login.microsoftonline.com Open in urlscan Pro
20.190.160.22 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://boehringeringelheim.gointegro.com/account/job-information?from=SocialPostNotifyAll.callToAction.follow&type=SocialPostNotifyAll&ev...
Effective URL:
https://login.microsoftonline.com/e1f8af86-ee95-4718-bd0d-375b37366c83/saml2?SAMLRequest=fVLbahsxFPyVRe971XovwjY4MaWGtDWxm4e8BEl77...
Submission: On December 19 via manual (December 19th 2022, 2:07:38 pm UTC) from HU — Scanned from DE

Summary HTTP 47 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 12 IPs in 4 countries across 10 domains to perform 47 HTTP transactions. The main IP is 20.190.160.22, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.microsoftonline.com. The Cisco Umbrella rank of the primary domain is 28.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on November 23rd 2022. Valid for: a year.

This is the only time login.microsoftonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	18.66.15.46 18.66.15.46	16509 (AMAZON-02) (AMAZON-02)
2	34.198.0.23 34.198.0.23	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:80e::2003	15169 (GOOGLE) (GOOGLE)
1	13.32.27.26 13.32.27.26	16509 (AMAZON-02) (AMAZON-02)
2	13.32.110.59 13.32.110.59	16509 (AMAZON-02) (AMAZON-02)
1 1	52.7.119.159 52.7.119.159	14618 (AMAZON-AES) (AMAZON-AES)
3	20.190.160.22 20.190.160.22	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
10	2620:1ec:40::44 2620:1ec:40::44	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	20.190.160.17 20.190.160.17	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	152.199.23.72 152.199.23.72	15133 (EDGECAST) (EDGECAST)
1	2603:1027:1:d... 2603:1027:1:d8::5	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
47	12

16 18.66.15.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-15-46.vie50.r.cloudfront.net

boehringeringelheim.gointegro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.198.0.23 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-198-0-23.compute-1.amazonaws.com

rudderstack.gointegro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80e::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-26.fra56.r.cloudfront.net

widget.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.110.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-59.vie50.r.cloudfront.net

js.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.7.119.159 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-119-159.compute-1.amazonaws.com

auth.gointegro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.190.160.22 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.microsoftonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2620:1ec:40::44 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

aadcdn.msauth.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.190.160.17 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 152.199.23.72 (United States)

ASN15133 (EDGECAST, US)

aadcdn.msauthimages.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2603:1027:1:d8::5 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

autologon.microsoftazuread-sso.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	gointegro.com 1 redirects boehringeringelheim.gointegro.com rudderstack.gointegro.com — Cisco Umbrella Rank: 279959 auth.gointegro.com	1013 KB
10	msauth.net aadcdn.msauth.net — Cisco Umbrella Rank: 1193	197 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	383 KB
3	microsoftonline.com login.microsoftonline.com — Cisco Umbrella Rank: 28	109 KB
3	google.com www.google.com — Cisco Umbrella Rank: 2	23 KB
2	msauthimages.net aadcdn.msauthimages.net — Cisco Umbrella Rank: 3528	161 KB
2	intercomcdn.com js.intercomcdn.com — Cisco Umbrella Rank: 2904	199 KB
1	microsoftazuread-sso.com autologon.microsoftazuread-sso.com — Cisco Umbrella Rank: 1536	1 KB
1	live.com login.live.com — Cisco Umbrella Rank: 94
1	intercom.io widget.intercom.io — Cisco Umbrella Rank: 2210	7 KB
47	10

	Domain	Requested by
16	boehringeringelheim.gointegro.com	boehringeringelheim.gointegro.com
10	aadcdn.msauth.net	login.microsoftonline.com aadcdn.msauth.net
4	www.gstatic.com	www.google.com www.gstatic.com
3	login.microsoftonline.com	boehringeringelheim.gointegro.com login.microsoftonline.com aadcdn.msauth.net
3	www.google.com	boehringeringelheim.gointegro.com www.gstatic.com www.google.com
2	aadcdn.msauthimages.net
2	js.intercomcdn.com	widget.intercom.io
2	fonts.gstatic.com	www.google.com
2	rudderstack.gointegro.com	boehringeringelheim.gointegro.com
1	autologon.microsoftazuread-sso.com
1	login.live.com	login.microsoftonline.com
1	auth.gointegro.com	1 redirects
1	widget.intercom.io	boehringeringelheim.gointegro.com
47	13

This site contains links to these domains. Also see Links.

Domain
www.microsoft.com
privacy.microsoft.com

Subject Issuer	Validity	Valid
*.gointegro.com GlobalSign RSA OV SSL CA 2018	`2022-03-02` - `2023-04-03`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.intercom.com Amazon	`2022-03-16` - `2023-04-14`	a year	crt.sh
*.intercomcdn.com Amazon	`2022-01-30` - `2023-02-28`	a year	crt.sh
stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA	`2022-11-23` - `2023-11-23`	a year	crt.sh
aadcdn.msauth.net DigiCert SHA2 Secure Server CA	`2022-08-23` - `2023-08-23`	a year	crt.sh
login.live.com DigiCert SHA2 Secure Server CA	`2022-10-03` - `2023-10-03`	a year	crt.sh
aadcdn.msauthimages.net Microsoft Azure TLS Issuing CA 02	`2022-05-11` - `2023-05-06`	a year	crt.sh
autologon.microsoftazuread-sso.com DigiCert SHA2 Secure Server CA	`2022-10-04` - `2023-10-04`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://login.microsoftonline.com/e1f8af86-ee95-4718-bd0d-375b37366c83/saml2?SAMLRequest=fVLbahsxFPyVRe971XovwjY4MaWGtDWxm4e8BEl77BVopa2Otpe%2Fr7xOSQLFICQYnZlhhrNEPuiRbSbfm0f4MQH66PegDbL5Y0UmZ5jlqJAZPgAyL9lh8%2BWBFUnGRme9lVaTd5TbDI4IzitrSLTbrshLUfJOiKxq2qylshKLltJG0KzqJG3qRV5CI8qqFkVFoidwGJgrEoQCHXGCnUHPjQ9QVhRxHk57zEuW1YzSZxJtQxpluJ9ZvfcjsjTV9qxMMijpLNqTt0YrA4m0Qwr5qeGnpooB2kVc1nkTiy7rYlovBK1pVcmGppeMBYk2%2F4LcW4PTAO4A7qeS8P3x4c2Kh1aTs1XGw9nZ2QPRpoPtJg3J2I%2BzWorXt4i5xBkVFnqnzBnmS%2FegBhLtX8u%2BU6YL8O2exXUI2efjcR%2Fvvx2OZL28mLC5N7f%2Bj8UyfT%2BwvC7G1yC92%2B6tVvJP9Mm6gfvbzhdEdfFpHmXecYMKjA%2BNaW1%2F3TvgHlbEuwlIur5afly%2F9V8%3D&RelayState=https%3A%2F%2Fauth.gointegro.com%2Fsaml2%2Fsp%2Flogin%2Fboehringeringelheim%3FredirectTo%3D%252Faccount%252Fjob-information%253Ffrom%253DSocialPostNotifyAll.callToAction.follow%2526type%253DSocialPostNotifyAll%2526event_id%253D1633926%253Fgo5-redirectTo%253D%25252Faccount%25252Fjob-information%25253Ffrom%25253DSocialPostNotifyAll.callToAction.follow%252526type%25253DSocialPostNotifyAll%252526event_id%25253D1633926&sso_reload=true
Frame ID: 4F6536EAACE082A36647218184476E89
Requests: 37 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LcUvnkcAAAAAEaXpjzTaeZhy3iSZf-LNrcm-h_y&co=aHR0cHM6Ly9ib2VocmluZ2VyaW5nZWxoZWltLmdvaW50ZWdyby5jb206NDQz&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=88093pz4977h
Frame ID: 5EBE6AAE8FF2D32547B3893833A10BF6
Requests: 7 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.427775d3.js
Frame ID: 58169C817937DE867110E47F5652EA19
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bei Ihrem Konto anmelden

Page URL History Show full URLs

https://boehringeringelheim.gointegro.com/account/job-information?from=SocialPostNotifyAll.callToAction.follow&type=So... Page URL
https://auth.gointegro.com/saml2/sp/login/boehringeringelheim?redirectTo=%2Faccount%2Fjob-information%3... HTTP 302
https://login.microsoftonline.com/e1f8af86-ee95-4718-bd0d-375b37366c83/saml2?SAMLRequest=fVLbahsxFPyVRe971Xovw... Page URL
https://login.microsoftonline.com/e1f8af86-ee95-4718-bd0d-375b37366c83/saml2?SAMLRequest=fVLbahsxFPyVRe971Xovw... Page URL

Page Statistics

47
Requests

100 %
HTTPS

38 %
IPv6

10
Domains

13
Subdomains

12
IPs

4
Countries

2092 kB
Transfer

6580 kB
Size

21
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.microsoft.com/de-DE/servicesagreement/
Title: Nutzungsbedingungen

Search URL Search Domain Scan URL

URL: https://privacy.microsoft.com/de-DE/privacystatement
Title: Datenschutz & Cookies

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/de-de/corporate/rechtliche-hinweise/impressum.aspx
Title: Haftungsausschluss

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://boehringeringelheim.gointegro.com/account/job-information?from=SocialPostNotifyAll.callToAction.follow&type=SocialPostNotifyAll&event_id=1633926 Page URL
https://auth.gointegro.com/saml2/sp/login/boehringeringelheim?redirectTo=%2Faccount%2Fjob-information%3Ffrom%3DSocialPostNotifyAll.callToAction.follow%26type%3DSocialPostNotifyAll%26event_id%3D1633926%3Fgo5-redirectTo%3D%252Faccount%252Fjob-information%253Ffrom%253DSocialPostNotifyAll.callToAction.follow%2526type%253DSocialPostNotifyAll%2526event_id%253D1633926 HTTP 302
https://login.microsoftonline.com/e1f8af86-ee95-4718-bd0d-375b37366c83/saml2?SAMLRequest=fVLbahsxFPyVRe971XovwjY4MaWGtDWxm4e8BEl77BVopa2Otpe%2Fr7xOSQLFICQYnZlhhrNEPuiRbSbfm0f4MQH66PegDbL5Y0UmZ5jlqJAZPgAyL9lh8%2BWBFUnGRme9lVaTd5TbDI4IzitrSLTbrshLUfJOiKxq2qylshKLltJG0KzqJG3qRV5CI8qqFkVFoidwGJgrEoQCHXGCnUHPjQ9QVhRxHk57zEuW1YzSZxJtQxpluJ9ZvfcjsjTV9qxMMijpLNqTt0YrA4m0Qwr5qeGnpooB2kVc1nkTiy7rYlovBK1pVcmGppeMBYk2%2F4LcW4PTAO4A7qeS8P3x4c2Kh1aTs1XGw9nZ2QPRpoPtJg3J2I%2BzWorXt4i5xBkVFnqnzBnmS%2FegBhLtX8u%2BU6YL8O2exXUI2efjcR%2Fvvx2OZL28mLC5N7f%2Bj8UyfT%2BwvC7G1yC92%2B6tVvJP9Mm6gfvbzhdEdfFpHmXecYMKjA%2BNaW1%2F3TvgHlbEuwlIur5afly%2F9V8%3D&RelayState=https%3A%2F%2Fauth.gointegro.com%2Fsaml2%2Fsp%2Flogin%2Fboehringeringelheim%3FredirectTo%3D%252Faccount%252Fjob-information%253Ffrom%253DSocialPostNotifyAll.callToAction.follow%2526type%253DSocialPostNotifyAll%2526event_id%253D1633926%253Fgo5-redirectTo%253D%25252Faccount%25252Fjob-information%25253Ffrom%25253DSocialPostNotifyAll.callToAction.follow%252526type%25253DSocialPostNotifyAll%252526event_id%25253D1633926 Page URL
https://login.microsoftonline.com/e1f8af86-ee95-4718-bd0d-375b37366c83/saml2?SAMLRequest=fVLbahsxFPyVRe971XovwjY4MaWGtDWxm4e8BEl77BVopa2Otpe%2Fr7xOSQLFICQYnZlhhrNEPuiRbSbfm0f4MQH66PegDbL5Y0UmZ5jlqJAZPgAyL9lh8%2BWBFUnGRme9lVaTd5TbDI4IzitrSLTbrshLUfJOiKxq2qylshKLltJG0KzqJG3qRV5CI8qqFkVFoidwGJgrEoQCHXGCnUHPjQ9QVhRxHk57zEuW1YzSZxJtQxpluJ9ZvfcjsjTV9qxMMijpLNqTt0YrA4m0Qwr5qeGnpooB2kVc1nkTiy7rYlovBK1pVcmGppeMBYk2%2F4LcW4PTAO4A7qeS8P3x4c2Kh1aTs1XGw9nZ2QPRpoPtJg3J2I%2BzWorXt4i5xBkVFnqnzBnmS%2FegBhLtX8u%2BU6YL8O2exXUI2efjcR%2Fvvx2OZL28mLC5N7f%2Bj8UyfT%2BwvC7G1yC92%2B6tVvJP9Mm6gfvbzhdEdfFpHmXecYMKjA%2BNaW1%2F3TvgHlbEuwlIur5afly%2F9V8%3D&RelayState=https%3A%2F%2Fauth.gointegro.com%2Fsaml2%2Fsp%2Flogin%2Fboehringeringelheim%3FredirectTo%3D%252Faccount%252Fjob-information%253Ffrom%253DSocialPostNotifyAll.callToAction.follow%2526type%253DSocialPostNotifyAll%2526event_id%253D1633926%253Fgo5-redirectTo%253D%25252Faccount%25252Fjob-information%25253Ffrom%25253DSocialPostNotifyAll.callToAction.follow%252526type%25253DSocialPostNotifyAll%252526event_id%25253D1633926&sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://auth.gointegro.com/saml2/sp/login/boehringeringelheim?redirectTo=%2Faccount%2Fjob-information%3Ffrom%3DSocialPostNotifyAll.callToAction.follow%26type%3DSocialPostNotifyAll%26event_id%3D1633926%3Fgo5-redirectTo%3D%252Faccount%252Fjob-information%253Ffrom%253DSocialPostNotifyAll.callToAction.follow%2526type%253DSocialPostNotifyAll%2526event_id%253D1633926 HTTP 302
https://login.microsoftonline.com/e1f8af86-ee95-4718-bd0d-375b37366c83/saml2?SAMLRequest=fVLbahsxFPyVRe971XovwjY4MaWGtDWxm4e8BEl77BVopa2Otpe%2Fr7xOSQLFICQYnZlhhrNEPuiRbSbfm0f4MQH66PegDbL5Y0UmZ5jlqJAZPgAyL9lh8%2BWBFUnGRme9lVaTd5TbDI4IzitrSLTbrshLUfJOiKxq2qylshKLltJG0KzqJG3qRV5CI8qqFkVFoidwGJgrEoQCHXGCnUHPjQ9QVhRxHk57zEuW1YzSZxJtQxpluJ9ZvfcjsjTV9qxMMijpLNqTt0YrA4m0Qwr5qeGnpooB2kVc1nkTiy7rYlovBK1pVcmGppeMBYk2%2F4LcW4PTAO4A7qeS8P3x4c2Kh1aTs1XGw9nZ2QPRpoPtJg3J2I%2BzWorXt4i5xBkVFnqnzBnmS%2FegBhLtX8u%2BU6YL8O2exXUI2efjcR%2Fvvx2OZL28mLC5N7f%2Bj8UyfT%2BwvC7G1yC92%2B6tVvJP9Mm6gfvbzhdEdfFpHmXecYMKjA%2BNaW1%2F3TvgHlbEuwlIur5afly%2F9V8%3D&RelayState=https%3A%2F%2Fauth.gointegro.com%2Fsaml2%2Fsp%2Flogin%2Fboehringeringelheim%3FredirectTo%3D%252Faccount%252Fjob-information%253Ffrom%253DSocialPostNotifyAll.callToAction.follow%2526type%253DSocialPostNotifyAll%2526event_id%253D1633926%253Fgo5-redirectTo%253D%25252Faccount%25252Fjob-information%25253Ffrom%25253DSocialPostNotifyAll.callToAction.follow%252526type%25253DSocialPostNotifyAll%252526event_id%25253D1633926

47 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK job-information Show response
boehringeringelheim.gointegro.com/account/ 8 KB
9 KB 273ms
179ms Document
text/html 18.66.15.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://boehringeringelheim.gointegro.com/account/job-information?from=SocialPostNotifyAll.callToAction.follow&type=SocialPostNotifyAll&event_id=1633926

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.66.15.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-15-46.vie50.r.cloudfront.net

Software

Resource Hash

e2dbfe5552c39d69a40a1193b9e031db9820b887252d681cc6b74fd12fcdef0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Type: text/html; charset=utf-8
Custom-Header: S3-Proxy
Date: Mon, 19 Dec 2022 14:07:30 GMT
ETag: W/"2097-NW1SQutHEU94PUZA6KPbDQIP0U0"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Transfer-Encoding: chunked
Via: 1.1 e8763d44c4998cd590854aad30f4704e.cloudfront.net (CloudFront)
X-Amz-Cf-Id: _0ngn9qU92rigA2z6oD8dmjgdnadceSmLCIU5-BupR2bxKt89UHgrw==
X-Amz-Cf-Pop: VIE50-P1
X-Cache: Miss from cloudfront
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: : none
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK vendor-454edb3cf4433a064fb3324855873dc7.css
boehringeringelheim.gointegro.com/assets/ 154 KB
25 KB 156ms
154ms Stylesheet
text/css 18.66.15.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://boehringeringelheim.gointegro.com/assets/vendor-454edb3cf4433a064fb3324855873dc7.css

Requested by

Host: boehringeringelheim.gointegro.com
URL: https://boehringeringelheim.gointegro.com/account/job-information?from=SocialPostNotifyAll.callToAction.follow&type=SocialPostNotifyAll&event_id=1633926

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.66.15.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-15-46.vie50.r.cloudfront.net

Software

Resource Hash

ef3658c47549924c074af293ee968da6063231eeaf0b6ca7491015bcbac89abc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boehringeringelheim.gointegro.com/account/job-information?from=SocialPostNotifyAll.callToAction.follow&type=SocialPostNotifyAll&event_id=1633926
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 14:00:29 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Via: 1.1 e8763d44c4998cd590854aad30f4704e.cloudfront.net (CloudFront)
X-Permitted-Cross-Domain-Policies: : none
X-Amz-Cf-Pop: VIE50-P1
Age: 259621
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Custom-Header: S3-Proxy
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 10 Nov 2022 11:49:15 GMT
ETag: "5f23a23556f5275c058ed84c5f7dc397"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Cache-Control: max-age=63072000, public
X-Amz-Cf-Id: pYNTv5_61h2ZSqCLWboI5hZpPQuxC1t9eJXBE_DT-qZSJlxHiPYZCg==
Expires: Tue, 01 Jan 2030 00:00:00 GMT

GET
H/1.1 200
OK go5-account-web-24af30d5411c0aab2ef2e9c2941e06f5.css
boehringeringelheim.gointegro.com/assets/ 205 KB
34 KB 173ms
135ms Stylesheet
text/css 18.66.15.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://boehringeringelheim.gointegro.com/assets/go5-account-web-24af30d5411c0aab2ef2e9c2941e06f5.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.66.15.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-15-46.vie50.r.cloudfront.net

Software

Resource Hash

865bec2a751c6f2113d0073062f8348e0ba0f5d4cca66486d55face997f92b97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boehringeringelheim.gointegro.com/account/job-information?from=SocialPostNotifyAll.callToAction.follow&type=SocialPostNotifyAll&event_id=1633926
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 14:00:29 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Via: 1.1 af4c7c5690ef99c2d2945817a4e41504.cloudfront.net (CloudFront)
X-Permitted-Cross-Domain-Policies: : none
X-Amz-Cf-Pop: VIE50-P1
Age: 259621
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Custom-Header: S3-Proxy
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 10 Nov 2022 11:49:15 GMT
ETag: "410cb31bde49d216251a9078684bc792"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Cache-Control: max-age=63072000, public
X-Amz-Cf-Id: t2929EOREDFrwr2DjMr_IPk2p-7K4dXD7rgqxN8vIVoykRkYpekcKg==
Expires: Tue, 01 Jan 2030 00:00:00 GMT

GET
H/1.1 200
OK polyfill-shared-805bd09ee3b287ba16b119ad25ff3bd9.js Show response
boehringeringelheim.gointegro.com/assets/ 12 KB
6 KB 169ms
128ms Script
application/javascript 18.66.15.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://boehringeringelheim.gointegro.com/assets/polyfill-shared-805bd09ee3b287ba16b119ad25ff3bd9.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.66.15.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-15-46.vie50.r.cloudfront.net

Software

Resource Hash

5bfbfba198f97a79d1216028edd4b4eaced9ff8a0a9b21fceb7d9b8e7f7049d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boehringeringelheim.gointegro.com/account/job-information?from=SocialPostNotifyAll.callToAction.follow&type=SocialPostNotifyAll&event_id=1633926
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 14:00:29 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Via: 1.1 1c6954b6a2b349a78fb0daa669c3e984.cloudfront.net (CloudFront)
X-Permitted-Cross-Domain-Policies: : none
X-Amz-Cf-Pop: VIE50-P1
Age: 259621
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Custom-Header: S3-Proxy
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 10 Nov 2022 11:49:15 GMT
ETag: "52f503380ffa51d32baf02195037e9c5"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=63072000, public
X-Amz-Cf-Id: q3cm-BMnE4TRwoD7DeregXAbKIxp1Ns2-iqDXSlCu6YLiEZYQnR9Hg==
Expires: Tue, 01 Jan 2030 00:00:00 GMT

GET
H/1.1 200
OK inter-regular-4dd66a113d54a7f9a1ae913049610617.woff2
boehringeringelheim.gointegro.com/fonts/ 98 KB
98 KB 35ms
35ms Font
font/woff2 18.66.15.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://boehringeringelheim.gointegro.com/fonts/inter-regular-4dd66a113d54a7f9a1ae913049610617.woff2

Requested by

Host: boehringeringelheim.gointegro.com
URL: https://boehringeringelheim.gointegro.com/assets/vendor-454edb3cf4433a064fb3324855873dc7.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.66.15.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-15-46.vie50.r.cloudfront.net

Software

Resource Hash

89d406b02758799cff68155930829b69a9fb49c39de3e264de966466d8cc7814

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://boehringeringelheim.gointegro.com/assets/vendor-454edb3cf4433a064fb3324855873dc7.css
Origin: https://boehringeringelheim.gointegro.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 08 Dec 2022 12:15:17 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Via: 1.1 af4c7c5690ef99c2d2945817a4e41504.cloudfront.net (CloudFront)
X-Permitted-Cross-Domain-Policies: : none
X-Amz-Cf-Pop: VIE50-P1
Age: 957133
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Custom-Header: S3-Proxy
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 10 Nov 2022 11:49:15 GMT
ETag: "e2c6a2728aa1a81ba3d7091ff0b46220"
X-Frame-Options: SAMEORIGIN
Content-Type: font/woff2
Cache-Control: max-age=63072000, public
X-Amz-Cf-Id: UqCuOG8A_ZeKuW6hj-N-lpq2LtpVD9u9A-TVvHAC5-lO1adL8OyUKw==
Expires: Tue, 01 Jan 2030 00:00:00 GMT

GET
H/1.1 200
OK polyfill-evergreen-2ac6bc8e6a5c535fe8849b8ff507775a.js Show response
boehringeringelheim.gointegro.com/assets/ 89 B
914 B 130ms
130ms Script
application/javascript 18.66.15.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://boehringeringelheim.gointegro.com/assets/polyfill-evergreen-2ac6bc8e6a5c535fe8849b8ff507775a.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.66.15.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-15-46.vie50.r.cloudfront.net

Software

Resource Hash

6fa5e9af7910a9b2832735b060a8aac13f92e07884461121873c6cd0345d7275

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boehringeringelheim.gointegro.com/account/job-information?from=SocialPostNotifyAll.callToAction.follow&type=SocialPostNotifyAll&event_id=1633926
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 14:00:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Via: 1.1 1c6954b6a2b349a78fb0daa669c3e984.cloudfront.net (CloudFront)
X-Permitted-Cross-Domain-Policies: : none
X-Amz-Cf-Pop: VIE50-P1
Age: 259620
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Custom-Header: S3-Proxy
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 10 Nov 2022 11:49:15 GMT
ETag: "0838ca0e9f9c3a2b19f444f44827ab71"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=63072000, public
X-Amz-Cf-Id: YQEqj_be9_n6K0fE4AZtHEp1SgiZfzgMiVQ5qNVj0WbY-1tm0UEvHA==
Expires: Tue, 01 Jan 2030 00:00:00 GMT

GET
H/1.1 200
OK vendor-aae84ee84f5dd3477e68d276bf80d432.js Show response
boehringeringelheim.gointegro.com/assets/ 2 MB
398 KB 148ms
148ms Script
application/javascript 18.66.15.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://boehringeringelheim.gointegro.com/assets/vendor-aae84ee84f5dd3477e68d276bf80d432.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.66.15.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-15-46.vie50.r.cloudfront.net

Software

Resource Hash

d007ff6e95c5488b7acbe34feca9e092a3011e3d0f3e3a19b43df2e27e02f682

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boehringeringelheim.gointegro.com/account/job-information?from=SocialPostNotifyAll.callToAction.follow&type=SocialPostNotifyAll&event_id=1633926
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 14:00:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Via: 1.1 1c6954b6a2b349a78fb0daa669c3e984.cloudfront.net (CloudFront)
X-Permitted-Cross-Domain-Policies: : none
X-Amz-Cf-Pop: VIE50-P1
Age: 259621
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Custom-Header: S3-Proxy
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 10 Nov 2022 11:49:15 GMT
ETag: "d55ac93373b0e2e1048afa43bd77bcb1"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=63072000, public
X-Amz-Cf-Id: kdkMChFjRlNMAYcHStR7NV9Uk_NARQ886CQoElT0IX5VA7Of1_BASA==
Expires: Tue, 01 Jan 2030 00:00:00 GMT

GET
H/1.1 200
OK chunk.719.5c65f70ae29e651dbd53.js Show response
boehringeringelheim.gointegro.com/assets/ 967 KB
294 KB 133ms
132ms Script
application/javascript 18.66.15.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://boehringeringelheim.gointegro.com/assets/chunk.719.5c65f70ae29e651dbd53.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.66.15.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-15-46.vie50.r.cloudfront.net

Software

Resource Hash

5cb5c6089e875220c58112d066b25ca0e46e1e3e1e46bc84f457c0bb821380e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boehringeringelheim.gointegro.com/account/job-information?from=SocialPostNotifyAll.callToAction.follow&type=SocialPostNotifyAll&event_id=1633926
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 14:00:31 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Via: 1.1 1c6954b6a2b349a78fb0daa669c3e984.cloudfront.net (CloudFront)
X-Permitted-Cross-Domain-Policies: : none
X-Amz-Cf-Pop: VIE50-P1
Age: 259620
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Custom-Header: S3-Proxy
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 10 Nov 2022 11:49:15 GMT
ETag: "b1f827b7af098c7a4465bb9b1f005625"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=63072000, public
X-Amz-Cf-Id: lasQp90FBxsAC-q6yVAWKlnJddHW16o5mtU8pT0C45J__FL95IA5WQ==
Expires: Tue, 01 Jan 2030 00:00:00 GMT

GET
H/1.1 200
OK chunk.143.a36ab7285fa4eaae614c.js Show response
boehringeringelheim.gointegro.com/assets/ 7 KB
3 KB 170ms
170ms Script
application/javascript 18.66.15.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://boehringeringelheim.gointegro.com/assets/chunk.143.a36ab7285fa4eaae614c.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.66.15.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-15-46.vie50.r.cloudfront.net

Software

Resource Hash

a05d0ce2d4e0362a2f8ccb19986bf36f455d3ec6feaf4d2018eb112fae2b34f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boehringeringelheim.gointegro.com/account/job-information?from=SocialPostNotifyAll.callToAction.follow&type=SocialPostNotifyAll&event_id=1633926
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 14:07:31 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Via: 1.1 1c6954b6a2b349a78fb0daa669c3e984.cloudfront.net (CloudFront)
X-Permitted-Cross-Domain-Policies: : none
X-Amz-Cf-Pop: VIE50-P1
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
Connection: keep-alive
Custom-Header: S3-Proxy
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 10 Nov 2022 11:49:15 GMT
ETag: "fc83edd6de82ee6926fc45dbb1c36498"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=63072000, public
X-Amz-Cf-Id: Cm-lt9b4hBQx8YsLme8ZrHGtvkUX9-Jg764FhzqNih1nK1iS9Cf4_Q==
Expires: Tue, 01 Jan 2030 00:00:00 GMT

GET
H/1.1 200
OK go5-account-web-c8805010d1d6128c9dc8ce0d122ce5b9.js Show response
boehringeringelheim.gointegro.com/assets/ 467 KB
62 KB 131ms
131ms Script
application/javascript 18.66.15.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://boehringeringelheim.gointegro.com/assets/go5-account-web-c8805010d1d6128c9dc8ce0d122ce5b9.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.66.15.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-15-46.vie50.r.cloudfront.net

Software

Resource Hash

d8afcaab0d82d71c0ac7ff997662e99c703f6bc45344202132069d4f925a3972

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boehringeringelheim.gointegro.com/account/job-information?from=SocialPostNotifyAll.callToAction.follow&type=SocialPostNotifyAll&event_id=1633926
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 14:00:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Via: 1.1 1c6954b6a2b349a78fb0daa669c3e984.cloudfront.net (CloudFront)
X-Permitted-Cross-Domain-Policies: : none
X-Amz-Cf-Pop: VIE50-P1
Age: 259619
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Custom-Header: S3-Proxy
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 10 Nov 2022 11:49:15 GMT
ETag: "0530ebafe44d8c7d9fcf6246e80115fd"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=63072000, public
X-Amz-Cf-Id: ZXp_LBMNdiefmgAERBwij53C1BmQEdUk96DUtmk9hgVrDVfmsw8Fbg==
Expires: Tue, 01 Jan 2030 00:00:00 GMT

OPTIONS
H2 204 /
rudderstack.gointegro.com/sourceConfig/ Frame 0
0 377ms
104ms Preflight 34.198.0.23
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rudderstack.gointegro.com/sourceConfig/?p=npm&v=1.4.3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.198.0.23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-198-0-23.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://boehringeringelheim.gointegro.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers: Range, Authorization
access-control-allow-origin: *
access-control-expose-headers: Content-Length
access-control-max-age: 3600
date: Mon, 19 Dec 2022 14:07:32 GMT

GET
H2 200 enterprise.js Show response
www.google.com/recaptcha/ 974 B
1 KB 129ms
49ms Script
text/javascript 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?render=6LcUvnkcAAAAAEaXpjzTaeZhy3iSZf-LNrcm-h_y

Requested by

Host: boehringeringelheim.gointegro.com
URL: https://boehringeringelheim.gointegro.com/assets/go5-account-web-c8805010d1d6128c9dc8ce0d122ce5b9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d8e4456ca7a9e1856bd77dc13c98b06efff4e1172e001374597139af07ac44e3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boehringeringelheim.gointegro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 14:07:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 613
x-xss-protection: 1; mode=block
expires: Mon, 19 Dec 2022 14:07:32 GMT

GET
H2 200 / Show response
rudderstack.gointegro.com/sourceConfig/ 759 B
1 KB 128ms
128ms XHR
application/json 34.198.0.23
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rudderstack.gointegro.com/sourceConfig/?p=npm&v=1.4.3
Requested by: Host: boehringeringelheim.gointegro.com
URL: https://boehringeringelheim.gointegro.com/assets/chunk.719.5c65f70ae29e651dbd53.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.198.0.23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-198-0-23.compute-1.amazonaws.com
Software: /
Resource Hash: c5872ce7e2c6192ac1e070abb5450b42649312b726c1513e5714f08a93922de7

Request headers

Referer: https://boehringeringelheim.gointegro.com/
accept-language: de-DE,de;q=0.9
Authorization: Basic MXJPaUtuZmRqTTdKcUxlTmdqbHBFYTBqOVBXOg==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 14:07:32 GMT
x-amz-version-id: 1StsMZpjlBiP2CPMNp63n3ADbkE7xE8Y
last-modified: Thu, 22 Apr 2021 13:59:03 GMT
etag: "86e66510a7b2af2c152c247d07d37b64"
access-control-max-age: 3600
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Content-Length
accept-ranges: bytes
access-control-allow-headers: Range, Authorization
content-length: 759

GET
H/1.1 200
OK platforms Show response
boehringeringelheim.gointegro.com/api/ 74 KB
19 KB 160ms
160ms XHR
application/vnd.api+json 18.66.15.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://boehringeringelheim.gointegro.com/api/platforms?filter%5Bhostname%5D=boehringeringelheim.gointegro.com&include=partner%2Cbranding%2Cbranding.logo%2Cbranding.favicon%2Cbranding.login-bg
Requested by: Host: boehringeringelheim.gointegro.com
URL: https://boehringeringelheim.gointegro.com/assets/chunk.719.5c65f70ae29e651dbd53.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-46.vie50.r.cloudfront.net
Software: /
Resource Hash: 8b41f2b0be7edb5ed222f3b95052927d0dd0679ff66531a45e80ab8a2cc0d222

Request headers

AppType: Web
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/vnd.api+json
Accept: application/vnd.api+json
Referer: https://boehringeringelheim.gointegro.com/account/job-information?from=SocialPostNotifyAll.callToAction.follow&type=SocialPostNotifyAll&event_id=1633926
AppName: Account
AppVersion: 2.0.5

Response headers

Date: Mon, 19 Dec 2022 14:07:32 GMT
Content-Encoding: gzip
X-Total-AuthTime: 0
Via: 1.1 1c6954b6a2b349a78fb0daa669c3e984.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-P1
etag: "129ae-Ag7nOOdtsVWWHaB6S5lazNaJWFw"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/vnd.api+json
Access-Control-Allow-Origin: *
X-Cache: Miss from cloudfront
Connection: keep-alive
X-Total-Time: 7
X-Amz-Cf-Id: uT25tm-pPuvFPZchGzQRgU0LFn0Ms9VsbEjZyIkmbBVdPTh8bV4r5w==

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ 407 KB
163 KB 116ms
36ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?render=6LcUvnkcAAAAAEaXpjzTaeZhy3iSZf-LNrcm-h_y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://boehringeringelheim.gointegro.com/
Origin: https://boehringeringelheim.gointegro.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 13:25:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2500
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 166478
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Dec 2023 13:25:52 GMT

GET
H/1.1 200
OK platforms Show response
boehringeringelheim.gointegro.com/api/ 74 KB
19 KB 466ms
466ms XHR
application/vnd.api+json 18.66.15.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://boehringeringelheim.gointegro.com/api/platforms?filter%5Bhostname%5D=boehringeringelheim.gointegro.com&include=partner%2Cbranding%2Cbranding.logo%2Cbranding.favicon%2Cbranding.login-bg
Requested by: Host: boehringeringelheim.gointegro.com
URL: https://boehringeringelheim.gointegro.com/assets/chunk.719.5c65f70ae29e651dbd53.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-46.vie50.r.cloudfront.net
Software: /
Resource Hash: 8b41f2b0be7edb5ed222f3b95052927d0dd0679ff66531a45e80ab8a2cc0d222

Request headers

AppType: Web
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/vnd.api+json
Accept: application/vnd.api+json
Referer: https://boehringeringelheim.gointegro.com/account/job-information?from=SocialPostNotifyAll.callToAction.follow&type=SocialPostNotifyAll&event_id=1633926
AppName: Account
AppVersion: 2.0.5

Response headers

Date: Mon, 19 Dec 2022 14:07:32 GMT
Content-Encoding: gzip
X-Total-AuthTime: 0
Via: 1.1 1c6954b6a2b349a78fb0daa669c3e984.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-P1
etag: "129ae-Ag7nOOdtsVWWHaB6S5lazNaJWFw"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/vnd.api+json
Access-Control-Allow-Origin: *
X-Cache: Miss from cloudfront
Connection: keep-alive
X-Total-Time: 8
X-Amz-Cf-Id: O9IgIPqXJSD-0t6IKT4QP-MPCp7ws9QbW9KEdbEdK1Cv2-DyXwY5Dg==

GET
H2 200 anchor Show response
www.google.com/recaptcha/enterprise/ Frame 5EBE 42 KB
22 KB 59ms
58ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LcUvnkcAAAAAEaXpjzTaeZhy3iSZf-LNrcm-h_y&co=aHR0cHM6Ly9ib2VocmluZ2VyaW5nZWxoZWltLmdvaW50ZWdyby5jb206NDQz&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=88093pz4977h

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fd35c0093c383a6aff46184757d65d881593a8bfa1815a86c4571a706d032fb2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6ATSFGwAM91PGQhOZKjfVQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://boehringeringelheim.gointegro.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22340
content-security-policy: script-src 'report-sample' 'nonce-6ATSFGwAM91PGQhOZKjfVQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 19 Dec 2022 14:07:32 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame 5EBE 52 KB
24 KB 108ms
36ms Stylesheet
text/css 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LcUvnkcAAAAAEaXpjzTaeZhy3iSZf-LNrcm-h_y&co=aHR0cHM6Ly9ib2VocmluZ2VyaW5nZWxoZWltLmdvaW50ZWdyby5jb206NDQz&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=88093pz4977h

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 13:22:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2728
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Dec 2023 13:22:04 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame 5EBE 407 KB
163 KB 126ms
54ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 13:25:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2500
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 166478
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Dec 2023 13:25:52 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 5EBE 2 KB
2 KB 36ms
36ms Image
image/png 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 19:40:09 GMT
x-content-type-options: nosniff
age: 325643
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 22 Dec 2022 19:40:09 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5EBE 15 KB
16 KB 163ms
47ms Font
font/woff2 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:20:58 GMT
x-content-type-options: nosniff
age: 276394
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Dec 2023 09:20:58 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5EBE 15 KB
15 KB 174ms
59ms Font
font/woff2 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 22:15:01 GMT
x-content-type-options: nosniff
age: 316351
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Dec 2023 22:15:01 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/enterprise/ Frame 5EBE 102 B
134 B 46ms
46ms Other
text/javascript 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/webworker.js?hl=de&v=5qcenVbrhOy8zihcc2aHOWD4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7647724bcc7afde27000c02ce20b80535467b8f60f1330013a1ee3b575479a81

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LcUvnkcAAAAAEaXpjzTaeZhy3iSZf-LNrcm-h_y&co=aHR0cHM6Ly9ib2VocmluZ2VyaW5nZWxoZWltLmdvaW50ZWdyby5jb206NDQz&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=88093pz4977h
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 14:07:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Mon, 19 Dec 2022 14:07:32 GMT

GET
H/1.1 200
OK branding.less Show response
boehringeringelheim.gointegro.com/ 991 B
2 KB 152ms
151ms XHR
text/less 18.66.15.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://boehringeringelheim.gointegro.com/branding.less?v=2.0.5+fc841026

Requested by

Host: boehringeringelheim.gointegro.com
URL: https://boehringeringelheim.gointegro.com/assets/chunk.719.5c65f70ae29e651dbd53.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.66.15.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-15-46.vie50.r.cloudfront.net

Software

Resource Hash

b6ab8fef28c981674ccc7ea80a09bf7a58e78702056331817266c8514b938b56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://boehringeringelheim.gointegro.com/account/job-information?from=SocialPostNotifyAll.callToAction.follow&type=SocialPostNotifyAll&event_id=1633926
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 14:00:33 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Via: 1.1 1c6954b6a2b349a78fb0daa669c3e984.cloudfront.net (CloudFront)
X-Permitted-Cross-Domain-Policies: : none
X-Amz-Cf-Pop: VIE50-P1
Age: 259619
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Custom-Header: S3-Proxy
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 10 Nov 2022 11:49:15 GMT
ETag: "ff510b1b422db45c74ebd9cd4b702e03"
X-Frame-Options: SAMEORIGIN
Content-Type: text/less; charset=utf-8
Cache-Control: max-age=63072000, public
X-Amz-Cf-Id: 6GCYSpDSyDwksayD9zRjgvOTuMiHQT6cY0sinTjB32YzeHfrfz_35Q==
Expires: Tue, 01 Jan 2030 00:00:00 GMT

GET
H2 200 undefined Show response
widget.intercom.io/widget/ 18 KB
7 KB 270ms
18ms Script
application/javascript 13.32.27.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.intercom.io/widget/undefined
Requested by: Host: boehringeringelheim.gointegro.com
URL: https://boehringeringelheim.gointegro.com/assets/vendor-aae84ee84f5dd3477e68d276bf80d432.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-26.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 20e10c66f9a40f9465379898dd376c26657ec3a63b0e847b54654008b25213d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://boehringeringelheim.gointegro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 13:53:10 GMT
content-encoding: gzip
via: 1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
x-amz-version-id: bX5sn3rzMGgx4.zWVr0xgpYTe17AiOPQ
x-amz-cf-pop: FRA56-C2
age: 864
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 6171
last-modified: Mon, 19 Dec 2022 13:53:06 GMT
server: AmazonS3
etag: "cf28b16fff1e276d608493266646680a"
vary: Origin
content-type: application/javascript; charset=UTF-8
cache-control: max-age=900, s-maxage=900, public
accept-ranges: bytes
x-amz-cf-id: OfDHDMh8PRvrFUxuFd6d6ayPxj9p8ezBgEhDw04eYUivh3othz8PIw==

GET
H/1.1 200
OK platforms Show response
boehringeringelheim.gointegro.com/api/ 74 KB
19 KB 138ms
137ms XHR
application/vnd.api+json 18.66.15.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://boehringeringelheim.gointegro.com/api/platforms?filter%5Bhostname%5D=boehringeringelheim.gointegro.com&include=partner%2Cbranding%2Cbranding.logo%2Cbranding.favicon%2Cbranding.login-bg
Requested by: Host: boehringeringelheim.gointegro.com
URL: https://boehringeringelheim.gointegro.com/assets/chunk.719.5c65f70ae29e651dbd53.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-46.vie50.r.cloudfront.net
Software: /
Resource Hash: 8b41f2b0be7edb5ed222f3b95052927d0dd0679ff66531a45e80ab8a2cc0d222

Request headers

AppType: Web
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/vnd.api+json
Accept: application/vnd.api+json
Referer: https://boehringeringelheim.gointegro.com/account/job-information?from=SocialPostNotifyAll.callToAction.follow&type=SocialPostNotifyAll&event_id=1633926
AppName: Account
AppVersion: 2.0.5

Response headers

Date: Mon, 19 Dec 2022 14:07:33 GMT
Content-Encoding: gzip
X-Total-AuthTime: 0
Via: 1.1 1c6954b6a2b349a78fb0daa669c3e984.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-P1
etag: "129ae-Ag7nOOdtsVWWHaB6S5lazNaJWFw"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/vnd.api+json
Access-Control-Allow-Origin: *
X-Cache: Miss from cloudfront
Connection: keep-alive
X-Total-Time: 9
X-Amz-Cf-Id: -c0Eiaw6x513krqKF3GENgm4JfBMstss1yB9JFl0Jjp4WKZpZqKEhw==

GET
H/1.1 200
OK platforms Show response
boehringeringelheim.gointegro.com/api/ 74 KB
19 KB 158ms
158ms XHR
application/vnd.api+json 18.66.15.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://boehringeringelheim.gointegro.com/api/platforms?filter%5Bhostname%5D=boehringeringelheim.gointegro.com&include=partner%2Cbranding%2Cbranding.logo%2Cbranding.favicon%2Cbranding.login-bg
Requested by: Host: boehringeringelheim.gointegro.com
URL: https://boehringeringelheim.gointegro.com/assets/chunk.719.5c65f70ae29e651dbd53.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-46.vie50.r.cloudfront.net
Software: /
Resource Hash: 8b41f2b0be7edb5ed222f3b95052927d0dd0679ff66531a45e80ab8a2cc0d222

Request headers

AppType: Web
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/vnd.api+json
Accept: application/vnd.api+json
Referer: https://boehringeringelheim.gointegro.com/account/job-information?from=SocialPostNotifyAll.callToAction.follow&type=SocialPostNotifyAll&event_id=1633926
AppName: Account
AppVersion: 2.0.5

Response headers

Date: Mon, 19 Dec 2022 14:07:33 GMT
Content-Encoding: gzip
X-Total-AuthTime: 0
Via: 1.1 1c6954b6a2b349a78fb0daa669c3e984.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-P1
etag: "129ae-Ag7nOOdtsVWWHaB6S5lazNaJWFw"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/vnd.api+json
Access-Control-Allow-Origin: *
X-Cache: Miss from cloudfront
Connection: keep-alive
X-Total-Time: 8
X-Amz-Cf-Id: HSHC9eqGWJlv2TwzkIPWOYeG-C00R60AafltC6dQiUKw7CHOJBDm9w==

GET
H2 200 frame-modern.427775d3.js Show response
js.intercomcdn.com/ Frame 5816 461 KB
126 KB 92ms
20ms Script
application/javascript 13.32.110.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/frame-modern.427775d3.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/undefined

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.59 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-110-59.vie50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

c63fde46af7a8036a16f60b9385e38ccb26f30770d8f32e6c8478e26a26c4992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 13:53:10 GMT
content-encoding: gzip
via: 1.1 c772b2e53d72432d4d471ac66f4794fa.cloudfront.net (CloudFront)
x-amz-version-id: hr9GtKtPhO6quJ1GM13HP79SacLL8e6U
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: VIE50-C2
age: 864
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 128163
last-modified: Mon, 19 Dec 2022 13:51:25 GMT
server: AmazonS3
etag: "4d98004501f1c97658da51651addc338"
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: xejcAJoboTt8oAo9novZCZn965aycTzryii0gW0BxmvyGywh-mF_9w==

GET
H2 200 vendor-modern.36ed38c1.js Show response
js.intercomcdn.com/ Frame 5816 236 KB
73 KB 128ms
56ms Script
application/javascript 13.32.110.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/vendor-modern.36ed38c1.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/undefined

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.59 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-110-59.vie50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

4475a08c95b869199ca5bdbc8493bcdb1e5dca212d29d234117c32b32444ba11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: ipZ4Z7AXhklO6wbbZ2kz8kSQvoFGJf44
content-encoding: gzip
via: 1.1 c772b2e53d72432d4d471ac66f4794fa.cloudfront.net (CloudFront)
date: Mon, 19 Dec 2022 13:55:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: VIE50-C2
age: 734
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 74429
last-modified: Fri, 16 Dec 2022 14:53:47 GMT
server: AmazonS3
etag: "92d069eaabf3b558c0e41c73e56cd888"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: 0qH2evTclFarJQ-ATzSf4sZNyWR6zFQ2pAs76lArGOjwFduGjh4fWw==

GET
H/1.1 200
OK branding.less Show response
boehringeringelheim.gointegro.com/ 991 B
2 KB 19ms
19ms XHR
text/less 18.66.15.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://boehringeringelheim.gointegro.com/branding.less?v=2.0.5+fc841026

Requested by

Host: boehringeringelheim.gointegro.com
URL: https://boehringeringelheim.gointegro.com/assets/chunk.719.5c65f70ae29e651dbd53.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.66.15.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-15-46.vie50.r.cloudfront.net

Software

Resource Hash

b6ab8fef28c981674ccc7ea80a09bf7a58e78702056331817266c8514b938b56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://boehringeringelheim.gointegro.com/account/job-information?from=SocialPostNotifyAll.callToAction.follow&type=SocialPostNotifyAll&event_id=1633926
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 14:00:33 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Via: 1.1 1c6954b6a2b349a78fb0daa669c3e984.cloudfront.net (CloudFront)
X-Permitted-Cross-Domain-Policies: : none
X-Amz-Cf-Pop: VIE50-P1
Age: 259620
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Custom-Header: S3-Proxy
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 10 Nov 2022 11:49:15 GMT
ETag: "ff510b1b422db45c74ebd9cd4b702e03"
X-Frame-Options: SAMEORIGIN
Content-Type: text/less; charset=utf-8
Cache-Control: max-age=63072000, public
X-Amz-Cf-Id: GVoatcrL27UfLeaYuYZ2jBcp9NWGqlzMAo3t1lZ10Gnfl3AYXZ-b9Q==
Expires: Tue, 01 Jan 2030 00:00:00 GMT

GET
H/1.1

200
OK

saml2 Show response
login.microsoftonline.com/e1f8af86-ee95-4718-bd0d-375b37366c83/
Redirect Chain

https://auth.gointegro.com/saml2/sp/login/boehringeringelheim?redirectTo=%2Faccount%2Fjob-information%3Ffrom%3DSocialPostNotifyAll.callToAction.follow%26type%3DSocialPostNotifyAll%26event_id%3D1633...
https://login.microsoftonline.com/e1f8af86-ee95-4718-bd0d-375b37366c83/saml2?SAMLRequest=fVLbahsxFPyVRe971XovwjY4MaWGtDWxm4e8BEl77BVopa2Otpe%2Fr7xOSQLFICQYnZlhhrNEPuiRbSbfm0f4MQH66PegDbL5Y0UmZ5jlqJ...

152 KB
55 KB

441ms
365ms

Document
text/html

20.190.160.22
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.microsoftonline.com/e1f8af86-ee95-4718-bd0d-375b37366c83/saml2?SAMLRequest=fVLbahsxFPyVRe971XovwjY4MaWGtDWxm4e8BEl77BVopa2Otpe%2Fr7xOSQLFICQYnZlhhrNEPuiRbSbfm0f4MQH66PegDbL5Y0UmZ5jlqJAZPgAyL9lh8%2BWBFUnGRme9lVaTd5TbDI4IzitrSLTbrshLUfJOiKxq2qylshKLltJG0KzqJG3qRV5CI8qqFkVFoidwGJgrEoQCHXGCnUHPjQ9QVhRxHk57zEuW1YzSZxJtQxpluJ9ZvfcjsjTV9qxMMijpLNqTt0YrA4m0Qwr5qeGnpooB2kVc1nkTiy7rYlovBK1pVcmGppeMBYk2%2F4LcW4PTAO4A7qeS8P3x4c2Kh1aTs1XGw9nZ2QPRpoPtJg3J2I%2BzWorXt4i5xBkVFnqnzBnmS%2FegBhLtX8u%2BU6YL8O2exXUI2efjcR%2Fvvx2OZL28mLC5N7f%2Bj8UyfT%2BwvC7G1yC92%2B6tVvJP9Mm6gfvbzhdEdfFpHmXecYMKjA%2BNaW1%2F3TvgHlbEuwlIur5afly%2F9V8%3D&RelayState=https%3A%2F%2Fauth.gointegro.com%2Fsaml2%2Fsp%2Flogin%2Fboehringeringelheim%3FredirectTo%3D%252Faccount%252Fjob-information%253Ffrom%253DSocialPostNotifyAll.callToAction.follow%2526type%253DSocialPostNotifyAll%2526event_id%253D1633926%253Fgo5-redirectTo%253D%25252Faccount%25252Fjob-information%25253Ffrom%25253DSocialPostNotifyAll.callToAction.follow%252526type%25253DSocialPostNotifyAll%252526event_id%25253D1633926

Requested by

Host: boehringeringelheim.gointegro.com
URL: https://boehringeringelheim.gointegro.com/assets/go5-account-web-c8805010d1d6128c9dc8ce0d122ce5b9.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.190.160.22 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b10f6cd0cdba7fe93b6de6bbd8a6ac64b6bbf51fcd593340f57ad36b0c15299f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://boehringeringelheim.gointegro.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache
Content-Encoding: gzip
Content-Length: 55461
Content-Type: text/html; charset=utf-8
Date: Mon, 19 Dec 2022 14:07:34 GMT
Expires: -1
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
x-ms-ests-server: 2.1.14357.7 - NEULR2 ProdSlices
x-ms-request-id: 282ba167-da28-459d-b9a5-afc4df906f00

Redirect headers

cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
date: Mon, 19 Dec 2022 14:07:33 GMT
location: https://login.microsoftonline.com/e1f8af86-ee95-4718-bd0d-375b37366c83/saml2?SAMLRequest=fVLbahsxFPyVRe971XovwjY4MaWGtDWxm4e8BEl77BVopa2Otpe%2Fr7xOSQLFICQYnZlhhrNEPuiRbSbfm0f4MQH66PegDbL5Y0UmZ5jlqJAZPgAyL9lh8%2BWBFUnGRme9lVaTd5TbDI4IzitrSLTbrshLUfJOiKxq2qylshKLltJG0KzqJG3qRV5CI8qqFkVFoidwGJgrEoQCHXGCnUHPjQ9QVhRxHk57zEuW1YzSZxJtQxpluJ9ZvfcjsjTV9qxMMijpLNqTt0YrA4m0Qwr5qeGnpooB2kVc1nkTiy7rYlovBK1pVcmGppeMBYk2%2F4LcW4PTAO4A7qeS8P3x4c2Kh1aTs1XGw9nZ2QPRpoPtJg3J2I%2BzWorXt4i5xBkVFnqnzBnmS%2FegBhLtX8u%2BU6YL8O2exXUI2efjcR%2Fvvx2OZL28mLC5N7f%2Bj8UyfT%2BwvC7G1yC92%2B6tVvJP9Mm6gfvbzhdEdfFpHmXecYMKjA%2BNaW1%2F3TvgHlbEuwlIur5afly%2F9V8%3D&RelayState=https%3A%2F%2Fauth.gointegro.com%2Fsaml2%2Fsp%2Flogin%2Fboehringeringelheim%3FredirectTo%3D%252Faccount%252Fjob-information%253Ffrom%253DSocialPostNotifyAll.callToAction.follow%2526type%253DSocialPostNotifyAll%2526event_id%253D1633926%253Fgo5-redirectTo%253D%25252Faccount%25252Fjob-information%25253Ffrom%25253DSocialPostNotifyAll.callToAction.follow%252526type%25253DSocialPostNotifyAll%252526event_id%25253D1633926
pragma: no-cache
server: nginx/1.17.2
x-powered-by: PHP/5.6.40

GET
H/1.1 200
OK Primary Request saml2 Show response
login.microsoftonline.com/e1f8af86-ee95-4718-bd0d-375b37366c83/ 202 KB
52 KB 234ms
233ms Document
text/html 20.190.160.22
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/e1f8af86-ee95-4718-bd0d-375b37366c83/saml2?SAMLRequest=fVLbahsxFPyVRe971XovwjY4MaWGtDWxm4e8BEl77BVopa2Otpe%2Fr7xOSQLFICQYnZlhhrNEPuiRbSbfm0f4MQH66PegDbL5Y0UmZ5jlqJAZPgAyL9lh8%2BWBFUnGRme9lVaTd5TbDI4IzitrSLTbrshLUfJOiKxq2qylshKLltJG0KzqJG3qRV5CI8qqFkVFoidwGJgrEoQCHXGCnUHPjQ9QVhRxHk57zEuW1YzSZxJtQxpluJ9ZvfcjsjTV9qxMMijpLNqTt0YrA4m0Qwr5qeGnpooB2kVc1nkTiy7rYlovBK1pVcmGppeMBYk2%2F4LcW4PTAO4A7qeS8P3x4c2Kh1aTs1XGw9nZ2QPRpoPtJg3J2I%2BzWorXt4i5xBkVFnqnzBnmS%2FegBhLtX8u%2BU6YL8O2exXUI2efjcR%2Fvvx2OZL28mLC5N7f%2Bj8UyfT%2BwvC7G1yC92%2B6tVvJP9Mm6gfvbzhdEdfFpHmXecYMKjA%2BNaW1%2F3TvgHlbEuwlIur5afly%2F9V8%3D&RelayState=https%3A%2F%2Fauth.gointegro.com%2Fsaml2%2Fsp%2Flogin%2Fboehringeringelheim%3FredirectTo%3D%252Faccount%252Fjob-information%253Ffrom%253DSocialPostNotifyAll.callToAction.follow%2526type%253DSocialPostNotifyAll%2526event_id%253D1633926%253Fgo5-redirectTo%253D%25252Faccount%25252Fjob-information%25253Ffrom%25253DSocialPostNotifyAll.callToAction.follow%252526type%25253DSocialPostNotifyAll%252526event_id%25253D1633926

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.190.160.22 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5255215fc9650f66c264fa708aba7cdf62a4d4933396e5e920c8b2ef2b0d7661

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://login.microsoftonline.com/e1f8af86-ee95-4718-bd0d-375b37366c83/saml2?SAMLRequest=fVLbahsxFPyVRe971XovwjY4MaWGtDWxm4e8BEl77BVopa2Otpe%2Fr7xOSQLFICQYnZlhhrNEPuiRbSbfm0f4MQH66PegDbL5Y0UmZ5jlqJAZPgAyL9lh8%2BWBFUnGRme9lVaTd5TbDI4IzitrSLTbrshLUfJOiKxq2qylshKLltJG0KzqJG3qRV5CI8qqFkVFoidwGJgrEoQCHXGCnUHPjQ9QVhRxHk57zEuW1YzSZxJtQxpluJ9ZvfcjsjTV9qxMMijpLNqTt0YrA4m0Qwr5qeGnpooB2kVc1nkTiy7rYlovBK1pVcmGppeMBYk2%2F4LcW4PTAO4A7qeS8P3x4c2Kh1aTs1XGw9nZ2QPRpoPtJg3J2I%2BzWorXt4i5xBkVFnqnzBnmS%2FegBhLtX8u%2BU6YL8O2exXUI2efjcR%2Fvvx2OZL28mLC5N7f%2Bj8UyfT%2BwvC7G1yC92%2B6tVvJP9Mm6gfvbzhdEdfFpHmXecYMKjA%2BNaW1%2F3TvgHlbEuwlIur5afly%2F9V8%3D&RelayState=https%3A%2F%2Fauth.gointegro.com%2Fsaml2%2Fsp%2Flogin%2Fboehringeringelheim%3FredirectTo%3D%252Faccount%252Fjob-information%253Ffrom%253DSocialPostNotifyAll.callToAction.follow%2526type%253DSocialPostNotifyAll%2526event_id%253D1633926%253Fgo5-redirectTo%253D%25252Faccount%25252Fjob-information%25253Ffrom%25253DSocialPostNotifyAll.callToAction.follow%252526type%25253DSocialPostNotifyAll%252526event_id%25253D1633926
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache
Content-Encoding: gzip
Content-Length: 51692
Content-Type: text/html; charset=utf-8
Date: Mon, 19 Dec 2022 14:07:34 GMT
Expires: -1
Link: <https://aadcdn.msauth.net>; rel=preconnect; crossorigin <https://aadcdn.msauth.net>; rel=dns-prefetch <https://aadcdn.msftauth.net>; rel=dns-prefetch
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-DNS-Prefetch-Control: on
X-Frame-Options: DENY
X-XSS-Protection: 0
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
x-ms-ests-server: 2.1.14357.7 - WEULR2 ProdSlices
x-ms-request-id: d0fe1395-b508-4df3-8fb6-a13122c36d00

GET
H2 200 ConvergedLogin_PCore_uKA_y1fjqWvYkTaFMejIZQ2.js Show response
aadcdn.msauth.net/shared/1.0/content/js/ 391 KB
111 KB 188ms
10ms Script
application/x-javascript 2620:1ec:40::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_uKA_y1fjqWvYkTaFMejIZQ2.js
Requested by: Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/e1f8af86-ee95-4718-bd0d-375b37366c83/saml2?SAMLRequest=fVLbahsxFPyVRe971XovwjY4MaWGtDWxm4e8BEl77BVopa2Otpe%2Fr7xOSQLFICQYnZlhhrNEPuiRbSbfm0f4MQH66PegDbL5Y0UmZ5jlqJAZPgAyL9lh8%2BWBFUnGRme9lVaTd5TbDI4IzitrSLTbrshLUfJOiKxq2qylshKLltJG0KzqJG3qRV5CI8qqFkVFoidwGJgrEoQCHXGCnUHPjQ9QVhRxHk57zEuW1YzSZxJtQxpluJ9ZvfcjsjTV9qxMMijpLNqTt0YrA4m0Qwr5qeGnpooB2kVc1nkTiy7rYlovBK1pVcmGppeMBYk2%2F4LcW4PTAO4A7qeS8P3x4c2Kh1aTs1XGw9nZ2QPRpoPtJg3J2I%2BzWorXt4i5xBkVFnqnzBnmS%2FegBhLtX8u%2BU6YL8O2exXUI2efjcR%2Fvvx2OZL28mLC5N7f%2Bj8UyfT%2BwvC7G1yC92%2B6tVvJP9Mm6gfvbzhdEdfFpHmXecYMKjA%2BNaW1%2F3TvgHlbEuwlIur5afly%2F9V8%3D&RelayState=https%3A%2F%2Fauth.gointegro.com%2Fsaml2%2Fsp%2Flogin%2Fboehringeringelheim%3FredirectTo%3D%252Faccount%252Fjob-information%253Ffrom%253DSocialPostNotifyAll.callToAction.follow%2526type%253DSocialPostNotifyAll%2526event_id%253D1633926%253Fgo5-redirectTo%253D%25252Faccount%25252Fjob-information%25253Ffrom%25253DSocialPostNotifyAll.callToAction.follow%252526type%25253DSocialPostNotifyAll%252526event_id%25253D1633926&sso_reload=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:40::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 6dc9810fa0a9551a31d7a5ad428952b917c211475113620a461cdb5efb2d5993

Request headers

Referer: https://login.microsoftonline.com/
Origin: https://login.microsoftonline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 19 Dec 2022 14:07:34 GMT
content-encoding: gzip
x-azure-ref-originshield: 0zAKgYwAAAAA5XYKZeBR3TpvaL5uG5dUIRlJBMjMxMDUwNDE4MDIxADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5: zcwWfFMjU4sF0R3R+wJipw==
x-cache: TCP_HIT
content-length: 112662
x-ms-lease-status: unlocked
last-modified: Thu, 17 Nov 2022 22:31:46 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DAC8EB82F7AC92
x-azure-ref: 0J3CgYwAAAACU77BRbCUwTbukaWqpclY9RlJBMjMxMDUwNDIwMDIxADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 4f817316-801e-0027-376d-13774e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H/1.1 200
OK Me.htm
login.live.com/ 0
0 202ms
101ms Other
text/html 20.190.160.17
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://login.live.com/Me.htm?v=3
Requested by: Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/e1f8af86-ee95-4718-bd0d-375b37366c83/saml2?SAMLRequest=fVLbahsxFPyVRe971XovwjY4MaWGtDWxm4e8BEl77BVopa2Otpe%2Fr7xOSQLFICQYnZlhhrNEPuiRbSbfm0f4MQH66PegDbL5Y0UmZ5jlqJAZPgAyL9lh8%2BWBFUnGRme9lVaTd5TbDI4IzitrSLTbrshLUfJOiKxq2qylshKLltJG0KzqJG3qRV5CI8qqFkVFoidwGJgrEoQCHXGCnUHPjQ9QVhRxHk57zEuW1YzSZxJtQxpluJ9ZvfcjsjTV9qxMMijpLNqTt0YrA4m0Qwr5qeGnpooB2kVc1nkTiy7rYlovBK1pVcmGppeMBYk2%2F4LcW4PTAO4A7qeS8P3x4c2Kh1aTs1XGw9nZ2QPRpoPtJg3J2I%2BzWorXt4i5xBkVFnqnzBnmS%2FegBhLtX8u%2BU6YL8O2exXUI2efjcR%2Fvvx2OZL28mLC5N7f%2Bj8UyfT%2BwvC7G1yC92%2B6tVvJP9Mm6gfvbzhdEdfFpHmXecYMKjA%2BNaW1%2F3TvgHlbEuwlIur5afly%2F9V8%3D&RelayState=https%3A%2F%2Fauth.gointegro.com%2Fsaml2%2Fsp%2Flogin%2Fboehringeringelheim%3FredirectTo%3D%252Faccount%252Fjob-information%253Ffrom%253DSocialPostNotifyAll.callToAction.follow%2526type%253DSocialPostNotifyAll%2526event_id%253D1633926%253Fgo5-redirectTo%253D%25252Faccount%25252Fjob-information%25253Ffrom%25253DSocialPostNotifyAll.callToAction.follow%252526type%25253DSocialPostNotifyAll%252526event_id%25253D1633926&sso_reload=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.190.160.17 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H2 200 converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ 0
20 KB 28ms
10ms Other
text/css 2620:1ec:40::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css
Requested by: Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/e1f8af86-ee95-4718-bd0d-375b37366c83/saml2?SAMLRequest=fVLbahsxFPyVRe971XovwjY4MaWGtDWxm4e8BEl77BVopa2Otpe%2Fr7xOSQLFICQYnZlhhrNEPuiRbSbfm0f4MQH66PegDbL5Y0UmZ5jlqJAZPgAyL9lh8%2BWBFUnGRme9lVaTd5TbDI4IzitrSLTbrshLUfJOiKxq2qylshKLltJG0KzqJG3qRV5CI8qqFkVFoidwGJgrEoQCHXGCnUHPjQ9QVhRxHk57zEuW1YzSZxJtQxpluJ9ZvfcjsjTV9qxMMijpLNqTt0YrA4m0Qwr5qeGnpooB2kVc1nkTiy7rYlovBK1pVcmGppeMBYk2%2F4LcW4PTAO4A7qeS8P3x4c2Kh1aTs1XGw9nZ2QPRpoPtJg3J2I%2BzWorXt4i5xBkVFnqnzBnmS%2FegBhLtX8u%2BU6YL8O2exXUI2efjcR%2Fvvx2OZL28mLC5N7f%2Bj8UyfT%2BwvC7G1yC92%2B6tVvJP9Mm6gfvbzhdEdfFpHmXecYMKjA%2BNaW1%2F3TvgHlbEuwlIur5afly%2F9V8%3D&RelayState=https%3A%2F%2Fauth.gointegro.com%2Fsaml2%2Fsp%2Flogin%2Fboehringeringelheim%3FredirectTo%3D%252Faccount%252Fjob-information%253Ffrom%253DSocialPostNotifyAll.callToAction.follow%2526type%253DSocialPostNotifyAll%2526event_id%253D1633926%253Fgo5-redirectTo%253D%25252Faccount%25252Fjob-information%25253Ffrom%25253DSocialPostNotifyAll.callToAction.follow%252526type%25253DSocialPostNotifyAll%252526event_id%25253D1633926&sso_reload=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:40::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 19 Dec 2022 14:07:34 GMT
content-encoding: gzip
content-md5: 9K2/nGCj75WAmmAI9nZNCA==
x-cache: TCP_HIT
content-length: 19970
x-ms-lease-status: unlocked
last-modified: Thu, 04 Aug 2022 19:37:00 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA7650B37ACC3D
x-azure-ref: 0J3CgYwAAAACGTvX9wGWoSZjqhT7w5LosRlJBMjMxMDUwNDE4MDE3ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 623b6417-901e-0056-4362-13ae4c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 ux.converged.login.strings-de.min_jsryyy-ccnmmqx0k_uzbkw2.js
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ 0
15 KB 33ms
16ms Other
application/x-javascript 2620:1ec:40::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-de.min_jsryyy-ccnmmqx0k_uzbkw2.js
Requested by: Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/e1f8af86-ee95-4718-bd0d-375b37366c83/saml2?SAMLRequest=fVLbahsxFPyVRe971XovwjY4MaWGtDWxm4e8BEl77BVopa2Otpe%2Fr7xOSQLFICQYnZlhhrNEPuiRbSbfm0f4MQH66PegDbL5Y0UmZ5jlqJAZPgAyL9lh8%2BWBFUnGRme9lVaTd5TbDI4IzitrSLTbrshLUfJOiKxq2qylshKLltJG0KzqJG3qRV5CI8qqFkVFoidwGJgrEoQCHXGCnUHPjQ9QVhRxHk57zEuW1YzSZxJtQxpluJ9ZvfcjsjTV9qxMMijpLNqTt0YrA4m0Qwr5qeGnpooB2kVc1nkTiy7rYlovBK1pVcmGppeMBYk2%2F4LcW4PTAO4A7qeS8P3x4c2Kh1aTs1XGw9nZ2QPRpoPtJg3J2I%2BzWorXt4i5xBkVFnqnzBnmS%2FegBhLtX8u%2BU6YL8O2exXUI2efjcR%2Fvvx2OZL28mLC5N7f%2Bj8UyfT%2BwvC7G1yC92%2B6tVvJP9Mm6gfvbzhdEdfFpHmXecYMKjA%2BNaW1%2F3TvgHlbEuwlIur5afly%2F9V8%3D&RelayState=https%3A%2F%2Fauth.gointegro.com%2Fsaml2%2Fsp%2Flogin%2Fboehringeringelheim%3FredirectTo%3D%252Faccount%252Fjob-information%253Ffrom%253DSocialPostNotifyAll.callToAction.follow%2526type%253DSocialPostNotifyAll%2526event_id%253D1633926%253Fgo5-redirectTo%253D%25252Faccount%25252Fjob-information%25253Ffrom%25253DSocialPostNotifyAll.callToAction.follow%252526type%25253DSocialPostNotifyAll%252526event_id%25253D1633926&sso_reload=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:40::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 19 Dec 2022 14:07:34 GMT
content-encoding: gzip
content-md5: cijw/4ed1uLZXSj7Q1LY9Q==
x-cache: TCP_HIT
content-length: 15177
x-ms-lease-status: unlocked
last-modified: Wed, 16 Nov 2022 00:33:54 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DAC76A3E1EAA0C
x-azure-ref: 0J3CgYwAAAAD4Rbbek0UYR7s8fM+MYANuRlJBMjMxMDUwNDE4MDE3ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 14346a7f-b01e-003c-0d93-13e27b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 convergedlogin_pfetchsessionsprogress_85acbcb9234972130506.js Show response
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ 15 KB
6 KB 32ms
17ms Script
application/x-javascript 2620:1ec:40::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_85acbcb9234972130506.js
Requested by: Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_uKA_y1fjqWvYkTaFMejIZQ2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:40::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 28fa8f3ba41d8801e3d95e7128f5b2189a4344ebee1a56d4be7a313959f608e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 19 Dec 2022 14:07:34 GMT
content-encoding: gzip
content-md5: 4CzbHQsOMg8rU5bCeKMGlw==
x-cache: TCP_HIT
content-length: 5530
x-ms-lease-status: unlocked
last-modified: Tue, 15 Nov 2022 20:12:20 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DAC745B3600473
x-azure-ref: 0J3CgYwAAAADqWMYsA6M9S4FExlDtCya9RlJBMjMxMDUwNDE4MDE3ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: f3fa1441-d01e-0042-6276-13b266000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 marching_ants_white_166de53471265253ab3a456defe6da23.gif
aadcdn.msauth.net/shared/1.0/content/images/ 3 KB
3 KB 32ms
17ms Image
image/gif 2620:1ec:40::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msauth.net/shared/1.0/content/images/marching_ants_white_166de53471265253ab3a456defe6da23.gif
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:40::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 19 Dec 2022 14:07:34 GMT
content-md5: Fm3lNHEmUlOrOkVt7+baIw==
x-cache: TCP_HIT
content-length: 2672
x-ms-lease-status: unlocked
last-modified: Fri, 17 Jan 2020 19:28:37 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D79B83739984DD
x-azure-ref: 0J3CgYwAAAAATC7Ki1OhwR53bpmsGd+VXRlJBMjMxMDUwNDE4MDE3ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type: image/gif
access-control-allow-origin: *
x-ms-request-id: 0653b817-301e-008c-4876-13943f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
aadcdn.msauth.net/shared/1.0/content/images/ 4 KB
4 KB 23ms
9ms Image
image/gif 2620:1ec:40::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msauth.net/shared/1.0/content/images/marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:40::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 19 Dec 2022 14:07:34 GMT
content-md5: tUCo5RgDcZLjLE/li/Lbqw==
x-cache: TCP_HIT
content-length: 3620
x-ms-lease-status: unlocked
last-modified: Fri, 17 Jan 2020 19:28:38 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D79B8373B17F89
x-azure-ref: 0J3CgYwAAAAB/PL0QqzlORIbOmcSiPSMIRlJBMjMxMDUwNDE4MDE3ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type: image/gif
access-control-allow-origin: *
x-ms-request-id: d9d55998-901e-0012-5876-13d155000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 convergedlogin_pcustomizationloader_442ad4dbc9101c033d33.js Show response
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ 107 KB
32 KB 9ms
8ms Script
application/x-javascript 2620:1ec:40::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_442ad4dbc9101c033d33.js
Requested by: Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_uKA_y1fjqWvYkTaFMejIZQ2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:40::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4393c9a3f71c27bbf7fd0275513d128f1effdf2a88dbb4bf27c710daa30165ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 19 Dec 2022 14:07:34 GMT
content-encoding: gzip
content-md5: W8lUw496uzczhL0u7372yg==
x-cache: TCP_HIT
content-length: 32191
x-ms-lease-status: unlocked
last-modified: Tue, 15 Nov 2022 20:12:19 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DAC745B324D8CE
x-azure-ref: 0J3CgYwAAAACrCS6/2AvJQYmCKfTK4ZSXRlJBMjMxMDUwNDE4MDE3ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 625ae618-901e-0046-6d4f-131e6e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 illustration
aadcdn.msauthimages.net/c1c6b6c8-ksqqq7wpfjyofjl7-7uy75dumqd82o-u7czfecquqnu/logintenantbranding/0/ 154 KB
154 KB 73ms
8ms Image
image/* 152.199.23.72
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msauthimages.net/c1c6b6c8-ksqqq7wpfjyofjl7-7uy75dumqd82o-u7czfecquqnu/logintenantbranding/0/illustration?ts=636803113682155141
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.72 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4C96) /
Resource Hash: 5075c9f6f2efa5d6cb6c63cdbeb900c2ccc31b65f8e6c2ced007cf2ed7b3d845

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 19 Dec 2022 14:07:35 GMT
last-modified: Thu, 13 Dec 2018 15:22:48 GMT
server: ECAcc (frc/4C96)
content-md5: VxKbvhNA0IbAG9Rzr9+IUg==
age: 21366
etag: 0x8D6610ED73BB1CA
x-cache: HIT
content-type: image/*
x-ms-request-id: 4a1e8492-b01e-001d-1b81-13f5d8000000
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
content-length: 157578

GET
H2 200 bannerlogo
aadcdn.msauthimages.net/c1c6b6c8-ksqqq7wpfjyofjl7-7uy75dumqd82o-u7czfecquqnu/logintenantbranding/0/ 6 KB
6 KB 86ms
21ms Image
image/* 152.199.23.72
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msauthimages.net/c1c6b6c8-ksqqq7wpfjyofjl7-7uy75dumqd82o-u7czfecquqnu/logintenantbranding/0/bannerlogo?ts=636803113694844623
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.72 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CA6) /
Resource Hash: f1d36f0a4a7522492bf1334071d463bd528b7862b240c9de1fb0bd339321416a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 19 Dec 2022 14:07:35 GMT
last-modified: Thu, 13 Dec 2018 15:22:49 GMT
server: ECAcc (frc/4CA6)
content-md5: YqOxnyn0BNi+22qG+DBzSQ==
age: 23526
etag: 0x8D6610ED7D46D50
x-cache: HIT
content-type: image/*
x-ms-request-id: 6409dae7-601e-0050-347c-13333a000000
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
content-length: 6297

GET
H2 200 marching_ants_white_166de53471265253ab3a456defe6da23.gif
aadcdn.msauth.net/shared/1.0/content/images/ 3 KB
3 KB 9ms
9ms Image
image/gif 2620:1ec:40::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msauth.net/shared/1.0/content/images/marching_ants_white_166de53471265253ab3a456defe6da23.gif
Requested by: Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_uKA_y1fjqWvYkTaFMejIZQ2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:40::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 19 Dec 2022 14:07:34 GMT
content-md5: Fm3lNHEmUlOrOkVt7+baIw==
x-cache: TCP_HIT
content-length: 2672
x-ms-lease-status: unlocked
last-modified: Fri, 17 Jan 2020 19:28:37 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D79B83739984DD
x-azure-ref: 0J3CgYwAAAAB4aJ79FTPaSrlkuhWrcT/PRlJBMjMxMDUwNDE4MDE3ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type: image/gif
access-control-allow-origin: *
x-ms-request-id: 0653b817-301e-008c-4876-13943f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
aadcdn.msauth.net/shared/1.0/content/images/ 4 KB
4 KB 9ms
8ms Image
image/gif 2620:1ec:40::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msauth.net/shared/1.0/content/images/marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
Requested by: Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_uKA_y1fjqWvYkTaFMejIZQ2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:40::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 19 Dec 2022 14:07:34 GMT
content-md5: tUCo5RgDcZLjLE/li/Lbqw==
x-cache: TCP_HIT
content-length: 3620
x-ms-lease-status: unlocked
last-modified: Fri, 17 Jan 2020 19:28:38 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D79B8373B17F89
x-azure-ref: 0J3CgYwAAAADupiJLU5I9QYHH7IiH53thRlJBMjMxMDUwNDE4MDE3ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type: image/gif
access-control-allow-origin: *
x-ms-request-id: d9d55998-901e-0012-5876-13d155000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H/1.1 401
Unauthorized ssoprobe
autologon.microsoftazuread-sso.com/e1f8af86-ee95-4718-bd0d-375b37366c83/winauth/ 12 B
1 KB 117ms
29ms Image
image/png 2603:1027:1:d8::5
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://autologon.microsoftazuread-sso.com/e1f8af86-ee95-4718-bd0d-375b37366c83/winauth/ssoprobe?client-request-id=bbf2afac-4d1f-4125-b5c7-80583116086a&_=1671458855520

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2603:1027:1:d8::5 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 14:07:34 GMT
X-Content-Type-Options: nosniff
WWW-Authenticate: Negotiate
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Content-Length: 12
X-XSS-Protection: 0
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Vary: Origin
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: image/png; charset=utf-8
Access-Control-Allow-Origin: https://login.microsoftonline.com
x-ms-request-id: d54aea83-724e-45ac-954f-e78acbb36b00
Cache-Control: no-store, no-cache
Access-Control-Allow-Credentials: true
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub2"}]}
x-ms-ests-server: 2.1.14357.7 - NEULR1 ProdSlices
Expires: -1

POST
H/1.1 200
OK dssostatus Show response
login.microsoftonline.com/common/instrumentation/ 264 B
1 KB 35ms
34ms XHR
application/json 20.190.160.22
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.microsoftonline.com/common/instrumentation/dssostatus

Requested by

Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_uKA_y1fjqWvYkTaFMejIZQ2.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.190.160.22 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e4af931da364b0b9e93074506fc9e15f447fec96b0576d8be5e3e53397626d20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

hpgrequestid: d0fe1395-b508-4df3-8fb6-a13122c36d00
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
client-request-id: bbf2afac-4d1f-4125-b5c7-80583116086a
canary: AQABAAAAAAD--DLA3VO7QrddgJg7WevraA9_AO_3LUW9MW7Di-eAuk2Z8mSnCHCs1i3_0TZHNj1XV_f-I8xJ4ZeaPhiICZcoctxDmILzljASX1JHTwH2hMNXdgK1jIIDg3ws1IgG-VgK9M72GtyCRSActdFHmF-1x4j6fYXtt_DJGyYfWaWPO-5DZzOvv7qaLmMKqx32pErQXpPxRgGuWfb2OCy5RKjuP2r2nl6t427IJ3HHsYbpYyAA
Content-type: application/json; charset=UTF-8
hpgid: 1104
Accept: application/json
Referer: https://login.microsoftonline.com/e1f8af86-ee95-4718-bd0d-375b37366c83/saml2?SAMLRequest=fVLbahsxFPyVRe971XovwjY4MaWGtDWxm4e8BEl77BVopa2Otpe%2Fr7xOSQLFICQYnZlhhrNEPuiRbSbfm0f4MQH66PegDbL5Y0UmZ5jlqJAZPgAyL9lh8%2BWBFUnGRme9lVaTd5TbDI4IzitrSLTbrshLUfJOiKxq2qylshKLltJG0KzqJG3qRV5CI8qqFkVFoidwGJgrEoQCHXGCnUHPjQ9QVhRxHk57zEuW1YzSZxJtQxpluJ9ZvfcjsjTV9qxMMijpLNqTt0YrA4m0Qwr5qeGnpooB2kVc1nkTiy7rYlovBK1pVcmGppeMBYk2%2F4LcW4PTAO4A7qeS8P3x4c2Kh1aTs1XGw9nZ2QPRpoPtJg3J2I%2BzWorXt4i5xBkVFnqnzBnmS%2FegBhLtX8u%2BU6YL8O2exXUI2efjcR%2Fvvx2OZL28mLC5N7f%2Bj8UyfT%2BwvC7G1yC92%2B6tVvJP9Mm6gfvbzhdEdfFpHmXecYMKjA%2BNaW1%2F3TvgHlbEuwlIur5afly%2F9V8%3D&RelayState=https%3A%2F%2Fauth.gointegro.com%2Fsaml2%2Fsp%2Flogin%2Fboehringeringelheim%3FredirectTo%3D%252Faccount%252Fjob-information%253Ffrom%253DSocialPostNotifyAll.callToAction.follow%2526type%253DSocialPostNotifyAll%2526event_id%253D1633926%253Fgo5-redirectTo%253D%25252Faccount%25252Fjob-information%25253Ffrom%25253DSocialPostNotifyAll.callToAction.follow%252526type%25253DSocialPostNotifyAll%252526event_id%25253D1633926&sso_reload=true
hpgact: 1900

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Date: Mon, 19 Dec 2022 14:07:35 GMT
X-Content-Type-Options: nosniff
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
client-request-id: bbf2afac-4d1f-4125-b5c7-80583116086a
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Content-Length: 264
X-XSS-Protection: 0
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Access-Control-Allow-Methods: POST, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://autologon.microsoftazuread-sso.com/
x-ms-request-id: c24411da-2744-4a70-83c1-19f389ea5e00
Cache-Control: no-store, no-cache
Access-Control-Allow-Credentials: true
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
x-ms-ests-server: 2.1.14357.7 - NEULR2 ProdSlices
Expires: -1

GET
H2 200 signin-options_4e48046ce74f4b89d45037c90576bfac.svg
aadcdn.msauth.net/shared/1.0/content/images/ 2 KB
985 B 9ms
9ms Image
image/svg+xml 2620:1ec:40::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msauth.net/shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:40::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 19 Dec 2022 14:07:35 GMT
content-encoding: gzip
content-md5: R2FAVxfpONfnQAuxVxXbHg==
x-cache: TCP_HIT
content-length: 621
x-ms-lease-status: unlocked
last-modified: Tue, 10 Nov 2020 03:41:24 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D8852A7FA6B761
x-azure-ref: 0J3CgYwAAAAC3l+HkfO/QRav5V7/vakQwRlJBMjMxMDUwNDE4MDE3ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: baebbaf2-101e-001a-5593-138944000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.gointegro.com/	1970-01-20 17:03:14	Name: rl_user_id Value: RudderEncrypt%3AU2FsdGVkX18v4BgLQZIWbI6i8wM4X1MlNQbUCSrE5z0%3D
.gointegro.com/	1970-01-20 17:03:14	Name: rl_anonymous_id Value: RudderEncrypt%3AU2FsdGVkX19tkT3GRivnkgfJAjQWLrHW4cNYNyPA8jCQIMe5UAlywTLk3XCCJkZYCP8vbSLGRzNfG2ZYRVTeYg%3D%3D
.gointegro.com/	1970-01-20 17:03:14	Name: rl_group_id Value: RudderEncrypt%3AU2FsdGVkX1%2BnlF08ZbRGhOU8dYPfQqOg%2BOWMtrkGZQc%3D
.gointegro.com/	1970-01-20 17:03:14	Name: rl_trait Value: RudderEncrypt%3AU2FsdGVkX1%2BQsWBSn0Y9B9VuWu8%2BzmVOs3LwXhW5Y1c%3D
.gointegro.com/	1970-01-20 17:03:14	Name: rl_group_trait Value: RudderEncrypt%3AU2FsdGVkX19qpmq6NIrd7crQyrJO%2B%2Be5Mkc2JsYZJ60%3D
.gointegro.com/	1970-01-20 17:03:14	Name: rl_page_init_referrer Value: RudderEncrypt%3AU2FsdGVkX187h7jzlCyeQY09ZvZ%2FvuckZbxvEh5gLac%3D
.gointegro.com/	1970-01-20 17:03:14	Name: rl_page_init_referring_domain Value: RudderEncrypt%3AU2FsdGVkX18s0b2qqO35MPbZHyJ6fpaccXpVtdbrGko%3D
auth.gointegro.com/	1969-12-31 23:59:59	Name: gosaml2ses Value: 90fa558e972bd019f446b95994bd91e3
login.microsoftonline.com/	1969-12-31 23:59:59	Name: x-ms-gateway-slice Value: estsfd
login.microsoftonline.com/	1969-12-31 23:59:59	Name: stsservicecookie Value: estsfd
.login.microsoftonline.com/	1969-12-31 23:59:59	Name: AADSSO Value: NA\|NoExtension
login.microsoftonline.com/	1970-01-20 08:17:38	Name: SSOCOOKIEPULLED Value: 1
login.microsoftonline.com/	1970-01-20 09:00:50	Name: buid Value: 0.AS8Ahq_44ZXuGEe9DTdbNzZsgxvg8yNdJphIiIPbeMiTWgYvAAA.AQABAAEAAAD--DLA3VO7QrddgJg7WevrLLmI-HDEaomO327fblvYr3e7cwPzKwkcdXVV-g4QWWxrK-q7ndTJvD9RnsgsEKYmWAB3VwmMqYZShxMUAPzmkcM54BQZuLxTKC5ifmpoPu8gAA
login.microsoftonline.com/	1970-01-20 09:00:50	Name: fpc Value: AkHLVhCD3U5Ps4u4lNo7M0WwK_lmAQAAACZnMtsOAAAA
.login.microsoftonline.com/	1969-12-31 23:59:59	Name: esctx Value: PAQABAAEAAAD--DLA3VO7QrddgJg7Wevr_JYj1Kb5xd2084oTeVkwoe9RWBCXighkLBiEPa9hq2pq1TGEP_DvyTVcZD1wvB5KMUfuOpUwn3CSU2_Y7v08uL_9Dec8Oyd2XsINWg-8Iqz-ouSPMfpMvdoMawa3fLGgIi8sGyYIm7qvnmI1rQIg-PNaXcoEljnBf5VqJKj30k4gAA
.login.live.com/	1969-12-31 23:59:59	Name: uaid Value: c4b1dae32e67410fb21e3c2884ef9daf
.login.live.com/	1969-12-31 23:59:59	Name: MSPRequ Value: id=N&lt=1671458855&co=1
.login.microsoftonline.com/	1970-01-20 17:39:14	Name: brcap Value: 0
autologon.microsoftazuread-sso.com/	1970-01-20 09:00:50	Name: fpc Value: AvnBHfTRl65NudY3twd6OLo
autologon.microsoftazuread-sso.com/	1969-12-31 23:59:59	Name: x-ms-gateway-slice Value: estsfd
autologon.microsoftazuread-sso.com/	1969-12-31 23:59:59	Name: stsservicecookie Value: estsfd

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://boehringeringelheim.gointegro.com/account/job-information?from=SocialPostNotifyAll.callToAction.follow&type=SocialPostNotifyAll&event_id=1633926(Line 11) Message: The Content Security Policy directive 'report-uri' is ignored when delivered via a <meta> element.
security	error	URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js(Line 234) Message: The Content Security Policy directive 'report-uri' is ignored when delivered via a <meta> element.
security	error	URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js(Line 56) Message: The Content Security Policy directive 'report-uri' is ignored when delivered via a <meta> element.
security	error	URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js(Line 56) Message: The Content Security Policy directive 'report-uri' is ignored when delivered via a <meta> element.
security	error	URL: https://widget.intercom.io/widget/undefined Message: The Content Security Policy directive 'report-uri' is ignored when delivered via a <meta> element.
security	error	URL: https://widget.intercom.io/widget/undefined Message: The Content Security Policy directive 'report-uri' is ignored when delivered via a <meta> element.
network	error	URL: https://autologon.microsoftazuread-sso.com/e1f8af86-ee95-4718-bd0d-375b37366c83/winauth/ssoprobe?client-request-id=bbf2afac-4d1f-4125-b5c7-80583116086a&_=1671458855520 Message: Failed to load resource: the server responded with a status of 401 (Unauthorized)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msauth.net
aadcdn.msauthimages.net
auth.gointegro.com
autologon.microsoftazuread-sso.com
boehringeringelheim.gointegro.com
fonts.gstatic.com
js.intercomcdn.com
login.live.com
login.microsoftonline.com
rudderstack.gointegro.com
widget.intercom.io
www.google.com
www.gstatic.com
13.32.110.59
13.32.27.26
152.199.23.72
18.66.15.46
20.190.160.17
20.190.160.22
2603:1027:1:d8::5
2620:1ec:40::44
2a00:1450:4001:808::2003
2a00:1450:4001:808::2004
2a00:1450:400d:80e::2003
34.198.0.23
52.7.119.159
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
20e10c66f9a40f9465379898dd376c26657ec3a63b0e847b54654008b25213d5
28fa8f3ba41d8801e3d95e7128f5b2189a4344ebee1a56d4be7a313959f608e1
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4393c9a3f71c27bbf7fd0275513d128f1effdf2a88dbb4bf27c710daa30165ea
4475a08c95b869199ca5bdbc8493bcdb1e5dca212d29d234117c32b32444ba11
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
5075c9f6f2efa5d6cb6c63cdbeb900c2ccc31b65f8e6c2ced007cf2ed7b3d845
5255215fc9650f66c264fa708aba7cdf62a4d4933396e5e920c8b2ef2b0d7661
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5bfbfba198f97a79d1216028edd4b4eaced9ff8a0a9b21fceb7d9b8e7f7049d8
5cb5c6089e875220c58112d066b25ca0e46e1e3e1e46bc84f457c0bb821380e4
6dc9810fa0a9551a31d7a5ad428952b917c211475113620a461cdb5efb2d5993
6fa5e9af7910a9b2832735b060a8aac13f92e07884461121873c6cd0345d7275
7647724bcc7afde27000c02ce20b80535467b8f60f1330013a1ee3b575479a81
865bec2a751c6f2113d0073062f8348e0ba0f5d4cca66486d55face997f92b97
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d
89d406b02758799cff68155930829b69a9fb49c39de3e264de966466d8cc7814
8b41f2b0be7edb5ed222f3b95052927d0dd0679ff66531a45e80ab8a2cc0d222
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
a05d0ce2d4e0362a2f8ccb19986bf36f455d3ec6feaf4d2018eb112fae2b34f5
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13
b10f6cd0cdba7fe93b6de6bbd8a6ac64b6bbf51fcd593340f57ad36b0c15299f
b6ab8fef28c981674ccc7ea80a09bf7a58e78702056331817266c8514b938b56
c5872ce7e2c6192ac1e070abb5450b42649312b726c1513e5714f08a93922de7
c63fde46af7a8036a16f60b9385e38ccb26f30770d8f32e6c8478e26a26c4992
d007ff6e95c5488b7acbe34feca9e092a3011e3d0f3e3a19b43df2e27e02f682
d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f
d8afcaab0d82d71c0ac7ff997662e99c703f6bc45344202132069d4f925a3972
d8e4456ca7a9e1856bd77dc13c98b06efff4e1172e001374597139af07ac44e3
e2dbfe5552c39d69a40a1193b9e031db9820b887252d681cc6b74fd12fcdef0e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4af931da364b0b9e93074506fc9e15f447fec96b0576d8be5e3e53397626d20
ef3658c47549924c074af293ee968da6063231eeaf0b6ca7491015bcbac89abc
f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20
f1d36f0a4a7522492bf1334071d463bd528b7862b240c9de1fb0bd339321416a
fd35c0093c383a6aff46184757d65d881593a8bfa1815a86c4571a706d032fb2

login.microsoftonline.com Open in urlscan Pro 20.190.160.22 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

47 Requests

100 %HTTPS

38 %IPv6

10 Domains

13 Subdomains

12 IPs

4 Countries

2092 kBTransfer

6580 kBSize

21 Cookies

3 Outgoing links

Page URL History

Redirected requests

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

login.microsoftonline.com Open in urlscan Pro
20.190.160.22 Public Scan

Screenshot
Live screenshot

Full Image

47
Requests

100 %
HTTPS

38 %
IPv6

10
Domains

13
Subdomains

12
IPs

4
Countries

2092 kB
Transfer

6580 kB
Size

21
Cookies

47 HTTP transactions
0 data transactions