urlscan.io logo urlscan.io
SecurityTrails logo

sso.tevapharm.com Open in urlscan Pro
192.115.249.100  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://tevapharm-sandbox.plateau.com/
Effective URL: https://sso.tevapharm.com/adfs/ls/?client-request-id=5a42d990-52c7-4417-96cd-16cef1bf60b1&username=&wa=wsignin1.0&wtrealm=...
Submission Tags: falconsandbox
Submission: On July 14 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 7 domains to perform 11 HTTP transactions. The main IP is 192.115.249.100, located in and belongs to . The main domain is sso.tevapharm.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on July 12th 2023. Valid for: a year.
This is the only time sso.tevapharm.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 2.19.224.196 16625 (AKAMAI-AS)
1 3 2.23.209.6 20940 (AKAMAI-ASN1)
1 1 130.214.144.214 35039 (SAP_CC)
1 1 18.159.128.168 16509 (AMAZON-02)
1 2 2603:1026:300... 8075 (MICROSOFT...)
1 2620:1ec:bdf::45 8075 (MICROSOFT...)
5 192.115.249.100 ()
11 6
2    2.19.224.196 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-224-196.deploy.static.akamaitechnologies.com
tevapharm-sandbox.plateau.com
3    2.23.209.6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-23-209-6.deploy.static.akamaitechnologies.com
performancemanager.successfactors.eu
1    130.214.144.214 (United States)

ASN35039 (SAP_CC, DE)
aeilxynvv.accounts.ondemand.com
1    18.159.128.168 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-128-168.eu-central-1.compute.amazonaws.com
access.access-eu1.mobileiron.com
2    2603:1026:3000:c8::9 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com
1    2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aadcdn.msauth.net
5    192.115.249.100 (None, )

ASN- ()
sso.tevapharm.com
Apex Domain
Subdomains		 Transfer
5 tevapharm.com
sso.tevapharm.com
47 KB
3 successfactors.eu
performancemanager.successfactors.eu — Cisco Umbrella Rank: 38496
13 KB
2 microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 23
13 KB
2 plateau.com
tevapharm-sandbox.plateau.com
3 KB
1 msauth.net
aadcdn.msauth.net — Cisco Umbrella Rank: 1163
48 KB
1 mobileiron.com
access.access-eu1.mobileiron.com — Cisco Umbrella Rank: 789816
1 KB
1 ondemand.com
aeilxynvv.accounts.ondemand.com
2 KB
11 7
Domain Requested by
5 sso.tevapharm.com aadcdn.msauth.net
sso.tevapharm.com
3 performancemanager.successfactors.eu 1 redirects performancemanager.successfactors.eu
2 login.microsoftonline.com 1 redirects
2 tevapharm-sandbox.plateau.com 1 redirects
1 aadcdn.msauth.net login.microsoftonline.com
1 access.access-eu1.mobileiron.com 1 redirects
1 aeilxynvv.accounts.ondemand.com 1 redirects
11 7

This site contains no links.

Subject Issuer Validity Valid
*.plateau.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-03 -
2024-03-03		 a year crt.sh
eu-only.successfactors.eu
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-14 -
2024-02-14		 a year crt.sh
stamp2.login.microsoftonline.com
DigiCert SHA2 Secure Server CA		 2023-06-01 -
2024-06-01		 a year crt.sh
aadcdn.msauth.net
DigiCert SHA2 Secure Server CA		 2023-04-28 -
2024-04-28		 a year crt.sh
sso.tevapharm.com
Entrust Certification Authority - L1K		 2023-07-12 -
2024-08-10		 a year crt.sh

This page contains 1 frames:

Frame: https://sso.tevapharm.com/adfs/ls/?client-request-id=5a42d990-52c7-4417-96cd-16cef1bf60b1&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAA42Kwis8oKSkottLXT0xOTi0u1oNQuqmlhnq5-UmZOamZRfl5esn5ufq-YK4nkAtSq29oZmhmkpZkqWueZJqoa2KcaKqblJhkpJtinpiSbJJklJKSZKRfXFAkxCUw4aZT1PEgcZdpZ8XOfdyfsHEWI1dJalki0FS9zJxVjLR2wiFG1WBDk-Q0c-NUE10TEwNzIGGRqpuUkmqqa2iZmpZmZpKYZJxqeoGR8QUj4y0m1uDE3ByjX0ympUV5VvmJxZnFVnmJuanFViXJVsGOvj5WhnqGYJHMFN20_KLcxBKr0rzigtTkzLTM1JRZzJyJRclpySYpSUmbmFWM0ywtDRPNk3RTEy2NdU0MzSx1k4wsknWTjc3S0oCWJhmkGF5g4XnFwmPAbMXBwSXAIMGgwPCDhXERKzDk9hnK1Lspz3PvKTSJ2rk9nuEUq362t1-puXaev5mpT1VBVFJWfoR-ubtXcKVfeKl_iWlGqaFfsVl6hXlesaGFraGV4QQ23lNsDB_YGDvYGWaxM-zipHVoH-Bl-MF3cV7L_MM9D996vOLXKc9ycfN0KQuxLE8y9QgIMTP2q7Q0jvCLCM_3SC4ziEhN8w2ucPNOC8r1LbYFAA2&RedirectToIdentityProvider=AD+AUTHORITY
Frame ID: 5405505485A9B950CF3729754943A23A
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Startbereichsermittlung

Page URL History Show full URLs

  1. https://tevapharm-sandbox.plateau.com/ Page URL
  2. https://tevapharm-sandbox.plateau.com/learning/user/login.jsp HTTP 302
    https://performancemanager.successfactors.eu/login?company=1080030T1 HTTP 302
    https://performancemanager.successfactors.eu/saml2/Login?company=1080030T1&RelayState=%2Flogin%3Fcompany%3D1080030T1&_s.c... Page URL
  3. https://aeilxynvv.accounts.ondemand.com/saml2/idp/sso/aeilxynvv.accounts.ondemand.com?SAMLRequest=hZJNb9wgEIb%2FCuIO... HTTP 302
    https://access.access-eu1.mobileiron.com/MobileIron/acc/16164fb9-7b5a-43a5-bab2-d7adc4b2ddb2/idp?SAMLRequest=hZLBbuMg... HTTP 302
    https://login.microsoftonline.com/3f991a7b-ea93-4169-b28c-c36ff3e5b0d1/saml2?SAMLRequest=tZPPb9sgHMXv%2Byssesb... Page URL
  4. https://login.microsoftonline.com/3f991a7b-ea93-4169-b28c-c36ff3e5b0d1/saml2?SAMLRequest=tZPPb9sgHMXv%2Byssesb... HTTP 302
    https://sso.tevapharm.com/adfs/ls/?client-request-id=5a42d990-52c7-4417-96cd-16cef1bf60b1&username=&wa... Page URL

Page Statistics

11
Requests

91 %
HTTPS

29 %
IPv6

7
Domains

7
Subdomains

6
IPs

3
Countries

118 kB
Transfer

242 kB
Size

19
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://tevapharm-sandbox.plateau.com/ Page URL
  2. https://tevapharm-sandbox.plateau.com/learning/user/login.jsp HTTP 302
    https://performancemanager.successfactors.eu/login?company=1080030T1 HTTP 302
    https://performancemanager.successfactors.eu/saml2/Login?company=1080030T1&RelayState=%2Flogin%3Fcompany%3D1080030T1&_s.crb=pEvgs8xl8XNTpkASVX8c664uBmED0GVmRPt9%252f%252bUpR28%253d Page URL
  3. https://aeilxynvv.accounts.ondemand.com/saml2/idp/sso/aeilxynvv.accounts.ondemand.com?SAMLRequest=hZJNb9wgEIb%2FCuIOBtvK2mi90barqCv1Y9U4OfRSETxukGxwGdhN%2Fn1d76ZKD02v8M48Mw%2Bsr5%2FGgRwhoPWuoZILSsAZ31n3o6F37Q2r6PVmjXoc8kltU3x0X%2BFnAoxkLnSozjcNTcEpr9GicnoEVNGo2%2B2njyrnQk3BR2%2F8QMluLrROxwX2GOOEKss02OHp2R2PXBvjk4vIvetg1K7jxo%2FZgshsN2WI%2Fn9pSm58MLBM2tBeDwiU7HcN%2Ff5QFlVVm4pBB5qVZV2w%2Birv2WoFKyHqsi%2BkmaOICfYOo3axobnICyZWTJatzJW8UmXNa1l9o%2BRw2emddWdXbwl4OIdQfWjbAzt8uW0puX9xPgfoxbBa6OG12rcba0QIv23SzYvN0%2BnEMRkDiL020QfkkDIpKiEK0cp19pr052U%2Fz633u4MfrHkm22Hwp%2FcBdISGxpBgkTrq%2BO9hJJfLie1Yv0RVcjiBsb2FjmabC%2FbvL7T5BQ%3D%3D&RelayState=%2Flogin%3Fcompany%3D1080030T1&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=JHHbBYu9xBGKeITF%2FbGZY8xAGVvql9tw%2BzulASD5hX4vO6L1h3B0%2FtSldoIKtee2NOqlajFEJBlICpOpnF%2FRxjMYq5EWouDBlaiRYxqbC2QmuS%2FnH2iUZqpI0IGONk%2FEU4gwBZeYRPQOfjJfwt8XObPV%2F2CAunAPV3cFPFsNGis%3D HTTP 302
    https://access.access-eu1.mobileiron.com/MobileIron/acc/16164fb9-7b5a-43a5-bab2-d7adc4b2ddb2/idp?SAMLRequest=hZLBbuMgEIZfxaJnDNg42SAnUrrRaiO1u1GT3UNvGMYpkg1ZD07at1%2FHadVc2l5Ag76Rvn%2BGctnHJ%2F8A%2F3rAmCwRoYsu%2BO%2FBY99Ct4Xu6Az8ebibk6cYD6gY0%2BCa5xd%2FPKbamND7iGnwFlrtbWpCy1C3TcacPTBt8CuaJJsuxGBCc%2Bu8dX4%2FJ33nVdDoUHndAqpo1HZ5f6eylKvqAqH6udtt6Ob3dkeS1WDuvD5rX0kaA4jp5aLQi7QNlWvAdcGPlvdjuR7KM8vERExkXc3otCo0lbkuaKWrjNqptkZWmbXVmIkk69WcbIU09TQHSaXk0%2BH4BrSyUFAxg7qeSF3lUAwoYg9rj1H7OCcZz3I60ELuRKbERBU8FXzySJK%2F0OFoP0QkyXPbePx8DIfXmb3CymP2eYN%2BW%2Bx7h7wMa5jV6XRKT3kauj3LOBeMSzZA4M3NO51%2FQHPGZ2faotvfkEU5mKgxdrf4YvMlu2LLX4PyerUJjTMvyY%2FQtTp%2BnEikYnxxltYjqnqPBzCudmAJW5Ts%2Blcv%2FgM%3D&RelayState=arcfc4dbb&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=JF30y9VUQ5uS6oqJWW%2FcBCbIdXWb7diZCnEp%2BpEzCwC%2BfprRv9DSP7FwX%2Bvk9biWfL%2Bn9HEUUf1PzgBy%2F0lcEigA%2F6CxSjQM5Q33pbIdgawnfOI8cqZwkcHwFrSIVkyD%2FDMP7cpPOD6YSGQk8lkXOvzwIFZ%2FDUAs9r6pzSOR%2BWpYnSko20Tee00INcQXyw4csIuq5pFNv2etYiAr2bQe7wB%2BFBjk5yO979154kgTQuJwiRGKPSRbpvE9Rjb6gb8yzr%2BkbKwd944g0TsaAyn5hNfxlBsimyTOxw1yuBXPVH%2Flh1x%2BEgYHcEgR1FGvYxNUZJTbGSK8wOPyss0u483ing%3D%3D HTTP 302
    https://login.microsoftonline.com/3f991a7b-ea93-4169-b28c-c36ff3e5b0d1/saml2?SAMLRequest=tZPPb9sgHMXv%2Byssesb8MHFi5LjKFlWL1G5Rk%2FawG2CcItmQGdxs%2F32Jk6i9tNoOvRiBPs%2Ffp%2FegvP7Ttcmz7r1xdg5IikGirXK1sbs5eNjewBm4rr6UiyE82Xv9e9A%2BJAvvdR%2Bi4Juzfuh0v9H9s1H64f52Dp5C2HuOkFBKe5%2BeFqgHknZOmlab3tlUuQ7djdtV3B5ZRHKSs0YWcConArJMTKAUksJ6KmrFJK1rSZHfg2QZLRgrwmj4Mq11O2PTzqjeedcEZ1tj9Tgma4qCiKmEWhQZZCQvoKQzBVWWN02mJxLXBHnRtRQkq%2BUcbAhTzTTTDDKGp%2FEz01DWegJJoZsmZ0JGUUS9H%2FTK%2BiBsmAOKaQYjTdiWUE5yPsEpwfkvkKx7F5xy7VdjT5kOveVOeOO5FZ32PCi%2BWdzdcppiLk%2BQ59%2B32zVc%2F9xsQfJ46YYeu4ltWf%2FxT%2FbniWeYW08%2FFohLna%2BK7JRsDPZwOKSHLHX9DlGMMcIFilDtze7qFWfv4ARhdsTjjboCVTmmzMfk%2BrN2PPpXe9Un360SvXVYlT%2Bil9Vy7Vqj%2FiY3ru9EeN8qScl4YmrYjCgfrN9rZRqj6%2F8rDlUlevvgqhc%3D&RelayState=arcfc4dbb&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=iAnwnJzCj3BuITZIPOKQ6n7MA7T1qozpgiTCGZHqulMpS0silnw8DULoH%2FWU9w8ayFNVbVkYO9LahVsxdH6uu4dWuamqJnqAI6edjgxVRd8exsqIT01fxrVKVPA8OYN0b1uUUAeNqCJURpb4CSK3jw8gC9%2BTMHJarYGMj0NkNKIS0Sh0U%2BO4SMvesaoj6dWhQcw0WlpI5y%2FO0jwtCGQ3bZaaEYwK8ffk2%2FcBXyBCfbpxmbZUeRAzCTOGK6NGEg%2Fjw7qrViCOsGQWNsOTCJExqAJFGFcMS%2Byc1rnMl7%2BQTjhBCERUFbS0p3WVir5HrIfgFhzCUXIcHvKHOP1Qfxrz2Q%3D%3D Page URL
  4. https://login.microsoftonline.com/3f991a7b-ea93-4169-b28c-c36ff3e5b0d1/saml2?SAMLRequest=tZPPb9sgHMXv%2Byssesb8MHFi5LjKFlWL1G5Rk%2FawG2CcItmQGdxs%2F32Jk6i9tNoOvRiBPs%2Ffp%2FegvP7Ttcmz7r1xdg5IikGirXK1sbs5eNjewBm4rr6UiyE82Xv9e9A%2BJAvvdR%2Bi4Juzfuh0v9H9s1H64f52Dp5C2HuOkFBKe5%2BeFqgHknZOmlab3tlUuQ7djdtV3B5ZRHKSs0YWcConArJMTKAUksJ6KmrFJK1rSZHfg2QZLRgrwmj4Mq11O2PTzqjeedcEZ1tj9Tgma4qCiKmEWhQZZCQvoKQzBVWWN02mJxLXBHnRtRQkq%2BUcbAhTzTTTDDKGp%2FEz01DWegJJoZsmZ0JGUUS9H%2FTK%2BiBsmAOKaQYjTdiWUE5yPsEpwfkvkKx7F5xy7VdjT5kOveVOeOO5FZ32PCi%2BWdzdcppiLk%2BQ59%2B32zVc%2F9xsQfJ46YYeu4ltWf%2FxT%2FbniWeYW08%2FFohLna%2BK7JRsDPZwOKSHLHX9DlGMMcIFilDtze7qFWfv4ARhdsTjjboCVTmmzMfk%2BrN2PPpXe9Un360SvXVYlT%2Bil9Vy7Vqj%2FiY3ru9EeN8qScl4YmrYjCgfrN9rZRqj6%2F8rDlUlevvgqhc%3D&RelayState=arcfc4dbb&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=iAnwnJzCj3BuITZIPOKQ6n7MA7T1qozpgiTCGZHqulMpS0silnw8DULoH%2FWU9w8ayFNVbVkYO9LahVsxdH6uu4dWuamqJnqAI6edjgxVRd8exsqIT01fxrVKVPA8OYN0b1uUUAeNqCJURpb4CSK3jw8gC9%2BTMHJarYGMj0NkNKIS0Sh0U%2BO4SMvesaoj6dWhQcw0WlpI5y%2FO0jwtCGQ3bZaaEYwK8ffk2%2FcBXyBCfbpxmbZUeRAzCTOGK6NGEg%2Fjw7qrViCOsGQWNsOTCJExqAJFGFcMS%2Byc1rnMl7%2BQTjhBCERUFbS0p3WVir5HrIfgFhzCUXIcHvKHOP1Qfxrz2Q%3D%3D&sso_reload=true HTTP 302
    https://sso.tevapharm.com/adfs/ls/?client-request-id=5a42d990-52c7-4417-96cd-16cef1bf60b1&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAA42Kwis8oKSkottLXT0xOTi0u1oNQuqmlhnq5-UmZOamZRfl5esn5ufq-YK4nkAtSq29oZmhmkpZkqWueZJqoa2KcaKqblJhkpJtinpiSbJJklJKSZKRfXFAkxCUw4aZT1PEgcZdpZ8XOfdyfsHEWI1dJalki0FS9zJxVjLR2wiFG1WBDk-Q0c-NUE10TEwNzIGGRqpuUkmqqa2iZmpZmZpKYZJxqeoGR8QUj4y0m1uDE3ByjX0ympUV5VvmJxZnFVnmJuanFViXJVsGOvj5WhnqGYJHMFN20_KLcxBKr0rzigtTkzLTM1JRZzJyJRclpySYpSUmbmFWM0ywtDRPNk3RTEy2NdU0MzSx1k4wsknWTjc3S0oCWJhmkGF5g4XnFwmPAbMXBwSXAIMGgwPCDhXERKzDk9hnK1Lspz3PvKTSJ2rk9nuEUq362t1-puXaev5mpT1VBVFJWfoR-ubtXcKVfeKl_iWlGqaFfsVl6hXlesaGFraGV4QQ23lNsDB_YGDvYGWaxM-zipHVoH-Bl-MF3cV7L_MM9D996vOLXKc9ycfN0KQuxLE8y9QgIMTP2q7Q0jvCLCM_3SC4ziEhN8w2ucPNOC8r1LbYFAA2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://tevapharm-sandbox.plateau.com/learning/user/login.jsp HTTP 302
  • https://performancemanager.successfactors.eu/login?company=1080030T1 HTTP 302
  • https://performancemanager.successfactors.eu/saml2/Login?company=1080030T1&RelayState=%2Flogin%3Fcompany%3D1080030T1&_s.crb=pEvgs8xl8XNTpkASVX8c664uBmED0GVmRPt9%252f%252bUpR28%253d
Request Chain 3
  • https://aeilxynvv.accounts.ondemand.com/saml2/idp/sso/aeilxynvv.accounts.ondemand.com?SAMLRequest=hZJNb9wgEIb%2FCuIOBtvK2mi90barqCv1Y9U4OfRSETxukGxwGdhN%2Fn1d76ZKD02v8M48Mw%2Bsr5%2FGgRwhoPWuoZILSsAZ31n3o6F37Q2r6PVmjXoc8kltU3x0X%2BFnAoxkLnSozjcNTcEpr9GicnoEVNGo2%2B2njyrnQk3BR2%2F8QMluLrROxwX2GOOEKss02OHp2R2PXBvjk4vIvetg1K7jxo%2FZgshsN2WI%2Fn9pSm58MLBM2tBeDwiU7HcN%2Ff5QFlVVm4pBB5qVZV2w%2Birv2WoFKyHqsi%2BkmaOICfYOo3axobnICyZWTJatzJW8UmXNa1l9o%2BRw2emddWdXbwl4OIdQfWjbAzt8uW0puX9xPgfoxbBa6OG12rcba0QIv23SzYvN0%2BnEMRkDiL020QfkkDIpKiEK0cp19pr052U%2Fz633u4MfrHkm22Hwp%2FcBdISGxpBgkTrq%2BO9hJJfLie1Yv0RVcjiBsb2FjmabC%2FbvL7T5BQ%3D%3D&RelayState=%2Flogin%3Fcompany%3D1080030T1&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=JHHbBYu9xBGKeITF%2FbGZY8xAGVvql9tw%2BzulASD5hX4vO6L1h3B0%2FtSldoIKtee2NOqlajFEJBlICpOpnF%2FRxjMYq5EWouDBlaiRYxqbC2QmuS%2FnH2iUZqpI0IGONk%2FEU4gwBZeYRPQOfjJfwt8XObPV%2F2CAunAPV3cFPFsNGis%3D HTTP 302
  • https://access.access-eu1.mobileiron.com/MobileIron/acc/16164fb9-7b5a-43a5-bab2-d7adc4b2ddb2/idp?SAMLRequest=hZLBbuMgEIZfxaJnDNg42SAnUrrRaiO1u1GT3UNvGMYpkg1ZD07at1%2FHadVc2l5Ag76Rvn%2BGctnHJ%2F8A%2F3rAmCwRoYsu%2BO%2FBY99Ct4Xu6Az8ebibk6cYD6gY0%2BCa5xd%2FPKbamND7iGnwFlrtbWpCy1C3TcacPTBt8CuaJJsuxGBCc%2Bu8dX4%2FJ33nVdDoUHndAqpo1HZ5f6eylKvqAqH6udtt6Ob3dkeS1WDuvD5rX0kaA4jp5aLQi7QNlWvAdcGPlvdjuR7KM8vERExkXc3otCo0lbkuaKWrjNqptkZWmbXVmIkk69WcbIU09TQHSaXk0%2BH4BrSyUFAxg7qeSF3lUAwoYg9rj1H7OCcZz3I60ELuRKbERBU8FXzySJK%2F0OFoP0QkyXPbePx8DIfXmb3CymP2eYN%2BW%2Bx7h7wMa5jV6XRKT3kauj3LOBeMSzZA4M3NO51%2FQHPGZ2faotvfkEU5mKgxdrf4YvMlu2LLX4PyerUJjTMvyY%2FQtTp%2BnEikYnxxltYjqnqPBzCudmAJW5Ts%2Blcv%2FgM%3D&RelayState=arcfc4dbb&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=JF30y9VUQ5uS6oqJWW%2FcBCbIdXWb7diZCnEp%2BpEzCwC%2BfprRv9DSP7FwX%2Bvk9biWfL%2Bn9HEUUf1PzgBy%2F0lcEigA%2F6CxSjQM5Q33pbIdgawnfOI8cqZwkcHwFrSIVkyD%2FDMP7cpPOD6YSGQk8lkXOvzwIFZ%2FDUAs9r6pzSOR%2BWpYnSko20Tee00INcQXyw4csIuq5pFNv2etYiAr2bQe7wB%2BFBjk5yO979154kgTQuJwiRGKPSRbpvE9Rjb6gb8yzr%2BkbKwd944g0TsaAyn5hNfxlBsimyTOxw1yuBXPVH%2Flh1x%2BEgYHcEgR1FGvYxNUZJTbGSK8wOPyss0u483ing%3D%3D HTTP 302
  • https://login.microsoftonline.com/3f991a7b-ea93-4169-b28c-c36ff3e5b0d1/saml2?SAMLRequest=tZPPb9sgHMXv%2Byssesb8MHFi5LjKFlWL1G5Rk%2FawG2CcItmQGdxs%2F32Jk6i9tNoOvRiBPs%2Ffp%2FegvP7Ttcmz7r1xdg5IikGirXK1sbs5eNjewBm4rr6UiyE82Xv9e9A%2BJAvvdR%2Bi4Juzfuh0v9H9s1H64f52Dp5C2HuOkFBKe5%2BeFqgHknZOmlab3tlUuQ7djdtV3B5ZRHKSs0YWcConArJMTKAUksJ6KmrFJK1rSZHfg2QZLRgrwmj4Mq11O2PTzqjeedcEZ1tj9Tgma4qCiKmEWhQZZCQvoKQzBVWWN02mJxLXBHnRtRQkq%2BUcbAhTzTTTDDKGp%2FEz01DWegJJoZsmZ0JGUUS9H%2FTK%2BiBsmAOKaQYjTdiWUE5yPsEpwfkvkKx7F5xy7VdjT5kOveVOeOO5FZ32PCi%2BWdzdcppiLk%2BQ59%2B32zVc%2F9xsQfJ46YYeu4ltWf%2FxT%2FbniWeYW08%2FFohLna%2BK7JRsDPZwOKSHLHX9DlGMMcIFilDtze7qFWfv4ARhdsTjjboCVTmmzMfk%2BrN2PPpXe9Un360SvXVYlT%2Bil9Vy7Vqj%2FiY3ru9EeN8qScl4YmrYjCgfrN9rZRqj6%2F8rDlUlevvgqhc%3D&RelayState=arcfc4dbb&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=iAnwnJzCj3BuITZIPOKQ6n7MA7T1qozpgiTCGZHqulMpS0silnw8DULoH%2FWU9w8ayFNVbVkYO9LahVsxdH6uu4dWuamqJnqAI6edjgxVRd8exsqIT01fxrVKVPA8OYN0b1uUUAeNqCJURpb4CSK3jw8gC9%2BTMHJarYGMj0NkNKIS0Sh0U%2BO4SMvesaoj6dWhQcw0WlpI5y%2FO0jwtCGQ3bZaaEYwK8ffk2%2FcBXyBCfbpxmbZUeRAzCTOGK6NGEg%2Fjw7qrViCOsGQWNsOTCJExqAJFGFcMS%2Byc1rnMl7%2BQTjhBCERUFbS0p3WVir5HrIfgFhzCUXIcHvKHOP1Qfxrz2Q%3D%3D
Request Chain 10
  • https://sso.tevapharm.com/adfs/ls/?client-request-id=5a42d990-52c7-4417-96cd-16cef1bf60b1&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAA42Kwis8oKSkottLXT0xOTi0u1oNQuqmlhnq5-UmZOamZRfl5esn5ufq-YK4nkAtSq29oZmhmkpZkqWueZJqoa2KcaKqblJhkpJtinpiSbJJklJKSZKRfXFAkxCUw4aZT1PEgcZdpZ8XOfdyfsHEWI1dJalki0FS9zJxVjLR2wiFG1WBDk-Q0c-NUE10TEwNzIGGRqpuUkmqqa2iZmpZmZpKYZJxqeoGR8QUj4y0m1uDE3ByjX0ympUV5VvmJxZnFVnmJuanFViXJVsGOvj5WhnqGYJHMFN20_KLcxBKr0rzigtTkzLTM1JRZzJyJRclpySYpSUmbmFWM0ywtDRPNk3RTEy2NdU0MzSx1k4wsknWTjc3S0oCWJhmkGF5g4XnFwmPAbMXBwSXAIMGgwPCDhXERKzDk9hnK1Lspz3PvKTSJ2rk9nuEUq362t1-puXaev5mpT1VBVFJWfoR-ubtXcKVfeKl_iWlGqaFfsVl6hXlesaGFraGV4QQ23lNsDB_YGDvYGWaxM-zipHVoH-Bl-MF3cV7L_MM9D996vOLXKc9ycfN0KQuxLE8y9QgIMTP2q7Q0jvCLCM_3SC4ziEhN8w2ucPNOC8r1LbYFAA2 HTTP 302
  • https://sso.tevapharm.com/adfs/ls/?client-request-id=5a42d990-52c7-4417-96cd-16cef1bf60b1&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAA42Kwis8oKSkottLXT0xOTi0u1oNQuqmlhnq5-UmZOamZRfl5esn5ufq-YK4nkAtSq29oZmhmkpZkqWueZJqoa2KcaKqblJhkpJtinpiSbJJklJKSZKRfXFAkxCUw4aZT1PEgcZdpZ8XOfdyfsHEWI1dJalki0FS9zJxVjLR2wiFG1WBDk-Q0c-NUE10TEwNzIGGRqpuUkmqqa2iZmpZmZpKYZJxqeoGR8QUj4y0m1uDE3ByjX0ympUV5VvmJxZnFVnmJuanFViXJVsGOvj5WhnqGYJHMFN20_KLcxBKr0rzigtTkzLTM1JRZzJyJRclpySYpSUmbmFWM0ywtDRPNk3RTEy2NdU0MzSx1k4wsknWTjc3S0oCWJhmkGF5g4XnFwmPAbMXBwSXAIMGgwPCDhXERKzDk9hnK1Lspz3PvKTSJ2rk9nuEUq362t1-puXaev5mpT1VBVFJWfoR-ubtXcKVfeKl_iWlGqaFfsVl6hXlesaGFraGV4QQ23lNsDB_YGDvYGWaxM-zipHVoH-Bl-MF3cV7L_MM9D996vOLXKc9ycfN0KQuxLE8y9QgIMTP2q7Q0jvCLCM_3SC4ziEhN8w2ucPNOC8r1LbYFAA2&RedirectToIdentityProvider=AD+AUTHORITY

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
tevapharm-sandbox.plateau.com/ 		68 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tevapharm-sandbox.plateau.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.224.196 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-224-196.deploy.static.akamaitechnologies.com
Software
Successfactors /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Length
68
Content-Type
text/html
Date
Fri, 14 Jul 2023 12:16:49 GMT
ETag
"63512159-44"
Last-Modified
Thu, 20 Oct 2022 10:22:17 GMT
Server
Successfactors
X-Robots-Tag
noindex,nofollow
Login
performancemanager.successfactors.eu/saml2/
Redirect Chain
  • https://tevapharm-sandbox.plateau.com/learning/user/login.jsp
  • https://performancemanager.successfactors.eu/login?company=1080030T1
  • https://performancemanager.successfactors.eu/saml2/Login?company=1080030T1&RelayState=%2Flogin%3Fcompany%3D1080030T1&_s.crb=pEvgs8xl8XNTpkASVX8c664uBmED0GVmRPt9%252f%252bUpR28%253d
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://performancemanager.successfactors.eu/saml2/Login?company=1080030T1&RelayState=%2Flogin%3Fcompany%3D1080030T1&_s.crb=pEvgs8xl8XNTpkASVX8c664uBmED0GVmRPt9%252f%252bUpR28%253d
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-209-6.deploy.static.akamaitechnologies.com
Software
Successfactors /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tevapharm-sandbox.plateau.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store,no-cache
content-length
1601
content-type
text/html;charset=UTF-8
date
Fri, 14 Jul 2023 12:16:49 GMT
expires
Fri, 14 Jul 2023 12:16:49 GMT Wed, 31 Dec 1969 23:59:59 GMT
pragma
no-cache no-cache
referrer-policy
strict-origin-when-cross-origin
server
Successfactors
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-correlation-id
bb5da625657feefb375adbe4a9b8a64c
x-event-id
EVENT-UNKNOWN-UNKNOWN-ob46abe28-20230714141649-262074
x-frame-options
SAMEORIGIN
x-itr-server
166797a1e1e71c785915b32d7e557c8c3d2ee8e9
x-itr-target-cluster
defaultCluster
x-request-stats
SQLT=0&CCON=0&FWR=0&NRE=0&CEXT=0&ST=1689337009911&EID=EVENT-UNKNOWN-UNKNOWN-ob46abe28-20230714141649-262074&CLOC=0&CREM=0&NWR=0&CPU=25&SVT=25&SQLC=0&SCPU=5&CSUP=0&MEM=4860&UCPU=20&FRE=0
x-unique-id
bb5da625657feefb375adbe4a9b8a64c
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-store,no-cache
content-length
0
date
Fri, 14 Jul 2023 12:16:49 GMT
expires
Fri, 14 Jul 2023 12:16:49 GMT
location
/saml2/Login?company=1080030T1&RelayState=%2Flogin%3Fcompany%3D1080030T1&_s.crb=pEvgs8xl8XNTpkASVX8c664uBmED0GVmRPt9%252f%252bUpR28%253d
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
Successfactors
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-correlation-id
68a5270df789a168b92103c4d0977eb5
x-event-id
EVENT-PLT-LOGINPAGE-ob46abe28-20230714141649-262073
x-itr-server
166797a1e1e71c785915b32d7e557c8c3d2ee8e9
x-itr-target-cluster
defaultCluster
x-unique-id
68a5270df789a168b92103c4d0977eb5
x-xss-protection
1; mode=block
perflog-lib.min.js
performancemanager.successfactors.eu/verp/vmod_v1/ui/perflog-lib/resources_1.0.18/ 		37 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://performancemanager.successfactors.eu/verp/vmod_v1/ui/perflog-lib/resources_1.0.18/perflog-lib.min.js
Requested by
Host: performancemanager.successfactors.eu
URL: https://performancemanager.successfactors.eu/saml2/Login?company=1080030T1&RelayState=%2Flogin%3Fcompany%3D1080030T1&_s.crb=pEvgs8xl8XNTpkASVX8c664uBmED0GVmRPt9%252f%252bUpR28%253d
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-209-6.deploy.static.akamaitechnologies.com
Software
Successfactors /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://performancemanager.successfactors.eu/saml2/Login?company=1080030T1&RelayState=%2Flogin%3Fcompany%3D1080030T1&_s.crb=pEvgs8xl8XNTpkASVX8c664uBmED0GVmRPt9%252f%252bUpR28%253d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-correlation-id
d3469964378ab6a6a5bfa8c598531840
x-content-type-options
nosniff
date
Fri, 14 Jul 2023 12:16:49 GMT
x-itr-server
2245c934c5ef5d1874bf7c44f738b345d0cd8ca4
content-length
10071
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 30 Mar 2023 08:11:20 GMT
server
Successfactors
etag
"d6c99dcb.gz"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-itr-target-cluster
verpCluster
x-sf-cache
MISS
cache-control
public, max-age=27962675
expires
Sun, 02 Jun 2024 03:41:24 GMT
saml2
login.microsoftonline.com/3f991a7b-ea93-4169-b28c-c36ff3e5b0d1/
Redirect Chain
  • https://aeilxynvv.accounts.ondemand.com/saml2/idp/sso/aeilxynvv.accounts.ondemand.com?SAMLRequest=hZJNb9wgEIb%2FCuIOBtvK2mi90barqCv1Y9U4OfRSETxukGxwGdhN%2Fn1d76ZKD02v8M48Mw%2Bsr5%2FGgRwhoPWuoZILSsA...
  • https://access.access-eu1.mobileiron.com/MobileIron/acc/16164fb9-7b5a-43a5-bab2-d7adc4b2ddb2/idp?SAMLRequest=hZLBbuMgEIZfxaJnDNg42SAnUrrRaiO1u1GT3UNvGMYpkg1ZD07at1%2FHadVc2l5Ag76Rvn%2BGctnHJ%2F8A%2...
  • https://login.microsoftonline.com/3f991a7b-ea93-4169-b28c-c36ff3e5b0d1/saml2?SAMLRequest=tZPPb9sgHMXv%2Byssesb8MHFi5LjKFlWL1G5Rk%2FawG2CcItmQGdxs%2F32Jk6i9tNoOvRiBPs%2Ffp%2FegvP7Ttcmz7r1xdg5IikGirX...
20 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/3f991a7b-ea93-4169-b28c-c36ff3e5b0d1/saml2?SAMLRequest=tZPPb9sgHMXv%2Byssesb8MHFi5LjKFlWL1G5Rk%2FawG2CcItmQGdxs%2F32Jk6i9tNoOvRiBPs%2Ffp%2FegvP7Ttcmz7r1xdg5IikGirXK1sbs5eNjewBm4rr6UiyE82Xv9e9A%2BJAvvdR%2Bi4Juzfuh0v9H9s1H64f52Dp5C2HuOkFBKe5%2BeFqgHknZOmlab3tlUuQ7djdtV3B5ZRHKSs0YWcConArJMTKAUksJ6KmrFJK1rSZHfg2QZLRgrwmj4Mq11O2PTzqjeedcEZ1tj9Tgma4qCiKmEWhQZZCQvoKQzBVWWN02mJxLXBHnRtRQkq%2BUcbAhTzTTTDDKGp%2FEz01DWegJJoZsmZ0JGUUS9H%2FTK%2BiBsmAOKaQYjTdiWUE5yPsEpwfkvkKx7F5xy7VdjT5kOveVOeOO5FZ32PCi%2BWdzdcppiLk%2BQ59%2B32zVc%2F9xsQfJ46YYeu4ltWf%2FxT%2FbniWeYW08%2FFohLna%2BK7JRsDPZwOKSHLHX9DlGMMcIFilDtze7qFWfv4ARhdsTjjboCVTmmzMfk%2BrN2PPpXe9Un360SvXVYlT%2Bil9Vy7Vqj%2FiY3ru9EeN8qScl4YmrYjCgfrN9rZRqj6%2F8rDlUlevvgqhc%3D&RelayState=arcfc4dbb&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=iAnwnJzCj3BuITZIPOKQ6n7MA7T1qozpgiTCGZHqulMpS0silnw8DULoH%2FWU9w8ayFNVbVkYO9LahVsxdH6uu4dWuamqJnqAI6edjgxVRd8exsqIT01fxrVKVPA8OYN0b1uUUAeNqCJURpb4CSK3jw8gC9%2BTMHJarYGMj0NkNKIS0Sh0U%2BO4SMvesaoj6dWhQcw0WlpI5y%2FO0jwtCGQ3bZaaEYwK8ffk2%2FcBXyBCfbpxmbZUeRAzCTOGK6NGEg%2Fjw7qrViCOsGQWNsOTCJExqAJFGFcMS%2Byc1rnMl7%2BQTjhBCERUFbS0p3WVir5HrIfgFhzCUXIcHvKHOP1Qfxrz2Q%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1026:3000:c8::9 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
158bd5a511a99d87a8cd79f9a9f3ba7eacb2167194697537a614c56f1d409bf1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://performancemanager.successfactors.eu/saml2/Login?company=1080030T1&RelayState=%2Flogin%3Fcompany%3D1080030T1&_s.crb=pEvgs8xl8XNTpkASVX8c664uBmED0GVmRPt9%252f%252bUpR28%253d
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
9001
Content-Type
text/html; charset=utf-8
Date
Fri, 14 Jul 2023 12:16:50 GMT
Expires
-1
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub2"}]}
x-ms-ests-server
2.1.15811.5 - SEC ProdSlices
x-ms-request-id
b5243cf4-d142-48cb-a14c-3e3f3a7c3d00

Redirect headers

Cache-control
no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Fri, 14 Jul 2023 12:16:50 GMT
Keep-Alive
timeout=60
Location
https://login.microsoftonline.com/3f991a7b-ea93-4169-b28c-c36ff3e5b0d1/saml2?SAMLRequest=tZPPb9sgHMXv%2Byssesb8MHFi5LjKFlWL1G5Rk%2FawG2CcItmQGdxs%2F32Jk6i9tNoOvRiBPs%2Ffp%2FegvP7Ttcmz7r1xdg5IikGirXK1sbs5eNjewBm4rr6UiyE82Xv9e9A%2BJAvvdR%2Bi4Juzfuh0v9H9s1H64f52Dp5C2HuOkFBKe5%2BeFqgHknZOmlab3tlUuQ7djdtV3B5ZRHKSs0YWcConArJMTKAUksJ6KmrFJK1rSZHfg2QZLRgrwmj4Mq11O2PTzqjeedcEZ1tj9Tgma4qCiKmEWhQZZCQvoKQzBVWWN02mJxLXBHnRtRQkq%2BUcbAhTzTTTDDKGp%2FEz01DWegJJoZsmZ0JGUUS9H%2FTK%2BiBsmAOKaQYjTdiWUE5yPsEpwfkvkKx7F5xy7VdjT5kOveVOeOO5FZ32PCi%2BWdzdcppiLk%2BQ59%2B32zVc%2F9xsQfJ46YYeu4ltWf%2FxT%2FbniWeYW08%2FFohLna%2BK7JRsDPZwOKSHLHX9DlGMMcIFilDtze7qFWfv4ARhdsTjjboCVTmmzMfk%2BrN2PPpXe9Un360SvXVYlT%2Bil9Vy7Vqj%2FiY3ru9EeN8qScl4YmrYjCgfrN9rZRqj6%2F8rDlUlevvgqhc%3D&RelayState=arcfc4dbb&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=iAnwnJzCj3BuITZIPOKQ6n7MA7T1qozpgiTCGZHqulMpS0silnw8DULoH%2FWU9w8ayFNVbVkYO9LahVsxdH6uu4dWuamqJnqAI6edjgxVRd8exsqIT01fxrVKVPA8OYN0b1uUUAeNqCJURpb4CSK3jw8gC9%2BTMHJarYGMj0NkNKIS0Sh0U%2BO4SMvesaoj6dWhQcw0WlpI5y%2FO0jwtCGQ3bZaaEYwK8ffk2%2FcBXyBCfbpxmbZUeRAzCTOGK6NGEg%2Fjw7qrViCOsGQWNsOTCJExqAJFGFcMS%2Byc1rnMl7%2BQTjhBCERUFbS0p3WVir5HrIfgFhzCUXIcHvKHOP1Qfxrz2Q%3D%3D
Pragma
no-cache
BssoInterrupt_Core_Idq2Hj-dVynnBd7zEp44UQ2.js
aadcdn.msauth.net/shared/1.0/content/js/ 		135 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/BssoInterrupt_Core_Idq2Hj-dVynnBd7zEp44UQ2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/3f991a7b-ea93-4169-b28c-c36ff3e5b0d1/saml2?SAMLRequest=tZPPb9sgHMXv%2Byssesb8MHFi5LjKFlWL1G5Rk%2FawG2CcItmQGdxs%2F32Jk6i9tNoOvRiBPs%2Ffp%2FegvP7Ttcmz7r1xdg5IikGirXK1sbs5eNjewBm4rr6UiyE82Xv9e9A%2BJAvvdR%2Bi4Juzfuh0v9H9s1H64f52Dp5C2HuOkFBKe5%2BeFqgHknZOmlab3tlUuQ7djdtV3B5ZRHKSs0YWcConArJMTKAUksJ6KmrFJK1rSZHfg2QZLRgrwmj4Mq11O2PTzqjeedcEZ1tj9Tgma4qCiKmEWhQZZCQvoKQzBVWWN02mJxLXBHnRtRQkq%2BUcbAhTzTTTDDKGp%2FEz01DWegJJoZsmZ0JGUUS9H%2FTK%2BiBsmAOKaQYjTdiWUE5yPsEpwfkvkKx7F5xy7VdjT5kOveVOeOO5FZ32PCi%2BWdzdcppiLk%2BQ59%2B32zVc%2F9xsQfJ46YYeu4ltWf%2FxT%2FbniWeYW08%2FFohLna%2BK7JRsDPZwOKSHLHX9DlGMMcIFilDtze7qFWfv4ARhdsTjjboCVTmmzMfk%2BrN2PPpXe9Un360SvXVYlT%2Bil9Vy7Vqj%2FiY3ru9EeN8qScl4YmrYjCgfrN9rZRqj6%2F8rDlUlevvgqhc%3D&RelayState=arcfc4dbb&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=iAnwnJzCj3BuITZIPOKQ6n7MA7T1qozpgiTCGZHqulMpS0silnw8DULoH%2FWU9w8ayFNVbVkYO9LahVsxdH6uu4dWuamqJnqAI6edjgxVRd8exsqIT01fxrVKVPA8OYN0b1uUUAeNqCJURpb4CSK3jw8gC9%2BTMHJarYGMj0NkNKIS0Sh0U%2BO4SMvesaoj6dWhQcw0WlpI5y%2FO0jwtCGQ3bZaaEYwK8ffk2%2FcBXyBCfbpxmbZUeRAzCTOGK6NGEg%2Fjw7qrViCOsGQWNsOTCJExqAJFGFcMS%2Byc1rnMl7%2BQTjhBCERUFbS0p3WVir5HrIfgFhzCUXIcHvKHOP1Qfxrz2Q%3D%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 14 Jul 2023 12:16:50 GMT
content-encoding
gzip
x-cache
TCP_HIT
content-length
48709
x-ms-lease-status
unlocked
last-modified
Wed, 28 Jun 2023 03:12:44 GMT
etag
0x8DB77858AAB8576
x-azure-ref
20230714T121650Z-u64qb59hz17um3g0mcd9vxcfcn0000000630000000008btq
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
9df18c81-201e-0055-23b3-b3d34a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
Primary Request /
sso.tevapharm.com/adfs/ls/
Redirect Chain
  • https://login.microsoftonline.com/3f991a7b-ea93-4169-b28c-c36ff3e5b0d1/saml2?SAMLRequest=tZPPb9sgHMXv%2Byssesb8MHFi5LjKFlWL1G5Rk%2FawG2CcItmQGdxs%2F32Jk6i9tNoOvRiBPs%2Ffp%2FegvP7Ttcmz7r1xdg5IikGirX...
  • https://sso.tevapharm.com/adfs/ls/?client-request-id=5a42d990-52c7-4417-96cd-16cef1bf60b1&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQ...
23 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sso.tevapharm.com/adfs/ls/?client-request-id=5a42d990-52c7-4417-96cd-16cef1bf60b1&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAA42Kwis8oKSkottLXT0xOTi0u1oNQuqmlhnq5-UmZOamZRfl5esn5ufq-YK4nkAtSq29oZmhmkpZkqWueZJqoa2KcaKqblJhkpJtinpiSbJJklJKSZKRfXFAkxCUw4aZT1PEgcZdpZ8XOfdyfsHEWI1dJalki0FS9zJxVjLR2wiFG1WBDk-Q0c-NUE10TEwNzIGGRqpuUkmqqa2iZmpZmZpKYZJxqeoGR8QUj4y0m1uDE3ByjX0ympUV5VvmJxZnFVnmJuanFViXJVsGOvj5WhnqGYJHMFN20_KLcxBKr0rzigtTkzLTM1JRZzJyJRclpySYpSUmbmFWM0ywtDRPNk3RTEy2NdU0MzSx1k4wsknWTjc3S0oCWJhmkGF5g4XnFwmPAbMXBwSXAIMGgwPCDhXERKzDk9hnK1Lspz3PvKTSJ2rk9nuEUq362t1-puXaev5mpT1VBVFJWfoR-ubtXcKVfeKl_iWlGqaFfsVl6hXlesaGFraGV4QQ23lNsDB_YGDvYGWaxM-zipHVoH-Bl-MF3cV7L_MM9D996vOLXKc9ycfN0KQuxLE8y9QgIMTP2q7Q0jvCLCM_3SC4ziEhN8w2ucPNOC8r1LbYFAA2
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/BssoInterrupt_Core_Idq2Hj-dVynnBd7zEp44UQ2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.115.249.100 -, , ASN (),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;
Strict-Transport-Security max-age = 31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://login.microsoftonline.com/3f991a7b-ea93-4169-b28c-c36ff3e5b0d1/saml2?SAMLRequest=tZPPb9sgHMXv%2Byssesb8MHFi5LjKFlWL1G5Rk%2FawG2CcItmQGdxs%2F32Jk6i9tNoOvRiBPs%2Ffp%2FegvP7Ttcmz7r1xdg5IikGirXK1sbs5eNjewBm4rr6UiyE82Xv9e9A%2BJAvvdR%2Bi4Juzfuh0v9H9s1H64f52Dp5C2HuOkFBKe5%2BeFqgHknZOmlab3tlUuQ7djdtV3B5ZRHKSs0YWcConArJMTKAUksJ6KmrFJK1rSZHfg2QZLRgrwmj4Mq11O2PTzqjeedcEZ1tj9Tgma4qCiKmEWhQZZCQvoKQzBVWWN02mJxLXBHnRtRQkq%2BUcbAhTzTTTDDKGp%2FEz01DWegJJoZsmZ0JGUUS9H%2FTK%2BiBsmAOKaQYjTdiWUE5yPsEpwfkvkKx7F5xy7VdjT5kOveVOeOO5FZ32PCi%2BWdzdcppiLk%2BQ59%2B32zVc%2F9xsQfJ46YYeu4ltWf%2FxT%2FbniWeYW08%2FFohLna%2BK7JRsDPZwOKSHLHX9DlGMMcIFilDtze7qFWfv4ARhdsTjjboCVTmmzMfk%2BrN2PPpXe9Un360SvXVYlT%2Bil9Vy7Vqj%2FiY3ru9EeN8qScl4YmrYjCgfrN9rZRqj6%2F8rDlUlevvgqhc%3D&RelayState=arcfc4dbb&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=iAnwnJzCj3BuITZIPOKQ6n7MA7T1qozpgiTCGZHqulMpS0silnw8DULoH%2FWU9w8ayFNVbVkYO9LahVsxdH6uu4dWuamqJnqAI6edjgxVRd8exsqIT01fxrVKVPA8OYN0b1uUUAeNqCJURpb4CSK3jw8gC9%2BTMHJarYGMj0NkNKIS0Sh0U%2BO4SMvesaoj6dWhQcw0WlpI5y%2FO0jwtCGQ3bZaaEYwK8ffk2%2FcBXyBCfbpxmbZUeRAzCTOGK6NGEg%2Fjw7qrViCOsGQWNsOTCJExqAJFGFcMS%2Byc1rnMl7%2BQTjhBCERUFbS0p3WVir5HrIfgFhzCUXIcHvKHOP1Qfxrz2Q%3D%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache,no-store
Content-Length
23804
Content-Security-Policy
default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;
Content-Type
text/html; charset=utf-8
Date
Fri, 14 Jul 2023 12:16:53 GMT
Expires
-1
Include-Referred-Token-Binding-ID
true
Pragma
no-cache
Server
Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age = 31536000
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-XSS-Protection
1; mode=block

Redirect headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
772
Content-Type
text/html; charset=utf-8
Date
Fri, 14 Jul 2023 12:16:50 GMT
Expires
-1
Location
https://sso.tevapharm.com/adfs/ls/?client-request-id=5a42d990-52c7-4417-96cd-16cef1bf60b1&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAA42Kwis8oKSkottLXT0xOTi0u1oNQuqmlhnq5-UmZOamZRfl5esn5ufq-YK4nkAtSq29oZmhmkpZkqWueZJqoa2KcaKqblJhkpJtinpiSbJJklJKSZKRfXFAkxCUw4aZT1PEgcZdpZ8XOfdyfsHEWI1dJalki0FS9zJxVjLR2wiFG1WBDk-Q0c-NUE10TEwNzIGGRqpuUkmqqa2iZmpZmZpKYZJxqeoGR8QUj4y0m1uDE3ByjX0ympUV5VvmJxZnFVnmJuanFViXJVsGOvj5WhnqGYJHMFN20_KLcxBKr0rzigtTkzLTM1JRZzJyJRclpySYpSUmbmFWM0ywtDRPNk3RTEy2NdU0MzSx1k4wsknWTjc3S0oCWJhmkGF5g4XnFwmPAbMXBwSXAIMGgwPCDhXERKzDk9hnK1Lspz3PvKTSJ2rk9nuEUq362t1-puXaev5mpT1VBVFJWfoR-ubtXcKVfeKl_iWlGqaFfsVl6hXlesaGFraGV4QQ23lNsDB_YGDvYGWaxM-zipHVoH-Bl-MF3cV7L_MM9D996vOLXKc9ycfN0KQuxLE8y9QgIMTP2q7Q0jvCLCM_3SC4ziEhN8w2ucPNOC8r1LbYFAA2#
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub2"}]}
x-ms-ests-server
2.1.15811.5 - WEULR1 ProdSlices
x-ms-request-id
7f1c31be-2346-479e-8c71-345ab9b75f00
style.css
sso.tevapharm.com/adfs/portal/css/ 		10 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sso.tevapharm.com/adfs/portal/css/style.css?id=3B1A0C704CDAE8ECD48AA8F0D50409D981CEF21D7AE6DC85B0797D270101B151&rp=f23c6f72-8173-e611-80da-005056aa15d8
Requested by
Host: sso.tevapharm.com
URL: https://sso.tevapharm.com/adfs/ls/?client-request-id=5a42d990-52c7-4417-96cd-16cef1bf60b1&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAA42Kwis8oKSkottLXT0xOTi0u1oNQuqmlhnq5-UmZOamZRfl5esn5ufq-YK4nkAtSq29oZmhmkpZkqWueZJqoa2KcaKqblJhkpJtinpiSbJJklJKSZKRfXFAkxCUw4aZT1PEgcZdpZ8XOfdyfsHEWI1dJalki0FS9zJxVjLR2wiFG1WBDk-Q0c-NUE10TEwNzIGGRqpuUkmqqa2iZmpZmZpKYZJxqeoGR8QUj4y0m1uDE3ByjX0ympUV5VvmJxZnFVnmJuanFViXJVsGOvj5WhnqGYJHMFN20_KLcxBKr0rzigtTkzLTM1JRZzJyJRclpySYpSUmbmFWM0ywtDRPNk3RTEy2NdU0MzSx1k4wsknWTjc3S0oCWJhmkGF5g4XnFwmPAbMXBwSXAIMGgwPCDhXERKzDk9hnK1Lspz3PvKTSJ2rk9nuEUq362t1-puXaev5mpT1VBVFJWfoR-ubtXcKVfeKl_iWlGqaFfsVl6hXlesaGFraGV4QQ23lNsDB_YGDvYGWaxM-zipHVoH-Bl-MF3cV7L_MM9D996vOLXKc9ycfN0KQuxLE8y9QgIMTP2q7Q0jvCLCM_3SC4ziEhN8w2ucPNOC8r1LbYFAA2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.115.249.100 -, , ASN (),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;
Strict-Transport-Security max-age = 31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sso.tevapharm.com/adfs/ls/?client-request-id=5a42d990-52c7-4417-96cd-16cef1bf60b1&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAA42Kwis8oKSkottLXT0xOTi0u1oNQuqmlhnq5-UmZOamZRfl5esn5ufq-YK4nkAtSq29oZmhmkpZkqWueZJqoa2KcaKqblJhkpJtinpiSbJJklJKSZKRfXFAkxCUw4aZT1PEgcZdpZ8XOfdyfsHEWI1dJalki0FS9zJxVjLR2wiFG1WBDk-Q0c-NUE10TEwNzIGGRqpuUkmqqa2iZmpZmZpKYZJxqeoGR8QUj4y0m1uDE3ByjX0ympUV5VvmJxZnFVnmJuanFViXJVsGOvj5WhnqGYJHMFN20_KLcxBKr0rzigtTkzLTM1JRZzJyJRclpySYpSUmbmFWM0ywtDRPNk3RTEy2NdU0MzSx1k4wsknWTjc3S0oCWJhmkGF5g4XnFwmPAbMXBwSXAIMGgwPCDhXERKzDk9hnK1Lspz3PvKTSJ2rk9nuEUq362t1-puXaev5mpT1VBVFJWfoR-ubtXcKVfeKl_iWlGqaFfsVl6hXlesaGFraGV4QQ23lNsDB_YGDvYGWaxM-zipHVoH-Bl-MF3cV7L_MM9D996vOLXKc9ycfN0KQuxLE8y9QgIMTP2q7Q0jvCLCM_3SC4ziEhN8w2ucPNOC8r1LbYFAA2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Strict-Transport-Security
max-age = 31536000
Content-Security-Policy
default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;
X-Content-Type-Options
nosniff
Date
Fri, 14 Jul 2023 12:16:53 GMT
Server
Microsoft-HTTPAPI/2.0
ETag
3B1A0C704CDAE8ECD48AA8F0D50409D981CEF21D7AE6DC85B0797D270101B151
Content-Type
text/css
Content-Length
10462
X-XSS-Protection
1; mode=block
Expires
Sun, 13 Aug 2023 12:16:54 GMT
logo.jpg
sso.tevapharm.com/adfs/portal/logo/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sso.tevapharm.com/adfs/portal/logo/logo.jpg?id=3461EC3FABC04810A1C3E3F7E7B98641221CFE1D43892AD097185EF42251A05F&rp=f23c6f72-8173-e611-80da-005056aa15d8
Requested by
Host: sso.tevapharm.com
URL: https://sso.tevapharm.com/adfs/ls/?client-request-id=5a42d990-52c7-4417-96cd-16cef1bf60b1&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAA42Kwis8oKSkottLXT0xOTi0u1oNQuqmlhnq5-UmZOamZRfl5esn5ufq-YK4nkAtSq29oZmhmkpZkqWueZJqoa2KcaKqblJhkpJtinpiSbJJklJKSZKRfXFAkxCUw4aZT1PEgcZdpZ8XOfdyfsHEWI1dJalki0FS9zJxVjLR2wiFG1WBDk-Q0c-NUE10TEwNzIGGRqpuUkmqqa2iZmpZmZpKYZJxqeoGR8QUj4y0m1uDE3ByjX0ympUV5VvmJxZnFVnmJuanFViXJVsGOvj5WhnqGYJHMFN20_KLcxBKr0rzigtTkzLTM1JRZzJyJRclpySYpSUmbmFWM0ywtDRPNk3RTEy2NdU0MzSx1k4wsknWTjc3S0oCWJhmkGF5g4XnFwmPAbMXBwSXAIMGgwPCDhXERKzDk9hnK1Lspz3PvKTSJ2rk9nuEUq362t1-puXaev5mpT1VBVFJWfoR-ubtXcKVfeKl_iWlGqaFfsVl6hXlesaGFraGV4QQ23lNsDB_YGDvYGWaxM-zipHVoH-Bl-MF3cV7L_MM9D996vOLXKc9ycfN0KQuxLE8y9QgIMTP2q7Q0jvCLCM_3SC4ziEhN8w2ucPNOC8r1LbYFAA2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.115.249.100 -, , ASN (),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;
Strict-Transport-Security max-age = 31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sso.tevapharm.com/adfs/ls/?client-request-id=5a42d990-52c7-4417-96cd-16cef1bf60b1&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAA42Kwis8oKSkottLXT0xOTi0u1oNQuqmlhnq5-UmZOamZRfl5esn5ufq-YK4nkAtSq29oZmhmkpZkqWueZJqoa2KcaKqblJhkpJtinpiSbJJklJKSZKRfXFAkxCUw4aZT1PEgcZdpZ8XOfdyfsHEWI1dJalki0FS9zJxVjLR2wiFG1WBDk-Q0c-NUE10TEwNzIGGRqpuUkmqqa2iZmpZmZpKYZJxqeoGR8QUj4y0m1uDE3ByjX0ympUV5VvmJxZnFVnmJuanFViXJVsGOvj5WhnqGYJHMFN20_KLcxBKr0rzigtTkzLTM1JRZzJyJRclpySYpSUmbmFWM0ywtDRPNk3RTEy2NdU0MzSx1k4wsknWTjc3S0oCWJhmkGF5g4XnFwmPAbMXBwSXAIMGgwPCDhXERKzDk9hnK1Lspz3PvKTSJ2rk9nuEUq362t1-puXaev5mpT1VBVFJWfoR-ubtXcKVfeKl_iWlGqaFfsVl6hXlesaGFraGV4QQ23lNsDB_YGDvYGWaxM-zipHVoH-Bl-MF3cV7L_MM9D996vOLXKc9ycfN0KQuxLE8y9QgIMTP2q7Q0jvCLCM_3SC4ziEhN8w2ucPNOC8r1LbYFAA2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Strict-Transport-Security
max-age = 31536000
Content-Security-Policy
default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;
X-Content-Type-Options
nosniff
Date
Fri, 14 Jul 2023 12:16:53 GMT
Server
Microsoft-HTTPAPI/2.0
ETag
3461EC3FABC04810A1C3E3F7E7B98641221CFE1D43892AD097185EF42251A05F
Content-Type
image/jpeg
Content-Length
8251
X-XSS-Protection
1; mode=block
Expires
Sun, 13 Aug 2023 12:16:54 GMT
idp.png
sso.tevapharm.com/adfs/portal/images/idp/ 		931 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sso.tevapharm.com/adfs/portal/images/idp/idp.png?id=3EADD3E829A20DF612C7A77960FF811E66E3EE6BAE2C33C9B20E7478BAC87548
Requested by
Host: sso.tevapharm.com
URL: https://sso.tevapharm.com/adfs/ls/?client-request-id=5a42d990-52c7-4417-96cd-16cef1bf60b1&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAA42Kwis8oKSkottLXT0xOTi0u1oNQuqmlhnq5-UmZOamZRfl5esn5ufq-YK4nkAtSq29oZmhmkpZkqWueZJqoa2KcaKqblJhkpJtinpiSbJJklJKSZKRfXFAkxCUw4aZT1PEgcZdpZ8XOfdyfsHEWI1dJalki0FS9zJxVjLR2wiFG1WBDk-Q0c-NUE10TEwNzIGGRqpuUkmqqa2iZmpZmZpKYZJxqeoGR8QUj4y0m1uDE3ByjX0ympUV5VvmJxZnFVnmJuanFViXJVsGOvj5WhnqGYJHMFN20_KLcxBKr0rzigtTkzLTM1JRZzJyJRclpySYpSUmbmFWM0ywtDRPNk3RTEy2NdU0MzSx1k4wsknWTjc3S0oCWJhmkGF5g4XnFwmPAbMXBwSXAIMGgwPCDhXERKzDk9hnK1Lspz3PvKTSJ2rk9nuEUq362t1-puXaev5mpT1VBVFJWfoR-ubtXcKVfeKl_iWlGqaFfsVl6hXlesaGFraGV4QQ23lNsDB_YGDvYGWaxM-zipHVoH-Bl-MF3cV7L_MM9D996vOLXKc9ycfN0KQuxLE8y9QgIMTP2q7Q0jvCLCM_3SC4ziEhN8w2ucPNOC8r1LbYFAA2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.115.249.100 -, , ASN (),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;
Strict-Transport-Security max-age = 31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sso.tevapharm.com/adfs/ls/?client-request-id=5a42d990-52c7-4417-96cd-16cef1bf60b1&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAA42Kwis8oKSkottLXT0xOTi0u1oNQuqmlhnq5-UmZOamZRfl5esn5ufq-YK4nkAtSq29oZmhmkpZkqWueZJqoa2KcaKqblJhkpJtinpiSbJJklJKSZKRfXFAkxCUw4aZT1PEgcZdpZ8XOfdyfsHEWI1dJalki0FS9zJxVjLR2wiFG1WBDk-Q0c-NUE10TEwNzIGGRqpuUkmqqa2iZmpZmZpKYZJxqeoGR8QUj4y0m1uDE3ByjX0ympUV5VvmJxZnFVnmJuanFViXJVsGOvj5WhnqGYJHMFN20_KLcxBKr0rzigtTkzLTM1JRZzJyJRclpySYpSUmbmFWM0ywtDRPNk3RTEy2NdU0MzSx1k4wsknWTjc3S0oCWJhmkGF5g4XnFwmPAbMXBwSXAIMGgwPCDhXERKzDk9hnK1Lspz3PvKTSJ2rk9nuEUq362t1-puXaev5mpT1VBVFJWfoR-ubtXcKVfeKl_iWlGqaFfsVl6hXlesaGFraGV4QQ23lNsDB_YGDvYGWaxM-zipHVoH-Bl-MF3cV7L_MM9D996vOLXKc9ycfN0KQuxLE8y9QgIMTP2q7Q0jvCLCM_3SC4ziEhN8w2ucPNOC8r1LbYFAA2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Strict-Transport-Security
max-age = 31536000
Content-Security-Policy
default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;
X-Content-Type-Options
nosniff
Date
Fri, 14 Jul 2023 12:16:53 GMT
Server
Microsoft-HTTPAPI/2.0
ETag
3EADD3E829A20DF612C7A77960FF811E66E3EE6BAE2C33C9B20E7478BAC87548
Content-Type
image/png
Content-Length
931
X-XSS-Protection
1; mode=block
Expires
Sun, 13 Aug 2023 12:16:54 GMT
localsts.png
sso.tevapharm.com/adfs/portal/images/idp/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sso.tevapharm.com/adfs/portal/images/idp/localsts.png?id=A3911892BE04D81EBA5A8E0C74F77099AA1DB05E542FBFCC78C9DF4B0EC0E3A6
Requested by
Host: sso.tevapharm.com
URL: https://sso.tevapharm.com/adfs/ls/?client-request-id=5a42d990-52c7-4417-96cd-16cef1bf60b1&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAA42Kwis8oKSkottLXT0xOTi0u1oNQuqmlhnq5-UmZOamZRfl5esn5ufq-YK4nkAtSq29oZmhmkpZkqWueZJqoa2KcaKqblJhkpJtinpiSbJJklJKSZKRfXFAkxCUw4aZT1PEgcZdpZ8XOfdyfsHEWI1dJalki0FS9zJxVjLR2wiFG1WBDk-Q0c-NUE10TEwNzIGGRqpuUkmqqa2iZmpZmZpKYZJxqeoGR8QUj4y0m1uDE3ByjX0ympUV5VvmJxZnFVnmJuanFViXJVsGOvj5WhnqGYJHMFN20_KLcxBKr0rzigtTkzLTM1JRZzJyJRclpySYpSUmbmFWM0ywtDRPNk3RTEy2NdU0MzSx1k4wsknWTjc3S0oCWJhmkGF5g4XnFwmPAbMXBwSXAIMGgwPCDhXERKzDk9hnK1Lspz3PvKTSJ2rk9nuEUq362t1-puXaev5mpT1VBVFJWfoR-ubtXcKVfeKl_iWlGqaFfsVl6hXlesaGFraGV4QQ23lNsDB_YGDvYGWaxM-zipHVoH-Bl-MF3cV7L_MM9D996vOLXKc9ycfN0KQuxLE8y9QgIMTP2q7Q0jvCLCM_3SC4ziEhN8w2ucPNOC8r1LbYFAA2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.115.249.100 -, , ASN (),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;
Strict-Transport-Security max-age = 31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sso.tevapharm.com/adfs/ls/?client-request-id=5a42d990-52c7-4417-96cd-16cef1bf60b1&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAA42Kwis8oKSkottLXT0xOTi0u1oNQuqmlhnq5-UmZOamZRfl5esn5ufq-YK4nkAtSq29oZmhmkpZkqWueZJqoa2KcaKqblJhkpJtinpiSbJJklJKSZKRfXFAkxCUw4aZT1PEgcZdpZ8XOfdyfsHEWI1dJalki0FS9zJxVjLR2wiFG1WBDk-Q0c-NUE10TEwNzIGGRqpuUkmqqa2iZmpZmZpKYZJxqeoGR8QUj4y0m1uDE3ByjX0ympUV5VvmJxZnFVnmJuanFViXJVsGOvj5WhnqGYJHMFN20_KLcxBKr0rzigtTkzLTM1JRZzJyJRclpySYpSUmbmFWM0ywtDRPNk3RTEy2NdU0MzSx1k4wsknWTjc3S0oCWJhmkGF5g4XnFwmPAbMXBwSXAIMGgwPCDhXERKzDk9hnK1Lspz3PvKTSJ2rk9nuEUq362t1-puXaev5mpT1VBVFJWfoR-ubtXcKVfeKl_iWlGqaFfsVl6hXlesaGFraGV4QQ23lNsDB_YGDvYGWaxM-zipHVoH-Bl-MF3cV7L_MM9D996vOLXKc9ycfN0KQuxLE8y9QgIMTP2q7Q0jvCLCM_3SC4ziEhN8w2ucPNOC8r1LbYFAA2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Strict-Transport-Security
max-age = 31536000
Content-Security-Policy
default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;
X-Content-Type-Options
nosniff
Date
Fri, 14 Jul 2023 12:16:53 GMT
Server
Microsoft-HTTPAPI/2.0
ETag
A3911892BE04D81EBA5A8E0C74F77099AA1DB05E542FBFCC78C9DF4B0EC0E3A6
Content-Type
image/png
Content-Length
1977
X-XSS-Protection
1; mode=block
Expires
Sun, 13 Aug 2023 12:16:54 GMT
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
/
sso.tevapharm.com/adfs/ls/
Redirect Chain
  • https://sso.tevapharm.com/adfs/ls/?client-request-id=5a42d990-52c7-4417-96cd-16cef1bf60b1&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQ...
  • https://sso.tevapharm.com/adfs/ls/?client-request-id=5a42d990-52c7-4417-96cd-16cef1bf60b1&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQ...
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sso.tevapharm.com
URL
https://sso.tevapharm.com/adfs/ls/?client-request-id=5a42d990-52c7-4417-96cd-16cef1bf60b1&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAA42Kwis8oKSkottLXT0xOTi0u1oNQuqmlhnq5-UmZOamZRfl5esn5ufq-YK4nkAtSq29oZmhmkpZkqWueZJqoa2KcaKqblJhkpJtinpiSbJJklJKSZKRfXFAkxCUw4aZT1PEgcZdpZ8XOfdyfsHEWI1dJalki0FS9zJxVjLR2wiFG1WBDk-Q0c-NUE10TEwNzIGGRqpuUkmqqa2iZmpZmZpKYZJxqeoGR8QUj4y0m1uDE3ByjX0ympUV5VvmJxZnFVnmJuanFViXJVsGOvj5WhnqGYJHMFN20_KLcxBKr0rzigtTkzLTM1JRZzJyJRclpySYpSUmbmFWM0ywtDRPNk3RTEy2NdU0MzSx1k4wsknWTjc3S0oCWJhmkGF5g4XnFwmPAbMXBwSXAIMGgwPCDhXERKzDk9hnK1Lspz3PvKTSJ2rk9nuEUq362t1-puXaev5mpT1VBVFJWfoR-ubtXcKVfeKl_iWlGqaFfsVl6hXlesaGFraGV4QQ23lNsDB_YGDvYGWaxM-zipHVoH-Bl-MF3cV7L_MM9D996vOLXKc9ycfN0KQuxLE8y9QgIMTP2q7Q0jvCLCM_3SC4ziEhN8w2ucPNOC8r1LbYFAA2&RedirectToIdentityProvider=AD+AUTHORITY

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend function| HRDErrors function| InputUtil

19 Cookies

Domain/Path Name / Value
tevapharm-sandbox.plateau.com/learning Name: JSESSIONID
Value: 0717732901795DEE64E137F5BCCB027C
tevapharm-sandbox.plateau.com/ Name: BIGipServerorigin-dc57-preview.lms.plateau.com
Value: 60176650.20480.0000
tevapharm-sandbox.plateau.com/ Name: BIGipServerP_lms_sapsf_com_80
Value: !c5rvvPsMTQebvLdy8EfjK/c0EpRQOGegdGz4OSa8bYhUsRrR03KKo3f0exUcUIrlEaybERq0eG4x2A==
tevapharm-sandbox.plateau.com/ Name: route
Value: 647ccc52d771ea2e5eedc835d817a73b20da556f
tevapharm-sandbox.plateau.com/ Name: JSESSIONID
Value: 0717732901795DEE64E137F5BCCB027C
performancemanager.successfactors.eu/ Name: route
Value: f50f68ba623b53a23a2983b06c4581ad2ecf0ca4
performancemanager.successfactors.eu/ Name: bizxCompanyId
Value: 1080030T1
performancemanager.successfactors.eu/ Name: JSESSIONID
Value: 7F9204061D4EA19FC60D27AE8E8EC09A.pc57bcf39
performancemanager.successfactors.eu/ Name: BIGipServerhcm57.sapsf.com
Value: 210254090.20480.0000
performancemanager.successfactors.eu/ Name: oiosaml-fragment
Value:
aeilxynvv.accounts.ondemand.com/ Name: arcfc4dbb
Value: AAAADB1eNlmWoqkRy%2FfqmIECOOa3cEyZVCSR3xUiRmZjGZQ1NmHuHxyt8u47eVIYPRN1Diz2anY%2Bpjr50Sr2Yd3Rwu4FI67jPWXTBPSbN1lQ%2BXsepJbwxwW8aDvpZev3dESLRs9tTF8jfKbyeie%2FwbO2YLmjdE03IC6vhjgDRH98nc%2BdFFFCvJjpTgmDUD9SJJTw1fH9x%2BR2w8iVgnEcfFz1FHOrg7H%2FBf4EY6yljAzgbBJaDZ7WxsQPI20chrLVqlV5kkE8QeFIesJTn5TusbBQZ22NMHIIIwXvYemeEtttPTpZYVI%2BtoTMPldDl%2BiJ3SMzd3kvCAQfN67aoCgvjaXI1lZ25Wp7IGXB9OE9%2BjomWMmvHRRIrqB98VZd5x0s1YXP%2B6T9NGU6glblJ%2FSfFdB9Xnd33q7kYbMlxvmd4iWIAV0NqGU4zoUsDRS5m6j0%2BWcfUOU0op2o2HEmSF4AZy0y4CkYW3xUuxypM34ZgWib4faIuRKVPsDDxIxtbtWe0dKfZVhVsWDn9Nc16xwiZygEJi%2BtHggiQiclrHpZKccpRzZZVfzkYwoVqvtmWvwrDdHtukYeldf1Scum%2FG%2FaiDZ%2FEvCytQL7Zgn38zcW%2B%2FfPj5qQR6LjMwzZSWhn2QfSIrleVJQYEnXn4xIgi%2B6IeFEEKpi63TRVkaJ8REPeSSo%3D
login.microsoftonline.com/ Name: x-ms-gateway-slice
Value: estsfd
login.microsoftonline.com/ Name: stsservicecookie
Value: estsfd
.login.microsoftonline.com/ Name: AADSSO
Value: NA|NoExtension
login.microsoftonline.com/ Name: SSOCOOKIEPULLED
Value: 1
login.microsoftonline.com/ Name: buid
Value: 0.AYIAexqZP5PqaUGyjMNv8-Ww0TaukWByaGRCvS8cMxzjbzCCAAA.AQABAAEAAAD--DLA3VO7QrddgJg7Wevr6qHKeYIl-RbxEWQFo_Hdd_Q5x323fGvRVXLjY1moQO6-Q2J3S-G_2-jD2ltA2XlgCJ-PithJscATglVj9Iw7oKfDG5pD4rdBoSVGN7je3-YgAA
.login.microsoftonline.com/ Name: ESTSWCTXFLOWTOKEN
Value: AQABAAEAAAD--DLA3VO7QrddgJg7WevrxzjK87X0cozZEc9Ti0GGu8CRq87XCWuzYMX49DPYA6RUoByRwdZSssLNpXCQ5LdGlAvMNJLZgSe13WCJWfV3PZy-rlMHUBHewNwSdIjswOKZe1wCyqE15022suOJCrANaI0n0_53ulL6GAJg5xyk-kOQYKq8iFkuIwAk8Vp4hO1IQON4NLy4UpXmEzsUPfbNKHib2qXTa-rLJA9Y7-FESic_SNGsnvN-DhRjHzNiybQySBUSRKdPsrKXBI0-boO04quXu5enLFiGGM5S9WzxWGbxFVP5Hs_me8bsFFwlQBdYMdSw4KW1_x_zyHdZqNud9MFFBOoM4Rd5TaLMewYFmI2AR9a3vGhjfZrfRQj4gBScaHeoTBFypzVpj3WMo867PwSs_EA2QHc48k_g5OZ4xB4U2jwSrFpu4eUCvdWwZ6CUqe86CMaiAyx_U243QfAchskfQc-EMJFy4nfQwfaL_RcOHIgUdUNd9oMnkWIe129P0qO7_UW5B5KgFMtKXHwIoN9CIv2iZKckIzAQdUkfX6BLnIVoCJxeuFukp6Yd2Axll03bxO-rPLIyiw1p8u0cq04YeAejlwQNC3LetrEK6doqcqDVgC12wUqffvuXgGI0iiKk_bhi_UVgIU3Js5_Ft3ITyCGre4KRj7oPbscOtCAA
login.microsoftonline.com/ Name: fpc
Value: AteDZNvotNBGs4BFmBUTZhYOfFheAQAAALEzQ9wOAAAA
.login.microsoftonline.com/ Name: esctx
Value: PAQABAAEAAAD--DLA3VO7QrddgJg7WevrTW88JdR4tfhhLKjl9wQUztC8zQQBlWplAif5n2J97eMmS5iNfSvd7ggt80i8wSpGBaeookjnWlZdb_G53ezA5OJlXWzcOnfbasdutM1iswwgvwnRuR79OLcKKL2a5xvIi9mtz8i3Nt2FQj5QQWhuG3EYHkp9nOAQMLobz2o9D7AgAA