urlscan.io logo urlscan.io
SecurityTrails logo

login.microsoftonline.com Open in urlscan Pro
2603:1026:3000:c8::b  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://do0vsc0ibwv92.cloudfront.net/
Effective URL: https://login.microsoftonline.com/227c66e2-c39f-42e6-9963-86f26b23ea13/saml2?SAMLRequest=fZJLT8MwEITv%2FIrId%2BfhBDe1mlQVqBISXHgdu...
Submission: On December 18 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 5 countries across 13 domains to perform 45 HTTP transactions. The main IP is 2603:1026:3000:c8::b, located in Dublin, Ireland and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.microsoftonline.com. The Cisco Umbrella rank of the primary domain is 10.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on August 31st 2024. Valid for: 6 months.
This is the only time login.microsoftonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2600:9000:206... 16509 (AMAZON-02)
10 18.66.102.43 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
4 142.250.186.35 15169 (GOOGLE)
3 52.56.107.251 16509 (AMAZON-02)
3 151.101.65.91 54113 (FASTLY)
1 35.186.241.17 15169 (GOOGLE)
1 2602:816:5001... 54113 (FASTLY)
4 185.221.85.3 206998 (NEW-2 NEW...)
1 3.33.200.131 16509 (AMAZON-02)
1 18.245.31.109 16509 (AMAZON-02)
1 1 2a05:d01c:4a0... 16509 (AMAZON-02)
1 2603:1026:300... 8075 (MICROSOFT...)
1 20.190.160.20 8075 (MICROSOFT...)
8 2620:1ec:bdf::45 8075 (MICROSOFT...)
2 2606:2800:233... 15133 (EDGECAST)
45 15
1    2600:9000:206f:8400:d:3cf6:4d80:93a1 (United States)

ASN16509 (AMAZON-02, US)
do0vsc0ibwv92.cloudfront.net
10    18.66.102.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-43.fra56.r.cloudfront.net
birdu.learn.link
2    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net
fonts.gstatic.com
3    52.56.107.251 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-56-107-251.eu-west-2.compute.amazonaws.com
waif.api.learn.link
3    151.101.65.91 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn.growthbook.io
1    35.186.241.17 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 17.241.186.35.bc.googleusercontent.com
content.insights.thrivelearning.com
1    2602:816:5001::39 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
4    185.221.85.3 (Ireland)

ASN206998 (NEW-2 NEW RELIC INTERNATIONAL LIMITED, IE)
bam.eu01.nr-data.net
1    3.33.200.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: ab4c5a55f2680f4c3.awsglobalaccelerator.com
tenant.api.learn.link
1    18.245.31.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-31-109.fra56.r.cloudfront.net
tenant.assets.learn.link
1    2a05:d01c:4a0:2f01:4f87:ca5d:7c1b:f957 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
arcteryx-prod-lxp.auth.eu-west-2.amazoncognito.com
1    2603:1026:3000:c8::b (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com
1    20.190.160.20 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.live.com
8    2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aadcdn.msauth.net
2    2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)
aadcdn.msauthimages.net
Apex Domain
Subdomains		 Transfer
15 learn.link
birdu.learn.link
waif.api.learn.link — Cisco Umbrella Rank: 387460
tenant.api.learn.link — Cisco Umbrella Rank: 384060 Failed
tenant.assets.learn.link — Cisco Umbrella Rank: 481728
3 MB
8 msauth.net
aadcdn.msauth.net — Cisco Umbrella Rank: 871
387 KB
4 nr-data.net
bam.eu01.nr-data.net — Cisco Umbrella Rank: 10483
2 KB
4 gstatic.com
fonts.gstatic.com
15 KB
3 growthbook.io
cdn.growthbook.io — Cisco Umbrella Rank: 8478
1 KB
2 msauthimages.net
aadcdn.msauthimages.net — Cisco Umbrella Rank: 3379
287 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
1 KB
1 live.com
login.live.com — Cisco Umbrella Rank: 61
1 microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 10
19 KB
1 amazoncognito.com
arcteryx-prod-lxp.auth.eu-west-2.amazoncognito.com
2 KB
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 623
31 KB
1 thrivelearning.com
content.insights.thrivelearning.com — Cisco Umbrella Rank: 399912 Failed
163 KB
1 cloudfront.net
do0vsc0ibwv92.cloudfront.net
245 B
45 13
Domain Requested by
10 birdu.learn.link birdu.learn.link
8 aadcdn.msauth.net login.microsoftonline.com
aadcdn.msauth.net
4 bam.eu01.nr-data.net birdu.learn.link
4 fonts.gstatic.com fonts.googleapis.com
3 cdn.growthbook.io birdu.learn.link
3 waif.api.learn.link birdu.learn.link
2 aadcdn.msauthimages.net
2 fonts.googleapis.com client
1 login.live.com login.microsoftonline.com
1 login.microsoftonline.com birdu.learn.link
1 arcteryx-prod-lxp.auth.eu-west-2.amazoncognito.com 1 redirects
1 tenant.assets.learn.link
1 js-agent.newrelic.com birdu.learn.link
1 tenant.api.learn.link birdu.learn.link
1 content.insights.thrivelearning.com birdu.learn.link
1 do0vsc0ibwv92.cloudfront.net 1 redirects
45 16

This site contains links to these domains. Also see Links.

Domain
www.microsoft.com
privacy.microsoft.com
Subject Issuer Validity Valid
*.learn.link
Amazon RSA 2048 M02		 2024-05-16 -
2025-06-13		 a year crt.sh
upload.video.google.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
*.gstatic.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
cdn.growthbook.io
R11		 2024-11-23 -
2025-02-21		 3 months crt.sh
content.insights.thrivelearning.com
WR3		 2024-12-13 -
2025-03-13		 3 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1		 2024-03-21 -
2025-04-22		 a year crt.sh
*.eu01.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1		 2024-07-12 -
2025-07-11		 a year crt.sh
stamp2.login.microsoftonline.com
DigiCert SHA2 Secure Server CA		 2024-08-31 -
2025-02-28		 6 months crt.sh
login.live.com
DigiCert SHA2 Secure Server CA		 2024-08-28 -
2025-02-28		 6 months crt.sh
aadcdn.msauth.net
DigiCert SHA2 Secure Server CA		 2024-10-29 -
2025-10-29		 a year crt.sh
aadcdn.msauthimages.net
Microsoft Azure RSA TLS Issuing CA 03		 2024-06-04 -
2025-05-30		 a year crt.sh

This page contains 1 frames:

Primary Page: https://login.microsoftonline.com/227c66e2-c39f-42e6-9963-86f26b23ea13/saml2?SAMLRequest=fZJLT8MwEITv%2FIrId%2BfhBDe1mlQVqBISXHgduFSus2ktJXbwOlD49bgpRXDhaGt2ZvXNLpaHvovewKG2piJZnJIIjLKNNruKPD2uaUmW9cUCZd%2BxQaxGvzf38DoC%2BmiFCM6HuStrcOzBPYB70wqe7m8rsvd%2BQJEk0ikP7uNAB2cb2h2GWAaPGEb6Hjwoi2UvP21I3Bntbaxsn0xZiW4GBzgEayDRddBqI%2F205Nm6sztt4l4rZ9G23ppOG5gcGJspzoFRlc9bWjDgdD7nOS15y%2FiW5SCz%2FBRDopvrimw4b2V52Ui6zYqcFmmaUsnVjOazbSPV5bbJyiZIEUe4Meil8RVhKStoxmhWPmZMsFRkZVww%2FkKi5zNOdsQZABsUJ4AVGZ0RVqJGYWQPKLwSD6u7WxGkIiDyVtmO1CfeYgp00dq6Xvr%2FZ48%2FuqHtJBVgvPYff7L%2FH5fnLkl9lJ1KEd%2BtCBzET2Gb%2FWdZvBR2vV4kv7esv59%2Fj6T%2BAg%3D%3D&RelayState=H4sIAAAAAAAAAE2QW4_aMBCF_4ufcXB8iRPeuhsoqNDdhW26paqQ49gkGzs2IVyr_ve6UlX17cw5n0Yz5ycQYALUCV7UcYB4V99TuqVuNgMjUIZE9HJQ_e0aSWeDJYPFWYOJxxYbTWxylu9Y1FnJlegDUAWgHgZ_nIzHZdNXp8iEoItM07VjKYwphWwDpwInXaWC1EFuPqyWQe7B5DtQVjQmDM6rrqnAjxFoA3GarRzDdpbzl_vllnlua9bny2kiP-kv7fLSso7uC6Y_Ir2ZL8yyeMpJka9sjGe6L44PXDE_785MFy-42cwPrL0uXjNXolYonTSHA4lzND0t1t-GnjxTm-k36m_14xO9qvuNsEN6_rpAyy2G6887hqaNWqwf_OPz9E132RYi8-42U2r9q0PhdvNfddD3roLm6iNxGuroX9eRsOLuOun2XTO4vwVbMIk5oQxTGqcj4MFEC3NUI9D_KSzmSuoqhUn4BlJKEMyowJBzLpOUJyTWcdgxBHSXJFqkrBKwjCmBFCEERSI5JLyshGRlFacV-PUbd01nJf8BAAA.H4sIAAAAAAAAAAEgAN__J_udrXVUZ8ex6jmBpE1W_igqirXl-8GAPOkIKMr8WCW3Oh1jIAAAAA.3
Frame ID: EE6F0551538024E070D5A40AB898D0BB
Requests: 45 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bei Ihrem Konto anmelden

Page URL History Show full URLs

  1. https://do0vsc0ibwv92.cloudfront.net/ HTTP 301
    https://birdu.learn.link/ Page URL
  2. https://birdu.learn.link/callback Page URL
  3. https://arcteryx-prod-lxp.auth.eu-west-2.amazoncognito.com/oauth2/authorize?response_type=code&client_id=75i23p2m2lf3m6vcj2ah9b7ear&ide... HTTP 302
    https://login.microsoftonline.com/227c66e2-c39f-42e6-9963-86f26b23ea13/saml2?SAMLRequest=fZJLT8MwEITv%2FIrId%2... Page URL

Page Statistics

45
Requests

93 %
HTTPS

44 %
IPv6

13
Domains

16
Subdomains

15
IPs

5
Countries

3815 kB
Transfer

28596 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://do0vsc0ibwv92.cloudfront.net/ HTTP 301
    https://birdu.learn.link/ Page URL
  2. https://birdu.learn.link/callback Page URL
  3. https://arcteryx-prod-lxp.auth.eu-west-2.amazoncognito.com/oauth2/authorize?response_type=code&client_id=75i23p2m2lf3m6vcj2ah9b7ear&identity_provider=arcteryx.com&redirect_uri=https://birdu.learn.link/callback&scope=email%20openid HTTP 302
    https://login.microsoftonline.com/227c66e2-c39f-42e6-9963-86f26b23ea13/saml2?SAMLRequest=fZJLT8MwEITv%2FIrId%2BfhBDe1mlQVqBISXHgduFSus2ktJXbwOlD49bgpRXDhaGt2ZvXNLpaHvovewKG2piJZnJIIjLKNNruKPD2uaUmW9cUCZd%2BxQaxGvzf38DoC%2BmiFCM6HuStrcOzBPYB70wqe7m8rsvd%2BQJEk0ikP7uNAB2cb2h2GWAaPGEb6Hjwoi2UvP21I3Bntbaxsn0xZiW4GBzgEayDRddBqI%2F205Nm6sztt4l4rZ9G23ppOG5gcGJspzoFRlc9bWjDgdD7nOS15y%2FiW5SCz%2FBRDopvrimw4b2V52Ui6zYqcFmmaUsnVjOazbSPV5bbJyiZIEUe4Meil8RVhKStoxmhWPmZMsFRkZVww%2FkKi5zNOdsQZABsUJ4AVGZ0RVqJGYWQPKLwSD6u7WxGkIiDyVtmO1CfeYgp00dq6Xvr%2FZ48%2FuqHtJBVgvPYff7L%2FH5fnLkl9lJ1KEd%2BtCBzET2Gb%2FWdZvBR2vV4kv7esv59%2Fj6T%2BAg%3D%3D&RelayState=H4sIAAAAAAAAAE2QW4_aMBCF_4ufcXB8iRPeuhsoqNDdhW26paqQ49gkGzs2IVyr_ve6UlX17cw5n0Yz5ycQYALUCV7UcYB4V99TuqVuNgMjUIZE9HJQ_e0aSWeDJYPFWYOJxxYbTWxylu9Y1FnJlegDUAWgHgZ_nIzHZdNXp8iEoItM07VjKYwphWwDpwInXaWC1EFuPqyWQe7B5DtQVjQmDM6rrqnAjxFoA3GarRzDdpbzl_vllnlua9bny2kiP-kv7fLSso7uC6Y_Ir2ZL8yyeMpJka9sjGe6L44PXDE_785MFy-42cwPrL0uXjNXolYonTSHA4lzND0t1t-GnjxTm-k36m_14xO9qvuNsEN6_rpAyy2G6887hqaNWqwf_OPz9E132RYi8-42U2r9q0PhdvNfddD3roLm6iNxGuroX9eRsOLuOun2XTO4vwVbMIk5oQxTGqcj4MFEC3NUI9D_KSzmSuoqhUn4BlJKEMyowJBzLpOUJyTWcdgxBHSXJFqkrBKwjCmBFCEERSI5JLyshGRlFacV-PUbd01nJf8BAAA.H4sIAAAAAAAAAAEgAN__J_udrXVUZ8ex6jmBpE1W_igqirXl-8GAPOkIKMr8WCW3Oh1jIAAAAA.3 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://do0vsc0ibwv92.cloudfront.net/ HTTP 301
  • https://birdu.learn.link/

45 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
birdu.learn.link/
Redirect Chain
  • https://do0vsc0ibwv92.cloudfront.net/
  • https://birdu.learn.link/
63 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://birdu.learn.link/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-43.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4754e716d9b906ee06da7f16c9f846e0ba3120fe646c6126b2caba3e15a5b26e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
81791
content-encoding
gzip
content-security-policy-report-only
default-src 'self' 'unsafe-inline' data:; object-src 'none'; base-uri 'self'; img-src https: data:; font-src https: data:; style-src * 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://*.thrivelearning.com https://js-agent.newrelic.com https://*.learn.link 'wasm-unsafe-eval'; media-src 'self' blob: data:; worker-src 'self' wss://apqc1aeaac18o-ats.iot.eu-west-2.amazonaws.com blob: https://*.learn.link; connect-src 'self' https://*.learn.link https://*.nr-data.net https://cdn.growthbook.io wss://apqc1aeaac18o-ats.iot.eu-west-2.amazonaws.com *.live-video.net https://cognito-idp.eu-west-2.amazonaws.com https://api.feedback.eu.pendo.io https://*.thrivelearning.com; frame-ancestors 'none'; upgrade-insecure-requests; block-all-mixed-content;report-uri https://journal.api.learn.link/csp-report; report-to default;
content-type
text/html
date
Tue, 17 Dec 2024 13:37:06 GMT
etag
W/"b1c79b403a550a5dc3fd43e10321693f"
last-modified
Tue, 17 Dec 2024 13:36:47 GMT
referrer-policy
same-origin
report-to
{"group":"default", "max_age":1800, "endpoints":[{"url":"https://journal.api.learn.link/csp-report"}],"include_subdomains":true}
reporting-endpoints
main-endpoint="https://journal.api.learn.link/csp-report", default="https://journal.api.learn.link/csp-report"
server
AmazonS3
strict-transport-security
max-age=15768000; includeSubdomains; preload
vary
Accept-Encoding
via
1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
x-amz-cf-id
efzH9u79ubB_AuLmTkzfR5UUP37aMRGco8RxeX9rwdyU77Kf_7HZsw==
x-amz-cf-pop
FRA56-P2
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block

Redirect headers

content-length
0
date
Wed, 18 Dec 2024 12:20:16 GMT
location
https://birdu.learn.link
server
CloudFront
via
1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
x-amz-cf-id
Ripr5dNncSr0K6tDvuPcGY4L5cuwMBzz1VbXg1X3f6MMV73X_I_iYQ==
x-amz-cf-pop
FRA56-C1
x-cache
FunctionGeneratedResponse from cloudfront
5696.bundle.js
birdu.learn.link/release-bundle-1734442246645/ 		8 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://birdu.learn.link/release-bundle-1734442246645/5696.bundle.js
Requested by
Host: birdu.learn.link
URL: https://birdu.learn.link/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-43.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
73e70cc168920e2ebfb0349e22af2d813a66f68c470fb09a9a78dcde614487aa
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://birdu.learn.link/

Response headers

content-encoding
gzip
etag
W/"9fddef40bfac8de9f28efccc1676c416"
age
81791
report-to
{"group":"default", "max_age":1800, "endpoints":[{"url":"https://journal.api.learn.link/csp-report"}],"include_subdomains":true}
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
tRDkc1rB7Dk1Bil3CWxRa8D_iZ1UaiqGySjmojwCkTlhN8pPmYhmMg==
date
Tue, 17 Dec 2024 13:37:06 GMT
content-type
text/javascript
last-modified
Tue, 17 Dec 2024 13:36:51 GMT
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=15768000; includeSubdomains; preload
reporting-endpoints
main-endpoint="https://journal.api.learn.link/csp-report", default="https://journal.api.learn.link/csp-report"
content-security-policy-report-only
default-src 'self' 'unsafe-inline' data:; object-src 'none'; base-uri 'self'; img-src https: data:; font-src https: data:; style-src * 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://*.thrivelearning.com https://js-agent.newrelic.com https://*.learn.link 'wasm-unsafe-eval'; media-src 'self' blob: data:; worker-src 'self' wss://apqc1aeaac18o-ats.iot.eu-west-2.amazonaws.com blob: https://*.learn.link; connect-src 'self' https://*.learn.link https://*.nr-data.net https://cdn.growthbook.io wss://apqc1aeaac18o-ats.iot.eu-west-2.amazonaws.com *.live-video.net https://cognito-idp.eu-west-2.amazonaws.com https://api.feedback.eu.pendo.io https://*.thrivelearning.com; frame-ancestors 'none'; upgrade-insecure-requests; block-all-mixed-content;report-uri https://journal.api.learn.link/csp-report; report-to default;
via
1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
referrer-policy
same-origin
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA56-P2
server
AmazonS3
main.bundle.js
birdu.learn.link/release-bundle-1734442246645/ 		5 MB
936 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://birdu.learn.link/release-bundle-1734442246645/main.bundle.js
Requested by
Host: birdu.learn.link
URL: https://birdu.learn.link/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-43.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fb59b542c85d90d9afef7bb79aec3b986900f50c234e38ec71dd85304ca22f82
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://birdu.learn.link/

Response headers

content-encoding
gzip
etag
W/"2eae91f5e64be6d2b0389b22b1060926"
age
81791
report-to
{"group":"default", "max_age":1800, "endpoints":[{"url":"https://journal.api.learn.link/csp-report"}],"include_subdomains":true}
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
NFHZPEnx2nXprKjcjjd4wVspf9NiZJar1vVhCD4NKttHeqnD1-Nr1A==
date
Tue, 17 Dec 2024 13:37:06 GMT
content-type
text/javascript
last-modified
Tue, 17 Dec 2024 13:36:55 GMT
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=15768000; includeSubdomains; preload
reporting-endpoints
main-endpoint="https://journal.api.learn.link/csp-report", default="https://journal.api.learn.link/csp-report"
content-security-policy-report-only
default-src 'self' 'unsafe-inline' data:; object-src 'none'; base-uri 'self'; img-src https: data:; font-src https: data:; style-src * 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://*.thrivelearning.com https://js-agent.newrelic.com https://*.learn.link 'wasm-unsafe-eval'; media-src 'self' blob: data:; worker-src 'self' wss://apqc1aeaac18o-ats.iot.eu-west-2.amazonaws.com blob: https://*.learn.link; connect-src 'self' https://*.learn.link https://*.nr-data.net https://cdn.growthbook.io wss://apqc1aeaac18o-ats.iot.eu-west-2.amazonaws.com *.live-video.net https://cognito-idp.eu-west-2.amazonaws.com https://api.feedback.eu.pendo.io https://*.thrivelearning.com; frame-ancestors 'none'; upgrade-insecure-requests; block-all-mixed-content;report-uri https://journal.api.learn.link/csp-report; report-to default;
via
1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
referrer-policy
same-origin
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA56-P2
server
AmazonS3
css
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato|Poppins:100,200,300,400,500,600,700,800,900
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 18 Dec 2024 12:20:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Dec 2024 12:20:17 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Wed, 18 Dec 2024 12:20:17 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
pendo.js
content.insights.thrivelearning.com/agent/static/ee9b4632-5892-4546-4ccf-0c0cf2a64af5/ 		0
0
en.json
birdu.learn.link/release-bundle-1734442246645/lang/translations/ 		209 KB
55 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://birdu.learn.link/release-bundle-1734442246645/lang/translations/en.json
Requested by
Host: birdu.learn.link
URL: https://birdu.learn.link/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-43.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

traceparent
00-dfd45692b2d366fea8967d4671b514da-0e9c77db04def84b-01
Referer
https://birdu.learn.link/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMyMzk1NzkiLCJhcCI6IjMyMjU0MTI3MSIsImlkIjoiMGU5Yzc3ZGIwNGRlZjg0YiIsInRyIjoiZGZkNDU2OTJiMmQzNjZmZWE4OTY3ZDQ2NzFiNTE0ZGEiLCJ0aSI6MTczNDUyNDQxNzM4N319
tracestate
3239579@nr=0-1-3239579-322541271-0e9c77db04def84b----1734524417387

Response headers

content-encoding
gzip
etag
W/"ed3cae50d4f13e14bdf6916b4c93949c"
age
81790
report-to
{"group":"default", "max_age":1800, "endpoints":[{"url":"https://journal.api.learn.link/csp-report"}],"include_subdomains":true}
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
o4TU2k_qKptreVgtKJNj-buSa0Ao8QM0uO9d6klgJaNDJEGT236xBQ==
date
Tue, 17 Dec 2024 13:37:08 GMT
content-type
application/json
last-modified
Tue, 17 Dec 2024 13:36:54 GMT
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=15768000; includeSubdomains; preload
reporting-endpoints
main-endpoint="https://journal.api.learn.link/csp-report", default="https://journal.api.learn.link/csp-report"
content-security-policy-report-only
default-src 'self' 'unsafe-inline' data:; object-src 'none'; base-uri 'self'; img-src https: data:; font-src https: data:; style-src * 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://*.thrivelearning.com https://js-agent.newrelic.com https://*.learn.link 'wasm-unsafe-eval'; media-src 'self' blob: data:; worker-src 'self' wss://apqc1aeaac18o-ats.iot.eu-west-2.amazonaws.com blob: https://*.learn.link; connect-src 'self' https://*.learn.link https://*.nr-data.net https://cdn.growthbook.io wss://apqc1aeaac18o-ats.iot.eu-west-2.amazonaws.com *.live-video.net https://cognito-idp.eu-west-2.amazonaws.com https://api.feedback.eu.pendo.io https://*.thrivelearning.com; frame-ancestors 'none'; upgrade-insecure-requests; block-all-mixed-content;report-uri https://journal.api.learn.link/csp-report; report-to default;
via
1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
referrer-policy
same-origin
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA56-P2
server
AmazonS3
truncated
/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://birdu.learn.link
Referer

Response headers

Content-Type
font/woff2
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v22/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v22/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato|Poppins:100,200,300,400,500,600,700,800,900
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://birdu.learn.link
Referer
https://fonts.googleapis.com/

Response headers

age
97016
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 17 Dec 2025 09:23:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Dec 2024 09:23:21 GMT
last-modified
Wed, 04 Dec 2024 06:53:08 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7884
x-xss-protection
0
server
sffe
/
waif.api.learn.link/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://waif.api.learn.link/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.56.107.251 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-56-107-251.eu-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://birdu.learn.link
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent,X-Amzn-Trace-Id
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Wed, 18 Dec 2024 12:20:17 GMT
x-amz-apigw-id
C_KgSEbYrPEEg2w=
x-amzn-requestid
d9ff50aa-2527-4212-9c2e-228cc00407df
x-amzn-trace-id
Root=1-6762be01-4434dcfd4f0a9cd80d9e500a
/
waif.api.learn.link/ 		3 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://waif.api.learn.link/
Requested by
Host: birdu.learn.link
URL: https://birdu.learn.link/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.56.107.251 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-56-107-251.eu-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
x-amzn-requestid
a6e91986-d05a-43a9-99d5-c1f69d8f3694
date
Wed, 18 Dec 2024 12:20:17 GMT
content-type
application/json
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
content-security-policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control
off
cross-origin-opener-policy
same-origin
x-amz-apigw-id
C_KgSF_vLPEEk2Q=
cross-origin-resource-policy
same-origin
x-amzn-trace-id
Root=1-6762be01-26c6b25d3d5c611536b03fc1
referrer-policy
no-referrer
x-download-options
noopen
access-control-allow-credentials
true
access-control-allow-origin
*
content-length
3401
x-xss-protection
0
origin-agent-cluster
?1
sdk-IUdbjBWsiq1pPBBa
cdn.growthbook.io/api/features/ 		959 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.growthbook.io/api/features/sdk-IUdbjBWsiq1pPBBa
Requested by
Host: birdu.learn.link
URL: https://birdu.learn.link/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-expose-headers
x-sse-support
etag
W/"3bf-/5NZjaO4S+xNzgpSfZRDe8FmFRE"
age
33
x-cache
HIT, HIT
date
Wed, 18 Dec 2024 12:20:17 GMT
content-type
application/json; charset=utf-8
x-served-by
cache-iad-kjyo7100126-IAD, cache-fra-etou8220074-FRA
x-cache-hits
170, 1
vary
Accept-Encoding
cache-control
public, max-age=30, stale-while-revalidate=3600, stale-if-error=36000
x-timer
S1734524417.447770,VS0,VE1
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
x-sse-support
enabled
content-length
959
x-powered-by
Express
sdk-IUdbjBWsiq1pPBBa
cdn.growthbook.io/sub/ 		22 B
0 		EventSource
General
Check archive.org
Download Go to
Full URL
https://cdn.growthbook.io/sub/sdk-IUdbjBWsiq1pPBBa
Requested by
Host: birdu.learn.link
URL: https://birdu.learn.link/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash

Request headers

Cache-Control
no-cache
Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
text/event-stream

Response headers

cache-control
private, no-store
x-timer
S1734524417.461303,VS0,VE1
age
21
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
date
Wed, 18 Dec 2024 12:20:17 GMT
content-type
text/event-stream
x-powered-by
Express
x-served-by
cache-iad-kiad7000071-IAD, cache-fra-etou8220074-FRA
x-cache-hits
34, 1
password
tenant.api.learn.link/ 		0
0
password
tenant.api.learn.link/ 		0
0
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v22/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato|Poppins:100,200,300,400,500,600,700,800,900
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://birdu.learn.link
Referer
https://fonts.googleapis.com/

Response headers

age
98435
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 17 Dec 2025 08:59:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Dec 2024 08:59:42 GMT
last-modified
Wed, 04 Dec 2024 06:54:05 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7748
x-xss-protection
0
server
sffe
callback
birdu.learn.link/ 		63 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://birdu.learn.link/callback
Requested by
Host: birdu.learn.link
URL: https://birdu.learn.link/release-bundle-1734442246645/main.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-43.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4754e716d9b906ee06da7f16c9f846e0ba3120fe646c6126b2caba3e15a5b26e

Request headers

Referer
https://birdu.learn.link/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
81792
content-encoding
gzip
content-type
text/html
date
Tue, 17 Dec 2024 13:37:06 GMT
etag
W/"b1c79b403a550a5dc3fd43e10321693f"
last-modified
Tue, 17 Dec 2024 13:36:47 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
x-amz-cf-id
YKKmhGTn4geUmB7vcoJBV0z4VzwVnXqEUdM1AH5TzCAtUtk33726Mg==
x-amz-cf-pop
FRA56-P2
x-cache
Error from cloudfront
5696.bundle.js
birdu.learn.link/release-bundle-1734442246645/ 		8 MB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://birdu.learn.link/release-bundle-1734442246645/5696.bundle.js
Requested by
Host: birdu.learn.link
URL: https://birdu.learn.link/callback
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-43.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
73e70cc168920e2ebfb0349e22af2d813a66f68c470fb09a9a78dcde614487aa
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://birdu.learn.link/callback

Response headers

content-encoding
gzip
etag
W/"9fddef40bfac8de9f28efccc1676c416"
age
81792
report-to
{"group":"default", "max_age":1800, "endpoints":[{"url":"https://journal.api.learn.link/csp-report"}],"include_subdomains":true}
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
wEDLRD9Foy8zEpgJXP_EekJRHaCQNpU4WT4dzDzXAjNHREhuCIkDQQ==
date
Tue, 17 Dec 2024 13:37:06 GMT
content-type
text/javascript
last-modified
Tue, 17 Dec 2024 13:36:51 GMT
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=15768000; includeSubdomains; preload
reporting-endpoints
main-endpoint="https://journal.api.learn.link/csp-report", default="https://journal.api.learn.link/csp-report"
referrer-policy
same-origin
via
1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
content-security-policy-report-only
default-src 'self' 'unsafe-inline' data:; object-src 'none'; base-uri 'self'; img-src https: data:; font-src https: data:; style-src * 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://*.thrivelearning.com https://js-agent.newrelic.com https://*.learn.link 'wasm-unsafe-eval'; media-src 'self' blob: data:; worker-src 'self' wss://apqc1aeaac18o-ats.iot.eu-west-2.amazonaws.com blob: https://*.learn.link; connect-src 'self' https://*.learn.link https://*.nr-data.net https://cdn.growthbook.io wss://apqc1aeaac18o-ats.iot.eu-west-2.amazonaws.com *.live-video.net https://cognito-idp.eu-west-2.amazonaws.com https://api.feedback.eu.pendo.io https://*.thrivelearning.com; frame-ancestors 'none'; upgrade-insecure-requests; block-all-mixed-content;report-uri https://journal.api.learn.link/csp-report; report-to default;
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA56-P2
server
AmazonS3
main.bundle.js
birdu.learn.link/release-bundle-1734442246645/ 		5 MB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://birdu.learn.link/release-bundle-1734442246645/main.bundle.js
Requested by
Host: birdu.learn.link
URL: https://birdu.learn.link/callback
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-43.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fb59b542c85d90d9afef7bb79aec3b986900f50c234e38ec71dd85304ca22f82
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://birdu.learn.link/callback

Response headers

content-encoding
gzip
etag
W/"2eae91f5e64be6d2b0389b22b1060926"
age
81792
report-to
{"group":"default", "max_age":1800, "endpoints":[{"url":"https://journal.api.learn.link/csp-report"}],"include_subdomains":true}
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
6JoTuxLEhW9TWSBUlEDGajAZrMr4b4Ivw-CtzxA-UcLBYOB9T0gI5w==
date
Tue, 17 Dec 2024 13:37:06 GMT
content-type
text/javascript
last-modified
Tue, 17 Dec 2024 13:36:55 GMT
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=15768000; includeSubdomains; preload
reporting-endpoints
main-endpoint="https://journal.api.learn.link/csp-report", default="https://journal.api.learn.link/csp-report"
referrer-policy
same-origin
via
1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
content-security-policy-report-only
default-src 'self' 'unsafe-inline' data:; object-src 'none'; base-uri 'self'; img-src https: data:; font-src https: data:; style-src * 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://*.thrivelearning.com https://js-agent.newrelic.com https://*.learn.link 'wasm-unsafe-eval'; media-src 'self' blob: data:; worker-src 'self' wss://apqc1aeaac18o-ats.iot.eu-west-2.amazonaws.com blob: https://*.learn.link; connect-src 'self' https://*.learn.link https://*.nr-data.net https://cdn.growthbook.io wss://apqc1aeaac18o-ats.iot.eu-west-2.amazonaws.com *.live-video.net https://cognito-idp.eu-west-2.amazonaws.com https://api.feedback.eu.pendo.io https://*.thrivelearning.com; frame-ancestors 'none'; upgrade-insecure-requests; block-all-mixed-content;report-uri https://journal.api.learn.link/csp-report; report-to default;
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA56-P2
server
AmazonS3
css
fonts.googleapis.com/ 		8 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato|Poppins:100,200,300,400,500,600,700,800,900
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c00a4ccd669f03e1aacab736debbdfeb3561ada7430f8f3813522e69d1b571a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://birdu.learn.link/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 18 Dec 2024 12:20:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Dec 2024 12:20:17 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Wed, 18 Dec 2024 12:20:17 GMT
x-frame-options
SAMEORIGIN
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
pendo.js
content.insights.thrivelearning.com/agent/static/ee9b4632-5892-4546-4ccf-0c0cf2a64af5/ 		503 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.insights.thrivelearning.com/agent/static/ee9b4632-5892-4546-4ccf-0c0cf2a64af5/pendo.js
Requested by
Host: birdu.learn.link
URL: https://birdu.learn.link/callback
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.241.17 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
17.241.186.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://birdu.learn.link/

Response headers

x-goog-metageneration
1
access-control-expose-headers
*
content-encoding
gzip
x-goog-hash
crc32c=m6netw==, md5=BgP0moxKJ+QAJ+GVEOvAfA==
etag
"0603f49a8c4a27e40027e19510ebc07c"
age
68
x-goog-stored-content-encoding
gzip
expires
Wed, 18 Dec 2024 12:26:39 GMT
alt-svc
clear
x-goog-stored-content-length
167143
date
Wed, 18 Dec 2024 12:19:09 GMT
last-modified
Thu, 12 Dec 2024 19:13:07 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
x-guploader-uploadid
AFiumC5O6sPJead5trOHOp0Sp13sw6YzY6qtiWFqWHC4JE80g-o2whEbHk_2WY3j7wK_qye8S-k9TWI
strict-transport-security
max-age=63072000
cache-control
max-age=450
x-goog-storage-class
STANDARD
x-envoy-upstream-service-time
38
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1734030787837339
content-length
167143
server
istio-envoy
en.json
birdu.learn.link/release-bundle-1734442246645/lang/translations/ 		209 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://birdu.learn.link/release-bundle-1734442246645/lang/translations/en.json
Requested by
Host: birdu.learn.link
URL: https://birdu.learn.link/callback
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-43.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

traceparent
00-2124b97fa444a89ccda64f64e510a91d-eff51a32882ca38b-01
Referer
https://birdu.learn.link/callback
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMyMzk1NzkiLCJhcCI6IjMyMjU0MTI3MSIsImlkIjoiZWZmNTFhMzI4ODJjYTM4YiIsInRyIjoiMjEyNGI5N2ZhNDQ0YTg5Y2NkYTY0ZjY0ZTUxMGE5MWQiLCJ0aSI6MTczNDUyNDQxODAxNH19
tracestate
3239579@nr=0-1-3239579-322541271-eff51a32882ca38b----1734524418014

Response headers

content-encoding
gzip
etag
W/"ed3cae50d4f13e14bdf6916b4c93949c"
age
81791
report-to
{"group":"default", "max_age":1800, "endpoints":[{"url":"https://journal.api.learn.link/csp-report"}],"include_subdomains":true}
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
QM7iNBc9KKdq-WPR28_LTiPygwmSvA0fOwvUWu2MEHNVeYcCNgE93g==
date
Tue, 17 Dec 2024 13:37:08 GMT
content-type
application/json
last-modified
Tue, 17 Dec 2024 13:36:54 GMT
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=15768000; includeSubdomains; preload
reporting-endpoints
main-endpoint="https://journal.api.learn.link/csp-report", default="https://journal.api.learn.link/csp-report"
referrer-policy
same-origin
via
1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
content-security-policy-report-only
default-src 'self' 'unsafe-inline' data:; object-src 'none'; base-uri 'self'; img-src https: data:; font-src https: data:; style-src * 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://*.thrivelearning.com https://js-agent.newrelic.com https://*.learn.link 'wasm-unsafe-eval'; media-src 'self' blob: data:; worker-src 'self' wss://apqc1aeaac18o-ats.iot.eu-west-2.amazonaws.com blob: https://*.learn.link; connect-src 'self' https://*.learn.link https://*.nr-data.net https://cdn.growthbook.io wss://apqc1aeaac18o-ats.iot.eu-west-2.amazonaws.com *.live-video.net https://cognito-idp.eu-west-2.amazonaws.com https://api.feedback.eu.pendo.io https://*.thrivelearning.com; frame-ancestors 'none'; upgrade-insecure-requests; block-all-mixed-content;report-uri https://journal.api.learn.link/csp-report; report-to default;
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA56-P2
server
AmazonS3
/
waif.api.learn.link/ 		3 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://waif.api.learn.link/
Requested by
Host: birdu.learn.link
URL: https://birdu.learn.link/callback
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.56.107.251 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-56-107-251.eu-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://birdu.learn.link/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
x-amzn-requestid
b3f190d3-f74c-4e09-8ea4-1474b057f13a
date
Wed, 18 Dec 2024 12:20:18 GMT
content-type
application/json
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
content-security-policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control
off
cross-origin-opener-policy
same-origin
x-amz-apigw-id
C_KgYF-dLPEEZUw=
cross-origin-resource-policy
same-origin
x-amzn-trace-id
Root=1-6762be02-64f16eaf616de95639245f8f
referrer-policy
no-referrer
x-download-options
noopen
access-control-allow-credentials
true
access-control-allow-origin
*
content-length
3401
x-xss-protection
0
origin-agent-cluster
?1
truncated
/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://birdu.learn.link
Referer

Response headers

Content-Type
font/woff2
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v22/ 		8 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v22/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato|Poppins:100,200,300,400,500,600,700,800,900
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://birdu.learn.link
Referer
https://fonts.googleapis.com/

Response headers

age
97016
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 17 Dec 2025 09:23:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Dec 2024 09:23:21 GMT
last-modified
Wed, 04 Dec 2024 06:53:08 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7884
x-xss-protection
0
server
sffe
sdk-IUdbjBWsiq1pPBBa
cdn.growthbook.io/sub/ 		22 B
0 		EventSource
General
Check archive.org
Download Go to
Full URL
https://cdn.growthbook.io/sub/sdk-IUdbjBWsiq1pPBBa
Requested by
Host: birdu.learn.link
URL: https://birdu.learn.link/callback
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash

Request headers

Cache-Control
no-cache
Referer
https://birdu.learn.link/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
text/event-stream

Response headers

cache-control
private, no-store
x-timer
S1734524418.027941,VS0,VE0
age
22
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
date
Wed, 18 Dec 2024 12:20:18 GMT
content-type
text/event-stream
x-powered-by
Express
x-served-by
cache-iad-kiad7000071-IAD, cache-fra-etou8220074-FRA
x-cache-hits
34, 2
nr-spa-1.263.0.min.js
js-agent.newrelic.com/ 		109 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-spa-1.263.0.min.js
Requested by
Host: birdu.learn.link
URL: https://birdu.learn.link/callback
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2602:816:5001::39 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://birdu.learn.link
Referer
https://birdu.learn.link/

Response headers

strict-transport-security
max-age=300
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
content-encoding
br
etag
"251fca68c40d5bfc49721a4b1d3a8b47"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT
content-length
31897
date
Wed, 18 Dec 2024 12:20:18 GMT
last-modified
Thu, 25 Jul 2024 23:28:25 GMT
content-type
application/javascript
x-served-by
cache-fra-etou8220156-FRA
x-cache-hits
1409
vary
Accept-Encoding
NRJS-c47c3212ac57fb9ecbd
bam.eu01.nr-data.net/1/ 		187 B
760 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.eu01.nr-data.net/1/NRJS-c47c3212ac57fb9ecbd?a=322541271&sa=1&v=1.275.0&t=Unnamed%20Transaction&rst=478&ck=0&s=af435e4a9a8aa74b&ref=https://birdu.learn.link/callback&ptid=e61cc20c6f93f965&af=err,spa,xhr,stn,ins&be=19&fe=457&dc=253&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1734524417565,%22n%22:0,%22u%22:22,%22ue%22:22,%22f%22:2,%22dn%22:2,%22dne%22:2,%22c%22:2,%22s%22:2,%22ce%22:2,%22rq%22:3,%22rp%22:19,%22rpe%22:24,%22di%22:47,%22ds%22:272,%22de%22:272,%22dc%22:470,%22l%22:470,%22le%22:476%7D,%22navigation%22:%7B%7D%7D&fp=459&fcp=459
Requested by
Host: birdu.learn.link
URL: https://birdu.learn.link/callback
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.221.85.3 , Ireland, ASN206998 (NEW-2 NEW RELIC INTERNATIONAL LIMITED, IE),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://birdu.learn.link/

Response headers

access-control-expose-headers
Date
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Date
Wed, 18 Dec 2024 12:20:18 GMT
Content-Type
text/plain
Vary
Accept-Encoding
Transfer-Encoding
chunked
timing-allow-origin
https://birdu.learn.link
x-envoy-upstream-service-time
4
Connection
keep-alive
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
CF-Ray
8f3f1b2d39611d8a-FRA
Access-Control-Allow-Origin
https://birdu.learn.link
Server
cloudflare
favicon.ico
birdu.learn.link/ 		9 KB
11 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://birdu.learn.link/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-43.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://birdu.learn.link/callback

Response headers

etag
"51fe388b906aec483994867cc7c6e792"
age
81790
report-to
{"group":"default", "max_age":1800, "endpoints":[{"url":"https://journal.api.learn.link/csp-report"}],"include_subdomains":true}
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
P1zblo3VEPyEbJ-UzOFhG8_F-r3Qsi4BjQQlmn_rcvyw1SvmjOdNDA==
date
Tue, 17 Dec 2024 13:37:09 GMT
content-type
image/vnd.microsoft.icon
last-modified
Tue, 17 Dec 2024 13:36:47 GMT
x-frame-options
DENY
strict-transport-security
max-age=15768000; includeSubdomains; preload
reporting-endpoints
main-endpoint="https://journal.api.learn.link/csp-report", default="https://journal.api.learn.link/csp-report"
content-security-policy-report-only
default-src 'self' 'unsafe-inline' data:; object-src 'none'; base-uri 'self'; img-src https: data:; font-src https: data:; style-src * 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://*.thrivelearning.com https://js-agent.newrelic.com https://*.learn.link 'wasm-unsafe-eval'; media-src 'self' blob: data:; worker-src 'self' wss://apqc1aeaac18o-ats.iot.eu-west-2.amazonaws.com blob: https://*.learn.link; connect-src 'self' https://*.learn.link https://*.nr-data.net https://cdn.growthbook.io wss://apqc1aeaac18o-ats.iot.eu-west-2.amazonaws.com *.live-video.net https://cognito-idp.eu-west-2.amazonaws.com https://api.feedback.eu.pendo.io https://*.thrivelearning.com; frame-ancestors 'none'; upgrade-insecure-requests; block-all-mixed-content;report-uri https://journal.api.learn.link/csp-report; report-to default;
via
1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
referrer-policy
same-origin
content-length
9662
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA56-P2
server
AmazonS3
password
tenant.api.learn.link/ 		176 B
914 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tenant.api.learn.link/password?GetPasswordPolicy
Requested by
Host: birdu.learn.link
URL: https://birdu.learn.link/callback
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.33.200.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ab4c5a55f2680f4c3.awsglobalaccelerator.com
Software
envoy /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

correlation-id
58aa7bb5-3d48-4a57-9b66-eff0e3d512c2
Referer
https://birdu.learn.link/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
accept
*/*
content-type
application/json

Response headers

access-control-expose-headers
api-version, content-length, content-md5, content-type, date, request-id, response-time
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
date
Wed, 18 Dec 2024 12:20:18 GMT
content-type
application/json
vary
origin
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
content-security-policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control
off
cross-origin-opener-policy
same-origin
x-envoy-upstream-service-time
180
cross-origin-resource-policy
same-origin
referrer-policy
no-referrer
x-download-options
noopen
access-control-allow-origin
https://birdu.learn.link
content-length
176
x-xss-protection
0
origin-agent-cluster
?1
server
envoy
7997.bundle.js
birdu.learn.link/release-bundle-1734442246645/ 		9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://birdu.learn.link/release-bundle-1734442246645/7997.bundle.js
Requested by
Host: birdu.learn.link
URL: https://birdu.learn.link/callback
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-43.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://birdu.learn.link/callback

Response headers

content-encoding
gzip
etag
W/"2c9a895217bc0715b32a40dcaae5d5df"
age
81791
report-to
{"group":"default", "max_age":1800, "endpoints":[{"url":"https://journal.api.learn.link/csp-report"}],"include_subdomains":true}
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
voAxpOn_9rMBrFUuBUC7Orw-X0c-AB4SwBqf09VgWkSQttHxOIKhHg==
date
Tue, 17 Dec 2024 13:37:08 GMT
content-type
text/javascript
last-modified
Tue, 17 Dec 2024 13:36:52 GMT
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=15768000; includeSubdomains; preload
reporting-endpoints
main-endpoint="https://journal.api.learn.link/csp-report", default="https://journal.api.learn.link/csp-report"
content-security-policy-report-only
default-src 'self' 'unsafe-inline' data:; object-src 'none'; base-uri 'self'; img-src https: data:; font-src https: data:; style-src * 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://*.thrivelearning.com https://js-agent.newrelic.com https://*.learn.link 'wasm-unsafe-eval'; media-src 'self' blob: data:; worker-src 'self' wss://apqc1aeaac18o-ats.iot.eu-west-2.amazonaws.com blob: https://*.learn.link; connect-src 'self' https://*.learn.link https://*.nr-data.net https://cdn.growthbook.io wss://apqc1aeaac18o-ats.iot.eu-west-2.amazonaws.com *.live-video.net https://cognito-idp.eu-west-2.amazonaws.com https://api.feedback.eu.pendo.io https://*.thrivelearning.com; frame-ancestors 'none'; upgrade-insecure-requests; block-all-mixed-content;report-uri https://journal.api.learn.link/csp-report; report-to default;
via
1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
referrer-policy
same-origin
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA56-P2
server
AmazonS3
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v22/ 		8 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato|Poppins:100,200,300,400,500,600,700,800,900
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://birdu.learn.link
Referer
https://fonts.googleapis.com/

Response headers

age
98435
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 17 Dec 2025 08:59:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Dec 2024 08:59:42 GMT
last-modified
Wed, 04 Dec 2024 06:54:05 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7748
x-xss-protection
0
server
sffe
favicon.png
tenant.assets.learn.link/v2/eu-west-2_hz84Z4oFF/birdu.learn.link/ 		5 KB
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://tenant.assets.learn.link/v2/eu-west-2_hz84Z4oFF/birdu.learn.link/favicon.png?1721390641706
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-109.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://birdu.learn.link/

Response headers

x-amz-version-id
HSFWS40pSmorECYxyDUpKnohUue3IjfR
etag
"4441fe7d70804dc34784cc5115ff7e44"
x-content-type-options
nosniff
x-cache
Miss from cloudfront
x-amz-cf-id
HTqmVIrp8VfXQN3gtFmlhrD_QfdplDO7mAvieTy4hpLN7terMSZ9Fw==
date
Wed, 18 Dec 2024 12:20:19 GMT
content-type
image/png
last-modified
Fri, 19 Jul 2024 12:04:02 GMT
vary
Origin
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
referrer-policy
strict-origin-when-cross-origin
via
1.1 67cd7fbfa7b3b35b6217719b3f0167d2.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
5307
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA56-P8
server
AmazonS3
x-amz-server-side-encryption
AES256
NRJS-c47c3212ac57fb9ecbd
bam.eu01.nr-data.net/1/ 		187 B
765 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.eu01.nr-data.net/1/NRJS-c47c3212ac57fb9ecbd?a=322541271&sa=1&v=1.263.0&t=Unnamed%20Transaction&rst=519&ck=0&s=af435e4a9a8aa74b&ref=https://birdu.learn.link/callback&ptid=85fdeb4e761d9340&af=err,spa,xhr,stn,ins&be=19&fe=457&dc=253&fsh=0&perf=%7B%22timing%22:%7B%22of%22:1734524417565,%22n%22:0,%22u%22:22,%22ue%22:22,%22f%22:2,%22dn%22:2,%22dne%22:2,%22c%22:2,%22s%22:2,%22ce%22:2,%22rq%22:3,%22rp%22:19,%22rpe%22:24,%22di%22:47,%22ds%22:272,%22de%22:272,%22dc%22:470,%22l%22:470,%22le%22:476%7D,%22navigation%22:%7B%7D%7D&fp=459&fcp=459
Requested by
Host: birdu.learn.link
URL: https://birdu.learn.link/callback
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.221.85.3 , Ireland, ASN206998 (NEW-2 NEW RELIC INTERNATIONAL LIMITED, IE),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://birdu.learn.link/

Response headers

access-control-expose-headers
Date
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Date
Wed, 18 Dec 2024 12:20:18 GMT
Content-Type
text/plain
Vary
Accept-Encoding
Transfer-Encoding
chunked
timing-allow-origin
https://birdu.learn.link
x-envoy-upstream-service-time
3
Connection
keep-alive
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
CF-Ray
8f3f1b2d3cb7dcb4-FRA
Access-Control-Allow-Origin
https://birdu.learn.link
Server
cloudflare
Primary Request saml2
login.microsoftonline.com/227c66e2-c39f-42e6-9963-86f26b23ea13/
Redirect Chain
  • https://arcteryx-prod-lxp.auth.eu-west-2.amazoncognito.com/oauth2/authorize?response_type=code&client_id=75i23p2m2lf3m6vcj2ah9b7ear&identity_provider=arcteryx.com&redirect_uri=https://birdu.learn.l...
  • https://login.microsoftonline.com/227c66e2-c39f-42e6-9963-86f26b23ea13/saml2?SAMLRequest=fZJLT8MwEITv%2FIrId%2BfhBDe1mlQVqBISXHgduFSus2ktJXbwOlD49bgpRXDhaGt2ZvXNLpaHvovewKG2piJZnJIIjLKNNruKPD2uaUmW...
47 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/227c66e2-c39f-42e6-9963-86f26b23ea13/saml2?SAMLRequest=fZJLT8MwEITv%2FIrId%2BfhBDe1mlQVqBISXHgduFSus2ktJXbwOlD49bgpRXDhaGt2ZvXNLpaHvovewKG2piJZnJIIjLKNNruKPD2uaUmW9cUCZd%2BxQaxGvzf38DoC%2BmiFCM6HuStrcOzBPYB70wqe7m8rsvd%2BQJEk0ikP7uNAB2cb2h2GWAaPGEb6Hjwoi2UvP21I3Bntbaxsn0xZiW4GBzgEayDRddBqI%2F205Nm6sztt4l4rZ9G23ppOG5gcGJspzoFRlc9bWjDgdD7nOS15y%2FiW5SCz%2FBRDopvrimw4b2V52Ui6zYqcFmmaUsnVjOazbSPV5bbJyiZIEUe4Meil8RVhKStoxmhWPmZMsFRkZVww%2FkKi5zNOdsQZABsUJ4AVGZ0RVqJGYWQPKLwSD6u7WxGkIiDyVtmO1CfeYgp00dq6Xvr%2FZ48%2FuqHtJBVgvPYff7L%2FH5fnLkl9lJ1KEd%2BtCBzET2Gb%2FWdZvBR2vV4kv7esv59%2Fj6T%2BAg%3D%3D&RelayState=H4sIAAAAAAAAAE2QW4_aMBCF_4ufcXB8iRPeuhsoqNDdhW26paqQ49gkGzs2IVyr_ve6UlX17cw5n0Yz5ycQYALUCV7UcYB4V99TuqVuNgMjUIZE9HJQ_e0aSWeDJYPFWYOJxxYbTWxylu9Y1FnJlegDUAWgHgZ_nIzHZdNXp8iEoItM07VjKYwphWwDpwInXaWC1EFuPqyWQe7B5DtQVjQmDM6rrqnAjxFoA3GarRzDdpbzl_vllnlua9bny2kiP-kv7fLSso7uC6Y_Ir2ZL8yyeMpJka9sjGe6L44PXDE_785MFy-42cwPrL0uXjNXolYonTSHA4lzND0t1t-GnjxTm-k36m_14xO9qvuNsEN6_rpAyy2G6887hqaNWqwf_OPz9E132RYi8-42U2r9q0PhdvNfddD3roLm6iNxGuroX9eRsOLuOun2XTO4vwVbMIk5oQxTGqcj4MFEC3NUI9D_KSzmSuoqhUn4BlJKEMyowJBzLpOUJyTWcdgxBHSXJFqkrBKwjCmBFCEERSI5JLyshGRlFacV-PUbd01nJf8BAAA.H4sIAAAAAAAAAAEgAN__J_udrXVUZ8ex6jmBpE1W_igqirXl-8GAPOkIKMr8WCW3Oh1jIAAAAA.3
Requested by
Host: birdu.learn.link
URL: https://birdu.learn.link/release-bundle-1734442246645/7997.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2603:1026:3000:c8::b Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2fc816e84881104b9962fe0ec1422e37f6e503864f588a6b1beee397f0721425
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://birdu.learn.link/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache
content-encoding
gzip
content-length
16759
content-security-policy-report-only
object-src 'none'; base-uri 'self'; script-src 'self' 'nonce-YPH0pUMLtkYkHBckU7Ff_w' 'unsafe-inline' 'unsafe-eval' https://*.msauth.net https://*.msftauth.net https://*.msftauthimages.net https://*.msauthimages.net https://*.msidentity.com https://*.microsoftonline-p.com https://*.microsoftazuread-sso.com https://*.azureedge.net https://*.outlook.com https://*.office.com https://*.office365.com https://*.microsoft.com https://*.bing.com 'report-sample'; img-src 'self' data: https://*.msauth.net https://*.msftauth.net https://*.msftauthimages.net https://*.msauthimages.net https://*.msidentity.com https://*.microsoftonline-p.com https://*.microsoftazuread-sso.com https://*.azureedge.net https://*.outlook.com https://*.office.com https://*.office365.com https://*.microsoft.com https://*.bing.com 'report-sample'; report-uri https://csp.microsoft.com/report/ESTS-UX-All
content-type
text/html; charset=utf-8
date
Wed, 18 Dec 2024 12:20:17 GMT
expires
-1
link
<https://aadcdn.msauth.net>; rel=preconnect; crossorigin,<https://aadcdn.msauth.net>; rel=dns-prefetch,<https://aadcdn.msftauth.net>; rel=dns-prefetch
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
p3p
CP="DSP CUR OTPi IND OTRi ONL FIN"
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub2"}]}
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
on
x-frame-options
DENY
x-ms-ests-server
2.1.19683.3 - WEULR1 ProdSlices
x-ms-request-id
9bf27fad-f63b-40b2-a36f-4f996751a100
x-ms-srs
1.P
x-xss-protection
0

Redirect headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
date
Wed, 18 Dec 2024 12:20:18 GMT
location
https://login.microsoftonline.com/227c66e2-c39f-42e6-9963-86f26b23ea13/saml2?SAMLRequest=fZJLT8MwEITv%2FIrId%2BfhBDe1mlQVqBISXHgduFSus2ktJXbwOlD49bgpRXDhaGt2ZvXNLpaHvovewKG2piJZnJIIjLKNNruKPD2uaUmW9cUCZd%2BxQaxGvzf38DoC%2BmiFCM6HuStrcOzBPYB70wqe7m8rsvd%2BQJEk0ikP7uNAB2cb2h2GWAaPGEb6Hjwoi2UvP21I3Bntbaxsn0xZiW4GBzgEayDRddBqI%2F205Nm6sztt4l4rZ9G23ppOG5gcGJspzoFRlc9bWjDgdD7nOS15y%2FiW5SCz%2FBRDopvrimw4b2V52Ui6zYqcFmmaUsnVjOazbSPV5bbJyiZIEUe4Meil8RVhKStoxmhWPmZMsFRkZVww%2FkKi5zNOdsQZABsUJ4AVGZ0RVqJGYWQPKLwSD6u7WxGkIiDyVtmO1CfeYgp00dq6Xvr%2FZ48%2FuqHtJBVgvPYff7L%2FH5fnLkl9lJ1KEd%2BtCBzET2Gb%2FWdZvBR2vV4kv7esv59%2Fj6T%2BAg%3D%3D&RelayState=H4sIAAAAAAAAAE2QW4_aMBCF_4ufcXB8iRPeuhsoqNDdhW26paqQ49gkGzs2IVyr_ve6UlX17cw5n0Yz5ycQYALUCV7UcYB4V99TuqVuNgMjUIZE9HJQ_e0aSWeDJYPFWYOJxxYbTWxylu9Y1FnJlegDUAWgHgZ_nIzHZdNXp8iEoItM07VjKYwphWwDpwInXaWC1EFuPqyWQe7B5DtQVjQmDM6rrqnAjxFoA3GarRzDdpbzl_vllnlua9bny2kiP-kv7fLSso7uC6Y_Ir2ZL8yyeMpJka9sjGe6L44PXDE_785MFy-42cwPrL0uXjNXolYonTSHA4lzND0t1t-GnjxTm-k36m_14xO9qvuNsEN6_rpAyy2G6887hqaNWqwf_OPz9E132RYi8-42U2r9q0PhdvNfddD3roLm6iNxGuroX9eRsOLuOun2XTO4vwVbMIk5oQxTGqcj4MFEC3NUI9D_KSzmSuoqhUn4BlJKEMyowJBzLpOUJyTWcdgxBHSXJFqkrBKwjCmBFCEERSI5JLyshGRlFacV-PUbd01nJf8BAAA.H4sIAAAAAAAAAAEgAN__J_udrXVUZ8ex6jmBpE1W_igqirXl-8GAPOkIKMr8WCW3Oh1jIAAAAA.3
pragma
no-cache
server
Server
strict-transport-security
max-age=31536000 ; includeSubDomains
x-amz-cognito-request-id
c17ecfd8-67e5-4430-94a2-777c687631f1
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block
NRJS-c47c3212ac57fb9ecbd
bam.eu01.nr-data.net/events/1/ 		24 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.eu01.nr-data.net/events/1/NRJS-c47c3212ac57fb9ecbd?a=322541271&sa=1&v=1.275.0&t=Unnamed%20Transaction&rst=595&ck=0&s=af435e4a9a8aa74b&ref=https://birdu.learn.link/callback&ptid=e61cc20c6f93f965
Requested by
Host: birdu.learn.link
URL: https://birdu.learn.link/callback
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.221.85.3 , Ireland, ASN206998 (NEW-2 NEW RELIC INTERNATIONAL LIMITED, IE),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://birdu.learn.link/

Response headers

CF-Cache-Status
DYNAMIC
Connection
keep-alive
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
CF-Ray
8f3f1b2d9d4bdcb4-FRA
Access-Control-Allow-Origin
https://birdu.learn.link
Content-Length
24
Date
Wed, 18 Dec 2024 12:20:18 GMT
Content-Type
image/gif
Vary
Accept-Encoding
Server
cloudflare
NRJS-c47c3212ac57fb9ecbd
bam.eu01.nr-data.net/events/1/ 		24 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.eu01.nr-data.net/events/1/NRJS-c47c3212ac57fb9ecbd?a=322541271&sa=1&v=1.263.0&t=Unnamed%20Transaction&rst=600&ck=0&s=af435e4a9a8aa74b&ref=https://birdu.learn.link/callback&ptid=85fdeb4e761d9340
Requested by
Host: birdu.learn.link
URL: https://birdu.learn.link/callback
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.221.85.3 , Ireland, ASN206998 (NEW-2 NEW RELIC INTERNATIONAL LIMITED, IE),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://birdu.learn.link/

Response headers

CF-Cache-Status
DYNAMIC
Connection
keep-alive
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
CF-Ray
8f3f1b2d99c71d8a-FRA
Access-Control-Allow-Origin
https://birdu.learn.link
Content-Length
24
Date
Wed, 18 Dec 2024 12:20:18 GMT
Content-Type
image/gif
Vary
Accept-Encoding
Server
cloudflare
Me.htm
login.live.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://login.live.com/Me.htm?v=3
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/227c66e2-c39f-42e6-9963-86f26b23ea13/saml2?SAMLRequest=fZJLT8MwEITv%2FIrId%2BfhBDe1mlQVqBISXHgduFSus2ktJXbwOlD49bgpRXDhaGt2ZvXNLpaHvovewKG2piJZnJIIjLKNNruKPD2uaUmW9cUCZd%2BxQaxGvzf38DoC%2BmiFCM6HuStrcOzBPYB70wqe7m8rsvd%2BQJEk0ikP7uNAB2cb2h2GWAaPGEb6Hjwoi2UvP21I3Bntbaxsn0xZiW4GBzgEayDRddBqI%2F205Nm6sztt4l4rZ9G23ppOG5gcGJspzoFRlc9bWjDgdD7nOS15y%2FiW5SCz%2FBRDopvrimw4b2V52Ui6zYqcFmmaUsnVjOazbSPV5bbJyiZIEUe4Meil8RVhKStoxmhWPmZMsFRkZVww%2FkKi5zNOdsQZABsUJ4AVGZ0RVqJGYWQPKLwSD6u7WxGkIiDyVtmO1CfeYgp00dq6Xvr%2FZ48%2FuqHtJBVgvPYff7L%2FH5fnLkl9lJ1KEd%2BtCBzET2Gb%2FWdZvBR2vV4kv7esv59%2Fj6T%2BAg%3D%3D&RelayState=H4sIAAAAAAAAAE2QW4_aMBCF_4ufcXB8iRPeuhsoqNDdhW26paqQ49gkGzs2IVyr_ve6UlX17cw5n0Yz5ycQYALUCV7UcYB4V99TuqVuNgMjUIZE9HJQ_e0aSWeDJYPFWYOJxxYbTWxylu9Y1FnJlegDUAWgHgZ_nIzHZdNXp8iEoItM07VjKYwphWwDpwInXaWC1EFuPqyWQe7B5DtQVjQmDM6rrqnAjxFoA3GarRzDdpbzl_vllnlua9bny2kiP-kv7fLSso7uC6Y_Ir2ZL8yyeMpJka9sjGe6L44PXDE_785MFy-42cwPrL0uXjNXolYonTSHA4lzND0t1t-GnjxTm-k36m_14xO9qvuNsEN6_rpAyy2G6887hqaNWqwf_OPz9E132RYi8-42U2r9q0PhdvNfddD3roLm6iNxGuroX9eRsOLuOun2XTO4vwVbMIk5oQxTGqcj4MFEC3NUI9D_KSzmSuoqhUn4BlJKEMyowJBzLpOUJyTWcdgxBHSXJFqkrBKwjCmBFCEERSI5JLyshGRlFacV-PUbd01nJf8BAAA.H4sIAAAAAAAAAAEgAN__J_udrXVUZ8ex6jmBpE1W_igqirXl-8GAPOkIKMr8WCW3Oh1jIAAAAA.3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.160.20 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://login.microsoftonline.com/

Response headers
converged.v2.login.min_81imvbluez-v5hbzpkxfcg2.css
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ 		111 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_81imvbluez-v5hbzpkxfcg2.css
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/227c66e2-c39f-42e6-9963-86f26b23ea13/saml2?SAMLRequest=fZJLT8MwEITv%2FIrId%2BfhBDe1mlQVqBISXHgduFSus2ktJXbwOlD49bgpRXDhaGt2ZvXNLpaHvovewKG2piJZnJIIjLKNNruKPD2uaUmW9cUCZd%2BxQaxGvzf38DoC%2BmiFCM6HuStrcOzBPYB70wqe7m8rsvd%2BQJEk0ikP7uNAB2cb2h2GWAaPGEb6Hjwoi2UvP21I3Bntbaxsn0xZiW4GBzgEayDRddBqI%2F205Nm6sztt4l4rZ9G23ppOG5gcGJspzoFRlc9bWjDgdD7nOS15y%2FiW5SCz%2FBRDopvrimw4b2V52Ui6zYqcFmmaUsnVjOazbSPV5bbJyiZIEUe4Meil8RVhKStoxmhWPmZMsFRkZVww%2FkKi5zNOdsQZABsUJ4AVGZ0RVqJGYWQPKLwSD6u7WxGkIiDyVtmO1CfeYgp00dq6Xvr%2FZ48%2FuqHtJBVgvPYff7L%2FH5fnLkl9lJ1KEd%2BtCBzET2Gb%2FWdZvBR2vV4kv7esv59%2Fj6T%2BAg%3D%3D&RelayState=H4sIAAAAAAAAAE2QW4_aMBCF_4ufcXB8iRPeuhsoqNDdhW26paqQ49gkGzs2IVyr_ve6UlX17cw5n0Yz5ycQYALUCV7UcYB4V99TuqVuNgMjUIZE9HJQ_e0aSWeDJYPFWYOJxxYbTWxylu9Y1FnJlegDUAWgHgZ_nIzHZdNXp8iEoItM07VjKYwphWwDpwInXaWC1EFuPqyWQe7B5DtQVjQmDM6rrqnAjxFoA3GarRzDdpbzl_vllnlua9bny2kiP-kv7fLSso7uC6Y_Ir2ZL8yyeMpJka9sjGe6L44PXDE_785MFy-42cwPrL0uXjNXolYonTSHA4lzND0t1t-GnjxTm-k36m_14xO9qvuNsEN6_rpAyy2G6887hqaNWqwf_OPz9E132RYi8-42U2r9q0PhdvNfddD3roLm6iNxGuroX9eRsOLuOun2XTO4vwVbMIk5oQxTGqcj4MFEC3NUI9D_KSzmSuoqhUn4BlJKEMyowJBzLpOUJyTWcdgxBHSXJFqkrBKwjCmBFCEERSI5JLyshGRlFacV-PUbd01nJf8BAAA.H4sIAAAAAAAAAAEgAN__J_udrXVUZ8ex6jmBpE1W_igqirXl-8GAPOkIKMr8WCW3Oh1jIAAAAA.3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6cc79c59f00478ce5d8eaa982efdd8fc3cc205a7ea023a564bb2688fa206a087

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://login.microsoftonline.com
Referer
https://login.microsoftonline.com/

Response headers

access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DCFFB21E496F3A
x-ms-lease-status
unlocked
x-fd-int-roxy-purgeid
0
x-cache
TCP_HIT
date
Wed, 18 Dec 2024 12:20:18 GMT
content-type
text/css
last-modified
Fri, 08 Nov 2024 04:59:25 GMT
cache-control
public, max-age=31536000
x-ms-request-id
91d02010-a01e-0045-6f7e-50610a000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
20410
x-azure-ref
20241218T122018Z-16fbf75468cp9shjhC1FRA4u4n00000002e000000000uvwt
x-ms-blob-type
BlockBlob
ConvergedLogin_PCore_kAx9qZOSH4g90FNHstHMCA2.js
aadcdn.msauth.net/shared/1.0/content/js/ 		440 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_kAx9qZOSH4g90FNHstHMCA2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/227c66e2-c39f-42e6-9963-86f26b23ea13/saml2?SAMLRequest=fZJLT8MwEITv%2FIrId%2BfhBDe1mlQVqBISXHgduFSus2ktJXbwOlD49bgpRXDhaGt2ZvXNLpaHvovewKG2piJZnJIIjLKNNruKPD2uaUmW9cUCZd%2BxQaxGvzf38DoC%2BmiFCM6HuStrcOzBPYB70wqe7m8rsvd%2BQJEk0ikP7uNAB2cb2h2GWAaPGEb6Hjwoi2UvP21I3Bntbaxsn0xZiW4GBzgEayDRddBqI%2F205Nm6sztt4l4rZ9G23ppOG5gcGJspzoFRlc9bWjDgdD7nOS15y%2FiW5SCz%2FBRDopvrimw4b2V52Ui6zYqcFmmaUsnVjOazbSPV5bbJyiZIEUe4Meil8RVhKStoxmhWPmZMsFRkZVww%2FkKi5zNOdsQZABsUJ4AVGZ0RVqJGYWQPKLwSD6u7WxGkIiDyVtmO1CfeYgp00dq6Xvr%2FZ48%2FuqHtJBVgvPYff7L%2FH5fnLkl9lJ1KEd%2BtCBzET2Gb%2FWdZvBR2vV4kv7esv59%2Fj6T%2BAg%3D%3D&RelayState=H4sIAAAAAAAAAE2QW4_aMBCF_4ufcXB8iRPeuhsoqNDdhW26paqQ49gkGzs2IVyr_ve6UlX17cw5n0Yz5ycQYALUCV7UcYB4V99TuqVuNgMjUIZE9HJQ_e0aSWeDJYPFWYOJxxYbTWxylu9Y1FnJlegDUAWgHgZ_nIzHZdNXp8iEoItM07VjKYwphWwDpwInXaWC1EFuPqyWQe7B5DtQVjQmDM6rrqnAjxFoA3GarRzDdpbzl_vllnlua9bny2kiP-kv7fLSso7uC6Y_Ir2ZL8yyeMpJka9sjGe6L44PXDE_785MFy-42cwPrL0uXjNXolYonTSHA4lzND0t1t-GnjxTm-k36m_14xO9qvuNsEN6_rpAyy2G6887hqaNWqwf_OPz9E132RYi8-42U2r9q0PhdvNfddD3roLm6iNxGuroX9eRsOLuOun2XTO4vwVbMIk5oQxTGqcj4MFEC3NUI9D_KSzmSuoqhUn4BlJKEMyowJBzLpOUJyTWcdgxBHSXJFqkrBKwjCmBFCEERSI5JLyshGRlFacV-PUbd01nJf8BAAA.H4sIAAAAAAAAAAEgAN__J_udrXVUZ8ex6jmBpE1W_igqirXl-8GAPOkIKMr8WCW3Oh1jIAAAAA.3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3bb35e786c5ef0186c1202ce43b9745d0ea7315c2158259bdfbdf9cc028780c6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://login.microsoftonline.com
Referer
https://login.microsoftonline.com/

Response headers

access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DD0A95D1F56318
x-ms-lease-status
unlocked
x-fd-int-roxy-purgeid
0
x-cache
TCP_HIT
date
Wed, 18 Dec 2024 12:20:18 GMT
content-type
application/x-javascript
last-modified
Fri, 22 Nov 2024 01:34:34 GMT
cache-control
public, max-age=31536000
x-ms-request-id
d98fa09b-a01e-0062-5c7e-500171000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
122515
x-azure-ref
20241218T122018Z-16fbf75468cp9shjhC1FRA4u4n00000002e000000000uvwu
x-ms-blob-type
BlockBlob
ux.converged.login.strings-de.min_jtrkqqoseo84fk0jpgcina2.js
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ 		63 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-de.min_jtrkqqoseo84fk0jpgcina2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/227c66e2-c39f-42e6-9963-86f26b23ea13/saml2?SAMLRequest=fZJLT8MwEITv%2FIrId%2BfhBDe1mlQVqBISXHgduFSus2ktJXbwOlD49bgpRXDhaGt2ZvXNLpaHvovewKG2piJZnJIIjLKNNruKPD2uaUmW9cUCZd%2BxQaxGvzf38DoC%2BmiFCM6HuStrcOzBPYB70wqe7m8rsvd%2BQJEk0ikP7uNAB2cb2h2GWAaPGEb6Hjwoi2UvP21I3Bntbaxsn0xZiW4GBzgEayDRddBqI%2F205Nm6sztt4l4rZ9G23ppOG5gcGJspzoFRlc9bWjDgdD7nOS15y%2FiW5SCz%2FBRDopvrimw4b2V52Ui6zYqcFmmaUsnVjOazbSPV5bbJyiZIEUe4Meil8RVhKStoxmhWPmZMsFRkZVww%2FkKi5zNOdsQZABsUJ4AVGZ0RVqJGYWQPKLwSD6u7WxGkIiDyVtmO1CfeYgp00dq6Xvr%2FZ48%2FuqHtJBVgvPYff7L%2FH5fnLkl9lJ1KEd%2BtCBzET2Gb%2FWdZvBR2vV4kv7esv59%2Fj6T%2BAg%3D%3D&RelayState=H4sIAAAAAAAAAE2QW4_aMBCF_4ufcXB8iRPeuhsoqNDdhW26paqQ49gkGzs2IVyr_ve6UlX17cw5n0Yz5ycQYALUCV7UcYB4V99TuqVuNgMjUIZE9HJQ_e0aSWeDJYPFWYOJxxYbTWxylu9Y1FnJlegDUAWgHgZ_nIzHZdNXp8iEoItM07VjKYwphWwDpwInXaWC1EFuPqyWQe7B5DtQVjQmDM6rrqnAjxFoA3GarRzDdpbzl_vllnlua9bny2kiP-kv7fLSso7uC6Y_Ir2ZL8yyeMpJka9sjGe6L44PXDE_785MFy-42cwPrL0uXjNXolYonTSHA4lzND0t1t-GnjxTm-k36m_14xO9qvuNsEN6_rpAyy2G6887hqaNWqwf_OPz9E132RYi8-42U2r9q0PhdvNfddD3roLm6iNxGuroX9eRsOLuOun2XTO4vwVbMIk5oQxTGqcj4MFEC3NUI9D_KSzmSuoqhUn4BlJKEMyowJBzLpOUJyTWcdgxBHSXJFqkrBKwjCmBFCEERSI5JLyshGRlFacV-PUbd01nJf8BAAA.H4sIAAAAAAAAAAEgAN__J_udrXVUZ8ex6jmBpE1W_igqirXl-8GAPOkIKMr8WCW3Oh1jIAAAAA.3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d56a1462121f73741276881b4d9fcea3c8b2a89fc38e8eb64eb69743b4e24b96

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://login.microsoftonline.com
Referer
https://login.microsoftonline.com/

Response headers

access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DCF86B2397F02E
x-ms-lease-status
unlocked
x-fd-int-roxy-purgeid
0
x-cache
TCP_HIT
date
Wed, 18 Dec 2024 12:20:18 GMT
content-type
application/x-javascript
last-modified
Tue, 29 Oct 2024 22:43:42 GMT
cache-control
public, max-age=31536000
x-ms-request-id
a1d64098-c01e-005b-5182-50fa6d000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
18023
x-azure-ref
20241218T122018Z-16fbf75468cp9shjhC1FRA4u4n00000002e000000000uvwv
x-ms-blob-type
BlockBlob
oneDs_f2e0f4a029670f10d892.js
aadcdn.msauth.net/shared/1.0/content/js/ 		186 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/oneDs_f2e0f4a029670f10d892.js
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_kAx9qZOSH4g90FNHstHMCA2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8405362eb8f09df13ae244de155b51b1577274673d9728b6c81cd0278a63c8b0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://login.microsoftonline.com/

Response headers

access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DB5D44A8CEE4F4
x-ms-lease-status
unlocked
x-fd-int-roxy-purgeid
0
x-cache
TCP_HIT
date
Wed, 18 Dec 2024 12:20:19 GMT
content-type
application/x-javascript
last-modified
Thu, 25 May 2023 17:22:47 GMT
cache-control
public, max-age=31536000
x-ms-request-id
4923131e-701e-0003-7181-502232000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
61052
x-azure-ref
20241218T122019Z-16fbf75468c4bd86hC1FRAgmmg00000002v000000000dq2x
x-ms-blob-type
BlockBlob
convergedlogin_pcustomizationloader_27cef08ca792f8e8b149.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ 		397 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_27cef08ca792f8e8b149.js
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_kAx9qZOSH4g90FNHstHMCA2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
54b34ea260d9dcf6d7961a60c9b540673312a965f9ddc2f1ab9855d622bfa07c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://login.microsoftonline.com/

Response headers

access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DD05A546E5C15E
x-ms-lease-status
unlocked
x-fd-int-roxy-purgeid
0
x-cache
TCP_HIT
date
Wed, 18 Dec 2024 12:20:19 GMT
content-type
application/x-javascript
last-modified
Fri, 15 Nov 2024 18:42:37 GMT
cache-control
public, max-age=31536000
x-ms-request-id
b6127344-001e-0047-377e-5097a0000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
116343
x-azure-ref
20241218T122019Z-16fbf75468c4bd86hC1FRAgmmg00000002v000000000dq30
x-ms-blob-type
BlockBlob
favicon_a_eupayfgghqiai7k9sol6lg2.ico
aadcdn.msauth.net/shared/1.0/content/images/ 		17 KB
17 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://login.microsoftonline.com/

Response headers

access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
etag
0x8D8731230C851A6
x-fd-int-roxy-purgeid
0
x-cache
TCP_HIT
date
Wed, 18 Dec 2024 12:20:19 GMT
content-type
image/x-icon
last-modified
Sun, 18 Oct 2020 03:02:03 GMT
cache-control
public, max-age=31536000
x-ms-request-id
8719b980-001e-0054-2d6d-508c01000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
17174
x-azure-ref
20241218T122019Z-16fbf75468c4bd86hC1FRAgmmg00000002v000000000dq35
x-ms-blob-type
BlockBlob
illustration
aadcdn.msauthimages.net/c1c6b6c8-zawz7ngil8ia2yxbawzcfgskl0q0rjo1nbnqmktmnyk/logintenantbranding/0/ 		278 KB
278 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauthimages.net/c1c6b6c8-zawz7ngil8ia2yxbawzcfgskl0q0rjo1nbnqmktmnyk/logintenantbranding/0/illustration?ts=637611734257429721
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CCB) /
Resource Hash
a289ffa1dea283fa8c4affc167f3147a2dc9ad248a523d65491630f86d7f168c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://login.microsoftonline.com/

Response headers

content-md5
QV4EgPuJ1i+eV+lHVEuvWg==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-lease-status
unlocked
x-ms-version
2009-09-19
etag
0x8D9407E7D246D08
age
63207
x-content-type-options
nosniff
x-cache
HIT
date
Wed, 18 Dec 2024 12:20:19 GMT
content-type
image/*
last-modified
Tue, 06 Jul 2021 13:03:45 GMT
cache-control
public, max-age=86400
x-ms-request-id
6fd72a47-701e-0044-1db4-50f05e000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
284820
x-ms-blob-type
BlockBlob
server
ECAcc (frc/4CCB)
bannerlogo
aadcdn.msauthimages.net/c1c6b6c8-zawz7ngil8ia2yxbawzcfgskl0q0rjo1nbnqmktmnyk/logintenantbranding/0/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauthimages.net/c1c6b6c8-zawz7ngil8ia2yxbawzcfgskl0q0rjo1nbnqmktmnyk/logintenantbranding/0/bannerlogo?ts=636155145814879078
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CAA) /
Resource Hash
10a5371d6a3b2464c36d6052f8f54dc3e2a57ff1e823b6d1d9abc206c2568c16
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://login.microsoftonline.com/

Response headers

content-md5
DW2HFPHdRGnx3mA1p9r1Mw==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-lease-status
unlocked
x-ms-version
2009-09-19
etag
0x8D413BC106F82D5
age
73995
x-content-type-options
nosniff
x-cache
HIT
date
Wed, 18 Dec 2024 12:20:19 GMT
content-type
image/png
last-modified
Wed, 23 Nov 2016 16:16:21 GMT
cache-control
public, max-age=86400
x-ms-request-id
c998d085-501e-003e-489a-509a13000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
8658
x-ms-blob-type
BlockBlob
server
ECAcc (frc/4CAA)
convergedlogin_pstringcustomizationhelper_cc2c59f5ef2c09e14b08.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ 		111 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_cc2c59f5ef2c09e14b08.js
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_kAx9qZOSH4g90FNHstHMCA2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c30fd6bb912661057ec2eea9a2f135303a6d0f8d110bf11493b369286f0587ae

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://login.microsoftonline.com/

Response headers

access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DD05A5479BC1A5
x-ms-lease-status
unlocked
x-fd-int-roxy-purgeid
0
x-cache
TCP_HIT
date
Wed, 18 Dec 2024 12:20:19 GMT
content-type
application/x-javascript
last-modified
Fri, 15 Nov 2024 18:42:38 GMT
cache-control
public, max-age=31536000
x-ms-request-id
d25aa5ce-101e-001d-056f-50b955000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
35170
x-azure-ref
20241218T122019Z-16fbf75468c4bd86hC1FRAgmmg00000002v000000000dq3a
x-ms-blob-type
BlockBlob
signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
aadcdn.msauth.net/shared/1.0/content/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://login.microsoftonline.com/

Response headers

access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DB5C3F49ED96E0
x-ms-lease-status
unlocked
x-fd-int-roxy-purgeid
0
x-cache
TCP_HIT
date
Wed, 18 Dec 2024 12:20:19 GMT
content-type
image/svg+xml
last-modified
Wed, 24 May 2023 10:11:49 GMT
cache-control
public, max-age=31536000
x-ms-request-id
d07a1d90-101e-006f-487e-50be1a000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
621
x-azure-ref
20241218T122019Z-16fbf75468c4bd86hC1FRAgmmg00000002v000000000dq58
x-ms-blob-type
BlockBlob

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
content.insights.thrivelearning.com
URL
https://content.insights.thrivelearning.com/agent/static/ee9b4632-5892-4546-4ccf-0c0cf2a64af5/pendo.js
Domain
tenant.api.learn.link
URL
https://tenant.api.learn.link/password?GetPasswordPolicy
Domain
tenant.api.learn.link
URL
https://tenant.api.learn.link/password?GetPasswordPolicy

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository object| Telemetry object| telemetry_webpackJsonp boolean| __ConvergedLogin_PCore boolean| __ boolean| __convergedlogin_pcustomizationloader_27cef08ca792f8e8b149 boolean| __convergedlogin_pstringcustomizationhelper_cc2c59f5ef2c09e14b08

13 Cookies

Domain/Path Name / Value
arcteryx-prod-lxp.auth.eu-west-2.amazoncognito.com/ Name: XSRF-TOKEN
Value: 89b59e89-9131-47ce-921e-3f6dfc4b12bc
arcteryx-prod-lxp.auth.eu-west-2.amazoncognito.com/ Name: csrf-state
Value: uFMo52mFD7Qzwy9p7mh5rDLE6cKfUkLwk5n4gV5fG0fSHIlLVOD3VDMm12FfrVsB7e5pHnv5fVQ2iSHq5kxIT9ob0kaef6iqq31D0EuIRYtr3P4m9fX4pyhCO4xezy35q8vWI0LZ2-RN_50EieIRBpCPEXfn9Z-0ljoSE4mpTo0
arcteryx-prod-lxp.auth.eu-west-2.amazoncognito.com/ Name: csrf-state-legacy
Value: uFMo52mFD7Qzwy9p7mh5rDLE6cKfUkLwk5n4gV5fG0fSHIlLVOD3VDMm12FfrVsB7e5pHnv5fVQ2iSHq5kxIT9ob0kaef6iqq31D0EuIRYtr3P4m9fX4pyhCO4xezy35q8vWI0LZ2-RN_50EieIRBpCPEXfn9Z-0ljoSE4mpTo0
login.microsoftonline.com/ Name: buid
Value: 1.AQIA4mZ8Ip_D5kKZY4byayPqE7TokFwt5TpOjCmoXkmWGHbcAAACAA.AQABGgEAAADW6jl31mB3T7ugrWTT8pFe4Xw7nJz97bvCueZWFkZLyBnhJW9x8jEBSCDWUoR86_J32RZJqA1eVCj9srJOF1_ZZXYMzQ60wsq_gh-5m1gEr_aHqNZ_yin-UsdFIq3fcN8gAA
.login.microsoftonline.com/ Name: esctx
Value: PAQABBwEAAADW6jl31mB3T7ugrWTT8pFeoO7etpYwosl6gHUROutdR-_IILc5SnOexxeo_74mdm2TqR1-E1iGr0TQbLRj3Vgp9sEDrbJaJVo0SDwSy5yFfgcMTfEwgxgebv7CGM2fXtrY8ThRPXSZQnii2VUQqUkUEt0FKc1Q0HN9-NBR76tJPEZ6Y7C_NZF4VXjtnzDIoWggAA
.login.microsoftonline.com/ Name: esctx-kQR1btmX87A
Value: AQABCQEAAADW6jl31mB3T7ugrWTT8pFeJ1MOV2gTnN_tfLxw-oh-aWHk44InIJ0t_aMtAuTmyYuQgj5RhOaP3oryIIRqvCSWCExPUv-bMXDzCdFAdvi8Gt6TcqnGgE_cQx06fxP58h3UfntINRVd0Jcu5StsGwOTITKAvsuVX4gXhN5M_XacxCAA
login.microsoftonline.com/ Name: fpc
Value: AjvVfu8szp1Bnld0mII2v8hbjLhLAQAAAAG19N4OAAAA
login.microsoftonline.com/ Name: x-ms-gateway-slice
Value: estsfd
login.microsoftonline.com/ Name: stsservicecookie
Value: estsfd
login.microsoftonline.com/ Name: MicrosoftApplicationsTelemetryDeviceId
Value: 6481af3c-0e88-4bb7-95eb-51ff7b55edeb
.login.microsoftonline.com/ Name: brcap
Value: 0
.login.live.com/ Name: uaid
Value: 9d694cede70e43f5942c353b25faed16
.login.live.com/ Name: MSPRequ
Value: id=N&lt=1734524419&co=1

2 Console Messages

Source Level URL
Text
security error URL: https://birdu.learn.link/
Message:
The Content Security Policy directive 'upgrade-insecure-requests' is ignored when delivered in a report-only policy.
recommendation verbose URL: https://login.microsoftonline.com/227c66e2-c39f-42e6-9963-86f26b23ea13/saml2?SAMLRequest=fZJLT8MwEITv%2FIrId%2BfhBDe1mlQVqBISXHgduFSus2ktJXbwOlD49bgpRXDhaGt2ZvXNLpaHvovewKG2piJZnJIIjLKNNruKPD2uaUmW9cUCZd%2BxQaxGvzf38DoC%2BmiFCM6HuStrcOzBPYB70wqe7m8rsvd%2BQJEk0ikP7uNAB2cb2h2GWAaPGEb6Hjwoi2UvP21I3Bntbaxsn0xZiW4GBzgEayDRddBqI%2F205Nm6sztt4l4rZ9G23ppOG5gcGJspzoFRlc9bWjDgdD7nOS15y%2FiW5SCz%2FBRDopvrimw4b2V52Ui6zYqcFmmaUsnVjOazbSPV5bbJyiZIEUe4Meil8RVhKStoxmhWPmZMsFRkZVww%2FkKi5zNOdsQZABsUJ4AVGZ0RVqJGYWQPKLwSD6u7WxGkIiDyVtmO1CfeYgp00dq6Xvr%2FZ48%2FuqHtJBVgvPYff7L%2FH5fnLkl9lJ1KEd%2BtCBzET2Gb%2FWdZvBR2vV4kv7esv59%2Fj6T%2BAg%3D%3D&RelayState=H4sIAAAAAAAAAE2QW4_aMBCF_4ufcXB8iRPeuhsoqNDdhW26paqQ49gkGzs2IVyr_ve6UlX17cw5n0Yz5ycQYALUCV7UcYB4V99TuqVuNgMjUIZE9HJQ_e0aSWeDJYPFWYOJxxYbTWxylu9Y1FnJlegDUAWgHgZ_nIzHZdNXp8iEoItM07VjKYwphWwDpwInXaWC1EFuPqyWQe7B5DtQVjQmDM6rrqnAjxFoA3GarRzDdpbzl_vllnlua9bny2kiP-kv7fLSso7uC6Y_Ir2ZL8yyeMpJka9sjGe6L44PXDE_785MFy-42cwPrL0uXjNXolYonTSHA4lzND0t1t-GnjxTm-k36m_14xO9qvuNsEN6_rpAyy2G6887hqaNWqwf_OPz9E132RYi8-42U2r9q0PhdvNfddD3roLm6iNxGuroX9eRsOLuOun2XTO4vwVbMIk5oQxTGqcj4MFEC3NUI9D_KSzmSuoqhUn4BlJKEMyowJBzLpOUJyTWcdgxBHSXJFqkrBKwjCmBFCEERSI5JLyshGRlFacV-PUbd01nJf8BAAA.H4sIAAAAAAAAAAEgAN__J_udrXVUZ8ex6jmBpE1W_igqirXl-8GAPOkIKMr8WCW3Oh1jIAAAAA.3
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msauth.net
aadcdn.msauthimages.net
arcteryx-prod-lxp.auth.eu-west-2.amazoncognito.com
bam.eu01.nr-data.net
birdu.learn.link
cdn.growthbook.io
content.insights.thrivelearning.com
do0vsc0ibwv92.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
js-agent.newrelic.com
login.live.com
login.microsoftonline.com
tenant.api.learn.link
tenant.assets.learn.link
waif.api.learn.link
content.insights.thrivelearning.com
tenant.api.learn.link
142.250.186.35
151.101.65.91
18.245.31.109
18.66.102.43
185.221.85.3
20.190.160.20
2600:9000:206f:8400:d:3cf6:4d80:93a1
2602:816:5001::39
2603:1026:3000:c8::b
2606:2800:233:1cb7:261b:1f9c:2074:3c
2620:1ec:bdf::45
2a00:1450:4001:813::200a
2a05:d01c:4a0:2f01:4f87:ca5d:7c1b:f957
3.33.200.131
35.186.241.17
52.56.107.251
10a5371d6a3b2464c36d6052f8f54dc3e2a57ff1e823b6d1d9abc206c2568c16
2fc816e84881104b9962fe0ec1422e37f6e503864f588a6b1beee397f0721425
3bb35e786c5ef0186c1202ce43b9745d0ea7315c2158259bdfbdf9cc028780c6
4754e716d9b906ee06da7f16c9f846e0ba3120fe646c6126b2caba3e15a5b26e
54b34ea260d9dcf6d7961a60c9b540673312a965f9ddc2f1ab9855d622bfa07c
6cc79c59f00478ce5d8eaa982efdd8fc3cc205a7ea023a564bb2688fa206a087
73e70cc168920e2ebfb0349e22af2d813a66f68c470fb09a9a78dcde614487aa
8405362eb8f09df13ae244de155b51b1577274673d9728b6c81cd0278a63c8b0
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
a289ffa1dea283fa8c4affc167f3147a2dc9ad248a523d65491630f86d7f168c
c00a4ccd669f03e1aacab736debbdfeb3561ada7430f8f3813522e69d1b571a1
c30fd6bb912661057ec2eea9a2f135303a6d0f8d110bf11493b369286f0587ae
d56a1462121f73741276881b4d9fcea3c8b2a89fc38e8eb64eb69743b4e24b96
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fb59b542c85d90d9afef7bb79aec3b986900f50c234e38ec71dd85304ca22f82