urlscan.io logo urlscan.io
SecurityTrails logo

sso.tevapharm.com Open in urlscan Pro
192.115.249.100  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://surveys.kornferry.com/login.aspx?id=9F55F6B5A3918142A6BFBA5F20782280B63BA3A71D708D45A18812BB67667571B1297207F307A4A68B...
Effective URL: https://sso.tevapharm.com/adfs/ls/?client-request-id=de09e3eb-3531-4091-af76-318632397172&username=&wa=wsignin1.0&wtrealm=...
Submission: On September 11 via manual from IL — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 12 HTTP transactions. The main IP is 192.115.249.100, located in Hadera, Israel and belongs to TEVA-AS, IL. The main domain is sso.tevapharm.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on July 12th 2023. Valid for: a year.
This is the only time sso.tevapharm.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2620:1ec:46::67 8075 (MICROSOFT...)
1 2 2603:1026:300... 8075 (MICROSOFT...)
1 2620:1ec:bdf::67 8075 (MICROSOFT...)
1 10 192.115.249.100 12753 (TEVA-AS)
12 5
Apex Domain
Subdomains		 Transfer
10 tevapharm.com
sso.tevapharm.com
290 KB
2 microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 16
13 KB
1 msauth.net
aadcdn.msauth.net — Cisco Umbrella Rank: 1157
48 KB
1 kornferry.com
surveys.kornferry.com — Cisco Umbrella Rank: 330463
3 KB
12 4
Domain Requested by
10 sso.tevapharm.com 1 redirects sso.tevapharm.com
2 login.microsoftonline.com 1 redirects
1 aadcdn.msauth.net login.microsoftonline.com
1 surveys.kornferry.com
12 4

This site contains no links.

Subject Issuer Validity Valid
surveys.kornferry.com
Trusted Secure Certificate Authority DV		 2022-12-01 -
2023-12-01		 a year crt.sh
stamp2.login.microsoftonline.com
DigiCert SHA2 Secure Server CA		 2023-08-25 -
2024-08-25		 a year crt.sh
aadcdn.msauth.net
DigiCert SHA2 Secure Server CA		 2023-07-29 -
2024-07-29		 a year crt.sh
sso.tevapharm.com
Entrust Certification Authority - L1K		 2023-07-12 -
2024-08-10		 a year crt.sh

This page contains 1 frames:

Primary Page: https://sso.tevapharm.com/adfs/ls/?client-request-id=de09e3eb-3531-4091-af76-318632397172&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAAjVO9b101FL-XfLSNWqiYWJA6gIRUXmIf-_jYkSLVPrbTIkpDIGrLgu57vfelaZL38l6aD9gRI5WYwsbIAoKtE0JMHaArILGwoJZKHTvi_AOIwV788-_LxwvV8uub-_vj6fLS0vT-5KA9ni7eG012u3YyOV4cjHYmry5cfPrXuT8lPrjy7YH8DNze5KRe2G8PmnK8eHf7m_qt_yRYenc0vLu72EzHRz_Vb36sB00ju77uoW66nr7TDXq2Rey1UiJgK3Qf1OO6_ruuf39p7oNmZxtOZh7OctIpGQ7Jh5CizJajZA8ELNCQtUEiexGVjAKyVBht9rrshqQkQyYYUGCEdg5tgmxtzDaX5UO0TlL20jtyFoM0ORjSKBl0LEghLYASngiyMYkzsWTHhS-hF6hDyEIFHZGt0pGYfKFSQREbTiFBAMyBAyiVyUUSXpUYkgXrkFJ0Kalil0naSIFVTpoS2CgMFJM6EUWdjYjWa50KLGWTE4fCjBgBWZlQWEFwZl9ss0E0GMk6jME7AAZiUKnYFoZ8RC-RWGipdD5VyzIbp9iSQG9kYKGglGANWggEyRQ5KGLKSpeLfeVZsUfBRBkdkSJjQGpburbeIiLYROiwvJXGwh90Tk6VIMAuefSnQEnKlcJVcimTscFZKRxzTNpDiaVMiQPRm0glQhJWZC-yigipXMqgwUrIOrjoRbBBGxu1i1Iwei0yWAvOK6uMinQ6MVn772feUF2RbKjfaxuneloa1-uDHfQGynSdarEv7sjHs-efzJ4XM8tnzy5crF6rLlUvZuuv58rwP1_54UH71V76bvjpe-u_fFk9mlta3xiGDXf9aINXcXhZ3Jx-Mh5_aG9s3Vprtrvj1Xu7R5cP17Z2nBq_v2KW5RfzFx7NV8_n68_PVCdnqofn_veH-fFC9eLln5_--sez3_55dvXJK2_vcjM6uN19dNj3ZhPWDsXq1uat0dbh3vr4ZvPOtnFXR9ev0f3htRujlX8B0&RedirectToIdentityProvider=AD+AUTHORITY
Frame ID: 2527DA8A03EB07B845D2587AD8E6C9D9
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Anmelden

Page URL History Show full URLs

  1. https://surveys.kornferry.com/login.aspx?id=9F55F6B5A3918142A6BFBA5F20782280B63BA3A71D708D45A18812BB676675... Page URL
  2. https://login.microsoftonline.com/3f991a7b-ea93-4169-b28c-c36ff3e5b0d1/saml2 Page URL
  3. https://login.microsoftonline.com/3f991a7b-ea93-4169-b28c-c36ff3e5b0d1/saml2?sso_reload=true HTTP 302
    https://sso.tevapharm.com/adfs/ls/?client-request-id=de09e3eb-3531-4091-af76-318632397172&username=&wa... Page URL
  4. https://sso.tevapharm.com/adfs/ls/?client-request-id=de09e3eb-3531-4091-af76-318632397172&username=&wa... HTTP 302
    https://sso.tevapharm.com/adfs/ls/?client-request-id=de09e3eb-3531-4091-af76-318632397172&username=&wa... Page URL

Page Statistics

12
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

5
IPs

3
Countries

350 kB
Transfer

446 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://surveys.kornferry.com/login.aspx?id=9F55F6B5A3918142A6BFBA5F20782280B63BA3A71D708D45A18812BB67667571B1297207F307A4A68BFD92E7C6A39173A6E34ECAC142E7251CD733B4F36E7C4AE10BF84DA1004DFAD54F27737FE764D9D18F5D82EEF05A4B46C5C3EF4134D7CE5B5C01DD3B63647E51&language=en-us&custom=253 Page URL
  2. https://login.microsoftonline.com/3f991a7b-ea93-4169-b28c-c36ff3e5b0d1/saml2 Page URL
  3. https://login.microsoftonline.com/3f991a7b-ea93-4169-b28c-c36ff3e5b0d1/saml2?sso_reload=true HTTP 302
    https://sso.tevapharm.com/adfs/ls/?client-request-id=de09e3eb-3531-4091-af76-318632397172&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAAjVO9b101FL-XfLSNWqiYWJA6gIRUXmIf-_jYkSLVPrbTIkpDIGrLgu57vfelaZL38l6aD9gRI5WYwsbIAoKtE0JMHaArILGwoJZKHTvi_AOIwV788-_LxwvV8uub-_vj6fLS0vT-5KA9ni7eG012u3YyOV4cjHYmry5cfPrXuT8lPrjy7YH8DNze5KRe2G8PmnK8eHf7m_qt_yRYenc0vLu72EzHRz_Vb36sB00ju77uoW66nr7TDXq2Rey1UiJgK3Qf1OO6_ruuf39p7oNmZxtOZh7OctIpGQ7Jh5CizJajZA8ELNCQtUEiexGVjAKyVBht9rrshqQkQyYYUGCEdg5tgmxtzDaX5UO0TlL20jtyFoM0ORjSKBl0LEghLYASngiyMYkzsWTHhS-hF6hDyEIFHZGt0pGYfKFSQREbTiFBAMyBAyiVyUUSXpUYkgXrkFJ0Kalil0naSIFVTpoS2CgMFJM6EUWdjYjWa50KLGWTE4fCjBgBWZlQWEFwZl9ss0E0GMk6jME7AAZiUKnYFoZ8RC-RWGipdD5VyzIbp9iSQG9kYKGglGANWggEyRQ5KGLKSpeLfeVZsUfBRBkdkSJjQGpburbeIiLYROiwvJXGwh90Tk6VIMAuefSnQEnKlcJVcimTscFZKRxzTNpDiaVMiQPRm0glQhJWZC-yigipXMqgwUrIOrjoRbBBGxu1i1Iwei0yWAvOK6uMinQ6MVn772feUF2RbKjfaxuneloa1-uDHfQGynSdarEv7sjHs-efzJ4XM8tnzy5crF6rLlUvZuuv58rwP1_54UH71V76bvjpe-u_fFk9mlta3xiGDXf9aINXcXhZ3Jx-Mh5_aG9s3Vprtrvj1Xu7R5cP17Z2nBq_v2KW5RfzFx7NV8_n68_PVCdnqofn_veH-fFC9eLln5_--sez3_55dvXJK2_vcjM6uN19dNj3ZhPWDsXq1uat0dbh3vr4ZvPOtnFXR9ev0f3htRujlX8B0 Page URL
  4. https://sso.tevapharm.com/adfs/ls/?client-request-id=de09e3eb-3531-4091-af76-318632397172&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAAjVO9b101FL-XfLSNWqiYWJA6gIRUXmIf-_jYkSLVPrbTIkpDIGrLgu57vfelaZL38l6aD9gRI5WYwsbIAoKtE0JMHaArILGwoJZKHTvi_AOIwV788-_LxwvV8uub-_vj6fLS0vT-5KA9ni7eG012u3YyOV4cjHYmry5cfPrXuT8lPrjy7YH8DNze5KRe2G8PmnK8eHf7m_qt_yRYenc0vLu72EzHRz_Vb36sB00ju77uoW66nr7TDXq2Rey1UiJgK3Qf1OO6_ruuf39p7oNmZxtOZh7OctIpGQ7Jh5CizJajZA8ELNCQtUEiexGVjAKyVBht9rrshqQkQyYYUGCEdg5tgmxtzDaX5UO0TlL20jtyFoM0ORjSKBl0LEghLYASngiyMYkzsWTHhS-hF6hDyEIFHZGt0pGYfKFSQREbTiFBAMyBAyiVyUUSXpUYkgXrkFJ0Kalil0naSIFVTpoS2CgMFJM6EUWdjYjWa50KLGWTE4fCjBgBWZlQWEFwZl9ss0E0GMk6jME7AAZiUKnYFoZ8RC-RWGipdD5VyzIbp9iSQG9kYKGglGANWggEyRQ5KGLKSpeLfeVZsUfBRBkdkSJjQGpburbeIiLYROiwvJXGwh90Tk6VIMAuefSnQEnKlcJVcimTscFZKRxzTNpDiaVMiQPRm0glQhJWZC-yigipXMqgwUrIOrjoRbBBGxu1i1Iwei0yWAvOK6uMinQ6MVn772feUF2RbKjfaxuneloa1-uDHfQGynSdarEv7sjHs-efzJ4XM8tnzy5crF6rLlUvZuuv58rwP1_54UH71V76bvjpe-u_fFk9mlta3xiGDXf9aINXcXhZ3Jx-Mh5_aG9s3Vprtrvj1Xu7R5cP17Z2nBq_v2KW5RfzFx7NV8_n68_PVCdnqofn_veH-fFC9eLln5_--sez3_55dvXJK2_vcjM6uN19dNj3ZhPWDsXq1uat0dbh3vr4ZvPOtnFXR9ev0f3htRujlX8B0 HTTP 302
    https://sso.tevapharm.com/adfs/ls/?client-request-id=de09e3eb-3531-4091-af76-318632397172&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAAjVO9b101FL-XfLSNWqiYWJA6gIRUXmIf-_jYkSLVPrbTIkpDIGrLgu57vfelaZL38l6aD9gRI5WYwsbIAoKtE0JMHaArILGwoJZKHTvi_AOIwV788-_LxwvV8uub-_vj6fLS0vT-5KA9ni7eG012u3YyOV4cjHYmry5cfPrXuT8lPrjy7YH8DNze5KRe2G8PmnK8eHf7m_qt_yRYenc0vLu72EzHRz_Vb36sB00ju77uoW66nr7TDXq2Rey1UiJgK3Qf1OO6_ruuf39p7oNmZxtOZh7OctIpGQ7Jh5CizJajZA8ELNCQtUEiexGVjAKyVBht9rrshqQkQyYYUGCEdg5tgmxtzDaX5UO0TlL20jtyFoM0ORjSKBl0LEghLYASngiyMYkzsWTHhS-hF6hDyEIFHZGt0pGYfKFSQREbTiFBAMyBAyiVyUUSXpUYkgXrkFJ0Kalil0naSIFVTpoS2CgMFJM6EUWdjYjWa50KLGWTE4fCjBgBWZlQWEFwZl9ss0E0GMk6jME7AAZiUKnYFoZ8RC-RWGipdD5VyzIbp9iSQG9kYKGglGANWggEyRQ5KGLKSpeLfeVZsUfBRBkdkSJjQGpburbeIiLYROiwvJXGwh90Tk6VIMAuefSnQEnKlcJVcimTscFZKRxzTNpDiaVMiQPRm0glQhJWZC-yigipXMqgwUrIOrjoRbBBGxu1i1Iwei0yWAvOK6uMinQ6MVn772feUF2RbKjfaxuneloa1-uDHfQGynSdarEv7sjHs-efzJ4XM8tnzy5crF6rLlUvZuuv58rwP1_54UH71V76bvjpe-u_fFk9mlta3xiGDXf9aINXcXhZ3Jx-Mh5_aG9s3Vprtrvj1Xu7R5cP17Z2nBq_v2KW5RfzFx7NV8_n68_PVCdnqofn_veH-fFC9eLln5_--sez3_55dvXJK2_vcjM6uN19dNj3ZhPWDsXq1uat0dbh3vr4ZvPOtnFXR9ev0f3htRujlX8B0&RedirectToIdentityProvider=AD+AUTHORITY Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://login.microsoftonline.com/3f991a7b-ea93-4169-b28c-c36ff3e5b0d1/saml2?sso_reload=true HTTP 302
  • https://sso.tevapharm.com/adfs/ls/?client-request-id=de09e3eb-3531-4091-af76-318632397172&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAAjVO9b101FL-XfLSNWqiYWJA6gIRUXmIf-_jYkSLVPrbTIkpDIGrLgu57vfelaZL38l6aD9gRI5WYwsbIAoKtE0JMHaArILGwoJZKHTvi_AOIwV788-_LxwvV8uub-_vj6fLS0vT-5KA9ni7eG012u3YyOV4cjHYmry5cfPrXuT8lPrjy7YH8DNze5KRe2G8PmnK8eHf7m_qt_yRYenc0vLu72EzHRz_Vb36sB00ju77uoW66nr7TDXq2Rey1UiJgK3Qf1OO6_ruuf39p7oNmZxtOZh7OctIpGQ7Jh5CizJajZA8ELNCQtUEiexGVjAKyVBht9rrshqQkQyYYUGCEdg5tgmxtzDaX5UO0TlL20jtyFoM0ORjSKBl0LEghLYASngiyMYkzsWTHhS-hF6hDyEIFHZGt0pGYfKFSQREbTiFBAMyBAyiVyUUSXpUYkgXrkFJ0Kalil0naSIFVTpoS2CgMFJM6EUWdjYjWa50KLGWTE4fCjBgBWZlQWEFwZl9ss0E0GMk6jME7AAZiUKnYFoZ8RC-RWGipdD5VyzIbp9iSQG9kYKGglGANWggEyRQ5KGLKSpeLfeVZsUfBRBkdkSJjQGpburbeIiLYROiwvJXGwh90Tk6VIMAuefSnQEnKlcJVcimTscFZKRxzTNpDiaVMiQPRm0glQhJWZC-yigipXMqgwUrIOrjoRbBBGxu1i1Iwei0yWAvOK6uMinQ6MVn772feUF2RbKjfaxuneloa1-uDHfQGynSdarEv7sjHs-efzJ4XM8tnzy5crF6rLlUvZuuv58rwP1_54UH71V76bvjpe-u_fFk9mlta3xiGDXf9aINXcXhZ3Jx-Mh5_aG9s3Vprtrvj1Xu7R5cP17Z2nBq_v2KW5RfzFx7NV8_n68_PVCdnqofn_veH-fFC9eLln5_--sez3_55dvXJK2_vcjM6uN19dNj3ZhPWDsXq1uat0dbh3vr4ZvPOtnFXR9ev0f3htRujlX8B0

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
login.aspx
surveys.kornferry.com/ 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://surveys.kornferry.com/login.aspx?id=9F55F6B5A3918142A6BFBA5F20782280B63BA3A71D708D45A18812BB67667571B1297207F307A4A68BFD92E7C6A39173A6E34ECAC142E7251CD733B4F36E7C4AE10BF84DA1004DFAD54F27737FE764D9D18F5D82EEF05A4B46C5C3EF4134D7CE5B5C01DD3B63647E51&language=en-us&custom=253
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:46::67 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
012916587fcc69bc0e64c488b9a559e4daa2199a8171f706bbcb65b3be307e55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-headers
X-Requested-With, Accept, Access-Control-Allow-Origin, Content-Type, Authorization
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://assessments.kfproducts.com
cache-control
no-store, no-cache
content-length
2365
content-type
text/html; charset=utf-8
date
Mon, 11 Sep 2023 13:56:11 GMT
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
x-azure-ref
20230911T135610Z-dvk5vmzcd112tbt8nzv99wyh7w0000000620000000006gsh
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
master-only
saml2
login.microsoftonline.com/3f991a7b-ea93-4169-b28c-c36ff3e5b0d1/ 		21 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/3f991a7b-ea93-4169-b28c-c36ff3e5b0d1/saml2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1026:3000:150::c Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3a329ba751a9c57ac0f511af3f8f938d71fe3d1adafdb4e8cdc4b16ddf058a66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://surveys.kornferry.com
Referer
https://surveys.kornferry.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
9123
Content-Type
text/html; charset=utf-8
Date
Mon, 11 Sep 2023 13:56:11 GMT
Expires
-1
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
x-ms-ests-server
2.1.16253.5 - FRC ProdSlices
x-ms-request-id
1e120ac9-1588-41f4-85ac-b2961d4b9e00
BssoInterrupt_Core_nun_Nob0yT2WjCUfgBCTog2.js
aadcdn.msauth.net/shared/1.0/content/js/ 		135 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/BssoInterrupt_Core_nun_Nob0yT2WjCUfgBCTog2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/3f991a7b-ea93-4169-b28c-c36ff3e5b0d1/saml2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::67 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cc51a8def572cc3523f9a4276fc4509a0e92b4d193fcfee35cdcf3a48662c92c

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 11 Sep 2023 13:56:11 GMT
content-encoding
gzip
x-cache
TCP_HIT
content-length
48719
x-ms-lease-status
unlocked
last-modified
Wed, 12 Jul 2023 10:42:33 GMT
etag
0x8DB82C4B32A50A1
x-azure-ref
20230911T135611Z-t8skehrke152z0brepvgswbb5400000003w0000000020h36
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
6e77c5c2-101e-000a-6973-e23966000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
/
sso.tevapharm.com/adfs/ls/
Redirect Chain
  • https://login.microsoftonline.com/3f991a7b-ea93-4169-b28c-c36ff3e5b0d1/saml2?sso_reload=true
  • https://sso.tevapharm.com/adfs/ls/?client-request-id=de09e3eb-3531-4091-af76-318632397172&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQ...
24 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sso.tevapharm.com/adfs/ls/?client-request-id=de09e3eb-3531-4091-af76-318632397172&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAAjVO9b101FL-XfLSNWqiYWJA6gIRUXmIf-_jYkSLVPrbTIkpDIGrLgu57vfelaZL38l6aD9gRI5WYwsbIAoKtE0JMHaArILGwoJZKHTvi_AOIwV788-_LxwvV8uub-_vj6fLS0vT-5KA9ni7eG012u3YyOV4cjHYmry5cfPrXuT8lPrjy7YH8DNze5KRe2G8PmnK8eHf7m_qt_yRYenc0vLu72EzHRz_Vb36sB00ju77uoW66nr7TDXq2Rey1UiJgK3Qf1OO6_ruuf39p7oNmZxtOZh7OctIpGQ7Jh5CizJajZA8ELNCQtUEiexGVjAKyVBht9rrshqQkQyYYUGCEdg5tgmxtzDaX5UO0TlL20jtyFoM0ORjSKBl0LEghLYASngiyMYkzsWTHhS-hF6hDyEIFHZGt0pGYfKFSQREbTiFBAMyBAyiVyUUSXpUYkgXrkFJ0Kalil0naSIFVTpoS2CgMFJM6EUWdjYjWa50KLGWTE4fCjBgBWZlQWEFwZl9ss0E0GMk6jME7AAZiUKnYFoZ8RC-RWGipdD5VyzIbp9iSQG9kYKGglGANWggEyRQ5KGLKSpeLfeVZsUfBRBkdkSJjQGpburbeIiLYROiwvJXGwh90Tk6VIMAuefSnQEnKlcJVcimTscFZKRxzTNpDiaVMiQPRm0glQhJWZC-yigipXMqgwUrIOrjoRbBBGxu1i1Iwei0yWAvOK6uMinQ6MVn772feUF2RbKjfaxuneloa1-uDHfQGynSdarEv7sjHs-efzJ4XM8tnzy5crF6rLlUvZuuv58rwP1_54UH71V76bvjpe-u_fFk9mlta3xiGDXf9aINXcXhZ3Jx-Mh5_aG9s3Vprtrvj1Xu7R5cP17Z2nBq_v2KW5RfzFx7NV8_n68_PVCdnqofn_veH-fFC9eLln5_--sez3_55dvXJK2_vcjM6uN19dNj3ZhPWDsXq1uat0dbh3vr4ZvPOtnFXR9ev0f3htRujlX8B0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.115.249.100 Hadera, Israel, ASN12753 (TEVA-AS, IL),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;
Strict-Transport-Security max-age = 31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://login.microsoftonline.com
Referer
https://login.microsoftonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache,no-store
Content-Length
24186
Content-Security-Policy
default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;
Content-Type
text/html; charset=utf-8
Date
Mon, 11 Sep 2023 13:56:13 GMT
Expires
-1
Include-Referred-Token-Binding-ID
true
Pragma
no-cache
Server
Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age = 31536000
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-XSS-Protection
1; mode=block

Redirect headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
1065
Content-Type
text/html; charset=utf-8
Date
Mon, 11 Sep 2023 13:56:11 GMT
Expires
-1
Location
https://sso.tevapharm.com/adfs/ls/?client-request-id=de09e3eb-3531-4091-af76-318632397172&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAAjVO9b101FL-XfLSNWqiYWJA6gIRUXmIf-_jYkSLVPrbTIkpDIGrLgu57vfelaZL38l6aD9gRI5WYwsbIAoKtE0JMHaArILGwoJZKHTvi_AOIwV788-_LxwvV8uub-_vj6fLS0vT-5KA9ni7eG012u3YyOV4cjHYmry5cfPrXuT8lPrjy7YH8DNze5KRe2G8PmnK8eHf7m_qt_yRYenc0vLu72EzHRz_Vb36sB00ju77uoW66nr7TDXq2Rey1UiJgK3Qf1OO6_ruuf39p7oNmZxtOZh7OctIpGQ7Jh5CizJajZA8ELNCQtUEiexGVjAKyVBht9rrshqQkQyYYUGCEdg5tgmxtzDaX5UO0TlL20jtyFoM0ORjSKBl0LEghLYASngiyMYkzsWTHhS-hF6hDyEIFHZGt0pGYfKFSQREbTiFBAMyBAyiVyUUSXpUYkgXrkFJ0Kalil0naSIFVTpoS2CgMFJM6EUWdjYjWa50KLGWTE4fCjBgBWZlQWEFwZl9ss0E0GMk6jME7AAZiUKnYFoZ8RC-RWGipdD5VyzIbp9iSQG9kYKGglGANWggEyRQ5KGLKSpeLfeVZsUfBRBkdkSJjQGpburbeIiLYROiwvJXGwh90Tk6VIMAuefSnQEnKlcJVcimTscFZKRxzTNpDiaVMiQPRm0glQhJWZC-yigipXMqgwUrIOrjoRbBBGxu1i1Iwei0yWAvOK6uMinQ6MVn772feUF2RbKjfaxuneloa1-uDHfQGynSdarEv7sjHs-efzJ4XM8tnzy5crF6rLlUvZuuv58rwP1_54UH71V76bvjpe-u_fFk9mlta3xiGDXf9aINXcXhZ3Jx-Mh5_aG9s3Vprtrvj1Xu7R5cP17Z2nBq_v2KW5RfzFx7NV8_n68_PVCdnqofn_veH-fFC9eLln5_--sez3_55dvXJK2_vcjM6uN19dNj3ZhPWDsXq1uat0dbh3vr4ZvPOtnFXR9ev0f3htRujlX8B0#
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
x-ms-ests-server
2.1.16253.5 - FRC ProdSlices
x-ms-request-id
91b33df0-9b65-4571-b067-7b4e52ce9400
style.css
sso.tevapharm.com/adfs/portal/css/ 		10 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sso.tevapharm.com/adfs/portal/css/style.css?id=3B1A0C704CDAE8ECD48AA8F0D50409D981CEF21D7AE6DC85B0797D270101B151&rp=f23c6f72-8173-e611-80da-005056aa15d8
Requested by
Host: sso.tevapharm.com
URL: https://sso.tevapharm.com/adfs/ls/?client-request-id=de09e3eb-3531-4091-af76-318632397172&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAAjVO9b101FL-XfLSNWqiYWJA6gIRUXmIf-_jYkSLVPrbTIkpDIGrLgu57vfelaZL38l6aD9gRI5WYwsbIAoKtE0JMHaArILGwoJZKHTvi_AOIwV788-_LxwvV8uub-_vj6fLS0vT-5KA9ni7eG012u3YyOV4cjHYmry5cfPrXuT8lPrjy7YH8DNze5KRe2G8PmnK8eHf7m_qt_yRYenc0vLu72EzHRz_Vb36sB00ju77uoW66nr7TDXq2Rey1UiJgK3Qf1OO6_ruuf39p7oNmZxtOZh7OctIpGQ7Jh5CizJajZA8ELNCQtUEiexGVjAKyVBht9rrshqQkQyYYUGCEdg5tgmxtzDaX5UO0TlL20jtyFoM0ORjSKBl0LEghLYASngiyMYkzsWTHhS-hF6hDyEIFHZGt0pGYfKFSQREbTiFBAMyBAyiVyUUSXpUYkgXrkFJ0Kalil0naSIFVTpoS2CgMFJM6EUWdjYjWa50KLGWTE4fCjBgBWZlQWEFwZl9ss0E0GMk6jME7AAZiUKnYFoZ8RC-RWGipdD5VyzIbp9iSQG9kYKGglGANWggEyRQ5KGLKSpeLfeVZsUfBRBkdkSJjQGpburbeIiLYROiwvJXGwh90Tk6VIMAuefSnQEnKlcJVcimTscFZKRxzTNpDiaVMiQPRm0glQhJWZC-yigipXMqgwUrIOrjoRbBBGxu1i1Iwei0yWAvOK6uMinQ6MVn772feUF2RbKjfaxuneloa1-uDHfQGynSdarEv7sjHs-efzJ4XM8tnzy5crF6rLlUvZuuv58rwP1_54UH71V76bvjpe-u_fFk9mlta3xiGDXf9aINXcXhZ3Jx-Mh5_aG9s3Vprtrvj1Xu7R5cP17Z2nBq_v2KW5RfzFx7NV8_n68_PVCdnqofn_veH-fFC9eLln5_--sez3_55dvXJK2_vcjM6uN19dNj3ZhPWDsXq1uat0dbh3vr4ZvPOtnFXR9ev0f3htRujlX8B0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.115.249.100 Hadera, Israel, ASN12753 (TEVA-AS, IL),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;
Strict-Transport-Security max-age = 31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sso.tevapharm.com/adfs/ls/?client-request-id=de09e3eb-3531-4091-af76-318632397172&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAAjVO9b101FL-XfLSNWqiYWJA6gIRUXmIf-_jYkSLVPrbTIkpDIGrLgu57vfelaZL38l6aD9gRI5WYwsbIAoKtE0JMHaArILGwoJZKHTvi_AOIwV788-_LxwvV8uub-_vj6fLS0vT-5KA9ni7eG012u3YyOV4cjHYmry5cfPrXuT8lPrjy7YH8DNze5KRe2G8PmnK8eHf7m_qt_yRYenc0vLu72EzHRz_Vb36sB00ju77uoW66nr7TDXq2Rey1UiJgK3Qf1OO6_ruuf39p7oNmZxtOZh7OctIpGQ7Jh5CizJajZA8ELNCQtUEiexGVjAKyVBht9rrshqQkQyYYUGCEdg5tgmxtzDaX5UO0TlL20jtyFoM0ORjSKBl0LEghLYASngiyMYkzsWTHhS-hF6hDyEIFHZGt0pGYfKFSQREbTiFBAMyBAyiVyUUSXpUYkgXrkFJ0Kalil0naSIFVTpoS2CgMFJM6EUWdjYjWa50KLGWTE4fCjBgBWZlQWEFwZl9ss0E0GMk6jME7AAZiUKnYFoZ8RC-RWGipdD5VyzIbp9iSQG9kYKGglGANWggEyRQ5KGLKSpeLfeVZsUfBRBkdkSJjQGpburbeIiLYROiwvJXGwh90Tk6VIMAuefSnQEnKlcJVcimTscFZKRxzTNpDiaVMiQPRm0glQhJWZC-yigipXMqgwUrIOrjoRbBBGxu1i1Iwei0yWAvOK6uMinQ6MVn772feUF2RbKjfaxuneloa1-uDHfQGynSdarEv7sjHs-efzJ4XM8tnzy5crF6rLlUvZuuv58rwP1_54UH71V76bvjpe-u_fFk9mlta3xiGDXf9aINXcXhZ3Jx-Mh5_aG9s3Vprtrvj1Xu7R5cP17Z2nBq_v2KW5RfzFx7NV8_n68_PVCdnqofn_veH-fFC9eLln5_--sez3_55dvXJK2_vcjM6uN19dNj3ZhPWDsXq1uat0dbh3vr4ZvPOtnFXR9ev0f3htRujlX8B0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Strict-Transport-Security
max-age = 31536000
Content-Security-Policy
default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;
X-Content-Type-Options
nosniff
Date
Mon, 11 Sep 2023 13:56:13 GMT
Server
Microsoft-HTTPAPI/2.0
ETag
3B1A0C704CDAE8ECD48AA8F0D50409D981CEF21D7AE6DC85B0797D270101B151
Content-Type
text/css
Content-Length
10462
X-XSS-Protection
1; mode=block
Expires
Wed, 11 Oct 2023 13:56:14 GMT
logo.jpg
sso.tevapharm.com/adfs/portal/logo/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sso.tevapharm.com/adfs/portal/logo/logo.jpg?id=3461EC3FABC04810A1C3E3F7E7B98641221CFE1D43892AD097185EF42251A05F&rp=f23c6f72-8173-e611-80da-005056aa15d8
Requested by
Host: sso.tevapharm.com
URL: https://sso.tevapharm.com/adfs/ls/?client-request-id=de09e3eb-3531-4091-af76-318632397172&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAAjVO9b101FL-XfLSNWqiYWJA6gIRUXmIf-_jYkSLVPrbTIkpDIGrLgu57vfelaZL38l6aD9gRI5WYwsbIAoKtE0JMHaArILGwoJZKHTvi_AOIwV788-_LxwvV8uub-_vj6fLS0vT-5KA9ni7eG012u3YyOV4cjHYmry5cfPrXuT8lPrjy7YH8DNze5KRe2G8PmnK8eHf7m_qt_yRYenc0vLu72EzHRz_Vb36sB00ju77uoW66nr7TDXq2Rey1UiJgK3Qf1OO6_ruuf39p7oNmZxtOZh7OctIpGQ7Jh5CizJajZA8ELNCQtUEiexGVjAKyVBht9rrshqQkQyYYUGCEdg5tgmxtzDaX5UO0TlL20jtyFoM0ORjSKBl0LEghLYASngiyMYkzsWTHhS-hF6hDyEIFHZGt0pGYfKFSQREbTiFBAMyBAyiVyUUSXpUYkgXrkFJ0Kalil0naSIFVTpoS2CgMFJM6EUWdjYjWa50KLGWTE4fCjBgBWZlQWEFwZl9ss0E0GMk6jME7AAZiUKnYFoZ8RC-RWGipdD5VyzIbp9iSQG9kYKGglGANWggEyRQ5KGLKSpeLfeVZsUfBRBkdkSJjQGpburbeIiLYROiwvJXGwh90Tk6VIMAuefSnQEnKlcJVcimTscFZKRxzTNpDiaVMiQPRm0glQhJWZC-yigipXMqgwUrIOrjoRbBBGxu1i1Iwei0yWAvOK6uMinQ6MVn772feUF2RbKjfaxuneloa1-uDHfQGynSdarEv7sjHs-efzJ4XM8tnzy5crF6rLlUvZuuv58rwP1_54UH71V76bvjpe-u_fFk9mlta3xiGDXf9aINXcXhZ3Jx-Mh5_aG9s3Vprtrvj1Xu7R5cP17Z2nBq_v2KW5RfzFx7NV8_n68_PVCdnqofn_veH-fFC9eLln5_--sez3_55dvXJK2_vcjM6uN19dNj3ZhPWDsXq1uat0dbh3vr4ZvPOtnFXR9ev0f3htRujlX8B0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.115.249.100 Hadera, Israel, ASN12753 (TEVA-AS, IL),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;
Strict-Transport-Security max-age = 31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sso.tevapharm.com/adfs/ls/?client-request-id=de09e3eb-3531-4091-af76-318632397172&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAAjVO9b101FL-XfLSNWqiYWJA6gIRUXmIf-_jYkSLVPrbTIkpDIGrLgu57vfelaZL38l6aD9gRI5WYwsbIAoKtE0JMHaArILGwoJZKHTvi_AOIwV788-_LxwvV8uub-_vj6fLS0vT-5KA9ni7eG012u3YyOV4cjHYmry5cfPrXuT8lPrjy7YH8DNze5KRe2G8PmnK8eHf7m_qt_yRYenc0vLu72EzHRz_Vb36sB00ju77uoW66nr7TDXq2Rey1UiJgK3Qf1OO6_ruuf39p7oNmZxtOZh7OctIpGQ7Jh5CizJajZA8ELNCQtUEiexGVjAKyVBht9rrshqQkQyYYUGCEdg5tgmxtzDaX5UO0TlL20jtyFoM0ORjSKBl0LEghLYASngiyMYkzsWTHhS-hF6hDyEIFHZGt0pGYfKFSQREbTiFBAMyBAyiVyUUSXpUYkgXrkFJ0Kalil0naSIFVTpoS2CgMFJM6EUWdjYjWa50KLGWTE4fCjBgBWZlQWEFwZl9ss0E0GMk6jME7AAZiUKnYFoZ8RC-RWGipdD5VyzIbp9iSQG9kYKGglGANWggEyRQ5KGLKSpeLfeVZsUfBRBkdkSJjQGpburbeIiLYROiwvJXGwh90Tk6VIMAuefSnQEnKlcJVcimTscFZKRxzTNpDiaVMiQPRm0glQhJWZC-yigipXMqgwUrIOrjoRbBBGxu1i1Iwei0yWAvOK6uMinQ6MVn772feUF2RbKjfaxuneloa1-uDHfQGynSdarEv7sjHs-efzJ4XM8tnzy5crF6rLlUvZuuv58rwP1_54UH71V76bvjpe-u_fFk9mlta3xiGDXf9aINXcXhZ3Jx-Mh5_aG9s3Vprtrvj1Xu7R5cP17Z2nBq_v2KW5RfzFx7NV8_n68_PVCdnqofn_veH-fFC9eLln5_--sez3_55dvXJK2_vcjM6uN19dNj3ZhPWDsXq1uat0dbh3vr4ZvPOtnFXR9ev0f3htRujlX8B0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Strict-Transport-Security
max-age = 31536000
Content-Security-Policy
default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;
X-Content-Type-Options
nosniff
Date
Mon, 11 Sep 2023 13:56:13 GMT
Server
Microsoft-HTTPAPI/2.0
ETag
3461EC3FABC04810A1C3E3F7E7B98641221CFE1D43892AD097185EF42251A05F
Content-Type
image/jpeg
Content-Length
8251
X-XSS-Protection
1; mode=block
Expires
Wed, 11 Oct 2023 13:56:14 GMT
idp.png
sso.tevapharm.com/adfs/portal/images/idp/ 		931 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sso.tevapharm.com/adfs/portal/images/idp/idp.png?id=3EADD3E829A20DF612C7A77960FF811E66E3EE6BAE2C33C9B20E7478BAC87548
Requested by
Host: sso.tevapharm.com
URL: https://sso.tevapharm.com/adfs/ls/?client-request-id=de09e3eb-3531-4091-af76-318632397172&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAAjVO9b101FL-XfLSNWqiYWJA6gIRUXmIf-_jYkSLVPrbTIkpDIGrLgu57vfelaZL38l6aD9gRI5WYwsbIAoKtE0JMHaArILGwoJZKHTvi_AOIwV788-_LxwvV8uub-_vj6fLS0vT-5KA9ni7eG012u3YyOV4cjHYmry5cfPrXuT8lPrjy7YH8DNze5KRe2G8PmnK8eHf7m_qt_yRYenc0vLu72EzHRz_Vb36sB00ju77uoW66nr7TDXq2Rey1UiJgK3Qf1OO6_ruuf39p7oNmZxtOZh7OctIpGQ7Jh5CizJajZA8ELNCQtUEiexGVjAKyVBht9rrshqQkQyYYUGCEdg5tgmxtzDaX5UO0TlL20jtyFoM0ORjSKBl0LEghLYASngiyMYkzsWTHhS-hF6hDyEIFHZGt0pGYfKFSQREbTiFBAMyBAyiVyUUSXpUYkgXrkFJ0Kalil0naSIFVTpoS2CgMFJM6EUWdjYjWa50KLGWTE4fCjBgBWZlQWEFwZl9ss0E0GMk6jME7AAZiUKnYFoZ8RC-RWGipdD5VyzIbp9iSQG9kYKGglGANWggEyRQ5KGLKSpeLfeVZsUfBRBkdkSJjQGpburbeIiLYROiwvJXGwh90Tk6VIMAuefSnQEnKlcJVcimTscFZKRxzTNpDiaVMiQPRm0glQhJWZC-yigipXMqgwUrIOrjoRbBBGxu1i1Iwei0yWAvOK6uMinQ6MVn772feUF2RbKjfaxuneloa1-uDHfQGynSdarEv7sjHs-efzJ4XM8tnzy5crF6rLlUvZuuv58rwP1_54UH71V76bvjpe-u_fFk9mlta3xiGDXf9aINXcXhZ3Jx-Mh5_aG9s3Vprtrvj1Xu7R5cP17Z2nBq_v2KW5RfzFx7NV8_n68_PVCdnqofn_veH-fFC9eLln5_--sez3_55dvXJK2_vcjM6uN19dNj3ZhPWDsXq1uat0dbh3vr4ZvPOtnFXR9ev0f3htRujlX8B0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.115.249.100 Hadera, Israel, ASN12753 (TEVA-AS, IL),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;
Strict-Transport-Security max-age = 31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sso.tevapharm.com/adfs/ls/?client-request-id=de09e3eb-3531-4091-af76-318632397172&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAAjVO9b101FL-XfLSNWqiYWJA6gIRUXmIf-_jYkSLVPrbTIkpDIGrLgu57vfelaZL38l6aD9gRI5WYwsbIAoKtE0JMHaArILGwoJZKHTvi_AOIwV788-_LxwvV8uub-_vj6fLS0vT-5KA9ni7eG012u3YyOV4cjHYmry5cfPrXuT8lPrjy7YH8DNze5KRe2G8PmnK8eHf7m_qt_yRYenc0vLu72EzHRz_Vb36sB00ju77uoW66nr7TDXq2Rey1UiJgK3Qf1OO6_ruuf39p7oNmZxtOZh7OctIpGQ7Jh5CizJajZA8ELNCQtUEiexGVjAKyVBht9rrshqQkQyYYUGCEdg5tgmxtzDaX5UO0TlL20jtyFoM0ORjSKBl0LEghLYASngiyMYkzsWTHhS-hF6hDyEIFHZGt0pGYfKFSQREbTiFBAMyBAyiVyUUSXpUYkgXrkFJ0Kalil0naSIFVTpoS2CgMFJM6EUWdjYjWa50KLGWTE4fCjBgBWZlQWEFwZl9ss0E0GMk6jME7AAZiUKnYFoZ8RC-RWGipdD5VyzIbp9iSQG9kYKGglGANWggEyRQ5KGLKSpeLfeVZsUfBRBkdkSJjQGpburbeIiLYROiwvJXGwh90Tk6VIMAuefSnQEnKlcJVcimTscFZKRxzTNpDiaVMiQPRm0glQhJWZC-yigipXMqgwUrIOrjoRbBBGxu1i1Iwei0yWAvOK6uMinQ6MVn772feUF2RbKjfaxuneloa1-uDHfQGynSdarEv7sjHs-efzJ4XM8tnzy5crF6rLlUvZuuv58rwP1_54UH71V76bvjpe-u_fFk9mlta3xiGDXf9aINXcXhZ3Jx-Mh5_aG9s3Vprtrvj1Xu7R5cP17Z2nBq_v2KW5RfzFx7NV8_n68_PVCdnqofn_veH-fFC9eLln5_--sez3_55dvXJK2_vcjM6uN19dNj3ZhPWDsXq1uat0dbh3vr4ZvPOtnFXR9ev0f3htRujlX8B0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Strict-Transport-Security
max-age = 31536000
Content-Security-Policy
default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;
X-Content-Type-Options
nosniff
Date
Mon, 11 Sep 2023 13:56:13 GMT
Server
Microsoft-HTTPAPI/2.0
ETag
3EADD3E829A20DF612C7A77960FF811E66E3EE6BAE2C33C9B20E7478BAC87548
Content-Type
image/png
Content-Length
931
X-XSS-Protection
1; mode=block
Expires
Wed, 11 Oct 2023 13:56:14 GMT
localsts.png
sso.tevapharm.com/adfs/portal/images/idp/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sso.tevapharm.com/adfs/portal/images/idp/localsts.png?id=A3911892BE04D81EBA5A8E0C74F77099AA1DB05E542FBFCC78C9DF4B0EC0E3A6
Requested by
Host: sso.tevapharm.com
URL: https://sso.tevapharm.com/adfs/ls/?client-request-id=de09e3eb-3531-4091-af76-318632397172&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAAjVO9b101FL-XfLSNWqiYWJA6gIRUXmIf-_jYkSLVPrbTIkpDIGrLgu57vfelaZL38l6aD9gRI5WYwsbIAoKtE0JMHaArILGwoJZKHTvi_AOIwV788-_LxwvV8uub-_vj6fLS0vT-5KA9ni7eG012u3YyOV4cjHYmry5cfPrXuT8lPrjy7YH8DNze5KRe2G8PmnK8eHf7m_qt_yRYenc0vLu72EzHRz_Vb36sB00ju77uoW66nr7TDXq2Rey1UiJgK3Qf1OO6_ruuf39p7oNmZxtOZh7OctIpGQ7Jh5CizJajZA8ELNCQtUEiexGVjAKyVBht9rrshqQkQyYYUGCEdg5tgmxtzDaX5UO0TlL20jtyFoM0ORjSKBl0LEghLYASngiyMYkzsWTHhS-hF6hDyEIFHZGt0pGYfKFSQREbTiFBAMyBAyiVyUUSXpUYkgXrkFJ0Kalil0naSIFVTpoS2CgMFJM6EUWdjYjWa50KLGWTE4fCjBgBWZlQWEFwZl9ss0E0GMk6jME7AAZiUKnYFoZ8RC-RWGipdD5VyzIbp9iSQG9kYKGglGANWggEyRQ5KGLKSpeLfeVZsUfBRBkdkSJjQGpburbeIiLYROiwvJXGwh90Tk6VIMAuefSnQEnKlcJVcimTscFZKRxzTNpDiaVMiQPRm0glQhJWZC-yigipXMqgwUrIOrjoRbBBGxu1i1Iwei0yWAvOK6uMinQ6MVn772feUF2RbKjfaxuneloa1-uDHfQGynSdarEv7sjHs-efzJ4XM8tnzy5crF6rLlUvZuuv58rwP1_54UH71V76bvjpe-u_fFk9mlta3xiGDXf9aINXcXhZ3Jx-Mh5_aG9s3Vprtrvj1Xu7R5cP17Z2nBq_v2KW5RfzFx7NV8_n68_PVCdnqofn_veH-fFC9eLln5_--sez3_55dvXJK2_vcjM6uN19dNj3ZhPWDsXq1uat0dbh3vr4ZvPOtnFXR9ev0f3htRujlX8B0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.115.249.100 Hadera, Israel, ASN12753 (TEVA-AS, IL),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;
Strict-Transport-Security max-age = 31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sso.tevapharm.com/adfs/ls/?client-request-id=de09e3eb-3531-4091-af76-318632397172&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAAjVO9b101FL-XfLSNWqiYWJA6gIRUXmIf-_jYkSLVPrbTIkpDIGrLgu57vfelaZL38l6aD9gRI5WYwsbIAoKtE0JMHaArILGwoJZKHTvi_AOIwV788-_LxwvV8uub-_vj6fLS0vT-5KA9ni7eG012u3YyOV4cjHYmry5cfPrXuT8lPrjy7YH8DNze5KRe2G8PmnK8eHf7m_qt_yRYenc0vLu72EzHRz_Vb36sB00ju77uoW66nr7TDXq2Rey1UiJgK3Qf1OO6_ruuf39p7oNmZxtOZh7OctIpGQ7Jh5CizJajZA8ELNCQtUEiexGVjAKyVBht9rrshqQkQyYYUGCEdg5tgmxtzDaX5UO0TlL20jtyFoM0ORjSKBl0LEghLYASngiyMYkzsWTHhS-hF6hDyEIFHZGt0pGYfKFSQREbTiFBAMyBAyiVyUUSXpUYkgXrkFJ0Kalil0naSIFVTpoS2CgMFJM6EUWdjYjWa50KLGWTE4fCjBgBWZlQWEFwZl9ss0E0GMk6jME7AAZiUKnYFoZ8RC-RWGipdD5VyzIbp9iSQG9kYKGglGANWggEyRQ5KGLKSpeLfeVZsUfBRBkdkSJjQGpburbeIiLYROiwvJXGwh90Tk6VIMAuefSnQEnKlcJVcimTscFZKRxzTNpDiaVMiQPRm0glQhJWZC-yigipXMqgwUrIOrjoRbBBGxu1i1Iwei0yWAvOK6uMinQ6MVn772feUF2RbKjfaxuneloa1-uDHfQGynSdarEv7sjHs-efzJ4XM8tnzy5crF6rLlUvZuuv58rwP1_54UH71V76bvjpe-u_fFk9mlta3xiGDXf9aINXcXhZ3Jx-Mh5_aG9s3Vprtrvj1Xu7R5cP17Z2nBq_v2KW5RfzFx7NV8_n68_PVCdnqofn_veH-fFC9eLln5_--sez3_55dvXJK2_vcjM6uN19dNj3ZhPWDsXq1uat0dbh3vr4ZvPOtnFXR9ev0f3htRujlX8B0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Strict-Transport-Security
max-age = 31536000
Content-Security-Policy
default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;
X-Content-Type-Options
nosniff
Date
Mon, 11 Sep 2023 13:56:13 GMT
Server
Microsoft-HTTPAPI/2.0
ETag
A3911892BE04D81EBA5A8E0C74F77099AA1DB05E542FBFCC78C9DF4B0EC0E3A6
Content-Type
image/png
Content-Length
1977
X-XSS-Protection
1; mode=block
Expires
Wed, 11 Oct 2023 13:56:14 GMT
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/png
Primary Request /
sso.tevapharm.com/adfs/ls/
Redirect Chain
  • https://sso.tevapharm.com/adfs/ls/?client-request-id=de09e3eb-3531-4091-af76-318632397172&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQ...
  • https://sso.tevapharm.com/adfs/ls/?client-request-id=de09e3eb-3531-4091-af76-318632397172&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQ...
26 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sso.tevapharm.com/adfs/ls/?client-request-id=de09e3eb-3531-4091-af76-318632397172&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAAjVO9b101FL-XfLSNWqiYWJA6gIRUXmIf-_jYkSLVPrbTIkpDIGrLgu57vfelaZL38l6aD9gRI5WYwsbIAoKtE0JMHaArILGwoJZKHTvi_AOIwV788-_LxwvV8uub-_vj6fLS0vT-5KA9ni7eG012u3YyOV4cjHYmry5cfPrXuT8lPrjy7YH8DNze5KRe2G8PmnK8eHf7m_qt_yRYenc0vLu72EzHRz_Vb36sB00ju77uoW66nr7TDXq2Rey1UiJgK3Qf1OO6_ruuf39p7oNmZxtOZh7OctIpGQ7Jh5CizJajZA8ELNCQtUEiexGVjAKyVBht9rrshqQkQyYYUGCEdg5tgmxtzDaX5UO0TlL20jtyFoM0ORjSKBl0LEghLYASngiyMYkzsWTHhS-hF6hDyEIFHZGt0pGYfKFSQREbTiFBAMyBAyiVyUUSXpUYkgXrkFJ0Kalil0naSIFVTpoS2CgMFJM6EUWdjYjWa50KLGWTE4fCjBgBWZlQWEFwZl9ss0E0GMk6jME7AAZiUKnYFoZ8RC-RWGipdD5VyzIbp9iSQG9kYKGglGANWggEyRQ5KGLKSpeLfeVZsUfBRBkdkSJjQGpburbeIiLYROiwvJXGwh90Tk6VIMAuefSnQEnKlcJVcimTscFZKRxzTNpDiaVMiQPRm0glQhJWZC-yigipXMqgwUrIOrjoRbBBGxu1i1Iwei0yWAvOK6uMinQ6MVn772feUF2RbKjfaxuneloa1-uDHfQGynSdarEv7sjHs-efzJ4XM8tnzy5crF6rLlUvZuuv58rwP1_54UH71V76bvjpe-u_fFk9mlta3xiGDXf9aINXcXhZ3Jx-Mh5_aG9s3Vprtrvj1Xu7R5cP17Z2nBq_v2KW5RfzFx7NV8_n68_PVCdnqofn_veH-fFC9eLln5_--sez3_55dvXJK2_vcjM6uN19dNj3ZhPWDsXq1uat0dbh3vr4ZvPOtnFXR9ev0f3htRujlX8B0&RedirectToIdentityProvider=AD+AUTHORITY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.115.249.100 Hadera, Israel, ASN12753 (TEVA-AS, IL),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
a1bf340c31193a8bc227c5f17bf95ec06bb16873fe4cfb0bbcc4df404db42783
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;
Strict-Transport-Security max-age = 31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://sso.tevapharm.com
Referer
https://sso.tevapharm.com/adfs/ls/?client-request-id=de09e3eb-3531-4091-af76-318632397172&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAAjVO9b101FL-XfLSNWqiYWJA6gIRUXmIf-_jYkSLVPrbTIkpDIGrLgu57vfelaZL38l6aD9gRI5WYwsbIAoKtE0JMHaArILGwoJZKHTvi_AOIwV788-_LxwvV8uub-_vj6fLS0vT-5KA9ni7eG012u3YyOV4cjHYmry5cfPrXuT8lPrjy7YH8DNze5KRe2G8PmnK8eHf7m_qt_yRYenc0vLu72EzHRz_Vb36sB00ju77uoW66nr7TDXq2Rey1UiJgK3Qf1OO6_ruuf39p7oNmZxtOZh7OctIpGQ7Jh5CizJajZA8ELNCQtUEiexGVjAKyVBht9rrshqQkQyYYUGCEdg5tgmxtzDaX5UO0TlL20jtyFoM0ORjSKBl0LEghLYASngiyMYkzsWTHhS-hF6hDyEIFHZGt0pGYfKFSQREbTiFBAMyBAyiVyUUSXpUYkgXrkFJ0Kalil0naSIFVTpoS2CgMFJM6EUWdjYjWa50KLGWTE4fCjBgBWZlQWEFwZl9ss0E0GMk6jME7AAZiUKnYFoZ8RC-RWGipdD5VyzIbp9iSQG9kYKGglGANWggEyRQ5KGLKSpeLfeVZsUfBRBkdkSJjQGpburbeIiLYROiwvJXGwh90Tk6VIMAuefSnQEnKlcJVcimTscFZKRxzTNpDiaVMiQPRm0glQhJWZC-yigipXMqgwUrIOrjoRbBBGxu1i1Iwei0yWAvOK6uMinQ6MVn772feUF2RbKjfaxuneloa1-uDHfQGynSdarEv7sjHs-efzJ4XM8tnzy5crF6rLlUvZuuv58rwP1_54UH71V76bvjpe-u_fFk9mlta3xiGDXf9aINXcXhZ3Jx-Mh5_aG9s3Vprtrvj1Xu7R5cP17Z2nBq_v2KW5RfzFx7NV8_n68_PVCdnqofn_veH-fFC9eLln5_--sez3_55dvXJK2_vcjM6uN19dNj3ZhPWDsXq1uat0dbh3vr4ZvPOtnFXR9ev0f3htRujlX8B0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache,no-store
Content-Length
26425
Content-Security-Policy
default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;
Content-Type
text/html; charset=utf-8
Date
Mon, 11 Sep 2023 13:56:13 GMT
Expires
-1
Pragma
no-cache
Server
Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age = 31536000
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-XSS-Protection
1; mode=block

Redirect headers

Content-Length
0
Content-Security-Policy
default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;
Content-Type
text/html; charset=utf-8
Date
Mon, 11 Sep 2023 13:56:13 GMT
Include-Referred-Token-Binding-ID
true
Location
https://sso.tevapharm.com:443/adfs/ls/?client-request-id=de09e3eb-3531-4091-af76-318632397172&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAAjVO9b101FL-XfLSNWqiYWJA6gIRUXmIf-_jYkSLVPrbTIkpDIGrLgu57vfelaZL38l6aD9gRI5WYwsbIAoKtE0JMHaArILGwoJZKHTvi_AOIwV788-_LxwvV8uub-_vj6fLS0vT-5KA9ni7eG012u3YyOV4cjHYmry5cfPrXuT8lPrjy7YH8DNze5KRe2G8PmnK8eHf7m_qt_yRYenc0vLu72EzHRz_Vb36sB00ju77uoW66nr7TDXq2Rey1UiJgK3Qf1OO6_ruuf39p7oNmZxtOZh7OctIpGQ7Jh5CizJajZA8ELNCQtUEiexGVjAKyVBht9rrshqQkQyYYUGCEdg5tgmxtzDaX5UO0TlL20jtyFoM0ORjSKBl0LEghLYASngiyMYkzsWTHhS-hF6hDyEIFHZGt0pGYfKFSQREbTiFBAMyBAyiVyUUSXpUYkgXrkFJ0Kalil0naSIFVTpoS2CgMFJM6EUWdjYjWa50KLGWTE4fCjBgBWZlQWEFwZl9ss0E0GMk6jME7AAZiUKnYFoZ8RC-RWGipdD5VyzIbp9iSQG9kYKGglGANWggEyRQ5KGLKSpeLfeVZsUfBRBkdkSJjQGpburbeIiLYROiwvJXGwh90Tk6VIMAuefSnQEnKlcJVcimTscFZKRxzTNpDiaVMiQPRm0glQhJWZC-yigipXMqgwUrIOrjoRbBBGxu1i1Iwei0yWAvOK6uMinQ6MVn772feUF2RbKjfaxuneloa1-uDHfQGynSdarEv7sjHs-efzJ4XM8tnzy5crF6rLlUvZuuv58rwP1_54UH71V76bvjpe-u_fFk9mlta3xiGDXf9aINXcXhZ3Jx-Mh5_aG9s3Vprtrvj1Xu7R5cP17Z2nBq_v2KW5RfzFx7NV8_n68_PVCdnqofn_veH-fFC9eLln5_--sez3_55dvXJK2_vcjM6uN19dNj3ZhPWDsXq1uat0dbh3vr4ZvPOtnFXR9ev0f3htRujlX8B0&RedirectToIdentityProvider=AD+AUTHORITY
Server
Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age = 31536000
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
style.css
sso.tevapharm.com/adfs/portal/css/ 		10 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sso.tevapharm.com/adfs/portal/css/style.css?id=3B1A0C704CDAE8ECD48AA8F0D50409D981CEF21D7AE6DC85B0797D270101B151&rp=f23c6f72-8173-e611-80da-005056aa15d8
Requested by
Host: sso.tevapharm.com
URL: https://sso.tevapharm.com/adfs/ls/?client-request-id=de09e3eb-3531-4091-af76-318632397172&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAAjVO9b101FL-XfLSNWqiYWJA6gIRUXmIf-_jYkSLVPrbTIkpDIGrLgu57vfelaZL38l6aD9gRI5WYwsbIAoKtE0JMHaArILGwoJZKHTvi_AOIwV788-_LxwvV8uub-_vj6fLS0vT-5KA9ni7eG012u3YyOV4cjHYmry5cfPrXuT8lPrjy7YH8DNze5KRe2G8PmnK8eHf7m_qt_yRYenc0vLu72EzHRz_Vb36sB00ju77uoW66nr7TDXq2Rey1UiJgK3Qf1OO6_ruuf39p7oNmZxtOZh7OctIpGQ7Jh5CizJajZA8ELNCQtUEiexGVjAKyVBht9rrshqQkQyYYUGCEdg5tgmxtzDaX5UO0TlL20jtyFoM0ORjSKBl0LEghLYASngiyMYkzsWTHhS-hF6hDyEIFHZGt0pGYfKFSQREbTiFBAMyBAyiVyUUSXpUYkgXrkFJ0Kalil0naSIFVTpoS2CgMFJM6EUWdjYjWa50KLGWTE4fCjBgBWZlQWEFwZl9ss0E0GMk6jME7AAZiUKnYFoZ8RC-RWGipdD5VyzIbp9iSQG9kYKGglGANWggEyRQ5KGLKSpeLfeVZsUfBRBkdkSJjQGpburbeIiLYROiwvJXGwh90Tk6VIMAuefSnQEnKlcJVcimTscFZKRxzTNpDiaVMiQPRm0glQhJWZC-yigipXMqgwUrIOrjoRbBBGxu1i1Iwei0yWAvOK6uMinQ6MVn772feUF2RbKjfaxuneloa1-uDHfQGynSdarEv7sjHs-efzJ4XM8tnzy5crF6rLlUvZuuv58rwP1_54UH71V76bvjpe-u_fFk9mlta3xiGDXf9aINXcXhZ3Jx-Mh5_aG9s3Vprtrvj1Xu7R5cP17Z2nBq_v2KW5RfzFx7NV8_n68_PVCdnqofn_veH-fFC9eLln5_--sez3_55dvXJK2_vcjM6uN19dNj3ZhPWDsXq1uat0dbh3vr4ZvPOtnFXR9ev0f3htRujlX8B0&RedirectToIdentityProvider=AD+AUTHORITY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.115.249.100 Hadera, Israel, ASN12753 (TEVA-AS, IL),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
3b1a0c704cdae8ecd48aa8f0d50409d981cef21d7ae6dc85b0797d270101b151
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;
Strict-Transport-Security max-age = 31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sso.tevapharm.com/adfs/ls/?client-request-id=de09e3eb-3531-4091-af76-318632397172&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAAjVO9b101FL-XfLSNWqiYWJA6gIRUXmIf-_jYkSLVPrbTIkpDIGrLgu57vfelaZL38l6aD9gRI5WYwsbIAoKtE0JMHaArILGwoJZKHTvi_AOIwV788-_LxwvV8uub-_vj6fLS0vT-5KA9ni7eG012u3YyOV4cjHYmry5cfPrXuT8lPrjy7YH8DNze5KRe2G8PmnK8eHf7m_qt_yRYenc0vLu72EzHRz_Vb36sB00ju77uoW66nr7TDXq2Rey1UiJgK3Qf1OO6_ruuf39p7oNmZxtOZh7OctIpGQ7Jh5CizJajZA8ELNCQtUEiexGVjAKyVBht9rrshqQkQyYYUGCEdg5tgmxtzDaX5UO0TlL20jtyFoM0ORjSKBl0LEghLYASngiyMYkzsWTHhS-hF6hDyEIFHZGt0pGYfKFSQREbTiFBAMyBAyiVyUUSXpUYkgXrkFJ0Kalil0naSIFVTpoS2CgMFJM6EUWdjYjWa50KLGWTE4fCjBgBWZlQWEFwZl9ss0E0GMk6jME7AAZiUKnYFoZ8RC-RWGipdD5VyzIbp9iSQG9kYKGglGANWggEyRQ5KGLKSpeLfeVZsUfBRBkdkSJjQGpburbeIiLYROiwvJXGwh90Tk6VIMAuefSnQEnKlcJVcimTscFZKRxzTNpDiaVMiQPRm0glQhJWZC-yigipXMqgwUrIOrjoRbBBGxu1i1Iwei0yWAvOK6uMinQ6MVn772feUF2RbKjfaxuneloa1-uDHfQGynSdarEv7sjHs-efzJ4XM8tnzy5crF6rLlUvZuuv58rwP1_54UH71V76bvjpe-u_fFk9mlta3xiGDXf9aINXcXhZ3Jx-Mh5_aG9s3Vprtrvj1Xu7R5cP17Z2nBq_v2KW5RfzFx7NV8_n68_PVCdnqofn_veH-fFC9eLln5_--sez3_55dvXJK2_vcjM6uN19dNj3ZhPWDsXq1uat0dbh3vr4ZvPOtnFXR9ev0f3htRujlX8B0&RedirectToIdentityProvider=AD+AUTHORITY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Strict-Transport-Security
max-age = 31536000
Content-Security-Policy
default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;
X-Content-Type-Options
nosniff
Date
Mon, 11 Sep 2023 13:56:14 GMT
Server
Microsoft-HTTPAPI/2.0
ETag
3B1A0C704CDAE8ECD48AA8F0D50409D981CEF21D7AE6DC85B0797D270101B151
Content-Type
text/css
Content-Length
10462
X-XSS-Protection
1; mode=block
Expires
Wed, 11 Oct 2023 13:56:14 GMT
logo.jpg
sso.tevapharm.com/adfs/portal/logo/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sso.tevapharm.com/adfs/portal/logo/logo.jpg?id=3461EC3FABC04810A1C3E3F7E7B98641221CFE1D43892AD097185EF42251A05F&rp=f23c6f72-8173-e611-80da-005056aa15d8
Requested by
Host: sso.tevapharm.com
URL: https://sso.tevapharm.com/adfs/ls/?client-request-id=de09e3eb-3531-4091-af76-318632397172&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAAjVO9b101FL-XfLSNWqiYWJA6gIRUXmIf-_jYkSLVPrbTIkpDIGrLgu57vfelaZL38l6aD9gRI5WYwsbIAoKtE0JMHaArILGwoJZKHTvi_AOIwV788-_LxwvV8uub-_vj6fLS0vT-5KA9ni7eG012u3YyOV4cjHYmry5cfPrXuT8lPrjy7YH8DNze5KRe2G8PmnK8eHf7m_qt_yRYenc0vLu72EzHRz_Vb36sB00ju77uoW66nr7TDXq2Rey1UiJgK3Qf1OO6_ruuf39p7oNmZxtOZh7OctIpGQ7Jh5CizJajZA8ELNCQtUEiexGVjAKyVBht9rrshqQkQyYYUGCEdg5tgmxtzDaX5UO0TlL20jtyFoM0ORjSKBl0LEghLYASngiyMYkzsWTHhS-hF6hDyEIFHZGt0pGYfKFSQREbTiFBAMyBAyiVyUUSXpUYkgXrkFJ0Kalil0naSIFVTpoS2CgMFJM6EUWdjYjWa50KLGWTE4fCjBgBWZlQWEFwZl9ss0E0GMk6jME7AAZiUKnYFoZ8RC-RWGipdD5VyzIbp9iSQG9kYKGglGANWggEyRQ5KGLKSpeLfeVZsUfBRBkdkSJjQGpburbeIiLYROiwvJXGwh90Tk6VIMAuefSnQEnKlcJVcimTscFZKRxzTNpDiaVMiQPRm0glQhJWZC-yigipXMqgwUrIOrjoRbBBGxu1i1Iwei0yWAvOK6uMinQ6MVn772feUF2RbKjfaxuneloa1-uDHfQGynSdarEv7sjHs-efzJ4XM8tnzy5crF6rLlUvZuuv58rwP1_54UH71V76bvjpe-u_fFk9mlta3xiGDXf9aINXcXhZ3Jx-Mh5_aG9s3Vprtrvj1Xu7R5cP17Z2nBq_v2KW5RfzFx7NV8_n68_PVCdnqofn_veH-fFC9eLln5_--sez3_55dvXJK2_vcjM6uN19dNj3ZhPWDsXq1uat0dbh3vr4ZvPOtnFXR9ev0f3htRujlX8B0&RedirectToIdentityProvider=AD+AUTHORITY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.115.249.100 Hadera, Israel, ASN12753 (TEVA-AS, IL),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
3461ec3fabc04810a1c3e3f7e7b98641221cfe1d43892ad097185ef42251a05f
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;
Strict-Transport-Security max-age = 31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sso.tevapharm.com/adfs/ls/?client-request-id=de09e3eb-3531-4091-af76-318632397172&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAAjVO9b101FL-XfLSNWqiYWJA6gIRUXmIf-_jYkSLVPrbTIkpDIGrLgu57vfelaZL38l6aD9gRI5WYwsbIAoKtE0JMHaArILGwoJZKHTvi_AOIwV788-_LxwvV8uub-_vj6fLS0vT-5KA9ni7eG012u3YyOV4cjHYmry5cfPrXuT8lPrjy7YH8DNze5KRe2G8PmnK8eHf7m_qt_yRYenc0vLu72EzHRz_Vb36sB00ju77uoW66nr7TDXq2Rey1UiJgK3Qf1OO6_ruuf39p7oNmZxtOZh7OctIpGQ7Jh5CizJajZA8ELNCQtUEiexGVjAKyVBht9rrshqQkQyYYUGCEdg5tgmxtzDaX5UO0TlL20jtyFoM0ORjSKBl0LEghLYASngiyMYkzsWTHhS-hF6hDyEIFHZGt0pGYfKFSQREbTiFBAMyBAyiVyUUSXpUYkgXrkFJ0Kalil0naSIFVTpoS2CgMFJM6EUWdjYjWa50KLGWTE4fCjBgBWZlQWEFwZl9ss0E0GMk6jME7AAZiUKnYFoZ8RC-RWGipdD5VyzIbp9iSQG9kYKGglGANWggEyRQ5KGLKSpeLfeVZsUfBRBkdkSJjQGpburbeIiLYROiwvJXGwh90Tk6VIMAuefSnQEnKlcJVcimTscFZKRxzTNpDiaVMiQPRm0glQhJWZC-yigipXMqgwUrIOrjoRbBBGxu1i1Iwei0yWAvOK6uMinQ6MVn772feUF2RbKjfaxuneloa1-uDHfQGynSdarEv7sjHs-efzJ4XM8tnzy5crF6rLlUvZuuv58rwP1_54UH71V76bvjpe-u_fFk9mlta3xiGDXf9aINXcXhZ3Jx-Mh5_aG9s3Vprtrvj1Xu7R5cP17Z2nBq_v2KW5RfzFx7NV8_n68_PVCdnqofn_veH-fFC9eLln5_--sez3_55dvXJK2_vcjM6uN19dNj3ZhPWDsXq1uat0dbh3vr4ZvPOtnFXR9ev0f3htRujlX8B0&RedirectToIdentityProvider=AD+AUTHORITY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Strict-Transport-Security
max-age = 31536000
Content-Security-Policy
default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;
X-Content-Type-Options
nosniff
Date
Mon, 11 Sep 2023 13:56:14 GMT
Server
Microsoft-HTTPAPI/2.0
ETag
3461EC3FABC04810A1C3E3F7E7B98641221CFE1D43892AD097185EF42251A05F
Content-Type
image/jpeg
Content-Length
8251
X-XSS-Protection
1; mode=block
Expires
Wed, 11 Oct 2023 13:56:14 GMT
illustration.jpg
sso.tevapharm.com/adfs/portal/illustration/ 		196 KB
196 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sso.tevapharm.com/adfs/portal/illustration/illustration.jpg?id=3051481E3FB247FF933BC735F7D029CEC3019A5D5C74A3054B8B6845EF0F1E39&rp=f23c6f72-8173-e611-80da-005056aa15d8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.115.249.100 Hadera, Israel, ASN12753 (TEVA-AS, IL),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
3051481e3fb247ff933bc735f7d029cec3019a5d5c74a3054b8b6845ef0f1e39
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;
Strict-Transport-Security max-age = 31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sso.tevapharm.com/adfs/ls/?client-request-id=de09e3eb-3531-4091-af76-318632397172&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAAjVO9b101FL-XfLSNWqiYWJA6gIRUXmIf-_jYkSLVPrbTIkpDIGrLgu57vfelaZL38l6aD9gRI5WYwsbIAoKtE0JMHaArILGwoJZKHTvi_AOIwV788-_LxwvV8uub-_vj6fLS0vT-5KA9ni7eG012u3YyOV4cjHYmry5cfPrXuT8lPrjy7YH8DNze5KRe2G8PmnK8eHf7m_qt_yRYenc0vLu72EzHRz_Vb36sB00ju77uoW66nr7TDXq2Rey1UiJgK3Qf1OO6_ruuf39p7oNmZxtOZh7OctIpGQ7Jh5CizJajZA8ELNCQtUEiexGVjAKyVBht9rrshqQkQyYYUGCEdg5tgmxtzDaX5UO0TlL20jtyFoM0ORjSKBl0LEghLYASngiyMYkzsWTHhS-hF6hDyEIFHZGt0pGYfKFSQREbTiFBAMyBAyiVyUUSXpUYkgXrkFJ0Kalil0naSIFVTpoS2CgMFJM6EUWdjYjWa50KLGWTE4fCjBgBWZlQWEFwZl9ss0E0GMk6jME7AAZiUKnYFoZ8RC-RWGipdD5VyzIbp9iSQG9kYKGglGANWggEyRQ5KGLKSpeLfeVZsUfBRBkdkSJjQGpburbeIiLYROiwvJXGwh90Tk6VIMAuefSnQEnKlcJVcimTscFZKRxzTNpDiaVMiQPRm0glQhJWZC-yigipXMqgwUrIOrjoRbBBGxu1i1Iwei0yWAvOK6uMinQ6MVn772feUF2RbKjfaxuneloa1-uDHfQGynSdarEv7sjHs-efzJ4XM8tnzy5crF6rLlUvZuuv58rwP1_54UH71V76bvjpe-u_fFk9mlta3xiGDXf9aINXcXhZ3Jx-Mh5_aG9s3Vprtrvj1Xu7R5cP17Z2nBq_v2KW5RfzFx7NV8_n68_PVCdnqofn_veH-fFC9eLln5_--sez3_55dvXJK2_vcjM6uN19dNj3ZhPWDsXq1uat0dbh3vr4ZvPOtnFXR9ev0f3htRujlX8B0&RedirectToIdentityProvider=AD+AUTHORITY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Strict-Transport-Security
max-age = 31536000
Content-Security-Policy
default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;
X-Content-Type-Options
nosniff
Date
Mon, 11 Sep 2023 13:56:14 GMT
Server
Microsoft-HTTPAPI/2.0
ETag
3051481E3FB247FF933BC735F7D029CEC3019A5D5C74A3054B8B6845EF0F1E39
Content-Type
image/jpeg
Content-Length
200498
X-XSS-Protection
1; mode=block
Expires
Wed, 11 Oct 2023 13:56:15 GMT

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| LoginErrors number| maxPasswordLength function| InputUtil function| SelectOption function| Login undefined| emails undefined| msViewportStyle undefined| viewport function| getStyle function| computeLoadIllustration function| SetIllustrationImage undefined| pageDiv

12 Cookies

Domain/Path Name / Value
surveys.kornferry.com/ Name: ApplicationGatewayAffinityCORS
Value: 1eac64d9a4dcefbff1b0e4f91c52a6ba
surveys.kornferry.com/ Name: ApplicationGatewayAffinity
Value: 1eac64d9a4dcefbff1b0e4f91c52a6ba
surveys.kornferry.com/ Name: hayhthdb445lvavhf45vcu4s5nj
Value: B5C7F90E1193DD73=E487B9&A4D7F90F128AC7403CBC56527337ADE71434=
surveys.kornferry.com/ Name: haysurveys
Value: E4480D67679ECABE=ED474E7561
login.microsoftonline.com/ Name: x-ms-gateway-slice
Value: estsfd
login.microsoftonline.com/ Name: stsservicecookie
Value: estsfd
.login.microsoftonline.com/ Name: AADSSO
Value: NA|NoExtension
login.microsoftonline.com/ Name: SSOCOOKIEPULLED
Value: 1
login.microsoftonline.com/ Name: buid
Value: 0.AYIAexqZP5PqaUGyjMNv8-Ww0Xw-DSM5YuxAn4-Na3NidwqCAAA.AQABAAEAAAAtyolDObpQQ5VtlI4uGjEP_p9P0hOF4Fm8phF9PUuzXoA3RpatS7jUUAhXEnEwkLtVAo6KCkpDFUaZchfBrRO0F1jmpfgt2i7lfCv-jgGPT-NcURoAAoVfD85jWvy62_8gAA
.login.microsoftonline.com/ Name: ESTSWCTXFLOWTOKEN
Value: AQABAAEAAAAtyolDObpQQ5VtlI4uGjEPJJUAKW4m367pVpEsZcY9V77irtSTrtneKQiJK0rQbdn8BLw3MsLXgUxoWgzE-ABXs79yZN5Z5Quotb8BZTkAMGzLDc747MVen2st_aEVP0w4c2bWY_I9U_Slv7PaRUaDzVmVZnPr3Z-1jPhnDRMl61ImEVkFpg-T47nlv7s-_UIoqTqE7ysqZZiMSmw1cd9hV-k-VvCDNExMw-6QBkeMeRz-Tlp7Dyd42F0MmbITHD4qEFNwbmLtsuC7wlGSdI8BhlXYtwqSQN6CNUbJBR00NZGoByl1z3wQF0967eaF3s__quJG-hToIEOG5ywKl3QlQR5xAorw9SCPLGl7efPddLfu3X2LZmZxUgLMqvARjeFR9kAmd24Jac6qHGE-dIMqAOxLg613RFrH7TDDYrZARNfkCSS2brukVKfBL8S3x0SBRrHvDo7diXRFSRtGUUMHX1r9aLSLo_SMARG6k7y3YRc5wxFbl8-MC8ciBh37Bdo6tWwX_HC7jvhqtjfB1-0bNmUlOSS_l2mx9LTrHmRT3HKggL5e3nEPJPFHMPNNHpAEe-sDhjL5sDVYegtm39gvIAA
login.microsoftonline.com/ Name: fpc
Value: AuxHR-WX4jFMnWokeO7p60gY_v1yAQAAAHsTkdwOAAAA
.login.microsoftonline.com/ Name: esctx
Value: PAQABAAEAAAAtyolDObpQQ5VtlI4uGjEP3IhKar7Ul6GkEgD-eN1US0UUg0qHSMub6AdNKFtr0tKOiwCyWCvfk73PZaLqELhgdKaJC7Fpkmi4Is2zTQ5qx-WTc6uULZwv2nKwVJsp5lgBpayMBUMWOPGhKCR5nWpsLpBq7vDt3PHhkVkURjJD6rOC76XywsJl0iSuvneMdcsgAA

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN