urlscan.io logo urlscan.io
SecurityTrails logo

login.microsoftonline.com Open in urlscan Pro
20.190.159.72  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bjc.culturenxt.com/
Effective URL: https://login.microsoftonline.com/1984aac0-7e83-4a2b-925d-f834a5a9cbd4/saml2?SAMLRequest=hZJPT%2BMwEMW%2FiuV7%2FrkuTaymqCxCi8SKioY...
Submission: On February 17 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 4 countries across 10 domains to perform 35 HTTP transactions. The main IP is 20.190.159.72, located in Dublin, Ireland and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.microsoftonline.com. The Cisco Umbrella rank of the primary domain is 27.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on December 1st 2022. Valid for: a year.
This is the only time login.microsoftonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
14 34.107.177.173 396982 (GOOGLE-CL...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
2 2600:9000:223... 16509 (AMAZON-02)
1 34.120.236.141 396982 (GOOGLE-CL...)
1 1 34.120.16.65 396982 (GOOGLE-CL...)
2 20.190.159.72 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
8 2620:1ec:29:1... 8075 (MICROSOFT...)
1 40.126.32.134 8075 (MICROSOFT...)
35 12
14    34.107.177.173 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 173.177.107.34.bc.googleusercontent.com
bjc.culturenxt.com
2    2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:400d:80a::200e (Ireland)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    2600:9000:223d:ce00:2:49a2:4500:93a1 (United States)

ASN16509 (AMAZON-02, US)
assets4.lottiefiles.com
1    34.120.236.141 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 141.236.120.34.bc.googleusercontent.com
app-cdn.culturenxt.com
1    34.120.16.65 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.16.120.34.bc.googleusercontent.com
saml-api.salesnext.com
2    20.190.159.72 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com
1    2a00:1450:400d:808::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
8    2620:1ec:29:1::44 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aadcdn.msauth.net
1    40.126.32.134 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.live.com
Apex Domain
Subdomains		 Transfer
15 culturenxt.com
bjc.culturenxt.com
app-cdn.culturenxt.com
751 KB
8 msauth.net
aadcdn.msauth.net — Cisco Umbrella Rank: 1172
217 KB
2 microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 27
107 KB
2 lottiefiles.com
assets4.lottiefiles.com — Cisco Umbrella Rank: 204922
11 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
region1.google-analytics.com — Cisco Umbrella Rank: 2506
20 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 50
145 KB
1 live.com
login.live.com — Cisco Umbrella Rank: 90
1 gstatic.com
fonts.gstatic.com
24 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 43
1001 B
1 salesnext.com
saml-api.salesnext.com — Cisco Umbrella Rank: 467391
975 B
35 10
Domain Requested by
14 bjc.culturenxt.com bjc.culturenxt.com
8 aadcdn.msauth.net login.microsoftonline.com
aadcdn.msauth.net
2 login.microsoftonline.com bjc.culturenxt.com
login.microsoftonline.com
2 assets4.lottiefiles.com bjc.culturenxt.com
2 www.googletagmanager.com bjc.culturenxt.com
www.googletagmanager.com
1 login.live.com login.microsoftonline.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com bjc.culturenxt.com
1 saml-api.salesnext.com 1 redirects
1 app-cdn.culturenxt.com bjc.culturenxt.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.google-analytics.com www.googletagmanager.com
35 12

This site contains links to these domains. Also see Links.

Domain
www.microsoft.com
privacy.microsoft.com
Subject Issuer Validity Valid
fieldawards.culturenxt.com
GTS CA 1D4		 2022-12-25 -
2023-03-25		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
*.lottiefiles.com
Amazon		 2022-09-25 -
2023-10-23		 a year crt.sh
app-cdn.culturenxt.com
GTS CA 1D4		 2023-01-07 -
2023-04-07		 3 months crt.sh
stamp2.login.microsoftonline.com
DigiCert SHA2 Secure Server CA		 2022-12-01 -
2023-12-01		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
aadcdn.msauth.net
DigiCert SHA2 Secure Server CA		 2023-01-27 -
2024-01-27		 a year crt.sh
login.live.com
DigiCert SHA2 Secure Server CA		 2023-01-02 -
2024-01-02		 a year crt.sh

This page contains 1 frames:

Primary Page: https://login.microsoftonline.com/1984aac0-7e83-4a2b-925d-f834a5a9cbd4/saml2?SAMLRequest=hZJPT%2BMwEMW%2FiuV7%2FrkuTaymqCxCi8SKioY9cJu4k%2BBVYgePU%2FHxCWmrZS%2Fs0Xpv3tPMz%2Bvr975jR%2FRknC15FqecodXuYGxb8ufqLsr59WZN0HdiUNsxvNonfBuRApsGLamTUvLRW%2BWADCkLPZIKWu23vx6UiFM1eBecdh1nWyL0Yar64SyNPfo9%2BqPR%2BPz0UPLXEAZSSfIZGcFgYoIOyeJ7iLXrEz%2BVzlpC5BLoDFBS%2F9Gc3U6CsRDmDS4hnWuNjXujvSPXBGc7Y3HOyYpcAug0WmG%2BiCSIOirE8hA1%2BULCEgpdH%2BTcIzi7c17jvHXJG%2BgIObu%2FLTnIZVvL1DQ5AOKhWRVykTW1LNq2aa4mD%2B2AyBzx7xTRiPeWAthQcpGKRZSKKFtVmVQiUzKPU5G%2BcLY7n%2BrG2BOC7%2B5an0ykflbVLto97ivOfl9QTgZ%2BBqfmdv%2BV2PfBcMHEN%2F%2BBcuIxfIJYJ1%2FLNufnv59m8wE%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=GtLzyerO5bDtGAlf9FPyNdCGCLWQz%2BZY2gfGmc4YTQELLGZLMTtlysFRdxgGSGqWlI%2Fgzcaj3EtY1%2B2dH8ljp0Rql9QXp1NxY7MfXAgfLuEy8HFnZBYi%2BH2oyNR3xLkV39d9GmYWNYeBKM8XzJtzSvShPEy29dZWWhphAwpmur7Fk90xEdoo0oCwgDWuh9tTWbBeZF6JUez4WhNnxsTYG2yZZRygY6Ow2A1O6EVZVnEzQaKDaxS4PNdNQyhNFqeEThM%2FN4JfrHZk%2FY07z%2FcV%2FE2o4CdAw9axstsgviZ8TUdQSKNalotEE2wm1yJ0FkmHfnQwTL92clrdB7NwuOITTA%3D%3D&sso_reload=true
Frame ID: E1C9BD4D63D5A22183F2138F3DAF772B
Requests: 36 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bei Ihrem Konto anmelden

Page URL History Show full URLs

  1. https://bjc.culturenxt.com/ Page URL
  2. https://saml-api.salesnext.com/rest/saml/login/projects/bjc HTTP 302
    https://login.microsoftonline.com/1984aac0-7e83-4a2b-925d-f834a5a9cbd4/saml2?SAMLRequest=hZJPT%2BMwEMW%2FiuV7%... Page URL
  3. https://login.microsoftonline.com/1984aac0-7e83-4a2b-925d-f834a5a9cbd4/saml2?SAMLRequest=hZJPT%2BMwEMW%2FiuV7%... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /_nuxt/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

35
Requests

97 %
HTTPS

58 %
IPv6

10
Domains

12
Subdomains

12
IPs

4
Countries

1276 kB
Transfer

4910 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bjc.culturenxt.com/ Page URL
  2. https://saml-api.salesnext.com/rest/saml/login/projects/bjc HTTP 302
    https://login.microsoftonline.com/1984aac0-7e83-4a2b-925d-f834a5a9cbd4/saml2?SAMLRequest=hZJPT%2BMwEMW%2FiuV7%2FrkuTaymqCxCi8SKioY9cJu4k%2BBVYgePU%2FHxCWmrZS%2Fs0Xpv3tPMz%2Bvr975jR%2FRknC15FqecodXuYGxb8ufqLsr59WZN0HdiUNsxvNonfBuRApsGLamTUvLRW%2BWADCkLPZIKWu23vx6UiFM1eBecdh1nWyL0Yar64SyNPfo9%2BqPR%2BPz0UPLXEAZSSfIZGcFgYoIOyeJ7iLXrEz%2BVzlpC5BLoDFBS%2F9Gc3U6CsRDmDS4hnWuNjXujvSPXBGc7Y3HOyYpcAug0WmG%2BiCSIOirE8hA1%2BULCEgpdH%2BTcIzi7c17jvHXJG%2BgIObu%2FLTnIZVvL1DQ5AOKhWRVykTW1LNq2aa4mD%2B2AyBzx7xTRiPeWAthQcpGKRZSKKFtVmVQiUzKPU5G%2BcLY7n%2BrG2BOC7%2B5an0ykflbVLto97ivOfl9QTgZ%2BBqfmdv%2BV2PfBcMHEN%2F%2BBcuIxfIJYJ1%2FLNufnv59m8wE%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=GtLzyerO5bDtGAlf9FPyNdCGCLWQz%2BZY2gfGmc4YTQELLGZLMTtlysFRdxgGSGqWlI%2Fgzcaj3EtY1%2B2dH8ljp0Rql9QXp1NxY7MfXAgfLuEy8HFnZBYi%2BH2oyNR3xLkV39d9GmYWNYeBKM8XzJtzSvShPEy29dZWWhphAwpmur7Fk90xEdoo0oCwgDWuh9tTWbBeZF6JUez4WhNnxsTYG2yZZRygY6Ow2A1O6EVZVnEzQaKDaxS4PNdNQyhNFqeEThM%2FN4JfrHZk%2FY07z%2FcV%2FE2o4CdAw9axstsgviZ8TUdQSKNalotEE2wm1yJ0FkmHfnQwTL92clrdB7NwuOITTA%3D%3D Page URL
  3. https://login.microsoftonline.com/1984aac0-7e83-4a2b-925d-f834a5a9cbd4/saml2?SAMLRequest=hZJPT%2BMwEMW%2FiuV7%2FrkuTaymqCxCi8SKioY9cJu4k%2BBVYgePU%2FHxCWmrZS%2Fs0Xpv3tPMz%2Bvr975jR%2FRknC15FqecodXuYGxb8ufqLsr59WZN0HdiUNsxvNonfBuRApsGLamTUvLRW%2BWADCkLPZIKWu23vx6UiFM1eBecdh1nWyL0Yar64SyNPfo9%2BqPR%2BPz0UPLXEAZSSfIZGcFgYoIOyeJ7iLXrEz%2BVzlpC5BLoDFBS%2F9Gc3U6CsRDmDS4hnWuNjXujvSPXBGc7Y3HOyYpcAug0WmG%2BiCSIOirE8hA1%2BULCEgpdH%2BTcIzi7c17jvHXJG%2BgIObu%2FLTnIZVvL1DQ5AOKhWRVykTW1LNq2aa4mD%2B2AyBzx7xTRiPeWAthQcpGKRZSKKFtVmVQiUzKPU5G%2BcLY7n%2BrG2BOC7%2B5an0ykflbVLto97ivOfl9QTgZ%2BBqfmdv%2BV2PfBcMHEN%2F%2BBcuIxfIJYJ1%2FLNufnv59m8wE%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=GtLzyerO5bDtGAlf9FPyNdCGCLWQz%2BZY2gfGmc4YTQELLGZLMTtlysFRdxgGSGqWlI%2Fgzcaj3EtY1%2B2dH8ljp0Rql9QXp1NxY7MfXAgfLuEy8HFnZBYi%2BH2oyNR3xLkV39d9GmYWNYeBKM8XzJtzSvShPEy29dZWWhphAwpmur7Fk90xEdoo0oCwgDWuh9tTWbBeZF6JUez4WhNnxsTYG2yZZRygY6Ow2A1O6EVZVnEzQaKDaxS4PNdNQyhNFqeEThM%2FN4JfrHZk%2FY07z%2FcV%2FE2o4CdAw9axstsgviZ8TUdQSKNalotEE2wm1yJ0FkmHfnQwTL92clrdB7NwuOITTA%3D%3D&sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • https://saml-api.salesnext.com/rest/saml/login/projects/bjc HTTP 302
  • https://login.microsoftonline.com/1984aac0-7e83-4a2b-925d-f834a5a9cbd4/saml2?SAMLRequest=hZJPT%2BMwEMW%2FiuV7%2FrkuTaymqCxCi8SKioY9cJu4k%2BBVYgePU%2FHxCWmrZS%2Fs0Xpv3tPMz%2Bvr975jR%2FRknC15FqecodXuYGxb8ufqLsr59WZN0HdiUNsxvNonfBuRApsGLamTUvLRW%2BWADCkLPZIKWu23vx6UiFM1eBecdh1nWyL0Yar64SyNPfo9%2BqPR%2BPz0UPLXEAZSSfIZGcFgYoIOyeJ7iLXrEz%2BVzlpC5BLoDFBS%2F9Gc3U6CsRDmDS4hnWuNjXujvSPXBGc7Y3HOyYpcAug0WmG%2BiCSIOirE8hA1%2BULCEgpdH%2BTcIzi7c17jvHXJG%2BgIObu%2FLTnIZVvL1DQ5AOKhWRVykTW1LNq2aa4mD%2B2AyBzx7xTRiPeWAthQcpGKRZSKKFtVmVQiUzKPU5G%2BcLY7n%2BrG2BOC7%2B5an0ykflbVLto97ivOfl9QTgZ%2BBqfmdv%2BV2PfBcMHEN%2F%2BBcuIxfIJYJ1%2FLNufnv59m8wE%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=GtLzyerO5bDtGAlf9FPyNdCGCLWQz%2BZY2gfGmc4YTQELLGZLMTtlysFRdxgGSGqWlI%2Fgzcaj3EtY1%2B2dH8ljp0Rql9QXp1NxY7MfXAgfLuEy8HFnZBYi%2BH2oyNR3xLkV39d9GmYWNYeBKM8XzJtzSvShPEy29dZWWhphAwpmur7Fk90xEdoo0oCwgDWuh9tTWbBeZF6JUez4WhNnxsTYG2yZZRygY6Ow2A1O6EVZVnEzQaKDaxS4PNdNQyhNFqeEThM%2FN4JfrHZk%2FY07z%2FcV%2FE2o4CdAw9axstsgviZ8TUdQSKNalotEE2wm1yJ0FkmHfnQwTL92clrdB7NwuOITTA%3D%3D

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
bjc.culturenxt.com/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bjc.culturenxt.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.177.173 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
173.177.107.34.bc.googleusercontent.com
Software
/
Resource Hash
30bef88beccfc8bde336579249b0b75ab3275f8a9de83948ca05273308f0f5a7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 17 Feb 2023 14:21:45 GMT
etag
"fd1-Uq+9ooDenYeGq08X7tBc7Q5cFa8"
vary
Accept-Encoding
via
1.1 google
nr-browser-agent.js
bjc.culturenxt.com/ 		30 B
206 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bjc.culturenxt.com/nr-browser-agent.js
Requested by
Host: bjc.culturenxt.com
URL: https://bjc.culturenxt.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.177.173 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
173.177.107.34.bc.googleusercontent.com
Software
/
Resource Hash
9a981e9f2b067549c3862152bdc29a99f6a066cb3a061b5b401b9e29c631284f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bjc.culturenxt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Fri, 17 Feb 2023 14:21:45 GMT
content-encoding
gzip
via
1.1 google
last-modified
Wed, 01 Feb 2023 21:12:56 GMT
etag
W/"1e-1860ed353c0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
f85d3b3.js
bjc.culturenxt.com/_nuxt/ 		29 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bjc.culturenxt.com/_nuxt/f85d3b3.js
Requested by
Host: bjc.culturenxt.com
URL: https://bjc.culturenxt.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.177.173 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
173.177.107.34.bc.googleusercontent.com
Software
/
Resource Hash
952102f0e0962b3f89928274e5064c67d5edbfa22519dd79f67ebaccf8214b94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bjc.culturenxt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Fri, 17 Feb 2023 14:21:45 GMT
content-encoding
gzip
via
1.1 google
last-modified
Wed, 01 Feb 2023 21:23:27 GMT
etag
W/"7479-1860edcf498"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cbcedcc.js
bjc.culturenxt.com/_nuxt/ 		351 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bjc.culturenxt.com/_nuxt/cbcedcc.js
Requested by
Host: bjc.culturenxt.com
URL: https://bjc.culturenxt.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.177.173 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
173.177.107.34.bc.googleusercontent.com
Software
/
Resource Hash
68f81e91bce31a4f0d78f0c301093293c37336fee09c13c26c58dab9ee84a6e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bjc.culturenxt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Fri, 17 Feb 2023 14:21:45 GMT
content-encoding
gzip
via
1.1 google
last-modified
Wed, 01 Feb 2023 21:23:27 GMT
etag
W/"57a28-1860edcf498"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
d4e133b.js
bjc.culturenxt.com/_nuxt/ 		2 MB
466 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bjc.culturenxt.com/_nuxt/d4e133b.js
Requested by
Host: bjc.culturenxt.com
URL: https://bjc.culturenxt.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.177.173 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
173.177.107.34.bc.googleusercontent.com
Software
/
Resource Hash
dcb688067fbd9acf0b2a37382ab3b93dc01ee68858698a6a9dc91460f448ba4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bjc.culturenxt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Fri, 17 Feb 2023 14:21:45 GMT
content-encoding
gzip
via
1.1 google
last-modified
Wed, 01 Feb 2023 21:23:27 GMT
etag
W/"1e759c-1860edcf498"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
3a002b8.js
bjc.culturenxt.com/_nuxt/ 		836 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bjc.culturenxt.com/_nuxt/3a002b8.js
Requested by
Host: bjc.culturenxt.com
URL: https://bjc.culturenxt.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.177.173 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
173.177.107.34.bc.googleusercontent.com
Software
/
Resource Hash
49059b0308002b2479aa9652e970740268b127e0924655cd917a42b1c898ed36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bjc.culturenxt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Fri, 17 Feb 2023 14:21:45 GMT
content-encoding
gzip
via
1.1 google
last-modified
Wed, 01 Feb 2023 21:23:27 GMT
etag
W/"d0fbf-1860edcf498"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
gtm.js
www.googletagmanager.com/ 		263 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NRLFHJK
Requested by
Host: bjc.culturenxt.com
URL: https://bjc.culturenxt.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
032698ba89ec9891884ad0f43b269246c6f3743babc376e2f99a290e13fe4fb9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bjc.culturenxt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Fri, 17 Feb 2023 14:21:45 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70315
x-xss-protection
0
last-modified
Fri, 17 Feb 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 17 Feb 2023 14:21:45 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NRLFHJK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bjc.culturenxt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 17 Feb 2023 13:12:06 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
4179
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Fri, 17 Feb 2023 15:12:06 GMT
js
www.googletagmanager.com/gtag/ 		216 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-6GERH5VF5R&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NRLFHJK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6208abd67301b9cdd56e83c4f7130400d295a6b5c0ab36451cc2362333a87b32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bjc.culturenxt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Fri, 17 Feb 2023 14:21:45 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77407
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 17 Feb 2023 14:21:45 GMT
collect
region1.google-analytics.com/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-6GERH5VF5R&gtm=45je32f0&_p=2029025596&cid=1607263021.1676643706&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1676643705&sct=1&seg=0&dl=https%3A%2F%2Fbjc.culturenxt.com%2F&dt=CultureNext%20-%20Employee%20Recognition&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6GERH5VF5R&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bjc.culturenxt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Feb 2023 14:21:45 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bjc.culturenxt.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
d1c53f5.js
bjc.culturenxt.com/_nuxt/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bjc.culturenxt.com/_nuxt/d1c53f5.js
Requested by
Host: bjc.culturenxt.com
URL: https://bjc.culturenxt.com/_nuxt/f85d3b3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.177.173 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
173.177.107.34.bc.googleusercontent.com
Software
/
Resource Hash
aa7144a5947c0861926bf9325306f50c9ba755502833fea76baae3d571302a3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bjc.culturenxt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Fri, 17 Feb 2023 14:21:45 GMT
content-encoding
gzip
via
1.1 google
last-modified
Wed, 01 Feb 2023 21:23:27 GMT
etag
W/"1486-1860edcf498"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
lf30_bpru2nsg.json
assets4.lottiefiles.com/private_files/ 		51 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets4.lottiefiles.com/private_files/lf30_bpru2nsg.json
Requested by
Host: bjc.culturenxt.com
URL: https://bjc.culturenxt.com/_nuxt/d4e133b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:ce00:2:49a2:4500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fbaef668a9eedf9701e961d31d64f7d1be17e67fe4bac7f61240bd9503e4a2fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bjc.culturenxt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Fri, 17 Feb 2023 14:21:47 GMT
x-amz-version-id
Bo6tLC5iYYDBYLZJu1gRSz39H2eTi5Se
content-encoding
br
last-modified
Wed, 09 Feb 2022 15:38:43 GMT
server
AmazonS3
via
1.1 6851af5c4f6d355fa4ec39cc8cc0c358.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
etag
W/"6aef60b3727dd77a283483630c6f8d8a"
access-control-max-age
1800
access-control-allow-methods
GET
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
x-cache
Miss from cloudfront
vary
Accept-Encoding,Origin
x-amz-cf-id
Q0xjdJ0koAbR07g6QkYadiXZCE08kL2HbX_0dw3YKyIGT4VGU9xX8w==
lf30_bpru2nsg.json
assets4.lottiefiles.com/private_files/ 		51 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets4.lottiefiles.com/private_files/lf30_bpru2nsg.json
Requested by
Host: bjc.culturenxt.com
URL: https://bjc.culturenxt.com/_nuxt/d4e133b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:ce00:2:49a2:4500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fbaef668a9eedf9701e961d31d64f7d1be17e67fe4bac7f61240bd9503e4a2fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bjc.culturenxt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Fri, 17 Feb 2023 14:21:47 GMT
x-amz-version-id
Bo6tLC5iYYDBYLZJu1gRSz39H2eTi5Se
content-encoding
br
last-modified
Wed, 09 Feb 2022 15:38:43 GMT
server
AmazonS3
via
1.1 6851af5c4f6d355fa4ec39cc8cc0c358.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
etag
W/"6aef60b3727dd77a283483630c6f8d8a"
access-control-max-age
1800
access-control-allow-methods
GET
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
x-cache
Hit from cloudfront
vary
Accept-Encoding,Origin
x-amz-cf-id
qX2aFlbAHEyXLT45pME54V7-zcNd5qgMn0hoOVpxDcsylDbfpzVgpA==
abbe9db.js
bjc.culturenxt.com/_nuxt/ 		65 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bjc.culturenxt.com/_nuxt/abbe9db.js
Requested by
Host: bjc.culturenxt.com
URL: https://bjc.culturenxt.com/_nuxt/f85d3b3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.177.173 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
173.177.107.34.bc.googleusercontent.com
Software
/
Resource Hash
6de6d66de31fe2181cdea06f8d456daa6694b7078025b57fefa92ec5b9930821

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bjc.culturenxt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Fri, 17 Feb 2023 14:21:45 GMT
content-encoding
gzip
via
1.1 google
last-modified
Wed, 01 Feb 2023 21:23:27 GMT
etag
W/"1059c-1860edcf498"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
project-profile
bjc.culturenxt.com/rest/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bjc.culturenxt.com/rest/project-profile
Requested by
Host: bjc.culturenxt.com
URL: https://bjc.culturenxt.com/_nuxt/cbcedcc.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.177.173 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
173.177.107.34.bc.googleusercontent.com
Software
/
Resource Hash
e4c219ed7f6a0c9cf0618a3597007ccc11f97a8abb5534e172e311527b250926

Request headers

Accept
application/json, text/plain, */*
Referer
https://bjc.culturenxt.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Feb 2023 14:21:45 GMT
via
1.1 google
content-type
application/json;charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-application-context
application:production,actuator
expires
0
branding
bjc.culturenxt.com/rest/ 		273 B
289 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bjc.culturenxt.com/rest/branding
Requested by
Host: bjc.culturenxt.com
URL: https://bjc.culturenxt.com/_nuxt/cbcedcc.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.177.173 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
173.177.107.34.bc.googleusercontent.com
Software
/
Resource Hash
e1e37d63e9be8765c588a98b7d6c31983aa3ce80a1cb659d78acc351f32a86d2

Request headers

Accept
application/json, text/plain, */*
Referer
https://bjc.culturenxt.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Feb 2023 14:21:45 GMT
via
1.1 google
content-type
application/json;charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-application-context
application:production,actuator
expires
0
658a42ac-7066-4cd9-a7de-3394673f8602.png
app-cdn.culturenxt.com/bjc/ 		15 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app-cdn.culturenxt.com/bjc/658a42ac-7066-4cd9-a7de-3394673f8602.png?Expires=4830243706&KeyName=url-key-2021-09-09&Signature=xDrJl72rB8QuBew1lUOy3T-4HI4=
Requested by
Host: bjc.culturenxt.com
URL: https://bjc.culturenxt.com/_nuxt/cbcedcc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.236.141 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
141.236.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
a8e599e46621fd1d5f032f49c3c3841bfc446fe860464a0d33254fbd383817b3

Request headers

Accept
application/json, text/plain, */*
Referer
https://bjc.culturenxt.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Fri, 17 Feb 2023 14:21:46 GMT
x-guploader-uploadid
ADPycds1yr4SebI1zx_ZbHwW-dJwfDHDImW3xkta-q0x__V8DQNlb11r0bxCOX1iq6sND1ECZHzs9e-vgZ-7iMksbPPoKA0ES9mI
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15733
last-modified
Wed, 09 Nov 2022 19:30:56 GMT
server
UploadServer
etag
"74a851bce5cbdc01479a67d547c320c6"
vary
Origin
x-goog-generation
1668022256447570
content-type
image/png
access-control-allow-origin
https://bjc.culturenxt.com
x-goog-hash
crc32c=O01lYg==, md5=dKhRvOXL3AFHmmfVR8Mgxg==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
private,max-age=0,public
x-goog-stored-content-length
15733
accept-ranges
bytes
messages
bjc.culturenxt.com/rest/ 		577 B
593 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bjc.culturenxt.com/rest/messages
Requested by
Host: bjc.culturenxt.com
URL: https://bjc.culturenxt.com/_nuxt/cbcedcc.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.177.173 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
173.177.107.34.bc.googleusercontent.com
Software
/
Resource Hash
f640de038a2822e8a6500f5f6d96bf535254409660028438d537fabfac54b610

Request headers

Accept
application/json, text/plain, */*
Referer
https://bjc.culturenxt.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Feb 2023 14:21:46 GMT
via
1.1 google
content-type
application/json;charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-application-context
application:production,actuator
expires
0
062c340.js
bjc.culturenxt.com/_nuxt/ 		2 KB
927 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bjc.culturenxt.com/_nuxt/062c340.js
Requested by
Host: bjc.culturenxt.com
URL: https://bjc.culturenxt.com/_nuxt/f85d3b3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.177.173 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
173.177.107.34.bc.googleusercontent.com
Software
/
Resource Hash
06afbc070d6790cc5e5f8b9a259e868263bd806d8f9a099986661a221e54dc5d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bjc.culturenxt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Fri, 17 Feb 2023 14:21:47 GMT
content-encoding
gzip
via
1.1 google
last-modified
Wed, 01 Feb 2023 21:23:27 GMT
etag
W/"7d7-1860edcf498"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
saml2
login.microsoftonline.com/1984aac0-7e83-4a2b-925d-f834a5a9cbd4/
Redirect Chain
  • https://saml-api.salesnext.com/rest/saml/login/projects/bjc
  • https://login.microsoftonline.com/1984aac0-7e83-4a2b-925d-f834a5a9cbd4/saml2?SAMLRequest=hZJPT%2BMwEMW%2FiuV7%2FrkuTaymqCxCi8SKioY9cJu4k%2BBVYgePU%2FHxCWmrZS%2Fs0Xpv3tPMz%2Bvr975jR%2FRknC15FqecodXu...
152 KB
55 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/1984aac0-7e83-4a2b-925d-f834a5a9cbd4/saml2?SAMLRequest=hZJPT%2BMwEMW%2FiuV7%2FrkuTaymqCxCi8SKioY9cJu4k%2BBVYgePU%2FHxCWmrZS%2Fs0Xpv3tPMz%2Bvr975jR%2FRknC15FqecodXuYGxb8ufqLsr59WZN0HdiUNsxvNonfBuRApsGLamTUvLRW%2BWADCkLPZIKWu23vx6UiFM1eBecdh1nWyL0Yar64SyNPfo9%2BqPR%2BPz0UPLXEAZSSfIZGcFgYoIOyeJ7iLXrEz%2BVzlpC5BLoDFBS%2F9Gc3U6CsRDmDS4hnWuNjXujvSPXBGc7Y3HOyYpcAug0WmG%2BiCSIOirE8hA1%2BULCEgpdH%2BTcIzi7c17jvHXJG%2BgIObu%2FLTnIZVvL1DQ5AOKhWRVykTW1LNq2aa4mD%2B2AyBzx7xTRiPeWAthQcpGKRZSKKFtVmVQiUzKPU5G%2BcLY7n%2BrG2BOC7%2B5an0ykflbVLto97ivOfl9QTgZ%2BBqfmdv%2BV2PfBcMHEN%2F%2BBcuIxfIJYJ1%2FLNufnv59m8wE%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=GtLzyerO5bDtGAlf9FPyNdCGCLWQz%2BZY2gfGmc4YTQELLGZLMTtlysFRdxgGSGqWlI%2Fgzcaj3EtY1%2B2dH8ljp0Rql9QXp1NxY7MfXAgfLuEy8HFnZBYi%2BH2oyNR3xLkV39d9GmYWNYeBKM8XzJtzSvShPEy29dZWWhphAwpmur7Fk90xEdoo0oCwgDWuh9tTWbBeZF6JUez4WhNnxsTYG2yZZRygY6Ow2A1O6EVZVnEzQaKDaxS4PNdNQyhNFqeEThM%2FN4JfrHZk%2FY07z%2FcV%2FE2o4CdAw9axstsgviZ8TUdQSKNalotEE2wm1yJ0FkmHfnQwTL92clrdB7NwuOITTA%3D%3D
Requested by
Host: bjc.culturenxt.com
URL: https://bjc.culturenxt.com/_nuxt/062c340.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.159.72 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bjc.culturenxt.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
55737
Content-Type
text/html; charset=utf-8
Date
Fri, 17 Feb 2023 14:21:47 GMT
Expires
-1
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub1"}]}
x-ms-ests-server
2.1.14601.8 - SCUS ProdSlices
x-ms-request-id
1a3d8078-2519-4395-8bc9-36750ed06e00

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store
content-length
0
date
Fri, 17 Feb 2023 14:21:47 GMT
location
https://login.microsoftonline.com/1984aac0-7e83-4a2b-925d-f834a5a9cbd4/saml2?SAMLRequest=hZJPT%2BMwEMW%2FiuV7%2FrkuTaymqCxCi8SKioY9cJu4k%2BBVYgePU%2FHxCWmrZS%2Fs0Xpv3tPMz%2Bvr975jR%2FRknC15FqecodXuYGxb8ufqLsr59WZN0HdiUNsxvNonfBuRApsGLamTUvLRW%2BWADCkLPZIKWu23vx6UiFM1eBecdh1nWyL0Yar64SyNPfo9%2BqPR%2BPz0UPLXEAZSSfIZGcFgYoIOyeJ7iLXrEz%2BVzlpC5BLoDFBS%2F9Gc3U6CsRDmDS4hnWuNjXujvSPXBGc7Y3HOyYpcAug0WmG%2BiCSIOirE8hA1%2BULCEgpdH%2BTcIzi7c17jvHXJG%2BgIObu%2FLTnIZVvL1DQ5AOKhWRVykTW1LNq2aa4mD%2B2AyBzx7xTRiPeWAthQcpGKRZSKKFtVmVQiUzKPU5G%2BcLY7n%2BrG2BOC7%2B5an0ykflbVLto97ivOfl9QTgZ%2BBqfmdv%2BV2PfBcMHEN%2F%2BBcuIxfIJYJ1%2FLNufnv59m8wE%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=GtLzyerO5bDtGAlf9FPyNdCGCLWQz%2BZY2gfGmc4YTQELLGZLMTtlysFRdxgGSGqWlI%2Fgzcaj3EtY1%2B2dH8ljp0Rql9QXp1NxY7MfXAgfLuEy8HFnZBYi%2BH2oyNR3xLkV39d9GmYWNYeBKM8XzJtzSvShPEy29dZWWhphAwpmur7Fk90xEdoo0oCwgDWuh9tTWbBeZF6JUez4WhNnxsTYG2yZZRygY6Ow2A1O6EVZVnEzQaKDaxS4PNdNQyhNFqeEThM%2FN4JfrHZk%2FY07z%2FcV%2FE2o4CdAw9axstsgviZ8TUdQSKNalotEE2wm1yJ0FkmHfnQwTL92clrdB7NwuOITTA%3D%3D
pragma
no-cache
via
1.1 google
60c5111.js
bjc.culturenxt.com/_nuxt/ 		1 KB
702 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bjc.culturenxt.com/_nuxt/60c5111.js
Requested by
Host: bjc.culturenxt.com
URL: https://bjc.culturenxt.com/_nuxt/f85d3b3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.177.173 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
173.177.107.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bjc.culturenxt.com/en_US/redirect/sso
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Fri, 17 Feb 2023 14:21:47 GMT
content-encoding
gzip
via
1.1 google
last-modified
Wed, 01 Feb 2023 21:23:27 GMT
etag
W/"4b5-1860edcf498"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
css2
fonts.googleapis.com/ 		7 KB
1001 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap
Requested by
Host: bjc.culturenxt.com
URL: https://bjc.culturenxt.com/_nuxt/cbcedcc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bjc.culturenxt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 17 Feb 2023 14:21:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 17 Feb 2023 12:53:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 17 Feb 2023 14:21:47 GMT
truncated
/ 		15 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/png
null
bjc.culturenxt.com/en_US/redirect/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bjc.culturenxt.com/en_US/redirect/null
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.177.173 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
173.177.107.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bjc.culturenxt.com/en_US/redirect/sso
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Fri, 17 Feb 2023 14:21:47 GMT
content-encoding
gzip
via
1.1 google
etag
"fd1-Uq+9ooDenYeGq08X7tBc7Q5cFa8"
vary
Accept-Encoding
content-type
text/html; charset=utf-8
accept-ranges
none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bjc.culturenxt.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 01:03:59 GMT
x-content-type-options
nosniff
age
134268
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 16 Feb 2024 01:03:59 GMT
collect
region1.google-analytics.com/g/ 		0
0
Primary Request saml2
login.microsoftonline.com/1984aac0-7e83-4a2b-925d-f834a5a9cbd4/ 		198 KB
52 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/1984aac0-7e83-4a2b-925d-f834a5a9cbd4/saml2?SAMLRequest=hZJPT%2BMwEMW%2FiuV7%2FrkuTaymqCxCi8SKioY9cJu4k%2BBVYgePU%2FHxCWmrZS%2Fs0Xpv3tPMz%2Bvr975jR%2FRknC15FqecodXuYGxb8ufqLsr59WZN0HdiUNsxvNonfBuRApsGLamTUvLRW%2BWADCkLPZIKWu23vx6UiFM1eBecdh1nWyL0Yar64SyNPfo9%2BqPR%2BPz0UPLXEAZSSfIZGcFgYoIOyeJ7iLXrEz%2BVzlpC5BLoDFBS%2F9Gc3U6CsRDmDS4hnWuNjXujvSPXBGc7Y3HOyYpcAug0WmG%2BiCSIOirE8hA1%2BULCEgpdH%2BTcIzi7c17jvHXJG%2BgIObu%2FLTnIZVvL1DQ5AOKhWRVykTW1LNq2aa4mD%2B2AyBzx7xTRiPeWAthQcpGKRZSKKFtVmVQiUzKPU5G%2BcLY7n%2BrG2BOC7%2B5an0ykflbVLto97ivOfl9QTgZ%2BBqfmdv%2BV2PfBcMHEN%2F%2BBcuIxfIJYJ1%2FLNufnv59m8wE%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=GtLzyerO5bDtGAlf9FPyNdCGCLWQz%2BZY2gfGmc4YTQELLGZLMTtlysFRdxgGSGqWlI%2Fgzcaj3EtY1%2B2dH8ljp0Rql9QXp1NxY7MfXAgfLuEy8HFnZBYi%2BH2oyNR3xLkV39d9GmYWNYeBKM8XzJtzSvShPEy29dZWWhphAwpmur7Fk90xEdoo0oCwgDWuh9tTWbBeZF6JUez4WhNnxsTYG2yZZRygY6Ow2A1O6EVZVnEzQaKDaxS4PNdNQyhNFqeEThM%2FN4JfrHZk%2FY07z%2FcV%2FE2o4CdAw9axstsgviZ8TUdQSKNalotEE2wm1yJ0FkmHfnQwTL92clrdB7NwuOITTA%3D%3D&sso_reload=true
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/1984aac0-7e83-4a2b-925d-f834a5a9cbd4/saml2?SAMLRequest=hZJPT%2BMwEMW%2FiuV7%2FrkuTaymqCxCi8SKioY9cJu4k%2BBVYgePU%2FHxCWmrZS%2Fs0Xpv3tPMz%2Bvr975jR%2FRknC15FqecodXuYGxb8ufqLsr59WZN0HdiUNsxvNonfBuRApsGLamTUvLRW%2BWADCkLPZIKWu23vx6UiFM1eBecdh1nWyL0Yar64SyNPfo9%2BqPR%2BPz0UPLXEAZSSfIZGcFgYoIOyeJ7iLXrEz%2BVzlpC5BLoDFBS%2F9Gc3U6CsRDmDS4hnWuNjXujvSPXBGc7Y3HOyYpcAug0WmG%2BiCSIOirE8hA1%2BULCEgpdH%2BTcIzi7c17jvHXJG%2BgIObu%2FLTnIZVvL1DQ5AOKhWRVykTW1LNq2aa4mD%2B2AyBzx7xTRiPeWAthQcpGKRZSKKFtVmVQiUzKPU5G%2BcLY7n%2BrG2BOC7%2B5an0ykflbVLto97ivOfl9QTgZ%2BBqfmdv%2BV2PfBcMHEN%2F%2BBcuIxfIJYJ1%2FLNufnv59m8wE%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=GtLzyerO5bDtGAlf9FPyNdCGCLWQz%2BZY2gfGmc4YTQELLGZLMTtlysFRdxgGSGqWlI%2Fgzcaj3EtY1%2B2dH8ljp0Rql9QXp1NxY7MfXAgfLuEy8HFnZBYi%2BH2oyNR3xLkV39d9GmYWNYeBKM8XzJtzSvShPEy29dZWWhphAwpmur7Fk90xEdoo0oCwgDWuh9tTWbBeZF6JUez4WhNnxsTYG2yZZRygY6Ow2A1O6EVZVnEzQaKDaxS4PNdNQyhNFqeEThM%2FN4JfrHZk%2FY07z%2FcV%2FE2o4CdAw9axstsgviZ8TUdQSKNalotEE2wm1yJ0FkmHfnQwTL92clrdB7NwuOITTA%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.159.72 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
15a5656f637fc2532636414716c987f0aed8fb11b990e008c0be0eda728ccf9d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://login.microsoftonline.com/1984aac0-7e83-4a2b-925d-f834a5a9cbd4/saml2?SAMLRequest=hZJPT%2BMwEMW%2FiuV7%2FrkuTaymqCxCi8SKioY9cJu4k%2BBVYgePU%2FHxCWmrZS%2Fs0Xpv3tPMz%2Bvr975jR%2FRknC15FqecodXuYGxb8ufqLsr59WZN0HdiUNsxvNonfBuRApsGLamTUvLRW%2BWADCkLPZIKWu23vx6UiFM1eBecdh1nWyL0Yar64SyNPfo9%2BqPR%2BPz0UPLXEAZSSfIZGcFgYoIOyeJ7iLXrEz%2BVzlpC5BLoDFBS%2F9Gc3U6CsRDmDS4hnWuNjXujvSPXBGc7Y3HOyYpcAug0WmG%2BiCSIOirE8hA1%2BULCEgpdH%2BTcIzi7c17jvHXJG%2BgIObu%2FLTnIZVvL1DQ5AOKhWRVykTW1LNq2aa4mD%2B2AyBzx7xTRiPeWAthQcpGKRZSKKFtVmVQiUzKPU5G%2BcLY7n%2BrG2BOC7%2B5an0ykflbVLto97ivOfl9QTgZ%2BBqfmdv%2BV2PfBcMHEN%2F%2BBcuIxfIJYJ1%2FLNufnv59m8wE%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=GtLzyerO5bDtGAlf9FPyNdCGCLWQz%2BZY2gfGmc4YTQELLGZLMTtlysFRdxgGSGqWlI%2Fgzcaj3EtY1%2B2dH8ljp0Rql9QXp1NxY7MfXAgfLuEy8HFnZBYi%2BH2oyNR3xLkV39d9GmYWNYeBKM8XzJtzSvShPEy29dZWWhphAwpmur7Fk90xEdoo0oCwgDWuh9tTWbBeZF6JUez4WhNnxsTYG2yZZRygY6Ow2A1O6EVZVnEzQaKDaxS4PNdNQyhNFqeEThM%2FN4JfrHZk%2FY07z%2FcV%2FE2o4CdAw9axstsgviZ8TUdQSKNalotEE2wm1yJ0FkmHfnQwTL92clrdB7NwuOITTA%3D%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
50988
Content-Type
text/html; charset=utf-8
Date
Fri, 17 Feb 2023 14:21:47 GMT
Expires
-1
Link
<https://aadcdn.msauth.net>; rel=preconnect; crossorigin <https://aadcdn.msauth.net>; rel=dns-prefetch <https://aadcdn.msftauth.net>; rel=dns-prefetch
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
on
X-Frame-Options
DENY
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub1"}]}
x-ms-ests-server
2.1.14601.8 - NCUS ProdSlices
x-ms-request-id
661a5147-cb08-4e07-bef0-6c8b59f76600
ConvergedLogin_PCore_107jr3BDJx7vcmkFlFtgbQ2.js
aadcdn.msauth.net/shared/1.0/content/js/ 		394 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_107jr3BDJx7vcmkFlFtgbQ2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/1984aac0-7e83-4a2b-925d-f834a5a9cbd4/saml2?SAMLRequest=hZJPT%2BMwEMW%2FiuV7%2FrkuTaymqCxCi8SKioY9cJu4k%2BBVYgePU%2FHxCWmrZS%2Fs0Xpv3tPMz%2Bvr975jR%2FRknC15FqecodXuYGxb8ufqLsr59WZN0HdiUNsxvNonfBuRApsGLamTUvLRW%2BWADCkLPZIKWu23vx6UiFM1eBecdh1nWyL0Yar64SyNPfo9%2BqPR%2BPz0UPLXEAZSSfIZGcFgYoIOyeJ7iLXrEz%2BVzlpC5BLoDFBS%2F9Gc3U6CsRDmDS4hnWuNjXujvSPXBGc7Y3HOyYpcAug0WmG%2BiCSIOirE8hA1%2BULCEgpdH%2BTcIzi7c17jvHXJG%2BgIObu%2FLTnIZVvL1DQ5AOKhWRVykTW1LNq2aa4mD%2B2AyBzx7xTRiPeWAthQcpGKRZSKKFtVmVQiUzKPU5G%2BcLY7n%2BrG2BOC7%2B5an0ykflbVLto97ivOfl9QTgZ%2BBqfmdv%2BV2PfBcMHEN%2F%2BBcuIxfIJYJ1%2FLNufnv59m8wE%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=GtLzyerO5bDtGAlf9FPyNdCGCLWQz%2BZY2gfGmc4YTQELLGZLMTtlysFRdxgGSGqWlI%2Fgzcaj3EtY1%2B2dH8ljp0Rql9QXp1NxY7MfXAgfLuEy8HFnZBYi%2BH2oyNR3xLkV39d9GmYWNYeBKM8XzJtzSvShPEy29dZWWhphAwpmur7Fk90xEdoo0oCwgDWuh9tTWbBeZF6JUez4WhNnxsTYG2yZZRygY6Ow2A1O6EVZVnEzQaKDaxS4PNdNQyhNFqeEThM%2FN4JfrHZk%2FY07z%2FcV%2FE2o4CdAw9axstsgviZ8TUdQSKNalotEE2wm1yJ0FkmHfnQwTL92clrdB7NwuOITTA%3D%3D&sso_reload=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:29:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
7882199766af67996985bc27a2da42c974810bb9e4f04e093d5ecb64bf64182e

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 17 Feb 2023 14:21:47 GMT
content-encoding
gzip
x-azure-ref-originshield
09mHiYwAAAAA0VTyo/dOASKD3fBlVtQb+RlJBMjMxMDUwNDE3MDIxADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
YWec4sg4ygcaxH6rhV6EKw==
x-cache
TCP_HIT
content-length
112962
x-ms-lease-status
unlocked
last-modified
Tue, 10 Jan 2023 18:52:31 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAF33BD42063FA
x-azure-ref
0fI3vYwAAAACotDOJdzY7QK044qlkFR9NRlJBMjMxMDUwNDIwMDI5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
aee1962a-001e-0047-1db9-3a356c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
Me.htm
login.live.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://login.live.com/Me.htm?v=3
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/1984aac0-7e83-4a2b-925d-f834a5a9cbd4/saml2?SAMLRequest=hZJPT%2BMwEMW%2FiuV7%2FrkuTaymqCxCi8SKioY9cJu4k%2BBVYgePU%2FHxCWmrZS%2Fs0Xpv3tPMz%2Bvr975jR%2FRknC15FqecodXuYGxb8ufqLsr59WZN0HdiUNsxvNonfBuRApsGLamTUvLRW%2BWADCkLPZIKWu23vx6UiFM1eBecdh1nWyL0Yar64SyNPfo9%2BqPR%2BPz0UPLXEAZSSfIZGcFgYoIOyeJ7iLXrEz%2BVzlpC5BLoDFBS%2F9Gc3U6CsRDmDS4hnWuNjXujvSPXBGc7Y3HOyYpcAug0WmG%2BiCSIOirE8hA1%2BULCEgpdH%2BTcIzi7c17jvHXJG%2BgIObu%2FLTnIZVvL1DQ5AOKhWRVykTW1LNq2aa4mD%2B2AyBzx7xTRiPeWAthQcpGKRZSKKFtVmVQiUzKPU5G%2BcLY7n%2BrG2BOC7%2B5an0ykflbVLto97ivOfl9QTgZ%2BBqfmdv%2BV2PfBcMHEN%2F%2BBcuIxfIJYJ1%2FLNufnv59m8wE%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=GtLzyerO5bDtGAlf9FPyNdCGCLWQz%2BZY2gfGmc4YTQELLGZLMTtlysFRdxgGSGqWlI%2Fgzcaj3EtY1%2B2dH8ljp0Rql9QXp1NxY7MfXAgfLuEy8HFnZBYi%2BH2oyNR3xLkV39d9GmYWNYeBKM8XzJtzSvShPEy29dZWWhphAwpmur7Fk90xEdoo0oCwgDWuh9tTWbBeZF6JUez4WhNnxsTYG2yZZRygY6Ow2A1O6EVZVnEzQaKDaxS4PNdNQyhNFqeEThM%2FN4JfrHZk%2FY07z%2FcV%2FE2o4CdAw9axstsgviZ8TUdQSKNalotEE2wm1yJ0FkmHfnQwTL92clrdB7NwuOITTA%3D%3D&sso_reload=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.126.32.134 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers
convergedlogin_pcustomizationloader_f226dd7c4f08045ad544.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ 		107 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_f226dd7c4f08045ad544.js
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_107jr3BDJx7vcmkFlFtgbQ2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:29:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b22fc156c87081fbd745b1742898bbba5755a779d86ada9489c08196cd4d55c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 17 Feb 2023 14:21:48 GMT
content-encoding
gzip
x-azure-ref-originshield
0ES7tYwAAAACCP99aiG0aQYazYCKBwCnIRlJBMjMxMDUwNDE4MDI3ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
YVvRQn8alC3N3tI6cG7wJQ==
x-cache
TCP_HIT
content-length
32196
x-ms-lease-status
unlocked
last-modified
Tue, 10 Jan 2023 18:52:09 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAF33BC6F7B414
x-azure-ref
0fI3vYwAAAAAkzFrMiECmTYkpcnc/RJ8SRlJBMjMxMDUwNDE5MDQ5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
4893f274-201e-002d-5f62-3b795b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ 		0
20 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/1984aac0-7e83-4a2b-925d-f834a5a9cbd4/saml2?SAMLRequest=hZJPT%2BMwEMW%2FiuV7%2FrkuTaymqCxCi8SKioY9cJu4k%2BBVYgePU%2FHxCWmrZS%2Fs0Xpv3tPMz%2Bvr975jR%2FRknC15FqecodXuYGxb8ufqLsr59WZN0HdiUNsxvNonfBuRApsGLamTUvLRW%2BWADCkLPZIKWu23vx6UiFM1eBecdh1nWyL0Yar64SyNPfo9%2BqPR%2BPz0UPLXEAZSSfIZGcFgYoIOyeJ7iLXrEz%2BVzlpC5BLoDFBS%2F9Gc3U6CsRDmDS4hnWuNjXujvSPXBGc7Y3HOyYpcAug0WmG%2BiCSIOirE8hA1%2BULCEgpdH%2BTcIzi7c17jvHXJG%2BgIObu%2FLTnIZVvL1DQ5AOKhWRVykTW1LNq2aa4mD%2B2AyBzx7xTRiPeWAthQcpGKRZSKKFtVmVQiUzKPU5G%2BcLY7n%2BrG2BOC7%2B5an0ykflbVLto97ivOfl9QTgZ%2BBqfmdv%2BV2PfBcMHEN%2F%2BBcuIxfIJYJ1%2FLNufnv59m8wE%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=GtLzyerO5bDtGAlf9FPyNdCGCLWQz%2BZY2gfGmc4YTQELLGZLMTtlysFRdxgGSGqWlI%2Fgzcaj3EtY1%2B2dH8ljp0Rql9QXp1NxY7MfXAgfLuEy8HFnZBYi%2BH2oyNR3xLkV39d9GmYWNYeBKM8XzJtzSvShPEy29dZWWhphAwpmur7Fk90xEdoo0oCwgDWuh9tTWbBeZF6JUez4WhNnxsTYG2yZZRygY6Ow2A1O6EVZVnEzQaKDaxS4PNdNQyhNFqeEThM%2FN4JfrHZk%2FY07z%2FcV%2FE2o4CdAw9axstsgviZ8TUdQSKNalotEE2wm1yJ0FkmHfnQwTL92clrdB7NwuOITTA%3D%3D&sso_reload=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:29:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 17 Feb 2023 14:21:48 GMT
content-encoding
gzip
x-azure-ref-originshield
0TYzhYwAAAABuevwuYDyBQLkdxxX/icaiRlJBMjMxMDUwNDE4MDM1ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
9K2/nGCj75WAmmAI9nZNCA==
x-cache
TCP_HIT
content-length
19970
x-ms-lease-status
unlocked
last-modified
Thu, 04 Aug 2022 19:37:00 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA7650B37ACC3D
x-azure-ref
0fI3vYwAAAAAlzFYNzqizRasYZxFry4aDRlJBMjMxMDUwNDE5MDQ5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
c558331c-101e-001a-3e59-3a8944000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
ux.converged.login.strings-de.min_egm72xgxis3arkcshl_vsg2.js
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ 		0
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-de.min_egm72xgxis3arkcshl_vsg2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/1984aac0-7e83-4a2b-925d-f834a5a9cbd4/saml2?SAMLRequest=hZJPT%2BMwEMW%2FiuV7%2FrkuTaymqCxCi8SKioY9cJu4k%2BBVYgePU%2FHxCWmrZS%2Fs0Xpv3tPMz%2Bvr975jR%2FRknC15FqecodXuYGxb8ufqLsr59WZN0HdiUNsxvNonfBuRApsGLamTUvLRW%2BWADCkLPZIKWu23vx6UiFM1eBecdh1nWyL0Yar64SyNPfo9%2BqPR%2BPz0UPLXEAZSSfIZGcFgYoIOyeJ7iLXrEz%2BVzlpC5BLoDFBS%2F9Gc3U6CsRDmDS4hnWuNjXujvSPXBGc7Y3HOyYpcAug0WmG%2BiCSIOirE8hA1%2BULCEgpdH%2BTcIzi7c17jvHXJG%2BgIObu%2FLTnIZVvL1DQ5AOKhWRVykTW1LNq2aa4mD%2B2AyBzx7xTRiPeWAthQcpGKRZSKKFtVmVQiUzKPU5G%2BcLY7n%2BrG2BOC7%2B5an0ykflbVLto97ivOfl9QTgZ%2BBqfmdv%2BV2PfBcMHEN%2F%2BBcuIxfIJYJ1%2FLNufnv59m8wE%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=GtLzyerO5bDtGAlf9FPyNdCGCLWQz%2BZY2gfGmc4YTQELLGZLMTtlysFRdxgGSGqWlI%2Fgzcaj3EtY1%2B2dH8ljp0Rql9QXp1NxY7MfXAgfLuEy8HFnZBYi%2BH2oyNR3xLkV39d9GmYWNYeBKM8XzJtzSvShPEy29dZWWhphAwpmur7Fk90xEdoo0oCwgDWuh9tTWbBeZF6JUez4WhNnxsTYG2yZZRygY6Ow2A1O6EVZVnEzQaKDaxS4PNdNQyhNFqeEThM%2FN4JfrHZk%2FY07z%2FcV%2FE2o4CdAw9axstsgviZ8TUdQSKNalotEE2wm1yJ0FkmHfnQwTL92clrdB7NwuOITTA%3D%3D&sso_reload=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:29:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 17 Feb 2023 14:21:48 GMT
content-encoding
gzip
x-azure-ref-originshield
0nOfhYwAAAAC+D1fMmKlNQIKIQYEiFO7nRlJBMjMxMDUwNDE3MDQ3ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
k7fVZXvzmEOgfmeeNd3Kyw==
x-cache
TCP_HIT
content-length
15207
x-ms-lease-status
unlocked
last-modified
Sat, 17 Dec 2022 08:38:03 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAE00A0321E74C
x-azure-ref
0fI3vYwAAAAC+G7kOL7FRSrsIT+QGDnb9RlJBMjMxMDUwNDE5MDQ5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
110af538-801e-008f-3083-3ae939000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
2_bc3d32a696895f78c19df6c717586a5d.svg
aadcdn.msauth.net/shared/1.0/content/images/backgrounds/ 		2 KB
1008 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:29:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 17 Feb 2023 14:21:48 GMT
content-encoding
gzip
x-azure-ref-originshield
0w8LhYwAAAACrqg0UnK2bTocVg4kRioEhRlJBMjMxMDUwNDE4MDI5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
DhdidjYrlCeaRJJRG/y9mA==
x-cache
TCP_HIT
content-length
673
x-ms-lease-status
unlocked
last-modified
Wed, 12 Feb 2020 22:01:30 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D7B0071D86E386
x-azure-ref
0fI3vYwAAAAANtZirYi5qTpwsixDcw0dvRlJBMjMxMDUwNDE5MDQ5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
e885102d-801e-0027-456a-3a774e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
aadcdn.msauth.net/shared/1.0/content/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:29:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 17 Feb 2023 14:21:48 GMT
content-encoding
gzip
x-azure-ref-originshield
0MLXhYwAAAADabA6mqYSnSpVvf423jpK7RlJBMjMxMDUwNDE3MDMzADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
nzaLxFgP7ZB3dfMcaybWzw==
x-cache
TCP_HIT
content-length
1435
x-ms-lease-status
unlocked
last-modified
Fri, 17 Jan 2020 19:28:38 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D79B8373CB2849
x-azure-ref
0fI3vYwAAAAAIh1ZgmSoET5ujae9Jpxh/RlJBMjMxMDUwNDE5MDQ5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
f7834174-401e-0017-7d94-3a565f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
convergedlogin_pstringcustomizationhelper_881cfed13e4de9243d02.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ 		111 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_881cfed13e4de9243d02.js
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_107jr3BDJx7vcmkFlFtgbQ2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:29:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
fab4e269d8c1f352519f80252bf81bb4aa64d33556d9f812bfdb93464c5ca234

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 17 Feb 2023 14:21:48 GMT
content-encoding
gzip
x-azure-ref-originshield
0Iy7tYwAAAACOUBQEfeE8QIt5EmEZ5VS+RlJBMjMxMDUwNDE3MDA5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
0mK+NcE8D9/LFiugof4bnQ==
x-cache
TCP_HIT
content-length
35791
x-ms-lease-status
unlocked
last-modified
Tue, 10 Jan 2023 18:52:10 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAF33BC7C616F4
x-azure-ref
0fI3vYwAAAACQ+yfWe2bAT75TraOBZUpNRlJBMjMxMDUwNDE5MDQ5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
1a9a77e8-a01e-008d-6d30-3bbf3d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
signin-options_4e48046ce74f4b89d45037c90576bfac.svg
aadcdn.msauth.net/shared/1.0/content/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:29:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 17 Feb 2023 14:21:49 GMT
content-encoding
gzip
x-azure-ref-originshield
05yLuYwAAAADp6Vm4st0lSpQd5hs4X6xoRlJBMjMxMDUwNDE3MDM3ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
R2FAVxfpONfnQAuxVxXbHg==
x-cache
TCP_HIT
content-length
621
x-ms-lease-status
unlocked
last-modified
Tue, 10 Nov 2020 03:41:24 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D8852A7FA6B761
x-azure-ref
0fY3vYwAAAAAhVzeS/Tx7RLjG9IOeCBDzRlJBMjMxMDUwNDE5MDQ5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
7a4f9914-501e-004a-2fca-41ea77000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
region1.google-analytics.com
URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-6GERH5VF5R&gtm=45je32f0&_p=2029025596&cid=1607263021.1676643706&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1676643705&sct=1&seg=0&dl=https%3A%2F%2Fbjc.culturenxt.com%2F&dt=CultureNext%20-%20Employee%20Recognition&_s=2

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| oncontentvisibilityautostatechange object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository object| Telemetry object| telemetry_webpackJsonp boolean| __ConvergedLogin_PCore boolean| __ boolean| __convergedlogin_pcustomizationloader_f226dd7c4f08045ad544 boolean| __convergedlogin_pstringcustomizationhelper_881cfed13e4de9243d02

15 Cookies

Domain/Path Name / Value
bjc.culturenxt.com/ Name: i18n_redirected
Value: en_US
.culturenxt.com/ Name: _ga
Value: GA1.2.1607263021.1676643706
.culturenxt.com/ Name: _gid
Value: GA1.2.1811457056.1676643706
bjc.culturenxt.com/ Name: auth.strategy
Value: local
login.microsoftonline.com/ Name: x-ms-gateway-slice
Value: estsfd
login.microsoftonline.com/ Name: stsservicecookie
Value: estsfd
.culturenxt.com/ Name: _ga_6GERH5VF5R
Value: GS1.1.1676643705.1.0.1676643708.0.0.0
.login.microsoftonline.com/ Name: AADSSO
Value: NA|NoExtension
login.microsoftonline.com/ Name: SSOCOOKIEPULLED
Value: 1
login.microsoftonline.com/ Name: buid
Value: 0.ARIAwKqEGYN-K0qSXfg0panL1Obzs-ZP-yxEuheai6cmSpUSAAA.AQABAAEAAAD--DLA3VO7QrddgJg7WevrasmJWlyxajAWHdGomk6Ghjav4WfaF4GaZzYn4nNlnJRfidpDRmBHCVZKoTWyynkRWeBPKU6XpPPC2Y55WjuLbIvvAydh8-zKWF_adTJURjUgAA
login.microsoftonline.com/ Name: fpc
Value: AhvV4qEIoCJBoUxFyITNqfZqubaZAQAAAHyEgdsOAAAA
.login.microsoftonline.com/ Name: esctx
Value: PAQABAAEAAAD--DLA3VO7QrddgJg7WevrrBNgMXRaCdsvixefmjOzuUricmccvf2c0vRV-_WUZm9cA5W6JyEDJ0Tj5CZ72c1qOQwVfYJanJk7jbrVfi1rXeEoUumfvW25uKj4VvyBIHJKKviokkAm9yDSAghhWuZecgZ02Q6N2uBS3i6dFjzCUCcOJhxm8nSbOsmr1xg2IbQgAA
.login.microsoftonline.com/ Name: brcap
Value: 0
.login.live.com/ Name: uaid
Value: a2631fbdadf84f9cb26690c034354c45
.login.live.com/ Name: MSPRequ
Value: id=N&lt=1676643708&co=1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msauth.net
app-cdn.culturenxt.com
assets4.lottiefiles.com
bjc.culturenxt.com
fonts.googleapis.com
fonts.gstatic.com
login.live.com
login.microsoftonline.com
region1.google-analytics.com
saml-api.salesnext.com
www.google-analytics.com
www.googletagmanager.com
region1.google-analytics.com
20.190.159.72
2001:4860:4802:34::36
2600:9000:223d:ce00:2:49a2:4500:93a1
2620:1ec:29:1::44
2a00:1450:4001:802::2008
2a00:1450:400d:808::200a
2a00:1450:400d:80a::2003
2a00:1450:400d:80a::200e
34.107.177.173
34.120.16.65
34.120.236.141
40.126.32.134
032698ba89ec9891884ad0f43b269246c6f3743babc376e2f99a290e13fe4fb9
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
06afbc070d6790cc5e5f8b9a259e868263bd806d8f9a099986661a221e54dc5d
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
15a5656f637fc2532636414716c987f0aed8fb11b990e008c0be0eda728ccf9d
30bef88beccfc8bde336579249b0b75ab3275f8a9de83948ca05273308f0f5a7
49059b0308002b2479aa9652e970740268b127e0924655cd917a42b1c898ed36
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
6208abd67301b9cdd56e83c4f7130400d295a6b5c0ab36451cc2362333a87b32
68f81e91bce31a4f0d78f0c301093293c37336fee09c13c26c58dab9ee84a6e8
6de6d66de31fe2181cdea06f8d456daa6694b7078025b57fefa92ec5b9930821
7882199766af67996985bc27a2da42c974810bb9e4f04e093d5ecb64bf64182e
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
952102f0e0962b3f89928274e5064c67d5edbfa22519dd79f67ebaccf8214b94
9a981e9f2b067549c3862152bdc29a99f6a066cb3a061b5b401b9e29c631284f
a8e599e46621fd1d5f032f49c3c3841bfc446fe860464a0d33254fbd383817b3
aa7144a5947c0861926bf9325306f50c9ba755502833fea76baae3d571302a3d
b22fc156c87081fbd745b1742898bbba5755a779d86ada9489c08196cd4d55c8
dcb688067fbd9acf0b2a37382ab3b93dc01ee68858698a6a9dc91460f448ba4e
e1e37d63e9be8765c588a98b7d6c31983aa3ce80a1cb659d78acc351f32a86d2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4c219ed7f6a0c9cf0618a3597007ccc11f97a8abb5534e172e311527b250926
f640de038a2822e8a6500f5f6d96bf535254409660028438d537fabfac54b610
fab4e269d8c1f352519f80252bf81bb4aa64d33556d9f812bfdb93464c5ca234
fbaef668a9eedf9701e961d31d64f7d1be17e67fe4bac7f61240bd9503e4a2fe