urlscan.io logo urlscan.io
SecurityTrails logo

iam.pearson.com Open in urlscan Pro
23.41.180.71  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://edexcelonline.com.mcas-df.ms/
Effective URL: https://iam.pearson.com/auth/SSORedirect/metaAlias/pearson/saml-idp-mfa?SAMLRequest=fZJPT%2BMwFMTv%2Byki352%2FTbK1mqAKhE...
Submission Tags: phish.gg anti.fish automated Search All
Submission: On July 19 via api from DE — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 9 domains to perform 12 HTTP transactions. The main IP is 23.41.180.71, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is iam.pearson.com.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on June 28th 2023. Valid for: a year.
This is the only time iam.pearson.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 51.103.95.227 8075 (MICROSOFT...)
3 2a02:26f0:170... 20940 (AKAMAI-ASN1)
1 1 159.182.72.120 29016 (PEARSON-EMEA)
2 3 23.41.180.71 16625 (AKAMAI-AS)
2 108.138.7.60 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a05:d01c:4a0... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
12 7
1    51.103.95.227 (Paris, France)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
edexcelonline.com.mcas-df.ms
3    2a02:26f0:1700:d::1737:6e8f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
mcasproxy.azureedge.net
1    159.182.72.120 (United States)

ASN29016 (PEARSON-EMEA, GB)
PTR: www.edexcelonline.com
edexcelonline.com
3    23.41.180.71 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-41-180-71.deploy.static.akamaitechnologies.com
edexcelonline.pearson.com
iam.pearson.com
2    108.138.7.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-60.fra56.r.cloudfront.net
userportal.pqs.pearsonprd.tech
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a05:d01c:4a0:2f01:d779:1913:8e9c:fe2b (London, United Kingdom)

ASN16509 (AMAZON-02, US)
pearson-shared-acc-prd.auth.eu-west-2.amazoncognito.com
1    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
3 mcasproxy.azureedge.net edexcelonline.com.mcas-df.ms
mcasproxy.azureedge.net
2 userportal.pqs.pearsonprd.tech userportal.pqs.pearsonprd.tech
2 edexcelonline.pearson.com 2 redirects
1 fonts.gstatic.com fonts.googleapis.com
1 iam.pearson.com userportal.pqs.pearsonprd.tech
iam.pearson.com
1 pearson-shared-acc-prd.auth.eu-west-2.amazoncognito.com 1 redirects
1 fonts.googleapis.com client
1 edexcelonline.com 1 redirects
1 edexcelonline.com.mcas-df.ms
0 s.go-mpulse.net Failed iam.pearson.com
12 10

This site contains no links.

Subject Issuer Validity Valid
*.azureedge.net
Microsoft Azure TLS Issuing CA 05		 2023-05-17 -
2024-05-11		 a year crt.sh
*.pqs.pearsonprd.tech
Amazon RSA 2048 M02		 2023-03-05 -
2024-04-02		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-07-03 -
2023-09-25		 3 months crt.sh
*.pearson.com
Sectigo RSA Organization Validation Secure Server CA		 2023-06-28 -
2024-06-27		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-07-03 -
2023-09-25		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://iam.pearson.com/auth/SSORedirect/metaAlias/pearson/saml-idp-mfa?SAMLRequest=fZJPT%2BMwFMTv%2Byki352%2FTbK1mqAKhEDqCqkFDlzQw360lmo7%2BDnA7qdfN21Xy4VjopnfPM14cfFp9sk7etLOdqxIc5aglU5pu%2B3Yw%2F01%2F8ku%2Bh8LArMvB7Ecw86u8W1ECsmSCH2IvktnaTToN%2BjftcSH9apjuxAGElk2IHhyltMOPCoOUvLBqxQiKMWRf0QQL1Mw8MfF2K3VwaXSmWwKzLQaPNIQ%2BciSq6jVFsJ06ZmvwaSnjMl3AGebzd0alfYoQ2YwwHKvgc6nTGgeydy8Akturzr2XFUS2val4U1R1Hw2rys%2Bl9ULr0slZQMz1cyKKCUa8dZSABs6VuZlxfOWF%2FP7vBZFJep5mrftE0sez3WWhzpjwZbEscCOjd4KB6RJWDBIIkixWf5aiSgVg3fBSbdn%2FbFvMQX65Np5A%2BF77%2BGPVvx1kgq0QYffX7K%2Ft8N5S9YfZMc9xGkQQYP4t9XzVpV3zc3qySyy%2F6%2FsT59fH0n%2FFw%3D%3D&RelayState=H4sIAAAAAAAAAD2RbZOaMBSF_0s-G5fXAH7Ttb6BRcVd7XY6TkgiQYFAArK60__eOO3023PnnnvmzLlfAIMRYB3smWqhdcqoFaNF9FGCAUj1ZsOwVKKCMyEzthPkCtezsd4RvUOc50RV0u38nKLatW88KF0zoI4WUC3gbVur0ctLp5ishWxxMawbNaz_etaSDltG-AvBRZFictVXTF8RQZnGs8ZkvI40ZmD0E7AS54UeRM2qnGqopTjnBQO_BiDX2mq68Xp70jR5D9k4OIWMSrrg6P17F0_m7mZ_nIgwrg8iesa7PN0tF2m8atxV--O02MV-Zy7RZ_RwHmq-Zbj3MbpH5qqarNWCJ45zvqJX63N3yJPtrndnQe9syvB-yVC3yd5nZcpWDeHuBzbUCc4P8T6ZTig_ZEvFZhU5oscPtID2G0wjP20mMgyX7eoeryM7z4OG9wm_nbJKXG7fglfvTaLLw5uFW7bsynudVM11lciH0IkLnfhfiVBxLBmFmBD4LBR3LR_-f-cQl_ghKiKyKm_FkIjnW0swMpEfeI6N7EDXCEZnXCg2AFLbWtiwPc_woOEjCh3TdKBvMQOavmGQ1KCeS03t0WrpybYJ9rwUQWSaLnQC14YBsVPoWpQQhB2KHBP8_gNpD5PLYgIAAA.H4sIAAAAAAAAAAEgAN__mPXgsKJPSZx7rFHLicgMC_lSLdEcnb1k5yK7Do0UfSw1elQ1IAAAAA.3
Frame ID: DFAC5F00EE0248E5FC9EEFDCC1DE4D57
Requests: 9 HTTP requests in this frame

Frame: https://mcasproxy.azureedge.net/proxyweb/1.40.28/html/session-context-restore.html
Frame ID: A7A3B13E70949F60049B37A54B04B385
Requests: 2 HTTP requests in this frame

Frame: https://s.go-mpulse.net/boomerang/3K5BX-HA8CQ-MD8VD-XZPQF-N3QW9
Frame ID: EC3660E07500C945CC8EB3B971E4E0B3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Access rights validated

Page URL History Show full URLs

  1. http://edexcelonline.com.mcas-df.ms/ Page URL
  2. https://edexcelonline.com/ HTTP 302
    https://edexcelonline.pearson.com/ HTTP 302
    https://edexcelonline.pearson.com/Account/Login.aspx HTTP 302
    https://userportal.pqs.pearsonprd.tech/?UserPortalReturnUrl=https://edexcelonline.pearson.com/Account/Login.aspx Page URL
  3. https://pearson-shared-acc-prd.auth.eu-west-2.amazoncognito.com/oauth2/authorize?scope=email+openid+profile&response_type=code&client_id=6hh... HTTP 302
    https://iam.pearson.com/auth/SSORedirect/metaAlias/pearson/saml-idp-mfa?SAMLRequest=fZJPT%2BMwFMTv%2... Page URL

Page Statistics

12
Requests

67 %
HTTPS

50 %
IPv6

9
Domains

10
Subdomains

7
IPs

4
Countries

2128 kB
Transfer

2125 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://edexcelonline.com.mcas-df.ms/ Page URL
  2. https://edexcelonline.com/ HTTP 302
    https://edexcelonline.pearson.com/ HTTP 302
    https://edexcelonline.pearson.com/Account/Login.aspx HTTP 302
    https://userportal.pqs.pearsonprd.tech/?UserPortalReturnUrl=https://edexcelonline.pearson.com/Account/Login.aspx Page URL
  3. https://pearson-shared-acc-prd.auth.eu-west-2.amazoncognito.com/oauth2/authorize?scope=email+openid+profile&response_type=code&client_id=6hhicsnr5u8id6p53vh9m519d4&code_challenge=nDP7w3Bqqiw-eA9_KedrdHh6VNuOBG5PTXBoKOpWoL4&code_challenge_method=S256&redirect_uri=https://userportal.pqs.pearsonprd.tech/callback HTTP 302
    https://iam.pearson.com/auth/SSORedirect/metaAlias/pearson/saml-idp-mfa?SAMLRequest=fZJPT%2BMwFMTv%2Byki352%2FTbK1mqAKhEDqCqkFDlzQw360lmo7%2BDnA7qdfN21Xy4VjopnfPM14cfFp9sk7etLOdqxIc5aglU5pu%2B3Yw%2F01%2F8ku%2Bh8LArMvB7Ecw86u8W1ECsmSCH2IvktnaTToN%2BjftcSH9apjuxAGElk2IHhyltMOPCoOUvLBqxQiKMWRf0QQL1Mw8MfF2K3VwaXSmWwKzLQaPNIQ%2BciSq6jVFsJ06ZmvwaSnjMl3AGebzd0alfYoQ2YwwHKvgc6nTGgeydy8Akturzr2XFUS2val4U1R1Hw2rys%2Bl9ULr0slZQMz1cyKKCUa8dZSABs6VuZlxfOWF%2FP7vBZFJep5mrftE0sez3WWhzpjwZbEscCOjd4KB6RJWDBIIkixWf5aiSgVg3fBSbdn%2FbFvMQX65Np5A%2BF77%2BGPVvx1kgq0QYffX7K%2Ft8N5S9YfZMc9xGkQQYP4t9XzVpV3zc3qySyy%2F6%2FsT59fH0n%2FFw%3D%3D&RelayState=H4sIAAAAAAAAAD2RbZOaMBSF_0s-G5fXAH7Ttb6BRcVd7XY6TkgiQYFAArK60__eOO3023PnnnvmzLlfAIMRYB3smWqhdcqoFaNF9FGCAUj1ZsOwVKKCMyEzthPkCtezsd4RvUOc50RV0u38nKLatW88KF0zoI4WUC3gbVur0ctLp5ishWxxMawbNaz_etaSDltG-AvBRZFictVXTF8RQZnGs8ZkvI40ZmD0E7AS54UeRM2qnGqopTjnBQO_BiDX2mq68Xp70jR5D9k4OIWMSrrg6P17F0_m7mZ_nIgwrg8iesa7PN0tF2m8atxV--O02MV-Zy7RZ_RwHmq-Zbj3MbpH5qqarNWCJ45zvqJX63N3yJPtrndnQe9syvB-yVC3yd5nZcpWDeHuBzbUCc4P8T6ZTig_ZEvFZhU5oscPtID2G0wjP20mMgyX7eoeryM7z4OG9wm_nbJKXG7fglfvTaLLw5uFW7bsynudVM11lciH0IkLnfhfiVBxLBmFmBD4LBR3LR_-f-cQl_ghKiKyKm_FkIjnW0swMpEfeI6N7EDXCEZnXCg2AFLbWtiwPc_woOEjCh3TdKBvMQOavmGQ1KCeS03t0WrpybYJ9rwUQWSaLnQC14YBsVPoWpQQhB2KHBP8_gNpD5PLYgIAAA.H4sIAAAAAAAAAAEgAN__mPXgsKJPSZx7rFHLicgMC_lSLdEcnb1k5yK7Do0UfSw1elQ1IAAAAA.3 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://edexcelonline.com/ HTTP 302
  • https://edexcelonline.pearson.com/ HTTP 302
  • https://edexcelonline.pearson.com/Account/Login.aspx HTTP 302
  • https://userportal.pqs.pearsonprd.tech/?UserPortalReturnUrl=https://edexcelonline.pearson.com/Account/Login.aspx

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
edexcelonline.com.mcas-df.ms/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://edexcelonline.com.mcas-df.ms/
Protocol
HTTP/1.1
Server
51.103.95.227 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
openresty /
Resource Hash
8766b2a0cd2b3f88db5b3b5e0dd21f4032696c41d83c0f0e835ac913bc6eb136
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Wed, 19 Jul 2023 05:13:57 GMT
Expires
Mon, 01-Jan-1990 00:00:00 GMT
Pragma
no-cache
Server
openresty
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
X-MCAS-Cache-Status
MISS
X-MCAS-Processing-Time
4
X-MCAS-Request-Id
f00994727688e83886e0dc5a919020cc
X-MCAS-Upstream-Time
n/a
session-context-store-helper.min.js
mcasproxy.azureedge.net/proxyweb/1.40.28/js/ 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mcasproxy.azureedge.net/proxyweb/1.40.28/js/session-context-store-helper.min.js
Requested by
Host: edexcelonline.com.mcas-df.ms
URL: http://edexcelonline.com.mcas-df.ms/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f7e8082c1312de8f6576c7a892af19fe220f91229cdc761f89ac9de5bd2206cd

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://edexcelonline.com.mcas-df.ms/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 19 Jul 2023 05:13:57 GMT
last-modified
Fri, 14 Jul 2023 12:24:12 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
3jgtxwQir6NSqbKdJZMFVw==
etag
0x8DB84653B79ED28
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
7ee977bd-401e-000e-3e65-b6f121000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31139792
x-ms-version
2009-09-19
content-length
5197
session-context-restore.html
mcasproxy.azureedge.net/proxyweb/1.40.28/html/ Frame A7A3 		209 B
651 B 		Document
General
Check archive.org
Download Go to
Full URL
https://mcasproxy.azureedge.net/proxyweb/1.40.28/html/session-context-restore.html
Requested by
Host: mcasproxy.azureedge.net
URL: https://mcasproxy.azureedge.net/proxyweb/1.40.28/js/session-context-store-helper.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a3c954e6d1422643abfe41e74b726918caa087460903ec4267bc4e5293132451

Request headers

Referer
http://edexcelonline.com.mcas-df.ms/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

access-control-allow-origin
*
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31139742
content-length
209
content-md5
xcQ/+x+i42xZPwR88wJc4A==
content-type
text/html
date
Wed, 19 Jul 2023 05:13:57 GMT
etag
0x8DB8465394B9E88
last-modified
Fri, 14 Jul 2023 12:24:09 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type
BlockBlob
x-ms-lease-status
unlocked
x-ms-request-id
7f19f999-101e-006b-2065-b63409000000
x-ms-version
2009-09-19
session-context-restore.min.js
mcasproxy.azureedge.net/proxyweb/1.40.28/js/ Frame A7A3 		38 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mcasproxy.azureedge.net/proxyweb/1.40.28/js/session-context-restore.min.js
Requested by
Host: mcasproxy.azureedge.net
URL: https://mcasproxy.azureedge.net/proxyweb/1.40.28/html/session-context-restore.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://mcasproxy.azureedge.net/proxyweb/1.40.28/html/session-context-restore.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 19 Jul 2023 05:13:57 GMT
last-modified
Fri, 14 Jul 2023 12:24:13 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
2u/nRMqYlghY72wnu4IPCA==
etag
0x8DB84653BA7FB55
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
e3e0ca94-001e-000a-7a65-b65d29000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31139839
x-ms-version
2009-09-19
content-length
39132
/
userportal.pqs.pearsonprd.tech/
Redirect Chain
  • https://edexcelonline.com/?
  • https://edexcelonline.pearson.com/?
  • https://edexcelonline.pearson.com/Account/Login.aspx
  • https://userportal.pqs.pearsonprd.tech/?UserPortalReturnUrl=https://edexcelonline.pearson.com/Account/Login.aspx
612 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://userportal.pqs.pearsonprd.tech/?UserPortalReturnUrl=https://edexcelonline.pearson.com/Account/Login.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-60.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3412ed9e0ce0e715fe82339a07631cfdb87cf36e1c043950a5d8896adc230c93
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline';style-src 'self' 'unsafe-inline' fonts.googleapis.com;img-src 'self' data:;font-src 'self' fonts.googleapis.com fonts.gstatic.com;form-action 'self';frame-ancestors 'self';block-all-mixed-content
Strict-Transport-Security max-age= 31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
http://edexcelonline.com.mcas-df.ms/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-length
612
content-security-policy
script-src 'self' 'unsafe-inline';style-src 'self' 'unsafe-inline' fonts.googleapis.com;img-src 'self' data:;font-src 'self' fonts.googleapis.com fonts.gstatic.com;form-action 'self';frame-ancestors 'self';block-all-mixed-content
content-type
text/html
date
Wed, 19 Jul 2023 05:13:59 GMT
etag
"af61be26eac600d8482fc09c539d2743"
last-modified
Wed, 17 May 2023 09:28:28 GMT
server
AmazonS3
strict-transport-security
max-age= 31536000; includeSubdomains; preload
via
1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
x-amz-cf-id
hNHaZBa32jPPgmcbaJRy-LxoXnPBHjd4_8OFnP8WK8x6K8knHP2gBg==
x-amz-cf-pop
FRA56-P6
x-amz-id-2
7tRVv6bQETYMDWN3IyHaeNq1BGyaD4nFm7KQaMdfajvD9f4C8pjb/eOymMYcz3Z6tJB7hf5+stw=
x-amz-request-id
2QTBV59R63M05N4P
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
sameorigin
x-xss-protection
1; mode=block

Redirect headers

akamai-cache-status
Miss from child
akamai-grn
0.0a284317.1689743638.3a678a5
cache-control
max-age=0, no-cache, no-store
content-length
228
content-type
text/html; charset=utf-8
date
Wed, 19 Jul 2023 05:13:58 GMT
expires
Wed, 19 Jul 2023 05:13:58 GMT
location
https://userportal.pqs.pearsonprd.tech?UserPortalReturnUrl=https://edexcelonline.pearson.com/Account/Login.aspx
pragma
no-cache
server-timing
edge; dur=3 origin; dur=30 cdn-cache; desc=MISS ak_p; desc="469373_390277130_61241509_3036_10292_25_0_-";dur=1
sid
2
strict-transport-security
max-age=31536000
x-aspnet-version
x-frame-options
DENY
main.4c30a782.js
userportal.pqs.pearsonprd.tech/static/js/ 		2 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://userportal.pqs.pearsonprd.tech/static/js/main.4c30a782.js
Requested by
Host: userportal.pqs.pearsonprd.tech
URL: https://userportal.pqs.pearsonprd.tech/?UserPortalReturnUrl=https://edexcelonline.pearson.com/Account/Login.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-60.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d6d98199c761f17e7e800beb5763018c81eda1f55069ced6561d012a459d8dbd
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline';style-src 'self' 'unsafe-inline' fonts.googleapis.com;img-src 'self' data:;font-src 'self' fonts.googleapis.com fonts.gstatic.com;form-action 'self';frame-ancestors 'self';block-all-mixed-content
Strict-Transport-Security max-age= 31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://userportal.pqs.pearsonprd.tech/?UserPortalReturnUrl=https://edexcelonline.pearson.com/Account/Login.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 19 Jul 2023 02:10:42 GMT
strict-transport-security
max-age= 31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'unsafe-inline';style-src 'self' 'unsafe-inline' fonts.googleapis.com;img-src 'self' data:;font-src 'self' fonts.googleapis.com fonts.gstatic.com;form-action 'self';frame-ancestors 'self';block-all-mixed-content
via
1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
x-amz-request-id
13R4CVBMR1R31SKT
x-amz-cf-pop
FRA56-P6
x-amz-server-side-encryption
AES256
age
10997
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
2100995
x-amz-id-2
8+eTBP2Wi8goeQOf+skRg6vDsDlYE7VF7xo3JDyJMontAj/+rJqg+a08wzaBhD6UZB1GiNxOAlo=
x-xss-protection
1; mode=block
last-modified
Wed, 17 May 2023 09:28:27 GMT
server
AmazonS3
etag
"4ecd6c9b03c3adda11c5ac5e2b6b6d51"
x-frame-options
sameorigin
content-type
application/javascript
accept-ranges
bytes
x-amz-cf-id
bRZROuwCc7pfq7ccQTV4Tp0jM7rLxjUn0B6DARrEdJs1vNZ9JZoAYg==
css2
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://userportal.pqs.pearsonprd.tech/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 19 Jul 2023 05:13:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 19 Jul 2023 04:12:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 19 Jul 2023 05:13:58 GMT
Primary Request saml-idp-mfa
iam.pearson.com/auth/SSORedirect/metaAlias/pearson/
Redirect Chain
  • https://pearson-shared-acc-prd.auth.eu-west-2.amazoncognito.com/oauth2/authorize?scope=email+openid+profile&response_type=code&client_id=6hhicsnr5u8id6p53vh9m519d4&code_challenge=nDP7w3Bqqiw-eA9_Ke...
  • https://iam.pearson.com/auth/SSORedirect/metaAlias/pearson/saml-idp-mfa?SAMLRequest=fZJPT%2BMwFMTv%2Byki352%2FTbK1mqAKhEDqCqkFDlzQw360lmo7%2BDnA7qdfN21Xy4VjopnfPM14cfFp9sk7etLOdqxIc5aglU5pu%2B3Yw%2...
6 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://iam.pearson.com/auth/SSORedirect/metaAlias/pearson/saml-idp-mfa?SAMLRequest=fZJPT%2BMwFMTv%2Byki352%2FTbK1mqAKhEDqCqkFDlzQw360lmo7%2BDnA7qdfN21Xy4VjopnfPM14cfFp9sk7etLOdqxIc5aglU5pu%2B3Yw%2F01%2F8ku%2Bh8LArMvB7Ecw86u8W1ECsmSCH2IvktnaTToN%2BjftcSH9apjuxAGElk2IHhyltMOPCoOUvLBqxQiKMWRf0QQL1Mw8MfF2K3VwaXSmWwKzLQaPNIQ%2BciSq6jVFsJ06ZmvwaSnjMl3AGebzd0alfYoQ2YwwHKvgc6nTGgeydy8Akturzr2XFUS2val4U1R1Hw2rys%2Bl9ULr0slZQMz1cyKKCUa8dZSABs6VuZlxfOWF%2FP7vBZFJep5mrftE0sez3WWhzpjwZbEscCOjd4KB6RJWDBIIkixWf5aiSgVg3fBSbdn%2FbFvMQX65Np5A%2BF77%2BGPVvx1kgq0QYffX7K%2Ft8N5S9YfZMc9xGkQQYP4t9XzVpV3zc3qySyy%2F6%2FsT59fH0n%2FFw%3D%3D&RelayState=H4sIAAAAAAAAAD2RbZOaMBSF_0s-G5fXAH7Ttb6BRcVd7XY6TkgiQYFAArK60__eOO3023PnnnvmzLlfAIMRYB3smWqhdcqoFaNF9FGCAUj1ZsOwVKKCMyEzthPkCtezsd4RvUOc50RV0u38nKLatW88KF0zoI4WUC3gbVur0ctLp5ishWxxMawbNaz_etaSDltG-AvBRZFictVXTF8RQZnGs8ZkvI40ZmD0E7AS54UeRM2qnGqopTjnBQO_BiDX2mq68Xp70jR5D9k4OIWMSrrg6P17F0_m7mZ_nIgwrg8iesa7PN0tF2m8atxV--O02MV-Zy7RZ_RwHmq-Zbj3MbpH5qqarNWCJ45zvqJX63N3yJPtrndnQe9syvB-yVC3yd5nZcpWDeHuBzbUCc4P8T6ZTig_ZEvFZhU5oscPtID2G0wjP20mMgyX7eoeryM7z4OG9wm_nbJKXG7fglfvTaLLw5uFW7bsynudVM11lciH0IkLnfhfiVBxLBmFmBD4LBR3LR_-f-cQl_ghKiKyKm_FkIjnW0swMpEfeI6N7EDXCEZnXCg2AFLbWtiwPc_woOEjCh3TdKBvMQOavmGQ1KCeS03t0WrpybYJ9rwUQWSaLnQC14YBsVPoWpQQhB2KHBP8_gNpD5PLYgIAAA.H4sIAAAAAAAAAAEgAN__mPXgsKJPSZx7rFHLicgMC_lSLdEcnb1k5yK7Do0UfSw1elQ1IAAAAA.3
Requested by
Host: userportal.pqs.pearsonprd.tech
URL: https://userportal.pqs.pearsonprd.tech/static/js/main.4c30a782.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.41.180.71 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-180-71.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://userportal.pqs.pearsonprd.tech/?UserPortalReturnUrl=https://edexcelonline.pearson.com/Account/Login.aspx
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Host,Origin,User-Agent,Accept-Language,Referer,DNT,Accept-Encoding,X-Password,X-Username,PearsonExtDC,Authorization,X-OpenAM-Username,X-OpenAM-Password,X-Requested-With,Content-Type,Accept,amlbcookie,PearsonExtSSOSession,authServerId,authRequestTS,Accept-API-Version,If-Match,If-None-Match
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT
access-control-allow-origin
(null)
access-control-expose-headers
x-routingregion
access-control-max-age
1000
content-encoding
gzip
content-length
3697
content-type
text/html;charset=UTF-8
date
Wed, 19 Jul 2023 05:14:01 GMT
server
Apache
server-timing
cdn-cache; desc=HIT edge; dur=2247 ak_p; desc="469373_390277130_61242708_242423_293431_25_0_-";dur=1
vary
Accept-Encoding
x-akamai-transformed
9 3093 0 pmb=mRUM,2
x-routingregion
EU

Redirect headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
date
Wed, 19 Jul 2023 05:13:59 GMT
location
https://iam.pearson.com/auth/SSORedirect/metaAlias/pearson/saml-idp-mfa?SAMLRequest=fZJPT%2BMwFMTv%2Byki352%2FTbK1mqAKhEDqCqkFDlzQw360lmo7%2BDnA7qdfN21Xy4VjopnfPM14cfFp9sk7etLOdqxIc5aglU5pu%2B3Yw%2F01%2F8ku%2Bh8LArMvB7Ecw86u8W1ECsmSCH2IvktnaTToN%2BjftcSH9apjuxAGElk2IHhyltMOPCoOUvLBqxQiKMWRf0QQL1Mw8MfF2K3VwaXSmWwKzLQaPNIQ%2BciSq6jVFsJ06ZmvwaSnjMl3AGebzd0alfYoQ2YwwHKvgc6nTGgeydy8Akturzr2XFUS2val4U1R1Hw2rys%2Bl9ULr0slZQMz1cyKKCUa8dZSABs6VuZlxfOWF%2FP7vBZFJep5mrftE0sez3WWhzpjwZbEscCOjd4KB6RJWDBIIkixWf5aiSgVg3fBSbdn%2FbFvMQX65Np5A%2BF77%2BGPVvx1kgq0QYffX7K%2Ft8N5S9YfZMc9xGkQQYP4t9XzVpV3zc3qySyy%2F6%2FsT59fH0n%2FFw%3D%3D&RelayState=H4sIAAAAAAAAAD2RbZOaMBSF_0s-G5fXAH7Ttb6BRcVd7XY6TkgiQYFAArK60__eOO3023PnnnvmzLlfAIMRYB3smWqhdcqoFaNF9FGCAUj1ZsOwVKKCMyEzthPkCtezsd4RvUOc50RV0u38nKLatW88KF0zoI4WUC3gbVur0ctLp5ishWxxMawbNaz_etaSDltG-AvBRZFictVXTF8RQZnGs8ZkvI40ZmD0E7AS54UeRM2qnGqopTjnBQO_BiDX2mq68Xp70jR5D9k4OIWMSrrg6P17F0_m7mZ_nIgwrg8iesa7PN0tF2m8atxV--O02MV-Zy7RZ_RwHmq-Zbj3MbpH5qqarNWCJ45zvqJX63N3yJPtrndnQe9syvB-yVC3yd5nZcpWDeHuBzbUCc4P8T6ZTig_ZEvFZhU5oscPtID2G0wjP20mMgyX7eoeryM7z4OG9wm_nbJKXG7fglfvTaLLw5uFW7bsynudVM11lciH0IkLnfhfiVBxLBmFmBD4LBR3LR_-f-cQl_ghKiKyKm_FkIjnW0swMpEfeI6N7EDXCEZnXCg2AFLbWtiwPc_woOEjCh3TdKBvMQOavmGQ1KCeS03t0WrpybYJ9rwUQWSaLnQC14YBsVPoWpQQhB2KHBP8_gNpD5PLYgIAAA.H4sIAAAAAAAAAAEgAN__mPXgsKJPSZx7rFHLicgMC_lSLdEcnb1k5yK7Do0UfSw1elQ1IAAAAA.3
pragma
no-cache
server
Server
strict-transport-security
max-age=31536000 ; includeSubDomains
x-amz-cognito-request-id
2a037707-086d-4114-82e0-1800cb0d75d1
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v35/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v35/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://userportal.pqs.pearsonprd.tech
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 02:30:05 GMT
x-content-type-options
nosniff
age
355434
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18664
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:19:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 14 Jul 2024 02:30:05 GMT
purify.min.js
iam.pearson.com/auth/js/DomPurify/ 		0
0
saml2-write.js
iam.pearson.com/auth/js/ 		0
0
3K5BX-HA8CQ-MD8VD-XZPQF-N3QW9
s.go-mpulse.net/boomerang/ Frame EC36 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
iam.pearson.com
URL
https://iam.pearson.com/auth/js/DomPurify/purify.min.js
Domain
iam.pearson.com
URL
https://iam.pearson.com/auth/js/saml2-write.js
Domain
s.go-mpulse.net
URL
https://s.go-mpulse.net/boomerang/3K5BX-HA8CQ-MD8VD-XZPQF-N3QW9

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend object| BOOMR_mq string| BOOMR_API_key object| BOOMR number| BOOMR_lstart

6 Cookies

Domain/Path Name / Value
edexcelonline.pearson.com/ Name: ASP.NET_SessionId
Value: 2w3sro55hhoy3455qobdazye
edexcelonline.pearson.com/ Name: BIGipServer~PQS~www.edexcelonline.com_80
Value: 2143559690.20480.0000
.pearson.com/ Name: AKA_A2
Value: A
pearson-shared-acc-prd.auth.eu-west-2.amazoncognito.com/ Name: XSRF-TOKEN
Value: 2c458d32-f79b-4025-993e-e6fb6d7676fb
pearson-shared-acc-prd.auth.eu-west-2.amazoncognito.com/ Name: csrf-state
Value: RnTXDlRO8u1I6xLz4zsGQeaw8a6yL1JnBMsHhS44fk6C2xRWiSQRw5F9w4PmKyjg6uPgVFmbeJqch5Za0s_-GWOTSDBdhWgIseFncX6zY6H-3U-bL8bqBrKKItJyOML3ii9qhwShv_gnojvE9C7Ur6jz7FKQeIumypSnqkJSrzo
pearson-shared-acc-prd.auth.eu-west-2.amazoncognito.com/ Name: csrf-state-legacy
Value: RnTXDlRO8u1I6xLz4zsGQeaw8a6yL1JnBMsHhS44fk6C2xRWiSQRw5F9w4PmKyjg6uPgVFmbeJqch5Za0s_-GWOTSDBdhWgIseFncX6zY6H-3U-bL8bqBrKKItJyOML3ii9qhwShv_gnojvE9C7Ur6jz7FKQeIumypSnqkJSrzo

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000