urlscan.io logo urlscan.io
SecurityTrails logo

login.microsoftonline.com Open in urlscan Pro
40.126.32.72  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://adnoc.lms.sapsf.com/
Effective URL: https://login.microsoftonline.com/74892fe7-b6cb-43e7-912b-52194d3fd7c8/saml2?SAMLRequest=fZLNbtswEIRfheCdkijJkUxYDtwaQQ30R2jUHnIJK...
Submission: On April 17 via api from AE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 6 domains to perform 23 HTTP transactions. The main IP is 40.126.32.72, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.microsoftonline.com. The Cisco Umbrella rank of the primary domain is 16.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on February 24th 2023. Valid for: a year.
This is the only time login.microsoftonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 130.214.250.252 35039 (SAP_CC)
1 4 23.210.119.197 16625 (AKAMAI-AS)
4 40.126.32.72 8075 (MICROSOFT...)
11 2620:1ec:4f:1... 8075 (MICROSOFT...)
1 2603:1027:1:1... 8075 (MICROSOFT...)
2 2606:2800:233... 15133 (EDGECAST)
1 2603:1027:1:1... 8075 (MICROSOFT...)
23 7
2    130.214.250.252 (Dubai, United Arab Emirates)

ASN35039 (SAP_CC, DE)
adnoc.lms.sapsf.com
4    23.210.119.197 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-119-197.deploy.static.akamaitechnologies.com
hcm22.sapsf.com
4    40.126.32.72 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com
11    2620:1ec:4f:1::69 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aadcdn.msauth.net
1    2603:1027:1:158::c (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.live.com
2    2606:2800:233:3d10:442f:fac8:6d32:4c87 (United States)

ASN15133 (EDGECAST, US)
aadcdn.msauthimages.net
1    2603:1027:1:158::8 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
autologon.microsoftazuread-sso.com
Apex Domain
Subdomains		 Transfer
11 msauth.net
aadcdn.msauth.net — Cisco Umbrella Rank: 1181
236 KB
6 sapsf.com
adnoc.lms.sapsf.com
hcm22.sapsf.com
13 KB
4 microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 16
111 KB
2 msauthimages.net
aadcdn.msauthimages.net — Cisco Umbrella Rank: 3380
212 KB
1 microsoftazuread-sso.com
autologon.microsoftazuread-sso.com — Cisco Umbrella Rank: 1421
1 KB
1 live.com
login.live.com — Cisco Umbrella Rank: 77
23 6
Domain Requested by
11 aadcdn.msauth.net login.microsoftonline.com
aadcdn.msauth.net
4 login.microsoftonline.com login.microsoftonline.com
aadcdn.msauth.net
4 hcm22.sapsf.com 1 redirects hcm22.sapsf.com
2 aadcdn.msauthimages.net
2 adnoc.lms.sapsf.com 1 redirects
1 autologon.microsoftazuread-sso.com
1 login.live.com login.microsoftonline.com
23 7

This site contains links to these domains. Also see Links.

Domain
www.microsoft.com
privacy.microsoft.com
Subject Issuer Validity Valid
*.lms.sapsf.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-16 -
2023-06-16		 a year crt.sh
*.sapsf.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-26 -
2024-02-28		 a year crt.sh
stamp2.login.microsoftonline.com
DigiCert SHA2 Secure Server CA		 2023-02-24 -
2024-02-24		 a year crt.sh
aadcdn.msauth.net
DigiCert SHA2 Secure Server CA		 2023-01-27 -
2024-01-27		 a year crt.sh
login.live.com
DigiCert SHA2 Secure Server CA		 2023-04-02 -
2024-04-02		 a year crt.sh
aadcdn.msauthimages.net
Microsoft Azure TLS Issuing CA 02		 2023-03-08 -
2024-03-02		 a year crt.sh
autologon.microsoftazuread-sso.com
DigiCert SHA2 Secure Server CA		 2023-04-02 -
2024-04-02		 a year crt.sh

This page contains 1 frames:

Primary Page: https://login.microsoftonline.com/74892fe7-b6cb-43e7-912b-52194d3fd7c8/saml2?SAMLRequest=fZLNbtswEIRfheCdkijJkUxYDtwaQQ30R2jUHnIJKGoZE6BIl0vV7dtXkZ0iPTQ3gpzdmf2Wm9tfoyU%2FIaDxrqE8ySgBp%2Fxg3FNDv3V3rKa32w3K0eYnsZvi0X2FHxNgJHOhQ3F5aegUnPASDQonR0ARlbjfffoo8iQTp%2BCjV95Ssp8LjZNxMTvGeEKRptY%2FGZeMRgWPXkfvrHGQKD%2BmVVmvcw0V629Uz8piPq153rNVztflUOihUnW6JKDkzgcFS8CGamkRKDnsG%2FpYghrqrCjYja6AlXVdM9mvFAPFdd5XWa9lOUsRJzg4jNLFhuZZXrCsZLzqskpka1GuEl7VD5S011HeGXdB9Nbc%2FUWE4kPXtaz9ct9R8v0F9SygV7BicQ%2Bvib7dWCJCeIZIty8Qz%2BdzgpNSgKilij7gQlD203CUcxDZ8k362u3vUj%2FP7Q%2F71lujfpOdtf78PoCM0NAYJljAjjL%2BPxBP%2BHJjBqYXqZgcnkAZbWCg6fZq%2B%2B%2Fv2f4B&RelayState=%2Flogin%3Fcompany%3DabudhabinaP1&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=LTz%2BmCzR10qULQ3rsjd%2BVM6NLWkzb7PHjXZfInT4dPuRMj3x24uGr93Q8ICb6GUd%2Fh8k3nvTSJ7uSUgZ2L2Mm%2BFWaktBa%2FK%2BWSe1oYxHGznCfeHo6UEFp2SXTXaG4xgBdRjHyLZkip1rhic1Dnhg36KwDg%2BeytMMDJe07ujV3C8%3D&sso_reload=true
Frame ID: 8BF48960E0E0FBEF70AB203E5A7DED74
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bei Ihrem Konto anmelden

Page URL History Show full URLs

  1. https://adnoc.lms.sapsf.com/ Page URL
  2. https://adnoc.lms.sapsf.com/learning/user/login.jsp HTTP 302
    https://hcm22.sapsf.com/login?company=abudhabinaP1 HTTP 302
    https://hcm22.sapsf.com/saml2/Login?company=abudhabinaP1&RelayState=/login?company=abudhabinaP1&_s.c... Page URL
  3. https://login.microsoftonline.com/74892fe7-b6cb-43e7-912b-52194d3fd7c8/saml2?SAMLRequest=fZLNbtswEIRfheCdkijJk... Page URL
  4. https://login.microsoftonline.com/74892fe7-b6cb-43e7-912b-52194d3fd7c8/saml2?SAMLRequest=fZLNbtswEIRfheCdkijJk... Page URL

Page Statistics

23
Requests

100 %
HTTPS

57 %
IPv6

6
Domains

7
Subdomains

7
IPs

4
Countries

570 kB
Transfer

1240 kB
Size

19
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://adnoc.lms.sapsf.com/ Page URL
  2. https://adnoc.lms.sapsf.com/learning/user/login.jsp HTTP 302
    https://hcm22.sapsf.com/login?company=abudhabinaP1 HTTP 302
    https://hcm22.sapsf.com/saml2/Login?company=abudhabinaP1&RelayState=/login?company=abudhabinaP1&_s.crb=uolmcLztReiXLu6yfAUntFzNFygsdtNUNAPNPRtXV5Y%253d Page URL
  3. https://login.microsoftonline.com/74892fe7-b6cb-43e7-912b-52194d3fd7c8/saml2?SAMLRequest=fZLNbtswEIRfheCdkijJkUxYDtwaQQ30R2jUHnIJKGoZE6BIl0vV7dtXkZ0iPTQ3gpzdmf2Wm9tfoyU%2FIaDxrqE8ySgBp%2Fxg3FNDv3V3rKa32w3K0eYnsZvi0X2FHxNgJHOhQ3F5aegUnPASDQonR0ARlbjfffoo8iQTp%2BCjV95Ssp8LjZNxMTvGeEKRptY%2FGZeMRgWPXkfvrHGQKD%2BmVVmvcw0V629Uz8piPq153rNVztflUOihUnW6JKDkzgcFS8CGamkRKDnsG%2FpYghrqrCjYja6AlXVdM9mvFAPFdd5XWa9lOUsRJzg4jNLFhuZZXrCsZLzqskpka1GuEl7VD5S011HeGXdB9Nbc%2FUWE4kPXtaz9ct9R8v0F9SygV7BicQ%2Bvib7dWCJCeIZIty8Qz%2BdzgpNSgKilij7gQlD203CUcxDZ8k362u3vUj%2FP7Q%2F71lujfpOdtf78PoCM0NAYJljAjjL%2BPxBP%2BHJjBqYXqZgcnkAZbWCg6fZq%2B%2B%2Fv2f4B&RelayState=%2Flogin%3Fcompany%3DabudhabinaP1&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=LTz%2BmCzR10qULQ3rsjd%2BVM6NLWkzb7PHjXZfInT4dPuRMj3x24uGr93Q8ICb6GUd%2Fh8k3nvTSJ7uSUgZ2L2Mm%2BFWaktBa%2FK%2BWSe1oYxHGznCfeHo6UEFp2SXTXaG4xgBdRjHyLZkip1rhic1Dnhg36KwDg%2BeytMMDJe07ujV3C8%3D Page URL
  4. https://login.microsoftonline.com/74892fe7-b6cb-43e7-912b-52194d3fd7c8/saml2?SAMLRequest=fZLNbtswEIRfheCdkijJkUxYDtwaQQ30R2jUHnIJKGoZE6BIl0vV7dtXkZ0iPTQ3gpzdmf2Wm9tfoyU%2FIaDxrqE8ySgBp%2Fxg3FNDv3V3rKa32w3K0eYnsZvi0X2FHxNgJHOhQ3F5aegUnPASDQonR0ARlbjfffoo8iQTp%2BCjV95Ssp8LjZNxMTvGeEKRptY%2FGZeMRgWPXkfvrHGQKD%2BmVVmvcw0V629Uz8piPq153rNVztflUOihUnW6JKDkzgcFS8CGamkRKDnsG%2FpYghrqrCjYja6AlXVdM9mvFAPFdd5XWa9lOUsRJzg4jNLFhuZZXrCsZLzqskpka1GuEl7VD5S011HeGXdB9Nbc%2FUWE4kPXtaz9ct9R8v0F9SygV7BicQ%2Bvib7dWCJCeIZIty8Qz%2BdzgpNSgKilij7gQlD203CUcxDZ8k362u3vUj%2FP7Q%2F71lujfpOdtf78PoCM0NAYJljAjjL%2BPxBP%2BHJjBqYXqZgcnkAZbWCg6fZq%2B%2B%2Fv2f4B&RelayState=%2Flogin%3Fcompany%3DabudhabinaP1&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=LTz%2BmCzR10qULQ3rsjd%2BVM6NLWkzb7PHjXZfInT4dPuRMj3x24uGr93Q8ICb6GUd%2Fh8k3nvTSJ7uSUgZ2L2Mm%2BFWaktBa%2FK%2BWSe1oYxHGznCfeHo6UEFp2SXTXaG4xgBdRjHyLZkip1rhic1Dnhg36KwDg%2BeytMMDJe07ujV3C8%3D&sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://adnoc.lms.sapsf.com/learning/user/login.jsp HTTP 302
  • https://hcm22.sapsf.com/login?company=abudhabinaP1 HTTP 302
  • https://hcm22.sapsf.com/saml2/Login?company=abudhabinaP1&RelayState=/login?company=abudhabinaP1&_s.crb=uolmcLztReiXLu6yfAUntFzNFygsdtNUNAPNPRtXV5Y%253d

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
adnoc.lms.sapsf.com/ 		68 B
338 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adnoc.lms.sapsf.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
130.214.250.252 Dubai, United Arab Emirates, ASN35039 (SAP_CC, DE),
Reverse DNS
Software
Successfactors /
Resource Hash
40280b8b1243ceeb3bd1c49f0268c0975276d13c42c8c08ba873e46ad9a5d9a8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Length
68
Content-Type
text/html
Date
Mon, 17 Apr 2023 07:09:44 GMT
ETag
"5eea89fd-44"
Last-Modified
Wed, 17 Jun 2020 21:24:13 GMT
Server
Successfactors
X-Robots-Tag
noindex,nofollow
Login
hcm22.sapsf.com/saml2/
Redirect Chain
  • https://adnoc.lms.sapsf.com/learning/user/login.jsp
  • https://hcm22.sapsf.com/login?company=abudhabinaP1
  • https://hcm22.sapsf.com/saml2/Login?company=abudhabinaP1&RelayState=/login?company=abudhabinaP1&_s.crb=uolmcLztReiXLu6yfAUntFzNFygsdtNUNAPNPRtXV5Y%253d
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hcm22.sapsf.com/saml2/Login?company=abudhabinaP1&RelayState=/login?company=abudhabinaP1&_s.crb=uolmcLztReiXLu6yfAUntFzNFygsdtNUNAPNPRtXV5Y%253d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.119.197 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-119-197.deploy.static.akamaitechnologies.com
Software
Successfactors /
Resource Hash
84ee5eb990b2077ad67becf997cfdc3643a06ca39db7f8869d95db3a4ff9f130
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://adnoc.lms.sapsf.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store,no-cache
content-length
1706
content-type
text/html;charset=UTF-8
date
Mon, 17 Apr 2023 07:09:45 GMT
expires
Mon, 17 Apr 2023 07:09:45 GMT Wed, 31 Dec 1969 23:59:59 GMT
pragma
no-cache no-cache
referrer-policy
strict-origin-when-cross-origin
server
Successfactors
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-correlation-id
16d4271284b29b26b928b6ee84602d57
x-event-id
EVENT-UNKNOWN-UNKNOWN-ob11abe02s-20230417070945-1507605
x-itr-server
e0f24344d2aafd73fc2772b0977ba1e086d7765c
x-itr-target-cluster
defaultCluster
x-request-stats
SQLT=0&CCON=0&FWR=0&NRE=0&CEXT=0&ST=1681715385169&EID=EVENT-UNKNOWN-UNKNOWN-ob11abe02s-20230417070945-1507605&CLOC=0&CREM=0&NWR=0&CPU=25&SVT=26&SQLC=0&SCPU=5&CSUP=1&MEM=6368&UCPU=20&FRE=0
x-unique-id
16d4271284b29b26b928b6ee84602d57
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-store,no-cache
content-length
0
date
Mon, 17 Apr 2023 07:09:45 GMT
expires
Mon, 17 Apr 2023 07:09:44 GMT
location
/saml2/Login?company=abudhabinaP1&RelayState=/login?company=abudhabinaP1&_s.crb=uolmcLztReiXLu6yfAUntFzNFygsdtNUNAPNPRtXV5Y%253d
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
Successfactors
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-correlation-id
5556eea810a5c454ae1ebc32c6eaf733
x-event-id
EVENT-PLT-LOGINPAGE-ob11abe02s-20230417070944-1507604
x-itr-server
e0f24344d2aafd73fc2772b0977ba1e086d7765c
x-itr-target-cluster
defaultCluster
x-unique-id
5556eea810a5c454ae1ebc32c6eaf733
x-xss-protection
1; mode=block
XMLHttpRequest.js
hcm22.sapsf.com/ui/extlib/XMLHttpRequest_1.0.5_sf.18/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hcm22.sapsf.com/ui/extlib/XMLHttpRequest_1.0.5_sf.18/XMLHttpRequest.js
Requested by
Host: hcm22.sapsf.com
URL: https://hcm22.sapsf.com/saml2/Login?company=abudhabinaP1&RelayState=/login?company=abudhabinaP1&_s.crb=uolmcLztReiXLu6yfAUntFzNFygsdtNUNAPNPRtXV5Y%253d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.119.197 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-119-197.deploy.static.akamaitechnologies.com
Software
Successfactors /
Resource Hash
e2aaec9826f489c85b078bbbec0efdb872fcbd16c74677111288bd7b02e807a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hcm22.sapsf.com/saml2/Login?company=abudhabinaP1&RelayState=/login?company=abudhabinaP1&_s.crb=uolmcLztReiXLu6yfAUntFzNFygsdtNUNAPNPRtXV5Y%253d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 09 Dec 2022 20:28:37 GMT
server
Successfactors
date
Mon, 17 Apr 2023 07:09:45 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=306513504
content-length
2704
x-xss-protection
1; mode=block
expires
Sat, 01 Jan 2033 21:48:09 GMT
perflog_6afbc835fd7bc8ec51a93324df511558.js
hcm22.sapsf.com/ui/perflog/js/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hcm22.sapsf.com/ui/perflog/js/perflog_6afbc835fd7bc8ec51a93324df511558.js
Requested by
Host: hcm22.sapsf.com
URL: https://hcm22.sapsf.com/saml2/Login?company=abudhabinaP1&RelayState=/login?company=abudhabinaP1&_s.crb=uolmcLztReiXLu6yfAUntFzNFygsdtNUNAPNPRtXV5Y%253d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.119.197 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-119-197.deploy.static.akamaitechnologies.com
Software
Successfactors /
Resource Hash
2ee483c6c8ac0a1a070fa2a1af9ef0c46fca385b84ffad5a0abba2b48e226e02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hcm22.sapsf.com/saml2/Login?company=abudhabinaP1&RelayState=/login?company=abudhabinaP1&_s.crb=uolmcLztReiXLu6yfAUntFzNFygsdtNUNAPNPRtXV5Y%253d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 17 Nov 2022 15:41:39 GMT
server
Successfactors
date
Mon, 17 Apr 2023 07:09:45 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=306533635
content-length
4421
x-xss-protection
1; mode=block
expires
Sun, 02 Jan 2033 03:23:40 GMT
saml2
login.microsoftonline.com/74892fe7-b6cb-43e7-912b-52194d3fd7c8/ 		154 KB
56 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/74892fe7-b6cb-43e7-912b-52194d3fd7c8/saml2?SAMLRequest=fZLNbtswEIRfheCdkijJkUxYDtwaQQ30R2jUHnIJKGoZE6BIl0vV7dtXkZ0iPTQ3gpzdmf2Wm9tfoyU%2FIaDxrqE8ySgBp%2Fxg3FNDv3V3rKa32w3K0eYnsZvi0X2FHxNgJHOhQ3F5aegUnPASDQonR0ARlbjfffoo8iQTp%2BCjV95Ssp8LjZNxMTvGeEKRptY%2FGZeMRgWPXkfvrHGQKD%2BmVVmvcw0V629Uz8piPq153rNVztflUOihUnW6JKDkzgcFS8CGamkRKDnsG%2FpYghrqrCjYja6AlXVdM9mvFAPFdd5XWa9lOUsRJzg4jNLFhuZZXrCsZLzqskpka1GuEl7VD5S011HeGXdB9Nbc%2FUWE4kPXtaz9ct9R8v0F9SygV7BicQ%2Bvib7dWCJCeIZIty8Qz%2BdzgpNSgKilij7gQlD203CUcxDZ8k362u3vUj%2FP7Q%2F71lujfpOdtf78PoCM0NAYJljAjjL%2BPxBP%2BHJjBqYXqZgcnkAZbWCg6fZq%2B%2B%2Fv2f4B&RelayState=%2Flogin%3Fcompany%3DabudhabinaP1&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=LTz%2BmCzR10qULQ3rsjd%2BVM6NLWkzb7PHjXZfInT4dPuRMj3x24uGr93Q8ICb6GUd%2Fh8k3nvTSJ7uSUgZ2L2Mm%2BFWaktBa%2FK%2BWSe1oYxHGznCfeHo6UEFp2SXTXaG4xgBdRjHyLZkip1rhic1Dnhg36KwDg%2BeytMMDJe07ujV3C8%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.126.32.72 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4ce9c347ad88ee5bcf2fb8d8a99adca1ddbabc1f1ebf46275ac07c0240b841a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hcm22.sapsf.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
56155
Content-Type
text/html; charset=utf-8
Date
Mon, 17 Apr 2023 07:09:45 GMT
Expires
-1
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
x-ms-ests-server
2.1.15049.5 - NEULR2 ProdSlices
x-ms-request-id
38b1a652-b8b6-4c06-8b65-7d24ee1b3400
reportbssotelemetry
login.microsoftonline.com/common/instrumentation/ 		265 B
1 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/common/instrumentation/reportbssotelemetry?hpgid=6&hpgact=1900&client-request-id=31a1c3b7-3c6b-4609-a4a0-33bfaebf8cf6&hpgrequestid=38b1a652-b8b6-4c06-8b65-7d24ee1b3400
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/74892fe7-b6cb-43e7-912b-52194d3fd7c8/saml2?SAMLRequest=fZLNbtswEIRfheCdkijJkUxYDtwaQQ30R2jUHnIJKGoZE6BIl0vV7dtXkZ0iPTQ3gpzdmf2Wm9tfoyU%2FIaDxrqE8ySgBp%2Fxg3FNDv3V3rKa32w3K0eYnsZvi0X2FHxNgJHOhQ3F5aegUnPASDQonR0ARlbjfffoo8iQTp%2BCjV95Ssp8LjZNxMTvGeEKRptY%2FGZeMRgWPXkfvrHGQKD%2BmVVmvcw0V629Uz8piPq153rNVztflUOihUnW6JKDkzgcFS8CGamkRKDnsG%2FpYghrqrCjYja6AlXVdM9mvFAPFdd5XWa9lOUsRJzg4jNLFhuZZXrCsZLzqskpka1GuEl7VD5S011HeGXdB9Nbc%2FUWE4kPXtaz9ct9R8v0F9SygV7BicQ%2Bvib7dWCJCeIZIty8Qz%2BdzgpNSgKilij7gQlD203CUcxDZ8k362u3vUj%2FP7Q%2F71lujfpOdtf78PoCM0NAYJljAjjL%2BPxBP%2BHJjBqYXqZgcnkAZbWCg6fZq%2B%2B%2Fv2f4B&RelayState=%2Flogin%3Fcompany%3DabudhabinaP1&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=LTz%2BmCzR10qULQ3rsjd%2BVM6NLWkzb7PHjXZfInT4dPuRMj3x24uGr93Q8ICb6GUd%2Fh8k3nvTSJ7uSUgZ2L2Mm%2BFWaktBa%2FK%2BWSe1oYxHGznCfeHo6UEFp2SXTXaG4xgBdRjHyLZkip1rhic1Dnhg36KwDg%2BeytMMDJe07ujV3C8%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.126.32.72 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://login.microsoftonline.com/74892fe7-b6cb-43e7-912b-52194d3fd7c8/saml2?SAMLRequest=fZLNbtswEIRfheCdkijJkUxYDtwaQQ30R2jUHnIJKGoZE6BIl0vV7dtXkZ0iPTQ3gpzdmf2Wm9tfoyU%2FIaDxrqE8ySgBp%2Fxg3FNDv3V3rKa32w3K0eYnsZvi0X2FHxNgJHOhQ3F5aegUnPASDQonR0ARlbjfffoo8iQTp%2BCjV95Ssp8LjZNxMTvGeEKRptY%2FGZeMRgWPXkfvrHGQKD%2BmVVmvcw0V629Uz8piPq153rNVztflUOihUnW6JKDkzgcFS8CGamkRKDnsG%2FpYghrqrCjYja6AlXVdM9mvFAPFdd5XWa9lOUsRJzg4jNLFhuZZXrCsZLzqskpka1GuEl7VD5S011HeGXdB9Nbc%2FUWE4kPXtaz9ct9R8v0F9SygV7BicQ%2Bvib7dWCJCeIZIty8Qz%2BdzgpNSgKilij7gQlD203CUcxDZ8k362u3vUj%2FP7Q%2F71lujfpOdtf78PoCM0NAYJljAjjL%2BPxBP%2BHJjBqYXqZgcnkAZbWCg6fZq%2B%2B%2Fv2f4B&RelayState=%2Flogin%3Fcompany%3DabudhabinaP1&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=LTz%2BmCzR10qULQ3rsjd%2BVM6NLWkzb7PHjXZfInT4dPuRMj3x24uGr93Q8ICb6GUd%2Fh8k3nvTSJ7uSUgZ2L2Mm%2BFWaktBa%2FK%2BWSe1oYxHGznCfeHo6UEFp2SXTXaG4xgBdRjHyLZkip1rhic1Dnhg36KwDg%2BeytMMDJe07ujV3C8%3D
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Mon, 17 Apr 2023 07:09:45 GMT
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin-when-cross-origin
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
Content-Type
application/json; charset=utf-8
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
x-ms-request-id
0b8672e7-fc6e-4aee-9d9d-df2e52143f00
Cache-Control
no-store, no-cache
Content-Length
265
x-ms-ests-server
2.1.14939.4 - NEULR1 ProdSlices
X-XSS-Protection
0
Expires
-1
Primary Request saml2
login.microsoftonline.com/74892fe7-b6cb-43e7-912b-52194d3fd7c8/ 		202 KB
53 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/74892fe7-b6cb-43e7-912b-52194d3fd7c8/saml2?SAMLRequest=fZLNbtswEIRfheCdkijJkUxYDtwaQQ30R2jUHnIJKGoZE6BIl0vV7dtXkZ0iPTQ3gpzdmf2Wm9tfoyU%2FIaDxrqE8ySgBp%2Fxg3FNDv3V3rKa32w3K0eYnsZvi0X2FHxNgJHOhQ3F5aegUnPASDQonR0ARlbjfffoo8iQTp%2BCjV95Ssp8LjZNxMTvGeEKRptY%2FGZeMRgWPXkfvrHGQKD%2BmVVmvcw0V629Uz8piPq153rNVztflUOihUnW6JKDkzgcFS8CGamkRKDnsG%2FpYghrqrCjYja6AlXVdM9mvFAPFdd5XWa9lOUsRJzg4jNLFhuZZXrCsZLzqskpka1GuEl7VD5S011HeGXdB9Nbc%2FUWE4kPXtaz9ct9R8v0F9SygV7BicQ%2Bvib7dWCJCeIZIty8Qz%2BdzgpNSgKilij7gQlD203CUcxDZ8k362u3vUj%2FP7Q%2F71lujfpOdtf78PoCM0NAYJljAjjL%2BPxBP%2BHJjBqYXqZgcnkAZbWCg6fZq%2B%2B%2Fv2f4B&RelayState=%2Flogin%3Fcompany%3DabudhabinaP1&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=LTz%2BmCzR10qULQ3rsjd%2BVM6NLWkzb7PHjXZfInT4dPuRMj3x24uGr93Q8ICb6GUd%2Fh8k3nvTSJ7uSUgZ2L2Mm%2BFWaktBa%2FK%2BWSe1oYxHGznCfeHo6UEFp2SXTXaG4xgBdRjHyLZkip1rhic1Dnhg36KwDg%2BeytMMDJe07ujV3C8%3D&sso_reload=true
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/74892fe7-b6cb-43e7-912b-52194d3fd7c8/saml2?SAMLRequest=fZLNbtswEIRfheCdkijJkUxYDtwaQQ30R2jUHnIJKGoZE6BIl0vV7dtXkZ0iPTQ3gpzdmf2Wm9tfoyU%2FIaDxrqE8ySgBp%2Fxg3FNDv3V3rKa32w3K0eYnsZvi0X2FHxNgJHOhQ3F5aegUnPASDQonR0ARlbjfffoo8iQTp%2BCjV95Ssp8LjZNxMTvGeEKRptY%2FGZeMRgWPXkfvrHGQKD%2BmVVmvcw0V629Uz8piPq153rNVztflUOihUnW6JKDkzgcFS8CGamkRKDnsG%2FpYghrqrCjYja6AlXVdM9mvFAPFdd5XWa9lOUsRJzg4jNLFhuZZXrCsZLzqskpka1GuEl7VD5S011HeGXdB9Nbc%2FUWE4kPXtaz9ct9R8v0F9SygV7BicQ%2Bvib7dWCJCeIZIty8Qz%2BdzgpNSgKilij7gQlD203CUcxDZ8k362u3vUj%2FP7Q%2F71lujfpOdtf78PoCM0NAYJljAjjL%2BPxBP%2BHJjBqYXqZgcnkAZbWCg6fZq%2B%2B%2Fv2f4B&RelayState=%2Flogin%3Fcompany%3DabudhabinaP1&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=LTz%2BmCzR10qULQ3rsjd%2BVM6NLWkzb7PHjXZfInT4dPuRMj3x24uGr93Q8ICb6GUd%2Fh8k3nvTSJ7uSUgZ2L2Mm%2BFWaktBa%2FK%2BWSe1oYxHGznCfeHo6UEFp2SXTXaG4xgBdRjHyLZkip1rhic1Dnhg36KwDg%2BeytMMDJe07ujV3C8%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.126.32.72 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a1967b3f9fada8b1fe195204caf9808cd7563d4a356d13938ab7b5ae9d601fdb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://login.microsoftonline.com/74892fe7-b6cb-43e7-912b-52194d3fd7c8/saml2?SAMLRequest=fZLNbtswEIRfheCdkijJkUxYDtwaQQ30R2jUHnIJKGoZE6BIl0vV7dtXkZ0iPTQ3gpzdmf2Wm9tfoyU%2FIaDxrqE8ySgBp%2Fxg3FNDv3V3rKa32w3K0eYnsZvi0X2FHxNgJHOhQ3F5aegUnPASDQonR0ARlbjfffoo8iQTp%2BCjV95Ssp8LjZNxMTvGeEKRptY%2FGZeMRgWPXkfvrHGQKD%2BmVVmvcw0V629Uz8piPq153rNVztflUOihUnW6JKDkzgcFS8CGamkRKDnsG%2FpYghrqrCjYja6AlXVdM9mvFAPFdd5XWa9lOUsRJzg4jNLFhuZZXrCsZLzqskpka1GuEl7VD5S011HeGXdB9Nbc%2FUWE4kPXtaz9ct9R8v0F9SygV7BicQ%2Bvib7dWCJCeIZIty8Qz%2BdzgpNSgKilij7gQlD203CUcxDZ8k362u3vUj%2FP7Q%2F71lujfpOdtf78PoCM0NAYJljAjjL%2BPxBP%2BHJjBqYXqZgcnkAZbWCg6fZq%2B%2B%2Fv2f4B&RelayState=%2Flogin%3Fcompany%3DabudhabinaP1&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=LTz%2BmCzR10qULQ3rsjd%2BVM6NLWkzb7PHjXZfInT4dPuRMj3x24uGr93Q8ICb6GUd%2Fh8k3nvTSJ7uSUgZ2L2Mm%2BFWaktBa%2FK%2BWSe1oYxHGznCfeHo6UEFp2SXTXaG4xgBdRjHyLZkip1rhic1Dnhg36KwDg%2BeytMMDJe07ujV3C8%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
52003
Content-Type
text/html; charset=utf-8
Date
Mon, 17 Apr 2023 07:09:45 GMT
Expires
-1
Link
<https://aadcdn.msauth.net>; rel=preconnect; crossorigin <https://aadcdn.msauth.net>; rel=dns-prefetch <https://aadcdn.msftauth.net>; rel=dns-prefetch
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
on
X-Frame-Options
DENY
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
x-ms-ests-server
2.1.15049.5 - WEULR2 ProdSlices
x-ms-request-id
a32962da-ebbc-44ab-bd42-df6e495e0300
ConvergedLogin_PCore_5mO8_3m-EVITyL_hvIHAww2.js
aadcdn.msauth.net/shared/1.0/content/js/ 		405 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_5mO8_3m-EVITyL_hvIHAww2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/74892fe7-b6cb-43e7-912b-52194d3fd7c8/saml2?SAMLRequest=fZLNbtswEIRfheCdkijJkUxYDtwaQQ30R2jUHnIJKGoZE6BIl0vV7dtXkZ0iPTQ3gpzdmf2Wm9tfoyU%2FIaDxrqE8ySgBp%2Fxg3FNDv3V3rKa32w3K0eYnsZvi0X2FHxNgJHOhQ3F5aegUnPASDQonR0ARlbjfffoo8iQTp%2BCjV95Ssp8LjZNxMTvGeEKRptY%2FGZeMRgWPXkfvrHGQKD%2BmVVmvcw0V629Uz8piPq153rNVztflUOihUnW6JKDkzgcFS8CGamkRKDnsG%2FpYghrqrCjYja6AlXVdM9mvFAPFdd5XWa9lOUsRJzg4jNLFhuZZXrCsZLzqskpka1GuEl7VD5S011HeGXdB9Nbc%2FUWE4kPXtaz9ct9R8v0F9SygV7BicQ%2Bvib7dWCJCeIZIty8Qz%2BdzgpNSgKilij7gQlD203CUcxDZ8k362u3vUj%2FP7Q%2F71lujfpOdtf78PoCM0NAYJljAjjL%2BPxBP%2BHJjBqYXqZgcnkAZbWCg6fZq%2B%2B%2Fv2f4B&RelayState=%2Flogin%3Fcompany%3DabudhabinaP1&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=LTz%2BmCzR10qULQ3rsjd%2BVM6NLWkzb7PHjXZfInT4dPuRMj3x24uGr93Q8ICb6GUd%2Fh8k3nvTSJ7uSUgZ2L2Mm%2BFWaktBa%2FK%2BWSe1oYxHGznCfeHo6UEFp2SXTXaG4xgBdRjHyLZkip1rhic1Dnhg36KwDg%2BeytMMDJe07ujV3C8%3D&sso_reload=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4f:1::69 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
fbbcffff1edca332935bd0ea8ccef4a784fd452c629eecb552cfc4d4a5b9e844

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 17 Apr 2023 07:09:45 GMT
content-encoding
gzip
x-azure-ref-originshield
0uQ46ZAAAAACrm7pVWWXQR5VIhkkfWPFIRlJBMjMxMDUwNDE4MDE3ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
0cQZvm7gYsh4+MDtxpOoxA==
x-cache
TCP_HIT
content-length
114768
x-ms-lease-status
unlocked
last-modified
Fri, 10 Mar 2023 06:13:13 GMT
etag
0x8DB212E882BA187
x-azure-ref
0uvA8ZAAAAABAqsvS0xgQT5OkqBsYIwKJRlJBMzFFREdFMDQxNgAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
c39d7174-b01e-0044-1a0d-6d486a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
Me.htm
login.live.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://login.live.com/Me.htm?v=3
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/74892fe7-b6cb-43e7-912b-52194d3fd7c8/saml2?SAMLRequest=fZLNbtswEIRfheCdkijJkUxYDtwaQQ30R2jUHnIJKGoZE6BIl0vV7dtXkZ0iPTQ3gpzdmf2Wm9tfoyU%2FIaDxrqE8ySgBp%2Fxg3FNDv3V3rKa32w3K0eYnsZvi0X2FHxNgJHOhQ3F5aegUnPASDQonR0ARlbjfffoo8iQTp%2BCjV95Ssp8LjZNxMTvGeEKRptY%2FGZeMRgWPXkfvrHGQKD%2BmVVmvcw0V629Uz8piPq153rNVztflUOihUnW6JKDkzgcFS8CGamkRKDnsG%2FpYghrqrCjYja6AlXVdM9mvFAPFdd5XWa9lOUsRJzg4jNLFhuZZXrCsZLzqskpka1GuEl7VD5S011HeGXdB9Nbc%2FUWE4kPXtaz9ct9R8v0F9SygV7BicQ%2Bvib7dWCJCeIZIty8Qz%2BdzgpNSgKilij7gQlD203CUcxDZ8k362u3vUj%2FP7Q%2F71lujfpOdtf78PoCM0NAYJljAjjL%2BPxBP%2BHJjBqYXqZgcnkAZbWCg6fZq%2B%2B%2Fv2f4B&RelayState=%2Flogin%3Fcompany%3DabudhabinaP1&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=LTz%2BmCzR10qULQ3rsjd%2BVM6NLWkzb7PHjXZfInT4dPuRMj3x24uGr93Q8ICb6GUd%2Fh8k3nvTSJ7uSUgZ2L2Mm%2BFWaktBa%2FK%2BWSe1oYxHGznCfeHo6UEFp2SXTXaG4xgBdRjHyLZkip1rhic1Dnhg36KwDg%2BeytMMDJe07ujV3C8%3D&sso_reload=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1027:1:158::c Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers
convergedlogin_pcustomizationloader_6d0f034edc7f959d3b0d.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ 		107 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_6d0f034edc7f959d3b0d.js
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_5mO8_3m-EVITyL_hvIHAww2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4f:1::69 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
684b00f00affae290934eecbe42eb5eda60e464ad42f84fcfbeacc44ea94e058

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 17 Apr 2023 07:09:46 GMT
content-encoding
gzip
x-azure-ref-originshield
0eOg6ZAAAAAAp2stNP9iFQZ57czyMiNLTRlJBMjMxMDUwNDE3MDI5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
OQp8wyezCVBxxlQ0oNEkXg==
x-cache
TCP_HIT
content-length
32199
x-ms-lease-status
unlocked
last-modified
Tue, 28 Feb 2023 01:22:38 GMT
etag
0x8DB192A47FA95B3
x-azure-ref
0uvA8ZAAAAAB4gs8RL6N9SpbL90OzDTpZRlJBMzFFREdFMDQxOAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
c62d1dba-d01e-0052-0f36-6d0244000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
converged.v2.login.min_ri9kuwotliet3wfbgspsga2.css
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ 		0
20 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_ri9kuwotliet3wfbgspsga2.css
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/74892fe7-b6cb-43e7-912b-52194d3fd7c8/saml2?SAMLRequest=fZLNbtswEIRfheCdkijJkUxYDtwaQQ30R2jUHnIJKGoZE6BIl0vV7dtXkZ0iPTQ3gpzdmf2Wm9tfoyU%2FIaDxrqE8ySgBp%2Fxg3FNDv3V3rKa32w3K0eYnsZvi0X2FHxNgJHOhQ3F5aegUnPASDQonR0ARlbjfffoo8iQTp%2BCjV95Ssp8LjZNxMTvGeEKRptY%2FGZeMRgWPXkfvrHGQKD%2BmVVmvcw0V629Uz8piPq153rNVztflUOihUnW6JKDkzgcFS8CGamkRKDnsG%2FpYghrqrCjYja6AlXVdM9mvFAPFdd5XWa9lOUsRJzg4jNLFhuZZXrCsZLzqskpka1GuEl7VD5S011HeGXdB9Nbc%2FUWE4kPXtaz9ct9R8v0F9SygV7BicQ%2Bvib7dWCJCeIZIty8Qz%2BdzgpNSgKilij7gQlD203CUcxDZ8k362u3vUj%2FP7Q%2F71lujfpOdtf78PoCM0NAYJljAjjL%2BPxBP%2BHJjBqYXqZgcnkAZbWCg6fZq%2B%2B%2Fv2f4B&RelayState=%2Flogin%3Fcompany%3DabudhabinaP1&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=LTz%2BmCzR10qULQ3rsjd%2BVM6NLWkzb7PHjXZfInT4dPuRMj3x24uGr93Q8ICb6GUd%2Fh8k3nvTSJ7uSUgZ2L2Mm%2BFWaktBa%2FK%2BWSe1oYxHGznCfeHo6UEFp2SXTXaG4xgBdRjHyLZkip1rhic1Dnhg36KwDg%2BeytMMDJe07ujV3C8%3D&sso_reload=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4f:1::69 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 17 Apr 2023 07:09:46 GMT
content-encoding
gzip
x-azure-ref-originshield
0Ne42ZAAAAAD2QbxgaX1pTqe1cK9D1TVyRlJBMjMxMDUwNDE4MDMxADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
ChFamsxirG9fmBt4/kbQ4Q==
x-cache
TCP_HIT
content-length
20004
x-ms-lease-status
unlocked
last-modified
Tue, 07 Mar 2023 21:22:34 GMT
etag
0x8DB1F52117A5E28
x-azure-ref
0uvA8ZAAAAADNRaBTnK9GTaQoClJqgQ5iRlJBMzFFREdFMDQxOAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
d78012d0-501e-005a-0b18-6d5a55000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
ux.converged.login.strings-de.min_1zgzfge8gntmvd0jm8wtcw2.js
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ 		0
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-de.min_1zgzfge8gntmvd0jm8wtcw2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/74892fe7-b6cb-43e7-912b-52194d3fd7c8/saml2?SAMLRequest=fZLNbtswEIRfheCdkijJkUxYDtwaQQ30R2jUHnIJKGoZE6BIl0vV7dtXkZ0iPTQ3gpzdmf2Wm9tfoyU%2FIaDxrqE8ySgBp%2Fxg3FNDv3V3rKa32w3K0eYnsZvi0X2FHxNgJHOhQ3F5aegUnPASDQonR0ARlbjfffoo8iQTp%2BCjV95Ssp8LjZNxMTvGeEKRptY%2FGZeMRgWPXkfvrHGQKD%2BmVVmvcw0V629Uz8piPq153rNVztflUOihUnW6JKDkzgcFS8CGamkRKDnsG%2FpYghrqrCjYja6AlXVdM9mvFAPFdd5XWa9lOUsRJzg4jNLFhuZZXrCsZLzqskpka1GuEl7VD5S011HeGXdB9Nbc%2FUWE4kPXtaz9ct9R8v0F9SygV7BicQ%2Bvib7dWCJCeIZIty8Qz%2BdzgpNSgKilij7gQlD203CUcxDZ8k362u3vUj%2FP7Q%2F71lujfpOdtf78PoCM0NAYJljAjjL%2BPxBP%2BHJjBqYXqZgcnkAZbWCg6fZq%2B%2B%2Fv2f4B&RelayState=%2Flogin%3Fcompany%3DabudhabinaP1&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=LTz%2BmCzR10qULQ3rsjd%2BVM6NLWkzb7PHjXZfInT4dPuRMj3x24uGr93Q8ICb6GUd%2Fh8k3nvTSJ7uSUgZ2L2Mm%2BFWaktBa%2FK%2BWSe1oYxHGznCfeHo6UEFp2SXTXaG4xgBdRjHyLZkip1rhic1Dnhg36KwDg%2BeytMMDJe07ujV3C8%3D&sso_reload=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4f:1::69 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 17 Apr 2023 07:09:46 GMT
content-encoding
gzip
x-azure-ref-originshield
0Z+g6ZAAAAADpiGFcikPySqFPEYObNDCmRlJBMjMxMDUwNDE4MDI5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
OA/MYTqo7rX4zCc0Cnth3A==
x-cache
TCP_HIT
content-length
15387
x-ms-lease-status
unlocked
last-modified
Thu, 02 Mar 2023 02:19:39 GMT
etag
0x8DB1AC493714ED3
x-azure-ref
0uvA8ZAAAAAA1JKR9uHltQK3YLI+oCFV+RlJBMzFFREdFMDQxOAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
e1f34195-f01e-0014-0133-6d2b59000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
convergedlogin_pfetchsessionsprogress_acf6fa8e3cf2ed1f4a24.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_acf6fa8e3cf2ed1f4a24.js
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_5mO8_3m-EVITyL_hvIHAww2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4f:1::69 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5c3262829ee080da4f3a9e8792a4a4dc6d83ff25e5112d582f9a469e86a3440a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 17 Apr 2023 07:09:46 GMT
content-encoding
gzip
x-azure-ref-originshield
085k8ZAAAAABnmlIaWDWER649iu+iIXgxRlJBMjMxMDUwNDE4MDM5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
RiTl/DRDayD2iHRM6kSPAA==
x-cache
TCP_HIT
content-length
5530
x-ms-lease-status
unlocked
last-modified
Tue, 28 Feb 2023 01:22:39 GMT
etag
0x8DB192A480172EE
x-azure-ref
0uvA8ZAAAAADRyeHdFy5QT7oZa0TVLQHaRlJBMzFFREdFMDQxOAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
0cf77e21-c01e-0023-286c-6ddb46000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
marching_ants_white_166de53471265253ab3a456defe6da23.gif
aadcdn.msauth.net/shared/1.0/content/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/marching_ants_white_166de53471265253ab3a456defe6da23.gif
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4f:1::69 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 17 Apr 2023 07:09:46 GMT
x-azure-ref-originshield
0dgo5ZAAAAABHYnASu4HhQ7gaD0RTk5rlRlJBMjMxMDUwNDE3MDUxADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
Fm3lNHEmUlOrOkVt7+baIw==
x-cache
TCP_HIT
content-length
2672
x-ms-lease-status
unlocked
last-modified
Fri, 17 Jan 2020 19:28:37 GMT
etag
0x8D79B83739984DD
x-azure-ref
0uvA8ZAAAAABNnzli8n30TIA5g1ld83K0RlJBMzFFREdFMDQxOAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
7e688941-e01e-0031-0b33-6d3d60000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
aadcdn.msauth.net/shared/1.0/content/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4f:1::69 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 17 Apr 2023 07:09:46 GMT
x-azure-ref-originshield
0GJ48ZAAAAAAEoDNVD1epSq6TxQxXA4GPRlJBMjMxMDUwNDE4MDI3ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
tUCo5RgDcZLjLE/li/Lbqw==
x-cache
TCP_HIT
content-length
3620
x-ms-lease-status
unlocked
last-modified
Fri, 17 Jan 2020 19:28:38 GMT
etag
0x8D79B8373B17F89
x-azure-ref
0uvA8ZAAAAACN5O6PTfK3Srs5PPtr3hfJRlJBMzFFREdFMDQxOAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
4f323444-101e-004e-10ca-70467f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
illustration
aadcdn.msauthimages.net/c1c6b6c8-wxkyqvofgkncpuwu6qj6iqztbqwvarodradb2oormyg/logintenantbranding/0/ 		208 KB
209 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauthimages.net/c1c6b6c8-wxkyqvofgkncpuwu6qj6iqztbqwvarodradb2oormyg/logintenantbranding/0/illustration?ts=637195303146272537
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:3d10:442f:fac8:6d32:4c87 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CBF) /
Resource Hash
ff5dd59f1992d2dbfe7e0ff243c7f461849bfe83209901ac6cf597f5afee61f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 17 Apr 2023 07:09:46 GMT
last-modified
Wed, 11 Mar 2020 13:31:55 GMT
server
ECAcc (frc/4CBF)
content-md5
fSaHVDC5NCYzTJnAtkNcZQ==
age
48152
etag
0x8D7C5C090F06CE7
x-cache
HIT
content-type
image/*
x-ms-request-id
190ea090-001e-0062-6a8b-706bea000000
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
213334
bannerlogo
aadcdn.msauthimages.net/c1c6b6c8-wxkyqvofgkncpuwu6qj6iqztbqwvarodradb2oormyg/logintenantbranding/0/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauthimages.net/c1c6b6c8-wxkyqvofgkncpuwu6qj6iqztbqwvarodradb2oormyg/logintenantbranding/0/bannerlogo?ts=637126179588785731
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:3d10:442f:fac8:6d32:4c87 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CC0) /
Resource Hash
769b121cd3d7f9a673c94b8163fb19bd33969e237350c8c44ad183489be36ead

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 17 Apr 2023 07:09:46 GMT
last-modified
Sun, 22 Dec 2019 13:25:59 GMT
server
ECAcc (frc/4CC0)
content-md5
i6upeBLykug31op404Ravw==
age
57548
etag
0x8D786E27B9DA113
x-cache
HIT
content-type
image/*
x-ms-request-id
c54fa683-e01e-0068-0875-707263000000
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
3264
marching_ants_white_166de53471265253ab3a456defe6da23.gif
aadcdn.msauth.net/shared/1.0/content/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/marching_ants_white_166de53471265253ab3a456defe6da23.gif
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_5mO8_3m-EVITyL_hvIHAww2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4f:1::69 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 17 Apr 2023 07:09:46 GMT
x-azure-ref-originshield
0dgo5ZAAAAABHYnASu4HhQ7gaD0RTk5rlRlJBMjMxMDUwNDE3MDUxADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
Fm3lNHEmUlOrOkVt7+baIw==
x-cache
TCP_HIT
content-length
2672
x-ms-lease-status
unlocked
last-modified
Fri, 17 Jan 2020 19:28:37 GMT
etag
0x8D79B83739984DD
x-azure-ref
0uvA8ZAAAAACeuXeP0dZESbUJkKnQxmduRlJBMzFFREdFMDQxOAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
7e688941-e01e-0031-0b33-6d3d60000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
aadcdn.msauth.net/shared/1.0/content/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_5mO8_3m-EVITyL_hvIHAww2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4f:1::69 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 17 Apr 2023 07:09:46 GMT
x-azure-ref-originshield
0GJ48ZAAAAAAEoDNVD1epSq6TxQxXA4GPRlJBMjMxMDUwNDE4MDI3ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
tUCo5RgDcZLjLE/li/Lbqw==
x-cache
TCP_HIT
content-length
3620
x-ms-lease-status
unlocked
last-modified
Fri, 17 Jan 2020 19:28:38 GMT
etag
0x8D79B8373B17F89
x-azure-ref
0uvA8ZAAAAABNfVSS8ibATr+5v4Ys3jAARlJBMzFFREdFMDQxOAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
4f323444-101e-004e-10ca-70467f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
ssoprobe
autologon.microsoftazuread-sso.com/74892fe7-b6cb-43e7-912b-52194d3fd7c8/winauth/ 		12 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://autologon.microsoftazuread-sso.com/74892fe7-b6cb-43e7-912b-52194d3fd7c8/winauth/ssoprobe?client-request-id=3048c172-4677-4189-8ce2-2dc38789014c&_=1681715386464
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1027:1:158::8 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Mon, 17 Apr 2023 07:09:45 GMT
X-Content-Type-Options
nosniff
WWW-Authenticate
Negotiate
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Content-Length
12
X-XSS-Protection
0
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Vary
Origin
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png; charset=utf-8
Access-Control-Allow-Origin
https://login.microsoftonline.com
x-ms-request-id
cdc41854-6943-44fc-8163-81a9e1d83200
Cache-Control
no-store, no-cache
Access-Control-Allow-Credentials
true
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
x-ms-ests-server
2.1.15049.5 - WEULR2 ProdSlices
Expires
-1
dssostatus
login.microsoftonline.com/common/instrumentation/ 		265 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/common/instrumentation/dssostatus
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_5mO8_3m-EVITyL_hvIHAww2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.126.32.72 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ff51b6f4ca992d1bef832b153b3e97411a0122ffdc48d9f5c38cf5f3eb7ef424
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

hpgrequestid
a32962da-ebbc-44ab-bd42-df6e495e0300
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
client-request-id
3048c172-4677-4189-8ce2-2dc38789014c
canary
PAQABAAEAAAD--DLA3VO7QrddgJg7Wevr951GnMDj7NPgqO0yMyCXEBJ6tDOsOzx5jdB9SLiFiZzUtEAo5Dw4AbkXu_dQL3OAyHnXK_fCUOVyBRugxXOcm0uO5aiRmM4CU6-gkh6Dbnl0G-DbvmFC93P3Nt8OPhxTp9Y2pYLyAAtGk-sB3kTCnyUTajUXNAi-868xW4tGyxz5FgmB9wIElxRNgTfgbTv9FdeREFqfW0Os6Osw-z23RyAA
Content-type
application/json; charset=UTF-8
hpgid
1104
Accept
application/json
Referer
https://login.microsoftonline.com/74892fe7-b6cb-43e7-912b-52194d3fd7c8/saml2?SAMLRequest=fZLNbtswEIRfheCdkijJkUxYDtwaQQ30R2jUHnIJKGoZE6BIl0vV7dtXkZ0iPTQ3gpzdmf2Wm9tfoyU%2FIaDxrqE8ySgBp%2Fxg3FNDv3V3rKa32w3K0eYnsZvi0X2FHxNgJHOhQ3F5aegUnPASDQonR0ARlbjfffoo8iQTp%2BCjV95Ssp8LjZNxMTvGeEKRptY%2FGZeMRgWPXkfvrHGQKD%2BmVVmvcw0V629Uz8piPq153rNVztflUOihUnW6JKDkzgcFS8CGamkRKDnsG%2FpYghrqrCjYja6AlXVdM9mvFAPFdd5XWa9lOUsRJzg4jNLFhuZZXrCsZLzqskpka1GuEl7VD5S011HeGXdB9Nbc%2FUWE4kPXtaz9ct9R8v0F9SygV7BicQ%2Bvib7dWCJCeIZIty8Qz%2BdzgpNSgKilij7gQlD203CUcxDZ8k362u3vUj%2FP7Q%2F71lujfpOdtf78PoCM0NAYJljAjjL%2BPxBP%2BHJjBqYXqZgcnkAZbWCg6fZq%2B%2B%2Fv2f4B&RelayState=%2Flogin%3Fcompany%3DabudhabinaP1&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=LTz%2BmCzR10qULQ3rsjd%2BVM6NLWkzb7PHjXZfInT4dPuRMj3x24uGr93Q8ICb6GUd%2Fh8k3nvTSJ7uSUgZ2L2Mm%2BFWaktBa%2FK%2BWSe1oYxHGznCfeHo6UEFp2SXTXaG4xgBdRjHyLZkip1rhic1Dnhg36KwDg%2BeytMMDJe07ujV3C8%3D&sso_reload=true
hpgact
1900

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Mon, 17 Apr 2023 07:09:46 GMT
X-Content-Type-Options
nosniff
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
client-request-id
3048c172-4677-4189-8ce2-2dc38789014c
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Content-Length
265
X-XSS-Protection
0
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Access-Control-Allow-Methods
POST, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://autologon.microsoftazuread-sso.com/
x-ms-request-id
0beecba3-7d91-40d8-a58b-62c726413400
Cache-Control
no-store, no-cache
Access-Control-Allow-Credentials
true
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
x-ms-ests-server
2.1.15049.5 - WEULR2 ProdSlices
Expires
-1
convergedlogin_pstringcustomizationhelper_12d145c6db04e5f655d1.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ 		111 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_12d145c6db04e5f655d1.js
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_5mO8_3m-EVITyL_hvIHAww2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4f:1::69 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
63208f374321428494b35beefbc5a80b325c319c3a5d71311879159ec52ea5e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 17 Apr 2023 07:09:46 GMT
content-encoding
gzip
x-azure-ref-originshield
00Kg6ZAAAAAAIZ9XhXQtHTZu0EMHAlcKjRlJBMjMxMDUwNDE3MDQ1ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
UGdLnNjQ2ANqAZtcyoAOCg==
x-cache
TCP_HIT
content-length
35822
x-ms-lease-status
unlocked
last-modified
Tue, 28 Feb 2023 01:22:40 GMT
etag
0x8DB192A489F53AB
x-azure-ref
0uvA8ZAAAAADF3u9yXL3zTKUoKjV1xrN6RlJBMzFFREdFMDQxOAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
8a12dbcb-701e-001c-121b-6d7348000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
signin-options_4e48046ce74f4b89d45037c90576bfac.svg
aadcdn.msauth.net/shared/1.0/content/images/ 		2 KB
964 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4f:1::69 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 17 Apr 2023 07:09:46 GMT
content-encoding
gzip
x-azure-ref-originshield
0Sps8ZAAAAAD51rHMuc3NR4dc9dDzGsDtRlJBMjMxMDUwNDE3MDE5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
R2FAVxfpONfnQAuxVxXbHg==
x-cache
TCP_HIT
content-length
621
x-ms-lease-status
unlocked
last-modified
Tue, 10 Nov 2020 03:41:24 GMT
etag
0x8D8852A7FA6B761
x-azure-ref
0uvA8ZAAAAAA2Bnc1N6j+SpsllC1XRnrRRlJBMzFFREdFMDQxOAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
fca82710-501e-001e-410f-6d254c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository object| Telemetry object| telemetry_webpackJsonp boolean| __ConvergedLogin_PCore boolean| __ boolean| __convergedlogin_pcustomizationloader_6d0f034edc7f959d3b0d boolean| __convergedlogin_pfetchsessionsprogress_acf6fa8e3cf2ed1f4a24 boolean| __convergedlogin_pstringcustomizationhelper_12d145c6db04e5f655d1

19 Cookies

Domain/Path Name / Value
adnoc.lms.sapsf.com/learning Name: JSESSIONID
Value: 4C9037D48376A9368A855893F96906ED
adnoc.lms.sapsf.com/ Name: route
Value: 1235f48f61fa7a29607ff8722ef3b13aa893e763
hcm22.sapsf.com/ Name: route
Value: 496a98b7c7dcfc417c286f874cfaa1c24a741539
hcm22.sapsf.com/ Name: bizxCompanyId
Value: abudhabinaP1
hcm22.sapsf.com/ Name: JSESSIONID
Value: EA0448CB8FB622A189B516150C6218D1.pc22bcf13t
hcm22.sapsf.com/ Name: oiosaml-fragment
Value:
login.microsoftonline.com/ Name: x-ms-gateway-slice
Value: estsfd
login.microsoftonline.com/ Name: stsservicecookie
Value: estsfd
.login.microsoftonline.com/ Name: AADSSO
Value: NA|NoExtension
login.microsoftonline.com/ Name: SSOCOOKIEPULLED
Value: 1
login.microsoftonline.com/ Name: buid
Value: 0.AV4A5y-JdMu250ORK1IZTT_XyE9sVQ4GlylPp8Z6QDEfyiReAAA.AQABAAEAAAD--DLA3VO7QrddgJg7WevrKTDJ46IhUNM-KZqVM-cU5gIGJkYmcJ6wq0HGotu_4nFcYWzeBI06vX5TPGnQyAmK_Lxw-5Fheef69g6exgMCqawPg8jLbKKXmsA3CY8xUWQgAA
.login.microsoftonline.com/ Name: esctx
Value: PAQABAAEAAAD--DLA3VO7QrddgJg7WevrCJR3E-vIXJ1y9l5Yvw-UgEdYcZxmLcP6hmkKEc7i1s0ktHEMX3YFBNadVSAyGhlz8KSH2D6hIbz1RGlOP6RTc6i5HiZCuzIgJZNhW6rxqU6hvFXQ57IYRHbIGdbkKM9O3Kgk-R2yC7PtKqVqXCAr4whPBHK8vf08ASueFatULuOq8_TQztuLvEXxWC9UyqK2sFNmlW24SXgkc8vRK7YOKFZs568OA5U9LaQET_Tm2dsgAA
login.microsoftonline.com/ Name: fpc
Value: AheFyoGyJf5Gj5S2VREOebyAWMtFAQAAALnnztsOAAAA
.login.microsoftonline.com/ Name: brcap
Value: 0
.login.live.com/ Name: uaid
Value: 5863148f811e41259a9d2f409f45a84a
.login.live.com/ Name: MSPRequ
Value: id=N&lt=1681715386&co=1
autologon.microsoftazuread-sso.com/ Name: fpc
Value: AsaMjuZZN5tLsu9tZKWMStU
autologon.microsoftazuread-sso.com/ Name: x-ms-gateway-slice
Value: estsfd
autologon.microsoftazuread-sso.com/ Name: stsservicecookie
Value: estsfd

1 Console Messages

Source Level URL
Text
network error URL: https://autologon.microsoftazuread-sso.com/74892fe7-b6cb-43e7-912b-52194d3fd7c8/winauth/ssoprobe?client-request-id=3048c172-4677-4189-8ce2-2dc38789014c&_=1681715386464
Message:
Failed to load resource: the server responded with a status of 401 (Unauthorized)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msauth.net
aadcdn.msauthimages.net
adnoc.lms.sapsf.com
autologon.microsoftazuread-sso.com
hcm22.sapsf.com
login.live.com
login.microsoftonline.com
130.214.250.252
23.210.119.197
2603:1027:1:158::8
2603:1027:1:158::c
2606:2800:233:3d10:442f:fac8:6d32:4c87
2620:1ec:4f:1::69
40.126.32.72
2ee483c6c8ac0a1a070fa2a1af9ef0c46fca385b84ffad5a0abba2b48e226e02
40280b8b1243ceeb3bd1c49f0268c0975276d13c42c8c08ba873e46ad9a5d9a8
4ce9c347ad88ee5bcf2fb8d8a99adca1ddbabc1f1ebf46275ac07c0240b841a9
5c3262829ee080da4f3a9e8792a4a4dc6d83ff25e5112d582f9a469e86a3440a
63208f374321428494b35beefbc5a80b325c319c3a5d71311879159ec52ea5e8
684b00f00affae290934eecbe42eb5eda60e464ad42f84fcfbeacc44ea94e058
769b121cd3d7f9a673c94b8163fb19bd33969e237350c8c44ad183489be36ead
84ee5eb990b2077ad67becf997cfdc3643a06ca39db7f8869d95db3a4ff9f130
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
a1967b3f9fada8b1fe195204caf9808cd7563d4a356d13938ab7b5ae9d601fdb
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13
d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f
e2aaec9826f489c85b078bbbec0efdb872fcbd16c74677111288bd7b02e807a9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fbbcffff1edca332935bd0ea8ccef4a784fd452c629eecb552cfc4d4a5b9e844
ff51b6f4ca992d1bef832b153b3e97411a0122ffdc48d9f5c38cf5f3eb7ef424
ff5dd59f1992d2dbfe7e0ff243c7f461849bfe83209901ac6cf597f5afee61f1