login.secure.ninetyone.com Open in urlscan Pro
2606:4700::6812:1ea7 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://imsonline.secure.ninetyone.com/
Effective URL:
https://login.secure.ninetyone.com/login?state=hKFo2SBiTnRjZ2JXaGo3SVdaWUVtRzREelQ2N0JGYUYwWjlMMKFupWxvZ2luo3RpZNkgdXVLWTR1cWpkWkFQ...
Submission: On January 31 via automatic, source certstream-suspicious (January 31st 2022, 9:06:16 pm UTC) — Scanned from DE

Summary HTTP 31 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 8 domains to perform 31 HTTP transactions. The main IP is 2606:4700::6812:1ea7, located in United States and belongs to CLOUDFLARENET, US. The main domain is login.secure.ninetyone.com.
TLS certificate: Issued by Trusted Secure Certificate Authority 5 on February 20th 2020. Valid for: 2 years.

This is the only time login.secure.ninetyone.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 14	2606:4700::68... 2606:4700::6812:1ea7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a04:4e42:600... 2a04:4e42:600::622	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
3	13.69.106.217 13.69.106.217	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
2	143.204.209.119 143.204.209.119	16509 (AMAZON-02) (AMAZON-02)
1	2620:1ec:bdf::69 2620:1ec:bdf::69	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
31	9

14 2606:4700::6812:1ea7 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

imsonline.secure.ninetyone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
online.secure.ninetyone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
login.secure.ninetyone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:600::622 (United States)

ASN54113 (FASTLY, US)

fast.appcues.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.69.106.217 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.209.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-209-119.fra53.r.cloudfront.net

cdn.auth0.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:bdf::69 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

cdn-ninetyone-webartefacts.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	ninetyone.com 2 redirects imsonline.secure.ninetyone.com online.secure.ninetyone.com login.secure.ninetyone.com	1 MB
3	visualstudio.com dc.services.visualstudio.com — Cisco Umbrella Rank: 887
3	appcues.com fast.appcues.com — Cisco Umbrella Rank: 5673	122 KB
2	auth0.com cdn.auth0.com — Cisco Umbrella Rank: 11207	233 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	20 KB
2	googleapis.com maps.googleapis.com — Cisco Umbrella Rank: 380	53 KB
1	azureedge.net cdn-ninetyone-webartefacts.azureedge.net	20 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	36 KB
31	8

	Domain	Requested by
8	online.secure.ninetyone.com	online.secure.ninetyone.com
5	login.secure.ninetyone.com	1 redirects online.secure.ninetyone.com cdn.auth0.com
3	dc.services.visualstudio.com	online.secure.ninetyone.com
3	fast.appcues.com	online.secure.ninetyone.com fast.appcues.com
2	cdn.auth0.com	login.secure.ninetyone.com cdn.auth0.com
2	www.google-analytics.com	www.googletagmanager.com online.secure.ninetyone.com
2	maps.googleapis.com	online.secure.ninetyone.com
1	cdn-ninetyone-webartefacts.azureedge.net	login.secure.ninetyone.com
1	www.googletagmanager.com	online.secure.ninetyone.com
1	imsonline.secure.ninetyone.com	1 redirects
31	10

This site contains no links.

Subject Issuer	Validity	Valid
imsonline.secure.ninetyone.com Trusted Secure Certificate Authority 5	`2020-02-20` - `2022-02-19`	2 years	crt.sh
fast.appcues.com GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-01-28` - `2023-03-01`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
in.applicationinsights.azure.com Microsoft RSA TLS CA 01	`2021-07-22` - `2022-07-22`	a year	crt.sh
*.auth0.com Amazon	`2021-04-25` - `2022-05-24`	a year	crt.sh
*.azureedge.net Microsoft Azure TLS Issuing CA 06	`2021-12-28` - `2022-12-23`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://login.secure.ninetyone.com/login?state=hKFo2SBiTnRjZ2JXaGo3SVdaWUVtRzREelQ2N0JGYUYwWjlMMKFupWxvZ2luo3RpZNkgdXVLWTR1cWpkWkFQQ3V6Mzl4WG5reUhmYXBIeEJCbDOjY2lk2SBYR1ZNQ0QwclV4VGRLRkMxVkdNUjZZRUQwZzhHajFybw&client=XGVMCD0rUxTdKFC1VGMR6YED0g8Gj1ro&protocol=oauth2&response_type=token%20id_token&redirect_uri=https%3A%2F%2Fonline.secure.ninetyone.com%2Flogin%3FpreviousPage%3D%252F&audience=https%3A%2F%2Flogin.secure.ninetyone.com%2Fapi&nonce=iTaEsGquPaStRc_v0dnYH9hO-aMA-G2L&scope=openid%20profile%20email&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNy4wIn0%3D
Frame ID: DECB608EA95C246E8354B46913D18E4D
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Welcome to Ninety One Online

Page URL History Show full URLs

https://imsonline.secure.ninetyone.com/ HTTP 301
https://online.secure.ninetyone.com/ Page URL
https://login.secure.ninetyone.com/authorize?client_id=XGVMCD0rUxTdKFC1VGMR6YED0g8Gj1ro&response_type=token%20i... HTTP 302
https://login.secure.ninetyone.com/login?state=hKFo2SBiTnRjZ2JXaGo3SVdaWUVtRzREelQ2N0JGYUYwWjlMMKFupWxvZ2luo3Rp... Page URL

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Auth0 Lock (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/lock/([\d.]+)/lock(?:.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

31
Requests

84 %
HTTPS

75 %
IPv6

8
Domains

10
Subdomains

9
IPs

3
Countries

1537 kB
Transfer

4640 kB
Size

11
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://imsonline.secure.ninetyone.com/ HTTP 301
https://online.secure.ninetyone.com/ Page URL
https://login.secure.ninetyone.com/authorize?client_id=XGVMCD0rUxTdKFC1VGMR6YED0g8Gj1ro&response_type=token%20id_token&redirect_uri=https%3A%2F%2Fonline.secure.ninetyone.com%2Flogin%3FpreviousPage%3D%252F&audience=https%3A%2F%2Flogin.secure.ninetyone.com%2Fapi&state=yHKonpTBrPZMJ-KA6yTj_BwjDP~qUXQi&nonce=iTaEsGquPaStRc_v0dnYH9hO-aMA-G2L&scope=openid%20profile%20email&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNy4wIn0%3D HTTP 302
https://login.secure.ninetyone.com/login?state=hKFo2SBiTnRjZ2JXaGo3SVdaWUVtRzREelQ2N0JGYUYwWjlMMKFupWxvZ2luo3RpZNkgdXVLWTR1cWpkWkFQQ3V6Mzl4WG5reUhmYXBIeEJCbDOjY2lk2SBYR1ZNQ0QwclV4VGRLRkMxVkdNUjZZRUQwZzhHajFybw&client=XGVMCD0rUxTdKFC1VGMR6YED0g8Gj1ro&protocol=oauth2&response_type=token%20id_token&redirect_uri=https%3A%2F%2Fonline.secure.ninetyone.com%2Flogin%3FpreviousPage%3D%252F&audience=https%3A%2F%2Flogin.secure.ninetyone.com%2Fapi&nonce=iTaEsGquPaStRc_v0dnYH9hO-aMA-G2L&scope=openid%20profile%20email&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNy4wIn0%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://imsonline.secure.ninetyone.com/ HTTP 301
https://online.secure.ninetyone.com/

31 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
online.secure.ninetyone.com/
Redirect Chain

https://imsonline.secure.ninetyone.com/
https://online.secure.ninetyone.com/

3 KB
2 KB

177ms
129ms

Document
text/html

2606:4700::6812:1ea7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://online.secure.ninetyone.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1ea7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

bb6880f46ee3dd3945241266953229ce7023013f3926459bfa8691ac2010f12d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 31 Jan 2022 21:06:11 GMT
content-type: text/html
last-modified: Thu, 27 Jan 2022 16:01:34 GMT
vary: Accept-Encoding
request-context: appId=cid-v1:d9435927-841d-4766-b655-0a669d806715
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: Strict-origin-when-cross-origin
content-security-policy: frame-ancestors 'self'
x-frame-options: SAMEORIGIN
access-control-expose-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6d65e7037f5a9293-FRA
content-encoding: gzip

Redirect headers

date: Mon, 31 Jan 2022 21:06:11 GMT
location: https://online.secure.ninetyone.com
cache-control: max-age=3600
expires: Mon, 31 Jan 2022 22:06:11 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 6d65e7030e679293-FRA

GET
H2 200 93947.js Show response
fast.appcues.com/ 31 KB
6 KB 61ms
12ms Script
text/javascript 2a04:4e42:600::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.appcues.com/93947.js
Requested by: Host: online.secure.ninetyone.com
URL: https://online.secure.ninetyone.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 8960a9643964d8af0477c0c7d83f4885de68694c548d763850dc3484a755b93d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://online.secure.ninetyone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 21:06:11 GMT
content-encoding: gzip
age: 7
x-cache: HIT
content-length: 6095
x-request-id: Fs928H9cWBdxQnvQX9qC
x-served-by: cache-hhn4042-HHN
access-control-allow-origin: *
server: Cowboy
x-timer: S1643663171.313644,VS0,VE1
vary: accept-encoding, Accept-Encoding
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
access-control-expose-headers
cache-control: max-age=120,public
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Authorization
x-cache-hits: 1

GET
H2 200 runtime.62e1001b840a913ac9e2.js Show response
online.secure.ninetyone.com/ 6 KB
5 KB 46ms
46ms Script
application/javascript 2606:4700::6812:1ea7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://online.secure.ninetyone.com/runtime.62e1001b840a913ac9e2.js

Requested by

Host: online.secure.ninetyone.com
URL: https://online.secure.ninetyone.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1ea7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

da556adb5c106561ceaaa0051721c7eef846de055618bb1bb2fcc0f5ff986f8f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://online.secure.ninetyone.com/
Origin: https://online.secure.ninetyone.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 21:06:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 8
x-powered-by: ASP.NET
vary: Accept-Encoding
content-length: 4769
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:d9435927-841d-4766-b655-0a669d806715
referrer-policy: Strict-origin-when-cross-origin
last-modified: Thu, 27 Jan 2022 16:01:34 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "1d8139728079ab0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: https://online.secure.ninetyone.com
access-control-expose-headers: *
cache-control: public, max-age=14400
content-security-policy: frame-ancestors 'self'
accept-ranges: bytes
cf-ray: 6d65e70469c39293-FRA
expires: Tue, 01 Feb 2022 01:06:11 GMT

GET
H2 200 polyfills.0ea6ff02f58e293416ef.js Show response
online.secure.ninetyone.com/ 95 KB
41 KB 28ms
27ms Script
application/javascript 2606:4700::6812:1ea7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://online.secure.ninetyone.com/polyfills.0ea6ff02f58e293416ef.js

Requested by

Host: online.secure.ninetyone.com
URL: https://online.secure.ninetyone.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1ea7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

cf5892506194a5398d6fa8692a10060fa16c26a8b0bbb4b0351f096558b3325c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://online.secure.ninetyone.com/
Origin: https://online.secure.ninetyone.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 21:06:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 8
x-powered-by: ASP.NET
vary: Accept-Encoding
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:d9435927-841d-4766-b655-0a669d806715
referrer-policy: Strict-origin-when-cross-origin
last-modified: Thu, 27 Jan 2022 16:01:34 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "1d813972806ffe8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: https://online.secure.ninetyone.com
access-control-expose-headers: *
cache-control: public, max-age=14400
content-security-policy: frame-ancestors 'self'
cf-ray: 6d65e70469c49293-FRA
expires: Tue, 01 Feb 2022 01:06:11 GMT

GET
H2 200 main.b1e2528a669e927c5f9a.js Show response
online.secure.ninetyone.com/ 3 MB
896 KB 37ms
36ms Script
application/javascript 2606:4700::6812:1ea7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://online.secure.ninetyone.com/main.b1e2528a669e927c5f9a.js

Requested by

Host: online.secure.ninetyone.com
URL: https://online.secure.ninetyone.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1ea7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

0933c9bf5b16de5808a5507879645242d2c39839c67ba380c20334dbaeeaa65e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://online.secure.ninetyone.com/
Origin: https://online.secure.ninetyone.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 21:06:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 8
x-powered-by: ASP.NET
vary: Accept-Encoding
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:d9435927-841d-4766-b655-0a669d806715
referrer-policy: Strict-origin-when-cross-origin
last-modified: Thu, 27 Jan 2022 16:01:34 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "1d81397282d8e6c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: https://online.secure.ninetyone.com
access-control-expose-headers: *
cache-control: public, max-age=14400
content-security-policy: frame-ancestors 'self'
cf-ray: 6d65e70469c59293-FRA
expires: Tue, 01 Feb 2022 01:06:11 GMT

GET
H2 200 styles.dfc727228b488bb1ec9a.css
online.secure.ninetyone.com/ 179 KB
36 KB 26ms
26ms Stylesheet
text/css 2606:4700::6812:1ea7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://online.secure.ninetyone.com/styles.dfc727228b488bb1ec9a.css

Requested by

Host: online.secure.ninetyone.com
URL: https://online.secure.ninetyone.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1ea7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

c70d4d70d0026d937626054f94237dc843fdad4bc318403475a36b869d46c205

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://online.secure.ninetyone.com/
Origin: https://online.secure.ninetyone.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 21:06:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 8
x-powered-by: ASP.NET
vary: Accept-Encoding
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:d9435927-841d-4766-b655-0a669d806715
referrer-policy: Strict-origin-when-cross-origin
last-modified: Thu, 27 Jan 2022 16:01:34 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "1d8139728054823"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: https://online.secure.ninetyone.com
access-control-expose-headers: *
cache-control: public, max-age=14400
content-security-policy: frame-ancestors 'self'
cf-ray: 6d65e70469c89293-FRA
expires: Tue, 01 Feb 2022 01:06:11 GMT

GET
H2 200 NinetyOneVisuelt-Light.woff2
online.secure.ninetyone.com/assets/fonts/ 53 KB
53 KB 37ms
37ms Font
font/woff2 2606:4700::6812:1ea7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://online.secure.ninetyone.com/assets/fonts/NinetyOneVisuelt-Light.woff2

Requested by

Host: online.secure.ninetyone.com
URL: https://online.secure.ninetyone.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1ea7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

1f3fd1dc541889b79998db2e715f9b24b2a6816b8ad2c79754e874854ce93e62

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://online.secure.ninetyone.com/
Origin: https://online.secure.ninetyone.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 21:06:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 8
x-powered-by: ASP.NET
vary: Accept-Encoding
content-length: 53976
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:d9435927-841d-4766-b655-0a669d806715
referrer-policy: Strict-origin-when-cross-origin
last-modified: Thu, 27 Jan 2022 16:01:33 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "1d81397276e3e58"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
access-control-allow-origin: https://online.secure.ninetyone.com
access-control-expose-headers: *
cache-control: public, max-age=14400
content-security-policy: frame-ancestors 'self'
accept-ranges: bytes
cf-ray: 6d65e70469cf9293-FRA
expires: Tue, 01 Feb 2022 01:06:11 GMT

GET
H2 200 appcues.main.37384c2b6bf9071123ec52f164f41ebd664a00d9.js Show response
fast.appcues.com/generic/main/4.32.15/ 403 KB
113 KB 21ms
6ms Script
application/javascript 2a04:4e42:600::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.appcues.com/generic/main/4.32.15/appcues.main.37384c2b6bf9071123ec52f164f41ebd664a00d9.js
Requested by: Host: fast.appcues.com
URL: https://fast.appcues.com/93947.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dc7d78efca4a400fd705e314bb696a8021593e9cc39469456a8e77ba3b100bc6

Request headers

Referer: https://online.secure.ninetyone.com/
Origin: https://online.secure.ninetyone.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 21:06:11 GMT
content-encoding: gzip
age: 456864
via: 1.1 varnish
x-cache: HIT
content-length: 115642
x-amz-id-2: beW+TBrxEuf9FE/ywhn1bsG0UBXtFlSnKbK4AggZd5961HBzimjWtO7QiWMbgPPEeOEQKDSkeBA=
x-served-by: cache-hhn4074-HHN
timing-allow-origin: *
last-modified: Wed, 26 Jan 2022 14:10:09 GMT
server: AmazonS3
x-timer: S1643663171.359031,VS0,VE0
etag: "7fe4765cc79a33c2ad367e2d055f069c"
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
x-amz-request-id: Q9BPHAGVY00NVTKV
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
access-control-allow-headers: X-Requested-With,Authorization
x-cache-hits: 34754

GET
H2 200 Config Show response
online.secure.ninetyone.com/api/ 2 KB
1 KB 439ms
439ms Fetch
application/json 2606:4700::6812:1ea7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://online.secure.ninetyone.com/api/Config

Requested by

Host: online.secure.ninetyone.com
URL: https://online.secure.ninetyone.com/polyfills.0ea6ff02f58e293416ef.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1ea7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

6852fe290cf2e4e62a0aff85cb099885a7501487cbf5a0866c0cf1e151baba19

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://online.secure.ninetyone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 21:06:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-powered-by: ASP.NET
vary: Accept-Encoding
content-length: 1347
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:d9435927-841d-4766-b655-0a669d806715
referrer-policy: Strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-expose-headers: *
content-security-policy: frame-ancestors 'self'
cf-ray: 6d65e705dd319293-FRA

GET
H2 200 container.37384c2b6bf9071123ec52f164f41ebd664a00d9.css
fast.appcues.com/generic/main/4.32.15/ 15 KB
2 KB 16ms
15ms Stylesheet
text/css 2a04:4e42:600::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.appcues.com/generic/main/4.32.15/container.37384c2b6bf9071123ec52f164f41ebd664a00d9.css
Requested by: Host: fast.appcues.com
URL: https://fast.appcues.com/generic/main/4.32.15/appcues.main.37384c2b6bf9071123ec52f164f41ebd664a00d9.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d4c676ed415cb16654c1309c8c2ee790db12f4a5ae5efb675a595ddd31a6a9e3

Request headers

Referer: https://online.secure.ninetyone.com/
Origin: https://online.secure.ninetyone.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 21:06:11 GMT
content-encoding: gzip
age: 456861
via: 1.1 varnish
x-cache: HIT
content-length: 2029
x-amz-id-2: s3KgTyKX48BB8OFa08bT0eWGwhleJYNPv30uKDtIxxflsC0K9PI6ZcIx5b4ETgIP2SZYGDbzbYs=
x-served-by: cache-hhn4074-HHN
timing-allow-origin: *
last-modified: Wed, 26 Jan 2022 14:10:09 GMT
server: AmazonS3
x-timer: S1643663172.600258,VS0,VE0
etag: "c8a48e77946e446dc42162494c5a4ed7"
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
x-amz-request-id: 5BSV322WFGK6PBSW
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
content-type: text/css; charset=utf-8;
access-control-allow-headers: X-Requested-With,Authorization
x-cache-hits: 33408

GET
H2 200 js
maps.googleapis.com/maps/api/ 161 KB
53 KB 148ms
66ms Script
text/javascript 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?libraries=places&locationbias=ipbias&key=AIzaSyC9YsQCoXZQ2UStUJovHrj0iggvELsOj-A

Requested by

Host: online.secure.ninetyone.com
URL: https://online.secure.ninetyone.com/main.b1e2528a669e927c5f9a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://online.secure.ninetyone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 21:06:12 GMT
content-encoding: gzip
vary: Accept-Language
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=20
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53720
x-xss-protection: 0
expires: Mon, 31 Jan 2022 21:36:12 GMT

GET
H2 200 js
www.googletagmanager.com/gtag/ 90 KB
36 KB 139ms
54ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-136337531-2

Requested by

Host: online.secure.ninetyone.com
URL: https://online.secure.ninetyone.com/main.b1e2528a669e927c5f9a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://online.secure.ninetyone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 21:06:12 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36117
x-xss-protection: 0
expires: Mon, 31 Jan 2022 21:06:12 GMT

GET
H2 200 1894.c7715b8c1f8dcfe43172.js Show response
online.secure.ninetyone.com/ 881 B
720 B 32ms
32ms Script
application/javascript 2606:4700::6812:1ea7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://online.secure.ninetyone.com/1894.c7715b8c1f8dcfe43172.js

Requested by

Host: online.secure.ninetyone.com
URL: https://online.secure.ninetyone.com/runtime.62e1001b840a913ac9e2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1ea7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

c91e73b2959138ecd9456db66ca43c6474115712557c0004db31890f2cd312db

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://online.secure.ninetyone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 21:06:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 8
x-powered-by: ASP.NET
vary: Accept-Encoding
content-length: 587
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:d9435927-841d-4766-b655-0a669d806715
referrer-policy: Strict-origin-when-cross-origin
last-modified: Thu, 27 Jan 2022 16:01:33 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "1d81397276eeff1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-expose-headers: *
cache-control: public, max-age=14400
content-security-policy: frame-ancestors 'self'
accept-ranges: bytes
cf-ray: 6d65e708ed1d9293-FRA
expires: Tue, 01 Feb 2022 01:06:12 GMT

OPTIONS
H2 200 track
dc.services.visualstudio.com/v2/ 0
0 482ms
15ms Preflight 13.69.106.217
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.106.217 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,sdk-context
Origin: https://online.secure.ninetyone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-methods: POST
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-origin: *
access-control-max-age: 3600
x-content-type-options: nosniff
date: Mon, 31 Jan 2022 21:06:12 GMT
content-length: 0

POST track
dc.services.visualstudio.com/v2/ 0
0

GET
H2

200

Primary Request login Show response
login.secure.ninetyone.com/
Redirect Chain

https://login.secure.ninetyone.com/authorize?client_id=XGVMCD0rUxTdKFC1VGMR6YED0g8Gj1ro&response_type=token%20id_token&redirect_uri=https%3A%2F%2Fonline.secure.ninetyone.com%2Flogin%3FpreviousPage%...
https://login.secure.ninetyone.com/login?state=hKFo2SBiTnRjZ2JXaGo3SVdaWUVtRzREelQ2N0JGYUYwWjlMMKFupWxvZ2luo3RpZNkgdXVLWTR1cWpkWkFQQ3V6Mzl4WG5reUhmYXBIeEJCbDOjY2lk2SBYR1ZNQ0QwclV4VGRLRkMxVkdNUjZZRU...

18 KB
18 KB

218ms
218ms

Document
text/html

2606:4700::6812:1ea7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.secure.ninetyone.com/login?state=hKFo2SBiTnRjZ2JXaGo3SVdaWUVtRzREelQ2N0JGYUYwWjlMMKFupWxvZ2luo3RpZNkgdXVLWTR1cWpkWkFQQ3V6Mzl4WG5reUhmYXBIeEJCbDOjY2lk2SBYR1ZNQ0QwclV4VGRLRkMxVkdNUjZZRUQwZzhHajFybw&client=XGVMCD0rUxTdKFC1VGMR6YED0g8Gj1ro&protocol=oauth2&response_type=token%20id_token&redirect_uri=https%3A%2F%2Fonline.secure.ninetyone.com%2Flogin%3FpreviousPage%3D%252F&audience=https%3A%2F%2Flogin.secure.ninetyone.com%2Fapi&nonce=iTaEsGquPaStRc_v0dnYH9hO-aMA-G2L&scope=openid%20profile%20email&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNy4wIn0%3D

Requested by

Host: online.secure.ninetyone.com
URL: https://online.secure.ninetyone.com/main.b1e2528a669e927c5f9a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1ea7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dec1208496b3602794df02c6c403fbdcfaa0598038023d366b5daed984b68fb3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://online.secure.ninetyone.com/

Response headers

date: Mon, 31 Jan 2022 21:06:12 GMT
content-type: text/html; charset=utf-8
cf-ray: 6d65e70af9bc9293-FRA
cache-control: no-store, max-age=0, no-transform
etag: W/"4741-Ge571qRzzsqwBOTV00oljWbTbn4"
strict-transport-security: max-age=31536000
vary: Accept-Encoding
cf-cache-status: DYNAMIC
cname-api-key: 76ce6fa90beea6d5ca8556010a911bda8a3273ae142fe3dedb750d93e95cef70
content-security-policy: frame-ancestors 'none'
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ot-baggage-auth0-request-id: 6d65e70b27999293
ot-tracer-sampled: true
ot-tracer-spanid: 7aa6ca5d16e51673
ot-tracer-traceid: 0396e70554f53a57
pragma: no-cache
referrer-policy: same-origin
x-auth0-requestid: 223e991f810adf94beda
x-content-type-options: nosniff
x-frame-options: deny
x-ratelimit-limit: 300
x-ratelimit-remaining: 299
x-ratelimit-reset: 1643663173
x-robots-tag: noindex, nofollow
x-xss-protection: 1; mode=block
server: cloudflare

Redirect headers

date: Mon, 31 Jan 2022 21:06:12 GMT
content-type: text/html; charset=utf-8
content-length: 1190
location: /login?state=hKFo2SBiTnRjZ2JXaGo3SVdaWUVtRzREelQ2N0JGYUYwWjlMMKFupWxvZ2luo3RpZNkgdXVLWTR1cWpkWkFQQ3V6Mzl4WG5reUhmYXBIeEJCbDOjY2lk2SBYR1ZNQ0QwclV4VGRLRkMxVkdNUjZZRUQwZzhHajFybw&client=XGVMCD0rUxTdKFC1VGMR6YED0g8Gj1ro&protocol=oauth2&response_type=token%20id_token&redirect_uri=https%3A%2F%2Fonline.secure.ninetyone.com%2Flogin%3FpreviousPage%3D%252F&audience=https%3A%2F%2Flogin.secure.ninetyone.com%2Fapi&nonce=iTaEsGquPaStRc_v0dnYH9hO-aMA-G2L&scope=openid%20profile%20email&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNy4wIn0%3D
cf-ray: 6d65e7098ead9293-FRA
cache-control: no-store, max-age=0, no-transform
strict-transport-security: max-age=31536000
vary: Accept, Accept-Encoding
cf-cache-status: DYNAMIC
cname-api-key: 76ce6fa90beea6d5ca8556010a911bda8a3273ae142fe3dedb750d93e95cef70
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ot-baggage-auth0-request-id: 6d65e709c6aa9293
ot-tracer-sampled: true
ot-tracer-spanid: 0b2d731a77ca2c5f
ot-tracer-traceid: 35314be34ce457c1
pragma: no-cache
x-auth0-requestid: e88f23ef68b475d10c70
x-content-type-options: nosniff
x-ratelimit-limit: 300
x-ratelimit-remaining: 299
x-ratelimit-reset: 1643663173
server: cloudflare

OPTIONS
H2 200 track
dc.services.visualstudio.com/v2/ 0
0 452ms
15ms Preflight 13.69.106.217
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.106.217 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,sdk-context
Origin: https://online.secure.ninetyone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-methods: POST
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-origin: *
access-control-max-age: 3600
x-content-type-options: nosniff
date: Mon, 31 Jan 2022 21:06:12 GMT
content-length: 0

POST track
dc.services.visualstudio.com/v2/ 0
0

GET
H2 200 analytics.js
www.google-analytics.com/ 49 KB
20 KB 123ms
36ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-136337531-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://online.secure.ninetyone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5478
date: Mon, 31 Jan 2022 19:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 31 Jan 2022 21:34:54 GMT

OPTIONS
H3 403 gen_204
maps.googleapis.com/maps/api/mapsjs/ 0
0 94ms
47ms Preflight
text/html 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: traceparent
Origin: https://online.secure.ninetyone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 31 Jan 2022 21:06:12 GMT
content-type: text/html; charset=UTF-8
server: scaffolding on HTTPServer2
content-length: 1616
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET gen_204
maps.googleapis.com/maps/api/mapsjs/ 0
0

OPTIONS
H3 200 collect
www.google-analytics.com/j/ 0
0 93ms
46ms Preflight
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1412621991&t=pageview&_s=1&dl=https%3A%2F%2Fonline.secure.ninetyone.com%2Flogin%3FpreviousPage%3D%252F&ul=en-us&de=UTF-8&dt=Ninety%20One%20SA%20Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=334748553&gjid=1818625366&cid=81247367.1643663172&tid=UA-136337531-2&_gid=55746042.1643663172&_r=1&gtm=2ou1q0&z=1615152365

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: traceparent
Origin: https://online.secure.ninetyone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: *
date: Mon, 31 Jan 2022 21:06:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST collect
www.google-analytics.com/j/ 0
0

OPTIONS
H2 200 track
dc.services.visualstudio.com/v2/ 0
0 15ms
14ms Preflight 13.69.106.217
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.106.217 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,sdk-context
Origin: https://online.secure.ninetyone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-methods: POST
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-origin: *
access-control-max-age: 3600
x-content-type-options: nosniff
date: Mon, 31 Jan 2022 21:06:12 GMT
content-length: 0

POST track
dc.services.visualstudio.com/v2/ 0
0

GET
H2 200 lock.min.js Show response
cdn.auth0.com/js/lock/11.26.3/ 817 KB
231 KB 71ms
8ms Script
application/javascript 143.204.209.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.auth0.com/js/lock/11.26.3/lock.min.js
Requested by: Host: login.secure.ninetyone.com
URL: https://login.secure.ninetyone.com/login?state=hKFo2SBiTnRjZ2JXaGo3SVdaWUVtRzREelQ2N0JGYUYwWjlMMKFupWxvZ2luo3RpZNkgdXVLWTR1cWpkWkFQQ3V6Mzl4WG5reUhmYXBIeEJCbDOjY2lk2SBYR1ZNQ0QwclV4VGRLRkMxVkdNUjZZRUQwZzhHajFybw&client=XGVMCD0rUxTdKFC1VGMR6YED0g8Gj1ro&protocol=oauth2&response_type=token%20id_token&redirect_uri=https%3A%2F%2Fonline.secure.ninetyone.com%2Flogin%3FpreviousPage%3D%252F&audience=https%3A%2F%2Flogin.secure.ninetyone.com%2Fapi&nonce=iTaEsGquPaStRc_v0dnYH9hO-aMA-G2L&scope=openid%20profile%20email&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNy4wIn0%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-119.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 866fb4f98f43e3c8124def3f30d32a6d36772e74a969e5618c832768dd92617b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: _4Wbtj0JVuwROJzM30g.uSC0m4t7mmb1
content-encoding: gzip
last-modified: Fri, 14 Aug 2020 19:37:06 GMT
server: AmazonS3
age: 64521
etag: W/"a30a19c70195c1da89a685c2bfc2ff83"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
cache-control: max-age=2628000,public
date: Mon, 31 Jan 2022 03:24:00 GMT
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: dai0-I__ywx7AezTSqsSaDcyMpRtrFYySkKHSqOKT-tNsvpJMy0LYQ==

GET
H2 200 91_Logo_Digital_Ocean_Teal.png
cdn-ninetyone-webartefacts.azureedge.net/auth0/imsonline-prod/ 19 KB
20 KB 179ms
11ms Image
image/png 2620:1ec:bdf::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-ninetyone-webartefacts.azureedge.net/auth0/imsonline-prod/91_Logo_Digital_Ocean_Teal.png
Requested by: Host: login.secure.ninetyone.com
URL: https://login.secure.ninetyone.com/login?state=hKFo2SBiTnRjZ2JXaGo3SVdaWUVtRzREelQ2N0JGYUYwWjlMMKFupWxvZ2luo3RpZNkgdXVLWTR1cWpkWkFQQ3V6Mzl4WG5reUhmYXBIeEJCbDOjY2lk2SBYR1ZNQ0QwclV4VGRLRkMxVkdNUjZZRUQwZzhHajFybw&client=XGVMCD0rUxTdKFC1VGMR6YED0g8Gj1ro&protocol=oauth2&response_type=token%20id_token&redirect_uri=https%3A%2F%2Fonline.secure.ninetyone.com%2Flogin%3FpreviousPage%3D%252F&audience=https%3A%2F%2Flogin.secure.ninetyone.com%2Fapi&nonce=iTaEsGquPaStRc_v0dnYH9hO-aMA-G2L&scope=openid%20profile%20email&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNy4wIn0%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 84ea379505862c553c9f1efc56090897536824627e05603b41be0918912f8836

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.secure.ninetyone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 31 Jan 2022 21:06:12 GMT
last-modified: Thu, 23 Jan 2020 16:10:40 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D7A01ECA84F91F
x-azure-ref: 0RE/4YQAAAAA0e2frtBEdQI5puhZrQDy5RlJBRURHRTEwMDkAZGFkYzYyNDItMjc1ZS00MTM4LTljOWQtMDQ0MmMwNmE3Njdm
x-cache: TCP_HIT
content-type: image/png
x-ms-request-id: 288f06e9-e01e-007a-425d-16c91c000000
x-ms-version: 2009-09-19
x-azure-ref-originshield: 0PU/4YQAAAAA6bAcI5nBvQIbZZYRpyOKFQU1TMDRFREdFMTkxOQBkYWRjNjI0Mi0yNzVlLTQxMzgtOWM5ZC0wNDQyYzA2YTc2N2Y=
content-length: 19948

GET
H2 200 en.js Show response
cdn.auth0.com/js/lock/11.26.3/ 6 KB
3 KB 8ms
8ms Script
application/javascript 143.204.209.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.auth0.com/js/lock/11.26.3/en.js
Requested by: Host: cdn.auth0.com
URL: https://cdn.auth0.com/js/lock/11.26.3/lock.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-119.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f75963df24c9c146b11380a0f1fe36d0e6cbd66594f823d31b751c1df46a2bc4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: qBKMknmjgjJAedw5rMb075fSiYplUPKO
content-encoding: gzip
last-modified: Fri, 14 Aug 2020 19:37:06 GMT
server: AmazonS3
age: 50391
etag: W/"1965f492fc53be98849df127e3928a42"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
cache-control: max-age=2628000,public
date: Mon, 31 Jan 2022 07:06:53 GMT
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: NyxVBGXGjXAwyg0jgQLj0hsl8TsF4pLpzWJiJ6mxc1zSo-ESv8p2UQ==

GET
H2 200 XGVMCD0rUxTdKFC1VGMR6YED0g8Gj1ro.js Show response
login.secure.ninetyone.com/client/ 523 B
616 B 138ms
138ms Script
application/x-javascript 2606:4700::6812:1ea7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.secure.ninetyone.com/client/XGVMCD0rUxTdKFC1VGMR6YED0g8Gj1ro.js?t1643663172729

Requested by

Host: cdn.auth0.com
URL: https://cdn.auth0.com/js/lock/11.26.3/lock.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1ea7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c618f1e35d2bf34bc0cf8bc9ccf8996500c60f16def2e3b4742389cfee0994be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.secure.ninetyone.com/login?state=hKFo2SBiTnRjZ2JXaGo3SVdaWUVtRzREelQ2N0JGYUYwWjlMMKFupWxvZ2luo3RpZNkgdXVLWTR1cWpkWkFQQ3V6Mzl4WG5reUhmYXBIeEJCbDOjY2lk2SBYR1ZNQ0QwclV4VGRLRkMxVkdNUjZZRUQwZzhHajFybw&client=XGVMCD0rUxTdKFC1VGMR6YED0g8Gj1ro&protocol=oauth2&response_type=token%20id_token&redirect_uri=https%3A%2F%2Fonline.secure.ninetyone.com%2Flogin%3FpreviousPage%3D%252F&audience=https%3A%2F%2Flogin.secure.ninetyone.com%2Fapi&nonce=iTaEsGquPaStRc_v0dnYH9hO-aMA-G2L&scope=openid%20profile%20email&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNy4wIn0%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 21:06:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-auth0-requestid: cbd07a45932d8114b0e7
ot-tracer-spanid: 65bfeba413aeddf3
vary: Accept-Encoding
cf-bgj: minify
server: cloudflare
ot-tracer-sampled: true
etag: W/"20b-JdRsrUOrDGlNGeuG1jndLOLmkhM"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/x-javascript; charset=utf-8
ot-tracer-traceid: 38320a4c701011c0
cache-control: public, max-age=14400
ot-baggage-auth0-request-id: 6d65e6e0d6fe9232
cf-ray: 6d65e70d980a9293-FRA
cname-api-key: 76ce6fa90beea6d5ca8556010a911bda8a3273ae142fe3dedb750d93e95cef70
expires: Tue, 01 Feb 2022 01:06:12 GMT

POST
H2 200 challenge Show response
login.secure.ninetyone.com/usernamepassword/ 18 B
270 B 204ms
204ms XHR
application/json 2606:4700::6812:1ea7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.secure.ninetyone.com/usernamepassword/challenge

Requested by

Host: cdn.auth0.com
URL: https://cdn.auth0.com/js/lock/11.26.3/lock.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1ea7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8376431f05ed0574aa914db9f36153ed5837a067d6d3450847c49d89b37ad1bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Auth0-Client: eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNy4wIiwiZW52Ijp7ImxvY2suanMtdWxwIjoiMTEuMjYuMyIsImF1dGgwLmpzLXVscCI6IjkuMTMuNCIsImF1dGgwLmpzIjoiOS4xMy40In19
Referer: https://login.secure.ninetyone.com/login?state=hKFo2SBiTnRjZ2JXaGo3SVdaWUVtRzREelQ2N0JGYUYwWjlMMKFupWxvZ2luo3RpZNkgdXVLWTR1cWpkWkFQQ3V6Mzl4WG5reUhmYXBIeEJCbDOjY2lk2SBYR1ZNQ0QwclV4VGRLRkMxVkdNUjZZRUQwZzhHajFybw&client=XGVMCD0rUxTdKFC1VGMR6YED0g8Gj1ro&protocol=oauth2&response_type=token%20id_token&redirect_uri=https%3A%2F%2Fonline.secure.ninetyone.com%2Flogin%3FpreviousPage%3D%252F&audience=https%3A%2F%2Flogin.secure.ninetyone.com%2Fapi&nonce=iTaEsGquPaStRc_v0dnYH9hO-aMA-G2L&scope=openid%20profile%20email&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNy4wIn0%3D
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 31 Jan 2022 21:06:12 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-auth0-requestid: a9a4232ec1da286f255c
vary: Accept-Encoding
content-length: 18
server: cloudflare
ot-tracer-sampled: true
etag: W/"12-9fs4x/hyJ5DkqQF2LYZkOdHRWWM"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
ot-tracer-traceid: 591d1c5e0436918d
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-transform
ot-baggage-auth0-request-id: 6d65e70db1619293
cf-ray: 6d65e70d98169293-FRA
cname-api-key: 76ce6fa90beea6d5ca8556010a911bda8a3273ae142fe3dedb750d93e95cef70
ot-tracer-spanid: 1fa9fc8653eb8c90

GET
H2 404 ssodata Show response
login.secure.ninetyone.com/user/ 0
273 B 214ms
214ms XHR
text/plain 2606:4700::6812:1ea7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.secure.ninetyone.com/user/ssodata

Requested by

Host: cdn.auth0.com
URL: https://cdn.auth0.com/js/lock/11.26.3/lock.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1ea7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.secure.ninetyone.com/login?state=hKFo2SBiTnRjZ2JXaGo3SVdaWUVtRzREelQ2N0JGYUYwWjlMMKFupWxvZ2luo3RpZNkgdXVLWTR1cWpkWkFQQ3V6Mzl4WG5reUhmYXBIeEJCbDOjY2lk2SBYR1ZNQ0QwclV4VGRLRkMxVkdNUjZZRUQwZzhHajFybw&client=XGVMCD0rUxTdKFC1VGMR6YED0g8Gj1ro&protocol=oauth2&response_type=token%20id_token&redirect_uri=https%3A%2F%2Fonline.secure.ninetyone.com%2Flogin%3FpreviousPage%3D%252F&audience=https%3A%2F%2Flogin.secure.ninetyone.com%2Fapi&nonce=iTaEsGquPaStRc_v0dnYH9hO-aMA-G2L&scope=openid%20profile%20email&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNy4wIn0%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 21:06:13 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-auth0-requestid: 555988bb71a1836ed1e8
vary: Accept-Encoding
content-length: 0
server: cloudflare
ot-tracer-sampled: true
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
ot-tracer-traceid: 30ebcee54dd66800
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-transform
ot-baggage-auth0-request-id: 6d65e70ea2239293
cf-ray: 6d65e70e7a149293-FRA
cname-api-key: 76ce6fa90beea6d5ca8556010a911bda8a3273ae142fe3dedb750d93e95cef70
ot-tracer-spanid: 75db8c131d54fdb5

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: dc.services.visualstudio.com
URL: https://dc.services.visualstudio.com/v2/track

Domain: dc.services.visualstudio.com
URL: https://dc.services.visualstudio.com/v2/track

Domain: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1412621991&t=pageview&_s=1&dl=https%3A%2F%2Fonline.secure.ninetyone.com%2Flogin%3FpreviousPage%3D%252F&ul=en-us&de=UTF-8&dt=Ninety%20One%20SA%20Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=334748553&gjid=1818625366&cid=81247367.1643663172&tid=UA-136337531-2&_gid=55746042.1643663172&_r=1&gtm=2ou1q0&z=1615152365

Domain: dc.services.visualstudio.com
URL: https://dc.services.visualstudio.com/v2/track

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
login.secure.ninetyone.com/usernamepassword/login	1970-01-20 00:48:47	Name: _csrf Value: luonCSAgs3Lnas2xNoyodt-k
.online.secure.ninetyone.com/	1970-01-20 00:34:26	Name: TiPMix Value: 45.2369798651137
.online.secure.ninetyone.com/	1970-01-20 00:34:26	Name: x-ms-routing-name Value: self
online.secure.ninetyone.com/	1970-01-20 00:34:24	Name: com.auth0.auth.yHKonpTBrPZMJ-KA6yTj_BwjDP~qUXQi Value: {%22nonce%22:%22iTaEsGquPaStRc_v0dnYH9hO-aMA-G2L%22%2C%22state%22:%22yHKonpTBrPZMJ-KA6yTj_BwjDP~qUXQi%22}
.ninetyone.com/	1970-01-20 18:05:35	Name: _ga Value: GA1.2.81247367.1643663172
.ninetyone.com/	1970-01-20 00:35:49	Name: _gid Value: GA1.2.55746042.1643663172
.ninetyone.com/	1970-01-20 00:34:23	Name: _gat_gtag_UA_136337531_2 Value: 1
login.secure.ninetyone.com/	1970-01-20 09:20:20	Name: did Value: s%3Av0%3A9ea06a70-82d9-11ec-92c6-e920952428aa.TS%2BDUuwxuvl2gZkaHv4iRh4vcoR6WTX%2FS60XfFG%2F94A
login.secure.ninetyone.com/	1970-01-20 00:38:42	Name: auth0 Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQAInXHnmkaeXvKnNzab6qfAPOhpXSll7RBssaVi9ls4F-GK_0kxpHxVAPYfQJRUhU6k-0rvG5yl4-FWfVVCJqIemY29va2llg6dleHBpcmVz1_9EMA4AYfxDxK5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.M7Fy3MiHmwaMfsXeF%2FOHtFdc5ZXZoLiRrdMEIhchxpw
login.secure.ninetyone.com/	1970-01-20 09:20:20	Name: did_compat Value: s%3Av0%3A9ea06a70-82d9-11ec-92c6-e920952428aa.TS%2BDUuwxuvl2gZkaHv4iRh4vcoR6WTX%2FS60XfFG%2F94A
login.secure.ninetyone.com/	1970-01-20 00:38:42	Name: auth0_compat Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQAInXHnmkaeXvKnNzab6qfAPOhpXSll7RBssaVi9ls4F-GK_0kxpHxVAPYfQJRUhU6k-0rvG5yl4-FWfVVCJqIemY29va2llg6dleHBpcmVz1_9EMA4AYfxDxK5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.M7Fy3MiHmwaMfsXeF%2FOHtFdc5ZXZoLiRrdMEIhchxpw

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://online.secure.ninetyone.com/login?previousPage=%2F Message: Access to XMLHttpRequest at 'https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true' from origin 'https://online.secure.ninetyone.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://online.secure.ninetyone.com/login?previousPage=%2F Message: Access to XMLHttpRequest at 'https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1412621991&t=pageview&_s=1&dl=https%3A%2F%2Fonline.secure.ninetyone.com%2Flogin%3FpreviousPage%3D%252F&ul=en-us&de=UTF-8&dt=Ninety%20One%20SA%20Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=334748553&gjid=1818625366&cid=81247367.1643663172&tid=UA-136337531-2&_gid=55746042.1643663172&_r=1&gtm=2ou1q0&z=1615152365' from origin 'https://online.secure.ninetyone.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
network	error	URL: https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1412621991&t=pageview&_s=1&dl=https%3A%2F%2Fonline.secure.ninetyone.com%2Flogin%3FpreviousPage%3D%252F&ul=en-us&de=UTF-8&dt=Ninety%20One%20SA%20Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=334748553&gjid=1818625366&cid=81247367.1643663172&tid=UA-136337531-2&_gid=55746042.1643663172&_r=1&gtm=2ou1q0&z=1615152365 Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://login.secure.ninetyone.com/user/ssodata Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn-ninetyone-webartefacts.azureedge.net
cdn.auth0.com
dc.services.visualstudio.com
fast.appcues.com
imsonline.secure.ninetyone.com
login.secure.ninetyone.com
maps.googleapis.com
online.secure.ninetyone.com
www.google-analytics.com
www.googletagmanager.com
dc.services.visualstudio.com
maps.googleapis.com
www.google-analytics.com
13.69.106.217
143.204.209.119
2606:4700::6812:1ea7
2620:1ec:bdf::69
2a00:1450:4001:802::200a
2a00:1450:4001:810::200e
2a00:1450:4001:813::2008
2a04:4e42:600::622
0933c9bf5b16de5808a5507879645242d2c39839c67ba380c20334dbaeeaa65e
1f3fd1dc541889b79998db2e715f9b24b2a6816b8ad2c79754e874854ce93e62
6852fe290cf2e4e62a0aff85cb099885a7501487cbf5a0866c0cf1e151baba19
8376431f05ed0574aa914db9f36153ed5837a067d6d3450847c49d89b37ad1bf
84ea379505862c553c9f1efc56090897536824627e05603b41be0918912f8836
866fb4f98f43e3c8124def3f30d32a6d36772e74a969e5618c832768dd92617b
8960a9643964d8af0477c0c7d83f4885de68694c548d763850dc3484a755b93d
bb6880f46ee3dd3945241266953229ce7023013f3926459bfa8691ac2010f12d
c618f1e35d2bf34bc0cf8bc9ccf8996500c60f16def2e3b4742389cfee0994be
c70d4d70d0026d937626054f94237dc843fdad4bc318403475a36b869d46c205
c91e73b2959138ecd9456db66ca43c6474115712557c0004db31890f2cd312db
cf5892506194a5398d6fa8692a10060fa16c26a8b0bbb4b0351f096558b3325c
d4c676ed415cb16654c1309c8c2ee790db12f4a5ae5efb675a595ddd31a6a9e3
da556adb5c106561ceaaa0051721c7eef846de055618bb1bb2fcc0f5ff986f8f
dc7d78efca4a400fd705e314bb696a8021593e9cc39469456a8e77ba3b100bc6
dec1208496b3602794df02c6c403fbdcfaa0598038023d366b5daed984b68fb3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f75963df24c9c146b11380a0f1fe36d0e6cbd66594f823d31b751c1df46a2bc4

login.secure.ninetyone.com Open in urlscan Pro 2606:4700::6812:1ea7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

31 Requests

84 %HTTPS

75 %IPv6

8 Domains

10 Subdomains

9 IPs

3 Countries

1537 kBTransfer

4640 kBSize

11 Cookies

0 Outgoing links

Page URL History

Redirected requests

31 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

login.secure.ninetyone.com Open in urlscan Pro
2606:4700::6812:1ea7 Public Scan

Screenshot
Live screenshot

Full Image

31
Requests

84 %
HTTPS

75 %
IPv6

8
Domains

10
Subdomains

9
IPs

3
Countries

1537 kB
Transfer

4640 kB
Size

11
Cookies

31 HTTP transactions
0 data transactions