Secure Server CA		 2023-11-23 -
2024-11-23		 a year crt.sh
aadcdn.msauth.net
DigiCert SHA2 Secure Server CA		 2023-10-29 -
2024-10-29		 a year crt.sh
login.live.com
DigiCert SHA2 Secure Server CA		 2023-11-11 -
2024-11-11		 a year crt.sh

This page contains 1 frames:

Primary Page: https://login.microsoftonline.com/ebc65a9c-d996-4923-8db2-d9dd25f63770/saml2?sso_reload=true
Frame ID: 57246A3D703762E2679621F872D79F81
Requests: 39 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bei Ihrem Konto anmelden

Page URL History Show full URLs

  1. https://pharma.zycus.com/ HTTP 302
    https://pharma.zycus.com/home// Page URL
  2. https://zauth.zycus.com/oauth2/authorize-client/zycusopenid?action=login&Delegated=true&serviceName=... HTTP 302
    https://zauth-admin.zycus.com/auth/realms/ZycusRealm/protocol/openid-connect/auth?response_type=code&clien... HTTP 303
    https://zauth-admin.zycus.com/auth/realms/ZycusRealm/broker/pharma/login?session_code=7AJtjip61hIC5nA3eFUl... Page URL
  3. https://login.microsoftonline.com/ebc65a9c-d996-4923-8db2-d9dd25f63770/saml2 Page URL
  4. https://login.microsoftonline.com/ebc65a9c-d996-4923-8db2-d9dd25f63770/saml2?sso_reload=true Page URL

Page Statistics

39
Requests

97 %
HTTPS

50 %
IPv6

5
Domains

7
Subdomains

5
IPs

3
Countries

2399 kB
Transfer

7453 kB
Size

23
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://pharma.zycus.com/ HTTP 302
    https://pharma.zycus.com/home// Page URL
  2. https://zauth.zycus.com/oauth2/authorize-client/zycusopenid?action=login&Delegated=true&serviceName=https%3A%2F%2Fpharma.zycus.com%2Fhome%2F%2F%3F&kc_idp_hint=pharma HTTP 302
    https://zauth-admin.zycus.com/auth/realms/ZycusRealm/protocol/openid-connect/auth?response_type=code&client_id=zycusopenid&scope=openid%20email&state=kECM2NZkByG6Bmrgfzp8CDoGufadUzFxCyggriRr064%3D&redirect_uri=https://zauth.zycus.com/login/oauth2/code/zycusopenid&kc_idp_hint=pharma HTTP 303
    https://zauth-admin.zycus.com/auth/realms/ZycusRealm/broker/pharma/login?session_code=7AJtjip61hIC5nA3eFUla8xOd-BBZM6-CF_6wulva8A&client_id=zycusopenid&tab_id=rSwx8iNH7ZI Page URL
  3. https://login.microsoftonline.com/ebc65a9c-d996-4923-8db2-d9dd25f63770/saml2 Page URL
  4. https://login.microsoftonline.com/ebc65a9c-d996-4923-8db2-d9dd25f63770/saml2?sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://pharma.zycus.com/ HTTP 302
  • https://pharma.zycus.com/home//
Request Chain 12
  • https://zauth.zycus.com/oauth2/authorize-client/zycusopenid?action=login&Delegated=true&serviceName=https%3A%2F%2Fpharma.zycus.com%2Fhome%2F%2F%3F&kc_idp_hint=pharma HTTP 302
  • https://zauth-admin.zycus.com/auth/realms/ZycusRealm/protocol/openid-connect/auth?response_type=code&client_id=zycusopenid&scope=openid%20email&state=kECM2NZkByG6Bmrgfzp8CDoGufadUzFxCyggriRr064%3D&redirect_uri=https://zauth.zycus.com/login/oauth2/code/zycusopenid&kc_idp_hint=pharma HTTP 303
  • https://zauth-admin.zycus.com/auth/realms/ZycusRealm/broker/pharma/login?session_code=7AJtjip61hIC5nA3eFUla8xOd-BBZM6-CF_6wulva8A&client_id=zycusopenid&tab_id=rSwx8iNH7ZI

39 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
pharma.zycus.com/home//
Redirect Chain
  • https://pharma.zycus.com/
  • https://pharma.zycus.com/home//
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pharma.zycus.com/home//
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.124.60 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-124-60.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
1f681cb208a78d629bddd0fbd8066d816b03e16646e4dde3c781de483fcbf455

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-length
1807
content-type
text/html; charset=utf-8
date
Fri, 15 Dec 2023 22:52:53 GMT
etag
"6565f9e9-50f:dtagent10257230921194352GesL"
expires
Fri, 15 Dec 2023 22:52:53 GMT
last-modified
Tue, 28 Nov 2023 14:32:09 GMT
pragma
no-cache
server
nginx
server-timing
dtSInfo;desc="0", dtRpid;desc="-1475393334"
x-oneagent-js-injection
true
x-ruxit-js-agent
true

Redirect headers

cache-control
no-cache
content-length
0
date
Fri, 15 Dec 2023 22:52:53 GMT
location
https://pharma.zycus.com/home//
ruxitagentjs_ICA27NVfghqrux_10257230921194352.js
pharma.zycus.com/ 		248 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pharma.zycus.com/ruxitagentjs_ICA27NVfghqrux_10257230921194352.js
Requested by
Host: pharma.zycus.com
URL: https://pharma.zycus.com/home//
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.124.60 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-124-60.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
2a79182e427bcf3c22329fc97f4442994239dd807da62a4e289972eed00823aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pharma.zycus.com/home//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ua-compatible
IE=Edge
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Fri, 15 Dec 2023 22:52:53 GMT
last-modified
Wed, 03 Mar 2010 07:01:40 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=31535952
content-length
95591
expires
Sat, 14 Dec 2024 22:52:05 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
pharma.zycus.com/home/assets/fonts/roboto/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://pharma.zycus.com/home/assets/fonts/roboto/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: pharma.zycus.com
URL: https://pharma.zycus.com/home//
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.124.60 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-124-60.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Request headers

Referer
https://pharma.zycus.com/home//
Origin
https://pharma.zycus.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 22:52:54 GMT
content-encoding
gzip
last-modified
Tue, 28 Nov 2023 14:32:09 GMT
server
nginx
etag
"6565f9e9-3bf0:dtagent10257230921194352GesL"
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=31536000
server-timing
dtSInfo;desc="0", dtRpid;desc="1483026721", dtTao;desc="1"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 14 Dec 2024 22:52:54 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
pharma.zycus.com/home/assets/fonts/roboto/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://pharma.zycus.com/home/assets/fonts/roboto/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: pharma.zycus.com
URL: https://pharma.zycus.com/home//
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.124.60 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-124-60.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
1d5b7c64458f4af91dcfee0354be47adde1f739b5aded03a7ab6068a1bb6ca97

Request headers

Referer
https://pharma.zycus.com/home//
Origin
https://pharma.zycus.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 22:52:54 GMT
content-encoding
gzip
last-modified
Tue, 28 Nov 2023 14:32:09 GMT
server
nginx
etag
"6565f9e9-3c4c:dtagent10257230921194352GesL"
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=31536000
server-timing
dtSInfo;desc="0", dtRpid;desc="2127125869"
accept-ranges
bytes
content-length
15459
expires
Sat, 14 Dec 2024 22:52:54 GMT
styles.b4d0e203efb8007cd950.css
pharma.zycus.com/home/ 		397 KB
55 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pharma.zycus.com/home/styles.b4d0e203efb8007cd950.css
Requested by
Host: pharma.zycus.com
URL: https://pharma.zycus.com/home//
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.124.60 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-124-60.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
28b0dbfa548f9460793e1d83749737f92aa9e8d15a9841ae6918dcb0cd7a1180

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pharma.zycus.com/home//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 22:52:54 GMT
content-encoding
gzip
last-modified
Tue, 28 Nov 2023 14:32:09 GMT
server
nginx
etag
"6565f9e9-6343c"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=315360000
server-timing
dtSInfo;desc="0", dtRpid;desc="-2080901421"
accept-ranges
bytes
expires
Mon, 12 Dec 2033 22:52:54 GMT
runtime.12f18913df814d8321ed.js
pharma.zycus.com/home/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pharma.zycus.com/home/runtime.12f18913df814d8321ed.js
Requested by
Host: pharma.zycus.com
URL: https://pharma.zycus.com/home//
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.124.60 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-124-60.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
6b17cbd6739d1b81431fbc1696dfdf0ab1e9c4c03d22dc7791f1cba4d23e51ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pharma.zycus.com/home//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 22:52:54 GMT
content-encoding
gzip
last-modified
Tue, 28 Nov 2023 14:32:09 GMT
server
nginx
etag
"6565f9e9-bd7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=315360000
server-timing
dtSInfo;desc="0", dtRpid;desc="1512587967"
accept-ranges
bytes
expires
Mon, 12 Dec 2033 22:52:54 GMT
polyfills.bcc9beb88b00fea9a3f6.js
pharma.zycus.com/home/ 		194 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pharma.zycus.com/home/polyfills.bcc9beb88b00fea9a3f6.js
Requested by
Host: pharma.zycus.com
URL: https://pharma.zycus.com/home//
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.124.60 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-124-60.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
72c7b6a4d8807c034ececea57e5c0f2e4604b65c3db95d788d5432425eae17ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pharma.zycus.com/home//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 22:52:54 GMT
content-encoding
gzip
last-modified
Tue, 28 Nov 2023 14:32:09 GMT
server
nginx
etag
"6565f9e9-30795"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=315359999
server-timing
dtSInfo;desc="0", dtRpid;desc="-1007365774"
accept-ranges
bytes
content-length
41078
expires
Mon, 12 Dec 2033 22:52:53 GMT
vendor.4f36e5845becc2439ce2.js
pharma.zycus.com/home/ 		4 MB
910 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pharma.zycus.com/home/vendor.4f36e5845becc2439ce2.js
Requested by
Host: pharma.zycus.com
URL: https://pharma.zycus.com/home//
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.124.60 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-124-60.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
db5ec73da0be374da71fdab799b0c923290ce940f0ed884e466a7a9697b178b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pharma.zycus.com/home//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 22:52:54 GMT
content-encoding
gzip
last-modified
Tue, 28 Nov 2023 14:32:09 GMT
server
nginx
etag
"6565f9e9-3fbdb8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=315359953
server-timing
dtSInfo;desc="0", dtRpid;desc="-934575537"
accept-ranges
bytes
expires
Mon, 12 Dec 2033 22:52:07 GMT
main.0c8e92c24f88d89297ba.js
pharma.zycus.com/home/ 		495 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pharma.zycus.com/home/main.0c8e92c24f88d89297ba.js
Requested by
Host: pharma.zycus.com
URL: https://pharma.zycus.com/home//
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.124.60 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-124-60.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
9e04105126a978ff6730e57e821326c4241a51ce46e19c59487d5162640013cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pharma.zycus.com/home//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 22:52:54 GMT
content-encoding
gzip
last-modified
Tue, 28 Nov 2023 14:32:09 GMT
server
nginx
etag
"6565f9e9-7bc0b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=315360000
server-timing
dtSInfo;desc="0", dtRpid;desc="241533408"
accept-ranges
bytes
expires
Mon, 12 Dec 2033 22:52:54 GMT
isLogin
pharma.zycus.com/home/api/u/tms/auth/ 		652 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pharma.zycus.com/home/api/u/tms/auth/isLogin
Requested by
Host: pharma.zycus.com
URL: https://pharma.zycus.com/ruxitagentjs_ICA27NVfghqrux_10257230921194352.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.124.60 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-124-60.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains, max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://pharma.zycus.com/home//
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
strict-transport-security
max-age=15552000; includeSubDomains, max-age=31536000
x-content-type-options
nosniff
date
Fri, 15 Dec 2023 22:52:54 GMT
x-permitted-cross-domain-policies
none
buildno
x-dns-prefetch-control
off
server-timing
dtSInfo;desc="0", dtRpid;desc="-102165461"
content-length
652
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
referrer-policy
no-referrer
server
nginx
etag
W/"28c-876LJ0JS8WbMIhpfz3eNlEKx6ss:dtagent10257230921194352GesL:dtagent10257230921194352GesL"
expect-ct
max-age=0
x-frame-options
SAMEORIGIN, SAMEORIGIN
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
.zycus.com
x-download-options
noopen
access-control-expose-headers
Content-Disposition
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, max-age=0
version
0.0.0
dd-loader.gif
pharma.zycus.com/home/assets/images/ 		89 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pharma.zycus.com/home/assets/images/dd-loader.gif
Requested by
Host: pharma.zycus.com
URL: https://pharma.zycus.com/home//
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.124.60 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-124-60.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pharma.zycus.com/home//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 22:52:55 GMT
last-modified
Tue, 28 Nov 2023 14:32:09 GMT
server
nginx
etag
"6565f9e9-16537"
content-type
image/gif
cache-control
public, max-age=31536000
server-timing
dtSInfo;desc="0", dtRpid;desc="2131745041"
accept-ranges
bytes
content-length
91447
expires
Sat, 14 Dec 2024 22:52:55 GMT
isDSSO
pharma.zycus.com/home/api/u/tms/users/ 		467 B
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pharma.zycus.com/home/api/u/tms/users/isDSSO?requestUrl=https%3A%2F%2Fpharma.zycus.com%2Fhome%2F%2F
Requested by
Host: pharma.zycus.com
URL: https://pharma.zycus.com/ruxitagentjs_ICA27NVfghqrux_10257230921194352.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.124.60 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-124-60.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains, max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://pharma.zycus.com/home//
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
strict-transport-security
max-age=15552000; includeSubDomains, max-age=31536000
x-content-type-options
nosniff
date
Fri, 15 Dec 2023 22:52:55 GMT
x-permitted-cross-domain-policies
none
buildno
x-dns-prefetch-control
off
server-timing
dtSInfo;desc="0", dtRpid;desc="554270500"
content-length
467
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
referrer-policy
no-referrer
server
nginx
etag
W/"1d3-1BLl6Q87zHBd2QgX5SJUSeiQ8iM:dtagent10257230921194352GesL:dtagent10257230921194352GesL"
expect-ct
max-age=0
x-frame-options
SAMEORIGIN, SAMEORIGIN
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
.zycus.com
x-download-options
noopen
access-control-expose-headers
Content-Disposition
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, max-age=0
version
0.0.0
login
zauth-admin.zycus.com/auth/realms/ZycusRealm/broker/pharma/
Redirect Chain
  • https://zauth.zycus.com/oauth2/authorize-client/zycusopenid?action=login&Delegated=true&serviceName=https%3A%2F%2Fpharma.zycus.com%2Fhome%2F%2F%3F&kc_idp_hint=pharma
  • https://zauth-admin.zycus.com/auth/realms/ZycusRealm/protocol/openid-connect/auth?response_type=code&client_id=zycusopenid&scope=openid%20email&state=kECM2NZkByG6Bmrgfzp8CDoGufadUzFxCyggriRr064%3D&...
  • https://zauth-admin.zycus.com/auth/realms/ZycusRealm/broker/pharma/login?session_code=7AJtjip61hIC5nA3eFUla8xOd-BBZM6-CF_6wulva8A&client_id=zycusopenid&tab_id=rSwx8iNH7ZI
4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://zauth-admin.zycus.com/auth/realms/ZycusRealm/broker/pharma/login?session_code=7AJtjip61hIC5nA3eFUla8xOd-BBZM6-CF_6wulva8A&client_id=zycusopenid&tab_id=rSwx8iNH7ZI
Requested by
Host: pharma.zycus.com
URL: https://pharma.zycus.com/home/main.0c8e92c24f88d89297ba.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.124.60 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-124-60.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
0136683fd04de3ac5065f7b7bb11eaf801bfbc5d797822569bd20a77042bab66
Security Headers
Name Value
Content-Security-Policy frame-src 'self'; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pharma.zycus.com/home//
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-language
en
content-length
3730
content-security-policy
frame-src 'self'; frame-ancestors 'self'; object-src 'none';
content-type
text/html;charset=utf-8
date
Fri, 15 Dec 2023 22:52:56 GMT
expires
Fri, 15 Dec 2023 22:52:56 GMT
pragma
no-cache
server
nginx
server-timing
dtRpid;desc="-1748377613", dtSInfo;desc="0"
strict-transport-security
max-age=31536000; includeSubDomains max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN SAMEORIGIN
x-oneagent-js-injection
true
x-robots-tag
none
x-xss-protection
1; mode=block

Redirect headers

cache-control
max-age=0, no-cache, no-store
content-length
0
date
Fri, 15 Dec 2023 22:52:55 GMT
expires
Fri, 15 Dec 2023 22:52:55 GMT
location
https://zauth-admin.zycus.com/auth/realms/ZycusRealm/broker/pharma/login?session_code=7AJtjip61hIC5nA3eFUla8xOd-BBZM6-CF_6wulva8A&client_id=zycusopenid&tab_id=rSwx8iNH7ZI
pragma
no-cache
server
nginx
server-timing
dtRpid;desc="712236620", dtSInfo;desc="0"
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-frame-options
SAMEORIGIN
x-oneagent-js-injection
true
rb_70e25386-e957-484e-a933-f0a2cdb48780
pharma.zycus.com/ 		121 B
266 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pharma.zycus.com/rb_70e25386-e957-484e-a933-f0a2cdb48780?type=js3&sn=v_4_srv_1_sn_DB637F3ED898972ED4DD0706531B0B4C_perc_100000_ol_0_mul_1_app-3A84cadf32af08c79d_1&svrid=1&flavor=post&vi=EPNRFDFDMKCICFQGILRAKSRGAKUUPTUM-0&modifiedSince=1702657573616&rf=https%3A%2F%2Fpharma.zycus.com%2Fhome%2F%2F&bp=3&app=84cadf32af08c79d&crc=2653930408&en=9zaw02q6&end=1
Requested by
Host: pharma.zycus.com
URL: https://pharma.zycus.com/ruxitagentjs_ICA27NVfghqrux_10257230921194352.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.124.60 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-124-60.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://pharma.zycus.com/home//
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=31536000
date
Fri, 15 Dec 2023 22:52:55 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
x-n
S
content-length
121
x-ua-compatible
IE=Edge
ruxitagentjs_ICA27NVafgjqrux_10257230921194352.js
zauth-admin.zycus.com/auth/ 		249 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zauth-admin.zycus.com/auth/ruxitagentjs_ICA27NVafgjqrux_10257230921194352.js
Requested by
Host: zauth-admin.zycus.com
URL: https://zauth-admin.zycus.com/auth/realms/ZycusRealm/broker/pharma/login?session_code=7AJtjip61hIC5nA3eFUla8xOd-BBZM6-CF_6wulva8A&client_id=zycusopenid&tab_id=rSwx8iNH7ZI
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.124.60 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-124-60.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
57a77ff6e2d3b869872b4cd15e8ba011ab3efb3c32ffad0ecba38db3a7da2721
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zauth-admin.zycus.com/auth/realms/ZycusRealm/broker/pharma/login?session_code=7AJtjip61hIC5nA3eFUla8xOd-BBZM6-CF_6wulva8A&client_id=zycusopenid&tab_id=rSwx8iNH7ZI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-encoding
gzip
date
Fri, 15 Dec 2023 22:52:56 GMT
last-modified
Wed, 03 Mar 2010 07:01:40 GMT
server
nginx
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript;charset=utf-8
cache-control
max-age=0, no-cache, no-store
content-length
95575
expires
Fri, 15 Dec 2023 22:52:56 GMT
patternfly.css
zauth-admin.zycus.com/auth/resources/7.0.0/login/keycloak/node_modules/patternfly/dist/css/ 		214 KB
215 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://zauth-admin.zycus.com/auth/resources/7.0.0/login/keycloak/node_modules/patternfly/dist/css/patternfly.css
Requested by
Host: zauth-admin.zycus.com
URL: https://zauth-admin.zycus.com/auth/realms/ZycusRealm/broker/pharma/login?session_code=7AJtjip61hIC5nA3eFUla8xOd-BBZM6-CF_6wulva8A&client_id=zycusopenid&tab_id=rSwx8iNH7ZI
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.124.60 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-124-60.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
0a40b3b2ff66e275054bcb357b43c2fa33c6874dfc251536ffc9b73aba441bb4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zauth-admin.zycus.com/auth/realms/ZycusRealm/broker/pharma/login?session_code=7AJtjip61hIC5nA3eFUla8xOd-BBZM6-CF_6wulva8A&client_id=zycusopenid&tab_id=rSwx8iNH7ZI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=63072000; includeSubdomains; preload
date
Fri, 15 Dec 2023 22:52:56 GMT
server
nginx
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css;charset=UTF-8
x-oneagent-js-injection
true
cache-control
max-age=0, no-cache, no-store
server-timing
dtRpid;desc="811615565", dtSInfo;desc="0"
expires
Fri, 15 Dec 2023 22:52:56 GMT
patternfly-additions.css
zauth-admin.zycus.com/auth/resources/7.0.0/login/keycloak/node_modules/patternfly/dist/css/ 		228 KB
229 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://zauth-admin.zycus.com/auth/resources/7.0.0/login/keycloak/node_modules/patternfly/dist/css/patternfly-additions.css
Requested by
Host: zauth-admin.zycus.com
URL: https://zauth-admin.zycus.com/auth/realms/ZycusRealm/broker/pharma/login?session_code=7AJtjip61hIC5nA3eFUla8xOd-BBZM6-CF_6wulva8A&client_id=zycusopenid&tab_id=rSwx8iNH7ZI
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.124.60 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-124-60.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
7e77fcc753baca61311f1708f06c79d8af592f5a2e3c80dc014e36c292c1e954
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zauth-admin.zycus.com/auth/realms/ZycusRealm/broker/pharma/login?session_code=7AJtjip61hIC5nA3eFUla8xOd-BBZM6-CF_6wulva8A&client_id=zycusopenid&tab_id=rSwx8iNH7ZI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=63072000; includeSubdomains; preload
date
Fri, 15 Dec 2023 22:52:57 GMT
server
nginx
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css;charset=UTF-8
x-oneagent-js-injection
true
cache-control
max-age=0, no-cache, no-store
server-timing
dtRpid;desc="941690171", dtSInfo;desc="0"
expires
Fri, 15 Dec 2023 22:52:57 GMT
zocial.css
zauth-admin.zycus.com/auth/resources/7.0.0/login/keycloak/lib/zocial/ 		43 KB
43 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://zauth-admin.zycus.com/auth/resources/7.0.0/login/keycloak/lib/zocial/zocial.css
Requested by
Host: zauth-admin.zycus.com
URL: https://zauth-admin.zycus.com/auth/realms/ZycusRealm/broker/pharma/login?session_code=7AJtjip61hIC5nA3eFUla8xOd-BBZM6-CF_6wulva8A&client_id=zycusopenid&tab_id=rSwx8iNH7ZI
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.124.60 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-124-60.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
bae41ff593e0cfd5d25ce72edf6731524c8eb91c21e4757ce725e01dafceddb5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zauth-admin.zycus.com/auth/realms/ZycusRealm/broker/pharma/login?session_code=7AJtjip61hIC5nA3eFUla8xOd-BBZM6-CF_6wulva8A&client_id=zycusopenid&tab_id=rSwx8iNH7ZI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=63072000; includeSubdomains; preload
date
Fri, 15 Dec 2023 22:52:56 GMT
server
nginx
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css;charset=UTF-8
x-oneagent-js-injection
true
cache-control
max-age=0, no-cache, no-store
server-timing
dtRpid;desc="-878798041", dtSInfo;desc="0"
expires
Fri, 15 Dec 2023 22:52:56 GMT
login.css
zauth-admin.zycus.com/auth/resources/7.0.0/login/keycloak/css/ 		7 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://zauth-admin.zycus.com/auth/resources/7.0.0/login/keycloak/css/login.css
Requested by
Host: zauth-admin.zycus.com
URL: https://zauth-admin.zycus.com/auth/realms/ZycusRealm/broker/pharma/login?session_code=7AJtjip61hIC5nA3eFUla8xOd-BBZM6-CF_6wulva8A&client_id=zycusopenid&tab_id=rSwx8iNH7ZI
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.124.60 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-124-60.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
d3d488b75ee902649cd6fa61f05b6b882e0270f8b07e09bd48c72b6910b79643
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zauth-admin.zycus.com/auth/realms/ZycusRealm/broker/pharma/login?session_code=7AJtjip61hIC5nA3eFUla8xOd-BBZM6-CF_6wulva8A&client_id=zycusopenid&tab_id=rSwx8iNH7ZI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=63072000; includeSubdomains; preload
date
Fri, 15 Dec 2023 22:52:56 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
text/css;charset=UTF-8
x-oneagent-js-injection
true
cache-control
max-age=0, no-cache, no-store
server-timing
dtRpid;desc="-1228132213", dtSInfo;desc="0"
content-length
7227
expires
Fri, 15 Dec 2023 22:52:56 GMT
keycloak-bg.png
zauth-admin.zycus.com/auth/resources/7.0.0/login/keycloak/img/ 		80 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zauth-admin.zycus.com/auth/resources/7.0.0/login/keycloak/img/keycloak-bg.png
Requested by
Host: zauth-admin.zycus.com
URL: https://zauth-admin.zycus.com/auth/resources/7.0.0/login/keycloak/css/login.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.124.60 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-124-60.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
0825175291be11f7689e8718295e422bb6fa4f8fefccc5610292b720c701ac4e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zauth-admin.zycus.com/auth/resources/7.0.0/login/keycloak/css/login.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=63072000; includeSubdomains; preload
date
Fri, 15 Dec 2023 22:52:57 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/png
x-oneagent-js-injection
true
cache-control
max-age=0, no-cache, no-store
server-timing
dtRpid;desc="-1378646686", dtSInfo;desc="0"
expires
Fri, 15 Dec 2023 22:52:57 GMT
OpenSans-Regular-webfont.woff2
zauth-admin.zycus.com/auth/resources/7.0.0/login/keycloak/node_modules/patternfly/dist/fonts/ 		61 KB
61 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://zauth-admin.zycus.com/auth/resources/7.0.0/login/keycloak/node_modules/patternfly/dist/fonts/OpenSans-Regular-webfont.woff2
Requested by
Host: zauth-admin.zycus.com
URL: https://zauth-admin.zycus.com/auth/resources/7.0.0/login/keycloak/node_modules/patternfly/dist/css/patternfly.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.124.60 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-124-60.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3cfb28778895d6adca324710b2000c6e15ef5a7b88d461f39b29ff6fb877b778
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://zauth-admin.zycus.com/auth/resources/7.0.0/login/keycloak/node_modules/patternfly/dist/css/patternfly.css
Origin
https://zauth-admin.zycus.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=63072000; includeSubdomains; preload
date
Fri, 15 Dec 2023 22:52:57 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
x-oneagent-js-injection
true
cache-control
max-age=0, no-cache, no-store
server-timing
dtRpid;desc="-1238188535", dtTao;desc="1", dtSInfo;desc="0"
timing-allow-origin
*
expires
Fri, 15 Dec 2023 22:52:57 GMT
OpenSans-Light-webfont.woff2
zauth-admin.zycus.com/auth/resources/7.0.0/login/keycloak/node_modules/patternfly/dist/fonts/ 		62 KB
62 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://zauth-admin.zycus.com/auth/resources/7.0.0/login/keycloak/node_modules/patternfly/dist/fonts/OpenSans-Light-webfont.woff2
Requested by
Host: zauth-admin.zycus.com
URL: https://zauth-admin.zycus.com/auth/resources/7.0.0/login/keycloak/node_modules/patternfly/dist/css/patternfly.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.124.60 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-124-60.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
19edd2b018063320559188548b225aa63914bbc90fb756bc26872db1669e89f0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://zauth-admin.zycus.com/auth/resources/7.0.0/login/keycloak/node_modules/patternfly/dist/css/patternfly.css
Origin
https://zauth-admin.zycus.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=63072000; includeSubdomains; preload
date
Fri, 15 Dec 2023 22:52:57 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
x-oneagent-js-injection
true
cache-control
max-age=0, no-cache, no-store
server-timing
dtRpid;desc="-885735129", dtTao;desc="1", dtSInfo;desc="0"
timing-allow-origin
*
expires
Fri, 15 Dec 2023 22:52:57 GMT
saml2
login.microsoftonline.com/ebc65a9c-d996-4923-8db2-d9dd25f63770/ 		20 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/ebc65a9c-d996-4923-8db2-d9dd25f63770/saml2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2603:1026:3000:150::6 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e01f3a2003d9bbd0f6cf1b4d917693eedbf0e7c06fc11d402b27e96e34921cb0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://zauth-admin.zycus.com
Referer
https://zauth-admin.zycus.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
8790
Content-Type
text/html; charset=utf-8
Date
Fri, 15 Dec 2023 22:52:57 GMT
Expires
-1
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
x-ms-ests-server
2.1.16942.4 - EUS ProdSlices
x-ms-request-id
dd31f22d-140a-4bfd-a1ce-bb3725c4dd00
rb_70e25386-e957-484e-a933-f0a2cdb48780
zauth-admin.zycus.com/auth/ 		113 B
313 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://zauth-admin.zycus.com/auth/rb_70e25386-e957-484e-a933-f0a2cdb48780?type=js3&sn=v_4_srv_1_sn_DB637F3ED898972ED4DD0706531B0B4C_perc_100000_ol_0_mul_1_app-3A84cadf32af08c79d_1_app-3Ae03aff2debe058b5_1&svrid=1&flavor=post&vi=EPNRFDFDMKCICFQGILRAKSRGAKUUPTUM-0&modifiedSince=1702657573616&rf=https%3A%2F%2Fzauth-admin.zycus.com%2Fauth%2Frealms%2FZycusRealm%2Fbroker%2Fpharma%2Flogin%3Fsession_code%3D7AJtjip61hIC5nA3eFUla8xOd-BBZM6-CF_6wulva8A%26client_id%3Dzycusopenid%26tab_id%3DrSwx8iNH7ZI&bp=3&app=e03aff2debe058b5&crc=2398219994&en=9zaw02q6&end=1
Requested by
Host: zauth-admin.zycus.com
URL: https://zauth-admin.zycus.com/auth/ruxitagentjs_ICA27NVafgjqrux_10257230921194352.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.124.60 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-124-60.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://zauth-admin.zycus.com/auth/realms/ZycusRealm/broker/pharma/login?session_code=7AJtjip61hIC5nA3eFUla8xOd-BBZM6-CF_6wulva8A&client_id=zycusopenid&tab_id=rSwx8iNH7ZI
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
strict-transport-security
max-age=63072000; includeSubdomains; preload
date
Fri, 15 Dec 2023 22:52:58 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
text/plain;charset=utf-8
cache-control
max-age=0, no-cache, no-store
content-length
113
expires
Fri, 15 Dec 2023 22:52:58 GMT
BssoInterrupt_Core_vh-Mo3E5zaJqWI-ycPlvOw2.js
aadcdn.msauth.net/shared/1.0/content/js/ 		136 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/BssoInterrupt_Core_vh-Mo3E5zaJqWI-ycPlvOw2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/ebc65a9c-d996-4923-8db2-d9dd25f63770/saml2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
fc5452d1ab8ed5f72e44043cd02b351c6855046ae2558e015f0dede9e8011d78

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 15 Dec 2023 22:52:58 GMT
content-encoding
gzip
x-cache
TCP_HIT
content-length
48868
x-ms-lease-status
unlocked
last-modified
Mon, 27 Nov 2023 23:32:59 GMT
etag
0x8DBEFA130EC6269
x-azure-ref
20231215T225258Z-gau1has1n97bd0xxznyww9puxs00000003zg000000007sh7
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
567878df-e01e-0049-27e2-2c9771000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
Primary Request saml2
login.microsoftonline.com/ebc65a9c-d996-4923-8db2-d9dd25f63770/ 		39 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/ebc65a9c-d996-4923-8db2-d9dd25f63770/saml2?sso_reload=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2603:1026:3000:150::6 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dab1756fb8613d286350012931b035694c6dac966c75abb0f8312c399b20353a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://login.microsoftonline.com
Referer
https://login.microsoftonline.com/ebc65a9c-d996-4923-8db2-d9dd25f63770/saml2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
14801
Content-Type
text/html; charset=utf-8
Date
Fri, 15 Dec 2023 22:52:58 GMT
Expires
-1
Link
<https://aadcdn.msauth.net>; rel=preconnect; crossorigin <https://aadcdn.msauth.net>; rel=dns-prefetch <https://aadcdn.msftauth.net>; rel=dns-prefetch
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
on
X-Frame-Options
DENY
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
x-ms-ests-server
2.1.16942.4 - SCUS ProdSlices
x-ms-request-id
3ddc7e81-6325-4d8d-b312-734f143ac500
converged.v2.login.min_chy_qb6g1qbjbxlng2ytiq2.css
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ 		109 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_chy_qb6g1qbjbxlng2ytiq2.css
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/ebc65a9c-d996-4923-8db2-d9dd25f63770/saml2?sso_reload=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5e47dd51ca94efccd58f4a7dc95a51744493292586fbe031e78f72508f0f4f89

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 15 Dec 2023 22:52:59 GMT
content-encoding
gzip
x-cache
TCP_HIT
content-length
20226
x-ms-lease-status
unlocked
last-modified
Fri, 17 Nov 2023 00:24:07 GMT
etag
0x8DBE703830C8407
x-azure-ref
20231215T225259Z-gau1has1n97bd0xxznyww9puxs00000003zg000000007sm9
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
bb26855c-601e-0005-39d0-2db079000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
ConvergedLogin_PCore_rBkXYjh21YAKS8SjeOJwmw2.js
aadcdn.msauth.net/shared/1.0/content/js/ 		419 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_rBkXYjh21YAKS8SjeOJwmw2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/ebc65a9c-d996-4923-8db2-d9dd25f63770/saml2?sso_reload=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
62c7b35c728130c5a262f659268709c22995a19e96b39d66dd1a41489d1eb4f3

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 15 Dec 2023 22:52:59 GMT
content-encoding
gzip
x-cache
TCP_HIT
content-length
118032
x-ms-lease-status
unlocked
last-modified
Wed, 29 Nov 2023 18:04:44 GMT
etag
0x8DBF105AB0D9CC8
x-azure-ref
20231215T225259Z-gau1has1n97bd0xxznyww9puxs00000003zg000000007sma
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
ccf6a5ca-e01e-0049-762e-2b9771000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
ux.converged.login.strings-de.min_kp3ah5h2mpeuoymeavfg1q2.js
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-de.min_kp3ah5h2mpeuoymeavfg1q2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/ebc65a9c-d996-4923-8db2-d9dd25f63770/saml2?sso_reload=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
39bcd8d413593b6a7e0173ad3fb3975b8b2ef886fcaaac437b9a46be7dd6409c

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 15 Dec 2023 22:52:59 GMT
content-encoding
gzip
x-cache
TCP_HIT
content-length
16727
x-ms-lease-status
unlocked
last-modified
Tue, 28 Nov 2023 23:04:27 GMT
etag
0x8DBF0665F54DEB6
x-azure-ref
20231215T225259Z-gau1has1n97bd0xxznyww9puxs00000003zg000000007smb
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
037bfa12-301e-009c-65dc-2c241d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
Me.htm
login.live.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://login.live.com/Me.htm?v=3
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/ebc65a9c-d996-4923-8db2-d9dd25f63770/saml2?sso_reload=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.160.20 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
convergedlogin_pcustomizationloader_560f3c6ac4b56ef7114c.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ 		153 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_560f3c6ac4b56ef7114c.js
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_rBkXYjh21YAKS8SjeOJwmw2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3fd4de4b26a7acec23971755c0e54a144f523b8322c669293fced93b587de41f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 15 Dec 2023 22:52:59 GMT
content-encoding
gzip
x-cache
TCP_HIT
content-length
34608
x-ms-lease-status
unlocked
last-modified
Wed, 29 Nov 2023 18:04:20 GMT
etag
0x8DBF1059C7B45AF
x-azure-ref
20231215T225259Z-gau1has1n97bd0xxznyww9puxs00000003v000000000byk1
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
d1e8d7a4-701e-0058-7694-2c0c51000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
convergedlogin_pfetchsessionsprogress_1c6985b2fc78cc36a2ce.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_1c6985b2fc78cc36a2ce.js
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_rBkXYjh21YAKS8SjeOJwmw2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
da3aa4c3ab7973dba455d709dad6f0cd73729afc99d049ef9fbb930fa0c907e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 15 Dec 2023 22:52:59 GMT
content-encoding
gzip
x-cache
TCP_HIT
content-length
5517
x-ms-lease-status
unlocked
last-modified
Wed, 29 Nov 2023 18:04:21 GMT
etag
0x8DBF1059CCFEE61
x-azure-ref
20231215T225259Z-gau1has1n97bd0xxznyww9puxs00000003v000000000bykb
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
b4875741-a01e-004d-52ac-2d3b79000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
aadcdn.msauth.net/shared/1.0/content/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Fri, 15 Dec 2023 22:52:59 GMT
last-modified
Wed, 24 May 2023 10:11:47 GMT
etag
0x8DB5C3F48EC4154
x-azure-ref
20231215T225259Z-gau1has1n97bd0xxznyww9puxs00000003v000000000bykc
x-cache
TCP_HIT
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
3f61b8b1-c01e-001f-2e28-2c0e4e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
2672
marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
aadcdn.msauth.net/shared/1.0/content/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Fri, 15 Dec 2023 22:52:59 GMT
last-modified
Wed, 24 May 2023 10:11:48 GMT
etag
0x8DB5C3F4904824B
x-azure-ref
20231215T225259Z-gau1has1n97bd0xxznyww9puxs00000003v000000000bykd
x-cache
TCP_HIT
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
7eaf7e80-901e-0046-421e-2c1e6e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
3620
2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg
aadcdn.msauth.net/shared/1.0/content/images/backgrounds/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 15 Dec 2023 22:52:59 GMT
content-encoding
gzip
x-cache
TCP_HIT
content-length
673
x-ms-lease-status
unlocked
last-modified
Wed, 24 May 2023 10:11:46 GMT
etag
0x8DB5C3F47E260FD
x-azure-ref
20231215T225259Z-gau1has1n97bd0xxznyww9puxs00000003v000000000bykk
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
bc25c905-801e-0073-68d8-2cb875000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg
aadcdn.msauth.net/shared/1.0/content/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 15 Dec 2023 22:52:59 GMT
content-encoding
gzip
x-cache
TCP_HIT
content-length
1435
x-ms-lease-status
unlocked
last-modified
Wed, 24 May 2023 10:11:48 GMT
etag
0x8DB5C3F4911527F
x-azure-ref
20231215T225259Z-gau1has1n97bd0xxznyww9puxs00000003v000000000bykm
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
b687d633-b01e-0044-2fc9-2b486a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
aadcdn.msauth.net/shared/1.0/content/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_rBkXYjh21YAKS8SjeOJwmw2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Fri, 15 Dec 2023 22:52:59 GMT
last-modified
Wed, 24 May 2023 10:11:47 GMT
etag
0x8DB5C3F48EC4154
x-azure-ref
20231215T225259Z-gau1has1n97bd0xxznyww9puxs00000003v000000000bykn
x-cache
TCP_HIT
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
3f61b8b1-c01e-001f-2e28-2c0e4e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
2672
marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
aadcdn.msauth.net/shared/1.0/content/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_rBkXYjh21YAKS8SjeOJwmw2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Fri, 15 Dec 2023 22:52:59 GMT
last-modified
Wed, 24 May 2023 10:11:48 GMT
etag
0x8DB5C3F4904824B
x-azure-ref
20231215T225259Z-gau1has1n97bd0xxznyww9puxs00000003v000000000bykp
x-cache
TCP_HIT
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
7eaf7e80-901e-0046-421e-2c1e6e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
3620
ssoprobe
autologon.microsoftazuread-sso.com/ebc65a9c-d996-4923-8db2-d9dd25f63770/winauth/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
autologon.microsoftazuread-sso.com
URL
https://autologon.microsoftazuread-sso.com/ebc65a9c-d996-4923-8db2-d9dd25f63770/winauth/ssoprobe?client-request-id=424e57ce-ae75-4e58-99f0-60aecb946f53&_=1702680779480

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository object| Telemetry object| telemetry_webpackJsonp boolean| __ConvergedLogin_PCore boolean| __

23 Cookies

Domain/Path Name / Value
zauth-admin.zycus.com/auth/realms/ZycusRealm/ Name: AUTH_SESSION_ID
Value: c2b629b3-5047-4bc2-b544-d6946017a244.123
zauth-admin.zycus.com/auth/realms/ZycusRealm/ Name: KC_RESTART
Value: eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJlYWNhNjE1Zi1jNDk3LTQzNTQtODBmZi05YmZlMzMxYWZmNzMifQ.eyJjaWQiOiJ6eWN1c29wZW5pZCIsInB0eSI6Im9wZW5pZC1jb25uZWN0IiwicnVyaSI6Imh0dHBzOi8vemF1dGguenljdXMuY29tL2xvZ2luL29hdXRoMi9jb2RlL3p5Y3Vzb3BlbmlkIiwiYWN0IjoiQVVUSEVOVElDQVRFIiwibm90ZXMiOnsic2NvcGUiOiJvcGVuaWQgZW1haWwiLCJpc3MiOiJodHRwczovL3phdXRoLWFkbWluLnp5Y3VzLmNvbS9hdXRoL3JlYWxtcy9aeWN1c1JlYWxtIiwicmVzcG9uc2VfdHlwZSI6ImNvZGUiLCJyZWRpcmVjdF91cmkiOiJodHRwczovL3phdXRoLnp5Y3VzLmNvbS9sb2dpbi9vYXV0aDIvY29kZS96eWN1c29wZW5pZCIsInN0YXRlIjoia0VDTTJOWmtCeUc2Qm1yZ2Z6cDhDRG9HdWZhZFV6RnhDeWdncmlScjA2ND0iLCJrY19pZHBfaGludCI6InBoYXJtYSJ9fQ.FDrZX-PebuYMgIE3JI14TcUPe99uNZTtpxiFpN40sck
.zycus.com/ Name: rxVisitor
Value: 1702680774085CQ8ATTFORLUQ16VCFKIJRIKCT2BVB4MO
.zycus.com/ Name: isDelegatedSSO
Value: true
.zycus.com/ Name: BRIDGE_URL
Value: https%3A%2F%2Fzauth.zycus.com
.zycus.com/ Name: ZAUTH_REDIRECT_URL
Value: https%3A%2F%2Fpharma.zycus.com%2Fhome%2F%2F
.zycus.com/ Name: logoutURL
Value: https%3A%2F%2Fzauth.zycus.com%2Fsession%2Flogout
.zycus.com/ Name: dtCookie
Value: v_4_srv_1_sn_DB637F3ED898972ED4DD0706531B0B4C_perc_100000_ol_0_mul_1_app-3A84cadf32af08c79d_1_app-3Ae03aff2debe058b5_1
zauth.zycus.com/ Name: JSESSIONID
Value: 7A981175D5D4735C218353A7364FD68F
zauth-admin.zycus.com/ Name: SERVERID
Value: kc01
.zycus.com/ Name: dtLatC
Value: 445
.zycus.com/ Name: rxvt
Value: 1702682577816|1702680774086
.zycus.com/ Name: dtPC
Value: 1$480776825_857h-vEPNRFDFDMKCICFQGILRAKSRGAKUUPTUM-0e0
.zycus.com/ Name: dtSa
Value: false%7C_load_%7C2%7C_onload_%7C-%7C1702680777817%7C480776825_857%7Chttps%3A%2F%2Fzauth-admin.zycus.com%2Fauth%2Frealms%2FZycusRealm%2Fbroker%2Fpharma%2Flogin%3Fsession_5Fcode%3D7AJtjip61hIC5nA3eFUla8xOd-BBZM6-CF_5F6wulva8A%26client_5Fid%3Dzycusopenid%26tab_5Fid%3DrSwx8iNH7ZI%7C%7C%7C%7C
login.microsoftonline.com/ Name: x-ms-gateway-slice
Value: estsfd
login.microsoftonline.com/ Name: stsservicecookie
Value: estsfd
.login.microsoftonline.com/ Name: AADSSO
Value: NA|NoExtension
login.microsoftonline.com/ Name: SSOCOOKIEPULLED
Value: 1
login.microsoftonline.com/ Name: buid
Value: 0.AUUAnFrG65bZI0mNstndJfY3cKXg2eyCxK5CiEEn6cCFDc9FAAA.AQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-g-qmRqRJ7q7FasvGsvocaINOnaQi8kihdiOwKkBx7gQxYYpfWn_R0P8BTan81cOR03tnoe1f6Fm_pNb3oFPPw4SJCh7sVrfN-lM5x7us5c4gAA
.login.microsoftonline.com/ Name: esctx
Value: PAQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-f-8J7aPfhi1qyqfr8hpwLjvcaoOKfYMWvx5cicx0H1mSncjS4rnKulafVvpTZPNbMr_pgKnVNWHHQEWVju2kquw_CTU5N23A8EbjObxtSPuMATJ9Uu3a6VWEhT2Rru1hce0eD5EGcCpCOch4mBdxjYFroTOEQZppHyX2D82wBF4gAA
.login.microsoftonline.com/ Name: esctx-fJXoEF3vD4
Value: AQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-i4T5qmr_HNqKWKKeYq9ovwZQ46DQaEKNXyntXCrKxhV749kxRDyyxppPvU8eSF6kgXUT7EGyigFu006RnIBESjBNuOY0w7Iru32U24VCrFR7eqW26xAWMNDnh-ThFKNYRH-oykomfltujScUY5JhViAA
login.microsoftonline.com/ Name: fpc
Value: AnzwZAALISRHmpx_1eKty2cvUntJAQAAAMrPDt0OAAAA
.login.microsoftonline.com/ Name: brcap
Value: 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msauth.net
autologon.microsoftazuread-sso.com
login.live.com
login.microsoftonline.com
pharma.zycus.com
zauth-admin.zycus.com
zauth.zycus.com
autologon.microsoftazuread-sso.com
20.190.160.20
2603:1026:3000:150::6
2620:1ec:46::45
88.221.124.60
0136683fd04de3ac5065f7b7bb11eaf801bfbc5d797822569bd20a77042bab66
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
0825175291be11f7689e8718295e422bb6fa4f8fefccc5610292b720c701ac4e
0a40b3b2ff66e275054bcb357b43c2fa33c6874dfc251536ffc9b73aba441bb4
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
19edd2b018063320559188548b225aa63914bbc90fb756bc26872db1669e89f0
1d5b7c64458f4af91dcfee0354be47adde1f739b5aded03a7ab6068a1bb6ca97
1f681cb208a78d629bddd0fbd8066d816b03e16646e4dde3c781de483fcbf455
28b0dbfa548f9460793e1d83749737f92aa9e8d15a9841ae6918dcb0cd7a1180
2a79182e427bcf3c22329fc97f4442994239dd807da62a4e289972eed00823aa
39bcd8d413593b6a7e0173ad3fb3975b8b2ef886fcaaac437b9a46be7dd6409c
3cfb28778895d6adca324710b2000c6e15ef5a7b88d461f39b29ff6fb877b778
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3fd4de4b26a7acec23971755c0e54a144f523b8322c669293fced93b587de41f
57a77ff6e2d3b869872b4cd15e8ba011ab3efb3c32ffad0ecba38db3a7da2721
5e47dd51ca94efccd58f4a7dc95a51744493292586fbe031e78f72508f0f4f89
62c7b35c728130c5a262f659268709c22995a19e96b39d66dd1a41489d1eb4f3
6b17cbd6739d1b81431fbc1696dfdf0ab1e9c4c03d22dc7791f1cba4d23e51ec
72c7b6a4d8807c034ececea57e5c0f2e4604b65c3db95d788d5432425eae17ec
7e77fcc753baca61311f1708f06c79d8af592f5a2e3c80dc014e36c292c1e954
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d
9e04105126a978ff6730e57e821326c4241a51ce46e19c59487d5162640013cc
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13
bae41ff593e0cfd5d25ce72edf6731524c8eb91c21e4757ce725e01dafceddb5
d3d488b75ee902649cd6fa61f05b6b882e0270f8b07e09bd48c72b6910b79643
da3aa4c3ab7973dba455d709dad6f0cd73729afc99d049ef9fbb930fa0c907e7
dab1756fb8613d286350012931b035694c6dac966c75abb0f8312c399b20353a
db5ec73da0be374da71fdab799b0c923290ce940f0ed884e466a7a9697b178b7
e01f3a2003d9bbd0f6cf1b4d917693eedbf0e7c06fc11d402b27e96e34921cb0
fc5452d1ab8ed5f72e44043cd02b351c6855046ae2558e015f0dede9e8011d78