services.bellefieldcloud.com Open in urlscan Pro
40.118.164.119 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ablinks.itimekeep.bellefield.com/ls/click?upn=83QrTI3lekxi4Rza8nWUN0ed5jvJRcYMX6C5bokshaAQYrGpy3OlXV30F22qLmhTXC-2FYtuIMeSbEFPDxb...
Effective URL:
https://services.bellefieldcloud.com/portal/Public/Login.aspx?ReturnUrl=%2fportal%2fUser%2fSingleSignOn%2fJWTGenerator.aspx%3fr%3docg...
Submission Tags: falconsandbox
Submission: On August 31 via api (August 31st 2021, 6:49:56 pm UTC) from US

Summary HTTP 38 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 9 domains to perform 38 HTTP transactions. The main IP is 40.118.164.119, located in San Jose, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is services.bellefieldcloud.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 30th 2021. Valid for: a year.

This is the only time services.bellefieldcloud.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.118.52 167.89.118.52	11377 (SENDGRID) (SENDGRID)
4	104.42.78.153 104.42.78.153	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	205.234.175.175 205.234.175.175	30081 (CACHENETW...) (CACHENETWORKS)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3a	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1 25	40.118.164.119 40.118.164.119	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2a7::35c1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
38	10

1 167.89.118.52 (Las Vegas, United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789118x52.outbound-mail.sendgrid.net

ablinks.itimekeep.bellefield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.42.78.153 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

ocglive.bellefieldcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.234.175.175 (United States)

ASN30081 (CACHENETWORKS, US)
PTR: vip1.G-anycast1.cachefly.net

cdn.ckeditor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 40.118.164.119 (San Jose, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

services.bellefieldcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2a7::35c1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

secure.aadcdn.microsoftonline-p.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	bellefieldcloud.com 1 redirects ocglive.bellefieldcloud.com services.bellefieldcloud.com	7 MB
2	gstatic.com fonts.gstatic.com	29 KB
2	googleapis.com fonts.googleapis.com	1 KB
2	cloudflare.com cdnjs.cloudflare.com	26 KB
1	microsoftonline-p.com secure.aadcdn.microsoftonline-p.com	158 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	13 KB
1	jquery.com code.jquery.com	24 KB
1	ckeditor.com cdn.ckeditor.com	191 KB
1	bellefield.com 1 redirects ablinks.itimekeep.bellefield.com	301 B
38	9

	Domain	Requested by
25	services.bellefieldcloud.com	1 redirects ocglive.bellefieldcloud.com services.bellefieldcloud.com
4	ocglive.bellefieldcloud.com	ocglive.bellefieldcloud.com
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	ocglive.bellefieldcloud.com services.bellefieldcloud.com
2	cdnjs.cloudflare.com	ocglive.bellefieldcloud.com services.bellefieldcloud.com
1	secure.aadcdn.microsoftonline-p.com	services.bellefieldcloud.com
1	maxcdn.bootstrapcdn.com	ocglive.bellefieldcloud.com
1	code.jquery.com	ocglive.bellefieldcloud.com
1	cdn.ckeditor.com	ocglive.bellefieldcloud.com
1	ablinks.itimekeep.bellefield.com	1 redirects
38	10

This site contains links to these domains. Also see Links.

Domain
www.aderant.com

Subject Issuer	Validity	Valid
*.bellefieldcloud.com Sectigo RSA Domain Validation Secure Server CA	`2021-01-30` - `2022-01-30`	a year	crt.sh
cdn.ckeditor.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-18` - `2022-03-20`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-16` - `2021-11-08`	3 months	crt.sh
secure.aadcdn.microsoftonline-p.com Microsoft RSA TLS CA 01	`2020-12-22` - `2021-12-22`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://services.bellefieldcloud.com/portal/Public/Login.aspx?ReturnUrl=%2fportal%2fUser%2fSingleSignOn%2fJWTGenerator.aspx%3fr%3docglive.bellefieldcloud.com%2f%3fs%3d5298%26navTo%3d%2ftimekeeper%2ftask%2f7a0f8dd0-db14-11ea-ad9a-97308cf21958
Frame ID: 05526B82B4C511B3798A72B0DB565A12
Requests: 38 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Log In | iTimeKeep Portal

Page URL History Show full URLs

http://ablinks.itimekeep.bellefield.com/ls/click?upn=83QrTI3lekxi4Rza8nWUN0ed5jvJRcYMX6C5bokshaAQYrGpy3OlXV30F22qLmh... HTTP 302
https://ocglive.bellefieldcloud.com/?s=5298 Page URL
https://services.bellefieldcloud.com/portal/User/SingleSignOn/JWTGenerator.aspx?r=ocglive.bellefieldcloud.com/?s=... HTTP 302
https://services.bellefieldcloud.com/portal/Public/Login.aspx?ReturnUrl=%2fportal%2fUser%2fSingleSignOn%2fJWTGene... Page URL

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 50%
Detected patterns

html /<input[^>]+name="__VIEWSTATE/i

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<input[^>]+name="__VIEWSTATE/i

IIS (Web Servers) Expand

Overall confidence: 50%
Detected patterns

html /<input[^>]+name="__VIEWSTATE/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

38
Requests

100 %
HTTPS

64 %
IPv6

9
Domains

10
Subdomains

10
IPs

3
Countries

7710 kB
Transfer

9360 kB
Size

2
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.aderant.com/itimekeep
Title: iTimekeep Home

Search URL Search Domain Scan URL

URL: https://www.aderant.com/itimekeep/contact-us/
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.aderant.com/privacy/
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ablinks.itimekeep.bellefield.com/ls/click?upn=83QrTI3lekxi4Rza8nWUN0ed5jvJRcYMX6C5bokshaAQYrGpy3OlXV30F22qLmhTXC-2FYtuIMeSbEFPDxb9sCM1AxGqMSNBFehhwk-2F9Mj-2Bqrz3NRAnLUnLThq0-2FqSfYxJKxYio2hRRMPOiIgLcPsJQg-3D-3DIqgx_MWaUjcJx7QgvkCmORIePbrCsiCSXhyRE6bapFRNrvioBxB6kgjR-2BDG1eha-2FtYmm-2FMuO1UaPhUiWt2GnPa0oTm1189QdRJtMmUcbWM12v8-2FZwYo0bpkWe-2FlCMCyhaA8d2RYsmx4q8I0e1W60buwvc6P-2BZUakW1kGwQMLXej-2BfnVOVO5Gjga6DqbnLu4TWnV2BQzkXGn3RqeyNrVZQv0xS-2B24BcsL1sM0lR1djbZf0B5YVtXJ1v5280y8XOj9heMnTbzpidBjABZh8Kb6PpKr2xC4TJ785E5v5L2-2FG7oi0RYy-2F1FBXT27NtJ-2FxSL-2F6Dp5ZdSdcJyqiv-2BZWucraMIIfpXKoSEVhOUKAoYjDzLGmcAl3RipY-2F1AN2N7SBUQ24qfQ4ZqGNeP8r8J1qaxgT-2F0BIDPgn92ptDk3dLo6uwCzMoTxOrfI3jEToaPnHPR58599UB93E20WQSyf1Ym9LSd1FqZMJ3RQNDenuIGBw2J-2F1kh-2BavWaVpafBweynC0aqpu0SN-2BrJCOnQVUqU1uNLgDJ-2FWMKYhx7OvTm-2F7nRFGToskqbPJgVYc3kM83Y7aneLkL87-2Fj4O31EcUk0AcsdvpcI0Q6MuS43OWO9Xv7NTPxov09XJnVQ134D7XhxlbjqnrUL HTTP 302
https://ocglive.bellefieldcloud.com/?s=5298 Page URL
https://services.bellefieldcloud.com/portal/User/SingleSignOn/JWTGenerator.aspx?r=ocglive.bellefieldcloud.com/?s=5298&navTo=/timekeeper/task/7a0f8dd0-db14-11ea-ad9a-97308cf21958 HTTP 302
https://services.bellefieldcloud.com/portal/Public/Login.aspx?ReturnUrl=%2fportal%2fUser%2fSingleSignOn%2fJWTGenerator.aspx%3fr%3docglive.bellefieldcloud.com%2f%3fs%3d5298%26navTo%3d%2ftimekeeper%2ftask%2f7a0f8dd0-db14-11ea-ad9a-97308cf21958 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://ablinks.itimekeep.bellefield.com/ls/click?upn=83QrTI3lekxi4Rza8nWUN0ed5jvJRcYMX6C5bokshaAQYrGpy3OlXV30F22qLmhTXC-2FYtuIMeSbEFPDxb9sCM1AxGqMSNBFehhwk-2F9Mj-2Bqrz3NRAnLUnLThq0-2FqSfYxJKxYio2hRRMPOiIgLcPsJQg-3D-3DIqgx_MWaUjcJx7QgvkCmORIePbrCsiCSXhyRE6bapFRNrvioBxB6kgjR-2BDG1eha-2FtYmm-2FMuO1UaPhUiWt2GnPa0oTm1189QdRJtMmUcbWM12v8-2FZwYo0bpkWe-2FlCMCyhaA8d2RYsmx4q8I0e1W60buwvc6P-2BZUakW1kGwQMLXej-2BfnVOVO5Gjga6DqbnLu4TWnV2BQzkXGn3RqeyNrVZQv0xS-2B24BcsL1sM0lR1djbZf0B5YVtXJ1v5280y8XOj9heMnTbzpidBjABZh8Kb6PpKr2xC4TJ785E5v5L2-2FG7oi0RYy-2F1FBXT27NtJ-2FxSL-2F6Dp5ZdSdcJyqiv-2BZWucraMIIfpXKoSEVhOUKAoYjDzLGmcAl3RipY-2F1AN2N7SBUQ24qfQ4ZqGNeP8r8J1qaxgT-2F0BIDPgn92ptDk3dLo6uwCzMoTxOrfI3jEToaPnHPR58599UB93E20WQSyf1Ym9LSd1FqZMJ3RQNDenuIGBw2J-2F1kh-2BavWaVpafBweynC0aqpu0SN-2BrJCOnQVUqU1uNLgDJ-2FWMKYhx7OvTm-2F7nRFGToskqbPJgVYc3kM83Y7aneLkL87-2Fj4O31EcUk0AcsdvpcI0Q6MuS43OWO9Xv7NTPxov09XJnVQ134D7XhxlbjqnrUL HTTP 302
https://ocglive.bellefieldcloud.com/?s=5298

38 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
ocglive.bellefieldcloud.com/
Redirect Chain

http://ablinks.itimekeep.bellefield.com/ls/click?upn=83QrTI3lekxi4Rza8nWUN0ed5jvJRcYMX6C5bokshaAQYrGpy3OlXV30F22qLmhTXC-2FYtuIMeSbEFPDxb9sCM1AxGqMSNBFehhwk-2F9Mj-2Bqrz3NRAnLUnLThq0-2FqSfYxJKxYio2hR...
https://ocglive.bellefieldcloud.com/?s=5298

5 KB
5 KB

841ms
190ms

Document
text/html

104.42.78.153
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://ocglive.bellefieldcloud.com/?s=5298

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.42.78.153 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e34ce468bfcfb5052d617117ad8973f12bc9e5e6012d217e85575d16a7d354de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: ocglive.bellefieldcloud.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Cache-Control: public, max-age=0
Content-Length: 4701
Content-Type: text/html; charset=UTF-8
Last-Modified: Thu, 24 Jun 2021 22:52:06 GMT
Accept-Ranges: bytes
ETag: W/"125d-17a403929f0"
X-DNS-Prefetch-Control: off
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Download-Options: noopen
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, OPTIONS
Access-Control-Allow-Headers: Access-Control-Allow-Origin, token, auth, sub_id, authorization, bellefield-callertimezoneoffset, bellefield-callerutctime, bellefield-callerutctimezoneid, bellefield-servicecalltraceid, content-type, pragma, cache-control
Date: Tue, 31 Aug 2021 18:49:36 GMT

Redirect headers

Server: nginx
Date: Tue, 31 Aug 2021 18:49:36 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 120
Connection: keep-alive
Location: https://ocglive.bellefieldcloud.com/?s=5298#/timekeeper/task/7a0f8dd0-db14-11ea-ad9a-97308cf21958
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK index.css
ocglive.bellefieldcloud.com/ 1 MB
1 MB 183ms
182ms Stylesheet
text/css 104.42.78.153
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://ocglive.bellefieldcloud.com/index.css

Requested by

Host: ocglive.bellefieldcloud.com
URL: https://ocglive.bellefieldcloud.com/?s=5298

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.42.78.153 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a7d81d560406d85bf8992cc95f7eb5491ecfc31401340eebcd4810579f5cf45d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: ocglive.bellefieldcloud.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Connection: keep-alive
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Content-Type-Options: nosniff
X-DNS-Prefetch-Control: off
Content-Length: 1536225
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 24 Jun 2021 22:52:06 GMT
Date: Tue, 31 Aug 2021 18:49:36 GMT
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, OPTIONS
Content-Type: text/css; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
ETag: W/"1770e1-17a403929f0"
Accept-Ranges: bytes
Access-Control-Allow-Headers: Access-Control-Allow-Origin, token, auth, sub_id, authorization, bellefield-callertimezoneoffset, bellefield-callerutctime, bellefield-callerutctimezoneid, bellefield-servicecalltraceid, content-type, pragma, cache-control

GET
H/1.1 200
OK bundle.js Show response
ocglive.bellefieldcloud.com/ 5 MB
5 MB 750ms
223ms Script
application/javascript 104.42.78.153
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://ocglive.bellefieldcloud.com/bundle.js

Requested by

Host: ocglive.bellefieldcloud.com
URL: https://ocglive.bellefieldcloud.com/?s=5298

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.42.78.153 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e6a1a7fd6b3fdf7fe37860890ee7000bec4aa3c2b30f35ccdf337db7077c5a19

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: ocglive.bellefieldcloud.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Connection: keep-alive
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Content-Type-Options: nosniff
X-DNS-Prefetch-Control: off
Content-Length: 5650676
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 24 Jun 2021 22:52:06 GMT
Date: Tue, 31 Aug 2021 18:49:37 GMT
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, OPTIONS
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
ETag: W/"5638f4-17a403929f0"
Accept-Ranges: bytes
Access-Control-Allow-Headers: Access-Control-Allow-Origin, token, auth, sub_id, authorization, bellefield-callertimezoneoffset, bellefield-callerutctime, bellefield-callerutctimezoneid, bellefield-servicecalltraceid, content-type, pragma, cache-control

GET
H2 200 ckeditor.js Show response
cdn.ckeditor.com/4.14.0/standard/ 642 KB
191 KB 85ms
25ms Script
application/javascript 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ckeditor.com/4.14.0/standard/ckeditor.js

Requested by

Host: ocglive.bellefieldcloud.com
URL: https://ocglive.bellefieldcloud.com/?s=5298

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),

Reverse DNS

vip1.G-anycast1.cachefly.net

Software

CFS 0215 /

Resource Hash

26fcbffd33c63d15d97e0839b2b3606e6eb86fa58c7641b289544f02e5b9fca9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 18:49:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cf3: H
cf4ttl: 604800.000
x-cf1: 28810:fB.cdg1:co:1628769535:cacheB.cdg1-01:H
content-length: 195488
x-xss-protection: 1; mode=block
x-cf-tsc: 1630363674
x-cf2: H
x-frame-options: sameorigin
last-modified: Wed, 04 Mar 2020 11:58:56 GMT
server: CFS 0215
x-cff: B
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800, public
cf4age: 446297
accept-ranges: bytes
x-cf-rand: 2.583
expires: Wed, 01 Sep 2021 18:49:37 GMT

GET
H2 200 jquery-3.2.1.slim.min.js Show response
code.jquery.com/ 68 KB
24 KB 26ms
8ms Script
application/javascript 2001:4de0:ac18::1:a:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.2.1.slim.min.js
Requested by: Host: ocglive.bellefieldcloud.com
URL: https://ocglive.bellefieldcloud.com/?s=5298
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398

Request headers

Origin: https://ocglive.bellefieldcloud.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 18:49:37 GMT
content-encoding: gzip
last-modified: Mon, 20 Mar 2017 19:01:15 GMT
server: nginx
etag: W/"58d026fb-10fdd"
vary: Accept-Encoding
x-hw: 1630435777.dop238.fr8.t,1630435777.cds225.fr8.hc,1630435777.cds257.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 23856

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.3/umd/ 19 KB
6 KB 15ms
13ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.3/umd/popper.min.js

Requested by

Host: ocglive.bellefieldcloud.com
URL: https://ocglive.bellefieldcloud.com/?s=5298

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e95b881702116fa860c3e41ef7ebaac83c3ecf0db026aaae023b46671db74ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://ocglive.bellefieldcloud.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 18:49:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1118188
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 6174
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-4b24"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I2WR0%2FnA%2FibjodrnKh%2BlgBQeNUVfO00BeJqrxqNu2Tjlb9iJnG6i%2FkicFUXty%2F1y01jtMjlutK9iBr2I5L%2BJuZBRQUARpzx6qpkZy%2F8gAmVCxNNADMU%2Bf3hWxmmZJ22u2dajiBLgw1jJHLvc2NfpwOyp"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 687870984fac434b-FRA
expires: Sun, 21 Aug 2022 18:49:37 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/4.0.0-beta.2/js/ 49 KB
13 KB 29ms
28ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0-beta.2/js/bootstrap.min.js

Requested by

Host: ocglive.bellefieldcloud.com
URL: https://ocglive.bellefieldcloud.com/?s=5298

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1886bc561dec7c44a7541d82377ad81a40ff32496f32ad259884f0790c44d6a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://ocglive.bellefieldcloud.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 18:49:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
cdn-edgestorageid: 632, 617, 617
access-control-allow-origin: *
cdn-cachedat: 2021-06-08 19:47:20
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
timing-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:03 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 4a6dba6dd1b7d0aec5368c987b3865cd
cf-ray: 687870984af416e6-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 css
fonts.googleapis.com/ 4 KB
627 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Barlow:300,400,700,900&display=swap

Requested by

Host: ocglive.bellefieldcloud.com
URL: https://ocglive.bellefieldcloud.com/index.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e82901f6126053393f563a201060f66070878113066109b6b0223a3e7a1131e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 31 Aug 2021 18:49:38 GMT
server: ESF
date: Tue, 31 Aug 2021 18:49:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 31 Aug 2021 18:49:38 GMT

GET
H/1.1 200
OK portal-env
ocglive.bellefieldcloud.com/ 455 B
1 KB 177ms
177ms Fetch
application/json 104.42.78.153
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://ocglive.bellefieldcloud.com/portal-env

Requested by

Host: ocglive.bellefieldcloud.com
URL: https://ocglive.bellefieldcloud.com/bundle.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.42.78.153 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: ocglive.bellefieldcloud.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
auth: Bearer undefined
Sec-Fetch-Mode: cors
Content-Type: application/json
Accept: application/json, text/plain, */*
Cache-Control: no-cache
Sec-Fetch-Dest: empty
Connection: keep-alive
pragma: no-cache
Accept: application/json, text/plain, */*
cache-control: no-cache
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
auth: Bearer undefined
Content-Type: application/json

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
ETag: W/"1c7-EUVHPHF9Yhc9JHp9HPeQCLomPDg"
X-Download-Options: noopen
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Date: Tue, 31 Aug 2021 18:49:39 GMT
X-DNS-Prefetch-Control: off
Access-Control-Allow-Headers: Access-Control-Allow-Origin, token, auth, sub_id, authorization, bellefield-callertimezoneoffset, bellefield-callerutctime, bellefield-callerutctimezoneid, bellefield-servicecalltraceid, content-type, pragma, cache-control
Content-Length: 455
X-XSS-Protection: 1; mode=block

GET
H2

200

Primary Request Login.aspx Show response
services.bellefieldcloud.com/portal/Public/
Redirect Chain

https://services.bellefieldcloud.com/portal/User/SingleSignOn/JWTGenerator.aspx?r=ocglive.bellefieldcloud.com/?s=5298&navTo=/timekeeper/task/7a0f8dd0-db14-11ea-ad9a-97308cf21958
https://services.bellefieldcloud.com/portal/Public/Login.aspx?ReturnUrl=%2fportal%2fUser%2fSingleSignOn%2fJWTGenerator.aspx%3fr%3docglive.bellefieldcloud.com%2f%3fs%3d5298%26navTo%3d%2ftimekeeper%2...

23 KB
9 KB

190ms
190ms

Document
text/html

40.118.164.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://services.bellefieldcloud.com/portal/Public/Login.aspx?ReturnUrl=%2fportal%2fUser%2fSingleSignOn%2fJWTGenerator.aspx%3fr%3docglive.bellefieldcloud.com%2f%3fs%3d5298%26navTo%3d%2ftimekeeper%2ftask%2f7a0f8dd0-db14-11ea-ad9a-97308cf21958

Requested by

Host: ocglive.bellefieldcloud.com
URL: https://ocglive.bellefieldcloud.com/bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.118.164.119 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

85e3cb7ef4cff77cb503c4bc7d68d50780657975da694b3f988a791d85953ecc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' outlook.office365.com outlook.office.com
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: services.bellefieldcloud.com
:scheme: https
:path: /portal/Public/Login.aspx?ReturnUrl=%2fportal%2fUser%2fSingleSignOn%2fJWTGenerator.aspx%3fr%3docglive.bellefieldcloud.com%2f%3fs%3d5298%26navTo%3d%2ftimekeeper%2ftask%2f7a0f8dd0-db14-11ea-ad9a-97308cf21958
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: ASP.NET_SessionId=dyfu1e3wemtr0yjeq14uq5di; PORTALTRACEID=7b0048ef-b103-494f-b83f-6c3577281940
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://ocglive.bellefieldcloud.com/?s=5298#/timekeeper/task/7a0f8dd0-db14-11ea-ad9a-97308cf21958

Response headers

cache-control: private
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self' outlook.office365.com outlook.office.com
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
msapplication-config: none
strict-transport-security: max-age=31536000;
date: Tue, 31 Aug 2021 18:49:40 GMT
content-length: 9459

Redirect headers

content-type: text/html; charset=utf-8
location: /portal/Public/Login.aspx?ReturnUrl=%2fportal%2fUser%2fSingleSignOn%2fJWTGenerator.aspx%3fr%3docglive.bellefieldcloud.com%2f%3fs%3d5298%26navTo%3d%2ftimekeeper%2ftask%2f7a0f8dd0-db14-11ea-ad9a-97308cf21958
set-cookie: ASP.NET_SessionId=dyfu1e3wemtr0yjeq14uq5di; path=/; secure; HttpOnly; SameSite=Lax ANTIFORGERY_TOKEN2=cHAwYmJxajdjNHFtbHk4cTlqeGZ2YXNjY3FtdXU0OWE4cndtbDJqcXV5NTloM3V1MTZlaXhxMmV4bnlsNG9kOHZmZHUxbXxiZDMzMjg0OS0wYzFkLTRmODUtYmY0My03NWFlNDViZmE4NTI=; path=/; SameSite=None; secure; HttpOnly PORTALTRACEID=7b0048ef-b103-494f-b83f-6c3577281940; path=/; SameSite=None; secure; HttpOnly AUTH_TOKEN2=; expires=Mon, 30-Aug-2021 18:49:40 GMT; path=/; secure; HttpOnly AUTH_UI=; expires=Mon, 30-Aug-2021 18:49:40 GMT; path=/; secure; HttpOnly JWTTOKEN=; expires=Mon, 30-Aug-2021 18:49:40 GMT; path=/; secure; HttpOnly ANTIFORGERY_TOKEN2=; expires=Mon, 30-Aug-2021 18:49:40 GMT; path=/; secure; HttpOnly
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self' outlook.office365.com outlook.office.com
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
msapplication-config: none
strict-transport-security: max-age=31536000;
date: Tue, 31 Aug 2021 18:49:40 GMT
content-length: 322

GET
H2 200 BellefieldMain1.css
services.bellefieldcloud.com/portal/Public/ 48 KB
13 KB 481ms
478ms Stylesheet
text/css 40.118.164.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://services.bellefieldcloud.com/portal/Public/BellefieldMain1.css

Requested by

Host: services.bellefieldcloud.com
URL: https://services.bellefieldcloud.com/portal/Public/Login.aspx?ReturnUrl=%2fportal%2fUser%2fSingleSignOn%2fJWTGenerator.aspx%3fr%3docglive.bellefieldcloud.com%2f%3fs%3d5298%26navTo%3d%2ftimekeeper%2ftask%2f7a0f8dd0-db14-11ea-ad9a-97308cf21958

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.118.164.119 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

738101773722a25cd2becd1cd7d26627d69247d5e4ec8c14f3168f980b945300

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' outlook.office365.com outlook.office.com
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /portal/Public/BellefieldMain1.css
pragma: no-cache
cookie: ASP.NET_SessionId=dyfu1e3wemtr0yjeq14uq5di; PORTALTRACEID=7b0048ef-b103-494f-b83f-6c3577281940
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: services.bellefieldcloud.com
referer: https://services.bellefieldcloud.com/portal/Public/Login.aspx?ReturnUrl=%2fportal%2fUser%2fSingleSignOn%2fJWTGenerator.aspx%3fr%3docglive.bellefieldcloud.com%2f%3fs%3d5298%26navTo%3d%2ftimekeeper%2ftask%2f7a0f8dd0-db14-11ea-ad9a-97308cf21958
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://services.bellefieldcloud.com/portal/Public/Login.aspx?ReturnUrl=%2fportal%2fUser%2fSingleSignOn%2fJWTGenerator.aspx%3fr%3docglive.bellefieldcloud.com%2f%3fs%3d5298%26navTo%3d%2ftimekeeper%2ftask%2f7a0f8dd0-db14-11ea-ad9a-97308cf21958
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' outlook.office365.com outlook.office.com
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Jul 2021 15:11:46 GMT
x-frame-options: SAMEORIGIN
etag: "93a288dd57fd71:0"
vary: Accept-Encoding
content-type: text/css
cache-control: no-cache
date: Tue, 31 Aug 2021 18:49:40 GMT
msapplication-config: none
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 12885
x-xss-protection: 1; mode=block

GET
H2 200 core1.css
services.bellefieldcloud.com/portal/Public/ 10 KB
3 KB 350ms
346ms Stylesheet
text/css 40.118.164.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://services.bellefieldcloud.com/portal/Public/core1.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.118.164.119 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5eccf1c29967e60828d5d6286ffb68d543bdeff2fba7402ccb5b9f44b9d180d3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' outlook.office365.com outlook.office.com
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /portal/Public/core1.css
pragma: no-cache
cookie: ASP.NET_SessionId=dyfu1e3wemtr0yjeq14uq5di; PORTALTRACEID=7b0048ef-b103-494f-b83f-6c3577281940
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: services.bellefieldcloud.com
referer: https://services.bellefieldcloud.com/portal/Public/Login.aspx?ReturnUrl=%2fportal%2fUser%2fSingleSignOn%2fJWTGenerator.aspx%3fr%3docglive.bellefieldcloud.com%2f%3fs%3d5298%26navTo%3d%2ftimekeeper%2ftask%2f7a0f8dd0-db14-11ea-ad9a-97308cf21958
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://services.bellefieldcloud.com/portal/Public/Login.aspx?ReturnUrl=%2fportal%2fUser%2fSingleSignOn%2fJWTGenerator.aspx%3fr%3docglive.bellefieldcloud.com%2f%3fs%3d5298%26navTo%3d%2ftimekeeper%2ftask%2f7a0f8dd0-db14-11ea-ad9a-97308cf21958
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' outlook.office365.com outlook.office.com
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Jul 2021 15:11:46 GMT
x-frame-options: SAMEORIGIN
etag: "874b8cdd57fd71:0"
vary: Accept-Encoding
content-type: text/css
cache-control: no-cache
date: Tue, 31 Aug 2021 18:49:40 GMT
msapplication-config: none
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 3101
x-xss-protection: 1; mode=block

GET
H2 200 jquery-3.5.1.js Show response
services.bellefieldcloud.com/portal/Scripts/ 281 KB
110 KB 485ms
480ms Script
application/javascript 40.118.164.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://services.bellefieldcloud.com/portal/Scripts/jquery-3.5.1.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.118.164.119 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

416a3b2c3bf16d64f6b5b6d0f7b079df2267614dd6847fc2f3271b4409233c37

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' outlook.office365.com outlook.office.com
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /portal/Scripts/jquery-3.5.1.js
pragma: no-cache
cookie: ASP.NET_SessionId=dyfu1e3wemtr0yjeq14uq5di; PORTALTRACEID=7b0048ef-b103-494f-b83f-6c3577281940
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: services.bellefieldcloud.com
referer: https://services.bellefieldcloud.com/portal/Public/Login.aspx?ReturnUrl=%2fportal%2fUser%2fSingleSignOn%2fJWTGenerator.aspx%3fr%3docglive.bellefieldcloud.com%2f%3fs%3d5298%26navTo%3d%2ftimekeeper%2ftask%2f7a0f8dd0-db14-11ea-ad9a-97308cf21958
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://services.bellefieldcloud.com/portal/Public/Login.aspx?ReturnUrl=%2fportal%2fUser%2fSingleSignOn%2fJWTGenerator.aspx%3fr%3docglive.bellefieldcloud.com%2f%3fs%3d5298%26navTo%3d%2ftimekeeper%2ftask%2f7a0f8dd0-db14-11ea-ad9a-97308cf21958
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' outlook.office365.com outlook.office.com
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Jul 2021 15:11:48 GMT
x-frame-options: SAMEORIGIN
etag: "accfe3ed57fd71:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache
date: Tue, 31 Aug 2021 18:49:40 GMT
msapplication-config: none
strict-transport-security: max-age=31536000;
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK msal.js Show response
secure.aadcdn.microsoftonline-p.com/lib/1.0.1/js/ 719 KB
158 KB 517ms
492ms Script
application/x-javascript 2a02:26f0:6c00:2a7::35c1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.aadcdn.microsoftonline-p.com/lib/1.0.1/js/msal.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:2a7::35c1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

6b77e3ec5f746d1a7d6f25df3b61de91f82d6e0b938a2f33e5f4f48c3e00e90d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://services.bellefieldcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 18:49:41 GMT
Content-Encoding: gzip
Last-Modified: Fri, 14 Jun 2019 18:40:02 GMT
Content-MD5: JrZxtQEjLc6UNj6aFyjUcA==
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Strict-Transport-Security: max-age=31536000
Content-Length: 161087

GET
H2 200 bluebird.min.js Show response
cdnjs.cloudflare.com/ajax/libs/bluebird/3.3.5/ 76 KB
19 KB 21ms
15ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/bluebird/3.3.5/bluebird.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9b2fe47829128ad00ad322ce1773f608ad6f2f2c6c92b6508284a221056cca0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://services.bellefieldcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 18:49:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 428985
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 19519
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:06:35 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d8b-12e38"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bSWaCvJSNcpCaOwQx1AMIRVQF%2BLVQH4nrdV9prMlqqpPQ8IZ%2BlnAaKavx5ZacLNSUws1F0Z%2Bamhzxk1cPmqYNmLVicLbKGAmrx%2BEKo%2F3NuKMT41%2FrOXHQz%2BlGD6IBbCmR7mMoxQ%2FBZAIvz15lRLk3sDs"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 687870ae7e4b05dc-FRA
expires: Sun, 21 Aug 2022 18:49:40 GMT

GET
H2 200 WebResource.axd Show response
services.bellefieldcloud.com/portal/ 23 KB
6 KB 180ms
175ms Script
application/x-javascript 40.118.164.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://services.bellefieldcloud.com/portal/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZH5L-E_YKp-t34jJWsfr-1BqlECO8atdyjcL7jHS-cMnUX1u5Q2&t=637586513915289469

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.118.164.119 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' outlook.office365.com outlook.office.com
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /portal/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZH5L-E_YKp-t34jJWsfr-1BqlECO8atdyjcL7jHS-cMnUX1u5Q2&t=637586513915289469
pragma: no-cache
cookie: ASP.NET_SessionId=dyfu1e3wemtr0yjeq14uq5di; PORTALTRACEID=7b0048ef-b103-494f-b83f-6c3577281940
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: services.bellefieldcloud.com
referer: https://services.bellefieldcloud.com/portal/Public/Login.aspx?ReturnUrl=%2fportal%2fUser%2fSingleSignOn%2fJWTGenerator.aspx%3fr%3docglive.bellefieldcloud.com%2f%3fs%3d5298%26navTo%3d%2ftimekeeper%2ftask%2f7a0f8dd0-db14-11ea-ad9a-97308cf21958
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://services.bellefieldcloud.com/portal/Public/Login.aspx?ReturnUrl=%2fportal%2fUser%2fSingleSignOn%2fJWTGenerator.aspx%3fr%3docglive.bellefieldcloud.com%2f%3fs%3d5298%26navTo%3d%2ftimekeeper%2ftask%2f7a0f8dd0-db14-11ea-ad9a-97308cf21958
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' outlook.office365.com outlook.office.com
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 07 Jun 2021 08:29:51 GMT
x-frame-options: SAMEORIGIN
date: Tue, 31 Aug 2021 18:49:40 GMT
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public
msapplication-config: none
strict-transport-security: max-age=31536000;
content-length: 6007
x-xss-protection: 1; mode=block
expires: Sun, 24 Jul 2022 13:10:53 GMT

GET
H2 200 ScriptResource.axd Show response
services.bellefieldcloud.com/portal/ 26 KB
5 KB 184ms
179ms Script
application/x-javascript 40.118.164.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://services.bellefieldcloud.com/portal/ScriptResource.axd?d=nv7asgRUU0tRmHNR2D6t1DGavruG6T8CshB-gZrBobqkuzgA0YqzYTJ8iJLXx61hASrM4OAeEpWCnTL1HznuqYnv8EbSFTiDTWNEcQ-XPeea2Yk1TuUvppGqrWY-9GuuUH0Wmg2&t=fffffffff6474071

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.118.164.119 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ef9453f74b2617d43dcef4242cf5845101fcfb57289c81bceb20042b0023a192

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' outlook.office365.com outlook.office.com
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /portal/ScriptResource.axd?d=nv7asgRUU0tRmHNR2D6t1DGavruG6T8CshB-gZrBobqkuzgA0YqzYTJ8iJLXx61hASrM4OAeEpWCnTL1HznuqYnv8EbSFTiDTWNEcQ-XPeea2Yk1TuUvppGqrWY-9GuuUH0Wmg2&t=fffffffff6474071
pragma: no-cache
cookie: ASP.NET_SessionId=dyfu1e3wemtr0yjeq14uq5di; PORTALTRACEID=7b0048ef-b103-494f-b83f-6c3577281940
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: services.bellefieldcloud.com
referer: https://services.bellefieldcloud.com/portal/Public/Login.aspx?ReturnUrl=%2fportal%2fUser%2fSingleSignOn%2fJWTGenerator.aspx%3fr%3docglive.bellefieldcloud.com%2f%3fs%3d5298%26navTo%3d%2ftimekeeper%2ftask%2f7a0f8dd0-db14-11ea-ad9a-97308cf21958
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://services.bellefieldcloud.com/portal/Public/Login.aspx?ReturnUrl=%2fportal%2fUser%2fSingleSignOn%2fJWTGenerator.aspx%3fr%3docglive.bellefieldcloud.com%2f%3fs%3d5298%26navTo%3d%2ftimekeeper%2ftask%2f7a0f8dd0-db14-11ea-ad9a-97308cf21958
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' outlook.office365.com outlook.office.com
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 24 Jul 2021 13:10:53 GMT
date: Tue, 31 Aug 2021 18:49:40 GMT
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: public
msapplication-config: none
strict-transport-security: max-age=31536000;
content-length: 5479
x-xss-protection: 1; mode=block
expires: Sun, 24 Jul 2022 13:10:53 GMT

GET
H2 200 ScriptResource.axd Show response
services.bellefieldcloud.com/portal/ 100 KB
25 KB 193ms
188ms Script
application/x-javascript 40.118.164.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://services.bellefieldcloud.com/portal/ScriptResource.axd?d=NJmAwtEo3Ipnlaxl6CMhvoiVZ1qAIGl88IO8fbcy6u0hrJ7IF-VFg6qvwN9ojTE1uiSwl9GhMAtT2vQdVKmEmwbbdCslUnyxeJf8b8Tx8czmajtKr5A_h3S1Ubtk4TxSNHqCwdEzrLonhRfK6qP5sfakAFg1&t=2fe674eb

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.118.164.119 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' outlook.office365.com outlook.office.com
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /portal/ScriptResource.axd?d=NJmAwtEo3Ipnlaxl6CMhvoiVZ1qAIGl88IO8fbcy6u0hrJ7IF-VFg6qvwN9ojTE1uiSwl9GhMAtT2vQdVKmEmwbbdCslUnyxeJf8b8Tx8czmajtKr5A_h3S1Ubtk4TxSNHqCwdEzrLonhRfK6qP5sfakAFg1&t=2fe674eb
pragma: no-cache
cookie: ASP.NET_SessionId=dyfu1e3wemtr0yjeq14uq5di; PORTALTRACEID=7b0048ef-b103-494f-b83f-6c3577281940
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: services.bellefieldcloud.com
referer: https://services.bellefieldcloud.com/portal/Public/Login.aspx?ReturnUrl=%2fportal%2fUser%2fSingleSignOn%2fJWTGenerator.aspx%3fr%3docglive.bellefieldcloud.com%2f%3fs%3d5298%26navTo%3d%2ftimekeeper%2ftask%2f7a0f8dd0-db14-11ea-ad9a-97308cf21958
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://services.bellefieldcloud.com/portal/Public/Login.aspx?ReturnUrl=%2fportal%2fUser%2fSingleSignOn%2fJWTGenerator.aspx%3fr%3docglive.bellefieldcloud.com%2f%3fs%3d5298%26navTo%3d%2ftimekeeper%2ftask%2f7a0f8dd0-db14-11ea-ad9a-97308cf21958
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' outlook.office365.com outlook.office.com
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 24 Jul 2021 13:10:53 GMT
date: Tue, 31 Aug 2021 18:49:40 GMT
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: public
msapplication-config: none
strict-transport-security: max-age=31536000;
content-length: 25609
x-xss-protection: 1; mode=block
expires: Sun, 24 Jul 2022 13:10:53 GMT

GET
H2 200 ScriptResource.axd Show response
services.bellefieldcloud.com/portal/ 39 KB
10 KB 333ms
328ms Script
application/x-javascript 40.118.164.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://services.bellefieldcloud.com/portal/ScriptResource.axd?d=dwY9oWetJoJoVpgL6Zq8OHFK_Se6Ybq4qfVD9WLw8wD0-KMuVsQYMcExmMKjU7VHzcmKjm10NxvMKm_HAz6WpSDjx46h7FwtsdZe--cLoBUjhaujmd0r-_i3Jb6PTsk4WS5XzpFtRqGe1SRRK8s5xXTe1VA1&t=2fe674eb

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.118.164.119 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' outlook.office365.com outlook.office.com
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /portal/ScriptResource.axd?d=dwY9oWetJoJoVpgL6Zq8OHFK_Se6Ybq4qfVD9WLw8wD0-KMuVsQYMcExmMKjU7VHzcmKjm10NxvMKm_HAz6WpSDjx46h7FwtsdZe--cLoBUjhaujmd0r-_i3Jb6PTsk4WS5XzpFtRqGe1SRRK8s5xXTe1VA1&t=2fe674eb
pragma: no-cache
cookie: ASP.NET_SessionId=dyfu1e3wemtr0yjeq14uq5di; PORTALTRACEID=7b0048ef-b103-494f-b83f-6c3577281940
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: services.bellefieldcloud.com
referer: https://services.bellefieldcloud.com/portal/Public/Login.aspx?ReturnUrl=%2fportal%2fUser%2fSingleSignOn%2fJWTGenerator.aspx%3fr%3docglive.bellefieldcloud.com%2f%3fs%3d5298%26navTo%3d%2ftimekeeper%2ftask%2f7a0f8dd0-db14-11ea-ad9a-97308cf21958
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://services.bellefieldcloud.com/portal/Public/Login.aspx?ReturnUrl=%2fportal%2fUser%2fSingleSignOn%2fJWTGenerator.aspx%3fr%3docglive.bellefieldcloud.com%2f%3fs%3d5298%26navTo%3d%2ftimekeeper%2ftask%2f7a0f8dd0-db14-11ea-ad9a-97308cf21958
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' outlook.office365.com outlook.office.com
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 24 Jul 2021 13:10:53 GMT
date: Tue, 31 Aug 2021 18:49:40 GMT
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: public
msapplication-config: none
strict-transport-security: max-age=31536000;
content-length: 9984
x-xss-protection: 1; mode=block
expires: Sun, 24 Jul 2022 13:10:53 GMT

GET
H2 200 ScriptResource.axd Show response
services.bellefieldcloud.com/portal/ 11 KB
4 KB 335ms
330ms Script
text/javascript 40.118.164.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://services.bellefieldcloud.com/portal/ScriptResource.axd?d=eE6V8nDbUVn0gtG6hKNX_Au2rO6U9rE643AKX64uJRke6TsW9dKEiSDJcXh29ZtClWFoMKj_itdTxioK8o53Hd78amt2wM7gDG5Rf9xCL6Y7Eln90&t=7d5986a

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.118.164.119 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

351064c4585c86aa016649d1e4fde71419edc20a9b1d5c533679381aa0cde8d5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' outlook.office365.com outlook.office.com
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /portal/ScriptResource.axd?d=eE6V8nDbUVn0gtG6hKNX_Au2rO6U9rE643AKX64uJRke6TsW9dKEiSDJcXh29ZtClWFoMKj_itdTxioK8o53Hd78amt2wM7gDG5Rf9xCL6Y7Eln90&t=7d5986a
pragma: no-cache
cookie: ASP.NET_SessionId=dyfu1e3wemtr0yjeq14uq5di; PORTALTRACEID=7b0048ef-b103-494f-b83f-6c3577281940
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: services.bellefieldcloud.com
referer: https://services.bellefieldcloud.com/portal/Public/Login.aspx?ReturnUrl=%2fportal%2fUser%2fSingleSignOn%2fJWTGenerator.aspx%3fr%3docglive.bellefieldcloud.com%2f%3fs%3d5298%26navTo%3d%2ftimekeeper%2ftask%2f7a0f8dd0-db14-11ea-ad9a-97308cf21958
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://services.bellefieldcloud.com/portal/Public/Login.aspx?ReturnUrl=%2fportal%2fUser%2fSingleSignOn%2fJWTGenerator.aspx%3fr%3docglive.bellefieldcloud.com%2f%3fs%3d5298%26navTo%3d%2ftimekeeper%2ftask%2f7a0f8dd0-db14-11ea-ad9a-97308cf21958
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' outlook.office365.com outlook.office.com
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 24 Jul 2021 13:10:53 GMT
date: Tue, 31 Aug 2021 18:49:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: public
msapplication-config: none
strict-transport-security: max-age=31536000;
content-length: 3586
x-xss-protection: 1; mode=block
expires: Sun, 24 Jul 2022 13:10:53 GMT

GET
H2 200 ScriptResource.axd Show response
services.bellefieldcloud.com/portal/ 19 KB
5 KB 337ms
333ms Script
text/javascript 40.118.164.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://services.bellefieldcloud.com/portal/ScriptResource.axd?d=mcAASOSteirJeuV-3by3Ubuov9QfnIUg4xRVUFkbveW20UcLgKSfsEi_RZbzAufZeKSreOKSk35HDiM9xroCZLtGGXI1&t=7d5986a

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.118.164.119 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4ff9de1d1e2d4e9c4ffab3ca34f8ad8519615ccee0365951a122bddb955b5f0f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' outlook.office365.com outlook.office.com
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /portal/ScriptResource.axd?d=mcAASOSteirJeuV-3by3Ubuov9QfnIUg4xRVUFkbveW20UcLgKSfsEi_RZbzAufZeKSreOKSk35HDiM9xroCZLtGGXI1&t=7d5986a
pragma: no-cache
cookie: ASP.NET_SessionId=dyfu1e3wemtr0yjeq14uq5di; PORTALTRACEID=7b0048ef-b103-494f-b83f-6c3577281940
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: services.bellefieldcloud.com
referer: https://services.bellefieldcloud.com/portal/Public/Login.aspx?ReturnUrl=%2fportal%2fUser%2fSingleSignOn%2fJWTGenerator.aspx%3fr%3docglive.bellefieldcloud.com%2f%3fs%3d5298%26navTo%3d%2ftimekeeper%2ftask%2f7a0f8dd0-db14-11ea-ad9a-97308cf21958
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://services.bellefieldcloud.com/portal/Public/Login.aspx?ReturnUrl=%2fportal%2fUser%2fSingleSignOn%2fJWTGenerator.aspx%3fr%3docglive.bellefieldcloud.com%2f%3fs%3d5298%26navTo%3d%2ftimekeeper%2ftask%2f7a0f8dd0-db14-11ea-ad9a-97308cf21958
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' outlook.office365.com outlook.office.com
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 24 Jul 2021 13:10:53 GMT
date: Tue, 31 Aug 2021 18:49:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: public
msapplication-config: none
strict-transport-security: max-age=31536000;
content-length: 4855
x-xss-protection: 1; mode=block
expires: Sun, 24 Jul 2022 13:10:53 GMT

GET
H2 200 ScriptResource.axd Show response
services.bellefieldcloud.com/portal/ 877 B
486 B 337ms
333ms Script
text/javascript 40.118.164.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://services.bellefieldcloud.com/portal/ScriptResource.axd?d=jwf4VSQi7LeShc44FJ-gAQoznPlMFEVRM8n1GZ3R12HaG4XxQrngEA0-XwY2fprBf-4mRMxJ70ecmPxR8mvcokfabKxazj_DcnSauorRNIQ97aTo0&t=7d5986a

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.118.164.119 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d4d19f0fb634296b2d6238acd844a6c6365e9ab8a88144b44d4e48b17ba9a0a6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' outlook.office365.com outlook.office.com
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /portal/ScriptResource.axd?d=jwf4VSQi7LeShc44FJ-gAQoznPlMFEVRM8n1GZ3R12HaG4XxQrngEA0-XwY2fprBf-4mRMxJ70ecmPxR8mvcokfabKxazj_DcnSauorRNIQ97aTo0&t=7d5986a
pragma: no-cache
cookie: ASP.NET_SessionId=dyfu1e3wemtr0yjeq14uq5di; PORTALTRACEID=7b0048ef-b103-494f-b83f-6c3577281940
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: services.bellefieldcloud.com
referer: https://services.bellefieldcloud.com/portal/Public/Login.aspx?ReturnUrl=%2fportal%2fUser%2fSingleSignOn%2fJWTGenerator.aspx%3fr%3docglive.bellefieldcloud.com%2f%3fs%3d5298%26navTo%3d%2ftimekeeper%2ftask%2f7a0f8dd0-db14-11ea-ad9a-97308cf21958
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://services.bellefieldcloud.com/portal/Public/Login.aspx?ReturnUrl=%2fportal%2fUser%2fSingleSignOn%2fJWTGenerator.aspx%3fr%3docglive.bellefieldcloud.com%2f%3fs%3d5298%26navTo%3d%2ftimekeeper%2ftask%2f7a0f8dd0-db14-11ea-ad9a-97308cf21958
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' outlook.office365.com outlook.office.com
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 24 Jul 2021 13:10:53 GMT
date: Tue, 31 Aug 2021 18:49:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: public
msapplication-config: none
strict-transport-security: max-age=31536000;
content-length: 441
x-xss-protection: 1; mode=block
expires: Sun, 24 Jul 2022 13:10:53 GMT

GET
H2 200 ScriptResource.axd Show response
services.bellefieldcloud.com/portal/ 1 KB
585 B 337ms
334ms Script
text/javascript 40.118.164.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://services.bellefieldcloud.com/portal/ScriptResource.axd?d=nai7mGcYyE2dix_TwveLDTSOED6hTzxriBtAZsOeDPp_5LnRORonuqetOvGJbRs0CCew7GpTEFxPQM7HQUiyLKxhMuvLTm6xXz0mEv9z4PF8fMMV0&t=7d5986a

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.118.164.119 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1b3068f985b0c1d75fc9efbe162d26b35f5191118809a3aa8641c0829b469f54

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' outlook.office365.com outlook.office.com
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /portal/ScriptResource.axd?d=nai7mGcYyE2dix_TwveLDTSOED6hTzxriBtAZsOeDPp_5LnRORonuqetOvGJbRs0CCew7GpTEFxPQM7HQUiyLKxhMuvLTm6xXz0mEv9z4PF8fMMV0&t=7d5986a
pragma: no-cache
cookie: ASP.NET_SessionId=dyfu1e3wemtr0yjeq14uq5di; PORTALTRACEID=7b0048ef-b103-494f-b83f-6c3577281940
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: services.bellefieldcloud.com
referer: https://services.bellefieldcloud.com/portal/Public/Login.aspx?ReturnUrl=%2fportal%2fUser%2fSingleSignOn%2fJWTGenerator.aspx%3fr%3docglive.bellefieldcloud.com%2f%3fs%3d5298%26navTo%3d%2ftimekeeper%2ftask%2f7a0f8dd0-db14-11ea-ad9a-97308cf21958
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://services.bellefieldcloud.com/portal/Public/Login.aspx?ReturnUrl=%2fportal%2fUser%2fSingleSignOn%2fJWTGenerator.aspx%3fr%3docglive.bellefieldcloud.com%2f%3fs%3d5298%26navTo%3d%2ftimekeeper%2ftask%2f7a0f8dd0-db14-11ea-ad9a-97308cf21958
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' outlook.office365.com outlook.office.com
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 24 Jul 2021 13:10:53 GMT
date: Tue, 31 Aug 2021 18:49:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: public
msapplication-config: none
strict-transport-security: max-age=31536000;
content-length: 540
x-xss-protection: 1; mode=block
expires: Sun, 24 Jul 2022 13:10:53 GMT

GET
H2 200 ScriptResource.axd Show response
services.bellefieldcloud.com/portal/ 17 KB
3 KB 343ms
339ms Script
text/javascript 40.118.164.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://services.bellefieldcloud.com/portal/ScriptResource.axd?d=yDT7ulzE00Yqzs5zd38bJxDyFTiXEmc4-cJ66t3QdAmSFP3QjvUV5QanTzpqO-iFo4AuME6TnrP42808MhwgNqg_R1ITGNiGlgBFfgEmmAe6zRBe0&t=7d5986a

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.118.164.119 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

cd439da677cfeb4ace5db3902e70c419d4d3e1cf9376127cffaf08748f778f0f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' outlook.office365.com outlook.office.com
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /portal/ScriptResource.axd?d=yDT7ulzE00Yqzs5zd38bJxDyFTiXEmc4-cJ66t3QdAmSFP3QjvUV5QanTzpqO-iFo4AuME6TnrP42808MhwgNqg_R1ITGNiGlgBFfgEmmAe6zRBe0&t=7d5986a
pragma: no-cache
cookie: ASP.NET_SessionId=dyfu1e3wemtr0yjeq14uq5di; PORTALTRACEID=7b0048ef-b103-494f-b83f-6c3577281940
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: services.bellefieldcloud.com
referer: https://services.bellefieldcloud.com/portal/Public/Login.aspx?ReturnUrl=%2fportal%2fUser%2fSingleSignOn%2fJWTGenerator.aspx%3fr%3docglive.bellefieldcloud.com%2f%3fs%3d5298%26navTo%3d%2ftimekeeper%2ftask%2f7a0f8dd0-db14-11ea-ad9a-97308cf21958
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://services.bellefieldcloud.com/portal/Public/Login.aspx?ReturnUrl=%2fportal%2fUser%2fSingleSignOn%2fJWTGenerator.aspx%3fr%3docglive.bellefieldcloud.com%2f%3fs%3d5298%26navTo%3d%2ftimekeeper%2ftask%2f7a0f8dd0-db14-11ea-ad9a-97308cf21958
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' outlook.office365.com outlook.office.com
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 24 Jul 2021 13:10:53 GMT
date: Tue, 31 Aug 2021 18:49:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: public
msapplication-config: none
strict-transport-security: max-age=31536000;
content-length: 3450
x-xss-protection: 1; mode=block
expires: Sun, 24 Jul 2022 13:10:53 GMT

GET
H2 200 ScriptResource.axd Show response
services.bellefieldcloud.com/portal/ 11 KB
2 KB 337ms
334ms Script
text/javascript 40.118.164.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://services.bellefieldcloud.com/portal/ScriptResource.axd?d=HEFpVKbnoeQjkjHkFKu3MOtr-L6lKJf77yfkP-4_f0aaTGWKAJzaVf3uBdLi5EyY2kS4cvu4oJRsfP1SAYdoVaQuYYEk19kIom8aiQ0JuU-mhGeV0&t=7d5986a

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.118.164.119 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c29095adeab0840f0495ebb337c8a5d4fc795750f8e8caf8fe59a30cefbb25f3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' outlook.office365.com outlook.office.com
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /portal/ScriptResource.axd?d=HEFpVKbnoeQjkjHkFKu3MOtr-L6lKJf77yfkP-4_f0aaTGWKAJzaVf3uBdLi5EyY2kS4cvu4oJRsfP1SAYdoVaQuYYEk19kIom8aiQ0JuU-mhGeV0&t=7d5986a
pragma: no-cache
cookie: ASP.NET_SessionId=dyfu1e3wemtr0yjeq14uq5di; PORTALTRACEID=7b0048ef-b103-494f-b83f-6c3577281940
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: services.bellefieldcloud.com
referer: https://services.bellefieldcloud.com/portal/Public/Login.aspx?ReturnUrl=%2fportal%2fUser%2fSingleSignOn%2fJWTGenerator.aspx%3fr%3docglive.bellefieldcloud.com%2f%3fs%3d5298%26navTo%3d%2ftimekeeper%2ftask%2f7a0f8dd0-db14-11ea-ad9a-97308cf21958
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://services.bellefieldcloud.com/portal/Public/Login.aspx?ReturnUrl=%2fportal%2fUser%2fSingleSignOn%2fJWTGenerator.aspx%3fr%3docglive.bellefieldcloud.com%2f%3fs%3d5298%26navTo%3d%2ftimekeeper%2ftask%2f7a0f8dd0-db14-11ea-ad9a-97308cf21958
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' outlook.office365.com outlook.office.com
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 24 Jul 2021 13:10:53 GMT
date: Tue, 31 Aug 2021 18:49:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: public
msapplication-config: none
strict-transport-security: max-age=31536000;
content-length: 2025
x-xss-protection: 1; mode=block
expires: Sun, 24 Jul 2022 13:10:53 GMT

GET
H2 200 ScriptResource.axd Show response
services.bellefieldcloud.com/portal/ 3 KB
937 B 339ms
336ms Script
text/javascript 40.118.164.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://services.bellefieldcloud.com/portal/ScriptResource.axd?d=5ib3lCcyinHeLQmkwMF7Et-5glLHWfLUabCQnaAG6EySrM5yV9ZrJ3ND3fAIFOd_VVAvofEaS_dW_IGSVazaADM4UsJn1esgnJHdc1tslpmGMfuL0&t=7d5986a

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.118.164.119 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0a3174020a8ed2f03872df7f5083f5cdbd782763a8022b01a88edcd0205c3857

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' outlook.office365.com outlook.office.com
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /portal/ScriptResource.axd?d=5ib3lCcyinHeLQmkwMF7Et-5glLHWfLUabCQnaAG6EySrM5yV9ZrJ3ND3fAIFOd_VVAvofEaS_dW_IGSVazaADM4UsJn1esgnJHdc1tslpmGMfuL0&t=7d5986a
pragma: no-cache
cookie: ASP.NET_SessionId=dyfu1e3wemtr0yjeq14uq5di; PORTALTRACEID=7b0048ef-b103-494f-b83f-6c3577281940
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: services.bellefieldcloud.com
referer: https://services.bellefieldcloud.com/portal/Public/Login.aspx?ReturnUrl=%2fportal%2fUser%2fSingleSignOn%2fJWTGenerator.aspx%3fr%3docglive.bellefieldcloud.com%2f%3fs%3d5298%26navTo%3d%2ftimekeeper%2ftask%2f7a0f8dd0-db14-11ea-ad9a-97308cf21958
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://services.bellefieldcloud.com/portal/Public/Login.aspx?ReturnUrl=%2fportal%2fUser%2fSingleSignOn%2fJWTGenerator.aspx%3fr%3docglive.bellefieldcloud.com%2f%3fs%3d5298%26navTo%3d%2ftimekeeper%2ftask%2f7a0f8dd0-db14-11ea-ad9a-97308cf21958
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' outlook.office365.com outlook.office.com
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 24 Jul 2021 13:10:53 GMT
date: Tue, 31 Aug 2021 18:49:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: public
msapplication-config: none
strict-transport-security: max-age=31536000;
content-length: 892
x-xss-protection: 1; mode=block
expires: Sun, 24 Jul 2022 13:10:53 GMT

GET
H2 200 ScriptResource.axd Show response
services.bellefieldcloud.com/portal/ 8 KB
2 KB 338ms
335ms Script
text/javascript 40.118.164.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://services.bellefieldcloud.com/portal/ScriptResource.axd?d=iON9Jxe8QCRam1nkdNLgkU0sUOWj4ZXP32eH5nxt-RW7Ud3VLAEdYUmo49J_uxX9LMsLGaMpdDTVNb8lwHq1uH1-h2jg-AyQD7cR205d3_NISfWh0&t=7d5986a

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.118.164.119 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4414722890ed44d6ef1ad43a9e4740a72ae1549d35be2452df2df0dbb233d06e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' outlook.office365.com outlook.office.com
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /portal/ScriptResource.axd?d=iON9Jxe8QCRam1nkdNLgkU0sUOWj4ZXP32eH5nxt-RW7Ud3VLAEdYUmo49J_uxX9LMsLGaMpdDTVNb8lwHq1uH1-h2jg-AyQD7cR205d3_NISfWh0&t=7d5986a
pragma: no-cache
cookie: ASP.NET_SessionId=dyfu1e3wemtr0yjeq14uq5di; PORTALTRACEID=7b0048ef-b103-494f-b83f-6c3577281940
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: services.bellefieldcloud.com
referer: https://services.bellefieldcloud.com/portal/Public/Login.aspx?ReturnUrl=%2fportal%2fUser%2fSingleSignOn%2fJWTGenerator.aspx%3fr%3docglive.bellefieldcloud.com%2f%3fs%3d5298%26navTo%3d%2ftimekeeper%2ftask%2f7a0f8dd0-db14-11ea-ad9a-97308cf21958
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://services.bellefieldcloud.com/portal/Public/Login.aspx?ReturnUrl=%2fportal%2fUser%2fSingleSignOn%2fJWTGenerator.aspx%3fr%3docglive.bellefieldcloud.com%2f%3fs%3d5298%26navTo%3d%2ftimekeeper%2ftask%2f7a0f8dd0-db14-11ea-ad9a-97308cf21958
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' outlook.office365.com outlook.office.com
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 24 Jul 2021 13:10:53 GMT
date: Tue, 31 Aug 2021 18:49:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: public
msapplication-config: none
strict-transport-security: max-age=31536000;
content-length: 1840
x-xss-protection: 1; mode=block
expires: Sun, 24 Jul 2022 13:10:53 GMT

GET
H2 200 ScriptResource.axd Show response
services.bellefieldcloud.com/portal/ 7 KB
2 KB 338ms
336ms Script
text/javascript 40.118.164.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://services.bellefieldcloud.com/portal/ScriptResource.axd?d=xGmPTKfsNy0_1Sr5I58kO66pnuvdThMsXVcU52K7-8RV8HLidW0indHLtp0KkF5scP6uFYEu26QEPLJNzzk0cxP3IjRlp76Kt3OlTWL709MDL9KD0&t=7d5986a

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.118.164.119 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f3c506031213cef52b137254e8ca19c84e46631ddd18fa38256491743d7958ae

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' outlook.office365.com outlook.office.com
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /portal/ScriptResource.axd?d=xGmPTKfsNy0_1Sr5I58kO66pnuvdThMsXVcU52K7-8RV8HLidW0indHLtp0KkF5scP6uFYEu26QEPLJNzzk0cxP3IjRlp76Kt3OlTWL709MDL9KD0&t=7d5986a
pragma: no-cache
cookie: ASP.NET_SessionId=dyfu1e3wemtr0yjeq14uq5di; PORTALTRACEID=7b0048ef-b103-494f-b83f-6c3577281940
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: services.bellefieldcloud.com
referer: https://services.bellefieldcloud.com/portal/Public/Login.aspx?ReturnUrl=%2fportal%2fUser%2fSingleSignOn%2fJWTGenerator.aspx%3fr%3docglive.bellefieldcloud.com%2f%3fs%3d5298%26navTo%3d%2ftimekeeper%2ftask%2f7a0f8dd0-db14-11ea-ad9a-97308cf21958
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://services.bellefieldcloud.com/portal/Public/Login.aspx?ReturnUrl=%2fportal%2fUser%2fSingleSignOn%2fJWTGenerator.aspx%3fr%3docglive.bellefieldcloud.com%2f%3fs%3d5298%26navTo%3d%2ftimekeeper%2ftask%2f7a0f8dd0-db14-11ea-ad9a-97308cf21958
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' outlook.office365.com outlook.office.com
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 24 Jul 2021 13:10:53 GMT
date: Tue, 31 Aug 2021 18:49:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: public
msapplication-config: none
strict-transport-security: max-age=31536000;
content-length: 1722
x-xss-protection: 1; mode=block
expires: Sun, 24 Jul 2022 13:10:53 GMT

GET
H2 200 ScriptResource.axd Show response
services.bellefieldcloud.com/portal/ 32 KB
6 KB 340ms
338ms Script
text/javascript 40.118.164.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://services.bellefieldcloud.com/portal/ScriptResource.axd?d=LQ1q2RBSthBAZhliMjtG_zZtyX6EWJ-K2fhTxSR9BaHfhiQ5C_1OdURI7_hl1LMKUygMnYl39QZ7QrV2Xc5-EkKwtj2i9g_UNmJRZaw0ZLK9U2Ul0&t=7d5986a

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.118.164.119 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6cdd41c07788c24ec2eea773b1467dfe65ce90a620106d29b2ea9d9a22b5bab7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' outlook.office365.com outlook.office.com
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /portal/ScriptResource.axd?d=LQ1q2RBSthBAZhliMjtG_zZtyX6EWJ-K2fhTxSR9BaHfhiQ5C_1OdURI7_hl1LMKUygMnYl39QZ7QrV2Xc5-EkKwtj2i9g_UNmJRZaw0ZLK9U2Ul0&t=7d5986a
pragma: no-cache
cookie: ASP.NET_SessionId=dyfu1e3wemtr0yjeq14uq5di; PORTALTRACEID=7b0048ef-b103-494f-b83f-6c3577281940
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: services.bellefieldcloud.com
referer: https://services.bellefieldcloud.com/portal/Public/Login.aspx?ReturnUrl=%2fportal%2fUser%2fSingleSignOn%2fJWTGenerator.aspx%3fr%3docglive.bellefieldcloud.com%2f%3fs%3d5298%26navTo%3d%2ftimekeeper%2ftask%2f7a0f8dd0-db14-11ea-ad9a-97308cf21958
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://services.bellefieldcloud.com/portal/Public/Login.aspx?ReturnUrl=%2fportal%2fUser%2fSingleSignOn%2fJWTGenerator.aspx%3fr%3docglive.bellefieldcloud.com%2f%3fs%3d5298%26navTo%3d%2ftimekeeper%2ftask%2f7a0f8dd0-db14-11ea-ad9a-97308cf21958
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' outlook.office365.com outlook.office.com
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 24 Jul 2021 13:10:53 GMT
date: Tue, 31 Aug 2021 18:49:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: public
msapplication-config: none
strict-transport-security: max-age=31536000;
content-length: 6327
x-xss-protection: 1; mode=block
expires: Sun, 24 Jul 2022 13:10:53 GMT

GET
H2 200 ScriptResource.axd Show response
services.bellefieldcloud.com/portal/ 8 KB
2 KB 342ms
340ms Script
text/javascript 40.118.164.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://services.bellefieldcloud.com/portal/ScriptResource.axd?d=VOYD8Xe7kQA0lniBYXVpAqDJZW0tgeMoM-3kZbBpnZLG5QRtGs2a5wcqq3_F-Sund9xSuW3sCyo9xX-vLTYRRKDkizf7ZyJNidvJyMCpR4_tDhqF0&t=7d5986a

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.118.164.119 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6b2afbeaebec8c306a47c14214c92d12dca51838721a4b6fbe4b39176d81213d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' outlook.office365.com outlook.office.com
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /portal/ScriptResource.axd?d=VOYD8Xe7kQA0lniBYXVpAqDJZW0tgeMoM-3kZbBpnZLG5QRtGs2a5wcqq3_F-Sund9xSuW3sCyo9xX-vLTYRRKDkizf7ZyJNidvJyMCpR4_tDhqF0&t=7d5986a
pragma: no-cache
cookie: ASP.NET_SessionId=dyfu1e3wemtr0yjeq14uq5di; PORTALTRACEID=7b0048ef-b103-494f-b83f-6c3577281940
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: services.bellefieldcloud.com
referer: https://services.bellefieldcloud.com/portal/Public/Login.aspx?ReturnUrl=%2fportal%2fUser%2fSingleSignOn%2fJWTGenerator.aspx%3fr%3docglive.bellefieldcloud.com%2f%3fs%3d5298%26navTo%3d%2ftimekeeper%2ftask%2f7a0f8dd0-db14-11ea-ad9a-97308cf21958
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://services.bellefieldcloud.com/portal/Public/Login.aspx?ReturnUrl=%2fportal%2fUser%2fSingleSignOn%2fJWTGenerator.aspx%3fr%3docglive.bellefieldcloud.com%2f%3fs%3d5298%26navTo%3d%2ftimekeeper%2ftask%2f7a0f8dd0-db14-11ea-ad9a-97308cf21958
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' outlook.office365.com outlook.office.com
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 24 Jul 2021 13:10:53 GMT
date: Tue, 31 Aug 2021 18:49:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: public
msapplication-config: none
strict-transport-security: max-age=31536000;
content-length: 1499
x-xss-protection: 1; mode=block
expires: Sun, 24 Jul 2022 13:10:53 GMT

GET
H2 200 ScriptResource.axd Show response
services.bellefieldcloud.com/portal/ 7 KB
2 KB 343ms
341ms Script
text/javascript 40.118.164.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://services.bellefieldcloud.com/portal/ScriptResource.axd?d=hOeJu0xhC-uW6Gf8ooKdXhPUn9ocMiyNsNk7iaUIyqtQn0LqGOZej2eUWHBAzLmdVqcNzCsKW3EmUthJV7xjdTkmekA7tOHnZHNtTdsRXTbb_ewJ0&t=7d5986a

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.118.164.119 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f4800fd5a0865d1af7a7461c8fc1384b1de6bdd3308f29eb712e926dbdd0f0b2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' outlook.office365.com outlook.office.com
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /portal/ScriptResource.axd?d=hOeJu0xhC-uW6Gf8ooKdXhPUn9ocMiyNsNk7iaUIyqtQn0LqGOZej2eUWHBAzLmdVqcNzCsKW3EmUthJV7xjdTkmekA7tOHnZHNtTdsRXTbb_ewJ0&t=7d5986a
pragma: no-cache
cookie: ASP.NET_SessionId=dyfu1e3wemtr0yjeq14uq5di; PORTALTRACEID=7b0048ef-b103-494f-b83f-6c3577281940
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: services.bellefieldcloud.com
referer: https://services.bellefieldcloud.com/portal/Public/Login.aspx?ReturnUrl=%2fportal%2fUser%2fSingleSignOn%2fJWTGenerator.aspx%3fr%3docglive.bellefieldcloud.com%2f%3fs%3d5298%26navTo%3d%2ftimekeeper%2ftask%2f7a0f8dd0-db14-11ea-ad9a-97308cf21958
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://services.bellefieldcloud.com/portal/Public/Login.aspx?ReturnUrl=%2fportal%2fUser%2fSingleSignOn%2fJWTGenerator.aspx%3fr%3docglive.bellefieldcloud.com%2f%3fs%3d5298%26navTo%3d%2ftimekeeper%2ftask%2f7a0f8dd0-db14-11ea-ad9a-97308cf21958
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' outlook.office365.com outlook.office.com
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 24 Jul 2021 13:10:53 GMT
date: Tue, 31 Aug 2021 18:49:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: public
msapplication-config: none
strict-transport-security: max-age=31536000;
content-length: 1553
x-xss-protection: 1; mode=block
expires: Sun, 24 Jul 2022 13:10:53 GMT

GET
H2 200 ScriptResource.axd Show response
services.bellefieldcloud.com/portal/ 22 KB
4 KB 344ms
342ms Script
text/javascript 40.118.164.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://services.bellefieldcloud.com/portal/ScriptResource.axd?d=XlV9GqTk6b5uqDuL38kZ4Ou-8FfxK4l2HYPW_bCH-oAFI0hqMKVa5AXZS2MDw6V6MOgOa4JQB1-7AQXC1M9p0CH08CKXVz_DqJ1iifKYav2H2Wod0&t=7d5986a

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.118.164.119 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4f201a9db257558e03914601b1fb3cd538a2b71bddfe58d889ef590fe9e117fe

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' outlook.office365.com outlook.office.com
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /portal/ScriptResource.axd?d=XlV9GqTk6b5uqDuL38kZ4Ou-8FfxK4l2HYPW_bCH-oAFI0hqMKVa5AXZS2MDw6V6MOgOa4JQB1-7AQXC1M9p0CH08CKXVz_DqJ1iifKYav2H2Wod0&t=7d5986a
pragma: no-cache
cookie: ASP.NET_SessionId=dyfu1e3wemtr0yjeq14uq5di; PORTALTRACEID=7b0048ef-b103-494f-b83f-6c3577281940
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: services.bellefieldcloud.com
referer: https://services.bellefieldcloud.com/portal/Public/Login.aspx?ReturnUrl=%2fportal%2fUser%2fSingleSignOn%2fJWTGenerator.aspx%3fr%3docglive.bellefieldcloud.com%2f%3fs%3d5298%26navTo%3d%2ftimekeeper%2ftask%2f7a0f8dd0-db14-11ea-ad9a-97308cf21958
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://services.bellefieldcloud.com/portal/Public/Login.aspx?ReturnUrl=%2fportal%2fUser%2fSingleSignOn%2fJWTGenerator.aspx%3fr%3docglive.bellefieldcloud.com%2f%3fs%3d5298%26navTo%3d%2ftimekeeper%2ftask%2f7a0f8dd0-db14-11ea-ad9a-97308cf21958
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' outlook.office365.com outlook.office.com
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 24 Jul 2021 13:10:53 GMT
date: Tue, 31 Aug 2021 18:49:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: public
msapplication-config: none
strict-transport-security: max-age=31536000;
content-length: 4268
x-xss-protection: 1; mode=block
expires: Sun, 24 Jul 2022 13:10:53 GMT

GET
H2 200 ajax-loader.gif
services.bellefieldcloud.com/portal/Public/Images/ 3 KB
3 KB 195ms
195ms Image
image/gif 40.118.164.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://services.bellefieldcloud.com/portal/Public/Images/ajax-loader.gif

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.118.164.119 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

fd29b3b084cf11160bfc4e99d98a261f2b36bff29113b07367c5204563c5d355

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' outlook.office365.com outlook.office.com
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /portal/Public/Images/ajax-loader.gif
pragma: no-cache
cookie: ASP.NET_SessionId=dyfu1e3wemtr0yjeq14uq5di; PORTALTRACEID=7b0048ef-b103-494f-b83f-6c3577281940
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: services.bellefieldcloud.com
referer: https://services.bellefieldcloud.com/portal/Public/Login.aspx?ReturnUrl=%2fportal%2fUser%2fSingleSignOn%2fJWTGenerator.aspx%3fr%3docglive.bellefieldcloud.com%2f%3fs%3d5298%26navTo%3d%2ftimekeeper%2ftask%2f7a0f8dd0-db14-11ea-ad9a-97308cf21958
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://services.bellefieldcloud.com/portal/Public/Login.aspx?ReturnUrl=%2fportal%2fUser%2fSingleSignOn%2fJWTGenerator.aspx%3fr%3docglive.bellefieldcloud.com%2f%3fs%3d5298%26navTo%3d%2ftimekeeper%2ftask%2f7a0f8dd0-db14-11ea-ad9a-97308cf21958
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' outlook.office365.com outlook.office.com
x-content-type-options: nosniff
last-modified: Fri, 23 Jul 2021 15:11:46 GMT
etag: "4a49cedd57fd71:0"
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache
date: Tue, 31 Aug 2021 18:49:41 GMT
msapplication-config: none
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 3208
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 8 KB
838 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700

Requested by

Host: services.bellefieldcloud.com
URL: https://services.bellefieldcloud.com/portal/Public/BellefieldMain1.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

60fc885e47b0633783b17eaa008a1e5316b8718dcab9fb42940363e386c68c05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://services.bellefieldcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 31 Aug 2021 16:53:08 GMT
server: ESF
date: Tue, 31 Aug 2021 18:49:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 31 Aug 2021 18:49:41 GMT

GET
H2 200 ITKPortalBlue.png
services.bellefieldcloud.com/portal/Public/Images/ 13 KB
13 KB 178ms
178ms Image
image/png 40.118.164.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://services.bellefieldcloud.com/portal/Public/Images/ITKPortalBlue.png

Requested by

Host: services.bellefieldcloud.com
URL: https://services.bellefieldcloud.com/portal/Public/BellefieldMain1.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.118.164.119 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a24996b6f3d3ebbc1f47c9560575bcd2061a40ba46650f5ef47d55c9ee7523c6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' outlook.office365.com outlook.office.com
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /portal/Public/Images/ITKPortalBlue.png
pragma: no-cache
cookie: ASP.NET_SessionId=dyfu1e3wemtr0yjeq14uq5di; PORTALTRACEID=7b0048ef-b103-494f-b83f-6c3577281940
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: services.bellefieldcloud.com
referer: https://services.bellefieldcloud.com/portal/Public/BellefieldMain1.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://services.bellefieldcloud.com/portal/Public/BellefieldMain1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' outlook.office365.com outlook.office.com
x-content-type-options: nosniff
last-modified: Fri, 23 Jul 2021 15:11:47 GMT
etag: "c7c63fed57fd71:0"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: no-cache
date: Tue, 31 Aug 2021 18:49:41 GMT
msapplication-config: none
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 13169
x-xss-protection: 1; mode=block

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v23/ 14 KB
14 KB 5ms
5ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v23/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://services.bellefieldcloud.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 01:46:58 GMT
x-content-type-options: nosniff
age: 493363
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:23:25 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Aug 2022 01:46:58 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v23/ 15 KB
15 KB 5ms
5ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://services.bellefieldcloud.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 11:32:02 GMT
x-content-type-options: nosniff
age: 285459
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15112
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:23:34 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Aug 2022 11:32:02 GMT

GET
H2 200 Aderant_Footer_Blue.png
services.bellefieldcloud.com/portal/Public/Images/ 11 KB
11 KB 199ms
199ms Image
image/png 40.118.164.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://services.bellefieldcloud.com/portal/Public/Images/Aderant_Footer_Blue.png

Requested by

Host: services.bellefieldcloud.com
URL: https://services.bellefieldcloud.com/portal/Public/BellefieldMain1.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.118.164.119 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1e2eb47cf303f8b82a6f850719511de4172f28429db63e2732197e60241a88ca

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' outlook.office365.com outlook.office.com
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /portal/Public/Images/Aderant_Footer_Blue.png
pragma: no-cache
cookie: ASP.NET_SessionId=dyfu1e3wemtr0yjeq14uq5di; PORTALTRACEID=7b0048ef-b103-494f-b83f-6c3577281940
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: services.bellefieldcloud.com
referer: https://services.bellefieldcloud.com/portal/Public/BellefieldMain1.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://services.bellefieldcloud.com/portal/Public/BellefieldMain1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' outlook.office365.com outlook.office.com
x-content-type-options: nosniff
last-modified: Fri, 23 Jul 2021 15:11:46 GMT
etag: "8953bfdd57fd71:0"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: no-cache
date: Tue, 31 Aug 2021 18:49:41 GMT
msapplication-config: none
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 11238
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

135 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			services.bellefieldcloud.com/	1969-12-31 23:59:59	Name: PORTALTRACEID Value: 7b0048ef-b103-494f-b83f-6c3577281940
			services.bellefieldcloud.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: dyfu1e3wemtr0yjeq14uq5di

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ablinks.itimekeep.bellefield.com
cdn.ckeditor.com
cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
ocglive.bellefieldcloud.com
secure.aadcdn.microsoftonline-p.com
services.bellefieldcloud.com
104.42.78.153
167.89.118.52
2001:4de0:ac18::1:a:3a
205.234.175.175
2606:4700::6810:125e
2606:4700::6810:135e
2606:4700::6812:bcf
2a00:1450:4001:813::200a
2a00:1450:4001:82f::2003
2a02:26f0:6c00:2a7::35c1
40.118.164.119
0a3174020a8ed2f03872df7f5083f5cdbd782763a8022b01a88edcd0205c3857
1886bc561dec7c44a7541d82377ad81a40ff32496f32ad259884f0790c44d6a5
1b3068f985b0c1d75fc9efbe162d26b35f5191118809a3aa8641c0829b469f54
1e2eb47cf303f8b82a6f850719511de4172f28429db63e2732197e60241a88ca
26fcbffd33c63d15d97e0839b2b3606e6eb86fa58c7641b289544f02e5b9fca9
351064c4585c86aa016649d1e4fde71419edc20a9b1d5c533679381aa0cde8d5
398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
416a3b2c3bf16d64f6b5b6d0f7b079df2267614dd6847fc2f3271b4409233c37
4414722890ed44d6ef1ad43a9e4740a72ae1549d35be2452df2df0dbb233d06e
4f201a9db257558e03914601b1fb3cd538a2b71bddfe58d889ef590fe9e117fe
4ff9de1d1e2d4e9c4ffab3ca34f8ad8519615ccee0365951a122bddb955b5f0f
5eccf1c29967e60828d5d6286ffb68d543bdeff2fba7402ccb5b9f44b9d180d3
60fc885e47b0633783b17eaa008a1e5316b8718dcab9fb42940363e386c68c05
66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c
6b2afbeaebec8c306a47c14214c92d12dca51838721a4b6fbe4b39176d81213d
6b77e3ec5f746d1a7d6f25df3b61de91f82d6e0b938a2f33e5f4f48c3e00e90d
6cdd41c07788c24ec2eea773b1467dfe65ce90a620106d29b2ea9d9a22b5bab7
738101773722a25cd2becd1cd7d26627d69247d5e4ec8c14f3168f980b945300
85e3cb7ef4cff77cb503c4bc7d68d50780657975da694b3f988a791d85953ecc
8e95b881702116fa860c3e41ef7ebaac83c3ecf0db026aaae023b46671db74ce
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398
a24996b6f3d3ebbc1f47c9560575bcd2061a40ba46650f5ef47d55c9ee7523c6
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a7d81d560406d85bf8992cc95f7eb5491ecfc31401340eebcd4810579f5cf45d
c29095adeab0840f0495ebb337c8a5d4fc795750f8e8caf8fe59a30cefbb25f3
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
cd439da677cfeb4ace5db3902e70c419d4d3e1cf9376127cffaf08748f778f0f
d4d19f0fb634296b2d6238acd844a6c6365e9ab8a88144b44d4e48b17ba9a0a6
d9b2fe47829128ad00ad322ce1773f608ad6f2f2c6c92b6508284a221056cca0
e34ce468bfcfb5052d617117ad8973f12bc9e5e6012d217e85575d16a7d354de
e6a1a7fd6b3fdf7fe37860890ee7000bec4aa3c2b30f35ccdf337db7077c5a19
e82901f6126053393f563a201060f66070878113066109b6b0223a3e7a1131e6
ef9453f74b2617d43dcef4242cf5845101fcfb57289c81bceb20042b0023a192
f3c506031213cef52b137254e8ca19c84e46631ddd18fa38256491743d7958ae
f4800fd5a0865d1af7a7461c8fc1384b1de6bdd3308f29eb712e926dbdd0f0b2
fd29b3b084cf11160bfc4e99d98a261f2b36bff29113b07367c5204563c5d355

services.bellefieldcloud.com Open in urlscan Pro 40.118.164.119 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

38 Requests

100 %HTTPS

64 %IPv6

9 Domains

10 Subdomains

10 IPs

3 Countries

7710 kBTransfer

9360 kBSize

2 Cookies

3 Outgoing links

Page URL History

Redirected requests

38 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

services.bellefieldcloud.com Open in urlscan Pro
40.118.164.119 Public Scan

Screenshot
Live screenshot

Full Image

38
Requests

100 %
HTTPS

64 %
IPv6

9
Domains

10
Subdomains

10
IPs

3
Countries

7710 kB
Transfer

9360 kB
Size

2
Cookies

38 HTTP transactions
0 data transactions