tcg.changegroup.com Open in urlscan Pro
2600:1400:d::1721:ee21 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://tcg.changegroup.com/?entity=14725642
Effective URL:
https://tcg.changegroup.com/login/login.cfm?CFID=76beb7ce-d737-4090-b740-36c1eb9269ef&CFTOKEN=0&setsec=yes&msg=
Submission: On July 17 via api (July 17th 2023, 12:56:09 pm UTC) from US — Scanned from CA

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 1 countries across 4 domains to perform 15 HTTP transactions. The main IP is 2600:1400:d::1721:ee21, located in New York, United States and belongs to AKAMAI-ASN1, NL. The main domain is tcg.changegroup.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on May 5th 2023. Valid for: 9 months.

This is the only time tcg.changegroup.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2600:1400:d::... 2600:1400:d::1721:ee4a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 8	2600:1400:d::... 2600:1400:d::1721:ee21	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2600:141b:13:... 2600:141b:13:787::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2600:141b:13:... 2600:141b:13:791::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	23.215.130.139 23.215.130.139	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	2600:141b:13:... 2600:141b:13::17d7:8261	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:141b:13:... 2600:141b:13::17d7:827a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
15	6

1 2600:1400:d::1721:ee4a (New York, United States) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

tcg.changegroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:1400:d::1721:ee21 (New York, United States) 2 redirects

ASN20940 (AKAMAI-ASN1, NL)

tcg.changegroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:141b:13:787::11a6 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
173bf104.akstat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:141b:13:791::11a6 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.215.130.139 (Secaucus, United States) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-215-130-139.deploy.static.akamaitechnologies.com

trial-eum-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
su4jtmqx26biwzfvhjsq-pf35qc-c9c04fa28-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:13::17d7:8261 (New York, United States) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

trial-eum-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:13::17d7:827a (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

eydvgaaamb4gojqacqnqaeyaabslkotf-pf35qc-c716799cd-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	changegroup.com 3 redirects tcg.changegroup.com	66 KB
4	akamaihd.net 2 redirects trial-eum-clientnsv4-s.akamaihd.net — Cisco Umbrella Rank: 2125 su4jtmqx26biwzfvhjsq-pf35qc-c9c04fa28-clientnsv4-s.akamaihd.net trial-eum-clienttons-s.akamaihd.net — Cisco Umbrella Rank: 2131 eydvgaaamb4gojqacqnqaeyaabslkotf-pf35qc-c716799cd-clienttons-s.akamaihd.net	1 KB
4	go-mpulse.net s.go-mpulse.net — Cisco Umbrella Rank: 1293 c.go-mpulse.net — Cisco Umbrella Rank: 579	101 KB
2	akstat.io 173bf104.akstat.io — Cisco Umbrella Rank: 19794	408 B
15	4

	Domain	Requested by
9	tcg.changegroup.com	3 redirects tcg.changegroup.com
2	173bf104.akstat.io	s.go-mpulse.net
2	c.go-mpulse.net	s.go-mpulse.net
2	s.go-mpulse.net	tcg.changegroup.com
1	eydvgaaamb4gojqacqnqaeyaabslkotf-pf35qc-c716799cd-clienttons-s.akamaihd.net
1	trial-eum-clienttons-s.akamaihd.net	1 redirects
1	su4jtmqx26biwzfvhjsq-pf35qc-c9c04fa28-clientnsv4-s.akamaihd.net
1	trial-eum-clientnsv4-s.akamaihd.net	1 redirects
15	8

This site contains no links.

Subject Issuer	Validity	Valid
dk.changegroup.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-05` - `2024-01-20`	9 months	crt.sh
akstat.io DigiCert TLS RSA SHA256 2020 CA1	`2023-04-05` - `2024-04-04`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://tcg.changegroup.com/login/login.cfm?CFID=76beb7ce-d737-4090-b740-36c1eb9269ef&CFTOKEN=0&setsec=yes&msg=
Frame ID: EF78BD29485DA177AD55EACE4FD03496
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The Change Group Enterprise Management System

Page URL History Show full URLs

http://tcg.changegroup.com/?entity=14725642 HTTP 301
https://tcg.changegroup.com/?entity=14725642 HTTP 302
https://tcg.changegroup.com/login/js.cfm?CFID=76beb7ce-d737-4090-b740-36c1eb9269ef&CFTOKEN=0 Page URL
https://tcg.changegroup.com/login/login.cfm HTTP 302
https://tcg.changegroup.com/login/login.cfm?CFID=76beb7ce-d737-4090-b740-36c1eb9269ef&CFTOKEN=0&setsec=y... Page URL

Detected technologies

Adobe ColdFusion (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

\.cfm(?:$|\?)

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

Page Statistics

15
Requests

80 %
HTTPS

86 %
IPv6

4
Domains

8
Subdomains

6
IPs

1
Countries

165 kB
Transfer

484 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://tcg.changegroup.com/?entity=14725642 HTTP 301
https://tcg.changegroup.com/?entity=14725642 HTTP 302
https://tcg.changegroup.com/login/js.cfm?CFID=76beb7ce-d737-4090-b740-36c1eb9269ef&CFTOKEN=0 Page URL
https://tcg.changegroup.com/login/login.cfm HTTP 302
https://tcg.changegroup.com/login/login.cfm?CFID=76beb7ce-d737-4090-b740-36c1eb9269ef&CFTOKEN=0&setsec=yes&msg= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://tcg.changegroup.com/?entity=14725642 HTTP 301
https://tcg.changegroup.com/?entity=14725642 HTTP 302
https://tcg.changegroup.com/login/js.cfm?CFID=76beb7ce-d737-4090-b740-36c1eb9269ef&CFTOKEN=0

Request Chain 12

https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=pf35qcube HTTP 302
https://su4jtmqx26biwzfvhjsq-pf35qc-c9c04fa28-clientnsv4-s.akamaihd.net/eum/results.txt

Request Chain 13

https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=pf35qcube HTTP 302
https://eydvgaaamb4gojqacqnqaeyaabslkotf-pf35qc-c716799cd-clienttons-s.akamaihd.net/eum/results.txt

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

js.cfm
tcg.changegroup.com/login/
Redirect Chain

http://tcg.changegroup.com/?entity=14725642
https://tcg.changegroup.com/?entity=14725642
https://tcg.changegroup.com/login/js.cfm?CFID=76beb7ce-d737-4090-b740-36c1eb9269ef&CFTOKEN=0

5 KB
3 KB

526ms
525ms

Document
text/html

2600:1400:d::1721:ee21
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://tcg.changegroup.com/login/js.cfm?CFID=76beb7ce-d737-4090-b740-36c1eb9269ef&CFTOKEN=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d::1721:ee21 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 2436
content-security-policy: upgrade-insecure-requests
content-type: text/html;charset=UTF-8
date: Mon, 17 Jul 2023 12:56:03 GMT
expires: Mon, 17 Jul 2023 12:56:03 GMT
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server-timing: cdn-cache; desc=MISS edge; dur=24 origin; dur=469 ak_p; desc="469332_388099613_816515130_49388_10503_18_0_-";dur=1
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-akamai-transformed: 9 334 0 pmb=mRUM,2
x-content-type-options: nosniff

Redirect headers

cache-control: max-age=0, no-cache, no-store
content-length: 96
content-security-policy: upgrade-insecure-requests
content-type: text/html;charset=UTF-8
date: Mon, 17 Jul 2023 12:56:03 GMT
expires: Mon, 17 Jul 2023 12:56:03 GMT
location: https://tcg.changegroup.com/login/js.cfm?CFID=76beb7ce-d737-4090-b740-36c1eb9269ef&CFTOKEN=0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server-timing: cdn-cache; desc=MISS edge; dur=180 origin; dur=321 ak_p; desc="469332_388099613_816513888_50123_11824_18_0_-";dur=1
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff

GET
H2 200 UXNHZ-K97JV-DCLEB-RG57U-JBTU6
s.go-mpulse.net/boomerang/ 205 KB
49 KB 93ms
35ms Script
application/javascript 2600:141b:13:787::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/UXNHZ-K97JV-DCLEB-RG57U-JBTU6
Requested by: Host: tcg.changegroup.com
URL: https://tcg.changegroup.com/login/js.cfm?CFID=76beb7ce-d737-4090-b740-36c1eb9269ef&CFTOKEN=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:141b:13:787::11a6 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tcg.changegroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:56:03 GMT
content-encoding: br
last-modified: Thu, 29 Jun 2023 07:45:37 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
x-n: S
timing-allow-origin: *
content-length: 50393

GET
H2

200

Primary Request login.cfm Show response
tcg.changegroup.com/login/
Redirect Chain

https://tcg.changegroup.com/login/login.cfm
https://tcg.changegroup.com/login/login.cfm?CFID=76beb7ce-d737-4090-b740-36c1eb9269ef&CFTOKEN=0&setsec=yes&msg=

7 KB
4 KB

555ms
555ms

Document
text/html

2600:1400:d::1721:ee21
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://tcg.changegroup.com/login/login.cfm?CFID=76beb7ce-d737-4090-b740-36c1eb9269ef&CFTOKEN=0&setsec=yes&msg=

Requested by

Host: tcg.changegroup.com
URL: https://tcg.changegroup.com/login/js.cfm?CFID=76beb7ce-d737-4090-b740-36c1eb9269ef&CFTOKEN=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d::1721:ee21 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8f68526d8a764223db2bcb0c6ba413961033ee655a1c91adcd714ec4800b74f9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://tcg.changegroup.com/login/js.cfm?CFID=76beb7ce-d737-4090-b740-36c1eb9269ef&CFTOKEN=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 3141
content-security-policy: upgrade-insecure-requests
content-type: text/html;charset=UTF-8
date: Mon, 17 Jul 2023 12:56:04 GMT
expires: Mon, 17 Jul 2023 12:56:04 GMT
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server-timing: cdn-cache; desc=MISS edge; dur=37 origin; dur=459 ak_p; desc="469332_388099613_816517084_49656_14012_18_0_-";dur=1
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-akamai-transformed: 9 2412 0 pmb=mRUM,2
x-content-type-options: nosniff

Redirect headers

cache-control: max-age=0, no-cache, no-store
content-length: 96
content-security-policy: upgrade-insecure-requests
content-type: text/html;charset=UTF-8
date: Mon, 17 Jul 2023 12:56:04 GMT
expires: Mon, 17 Jul 2023 12:56:04 GMT
location: https://tcg.changegroup.com/login/login.cfm?CFID=76beb7ce-d737-4090-b740-36c1eb9269ef&CFTOKEN=0&setsec=yes&msg=
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server-timing: cdn-cache; desc=MISS edge; dur=25 origin; dur=164 ak_p; desc="469332_388099613_816516576_18886_13619_18_0_-";dur=1
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff

GET
H/1.1 200
OK config.json
c.go-mpulse.net/api/ 625 B
898 B 90ms
34ms XHR
application/json 2600:141b:13:791::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=UXNHZ-K97JV-DCLEB-RG57U-JBTU6&d=tcg.changegroup.com&t=5631995&v=1.720.0&sl=0&si=7f43fd0b-4441-4f36-9812-c0bcae72f8ec-rxxylf&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=910543
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/UXNHZ-K97JV-DCLEB-RG57U-JBTU6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:141b:13:791::11a6 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tcg.changegroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 17 Jul 2023 12:56:04 GMT
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 625
Content-Type: application/json

POST
H2 204 /
173bf104.akstat.io/ 0
204 B 67ms
49ms Ping
image/gif 2600:141b:13:787::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://173bf104.akstat.io/

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/UXNHZ-K97JV-DCLEB-RG57U-JBTU6

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2600:141b:13:787::11a6 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://tcg.changegroup.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:56:04 GMT
content-type: image/gif
access-control-allow-origin: https://tcg.changegroup.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 0
expires: Mon, 17 Jul 2023 12:56:04 GMT

POST /
173bf104.akstat.io/ 0
0

GET
H2 200 tcgi.css
tcg.changegroup.com/INC_scripts/ 7 KB
2 KB 205ms
204ms Stylesheet
text/css 2600:1400:d::1721:ee21
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://tcg.changegroup.com/INC_scripts/tcgi.css

Requested by

Host: tcg.changegroup.com
URL: https://tcg.changegroup.com/login/login.cfm?CFID=76beb7ce-d737-4090-b740-36c1eb9269ef&CFTOKEN=0&setsec=yes&msg=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d::1721:ee21 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

88f479c17e8de742237d7c75b5059d8a9a1cf7356f3141d02b60d4c37796def9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tcg.changegroup.com/login/login.cfm?CFID=76beb7ce-d737-4090-b740-36c1eb9269ef&CFTOKEN=0&setsec=yes&msg=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:56:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=MISS, edge; dur=80, origin; dur=93, ak_p; desc="469332_388099613_816518415_17390_9629_19_0_-";dur=1
content-length: 1434
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 13 May 2018 17:57:12 GMT
etag: "0cabd1e3ead31:0"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
expires: Mon, 17 Jul 2023 12:56:04 GMT

GET
H2 200 logoMain.jpg
tcg.changegroup.com/images/ 10 KB
10 KB 515ms
514ms Image
image/jpeg 2600:1400:d::1721:ee21
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tcg.changegroup.com/images/logoMain.jpg

Requested by

Host: tcg.changegroup.com
URL: https://tcg.changegroup.com/login/login.cfm?CFID=76beb7ce-d737-4090-b740-36c1eb9269ef&CFTOKEN=0&setsec=yes&msg=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d::1721:ee21 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e0537258d2927a4363733e5a0513ad4e0978741d1fc359c2926a68f12c55462e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tcg.changegroup.com/login/login.cfm?CFID=76beb7ce-d737-4090-b740-36c1eb9269ef&CFTOKEN=0&setsec=yes&msg=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:56:05 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
last-modified: Sun, 13 May 2018 17:54:14 GMT
content-security-policy: upgrade-insecure-requests
etag: "0679267e3ead31:0"
content-type: image/jpeg
cache-control: max-age=0, no-cache, no-store
server-timing: cdn-cache; desc=MISS, edge; dur=91, origin; dur=391, ak_p; desc="469332_388099613_816518416_48211_9256_18_0_-";dur=1
accept-ranges: bytes
content-length: 9955
expires: Mon, 17 Jul 2023 12:56:05 GMT

GET
H2 200 map.gif
tcg.changegroup.com/images/ 43 KB
43 KB 164ms
163ms Image
image/gif 2600:1400:d::1721:ee21
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tcg.changegroup.com/images/map.gif

Requested by

Host: tcg.changegroup.com
URL: https://tcg.changegroup.com/login/login.cfm?CFID=76beb7ce-d737-4090-b740-36c1eb9269ef&CFTOKEN=0&setsec=yes&msg=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d::1721:ee21 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3f4e70486dc5cbded450443a21fe48691a6a37a7f70967275e10100378199a9b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tcg.changegroup.com/login/login.cfm?CFID=76beb7ce-d737-4090-b740-36c1eb9269ef&CFTOKEN=0&setsec=yes&msg=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:56:05 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
last-modified: Mon, 25 Jul 2011 11:22:00 GMT
content-security-policy: upgrade-insecure-requests
etag: "0fc1b12bd4acc1:0"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
server-timing: cdn-cache; desc=MISS, edge; dur=38, origin; dur=94, ak_p; desc="469332_388099613_816519005_13245_9834_19_0_-";dur=1
accept-ranges: bytes
content-length: 43925
expires: Mon, 17 Jul 2023 12:56:05 GMT

GET
H2 200 loginButton.gif
tcg.changegroup.com/images/ 583 B
1018 B 474ms
474ms Image
image/gif 2600:1400:d::1721:ee21
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tcg.changegroup.com/images/loginButton.gif

Requested by

Host: tcg.changegroup.com
URL: https://tcg.changegroup.com/login/login.cfm?CFID=76beb7ce-d737-4090-b740-36c1eb9269ef&CFTOKEN=0&setsec=yes&msg=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d::1721:ee21 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b8911899fb1b56da59f86fefef8f73e094ca9cebe7027157278eb5eb95075f7f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tcg.changegroup.com/login/login.cfm?CFID=76beb7ce-d737-4090-b740-36c1eb9269ef&CFTOKEN=0&setsec=yes&msg=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:56:05 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
last-modified: Mon, 25 Jul 2011 11:21:56 GMT
content-security-policy: upgrade-insecure-requests
etag: "0a2b9fbd4acc1:0"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
server-timing: cdn-cache; desc=MISS, edge; dur=31, origin; dur=380, ak_p; desc="469332_388099613_816519033_44573_11171_25_0_-";dur=1
accept-ranges: bytes
content-length: 583
expires: Mon, 17 Jul 2023 12:56:05 GMT

GET
H2 200 UXNHZ-K97JV-DCLEB-RG57U-JBTU6 Show response
s.go-mpulse.net/boomerang/ 205 KB
49 KB 23ms
22ms Script
application/javascript 2600:141b:13:787::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/UXNHZ-K97JV-DCLEB-RG57U-JBTU6
Requested by: Host: tcg.changegroup.com
URL: https://tcg.changegroup.com/login/login.cfm?CFID=76beb7ce-d737-4090-b740-36c1eb9269ef&CFTOKEN=0&setsec=yes&msg=
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:141b:13:787::11a6 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tcg.changegroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:56:04 GMT
content-encoding: br
last-modified: Thu, 29 Jun 2023 07:45:37 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
x-n: S
timing-allow-origin: *
content-length: 50393

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ 782 B
1 KB 34ms
34ms XHR
application/json 2600:141b:13:791::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=UXNHZ-K97JV-DCLEB-RG57U-JBTU6&d=tcg.changegroup.com&t=5631995&v=1.720.0&sl=0&si=74ffc40c-b00c-46cb-9821-f7cd27577169-rxxylg&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=910543
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/UXNHZ-K97JV-DCLEB-RG57U-JBTU6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:141b:13:791::11a6 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 857af012903f99036be5d0ab9a159f529c074eeff9a2f5d9a94062fd8b532c9c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tcg.changegroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 17 Jul 2023 12:56:04 GMT
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 782
Content-Type: application/json

POST
H2 204 /
173bf104.akstat.io/ 0
204 B 52ms
51ms Ping
image/gif 2600:141b:13:787::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://173bf104.akstat.io/

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/UXNHZ-K97JV-DCLEB-RG57U-JBTU6

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2600:141b:13:787::11a6 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://tcg.changegroup.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:56:05 GMT
content-type: image/gif
access-control-allow-origin: https://tcg.changegroup.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 0
expires: Mon, 17 Jul 2023 12:56:05 GMT

GET
H/1.1

200
OK

results.txt Show response
su4jtmqx26biwzfvhjsq-pf35qc-c9c04fa28-clientnsv4-s.akamaihd.net/eum/
Redirect Chain

https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=pf35qcube
https://su4jtmqx26biwzfvhjsq-pf35qc-c9c04fa28-clientnsv4-s.akamaihd.net/eum/results.txt

8 B
312 B

369ms
19ms

XHR
text/plain

23.215.130.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://su4jtmqx26biwzfvhjsq-pf35qc-c9c04fa28-clientnsv4-s.akamaihd.net/eum/results.txt
Protocol: HTTP/1.1
Server: 23.215.130.139 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-215-130-139.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tcg.changegroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 17 Jul 2023 12:56:06 GMT
Last-Modified: Wed, 08 May 2013 07:51:12 GMT
Server: AkamaiNetStorage
ETag: "402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8

Redirect headers

Location: https://su4jtmqx26biwzfvhjsq-pf35qc-c9c04fa28-clientnsv4-s.akamaihd.net/eum/results.txt
Access-Control-Allow-Origin: *
Date: Mon, 17 Jul 2023 12:56:05 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

results.txt Show response
eydvgaaamb4gojqacqnqaeyaabslkotf-pf35qc-c716799cd-clienttons-s.akamaihd.net/eum/
Redirect Chain

https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=pf35qcube
https://eydvgaaamb4gojqacqnqaeyaabslkotf-pf35qc-c716799cd-clienttons-s.akamaihd.net/eum/results.txt

8 B
312 B

334ms
18ms

XHR
text/plain

2600:141b:13::17d7:827a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://eydvgaaamb4gojqacqnqaeyaabslkotf-pf35qc-c716799cd-clienttons-s.akamaihd.net/eum/results.txt
Protocol: HTTP/1.1
Server: 2600:141b:13::17d7:827a New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tcg.changegroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 17 Jul 2023 12:56:06 GMT
Last-Modified: Wed, 08 May 2013 07:51:12 GMT
Server: AkamaiNetStorage
ETag: "402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8

Redirect headers

Location: https://eydvgaaamb4gojqacqnqaeyaabslkotf-pf35qc-c716799cd-clienttons-s.akamaihd.net/eum/results.txt
Access-Control-Allow-Origin: *
Date: Mon, 17 Jul 2023 12:56:05 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 173bf104.akstat.io
URL: https://173bf104.akstat.io/

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
tcg.changegroup.com/	1970-01-20 22:55:58	Name: cfid Value: 76beb7ce-d737-4090-b740-36c1eb9269ef
tcg.changegroup.com/	1970-01-20 22:55:58	Name: cftoken Value: 0
.changegroup.com/	1970-01-20 13:20:05	Name: ak_bmsc Value: 783AB61A414F92741570137D8A278114~000000000000000000000000000000~YAAQHe4hF1HiO0eJAQAAERTsYxRoslq16m4Ih9jVBdcMLqP9ceUeb5mUq5jlWj7sLLLKC3XlCKTBc76wo83ZlvLT/i590D1X5Nf0y3oV14bIMYR8HYcv1Ieehn1SEb3+Ir6VizDU9aeXBb9tDeWoE19ceYye4wSbWdi1c4Xh5F6RqX/3sCeDJUO6cweObZ5l6oMVRL9JSAFnB3amLzZmNAKMOeBzvX6Q+wwZ1SFDwAhvoDLNQYxK9b5w4l4ZueYD3taynd76E1S/T/hU2i2RZd3+rn59vKtOHx0GcSjcCesNEwOcfoaGgNB1Uj4B2PrNaXFXAMEMAKqsvZqmkZ9hLAJWz4GnHpjgRfDUf89++ckXwu995Mr6Wvgf+l/y9sDKp2YqL6fghHoAzluLXobAID7xwFwnyQ==
.changegroup.com/	1970-01-20 13:20:02	Name: AKA_A2 Value: A
tcg.changegroup.com/	1970-01-20 13:34:22	Name: COOKIEON Value: yes
.changegroup.com/	1970-01-20 13:20:05	Name: bm_sv Value: 090E67017D82D89C6B7B9A2497181680~YAAQHe4hF3HiO0eJAQAAThnsYxTip8UKhRqCGm7IPHsg0cnMrFqYn1rvIfVk7R5ymdzOWymibrvQXyA6nvkgXDRY+lseviHMKiCNEjOxVYDyHrRnH3sXEqrxFGBg7UWbpt5RZXfosABznrQasd7Ltw2ZZQ3vF9zVvU0Qggl02cGA8MI/q3gWydo7e0l0639So/2ddWToSuQllM50mYNxB2sYPwS7tu0G8JFfjHpbTZzGsusirSauUsoPWAuYk6t8Mx9iAK4=~1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

173bf104.akstat.io
c.go-mpulse.net
eydvgaaamb4gojqacqnqaeyaabslkotf-pf35qc-c716799cd-clienttons-s.akamaihd.net
s.go-mpulse.net
su4jtmqx26biwzfvhjsq-pf35qc-c9c04fa28-clientnsv4-s.akamaihd.net
tcg.changegroup.com
trial-eum-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net
173bf104.akstat.io
23.215.130.139
2600:1400:d::1721:ee21
2600:1400:d::1721:ee4a
2600:141b:13:787::11a6
2600:141b:13:791::11a6
2600:141b:13::17d7:8261
2600:141b:13::17d7:827a
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
3f4e70486dc5cbded450443a21fe48691a6a37a7f70967275e10100378199a9b
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f
857af012903f99036be5d0ab9a159f529c074eeff9a2f5d9a94062fd8b532c9c
88f479c17e8de742237d7c75b5059d8a9a1cf7356f3141d02b60d4c37796def9
8f68526d8a764223db2bcb0c6ba413961033ee655a1c91adcd714ec4800b74f9
b8911899fb1b56da59f86fefef8f73e094ca9cebe7027157278eb5eb95075f7f
e0537258d2927a4363733e5a0513ad4e0978741d1fc359c2926a68f12c55462e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

tcg.changegroup.com Open in urlscan Pro 2600:1400:d::1721:ee21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

15 Requests

80 %HTTPS

86 %IPv6

4 Domains

8 Subdomains

6 IPs

1 Countries

165 kBTransfer

484 kBSize

6 Cookies

0 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Failed requests

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

6 Cookies

Security Headers

Indicators

tcg.changegroup.com Open in urlscan Pro
2600:1400:d::1721:ee21 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

80 %
HTTPS

86 %
IPv6

4
Domains

8
Subdomains

6
IPs

1
Countries

165 kB
Transfer

484 kB
Size

6
Cookies

15 HTTP transactions
0 data transactions