Submitted URL: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=vikram.mahto%40sapiens.com
Effective URL: https://login.microsoftonline.com/3d918542-68a9-4e89-ac7a-0f74754ddb24/saml2?SAMLRequest=fVJdb%2BMgEPwrFu%2B2McEfoCSS7TS6SL27qMn1o...
Submission: On February 05 via api from IL — Scanned from DE

Summary

This website contacted 9 IPs in 4 countries across 9 domains to perform 53 HTTP transactions. The main IP is 2603:1026:3000:150::6, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.microsoftonline.com. The Cisco Umbrella rank of the primary domain is 11.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on November 23rd 2023. Valid for: a year.
This is the only time login.microsoftonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 33 207.54.66.120 30238 (AS-IRONP-...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 2600:9000:225... 16509 (AMAZON-02)
3 2603:1026:300... 8075 (MICROSOFT...)
3 2620:1ec:bdf::45 8075 (MICROSOFT...)
11 2606:2800:233... 15133 (EDGECAST)
1 40.126.31.73 8075 (MICROSOFT...)
1 2603:1026:300... 8075 (MICROSOFT...)
53 9
Apex Domain
Subdomains
Transfer
33 iphmx.com
dh578-euq1.eu.iphmx.com
8 MB
11 msftauth.net
aadcdn.msftauth.net — Cisco Umbrella Rank: 943
242 KB
3 microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 11
29 KB
2 msftauthimages.net
aadcdn.msftauthimages.net — Cisco Umbrella Rank: 3382
286 KB
2 cisco.com
cdn.security.cisco.com — Cisco Umbrella Rank: 286625
1 MB
1 microsoftazuread-sso.com
autologon.microsoftazuread-sso.com — Cisco Umbrella Rank: 1290
1 KB
1 live.com
login.live.com — Cisco Umbrella Rank: 63
1 msauth.net
aadcdn.msauth.net — Cisco Umbrella Rank: 921
49 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
44 KB
53 9
Domain Requested by
33 dh578-euq1.eu.iphmx.com 1 redirects dh578-euq1.eu.iphmx.com
11 aadcdn.msftauth.net login.microsoftonline.com
aadcdn.msftauth.net
3 login.microsoftonline.com dh578-euq1.eu.iphmx.com
aadcdn.msauth.net
aadcdn.msftauth.net
2 aadcdn.msftauthimages.net
2 cdn.security.cisco.com 1 redirects dh578-euq1.eu.iphmx.com
1 autologon.microsoftazuread-sso.com
1 login.live.com login.microsoftonline.com
1 aadcdn.msauth.net login.microsoftonline.com
1 www.googletagmanager.com dh578-euq1.eu.iphmx.com
53 9

This site contains links to these domains. Also see Links.

Domain
www.microsoft.com
privacy.microsoft.com
Subject Issuer Validity Valid
*.eu.iphmx.com
HydrantID Server CA O1
2023-10-16 -
2024-10-15
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2024-01-09 -
2024-04-02
3 months crt.sh
stamp2.login.microsoftonline.com
DigiCert SHA2 Secure Server CA
2023-11-23 -
2024-11-23
a year crt.sh
aadcdn.msauth.net
DigiCert SHA2 Secure Server CA
2024-01-29 -
2025-01-29
a year crt.sh
aadcdn.msftauth.net
DigiCert SHA2 Secure Server CA
2023-12-01 -
2024-12-01
a year crt.sh
login.live.com
DigiCert SHA2 Secure Server CA
2023-11-10 -
2024-11-10
a year crt.sh
aadcdn.msftauthimages.net
Microsoft Azure RSA TLS Issuing CA 03
2023-11-25 -
2024-11-19
a year crt.sh
autologon.microsoftazuread-sso.com
DigiCert SHA2 Secure Server CA
2023-11-11 -
2024-11-11
a year crt.sh

This page contains 1 frames:

Primary Page: https://login.microsoftonline.com/3d918542-68a9-4e89-ac7a-0f74754ddb24/saml2?SAMLRequest=fVJdb%2BMgEPwrFu%2B2McEfoCSS7TS6SL27qMn1oS8RsTcNkg0p4F777w87d732oQUJaYdddmaWuRV9d%2BHl4M7qDp4GsC546Ttl%2BXSxQINRXAsrLVeiB8tdw3fl91tOIswvRjvd6A69K%2Fm6QlgLxkmtULBZLdAhYeukrlZVld%2FclFUxq2f1mjFW1YSRDOPyYOyhwJiyNDnhDytvGSVF0eAsn2WznGSp38CoR%2FB00gyyPE8zdo1SmhMfpYzmKQEU3IOxnscCeVqejLUDbJR1QjkPYUJDTEKc7jHlKeMkeUDBynsjlXBT1dm5i%2BVx3OlHqaJeNkZbfXJadVJB1Og%2BnrUsKVJKwqwQLKRQsFA0uQjxKfcUaNseCY1HxwgKaq0sjJ1H7zp59B698uYKcn10wj%2FaomCtTQPTqBboJDoLI%2FGt91Q%2Bwxuy%2FTuUSqpWqsev53G8Jln%2Bbb%2Ffhtufuz0Kyn8zGlkNPZgdmGfZwK%2B72%2F%2B623OaFyEMT0kEQyQv5%2F5lUo2W81ETnww1y0%2FS5vH7pPn1D%2F7w7Darre5k8zpK7YX7nHwSJRMi2%2FA0pXLohezKtjVgrRfRdfp3bUC4N2fi5bXtx9%2B%2B%2FAM%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=gD86MfGyOEvOmoyTTwQnAFVTj5PJ02OeBKySKHLF32VOiROR%2Fus2YAiUjSBDbiBhbhElcbU0jem3VjVHIf%2BgWXCYNBYvMAtQlM52C7pgz8hyQiSs6fCc0g1Az1vgtky2l094DFr5pdhQgn7CGA9Z45nQVaFeaTibxNNNCOiHHOEySYerEFIr8pesp7MRJossjLmeGU22b21X7Q%2FcOPtKi9Yj7LgU5CGvXb%2BL43JhkY%2F8YrEJ%2BfaGgEBeU%2F2Tf4l%2BbKX%2FQ%2FHC6Edp%2FC4O8Zaz2iuCYEEQglClc6SlKljuKtNm0c5ssWaxqDzedoTBnWd7I1%2BSM2pc5etg5y8WyvTW8g%3D%3D&sso_reload=true
Frame ID: 86113306DE144D48CEE39FDF7D0119E5
Requests: 54 HTTP requests in this frame

Screenshot

Page Title

Bei Ihrem Konto anmelden

Page URL History Show full URLs

  1. https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=vikram.mahto%40sapiens.com Page URL
  2. https://dh578-euq1.eu.iphmx.com/?ngui=True HTTP 303
    https://login.microsoftonline.com/3d918542-68a9-4e89-ac7a-0f74754ddb24/saml2?SAMLRequest=fVJdb%2BMgEPwrFu%2B2M... Page URL
  3. https://login.microsoftonline.com/3d918542-68a9-4e89-ac7a-0f74754ddb24/saml2?SAMLRequest=fVJdb%2BMgEPwrFu%2B2M... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

53
Requests

98 %
HTTPS

75 %
IPv6

9
Domains

9
Subdomains

9
IPs

4
Countries

10164 kB
Transfer

14009 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=vikram.mahto%40sapiens.com Page URL
  2. https://dh578-euq1.eu.iphmx.com/?ngui=True HTTP 303
    https://login.microsoftonline.com/3d918542-68a9-4e89-ac7a-0f74754ddb24/saml2?SAMLRequest=fVJdb%2BMgEPwrFu%2B2McEfoCSS7TS6SL27qMn1oS8RsTcNkg0p4F777w87d732oQUJaYdddmaWuRV9d%2BHl4M7qDp4GsC546Ttl%2BXSxQINRXAsrLVeiB8tdw3fl91tOIswvRjvd6A69K%2Fm6QlgLxkmtULBZLdAhYeukrlZVld%2FclFUxq2f1mjFW1YSRDOPyYOyhwJiyNDnhDytvGSVF0eAsn2WznGSp38CoR%2FB00gyyPE8zdo1SmhMfpYzmKQEU3IOxnscCeVqejLUDbJR1QjkPYUJDTEKc7jHlKeMkeUDBynsjlXBT1dm5i%2BVx3OlHqaJeNkZbfXJadVJB1Og%2BnrUsKVJKwqwQLKRQsFA0uQjxKfcUaNseCY1HxwgKaq0sjJ1H7zp59B698uYKcn10wj%2FaomCtTQPTqBboJDoLI%2FGt91Q%2Bwxuy%2FTuUSqpWqsev53G8Jln%2Bbb%2Ffhtufuz0Kyn8zGlkNPZgdmGfZwK%2B72%2F%2B623OaFyEMT0kEQyQv5%2F5lUo2W81ETnww1y0%2FS5vH7pPn1D%2F7w7Darre5k8zpK7YX7nHwSJRMi2%2FA0pXLohezKtjVgrRfRdfp3bUC4N2fi5bXtx9%2B%2B%2FAM%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=gD86MfGyOEvOmoyTTwQnAFVTj5PJ02OeBKySKHLF32VOiROR%2Fus2YAiUjSBDbiBhbhElcbU0jem3VjVHIf%2BgWXCYNBYvMAtQlM52C7pgz8hyQiSs6fCc0g1Az1vgtky2l094DFr5pdhQgn7CGA9Z45nQVaFeaTibxNNNCOiHHOEySYerEFIr8pesp7MRJossjLmeGU22b21X7Q%2FcOPtKi9Yj7LgU5CGvXb%2BL43JhkY%2F8YrEJ%2BfaGgEBeU%2F2Tf4l%2BbKX%2FQ%2FHC6Edp%2FC4O8Zaz2iuCYEEQglClc6SlKljuKtNm0c5ssWaxqDzedoTBnWd7I1%2BSM2pc5etg5y8WyvTW8g%3D%3D Page URL
  3. https://login.microsoftonline.com/3d918542-68a9-4e89-ac7a-0f74754ddb24/saml2?SAMLRequest=fVJdb%2BMgEPwrFu%2B2McEfoCSS7TS6SL27qMn1oS8RsTcNkg0p4F777w87d732oQUJaYdddmaWuRV9d%2BHl4M7qDp4GsC546Ttl%2BXSxQINRXAsrLVeiB8tdw3fl91tOIswvRjvd6A69K%2Fm6QlgLxkmtULBZLdAhYeukrlZVld%2FclFUxq2f1mjFW1YSRDOPyYOyhwJiyNDnhDytvGSVF0eAsn2WznGSp38CoR%2FB00gyyPE8zdo1SmhMfpYzmKQEU3IOxnscCeVqejLUDbJR1QjkPYUJDTEKc7jHlKeMkeUDBynsjlXBT1dm5i%2BVx3OlHqaJeNkZbfXJadVJB1Og%2BnrUsKVJKwqwQLKRQsFA0uQjxKfcUaNseCY1HxwgKaq0sjJ1H7zp59B698uYKcn10wj%2FaomCtTQPTqBboJDoLI%2FGt91Q%2Bwxuy%2FTuUSqpWqsev53G8Jln%2Bbb%2Ffhtufuz0Kyn8zGlkNPZgdmGfZwK%2B72%2F%2B623OaFyEMT0kEQyQv5%2F5lUo2W81ETnww1y0%2FS5vH7pPn1D%2F7w7Darre5k8zpK7YX7nHwSJRMi2%2FA0pXLohezKtjVgrRfRdfp3bUC4N2fi5bXtx9%2B%2B%2FAM%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=gD86MfGyOEvOmoyTTwQnAFVTj5PJ02OeBKySKHLF32VOiROR%2Fus2YAiUjSBDbiBhbhElcbU0jem3VjVHIf%2BgWXCYNBYvMAtQlM52C7pgz8hyQiSs6fCc0g1Az1vgtky2l094DFr5pdhQgn7CGA9Z45nQVaFeaTibxNNNCOiHHOEySYerEFIr8pesp7MRJossjLmeGU22b21X7Q%2FcOPtKi9Yj7LgU5CGvXb%2BL43JhkY%2F8YrEJ%2BfaGgEBeU%2F2Tf4l%2BbKX%2FQ%2FHC6Edp%2FC4O8Zaz2iuCYEEQglClc6SlKljuKtNm0c5ssWaxqDzedoTBnWd7I1%2BSM2pc5etg5y8WyvTW8g%3D%3D&sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31
  • https://cdn.security.cisco.com/@cisco-ats/ribbon@%5E1.0.0/dist/ats-ribbon.js HTTP 302
  • https://cdn.security.cisco.com/@cisco-ats/ribbon@1.10.2/dist/ats-ribbon.js
Request Chain 34
  • https://dh578-euq1.eu.iphmx.com/?ngui=True HTTP 303
  • https://login.microsoftonline.com/3d918542-68a9-4e89-ac7a-0f74754ddb24/saml2?SAMLRequest=fVJdb%2BMgEPwrFu%2B2McEfoCSS7TS6SL27qMn1oS8RsTcNkg0p4F777w87d732oQUJaYdddmaWuRV9d%2BHl4M7qDp4GsC546Ttl%2BXSxQINRXAsrLVeiB8tdw3fl91tOIswvRjvd6A69K%2Fm6QlgLxkmtULBZLdAhYeukrlZVld%2FclFUxq2f1mjFW1YSRDOPyYOyhwJiyNDnhDytvGSVF0eAsn2WznGSp38CoR%2FB00gyyPE8zdo1SmhMfpYzmKQEU3IOxnscCeVqejLUDbJR1QjkPYUJDTEKc7jHlKeMkeUDBynsjlXBT1dm5i%2BVx3OlHqaJeNkZbfXJadVJB1Og%2BnrUsKVJKwqwQLKRQsFA0uQjxKfcUaNseCY1HxwgKaq0sjJ1H7zp59B698uYKcn10wj%2FaomCtTQPTqBboJDoLI%2FGt91Q%2Bwxuy%2FTuUSqpWqsev53G8Jln%2Bbb%2Ffhtufuz0Kyn8zGlkNPZgdmGfZwK%2B72%2F%2B623OaFyEMT0kEQyQv5%2F5lUo2W81ETnww1y0%2FS5vH7pPn1D%2F7w7Darre5k8zpK7YX7nHwSJRMi2%2FA0pXLohezKtjVgrRfRdfp3bUC4N2fi5bXtx9%2B%2B%2FAM%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=gD86MfGyOEvOmoyTTwQnAFVTj5PJ02OeBKySKHLF32VOiROR%2Fus2YAiUjSBDbiBhbhElcbU0jem3VjVHIf%2BgWXCYNBYvMAtQlM52C7pgz8hyQiSs6fCc0g1Az1vgtky2l094DFr5pdhQgn7CGA9Z45nQVaFeaTibxNNNCOiHHOEySYerEFIr8pesp7MRJossjLmeGU22b21X7Q%2FcOPtKi9Yj7LgU5CGvXb%2BL43JhkY%2F8YrEJ%2BfaGgEBeU%2F2Tf4l%2BbKX%2FQ%2FHC6Edp%2FC4O8Zaz2iuCYEEQglClc6SlKljuKtNm0c5ssWaxqDzedoTBnWd7I1%2BSM2pc5etg5y8WyvTW8g%3D%3D

53 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
quarantine
dh578-euq1.eu.iphmx.com/
5 KB
6 KB
Document
General
Full URL
https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=vikram.mahto%40sapiens.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
207.54.66.120 , United States, ASN30238 (AS-IRONP-VEGA, US),
Reverse DNS
Software
nginx /
Resource Hash
3ef2866d5cca4f75e3ea8be04ecb58d27a71e5f122a01282e0615c6c9831a0f0
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Security-Policy
default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Content-Type
text/html; charset=UTF-8
Date
Mon, 05 Feb 2024 04:59:20 GMT
Last-Modified
Fri, 10 Nov 2023 13:01:40 GMT
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
0
js
www.googletagmanager.com/gtag/
114 KB
44 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js
Requested by
Host: dh578-euq1.eu.iphmx.com
URL: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=vikram.mahto%40sapiens.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fa1a20cdeede3a279470e67c18998b386584db7c0ab835fe956698d3f5f99cce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dh578-euq1.eu.iphmx.com:4431/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 04:59:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44946
x-xss-protection
0
last-modified
Mon, 05 Feb 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 05 Feb 2024 04:59:20 GMT
6fe2d8eff3060566fcd8.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/
172 KB
173 KB
Font
General
Full URL
https://dh578-euq1.eu.iphmx.com:4431/quarantine/fonts/6fe2d8eff3060566fcd8.ttf
Requested by
Host: dh578-euq1.eu.iphmx.com
URL: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=vikram.mahto%40sapiens.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
207.54.66.120 , United States, ASN30238 (AS-IRONP-VEGA, US),
Reverse DNS
Software
nginx /
Resource Hash
d13e305faa48324c4dcb6f98fe2409c1d668e42db2607953c3bcdb629dd7689e
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=vikram.mahto%40sapiens.com
Origin
https://dh578-euq1.eu.iphmx.com:4431
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Mon, 05 Feb 2024 04:59:20 GMT
Content-Security-Policy
default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Last-Modified
Fri, 10 Nov 2023 13:01:40 GMT
Server
nginx
Transfer-Encoding
chunked
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=UTF-8
Connection
keep-alive
X-XSS-Protection
0
551d61d85642806b1eb4.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/
175 KB
176 KB
Font
General
Full URL
https://dh578-euq1.eu.iphmx.com:4431/quarantine/fonts/551d61d85642806b1eb4.ttf
Requested by
Host: dh578-euq1.eu.iphmx.com
URL: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=vikram.mahto%40sapiens.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
207.54.66.120 , United States, ASN30238 (AS-IRONP-VEGA, US),
Reverse DNS
Software
nginx /
Resource Hash
167a1dd646b4c58fa221abd6f5c94f3d9589ead569b26b85ad8f56826b0e2e0b
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=vikram.mahto%40sapiens.com
Origin
https://dh578-euq1.eu.iphmx.com:4431
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Mon, 05 Feb 2024 04:59:20 GMT
Content-Security-Policy
default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Last-Modified
Fri, 10 Nov 2023 13:01:40 GMT
Server
nginx
Transfer-Encoding
chunked
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=UTF-8
Connection
keep-alive
X-XSS-Protection
0
a353775e8ccc7c92df5d.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/
180 KB
182 KB
Font
General
Full URL
https://dh578-euq1.eu.iphmx.com:4431/quarantine/fonts/a353775e8ccc7c92df5d.ttf
Requested by
Host: dh578-euq1.eu.iphmx.com
URL: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=vikram.mahto%40sapiens.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
207.54.66.120 , United States, ASN30238 (AS-IRONP-VEGA, US),
Reverse DNS
Software
nginx /
Resource Hash
a2ae21c10dbd4bcf016582e2e9d046f92b62914a10fccc554e6e939f1e56a41c
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=vikram.mahto%40sapiens.com
Origin
https://dh578-euq1.eu.iphmx.com:4431
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Mon, 05 Feb 2024 04:59:20 GMT
Content-Security-Policy
default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Last-Modified
Fri, 10 Nov 2023 13:01:40 GMT
Server
nginx
Transfer-Encoding
chunked
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=UTF-8
Connection
keep-alive
X-XSS-Protection
0
d2eff700e3825a7b4eb8.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/
175 KB
176 KB
Font
General
Full URL
https://dh578-euq1.eu.iphmx.com:4431/quarantine/fonts/d2eff700e3825a7b4eb8.ttf
Requested by
Host: dh578-euq1.eu.iphmx.com
URL: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=vikram.mahto%40sapiens.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
207.54.66.120 , United States, ASN30238 (AS-IRONP-VEGA, US),
Reverse DNS
Software
nginx /
Resource Hash
b748f8b4820e579b1b841feee27e1734012d5084a54a872ad5657620fc6a4c16
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=vikram.mahto%40sapiens.com
Origin
https://dh578-euq1.eu.iphmx.com:4431
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Mon, 05 Feb 2024 04:59:20 GMT
Content-Security-Policy
default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Last-Modified
Fri, 10 Nov 2023 13:01:40 GMT
Server
nginx
Transfer-Encoding
chunked
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=UTF-8
Connection
keep-alive
X-XSS-Protection
0
1fce311df2cf4fad51ee.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/
177 KB
178 KB
Font
General
Full URL
https://dh578-euq1.eu.iphmx.com:4431/quarantine/fonts/1fce311df2cf4fad51ee.ttf
Requested by
Host: dh578-euq1.eu.iphmx.com
URL: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=vikram.mahto%40sapiens.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
207.54.66.120 , United States, ASN30238 (AS-IRONP-VEGA, US),
Reverse DNS
Software
nginx /
Resource Hash
2843634c6eb402ee71054b8b49843610d9a1032980352faadae0eee95029b19b
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=vikram.mahto%40sapiens.com
Origin
https://dh578-euq1.eu.iphmx.com:4431
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Mon, 05 Feb 2024 04:59:20 GMT
Content-Security-Policy
default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Last-Modified
Fri, 10 Nov 2023 13:01:40 GMT
Server
nginx
Transfer-Encoding
chunked
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=UTF-8
Connection
keep-alive
X-XSS-Protection
0
391432e2abfd51718112.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/
179 KB
180 KB
Font
General
Full URL
https://dh578-euq1.eu.iphmx.com:4431/quarantine/fonts/391432e2abfd51718112.ttf
Requested by
Host: dh578-euq1.eu.iphmx.com
URL: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=vikram.mahto%40sapiens.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
207.54.66.120 , United States, ASN30238 (AS-IRONP-VEGA, US),
Reverse DNS
Software
nginx /
Resource Hash
6f4fa3cd4df8d3df00a8aa928e8ef57b7c375c28fb2f0368d3ed55743b4d15f8
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=vikram.mahto%40sapiens.com
Origin
https://dh578-euq1.eu.iphmx.com:4431
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Mon, 05 Feb 2024 04:59:20 GMT
Content-Security-Policy
default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Last-Modified
Fri, 10 Nov 2023 13:01:40 GMT
Server
nginx
Transfer-Encoding
chunked
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=UTF-8
Connection
keep-alive
X-XSS-Protection
0
27452bd0217dbb3492f6.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/
186 KB
187 KB
Font
General
Full URL
https://dh578-euq1.eu.iphmx.com:4431/quarantine/fonts/27452bd0217dbb3492f6.ttf
Requested by
Host: dh578-euq1.eu.iphmx.com
URL: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=vikram.mahto%40sapiens.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
207.54.66.120 , United States, ASN30238 (AS-IRONP-VEGA, US),
Reverse DNS
Software
nginx /
Resource Hash
bb7d278ab80d55e7559d54db2c79ca936313e341b19d832720b681bf97abe63d
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=vikram.mahto%40sapiens.com
Origin
https://dh578-euq1.eu.iphmx.com:4431
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Mon, 05 Feb 2024 04:59:20 GMT
Content-Security-Policy
default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Last-Modified
Fri, 10 Nov 2023 13:01:40 GMT
Server
nginx
Transfer-Encoding
chunked
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=UTF-8
Connection
keep-alive
X-XSS-Protection
0
2a9b7bb7f260f878eea3.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/
186 KB
187 KB
Font
General
Full URL
https://dh578-euq1.eu.iphmx.com:4431/quarantine/fonts/2a9b7bb7f260f878eea3.ttf
Requested by
Host: dh578-euq1.eu.iphmx.com
URL: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=vikram.mahto%40sapiens.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
207.54.66.120 , United States, ASN30238 (AS-IRONP-VEGA, US),
Reverse DNS
Software
nginx /
Resource Hash
565aaa4c8a37cbb95c94bbc4e5c44e20b486d977a9ad32256eaf254b85dfbe06
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=vikram.mahto%40sapiens.com
Origin
https://dh578-euq1.eu.iphmx.com:4431
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Mon, 05 Feb 2024 04:59:20 GMT
Content-Security-Policy
default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Last-Modified
Fri, 10 Nov 2023 13:01:40 GMT
Server
nginx
Transfer-Encoding
chunked
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=UTF-8
Connection
keep-alive
X-XSS-Protection
0
10ade40df398d7a1dc9c.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/
198 KB
199 KB
Font
General
Full URL
https://dh578-euq1.eu.iphmx.com:4431/quarantine/fonts/10ade40df398d7a1dc9c.ttf
Requested by
Host: dh578-euq1.eu.iphmx.com
URL: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=vikram.mahto%40sapiens.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
207.54.66.120 , United States, ASN30238 (AS-IRONP-VEGA, US),
Reverse DNS
Software
nginx /
Resource Hash
42976e3f7e07d76e675a97382b7187e080fbd8ab3de382883c40c89c44becbba
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=vikram.mahto%40sapiens.com
Origin
https://dh578-euq1.eu.iphmx.com:4431
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Mon, 05 Feb 2024 04:59:20 GMT
Content-Security-Policy
default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Last-Modified
Fri, 10 Nov 2023 13:01:40 GMT
Server
nginx
Transfer-Encoding
chunked
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=UTF-8
Connection
keep-alive
X-XSS-Protection
0
a6a6b7a83a7327418ee1.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/
198 KB
199 KB
Font
General
Full URL
https://dh578-euq1.eu.iphmx.com:4431/quarantine/fonts/a6a6b7a83a7327418ee1.ttf
Requested by
Host: dh578-euq1.eu.iphmx.com
URL: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=vikram.mahto%40sapiens.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
207.54.66.120 , United States, ASN30238 (AS-IRONP-VEGA, US),
Reverse DNS
Software
nginx /
Resource Hash
00a85c1eb822be6d3bbf09bae15c37c42eb2e4fd02e6adbd732f54d30fa20901
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=vikram.mahto%40sapiens.com
Origin
https://dh578-euq1.eu.iphmx.com:4431
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Mon, 05 Feb 2024 04:59:20 GMT
Content-Security-Policy
default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Last-Modified
Fri, 10 Nov 2023 13:01:40 GMT
Server
nginx
Transfer-Encoding
chunked
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=UTF-8
Connection
keep-alive
X-XSS-Protection
0
8996201684ac43ebf0dc.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/
240 KB
241 KB
Font
General
Full URL
https://dh578-euq1.eu.iphmx.com:4431/quarantine/fonts/8996201684ac43ebf0dc.ttf
Requested by
Host: dh578-euq1.eu.iphmx.com
URL: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=vikram.mahto%40sapiens.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
207.54.66.120 , United States, ASN30238 (AS-IRONP-VEGA, US),
Reverse DNS
Software
nginx /
Resource Hash
3375dcff0a76e37bd5d6fc20d0d5a4ebca1732b48375d4ab6ee759aff6c379d5
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=vikram.mahto%40sapiens.com
Origin
https://dh578-euq1.eu.iphmx.com:4431
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Mon, 05 Feb 2024 04:59:20 GMT
Content-Security-Policy
default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Last-Modified
Fri, 10 Nov 2023 13:01:40 GMT
Server
nginx
Transfer-Encoding
chunked
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=UTF-8
Connection
keep-alive
X-XSS-Protection
0
0a1d77c4b69c3c66302a.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/
242 KB
243 KB
Font
General
Full URL
https://dh578-euq1.eu.iphmx.com:4431/quarantine/fonts/0a1d77c4b69c3c66302a.ttf
Requested by
Host: dh578-euq1.eu.iphmx.com
URL: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=vikram.mahto%40sapiens.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
207.54.66.120 , United States, ASN30238 (AS-IRONP-VEGA, US),
Reverse DNS
Software
nginx /
Resource Hash
38ebc790eb773b0460c4fcf825f36531cbb235b4f5618b09f4205d8df685e2f9
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=vikram.mahto%40sapiens.com
Origin
https://dh578-euq1.eu.iphmx.com:4431
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Mon, 05 Feb 2024 04:59:20 GMT
Content-Security-Policy
default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Last-Modified
Fri, 10 Nov 2023 13:01:40 GMT
Server
nginx
Transfer-Encoding
chunked
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=UTF-8
Connection
keep-alive
X-XSS-Protection
0
40970c37c6c54d4d573b.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/
196 KB
197 KB
Font
General
Full URL
https://dh578-euq1.eu.iphmx.com:4431/quarantine/fonts/40970c37c6c54d4d573b.ttf
Requested by
Host: dh578-euq1.eu.iphmx.com
URL: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=vikram.mahto%40sapiens.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
207.54.66.120 , United States, ASN30238 (AS-IRONP-VEGA, US),
Reverse DNS
Software
nginx /
Resource Hash
555d20ddd88d77f0ced2cb48b51a181891089b6cbf9f8adeac6dc60cd78ea485
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=vikram.mahto%40sapiens.com
Origin
https://dh578-euq1.eu.iphmx.com:4431
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Mon, 05 Feb 2024 04:59:20 GMT
Content-Security-Policy
default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Last-Modified
Fri, 10 Nov 2023 13:01:40 GMT
Server
nginx
Transfer-Encoding
chunked
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=UTF-8
Connection
keep-alive
X-XSS-Protection
0
e452ead4c517f686176f.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/
196 KB
197 KB
Font
General
Full URL
https://dh578-euq1.eu.iphmx.com:4431/quarantine/fonts/e452ead4c517f686176f.ttf
Requested by
Host: dh578-euq1.eu.iphmx.com
URL: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=vikram.mahto%40sapiens.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
207.54.66.120 , United States, ASN30238 (AS-IRONP-VEGA, US),
Reverse DNS
Software
nginx /
Resource Hash
f28d579b984fcd979d95e9f19a82a63b64027e06c8ca75c724efdc7b40bb6da3
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=vikram.mahto%40sapiens.com
Origin
https://dh578-euq1.eu.iphmx.com:4431
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Mon, 05 Feb 2024 04:59:20 GMT
Content-Security-Policy
default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Last-Modified
Fri, 10 Nov 2023 13:01:40 GMT
Server
nginx
Transfer-Encoding
chunked
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=UTF-8
Connection
keep-alive
X-XSS-Protection
0
f2dabe0b8066eb875f95.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/
214 KB
215 KB
Font
General
Full URL
https://dh578-euq1.eu.iphmx.com:4431/quarantine/fonts/f2dabe0b8066eb875f95.ttf
Requested by
Host: dh578-euq1.eu.iphmx.com
URL: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=vikram.mahto%40sapiens.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
207.54.66.120 , United States, ASN30238 (AS-IRONP-VEGA, US),
Reverse DNS
Software
nginx /
Resource Hash
d5533e8c475630df84fcfc1d20a363719378310c1b9598d6a9819d3529188cb8
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=vikram.mahto%40sapiens.com
Origin
https://dh578-euq1.eu.iphmx.com:4431
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Mon, 05 Feb 2024 04:59:20 GMT
Content-Security-Policy
default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Last-Modified
Fri, 10 Nov 2023 13:01:40 GMT
Server
nginx
Transfer-Encoding
chunked
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=UTF-8
Connection
keep-alive
X-XSS-Protection
0
7312133e39aa2d7211fe.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/
212 KB
214 KB
Font
General
Full URL
https://dh578-euq1.eu.iphmx.com:4431/quarantine/fonts/7312133e39aa2d7211fe.ttf
Requested by
Host: dh578-euq1.eu.iphmx.com
URL: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=vikram.mahto%40sapiens.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
207.54.66.120 , United States, ASN30238 (AS-IRONP-VEGA, US),
Reverse DNS
Software
nginx /
Resource Hash
7ed624b3ee31a0e62e123feb308836d1f259edda7e7d187bb5d599f8c4964bbc
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=vikram.mahto%40sapiens.com
Origin
https://dh578-euq1.eu.iphmx.com:4431
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Mon, 05 Feb 2024 04:59:20 GMT
Content-Security-Policy
default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Last-Modified
Fri, 10 Nov 2023 13:01:40 GMT
Server
nginx
Transfer-Encoding
chunked
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=UTF-8
Connection
keep-alive
X-XSS-Protection
0
98ece92e76784330efb9.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/
213 KB
214 KB
Font
General
Full URL
https://dh578-euq1.eu.iphmx.com:4431/quarantine/fonts/98ece92e76784330efb9.ttf
Requested by
Host: dh578-euq1.eu.iphmx.com
URL: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=vikram.mahto%40sapiens.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
207.54.66.120 , United States, ASN30238 (AS-IRONP-VEGA, US),
Reverse DNS
Software
nginx /
Resource Hash
5924b0fe56e02a29a3598c877af09aebc8a0e3a222d9b6532127229303b812e0
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=vikram.mahto%40sapiens.com
Origin
https://dh578-euq1.eu.iphmx.com:4431
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Mon, 05 Feb 2024 04:59:20 GMT
Content-Security-Policy
default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Last-Modified
Fri, 10 Nov 2023 13:01:40 GMT
Server
nginx
Transfer-Encoding
chunked
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=UTF-8
Connection
keep-alive
X-XSS-Protection
0
5cccf33da32d5f62079c.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/
209 KB
210 KB
Font
General
Full URL
https://dh578-euq1.eu.iphmx.com:4431/quarantine/fonts/5cccf33da32d5f62079c.ttf
Requested by
Host: dh578-euq1.eu.iphmx.com
URL: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=vikram.mahto%40sapiens.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
207.54.66.120 , United States, ASN30238 (AS-IRONP-VEGA, US),
Reverse DNS
Software
nginx /
Resource Hash
b069ceea552a59312ee383b78c8e1b526cf798c2d29cb95293a1feb54a4ad40a
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=vikram.mahto%40sapiens.com
Origin
https://dh578-euq1.eu.iphmx.com:4431
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Mon, 05 Feb 2024 04:59:20 GMT
Content-Security-Policy
default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Last-Modified
Fri, 10 Nov 2023 13:01:40 GMT
Server
nginx
Transfer-Encoding
chunked
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=UTF-8
Connection
keep-alive
X-XSS-Protection
0
263c9cd0726b2528ac4a.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/
265 KB
267 KB
Font
General
Full URL
https://dh578-euq1.eu.iphmx.com:4431/quarantine/fonts/263c9cd0726b2528ac4a.ttf
Requested by
Host: dh578-euq1.eu.iphmx.com
URL: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=vikram.mahto%40sapiens.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
207.54.66.120 , United States, ASN30238 (AS-IRONP-VEGA, US),
Reverse DNS
Software
nginx /
Resource Hash
ffebec9dd051122236916aca90a88ce8d3d90e056f01c288fdbd74ed1592f23b
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=vikram.mahto%40sapiens.com
Origin
https://dh578-euq1.eu.iphmx.com:4431
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Mon, 05 Feb 2024 04:59:20 GMT
Content-Security-Policy
default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Last-Modified
Fri, 10 Nov 2023 13:01:40 GMT
Server
nginx
Transfer-Encoding
chunked
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=UTF-8
Connection
keep-alive
X-XSS-Protection
0
4631fbf9149dfa65af13.ttf
dh578-euq1.eu.iphmx.com/quarantine/fonts/
272 KB
273 KB
Font
General
Full URL
https://dh578-euq1.eu.iphmx.com:4431/quarantine/fonts/4631fbf9149dfa65af13.ttf
Requested by
Host: dh578-euq1.eu.iphmx.com
URL: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=vikram.mahto%40sapiens.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
207.54.66.120 , United States, ASN30238 (AS-IRONP-VEGA, US),
Reverse DNS
Software
nginx /
Resource Hash
78a1c79165972648e5450935b44a738de9edc163c329fa88b1e0c2074b01f5fa
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=vikram.mahto%40sapiens.com
Origin
https://dh578-euq1.eu.iphmx.com:4431
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Mon, 05 Feb 2024 04:59:20 GMT
Content-Security-Policy
default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Last-Modified
Fri, 10 Nov 2023 13:01:40 GMT
Server
nginx
Transfer-Encoding
chunked
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=UTF-8
Connection
keep-alive
X-XSS-Protection
0
apiConfig.json
dh578-euq1.eu.iphmx.com/ng-login/
243 B
1 KB
Other
General
Full URL
https://dh578-euq1.eu.iphmx.com:4431/ng-login/apiConfig.json
Requested by
Host: dh578-euq1.eu.iphmx.com
URL: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=vikram.mahto%40sapiens.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
207.54.66.120 , United States, ASN30238 (AS-IRONP-VEGA, US),
Reverse DNS
Software
nginx /
Resource Hash
77bed2cdf7222737f240491655a32e9714725f7d02188e1fbe690ba7dc065ebb
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=vikram.mahto%40sapiens.com
Origin
https://dh578-euq1.eu.iphmx.com:4431
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Mon, 05 Feb 2024 04:59:20 GMT
Content-Security-Policy
default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Last-Modified
Wed, 17 Jan 2024 21:23:27 GMT
Server
nginx
Transfer-Encoding
chunked
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=UTF-8
Connection
keep-alive
X-XSS-Protection
0
locale-en.json
dh578-euq1.eu.iphmx.com/quarantine/i18n/
41 KB
41 KB
Other
General
Full URL
https://dh578-euq1.eu.iphmx.com:4431/quarantine/i18n/locale-en.json
Requested by
Host: dh578-euq1.eu.iphmx.com
URL: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=vikram.mahto%40sapiens.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
207.54.66.120 , United States, ASN30238 (AS-IRONP-VEGA, US),
Reverse DNS
Software
nginx /
Resource Hash
c34c37056ef1aaf0d8dbccbd5fd84cd064975f1613b20628c3d01cfcc114b0c0
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=vikram.mahto%40sapiens.com
Origin
https://dh578-euq1.eu.iphmx.com:4431
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Mon, 05 Feb 2024 04:59:20 GMT
Content-Security-Policy
default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Last-Modified
Fri, 10 Nov 2023 13:01:40 GMT
Server
nginx
Transfer-Encoding
chunked
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=UTF-8
Connection
keep-alive
X-XSS-Protection
0
env_head.d2bf2eaba9fb584b6010.js
dh578-euq1.eu.iphmx.com/quarantine/
2 KB
3 KB
Script
General
Full URL
https://dh578-euq1.eu.iphmx.com:4431/quarantine/env_head.d2bf2eaba9fb584b6010.js
Requested by
Host: dh578-euq1.eu.iphmx.com
URL: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=vikram.mahto%40sapiens.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
207.54.66.120 , United States, ASN30238 (AS-IRONP-VEGA, US),
Reverse DNS
Software
nginx /
Resource Hash
9b3565e5ade37585c4d4bcaa221b487d99f842f9fce0b98873c1adb9ebdea5e6
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=vikram.mahto%40sapiens.com
Origin
https://dh578-euq1.eu.iphmx.com:4431
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Mon, 05 Feb 2024 04:59:20 GMT
Content-Security-Policy
default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Last-Modified
Fri, 10 Nov 2023 13:01:40 GMT
Server
nginx
Transfer-Encoding
chunked
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript; charset=UTF-8
Connection
keep-alive
X-XSS-Protection
0
vendor.e10747a5e17a6be14a33.css
dh578-euq1.eu.iphmx.com/quarantine/css/
358 KB
359 KB
Stylesheet
General
Full URL
https://dh578-euq1.eu.iphmx.com:4431/quarantine/css/vendor.e10747a5e17a6be14a33.css
Requested by
Host: dh578-euq1.eu.iphmx.com
URL: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=vikram.mahto%40sapiens.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
207.54.66.120 , United States, ASN30238 (AS-IRONP-VEGA, US),
Reverse DNS
Software
nginx /
Resource Hash
51b77d0b4b52b5ff7be5a45e5e2d4c552ee448083c84063b48976d6a62f2eb33
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=vikram.mahto%40sapiens.com
Origin
https://dh578-euq1.eu.iphmx.com:4431
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Mon, 05 Feb 2024 04:59:20 GMT
Content-Security-Policy
default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Last-Modified
Fri, 10 Nov 2023 13:01:40 GMT
Server
nginx
Transfer-Encoding
chunked
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=UTF-8
Connection
keep-alive
X-XSS-Protection
0
main.84346936698c6e417592.css
dh578-euq1.eu.iphmx.com/quarantine/css/
744 KB
747 KB
Stylesheet
General
Full URL
https://dh578-euq1.eu.iphmx.com:4431/quarantine/css/main.84346936698c6e417592.css
Requested by
Host: dh578-euq1.eu.iphmx.com
URL: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=vikram.mahto%40sapiens.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
207.54.66.120 , United States, ASN30238 (AS-IRONP-VEGA, US),
Reverse DNS
Software
nginx /
Resource Hash
4d0b1a9fb67e24f673e7e0cd036f57674267c789d8e1a025fe92dc464e76eb05
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=vikram.mahto%40sapiens.com
Origin
https://dh578-euq1.eu.iphmx.com:4431
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Mon, 05 Feb 2024 04:59:20 GMT
Content-Security-Policy
default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Last-Modified
Fri, 10 Nov 2023 13:01:40 GMT
Server
nginx
Transfer-Encoding
chunked
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=UTF-8
Connection
keep-alive
X-XSS-Protection
0
vendor.0e554207647b8b5f5607.js
dh578-euq1.eu.iphmx.com/quarantine/
2 MB
2 MB
Script
General
Full URL
https://dh578-euq1.eu.iphmx.com:4431/quarantine/vendor.0e554207647b8b5f5607.js
Requested by
Host: dh578-euq1.eu.iphmx.com
URL: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=vikram.mahto%40sapiens.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
207.54.66.120 , United States, ASN30238 (AS-IRONP-VEGA, US),
Reverse DNS
Software
nginx /
Resource Hash
eff9e09e4238ef11695ef2aa8729cf849d21ab9252684560d2e1611344133eb1
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=vikram.mahto%40sapiens.com
Origin
https://dh578-euq1.eu.iphmx.com:4431
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Mon, 05 Feb 2024 04:59:20 GMT
Content-Security-Policy
default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Last-Modified
Fri, 10 Nov 2023 13:01:40 GMT
Server
nginx
Transfer-Encoding
chunked
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript; charset=UTF-8
Connection
keep-alive
X-XSS-Protection
0
commons.4a5b68aeb88279c7c4c8.js
dh578-euq1.eu.iphmx.com/quarantine/
188 KB
189 KB
Script
General
Full URL
https://dh578-euq1.eu.iphmx.com:4431/quarantine/commons.4a5b68aeb88279c7c4c8.js
Requested by
Host: dh578-euq1.eu.iphmx.com
URL: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=vikram.mahto%40sapiens.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
207.54.66.120 , United States, ASN30238 (AS-IRONP-VEGA, US),
Reverse DNS
Software
nginx /
Resource Hash
d987e276c171ba11d3fb1f4f1059f930ba2d710a576767b9664761f6748da18e
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=vikram.mahto%40sapiens.com
Origin
https://dh578-euq1.eu.iphmx.com:4431
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Mon, 05 Feb 2024 04:59:20 GMT
Content-Security-Policy
default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Last-Modified
Fri, 10 Nov 2023 13:01:40 GMT
Server
nginx
Transfer-Encoding
chunked
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript; charset=UTF-8
Connection
keep-alive
X-XSS-Protection
0
main.8c02ed63691d729daeaa.js
dh578-euq1.eu.iphmx.com/quarantine/
480 KB
482 KB
Script
General
Full URL
https://dh578-euq1.eu.iphmx.com:4431/quarantine/main.8c02ed63691d729daeaa.js
Requested by
Host: dh578-euq1.eu.iphmx.com
URL: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=vikram.mahto%40sapiens.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
207.54.66.120 , United States, ASN30238 (AS-IRONP-VEGA, US),
Reverse DNS
Software
nginx /
Resource Hash
b4b73e14bc1eb66e65c9f899c77e52a391c8898246b90acea415200e92c4c9af
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=vikram.mahto%40sapiens.com
Origin
https://dh578-euq1.eu.iphmx.com:4431
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Mon, 05 Feb 2024 04:59:20 GMT
Content-Security-Policy
default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Last-Modified
Fri, 10 Nov 2023 13:01:40 GMT
Server
nginx
Transfer-Encoding
chunked
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript; charset=UTF-8
Connection
keep-alive
X-XSS-Protection
0
apiConfig.json
dh578-euq1.eu.iphmx.com/ng-login/
243 B
1 KB
XHR
General
Full URL
https://dh578-euq1.eu.iphmx.com:4431/ng-login/apiConfig.json
Requested by
Host: dh578-euq1.eu.iphmx.com
URL: https://dh578-euq1.eu.iphmx.com:4431/quarantine/vendor.0e554207647b8b5f5607.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
207.54.66.120 , United States, ASN30238 (AS-IRONP-VEGA, US),
Reverse DNS
Software
nginx /
Resource Hash
77bed2cdf7222737f240491655a32e9714725f7d02188e1fbe690ba7dc065ebb
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=vikram.mahto%40sapiens.com
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Mon, 05 Feb 2024 04:59:21 GMT
Content-Security-Policy
default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Last-Modified
Wed, 17 Jan 2024 21:23:27 GMT
Server
nginx
Transfer-Encoding
chunked
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=UTF-8
Connection
keep-alive
X-XSS-Protection
0
ats-ribbon.js
cdn.security.cisco.com/@cisco-ats/ribbon@1.10.2/dist/
Redirect Chain
  • https://cdn.security.cisco.com/@cisco-ats/ribbon@%5E1.0.0/dist/ats-ribbon.js
  • https://cdn.security.cisco.com/@cisco-ats/ribbon@1.10.2/dist/ats-ribbon.js
4 MB
1 MB
Script
General
Full URL
https://cdn.security.cisco.com/@cisco-ats/ribbon@1.10.2/dist/ats-ribbon.js
Requested by
Host: dh578-euq1.eu.iphmx.com
URL: https://dh578-euq1.eu.iphmx.com:4431/quarantine/search
Protocol
H2
Server
2600:9000:2250:7800:19:a7d3:e1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dh578-euq1.eu.iphmx.com:4431/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 22:04:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 1b3f5dc0b3c577dc5e7394bf12aed238.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
14659084
x-cdn-cache-status
hit
x-cache
Hit from cloudfront
cache-tag
file, js-file
content-length
1227999
x-request-id
b88fee1353d94479ad5c9ba26fdaa654
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
etag
"4287c0-ozN0h/JtuNxh77X+oRfLMmgXImk"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-amz-cf-id
nLdyMt6GL8fxqXiJ7MjhCvXEoTHPikJ3lxvEnSJ2BH2QeGR8XLXeqg==

Redirect headers

date
Mon, 05 Feb 2024 04:58:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
via
1.1 1b3f5dc0b3c577dc5e7394bf12aed238.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
81
x-cdn-cache-status
bypass
x-cache
Hit from cloudfront
cache-tag
redirect, semver-redirect
content-length
66
x-request-id
5mkeni2VXFMjmI55y2Imd
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/@cisco-ats/ribbon@1.10.2/dist/ats-ribbon.js
cache-control
public, s-maxage=600, max-age=60
x-amz-cf-id
6suHBs8BN-U5bZq6DxxauIAKldXdSqhcb4x4uQUJnuu5aS2nL-x_jQ==
euq_url_details
dh578-euq1.eu.iphmx.com/sma/api/v2.0/config/
90 B
748 B
XHR
General
Full URL
https://dh578-euq1.eu.iphmx.com:4431/sma/api/v2.0/config/euq_url_details?device_type=sma
Requested by
Host: dh578-euq1.eu.iphmx.com
URL: https://dh578-euq1.eu.iphmx.com:4431/quarantine/vendor.0e554207647b8b5f5607.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
207.54.66.120 , United States, ASN30238 (AS-IRONP-VEGA, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
application/json, text/plain, */*
portal
euq
Referer
https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=vikram.mahto@sapiens.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Mon, 05 Feb 2024 04:59:21 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
90
X-XSS-Protection
0
Pragma
no-cache
Server
nginx
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Disposition, jwtToken
Cache-control
no-store
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type, jwttoken, mid, h, email, portal, cache-control, pragma
euq_authentication_method
dh578-euq1.eu.iphmx.com/sma/api/v2.0/config/
43 B
701 B
XHR
General
Full URL
https://dh578-euq1.eu.iphmx.com:4431/sma/api/v2.0/config/euq_authentication_method?device_type=sma
Requested by
Host: dh578-euq1.eu.iphmx.com
URL: https://dh578-euq1.eu.iphmx.com:4431/quarantine/vendor.0e554207647b8b5f5607.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
207.54.66.120 , United States, ASN30238 (AS-IRONP-VEGA, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
application/json, text/plain, */*
portal
euq
Referer
https://dh578-euq1.eu.iphmx.com:4431/quarantine/search
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Mon, 05 Feb 2024 04:59:21 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
43
X-XSS-Protection
0
Pragma
no-cache
Server
nginx
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Disposition, jwtToken
Cache-control
no-store
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type, jwttoken, mid, h, email, portal, cache-control, pragma
saml2
login.microsoftonline.com/3d918542-68a9-4e89-ac7a-0f74754ddb24/
Redirect Chain
  • https://dh578-euq1.eu.iphmx.com/?ngui=True
  • https://login.microsoftonline.com/3d918542-68a9-4e89-ac7a-0f74754ddb24/saml2?SAMLRequest=fVJdb%2BMgEPwrFu%2B2McEfoCSS7TS6SL27qMn1oS8RsTcNkg0p4F777w87d732oQUJaYdddmaWuRV9d%2BHl4M7qDp4GsC546Ttl%2BXSx...
21 KB
10 KB
Document
General
Full URL
https://login.microsoftonline.com/3d918542-68a9-4e89-ac7a-0f74754ddb24/saml2?SAMLRequest=fVJdb%2BMgEPwrFu%2B2McEfoCSS7TS6SL27qMn1oS8RsTcNkg0p4F777w87d732oQUJaYdddmaWuRV9d%2BHl4M7qDp4GsC546Ttl%2BXSxQINRXAsrLVeiB8tdw3fl91tOIswvRjvd6A69K%2Fm6QlgLxkmtULBZLdAhYeukrlZVld%2FclFUxq2f1mjFW1YSRDOPyYOyhwJiyNDnhDytvGSVF0eAsn2WznGSp38CoR%2FB00gyyPE8zdo1SmhMfpYzmKQEU3IOxnscCeVqejLUDbJR1QjkPYUJDTEKc7jHlKeMkeUDBynsjlXBT1dm5i%2BVx3OlHqaJeNkZbfXJadVJB1Og%2BnrUsKVJKwqwQLKRQsFA0uQjxKfcUaNseCY1HxwgKaq0sjJ1H7zp59B698uYKcn10wj%2FaomCtTQPTqBboJDoLI%2FGt91Q%2Bwxuy%2FTuUSqpWqsev53G8Jln%2Bbb%2Ffhtufuz0Kyn8zGlkNPZgdmGfZwK%2B72%2F%2B623OaFyEMT0kEQyQv5%2F5lUo2W81ETnww1y0%2FS5vH7pPn1D%2F7w7Darre5k8zpK7YX7nHwSJRMi2%2FA0pXLohezKtjVgrRfRdfp3bUC4N2fi5bXtx9%2B%2B%2FAM%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=gD86MfGyOEvOmoyTTwQnAFVTj5PJ02OeBKySKHLF32VOiROR%2Fus2YAiUjSBDbiBhbhElcbU0jem3VjVHIf%2BgWXCYNBYvMAtQlM52C7pgz8hyQiSs6fCc0g1Az1vgtky2l094DFr5pdhQgn7CGA9Z45nQVaFeaTibxNNNCOiHHOEySYerEFIr8pesp7MRJossjLmeGU22b21X7Q%2FcOPtKi9Yj7LgU5CGvXb%2BL43JhkY%2F8YrEJ%2BfaGgEBeU%2F2Tf4l%2BbKX%2FQ%2FHC6Edp%2FC4O8Zaz2iuCYEEQglClc6SlKljuKtNm0c5ssWaxqDzedoTBnWd7I1%2BSM2pc5etg5y8WyvTW8g%3D%3D
Requested by
Host: dh578-euq1.eu.iphmx.com
URL: https://dh578-euq1.eu.iphmx.com:4431/quarantine/main.8c02ed63691d729daeaa.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2603:1026:3000:150::6 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
147166480180e4aeabe038b9f4ff16b41791e80b9545f44838ea25c1bb6723e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dh578-euq1.eu.iphmx.com:4431/quarantine/search
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
9040
Content-Type
text/html; charset=utf-8
Date
Mon, 05 Feb 2024 04:59:21 GMT
Expires
-1
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
x-ms-ests-server
2.1.17184.4 - NEULR1 ProdSlices
x-ms-request-id
bee532ee-6172-4ea1-99cb-69ba8a8d1401

Redirect headers

cache-control
no-cache,must-revalidate,max-age=0,post-check=0,pre-check=0
content-security-policy
default-src 'unsafe-eval' 'unsafe-inline' blob: data: resource://pdf.js/web/ resource://pdf.js/build/ 'self' dh578-euq1.eu.iphmx.com:*; script-src 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io 'unsafe-inline' 'unsafe-eval'; object-src 'self'; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
content-type
text/html
date
Mon, 05 Feb 2024 04:59:21 GMT
expires
Mon, 05 Feb 2024 04:59:21 GMT
last-modified
Mon, 05 Feb 2024 04:59:21 GMT
location
https://login.microsoftonline.com/3d918542-68a9-4e89-ac7a-0f74754ddb24/saml2?SAMLRequest=fVJdb%2BMgEPwrFu%2B2McEfoCSS7TS6SL27qMn1oS8RsTcNkg0p4F777w87d732oQUJaYdddmaWuRV9d%2BHl4M7qDp4GsC546Ttl%2BXSxQINRXAsrLVeiB8tdw3fl91tOIswvRjvd6A69K%2Fm6QlgLxkmtULBZLdAhYeukrlZVld%2FclFUxq2f1mjFW1YSRDOPyYOyhwJiyNDnhDytvGSVF0eAsn2WznGSp38CoR%2FB00gyyPE8zdo1SmhMfpYzmKQEU3IOxnscCeVqejLUDbJR1QjkPYUJDTEKc7jHlKeMkeUDBynsjlXBT1dm5i%2BVx3OlHqaJeNkZbfXJadVJB1Og%2BnrUsKVJKwqwQLKRQsFA0uQjxKfcUaNseCY1HxwgKaq0sjJ1H7zp59B698uYKcn10wj%2FaomCtTQPTqBboJDoLI%2FGt91Q%2Bwxuy%2FTuUSqpWqsev53G8Jln%2Bbb%2Ffhtufuz0Kyn8zGlkNPZgdmGfZwK%2B72%2F%2B623OaFyEMT0kEQyQv5%2F5lUo2W81ETnww1y0%2FS5vH7pPn1D%2F7w7Darre5k8zpK7YX7nHwSJRMi2%2FA0pXLohezKtjVgrRfRdfp3bUC4N2fi5bXtx9%2B%2B%2FAM%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=gD86MfGyOEvOmoyTTwQnAFVTj5PJ02OeBKySKHLF32VOiROR%2Fus2YAiUjSBDbiBhbhElcbU0jem3VjVHIf%2BgWXCYNBYvMAtQlM52C7pgz8hyQiSs6fCc0g1Az1vgtky2l094DFr5pdhQgn7CGA9Z45nQVaFeaTibxNNNCOiHHOEySYerEFIr8pesp7MRJossjLmeGU22b21X7Q%2FcOPtKi9Yj7LgU5CGvXb%2BL43JhkY%2F8YrEJ%2BfaGgEBeU%2F2Tf4l%2BbKX%2FQ%2FHC6Edp%2FC4O8Zaz2iuCYEEQglClc6SlKljuKtNm0c5ssWaxqDzedoTBnWd7I1%2BSM2pc5etg5y8WyvTW8g%3D%3D
pragma
no-cache
server
nginx
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
truncated
/
43 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type
image/gif
BssoInterrupt_Core_aoxn9LgNNeyAz3OYDcN7uA2.js
aadcdn.msauth.net/shared/1.0/content/js/
136 KB
49 KB
Script
General
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/BssoInterrupt_Core_aoxn9LgNNeyAz3OYDcN7uA2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/3d918542-68a9-4e89-ac7a-0f74754ddb24/saml2?SAMLRequest=fVJdb%2BMgEPwrFu%2B2McEfoCSS7TS6SL27qMn1oS8RsTcNkg0p4F777w87d732oQUJaYdddmaWuRV9d%2BHl4M7qDp4GsC546Ttl%2BXSxQINRXAsrLVeiB8tdw3fl91tOIswvRjvd6A69K%2Fm6QlgLxkmtULBZLdAhYeukrlZVld%2FclFUxq2f1mjFW1YSRDOPyYOyhwJiyNDnhDytvGSVF0eAsn2WznGSp38CoR%2FB00gyyPE8zdo1SmhMfpYzmKQEU3IOxnscCeVqejLUDbJR1QjkPYUJDTEKc7jHlKeMkeUDBynsjlXBT1dm5i%2BVx3OlHqaJeNkZbfXJadVJB1Og%2BnrUsKVJKwqwQLKRQsFA0uQjxKfcUaNseCY1HxwgKaq0sjJ1H7zp59B698uYKcn10wj%2FaomCtTQPTqBboJDoLI%2FGt91Q%2Bwxuy%2FTuUSqpWqsev53G8Jln%2Bbb%2Ffhtufuz0Kyn8zGlkNPZgdmGfZwK%2B72%2F%2B623OaFyEMT0kEQyQv5%2F5lUo2W81ETnww1y0%2FS5vH7pPn1D%2F7w7Darre5k8zpK7YX7nHwSJRMi2%2FA0pXLohezKtjVgrRfRdfp3bUC4N2fi5bXtx9%2B%2B%2FAM%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=gD86MfGyOEvOmoyTTwQnAFVTj5PJ02OeBKySKHLF32VOiROR%2Fus2YAiUjSBDbiBhbhElcbU0jem3VjVHIf%2BgWXCYNBYvMAtQlM52C7pgz8hyQiSs6fCc0g1Az1vgtky2l094DFr5pdhQgn7CGA9Z45nQVaFeaTibxNNNCOiHHOEySYerEFIr8pesp7MRJossjLmeGU22b21X7Q%2FcOPtKi9Yj7LgU5CGvXb%2BL43JhkY%2F8YrEJ%2BfaGgEBeU%2F2Tf4l%2BbKX%2FQ%2FHC6Edp%2FC4O8Zaz2iuCYEEQglClc6SlKljuKtNm0c5ssWaxqDzedoTBnWd7I1%2BSM2pc5etg5y8WyvTW8g%3D%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
15e697417242d779ddec5439f81b56bdc61974ffda9a40919be81428f341296e

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 05 Feb 2024 04:59:21 GMT
content-encoding
gzip
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
4554691
content-length
49102
x-ms-lease-status
unlocked
last-modified
Fri, 22 Dec 2023 23:52:28 GMT
etag
0x8DC03490E5BD232
x-azure-ref
20240205T045921Z-syzpxc61ut7dt87hk1aq80h4e8000000027000000000fcxb
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
d892269b-a01e-0050-1a8c-5686ad000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
Primary Request saml2
login.microsoftonline.com/3d918542-68a9-4e89-ac7a-0f74754ddb24/
39 KB
17 KB
Document
General
Full URL
https://login.microsoftonline.com/3d918542-68a9-4e89-ac7a-0f74754ddb24/saml2?SAMLRequest=fVJdb%2BMgEPwrFu%2B2McEfoCSS7TS6SL27qMn1oS8RsTcNkg0p4F777w87d732oQUJaYdddmaWuRV9d%2BHl4M7qDp4GsC546Ttl%2BXSxQINRXAsrLVeiB8tdw3fl91tOIswvRjvd6A69K%2Fm6QlgLxkmtULBZLdAhYeukrlZVld%2FclFUxq2f1mjFW1YSRDOPyYOyhwJiyNDnhDytvGSVF0eAsn2WznGSp38CoR%2FB00gyyPE8zdo1SmhMfpYzmKQEU3IOxnscCeVqejLUDbJR1QjkPYUJDTEKc7jHlKeMkeUDBynsjlXBT1dm5i%2BVx3OlHqaJeNkZbfXJadVJB1Og%2BnrUsKVJKwqwQLKRQsFA0uQjxKfcUaNseCY1HxwgKaq0sjJ1H7zp59B698uYKcn10wj%2FaomCtTQPTqBboJDoLI%2FGt91Q%2Bwxuy%2FTuUSqpWqsev53G8Jln%2Bbb%2Ffhtufuz0Kyn8zGlkNPZgdmGfZwK%2B72%2F%2B623OaFyEMT0kEQyQv5%2F5lUo2W81ETnww1y0%2FS5vH7pPn1D%2F7w7Darre5k8zpK7YX7nHwSJRMi2%2FA0pXLohezKtjVgrRfRdfp3bUC4N2fi5bXtx9%2B%2B%2FAM%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=gD86MfGyOEvOmoyTTwQnAFVTj5PJ02OeBKySKHLF32VOiROR%2Fus2YAiUjSBDbiBhbhElcbU0jem3VjVHIf%2BgWXCYNBYvMAtQlM52C7pgz8hyQiSs6fCc0g1Az1vgtky2l094DFr5pdhQgn7CGA9Z45nQVaFeaTibxNNNCOiHHOEySYerEFIr8pesp7MRJossjLmeGU22b21X7Q%2FcOPtKi9Yj7LgU5CGvXb%2BL43JhkY%2F8YrEJ%2BfaGgEBeU%2F2Tf4l%2BbKX%2FQ%2FHC6Edp%2FC4O8Zaz2iuCYEEQglClc6SlKljuKtNm0c5ssWaxqDzedoTBnWd7I1%2BSM2pc5etg5y8WyvTW8g%3D%3D&sso_reload=true
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/BssoInterrupt_Core_aoxn9LgNNeyAz3OYDcN7uA2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2603:1026:3000:150::6 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e7478bf2dd3fcd1658bc92ac63e8946cfebb8e6f54362a4caeef95e11c0c85b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://login.microsoftonline.com/3d918542-68a9-4e89-ac7a-0f74754ddb24/saml2?SAMLRequest=fVJdb%2BMgEPwrFu%2B2McEfoCSS7TS6SL27qMn1oS8RsTcNkg0p4F777w87d732oQUJaYdddmaWuRV9d%2BHl4M7qDp4GsC546Ttl%2BXSxQINRXAsrLVeiB8tdw3fl91tOIswvRjvd6A69K%2Fm6QlgLxkmtULBZLdAhYeukrlZVld%2FclFUxq2f1mjFW1YSRDOPyYOyhwJiyNDnhDytvGSVF0eAsn2WznGSp38CoR%2FB00gyyPE8zdo1SmhMfpYzmKQEU3IOxnscCeVqejLUDbJR1QjkPYUJDTEKc7jHlKeMkeUDBynsjlXBT1dm5i%2BVx3OlHqaJeNkZbfXJadVJB1Og%2BnrUsKVJKwqwQLKRQsFA0uQjxKfcUaNseCY1HxwgKaq0sjJ1H7zp59B698uYKcn10wj%2FaomCtTQPTqBboJDoLI%2FGt91Q%2Bwxuy%2FTuUSqpWqsev53G8Jln%2Bbb%2Ffhtufuz0Kyn8zGlkNPZgdmGfZwK%2B72%2F%2B623OaFyEMT0kEQyQv5%2F5lUo2W81ETnww1y0%2FS5vH7pPn1D%2F7w7Darre5k8zpK7YX7nHwSJRMi2%2FA0pXLohezKtjVgrRfRdfp3bUC4N2fi5bXtx9%2B%2B%2FAM%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=gD86MfGyOEvOmoyTTwQnAFVTj5PJ02OeBKySKHLF32VOiROR%2Fus2YAiUjSBDbiBhbhElcbU0jem3VjVHIf%2BgWXCYNBYvMAtQlM52C7pgz8hyQiSs6fCc0g1Az1vgtky2l094DFr5pdhQgn7CGA9Z45nQVaFeaTibxNNNCOiHHOEySYerEFIr8pesp7MRJossjLmeGU22b21X7Q%2FcOPtKi9Yj7LgU5CGvXb%2BL43JhkY%2F8YrEJ%2BfaGgEBeU%2F2Tf4l%2BbKX%2FQ%2FHC6Edp%2FC4O8Zaz2iuCYEEQglClc6SlKljuKtNm0c5ssWaxqDzedoTBnWd7I1%2BSM2pc5etg5y8WyvTW8g%3D%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
14983
Content-Type
text/html; charset=utf-8
Date
Mon, 05 Feb 2024 04:59:21 GMT
Expires
-1
Link
<https://aadcdn.msftauth.net>; rel=preconnect; crossorigin <https://aadcdn.msftauth.net>; rel=dns-prefetch <https://aadcdn.msauth.net>; rel=dns-prefetch
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
on
X-Frame-Options
DENY
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
x-ms-ests-server
2.1.17184.4 - SEC ProdSlices
x-ms-request-id
e6201ac5-66d8-40ba-8381-28ff52632801
converged.v2.login.min_1ito3russhq-9gioj-zd4w2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/
110 KB
20 KB
Stylesheet
General
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_1ito3russhq-9gioj-zd4w2.css
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/3d918542-68a9-4e89-ac7a-0f74754ddb24/saml2?SAMLRequest=fVJdb%2BMgEPwrFu%2B2McEfoCSS7TS6SL27qMn1oS8RsTcNkg0p4F777w87d732oQUJaYdddmaWuRV9d%2BHl4M7qDp4GsC546Ttl%2BXSxQINRXAsrLVeiB8tdw3fl91tOIswvRjvd6A69K%2Fm6QlgLxkmtULBZLdAhYeukrlZVld%2FclFUxq2f1mjFW1YSRDOPyYOyhwJiyNDnhDytvGSVF0eAsn2WznGSp38CoR%2FB00gyyPE8zdo1SmhMfpYzmKQEU3IOxnscCeVqejLUDbJR1QjkPYUJDTEKc7jHlKeMkeUDBynsjlXBT1dm5i%2BVx3OlHqaJeNkZbfXJadVJB1Og%2BnrUsKVJKwqwQLKRQsFA0uQjxKfcUaNseCY1HxwgKaq0sjJ1H7zp59B698uYKcn10wj%2FaomCtTQPTqBboJDoLI%2FGt91Q%2Bwxuy%2FTuUSqpWqsev53G8Jln%2Bbb%2Ffhtufuz0Kyn8zGlkNPZgdmGfZwK%2B72%2F%2B623OaFyEMT0kEQyQv5%2F5lUo2W81ETnww1y0%2FS5vH7pPn1D%2F7w7Darre5k8zpK7YX7nHwSJRMi2%2FA0pXLohezKtjVgrRfRdfp3bUC4N2fi5bXtx9%2B%2B%2FAM%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=gD86MfGyOEvOmoyTTwQnAFVTj5PJ02OeBKySKHLF32VOiROR%2Fus2YAiUjSBDbiBhbhElcbU0jem3VjVHIf%2BgWXCYNBYvMAtQlM52C7pgz8hyQiSs6fCc0g1Az1vgtky2l094DFr5pdhQgn7CGA9Z45nQVaFeaTibxNNNCOiHHOEySYerEFIr8pesp7MRJossjLmeGU22b21X7Q%2FcOPtKi9Yj7LgU5CGvXb%2BL43JhkY%2F8YrEJ%2BfaGgEBeU%2F2Tf4l%2BbKX%2FQ%2FHC6Edp%2FC4O8Zaz2iuCYEEQglClc6SlKljuKtNm0c5ssWaxqDzedoTBnWd7I1%2BSM2pc5etg5y8WyvTW8g%3D%3D&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:78b9:f44e:2c1f:31aa:d9ef , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frb/675C) /
Resource Hash
4b01a0a34ce8ed4bc8a8713be0442d49da6a756236b7b4424622ca3dee820f41

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 05 Feb 2024 04:59:22 GMT
content-encoding
gzip
content-md5
kqhA3D0Xczna4D/t8ioitQ==
age
3286270
x-cache
HIT
content-length
20314
x-ms-lease-status
unlocked
last-modified
Wed, 27 Dec 2023 18:19:21 GMT
server
ECAcc (frb/675C)
etag
0x8DC070858CA028D
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
76768970-b01e-00b4-520c-3a806a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
ConvergedLogin_PCore_ifnM-PFmwiHn5w4jnQzHNQ2.js
aadcdn.msftauth.net/shared/1.0/content/js/
422 KB
116 KB
Script
General
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_ifnM-PFmwiHn5w4jnQzHNQ2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/3d918542-68a9-4e89-ac7a-0f74754ddb24/saml2?SAMLRequest=fVJdb%2BMgEPwrFu%2B2McEfoCSS7TS6SL27qMn1oS8RsTcNkg0p4F777w87d732oQUJaYdddmaWuRV9d%2BHl4M7qDp4GsC546Ttl%2BXSxQINRXAsrLVeiB8tdw3fl91tOIswvRjvd6A69K%2Fm6QlgLxkmtULBZLdAhYeukrlZVld%2FclFUxq2f1mjFW1YSRDOPyYOyhwJiyNDnhDytvGSVF0eAsn2WznGSp38CoR%2FB00gyyPE8zdo1SmhMfpYzmKQEU3IOxnscCeVqejLUDbJR1QjkPYUJDTEKc7jHlKeMkeUDBynsjlXBT1dm5i%2BVx3OlHqaJeNkZbfXJadVJB1Og%2BnrUsKVJKwqwQLKRQsFA0uQjxKfcUaNseCY1HxwgKaq0sjJ1H7zp59B698uYKcn10wj%2FaomCtTQPTqBboJDoLI%2FGt91Q%2Bwxuy%2FTuUSqpWqsev53G8Jln%2Bbb%2Ffhtufuz0Kyn8zGlkNPZgdmGfZwK%2B72%2F%2B623OaFyEMT0kEQyQv5%2F5lUo2W81ETnww1y0%2FS5vH7pPn1D%2F7w7Darre5k8zpK7YX7nHwSJRMi2%2FA0pXLohezKtjVgrRfRdfp3bUC4N2fi5bXtx9%2B%2B%2FAM%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=gD86MfGyOEvOmoyTTwQnAFVTj5PJ02OeBKySKHLF32VOiROR%2Fus2YAiUjSBDbiBhbhElcbU0jem3VjVHIf%2BgWXCYNBYvMAtQlM52C7pgz8hyQiSs6fCc0g1Az1vgtky2l094DFr5pdhQgn7CGA9Z45nQVaFeaTibxNNNCOiHHOEySYerEFIr8pesp7MRJossjLmeGU22b21X7Q%2FcOPtKi9Yj7LgU5CGvXb%2BL43JhkY%2F8YrEJ%2BfaGgEBeU%2F2Tf4l%2BbKX%2FQ%2FHC6Edp%2FC4O8Zaz2iuCYEEQglClc6SlKljuKtNm0c5ssWaxqDzedoTBnWd7I1%2BSM2pc5etg5y8WyvTW8g%3D%3D&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:78b9:f44e:2c1f:31aa:d9ef , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frb/67FD) /
Resource Hash
e2cdefe9680853d4d39a05ca12fa32d320896a59bef51cde4e1c0ec17b2bd686

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 05 Feb 2024 04:59:22 GMT
content-encoding
gzip
content-md5
tOV8oGSjqT2nsKuh2I3qRA==
age
2571688
x-cache
HIT
content-length
118703
x-ms-lease-status
unlocked
last-modified
Thu, 04 Jan 2024 22:12:22 GMT
server
ECAcc (frb/67FD)
etag
0x8DC0D723992B794
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
769b4c9a-801e-00d7-148c-40bf4e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
ux.converged.login.strings-de.min_ejinblwk_mimxsc4lkii7w2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/
58 KB
17 KB
Script
General
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-de.min_ejinblwk_mimxsc4lkii7w2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/3d918542-68a9-4e89-ac7a-0f74754ddb24/saml2?SAMLRequest=fVJdb%2BMgEPwrFu%2B2McEfoCSS7TS6SL27qMn1oS8RsTcNkg0p4F777w87d732oQUJaYdddmaWuRV9d%2BHl4M7qDp4GsC546Ttl%2BXSxQINRXAsrLVeiB8tdw3fl91tOIswvRjvd6A69K%2Fm6QlgLxkmtULBZLdAhYeukrlZVld%2FclFUxq2f1mjFW1YSRDOPyYOyhwJiyNDnhDytvGSVF0eAsn2WznGSp38CoR%2FB00gyyPE8zdo1SmhMfpYzmKQEU3IOxnscCeVqejLUDbJR1QjkPYUJDTEKc7jHlKeMkeUDBynsjlXBT1dm5i%2BVx3OlHqaJeNkZbfXJadVJB1Og%2BnrUsKVJKwqwQLKRQsFA0uQjxKfcUaNseCY1HxwgKaq0sjJ1H7zp59B698uYKcn10wj%2FaomCtTQPTqBboJDoLI%2FGt91Q%2Bwxuy%2FTuUSqpWqsev53G8Jln%2Bbb%2Ffhtufuz0Kyn8zGlkNPZgdmGfZwK%2B72%2F%2B623OaFyEMT0kEQyQv5%2F5lUo2W81ETnww1y0%2FS5vH7pPn1D%2F7w7Darre5k8zpK7YX7nHwSJRMi2%2FA0pXLohezKtjVgrRfRdfp3bUC4N2fi5bXtx9%2B%2B%2FAM%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=gD86MfGyOEvOmoyTTwQnAFVTj5PJ02OeBKySKHLF32VOiROR%2Fus2YAiUjSBDbiBhbhElcbU0jem3VjVHIf%2BgWXCYNBYvMAtQlM52C7pgz8hyQiSs6fCc0g1Az1vgtky2l094DFr5pdhQgn7CGA9Z45nQVaFeaTibxNNNCOiHHOEySYerEFIr8pesp7MRJossjLmeGU22b21X7Q%2FcOPtKi9Yj7LgU5CGvXb%2BL43JhkY%2F8YrEJ%2BfaGgEBeU%2F2Tf4l%2BbKX%2FQ%2FHC6Edp%2FC4O8Zaz2iuCYEEQglClc6SlKljuKtNm0c5ssWaxqDzedoTBnWd7I1%2BSM2pc5etg5y8WyvTW8g%3D%3D&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:78b9:f44e:2c1f:31aa:d9ef , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frb/6768) /
Resource Hash
2b9c25a4f1f50e3bd8f868967751f09e8b95f97852155e81faac830e3bb383d9

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 05 Feb 2024 04:59:22 GMT
content-encoding
gzip
content-md5
xzBhZ8dNO/XnUvJuRRdbgA==
age
4807551
x-cache
HIT
content-length
16736
x-ms-lease-status
unlocked
last-modified
Thu, 07 Dec 2023 23:24:57 GMT
server
ECAcc (frb/6768)
etag
0x8DBF77BB9A87B12
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
243623c0-101e-00d6-2036-2c944c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
Me.htm
login.live.com/
0
0
Other
General
Full URL
https://login.live.com/Me.htm?v=3
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/3d918542-68a9-4e89-ac7a-0f74754ddb24/saml2?SAMLRequest=fVJdb%2BMgEPwrFu%2B2McEfoCSS7TS6SL27qMn1oS8RsTcNkg0p4F777w87d732oQUJaYdddmaWuRV9d%2BHl4M7qDp4GsC546Ttl%2BXSxQINRXAsrLVeiB8tdw3fl91tOIswvRjvd6A69K%2Fm6QlgLxkmtULBZLdAhYeukrlZVld%2FclFUxq2f1mjFW1YSRDOPyYOyhwJiyNDnhDytvGSVF0eAsn2WznGSp38CoR%2FB00gyyPE8zdo1SmhMfpYzmKQEU3IOxnscCeVqejLUDbJR1QjkPYUJDTEKc7jHlKeMkeUDBynsjlXBT1dm5i%2BVx3OlHqaJeNkZbfXJadVJB1Og%2BnrUsKVJKwqwQLKRQsFA0uQjxKfcUaNseCY1HxwgKaq0sjJ1H7zp59B698uYKcn10wj%2FaomCtTQPTqBboJDoLI%2FGt91Q%2Bwxuy%2FTuUSqpWqsev53G8Jln%2Bbb%2Ffhtufuz0Kyn8zGlkNPZgdmGfZwK%2B72%2F%2B623OaFyEMT0kEQyQv5%2F5lUo2W81ETnww1y0%2FS5vH7pPn1D%2F7w7Darre5k8zpK7YX7nHwSJRMi2%2FA0pXLohezKtjVgrRfRdfp3bUC4N2fi5bXtx9%2B%2B%2FAM%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=gD86MfGyOEvOmoyTTwQnAFVTj5PJ02OeBKySKHLF32VOiROR%2Fus2YAiUjSBDbiBhbhElcbU0jem3VjVHIf%2BgWXCYNBYvMAtQlM52C7pgz8hyQiSs6fCc0g1Az1vgtky2l094DFr5pdhQgn7CGA9Z45nQVaFeaTibxNNNCOiHHOEySYerEFIr8pesp7MRJossjLmeGU22b21X7Q%2FcOPtKi9Yj7LgU5CGvXb%2BL43JhkY%2F8YrEJ%2BfaGgEBeU%2F2Tf4l%2BbKX%2FQ%2FHC6Edp%2FC4O8Zaz2iuCYEEQglClc6SlKljuKtNm0c5ssWaxqDzedoTBnWd7I1%2BSM2pc5etg5y8WyvTW8g%3D%3D&sso_reload=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.126.31.73 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

convergedlogin_pcustomizationloader_6a0a7b7c69bd86706a39.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/
153 KB
34 KB
Script
General
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_6a0a7b7c69bd86706a39.js
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_ifnM-PFmwiHn5w4jnQzHNQ2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:78b9:f44e:2c1f:31aa:d9ef , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frb/6769) /
Resource Hash
688a2d42350796280657d4bfee504616c104fc5af822938dd79425f467c3b5bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 05 Feb 2024 04:59:22 GMT
content-encoding
gzip
content-md5
ZeQH0cIatjmBJ7hqKoBn0Q==
age
2620638
x-cache
HIT
content-length
34606
x-ms-lease-status
unlocked
last-modified
Thu, 04 Jan 2024 04:42:14 GMT
server
ECAcc (frb/6769)
etag
0x8DC0CDF85D41F36
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
37ac7ba2-301e-00f8-021a-40a762000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
convergedlogin_pfetchsessionsprogress_d513b6f0c9182bbf1e0f.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/
15 KB
6 KB
Script
General
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_d513b6f0c9182bbf1e0f.js
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_ifnM-PFmwiHn5w4jnQzHNQ2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:78b9:f44e:2c1f:31aa:d9ef , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frb/67D8) /
Resource Hash
2a97c24ee7138154c1ab45fe46d7dbb0e439a63e5b1d46167adbed0221a20729

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 05 Feb 2024 04:59:22 GMT
content-encoding
gzip
content-md5
KYJx7/C9nJueI4M4v4G+FA==
age
2484010
x-cache
HIT
content-length
5513
x-ms-lease-status
unlocked
last-modified
Thu, 04 Jan 2024 04:42:14 GMT
server
ECAcc (frb/67D8)
etag
0x8DC0CDF85F19831
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
ba629e2a-201e-001d-3a58-41351f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
aadcdn.msftauth.net/shared/1.0/content/images/
3 KB
3 KB
Image
General
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:78b9:f44e:2c1f:31aa:d9ef , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frb/6733) /
Resource Hash
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 05 Feb 2024 04:59:22 GMT
content-md5
Fm3lNHEmUlOrOkVt7+baIw==
age
14947055
x-cache
HIT
content-length
2672
x-ms-lease-status
unlocked
last-modified
Wed, 24 May 2023 10:11:48 GMT
server
ECAcc (frb/6733)
etag
0x8DB5C3F4982FD30
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
28eeb129-b01e-00cc-74fe-cf2a7b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
aadcdn.msftauth.net/shared/1.0/content/images/
4 KB
4 KB
Image
General
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:78b9:f44e:2c1f:31aa:d9ef , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frb/67FE) /
Resource Hash
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 05 Feb 2024 04:59:22 GMT
content-md5
tUCo5RgDcZLjLE/li/Lbqw==
age
21627648
x-cache
HIT
content-length
3620
x-ms-lease-status
unlocked
last-modified
Wed, 24 May 2023 10:11:48 GMT
server
ECAcc (frb/67FE)
etag
0x8DB5C3F492F3EE5
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
e096ecc6-801e-0082-3e3c-932bad000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
illustration
aadcdn.msftauthimages.net/dbd5a2dd-vb7vabhwtpkojvnwgyos3ioixpo3v4c94gfezxv4-qq/logintenantbranding/0/
217 KB
218 KB
Image
General
Full URL
https://aadcdn.msftauthimages.net/dbd5a2dd-vb7vabhwtpkojvnwgyos3ioixpo3v4c94gfezxv4-qq/logintenantbranding/0/illustration?ts=635881038543277806
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1b23870d8263953a6e3c786c7d964f47afd4270c40b48cfe241ab71c7e73cff4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 05 Feb 2024 04:59:22 GMT
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
50755578
content-length
222088
x-ms-lease-status
unlocked
last-modified
Mon, 11 Jan 2016 10:10:56 GMT
etag
0x8D31A6F7EC82EFD
x-azure-ref
20240205T045922Z-k8q3e7bftp515e2qp1h0fh894g00000004x000000000191f
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
ed1b11a5-c01e-002a-7dc3-57d843000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
bannerlogo
aadcdn.msftauthimages.net/dbd5a2dd-vb7vabhwtpkojvnwgyos3ioixpo3v4c94gfezxv4-qq/logintenantbranding/0/
68 KB
68 KB
Image
General
Full URL
https://aadcdn.msftauthimages.net/dbd5a2dd-vb7vabhwtpkojvnwgyos3ioixpo3v4c94gfezxv4-qq/logintenantbranding/0/bannerlogo?ts=635881007224409597
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7af82e94c56dd54d15e6cd7513c454d5ba3089f689805928a6f8b034d3b92ffc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 05 Feb 2024 04:59:22 GMT
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
50755578
content-length
69291
x-ms-lease-status
unlocked
last-modified
Mon, 11 Jan 2016 09:18:52 GMT
etag
0x8D31A683911F209
x-azure-ref
20240205T045922Z-k8q3e7bftp515e2qp1h0fh894g00000004x000000000191g
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
4a0c5024-c01e-0048-01c3-571a64000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
aadcdn.msftauth.net/shared/1.0/content/images/
3 KB
3 KB
Image
General
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_ifnM-PFmwiHn5w4jnQzHNQ2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:78b9:f44e:2c1f:31aa:d9ef , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frb/6733) /
Resource Hash
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 05 Feb 2024 04:59:22 GMT
content-md5
Fm3lNHEmUlOrOkVt7+baIw==
age
14947055
x-cache
HIT
content-length
2672
x-ms-lease-status
unlocked
last-modified
Wed, 24 May 2023 10:11:48 GMT
server
ECAcc (frb/6733)
etag
0x8DB5C3F4982FD30
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
28eeb129-b01e-00cc-74fe-cf2a7b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
aadcdn.msftauth.net/shared/1.0/content/images/
4 KB
4 KB
Image
General
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_ifnM-PFmwiHn5w4jnQzHNQ2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:78b9:f44e:2c1f:31aa:d9ef , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frb/67FE) /
Resource Hash
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 05 Feb 2024 04:59:22 GMT
content-md5
tUCo5RgDcZLjLE/li/Lbqw==
age
21627648
x-cache
HIT
content-length
3620
x-ms-lease-status
unlocked
last-modified
Wed, 24 May 2023 10:11:48 GMT
server
ECAcc (frb/67FE)
etag
0x8DB5C3F492F3EE5
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
e096ecc6-801e-0082-3e3c-932bad000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
ssoprobe
autologon.microsoftazuread-sso.com/3d918542-68a9-4e89-ac7a-0f74754ddb24/winauth/
12 B
1 KB
Image
General
Full URL
https://autologon.microsoftazuread-sso.com/3d918542-68a9-4e89-ac7a-0f74754ddb24/winauth/ssoprobe?client-request-id=5834e73e-96c8-424b-a9a1-a97b395d3d78&_=1707109162509
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2603:1026:3000:150::a Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Mon, 05 Feb 2024 04:59:22 GMT
X-Content-Type-Options
nosniff
WWW-Authenticate
Negotiate
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Content-Length
12
X-XSS-Protection
0
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Vary
Origin
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png; charset=utf-8
Access-Control-Allow-Origin
https://login.microsoftonline.com
x-ms-request-id
235cb917-d7f6-4892-9ed1-1dac78595c01
Cache-Control
no-store, no-cache
Access-Control-Allow-Credentials
true
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
x-ms-ests-server
2.1.17184.4 - FRC ProdSlices
Expires
-1
dssostatus
login.microsoftonline.com/common/instrumentation/
265 B
1 KB
XHR
General
Full URL
https://login.microsoftonline.com/common/instrumentation/dssostatus
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_ifnM-PFmwiHn5w4jnQzHNQ2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2603:1026:3000:150::6 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4b36d197aadae4a8e749e31f8999a4d83f82c0e6c463475d1e39c51348647e8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

hpgrequestid
e6201ac5-66d8-40ba-8381-28ff52632801
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
client-request-id
5834e73e-96c8-424b-a9a1-a97b395d3d78
canary
PAQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-4UtlkaZOP6bksNP3zcp2mc40xW1atqFje-Kw_U2VhLozAgNbUqTVKYaEMbcd4S1Jf2dLmETu5ykeKjym8Av-QgF77cyhwZI_TUNSiEkHGw-H7WefDVbb7703VCZ-wd470RJMU_630ViW-Cm-ZGDegVKAbsyD8M8uhcQCQ1Wk9VsRV4lCzewvCoqqrfLXyTUxM6MCwqVfEp8QBWTv52HrpCAA
Content-type
application/json; charset=UTF-8
hpgid
1104
Accept
application/json
Referer
https://login.microsoftonline.com/3d918542-68a9-4e89-ac7a-0f74754ddb24/saml2?SAMLRequest=fVJdb%2BMgEPwrFu%2B2McEfoCSS7TS6SL27qMn1oS8RsTcNkg0p4F777w87d732oQUJaYdddmaWuRV9d%2BHl4M7qDp4GsC546Ttl%2BXSxQINRXAsrLVeiB8tdw3fl91tOIswvRjvd6A69K%2Fm6QlgLxkmtULBZLdAhYeukrlZVld%2FclFUxq2f1mjFW1YSRDOPyYOyhwJiyNDnhDytvGSVF0eAsn2WznGSp38CoR%2FB00gyyPE8zdo1SmhMfpYzmKQEU3IOxnscCeVqejLUDbJR1QjkPYUJDTEKc7jHlKeMkeUDBynsjlXBT1dm5i%2BVx3OlHqaJeNkZbfXJadVJB1Og%2BnrUsKVJKwqwQLKRQsFA0uQjxKfcUaNseCY1HxwgKaq0sjJ1H7zp59B698uYKcn10wj%2FaomCtTQPTqBboJDoLI%2FGt91Q%2Bwxuy%2FTuUSqpWqsev53G8Jln%2Bbb%2Ffhtufuz0Kyn8zGlkNPZgdmGfZwK%2B72%2F%2B623OaFyEMT0kEQyQv5%2F5lUo2W81ETnww1y0%2FS5vH7pPn1D%2F7w7Darre5k8zpK7YX7nHwSJRMi2%2FA0pXLohezKtjVgrRfRdfp3bUC4N2fi5bXtx9%2B%2B%2FAM%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=gD86MfGyOEvOmoyTTwQnAFVTj5PJ02OeBKySKHLF32VOiROR%2Fus2YAiUjSBDbiBhbhElcbU0jem3VjVHIf%2BgWXCYNBYvMAtQlM52C7pgz8hyQiSs6fCc0g1Az1vgtky2l094DFr5pdhQgn7CGA9Z45nQVaFeaTibxNNNCOiHHOEySYerEFIr8pesp7MRJossjLmeGU22b21X7Q%2FcOPtKi9Yj7LgU5CGvXb%2BL43JhkY%2F8YrEJ%2BfaGgEBeU%2F2Tf4l%2BbKX%2FQ%2FHC6Edp%2FC4O8Zaz2iuCYEEQglClc6SlKljuKtNm0c5ssWaxqDzedoTBnWd7I1%2BSM2pc5etg5y8WyvTW8g%3D%3D&sso_reload=true
hpgact
1900

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Mon, 05 Feb 2024 04:59:22 GMT
X-Content-Type-Options
nosniff
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
client-request-id
5834e73e-96c8-424b-a9a1-a97b395d3d78
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Content-Length
265
X-XSS-Protection
0
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Access-Control-Allow-Methods
POST, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://autologon.microsoftazuread-sso.com/
x-ms-request-id
235cb917-d7f6-4892-9ed1-1dac7f595c01
Cache-Control
no-store, no-cache
Access-Control-Allow-Credentials
true
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
x-ms-ests-server
2.1.17184.4 - FRC ProdSlices
Expires
-1
convergedlogin_pstringcustomizationhelper_7582d7648944aa49d261.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/
111 KB
35 KB
Script
General
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_7582d7648944aa49d261.js
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_ifnM-PFmwiHn5w4jnQzHNQ2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:78b9:f44e:2c1f:31aa:d9ef , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frb/6709) /
Resource Hash
c2735f54f9ea5b4009fb3f28e9013d3be1645466fd79d0fd06387c5c39438d0a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 05 Feb 2024 04:59:22 GMT
content-encoding
gzip
content-md5
2VGb7WsUGKsKvDHsvFoXPg==
age
2613987
x-cache
HIT
content-length
35913
x-ms-lease-status
unlocked
last-modified
Thu, 04 Jan 2024 04:42:15 GMT
server
ECAcc (frb/6709)
etag
0x8DC0CDF86C4011A
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
0d2780fa-a01e-00e9-6829-403c42000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
aadcdn.msftauth.net/shared/1.0/content/images/
2 KB
771 B
Image
General
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:78b9:f44e:2c1f:31aa:d9ef , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frb/67FE) /
Resource Hash
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 05 Feb 2024 04:59:22 GMT
content-encoding
gzip
content-md5
R2FAVxfpONfnQAuxVxXbHg==
age
21627650
x-cache
HIT
content-length
621
x-ms-lease-status
unlocked
last-modified
Wed, 24 May 2023 10:11:52 GMT
server
ECAcc (frb/67FE)
etag
0x8DB5C3F4BB4F03C
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
06290279-601e-003a-273c-9335be000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository object| Telemetry object| telemetry_webpackJsonp boolean| __ConvergedLogin_PCore boolean| __ boolean| __convergedlogin_pcustomizationloader_6a0a7b7c69bd86706a39 boolean| __convergedlogin_pfetchsessionsprogress_d513b6f0c9182bbf1e0f boolean| __convergedlogin_pstringcustomizationhelper_7582d7648944aa49d261

16 Cookies

Domain/Path Name / Value
dh578-euq1.eu.iphmx.com/ Name: sid
Value: 3340b7Lqb1Rtgw6feQZn
.login.microsoftonline.com/ Name: esctx-SaRlUDVJ2Jo
Value: AQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-Ym9PauntLsKAc6dBI4dMnp1x2s-qWylarnNECluAkA17_QXmH6htr9MB0RbWpZovb8vROPP9vq9OPT-x4oV-pz_XveCNz8SuQxjHnBgoYEKVmDdjPZANvNQkbZghHPu3T4WMmX87IJR192payHAu1CAA
login.microsoftonline.com/ Name: x-ms-gateway-slice
Value: estsfd
login.microsoftonline.com/ Name: stsservicecookie
Value: estsfd
.login.microsoftonline.com/ Name: AADSSO
Value: NA|NoExtension
login.microsoftonline.com/ Name: SSOCOOKIEPULLED
Value: 1
login.microsoftonline.com/ Name: buid
Value: 0.AQYAQoWRPaloiU6seg90dU3bJBeqDZPoV2dMhqwnhWrbTFwGAAA.AQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-zdZT1Ae-P37MZMGG1LtMadkkNopzAIHxKX70Yp9Zaipjh2kFLFLHpvFI5KWGL9c8RyMub21HOfaLHYqS69WGifs31VjO8bHOb-Bsi7ghi3IgAA
.login.microsoftonline.com/ Name: esctx
Value: PAQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-Sj2jaT6S-w9lNK4yX98uAfWnARQd2ohYnaZBCUMakg1NreJ9CrHZFOCBEx_vJyJ4f9A4xYiMXZDOHNVikBkelzPUYsPiHlLGuxeVq6aM50K5fH_Sru0VPQlzN00g6dkQba1mlTLF7ptXa64gmKBfPBdo65oW0TWohZZhgtb1pJ4gAA
.login.microsoftonline.com/ Name: esctx-Lu7hvgVSNg
Value: AQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-WwomVYYeTmcU10izS0TcSnS3wCLZ8ibH5rDxuJRpa_-SaGsU_E2hjwmU3lEdOAut0zF50QSbnALx45-Ll6UKoR5gaV07kDLlhj5_otLQXp1aaxN5Ru9_wQwlYS9d0F4arkENRQEqa7UquDNXFEjx-SAA
login.microsoftonline.com/ Name: fpc
Value: Ams2agkzQ4pMqtSGvOMC-3wsyLwtAQAAACpiUt0OAAAA
.login.microsoftonline.com/ Name: brcap
Value: 0
.login.live.com/ Name: uaid
Value: d33de7ee206a48c5b355bd6ce78e5cf0
.login.live.com/ Name: MSPRequ
Value: id=N&lt=1707109162&co=1
autologon.microsoftazuread-sso.com/ Name: fpc
Value: AsWICmIoxmxBikMroT4GjmA
autologon.microsoftazuread-sso.com/ Name: x-ms-gateway-slice
Value: estsfd
autologon.microsoftazuread-sso.com/ Name: stsservicecookie
Value: estsfd

9 Console Messages

Source Level URL
Text
rendering warning URL: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=vikram.mahto%40sapiens.com
Message:
The value "1user-scalable" for key "initial-scale" was truncated to its numeric prefix.
rendering warning URL: https://dh578-euq1.eu.iphmx.com:4431/quarantine?email=vikram.mahto%40sapiens.com
Message:
The key "no" is not recognized and ignored.
other warning URL: https://dh578-euq1.eu.iphmx.com:4431/quarantine/vendor.0e554207647b8b5f5607.js
Message:
A preload for 'https://dh578-euq1.eu.iphmx.com:4431/ng-login/apiConfig.json' is found, but is not used because the new request is synchronous.
other warning URL: https://login.microsoftonline.com/3d918542-68a9-4e89-ac7a-0f74754ddb24/saml2?SAMLRequest=fVJdb%2BMgEPwrFu%2B2McEfoCSS7TS6SL27qMn1oS8RsTcNkg0p4F777w87d732oQUJaYdddmaWuRV9d%2BHl4M7qDp4GsC546Ttl%2BXSxQINRXAsrLVeiB8tdw3fl91tOIswvRjvd6A69K%2Fm6QlgLxkmtULBZLdAhYeukrlZVld%2FclFUxq2f1mjFW1YSRDOPyYOyhwJiyNDnhDytvGSVF0eAsn2WznGSp38CoR%2FB00gyyPE8zdo1SmhMfpYzmKQEU3IOxnscCeVqejLUDbJR1QjkPYUJDTEKc7jHlKeMkeUDBynsjlXBT1dm5i%2BVx3OlHqaJeNkZbfXJadVJB1Og%2BnrUsKVJKwqwQLKRQsFA0uQjxKfcUaNseCY1HxwgKaq0sjJ1H7zp59B698uYKcn10wj%2FaomCtTQPTqBboJDoLI%2FGt91Q%2Bwxuy%2FTuUSqpWqsev53G8Jln%2Bbb%2Ffhtufuz0Kyn8zGlkNPZgdmGfZwK%2B72%2F%2B623OaFyEMT0kEQyQv5%2F5lUo2W81ETnww1y0%2FS5vH7pPn1D%2F7w7Darre5k8zpK7YX7nHwSJRMi2%2FA0pXLohezKtjVgrRfRdfp3bUC4N2fi5bXtx9%2B%2B%2FAM%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=gD86MfGyOEvOmoyTTwQnAFVTj5PJ02OeBKySKHLF32VOiROR%2Fus2YAiUjSBDbiBhbhElcbU0jem3VjVHIf%2BgWXCYNBYvMAtQlM52C7pgz8hyQiSs6fCc0g1Az1vgtky2l094DFr5pdhQgn7CGA9Z45nQVaFeaTibxNNNCOiHHOEySYerEFIr8pesp7MRJossjLmeGU22b21X7Q%2FcOPtKi9Yj7LgU5CGvXb%2BL43JhkY%2F8YrEJ%2BfaGgEBeU%2F2Tf4l%2BbKX%2FQ%2FHC6Edp%2FC4O8Zaz2iuCYEEQglClc6SlKljuKtNm0c5ssWaxqDzedoTBnWd7I1%2BSM2pc5etg5y8WyvTW8g%3D%3D&sso_reload=true
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://login.microsoftonline.com/3d918542-68a9-4e89-ac7a-0f74754ddb24/saml2?SAMLRequest=fVJdb%2BMgEPwrFu%2B2McEfoCSS7TS6SL27qMn1oS8RsTcNkg0p4F777w87d732oQUJaYdddmaWuRV9d%2BHl4M7qDp4GsC546Ttl%2BXSxQINRXAsrLVeiB8tdw3fl91tOIswvRjvd6A69K%2Fm6QlgLxkmtULBZLdAhYeukrlZVld%2FclFUxq2f1mjFW1YSRDOPyYOyhwJiyNDnhDytvGSVF0eAsn2WznGSp38CoR%2FB00gyyPE8zdo1SmhMfpYzmKQEU3IOxnscCeVqejLUDbJR1QjkPYUJDTEKc7jHlKeMkeUDBynsjlXBT1dm5i%2BVx3OlHqaJeNkZbfXJadVJB1Og%2BnrUsKVJKwqwQLKRQsFA0uQjxKfcUaNseCY1HxwgKaq0sjJ1H7zp59B698uYKcn10wj%2FaomCtTQPTqBboJDoLI%2FGt91Q%2Bwxuy%2FTuUSqpWqsev53G8Jln%2Bbb%2Ffhtufuz0Kyn8zGlkNPZgdmGfZwK%2B72%2F%2B623OaFyEMT0kEQyQv5%2F5lUo2W81ETnww1y0%2FS5vH7pPn1D%2F7w7Darre5k8zpK7YX7nHwSJRMi2%2FA0pXLohezKtjVgrRfRdfp3bUC4N2fi5bXtx9%2B%2B%2FAM%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=gD86MfGyOEvOmoyTTwQnAFVTj5PJ02OeBKySKHLF32VOiROR%2Fus2YAiUjSBDbiBhbhElcbU0jem3VjVHIf%2BgWXCYNBYvMAtQlM52C7pgz8hyQiSs6fCc0g1Az1vgtky2l094DFr5pdhQgn7CGA9Z45nQVaFeaTibxNNNCOiHHOEySYerEFIr8pesp7MRJossjLmeGU22b21X7Q%2FcOPtKi9Yj7LgU5CGvXb%2BL43JhkY%2F8YrEJ%2BfaGgEBeU%2F2Tf4l%2BbKX%2FQ%2FHC6Edp%2FC4O8Zaz2iuCYEEQglClc6SlKljuKtNm0c5ssWaxqDzedoTBnWd7I1%2BSM2pc5etg5y8WyvTW8g%3D%3D&sso_reload=true
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://autologon.microsoftazuread-sso.com/3d918542-68a9-4e89-ac7a-0f74754ddb24/winauth/ssoprobe?client-request-id=5834e73e-96c8-424b-a9a1-a97b395d3d78&_=1707109162509
Message:
Failed to load resource: the server responded with a status of 401 (Unauthorized)
other warning URL: https://login.microsoftonline.com/3d918542-68a9-4e89-ac7a-0f74754ddb24/saml2?SAMLRequest=fVJdb%2BMgEPwrFu%2B2McEfoCSS7TS6SL27qMn1oS8RsTcNkg0p4F777w87d732oQUJaYdddmaWuRV9d%2BHl4M7qDp4GsC546Ttl%2BXSxQINRXAsrLVeiB8tdw3fl91tOIswvRjvd6A69K%2Fm6QlgLxkmtULBZLdAhYeukrlZVld%2FclFUxq2f1mjFW1YSRDOPyYOyhwJiyNDnhDytvGSVF0eAsn2WznGSp38CoR%2FB00gyyPE8zdo1SmhMfpYzmKQEU3IOxnscCeVqejLUDbJR1QjkPYUJDTEKc7jHlKeMkeUDBynsjlXBT1dm5i%2BVx3OlHqaJeNkZbfXJadVJB1Og%2BnrUsKVJKwqwQLKRQsFA0uQjxKfcUaNseCY1HxwgKaq0sjJ1H7zp59B698uYKcn10wj%2FaomCtTQPTqBboJDoLI%2FGt91Q%2Bwxuy%2FTuUSqpWqsev53G8Jln%2Bbb%2Ffhtufuz0Kyn8zGlkNPZgdmGfZwK%2B72%2F%2B623OaFyEMT0kEQyQv5%2F5lUo2W81ETnww1y0%2FS5vH7pPn1D%2F7w7Darre5k8zpK7YX7nHwSJRMi2%2FA0pXLohezKtjVgrRfRdfp3bUC4N2fi5bXtx9%2B%2B%2FAM%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=gD86MfGyOEvOmoyTTwQnAFVTj5PJ02OeBKySKHLF32VOiROR%2Fus2YAiUjSBDbiBhbhElcbU0jem3VjVHIf%2BgWXCYNBYvMAtQlM52C7pgz8hyQiSs6fCc0g1Az1vgtky2l094DFr5pdhQgn7CGA9Z45nQVaFeaTibxNNNCOiHHOEySYerEFIr8pesp7MRJossjLmeGU22b21X7Q%2FcOPtKi9Yj7LgU5CGvXb%2BL43JhkY%2F8YrEJ%2BfaGgEBeU%2F2Tf4l%2BbKX%2FQ%2FHC6Edp%2FC4O8Zaz2iuCYEEQglClc6SlKljuKtNm0c5ssWaxqDzedoTBnWd7I1%2BSM2pc5etg5y8WyvTW8g%3D%3D&sso_reload=true
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://login.microsoftonline.com/3d918542-68a9-4e89-ac7a-0f74754ddb24/saml2?SAMLRequest=fVJdb%2BMgEPwrFu%2B2McEfoCSS7TS6SL27qMn1oS8RsTcNkg0p4F777w87d732oQUJaYdddmaWuRV9d%2BHl4M7qDp4GsC546Ttl%2BXSxQINRXAsrLVeiB8tdw3fl91tOIswvRjvd6A69K%2Fm6QlgLxkmtULBZLdAhYeukrlZVld%2FclFUxq2f1mjFW1YSRDOPyYOyhwJiyNDnhDytvGSVF0eAsn2WznGSp38CoR%2FB00gyyPE8zdo1SmhMfpYzmKQEU3IOxnscCeVqejLUDbJR1QjkPYUJDTEKc7jHlKeMkeUDBynsjlXBT1dm5i%2BVx3OlHqaJeNkZbfXJadVJB1Og%2BnrUsKVJKwqwQLKRQsFA0uQjxKfcUaNseCY1HxwgKaq0sjJ1H7zp59B698uYKcn10wj%2FaomCtTQPTqBboJDoLI%2FGt91Q%2Bwxuy%2FTuUSqpWqsev53G8Jln%2Bbb%2Ffhtufuz0Kyn8zGlkNPZgdmGfZwK%2B72%2F%2B623OaFyEMT0kEQyQv5%2F5lUo2W81ETnww1y0%2FS5vH7pPn1D%2F7w7Darre5k8zpK7YX7nHwSJRMi2%2FA0pXLohezKtjVgrRfRdfp3bUC4N2fi5bXtx9%2B%2B%2FAM%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=gD86MfGyOEvOmoyTTwQnAFVTj5PJ02OeBKySKHLF32VOiROR%2Fus2YAiUjSBDbiBhbhElcbU0jem3VjVHIf%2BgWXCYNBYvMAtQlM52C7pgz8hyQiSs6fCc0g1Az1vgtky2l094DFr5pdhQgn7CGA9Z45nQVaFeaTibxNNNCOiHHOEySYerEFIr8pesp7MRJossjLmeGU22b21X7Q%2FcOPtKi9Yj7LgU5CGvXb%2BL43JhkY%2F8YrEJ%2BfaGgEBeU%2F2Tf4l%2BbKX%2FQ%2FHC6Edp%2FC4O8Zaz2iuCYEEQglClc6SlKljuKtNm0c5ssWaxqDzedoTBnWd7I1%2BSM2pc5etg5y8WyvTW8g%3D%3D&sso_reload=true
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://login.microsoftonline.com/3d918542-68a9-4e89-ac7a-0f74754ddb24/saml2?SAMLRequest=fVJdb%2BMgEPwrFu%2B2McEfoCSS7TS6SL27qMn1oS8RsTcNkg0p4F777w87d732oQUJaYdddmaWuRV9d%2BHl4M7qDp4GsC546Ttl%2BXSxQINRXAsrLVeiB8tdw3fl91tOIswvRjvd6A69K%2Fm6QlgLxkmtULBZLdAhYeukrlZVld%2FclFUxq2f1mjFW1YSRDOPyYOyhwJiyNDnhDytvGSVF0eAsn2WznGSp38CoR%2FB00gyyPE8zdo1SmhMfpYzmKQEU3IOxnscCeVqejLUDbJR1QjkPYUJDTEKc7jHlKeMkeUDBynsjlXBT1dm5i%2BVx3OlHqaJeNkZbfXJadVJB1Og%2BnrUsKVJKwqwQLKRQsFA0uQjxKfcUaNseCY1HxwgKaq0sjJ1H7zp59B698uYKcn10wj%2FaomCtTQPTqBboJDoLI%2FGt91Q%2Bwxuy%2FTuUSqpWqsev53G8Jln%2Bbb%2Ffhtufuz0Kyn8zGlkNPZgdmGfZwK%2B72%2F%2B623OaFyEMT0kEQyQv5%2F5lUo2W81ETnww1y0%2FS5vH7pPn1D%2F7w7Darre5k8zpK7YX7nHwSJRMi2%2FA0pXLohezKtjVgrRfRdfp3bUC4N2fi5bXtx9%2B%2B%2FAM%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=gD86MfGyOEvOmoyTTwQnAFVTj5PJ02OeBKySKHLF32VOiROR%2Fus2YAiUjSBDbiBhbhElcbU0jem3VjVHIf%2BgWXCYNBYvMAtQlM52C7pgz8hyQiSs6fCc0g1Az1vgtky2l094DFr5pdhQgn7CGA9Z45nQVaFeaTibxNNNCOiHHOEySYerEFIr8pesp7MRJossjLmeGU22b21X7Q%2FcOPtKi9Yj7LgU5CGvXb%2BL43JhkY%2F8YrEJ%2BfaGgEBeU%2F2Tf4l%2BbKX%2FQ%2FHC6Edp%2FC4O8Zaz2iuCYEEQglClc6SlKljuKtNm0c5ssWaxqDzedoTBnWd7I1%2BSM2pc5etg5y8WyvTW8g%3D%3D&sso_reload=true
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'unsafe-eval' 'unsafe-inline' blob: resource://pdf.js/web/ resource://pdf.js/build/ data: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://www.amcharts.com https://*.amp.cisco.com code.jquery.com online.swagger.io https://cdn.security.cisco.com ; frame-ancestors 'self'; base-uri 'self' resource://pdf.js/web/ resource://pdf.js/build/
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msauth.net
aadcdn.msftauth.net
aadcdn.msftauthimages.net
autologon.microsoftazuread-sso.com
cdn.security.cisco.com
dh578-euq1.eu.iphmx.com
login.live.com
login.microsoftonline.com
www.googletagmanager.com
207.54.66.120
2600:9000:2250:7800:19:a7d3:e1c0:93a1
2603:1026:3000:150::6
2603:1026:3000:150::a
2606:2800:233:78b9:f44e:2c1f:31aa:d9ef
2620:1ec:bdf::45
2a00:1450:4001:812::2008
40.126.31.73
00a85c1eb822be6d3bbf09bae15c37c42eb2e4fd02e6adbd732f54d30fa20901
147166480180e4aeabe038b9f4ff16b41791e80b9545f44838ea25c1bb6723e4
15e697417242d779ddec5439f81b56bdc61974ffda9a40919be81428f341296e
167a1dd646b4c58fa221abd6f5c94f3d9589ead569b26b85ad8f56826b0e2e0b
1b23870d8263953a6e3c786c7d964f47afd4270c40b48cfe241ab71c7e73cff4
2843634c6eb402ee71054b8b49843610d9a1032980352faadae0eee95029b19b
2a97c24ee7138154c1ab45fe46d7dbb0e439a63e5b1d46167adbed0221a20729
2b9c25a4f1f50e3bd8f868967751f09e8b95f97852155e81faac830e3bb383d9
3375dcff0a76e37bd5d6fc20d0d5a4ebca1732b48375d4ab6ee759aff6c379d5
38ebc790eb773b0460c4fcf825f36531cbb235b4f5618b09f4205d8df685e2f9
3ef2866d5cca4f75e3ea8be04ecb58d27a71e5f122a01282e0615c6c9831a0f0
42976e3f7e07d76e675a97382b7187e080fbd8ab3de382883c40c89c44becbba
4b01a0a34ce8ed4bc8a8713be0442d49da6a756236b7b4424622ca3dee820f41
4b36d197aadae4a8e749e31f8999a4d83f82c0e6c463475d1e39c51348647e8e
4d0b1a9fb67e24f673e7e0cd036f57674267c789d8e1a025fe92dc464e76eb05
51b77d0b4b52b5ff7be5a45e5e2d4c552ee448083c84063b48976d6a62f2eb33
555d20ddd88d77f0ced2cb48b51a181891089b6cbf9f8adeac6dc60cd78ea485
565aaa4c8a37cbb95c94bbc4e5c44e20b486d977a9ad32256eaf254b85dfbe06
5924b0fe56e02a29a3598c877af09aebc8a0e3a222d9b6532127229303b812e0
688a2d42350796280657d4bfee504616c104fc5af822938dd79425f467c3b5bc
6f4fa3cd4df8d3df00a8aa928e8ef57b7c375c28fb2f0368d3ed55743b4d15f8
77bed2cdf7222737f240491655a32e9714725f7d02188e1fbe690ba7dc065ebb
78a1c79165972648e5450935b44a738de9edc163c329fa88b1e0c2074b01f5fa
7af82e94c56dd54d15e6cd7513c454d5ba3089f689805928a6f8b034d3b92ffc
7ed624b3ee31a0e62e123feb308836d1f259edda7e7d187bb5d599f8c4964bbc
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
9b3565e5ade37585c4d4bcaa221b487d99f842f9fce0b98873c1adb9ebdea5e6
a2ae21c10dbd4bcf016582e2e9d046f92b62914a10fccc554e6e939f1e56a41c
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13
b069ceea552a59312ee383b78c8e1b526cf798c2d29cb95293a1feb54a4ad40a
b4b73e14bc1eb66e65c9f899c77e52a391c8898246b90acea415200e92c4c9af
b748f8b4820e579b1b841feee27e1734012d5084a54a872ad5657620fc6a4c16
bb7d278ab80d55e7559d54db2c79ca936313e341b19d832720b681bf97abe63d
c2735f54f9ea5b4009fb3f28e9013d3be1645466fd79d0fd06387c5c39438d0a
c34c37056ef1aaf0d8dbccbd5fd84cd064975f1613b20628c3d01cfcc114b0c0
d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f
d13e305faa48324c4dcb6f98fe2409c1d668e42db2607953c3bcdb629dd7689e
d5533e8c475630df84fcfc1d20a363719378310c1b9598d6a9819d3529188cb8
d987e276c171ba11d3fb1f4f1059f930ba2d710a576767b9664761f6748da18e
e2cdefe9680853d4d39a05ca12fa32d320896a59bef51cde4e1c0ec17b2bd686
e7478bf2dd3fcd1658bc92ac63e8946cfebb8e6f54362a4caeef95e11c0c85b3
eff9e09e4238ef11695ef2aa8729cf849d21ab9252684560d2e1611344133eb1
f28d579b984fcd979d95e9f19a82a63b64027e06c8ca75c724efdc7b40bb6da3
fa1a20cdeede3a279470e67c18998b386584db7c0ab835fe956698d3f5f99cce
ffebec9dd051122236916aca90a88ce8d3d90e056f01c288fdbd74ed1592f23b