login.microsoftonline.com Open in urlscan Pro
20.190.159.75 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://protect-eu.mimecast.com/s/CqsMCDqQQu5Dkp1ycW5dfg?domain=tmf-group.allaccesspass.com
Effective URL:
https://login.microsoftonline.com/733f029c-6cfd-403c-9a41-6c3063491098/saml2?SAMLRequest=tZJfb9owFMW%2FSuT3%2FHEcArEACYGKMkGLoLCtL...
Submission: On November 16 via manual (November 16th 2022, 12:36:40 pm UTC) from IN — Scanned from GB

Summary HTTP 39 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 9 IPs in 4 countries across 9 domains to perform 39 HTTP transactions. The main IP is 20.190.159.75, located in Dublin, Ireland and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.microsoftonline.com. The Cisco Umbrella rank of the primary domain is 31.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on September 1st 2022. Valid for: a year.

This is the only time login.microsoftonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	195.130.217.73 195.130.217.73	42427 (MIMECAST-UK) (MIMECAST-UK)
1 22	2606:4700::68... 2606:4700::6811:9e2f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.218.246.3 52.218.246.3	16509 (AMAZON-02) (AMAZON-02)
4	88.221.169.5 88.221.169.5	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2606:4700::68... 2606:4700::6811:7b6b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	52.30.9.119 52.30.9.119	16509 (AMAZON-02) (AMAZON-02)
2	20.190.159.75 20.190.159.75	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	2620:1ec:40::45 2620:1ec:40::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	20.190.159.64 20.190.159.64	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	152.199.23.72 152.199.23.72	15133 (EDGECAST) (EDGECAST)
39	9

2 195.130.217.73 (United Kingdom) 2 redirects

ASN42427 (MIMECAST-UK, GB)
PTR: eu-api.mimecast.com

protect-eu.mimecast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2606:4700::6811:9e2f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

tmf-group.allaccesspass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.246.3 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-w.amazonaws.com

aap-prod.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 88.221.169.5 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-169-5.deploy.static.akamaitechnologies.com

cdns.gigya.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdns.eu1.gigya.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:7b6b (United States)

ASN13335 (CLOUDFLARENET, US)

analytics.franklincovey.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.30.9.119 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-9-119.eu-west-1.compute.amazonaws.com

accounts.eu1.gigya.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
socialize.eu1.gigya.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.190.159.75 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.microsoftonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:40::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

aadcdn.msauth.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.190.159.64 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.23.72 (United States)

ASN15133 (EDGECAST, US)

aadcdn.msauthimages.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	allaccesspass.com 1 redirects tmf-group.allaccesspass.com	1 MB
6	msauth.net aadcdn.msauth.net — Cisco Umbrella Rank: 1044	178 KB
6	gigya.com 1 redirects cdns.gigya.com — Cisco Umbrella Rank: 8096 cdns.eu1.gigya.com — Cisco Umbrella Rank: 16955 accounts.eu1.gigya.com — Cisco Umbrella Rank: 32344 socialize.eu1.gigya.com — Cisco Umbrella Rank: 43067	192 KB
2	microsoftonline.com login.microsoftonline.com — Cisco Umbrella Rank: 31	106 KB
2	franklincovey.com analytics.franklincovey.com — Cisco Umbrella Rank: 468889	21 KB
2	mimecast.com 2 redirects protect-eu.mimecast.com — Cisco Umbrella Rank: 29327	2 KB
1	msauthimages.net aadcdn.msauthimages.net — Cisco Umbrella Rank: 3604	4 KB
1	live.com login.live.com — Cisco Umbrella Rank: 86
1	amazonaws.com aap-prod.s3.amazonaws.com	9 KB
39	9

	Domain	Requested by
22	tmf-group.allaccesspass.com	1 redirects tmf-group.allaccesspass.com
6	aadcdn.msauth.net	login.microsoftonline.com aadcdn.msauth.net
3	cdns.eu1.gigya.com	cdns.gigya.com cdns.eu1.gigya.com
2	login.microsoftonline.com	cdns.gigya.com login.microsoftonline.com
2	analytics.franklincovey.com	tmf-group.allaccesspass.com analytics.franklincovey.com
2	protect-eu.mimecast.com	2 redirects
1	aadcdn.msauthimages.net
1	login.live.com	login.microsoftonline.com
1	socialize.eu1.gigya.com	1 redirects
1	accounts.eu1.gigya.com	cdns.eu1.gigya.com
1	cdns.gigya.com	tmf-group.allaccesspass.com
1	aap-prod.s3.amazonaws.com	tmf-group.allaccesspass.com
39	12

This site contains links to these domains. Also see Links.

Domain
www.microsoft.com
privacy.microsoft.com

Subject Issuer	Validity	Valid
*.allaccesspass.com Go Daddy Secure Certificate Authority - G2	`2021-12-11` - `2023-01-12`	a year	crt.sh
*.s3.amazonaws.com Amazon	`2022-09-21` - `2023-08-26`	a year	crt.sh
cdns.gigya.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-04`	a year	crt.sh
*.franklincovey.com Go Daddy Secure Certificate Authority - G2	`2022-02-13` - `2023-03-17`	a year	crt.sh
*.eu1.gigya.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-02` - `2023-03-05`	a year	crt.sh
stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA	`2022-09-01` - `2023-09-01`	a year	crt.sh
aadcdn.msauth.net DigiCert SHA2 Secure Server CA	`2022-08-23` - `2023-08-23`	a year	crt.sh
login.live.com DigiCert SHA2 Secure Server CA	`2022-09-30` - `2023-09-30`	a year	crt.sh
aadcdn.msauthimages.net Microsoft Azure TLS Issuing CA 02	`2022-05-11` - `2023-05-06`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://login.microsoftonline.com/733f029c-6cfd-403c-9a41-6c3063491098/saml2?SAMLRequest=tZJfb9owFMW%2FSuT3%2FHEcArEACYGKMkGLoLCtL5XnOKmnxA6%2BDiv99HPStVsftre92Vf3%2BvzOPZ4Ca%2BqWLjr7pPbi3AmwXr6aoUpWV4bTqJyQ0cgdJpglWZKxb1lRMBaneMzSIp7wEfJOwoDUaobiIEJeDtCJXIFlyrpSFMc%2Bxj5O73FMSUrJ%2BAF5K6ciFbPD1JO1LdAwrHUlVdBIbjTo0mpVSyUCrptwTEgZxRn3U14WfhIR7mcswe5KopQkGY6ySdj7iJF3ow0Xg5sZKlkNoifaMQB5Ee%2BVBYAwvfpSK%2BgaYQ7CXCQXx%2F3mN08piyYQHQ6GVQwgvUZ4cTZD8ni%2B%2B3q8Le66YrHekHUCD%2FfHbSuW61O12xJ7WH3Pq%2FbTfqTWp12%2Bv5rnw%2BVL%2FPK5SB6XwMTNGYfQhowD8p6bWgEdYpihziiqGUigijUCqOX0sNhuqNOkrdFWc12j%2BbTvpsOmzR%2Fz%2Fx5nb6bR%2FIPF%2F2NvOrz2i%2FEVuKW3Dipf7XQt%2BbVPqmHui%2FyNGQd4qMjCL4dW2iloBZelFIXLsK71j6URzLpcrelcrOH8VfXjd57%2FBA%3D%3D&RelayState=tk1.N-17c_X_XIs-LO_-41xEVF03UhJDaPyItcm9GrtRzKg&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=L8XWkJvO2%2FyD82AE6jS9sJw%2B6aS%2Fd%2FWsfTNE65Be1W7d09n1wclGmR8Jey9PxSX5n7QGk7GtLfj9ENv%2BBpH6BxzgMYcXgD2hl48aXXnZotSIWmg1zuZN3yZst7CTN8YAg8w0v2QtG5Xidca%2FGy3UndFABPdBY5a5YFvSvKGMz1eDO%2FXhBcVNx79MW9e2VxsxWhCVaQb%2BG0mCjhnl9lSyo79QyuK%2F6yfYvciF5ZtsF%2FZIbDfEUZea4sMe%2FRq5VC5RwmJIzjm3InPLcCQer5FD14d%2BuFNky3wJtUdFP66cscfGwYD0G%2B8e81VL7yD1rPzfuzg2yMMKyBmj3xdvalaHKA%3D%3D&sso_reload=true
Frame ID: DB55F93F634ABDADC6B4E41DFB586E72
Requests: 36 HTTP requests in this frame

Frame: https://cdns.eu1.gigya.com/gs/webSdk/Api.aspx?apiKey=3_qOYUNdOudAGL3G4sZTUMpeCGVgPM3tSDjIgpJR5nGVPIRyrxSvX2zWd4_CsaeFq1&version=latest&build=13455
Frame ID: F381E60D46713B51809B2824957EA013
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign in to your account

Page URL History Show full URLs

https://protect-eu.mimecast.com/s/CqsMCDqQQu5Dkp1ycW5dfg?domain=tmf-group.allaccesspass.com HTTP 307
https://protect-eu.mimecast.com/r/xiX_MzaCJ4yQHAafjdsYZE8t6hvM7zrDlY3vKNeoq0g5zx6BXyYPFaeR2AH0eDnPZxC9Vhp3mS... HTTP 307
https://tmf-group.allaccesspass.com/mod/scorm/view.php?id=14250&directlaunch=1&display=popup HTTP 303
https://tmf-group.allaccesspass.com/auth/gigya/redirect.php Page URL
https://socialize.eu1.gigya.com/accounts.socialLogin?x_authFlow=redirect&x_provider=saml-tmf-group.allaccess... HTTP 302
https://login.microsoftonline.com/733f029c-6cfd-403c-9a41-6c3063491098/saml2?SAMLRequest=tZJfb9owFMW%2FSuT3%2F... Page URL
https://login.microsoftonline.com/733f029c-6cfd-403c-9a41-6c3063491098/saml2?SAMLRequest=tZJfb9owFMW%2FSuT3%2F... Page URL

Detected technologies

SAP Customer Data Cloud Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

\.gigya\.com/JS/gigya\.js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Matomo Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

piwik\.js|piwik\.php

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

39
Requests

100 %
HTTPS

30 %
IPv6

9
Domains

12
Subdomains

9
IPs

4
Countries

1583 kB
Transfer

6145 kB
Size

19
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.microsoft.com/en-GB/servicesagreement/
Title: Terms of use

Search URL Search Domain Scan URL

URL: https://privacy.microsoft.com/en-GB/privacystatement
Title: Privacy & cookies

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://protect-eu.mimecast.com/s/CqsMCDqQQu5Dkp1ycW5dfg?domain=tmf-group.allaccesspass.com HTTP 307
https://protect-eu.mimecast.com/r/xiX_MzaCJ4yQHAafjdsYZE8t6hvM7zrDlY3vKNeoq0g5zx6BXyYPFaeR2AH0eDnPZxC9Vhp3mS-CA80NF1a0WaAZoFrqvOe0R_gZPb8j8D9jPQfhXYy8TCM9TjXz31EtBSN5tSl2rPOi1oMYq82OWVqPFAkj7rjmwIn1jhiRDy8uOjY2MU4UsnfQDpYdQ2sv1ktOEB0lvq28hwfqpAnP6jYXiZg8YzjwBdD56BJn_U9xJgS8awDfnvHriRCl0hzbML4zrlhg7j55hAJDYzYCt8KMz6yuIqm8P1h5mozWpk8rLlqHV-EnfCFIRmCtgTjDulhcylrfIJrXE0CrnOiKK0r-ezjPpx1lCVkps0-bz2xt_EcbCbUJSWAwuW711JOis9jiCEdQ7nDI1JZ7RTap1asLgoxpx0uDHUucnI_83NQQhQKxG8-FUPuFEuprhvuI9-svo4iEJ2CaJDx7zun-NZ1KTLHIH63bH65jEGqqMyLFU9t6uI2Fbv_Sj_GGNh07Wp4bL-BM6uoCIDC_CK5vo1phz2Qza9v8ZvDFj6DLCzPOjo3taMgd8HhZ7GxYRrvsvTwO7VPNc3TZlNAK2tDLiHRbyknPHkodSJq82NhmqV6Tjxi12W4Z-SxJ-tdgS2VJshz4dMIwdj889AX0N-VylomPrMmYQu4NlXodEK1QHg-AZg9R664AcUYt_blYekbtgRBX_c5cmOHtxLOTGRzl5kD3JkAw1lrfoZNnD9mTZ1NnB24DvO1lD_Pw8K-arGtZrDFriTmhkUPrcH9qoxZXobd4IEHjV8jLoK_Hjtc6r1qRh4VOO5jPF-0iaF1U3gXT6BfF8fHFxrPISYuztP91qDTKzWP9VPJc6t1l_BXS9Kv64tHrUmq22pjvsKJ4ovGrumu3BOiLgRPJBhfkDaQ1PTAHwWd3geJztPsDtwX35glCnGvdRnwaszKJarWgzJ0G47qFUk0mdQu_FbydVdg4bR_Um0OMeSXYQpvuPqtObqwV_4Ds7FmdFABYlR84gkomC1mcL2Bazt_WvxLuxUcOiA3q659pgSu1qeImKnrzcEHHlpiCyoUuauiUIiHe704CXusv052jyC0g9Ksj9j7Suvf13X3MsydZQXgwVWRPaqZ864rPuE5pNm-mbW-ol4675YAQFFefCm6sUOLeKdkbSylPO8OES1vH96FTFPnLrDtsL9k69fR110KYCrmztl7p_JceK55Fmp8utiDq5Z-hwP7esLC55TxcgkjpD9Jp_52ac8hInkcjiNQtqSz1VLY-iUfLv-MdV4mSlLF4epml1vNfjJ6nqJew6szcJYaB6DHfQ1XXNKuRnfCM0L1XcKsKoZOO4i_3h6SyS-Us6kbM6A_gtB4DjNtRtq97bPUhqHLiDRjNAPmU710zJMWNkvc83WvosMRt9H5VRAwLuZJlWNkTa1WF0cdmLHrLRikIaV8NGAp0bNzEaqogbAjKfiaQtLncm5-XGG4PtuUw4uqgyBJ6Kwjyg0VyFGxvSUHJiPdZznJJdn1-5OUMVRmy4qpWOk-FdYYa6nHU_mk76MG-M21oviKRhT8VJgjPhCpEFPBu46vTajq-_TWwAJcPqPDJgwqIeQEBFlbee4XqHmJMM0E221AzvtqTB1x5IVKUs4cHaM7QU0usJnK1kDMxVJaP5aBUsWSnxWJjHxrHMjUKERdyZVl8Rctrrt6zInknAbsbe7G1DN-dB6ueuk9HaWx0cbe9QijPJ0sJDYoHr3IEg1d_PVhY0sFhVVaDXeewg9Sioap5FDZ7J7GJMfv-iVtHAYlQJuagugQvH4uupNYBlnZ6ipDIJ6AtGzWNi7wGUEJ63VErkAx9oS_05RN2vEfGkKR6bQYwZfo9DEKMDeiCZqcBFrGOfBFynqDmYltgotTRxI1gVgB0m8DOsuPUMesC HTTP 307
https://tmf-group.allaccesspass.com/mod/scorm/view.php?id=14250&directlaunch=1&display=popup HTTP 303
https://tmf-group.allaccesspass.com/auth/gigya/redirect.php Page URL
https://socialize.eu1.gigya.com/accounts.socialLogin?x_authFlow=redirect&x_provider=saml-tmf-group.allaccesspass.com&x_redirectMethod=post&x_lang=en&x_sessionExpiration=0&x_include=profile%2Cdata&x_includeUserInfo=true&x_redirectURL=https%3A%2F%2Ftmf-group.allaccesspass.com%2Fmod%2Fscorm%2Fview.php%3Fid%3D14250%26directlaunch%3D1%26display%3Dpopup&x_apiDomain=eu1.gigya.com&x_sdk=js_latest&client_id=3_qOYUNdOudAGL3G4sZTUMpeCGVgPM3tSDjIgpJR5nGVPIRyrxSvX2zWd4_CsaeFq1&redirect_uri=%2FGS%2FAfterLogin.aspx&response_type=server_token&state=domain%3Dhttps%253A%252F%252Ftmf-group.allaccesspass.com%252Fauth%252Fgigya%252Fredirect.php%26lid%3Dflid1668602196700%26messaging%3D1%26id%3Daccounts_socialLogin_16686021974161668602197416%26sourceURL%3Dhttps%253A%252F%252Ftmf-group.allaccesspass.com%252Fauth%252Fgigya%252Fredirect.php%26redirectURL%3Dhttps%253A%252F%252Ftmf-group.allaccesspass.com%252Fmod%252Fscorm%252Fview.php%253Fid%253D14250%2526directlaunch%253D1%2526display%253Dpopup%2526gig_events%253Dsocialize.login%26redirectMethod%3Dpost%26addUserInfo%3Dtrue&authMode=cookie HTTP 302
https://login.microsoftonline.com/733f029c-6cfd-403c-9a41-6c3063491098/saml2?SAMLRequest=tZJfb9owFMW%2FSuT3%2FHEcArEACYGKMkGLoLCtL5XnOKmnxA6%2BDiv99HPStVsftre92Vf3%2BvzOPZ4Ca%2BqWLjr7pPbi3AmwXr6aoUpWV4bTqJyQ0cgdJpglWZKxb1lRMBaneMzSIp7wEfJOwoDUaobiIEJeDtCJXIFlyrpSFMc%2Bxj5O73FMSUrJ%2BAF5K6ciFbPD1JO1LdAwrHUlVdBIbjTo0mpVSyUCrptwTEgZxRn3U14WfhIR7mcswe5KopQkGY6ySdj7iJF3ow0Xg5sZKlkNoifaMQB5Ee%2BVBYAwvfpSK%2BgaYQ7CXCQXx%2F3mN08piyYQHQ6GVQwgvUZ4cTZD8ni%2B%2B3q8Le66YrHekHUCD%2FfHbSuW61O12xJ7WH3Pq%2FbTfqTWp12%2Bv5rnw%2BVL%2FPK5SB6XwMTNGYfQhowD8p6bWgEdYpihziiqGUigijUCqOX0sNhuqNOkrdFWc12j%2BbTvpsOmzR%2Fz%2Fx5nb6bR%2FIPF%2F2NvOrz2i%2FEVuKW3Dipf7XQt%2BbVPqmHui%2FyNGQd4qMjCL4dW2iloBZelFIXLsK71j6URzLpcrelcrOH8VfXjd57%2FBA%3D%3D&RelayState=tk1.N-17c_X_XIs-LO_-41xEVF03UhJDaPyItcm9GrtRzKg&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=L8XWkJvO2%2FyD82AE6jS9sJw%2B6aS%2Fd%2FWsfTNE65Be1W7d09n1wclGmR8Jey9PxSX5n7QGk7GtLfj9ENv%2BBpH6BxzgMYcXgD2hl48aXXnZotSIWmg1zuZN3yZst7CTN8YAg8w0v2QtG5Xidca%2FGy3UndFABPdBY5a5YFvSvKGMz1eDO%2FXhBcVNx79MW9e2VxsxWhCVaQb%2BG0mCjhnl9lSyo79QyuK%2F6yfYvciF5ZtsF%2FZIbDfEUZea4sMe%2FRq5VC5RwmJIzjm3InPLcCQer5FD14d%2BuFNky3wJtUdFP66cscfGwYD0G%2B8e81VL7yD1rPzfuzg2yMMKyBmj3xdvalaHKA%3D%3D Page URL
https://login.microsoftonline.com/733f029c-6cfd-403c-9a41-6c3063491098/saml2?SAMLRequest=tZJfb9owFMW%2FSuT3%2FHEcArEACYGKMkGLoLCtL5XnOKmnxA6%2BDiv99HPStVsftre92Vf3%2BvzOPZ4Ca%2BqWLjr7pPbi3AmwXr6aoUpWV4bTqJyQ0cgdJpglWZKxb1lRMBaneMzSIp7wEfJOwoDUaobiIEJeDtCJXIFlyrpSFMc%2Bxj5O73FMSUrJ%2BAF5K6ciFbPD1JO1LdAwrHUlVdBIbjTo0mpVSyUCrptwTEgZxRn3U14WfhIR7mcswe5KopQkGY6ySdj7iJF3ow0Xg5sZKlkNoifaMQB5Ee%2BVBYAwvfpSK%2BgaYQ7CXCQXx%2F3mN08piyYQHQ6GVQwgvUZ4cTZD8ni%2B%2B3q8Le66YrHekHUCD%2FfHbSuW61O12xJ7WH3Pq%2FbTfqTWp12%2Bv5rnw%2BVL%2FPK5SB6XwMTNGYfQhowD8p6bWgEdYpihziiqGUigijUCqOX0sNhuqNOkrdFWc12j%2BbTvpsOmzR%2Fz%2Fx5nb6bR%2FIPF%2F2NvOrz2i%2FEVuKW3Dipf7XQt%2BbVPqmHui%2FyNGQd4qMjCL4dW2iloBZelFIXLsK71j6URzLpcrelcrOH8VfXjd57%2FBA%3D%3D&RelayState=tk1.N-17c_X_XIs-LO_-41xEVF03UhJDaPyItcm9GrtRzKg&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=L8XWkJvO2%2FyD82AE6jS9sJw%2B6aS%2Fd%2FWsfTNE65Be1W7d09n1wclGmR8Jey9PxSX5n7QGk7GtLfj9ENv%2BBpH6BxzgMYcXgD2hl48aXXnZotSIWmg1zuZN3yZst7CTN8YAg8w0v2QtG5Xidca%2FGy3UndFABPdBY5a5YFvSvKGMz1eDO%2FXhBcVNx79MW9e2VxsxWhCVaQb%2BG0mCjhnl9lSyo79QyuK%2F6yfYvciF5ZtsF%2FZIbDfEUZea4sMe%2FRq5VC5RwmJIzjm3InPLcCQer5FD14d%2BuFNky3wJtUdFP66cscfGwYD0G%2B8e81VL7yD1rPzfuzg2yMMKyBmj3xdvalaHKA%3D%3D&sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://protect-eu.mimecast.com/s/CqsMCDqQQu5Dkp1ycW5dfg?domain=tmf-group.allaccesspass.com HTTP 307
https://protect-eu.mimecast.com/r/xiX_MzaCJ4yQHAafjdsYZE8t6hvM7zrDlY3vKNeoq0g5zx6BXyYPFaeR2AH0eDnPZxC9Vhp3mS-CA80NF1a0WaAZoFrqvOe0R_gZPb8j8D9jPQfhXYy8TCM9TjXz31EtBSN5tSl2rPOi1oMYq82OWVqPFAkj7rjmwIn1jhiRDy8uOjY2MU4UsnfQDpYdQ2sv1ktOEB0lvq28hwfqpAnP6jYXiZg8YzjwBdD56BJn_U9xJgS8awDfnvHriRCl0hzbML4zrlhg7j55hAJDYzYCt8KMz6yuIqm8P1h5mozWpk8rLlqHV-EnfCFIRmCtgTjDulhcylrfIJrXE0CrnOiKK0r-ezjPpx1lCVkps0-bz2xt_EcbCbUJSWAwuW711JOis9jiCEdQ7nDI1JZ7RTap1asLgoxpx0uDHUucnI_83NQQhQKxG8-FUPuFEuprhvuI9-svo4iEJ2CaJDx7zun-NZ1KTLHIH63bH65jEGqqMyLFU9t6uI2Fbv_Sj_GGNh07Wp4bL-BM6uoCIDC_CK5vo1phz2Qza9v8ZvDFj6DLCzPOjo3taMgd8HhZ7GxYRrvsvTwO7VPNc3TZlNAK2tDLiHRbyknPHkodSJq82NhmqV6Tjxi12W4Z-SxJ-tdgS2VJshz4dMIwdj889AX0N-VylomPrMmYQu4NlXodEK1QHg-AZg9R664AcUYt_blYekbtgRBX_c5cmOHtxLOTGRzl5kD3JkAw1lrfoZNnD9mTZ1NnB24DvO1lD_Pw8K-arGtZrDFriTmhkUPrcH9qoxZXobd4IEHjV8jLoK_Hjtc6r1qRh4VOO5jPF-0iaF1U3gXT6BfF8fHFxrPISYuztP91qDTKzWP9VPJc6t1l_BXS9Kv64tHrUmq22pjvsKJ4ovGrumu3BOiLgRPJBhfkDaQ1PTAHwWd3geJztPsDtwX35glCnGvdRnwaszKJarWgzJ0G47qFUk0mdQu_FbydVdg4bR_Um0OMeSXYQpvuPqtObqwV_4Ds7FmdFABYlR84gkomC1mcL2Bazt_WvxLuxUcOiA3q659pgSu1qeImKnrzcEHHlpiCyoUuauiUIiHe704CXusv052jyC0g9Ksj9j7Suvf13X3MsydZQXgwVWRPaqZ864rPuE5pNm-mbW-ol4675YAQFFefCm6sUOLeKdkbSylPO8OES1vH96FTFPnLrDtsL9k69fR110KYCrmztl7p_JceK55Fmp8utiDq5Z-hwP7esLC55TxcgkjpD9Jp_52ac8hInkcjiNQtqSz1VLY-iUfLv-MdV4mSlLF4epml1vNfjJ6nqJew6szcJYaB6DHfQ1XXNKuRnfCM0L1XcKsKoZOO4i_3h6SyS-Us6kbM6A_gtB4DjNtRtq97bPUhqHLiDRjNAPmU710zJMWNkvc83WvosMRt9H5VRAwLuZJlWNkTa1WF0cdmLHrLRikIaV8NGAp0bNzEaqogbAjKfiaQtLncm5-XGG4PtuUw4uqgyBJ6Kwjyg0VyFGxvSUHJiPdZznJJdn1-5OUMVRmy4qpWOk-FdYYa6nHU_mk76MG-M21oviKRhT8VJgjPhCpEFPBu46vTajq-_TWwAJcPqPDJgwqIeQEBFlbee4XqHmJMM0E221AzvtqTB1x5IVKUs4cHaM7QU0usJnK1kDMxVJaP5aBUsWSnxWJjHxrHMjUKERdyZVl8Rctrrt6zInknAbsbe7G1DN-dB6ueuk9HaWx0cbe9QijPJ0sJDYoHr3IEg1d_PVhY0sFhVVaDXeewg9Sioap5FDZ7J7GJMfv-iVtHAYlQJuagugQvH4uupNYBlnZ6ipDIJ6AtGzWNi7wGUEJ63VErkAx9oS_05RN2vEfGkKR6bQYwZfo9DEKMDeiCZqcBFrGOfBFynqDmYltgotTRxI1gVgB0m8DOsuPUMesC HTTP 307
https://tmf-group.allaccesspass.com/mod/scorm/view.php?id=14250&directlaunch=1&display=popup HTTP 303
https://tmf-group.allaccesspass.com/auth/gigya/redirect.php

Request Chain 29

https://socialize.eu1.gigya.com/accounts.socialLogin?x_authFlow=redirect&x_provider=saml-tmf-group.allaccesspass.com&x_redirectMethod=post&x_lang=en&x_sessionExpiration=0&x_include=profile%2Cdata&x_includeUserInfo=true&x_redirectURL=https%3A%2F%2Ftmf-group.allaccesspass.com%2Fmod%2Fscorm%2Fview.php%3Fid%3D14250%26directlaunch%3D1%26display%3Dpopup&x_apiDomain=eu1.gigya.com&x_sdk=js_latest&client_id=3_qOYUNdOudAGL3G4sZTUMpeCGVgPM3tSDjIgpJR5nGVPIRyrxSvX2zWd4_CsaeFq1&redirect_uri=%2FGS%2FAfterLogin.aspx&response_type=server_token&state=domain%3Dhttps%253A%252F%252Ftmf-group.allaccesspass.com%252Fauth%252Fgigya%252Fredirect.php%26lid%3Dflid1668602196700%26messaging%3D1%26id%3Daccounts_socialLogin_16686021974161668602197416%26sourceURL%3Dhttps%253A%252F%252Ftmf-group.allaccesspass.com%252Fauth%252Fgigya%252Fredirect.php%26redirectURL%3Dhttps%253A%252F%252Ftmf-group.allaccesspass.com%252Fmod%252Fscorm%252Fview.php%253Fid%253D14250%2526directlaunch%253D1%2526display%253Dpopup%2526gig_events%253Dsocialize.login%26redirectMethod%3Dpost%26addUserInfo%3Dtrue&authMode=cookie HTTP 302
https://login.microsoftonline.com/733f029c-6cfd-403c-9a41-6c3063491098/saml2?SAMLRequest=tZJfb9owFMW%2FSuT3%2FHEcArEACYGKMkGLoLCtL5XnOKmnxA6%2BDiv99HPStVsftre92Vf3%2BvzOPZ4Ca%2BqWLjr7pPbi3AmwXr6aoUpWV4bTqJyQ0cgdJpglWZKxb1lRMBaneMzSIp7wEfJOwoDUaobiIEJeDtCJXIFlyrpSFMc%2Bxj5O73FMSUrJ%2BAF5K6ciFbPD1JO1LdAwrHUlVdBIbjTo0mpVSyUCrptwTEgZxRn3U14WfhIR7mcswe5KopQkGY6ySdj7iJF3ow0Xg5sZKlkNoifaMQB5Ee%2BVBYAwvfpSK%2BgaYQ7CXCQXx%2F3mN08piyYQHQ6GVQwgvUZ4cTZD8ni%2B%2B3q8Le66YrHekHUCD%2FfHbSuW61O12xJ7WH3Pq%2FbTfqTWp12%2Bv5rnw%2BVL%2FPK5SB6XwMTNGYfQhowD8p6bWgEdYpihziiqGUigijUCqOX0sNhuqNOkrdFWc12j%2BbTvpsOmzR%2Fz%2Fx5nb6bR%2FIPF%2F2NvOrz2i%2FEVuKW3Dipf7XQt%2BbVPqmHui%2FyNGQd4qMjCL4dW2iloBZelFIXLsK71j6URzLpcrelcrOH8VfXjd57%2FBA%3D%3D&RelayState=tk1.N-17c_X_XIs-LO_-41xEVF03UhJDaPyItcm9GrtRzKg&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=L8XWkJvO2%2FyD82AE6jS9sJw%2B6aS%2Fd%2FWsfTNE65Be1W7d09n1wclGmR8Jey9PxSX5n7QGk7GtLfj9ENv%2BBpH6BxzgMYcXgD2hl48aXXnZotSIWmg1zuZN3yZst7CTN8YAg8w0v2QtG5Xidca%2FGy3UndFABPdBY5a5YFvSvKGMz1eDO%2FXhBcVNx79MW9e2VxsxWhCVaQb%2BG0mCjhnl9lSyo79QyuK%2F6yfYvciF5ZtsF%2FZIbDfEUZea4sMe%2FRq5VC5RwmJIzjm3InPLcCQer5FD14d%2BuFNky3wJtUdFP66cscfGwYD0G%2B8e81VL7yD1rPzfuzg2yMMKyBmj3xdvalaHKA%3D%3D

39 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

redirect.php Show response
tmf-group.allaccesspass.com/auth/gigya/
Redirect Chain

https://protect-eu.mimecast.com/s/CqsMCDqQQu5Dkp1ycW5dfg?domain=tmf-group.allaccesspass.com
https://protect-eu.mimecast.com/r/xiX_MzaCJ4yQHAafjdsYZE8t6hvM7zrDlY3vKNeoq0g5zx6BXyYPFaeR2AH0eDnPZxC9Vhp3mS-CA80NF1a0WaAZoFrqvOe0R_gZPb8j8D9jPQfhXYy8TCM9TjXz31EtBSN5tSl2rPOi1oMYq82OWVqPFAkj7rjmwIn...
https://tmf-group.allaccesspass.com/mod/scorm/view.php?id=14250&directlaunch=1&display=popup
https://tmf-group.allaccesspass.com/auth/gigya/redirect.php

24 KB
25 KB

317ms
317ms

Document
text/html

2606:4700::6811:9e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tmf-group.allaccesspass.com/auth/gigya/redirect.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4de3256f3f5bde903f5aca88a6f918aea90df2542ad0ceb765ce869f59e3f786

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: none
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
access-control-allow-methods: GET, OPTIONS
cache-control: private, pre-check=0, post-check=0, max-age=0, no-transform
cf-cache-status: DYNAMIC
cf-ray: 76b045e0d9c5dd4c-LHR
content-language: en
content-script-type: text/javascript
content-style-type: text/css
content-type: text/html; charset=utf-8
date: Wed, 16 Nov 2022 12:36:34 GMT
expires
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-frame-options: sameorigin
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
access-control-allow-methods: GET, OPTIONS
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 76b045defec0dd4c-LHR
content-language: en
content-type: text/html; charset=utf-8
date: Wed, 16 Nov 2022 12:36:34 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://tmf-group.allaccesspass.com/auth/gigya/redirect.php
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-redirect-by: Moodle
x-xss-protection: 1; mode=block

GET
H2 200 yui_combo.php
tmf-group.allaccesspass.com/theme/ 5 KB
2 KB 238ms
236ms Stylesheet
text/css 2606:4700::6811:9e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tmf-group.allaccesspass.com/theme/yui_combo.php?3.17.2/cssreset/cssreset-min.css&3.17.2/cssfonts/cssfonts-min.css&3.17.2/cssgrids/cssgrids-min.css&3.17.2/cssbase/cssbase-min.css

Requested by

Host: tmf-group.allaccesspass.com
URL: https://tmf-group.allaccesspass.com/auth/gigya/redirect.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3195ad9f8f03f61bbc60571b47b67ba7e41b0cf29e881ab188ff2dadf766e073

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tmf-group.allaccesspass.com/auth/gigya/redirect.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 12:36:34 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
content-disposition: inline; filename="combo"
x-xss-protection: 1; mode=block
pragma
last-modified: Fri, 21 Oct 2022 14:45:00 GMT
server: cloudflare
etag: W/"27dd1ce6eca23b53d4028dba08a0b3030dbedf0f"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css;charset=UTF-8
cache-control: public, max-age=31104000, immutable
access-control-allow-credentials: true
cf-ray: 76b045e2ed8ddd4c-LHR
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Sat, 11 Nov 2023 12:36:34 GMT

GET
H2 200 yui_combo.php
tmf-group.allaccesspass.com/theme/ 4 KB
1 KB 234ms
233ms Stylesheet
text/css 2606:4700::6811:9e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tmf-group.allaccesspass.com/theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple-min.css

Requested by

Host: tmf-group.allaccesspass.com
URL: https://tmf-group.allaccesspass.com/auth/gigya/redirect.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fbd5b8255a99afe96e89a88423275ed4e93083fad3311dd349906122e63206a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tmf-group.allaccesspass.com/auth/gigya/redirect.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 12:36:34 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
content-disposition: inline; filename="combo"
x-xss-protection: 1; mode=block
pragma
last-modified: Fri, 21 Oct 2022 14:45:04 GMT
server: cloudflare
etag: W/"b9bc567c469e2872cf3bbb14603342a72de2509b"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css;charset=UTF-8
cache-control: public, max-age=31104000, immutable
access-control-allow-credentials: true
cf-ray: 76b045e2ed8fdd4c-LHR
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Sat, 11 Nov 2023 12:36:34 GMT

GET
H2 200 all
tmf-group.allaccesspass.com/theme/styles.php/explore/1666223720_1665855162/ 1 MB
173 KB 291ms
289ms Stylesheet
text/css 2606:4700::6811:9e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tmf-group.allaccesspass.com/theme/styles.php/explore/1666223720_1665855162/all

Requested by

Host: tmf-group.allaccesspass.com
URL: https://tmf-group.allaccesspass.com/auth/gigya/redirect.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58934b67dcaccf77a0e675231032ce7e33d2bfd944c79103dc3abf0480e4eadd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tmf-group.allaccesspass.com/auth/gigya/redirect.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 12:36:34 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
content-disposition: inline; filename="styles.php"
x-xss-protection: 1; mode=block
pragma
last-modified: Thu, 20 Oct 2022 06:47:14 GMT
server: cloudflare
etag: W/"80fc5a64659de9a829b1f51c8accad3d35336dde"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css; charset=utf-8
cache-control: public, max-age=7776000, immutable
access-control-allow-credentials: true
cf-ray: 76b045e2ed90dd4c-LHR
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Tue, 14 Feb 2023 12:36:34 GMT

GET
H2 200 bootstrap.css
tmf-group.allaccesspass.com/theme/explore/style/ 174 KB
24 KB 1116ms
1115ms Stylesheet
text/css 2606:4700::6811:9e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tmf-group.allaccesspass.com/theme/explore/style/bootstrap.css

Requested by

Host: tmf-group.allaccesspass.com
URL: https://tmf-group.allaccesspass.com/auth/gigya/redirect.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c1a4c25634d5841924aab1848acc9dcbc3d5672183053c8b71ff2139b65d7c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tmf-group.allaccesspass.com/auth/gigya/redirect.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 12:36:35 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Fri, 21 Oct 2022 22:06:56 GMT
server: cloudflare
etag: W/"2b7e8-5eb92a8faea6a"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
cache-control: public, max-age=86400
access-control-allow-credentials: true
cf-ray: 76b045e2ed91dd4c-LHR
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Thu, 17 Nov 2022 12:36:35 GMT

GET
H2 200 polyfill.min.js Show response
tmf-group.allaccesspass.com/lib/javascript.php/1666223720/lib/babel-polyfill/ 97 KB
34 KB 57ms
55ms Script
application/javascript 2606:4700::6811:9e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tmf-group.allaccesspass.com/lib/javascript.php/1666223720/lib/babel-polyfill/polyfill.min.js

Requested by

Host: tmf-group.allaccesspass.com
URL: https://tmf-group.allaccesspass.com/auth/gigya/redirect.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9e07890edf5f6f350ef465b37479fc6192923e60e64d9f20af37eb3b011cc66

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tmf-group.allaccesspass.com/auth/gigya/redirect.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 12:36:34 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 73888
content-disposition: inline; filename="javascript.php"
x-xss-protection: 1; mode=block
pragma
last-modified: Thu, 20 Oct 2022 06:47:13 GMT
server: cloudflare
etag: W/"96905a0e893741f834ae9744919bc0fa0215aef4"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=7776000
access-control-allow-credentials: true
cf-ray: 76b045e2ed92dd4c-LHR
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Tue, 14 Feb 2023 12:36:34 GMT

GET
H2 200 polyfill.js Show response
tmf-group.allaccesspass.com/lib/javascript.php/1666223720/lib/polyfills/ 17 KB
5 KB 260ms
258ms Script
application/javascript 2606:4700::6811:9e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tmf-group.allaccesspass.com/lib/javascript.php/1666223720/lib/polyfills/polyfill.js

Requested by

Host: tmf-group.allaccesspass.com
URL: https://tmf-group.allaccesspass.com/auth/gigya/redirect.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

244ff779cc4a0d32d8a21e1dceece94080b39c4b2c77ab5c0a772f333db71216

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tmf-group.allaccesspass.com/auth/gigya/redirect.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 12:36:34 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
content-disposition: inline; filename="javascript.php"
x-xss-protection: 1; mode=block
pragma
last-modified: Thu, 20 Oct 2022 06:47:13 GMT
server: cloudflare
etag: W/"20755b16a443f6186ec69676e05d1fbc5cdc3e73"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=7776000
access-control-allow-credentials: true
cf-ray: 76b045e2ed93dd4c-LHR
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Tue, 14 Feb 2023 12:36:34 GMT

GET
H2 200 yui_combo.php Show response
tmf-group.allaccesspass.com/theme/ 276 KB
84 KB 844ms
843ms Script
application/javascript 2606:4700::6811:9e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tmf-group.allaccesspass.com/theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple-min.js

Requested by

Host: tmf-group.allaccesspass.com
URL: https://tmf-group.allaccesspass.com/auth/gigya/redirect.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13eaaadfa414f262b7964320054bb2b322b9ef9f3522bc25c9d60dc83b5141cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tmf-group.allaccesspass.com/auth/gigya/redirect.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 12:36:35 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
content-disposition: inline; filename="combo"
x-xss-protection: 1; mode=block
pragma
last-modified: Fri, 21 Oct 2022 14:45:04 GMT
server: cloudflare
etag: W/"78581a0bac8a932effb32db3e91e0f2f2b47c08e"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
cache-control: public, max-age=31104000, immutable
access-control-allow-credentials: true
cf-ray: 76b045e2ed95dd4c-LHR
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Sat, 11 Nov 2023 12:36:34 GMT

GET
H2 200 javascript-static.js Show response
tmf-group.allaccesspass.com/lib/javascript.php/1666223720/lib/ 21 KB
7 KB 240ms
239ms Script
application/javascript 2606:4700::6811:9e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tmf-group.allaccesspass.com/lib/javascript.php/1666223720/lib/javascript-static.js

Requested by

Host: tmf-group.allaccesspass.com
URL: https://tmf-group.allaccesspass.com/auth/gigya/redirect.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec9d65cb26cade9adcf9c012734551cf8c86c49a1ff45fef12662ae42f312e3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tmf-group.allaccesspass.com/auth/gigya/redirect.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 12:36:34 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
content-disposition: inline; filename="javascript.php"
x-xss-protection: 1; mode=block
pragma
last-modified: Thu, 20 Oct 2022 06:47:13 GMT
server: cloudflare
etag: W/"fcca627bb0073e388ac69754b8daf0a06991f6bf"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=7776000
access-control-allow-credentials: true
cf-ray: 76b045e2ed97dd4c-LHR
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Tue, 14 Feb 2023 12:36:34 GMT

GET
H2 200 head Show response
tmf-group.allaccesspass.com/theme/javascript.php/explore/1666223720/ 247 KB
82 KB 257ms
256ms Script
application/javascript 2606:4700::6811:9e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tmf-group.allaccesspass.com/theme/javascript.php/explore/1666223720/head

Requested by

Host: tmf-group.allaccesspass.com
URL: https://tmf-group.allaccesspass.com/auth/gigya/redirect.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44e1c6e07e9368fef34008b5c7219e220bf4af5e67dd052392670cf73aac5540

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tmf-group.allaccesspass.com/auth/gigya/redirect.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 12:36:34 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
content-disposition: inline; filename="javascript.php"
x-xss-protection: 1; mode=block
pragma
last-modified: Thu, 20 Oct 2022 06:47:14 GMT
server: cloudflare
etag: W/"46bdd2343ab9ac12eaa2207fd4cbaf0f68a02a1f"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=7776000, immutable
access-control-allow-credentials: true
cf-ray: 76b045e2ed98dd4c-LHR
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Tue, 14 Feb 2023 12:36:34 GMT

GET
H2 200 require.min.js Show response
tmf-group.allaccesspass.com/lib/javascript.php/1666223720/lib/requirejs/ 17 KB
7 KB 255ms
254ms Script
application/javascript 2606:4700::6811:9e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tmf-group.allaccesspass.com/lib/javascript.php/1666223720/lib/requirejs/require.min.js

Requested by

Host: tmf-group.allaccesspass.com
URL: https://tmf-group.allaccesspass.com/auth/gigya/redirect.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ce0dbd6a1df9332653e27d1ddc505c5b78fd82b4112de0ec63840c3fbe0b8c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tmf-group.allaccesspass.com/auth/gigya/redirect.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 12:36:34 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
content-disposition: inline; filename="javascript.php"
x-xss-protection: 1; mode=block
pragma
last-modified: Thu, 20 Oct 2022 06:47:14 GMT
server: cloudflare
etag: W/"1d3aacd841ae91171ebcada8619d9342f545b55a"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=7776000
access-control-allow-credentials: true
cf-ray: 76b045e2ed9bdd4c-LHR
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Tue, 14 Feb 2023 12:36:34 GMT

GET
H2 200 gotham-book-webfont.woff2
tmf-group.allaccesspass.com/theme/font.php/explore/theme/1666223720/ 16 KB
16 KB 256ms
255ms Font
application/font-woff2 2606:4700::6811:9e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tmf-group.allaccesspass.com/theme/font.php/explore/theme/1666223720/gotham-book-webfont.woff2

Requested by

Host: tmf-group.allaccesspass.com
URL: https://tmf-group.allaccesspass.com/theme/styles.php/explore/1666223720_1665855162/all

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88425afc6e97c1d162e0a355b790dc4e020ff80b632e5649697dca5bc784002d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tmf-group.allaccesspass.com/theme/styles.php/explore/1666223720_1665855162/all
Origin: https://tmf-group.allaccesspass.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 12:36:35 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: MISS
content-disposition: inline; filename="gotham-book-webfont.woff2"
content-length: 16700
x-xss-protection: 1; mode=block
pragma
last-modified: Thu, 20 Oct 2022 06:47:16 GMT
server: cloudflare
etag: "dbe3b52b0bd12103be81ca4e1c3b9820aa1b83f6"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/font-woff2
access-control-allow-origin: https://tmf-group.allaccesspass.com
cache-control: public, max-age=7776000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 76b045ea398ddd4c-LHR
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Tue, 14 Feb 2023 12:36:35 GMT

GET
H2 200 yui_combo.php Show response
tmf-group.allaccesspass.com/theme/ 2 KB
1017 B 232ms
232ms Script
application/javascript 2606:4700::6811:9e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tmf-group.allaccesspass.com/theme/yui_combo.php?m/1666223720/core/event/event-min.js&m/1666223720/filter_mathjaxloader/loader/loader-min.js

Requested by

Host: tmf-group.allaccesspass.com
URL: https://tmf-group.allaccesspass.com/theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple-min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7eb61ba5b02c939a8985c145a24985cb3b4e3cadfcfc00fa5bca76aa0d8c5238

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tmf-group.allaccesspass.com/auth/gigya/redirect.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 12:36:35 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
content-disposition: inline; filename="combo"
x-xss-protection: 1; mode=block
pragma
last-modified: Fri, 21 Oct 2022 14:44:58 GMT
server: cloudflare
etag: W/"1a8bb4cadf0cb54420edcadff96af5a9f9c4871a"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
cache-control: public, max-age=31104000, immutable
access-control-allow-credentials: true
cf-ray: 76b045ea8a51dd4c-LHR
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Sat, 11 Nov 2023 12:36:35 GMT

GET
H/1.1 200
OK f0e85026-64d.jpg
aap-prod.s3.amazonaws.com/80800ed5b4e74b68907d565e2aa7df89/ 9 KB
9 KB 610ms
210ms Image
image/jpeg 52.218.246.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aap-prod.s3.amazonaws.com/80800ed5b4e74b68907d565e2aa7df89/f0e85026-64d.jpg
Requested by: Host: tmf-group.allaccesspass.com
URL: https://tmf-group.allaccesspass.com/theme/styles.php/explore/1666223720_1665855162/all
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.246.3 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 356a02f3243113778274eaee7c110df2a21c16bd1e6e866678cc0f508351c462

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tmf-group.allaccesspass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 16 Nov 2022 12:36:37 GMT
Last-Modified: Fri, 08 Jul 2022 14:39:43 GMT
Server: AmazonS3
x-amz-request-id: 45HN0WTFXGNR521J
ETag: "1f29f29989eb71ae1f836e6d85f78eac"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 8965
x-amz-id-2: /RBxK/Q+GzoYZHR3r3mI/EYPcIdT4X2cWRgV2V9Dx0G/bF20RCoRZ5RlsDYIftyLb/w3TijBPjI=

GET
H2 200 logo_white
tmf-group.allaccesspass.com/theme/image.php/explore/theme/1666223720/ 8 KB
8 KB 223ms
222ms Image
image/png 2606:4700::6811:9e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tmf-group.allaccesspass.com/theme/image.php/explore/theme/1666223720/logo_white

Requested by

Host: tmf-group.allaccesspass.com
URL: https://tmf-group.allaccesspass.com/theme/styles.php/explore/1666223720_1665855162/all

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8edda064d7c63f7054917d4b362a21f658c30402bbb3a2e0c2b068da5d87764

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tmf-group.allaccesspass.com/theme/styles.php/explore/1666223720_1665855162/all
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 12:36:35 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-disposition: inline; filename="logo_white.png"
content-length: 7912
x-xss-protection: 1; mode=block
pragma
last-modified: Thu, 20 Oct 2022 06:47:17 GMT
server: cloudflare
etag: "9684a6fc99faee613d256bd64fb7386c8c7d4907"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
cache-control: public, max-age=7776000, no-transform, immutable
access-control-allow-credentials: true
accept-ranges: none
cf-ray: 76b045ea8a53dd4c-LHR
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Tue, 14 Feb 2023 12:36:35 GMT

GET
H2 200 fontawesome-webfont.woff2
tmf-group.allaccesspass.com/theme/font.php/explore/theme/1666223720/ 75 KB
76 KB 73ms
73ms Font
application/font-woff2 2606:4700::6811:9e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tmf-group.allaccesspass.com/theme/font.php/explore/theme/1666223720/fontawesome-webfont.woff2

Requested by

Host: tmf-group.allaccesspass.com
URL: https://tmf-group.allaccesspass.com/theme/styles.php/explore/1666223720_1665855162/all

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tmf-group.allaccesspass.com/theme/styles.php/explore/1666223720_1665855162/all
Origin: https://tmf-group.allaccesspass.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 12:36:35 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4923
content-disposition: inline; filename="fontawesome-webfont.woff2"
content-length: 77160
x-xss-protection: 1; mode=block
pragma
last-modified: Thu, 20 Oct 2022 06:47:16 GMT
server: cloudflare
etag: "447717eff3b27286a26f12e535d693a5a0c66bad"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/font-woff2
access-control-allow-origin: https://tmf-group.allaccesspass.com
cache-control: public, max-age=7776000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 76b045ea8a54dd4c-LHR
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Tue, 14 Feb 2023 12:36:35 GMT

GET
H2 200 first.js Show response
tmf-group.allaccesspass.com/lib/requirejs.php/1666223720/core/ 2 MB
490 KB 387ms
387ms Script
application/javascript 2606:4700::6811:9e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tmf-group.allaccesspass.com/lib/requirejs.php/1666223720/core/first.js

Requested by

Host: tmf-group.allaccesspass.com
URL: https://tmf-group.allaccesspass.com/lib/javascript.php/1666223720/lib/requirejs/require.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b59f99a0946d7c667021f47a30c4320462fd53dad469da539b2be05b29881876

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tmf-group.allaccesspass.com/auth/gigya/redirect.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 12:36:35 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
content-disposition: inline; filename="requirejs.php"
x-xss-protection: 1; mode=block
pragma
last-modified: Thu, 20 Oct 2022 06:47:17 GMT
server: cloudflare
etag: W/"fd519ae8f77c86b315670e09111af8014b23d87d"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=7776000
access-control-allow-credentials: true
cf-ray: 76b045ea8a5cdd4c-LHR
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Tue, 14 Feb 2023 12:36:35 GMT

GET
H2 200 yui_combo.php
tmf-group.allaccesspass.com/theme/ 5 KB
1 KB 227ms
226ms Stylesheet
text/css 2606:4700::6811:9e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tmf-group.allaccesspass.com/theme/yui_combo.php?3.17.2/cssbutton/cssbutton-min.css

Requested by

Host: tmf-group.allaccesspass.com
URL: https://tmf-group.allaccesspass.com/theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple-min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4cc4d14d94d940a82ceb24dc9c9ae9d4573a436e1369db31f2d9c2b1546fe18

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tmf-group.allaccesspass.com/auth/gigya/redirect.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 12:36:36 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
content-disposition: inline; filename="combo"
x-xss-protection: 1; mode=block
pragma
last-modified: Fri, 21 Oct 2022 14:45:00 GMT
server: cloudflare
etag: W/"323202bec286f8abd417e82b36bf85c33dc46920"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css;charset=UTF-8
cache-control: public, max-age=31104000, immutable
access-control-allow-credentials: true
cf-ray: 76b045ec1cecdd4c-LHR
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Sat, 11 Nov 2023 12:36:35 GMT

GET
H2 200 yui_combo.php Show response
tmf-group.allaccesspass.com/theme/ 17 KB
6 KB 671ms
670ms Script
application/javascript 2606:4700::6811:9e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tmf-group.allaccesspass.com/theme/yui_combo.php?m/1666223720/core/widget/widget-focusafterclose-min.js&3.17.2/plugin/plugin-min.js&m/1666223720/core/lockscroll/lockscroll-min.js&m/1666223720/core/notification/notification-dialogue-min.js&m/1666223720/core/tooltip/tooltip-min.js&m/1666223720/core/popuphelp/popuphelp-min.js

Requested by

Host: tmf-group.allaccesspass.com
URL: https://tmf-group.allaccesspass.com/theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple-min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0643b89f1c7ee48d7c6924f3218038573e96a141d4cabb8245f2b6e1cc114aa7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tmf-group.allaccesspass.com/auth/gigya/redirect.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 12:36:36 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
content-disposition: inline; filename="combo"
x-xss-protection: 1; mode=block
pragma
last-modified: Fri, 21 Oct 2022 14:45:02 GMT
server: cloudflare
etag: W/"68d537691a8fa1c7b5ea3f72ae1ce5ba2c73ed74"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
cache-control: public, max-age=31104000, immutable
access-control-allow-credentials: true
cf-ray: 76b045ed8f26dd4c-LHR
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Sat, 11 Nov 2023 12:36:36 GMT

GET
H2 200 jquery-3.5.1.min.js Show response
tmf-group.allaccesspass.com/lib/javascript.php/1666223720/lib/jquery/ 87 KB
31 KB 256ms
256ms Script
application/javascript 2606:4700::6811:9e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tmf-group.allaccesspass.com/lib/javascript.php/1666223720/lib/jquery/jquery-3.5.1.min.js

Requested by

Host: tmf-group.allaccesspass.com
URL: https://tmf-group.allaccesspass.com/lib/javascript.php/1666223720/lib/requirejs/require.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

621c0f52571ccff5dab81de13db26fda4b4a7dad83a01827c9139571023abea4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tmf-group.allaccesspass.com/auth/gigya/redirect.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 12:36:36 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
content-disposition: inline; filename="javascript.php"
x-xss-protection: 1; mode=block
pragma
last-modified: Thu, 20 Oct 2022 06:47:21 GMT
server: cloudflare
etag: W/"9405dea4a7bc6e10b4016a09aa97ddb890fb71f4"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=7776000
access-control-allow-credentials: true
cf-ray: 76b045edaf49dd4c-LHR
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Tue, 14 Feb 2023 12:36:36 GMT

GET
H/1.1 200
OK gigya.js Show response
cdns.gigya.com/JS/ 464 KB
146 KB 192ms
46ms Script
text/javascript 88.221.169.5
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdns.gigya.com/JS/gigya.js?apiKey=3_qOYUNdOudAGL3G4sZTUMpeCGVgPM3tSDjIgpJR5nGVPIRyrxSvX2zWd4_CsaeFq1
Requested by: Host: tmf-group.allaccesspass.com
URL: https://tmf-group.allaccesspass.com/lib/javascript.php/1666223720/lib/jquery/jquery-3.5.1.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.221.169.5 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-169-5.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b564c1aa126ea26ca6ee2200a96a46b3adfd6fe8454fdca9d19cd9f8e1e2ecaf

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tmf-group.allaccesspass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 16 Nov 2022 12:36:36 GMT
Content-Encoding: gzip
x-soa: true, Gator
Vary: Accept-Encoding
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
Access-Control-Allow-Origin: *
x-callid: e5e98488a4744fc6b7a83ab4b7b2fc50
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, max-age=900, s-maxage=3600
x-server: us1d-nomad-g59
Connection: keep-alive
x-robots-tag: none
Content-Length: 149254
Expires: Wed, 16 Nov 2022 12:51:36 GMT

GET
H/1.1 200
OK sdk.config.get Show response
cdns.eu1.gigya.com/ 3 KB
1 KB 199ms
42ms Fetch
text/javascript 88.221.169.5
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdns.eu1.gigya.com/sdk.config.get?apiKey=3_qOYUNdOudAGL3G4sZTUMpeCGVgPM3tSDjIgpJR5nGVPIRyrxSvX2zWd4_CsaeFq1&httpStatusCodes=true
Requested by: Host: cdns.gigya.com
URL: https://cdns.gigya.com/JS/gigya.js?apiKey=3_qOYUNdOudAGL3G4sZTUMpeCGVgPM3tSDjIgpJR5nGVPIRyrxSvX2zWd4_CsaeFq1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.221.169.5 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-169-5.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f5deb202f27e80bc73ecea23f5fce6977602c31f0ec66f55dcf1534e97c1705e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tmf-group.allaccesspass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 16 Nov 2022 12:36:36 GMT
Content-Encoding: gzip
x-soa: true, Gator
Vary: Accept-Encoding
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
Access-Control-Allow-Origin: *
x-callid: ec40efbce94e4cf88ee5593b9e1119d1
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, s-maxage=10800
x-server: us1d-nomad-g38
Connection: keep-alive
Accept-Ranges: bytes
x-robots-tag: none
Content-Length: 1086

GET
H2 200 piwik.js Show response
analytics.franklincovey.com/ 64 KB
21 KB 174ms
89ms Script
application/javascript 2606:4700::6811:7b6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.franklincovey.com/piwik.js

Requested by

Host: tmf-group.allaccesspass.com
URL: https://tmf-group.allaccesspass.com/auth/gigya/redirect.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:7b6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tmf-group.allaccesspass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 12:36:36 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 2764
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 24 Oct 2022 21:18:59 GMT
server: cloudflare
etag: W/"10132-5ebce57053031"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=172800
cf-ray: 76b045f24ad67729-LHR
expires: Fri, 18 Nov 2022 12:36:36 GMT

GET
H2 200 service-nologin.php Show response
tmf-group.allaccesspass.com/lib/ajax/ 2 KB
744 B 298ms
298ms XHR
application/json 2606:4700::6811:9e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tmf-group.allaccesspass.com/lib/ajax/service-nologin.php?info=core_output_load_template_with_dependencies,core_output_load_template_with_dependencies,core_output_load_template_with_dependencies,core_output_load_template_with_dependencies&cachekey=1666223720&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22loading%22%2C%22themename%22%3A%22explore%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A1%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22modal%22%2C%22themename%22%3A%22explore%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A2%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22modal_backdrop%22%2C%22themename%22%3A%22explore%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A3%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22pix_icon%22%2C%22themename%22%3A%22explore%22%2C%22lang%22%3A%22en%22%7D%7D%5D

Requested by

Host: tmf-group.allaccesspass.com
URL: https://tmf-group.allaccesspass.com/lib/javascript.php/1666223720/lib/jquery/jquery-3.5.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62422ec91c58f61dc9c09f25720d9f8df4805f80ba756668b17e3875b6a54ea1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://tmf-group.allaccesspass.com/auth/gigya/redirect.php
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

pragma
date: Wed, 16 Nov 2022 12:36:37 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
access-control-allow-methods: GET, OPTIONS
content-type: application/json; charset=utf-8
cache-control: public, max-age=7776000, immutable
access-control-allow-credentials: true
cf-ray: 76b045f28f50dd4c-LHR
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
x-xss-protection: 1; mode=block
expires: Tue, 14 Feb 2023 12:36:37 GMT

GET
H2 200 service-nologin.php Show response
tmf-group.allaccesspass.com/lib/ajax/ 211 B
249 B 265ms
265ms XHR
application/json 2606:4700::6811:9e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tmf-group.allaccesspass.com/lib/ajax/service-nologin.php?info=6-method-calls&cachekey=1666223720&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22cancel%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A1%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22closebuttontitle%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A2%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22loading%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A3%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22savechanges%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A4%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22showless%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core_form%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A5%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22showmore%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core_form%22%2C%22lang%22%3A%22en%22%7D%7D%5D

Requested by

Host: tmf-group.allaccesspass.com
URL: https://tmf-group.allaccesspass.com/lib/javascript.php/1666223720/lib/jquery/jquery-3.5.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

afefe583c5a695189962783424716b19758b2a08e71480cb91a73c88c98a20be

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://tmf-group.allaccesspass.com/auth/gigya/redirect.php
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

pragma
date: Wed, 16 Nov 2022 12:36:37 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
access-control-allow-methods: GET, OPTIONS
content-type: application/json; charset=utf-8
cache-control: public, max-age=7776000, immutable
access-control-allow-credentials: true
cf-ray: 76b045f28f58dd4c-LHR
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
x-xss-protection: 1; mode=block
expires: Tue, 14 Feb 2023 12:36:37 GMT

GET
H/1.1 200
OK Api.aspx Show response
cdns.eu1.gigya.com/gs/webSdk/ Frame F381 116 KB
40 KB 178ms
47ms Document
text/html 88.221.169.5
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdns.eu1.gigya.com/gs/webSdk/Api.aspx?apiKey=3_qOYUNdOudAGL3G4sZTUMpeCGVgPM3tSDjIgpJR5nGVPIRyrxSvX2zWd4_CsaeFq1&version=latest&build=13455

Requested by

Host: cdns.gigya.com
URL: https://cdns.gigya.com/JS/gigya.js?apiKey=3_qOYUNdOudAGL3G4sZTUMpeCGVgPM3tSDjIgpJR5nGVPIRyrxSvX2zWd4_CsaeFq1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.221.169.5 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a88-221-169-5.deploy.static.akamaitechnologies.com

Software

Resource Hash

ed4491873cc15e90b7be65f894f70dbb1dd542486162026ab2383a4cad931556

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://tmf-group.allaccesspass.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400, s-maxage=3600
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 40573
Content-Type: text/html; charset=utf-8
Date: Wed, 16 Nov 2022 12:36:37 GMT
Vary: Accept-Encoding
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-callid: 62fee7a7a7cc4beb9c885b94036c0b2d
x-robots-tag: none
x-server: us1d-nomad-g32
x-soa: true, Gator

POST
H2 204 piwik.php
analytics.franklincovey.com/ 0
0 413ms
413ms Ping
text/html 2606:4700::6811:7b6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.franklincovey.com/piwik.php?action_name=&idsite=7&rec=1&r=416970&h=12&m=36&s=36&url=https%3A%2F%2Ftmf-group.allaccesspass.com%2Fauth%2Fgigya%2Fredirect.php&_id=0b6adfd156be8fa0&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&dimension1=tmf-group.allaccesspass.com&dimension2=explore&dimension5=en&pv_id=5mbjw3&pf_net=0&pf_srv=317&pf_tfr=12&pf_dm1=1236&pf_dm2=1153&pf_onl=1&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by: Host: analytics.franklincovey.com
URL: https://analytics.franklincovey.com/piwik.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7b6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tmf-group.allaccesspass.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

GET
H/1.1 200
OK sdk.config.get Show response
cdns.eu1.gigya.com/ Frame F381 3 KB
1 KB 43ms
43ms Fetch
text/javascript 88.221.169.5
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdns.eu1.gigya.com/sdk.config.get?apiKey=3_qOYUNdOudAGL3G4sZTUMpeCGVgPM3tSDjIgpJR5nGVPIRyrxSvX2zWd4_CsaeFq1&httpStatusCodes=true
Requested by: Host: cdns.eu1.gigya.com
URL: https://cdns.eu1.gigya.com/gs/webSdk/Api.aspx?apiKey=3_qOYUNdOudAGL3G4sZTUMpeCGVgPM3tSDjIgpJR5nGVPIRyrxSvX2zWd4_CsaeFq1&version=latest&build=13455
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.221.169.5 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-169-5.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f5deb202f27e80bc73ecea23f5fce6977602c31f0ec66f55dcf1534e97c1705e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cdns.eu1.gigya.com/gs/webSdk/Api.aspx?apiKey=3_qOYUNdOudAGL3G4sZTUMpeCGVgPM3tSDjIgpJR5nGVPIRyrxSvX2zWd4_CsaeFq1&version=latest&build=13455
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 16 Nov 2022 12:36:37 GMT
Content-Encoding: gzip
x-soa: true, Gator
Vary: Accept-Encoding
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
Access-Control-Allow-Origin: *
x-callid: ec40efbce94e4cf88ee5593b9e1119d1
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, s-maxage=10800
x-server: us1d-nomad-g38
Connection: keep-alive
Accept-Ranges: bytes
x-robots-tag: none
Content-Length: 1086

GET
H2 200 accounts.webSdkBootstrap Show response
accounts.eu1.gigya.com/ Frame F381 199 B
1 KB 199ms
46ms XHR
text/javascript 52.30.9.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.eu1.gigya.com/accounts.webSdkBootstrap?apiKey=3_qOYUNdOudAGL3G4sZTUMpeCGVgPM3tSDjIgpJR5nGVPIRyrxSvX2zWd4_CsaeFq1&pageURL=https%3A%2F%2Ftmf-group.allaccesspass.com%2F&sdk=js_latest&sdkBuild=13455&format=json
Requested by: Host: cdns.eu1.gigya.com
URL: https://cdns.eu1.gigya.com/gs/webSdk/Api.aspx?apiKey=3_qOYUNdOudAGL3G4sZTUMpeCGVgPM3tSDjIgpJR5nGVPIRyrxSvX2zWd4_CsaeFq1&version=latest&build=13455
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.30.9.119 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-9-119.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 13d701705b95a0970480fe224741f0f5bc17a221949d27bcd50b63e7422af6e5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cdns.eu1.gigya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 12:36:36 GMT
content-encoding: gzip
x-soa: true, Gator
access-control-max-age: 86400
access-control-allow-methods: GET,PUT,DELETE,HEAD,OPTIONS,POST,PATCH
content-type: text/javascript; charset=utf-8
access-control-allow-origin: https://cdns.eu1.gigya.com
x-callid: f8b743691c3b40398610e7caea98028a
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
cache-control: private
access-control-allow-credentials: true
x-server: eu1b-nomad-g8
vary: Origin, Accept-Encoding
x-robots-tag: none
content-length: 174

GET
H/1.1

200
OK

saml2 Show response
login.microsoftonline.com/733f029c-6cfd-403c-9a41-6c3063491098/
Redirect Chain

https://socialize.eu1.gigya.com/accounts.socialLogin?x_authFlow=redirect&x_provider=saml-tmf-group.allaccesspass.com&x_redirectMethod=post&x_lang=en&x_sessionExpiration=0&x_include=profile%2Cdata&x...
https://login.microsoftonline.com/733f029c-6cfd-403c-9a41-6c3063491098/saml2?SAMLRequest=tZJfb9owFMW%2FSuT3%2FHEcArEACYGKMkGLoLCtL5XnOKmnxA6%2BDiv99HPStVsftre92Vf3%2BvzOPZ4Ca%2BqWLjr7pPbi3AmwXr6aoU...

153 KB
56 KB

241ms
60ms

Document
text/html

20.190.159.75
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.microsoftonline.com/733f029c-6cfd-403c-9a41-6c3063491098/saml2?SAMLRequest=tZJfb9owFMW%2FSuT3%2FHEcArEACYGKMkGLoLCtL5XnOKmnxA6%2BDiv99HPStVsftre92Vf3%2BvzOPZ4Ca%2BqWLjr7pPbi3AmwXr6aoUpWV4bTqJyQ0cgdJpglWZKxb1lRMBaneMzSIp7wEfJOwoDUaobiIEJeDtCJXIFlyrpSFMc%2Bxj5O73FMSUrJ%2BAF5K6ciFbPD1JO1LdAwrHUlVdBIbjTo0mpVSyUCrptwTEgZxRn3U14WfhIR7mcswe5KopQkGY6ySdj7iJF3ow0Xg5sZKlkNoifaMQB5Ee%2BVBYAwvfpSK%2BgaYQ7CXCQXx%2F3mN08piyYQHQ6GVQwgvUZ4cTZD8ni%2B%2B3q8Le66YrHekHUCD%2FfHbSuW61O12xJ7WH3Pq%2FbTfqTWp12%2Bv5rnw%2BVL%2FPK5SB6XwMTNGYfQhowD8p6bWgEdYpihziiqGUigijUCqOX0sNhuqNOkrdFWc12j%2BbTvpsOmzR%2Fz%2Fx5nb6bR%2FIPF%2F2NvOrz2i%2FEVuKW3Dipf7XQt%2BbVPqmHui%2FyNGQd4qMjCL4dW2iloBZelFIXLsK71j6URzLpcrelcrOH8VfXjd57%2FBA%3D%3D&RelayState=tk1.N-17c_X_XIs-LO_-41xEVF03UhJDaPyItcm9GrtRzKg&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=L8XWkJvO2%2FyD82AE6jS9sJw%2B6aS%2Fd%2FWsfTNE65Be1W7d09n1wclGmR8Jey9PxSX5n7QGk7GtLfj9ENv%2BBpH6BxzgMYcXgD2hl48aXXnZotSIWmg1zuZN3yZst7CTN8YAg8w0v2QtG5Xidca%2FGy3UndFABPdBY5a5YFvSvKGMz1eDO%2FXhBcVNx79MW9e2VxsxWhCVaQb%2BG0mCjhnl9lSyo79QyuK%2F6yfYvciF5ZtsF%2FZIbDfEUZea4sMe%2FRq5VC5RwmJIzjm3InPLcCQer5FD14d%2BuFNky3wJtUdFP66cscfGwYD0G%2B8e81VL7yD1rPzfuzg2yMMKyBmj3xdvalaHKA%3D%3D

Requested by

Host: cdns.gigya.com
URL: https://cdns.gigya.com/JS/gigya.js?apiKey=3_qOYUNdOudAGL3G4sZTUMpeCGVgPM3tSDjIgpJR5nGVPIRyrxSvX2zWd4_CsaeFq1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.190.159.75 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c55dbb44d025691c1ec3764ed51e8f6219a9a00a0fd9f995be4aad75e9085d1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tmf-group.allaccesspass.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: no-store, no-cache
Content-Encoding: gzip
Content-Length: 55950
Content-Type: text/html; charset=utf-8
Date: Wed, 16 Nov 2022 12:36:36 GMT
Expires: -1
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub2"}]}
x-ms-ests-server: 2.1.14059.16 - NEULR2 ProdSlices
x-ms-request-id: 0c47013c-a63c-459a-b976-708ede812500

Redirect headers

cache-control: private
content-length: 0
date: Wed, 16 Nov 2022 12:36:36 GMT
location: https://login.microsoftonline.com/733f029c-6cfd-403c-9a41-6c3063491098/saml2?SAMLRequest=tZJfb9owFMW%2FSuT3%2FHEcArEACYGKMkGLoLCtL5XnOKmnxA6%2BDiv99HPStVsftre92Vf3%2BvzOPZ4Ca%2BqWLjr7pPbi3AmwXr6aoUpWV4bTqJyQ0cgdJpglWZKxb1lRMBaneMzSIp7wEfJOwoDUaobiIEJeDtCJXIFlyrpSFMc%2Bxj5O73FMSUrJ%2BAF5K6ciFbPD1JO1LdAwrHUlVdBIbjTo0mpVSyUCrptwTEgZxRn3U14WfhIR7mcswe5KopQkGY6ySdj7iJF3ow0Xg5sZKlkNoifaMQB5Ee%2BVBYAwvfpSK%2BgaYQ7CXCQXx%2F3mN08piyYQHQ6GVQwgvUZ4cTZD8ni%2B%2B3q8Le66YrHekHUCD%2FfHbSuW61O12xJ7WH3Pq%2FbTfqTWp12%2Bv5rnw%2BVL%2FPK5SB6XwMTNGYfQhowD8p6bWgEdYpihziiqGUigijUCqOX0sNhuqNOkrdFWc12j%2BbTvpsOmzR%2Fz%2Fx5nb6bR%2FIPF%2F2NvOrz2i%2FEVuKW3Dipf7XQt%2BbVPqmHui%2FyNGQd4qMjCL4dW2iloBZelFIXLsK71j6URzLpcrelcrOH8VfXjd57%2FBA%3D%3D&RelayState=tk1.N-17c_X_XIs-LO_-41xEVF03UhJDaPyItcm9GrtRzKg&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=L8XWkJvO2%2FyD82AE6jS9sJw%2B6aS%2Fd%2FWsfTNE65Be1W7d09n1wclGmR8Jey9PxSX5n7QGk7GtLfj9ENv%2BBpH6BxzgMYcXgD2hl48aXXnZotSIWmg1zuZN3yZst7CTN8YAg8w0v2QtG5Xidca%2FGy3UndFABPdBY5a5YFvSvKGMz1eDO%2FXhBcVNx79MW9e2VxsxWhCVaQb%2BG0mCjhnl9lSyo79QyuK%2F6yfYvciF5ZtsF%2FZIbDfEUZea4sMe%2FRq5VC5RwmJIzjm3InPLcCQer5FD14d%2BuFNky3wJtUdFP66cscfGwYD0G%2B8e81VL7yD1rPzfuzg2yMMKyBmj3xdvalaHKA%3D%3D
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
x-callid: 654d37414b20499bb16f9f14b0a25215
x-robots-tag: none
x-server: eu1b-nomad-g15
x-soa: true, Gator

GET
H/1.1 200
OK Primary Request saml2 Show response
login.microsoftonline.com/733f029c-6cfd-403c-9a41-6c3063491098/ 195 KB
51 KB 146ms
145ms Document
text/html 20.190.159.75
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/733f029c-6cfd-403c-9a41-6c3063491098/saml2?SAMLRequest=tZJfb9owFMW%2FSuT3%2FHEcArEACYGKMkGLoLCtL5XnOKmnxA6%2BDiv99HPStVsftre92Vf3%2BvzOPZ4Ca%2BqWLjr7pPbi3AmwXr6aoUpWV4bTqJyQ0cgdJpglWZKxb1lRMBaneMzSIp7wEfJOwoDUaobiIEJeDtCJXIFlyrpSFMc%2Bxj5O73FMSUrJ%2BAF5K6ciFbPD1JO1LdAwrHUlVdBIbjTo0mpVSyUCrptwTEgZxRn3U14WfhIR7mcswe5KopQkGY6ySdj7iJF3ow0Xg5sZKlkNoifaMQB5Ee%2BVBYAwvfpSK%2BgaYQ7CXCQXx%2F3mN08piyYQHQ6GVQwgvUZ4cTZD8ni%2B%2B3q8Le66YrHekHUCD%2FfHbSuW61O12xJ7WH3Pq%2FbTfqTWp12%2Bv5rnw%2BVL%2FPK5SB6XwMTNGYfQhowD8p6bWgEdYpihziiqGUigijUCqOX0sNhuqNOkrdFWc12j%2BbTvpsOmzR%2Fz%2Fx5nb6bR%2FIPF%2F2NvOrz2i%2FEVuKW3Dipf7XQt%2BbVPqmHui%2FyNGQd4qMjCL4dW2iloBZelFIXLsK71j6URzLpcrelcrOH8VfXjd57%2FBA%3D%3D&RelayState=tk1.N-17c_X_XIs-LO_-41xEVF03UhJDaPyItcm9GrtRzKg&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=L8XWkJvO2%2FyD82AE6jS9sJw%2B6aS%2Fd%2FWsfTNE65Be1W7d09n1wclGmR8Jey9PxSX5n7QGk7GtLfj9ENv%2BBpH6BxzgMYcXgD2hl48aXXnZotSIWmg1zuZN3yZst7CTN8YAg8w0v2QtG5Xidca%2FGy3UndFABPdBY5a5YFvSvKGMz1eDO%2FXhBcVNx79MW9e2VxsxWhCVaQb%2BG0mCjhnl9lSyo79QyuK%2F6yfYvciF5ZtsF%2FZIbDfEUZea4sMe%2FRq5VC5RwmJIzjm3InPLcCQer5FD14d%2BuFNky3wJtUdFP66cscfGwYD0G%2B8e81VL7yD1rPzfuzg2yMMKyBmj3xdvalaHKA%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.190.159.75 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

15680a8a91a605bcd6980d28dfd3e526f969d37c6d0bd84da2d259c28a5cfb15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://login.microsoftonline.com/733f029c-6cfd-403c-9a41-6c3063491098/saml2?SAMLRequest=tZJfb9owFMW%2FSuT3%2FHEcArEACYGKMkGLoLCtL5XnOKmnxA6%2BDiv99HPStVsftre92Vf3%2BvzOPZ4Ca%2BqWLjr7pPbi3AmwXr6aoUpWV4bTqJyQ0cgdJpglWZKxb1lRMBaneMzSIp7wEfJOwoDUaobiIEJeDtCJXIFlyrpSFMc%2Bxj5O73FMSUrJ%2BAF5K6ciFbPD1JO1LdAwrHUlVdBIbjTo0mpVSyUCrptwTEgZxRn3U14WfhIR7mcswe5KopQkGY6ySdj7iJF3ow0Xg5sZKlkNoifaMQB5Ee%2BVBYAwvfpSK%2BgaYQ7CXCQXx%2F3mN08piyYQHQ6GVQwgvUZ4cTZD8ni%2B%2B3q8Le66YrHekHUCD%2FfHbSuW61O12xJ7WH3Pq%2FbTfqTWp12%2Bv5rnw%2BVL%2FPK5SB6XwMTNGYfQhowD8p6bWgEdYpihziiqGUigijUCqOX0sNhuqNOkrdFWc12j%2BbTvpsOmzR%2Fz%2Fx5nb6bR%2FIPF%2F2NvOrz2i%2FEVuKW3Dipf7XQt%2BbVPqmHui%2FyNGQd4qMjCL4dW2iloBZelFIXLsK71j6URzLpcrelcrOH8VfXjd57%2FBA%3D%3D&RelayState=tk1.N-17c_X_XIs-LO_-41xEVF03UhJDaPyItcm9GrtRzKg&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=L8XWkJvO2%2FyD82AE6jS9sJw%2B6aS%2Fd%2FWsfTNE65Be1W7d09n1wclGmR8Jey9PxSX5n7QGk7GtLfj9ENv%2BBpH6BxzgMYcXgD2hl48aXXnZotSIWmg1zuZN3yZst7CTN8YAg8w0v2QtG5Xidca%2FGy3UndFABPdBY5a5YFvSvKGMz1eDO%2FXhBcVNx79MW9e2VxsxWhCVaQb%2BG0mCjhnl9lSyo79QyuK%2F6yfYvciF5ZtsF%2FZIbDfEUZea4sMe%2FRq5VC5RwmJIzjm3InPLcCQer5FD14d%2BuFNky3wJtUdFP66cscfGwYD0G%2B8e81VL7yD1rPzfuzg2yMMKyBmj3xdvalaHKA%3D%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: no-store, no-cache
Content-Encoding: gzip
Content-Length: 50114
Content-Type: text/html; charset=utf-8
Date: Wed, 16 Nov 2022 12:36:37 GMT
Expires: -1
Link: <https://aadcdn.msauth.net>; rel=preconnect; crossorigin <https://aadcdn.msauth.net>; rel=dns-prefetch <https://aadcdn.msftauth.net>; rel=dns-prefetch
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-DNS-Prefetch-Control: on
X-Frame-Options: DENY
X-XSS-Protection: 0
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub2"}]}
x-ms-ests-server: 2.1.14059.16 - NEULR1 ProdSlices
x-ms-request-id: 061d5662-051d-4590-9c11-db0feff32700

GET
H2 200 ConvergedLogin_PCore_pcipSPYgxw6k0H7PwESK3w2.js Show response
aadcdn.msauth.net/shared/1.0/content/js/ 387 KB
110 KB 221ms
34ms Script
application/x-javascript 2620:1ec:40::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_pcipSPYgxw6k0H7PwESK3w2.js
Requested by: Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/733f029c-6cfd-403c-9a41-6c3063491098/saml2?SAMLRequest=tZJfb9owFMW%2FSuT3%2FHEcArEACYGKMkGLoLCtL5XnOKmnxA6%2BDiv99HPStVsftre92Vf3%2BvzOPZ4Ca%2BqWLjr7pPbi3AmwXr6aoUpWV4bTqJyQ0cgdJpglWZKxb1lRMBaneMzSIp7wEfJOwoDUaobiIEJeDtCJXIFlyrpSFMc%2Bxj5O73FMSUrJ%2BAF5K6ciFbPD1JO1LdAwrHUlVdBIbjTo0mpVSyUCrptwTEgZxRn3U14WfhIR7mcswe5KopQkGY6ySdj7iJF3ow0Xg5sZKlkNoifaMQB5Ee%2BVBYAwvfpSK%2BgaYQ7CXCQXx%2F3mN08piyYQHQ6GVQwgvUZ4cTZD8ni%2B%2B3q8Le66YrHekHUCD%2FfHbSuW61O12xJ7WH3Pq%2FbTfqTWp12%2Bv5rnw%2BVL%2FPK5SB6XwMTNGYfQhowD8p6bWgEdYpihziiqGUigijUCqOX0sNhuqNOkrdFWc12j%2BbTvpsOmzR%2Fz%2Fx5nb6bR%2FIPF%2F2NvOrz2i%2FEVuKW3Dipf7XQt%2BbVPqmHui%2FyNGQd4qMjCL4dW2iloBZelFIXLsK71j6URzLpcrelcrOH8VfXjd57%2FBA%3D%3D&RelayState=tk1.N-17c_X_XIs-LO_-41xEVF03UhJDaPyItcm9GrtRzKg&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=L8XWkJvO2%2FyD82AE6jS9sJw%2B6aS%2Fd%2FWsfTNE65Be1W7d09n1wclGmR8Jey9PxSX5n7QGk7GtLfj9ENv%2BBpH6BxzgMYcXgD2hl48aXXnZotSIWmg1zuZN3yZst7CTN8YAg8w0v2QtG5Xidca%2FGy3UndFABPdBY5a5YFvSvKGMz1eDO%2FXhBcVNx79MW9e2VxsxWhCVaQb%2BG0mCjhnl9lSyo79QyuK%2F6yfYvciF5ZtsF%2FZIbDfEUZea4sMe%2FRq5VC5RwmJIzjm3InPLcCQer5FD14d%2BuFNky3wJtUdFP66cscfGwYD0G%2B8e81VL7yD1rPzfuzg2yMMKyBmj3xdvalaHKA%3D%3D&sso_reload=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:40::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4660771cd255710f7f04b9a391d536a2e8aa20c1617534e7941b93df1f577194

Request headers

Referer: https://login.microsoftonline.com/
Origin: https://login.microsoftonline.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 16 Nov 2022 12:36:37 GMT
content-encoding: gzip
x-azure-ref-originshield: 01gpzYwAAAADtv7KW24gWQKrLnxs8H/NITE9OMjFFREdFMTgxNAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-md5: GWIREUt3H0wPJYOZTfRfQg==
x-cache: TCP_HIT
content-length: 111991
x-ms-lease-status: unlocked
last-modified: Wed, 12 Oct 2022 00:12:26 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DAABE671C38EA0
x-azure-ref: 0Vtl0YwAAAAAkOtD3V9AKRKKofKThCmkbTE9OMjEyMDUwNzE3MDUzADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 058cb44f-a01e-005d-20cc-f38b5b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H/1.1 200
OK Me.htm
login.live.com/ 0
0 297ms
108ms Other
text/html 20.190.159.64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://login.live.com/Me.htm?v=3
Requested by: Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/733f029c-6cfd-403c-9a41-6c3063491098/saml2?SAMLRequest=tZJfb9owFMW%2FSuT3%2FHEcArEACYGKMkGLoLCtL5XnOKmnxA6%2BDiv99HPStVsftre92Vf3%2BvzOPZ4Ca%2BqWLjr7pPbi3AmwXr6aoUpWV4bTqJyQ0cgdJpglWZKxb1lRMBaneMzSIp7wEfJOwoDUaobiIEJeDtCJXIFlyrpSFMc%2Bxj5O73FMSUrJ%2BAF5K6ciFbPD1JO1LdAwrHUlVdBIbjTo0mpVSyUCrptwTEgZxRn3U14WfhIR7mcswe5KopQkGY6ySdj7iJF3ow0Xg5sZKlkNoifaMQB5Ee%2BVBYAwvfpSK%2BgaYQ7CXCQXx%2F3mN08piyYQHQ6GVQwgvUZ4cTZD8ni%2B%2B3q8Le66YrHekHUCD%2FfHbSuW61O12xJ7WH3Pq%2FbTfqTWp12%2Bv5rnw%2BVL%2FPK5SB6XwMTNGYfQhowD8p6bWgEdYpihziiqGUigijUCqOX0sNhuqNOkrdFWc12j%2BbTvpsOmzR%2Fz%2Fx5nb6bR%2FIPF%2F2NvOrz2i%2FEVuKW3Dipf7XQt%2BbVPqmHui%2FyNGQd4qMjCL4dW2iloBZelFIXLsK71j6URzLpcrelcrOH8VfXjd57%2FBA%3D%3D&RelayState=tk1.N-17c_X_XIs-LO_-41xEVF03UhJDaPyItcm9GrtRzKg&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=L8XWkJvO2%2FyD82AE6jS9sJw%2B6aS%2Fd%2FWsfTNE65Be1W7d09n1wclGmR8Jey9PxSX5n7QGk7GtLfj9ENv%2BBpH6BxzgMYcXgD2hl48aXXnZotSIWmg1zuZN3yZst7CTN8YAg8w0v2QtG5Xidca%2FGy3UndFABPdBY5a5YFvSvKGMz1eDO%2FXhBcVNx79MW9e2VxsxWhCVaQb%2BG0mCjhnl9lSyo79QyuK%2F6yfYvciF5ZtsF%2FZIbDfEUZea4sMe%2FRq5VC5RwmJIzjm3InPLcCQer5FD14d%2BuFNky3wJtUdFP66cscfGwYD0G%2B8e81VL7yD1rPzfuzg2yMMKyBmj3xdvalaHKA%3D%3D&sso_reload=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.190.159.64 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H2 200 converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ 0
20 KB 142ms
77ms Other
text/css 2620:1ec:40::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css
Requested by: Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/733f029c-6cfd-403c-9a41-6c3063491098/saml2?SAMLRequest=tZJfb9owFMW%2FSuT3%2FHEcArEACYGKMkGLoLCtL5XnOKmnxA6%2BDiv99HPStVsftre92Vf3%2BvzOPZ4Ca%2BqWLjr7pPbi3AmwXr6aoUpWV4bTqJyQ0cgdJpglWZKxb1lRMBaneMzSIp7wEfJOwoDUaobiIEJeDtCJXIFlyrpSFMc%2Bxj5O73FMSUrJ%2BAF5K6ciFbPD1JO1LdAwrHUlVdBIbjTo0mpVSyUCrptwTEgZxRn3U14WfhIR7mcswe5KopQkGY6ySdj7iJF3ow0Xg5sZKlkNoifaMQB5Ee%2BVBYAwvfpSK%2BgaYQ7CXCQXx%2F3mN08piyYQHQ6GVQwgvUZ4cTZD8ni%2B%2B3q8Le66YrHekHUCD%2FfHbSuW61O12xJ7WH3Pq%2FbTfqTWp12%2Bv5rnw%2BVL%2FPK5SB6XwMTNGYfQhowD8p6bWgEdYpihziiqGUigijUCqOX0sNhuqNOkrdFWc12j%2BbTvpsOmzR%2Fz%2Fx5nb6bR%2FIPF%2F2NvOrz2i%2FEVuKW3Dipf7XQt%2BbVPqmHui%2FyNGQd4qMjCL4dW2iloBZelFIXLsK71j6URzLpcrelcrOH8VfXjd57%2FBA%3D%3D&RelayState=tk1.N-17c_X_XIs-LO_-41xEVF03UhJDaPyItcm9GrtRzKg&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=L8XWkJvO2%2FyD82AE6jS9sJw%2B6aS%2Fd%2FWsfTNE65Be1W7d09n1wclGmR8Jey9PxSX5n7QGk7GtLfj9ENv%2BBpH6BxzgMYcXgD2hl48aXXnZotSIWmg1zuZN3yZst7CTN8YAg8w0v2QtG5Xidca%2FGy3UndFABPdBY5a5YFvSvKGMz1eDO%2FXhBcVNx79MW9e2VxsxWhCVaQb%2BG0mCjhnl9lSyo79QyuK%2F6yfYvciF5ZtsF%2FZIbDfEUZea4sMe%2FRq5VC5RwmJIzjm3InPLcCQer5FD14d%2BuFNky3wJtUdFP66cscfGwYD0G%2B8e81VL7yD1rPzfuzg2yMMKyBmj3xdvalaHKA%3D%3D&sso_reload=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:40::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 16 Nov 2022 12:36:38 GMT
content-encoding: gzip
x-azure-ref-originshield: 04WFoYwAAAAAB+4LA8XwKRqnOdRnYTmcwTE9OMjFFREdFMTYxOAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-md5: 9K2/nGCj75WAmmAI9nZNCA==
x-cache: TCP_HIT
content-length: 19970
x-ms-lease-status: unlocked
last-modified: Thu, 04 Aug 2022 19:37:00 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA7650B37ACC3D
x-azure-ref: 0Vtl0YwAAAAA418V6fEy9TqEFskRa6LA1TE9OMjEyMDUwNzEyMDIxADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 27b147e1-501e-009a-3b49-f2de11000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 ux.converged.login.strings-en-gb.min_qailweic6cpp0x8jxzrk8g2.js
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ 0
14 KB 129ms
65ms Other
application/x-javascript 2620:1ec:40::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en-gb.min_qailweic6cpp0x8jxzrk8g2.js
Requested by: Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/733f029c-6cfd-403c-9a41-6c3063491098/saml2?SAMLRequest=tZJfb9owFMW%2FSuT3%2FHEcArEACYGKMkGLoLCtL5XnOKmnxA6%2BDiv99HPStVsftre92Vf3%2BvzOPZ4Ca%2BqWLjr7pPbi3AmwXr6aoUpWV4bTqJyQ0cgdJpglWZKxb1lRMBaneMzSIp7wEfJOwoDUaobiIEJeDtCJXIFlyrpSFMc%2Bxj5O73FMSUrJ%2BAF5K6ciFbPD1JO1LdAwrHUlVdBIbjTo0mpVSyUCrptwTEgZxRn3U14WfhIR7mcswe5KopQkGY6ySdj7iJF3ow0Xg5sZKlkNoifaMQB5Ee%2BVBYAwvfpSK%2BgaYQ7CXCQXx%2F3mN08piyYQHQ6GVQwgvUZ4cTZD8ni%2B%2B3q8Le66YrHekHUCD%2FfHbSuW61O12xJ7WH3Pq%2FbTfqTWp12%2Bv5rnw%2BVL%2FPK5SB6XwMTNGYfQhowD8p6bWgEdYpihziiqGUigijUCqOX0sNhuqNOkrdFWc12j%2BbTvpsOmzR%2Fz%2Fx5nb6bR%2FIPF%2F2NvOrz2i%2FEVuKW3Dipf7XQt%2BbVPqmHui%2FyNGQd4qMjCL4dW2iloBZelFIXLsK71j6URzLpcrelcrOH8VfXjd57%2FBA%3D%3D&RelayState=tk1.N-17c_X_XIs-LO_-41xEVF03UhJDaPyItcm9GrtRzKg&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=L8XWkJvO2%2FyD82AE6jS9sJw%2B6aS%2Fd%2FWsfTNE65Be1W7d09n1wclGmR8Jey9PxSX5n7QGk7GtLfj9ENv%2BBpH6BxzgMYcXgD2hl48aXXnZotSIWmg1zuZN3yZst7CTN8YAg8w0v2QtG5Xidca%2FGy3UndFABPdBY5a5YFvSvKGMz1eDO%2FXhBcVNx79MW9e2VxsxWhCVaQb%2BG0mCjhnl9lSyo79QyuK%2F6yfYvciF5ZtsF%2FZIbDfEUZea4sMe%2FRq5VC5RwmJIzjm3InPLcCQer5FD14d%2BuFNky3wJtUdFP66cscfGwYD0G%2B8e81VL7yD1rPzfuzg2yMMKyBmj3xdvalaHKA%3D%3D&sso_reload=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:40::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 16 Nov 2022 12:36:38 GMT
content-encoding: gzip
x-azure-ref-originshield: 0/qFoYwAAAABJjRajSOAUQqYvFyOenFgOTE9OMjFFREdFMTYwNwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-md5: 1HUgdAZRxYaTfpcX6+4p6w==
x-cache: TCP_HIT
content-length: 14071
x-ms-lease-status: unlocked
last-modified: Wed, 12 Oct 2022 19:43:39 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DAAC8A0FD4927C
x-azure-ref: 0Vtl0YwAAAAAsC3jrx60uRZlX1tNU0Z4lTE9OMjEyMDUwNzEyMDIxADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 2534c7d3-201e-0045-0cdf-ee6368000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 convergedlogin_pcustomizationloader_8dc1586f19519d6b618f.js Show response
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ 107 KB
32 KB 79ms
33ms Script
application/x-javascript 2620:1ec:40::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_8dc1586f19519d6b618f.js
Requested by: Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_pcipSPYgxw6k0H7PwESK3w2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:40::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 89c66a143b0bcbb7377096e70b1d323900036949e52a99372332c12c27b75dcd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 16 Nov 2022 12:36:38 GMT
content-encoding: gzip
x-azure-ref-originshield: 0NelwYwAAAAAuT+VQksjaQZAiQgT48SxOTE9OMjFFREdFMTcwOQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-md5: xYMsa398BlO7oQWNFlhVpg==
x-cache: TCP_HIT
content-length: 32180
x-ms-lease-status: unlocked
last-modified: Wed, 07 Sep 2022 21:51:35 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA911B224BBA9B
x-azure-ref: 0Vtl0YwAAAABSqDy0OJaNQ5MZ9TKBCeDHTE9OMjEyMDUwNzEyMDIxADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 78a6f6ec-401e-002b-68a9-f68357000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 2_bc3d32a696895f78c19df6c717586a5d.svg
aadcdn.msauth.net/shared/1.0/content/images/backgrounds/ 2 KB
1018 B 108ms
63ms Image
image/svg+xml 2620:1ec:40::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msauth.net/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:40::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 16 Nov 2022 12:36:38 GMT
content-encoding: gzip
x-azure-ref-originshield: 03Ih0YwAAAAAIXSOQtAa3SbyhDXHdatuXTE9OMjFFREdFMTYwNwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-md5: DhdidjYrlCeaRJJRG/y9mA==
x-cache: TCP_HIT
content-length: 673
x-ms-lease-status: unlocked
last-modified: Wed, 12 Feb 2020 22:01:30 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D7B0071D86E386
x-azure-ref: 0Vtl0YwAAAACJB0MVOLaDSZgrtLU/lmlwTE9OMjEyMDUwNzEyMDIxADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 8f324251-f01e-0028-1420-f9fe51000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 bannerlogo
aadcdn.msauthimages.net/c1c6b6c8-5gfhiirjqq-ybr8dqhsu3iowa1ne3ps3jk7ygmdpwcm/logintenantbranding/0/ 4 KB
4 KB 182ms
35ms Image
image/jpeg 152.199.23.72
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msauthimages.net/c1c6b6c8-5gfhiirjqq-ybr8dqhsu3iowa1ne3ps3jk7ygmdpwcm/logintenantbranding/0/bannerlogo?ts=636347699505296827
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.72 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (lhd/35F0) /
Resource Hash: b85163cad3e113041f3ac5ee224a285da343639bcf58f2e6ce9ef50e21006397

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 16 Nov 2022 12:36:38 GMT
last-modified: Tue, 04 Jul 2017 12:59:10 GMT
server: ECAcc (lhd/35F0)
content-md5: Lwa+ROVZPfbMG4j9034rQg==
age: 73614
etag: 0x8D4C2DC76D21603
x-cache: HIT
content-type: image/jpeg
x-ms-request-id: 499a6b66-501e-0071-700c-f95e0b000000
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
content-length: 3856

GET
H2 200 signin-options_4e48046ce74f4b89d45037c90576bfac.svg
aadcdn.msauth.net/shared/1.0/content/images/ 2 KB
955 B 32ms
32ms Image
image/svg+xml 2620:1ec:40::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msauth.net/shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:40::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 16 Nov 2022 12:36:38 GMT
content-encoding: gzip
x-azure-ref-originshield: 0POpwYwAAAABMxYZXflwHRpDD7PCO5vJ+TE9OMjFFREdFMTcwNgAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
content-md5: R2FAVxfpONfnQAuxVxXbHg==
x-cache: TCP_HIT
content-length: 621
x-ms-lease-status: unlocked
last-modified: Tue, 10 Nov 2020 03:41:24 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D8852A7FA6B761
x-azure-ref: 0Vtl0YwAAAAAELcKLRkgsRrMwjf8ccSPaTE9OMjEyMDUwNzEyMDIxADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 249c0be8-701e-0058-21ae-f60c51000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
tmf-group.allaccesspass.com/	1969-12-31 23:59:59	Name: MoodleSession Value: 4mq73sjg8uv8nqjj23t63lph6q
.tmf-group.allaccesspass.com/	1969-12-31 23:59:59	Name: gig_canary Value: false
.tmf-group.allaccesspass.com/	1969-12-31 23:59:59	Name: gig_canary_ver Value: 13455-3-27810000
tmf-group.allaccesspass.com/	1970-01-20 16:55:57	Name: _pk_id.7.693d Value: 0b6adfd156be8fa0.1668602197.
tmf-group.allaccesspass.com/	1970-01-20 07:30:03	Name: _pk_ses.7.693d Value: 1
.gigya.com/	1970-01-20 16:15:38	Name: gmid Value: gmid.ver4.AcbHdX9KZw.i4TfLZRneqix3Zxh7SY6KCzFcWFS3grkfkYDPK11ZVwE81IemREYuPFVBJdGCfol.0sRKhJpp3e5U3V8Idm2olIZJ_cCPBR8YQdXD3c8HvDtSyhjReCNBah3cqz4FtN_sdHwyqoBjYPXX4ASdmj-Ysw.sc3
.gigya.com/	1970-01-20 16:15:38	Name: ucid Value: Wzm9Zi5CgJ-QDyvHOw0b2g
.gigya.com/	1970-01-20 11:50:36	Name: hasGmid Value: ver4
.allaccesspass.com/	1970-01-20 16:15:38	Name: gig_bootstrap_3_qOYUNdOudAGL3G4sZTUMpeCGVgPM3tSDjIgpJR5nGVPIRyrxSvX2zWd4_CsaeFq1 Value: _gigya_ver4
login.microsoftonline.com/	1969-12-31 23:59:59	Name: x-ms-gateway-slice Value: estsfd
login.microsoftonline.com/	1969-12-31 23:59:59	Name: stsservicecookie Value: estsfd
.login.microsoftonline.com/	1969-12-31 23:59:59	Name: AADSSO Value: NA\|NoExtension
login.microsoftonline.com/	1970-01-20 07:30:02	Name: SSOCOOKIEPULLED Value: 1
login.microsoftonline.com/	1970-01-20 08:13:14	Name: buid Value: 0.ASAAnAI_c_1sPECaQWwwY0kQmFD06HYEicdCqG6vhdmN-JQgAAA.AQABAAEAAAD--DLA3VO7QrddgJg7WevrhGJlV6PgiH8R6Rcj01mPtqyy2yH1dYPySKEKl1rhXu3PDIhWyQjfNiJEzVebpe9XDHH9di8anxgOofs6wasyoqagu8_mBPgEqa6Q3shQU90gAA
login.microsoftonline.com/	1970-01-20 08:13:14	Name: fpc Value: AmUZKd_BcpFAjElOTA2eor7Nx-izAQAAAFXQBtsOAAAA
.login.microsoftonline.com/	1969-12-31 23:59:59	Name: esctx Value: AQABAAAAAAD--DLA3VO7QrddgJg7WevrxiP0KidaBOUmhEy8SrFVZ9PoNm0Ac5MtMPAoQJWeOekXjM_7OruryC53925L6kMbpho__GH_WZdu3Xs9ITP74KQiWOM-UiNQVpyS1vAI8C7EOaSHlqm2iQmf7qKDF2XZxaKINM7YS6Dj0MUlJtWIlNz_ZFEWmW0PObBQi37oXO3PApNiDJUC7t8vVJEbRKvQF1sANLaBJAoiyyB22l7lfUv4sXIuK-1mQuzMEVfTz3ogAA
.login.live.com/	1969-12-31 23:59:59	Name: uaid Value: 67aae67413784643808875993fe99488
.login.live.com/	1969-12-31 23:59:59	Name: MSPRequ Value: id=N&lt=1668602198&co=1
.login.microsoftonline.com/	1970-01-20 16:51:38	Name: brcap Value: 0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msauth.net
aadcdn.msauthimages.net
aap-prod.s3.amazonaws.com
accounts.eu1.gigya.com
analytics.franklincovey.com
cdns.eu1.gigya.com
cdns.gigya.com
login.live.com
login.microsoftonline.com
protect-eu.mimecast.com
socialize.eu1.gigya.com
tmf-group.allaccesspass.com
152.199.23.72
195.130.217.73
20.190.159.64
20.190.159.75
2606:4700::6811:7b6b
2606:4700::6811:9e2f
2620:1ec:40::45
52.218.246.3
52.30.9.119
88.221.169.5
0643b89f1c7ee48d7c6924f3218038573e96a141d4cabb8245f2b6e1cc114aa7
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
13d701705b95a0970480fe224741f0f5bc17a221949d27bcd50b63e7422af6e5
13eaaadfa414f262b7964320054bb2b322b9ef9f3522bc25c9d60dc83b5141cf
15680a8a91a605bcd6980d28dfd3e526f969d37c6d0bd84da2d259c28a5cfb15
244ff779cc4a0d32d8a21e1dceece94080b39c4b2c77ab5c0a772f333db71216
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3195ad9f8f03f61bbc60571b47b67ba7e41b0cf29e881ab188ff2dadf766e073
356a02f3243113778274eaee7c110df2a21c16bd1e6e866678cc0f508351c462
44e1c6e07e9368fef34008b5c7219e220bf4af5e67dd052392670cf73aac5540
4660771cd255710f7f04b9a391d536a2e8aa20c1617534e7941b93df1f577194
4de3256f3f5bde903f5aca88a6f918aea90df2542ad0ceb765ce869f59e3f786
58934b67dcaccf77a0e675231032ce7e33d2bfd944c79103dc3abf0480e4eadd
621c0f52571ccff5dab81de13db26fda4b4a7dad83a01827c9139571023abea4
62422ec91c58f61dc9c09f25720d9f8df4805f80ba756668b17e3875b6a54ea1
7eb61ba5b02c939a8985c145a24985cb3b4e3cadfcfc00fa5bca76aa0d8c5238
88425afc6e97c1d162e0a355b790dc4e020ff80b632e5649697dca5bc784002d
89c66a143b0bcbb7377096e70b1d323900036949e52a99372332c12c27b75dcd
8c1a4c25634d5841924aab1848acc9dcbc3d5672183053c8b71ff2139b65d7c3
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
9ce0dbd6a1df9332653e27d1ddc505c5b78fd82b4112de0ec63840c3fbe0b8c2
afefe583c5a695189962783424716b19758b2a08e71480cb91a73c88c98a20be
b564c1aa126ea26ca6ee2200a96a46b3adfd6fe8454fdca9d19cd9f8e1e2ecaf
b59f99a0946d7c667021f47a30c4320462fd53dad469da539b2be05b29881876
b85163cad3e113041f3ac5ee224a285da343639bcf58f2e6ce9ef50e21006397
c4cc4d14d94d940a82ceb24dc9c9ae9d4573a436e1369db31f2d9c2b1546fe18
c55dbb44d025691c1ec3764ed51e8f6219a9a00a0fd9f995be4aad75e9085d1e
c8edda064d7c63f7054917d4b362a21f658c30402bbb3a2e0c2b068da5d87764
d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693
d9e07890edf5f6f350ef465b37479fc6192923e60e64d9f20af37eb3b011cc66
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec9d65cb26cade9adcf9c012734551cf8c86c49a1ff45fef12662ae42f312e3f
ed4491873cc15e90b7be65f894f70dbb1dd542486162026ab2383a4cad931556
f5deb202f27e80bc73ecea23f5fce6977602c31f0ec66f55dcf1534e97c1705e
fbd5b8255a99afe96e89a88423275ed4e93083fad3311dd349906122e63206a0

login.microsoftonline.com Open in urlscan Pro 20.190.159.75 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

39 Requests

100 %HTTPS

30 %IPv6

9 Domains

12 Subdomains

9 IPs

4 Countries

1583 kBTransfer

6145 kBSize

19 Cookies

2 Outgoing links

Page URL History

Redirected requests

39 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

login.microsoftonline.com Open in urlscan Pro
20.190.159.75 Public Scan

Screenshot
Live screenshot

Full Image

39
Requests

100 %
HTTPS

30 %
IPv6

9
Domains

12
Subdomains

9
IPs

4
Countries

1583 kB
Transfer

6145 kB
Size

19
Cookies

39 HTTP transactions
0 data transactions