identity.onceforall.com Open in urlscan Pro
52.16.54.94 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://r31j.mjt.lu/lnk/CAAAA3lxgGwAAAAAAAAAAKtgT7wAAAAC_3wAAAAAAAps6QBjceQHcruN4SiQTwKUz9AfSt97PgAINwQ/2/p0rbJOI4iu...
Effective URL:
https://identity.onceforall.com/auth/realms/OnceForAll/protocol/openid-connect/auth?client_id=front-onceforall&redirect_uri=http...
Submission: On November 14 via manual (November 14th 2022, 10:49:33 am UTC) from FR — Scanned from FR

Summary HTTP 28 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 8 IPs in 4 countries across 9 domains to perform 28 HTTP transactions. The main IP is 52.16.54.94, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is identity.onceforall.com.
TLS certificate: Issued by Amazon on July 25th 2022. Valid for: a year.

This is the only time identity.onceforall.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	35.241.186.140 35.241.186.140	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	108.156.60.80 108.156.60.80	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
1	13.32.27.15 13.32.27.15	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
10	52.16.54.94 52.16.54.94	16509 (AMAZON-02) (AMAZON-02)
28	8

1 35.241.186.140 (Brussels, Belgium) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 140.186.241.35.bc.googleusercontent.com

r31j.mjt.lu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 108.156.60.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-60-80.ams1.r.cloudfront.net

platform.onceforall.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-15.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 52.16.54.94 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-54-94.eu-west-1.compute.amazonaws.com

identity.onceforall.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	onceforall.com platform.onceforall.com identity.onceforall.com	1 MB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43	3 KB
2	gstatic.com fonts.gstatic.com	61 KB
1	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 625 script.hotjar.com Failed vars.hotjar.com Failed	3 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 53
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 374	7 KB
1	mjt.lu 1 redirects r31j.mjt.lu	188 B
0	datadoghq.eu Failed rum-http-intake.logs.datadoghq.eu Failed
0	sentry.io Failed sentry.io Failed
28	9

	Domain	Requested by
10	identity.onceforall.com	platform.onceforall.com identity.onceforall.com
4	fonts.googleapis.com	platform.onceforall.com identity.onceforall.com
4	platform.onceforall.com	platform.onceforall.com
2	fonts.gstatic.com	fonts.googleapis.com
1	static.hotjar.com	platform.onceforall.com
1	www.googletagmanager.com	platform.onceforall.com
1	cdn.jsdelivr.net	platform.onceforall.com
1	r31j.mjt.lu	1 redirects
0	vars.hotjar.com Failed	static.hotjar.com
0	script.hotjar.com Failed	static.hotjar.com
0	rum-http-intake.logs.datadoghq.eu Failed	platform.onceforall.com
0	sentry.io Failed	platform.onceforall.com
28	12

This site contains links to these domains. Also see Links.

Domain
platform.onceforall.com

Subject Issuer	Validity	Valid
*.onceforall.com Amazon	`2022-07-10` - `2023-08-08`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-01`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.hotjar.com Amazon	`2022-10-25` - `2023-11-23`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
onceforall.com Amazon	`2022-07-25` - `2023-08-23`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://identity.onceforall.com/auth/realms/OnceForAll/protocol/openid-connect/auth?client_id=front-onceforall&redirect_uri=https%3A%2F%2Fplatform.onceforall.com%2F%3FforceOrganisationId%3D13386&state=88d518ad-dcda-4036-850f-8ada786ab0cd&response_mode=fragment&response_type=code&scope=openid&nonce=12843faa-0975-423d-b3c6-0267b47c7a2f&ui_locales=en
Frame ID: 543529104576B0BB5553A3A43C634706
Requests: 27 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-c6ca1c87e308a39aabb76b56ba54398b.html
Frame ID: 893B404E41B47C95F1FBD732DEEB3938
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Welcome back to OnceForAll

Page URL History Show full URLs

http://r31j.mjt.lu/lnk/CAAAA3lxgGwAAAAAAAAAAKtgT7wAAAAC_3wAAAAAAAps6QBjceQHcruN4SiQTwKUz9AfSt97... HTTP 302
https://platform.onceforall.com/?forceOrganisationId=13386 Page URL
https://identity.onceforall.com/auth/realms/OnceForAll/protocol/openid-connect/auth?client_id=front-oncefora... Page URL

Detected technologies

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

28
Requests

82 %
HTTPS

50 %
IPv6

9
Domains

12
Subdomains

8
IPs

4
Countries

1222 kB
Transfer

4812 kB
Size

6
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://platform.onceforall.com/register-user
Title: Create an account

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://r31j.mjt.lu/lnk/CAAAA3lxgGwAAAAAAAAAAKtgT7wAAAAC_3wAAAAAAAps6QBjceQHcruN4SiQTwKUz9AfSt97PgAINwQ/2/p0rbJOI4iuP0zURSkxt1Eg/aHR0cHM6Ly9wbGF0Zm9ybS5vbmNlZm9yYWxsLmNvbT9mb3JjZU9yZ2FuaXNhdGlvbklkPTEzMzg2 HTTP 302
https://platform.onceforall.com/?forceOrganisationId=13386 Page URL
https://identity.onceforall.com/auth/realms/OnceForAll/protocol/openid-connect/auth?client_id=front-onceforall&redirect_uri=https%3A%2F%2Fplatform.onceforall.com%2F%3FforceOrganisationId%3D13386&state=88d518ad-dcda-4036-850f-8ada786ab0cd&response_mode=fragment&response_type=code&scope=openid&nonce=12843faa-0975-423d-b3c6-0267b47c7a2f&ui_locales=en Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://r31j.mjt.lu/lnk/CAAAA3lxgGwAAAAAAAAAAKtgT7wAAAAC_3wAAAAAAAps6QBjceQHcruN4SiQTwKUz9AfSt97PgAINwQ/2/p0rbJOI4iuP0zURSkxt1Eg/aHR0cHM6Ly9wbGF0Zm9ybS5vbmNlZm9yYWxsLmNvbT9mb3JjZU9yZ2FuaXNhdGlvbklkPTEzMzg2 HTTP 302
https://platform.onceforall.com/?forceOrganisationId=13386

28 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
platform.onceforall.com/
Redirect Chain

http://r31j.mjt.lu/lnk/CAAAA3lxgGwAAAAAAAAAAKtgT7wAAAAC_3wAAAAAAAps6QBjceQHcruN4SiQTwKUz9AfSt97PgAINwQ/2/p0rbJOI4iuP0zURSkxt1Eg/aHR0cHM6Ly9wbGF0Zm9ybS5vbmNlZm9yYWxsLmNvbT9mb3JjZU9yZ2FuaXNhdGlvbklkP...
https://platform.onceforall.com/?forceOrganisationId=13386

1 KB
1 KB

133ms
49ms

Document
text/html

108.156.60.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.onceforall.com/?forceOrganisationId=13386
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.60.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-60-80.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 95a5ea67208cde216eeea72a8ac405edbc90af5f32a8e58037c12a63c5cf0a49

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-type: text/html
date: Mon, 14 Nov 2022 10:49:28 GMT
etag: W/"82e1fd6f79ebf7b48cab45a4d923a7c2"
last-modified: Wed, 09 Nov 2022 13:14:59 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 fabf8b14862325981b1496bd502a7818.cloudfront.net (CloudFront)
x-amz-cf-id: v136gstKsSRmsyzz4xZGvx6gUVvkBKy79zrmaP-yxRotCxX4-BFF9g==
x-amz-cf-pop: AMS1-P2
x-cache: Miss from cloudfront

Redirect headers

content-length: 80
content-type: text/html; charset=utf-8
date: Mon, 14 Nov 2022 10:49:27 GMT
location: https://platform.onceforall.com?forceOrganisationId=13386

GET
H2 200 es5.js Show response
cdn.jsdelivr.net/npm/bowser@latest/ 25 KB
7 KB 87ms
30ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bowser@latest/es5.js

Requested by

Host: platform.onceforall.com
URL: https://platform.onceforall.com/?forceOrganisationId=13386

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1be5ea9bb591a419d35215e734bc9aa5ca1b0fe447009a221c9f960ed28332a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://platform.onceforall.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 10:49:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2159
x-jsd-version: 2.11.0
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19142-FRA, cache-itm18842-ITM
x-jsd-version-type: version
server: cloudflare
etag: W/"658c-XW2aDp7SRio4xztlFpSvHsTPHtA"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yfRFp67O%2BvzHgLlSfsjII1ZFHTnDUues1A2SQtd07eY6GemlK1R8sf1IBqA9%2FBO2It%2B6vdpDfTkTOZo%2BsOQTuHFZsZwxJDsbxT8GiDQsSUOXKGO9sQv6K6UmRSICgGhU9q1lCAPAr5uZ93gZaNw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 769f2e3e2e28d65e-CDG

GET
H2 200 main.47830fb2.js Show response
platform.onceforall.com/static/js/ 4 MB
1 MB 39ms
38ms Script
application/javascript 108.156.60.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.onceforall.com/static/js/main.47830fb2.js
Requested by: Host: platform.onceforall.com
URL: https://platform.onceforall.com/?forceOrganisationId=13386
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.60.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-60-80.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a509f2f7dd3bd5d9489d3a70fdda925ebeba394296cccfc299516b18e2cd5617

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://platform.onceforall.com/?forceOrganisationId=13386
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 10:45:55 GMT
content-encoding: gzip
via: 1.1 fabf8b14862325981b1496bd502a7818.cloudfront.net (CloudFront)
last-modified: Wed, 09 Nov 2022 13:14:56 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P2
age: 213
etag: W/"e5e776b4c2371e14bcf9fe259156f2c9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 4NWRIPsAJcxTkXn4EyOQsd31m2JBFIIhyyXqOSRNuYTNcrpKwQs8ag==

GET
H2 200 main.33425914.css
platform.onceforall.com/static/css/ 122 KB
23 KB 143ms
143ms Stylesheet
text/css 108.156.60.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.onceforall.com/static/css/main.33425914.css
Requested by: Host: platform.onceforall.com
URL: https://platform.onceforall.com/?forceOrganisationId=13386
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.60.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-60-80.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a0cd0a41e5a9663500e7d799679ae8756ae3057b43008a2756f46052a389e907

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://platform.onceforall.com/?forceOrganisationId=13386
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 10:45:04 GMT
content-encoding: gzip
via: 1.1 fabf8b14862325981b1496bd502a7818.cloudfront.net (CloudFront)
last-modified: Wed, 09 Nov 2022 13:14:56 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P2
age: 265
etag: W/"cd1137984154321238e14da20f501b3e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: 9dnSyCiGU_nwyX2xqeCctInv2SsV7DpF0VVbxZjpGAY6W8N1hdkMAQ==

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 95ms
35ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:300,400,500,600

Requested by

Host: platform.onceforall.com
URL: https://platform.onceforall.com/static/css/main.33425914.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://platform.onceforall.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 14 Nov 2022 10:49:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 10:43:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Nov 2022 10:49:28 GMT

POST /
sentry.io/api/1387075/envelope/ 0
0

GET
H2 200 js
www.googletagmanager.com/gtag/ 135 KB
0 116ms
43ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-VTK2ZKJT18

Requested by

Host: platform.onceforall.com
URL: https://platform.onceforall.com/static/js/main.47830fb2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://platform.onceforall.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 10:49:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78719
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 14 Nov 2022 10:49:28 GMT

GET
H2 200 hotjar-2018198.js
static.hotjar.com/c/ 4 KB
3 KB 98ms
27ms Script
application/javascript 13.32.27.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2018198.js?sv=6

Requested by

Host: platform.onceforall.com
URL: https://platform.onceforall.com/static/js/main.47830fb2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.15 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-15.fra56.r.cloudfront.net

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://platform.onceforall.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 10:48:59 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 ef4ff53b101ef123a46ec560b6c94cb8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 29
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/26a5e2a2d41490bd155d672d71b0c00d
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
x-amz-cf-id: c0VTP-HJnd2AUT05h6ha2HtiESiea5STminUb2bNPl2t-CGcsN-j_A==

GET
H2 200 maintenance.json
platform.onceforall.com/maintenance/ 304 B
649 B 40ms
39ms XHR
application/json 108.156.60.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.onceforall.com/maintenance/maintenance.json
Requested by: Host: platform.onceforall.com
URL: https://platform.onceforall.com/static/js/main.47830fb2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.60.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-60-80.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

pragma: no-cache
cache-control: no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0
Referer: https://platform.onceforall.com/?forceOrganisationId=13386
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
expires: 0, Tue, 01 Jan 1980 1:00:00 GMT

Response headers

date: Mon, 14 Nov 2022 10:49:29 GMT
via: 1.1 fabf8b14862325981b1496bd502a7818.cloudfront.net (CloudFront)
last-modified: Tue, 08 Nov 2022 17:16:54 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P2
etag: "5433d7b05927658ff157732de23443a8"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/json
cache-control: no-cache
content-length: 304
x-amz-cf-id: U4KM32XwS-3D2uELiVZ2f2VkNjjgKJh3gwChdt5x5OY926e-i5-Igw==

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
31 KB 98ms
27ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,500,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://platform.onceforall.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 01:41:22 GMT
x-content-type-options: nosniff
age: 292086
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Nov 2023 01:41:22 GMT

GET
H2 200 Primary Request auth Show response
identity.onceforall.com/auth/realms/OnceForAll/protocol/openid-connect/ 6 KB
8 KB 133ms
32ms Document
text/html 52.16.54.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.onceforall.com/auth/realms/OnceForAll/protocol/openid-connect/auth?client_id=front-onceforall&redirect_uri=https%3A%2F%2Fplatform.onceforall.com%2F%3FforceOrganisationId%3D13386&state=88d518ad-dcda-4036-850f-8ada786ab0cd&response_mode=fragment&response_type=code&scope=openid&nonce=12843faa-0975-423d-b3c6-0267b47c7a2f&ui_locales=en

Requested by

Host: platform.onceforall.com
URL: https://platform.onceforall.com/static/js/main.47830fb2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.16.54.94 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-16-54-94.eu-west-1.compute.amazonaws.com

Software

Resource Hash

b6bec5a8563bccb7f3eeb661dfaccbca4519463a5c50f501645a06cd6ca832df

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self'; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://platform.onceforall.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: no-store, must-revalidate, max-age=0
content-language: en
content-length: 6408
content-security-policy: frame-src 'self'; frame-ancestors 'self'; object-src 'none';
content-type: text/html;charset=utf-8
date: Mon, 14 Nov 2022 10:49:28 GMT
referrer-policy: no-referrer
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-robots-tag: none
x-xss-protection: 1; mode=block

POST pubb6a99307b63fc9c460a5f59bc281d6bc
rum-http-intake.logs.datadoghq.eu/v1/input/ 0
0

GET modules.b738078c6419b4df4360.js
script.hotjar.com/ 0
0

GET box-c6ca1c87e308a39aabb76b56ba54398b.html
vars.hotjar.com/ Frame 893B 0
0

POST pubb6a99307b63fc9c460a5f59bc281d6bc
rum-http-intake.logs.datadoghq.eu/v1/input/ 0
0

GET
H2 200 login.css
identity.onceforall.com/auth/resources/itlyj/login/onceforall/css/ 3 KB
1 KB 32ms
30ms Stylesheet
text/css 52.16.54.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.onceforall.com/auth/resources/itlyj/login/onceforall/css/login.css

Requested by

Host: identity.onceforall.com
URL: https://identity.onceforall.com/auth/realms/OnceForAll/protocol/openid-connect/auth?client_id=front-onceforall&redirect_uri=https%3A%2F%2Fplatform.onceforall.com%2F%3FforceOrganisationId%3D13386&state=88d518ad-dcda-4036-850f-8ada786ab0cd&response_mode=fragment&response_type=code&scope=openid&nonce=12843faa-0975-423d-b3c6-0267b47c7a2f&ui_locales=en

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.16.54.94 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-16-54-94.eu-west-1.compute.amazonaws.com

Software

Resource Hash

54152b0683d74d1cd180754a45c09e12301679846bc48fe377bbe2bced1f46e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 10:49:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer
x-content-type-options: nosniff
content-encoding: gzip
content-type: text/css;charset=UTF-8
cache-control: max-age=2592000
content-length: 972
x-xss-protection: 1; mode=block

GET
H2 200 mui.min.css
identity.onceforall.com/auth/resources/itlyj/login/onceforall/lib/muicss/ 43 KB
7 KB 33ms
31ms Stylesheet
text/css 52.16.54.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.onceforall.com/auth/resources/itlyj/login/onceforall/lib/muicss/mui.min.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.16.54.94 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-16-54-94.eu-west-1.compute.amazonaws.com

Software

Resource Hash

0f1a780e95cc038527ae6a38b360699c520386e2e19eab87638149b5df46f527

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 10:49:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer
x-content-type-options: nosniff
content-encoding: gzip
content-type: text/css;charset=UTF-8
cache-control: max-age=2592000
content-length: 6868
x-xss-protection: 1; mode=block

GET
H2 200 main-fo.css
identity.onceforall.com/auth/resources/itlyj/login/onceforall/lib/kit-ui/ 91 KB
18 KB 34ms
32ms Stylesheet
text/css 52.16.54.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.onceforall.com/auth/resources/itlyj/login/onceforall/lib/kit-ui/main-fo.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.16.54.94 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-16-54-94.eu-west-1.compute.amazonaws.com

Software

Resource Hash

8dbca6d18fee51397d4d8e096995fe66057fd1f0df9667931b5c03445275cd6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 10:49:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer
x-content-type-options: nosniff
content-encoding: gzip
content-type: text/css;charset=UTF-8
cache-control: max-age=2592000
x-xss-protection: 1; mode=block

GET
H2 200 mui.min.js Show response
identity.onceforall.com/auth/resources/itlyj/login/onceforall/lib/muicss/ 19 KB
7 KB 60ms
58ms Script
text/javascript 52.16.54.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.onceforall.com/auth/resources/itlyj/login/onceforall/lib/muicss/mui.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.16.54.94 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-16-54-94.eu-west-1.compute.amazonaws.com

Software

Resource Hash

5eec11d77bd27cabf6a7f11894f7dc1e2a7802e7cfbdc5cc271cc31ec837db5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 10:49:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer
x-content-type-options: nosniff
content-encoding: gzip
content-type: text/javascript;charset=UTF-8
cache-control: max-age=2592000
content-length: 6606
x-xss-protection: 1; mode=block

GET
H2 200 foreach.js Show response
identity.onceforall.com/auth/resources/itlyj/login/onceforall/lib/polyfill/ 258 B
735 B 62ms
61ms Script
text/javascript 52.16.54.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.onceforall.com/auth/resources/itlyj/login/onceforall/lib/polyfill/foreach.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.16.54.94 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-16-54-94.eu-west-1.compute.amazonaws.com

Software

Resource Hash

b4a256aa20a3366e6cf1c809111ac5b55fc2a52e35250b6e0fd117cbd12dd0c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 10:49:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer
x-content-type-options: nosniff
content-encoding: gzip
content-type: text/javascript;charset=UTF-8
cache-control: max-age=2592000
content-length: 175
x-xss-protection: 1; mode=block

GET
H2 200 url.js Show response
identity.onceforall.com/auth/resources/itlyj/login/onceforall/lib/polyfill/ 9 KB
3 KB 61ms
60ms Script
text/javascript 52.16.54.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.onceforall.com/auth/resources/itlyj/login/onceforall/lib/polyfill/url.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.16.54.94 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-16-54-94.eu-west-1.compute.amazonaws.com

Software

Resource Hash

311c9dc7674d1fa3bedc12798df297d18037cd2bae878350f412e1d68a276c2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 10:49:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer
x-content-type-options: nosniff
content-encoding: gzip
content-type: text/javascript;charset=UTF-8
cache-control: max-age=2592000
content-length: 2317
x-xss-protection: 1; mode=block

GET
H2 200 scripts.js Show response
identity.onceforall.com/auth/resources/itlyj/login/onceforall/scripts/ 782 B
933 B 60ms
59ms Script
text/javascript 52.16.54.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.onceforall.com/auth/resources/itlyj/login/onceforall/scripts/scripts.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.16.54.94 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-16-54-94.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7d501d8dba28eb1d89f582d3f8e94b9ee8ca316379984c9777dc7c243e302424

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 10:49:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer
x-content-type-options: nosniff
content-encoding: gzip
content-type: text/javascript;charset=UTF-8
cache-control: max-age=2592000
content-length: 370
x-xss-protection: 1; mode=block

GET
H2 200 connexion_img_v2.svg
identity.onceforall.com/auth/resources/itlyj/login/onceforall/img/ 21 KB
8 KB 30ms
29ms Image
image/svg+xml 52.16.54.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://identity.onceforall.com/auth/resources/itlyj/login/onceforall/img/connexion_img_v2.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.16.54.94 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-16-54-94.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7fe34655e126e0c38ef69a87500e6d3c2166cc357269e4351d0a0ab60ca14ab9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 10:49:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer
x-content-type-options: nosniff
content-encoding: gzip
content-type: image/svg+xml
cache-control: max-age=2592000
content-length: 7204
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 3 KB
703 B 36ms
35ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: identity.onceforall.com
URL: https://identity.onceforall.com/auth/resources/itlyj/login/onceforall/css/login.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8d683e97a1f23650a3e38cf3621b924ccf692f2a4204d193335ceddeb9b65353

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 14 Nov 2022 10:49:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 09:05:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Nov 2022 10:49:28 GMT

GET
H2 200 css
fonts.googleapis.com/ 1003 B
493 B 36ms
35ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins

Requested by

Host: identity.onceforall.com
URL: https://identity.onceforall.com/auth/resources/itlyj/login/onceforall/css/login.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f93eabed9db1894c7c76ceaaa899450f82a3f9e4a003b1753985ad35b2e86ce0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 14 Nov 2022 10:49:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 09:46:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Nov 2022 10:49:28 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
677 B 35ms
35ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:300,400,500,600

Requested by

Host: identity.onceforall.com
URL: https://identity.onceforall.com/auth/resources/itlyj/login/onceforall/lib/kit-ui/main-fo.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3b41f308090f8b07ca534a17c1ad880fad7ef5dd2af6c8c4778f458718aa935f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 14 Nov 2022 10:49:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 10:01:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Nov 2022 10:49:28 GMT

GET
H2 200 curb.svg
identity.onceforall.com/auth/resources/itlyj/login/onceforall/img/ 427 B
858 B 30ms
30ms Image
image/svg+xml 52.16.54.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://identity.onceforall.com/auth/resources/itlyj/login/onceforall/img/curb.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.16.54.94 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-16-54-94.eu-west-1.compute.amazonaws.com

Software

Resource Hash

a43b2914ab9eaf2c2ff1e61fa2000ae753b7b6163f8cfda558bab1109df25d6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://identity.onceforall.com/auth/realms/OnceForAll/protocol/openid-connect/auth?client_id=front-onceforall&redirect_uri=https%3A%2F%2Fplatform.onceforall.com%2F%3FforceOrganisationId%3D13386&state=88d518ad-dcda-4036-850f-8ada786ab0cd&response_mode=fragment&response_type=code&scope=openid&nonce=12843faa-0975-423d-b3c6-0267b47c7a2f&ui_locales=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 10:49:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer
x-content-type-options: nosniff
content-encoding: gzip
content-type: image/svg+xml
cache-control: max-age=2592000
content-length: 307
x-xss-protection: 1; mode=block

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
30 KB 79ms
26ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,500,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://identity.onceforall.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 01:41:22 GMT
x-content-type-options: nosniff
age: 292087
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Nov 2023 01:41:22 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sentry.io
URL: https://sentry.io/api/1387075/envelope/?sentry_key=d8e09cfa7be245e393cb2dd54046357e&sentry_version=7

Domain: rum-http-intake.logs.datadoghq.eu
URL: https://rum-http-intake.logs.datadoghq.eu/v1/input/pubb6a99307b63fc9c460a5f59bc281d6bc?ddsource=browser&ddtags=sdk_version%3A3.10.1%2Cenv%3Aproduction%2Cservice%3Aofa---front-office%2Cversion%3A2.47.4&batch_time=1668422968718

Domain: script.hotjar.com
URL: https://script.hotjar.com/modules.b738078c6419b4df4360.js

Domain: vars.hotjar.com
URL: https://vars.hotjar.com/box-c6ca1c87e308a39aabb76b56ba54398b.html

Domain: rum-http-intake.logs.datadoghq.eu
URL: https://rum-http-intake.logs.datadoghq.eu/v1/input/pubb6a99307b63fc9c460a5f59bc281d6bc?ddsource=browser&ddtags=sdk_version%3A3.10.1%2Cenv%3Aproduction%2Cservice%3Aofa---front-office%2Cversion%3A2.47.4&batch_time=1668422968856

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| _muiLoadedJS object| mui

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
identity.onceforall.com/auth/realms/OnceForAll/	1969-12-31 23:59:59	Name: AUTH_SESSION_ID Value: c6a79a24-68f0-4fe9-9ecd-14617d6f93bd.ip-10-0-52-245-20735
identity.onceforall.com/auth/realms/OnceForAll/	1969-12-31 23:59:59	Name: AUTH_SESSION_ID_LEGACY Value: c6a79a24-68f0-4fe9-9ecd-14617d6f93bd.ip-10-0-52-245-20735
identity.onceforall.com/auth/realms/OnceForAll/	1969-12-31 23:59:59	Name: KC_RESTART Value: eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJmZDhhYTcwOS1hMmI3LTQwNTAtYmE3NC1jYzdkYzQwNDUwYTcifQ.eyJjaWQiOiJmcm9udC1vbmNlZm9yYWxsIiwicHR5Ijoib3BlbmlkLWNvbm5lY3QiLCJydXJpIjoiaHR0cHM6Ly9wbGF0Zm9ybS5vbmNlZm9yYWxsLmNvbS8_Zm9yY2VPcmdhbmlzYXRpb25JZD0xMzM4NiIsImFjdCI6IkFVVEhFTlRJQ0FURSIsIm5vdGVzIjp7InNjb3BlIjoib3BlbmlkIiwiaXNzIjoiaHR0cHM6Ly9pZGVudGl0eS5vbmNlZm9yYWxsLmNvbS9hdXRoL3JlYWxtcy9PbmNlRm9yQWxsIiwicmVzcG9uc2VfdHlwZSI6ImNvZGUiLCJyZWRpcmVjdF91cmkiOiJodHRwczovL3BsYXRmb3JtLm9uY2Vmb3JhbGwuY29tLz9mb3JjZU9yZ2FuaXNhdGlvbklkPTEzMzg2Iiwic3RhdGUiOiI4OGQ1MThhZC1kY2RhLTQwMzYtODUwZi04YWRhNzg2YWIwY2QiLCJub25jZSI6IjEyODQzZmFhLTA5NzUtNDIzZC1iM2M2LTAyNjdiNDdjN2EyZiIsInJlc3BvbnNlX21vZGUiOiJmcmFnbWVudCJ9fQ.YUgorC0ps6DIg2cQ-Sste4U0HGkM1b-zB4xEx1E8QH0
platform.onceforall.com/	1970-01-20 07:27:03	Name: _dd_s Value: rum=1&id=a65045dd-424e-47b5-a5d9-e6ea3799c555&created=1668422968406&expire=1668423868406
identity.onceforall.com/	1970-01-20 07:37:07	Name: AWSALB Value: WUeA5J94jjd8v/Ac/WL0Ee4o1SuxApEdTtt6GXqBP6ZPEQSlAyw34EzUjZz51tZLsn4IHcnh1mXBkvkk24+slEXsEj/6YLNlaexou0VCLUqJn5c+3F4H52cepzj6
identity.onceforall.com/	1970-01-20 07:37:07	Name: AWSALBCORS Value: WUeA5J94jjd8v/Ac/WL0Ee4o1SuxApEdTtt6GXqBP6ZPEQSlAyw34EzUjZz51tZLsn4IHcnh1mXBkvkk24+slEXsEj/6YLNlaexou0VCLUqJn5c+3F4H52cepzj6

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
fonts.googleapis.com
fonts.gstatic.com
identity.onceforall.com
platform.onceforall.com
r31j.mjt.lu
rum-http-intake.logs.datadoghq.eu
script.hotjar.com
sentry.io
static.hotjar.com
vars.hotjar.com
www.googletagmanager.com
rum-http-intake.logs.datadoghq.eu
script.hotjar.com
sentry.io
vars.hotjar.com
108.156.60.80
13.32.27.15
2606:4700::6810:5714
2a00:1450:4001:811::2003
2a00:1450:4001:813::2008
2a00:1450:4001:829::200a
35.241.186.140
52.16.54.94
0f1a780e95cc038527ae6a38b360699c520386e2e19eab87638149b5df46f527
1be5ea9bb591a419d35215e734bc9aa5ca1b0fe447009a221c9f960ed28332a6
311c9dc7674d1fa3bedc12798df297d18037cd2bae878350f412e1d68a276c2d
3b41f308090f8b07ca534a17c1ad880fad7ef5dd2af6c8c4778f458718aa935f
54152b0683d74d1cd180754a45c09e12301679846bc48fe377bbe2bced1f46e9
5eec11d77bd27cabf6a7f11894f7dc1e2a7802e7cfbdc5cc271cc31ec837db5f
7d501d8dba28eb1d89f582d3f8e94b9ee8ca316379984c9777dc7c243e302424
7fe34655e126e0c38ef69a87500e6d3c2166cc357269e4351d0a0ab60ca14ab9
8d683e97a1f23650a3e38cf3621b924ccf692f2a4204d193335ceddeb9b65353
8dbca6d18fee51397d4d8e096995fe66057fd1f0df9667931b5c03445275cd6b
95a5ea67208cde216eeea72a8ac405edbc90af5f32a8e58037c12a63c5cf0a49
a0cd0a41e5a9663500e7d799679ae8756ae3057b43008a2756f46052a389e907
a43b2914ab9eaf2c2ff1e61fa2000ae753b7b6163f8cfda558bab1109df25d6a
a509f2f7dd3bd5d9489d3a70fdda925ebeba394296cccfc299516b18e2cd5617
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b4a256aa20a3366e6cf1c809111ac5b55fc2a52e35250b6e0fd117cbd12dd0c4
b6bec5a8563bccb7f3eeb661dfaccbca4519463a5c50f501645a06cd6ca832df
f93eabed9db1894c7c76ceaaa899450f82a3f9e4a003b1753985ad35b2e86ce0

identity.onceforall.com Open in urlscan Pro 52.16.54.94 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

28 Requests

82 %HTTPS

50 %IPv6

9 Domains

12 Subdomains

8 IPs

4 Countries

1222 kBTransfer

4812 kBSize

6 Cookies

1 Outgoing links

Page URL History

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

6 Cookies

Indicators

identity.onceforall.com Open in urlscan Pro
52.16.54.94 Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

82 %
HTTPS

50 %
IPv6

9
Domains

12
Subdomains

8
IPs

4
Countries

1222 kB
Transfer

4812 kB
Size

6
Cookies

28 HTTP transactions
0 data transactions