login.eperigw.peptest.ch Open in urlscan Pro
92.42.191.170  Malicious Activity! Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

38 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set authorize Show response login.eperigw.peptest.ch/common/oauth2/	26 KB 27 KB	393ms 326ms	Document text/html	92.42.191.170 NINE
General Check archive.org Show headers Download Go to Full URL https://login.eperigw.peptest.ch/common/oauth2/authorize?client_id=4345a7b9-9a63-4910-a426-35363201d503&response_mode=form_post&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties=Jlcbk1rsiwWQ-OOIUXXnpBY7DjxwmwYB4osh90RXJR5zexKs4_x_ZWJGt-SvBXqG4uiTHSKI-P5b5YnLAoDuzF2EjyUdJbYpNFuvKCBphjbJUXYmFAAkD6xair0wR27d&nonce=636797269958531309.YjIzNjlmMzEtMDEyYS00MDc2LWJiMTUtZTFkM2VjZTkxZjY4YzM3MjM4NGQtZWZlYi00MjA4LWE1YjQtOWM3ZDAwNjRjM2U1&redirect_uri=https://office.eperigw.peptest.ch/&ui_locales=en-US&mkt=en-US Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 92.42.191.170 , Switzerland, ASN29691 (NINE, CH), Reverse DNS dev.null.pep.security Software Apache-Coyote/1.1 / Resource Hash 4c2a67544f9097158338dce5415d1756824b43c92484cc7089e9537706023330 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Host login.eperigw.peptest.ch Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Server Apache-Coyote/1.1 Set-Cookie buid=AQABAAEAAAC5una0EUFgTIF8ElaxtWjTuiQ_xlRRgSyh17RugQPqlQw3WLSY_a0bo8M8m7hb88vfuoyv4B0QXZfwVRsgYhRlLqOrYdK3snAvAjXkF2wb85lP5s01m26nkgWAQ_BnByYgAA; expires=Sun, 13-Jan-2019 02:54:54 GMT; path=/; secure; HttpOnly fpc=AfNpyy8_VkRIjyAG3N_QFR9FBk5dAQAIdbeGb2HWCA; expires=Sun, 13-Jan-2019 02:54:55 GMT; path=/; secure; HttpOnly esctx=AQABAAAAAAC5una0EUFgTIF8ElaxtWjT5DEyxVe9san8UWdAV7z4vkH9LC978YKPdKRkniNvd_PbAe2XhneHPQM44j4Nh1V_0o3p8ZKAOMEIfaEiL4bkra_6LYTA8CFcpVNkruNoGs8DqwUsqK4E_44xe-1Swkco79n-XWX-wbYf11MAXMuGf1jvzdVDVjzAHXRtgwHaIlQgAA; domain=.login.eperigw.peptest.ch; path=/; secure; HttpOnly x-ms-gateway-slice=013; path=/; secure; HttpOnly stsservicecookie=ests; path=/; secure; HttpOnly X-Frame-Options DENY Strict-Transport-Security max-age=31536000; includeSubDomains Cache-Control no-cache, no-store X-Content-Type-Options nosniff Vary Accept-Encoding Pragma no-cache Expires -1 P3P CP="DSP CUR OTPi IND OTRi ONL FIN" x-ms-request-id 0feb24f3-71f1-4fa2-a5c0-4228f7736e00 Date Fri, 14 Dec 2018 02:54:55 GMT Content-Type text/html;charset=utf-8 Content-Length 26862
GET H/1.1	200 OK	converged.v2.login.min_cqc1snhglyamadfdulaq7a2.css secure.aadcdn.microsoftonline-p.com/ests/2.1.8395.18/content/cdnbundles/	100 KB 19 KB	45ms 6ms	Stylesheet text/css	2a02:26f0:6c00:2bf::35c1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://secure.aadcdn.microsoftonline-p.com/ests/2.1.8395.18/content/cdnbundles/converged.v2.login.min_cqc1snhglyamadfdulaq7a2.css Requested by Host: login.eperigw.peptest.ch URL: https://login.eperigw.peptest.ch/common/oauth2/authorize?client_id=4345a7b9-9a63-4910-a426-35363201d503&response_mode=form_post&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties=Jlcbk1rsiwWQ-OOIUXXnpBY7DjxwmwYB4osh90RXJR5zexKs4_x_ZWJGt-SvBXqG4uiTHSKI-P5b5YnLAoDuzF2EjyUdJbYpNFuvKCBphjbJUXYmFAAkD6xair0wR27d&nonce=636797269958531309.YjIzNjlmMzEtMDEyYS00MDc2LWJiMTUtZTFkM2VjZTkxZjY4YzM3MjM4NGQtZWZlYi00MjA4LWE1YjQtOWM3ZDAwNjRjM2U1&redirect_uri=https://office.eperigw.peptest.ch/&ui_locales=en-US&mkt=en-US Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:2bf::35c1 , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software / Resource Hash ad0af0c968ea32f476ff414c46476f64bbc218922ea40a9820b4f125061d6278 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://login.eperigw.peptest.ch/common/oauth2/authorize?client_id=4345a7b9-9a63-4910-a426-35363201d503&response_mode=form_post&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties=Jlcbk1rsiwWQ-OOIUXXnpBY7DjxwmwYB4osh90RXJR5zexKs4_x_ZWJGt-SvBXqG4uiTHSKI-P5b5YnLAoDuzF2EjyUdJbYpNFuvKCBphjbJUXYmFAAkD6xair0wR27d&nonce=636797269958531309.YjIzNjlmMzEtMDEyYS00MDc2LWJiMTUtZTFkM2VjZTkxZjY4YzM3MjM4NGQtZWZlYi00MjA4LWE1YjQtOWM3ZDAwNjRjM2U1&redirect_uri=https://office.eperigw.peptest.ch/&ui_locales=en-US&mkt=en-US Origin https://login.eperigw.peptest.ch Response headers Date Fri, 14 Dec 2018 02:54:55 GMT Content-Encoding gzip Last-Modified Tue, 11 Dec 2018 22:41:14 GMT Content-MD5 WOFYHBuspOEkp9sUTLTw9A== Vary Accept-Encoding Strict-Transport-Security max-age=31536000 Content-Type text/css Access-Control-Allow-Origin * Access-Control-Expose-Headers x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type Cache-Control public, max-age=419516 Connection keep-alive Content-Length 18796
GET H/1.1	200 OK	oldconvergedlogin_pcore.min_z2qsp8b10e2xrib0uwoksg2.js Show response secure.aadcdn.microsoftonline-p.com/ests/2.1.8395.18/content/cdnbundles/	501 KB 131 KB	44ms 6ms	Script application/x-javascript	2a02:26f0:6c00:2bf::35c1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://secure.aadcdn.microsoftonline-p.com/ests/2.1.8395.18/content/cdnbundles/oldconvergedlogin_pcore.min_z2qsp8b10e2xrib0uwoksg2.js Requested by Host: login.eperigw.peptest.ch URL: https://login.eperigw.peptest.ch/common/oauth2/authorize?client_id=4345a7b9-9a63-4910-a426-35363201d503&response_mode=form_post&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties=Jlcbk1rsiwWQ-OOIUXXnpBY7DjxwmwYB4osh90RXJR5zexKs4_x_ZWJGt-SvBXqG4uiTHSKI-P5b5YnLAoDuzF2EjyUdJbYpNFuvKCBphjbJUXYmFAAkD6xair0wR27d&nonce=636797269958531309.YjIzNjlmMzEtMDEyYS00MDc2LWJiMTUtZTFkM2VjZTkxZjY4YzM3MjM4NGQtZWZlYi00MjA4LWE1YjQtOWM3ZDAwNjRjM2U1&redirect_uri=https://office.eperigw.peptest.ch/&ui_locales=en-US&mkt=en-US Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:2bf::35c1 , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software / Resource Hash eb877b559cfec9e856b9daf8e77453f2a55cadae4ad5da23cee8432f6138275c Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://login.eperigw.peptest.ch/common/oauth2/authorize?client_id=4345a7b9-9a63-4910-a426-35363201d503&response_mode=form_post&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties=Jlcbk1rsiwWQ-OOIUXXnpBY7DjxwmwYB4osh90RXJR5zexKs4_x_ZWJGt-SvBXqG4uiTHSKI-P5b5YnLAoDuzF2EjyUdJbYpNFuvKCBphjbJUXYmFAAkD6xair0wR27d&nonce=636797269958531309.YjIzNjlmMzEtMDEyYS00MDc2LWJiMTUtZTFkM2VjZTkxZjY4YzM3MjM4NGQtZWZlYi00MjA4LWE1YjQtOWM3ZDAwNjRjM2U1&redirect_uri=https://office.eperigw.peptest.ch/&ui_locales=en-US&mkt=en-US Origin https://login.eperigw.peptest.ch Response headers Date Fri, 14 Dec 2018 02:54:55 GMT Content-Encoding gzip Last-Modified Tue, 11 Dec 2018 22:43:37 GMT Content-MD5 FdlXxIa9bv+iGIT+8NuaIQ== Vary Accept-Encoding Strict-Transport-Security max-age=31536000 Content-Type application/x-javascript Access-Control-Allow-Origin * Access-Control-Expose-Headers x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type Cache-Control public, max-age=419516 Connection keep-alive Content-Length 134137
GET H/1.1	200 OK	convergedloginpaginatedstrings-en.min_tz-7brpfmo-t-tvb6a2rvq2.js Show response secure.aadcdn.microsoftonline-p.com/ests/2.1.8395.18/content/cdnbundles/	29 KB 10 KB	45ms 6ms	Script application/x-javascript	2a02:26f0:6c00:2bf::35c1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://secure.aadcdn.microsoftonline-p.com/ests/2.1.8395.18/content/cdnbundles/convergedloginpaginatedstrings-en.min_tz-7brpfmo-t-tvb6a2rvq2.js Requested by Host: login.eperigw.peptest.ch URL: https://login.eperigw.peptest.ch/common/oauth2/authorize?client_id=4345a7b9-9a63-4910-a426-35363201d503&response_mode=form_post&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties=Jlcbk1rsiwWQ-OOIUXXnpBY7DjxwmwYB4osh90RXJR5zexKs4_x_ZWJGt-SvBXqG4uiTHSKI-P5b5YnLAoDuzF2EjyUdJbYpNFuvKCBphjbJUXYmFAAkD6xair0wR27d&nonce=636797269958531309.YjIzNjlmMzEtMDEyYS00MDc2LWJiMTUtZTFkM2VjZTkxZjY4YzM3MjM4NGQtZWZlYi00MjA4LWE1YjQtOWM3ZDAwNjRjM2U1&redirect_uri=https://office.eperigw.peptest.ch/&ui_locales=en-US&mkt=en-US Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:2bf::35c1 , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software / Resource Hash 978995535b9ccbd4d1c0beb6da1abd141bce3806dc246ec7bb5e45df4e1090ce Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://login.eperigw.peptest.ch/common/oauth2/authorize?client_id=4345a7b9-9a63-4910-a426-35363201d503&response_mode=form_post&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties=Jlcbk1rsiwWQ-OOIUXXnpBY7DjxwmwYB4osh90RXJR5zexKs4_x_ZWJGt-SvBXqG4uiTHSKI-P5b5YnLAoDuzF2EjyUdJbYpNFuvKCBphjbJUXYmFAAkD6xair0wR27d&nonce=636797269958531309.YjIzNjlmMzEtMDEyYS00MDc2LWJiMTUtZTFkM2VjZTkxZjY4YzM3MjM4NGQtZWZlYi00MjA4LWE1YjQtOWM3ZDAwNjRjM2U1&redirect_uri=https://office.eperigw.peptest.ch/&ui_locales=en-US&mkt=en-US Origin https://login.eperigw.peptest.ch Response headers Date Fri, 14 Dec 2018 02:54:55 GMT Content-Encoding gzip Last-Modified Tue, 11 Dec 2018 22:42:17 GMT Content-MD5 yB3HXd2e/z00WNVFWbrC7A== Vary Accept-Encoding Strict-Transport-Security max-age=31536000 Content-Type application/x-javascript Access-Control-Allow-Origin * Access-Control-Expose-Headers x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type Cache-Control public, max-age=419517 Connection keep-alive Content-Length 9495
GET H/1.1	200 OK	0-small_138bcee624fa04ef9b75e86211a9fe0d.jpg secure.aadcdn.microsoftonline-p.com/ests/2.1.8395.18/content/images/backgrounds/	3 KB 3 KB	18ms 6ms	Image image/jpeg	2a02:26f0:6c00:283::35c1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://secure.aadcdn.microsoftonline-p.com/ests/2.1.8395.18/content/images/backgrounds/0-small_138bcee624fa04ef9b75e86211a9fe0d.jpg Requested by Host: secure.aadcdn.microsoftonline-p.com URL: https://secure.aadcdn.microsoftonline-p.com/ests/2.1.8395.18/content/cdnbundles/oldconvergedlogin_pcore.min_z2qsp8b10e2xrib0uwoksg2.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:283::35c1 , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software / Resource Hash f89e908280791803bbf1f33b596ff4a2179b355a8e15ad02ebaa2b1da11127ea Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://login.eperigw.peptest.ch/common/oauth2/authorize?client_id=4345a7b9-9a63-4910-a426-35363201d503&response_mode=form_post&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties=Jlcbk1rsiwWQ-OOIUXXnpBY7DjxwmwYB4osh90RXJR5zexKs4_x_ZWJGt-SvBXqG4uiTHSKI-P5b5YnLAoDuzF2EjyUdJbYpNFuvKCBphjbJUXYmFAAkD6xair0wR27d&nonce=636797269958531309.YjIzNjlmMzEtMDEyYS00MDc2LWJiMTUtZTFkM2VjZTkxZjY4YzM3MjM4NGQtZWZlYi00MjA4LWE1YjQtOWM3ZDAwNjRjM2U1&redirect_uri=https://office.eperigw.peptest.ch/&ui_locales=en-US&mkt=en-US User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Fri, 14 Dec 2018 02:54:55 GMT Last-Modified Tue, 11 Dec 2018 22:45:18 GMT Content-MD5 E4vO5iT6BO+bdehiEan+DQ== Strict-Transport-Security max-age=31536000 Content-Type image/jpeg Access-Control-Allow-Origin * Access-Control-Expose-Headers x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type Cache-Control public, max-age=419517 Connection keep-alive Content-Length 3006
GET H/1.1	200 OK	0_a5dbd4393ff6a725c7e62b61df7e72f0.jpg secure.aadcdn.microsoftonline-p.com/ests/2.1.8395.18/content/images/backgrounds/	277 KB 277 KB	18ms 6ms	Image image/jpeg	2a02:26f0:6c00:283::35c1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://secure.aadcdn.microsoftonline-p.com/ests/2.1.8395.18/content/images/backgrounds/0_a5dbd4393ff6a725c7e62b61df7e72f0.jpg Requested by Host: secure.aadcdn.microsoftonline-p.com URL: https://secure.aadcdn.microsoftonline-p.com/ests/2.1.8395.18/content/cdnbundles/oldconvergedlogin_pcore.min_z2qsp8b10e2xrib0uwoksg2.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:283::35c1 , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software / Resource Hash 211a907de2da0ff4a0e90917ac8054e2f35c351180977550c26e51b4909f2beb Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://login.eperigw.peptest.ch/common/oauth2/authorize?client_id=4345a7b9-9a63-4910-a426-35363201d503&response_mode=form_post&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties=Jlcbk1rsiwWQ-OOIUXXnpBY7DjxwmwYB4osh90RXJR5zexKs4_x_ZWJGt-SvBXqG4uiTHSKI-P5b5YnLAoDuzF2EjyUdJbYpNFuvKCBphjbJUXYmFAAkD6xair0wR27d&nonce=636797269958531309.YjIzNjlmMzEtMDEyYS00MDc2LWJiMTUtZTFkM2VjZTkxZjY4YzM3MjM4NGQtZWZlYi00MjA4LWE1YjQtOWM3ZDAwNjRjM2U1&redirect_uri=https://office.eperigw.peptest.ch/&ui_locales=en-US&mkt=en-US User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Fri, 14 Dec 2018 02:54:55 GMT Last-Modified Tue, 11 Dec 2018 22:45:18 GMT Content-MD5 pdvUOT/2pyXH5ith335y8A== Strict-Transport-Security max-age=31536000 Content-Type image/jpeg Access-Control-Allow-Origin * Access-Control-Expose-Headers x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type Cache-Control public, max-age=419517 Connection keep-alive Content-Length 283351
GET H/1.1	200 OK	Cookie set prefetch Show response office.eperigw.peptest.ch/prefetch/ Frame EBB2	3 KB 3 KB	257ms 166ms	Document text/html	92.42.191.170 NINE
General Check archive.org Show headers Download Go to Full URL https://office.eperigw.peptest.ch/prefetch/prefetch Requested by Host: secure.aadcdn.microsoftonline-p.com URL: https://secure.aadcdn.microsoftonline-p.com/ests/2.1.8395.18/content/cdnbundles/oldconvergedlogin_pcore.min_z2qsp8b10e2xrib0uwoksg2.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 92.42.191.170 , Switzerland, ASN29691 (NINE, CH), Reverse DNS dev.null.pep.security Software Apache-Coyote/1.1 / Resource Hash 572c8d6b0e77d8679ce1f609bd77cdd27c97002db3af9f9c575e83e4dbcbde49 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Host office.eperigw.peptest.ch Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 Referer https://login.eperigw.peptest.ch/common/oauth2/authorize?client_id=4345a7b9-9a63-4910-a426-35363201d503&response_mode=form_post&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties=Jlcbk1rsiwWQ-OOIUXXnpBY7DjxwmwYB4osh90RXJR5zexKs4_x_ZWJGt-SvBXqG4uiTHSKI-P5b5YnLAoDuzF2EjyUdJbYpNFuvKCBphjbJUXYmFAAkD6xair0wR27d&nonce=636797269958531309.YjIzNjlmMzEtMDEyYS00MDc2LWJiMTUtZTFkM2VjZTkxZjY4YzM3MjM4NGQtZWZlYi00MjA4LWE1YjQtOWM3ZDAwNjRjM2U1&redirect_uri=https://office.eperigw.peptest.ch/&ui_locales=en-US&mkt=en-US Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://login.eperigw.peptest.ch/common/oauth2/authorize?client_id=4345a7b9-9a63-4910-a426-35363201d503&response_mode=form_post&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties=Jlcbk1rsiwWQ-OOIUXXnpBY7DjxwmwYB4osh90RXJR5zexKs4_x_ZWJGt-SvBXqG4uiTHSKI-P5b5YnLAoDuzF2EjyUdJbYpNFuvKCBphjbJUXYmFAAkD6xair0wR27d&nonce=636797269958531309.YjIzNjlmMzEtMDEyYS00MDc2LWJiMTUtZTFkM2VjZTkxZjY4YzM3MjM4NGQtZWZlYi00MjA4LWE1YjQtOWM3ZDAwNjRjM2U1&redirect_uri=https://office.eperigw.peptest.ch/&ui_locales=en-US&mkt=en-US Response headers Server Apache-Coyote/1.1 Set-Cookie OH.DCAffinity=OH-weu; path=/; secure; HttpOnly OH.SID=fa72ad70-7007-40b6-a48c-21006a51c0db; path=/; secure; HttpOnly p.UnAuthUserCookie=602b861d-bbb3-4ef6-a62d-18f482458f9f; path=/; expires=Sat, 14-Dec-2019 02:54:55 GMT; secure; HttpOnly MUID=32BB7695043962B414E67A500527630B; path=/; secure; expires=Wed, 08-Jan-2020 02:54:55 GMT; domain=eperigw.peptest.ch Referrer-Policy strict-origin-when-cross-origin X-UA-Compatible IE=edge,chrome=1 Strict-Transport-Security max-age=31536000 Cache-Control private, no-store, must-revalidate, max-age=0 X-Content-Type-Options nosniff Vary Accept-Encoding Expires Fri, 14 Dec 2018 02:53:55 GMT X-XSS-Protection 1; mode=block X-MSEdge-Ref Ref A: 8941DB5363AC409C97DBE7B0841FA4D2 Ref B: VIEEDGE0906 Ref C: 2018-12-14T02:54:55Z Date Fri, 14 Dec 2018 02:54:55 GMT Content-Type text/html;charset=utf-8 Content-Length 2598
GET H/1.1	200 OK	microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg secure.aadcdn.microsoftonline-p.com/ests/2.1.8395.18/content/images/	4 KB 2 KB	7ms 6ms	Image image/svg+xml	2a02:26f0:6c00:283::35c1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://secure.aadcdn.microsoftonline-p.com/ests/2.1.8395.18/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:283::35c1 , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software / Resource Hash 04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://login.eperigw.peptest.ch/common/oauth2/authorize?client_id=4345a7b9-9a63-4910-a426-35363201d503&response_mode=form_post&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties=Jlcbk1rsiwWQ-OOIUXXnpBY7DjxwmwYB4osh90RXJR5zexKs4_x_ZWJGt-SvBXqG4uiTHSKI-P5b5YnLAoDuzF2EjyUdJbYpNFuvKCBphjbJUXYmFAAkD6xair0wR27d&nonce=636797269958531309.YjIzNjlmMzEtMDEyYS00MDc2LWJiMTUtZTFkM2VjZTkxZjY4YzM3MjM4NGQtZWZlYi00MjA4LWE1YjQtOWM3ZDAwNjRjM2U1&redirect_uri=https://office.eperigw.peptest.ch/&ui_locales=en-US&mkt=en-US User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Fri, 14 Dec 2018 02:54:55 GMT Content-Encoding gzip Last-Modified Tue, 11 Dec 2018 22:44:32 GMT Content-MD5 nzaLxFgP7ZB3dfMcaybWzw== Vary Accept-Encoding Strict-Transport-Security max-age=31536000 Content-Type image/svg+xml Access-Control-Allow-Origin * Access-Control-Expose-Headers x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type Cache-Control public, max-age=419517 Connection keep-alive Content-Length 1435
GET H/1.1	200 OK	ellipsis_white_5ac590ee72bfe06a7cecfd75b588ad73.svg secure.aadcdn.microsoftonline-p.com/ests/2.1.8395.18/content/images/	915 B 735 B	6ms 5ms	Image image/svg+xml	2a02:26f0:6c00:283::35c1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://secure.aadcdn.microsoftonline-p.com/ests/2.1.8395.18/content/images/ellipsis_white_5ac590ee72bfe06a7cecfd75b588ad73.svg Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:283::35c1 , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software / Resource Hash 6075736ea9c281d69c4a3d78ff97bb61b9416a5809919babe5a0c5596f99aaea Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://login.eperigw.peptest.ch/common/oauth2/authorize?client_id=4345a7b9-9a63-4910-a426-35363201d503&response_mode=form_post&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties=Jlcbk1rsiwWQ-OOIUXXnpBY7DjxwmwYB4osh90RXJR5zexKs4_x_ZWJGt-SvBXqG4uiTHSKI-P5b5YnLAoDuzF2EjyUdJbYpNFuvKCBphjbJUXYmFAAkD6xair0wR27d&nonce=636797269958531309.YjIzNjlmMzEtMDEyYS00MDc2LWJiMTUtZTFkM2VjZTkxZjY4YzM3MjM4NGQtZWZlYi00MjA4LWE1YjQtOWM3ZDAwNjRjM2U1&redirect_uri=https://office.eperigw.peptest.ch/&ui_locales=en-US&mkt=en-US User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Fri, 14 Dec 2018 02:54:55 GMT Content-Encoding gzip Last-Modified Tue, 11 Dec 2018 22:44:28 GMT Content-MD5 HMwsHhNXdtrfirQDkzcqMA== Vary Accept-Encoding Strict-Transport-Security max-age=31536000 Content-Type image/svg+xml Access-Control-Allow-Origin * Access-Control-Expose-Headers x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type Cache-Control public, max-age=419517 Connection keep-alive Content-Length 263
GET H/1.1	200 OK	ellipsis_grey_2b5d393db04a5e6e1f739cb266e65b4c.svg secure.aadcdn.microsoftonline-p.com/ests/2.1.8395.18/content/images/	915 B 735 B	13ms 5ms	Image image/svg+xml	2a02:26f0:6c00:283::35c1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://secure.aadcdn.microsoftonline-p.com/ests/2.1.8395.18/content/images/ellipsis_grey_2b5d393db04a5e6e1f739cb266e65b4c.svg Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:283::35c1 , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software / Resource Hash 16c3f6531d0fa5b4d16e82abf066233b2a9f284c068c663699313c09f5e8d6e6 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://login.eperigw.peptest.ch/common/oauth2/authorize?client_id=4345a7b9-9a63-4910-a426-35363201d503&response_mode=form_post&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties=Jlcbk1rsiwWQ-OOIUXXnpBY7DjxwmwYB4osh90RXJR5zexKs4_x_ZWJGt-SvBXqG4uiTHSKI-P5b5YnLAoDuzF2EjyUdJbYpNFuvKCBphjbJUXYmFAAkD6xair0wR27d&nonce=636797269958531309.YjIzNjlmMzEtMDEyYS00MDc2LWJiMTUtZTFkM2VjZTkxZjY4YzM3MjM4NGQtZWZlYi00MjA4LWE1YjQtOWM3ZDAwNjRjM2U1&redirect_uri=https://office.eperigw.peptest.ch/&ui_locales=en-US&mkt=en-US User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Fri, 14 Dec 2018 02:54:55 GMT Content-Encoding gzip Last-Modified Tue, 11 Dec 2018 22:44:27 GMT Content-MD5 /a3y/mpA+HRaVAiPACrsog== Vary Accept-Encoding Strict-Transport-Security max-age=31536000 Content-Type image/svg+xml Access-Control-Allow-Origin * Access-Control-Expose-Headers x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type Cache-Control public, max-age=419517 Connection keep-alive Content-Length 263
GET H2	200	sharedFontStyles.css weuofficehome.msocdn.com/s/45aa9c62/ClientApp/build/bundles/ Frame EBB2	79 KB 58 KB	51ms 6ms	Stylesheet text/css	2a02:26f0:6c00:29d::38f3 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://weuofficehome.msocdn.com/s/45aa9c62/ClientApp/build/bundles/sharedFontStyles.css Requested by Host: office.eperigw.peptest.ch URL: https://office.eperigw.peptest.ch/prefetch/prefetch Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:29d::38f3 , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash 0365a3907c20a89c185786deb53076a06d0c823926153a46d534359e05b3fd94 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://office.eperigw.peptest.ch/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff x-cdn 681787 status 200 x-cache-start 1544074308 vary Accept-Encoding content-length 59054 x-xss-protection 1; mode=block x-ua-compatible IE=edge,chrome=1 referrer-policy strict-origin-when-cross-origin last-modified Sun, 02 Dec 2018 04:57:29 GMT server Microsoft-IIS/10.0 date Fri, 14 Dec 2018 02:54:55 GMT x-frame-options SAMEORIGIN content-type text/css access-control-allow-origin * cache-control public, max-age=31536000 timing-allow-origin * expires Fri, 06 Dec 2019 05:31:48 GMT
GET H2	200	staticStylesFluent.css weuofficehome.msocdn.com/s/74421df7/ClientApp/build/bundles/ Frame EBB2	41 KB 19 KB	60ms 15ms	Stylesheet text/css	2a02:26f0:6c00:29d::38f3 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://weuofficehome.msocdn.com/s/74421df7/ClientApp/build/bundles/staticStylesFluent.css Requested by Host: office.eperigw.peptest.ch URL: https://office.eperigw.peptest.ch/prefetch/prefetch Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:29d::38f3 , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash 57079c14783a13dfee8ac5c9601c809069639ecb468a16fb779a9d3da29b4225 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://office.eperigw.peptest.ch/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff x-cdn 101466 status 200 x-cache-start 1544654629, 1544655408 vary Accept-Encoding content-length 18714 x-xss-protection 1; mode=block x-ua-compatible IE=edge,chrome=1 referrer-policy strict-origin-when-cross-origin last-modified Mon, 03 Dec 2018 23:58:41 GMT server Microsoft-IIS/10.0 date Fri, 14 Dec 2018 02:54:55 GMT x-frame-options SAMEORIGIN content-type text/css access-control-allow-origin * cache-control public, max-age=31536000 timing-allow-origin *, * expires Thu, 12 Dec 2019 22:43:49 GMT
GET H2	200	polyfills-bundle.js weuofficehome.msocdn.com/s/b93a4dd5/ClientApp/build/bundles/ Frame EBB2	0 18 KB	61ms 16ms	Other application/x-javascript	2a02:26f0:6c00:29d::38f3 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://weuofficehome.msocdn.com/s/b93a4dd5/ClientApp/build/bundles/polyfills-bundle.js Requested by Host: office.eperigw.peptest.ch URL: https://office.eperigw.peptest.ch/prefetch/prefetch Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:29d::38f3 , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Purpose prefetch Referer https://office.eperigw.peptest.ch/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff status 200 x-cache-start 1543632061 vary Accept-Encoding content-length 18161 x-xss-protection 1; mode=block x-ua-compatible IE=edge,chrome=1 referrer-policy strict-origin-when-cross-origin last-modified Mon, 26 Nov 2018 23:41:11 GMT server Microsoft-IIS/10.0 date Fri, 14 Dec 2018 02:54:55 GMT x-frame-options SAMEORIGIN content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000 timing-allow-origin * expires Sun, 01 Dec 2019 02:41:01 GMT
GET H2	200	vendor-bundle.js weuofficehome.msocdn.com/s/a4b23eff/ClientApp/build/bundles/ Frame EBB2	0 268 KB	61ms 17ms	Other application/x-javascript	2a02:26f0:6c00:29d::38f3 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://weuofficehome.msocdn.com/s/a4b23eff/ClientApp/build/bundles/vendor-bundle.js Requested by Host: office.eperigw.peptest.ch URL: https://office.eperigw.peptest.ch/prefetch/prefetch Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:29d::38f3 , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Purpose prefetch Referer https://office.eperigw.peptest.ch/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff x-cdn 101466 status 200 x-cache-start 1544654629, 1544655408 vary Accept-Encoding content-length 273372 x-xss-protection 1; mode=block x-ua-compatible IE=edge,chrome=1 referrer-policy strict-origin-when-cross-origin last-modified Mon, 10 Dec 2018 20:04:33 GMT server Microsoft-IIS/10.0 date Fri, 14 Dec 2018 02:54:55 GMT x-frame-options SAMEORIGIN content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000 timing-allow-origin *, * expires Thu, 12 Dec 2019 22:43:49 GMT
GET H2	200	sharedScripts.js weuofficehome.msocdn.com/s/c0e49998/ClientApp/build/bundles/ Frame EBB2	0 14 KB	67ms 23ms	Other application/x-javascript	2a02:26f0:6c00:29d::38f3 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://weuofficehome.msocdn.com/s/c0e49998/ClientApp/build/bundles/sharedScripts.js Requested by Host: office.eperigw.peptest.ch URL: https://office.eperigw.peptest.ch/prefetch/prefetch Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:29d::38f3 , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Purpose prefetch Referer https://office.eperigw.peptest.ch/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff x-cdn 305980 status 200 x-cache-start 1544450115 vary Accept-Encoding content-length 14161 x-xss-protection 1; mode=block x-ua-compatible IE=edge,chrome=1 referrer-policy strict-origin-when-cross-origin last-modified Sun, 02 Dec 2018 04:57:28 GMT server Microsoft-IIS/10.0 date Fri, 14 Dec 2018 02:54:55 GMT x-frame-options SAMEORIGIN content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000 timing-allow-origin * expires Tue, 10 Dec 2019 13:55:15 GMT
GET H2	200	staticScripts.js weuofficehome.msocdn.com/s/bdb6661e/ClientApp/build/bundles/ Frame EBB2	0 4 KB	60ms 16ms	Other application/x-javascript	2a02:26f0:6c00:29d::38f3 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://weuofficehome.msocdn.com/s/bdb6661e/ClientApp/build/bundles/staticScripts.js Requested by Host: office.eperigw.peptest.ch URL: https://office.eperigw.peptest.ch/prefetch/prefetch Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:29d::38f3 , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Purpose prefetch Referer https://office.eperigw.peptest.ch/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff x-cdn 101466 status 200 x-cache-start 1544654629, 1544655408 vary Accept-Encoding content-length 3309 x-xss-protection 1; mode=block x-ua-compatible IE=edge,chrome=1 referrer-policy strict-origin-when-cross-origin last-modified Tue, 11 Dec 2018 22:21:21 GMT server Microsoft-IIS/10.0 date Fri, 14 Dec 2018 02:54:55 GMT x-frame-options SAMEORIGIN content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000 timing-allow-origin *, * expires Thu, 12 Dec 2019 22:43:49 GMT
GET H2	200	app-bundle.js weuofficehome.msocdn.com/s/57f7485d/ClientApp/build/bundles/ Frame EBB2	0 228 KB	12ms 10ms	Other application/x-javascript	2a02:26f0:6c00:29d::38f3 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://weuofficehome.msocdn.com/s/57f7485d/ClientApp/build/bundles/app-bundle.js Requested by Host: office.eperigw.peptest.ch URL: https://office.eperigw.peptest.ch/prefetch/prefetch Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:29d::38f3 , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Purpose prefetch Referer https://office.eperigw.peptest.ch/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff x-cdn 101466 status 200 x-cache-start 1544654629, 1544655408 vary Accept-Encoding content-length 232552 x-xss-protection 1; mode=block x-ua-compatible IE=edge,chrome=1 referrer-policy strict-origin-when-cross-origin last-modified Wed, 12 Dec 2018 04:16:50 GMT server Microsoft-IIS/10.0 date Fri, 14 Dec 2018 02:54:55 GMT x-frame-options SAMEORIGIN content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000 timing-allow-origin *, * expires Thu, 12 Dec 2019 22:43:49 GMT
GET H2	200	react-bundle.js weuofficehome.msocdn.com/s/21ef5ed1/ClientApp/build/bundles/ Frame EBB2	0 32 KB	15ms 13ms	Other application/x-javascript	2a02:26f0:6c00:29d::38f3 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://weuofficehome.msocdn.com/s/21ef5ed1/ClientApp/build/bundles/react-bundle.js Requested by Host: office.eperigw.peptest.ch URL: https://office.eperigw.peptest.ch/prefetch/prefetch Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:29d::38f3 , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Purpose prefetch Referer https://office.eperigw.peptest.ch/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff status 200 x-cache-start 1543630516 vary Accept-Encoding content-length 32803 x-xss-protection 1; mode=block x-ua-compatible IE=edge,chrome=1 referrer-policy strict-origin-when-cross-origin last-modified Mon, 26 Nov 2018 23:41:11 GMT server Microsoft-IIS/10.0 date Fri, 14 Dec 2018 02:54:55 GMT x-frame-options SAMEORIGIN content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000 timing-allow-origin * expires Sun, 01 Dec 2019 02:15:16 GMT
GET H2	200	favicon-word.ico weuofficehome.msocdn.com/s/9471c196/Areas/Home/Content/images/favicons/ Frame EBB2	0 9 KB	16ms 14ms	Other image/x-icon	2a02:26f0:6c00:29d::38f3 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://weuofficehome.msocdn.com/s/9471c196/Areas/Home/Content/images/favicons/favicon-word.ico Requested by Host: office.eperigw.peptest.ch URL: https://office.eperigw.peptest.ch/prefetch/prefetch Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:29d::38f3 , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Purpose prefetch Referer https://office.eperigw.peptest.ch/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers strict-transport-security max-age=31536000 x-content-type-options nosniff status 200 x-cache-start 1543714847 content-length 8958 x-xss-protection 1; mode=block x-ua-compatible IE=edge,chrome=1 referrer-policy strict-origin-when-cross-origin last-modified Tue, 20 Nov 2018 11:06:08 GMT server Microsoft-IIS/10.0 date Fri, 14 Dec 2018 02:54:55 GMT x-frame-options SAMEORIGIN content-type image/x-icon access-control-allow-origin * cache-control public, max-age=31536000 timing-allow-origin * expires Mon, 02 Dec 2019 01:40:47 GMT
GET H2	200	favicon-excel.ico weuofficehome.msocdn.com/s/746cbc9f/Areas/Home/Content/images/favicons/ Frame EBB2	0 9 KB	17ms 14ms	Other image/x-icon	2a02:26f0:6c00:29d::38f3 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://weuofficehome.msocdn.com/s/746cbc9f/Areas/Home/Content/images/favicons/favicon-excel.ico Requested by Host: office.eperigw.peptest.ch URL: https://office.eperigw.peptest.ch/prefetch/prefetch Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:29d::38f3 , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Purpose prefetch Referer https://office.eperigw.peptest.ch/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers strict-transport-security max-age=31536000 x-content-type-options nosniff status 200 x-cache-start 1543714847 content-length 8958 x-xss-protection 1; mode=block x-ua-compatible IE=edge,chrome=1 referrer-policy strict-origin-when-cross-origin last-modified Tue, 20 Nov 2018 11:06:08 GMT server Microsoft-IIS/10.0 date Fri, 14 Dec 2018 02:54:55 GMT x-frame-options SAMEORIGIN content-type image/x-icon access-control-allow-origin * cache-control public, max-age=31536000 timing-allow-origin * expires Mon, 02 Dec 2019 01:40:47 GMT
GET H2	200	favicon-powerpoint.ico weuofficehome.msocdn.com/s/b39fe91f/Areas/Home/Content/images/favicons/ Frame EBB2	0 9 KB	17ms 15ms	Other image/x-icon	2a02:26f0:6c00:29d::38f3 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://weuofficehome.msocdn.com/s/b39fe91f/Areas/Home/Content/images/favicons/favicon-powerpoint.ico Requested by Host: office.eperigw.peptest.ch URL: https://office.eperigw.peptest.ch/prefetch/prefetch Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:29d::38f3 , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Purpose prefetch Referer https://office.eperigw.peptest.ch/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers strict-transport-security max-age=31536000 x-content-type-options nosniff status 200 x-cache-start 1543714847 content-length 8958 x-xss-protection 1; mode=block x-ua-compatible IE=edge,chrome=1 referrer-policy strict-origin-when-cross-origin last-modified Tue, 20 Nov 2018 11:06:08 GMT server Microsoft-IIS/10.0 date Fri, 14 Dec 2018 02:54:55 GMT x-frame-options SAMEORIGIN content-type image/x-icon access-control-allow-origin * cache-control public, max-age=31536000 timing-allow-origin * expires Mon, 02 Dec 2019 01:40:47 GMT
GET H2	200	favicon-sway.ico weuofficehome.msocdn.com/s/4d533dea/Areas/Home/Content/images/favicons/ Frame EBB2	0 8 KB	18ms 16ms	Other image/x-icon	2a02:26f0:6c00:29d::38f3 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://weuofficehome.msocdn.com/s/4d533dea/Areas/Home/Content/images/favicons/favicon-sway.ico Requested by Host: office.eperigw.peptest.ch URL: https://office.eperigw.peptest.ch/prefetch/prefetch Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:29d::38f3 , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Purpose prefetch Referer https://office.eperigw.peptest.ch/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers strict-transport-security max-age=31536000 x-content-type-options nosniff x-cdn 501609 status 200 x-cache-start 1544254486 content-length 7886 x-xss-protection 1; mode=block x-ua-compatible IE=edge,chrome=1 referrer-policy strict-origin-when-cross-origin last-modified Wed, 31 Oct 2018 18:55:25 GMT server Microsoft-IIS/10.0 date Fri, 14 Dec 2018 02:54:55 GMT x-frame-options SAMEORIGIN content-type image/x-icon access-control-allow-origin * cache-control public, max-age=31536000 timing-allow-origin * expires Sun, 08 Dec 2019 07:34:46 GMT
GET H2	200	header-default-desktop.svg weuofficehome.msocdn.com/s/11398ebe/Areas/Home/Content/images/fluent-background-sources/ Frame EBB2	0 2 KB	19ms 17ms	Other image/svg+xml	2a02:26f0:6c00:29d::38f3 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://weuofficehome.msocdn.com/s/11398ebe/Areas/Home/Content/images/fluent-background-sources/header-default-desktop.svg Requested by Host: office.eperigw.peptest.ch URL: https://office.eperigw.peptest.ch/prefetch/prefetch Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:29d::38f3 , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Purpose prefetch Referer https://office.eperigw.peptest.ch/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff status 200 x-cache-start 1543630516 vary Accept-Encoding content-length 1403 x-xss-protection 1; mode=block x-ua-compatible IE=edge,chrome=1 referrer-policy strict-origin-when-cross-origin last-modified Tue, 20 Nov 2018 11:06:08 GMT server Microsoft-IIS/10.0 date Fri, 14 Dec 2018 02:54:55 GMT x-frame-options SAMEORIGIN content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 timing-allow-origin * expires Sun, 01 Dec 2019 02:15:16 GMT
GET H2	200	document-sprite.png weuofficehome.msocdn.com/s/fab5fe9a/Areas/Home/Content/images/ Frame EBB2	0 19 KB	19ms 17ms	Other image/png	2a02:26f0:6c00:29d::38f3 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://weuofficehome.msocdn.com/s/fab5fe9a/Areas/Home/Content/images/document-sprite.png Requested by Host: office.eperigw.peptest.ch URL: https://office.eperigw.peptest.ch/prefetch/prefetch Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:29d::38f3 , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Purpose prefetch Referer https://office.eperigw.peptest.ch/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers strict-transport-security max-age=31536000 x-content-type-options nosniff x-cdn 992195 status 200 x-cache-start 1543763900 content-length 18582 x-xss-protection 1; mode=block x-ua-compatible IE=edge,chrome=1 referrer-policy strict-origin-when-cross-origin last-modified Tue, 20 Nov 2018 11:06:08 GMT server Microsoft-IIS/10.0 date Fri, 14 Dec 2018 02:54:55 GMT x-frame-options SAMEORIGIN content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 timing-allow-origin * expires Mon, 02 Dec 2019 15:18:20 GMT
GET H2	200	zero-docs-sprite.png weuofficehome.msocdn.com/s/398b5c2a/Areas/Home/Content/images/ Frame EBB2	0 18 KB	20ms 18ms	Other image/png	2a02:26f0:6c00:29d::38f3 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://weuofficehome.msocdn.com/s/398b5c2a/Areas/Home/Content/images/zero-docs-sprite.png Requested by Host: office.eperigw.peptest.ch URL: https://office.eperigw.peptest.ch/prefetch/prefetch Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:29d::38f3 , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Purpose prefetch Referer https://office.eperigw.peptest.ch/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers strict-transport-security max-age=31536000 x-content-type-options nosniff x-cdn 986229 status 200 x-cache-start 1543769866 content-length 17973 x-xss-protection 1; mode=block x-ua-compatible IE=edge,chrome=1 referrer-policy strict-origin-when-cross-origin last-modified Tue, 20 Nov 2018 11:06:09 GMT server Microsoft-IIS/10.0 date Fri, 14 Dec 2018 02:54:55 GMT x-frame-options SAMEORIGIN content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 timing-allow-origin * expires Mon, 02 Dec 2019 16:57:46 GMT
GET H2	200	share admin.onedrive.com/ Frame 057A	0 0	131ms 23ms	Document text/html	13.81.118.91 Microsoft Corpora...
General Check archive.org Show headers Download Go to Full URL https://admin.onedrive.com/share Requested by Host: office.eperigw.peptest.ch URL: https://office.eperigw.peptest.ch/prefetch/prefetch Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.81.118.91 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers :method GET :authority admin.onedrive.com :scheme https :path /share pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 referer https://office.eperigw.peptest.ch/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://office.eperigw.peptest.ch/ Response headers status 200 cache-control private, max-age=86400 content-type text/html; charset=utf-8 content-encoding gzip expires Sat, 15 Dec 2018 02:54:55 GMT last-modified Fri, 14 Dec 2018 02:54:55 GMT vary Accept-Encoding x-content-type-options nosniff strict-transport-security max-age=31536000 x-odweb-correlationid adaef62a-78d6-4973-b52e-ee535be009cd x-msnserver RD0003FF1D445F x-odwebserver westeurope0-ODWebp date Fri, 14 Dec 2018 02:54:55 GMT content-length 23642
GET H2	200	wordTheme.min.css weuofficehome.msocdn.com/s/bd5c758d/css/startpages/ Frame EBB2	0 2 KB	20ms 18ms	Other text/css	2a02:26f0:6c00:29d::38f3 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://weuofficehome.msocdn.com/s/bd5c758d/css/startpages/wordTheme.min.css Requested by Host: office.eperigw.peptest.ch URL: https://office.eperigw.peptest.ch/prefetch/prefetch Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:29d::38f3 , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Purpose prefetch Referer https://office.eperigw.peptest.ch/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff x-cdn 32354 status 200 x-cache-start 1544723741 vary Accept-Encoding content-length 2018 x-xss-protection 1; mode=block x-ua-compatible IE=edge,chrome=1 referrer-policy strict-origin-when-cross-origin last-modified Mon, 10 Dec 2018 23:55:07 GMT server Microsoft-IIS/10.0 date Fri, 14 Dec 2018 02:54:55 GMT x-frame-options SAMEORIGIN content-type text/css access-control-allow-origin * cache-control public, max-age=31536000 timing-allow-origin * expires Fri, 13 Dec 2019 17:55:41 GMT
GET H2	200	excelTheme.min.css weuofficehome.msocdn.com/s/de8e28e0/css/startpages/ Frame EBB2	0 2 KB	21ms 19ms	Other text/css	2a02:26f0:6c00:29d::38f3 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://weuofficehome.msocdn.com/s/de8e28e0/css/startpages/excelTheme.min.css Requested by Host: office.eperigw.peptest.ch URL: https://office.eperigw.peptest.ch/prefetch/prefetch Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:29d::38f3 , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Purpose prefetch Referer https://office.eperigw.peptest.ch/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff x-cdn 35049 status 200 x-cache-start 1544721046 vary Accept-Encoding content-length 2006 x-xss-protection 1; mode=block x-ua-compatible IE=edge,chrome=1 referrer-policy strict-origin-when-cross-origin last-modified Mon, 10 Dec 2018 23:55:07 GMT server Microsoft-IIS/10.0 date Fri, 14 Dec 2018 02:54:55 GMT x-frame-options SAMEORIGIN content-type text/css access-control-allow-origin * cache-control public, max-age=31536000 timing-allow-origin * expires Fri, 13 Dec 2019 17:10:46 GMT
GET H2	200	powerpointTheme.min.css weuofficehome.msocdn.com/s/964f9d81/css/startpages/ Frame EBB2	0 2 KB	21ms 20ms	Other text/css	2a02:26f0:6c00:29d::38f3 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://weuofficehome.msocdn.com/s/964f9d81/css/startpages/powerpointTheme.min.css Requested by Host: office.eperigw.peptest.ch URL: https://office.eperigw.peptest.ch/prefetch/prefetch Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:29d::38f3 , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Purpose prefetch Referer https://office.eperigw.peptest.ch/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff x-cdn 35049 status 200 x-cache-start 1544721046 vary Accept-Encoding content-length 2006 x-xss-protection 1; mode=block x-ua-compatible IE=edge,chrome=1 referrer-policy strict-origin-when-cross-origin last-modified Mon, 10 Dec 2018 23:55:07 GMT server Microsoft-IIS/10.0 date Fri, 14 Dec 2018 02:54:55 GMT x-frame-options SAMEORIGIN content-type text/css access-control-allow-origin * cache-control public, max-age=31536000 timing-allow-origin * expires Fri, 13 Dec 2019 17:10:46 GMT
GET H2	200	swayTheme.min.css weuofficehome.msocdn.com/s/9f94b783/css/startpages/ Frame EBB2	0 2 KB	22ms 20ms	Other text/css	2a02:26f0:6c00:29d::38f3 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://weuofficehome.msocdn.com/s/9f94b783/css/startpages/swayTheme.min.css Requested by Host: office.eperigw.peptest.ch URL: https://office.eperigw.peptest.ch/prefetch/prefetch Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:29d::38f3 , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Purpose prefetch Referer https://office.eperigw.peptest.ch/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff x-cdn 612532 status 200 x-cache-start 1544143563 vary Accept-Encoding content-length 1999 x-xss-protection 1; mode=block x-ua-compatible IE=edge,chrome=1 referrer-policy strict-origin-when-cross-origin last-modified Wed, 31 Oct 2018 18:55:28 GMT server Microsoft-IIS/10.0 date Fri, 14 Dec 2018 02:54:55 GMT x-frame-options SAMEORIGIN content-type text/css access-control-allow-origin * cache-control public, max-age=31536000 timing-allow-origin * expires Sat, 07 Dec 2019 00:46:03 GMT
GET H/1.1	200 OK	Cookie set prefetch.aspx Show response exchange.eperigw.peptest.ch/owa/ Frame E97A	3 KB 4 KB	217ms 148ms	Document text/html	92.42.191.170 NINE
General Check archive.org Show headers Download Go to Full URL https://exchange.eperigw.peptest.ch/owa/prefetch.aspx Requested by Host: office.eperigw.peptest.ch URL: https://office.eperigw.peptest.ch/prefetch/prefetch Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 92.42.191.170 , Switzerland, ASN29691 (NINE, CH), Reverse DNS dev.null.pep.security Software Apache-Coyote/1.1 / ASP.NET Resource Hash 7a2f4c44e37e33f4a78c8529590988b4b11d024425efce332c534da7ffcc0a9a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains,max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Host exchange.eperigw.peptest.ch Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 Referer https://office.eperigw.peptest.ch/ Accept-Encoding gzip, deflate, br Cookie MUID=32BB7695043962B414E67A500527630B Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://office.eperigw.peptest.ch/ Response headers Server Apache-Coyote/1.1 Set-Cookie ClientId=B1BED85F167342809C80218692F70A2D; expires=Sat, 14-Dec-2019 02:54:55 GMT; path=/; secure ClientId=B1BED85F167342809C80218692F70A2D; expires=Sat, 14-Dec-2019 02:54:55 GMT; path=/; secure OIDC=1; expires=Fri, 14-Jun-2019 02:54:55 GMT; path=/; secure; HttpOnly OWAPF=v:16.2750.1.2638403&l:mouse; path=/ X-OWA-Version 15.20.1425.20 X-Content-Type-Options nosniff X-CalculatedBETarget DB6P191MB0008.EURP191.PROD.OUTLOOK.COM request-id b13951f9-b20b-4a4b-82fd-f72032a7dfdd X-RUM-Validated 1 X-MSEdge-Ref Ref A: 87C35B94CBBC4847A2568CD172A6A237 Ref B: FRAEDGE0618 Ref C: 2018-12-14T02:54:55Z X-FEProxyInfo DB6PR0801CA0049.EURPRD08.PROD.OUTLOOK.COM Date Fri, 14 Dec 2018 02:54:55 GMT X-BackEnd-End 2018-12-14T02:54:55.817 X-UA-Compatible IE=EmulateIE7 Strict-Transport-Security max-age=31536000; includeSubDomains,max-age=31536000; includeSubDomains X-CalculatedFETarget DB6PR0801CU002.internal.outlook.com X-BEServer DB6P191MB0008 Cache-Control private, no-store X-BackEndHttpStatus 200,200 X-DiagInfo DB6P191MB0008 Vary Accept-Encoding X-BeSku Gen9 X-OWA-DiagnosticsInfo 1;0;0 X-BackEnd-Begin 2018-12-14T02:54:55.814 X-FEServer DB6PR0801CA0049,AM6P191CA0099 X-Powered-By ASP.NET Content-Type text/html;charset=utf-8 Content-Length 2789
GET H2	200	boot.worldwide.0.mouse.js r4.res.office365.com/owa/prem/16.2750.1.2638403/scripts/ Frame E97A	647 KB 176 KB	64ms 12ms	Stylesheet application/x-javascript	2a02:26f0:6c00:2bf::753 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://r4.res.office365.com/owa/prem/16.2750.1.2638403/scripts/boot.worldwide.0.mouse.js Requested by Host: exchange.eperigw.peptest.ch URL: https://exchange.eperigw.peptest.ch/owa/prefetch.aspx Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:2bf::753 , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software Apache / Resource Hash e525043984250cef741217ede1c8c269268fb1515fcbf8ae9b9967a9cb1e99db Request headers Referer https://exchange.eperigw.peptest.ch/owa/prefetch.aspx User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Fri, 14 Dec 2018 02:54:55 GMT content-encoding gzip last-modified Tue, 04 Dec 2018 18:22:45 GMT server Apache access-control-allow-origin * vary Accept-Encoding content-type application/x-javascript status 200 cache-control public,max-age=630720000, s-maxage=630720000 accept-ranges bytes timing-allow-origin *
GET H2	200	boot.worldwide.1.mouse.js r4.res.office365.com/owa/prem/16.2750.1.2638403/scripts/ Frame E97A	643 KB 160 KB	12ms 12ms	Stylesheet application/x-javascript	2a02:26f0:6c00:2bf::753 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://r4.res.office365.com/owa/prem/16.2750.1.2638403/scripts/boot.worldwide.1.mouse.js Requested by Host: exchange.eperigw.peptest.ch URL: https://exchange.eperigw.peptest.ch/owa/prefetch.aspx Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:2bf::753 , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software Apache / Resource Hash d32eeb9a9fcb54760fa1da38f49458abe550326de2f4305e396baf1ca02128c9 Request headers Referer https://exchange.eperigw.peptest.ch/owa/prefetch.aspx User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Fri, 14 Dec 2018 02:54:55 GMT content-encoding gzip last-modified Tue, 04 Dec 2018 18:22:41 GMT server Apache access-control-allow-origin * vary Accept-Encoding content-type application/x-javascript status 200 cache-control public,max-age=630720000, s-maxage=630720000 accept-ranges bytes timing-allow-origin *
GET H2	200	boot.worldwide.2.mouse.js r4.res.office365.com/owa/prem/16.2750.1.2638403/scripts/ Frame E97A	646 KB 166 KB	15ms 14ms	Stylesheet application/x-javascript	2a02:26f0:6c00:2bf::753 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://r4.res.office365.com/owa/prem/16.2750.1.2638403/scripts/boot.worldwide.2.mouse.js Requested by Host: exchange.eperigw.peptest.ch URL: https://exchange.eperigw.peptest.ch/owa/prefetch.aspx Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:2bf::753 , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software Apache / Resource Hash 1104dd1a16f76104236853d4ad7ea5c0b7003c1a08e5f2b3cea3ca88778984ac Request headers Referer https://exchange.eperigw.peptest.ch/owa/prefetch.aspx User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Fri, 14 Dec 2018 02:54:56 GMT content-encoding gzip last-modified Tue, 04 Dec 2018 18:22:46 GMT server Apache access-control-allow-origin * vary Accept-Encoding content-type application/x-javascript status 200 cache-control public,max-age=630720000, s-maxage=630720000 accept-ranges bytes timing-allow-origin *
GET H2	200	boot.worldwide.3.mouse.js r4.res.office365.com/owa/prem/16.2750.1.2638403/scripts/ Frame E97A	644 KB 143 KB	15ms 15ms	Stylesheet application/x-javascript	2a02:26f0:6c00:2bf::753 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://r4.res.office365.com/owa/prem/16.2750.1.2638403/scripts/boot.worldwide.3.mouse.js Requested by Host: exchange.eperigw.peptest.ch URL: https://exchange.eperigw.peptest.ch/owa/prefetch.aspx Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:2bf::753 , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software Apache / Resource Hash cc00e5ecddd347bdb5abe2b8502fcae676c9e3747e29c3a3029e6b6543126f34 Request headers Referer https://exchange.eperigw.peptest.ch/owa/prefetch.aspx User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Fri, 14 Dec 2018 02:54:56 GMT content-encoding gzip last-modified Tue, 04 Dec 2018 18:22:42 GMT server Apache access-control-allow-origin * vary Accept-Encoding content-type application/x-javascript status 200 cache-control public,max-age=630720000, s-maxage=630720000 accept-ranges bytes timing-allow-origin *
GET H2	200	sprite1.mouse.png r4.res.office365.com/owa/prem/16.2750.1.2638403/resources/images/0/ Frame E97A	16 KB 16 KB	6ms 6ms	Stylesheet image/png	2a02:26f0:6c00:2bf::753 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://r4.res.office365.com/owa/prem/16.2750.1.2638403/resources/images/0/sprite1.mouse.png Requested by Host: exchange.eperigw.peptest.ch URL: https://exchange.eperigw.peptest.ch/owa/prefetch.aspx Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:2bf::753 , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software Apache / Resource Hash 99190cfe65f919edb8071d84eee7096ec27561bc9b9fa396e55e0eb5e2cd0194 Request headers Referer https://exchange.eperigw.peptest.ch/owa/prefetch.aspx User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Fri, 14 Dec 2018 02:54:56 GMT last-modified Tue, 04 Dec 2018 18:18:44 GMT server Apache access-control-allow-origin * content-type image/png status 200 cache-control public,max-age=630720000, s-maxage=630720000 accept-ranges bytes timing-allow-origin * content-length 16664
GET H2	200	sprite1.mouse.css r4.res.office365.com/owa/prem/16.2750.1.2638403/resources/images/0/ Frame E97A	7 KB 1 KB	7ms 6ms	Stylesheet text/css	2a02:26f0:6c00:2bf::753 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://r4.res.office365.com/owa/prem/16.2750.1.2638403/resources/images/0/sprite1.mouse.css Requested by Host: exchange.eperigw.peptest.ch URL: https://exchange.eperigw.peptest.ch/owa/prefetch.aspx Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:2bf::753 , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software Apache / Resource Hash 461f87e55bba34c4d9248d1b45685ea832eba56c15ebf6cccf75d49f1547b502 Request headers Referer https://exchange.eperigw.peptest.ch/owa/prefetch.aspx User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Fri, 14 Dec 2018 02:54:56 GMT content-encoding gzip last-modified Tue, 04 Dec 2018 18:18:46 GMT server Apache access-control-allow-origin * vary Accept-Encoding content-type text/css status 200 cache-control public,max-age=630720000, s-maxage=630720000 accept-ranges bytes timing-allow-origin * content-length 1124
GET H2	200	boot.worldwide.mouse.css r4.res.office365.com/owa/prem/16.2750.1.2638403/resources/styles/0/ Frame E97A	227 KB 43 KB	10ms 10ms	Stylesheet text/css	2a02:26f0:6c00:2bf::753 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://r4.res.office365.com/owa/prem/16.2750.1.2638403/resources/styles/0/boot.worldwide.mouse.css Requested by Host: exchange.eperigw.peptest.ch URL: https://exchange.eperigw.peptest.ch/owa/prefetch.aspx Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:2bf::753 , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software Apache / Resource Hash ec4d9c5bae42b5b76dbe31a3df7bf24f1dde703f79499ee4bf3e1e63f11e6e86 Request headers Referer https://exchange.eperigw.peptest.ch/owa/prefetch.aspx User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Fri, 14 Dec 2018 02:54:56 GMT content-encoding gzip last-modified Tue, 04 Dec 2018 18:20:31 GMT server Apache access-control-allow-origin * vary Accept-Encoding content-type text/css status 200 cache-control public,max-age=630720000, s-maxage=630720000 accept-ranges bytes timing-allow-origin *

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData function| webpackJsonp object| ko object| PROOF object| StringRepository boolean| __OldConvergedLogin_PCore boolean| __

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			login.eperigw.peptest.ch/	1969-12-31 23:59:59	Name: stsservicecookie Value: ests
			.login.eperigw.peptest.ch/	1969-12-31 23:59:59	Name: esctx Value: AQABAAAAAAC5una0EUFgTIF8ElaxtWjT5DEyxVe9san8UWdAV7z4vkH9LC978YKPdKRkniNvd_PbAe2XhneHPQM44j4Nh1V_0o3p8ZKAOMEIfaEiL4bkra_6LYTA8CFcpVNkruNoGs8DqwUsqK4E_44xe-1Swkco79n-XWX-wbYf11MAXMuGf1jvzdVDVjzAHXRtgwHaIlQgAA
			login.eperigw.peptest.ch/	1969-12-31 23:59:59	Name: x-ms-gateway-slice Value: 013
			login.eperigw.peptest.ch/	1970-01-18 21:49:08	Name: fpc Value: AfNpyy8_VkRIjyAG3N_QFR9FBk5dAQAIdbeGb2HWCA
			login.eperigw.peptest.ch/	1970-01-18 21:49:08	Name: buid Value: AQABAAEAAAC5una0EUFgTIF8ElaxtWjTuiQ_xlRRgSyh17RugQPqlQw3WLSY_a0bo8M8m7hb88vfuoyv4B0QXZfwVRsgYhRlLqOrYdK3snAvAjXkF2wb85lP5s01m26nkgWAQ_BnByYgAA
			login.eperigw.peptest.ch/common/oauth2	1969-12-31 23:59:59	Name: CkTst Value: G1544756095257

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

admin.onedrive.com
exchange.eperigw.peptest.ch
login.eperigw.peptest.ch
office.eperigw.peptest.ch
r4.res.office365.com
secure.aadcdn.microsoftonline-p.com
weuofficehome.msocdn.com
13.81.118.91
2a02:26f0:6c00:283::35c1
2a02:26f0:6c00:29d::38f3
2a02:26f0:6c00:2bf::35c1
2a02:26f0:6c00:2bf::753
92.42.191.170
0365a3907c20a89c185786deb53076a06d0c823926153a46d534359e05b3fd94
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
1104dd1a16f76104236853d4ad7ea5c0b7003c1a08e5f2b3cea3ca88778984ac
16c3f6531d0fa5b4d16e82abf066233b2a9f284c068c663699313c09f5e8d6e6
211a907de2da0ff4a0e90917ac8054e2f35c351180977550c26e51b4909f2beb
461f87e55bba34c4d9248d1b45685ea832eba56c15ebf6cccf75d49f1547b502
4c2a67544f9097158338dce5415d1756824b43c92484cc7089e9537706023330
57079c14783a13dfee8ac5c9601c809069639ecb468a16fb779a9d3da29b4225
572c8d6b0e77d8679ce1f609bd77cdd27c97002db3af9f9c575e83e4dbcbde49
6075736ea9c281d69c4a3d78ff97bb61b9416a5809919babe5a0c5596f99aaea
7a2f4c44e37e33f4a78c8529590988b4b11d024425efce332c534da7ffcc0a9a
978995535b9ccbd4d1c0beb6da1abd141bce3806dc246ec7bb5e45df4e1090ce
99190cfe65f919edb8071d84eee7096ec27561bc9b9fa396e55e0eb5e2cd0194
ad0af0c968ea32f476ff414c46476f64bbc218922ea40a9820b4f125061d6278
cc00e5ecddd347bdb5abe2b8502fcae676c9e3747e29c3a3029e6b6543126f34
d32eeb9a9fcb54760fa1da38f49458abe550326de2f4305e396baf1ca02128c9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e525043984250cef741217ede1c8c269268fb1515fcbf8ae9b9967a9cb1e99db
eb877b559cfec9e856b9daf8e77453f2a55cadae4ad5da23cee8432f6138275c
ec4d9c5bae42b5b76dbe31a3df7bf24f1dde703f79499ee4bf3e1e63f11e6e86
f89e908280791803bbf1f33b596ff4a2179b355a8e15ad02ebaa2b1da11127ea