urlscan.io logo urlscan.io
SecurityTrails logo

login.microsoftonline.com Open in urlscan Pro
20.190.159.70  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://vpn2.riterug.com/
Effective URL: https://login.microsoftonline.com/d2e1b8d7-d20f-4e89-a5b8-1cda45bca7a0/saml2?SAMLRequest=fZLNTsMwEIRfJfI9ie22JLHSoEKFqMRPRSsOXNDGW...
Submission: On February 10 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 8 domains to perform 33 HTTP transactions. The main IP is 20.190.159.70, located in Dublin, Ireland and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.microsoftonline.com. The Cisco Umbrella rank of the primary domain is 20.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on December 1st 2022. Valid for: a year.
This is the only time login.microsoftonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 14 204.148.166.54 701 (UUNET)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 20.190.159.70 8075 (MICROSOFT...)
14 2620:1ec:4f:1... 8075 (MICROSOFT...)
1 40.126.31.70 8075 (MICROSOFT...)
1 2603:1026:300... 8075 (MICROSOFT...)
2 51.105.71.137 ()
33 8
14    204.148.166.54 (Independence, United States)

ASN701 (UUNET, US)
PTR: RITE-RUG-CO-.customer.alter.net
vpn2.riterug.com
2    2a00:1450:400d:80d::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:400d:808::2003 (Ireland)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    20.190.159.70 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com
14    2620:1ec:4f:1::44 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aadcdn.msauth.net
1    40.126.31.70 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.live.com
1    2603:1026:3000:148::c (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
autologon.microsoftazuread-sso.com
2    51.105.71.137 (None, )

ASN- ()
browser.events.data.microsoft.com
Apex Domain
Subdomains		 Transfer
14 msauth.net
aadcdn.msauth.net — Cisco Umbrella Rank: 1139
296 KB
14 riterug.com
vpn2.riterug.com
392 KB
3 microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 20
108 KB
2 microsoft.com
browser.events.data.microsoft.com
1 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 32
2 KB
1 microsoftazuread-sso.com
autologon.microsoftazuread-sso.com — Cisco Umbrella Rank: 1501
1 KB
1 live.com
login.live.com — Cisco Umbrella Rank: 92
1 gstatic.com
fonts.gstatic.com
14 KB
33 8
Domain Requested by
14 aadcdn.msauth.net login.microsoftonline.com
aadcdn.msauth.net
14 vpn2.riterug.com 5 redirects vpn2.riterug.com
3 login.microsoftonline.com login.microsoftonline.com
aadcdn.msauth.net
2 browser.events.data.microsoft.com aadcdn.msauth.net
2 fonts.googleapis.com vpn2.riterug.com
1 autologon.microsoftazuread-sso.com
1 login.live.com login.microsoftonline.com
1 fonts.gstatic.com fonts.googleapis.com
33 8

This site contains links to these domains. Also see Links.

Domain
www.microsoft.com
privacy.microsoft.com
Subject Issuer Validity Valid
vpn2.riterug.com
R3		 2022-12-30 -
2023-03-30		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh
stamp2.login.microsoftonline.com
DigiCert SHA2 Secure Server CA		 2022-12-01 -
2023-12-01		 a year crt.sh
aadcdn.msauth.net
DigiCert SHA2 Secure Server CA		 2023-01-27 -
2024-01-27		 a year crt.sh
login.live.com
DigiCert SHA2 Secure Server CA		 2022-12-30 -
2023-12-30		 a year crt.sh
autologon.microsoftazuread-sso.com
DigiCert SHA2 Secure Server CA		 2023-01-02 -
2024-01-02		 a year crt.sh
*.events.data.microsoft.com
Microsoft Azure TLS Issuing CA 06		 2022-12-07 -
2023-12-02		 a year crt.sh

This page contains 1 frames:

Primary Page: https://login.microsoftonline.com/d2e1b8d7-d20f-4e89-a5b8-1cda45bca7a0/saml2?SAMLRequest=fZLNTsMwEIRfJfI9ie22JLHSoEKFqMRPRSsOXNDGWRdLiV1sp8DbkwYqcaHX0ezMfNKWl59dGx3QeW3NnLCEksuqXPThzTzhe48%2BRIPB%2BDnpnREWvPbCQIdeBCk2i%2Fs7wRMq9s4GK21LfszCQ9eevwDv0YWhk0TPp%2FJBJ9FqOSevBRQyU2qW8yZTFCazLMsBCwaDxlTNaT2lqC4mBQwH3ve4Mj6ACUMG5ZOY8pjRLeNikguWJRfF9IVEy4FFGwhj1VsIey%2FStLU7bZJOS2e9VcGaVhtMpO3ShiOr8yaLG05VPMW8iGFW5zGTDUxntYQMaHrk5CRa%2F%2BJfadNosztPXv%2BYvLjdbtfx%2BnGzJVV5DBIjiatO2w57wxOnA7p%2BN04q07%2B28mGIXi3XttXyK7qxroPwfzNL2KjoJlajVfTG71FqpbEh0aJt7ce1Qwg4J8H1SNKqTP%2B%2BQfUN&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=l5ChSvfTAGewMmjniKC1EHEVvcqx92qMzAwtZBg6ES0IyvTrM%2F%2FcDf9dj5Twpp2SZP2gqI4F%2FRqwc09FbT5t0ufrLd52vDGXZnn0KTACep%2BgunDOS%2FmL9gyYrwCcPjMflajpE2Ga6I9mZy3RTn8uikv2lsIFLL0fEE%2FraitLK5bQDoAoxvMfFA1d4E61wPVhjG49bhu5SIDGLp6%2FVGuKXy6%2FOE0dERs4a9HLBvn7ci3qo6bb7dthvG4edxPAjQmCsvgrRQqyTckq2I7HkI6OB82fHLJSb59LtUgetCEG7vKgPXjnyF81oR48IWz8RQVtW5iUp4Soj4YxXffuqCNYkw%3D%3D&sso_reload=true
Frame ID: 9FEAC5F757313717599D1710BCF0236C
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bei Ihrem Konto anmelden

Page URL History Show full URLs

  1. https://vpn2.riterug.com/ HTTP 302
    https://vpn2.riterug.com/workplace/access/home HTTP 302
    https://vpn2.riterug.com/__extraweb__EPCmicrointerrogatorpage?success=%2F__extraweb__EPCmicrointerrog... Page URL
  2. https://vpn2.riterug.com/__extraweb__EPCmicrointerrogatordata?success=%2Fworkplace%2Faccess%2Fhome&al... HTTP 302
    https://vpn2.riterug.com/workplace/access/home HTTP 302
    https://vpn2.riterug.com/__extraweb__authen?id=vDaqDsSj5RI%3D&alias=workplace&resource=%2Fworkplace%2... HTTP 302
    https://login.microsoftonline.com/d2e1b8d7-d20f-4e89-a5b8-1cda45bca7a0/saml2?SAMLRequest=fZLNTsMwEIRfJfI9ie22J... Page URL
  3. https://login.microsoftonline.com/d2e1b8d7-d20f-4e89-a5b8-1cda45bca7a0/saml2?SAMLRequest=fZLNTsMwEIRfJfI9ie22J... Page URL

Page Statistics

33
Requests

100 %
HTTPS

50 %
IPv6

8
Domains

8
Subdomains

8
IPs

3
Countries

810 kB
Transfer

1584 kB
Size

18
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://vpn2.riterug.com/ HTTP 302
    https://vpn2.riterug.com/workplace/access/home HTTP 302
    https://vpn2.riterug.com/__extraweb__EPCmicrointerrogatorpage?success=%2F__extraweb__EPCmicrointerrogatordata%3Fsuccess%3D%252Fworkplace%252Faccess%252Fhome%26alias%3Dworkplace&alias=workplace Page URL
  2. https://vpn2.riterug.com/__extraweb__EPCmicrointerrogatordata?success=%2Fworkplace%2Faccess%2Fhome&alias=workplace HTTP 302
    https://vpn2.riterug.com/workplace/access/home HTTP 302
    https://vpn2.riterug.com/__extraweb__authen?id=vDaqDsSj5RI%3D&alias=workplace&resource=%2Fworkplace%2Faccess%2Fhome&realm=144 HTTP 302
    https://login.microsoftonline.com/d2e1b8d7-d20f-4e89-a5b8-1cda45bca7a0/saml2?SAMLRequest=fZLNTsMwEIRfJfI9ie22JLHSoEKFqMRPRSsOXNDGWRdLiV1sp8DbkwYqcaHX0ezMfNKWl59dGx3QeW3NnLCEksuqXPThzTzhe48%2BRIPB%2BDnpnREWvPbCQIdeBCk2i%2Fs7wRMq9s4GK21LfszCQ9eevwDv0YWhk0TPp%2FJBJ9FqOSevBRQyU2qW8yZTFCazLMsBCwaDxlTNaT2lqC4mBQwH3ve4Mj6ACUMG5ZOY8pjRLeNikguWJRfF9IVEy4FFGwhj1VsIey%2FStLU7bZJOS2e9VcGaVhtMpO3ShiOr8yaLG05VPMW8iGFW5zGTDUxntYQMaHrk5CRa%2F%2BJfadNosztPXv%2BYvLjdbtfx%2BnGzJVV5DBIjiatO2w57wxOnA7p%2BN04q07%2B28mGIXi3XttXyK7qxroPwfzNL2KjoJlajVfTG71FqpbEh0aJt7ce1Qwg4J8H1SNKqTP%2B%2BQfUN&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=l5ChSvfTAGewMmjniKC1EHEVvcqx92qMzAwtZBg6ES0IyvTrM%2F%2FcDf9dj5Twpp2SZP2gqI4F%2FRqwc09FbT5t0ufrLd52vDGXZnn0KTACep%2BgunDOS%2FmL9gyYrwCcPjMflajpE2Ga6I9mZy3RTn8uikv2lsIFLL0fEE%2FraitLK5bQDoAoxvMfFA1d4E61wPVhjG49bhu5SIDGLp6%2FVGuKXy6%2FOE0dERs4a9HLBvn7ci3qo6bb7dthvG4edxPAjQmCsvgrRQqyTckq2I7HkI6OB82fHLJSb59LtUgetCEG7vKgPXjnyF81oR48IWz8RQVtW5iUp4Soj4YxXffuqCNYkw%3D%3D Page URL
  3. https://login.microsoftonline.com/d2e1b8d7-d20f-4e89-a5b8-1cda45bca7a0/saml2?SAMLRequest=fZLNTsMwEIRfJfI9ie22JLHSoEKFqMRPRSsOXNDGWRdLiV1sp8DbkwYqcaHX0ezMfNKWl59dGx3QeW3NnLCEksuqXPThzTzhe48%2BRIPB%2BDnpnREWvPbCQIdeBCk2i%2Fs7wRMq9s4GK21LfszCQ9eevwDv0YWhk0TPp%2FJBJ9FqOSevBRQyU2qW8yZTFCazLMsBCwaDxlTNaT2lqC4mBQwH3ve4Mj6ACUMG5ZOY8pjRLeNikguWJRfF9IVEy4FFGwhj1VsIey%2FStLU7bZJOS2e9VcGaVhtMpO3ShiOr8yaLG05VPMW8iGFW5zGTDUxntYQMaHrk5CRa%2F%2BJfadNosztPXv%2BYvLjdbtfx%2BnGzJVV5DBIjiatO2w57wxOnA7p%2BN04q07%2B28mGIXi3XttXyK7qxroPwfzNL2KjoJlajVfTG71FqpbEh0aJt7ce1Qwg4J8H1SNKqTP%2B%2BQfUN&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=l5ChSvfTAGewMmjniKC1EHEVvcqx92qMzAwtZBg6ES0IyvTrM%2F%2FcDf9dj5Twpp2SZP2gqI4F%2FRqwc09FbT5t0ufrLd52vDGXZnn0KTACep%2BgunDOS%2FmL9gyYrwCcPjMflajpE2Ga6I9mZy3RTn8uikv2lsIFLL0fEE%2FraitLK5bQDoAoxvMfFA1d4E61wPVhjG49bhu5SIDGLp6%2FVGuKXy6%2FOE0dERs4a9HLBvn7ci3qo6bb7dthvG4edxPAjQmCsvgrRQqyTckq2I7HkI6OB82fHLJSb59LtUgetCEG7vKgPXjnyF81oR48IWz8RQVtW5iUp4Soj4YxXffuqCNYkw%3D%3D&sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://vpn2.riterug.com/ HTTP 302
  • https://vpn2.riterug.com/workplace/access/home HTTP 302
  • https://vpn2.riterug.com/__extraweb__EPCmicrointerrogatorpage?success=%2F__extraweb__EPCmicrointerrogatordata%3Fsuccess%3D%252Fworkplace%252Faccess%252Fhome%26alias%3Dworkplace&alias=workplace
Request Chain 12
  • https://vpn2.riterug.com/__extraweb__EPCmicrointerrogatordata?success=%2Fworkplace%2Faccess%2Fhome&alias=workplace HTTP 302
  • https://vpn2.riterug.com/workplace/access/home HTTP 302
  • https://vpn2.riterug.com/__extraweb__authen?id=vDaqDsSj5RI%3D&alias=workplace&resource=%2Fworkplace%2Faccess%2Fhome&realm=144 HTTP 302
  • https://login.microsoftonline.com/d2e1b8d7-d20f-4e89-a5b8-1cda45bca7a0/saml2?SAMLRequest=fZLNTsMwEIRfJfI9ie22JLHSoEKFqMRPRSsOXNDGWRdLiV1sp8DbkwYqcaHX0ezMfNKWl59dGx3QeW3NnLCEksuqXPThzTzhe48%2BRIPB%2BDnpnREWvPbCQIdeBCk2i%2Fs7wRMq9s4GK21LfszCQ9eevwDv0YWhk0TPp%2FJBJ9FqOSevBRQyU2qW8yZTFCazLMsBCwaDxlTNaT2lqC4mBQwH3ve4Mj6ACUMG5ZOY8pjRLeNikguWJRfF9IVEy4FFGwhj1VsIey%2FStLU7bZJOS2e9VcGaVhtMpO3ShiOr8yaLG05VPMW8iGFW5zGTDUxntYQMaHrk5CRa%2F%2BJfadNosztPXv%2BYvLjdbtfx%2BnGzJVV5DBIjiatO2w57wxOnA7p%2BN04q07%2B28mGIXi3XttXyK7qxroPwfzNL2KjoJlajVfTG71FqpbEh0aJt7ce1Qwg4J8H1SNKqTP%2B%2BQfUN&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=l5ChSvfTAGewMmjniKC1EHEVvcqx92qMzAwtZBg6ES0IyvTrM%2F%2FcDf9dj5Twpp2SZP2gqI4F%2FRqwc09FbT5t0ufrLd52vDGXZnn0KTACep%2BgunDOS%2FmL9gyYrwCcPjMflajpE2Ga6I9mZy3RTn8uikv2lsIFLL0fEE%2FraitLK5bQDoAoxvMfFA1d4E61wPVhjG49bhu5SIDGLp6%2FVGuKXy6%2FOE0dERs4a9HLBvn7ci3qo6bb7dthvG4edxPAjQmCsvgrRQqyTckq2I7HkI6OB82fHLJSb59LtUgetCEG7vKgPXjnyF81oR48IWz8RQVtW5iUp4Soj4YxXffuqCNYkw%3D%3D

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
__extraweb__EPCmicrointerrogatorpage
vpn2.riterug.com/
Redirect Chain
  • https://vpn2.riterug.com/
  • https://vpn2.riterug.com/workplace/access/home
  • https://vpn2.riterug.com/__extraweb__EPCmicrointerrogatorpage?success=%2F__extraweb__EPCmicrointerrogatordata%3Fsuccess%3D%252Fworkplace%252Faccess%252Fhome%26alias%3Dworkplace&alias=workplace
4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vpn2.riterug.com/__extraweb__EPCmicrointerrogatorpage?success=%2F__extraweb__EPCmicrointerrogatordata%3Fsuccess%3D%252Fworkplace%252Faccess%252Fhome%26alias%3Dworkplace&alias=workplace
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
204.148.166.54 Independence, United States, ASN701 (UUNET, US),
Reverse DNS
RITE-RUG-CO-.customer.alter.net
Software
SMA/12.4 /
Resource Hash
e74c9fa250e78a29be1d98c38343bf215bd4ea33ad21bd076c89524faee37086

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Type
text/html; charset=utf-8
Date
Fri, 10 Feb 2023 12:38:16 GMT
Keep-Alive
timeout=10, max=100
Pragma
no-cache
Server
SMA/12.4
Transfer-Encoding
chunked

Redirect headers

Connection
close
Content-Length
495
Content-Type
text/html; charset=iso-8859-1
Date
Fri, 10 Feb 2023 12:38:16 GMT
Location
https://vpn2.riterug.com/__extraweb__EPCmicrointerrogatorpage?success=%2F__extraweb__EPCmicrointerrogatordata%3Fsuccess%3D%252Fworkplace%252Faccess%252Fhome%26alias%3Dworkplace&alias=workplace
Server
SMA/12.4
default.css
vpn2.riterug.com/__extraweb__/assets/themes/DefaultWorkplaceTheme// 		34 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vpn2.riterug.com/__extraweb__/assets/themes/DefaultWorkplaceTheme//default.css?v=124b33ffaaa81935
Requested by
Host: vpn2.riterug.com
URL: https://vpn2.riterug.com/__extraweb__EPCmicrointerrogatorpage?success=%2F__extraweb__EPCmicrointerrogatordata%3Fsuccess%3D%252Fworkplace%252Faccess%252Fhome%26alias%3Dworkplace&alias=workplace
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
204.148.166.54 Independence, United States, ASN701 (UUNET, US),
Reverse DNS
RITE-RUG-CO-.customer.alter.net
Software
SMA/12.4 /
Resource Hash
31ea2e887b590c396a150d4e5984d8882184d7ace61d8eaea3d3abafc1c4ac64

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vpn2.riterug.com/__extraweb__EPCmicrointerrogatorpage?success=%2F__extraweb__EPCmicrointerrogatordata%3Fsuccess%3D%252Fworkplace%252Faccess%252Fhome%26alias%3Dworkplace&alias=workplace
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Fri, 10 Feb 2023 12:38:16 GMT
Last-Modified
Tue, 07 Feb 2023 18:41:58 GMT
Server
SMA/12.4
ETag
"8611-5f42080a74bd7"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=99
Content-Length
34321
style.css
vpn2.riterug.com/__extraweb__/assets/themes/DefaultWorkplaceTheme// 		131 KB
131 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vpn2.riterug.com/__extraweb__/assets/themes/DefaultWorkplaceTheme//style.css?v=124b33ffaaa81935
Requested by
Host: vpn2.riterug.com
URL: https://vpn2.riterug.com/__extraweb__EPCmicrointerrogatorpage?success=%2F__extraweb__EPCmicrointerrogatordata%3Fsuccess%3D%252Fworkplace%252Faccess%252Fhome%26alias%3Dworkplace&alias=workplace
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
204.148.166.54 Independence, United States, ASN701 (UUNET, US),
Reverse DNS
RITE-RUG-CO-.customer.alter.net
Software
SMA/12.4 /
Resource Hash
330c90249e7b12d89d35a3e324dba128f40898fd059377993aecdcf7db6a9686

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vpn2.riterug.com/__extraweb__EPCmicrointerrogatorpage?success=%2F__extraweb__EPCmicrointerrogatordata%3Fsuccess%3D%252Fworkplace%252Faccess%252Fhome%26alias%3Dworkplace&alias=workplace
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Fri, 10 Feb 2023 12:38:17 GMT
Last-Modified
Wed, 26 May 2021 11:18:23 GMT
Server
SMA/12.4
ETag
"20bf2-5c339cd007702"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=98
Content-Length
134130
css
fonts.googleapis.com/ 		2 KB
928 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Nunito
Requested by
Host: vpn2.riterug.com
URL: https://vpn2.riterug.com/__extraweb__EPCmicrointerrogatorpage?success=%2F__extraweb__EPCmicrointerrogatordata%3Fsuccess%3D%252Fworkplace%252Faccess%252Fhome%26alias%3Dworkplace&alias=workplace
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
003ab203aa11cb3ff3da2225f34413d8b77842d2b4597f4b9349d67dab7a0a0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vpn2.riterug.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 10 Feb 2023 12:38:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 10 Feb 2023 12:15:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 10 Feb 2023 12:38:16 GMT
css
fonts.googleapis.com/ 		2 KB
612 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto
Requested by
Host: vpn2.riterug.com
URL: https://vpn2.riterug.com/__extraweb__EPCmicrointerrogatorpage?success=%2F__extraweb__EPCmicrointerrogatordata%3Fsuccess%3D%252Fworkplace%252Faccess%252Fhome%26alias%3Dworkplace&alias=workplace
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
234b9bab83aa0c52e9e5192995427a2bc44876cf1a11545ed631f369b8dc6534
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vpn2.riterug.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 10 Feb 2023 12:38:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 10 Feb 2023 10:51:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 10 Feb 2023 12:38:16 GMT
template.js
vpn2.riterug.com/__extraweb__/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpn2.riterug.com/__extraweb__/template.js?v=124b33ffaaa81935
Requested by
Host: vpn2.riterug.com
URL: https://vpn2.riterug.com/__extraweb__EPCmicrointerrogatorpage?success=%2F__extraweb__EPCmicrointerrogatordata%3Fsuccess%3D%252Fworkplace%252Faccess%252Fhome%26alias%3Dworkplace&alias=workplace
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
204.148.166.54 Independence, United States, ASN701 (UUNET, US),
Reverse DNS
RITE-RUG-CO-.customer.alter.net
Software
SMA/12.4 /
Resource Hash
46b33b53d4f6cbbb6da26d936bd553d4fd7b7403b87783ac4508409bd1a0640e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vpn2.riterug.com/__extraweb__EPCmicrointerrogatorpage?success=%2F__extraweb__EPCmicrointerrogatordata%3Fsuccess%3D%252Fworkplace%252Faccess%252Fhome%26alias%3Dworkplace&alias=workplace
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Fri, 10 Feb 2023 12:38:17 GMT
Last-Modified
Wed, 26 May 2021 11:18:23 GMT
Server
SMA/12.4
ETag
"24ae-5c339ccfcd6e2"
Content-Type
application/x-javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=100
Content-Length
9390
sniffer.js
vpn2.riterug.com/preauthMI/ 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpn2.riterug.com/preauthMI/sniffer.js?v=124b33ffaaa81935
Requested by
Host: vpn2.riterug.com
URL: https://vpn2.riterug.com/__extraweb__EPCmicrointerrogatorpage?success=%2F__extraweb__EPCmicrointerrogatordata%3Fsuccess%3D%252Fworkplace%252Faccess%252Fhome%26alias%3Dworkplace&alias=workplace
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
204.148.166.54 Independence, United States, ASN701 (UUNET, US),
Reverse DNS
RITE-RUG-CO-.customer.alter.net
Software
SMA/12.4 /
Resource Hash
4c7a399887eefe2496902bd0a98c1fdce75f12d2337469c42f189d2fe9161589

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vpn2.riterug.com/__extraweb__EPCmicrointerrogatorpage?success=%2F__extraweb__EPCmicrointerrogatordata%3Fsuccess%3D%252Fworkplace%252Faccess%252Fhome%26alias%3Dworkplace&alias=workplace
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Fri, 10 Feb 2023 12:38:17 GMT
Last-Modified
Thu, 11 Aug 2022 15:06:20 GMT
Server
SMA/12.4
ETag
"258c-5e5f8820b9300-gzip"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=100
microinterrogator.js
vpn2.riterug.com/preauthMI/ 		759 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpn2.riterug.com/preauthMI/microinterrogator.js?v=124b33ffaaa81935
Requested by
Host: vpn2.riterug.com
URL: https://vpn2.riterug.com/__extraweb__EPCmicrointerrogatorpage?success=%2F__extraweb__EPCmicrointerrogatordata%3Fsuccess%3D%252Fworkplace%252Faccess%252Fhome%26alias%3Dworkplace&alias=workplace
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
204.148.166.54 Independence, United States, ASN701 (UUNET, US),
Reverse DNS
RITE-RUG-CO-.customer.alter.net
Software
SMA/12.4 /
Resource Hash
34296d6e4e32421d904c0910b9f06d7b3a86016035e3205efa48dea37763d62d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vpn2.riterug.com/__extraweb__EPCmicrointerrogatorpage?success=%2F__extraweb__EPCmicrointerrogatordata%3Fsuccess%3D%252Fworkplace%252Faccess%252Fhome%26alias%3Dworkplace&alias=workplace
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Fri, 10 Feb 2023 12:38:17 GMT
Last-Modified
Thu, 11 Aug 2022 15:06:20 GMT
Server
SMA/12.4
ETag
"2f7-5e5f8820b9300-gzip"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=100
background_sky.png
vpn2.riterug.com/__extraweb__/assets/themes/DefaultWorkplaceTheme// 		167 KB
168 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vpn2.riterug.com/__extraweb__/assets/themes/DefaultWorkplaceTheme//background_sky.png
Requested by
Host: vpn2.riterug.com
URL: https://vpn2.riterug.com/__extraweb__/assets/themes/DefaultWorkplaceTheme//default.css?v=124b33ffaaa81935
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
204.148.166.54 Independence, United States, ASN701 (UUNET, US),
Reverse DNS
RITE-RUG-CO-.customer.alter.net
Software
SMA/12.4 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vpn2.riterug.com/__extraweb__/assets/themes/DefaultWorkplaceTheme//default.css?v=124b33ffaaa81935
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Fri, 10 Feb 2023 12:38:17 GMT
Last-Modified
Wed, 26 May 2021 11:18:23 GMT
Server
SMA/12.4
ETag
"29d09-5c339cd0068f2"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=97
Content-Length
171273
login_leftpanel.svg
vpn2.riterug.com/__extraweb__/assets/themes/DefaultWorkplaceTheme// 		718 B
993 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vpn2.riterug.com/__extraweb__/assets/themes/DefaultWorkplaceTheme//login_leftpanel.svg
Requested by
Host: vpn2.riterug.com
URL: https://vpn2.riterug.com/__extraweb__/assets/themes/DefaultWorkplaceTheme//default.css?v=124b33ffaaa81935
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
204.148.166.54 Independence, United States, ASN701 (UUNET, US),
Reverse DNS
RITE-RUG-CO-.customer.alter.net
Software
SMA/12.4 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vpn2.riterug.com/__extraweb__/assets/themes/DefaultWorkplaceTheme//default.css?v=124b33ffaaa81935
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Fri, 10 Feb 2023 12:38:17 GMT
Last-Modified
Wed, 26 May 2021 11:18:23 GMT
Server
SMA/12.4
ETag
"2ce-5c339cd0068f2"
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=99
Content-Length
718
av-default-logo.png
vpn2.riterug.com/__extraweb__/assets/themes/DefaultWorkplaceTheme// 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vpn2.riterug.com/__extraweb__/assets/themes/DefaultWorkplaceTheme//av-default-logo.png
Requested by
Host: vpn2.riterug.com
URL: https://vpn2.riterug.com/__extraweb__/assets/themes/DefaultWorkplaceTheme//default.css?v=124b33ffaaa81935
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
204.148.166.54 Independence, United States, ASN701 (UUNET, US),
Reverse DNS
RITE-RUG-CO-.customer.alter.net
Software
SMA/12.4 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vpn2.riterug.com/__extraweb__/assets/themes/DefaultWorkplaceTheme//default.css?v=124b33ffaaa81935
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Fri, 10 Feb 2023 12:38:17 GMT
Last-Modified
Wed, 26 May 2021 11:18:23 GMT
Server
SMA/12.4
ETag
"72a8-5c339cd0068f2"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=99
Content-Length
29352
XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2
fonts.gstatic.com/s/nunito/v25/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunito/v25/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://vpn2.riterug.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 02:31:03 GMT
x-content-type-options
nosniff
age
554834
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14060
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:44:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 04 Feb 2024 02:31:03 GMT
saml2
login.microsoftonline.com/d2e1b8d7-d20f-4e89-a5b8-1cda45bca7a0/
Redirect Chain
  • https://vpn2.riterug.com/__extraweb__EPCmicrointerrogatordata?success=%2Fworkplace%2Faccess%2Fhome&alias=workplace
  • https://vpn2.riterug.com/workplace/access/home
  • https://vpn2.riterug.com/__extraweb__authen?id=vDaqDsSj5RI%3D&alias=workplace&resource=%2Fworkplace%2Faccess%2Fhome&realm=144
  • https://login.microsoftonline.com/d2e1b8d7-d20f-4e89-a5b8-1cda45bca7a0/saml2?SAMLRequest=fZLNTsMwEIRfJfI9ie22JLHSoEKFqMRPRSsOXNDGWRdLiV1sp8DbkwYqcaHX0ezMfNKWl59dGx3QeW3NnLCEksuqXPThzTzhe48%2BRIPB%2...
152 KB
55 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/d2e1b8d7-d20f-4e89-a5b8-1cda45bca7a0/saml2?SAMLRequest=fZLNTsMwEIRfJfI9ie22JLHSoEKFqMRPRSsOXNDGWRdLiV1sp8DbkwYqcaHX0ezMfNKWl59dGx3QeW3NnLCEksuqXPThzTzhe48%2BRIPB%2BDnpnREWvPbCQIdeBCk2i%2Fs7wRMq9s4GK21LfszCQ9eevwDv0YWhk0TPp%2FJBJ9FqOSevBRQyU2qW8yZTFCazLMsBCwaDxlTNaT2lqC4mBQwH3ve4Mj6ACUMG5ZOY8pjRLeNikguWJRfF9IVEy4FFGwhj1VsIey%2FStLU7bZJOS2e9VcGaVhtMpO3ShiOr8yaLG05VPMW8iGFW5zGTDUxntYQMaHrk5CRa%2F%2BJfadNosztPXv%2BYvLjdbtfx%2BnGzJVV5DBIjiatO2w57wxOnA7p%2BN04q07%2B28mGIXi3XttXyK7qxroPwfzNL2KjoJlajVfTG71FqpbEh0aJt7ce1Qwg4J8H1SNKqTP%2B%2BQfUN&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=l5ChSvfTAGewMmjniKC1EHEVvcqx92qMzAwtZBg6ES0IyvTrM%2F%2FcDf9dj5Twpp2SZP2gqI4F%2FRqwc09FbT5t0ufrLd52vDGXZnn0KTACep%2BgunDOS%2FmL9gyYrwCcPjMflajpE2Ga6I9mZy3RTn8uikv2lsIFLL0fEE%2FraitLK5bQDoAoxvMfFA1d4E61wPVhjG49bhu5SIDGLp6%2FVGuKXy6%2FOE0dERs4a9HLBvn7ci3qo6bb7dthvG4edxPAjQmCsvgrRQqyTckq2I7HkI6OB82fHLJSb59LtUgetCEG7vKgPXjnyF81oR48IWz8RQVtW5iUp4Soj4YxXffuqCNYkw%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.159.70 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
985542ee18f193f619ad086af621079626310abc7f6bf5dd7eef8c6e2abd6096
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://vpn2.riterug.com
Referer
https://vpn2.riterug.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
55627
Content-Type
text/html; charset=utf-8
Date
Fri, 10 Feb 2023 12:38:17 GMT
Expires
-1
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub1"}]}
x-ms-ests-server
2.1.14526.6 - WUS2 ProdSlices
x-ms-request-id
a8ef9d8d-78b1-41c2-88d4-16bf6620c201

Redirect headers

Connection
Keep-Alive
Content-Length
1213
Content-Type
text/html; charset=iso-8859-1
Date
Fri, 10 Feb 2023 12:38:17 GMT
Keep-Alive
timeout=10, max=98
Location
https://login.microsoftonline.com/d2e1b8d7-d20f-4e89-a5b8-1cda45bca7a0/saml2?SAMLRequest=fZLNTsMwEIRfJfI9ie22JLHSoEKFqMRPRSsOXNDGWRdLiV1sp8DbkwYqcaHX0ezMfNKWl59dGx3QeW3NnLCEksuqXPThzTzhe48%2BRIPB%2BDnpnREWvPbCQIdeBCk2i%2Fs7wRMq9s4GK21LfszCQ9eevwDv0YWhk0TPp%2FJBJ9FqOSevBRQyU2qW8yZTFCazLMsBCwaDxlTNaT2lqC4mBQwH3ve4Mj6ACUMG5ZOY8pjRLeNikguWJRfF9IVEy4FFGwhj1VsIey%2FStLU7bZJOS2e9VcGaVhtMpO3ShiOr8yaLG05VPMW8iGFW5zGTDUxntYQMaHrk5CRa%2F%2BJfadNosztPXv%2BYvLjdbtfx%2BnGzJVV5DBIjiatO2w57wxOnA7p%2BN04q07%2B28mGIXi3XttXyK7qxroPwfzNL2KjoJlajVfTG71FqpbEh0aJt7ce1Qwg4J8H1SNKqTP%2B%2BQfUN&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=l5ChSvfTAGewMmjniKC1EHEVvcqx92qMzAwtZBg6ES0IyvTrM%2F%2FcDf9dj5Twpp2SZP2gqI4F%2FRqwc09FbT5t0ufrLd52vDGXZnn0KTACep%2BgunDOS%2FmL9gyYrwCcPjMflajpE2Ga6I9mZy3RTn8uikv2lsIFLL0fEE%2FraitLK5bQDoAoxvMfFA1d4E61wPVhjG49bhu5SIDGLp6%2FVGuKXy6%2FOE0dERs4a9HLBvn7ci3qo6bb7dthvG4edxPAjQmCsvgrRQqyTckq2I7HkI6OB82fHLJSb59LtUgetCEG7vKgPXjnyF81oR48IWz8RQVtW5iUp4Soj4YxXffuqCNYkw%3D%3D
Server
SMA/12.4
Primary Request saml2
login.microsoftonline.com/d2e1b8d7-d20f-4e89-a5b8-1cda45bca7a0/ 		198 KB
52 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/d2e1b8d7-d20f-4e89-a5b8-1cda45bca7a0/saml2?SAMLRequest=fZLNTsMwEIRfJfI9ie22JLHSoEKFqMRPRSsOXNDGWRdLiV1sp8DbkwYqcaHX0ezMfNKWl59dGx3QeW3NnLCEksuqXPThzTzhe48%2BRIPB%2BDnpnREWvPbCQIdeBCk2i%2Fs7wRMq9s4GK21LfszCQ9eevwDv0YWhk0TPp%2FJBJ9FqOSevBRQyU2qW8yZTFCazLMsBCwaDxlTNaT2lqC4mBQwH3ve4Mj6ACUMG5ZOY8pjRLeNikguWJRfF9IVEy4FFGwhj1VsIey%2FStLU7bZJOS2e9VcGaVhtMpO3ShiOr8yaLG05VPMW8iGFW5zGTDUxntYQMaHrk5CRa%2F%2BJfadNosztPXv%2BYvLjdbtfx%2BnGzJVV5DBIjiatO2w57wxOnA7p%2BN04q07%2B28mGIXi3XttXyK7qxroPwfzNL2KjoJlajVfTG71FqpbEh0aJt7ce1Qwg4J8H1SNKqTP%2B%2BQfUN&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=l5ChSvfTAGewMmjniKC1EHEVvcqx92qMzAwtZBg6ES0IyvTrM%2F%2FcDf9dj5Twpp2SZP2gqI4F%2FRqwc09FbT5t0ufrLd52vDGXZnn0KTACep%2BgunDOS%2FmL9gyYrwCcPjMflajpE2Ga6I9mZy3RTn8uikv2lsIFLL0fEE%2FraitLK5bQDoAoxvMfFA1d4E61wPVhjG49bhu5SIDGLp6%2FVGuKXy6%2FOE0dERs4a9HLBvn7ci3qo6bb7dthvG4edxPAjQmCsvgrRQqyTckq2I7HkI6OB82fHLJSb59LtUgetCEG7vKgPXjnyF81oR48IWz8RQVtW5iUp4Soj4YxXffuqCNYkw%3D%3D&sso_reload=true
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/d2e1b8d7-d20f-4e89-a5b8-1cda45bca7a0/saml2?SAMLRequest=fZLNTsMwEIRfJfI9ie22JLHSoEKFqMRPRSsOXNDGWRdLiV1sp8DbkwYqcaHX0ezMfNKWl59dGx3QeW3NnLCEksuqXPThzTzhe48%2BRIPB%2BDnpnREWvPbCQIdeBCk2i%2Fs7wRMq9s4GK21LfszCQ9eevwDv0YWhk0TPp%2FJBJ9FqOSevBRQyU2qW8yZTFCazLMsBCwaDxlTNaT2lqC4mBQwH3ve4Mj6ACUMG5ZOY8pjRLeNikguWJRfF9IVEy4FFGwhj1VsIey%2FStLU7bZJOS2e9VcGaVhtMpO3ShiOr8yaLG05VPMW8iGFW5zGTDUxntYQMaHrk5CRa%2F%2BJfadNosztPXv%2BYvLjdbtfx%2BnGzJVV5DBIjiatO2w57wxOnA7p%2BN04q07%2B28mGIXi3XttXyK7qxroPwfzNL2KjoJlajVfTG71FqpbEh0aJt7ce1Qwg4J8H1SNKqTP%2B%2BQfUN&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=l5ChSvfTAGewMmjniKC1EHEVvcqx92qMzAwtZBg6ES0IyvTrM%2F%2FcDf9dj5Twpp2SZP2gqI4F%2FRqwc09FbT5t0ufrLd52vDGXZnn0KTACep%2BgunDOS%2FmL9gyYrwCcPjMflajpE2Ga6I9mZy3RTn8uikv2lsIFLL0fEE%2FraitLK5bQDoAoxvMfFA1d4E61wPVhjG49bhu5SIDGLp6%2FVGuKXy6%2FOE0dERs4a9HLBvn7ci3qo6bb7dthvG4edxPAjQmCsvgrRQqyTckq2I7HkI6OB82fHLJSb59LtUgetCEG7vKgPXjnyF81oR48IWz8RQVtW5iUp4Soj4YxXffuqCNYkw%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.159.70 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
bb302584429797c9594e86f1a8c4e65d8f13b94570b62e2172016fb0f1e84821
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://login.microsoftonline.com/d2e1b8d7-d20f-4e89-a5b8-1cda45bca7a0/saml2?SAMLRequest=fZLNTsMwEIRfJfI9ie22JLHSoEKFqMRPRSsOXNDGWRdLiV1sp8DbkwYqcaHX0ezMfNKWl59dGx3QeW3NnLCEksuqXPThzTzhe48%2BRIPB%2BDnpnREWvPbCQIdeBCk2i%2Fs7wRMq9s4GK21LfszCQ9eevwDv0YWhk0TPp%2FJBJ9FqOSevBRQyU2qW8yZTFCazLMsBCwaDxlTNaT2lqC4mBQwH3ve4Mj6ACUMG5ZOY8pjRLeNikguWJRfF9IVEy4FFGwhj1VsIey%2FStLU7bZJOS2e9VcGaVhtMpO3ShiOr8yaLG05VPMW8iGFW5zGTDUxntYQMaHrk5CRa%2F%2BJfadNosztPXv%2BYvLjdbtfx%2BnGzJVV5DBIjiatO2w57wxOnA7p%2BN04q07%2B28mGIXi3XttXyK7qxroPwfzNL2KjoJlajVfTG71FqpbEh0aJt7ce1Qwg4J8H1SNKqTP%2B%2BQfUN&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=l5ChSvfTAGewMmjniKC1EHEVvcqx92qMzAwtZBg6ES0IyvTrM%2F%2FcDf9dj5Twpp2SZP2gqI4F%2FRqwc09FbT5t0ufrLd52vDGXZnn0KTACep%2BgunDOS%2FmL9gyYrwCcPjMflajpE2Ga6I9mZy3RTn8uikv2lsIFLL0fEE%2FraitLK5bQDoAoxvMfFA1d4E61wPVhjG49bhu5SIDGLp6%2FVGuKXy6%2FOE0dERs4a9HLBvn7ci3qo6bb7dthvG4edxPAjQmCsvgrRQqyTckq2I7HkI6OB82fHLJSb59LtUgetCEG7vKgPXjnyF81oR48IWz8RQVtW5iUp4Soj4YxXffuqCNYkw%3D%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
50972
Content-Type
text/html; charset=utf-8
Date
Fri, 10 Feb 2023 12:38:17 GMT
Expires
-1
Link
<https://aadcdn.msauth.net>; rel=preconnect; crossorigin <https://aadcdn.msauth.net>; rel=dns-prefetch <https://aadcdn.msftauth.net>; rel=dns-prefetch
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
on
X-Frame-Options
DENY
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub1"}]}
x-ms-ests-server
2.1.14526.6 - WUS2 ProdSlices
x-ms-request-id
a8ef9d8d-78b1-41c2-88d4-16bf6d20c201
ConvergedLogin_PCore_NnFX4S8X6vb-OgGnD82WNA2.js
aadcdn.msauth.net/shared/1.0/content/js/ 		393 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_NnFX4S8X6vb-OgGnD82WNA2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/d2e1b8d7-d20f-4e89-a5b8-1cda45bca7a0/saml2?SAMLRequest=fZLNTsMwEIRfJfI9ie22JLHSoEKFqMRPRSsOXNDGWRdLiV1sp8DbkwYqcaHX0ezMfNKWl59dGx3QeW3NnLCEksuqXPThzTzhe48%2BRIPB%2BDnpnREWvPbCQIdeBCk2i%2Fs7wRMq9s4GK21LfszCQ9eevwDv0YWhk0TPp%2FJBJ9FqOSevBRQyU2qW8yZTFCazLMsBCwaDxlTNaT2lqC4mBQwH3ve4Mj6ACUMG5ZOY8pjRLeNikguWJRfF9IVEy4FFGwhj1VsIey%2FStLU7bZJOS2e9VcGaVhtMpO3ShiOr8yaLG05VPMW8iGFW5zGTDUxntYQMaHrk5CRa%2F%2BJfadNosztPXv%2BYvLjdbtfx%2BnGzJVV5DBIjiatO2w57wxOnA7p%2BN04q07%2B28mGIXi3XttXyK7qxroPwfzNL2KjoJlajVfTG71FqpbEh0aJt7ce1Qwg4J8H1SNKqTP%2B%2BQfUN&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=l5ChSvfTAGewMmjniKC1EHEVvcqx92qMzAwtZBg6ES0IyvTrM%2F%2FcDf9dj5Twpp2SZP2gqI4F%2FRqwc09FbT5t0ufrLd52vDGXZnn0KTACep%2BgunDOS%2FmL9gyYrwCcPjMflajpE2Ga6I9mZy3RTn8uikv2lsIFLL0fEE%2FraitLK5bQDoAoxvMfFA1d4E61wPVhjG49bhu5SIDGLp6%2FVGuKXy6%2FOE0dERs4a9HLBvn7ci3qo6bb7dthvG4edxPAjQmCsvgrRQqyTckq2I7HkI6OB82fHLJSb59LtUgetCEG7vKgPXjnyF81oR48IWz8RQVtW5iUp4Soj4YxXffuqCNYkw%3D%3D&sso_reload=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4f:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
c974a0be091a8f09353472bbb41cb939e48a6796f6d0cf95686a7b4d73aa8490

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 10 Feb 2023 12:38:17 GMT
content-encoding
gzip
x-azure-ref-originshield
0ZHXcYwAAAAD6rAFH9REuSoBbuuntjJE6RlJBMjMxMDUwNDE4MDIxADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
2lcEQ5vglpXqxT8YZRDC3A==
x-cache
TCP_HIT
content-length
112847
x-ms-lease-status
unlocked
last-modified
Fri, 16 Dec 2022 22:42:00 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DADFB6BF0B914F
x-azure-ref
0ujrmYwAAAAD2PxrRTtkYRbZXitnW3U8ZRlJBMzFFREdFMDMxMQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
7e172d8a-901e-0056-7319-2fae4c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
Me.htm
login.live.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://login.live.com/Me.htm?v=3
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/d2e1b8d7-d20f-4e89-a5b8-1cda45bca7a0/saml2?SAMLRequest=fZLNTsMwEIRfJfI9ie22JLHSoEKFqMRPRSsOXNDGWRdLiV1sp8DbkwYqcaHX0ezMfNKWl59dGx3QeW3NnLCEksuqXPThzTzhe48%2BRIPB%2BDnpnREWvPbCQIdeBCk2i%2Fs7wRMq9s4GK21LfszCQ9eevwDv0YWhk0TPp%2FJBJ9FqOSevBRQyU2qW8yZTFCazLMsBCwaDxlTNaT2lqC4mBQwH3ve4Mj6ACUMG5ZOY8pjRLeNikguWJRfF9IVEy4FFGwhj1VsIey%2FStLU7bZJOS2e9VcGaVhtMpO3ShiOr8yaLG05VPMW8iGFW5zGTDUxntYQMaHrk5CRa%2F%2BJfadNosztPXv%2BYvLjdbtfx%2BnGzJVV5DBIjiatO2w57wxOnA7p%2BN04q07%2B28mGIXi3XttXyK7qxroPwfzNL2KjoJlajVfTG71FqpbEh0aJt7ce1Qwg4J8H1SNKqTP%2B%2BQfUN&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=l5ChSvfTAGewMmjniKC1EHEVvcqx92qMzAwtZBg6ES0IyvTrM%2F%2FcDf9dj5Twpp2SZP2gqI4F%2FRqwc09FbT5t0ufrLd52vDGXZnn0KTACep%2BgunDOS%2FmL9gyYrwCcPjMflajpE2Ga6I9mZy3RTn8uikv2lsIFLL0fEE%2FraitLK5bQDoAoxvMfFA1d4E61wPVhjG49bhu5SIDGLp6%2FVGuKXy6%2FOE0dERs4a9HLBvn7ci3qo6bb7dthvG4edxPAjQmCsvgrRQqyTckq2I7HkI6OB82fHLJSb59LtUgetCEG7vKgPXjnyF81oR48IWz8RQVtW5iUp4Soj4YxXffuqCNYkw%3D%3D&sso_reload=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.126.31.70 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers
oneDs_641b1cf809bdc17b42ab.js
aadcdn.msauth.net/shared/1.0/content/js/ 		186 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/oneDs_641b1cf809bdc17b42ab.js
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_NnFX4S8X6vb-OgGnD82WNA2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4f:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
9fe0a5db692ff67c7cd88490a7412c379ae767708e2cf8847d9a915dd6f19141

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 10 Feb 2023 12:38:18 GMT
content-encoding
gzip
x-azure-ref-originshield
0ynHfYwAAAAB8NarEfgdnSJyOjvKQzZ4HRlJBMjMxMDUwNDE3MDUzADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
Rajh8JKNmzx4FHNJDjlS4A==
x-cache
TCP_HIT
content-length
61054
x-ms-lease-status
unlocked
last-modified
Thu, 27 Oct 2022 14:24:13 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAB826EBE74413
x-azure-ref
0ujrmYwAAAAC6D3tVmkAYRJNwJ0ZiZBSARlJBMzFFREdFMDkxMwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
bc6d83cd-201e-0045-6c29-2d6368000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
convergedlogin_pcustomizationloader_f3782014f3739160dbfd.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ 		107 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_f3782014f3739160dbfd.js
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_NnFX4S8X6vb-OgGnD82WNA2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4f:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
0e2ef54a0f3644ed15e5b535dd3a30b94ba2cbf05631efc41039ae793c8b0efe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 10 Feb 2023 12:38:18 GMT
content-encoding
gzip
x-azure-ref-originshield
0fbflYwAAAAC1GSqCRTedRJCm1We9d8X9RlJBMjMxMDUwNDE4MDUxADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
e/EZAgcGdIaZjab5+bzwzw==
x-cache
TCP_HIT
content-length
32186
x-ms-lease-status
unlocked
last-modified
Wed, 07 Dec 2022 05:02:34 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAD81040AAC077
x-azure-ref
0ujrmYwAAAAC9kntD/KTyRIdKfpPM9WTCRlJBMzFFREdFMDkxMwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
35c6d9e9-601e-0039-3c6d-3b6571000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ 		0
20 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/d2e1b8d7-d20f-4e89-a5b8-1cda45bca7a0/saml2?SAMLRequest=fZLNTsMwEIRfJfI9ie22JLHSoEKFqMRPRSsOXNDGWRdLiV1sp8DbkwYqcaHX0ezMfNKWl59dGx3QeW3NnLCEksuqXPThzTzhe48%2BRIPB%2BDnpnREWvPbCQIdeBCk2i%2Fs7wRMq9s4GK21LfszCQ9eevwDv0YWhk0TPp%2FJBJ9FqOSevBRQyU2qW8yZTFCazLMsBCwaDxlTNaT2lqC4mBQwH3ve4Mj6ACUMG5ZOY8pjRLeNikguWJRfF9IVEy4FFGwhj1VsIey%2FStLU7bZJOS2e9VcGaVhtMpO3ShiOr8yaLG05VPMW8iGFW5zGTDUxntYQMaHrk5CRa%2F%2BJfadNosztPXv%2BYvLjdbtfx%2BnGzJVV5DBIjiatO2w57wxOnA7p%2BN04q07%2B28mGIXi3XttXyK7qxroPwfzNL2KjoJlajVfTG71FqpbEh0aJt7ce1Qwg4J8H1SNKqTP%2B%2BQfUN&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=l5ChSvfTAGewMmjniKC1EHEVvcqx92qMzAwtZBg6ES0IyvTrM%2F%2FcDf9dj5Twpp2SZP2gqI4F%2FRqwc09FbT5t0ufrLd52vDGXZnn0KTACep%2BgunDOS%2FmL9gyYrwCcPjMflajpE2Ga6I9mZy3RTn8uikv2lsIFLL0fEE%2FraitLK5bQDoAoxvMfFA1d4E61wPVhjG49bhu5SIDGLp6%2FVGuKXy6%2FOE0dERs4a9HLBvn7ci3qo6bb7dthvG4edxPAjQmCsvgrRQqyTckq2I7HkI6OB82fHLJSb59LtUgetCEG7vKgPXjnyF81oR48IWz8RQVtW5iUp4Soj4YxXffuqCNYkw%3D%3D&sso_reload=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4f:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 10 Feb 2023 12:38:18 GMT
content-encoding
gzip
x-azure-ref-originshield
0X5DlYwAAAADvSVXDkqIOQbVoIBo4rdeeRlJBMjMxMDUwNDE3MDI5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
9K2/nGCj75WAmmAI9nZNCA==
x-cache
TCP_HIT
content-length
19970
x-ms-lease-status
unlocked
last-modified
Thu, 04 Aug 2022 19:37:00 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA7650B37ACC3D
x-azure-ref
0ujrmYwAAAABLEjwjUil0RogmLBfS6AlrRlJBMzFFREdFMDkxMwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
885b679c-701e-0098-0b35-3b8815000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
ux.converged.login.strings-de.min_egm72xgxis3arkcshl_vsg2.js
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ 		0
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-de.min_egm72xgxis3arkcshl_vsg2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/d2e1b8d7-d20f-4e89-a5b8-1cda45bca7a0/saml2?SAMLRequest=fZLNTsMwEIRfJfI9ie22JLHSoEKFqMRPRSsOXNDGWRdLiV1sp8DbkwYqcaHX0ezMfNKWl59dGx3QeW3NnLCEksuqXPThzTzhe48%2BRIPB%2BDnpnREWvPbCQIdeBCk2i%2Fs7wRMq9s4GK21LfszCQ9eevwDv0YWhk0TPp%2FJBJ9FqOSevBRQyU2qW8yZTFCazLMsBCwaDxlTNaT2lqC4mBQwH3ve4Mj6ACUMG5ZOY8pjRLeNikguWJRfF9IVEy4FFGwhj1VsIey%2FStLU7bZJOS2e9VcGaVhtMpO3ShiOr8yaLG05VPMW8iGFW5zGTDUxntYQMaHrk5CRa%2F%2BJfadNosztPXv%2BYvLjdbtfx%2BnGzJVV5DBIjiatO2w57wxOnA7p%2BN04q07%2B28mGIXi3XttXyK7qxroPwfzNL2KjoJlajVfTG71FqpbEh0aJt7ce1Qwg4J8H1SNKqTP%2B%2BQfUN&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=l5ChSvfTAGewMmjniKC1EHEVvcqx92qMzAwtZBg6ES0IyvTrM%2F%2FcDf9dj5Twpp2SZP2gqI4F%2FRqwc09FbT5t0ufrLd52vDGXZnn0KTACep%2BgunDOS%2FmL9gyYrwCcPjMflajpE2Ga6I9mZy3RTn8uikv2lsIFLL0fEE%2FraitLK5bQDoAoxvMfFA1d4E61wPVhjG49bhu5SIDGLp6%2FVGuKXy6%2FOE0dERs4a9HLBvn7ci3qo6bb7dthvG4edxPAjQmCsvgrRQqyTckq2I7HkI6OB82fHLJSb59LtUgetCEG7vKgPXjnyF81oR48IWz8RQVtW5iUp4Soj4YxXffuqCNYkw%3D%3D&sso_reload=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4f:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 10 Feb 2023 12:38:18 GMT
content-encoding
gzip
x-azure-ref-originshield
05HTcYwAAAABmn+xkuq6hQbJUzVRGAIwsRlJBMjMxMDUwNDE3MDMzADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
k7fVZXvzmEOgfmeeNd3Kyw==
x-cache
TCP_HIT
content-length
15207
x-ms-lease-status
unlocked
last-modified
Sat, 17 Dec 2022 08:38:03 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAE00A0321E74C
x-azure-ref
0ujrmYwAAAABRMgboC5pgS4uXjV4n7dm9RlJBMzFFREdFMDkxMwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
186a3eda-c01e-0077-3e70-37147d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
convergedlogin_pfetchsessionsprogress_85acbcb9234972130506.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_85acbcb9234972130506.js
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_NnFX4S8X6vb-OgGnD82WNA2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4f:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
28fa8f3ba41d8801e3d95e7128f5b2189a4344ebee1a56d4be7a313959f608e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 10 Feb 2023 12:38:18 GMT
content-encoding
gzip
x-azure-ref-originshield
0kRjeYwAAAACwIVuXiR/uSIQCEmwmIAzeRlJBMjMxMDUwNDE3MDM5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
4CzbHQsOMg8rU5bCeKMGlw==
x-cache
TCP_HIT
content-length
5530
x-ms-lease-status
unlocked
last-modified
Tue, 15 Nov 2022 20:12:20 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAC745B3600473
x-azure-ref
0ujrmYwAAAAC7J1GkbiOuS5HPYXhoP0QyRlJBMzFFREdFMDkxMwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
230dfdbd-f01e-0028-1e2f-2dfe51000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
marching_ants_white_166de53471265253ab3a456defe6da23.gif
aadcdn.msauth.net/shared/1.0/content/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/marching_ants_white_166de53471265253ab3a456defe6da23.gif
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4f:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 10 Feb 2023 12:38:18 GMT
x-azure-ref-originshield
0qWTiYwAAAABRRhGQr+OcSJvgor3FqXfKRlJBMjMxMDUwNDE4MDQ1ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
Fm3lNHEmUlOrOkVt7+baIw==
x-cache
TCP_HIT
content-length
2672
x-ms-lease-status
unlocked
last-modified
Fri, 17 Jan 2020 19:28:37 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D79B83739984DD
x-azure-ref
0ujrmYwAAAADvlqAh+CBkRblj0m9Edqs6RlJBMzFFREdFMDkxMwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
21d3bd1e-001e-0087-0aef-3ab128000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
aadcdn.msauth.net/shared/1.0/content/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4f:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 10 Feb 2023 12:38:18 GMT
x-azure-ref-originshield
065fcYwAAAABbH9NhSZ3+RITcrjJzjrY6RlJBMjMxMDUwNDE3MDM5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
tUCo5RgDcZLjLE/li/Lbqw==
x-cache
TCP_HIT
content-length
3620
x-ms-lease-status
unlocked
last-modified
Fri, 17 Jan 2020 19:28:38 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D79B8373B17F89
x-azure-ref
0ujrmYwAAAAB//wHXRPWATo8LjugWGQfKRlJBMzFFREdFMDkxMwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
c130974a-001e-0057-29a7-35854e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
2_bc3d32a696895f78c19df6c717586a5d.svg
aadcdn.msauth.net/shared/1.0/content/images/backgrounds/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4f:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 10 Feb 2023 12:38:18 GMT
content-encoding
gzip
x-azure-ref-originshield
0lGTiYwAAAADOxrilvTC0Ta9IUkereGwBRlJBMjMxMDUwNDE3MDQ5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
DhdidjYrlCeaRJJRG/y9mA==
x-cache
TCP_HIT
content-length
673
x-ms-lease-status
unlocked
last-modified
Wed, 12 Feb 2020 22:01:30 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D7B0071D86E386
x-azure-ref
0ujrmYwAAAAA/uc+yurvtR5U3mTO8GG9zRlJBMzFFREdFMDkxMwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
00a33292-e01e-0075-2ae3-3a4279000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
aadcdn.msauth.net/shared/1.0/content/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4f:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 10 Feb 2023 12:38:18 GMT
content-encoding
gzip
x-azure-ref-originshield
0uHveYwAAAADdg/gnAt/HTYBb+DnvGKLsRlJBMjMxMDUwNDE3MDIzADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
nzaLxFgP7ZB3dfMcaybWzw==
x-cache
TCP_HIT
content-length
1435
x-ms-lease-status
unlocked
last-modified
Fri, 17 Jan 2020 19:28:38 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D79B8373CB2849
x-azure-ref
0ujrmYwAAAABty9xfFRvFRqMAgNVHXFuwRlJBMzFFREdFMDkxMwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
b40c3980-501e-005a-3490-385a55000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
marching_ants_white_166de53471265253ab3a456defe6da23.gif
aadcdn.msauth.net/shared/1.0/content/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/marching_ants_white_166de53471265253ab3a456defe6da23.gif
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_NnFX4S8X6vb-OgGnD82WNA2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4f:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 10 Feb 2023 12:38:18 GMT
x-azure-ref-originshield
0qWTiYwAAAABRRhGQr+OcSJvgor3FqXfKRlJBMjMxMDUwNDE4MDQ1ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
Fm3lNHEmUlOrOkVt7+baIw==
x-cache
TCP_HIT
content-length
2672
x-ms-lease-status
unlocked
last-modified
Fri, 17 Jan 2020 19:28:37 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D79B83739984DD
x-azure-ref
0ujrmYwAAAAAIbiCYf/kHTp84nLOe9axKRlJBMzFFREdFMDkxMwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
21d3bd1e-001e-0087-0aef-3ab128000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
aadcdn.msauth.net/shared/1.0/content/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_NnFX4S8X6vb-OgGnD82WNA2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4f:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 10 Feb 2023 12:38:18 GMT
x-azure-ref-originshield
065fcYwAAAABbH9NhSZ3+RITcrjJzjrY6RlJBMjMxMDUwNDE3MDM5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
tUCo5RgDcZLjLE/li/Lbqw==
x-cache
TCP_HIT
content-length
3620
x-ms-lease-status
unlocked
last-modified
Fri, 17 Jan 2020 19:28:38 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D79B8373B17F89
x-azure-ref
0ujrmYwAAAADgncS6ZINITJgk3Gi1HeLIRlJBMzFFREdFMDkxMwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
c130974a-001e-0057-29a7-35854e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
ssoprobe
autologon.microsoftazuread-sso.com/d2e1b8d7-d20f-4e89-a5b8-1cda45bca7a0/winauth/ 		12 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://autologon.microsoftazuread-sso.com/d2e1b8d7-d20f-4e89-a5b8-1cda45bca7a0/winauth/ssoprobe?client-request-id=aa055d36-4c2e-4de9-8cb2-e487369bef12&_=1676032698815
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1026:3000:148::c Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Fri, 10 Feb 2023 12:38:18 GMT
X-Content-Type-Options
nosniff
WWW-Authenticate
Negotiate
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Content-Length
12
X-XSS-Protection
0
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Vary
Origin
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png; charset=utf-8
Access-Control-Allow-Origin
https://login.microsoftonline.com
x-ms-request-id
09fc3e5b-bb0a-48a1-80a6-839aa66f7d01
Cache-Control
no-store, no-cache
Access-Control-Allow-Credentials
true
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams1"}]}
x-ms-ests-server
2.1.14526.6 - SCUS ProdSlices
Expires
-1
dssostatus
login.microsoftonline.com/common/instrumentation/ 		264 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/common/instrumentation/dssostatus
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_NnFX4S8X6vb-OgGnD82WNA2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.159.70 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
29922b3646ebbc8135a1005ca89b22a56f9ca39ef8c3d2035c1cdd7a46c9160d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

hpgrequestid
a8ef9d8d-78b1-41c2-88d4-16bf6d20c201
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
client-request-id
aa055d36-4c2e-4de9-8cb2-e487369bef12
canary
AQABAAAAAAD--DLA3VO7QrddgJg7Wevrdc8m8-Dp6dXWSauaDSuPzTk2dNozQBCOsSaawXwSXcQxnMtN648V-1Kb3hCm_XzybXqYOyoZDQlVNdkG0F20XNwB9hXTCkiUhYv1-rkV_2YnkSOJCmXecMKNNZNeHXRQ7c1OQuJ2K_HOYC6aYn8Oz1SkU62TO71h2tByRBqVzsiED8l9_87dUwp5dWaby_7qguYv7-JZJFd8HKlQzcbseiAA
Content-type
application/json; charset=UTF-8
hpgid
1104
Accept
application/json
Referer
https://login.microsoftonline.com/d2e1b8d7-d20f-4e89-a5b8-1cda45bca7a0/saml2?SAMLRequest=fZLNTsMwEIRfJfI9ie22JLHSoEKFqMRPRSsOXNDGWRdLiV1sp8DbkwYqcaHX0ezMfNKWl59dGx3QeW3NnLCEksuqXPThzTzhe48%2BRIPB%2BDnpnREWvPbCQIdeBCk2i%2Fs7wRMq9s4GK21LfszCQ9eevwDv0YWhk0TPp%2FJBJ9FqOSevBRQyU2qW8yZTFCazLMsBCwaDxlTNaT2lqC4mBQwH3ve4Mj6ACUMG5ZOY8pjRLeNikguWJRfF9IVEy4FFGwhj1VsIey%2FStLU7bZJOS2e9VcGaVhtMpO3ShiOr8yaLG05VPMW8iGFW5zGTDUxntYQMaHrk5CRa%2F%2BJfadNosztPXv%2BYvLjdbtfx%2BnGzJVV5DBIjiatO2w57wxOnA7p%2BN04q07%2B28mGIXi3XttXyK7qxroPwfzNL2KjoJlajVfTG71FqpbEh0aJt7ce1Qwg4J8H1SNKqTP%2B%2BQfUN&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=l5ChSvfTAGewMmjniKC1EHEVvcqx92qMzAwtZBg6ES0IyvTrM%2F%2FcDf9dj5Twpp2SZP2gqI4F%2FRqwc09FbT5t0ufrLd52vDGXZnn0KTACep%2BgunDOS%2FmL9gyYrwCcPjMflajpE2Ga6I9mZy3RTn8uikv2lsIFLL0fEE%2FraitLK5bQDoAoxvMfFA1d4E61wPVhjG49bhu5SIDGLp6%2FVGuKXy6%2FOE0dERs4a9HLBvn7ci3qo6bb7dthvG4edxPAjQmCsvgrRQqyTckq2I7HkI6OB82fHLJSb59LtUgetCEG7vKgPXjnyF81oR48IWz8RQVtW5iUp4Soj4YxXffuqCNYkw%3D%3D&sso_reload=true
hpgact
1900

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Fri, 10 Feb 2023 12:38:18 GMT
X-Content-Type-Options
nosniff
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
client-request-id
aa055d36-4c2e-4de9-8cb2-e487369bef12
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Content-Length
264
X-XSS-Protection
0
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Access-Control-Allow-Methods
POST, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://autologon.microsoftazuread-sso.com/
x-ms-request-id
047771f3-96bd-42b7-8246-de4caaa07f01
Cache-Control
no-store, no-cache
Access-Control-Allow-Credentials
true
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub1"}]}
x-ms-ests-server
2.1.14526.6 - EUS ProdSlices
Expires
-1
convergedlogin_pstringcustomizationhelper_44ba818dfa55d8749503.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ 		111 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_44ba818dfa55d8749503.js
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_NnFX4S8X6vb-OgGnD82WNA2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4f:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
79af9d6414cc1d900d943eb4e3bfca28338a72e0931ebfd6f93dcc0d7a6abcd2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 10 Feb 2023 12:38:18 GMT
content-encoding
gzip
x-azure-ref-originshield
0c4zfYwAAAAAFVhAraZYmQJyx5TSpksnmRlJBMjMxMDUwNDE4MDIxADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
x+Nhj00unyDBcQ40kWZ5lw==
x-cache
TCP_HIT
content-length
35786
x-ms-lease-status
unlocked
last-modified
Tue, 15 Nov 2022 20:12:21 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAC745B3E8CFA6
x-azure-ref
0uzrmYwAAAADcmbzIjmQ8Tovk0Hg+ZHtARlJBMzFFREdFMDkxMwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
923e2012-801e-0073-5e60-35b875000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
signin-options_4e48046ce74f4b89d45037c90576bfac.svg
aadcdn.msauth.net/shared/1.0/content/images/ 		2 KB
954 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4f:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 10 Feb 2023 12:38:18 GMT
content-encoding
gzip
x-azure-ref-originshield
0SnXcYwAAAAD6uiXgOY02T5UzdmSTDBPhRlJBMjMxMDUwNDE4MDM5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
R2FAVxfpONfnQAuxVxXbHg==
x-cache
TCP_HIT
content-length
621
x-ms-lease-status
unlocked
last-modified
Tue, 10 Nov 2020 03:41:24 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D8852A7FA6B761
x-azure-ref
0uzrmYwAAAAB0WrRXRu1JSYA9XsDsUH7LRlJBMzFFREdFMDkxMwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
16c29d33-801e-0037-7a32-30c76c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		153 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/oneDs_641b1cf809bdc17b42ab.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.105.71.137 -, , ASN (),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
5659855e98dc49c819878761676832d4a907478bd78cb4e807636ad4fe30942a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

upload-time
1676032701051
accept-language
de-DE,de;q=0.9
client-version
1DS-Web-JS-3.2.6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
time-delta-to-apply-millis
use-collector-delta
content-type
application/x-json-stream
cache-control
no-cache, no-store
Referer
https://login.microsoftonline.com/
apikey
69adc3c768bd4dc08c19416121249fcc-66f1668a-797b-4249-95e3-6c6651768c28-7293
Client-Id
NO_AUTH

Response headers

Strict-Transport-Security
max-age=31536000
Date
Fri, 10 Feb 2023 12:38:20 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
322
Access-Control-Allow-Methods
POST
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Content-Type
application/json
Access-Control-Allow-Origin
https://login.microsoftonline.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
P3P,Set-Cookie,time-delta-millis
Content-Length
153
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.105.71.137 -, , ASN (),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://login.microsoftonline.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Allow-Origin
https://login.microsoftonline.com
Access-Control-Max-Age
3600
Cache-Control
public, 3600
Content-Length
0
Date
Fri, 10 Feb 2023 12:38:20 GMT
Server
Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age=31536000

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| oncontentvisibilityautostatechange object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository object| Telemetry object| telemetry_webpackJsonp boolean| __ConvergedLogin_PCore boolean| __ boolean| __convergedlogin_pcustomizationloader_f3782014f3739160dbfd boolean| __convergedlogin_pfetchsessionsprogress_85acbcb9234972130506 boolean| __convergedlogin_pstringcustomizationhelper_44ba818dfa55d8749503

18 Cookies

Domain/Path Name / Value
vpn2.riterug.com/ Name: EXTRAWEB_STATE
Value: EAABEAAGBAADaWQAEAABBAABAAQABXNzcGYAEAABBQAABAAFaG9zdAAQAAEEAAEA
vpn2.riterug.com/ Name: EXTRAWEB_REFERER
Value: %252FpreauthMI%252Fsniffer.js%253Fv%253D124b33ffaaa81935
vpn2.riterug.com/ Name: EPC_MI
Value: %7cwin:1%7cwin32:1%7cwin64:1%7cx64:1%7cplatform:Windows%7cwin10:1%7cchrome:110%7cbrowser:Netscape%7cbrowserVersion:110%7cheight:1200%7cwidth:1600%7cuserAgent:mozilla%252F5.0%2520(windows%2520nt%252010.0%253B%2520win64%253B%2520x64)%2520applewebkit%252F537.36%2520(khtml%252C%2520like%2520gecko)%2520chrome%252F110.0.5481.77%2520safari%252F537.36%7cuserLocale:en-US
vpn2.riterug.com/ Name: EXTRAWEB_SAML_AUTH_DATA
Value: YWxpYXM9d29ya3BsYWNlJnJlc291cmNlPSUyRndvcmtwbGFjZSUyRmFjY2VzcyUyRmhvbWUmaWQ9dkRhcURzU2o1UkklM0Q=
vpn2.riterug.com/ Name: EXTRAWEB_SAML_SESS
Value: 1
login.microsoftonline.com/ Name: x-ms-gateway-slice
Value: estsfd
login.microsoftonline.com/ Name: stsservicecookie
Value: estsfd
.login.microsoftonline.com/ Name: AADSSO
Value: NA|NoExtension
login.microsoftonline.com/ Name: SSOCOOKIEPULLED
Value: 1
login.microsoftonline.com/ Name: buid
Value: 0.AQ4A17jh0g_SiU6luBzaRbynoHQxlGygupZHnVqOAcqXpaUOAAA.AQABAAEAAAD--DLA3VO7QrddgJg7Wevr1X6-Y6_-8Z03_PvTgOwEgVBFnrr1zrLdJ2lQGCkHgiZRAKgUAT3u_6WdXdb2Ksp5_xjhq1dcZXQII4EcdfUWG0XUjFvv6_oBnmWl5WZ1FgggAA
login.microsoftonline.com/ Name: fpc
Value: AvCzPRlYF31Lj8UjHEjHBXrou9rHAQAAALoxeNsOAAAA
.login.microsoftonline.com/ Name: esctx
Value: PAQABAAEAAAD--DLA3VO7QrddgJg7WevrkaCsMcwUh4pV9aWgF22HU2RqCP3kyEZOXZ06vpaRUUZuspWkprmUaoJLQNmiD2ACoNEHABVnRgvWXmNO4M7UvhcVET4qwsUqocisEcWwrzNMFyGxqwBGgq2SL43a3MlLz3JAM1jExUiE52WoXPv-gNQuUcSgeDqmzX5xfyKLW08gAA
.login.microsoftonline.com/ Name: brcap
Value: 0
.login.live.com/ Name: uaid
Value: be5576e6045c4855aa331ab8160f96d1
.login.live.com/ Name: MSPRequ
Value: id=N&lt=1676032698&co=1
autologon.microsoftazuread-sso.com/ Name: fpc
Value: Agh8sIFIJrlKpcRq3MFiJ9A
autologon.microsoftazuread-sso.com/ Name: x-ms-gateway-slice
Value: estsfd
autologon.microsoftazuread-sso.com/ Name: stsservicecookie
Value: estsfd

1 Console Messages

Source Level URL
Text
network error URL: https://autologon.microsoftazuread-sso.com/d2e1b8d7-d20f-4e89-a5b8-1cda45bca7a0/winauth/ssoprobe?client-request-id=aa055d36-4c2e-4de9-8cb2-e487369bef12&_=1676032698815
Message:
Failed to load resource: the server responded with a status of 401 (Unauthorized)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msauth.net
autologon.microsoftazuread-sso.com
browser.events.data.microsoft.com
fonts.googleapis.com
fonts.gstatic.com
login.live.com
login.microsoftonline.com
vpn2.riterug.com
20.190.159.70
204.148.166.54
2603:1026:3000:148::c
2620:1ec:4f:1::44
2a00:1450:400d:808::2003
2a00:1450:400d:80d::200a
40.126.31.70
51.105.71.137
003ab203aa11cb3ff3da2225f34413d8b77842d2b4597f4b9349d67dab7a0a0d
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
0e2ef54a0f3644ed15e5b535dd3a30b94ba2cbf05631efc41039ae793c8b0efe
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
234b9bab83aa0c52e9e5192995427a2bc44876cf1a11545ed631f369b8dc6534
28fa8f3ba41d8801e3d95e7128f5b2189a4344ebee1a56d4be7a313959f608e1
29922b3646ebbc8135a1005ca89b22a56f9ca39ef8c3d2035c1cdd7a46c9160d
31ea2e887b590c396a150d4e5984d8882184d7ace61d8eaea3d3abafc1c4ac64
330c90249e7b12d89d35a3e324dba128f40898fd059377993aecdcf7db6a9686
34296d6e4e32421d904c0910b9f06d7b3a86016035e3205efa48dea37763d62d
46b33b53d4f6cbbb6da26d936bd553d4fd7b7403b87783ac4508409bd1a0640e
4c7a399887eefe2496902bd0a98c1fdce75f12d2337469c42f189d2fe9161589
5659855e98dc49c819878761676832d4a907478bd78cb4e807636ad4fe30942a
79af9d6414cc1d900d943eb4e3bfca28338a72e0931ebfd6f93dcc0d7a6abcd2
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
985542ee18f193f619ad086af621079626310abc7f6bf5dd7eef8c6e2abd6096
9fe0a5db692ff67c7cd88490a7412c379ae767708e2cf8847d9a915dd6f19141
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13
bb302584429797c9594e86f1a8c4e65d8f13b94570b62e2172016fb0f1e84821
c974a0be091a8f09353472bbb41cb939e48a6796f6d0cf95686a7b4d73aa8490
d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e74c9fa250e78a29be1d98c38343bf215bd4ea33ad21bd076c89524faee37086