urlscan.io logo urlscan.io
SecurityTrails logo

uat-funds.tmf-group.com Open in urlscan Pro
2606:4700:4400::ac40:9649  Public Scan

Go To Rescan Add Verdict Report
URL: https://uat-funds.tmf-group.com/
Submission: On November 18 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 15 HTTP transactions. The main IP is 2606:4700:4400::ac40:9649, located in United States and belongs to CLOUDFLARENET, US. The main domain is uat-funds.tmf-group.com.
TLS certificate: Issued by WE1 on November 18th 2024. Valid for: 3 months.
This is the only time uat-funds.tmf-group.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 2606:4700:440... 13335 (CLOUDFLAR...)
1 2620:1ec:bdf::45 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
2 172.217.18.3 15169 (GOOGLE)
2 20.50.88.245 8075 (MICROSOFT...)
15 6
8    2606:4700:4400::ac40:9649 (United States)

ASN13335 (CLOUDFLARENET, US)
uat-funds.tmf-group.com
1    2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
js.monitor.azure.com
1    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    172.217.18.3 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f3.1e100.net
fonts.gstatic.com
2    20.50.88.245 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com
Apex Domain
Subdomains		 Transfer
8 tmf-group.com
uat-funds.tmf-group.com
302 KB
2 visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 801
200 B
2 gstatic.com
fonts.gstatic.com
36 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
2 KB
1 azure.com
js.monitor.azure.com — Cisco Umbrella Rank: 597
56 KB
0 googletagmanager.com Failed
www.googletagmanager.com Failed
15 6
Domain Requested by
8 uat-funds.tmf-group.com uat-funds.tmf-group.com
2 dc.services.visualstudio.com js.monitor.azure.com
2 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com uat-funds.tmf-group.com
1 js.monitor.azure.com uat-funds.tmf-group.com
0 www.googletagmanager.com Failed uat-funds.tmf-group.com
15 6

This site contains no links.

Subject Issuer Validity Valid
uat-funds.tmf-group.com
WE1		 2024-11-18 -
2025-02-16		 3 months crt.sh
js.monitor.azure.com
Microsoft Azure RSA TLS Issuing CA 04		 2024-08-20 -
2025-08-15		 a year crt.sh
upload.video.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
prod.ai.ingestion.msftcloudes.com
Microsoft Azure RSA TLS Issuing CA 04		 2024-09-08 -
2025-09-03		 a year crt.sh

This page contains 1 frames:

Primary Page: https://uat-funds.tmf-group.com/
Frame ID: 369B547BB3CDB70A8586B9E2E542FF9D
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

TMF Fund microsite

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->

Page Statistics

15
Requests

93 %
HTTPS

60 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

397 kB
Transfer

1104 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
uat-funds.tmf-group.com/ 		12 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://uat-funds.tmf-group.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98a28607c7ff4262e079d5905a0e45b8a58761fbb70d48da7805019ea4050b2b
Security Headers
Name Value
Content-Security-Policy default-src 'self' ; script-src 'self' 'strict-dynamic' 'nonce-f5232ba3-cd12-47a2-967b-24ddf4cb11f7' https: *.googletagmanager.com *.vimeocdn.com *.gstatis.com *.vimeocdn.com www.gstatic.com mktdplp102cdn.azureedge.net; style-src 'self' 'unsafe-inline' https: *.googleapis.com; img-src 'self' https://*.doubleclick.net https://cdn-ukwest.onetrust.com https://*.teads.tv https://www.facebook.com https://px.ads.linkedin.com https://bat.bing.com https://www.googletagmanager.com https://a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com https://www.google.com; connect-src 'self' wss: *.hotjar.com *.onetrust.com *.google-analytics.com *.visualstudio.com *.googlesyndication.com *.svc.dynamics.com *.google.com google.com *.linkedin.com *.doubleclick.net *.teads.tv *.clarity.ms *.zi-scripts.com *.mktoresp.com *.site24x7rum.eu *.zoominfo.com assets-eur.mkt.dynamics.com cxppusa1formui01cdnsa01-endpoint.azureedge.net public-eur.mkt.dynamics.com *.bing.com *.hotjar.io; font-src 'self' data: fonts.gstatic.com; frame-src 'self' www.googletagmanager.com a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com *.fls.doubleclick.net td.doubleclick.net fledge.teads.tv player.vimeo.com ; child-src 'self' *.vimeo.com *.doubleclick.net a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com *.teads.tv *.infogram.com; form-action 'self' ; report-uri https://uat-funds.tmf-group.com/api/reporting/; report-to csp-endpoint;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8e4aaabb9933d392-FRA
content-encoding
gzip
content-security-policy
default-src 'self' ; script-src 'self' 'strict-dynamic' 'nonce-f5232ba3-cd12-47a2-967b-24ddf4cb11f7' https: *.googletagmanager.com *.vimeocdn.com *.gstatis.com *.vimeocdn.com www.gstatic.com mktdplp102cdn.azureedge.net; style-src 'self' 'unsafe-inline' https: *.googleapis.com; img-src 'self' https://*.doubleclick.net https://cdn-ukwest.onetrust.com https://*.teads.tv https://www.facebook.com https://px.ads.linkedin.com https://bat.bing.com https://www.googletagmanager.com https://a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com https://www.google.com; connect-src 'self' wss: *.hotjar.com *.onetrust.com *.google-analytics.com *.visualstudio.com *.googlesyndication.com *.svc.dynamics.com *.google.com google.com *.linkedin.com *.doubleclick.net *.teads.tv *.clarity.ms *.zi-scripts.com *.mktoresp.com *.site24x7rum.eu *.zoominfo.com assets-eur.mkt.dynamics.com cxppusa1formui01cdnsa01-endpoint.azureedge.net public-eur.mkt.dynamics.com *.bing.com *.hotjar.io; font-src 'self' data: fonts.gstatic.com; frame-src 'self' www.googletagmanager.com a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com *.fls.doubleclick.net td.doubleclick.net fledge.teads.tv player.vimeo.com ; child-src 'self' *.vimeo.com *.doubleclick.net a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com *.teads.tv *.infogram.com; form-action 'self' ; report-uri https://uat-funds.tmf-group.com/api/reporting/; report-to csp-endpoint;
content-type
text/html; charset=utf-8
date
Mon, 18 Nov 2024 20:21:27 GMT
expires
0
pragma
no-cache
referrer-policy
no-referrer
report-to
{ "group": "csp-endpoint","max_age": 10886400,"endpoints": [{ "url": "https://uat-funds.tmf-group.com/api/reporting/" }] }
reporting-endpoints
csp-endpoint="https://uat-funds.tmf-group.com/api/reporting/", default="https://uat-funds.tmf-group.com/api/reporting/"
request-context
appId=cid-v1:14ec4fc4-e850-4f7e-bb17-e5f68fbfa8e1
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
main.css
uat-funds.tmf-group.com/dist/ 		177 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://uat-funds.tmf-group.com/dist/main.css?v=5Reosaj-do8iUSfZf55fyh1l_uiTwzoFmIeaiUYzK9g
Requested by
Host: uat-funds.tmf-group.com
URL: https://uat-funds.tmf-group.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e517a8b1a8fe768f225127d97f9e5fca1d65fee893c33a0598879a8946332bd8
Security Headers
Name Value
Content-Security-Policy default-src 'self' ; script-src 'self' 'strict-dynamic' 'nonce-f5232ba3-cd12-47a2-967b-24ddf4cb11f7' https: *.googletagmanager.com *.vimeocdn.com *.gstatis.com *.vimeocdn.com www.gstatic.com mktdplp102cdn.azureedge.net; style-src 'self' 'unsafe-inline' https: *.googleapis.com; img-src 'self' https://*.doubleclick.net https://cdn-ukwest.onetrust.com https://*.teads.tv https://www.facebook.com https://px.ads.linkedin.com https://bat.bing.com https://www.googletagmanager.com https://a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com https://www.google.com; connect-src 'self' wss: *.hotjar.com *.onetrust.com *.google-analytics.com *.visualstudio.com *.googlesyndication.com *.svc.dynamics.com *.google.com google.com *.linkedin.com *.doubleclick.net *.teads.tv *.clarity.ms *.zi-scripts.com *.mktoresp.com *.site24x7rum.eu *.zoominfo.com assets-eur.mkt.dynamics.com cxppusa1formui01cdnsa01-endpoint.azureedge.net public-eur.mkt.dynamics.com *.bing.com *.hotjar.io; font-src 'self' data: fonts.gstatic.com; frame-src 'self' www.googletagmanager.com a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com *.fls.doubleclick.net td.doubleclick.net fledge.teads.tv player.vimeo.com ; child-src 'self' *.vimeo.com *.doubleclick.net a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com *.teads.tv *.infogram.com; form-action 'self' ; report-uri https://uat-funds.tmf-group.com/api/reporting/; report-to csp-endpoint;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"1db35ae951d8a21"
x-permitted-cross-domain-policies
none
report-to
{ "group": "csp-endpoint","max_age": 10886400,"endpoints": [{ "url": "https://uat-funds.tmf-group.com/api/reporting/" }] }
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 20:21:27 GMT
date
Mon, 18 Nov 2024 20:21:27 GMT
content-type
text/css
last-modified
Wed, 13 Nov 2024 09:29:48 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
reporting-endpoints
csp-endpoint="https://uat-funds.tmf-group.com/api/reporting/", default="https://uat-funds.tmf-group.com/api/reporting/"
content-security-policy
default-src 'self' ; script-src 'self' 'strict-dynamic' 'nonce-f5232ba3-cd12-47a2-967b-24ddf4cb11f7' https: *.googletagmanager.com *.vimeocdn.com *.gstatis.com *.vimeocdn.com www.gstatic.com mktdplp102cdn.azureedge.net; style-src 'self' 'unsafe-inline' https: *.googleapis.com; img-src 'self' https://*.doubleclick.net https://cdn-ukwest.onetrust.com https://*.teads.tv https://www.facebook.com https://px.ads.linkedin.com https://bat.bing.com https://www.googletagmanager.com https://a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com https://www.google.com; connect-src 'self' wss: *.hotjar.com *.onetrust.com *.google-analytics.com *.visualstudio.com *.googlesyndication.com *.svc.dynamics.com *.google.com google.com *.linkedin.com *.doubleclick.net *.teads.tv *.clarity.ms *.zi-scripts.com *.mktoresp.com *.site24x7rum.eu *.zoominfo.com assets-eur.mkt.dynamics.com cxppusa1formui01cdnsa01-endpoint.azureedge.net public-eur.mkt.dynamics.com *.bing.com *.hotjar.io; font-src 'self' data: fonts.gstatic.com; frame-src 'self' www.googletagmanager.com a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com *.fls.doubleclick.net td.doubleclick.net fledge.teads.tv player.vimeo.com ; child-src 'self' *.vimeo.com *.doubleclick.net a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com *.teads.tv *.infogram.com; form-action 'self' ; report-uri https://uat-funds.tmf-group.com/api/reporting/; report-to csp-endpoint;
cache-control
public, max-age=604800
referrer-policy
no-referrer
request-context
appId=cid-v1:14ec4fc4-e850-4f7e-bb17-e5f68fbfa8e1
cf-ray
8e4aaabcdccad392-FRA
server
cloudflare
tmf-group-logo-reverse-spa.png
uat-funds.tmf-group.com/globalassets/logos/tmf-spa/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uat-funds.tmf-group.com/globalassets/logos/tmf-spa/tmf-group-logo-reverse-spa.png
Requested by
Host: uat-funds.tmf-group.com
URL: https://uat-funds.tmf-group.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c81e9cac11c15aa16a26c71b024d1ff6a860c5c21c10ea79bf9339ea8bed3e54
Security Headers
Name Value
Content-Security-Policy default-src 'self' ; script-src 'self' 'strict-dynamic' 'nonce-f5232ba3-cd12-47a2-967b-24ddf4cb11f7' https: *.googletagmanager.com *.vimeocdn.com *.gstatis.com *.vimeocdn.com www.gstatic.com mktdplp102cdn.azureedge.net; style-src 'self' 'unsafe-inline' https: *.googleapis.com; img-src 'self' https://*.doubleclick.net https://cdn-ukwest.onetrust.com https://*.teads.tv https://www.facebook.com https://px.ads.linkedin.com https://bat.bing.com https://www.googletagmanager.com https://a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com https://www.google.com; connect-src 'self' wss: *.hotjar.com *.onetrust.com *.google-analytics.com *.visualstudio.com *.googlesyndication.com *.svc.dynamics.com *.google.com google.com *.linkedin.com *.doubleclick.net *.teads.tv *.clarity.ms *.zi-scripts.com *.mktoresp.com *.site24x7rum.eu *.zoominfo.com assets-eur.mkt.dynamics.com cxppusa1formui01cdnsa01-endpoint.azureedge.net public-eur.mkt.dynamics.com *.bing.com *.hotjar.io; font-src 'self' data: fonts.gstatic.com; frame-src 'self' www.googletagmanager.com a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com *.fls.doubleclick.net td.doubleclick.net fledge.teads.tv player.vimeo.com ; child-src 'self' *.vimeo.com *.doubleclick.net a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com *.teads.tv *.infogram.com; form-action 'self' ; report-uri https://uat-funds.tmf-group.com/api/reporting/; report-to csp-endpoint;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cf-cache-status
MISS
etag
"1d9fc1234d33939"
x-permitted-cross-domain-policies
none
report-to
{ "group": "csp-endpoint","max_age": 10886400,"endpoints": [{ "url": "https://uat-funds.tmf-group.com/api/reporting/" }] }
x-content-type-options
nosniff
expires
Tue, 19 Nov 2024 08:21:27 GMT
date
Mon, 18 Nov 2024 20:21:27 GMT
content-type
image/png
last-modified
Wed, 11 Oct 2023 07:11:51 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
reporting-endpoints
csp-endpoint="https://uat-funds.tmf-group.com/api/reporting/", default="https://uat-funds.tmf-group.com/api/reporting/"
content-security-policy
default-src 'self' ; script-src 'self' 'strict-dynamic' 'nonce-f5232ba3-cd12-47a2-967b-24ddf4cb11f7' https: *.googletagmanager.com *.vimeocdn.com *.gstatis.com *.vimeocdn.com www.gstatic.com mktdplp102cdn.azureedge.net; style-src 'self' 'unsafe-inline' https: *.googleapis.com; img-src 'self' https://*.doubleclick.net https://cdn-ukwest.onetrust.com https://*.teads.tv https://www.facebook.com https://px.ads.linkedin.com https://bat.bing.com https://www.googletagmanager.com https://a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com https://www.google.com; connect-src 'self' wss: *.hotjar.com *.onetrust.com *.google-analytics.com *.visualstudio.com *.googlesyndication.com *.svc.dynamics.com *.google.com google.com *.linkedin.com *.doubleclick.net *.teads.tv *.clarity.ms *.zi-scripts.com *.mktoresp.com *.site24x7rum.eu *.zoominfo.com assets-eur.mkt.dynamics.com cxppusa1formui01cdnsa01-endpoint.azureedge.net public-eur.mkt.dynamics.com *.bing.com *.hotjar.io; font-src 'self' data: fonts.gstatic.com; frame-src 'self' www.googletagmanager.com a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com *.fls.doubleclick.net td.doubleclick.net fledge.teads.tv player.vimeo.com ; child-src 'self' *.vimeo.com *.doubleclick.net a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com *.teads.tv *.infogram.com; form-action 'self' ; report-uri https://uat-funds.tmf-group.com/api/reporting/; report-to csp-endpoint;
cache-control
public, max-age=43200
referrer-policy
no-referrer
request-context
appId=cid-v1:14ec4fc4-e850-4f7e-bb17-e5f68fbfa8e1
cf-ray
8e4aaabcdcced392-FRA
accept-ranges
bytes
content-length
11449
server
cloudflare
find.js
uat-funds.tmf-group.com/Util/Find/epi-util/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uat-funds.tmf-group.com/Util/Find/epi-util/find.js
Requested by
Host: uat-funds.tmf-group.com
URL: https://uat-funds.tmf-group.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67004276e5cbe57d0cc96a32bd76d47b1daf4f91f52f807df4d8f9259c69b844
Security Headers
Name Value
Content-Security-Policy default-src 'self' ; script-src 'self' 'strict-dynamic' 'nonce-f5232ba3-cd12-47a2-967b-24ddf4cb11f7' https: *.googletagmanager.com *.vimeocdn.com *.gstatis.com *.vimeocdn.com www.gstatic.com mktdplp102cdn.azureedge.net; style-src 'self' 'unsafe-inline' https: *.googleapis.com; img-src 'self' https://*.doubleclick.net https://cdn-ukwest.onetrust.com https://*.teads.tv https://www.facebook.com https://px.ads.linkedin.com https://bat.bing.com https://www.googletagmanager.com https://a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com https://www.google.com; connect-src 'self' wss: *.hotjar.com *.onetrust.com *.google-analytics.com *.visualstudio.com *.googlesyndication.com *.svc.dynamics.com *.google.com google.com *.linkedin.com *.doubleclick.net *.teads.tv *.clarity.ms *.zi-scripts.com *.mktoresp.com *.site24x7rum.eu *.zoominfo.com assets-eur.mkt.dynamics.com cxppusa1formui01cdnsa01-endpoint.azureedge.net public-eur.mkt.dynamics.com *.bing.com *.hotjar.io; font-src 'self' data: fonts.gstatic.com; frame-src 'self' www.googletagmanager.com a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com *.fls.doubleclick.net td.doubleclick.net fledge.teads.tv player.vimeo.com ; child-src 'self' *.vimeo.com *.doubleclick.net a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com *.teads.tv *.infogram.com; form-action 'self' ; report-uri https://uat-funds.tmf-group.com/api/reporting/; report-to csp-endpoint;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"1da2911066f78ec"
x-permitted-cross-domain-policies
none
report-to
{ "group": "csp-endpoint","max_age": 10886400,"endpoints": [{ "url": "https://uat-funds.tmf-group.com/api/reporting/" }] }
x-content-type-options
nosniff
expires
Tue, 19 Nov 2024 00:21:27 GMT
date
Mon, 18 Nov 2024 20:21:27 GMT
content-type
application/javascript
last-modified
Thu, 07 Dec 2023 13:26:46 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
reporting-endpoints
csp-endpoint="https://uat-funds.tmf-group.com/api/reporting/", default="https://uat-funds.tmf-group.com/api/reporting/"
content-security-policy
default-src 'self' ; script-src 'self' 'strict-dynamic' 'nonce-f5232ba3-cd12-47a2-967b-24ddf4cb11f7' https: *.googletagmanager.com *.vimeocdn.com *.gstatis.com *.vimeocdn.com www.gstatic.com mktdplp102cdn.azureedge.net; style-src 'self' 'unsafe-inline' https: *.googleapis.com; img-src 'self' https://*.doubleclick.net https://cdn-ukwest.onetrust.com https://*.teads.tv https://www.facebook.com https://px.ads.linkedin.com https://bat.bing.com https://www.googletagmanager.com https://a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com https://www.google.com; connect-src 'self' wss: *.hotjar.com *.onetrust.com *.google-analytics.com *.visualstudio.com *.googlesyndication.com *.svc.dynamics.com *.google.com google.com *.linkedin.com *.doubleclick.net *.teads.tv *.clarity.ms *.zi-scripts.com *.mktoresp.com *.site24x7rum.eu *.zoominfo.com assets-eur.mkt.dynamics.com cxppusa1formui01cdnsa01-endpoint.azureedge.net public-eur.mkt.dynamics.com *.bing.com *.hotjar.io; font-src 'self' data: fonts.gstatic.com; frame-src 'self' www.googletagmanager.com a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com *.fls.doubleclick.net td.doubleclick.net fledge.teads.tv player.vimeo.com ; child-src 'self' *.vimeo.com *.doubleclick.net a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com *.teads.tv *.infogram.com; form-action 'self' ; report-uri https://uat-funds.tmf-group.com/api/reporting/; report-to csp-endpoint;
cache-control
public, max-age=14400
referrer-policy
no-referrer
request-context
appId=cid-v1:14ec4fc4-e850-4f7e-bb17-e5f68fbfa8e1
cf-ray
8e4aaabeea60d392-FRA
server
cloudflare
main.js
uat-funds.tmf-group.com/dist/ 		701 KB
245 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uat-funds.tmf-group.com/dist/main.js?v=aLy2gNEWWzXFPSz5NzxsDMSnh5D0vnDet68b-RN8uvc
Requested by
Host: uat-funds.tmf-group.com
URL: https://uat-funds.tmf-group.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68bcb680d1165b35c53d2cf9373c6c0cc4a78790f4be70deb7af1bf9137cbaf7
Security Headers
Name Value
Content-Security-Policy default-src 'self' ; script-src 'self' 'strict-dynamic' 'nonce-f5232ba3-cd12-47a2-967b-24ddf4cb11f7' https: *.googletagmanager.com *.vimeocdn.com *.gstatis.com *.vimeocdn.com www.gstatic.com mktdplp102cdn.azureedge.net; style-src 'self' 'unsafe-inline' https: *.googleapis.com; img-src 'self' https://*.doubleclick.net https://cdn-ukwest.onetrust.com https://*.teads.tv https://www.facebook.com https://px.ads.linkedin.com https://bat.bing.com https://www.googletagmanager.com https://a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com https://www.google.com; connect-src 'self' wss: *.hotjar.com *.onetrust.com *.google-analytics.com *.visualstudio.com *.googlesyndication.com *.svc.dynamics.com *.google.com google.com *.linkedin.com *.doubleclick.net *.teads.tv *.clarity.ms *.zi-scripts.com *.mktoresp.com *.site24x7rum.eu *.zoominfo.com assets-eur.mkt.dynamics.com cxppusa1formui01cdnsa01-endpoint.azureedge.net public-eur.mkt.dynamics.com *.bing.com *.hotjar.io; font-src 'self' data: fonts.gstatic.com; frame-src 'self' www.googletagmanager.com a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com *.fls.doubleclick.net td.doubleclick.net fledge.teads.tv player.vimeo.com ; child-src 'self' *.vimeo.com *.doubleclick.net a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com *.teads.tv *.infogram.com; form-action 'self' ; report-uri https://uat-funds.tmf-group.com/api/reporting/; report-to csp-endpoint;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"1db35ae9515bb53"
x-permitted-cross-domain-policies
none
report-to
{ "group": "csp-endpoint","max_age": 10886400,"endpoints": [{ "url": "https://uat-funds.tmf-group.com/api/reporting/" }] }
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 20:21:27 GMT
date
Mon, 18 Nov 2024 20:21:27 GMT
content-type
application/javascript
last-modified
Wed, 13 Nov 2024 09:29:48 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
reporting-endpoints
csp-endpoint="https://uat-funds.tmf-group.com/api/reporting/", default="https://uat-funds.tmf-group.com/api/reporting/"
content-security-policy
default-src 'self' ; script-src 'self' 'strict-dynamic' 'nonce-f5232ba3-cd12-47a2-967b-24ddf4cb11f7' https: *.googletagmanager.com *.vimeocdn.com *.gstatis.com *.vimeocdn.com www.gstatic.com mktdplp102cdn.azureedge.net; style-src 'self' 'unsafe-inline' https: *.googleapis.com; img-src 'self' https://*.doubleclick.net https://cdn-ukwest.onetrust.com https://*.teads.tv https://www.facebook.com https://px.ads.linkedin.com https://bat.bing.com https://www.googletagmanager.com https://a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com https://www.google.com; connect-src 'self' wss: *.hotjar.com *.onetrust.com *.google-analytics.com *.visualstudio.com *.googlesyndication.com *.svc.dynamics.com *.google.com google.com *.linkedin.com *.doubleclick.net *.teads.tv *.clarity.ms *.zi-scripts.com *.mktoresp.com *.site24x7rum.eu *.zoominfo.com assets-eur.mkt.dynamics.com cxppusa1formui01cdnsa01-endpoint.azureedge.net public-eur.mkt.dynamics.com *.bing.com *.hotjar.io; font-src 'self' data: fonts.gstatic.com; frame-src 'self' www.googletagmanager.com a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com *.fls.doubleclick.net td.doubleclick.net fledge.teads.tv player.vimeo.com ; child-src 'self' *.vimeo.com *.doubleclick.net a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com *.teads.tv *.infogram.com; form-action 'self' ; report-uri https://uat-funds.tmf-group.com/api/reporting/; report-to csp-endpoint;
cache-control
public, max-age=604800
referrer-policy
no-referrer
request-context
appId=cid-v1:14ec4fc4-e850-4f7e-bb17-e5f68fbfa8e1
cf-ray
8e4aaabcece7d392-FRA
server
cloudflare
ai.2.gbl.min.js
js.monitor.azure.com/scripts/b/ 		120 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.monitor.azure.com/scripts/b/ai.2.gbl.min.js
Requested by
Host: uat-funds.tmf-group.com
URL: https://uat-funds.tmf-group.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
12e7192855d64b8867e792c9e0359a8e0b5ae2e2c9286007c9e4b881d86e7e07

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://uat-funds.tmf-group.com
Referer

Response headers

x-azure-ref
20241118T202127Z-15f56cb949czjnrfhC1FRA4vas00000003z000000000cg68
cache-control
public, max-age=1800, immutable, no-transform
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-aijssdksrc,x-ms-meta-aijssdkver,x-ms-meta-lastmodified,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
content-encoding
br
x-fd-int-roxy-purgeid
0
x-ms-request-id
8f4eb0dd-b01e-0080-61bf-36df9c000000
x-ms-meta-aijssdksrc
[cdn]/scripts/b/ai.2.8.18.gbl.min.js
access-control-allow-origin
*
x-cache
TCP_HIT
x-ms-meta-aijssdkver
2.8.18
date
Mon, 18 Nov 2024 20:21:27 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
last-modified
Wed, 20 Mar 2024 17:31:22 GMT
css2
fonts.googleapis.com/ 		19 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;1,100;1,300;1,400;1,500&display=swap
Requested by
Host: uat-funds.tmf-group.com
URL: https://uat-funds.tmf-group.com/dist/main.css?v=5Reosaj-do8iUSfZf55fyh1l_uiTwzoFmIeaiUYzK9g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f7d117525e5ce14232c97be368100f461696726f5e07160e9beddd107fd4ba2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 18 Nov 2024 20:21:27 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 18 Nov 2024 20:21:27 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Mon, 18 Nov 2024 20:21:27 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
gtm.js
www.googletagmanager.com/ 		0
0
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;1,100;1,300;1,400;1,500&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f3.1e100.net
Software
sffe /
Resource Hash
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://uat-funds.tmf-group.com
Referer
https://fonts.googleapis.com/

Response headers

age
16402
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Tue, 18 Nov 2025 15:48:05 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 18 Nov 2024 15:48:05 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18588
x-xss-protection
0
server
sffe
47cf84bbd2cd77f345c3.ttf
uat-funds.tmf-group.com/dist/ 		5 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://uat-funds.tmf-group.com/dist/47cf84bbd2cd77f345c3.ttf?kqnkli
Requested by
Host: uat-funds.tmf-group.com
URL: https://uat-funds.tmf-group.com/dist/main.css?v=5Reosaj-do8iUSfZf55fyh1l_uiTwzoFmIeaiUYzK9g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63e1907b7331579fa9558fab6ef77d815fea6a093dee843d3fba727d64498c75
Security Headers
Name Value
Content-Security-Policy default-src 'self' ; script-src 'self' 'strict-dynamic' 'nonce-f5232ba3-cd12-47a2-967b-24ddf4cb11f7' https: *.googletagmanager.com *.vimeocdn.com *.gstatis.com *.vimeocdn.com www.gstatic.com mktdplp102cdn.azureedge.net; style-src 'self' 'unsafe-inline' https: *.googleapis.com; img-src 'self' https://*.doubleclick.net https://cdn-ukwest.onetrust.com https://*.teads.tv https://www.facebook.com https://px.ads.linkedin.com https://bat.bing.com https://www.googletagmanager.com https://a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com https://www.google.com; connect-src 'self' wss: *.hotjar.com *.onetrust.com *.google-analytics.com *.visualstudio.com *.googlesyndication.com *.svc.dynamics.com *.google.com google.com *.linkedin.com *.doubleclick.net *.teads.tv *.clarity.ms *.zi-scripts.com *.mktoresp.com *.site24x7rum.eu *.zoominfo.com assets-eur.mkt.dynamics.com cxppusa1formui01cdnsa01-endpoint.azureedge.net public-eur.mkt.dynamics.com *.bing.com *.hotjar.io; font-src 'self' data: fonts.gstatic.com; frame-src 'self' www.googletagmanager.com a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com *.fls.doubleclick.net td.doubleclick.net fledge.teads.tv player.vimeo.com ; child-src 'self' *.vimeo.com *.doubleclick.net a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com *.teads.tv *.infogram.com; form-action 'self' ; report-uri https://uat-funds.tmf-group.com/api/reporting/; report-to csp-endpoint;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://uat-funds.tmf-group.com
Referer

Response headers

cf-cache-status
MISS
etag
"1db35ae951f5cf4"
x-permitted-cross-domain-policies
none
report-to
{ "group": "csp-endpoint","max_age": 10886400,"endpoints": [{ "url": "https://uat-funds.tmf-group.com/api/reporting/" }] }
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 20:21:27 GMT
date
Mon, 18 Nov 2024 20:21:27 GMT
content-type
application/x-font-ttf
last-modified
Wed, 13 Nov 2024 09:29:48 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
reporting-endpoints
csp-endpoint="https://uat-funds.tmf-group.com/api/reporting/", default="https://uat-funds.tmf-group.com/api/reporting/"
content-security-policy
default-src 'self' ; script-src 'self' 'strict-dynamic' 'nonce-f5232ba3-cd12-47a2-967b-24ddf4cb11f7' https: *.googletagmanager.com *.vimeocdn.com *.gstatis.com *.vimeocdn.com www.gstatic.com mktdplp102cdn.azureedge.net; style-src 'self' 'unsafe-inline' https: *.googleapis.com; img-src 'self' https://*.doubleclick.net https://cdn-ukwest.onetrust.com https://*.teads.tv https://www.facebook.com https://px.ads.linkedin.com https://bat.bing.com https://www.googletagmanager.com https://a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com https://www.google.com; connect-src 'self' wss: *.hotjar.com *.onetrust.com *.google-analytics.com *.visualstudio.com *.googlesyndication.com *.svc.dynamics.com *.google.com google.com *.linkedin.com *.doubleclick.net *.teads.tv *.clarity.ms *.zi-scripts.com *.mktoresp.com *.site24x7rum.eu *.zoominfo.com assets-eur.mkt.dynamics.com cxppusa1formui01cdnsa01-endpoint.azureedge.net public-eur.mkt.dynamics.com *.bing.com *.hotjar.io; font-src 'self' data: fonts.gstatic.com; frame-src 'self' www.googletagmanager.com a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com *.fls.doubleclick.net td.doubleclick.net fledge.teads.tv player.vimeo.com ; child-src 'self' *.vimeo.com *.doubleclick.net a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com *.teads.tv *.infogram.com; form-action 'self' ; report-uri https://uat-funds.tmf-group.com/api/reporting/; report-to csp-endpoint;
cache-control
public, max-age=604800
referrer-policy
no-referrer
request-context
appId=cid-v1:14ec4fc4-e850-4f7e-bb17-e5f68fbfa8e1
cf-ray
8e4aaabf1afbd392-FRA
accept-ranges
bytes
content-length
4852
server
cloudflare
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;1,100;1,300;1,400;1,500&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f3.1e100.net
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://uat-funds.tmf-group.com
Referer
https://fonts.googleapis.com/

Response headers

age
450084
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 13 Nov 2025 15:20:03 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 15:20:03 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18536
x-xss-protection
0
server
sffe
favicon.ico
uat-funds.tmf-group.com/ 		795 B
563 B 		Other
General
Check archive.org
Download Go to
Full URL
https://uat-funds.tmf-group.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef51daefbebbfc58406297397072f8b88db5b925e7d9545981bc07afd879fd82
Security Headers
Name Value
Content-Security-Policy default-src 'self' ; script-src 'self' 'strict-dynamic' 'nonce-f5232ba3-cd12-47a2-967b-24ddf4cb11f7' https: *.googletagmanager.com *.vimeocdn.com *.gstatis.com *.vimeocdn.com www.gstatic.com mktdplp102cdn.azureedge.net; style-src 'self' 'unsafe-inline' https: *.googleapis.com; img-src 'self' https://*.doubleclick.net https://cdn-ukwest.onetrust.com https://*.teads.tv https://www.facebook.com https://px.ads.linkedin.com https://bat.bing.com https://www.googletagmanager.com https://a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com https://www.google.com; connect-src 'self' wss: *.hotjar.com *.onetrust.com *.google-analytics.com *.visualstudio.com *.googlesyndication.com *.svc.dynamics.com *.google.com google.com *.linkedin.com *.doubleclick.net *.teads.tv *.clarity.ms *.zi-scripts.com *.mktoresp.com *.site24x7rum.eu *.zoominfo.com assets-eur.mkt.dynamics.com cxppusa1formui01cdnsa01-endpoint.azureedge.net public-eur.mkt.dynamics.com *.bing.com *.hotjar.io; font-src 'self' data: fonts.gstatic.com; frame-src 'self' www.googletagmanager.com a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com *.fls.doubleclick.net td.doubleclick.net fledge.teads.tv player.vimeo.com ; child-src 'self' *.vimeo.com *.doubleclick.net a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com *.teads.tv *.infogram.com; form-action 'self' ; report-uri https://uat-funds.tmf-group.com/api/reporting/; report-to csp-endpoint;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
cf-cache-status
MISS
x-permitted-cross-domain-policies
none
report-to
{ "group": "csp-endpoint","max_age": 10886400,"endpoints": [{ "url": "https://uat-funds.tmf-group.com/api/reporting/" }] }
x-content-type-options
nosniff
date
Mon, 18 Nov 2024 20:21:28 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
reporting-endpoints
csp-endpoint="https://uat-funds.tmf-group.com/api/reporting/", default="https://uat-funds.tmf-group.com/api/reporting/"
content-security-policy
default-src 'self' ; script-src 'self' 'strict-dynamic' 'nonce-f5232ba3-cd12-47a2-967b-24ddf4cb11f7' https: *.googletagmanager.com *.vimeocdn.com *.gstatis.com *.vimeocdn.com www.gstatic.com mktdplp102cdn.azureedge.net; style-src 'self' 'unsafe-inline' https: *.googleapis.com; img-src 'self' https://*.doubleclick.net https://cdn-ukwest.onetrust.com https://*.teads.tv https://www.facebook.com https://px.ads.linkedin.com https://bat.bing.com https://www.googletagmanager.com https://a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com https://www.google.com; connect-src 'self' wss: *.hotjar.com *.onetrust.com *.google-analytics.com *.visualstudio.com *.googlesyndication.com *.svc.dynamics.com *.google.com google.com *.linkedin.com *.doubleclick.net *.teads.tv *.clarity.ms *.zi-scripts.com *.mktoresp.com *.site24x7rum.eu *.zoominfo.com assets-eur.mkt.dynamics.com cxppusa1formui01cdnsa01-endpoint.azureedge.net public-eur.mkt.dynamics.com *.bing.com *.hotjar.io; font-src 'self' data: fonts.gstatic.com; frame-src 'self' www.googletagmanager.com a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com *.fls.doubleclick.net td.doubleclick.net fledge.teads.tv player.vimeo.com ; child-src 'self' *.vimeo.com *.doubleclick.net a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com *.teads.tv *.infogram.com; form-action 'self' ; report-uri https://uat-funds.tmf-group.com/api/reporting/; report-to csp-endpoint;
cache-control
no-store,no-cache
pragma
no-cache
referrer-policy
no-referrer
cf-ray
8e4aaac23aa0d392-FRA
server
cloudflare
track
dc.services.visualstudio.com/v2/ 		96 B
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.gbl.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.88.245 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
910e167f26dd23b0773a7d27a293cf71373789769e48ccbb8b37f1815bd3fcd1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type
application/json
Sdk-Context
appId

Response headers

strict-transport-security
max-age=31536000
access-control-allow-origin
*
date
Mon, 18 Nov 2024 20:21:27 GMT
content-type
application/json; charset=utf-8
server
Microsoft-HTTPAPI/2.0
x-content-type-options
nosniff
track
dc.services.visualstudio.com/v2/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.88.245 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://uat-funds.tmf-group.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context,X-Set-Cross-Origin-Resource-Policy
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
date
Mon, 18 Nov 2024 20:21:27 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
favicon.ico
uat-funds.tmf-group.com/images/ 		15 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://uat-funds.tmf-group.com/images/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
329e0aa7108f43a2f71f4a5606d7c7ac861f54cb3552899ce43a107fe9b76841
Security Headers
Name Value
Content-Security-Policy default-src 'self' ; script-src 'self' 'strict-dynamic' 'nonce-f5232ba3-cd12-47a2-967b-24ddf4cb11f7' https: *.googletagmanager.com *.vimeocdn.com *.gstatis.com *.vimeocdn.com www.gstatic.com mktdplp102cdn.azureedge.net; style-src 'self' 'unsafe-inline' https: *.googleapis.com; img-src 'self' https://*.doubleclick.net https://cdn-ukwest.onetrust.com https://*.teads.tv https://www.facebook.com https://px.ads.linkedin.com https://bat.bing.com https://www.googletagmanager.com https://a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com https://www.google.com; connect-src 'self' wss: *.hotjar.com *.onetrust.com *.google-analytics.com *.visualstudio.com *.googlesyndication.com *.svc.dynamics.com *.google.com google.com *.linkedin.com *.doubleclick.net *.teads.tv *.clarity.ms *.zi-scripts.com *.mktoresp.com *.site24x7rum.eu *.zoominfo.com assets-eur.mkt.dynamics.com cxppusa1formui01cdnsa01-endpoint.azureedge.net public-eur.mkt.dynamics.com *.bing.com *.hotjar.io; font-src 'self' data: fonts.gstatic.com; frame-src 'self' www.googletagmanager.com a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com *.fls.doubleclick.net td.doubleclick.net fledge.teads.tv player.vimeo.com ; child-src 'self' *.vimeo.com *.doubleclick.net a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com *.teads.tv *.infogram.com; form-action 'self' ; report-uri https://uat-funds.tmf-group.com/api/reporting/; report-to csp-endpoint;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"1db35ae6dc8bd2e"
x-permitted-cross-domain-policies
none
report-to
{ "group": "csp-endpoint","max_age": 10886400,"endpoints": [{ "url": "https://uat-funds.tmf-group.com/api/reporting/" }] }
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 20:21:28 GMT
date
Mon, 18 Nov 2024 20:21:28 GMT
content-type
image/x-icon
last-modified
Wed, 13 Nov 2024 09:28:42 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
reporting-endpoints
csp-endpoint="https://uat-funds.tmf-group.com/api/reporting/", default="https://uat-funds.tmf-group.com/api/reporting/"
content-security-policy
default-src 'self' ; script-src 'self' 'strict-dynamic' 'nonce-f5232ba3-cd12-47a2-967b-24ddf4cb11f7' https: *.googletagmanager.com *.vimeocdn.com *.gstatis.com *.vimeocdn.com www.gstatic.com mktdplp102cdn.azureedge.net; style-src 'self' 'unsafe-inline' https: *.googleapis.com; img-src 'self' https://*.doubleclick.net https://cdn-ukwest.onetrust.com https://*.teads.tv https://www.facebook.com https://px.ads.linkedin.com https://bat.bing.com https://www.googletagmanager.com https://a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com https://www.google.com; connect-src 'self' wss: *.hotjar.com *.onetrust.com *.google-analytics.com *.visualstudio.com *.googlesyndication.com *.svc.dynamics.com *.google.com google.com *.linkedin.com *.doubleclick.net *.teads.tv *.clarity.ms *.zi-scripts.com *.mktoresp.com *.site24x7rum.eu *.zoominfo.com assets-eur.mkt.dynamics.com cxppusa1formui01cdnsa01-endpoint.azureedge.net public-eur.mkt.dynamics.com *.bing.com *.hotjar.io; font-src 'self' data: fonts.gstatic.com; frame-src 'self' www.googletagmanager.com a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com *.fls.doubleclick.net td.doubleclick.net fledge.teads.tv player.vimeo.com ; child-src 'self' *.vimeo.com *.doubleclick.net a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com *.teads.tv *.infogram.com; form-action 'self' ; report-uri https://uat-funds.tmf-group.com/api/reporting/; report-to csp-endpoint;
cache-control
public, max-age=604800
referrer-policy
no-referrer
request-context
appId=cid-v1:14ec4fc4-e850-4f7e-bb17-e5f68fbfa8e1
cf-ray
8e4aaac3eebbd392-FRA
server
cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtm.js?id=

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| appInsights function| gtag object| dataLayer object| UTM_COOKIES object| Prism object| gsapVersions function| FindApi object| Microsoft object| __dynProto$Gbl

3 Cookies

Domain/Path Name / Value
.uat-funds.tmf-group.com/ Name: ARRAffinity
Value: 3bbb87394cfd013b1270d9ea9921dad62f0d844057f5190ff7f6818c26276fc3
.uat-funds.tmf-group.com/ Name: ARRAffinitySameSite
Value: 3bbb87394cfd013b1270d9ea9921dad62f0d844057f5190ff7f6818c26276fc3
uat-funds.tmf-group.com/ Name: ai_session
Value: TcIqfgdyMFNkrLe506Csr0|1731961288055|1731961288055

1 Console Messages

Source Level URL
Text
network error URL: https://uat-funds.tmf-group.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' ; script-src 'self' 'strict-dynamic' 'nonce-f5232ba3-cd12-47a2-967b-24ddf4cb11f7' https: *.googletagmanager.com *.vimeocdn.com *.gstatis.com *.vimeocdn.com www.gstatic.com mktdplp102cdn.azureedge.net; style-src 'self' 'unsafe-inline' https: *.googleapis.com; img-src 'self' https://*.doubleclick.net https://cdn-ukwest.onetrust.com https://*.teads.tv https://www.facebook.com https://px.ads.linkedin.com https://bat.bing.com https://www.googletagmanager.com https://a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com https://www.google.com; connect-src 'self' wss: *.hotjar.com *.onetrust.com *.google-analytics.com *.visualstudio.com *.googlesyndication.com *.svc.dynamics.com *.google.com google.com *.linkedin.com *.doubleclick.net *.teads.tv *.clarity.ms *.zi-scripts.com *.mktoresp.com *.site24x7rum.eu *.zoominfo.com assets-eur.mkt.dynamics.com cxppusa1formui01cdnsa01-endpoint.azureedge.net public-eur.mkt.dynamics.com *.bing.com *.hotjar.io; font-src 'self' data: fonts.gstatic.com; frame-src 'self' www.googletagmanager.com a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com *.fls.doubleclick.net td.doubleclick.net fledge.teads.tv player.vimeo.com ; child-src 'self' *.vimeo.com *.doubleclick.net a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com *.teads.tv *.infogram.com; form-action 'self' ; report-uri https://uat-funds.tmf-group.com/api/reporting/; report-to csp-endpoint;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN