urlscan.io logo urlscan.io
SecurityTrails logo

sp-poc-login.codeinthecloud.com Open in urlscan Pro
18.184.2.86  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://sp-poc-login.codeinthecloud.com/
Effective URL: https://sp-poc-login.codeinthecloud.com/
Submission: On April 22 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 4 countries across 16 domains to perform 36 HTTP transactions. The main IP is 18.184.2.86, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is sp-poc-login.codeinthecloud.com.
TLS certificate: Issued by R3 on April 20th 2022. Valid for: 3 months.
This is the only time sp-poc-login.codeinthecloud.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 18.184.2.86 16509 (AMAZON-02)
4 65.9.63.98 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 20.150.40.4 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
2 143.204.201.118 16509 (AMAZON-02)
15 2a00:1450:400... 15169 (GOOGLE)
1 2 142.250.186.102 15169 (GOOGLE)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
3 3 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.43.14 8068 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 35.174.150.168 14618 (AMAZON-AES)
1 109.236.91.3 49981 (WORLDSTREAM)
1 52.202.69.186 14618 (AMAZON-AES)
36 16
2    18.184.2.86 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-2-86.eu-central-1.compute.amazonaws.com
sp-poc-login.codeinthecloud.com
4    65.9.63.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-63-98.fra56.r.cloudfront.net
op2static.oktacdn.com
1    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    20.150.40.4 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
cluksandboxssostorage.blob.core.windows.net
1    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    143.204.201.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-201-118.fra53.r.cloudfront.net
login.okta.com
15    2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    142.250.186.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f6.1e100.net
9583095.fls.doubleclick.net
1    2a02:26f0:3500:7::17d8:4dd2 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
3    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.43.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
1    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    35.174.150.168 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: pi0-lba1-3-ue1.aws.pardot.com
pi.pardot.com
1    109.236.91.3 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: customer.worldstream.nl
extreme-ip-lookup.com
1    52.202.69.186 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: pi0-lba1-1-ue1.aws.pardot.com
www2.canadalife.co.uk
Apex Domain
Subdomains		 Transfer
15 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
21 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 482
www.linkedin.com — Cisco Umbrella Rank: 603
px4.ads.linkedin.com — Cisco Umbrella Rank: 4702
3 KB
4 oktacdn.com
op2static.oktacdn.com
619 KB
2 pardot.com
pi.pardot.com — Cisco Umbrella Rank: 4246
4 KB
2 doubleclick.net
9583095.fls.doubleclick.net
1 KB
2 okta.com
login.okta.com — Cisco Umbrella Rank: 7318
97 KB
2 windows.net
cluksandboxssostorage.blob.core.windows.net
63 KB
2 codeinthecloud.com
sp-poc-login.codeinthecloud.com
8 KB
1 canadalife.co.uk
www2.canadalife.co.uk
1 KB
1 extreme-ip-lookup.com
extreme-ip-lookup.com — Cisco Umbrella Rank: 20322
583 B
1 google.de
adservice.google.de — Cisco Umbrella Rank: 7579
870 B
1 google.com
adservice.google.com — Cisco Umbrella Rank: 77
868 B
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 913
3 KB
1 gstatic.com
fonts.gstatic.com
13 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 71
82 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46
1 KB
36 16
Domain Requested by
15 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
sp-poc-login.codeinthecloud.com
4 op2static.oktacdn.com sp-poc-login.codeinthecloud.com
2 pi.pardot.com sp-poc-login.codeinthecloud.com
pi.pardot.com
2 px.ads.linkedin.com 2 redirects
2 9583095.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 login.okta.com op2static.oktacdn.com
login.okta.com
2 cluksandboxssostorage.blob.core.windows.net sp-poc-login.codeinthecloud.com
2 sp-poc-login.codeinthecloud.com 1 redirects
1 www2.canadalife.co.uk pi.pardot.com
1 extreme-ip-lookup.com sp-poc-login.codeinthecloud.com
1 adservice.google.de adservice.google.com
1 adservice.google.com 9583095.fls.doubleclick.net
1 px4.ads.linkedin.com sp-poc-login.codeinthecloud.com
1 www.linkedin.com 1 redirects
1 snap.licdn.com www.googletagmanager.com
1 fonts.gstatic.com fonts.googleapis.com
1 www.googletagmanager.com sp-poc-login.codeinthecloud.com
1 fonts.googleapis.com sp-poc-login.codeinthecloud.com
36 18

This site contains no links.

Subject Issuer Validity Valid
sp-poc-login.codeinthecloud.com
R3		 2022-04-20 -
2022-07-19		 3 months crt.sh
*.oktacdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-12-22 -
2023-01-22		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.blob.core.windows.net
Microsoft RSA TLS CA 02		 2022-02-14 -
2023-02-14		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
accounts.okta.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-06-24 -
2022-07-25		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2022-03-01 -
2023-03-01		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
pi.pardot.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-08 -
2022-11-07		 a year crt.sh
t1.extreme-dm.com
R3		 2022-03-28 -
2022-06-26		 3 months crt.sh
www2.canadalife.co.uk
R3		 2022-04-16 -
2022-07-15		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://sp-poc-login.codeinthecloud.com/
Frame ID: F69EDCE8350D1A910FE66754A8921E40
Requests: 31 HTTP requests in this frame

Frame: https://login.okta.com/discovery/iframe.html
Frame ID: 2ACDD7D9DDA16BF27D301866B8552E50
Requests: 2 HTTP requests in this frame

Frame: https://9583095.fls.doubleclick.net/activityi;dc_pre=CLq514Obp_cCFZVCHQkdi7cO2w;src=9583095;type=pagev0;cat=canad0;ord=2415898786039;gtm=2wg4k0;auiddc=1928954810.1650614726;u1=%2F;~oref=https%3A%2F%2Fsp-poc-login.codeinthecloud.com%2F
Frame ID: 16DCEE3391DA88CEDAFD612A00942A41
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CLq514Obp_cCFZVCHQkdi7cO2w;src=9583095;type=pagev0;cat=canad0;ord=2415898786039;gtm=2wg4k0;auiddc=1928954810.1650614726;u1=%2F;~oref=https%3A%2F%2Fsp-poc-login.codeinthecloud.com%2F
Frame ID: 37A402CD7C55BBFD474D921761293B72
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CLq514Obp_cCFZVCHQkdi7cO2w;src=9583095;type=pagev0;cat=canad0;ord=2415898786039;gtm=2wg4k0;auiddc=1928954810.1650614726;u1=%2F;~oref=https%3A%2F%2Fsp-poc-login.codeinthecloud.com%2F
Frame ID: CA49213E48DD667314C7F6FAB0C02268
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Canada Life - Anmelden

Page URL History Show full URLs

  1. http://sp-poc-login.codeinthecloud.com/ HTTP 302
    https://sp-poc-login.codeinthecloud.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

36
Requests

97 %
HTTPS

47 %
IPv6

16
Domains

18
Subdomains

16
IPs

4
Countries

917 kB
Transfer

2637 kB
Size

25
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://sp-poc-login.codeinthecloud.com/ HTTP 302
    https://sp-poc-login.codeinthecloud.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • https://9583095.fls.doubleclick.net/activityi;src=9583095;type=pagev0;cat=canad0;ord=2415898786039;gtm=2wg4k0;auiddc=1928954810.1650614726;u1=%2F;~oref=https%3A%2F%2Fsp-poc-login.codeinthecloud.com%2F HTTP 302
  • https://9583095.fls.doubleclick.net/activityi;dc_pre=CLq514Obp_cCFZVCHQkdi7cO2w;src=9583095;type=pagev0;cat=canad0;ord=2415898786039;gtm=2wg4k0;auiddc=1928954810.1650614726;u1=%2F;~oref=https%3A%2F%2Fsp-poc-login.codeinthecloud.com%2F
Request Chain 14
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3547890&time=1650614726183&url=https%3A%2F%2Fsp-poc-login.codeinthecloud.com%2F HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3547890%26time%3D1650614726183%26url%3Dhttps%253A%252F%252Fsp-poc-login.codeinthecloud.com%252F%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3547890&time=1650614726183&url=https%3A%2F%2Fsp-poc-login.codeinthecloud.com%2F&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3547890&time=1650614726183&url=https%3A%2F%2Fsp-poc-login.codeinthecloud.com%2F&liSync=true&e_ipv6=AQKh1nPyQQ6dGAAAAYBQTfLO7T-BQ8vD8AG2VQZHWZfkVUMEnU9gb_7LKkhTuXQ3SVOPTHWU

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
sp-poc-login.codeinthecloud.com/
Redirect Chain
  • http://sp-poc-login.codeinthecloud.com/
  • https://sp-poc-login.codeinthecloud.com/
20 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sp-poc-login.codeinthecloud.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.2.86 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-2-86.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
42c369758345c856816ae96c47fb721160f9c4c0c3d3315d5853458813c4ed00
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Type
text/html;charset=utf-8
Date
Fri, 22 Apr 2022 08:05:26 GMT
Keep-Alive
timeout=5, max=100
Server
nginx
Strict-Transport-Security
max-age=315360000; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Robots-Tag
noindex,nofollow
cache-control
no-cache, no-store
content-language
de
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://okta.report-uri.com/r/d/csp/reportOnly; report-to csp
expect-ct
report-uri="https://oktaexpectct.report-uri.com/r/t/ct/reportOnly", max-age=0
expires
0
p3p
CP="HONK"
pragma
no-cache
report-to
{"group":"csp","max_age":31536000,"endpoints":[{"url":"https://okta.report-uri.com/a/d/g"}],"include_subdomains":true}
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-okta-request-id
YmJhxhdA9vzTfErAE5BSdgAABPg
x-rate-limit-limit
60
x-rate-limit-remaining
59
x-rate-limit-reset
1650614786
x-ua-compatible
IE=edge
x-xss-protection
0

Redirect headers

Connection
Keep-Alive
Content-Length
224
Content-Type
text/html; charset=iso-8859-1
Date
Fri, 22 Apr 2022 08:05:26 GMT
Keep-Alive
timeout=5, max=100
Location
https://sp-poc-login.codeinthecloud.com/
Server
Apache
okta-sign-in.min.js
op2static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.16.1/js/ 		2 MB
505 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://op2static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.16.1/js/okta-sign-in.min.js
Requested by
Host: sp-poc-login.codeinthecloud.com
URL: https://sp-poc-login.codeinthecloud.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.63.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-63-98.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
9d75be9fa71d9de02417f044d50b1264dc564d453ee20efc7faa9d819a8ffdfb
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sp-poc-login.codeinthecloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=315360000; includeSubDomains
content-encoding
gzip
etag
W/"3201febd49d61359da808444b6a8dd0e"
age
1727425
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 26 Jan 2022 18:38:29 GMT
server
nginx
date
Sat, 02 Apr 2022 08:15:01 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 3dd91613764eafe7ad199013ce202442.cloudfront.net (CloudFront)
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
public-key-pins-report-only
pin-sha256="jZomPEBSDXoipA9un78hKRIeN/+U4ZteRaiX8YpWfqc="; pin-sha256="axSbM6RQ+19oXxudaOTdwXJbSr6f7AahxbDHFy3p8s8="; pin-sha256="SE4qe2vdD9tAegPwO79rMnZyhHvqj3i5g1c2HkyGUNE="; pin-sha256="ylP0lMLMvBaiHn0ihLxHjzvlPVQNoyQ+rMiaj0da/Pw="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
eXbpWUCnnR7lShysNjXfwJnC7djFbt7E0-lChIQ5ptWuQwPfIl2fNg==
expires
Sun, 02 Apr 2023 08:15:01 GMT
okta-sign-in.min.css
op2static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.16.1/css/ 		211 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://op2static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.16.1/css/okta-sign-in.min.css
Requested by
Host: sp-poc-login.codeinthecloud.com
URL: https://sp-poc-login.codeinthecloud.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.63.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-63-98.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
9088ba84bd8facb1ae216959655256308143f85f3608acb93880347b60f9a620
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sp-poc-login.codeinthecloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 03 Apr 2022 02:53:15 GMT
content-encoding
gzip
vary
Accept-Encoding
age
1660331
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 26 Jan 2022 18:38:19 GMT
server
nginx
etag
W/"32082203138e95c3496af212b9076cd4"
strict-transport-security
max-age=315360000; includeSubDomains
content-type
text/css
via
1.1 3dd91613764eafe7ad199013ce202442.cloudfront.net (CloudFront)
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
public-key-pins-report-only
pin-sha256="jZomPEBSDXoipA9un78hKRIeN/+U4ZteRaiX8YpWfqc="; pin-sha256="axSbM6RQ+19oXxudaOTdwXJbSr6f7AahxbDHFy3p8s8="; pin-sha256="SE4qe2vdD9tAegPwO79rMnZyhHvqj3i5g1c2HkyGUNE="; pin-sha256="ylP0lMLMvBaiHn0ihLxHjzvlPVQNoyQ+rMiaj0da/Pw="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
7Ry0JP7U-UNaYjm5FRCZAoLY1m3DV4izbTBAO_zEqkfSusULOSJ4Gw==
expires
Mon, 03 Apr 2023 02:53:15 GMT
custom-signin.241e0fb439244dc50c5929c0513a6765.css
op2static.oktacdn.com/assets/loginpage/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://op2static.oktacdn.com/assets/loginpage/css/custom-signin.241e0fb439244dc50c5929c0513a6765.css
Requested by
Host: sp-poc-login.codeinthecloud.com
URL: https://sp-poc-login.codeinthecloud.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.63.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-63-98.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
dcc89f32e3f978bd4c2e313916b6267abd287eea87daec0e5c049150fd9062aa
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sp-poc-login.codeinthecloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 01:38:11 GMT
content-encoding
gzip
vary
Accept-Encoding
age
1232835
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 16 Mar 2022 18:38:17 GMT
server
nginx
etag
W/"241e0fb439244dc50c5929c0513a6765"
strict-transport-security
max-age=315360000; includeSubDomains
content-type
text/css
via
1.1 3dd91613764eafe7ad199013ce202442.cloudfront.net (CloudFront)
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
public-key-pins-report-only
pin-sha256="jZomPEBSDXoipA9un78hKRIeN/+U4ZteRaiX8YpWfqc="; pin-sha256="axSbM6RQ+19oXxudaOTdwXJbSr6f7AahxbDHFy3p8s8="; pin-sha256="SE4qe2vdD9tAegPwO79rMnZyhHvqj3i5g1c2HkyGUNE="; pin-sha256="ylP0lMLMvBaiHn0ihLxHjzvlPVQNoyQ+rMiaj0da/Pw="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
KMuyPQwXlRAX0BGf3cnU0OLAFlWGa7WfrJ_v81_POz62BfFlptxqgw==
expires
Sat, 08 Apr 2023 01:38:11 GMT
css2
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@400;600&display=swap
Requested by
Host: sp-poc-login.codeinthecloud.com
URL: https://sp-poc-login.codeinthecloud.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
20ee233ff0c201afc8851e117d1aca429d52d233d91fddf84348201719e2b151
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sp-poc-login.codeinthecloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 22 Apr 2022 06:05:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 22 Apr 2022 08:05:26 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 22 Apr 2022 08:05:26 GMT
initLoginPage.pack.a6e92cf2329003c0eb0102ac64ef5f1d.js
op2static.oktacdn.com/assets/js/mvc/loginpage/ 		204 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://op2static.oktacdn.com/assets/js/mvc/loginpage/initLoginPage.pack.a6e92cf2329003c0eb0102ac64ef5f1d.js
Requested by
Host:
URL: OktaUtil.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.63.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-63-98.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
ac376323e65d78aab60feb0f3bf2e0988d02e16eebe7ff0bc1d92086d2f173b3
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sp-poc-login.codeinthecloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=315360000; includeSubDomains
content-encoding
gzip
etag
W/"a6e92cf2329003c0eb0102ac64ef5f1d"
age
1343207
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 16 Mar 2022 18:38:33 GMT
server
nginx
date
Wed, 06 Apr 2022 18:58:39 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 3dd91613764eafe7ad199013ce202442.cloudfront.net (CloudFront)
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
public-key-pins-report-only
pin-sha256="jZomPEBSDXoipA9un78hKRIeN/+U4ZteRaiX8YpWfqc="; pin-sha256="axSbM6RQ+19oXxudaOTdwXJbSr6f7AahxbDHFy3p8s8="; pin-sha256="SE4qe2vdD9tAegPwO79rMnZyhHvqj3i5g1c2HkyGUNE="; pin-sha256="ylP0lMLMvBaiHn0ihLxHjzvlPVQNoyQ+rMiaj0da/Pw="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
i-e20nueCEI1t8bnLSekw1VXejZx_3cDnin7E2ZM6PCnM3Ka4fVKlA==
expires
Thu, 06 Apr 2023 18:58:39 GMT
gtm.js
www.googletagmanager.com/ 		255 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MVL2B6
Requested by
Host: sp-poc-login.codeinthecloud.com
URL: https://sp-poc-login.codeinthecloud.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9c618b308eebf4d4427f520b7b6e0c3e821ac072853069a71c1e711425fcefdf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sp-poc-login.codeinthecloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 08:05:26 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
83083
x-xss-protection
0
last-modified
Fri, 22 Apr 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 22 Apr 2022 08:05:26 GMT
cluk-bg-splash.jpg
cluksandboxssostorage.blob.core.windows.net/assets/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cluksandboxssostorage.blob.core.windows.net/assets/cluk-bg-splash.jpg
Requested by
Host: sp-poc-login.codeinthecloud.com
URL: https://sp-poc-login.codeinthecloud.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.150.40.4 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
1e68998c2e0dfcc3bad613fc759c6bac86632d4cb18f6fa8df090339153e05b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sp-poc-login.codeinthecloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 22 Apr 2022 08:05:26 GMT
Last-Modified
Tue, 27 Jul 2021 10:28:35 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
yYsBr2ez+3lLixxx4bSdkQ==
ETag
0x8D950E94A6B2903
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
x-ms-request-id
1dacebdb-e01e-002a-151f-567d30000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
30774
calibre-web-bold.woff2
cluksandboxssostorage.blob.core.windows.net/assets/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cluksandboxssostorage.blob.core.windows.net/assets/calibre-web-bold.woff2
Requested by
Host: sp-poc-login.codeinthecloud.com
URL: https://sp-poc-login.codeinthecloud.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.150.40.4 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5f1521c80ca2b0db15fc561ab33b812e493b61771cd0cefc5dc74ac142b9ad92

Request headers

Referer
https://sp-poc-login.codeinthecloud.com/
Origin
https://sp-poc-login.codeinthecloud.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 22 Apr 2022 08:05:26 GMT
Last-Modified
Tue, 27 Jul 2021 10:39:28 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
a+o1q/YnKI1iJlsThMdMJg==
ETag
0x8D950EACFC6AF91
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
x-ms-request-id
c96b501b-e01e-0048-071f-56bf17000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
32816
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v19/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v19/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@400;600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sp-poc-login.codeinthecloud.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 18:03:30 GMT
x-content-type-options
nosniff
age
136916
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13036
x-xss-protection
0
last-modified
Wed, 23 Feb 2022 17:39:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 20 Apr 2023 18:03:30 GMT
iframe.html
login.okta.com/discovery/ Frame 2ACD 		546 B
986 B 		Document
General
Check archive.org
Download Go to
Full URL
https://login.okta.com/discovery/iframe.html
Requested by
Host: op2static.oktacdn.com
URL: https://op2static.oktacdn.com/assets/js/mvc/loginpage/initLoginPage.pack.a6e92cf2329003c0eb0102ac64ef5f1d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.201.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-201-118.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c71558cf94e0875c93b552d52dd5974ae4697ba14e5a8d7c3694247a291ca9b8

Request headers

Referer
https://sp-poc-login.codeinthecloud.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
60038
Connection
keep-alive
Content-Length
546
Content-Type
text/html
Date
Thu, 21 Apr 2022 15:24:52 GMT
ETag
"718a4c5e710186377bad84fea3c1ebec"
Last-Modified
Thu, 13 Jan 2022 19:10:54 GMT
Server
AmazonS3
Via
1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
X-Amz-Cf-Id
4dq_vHcer6W9p3Sco-nbQoIuetFvh_I3YnucOZRPk8Ps_Bprr-RWFQ==
X-Amz-Cf-Pop
FRA53-C1
X-Cache
Hit from cloudfront
discoveryIframe-82e613074a3700abe11a.min.js
login.okta.com/lib/ Frame 2ACD 		96 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.okta.com/lib/discoveryIframe-82e613074a3700abe11a.min.js
Requested by
Host: login.okta.com
URL: https://login.okta.com/discovery/iframe.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.201.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-201-118.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e899060d294cd2e7db4544c88c031272590fe5f9b72a8334dc42ee1f1868ce6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.okta.com/discovery/iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 22 Apr 2022 04:36:22 GMT
Via
1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
Last-Modified
Thu, 13 Jan 2022 19:10:55 GMT
Server
AmazonS3
Age
12545
ETag
"70070512d01d6451663d06e41f3a5913"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
X-Amz-Cf-Pop
FRA53-C1
Content-Length
97948
X-Amz-Cf-Id
4os-47cYKTxXlH1YnL8mTE-2sKePO_E-GnV2N8x8VnNosb2fKlacNw==
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MVL2B6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sp-poc-login.codeinthecloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
6495
date
Fri, 22 Apr 2022 06:17:11 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 22 Apr 2022 08:17:11 GMT
activityi;dc_pre=CLq514Obp_cCFZVCHQkdi7cO2w;src=9583095;type=pagev0;cat=canad0;ord=2415898786039;gtm=2wg4k0;auiddc=1928954810.1650614726;u1=%2F;~oref=https%3A%2F%2Fsp-poc-login.codeinthecloud.com%2F
9583095.fls.doubleclick.net/ Frame 16DC
Redirect Chain
  • https://9583095.fls.doubleclick.net/activityi;src=9583095;type=pagev0;cat=canad0;ord=2415898786039;gtm=2wg4k0;auiddc=1928954810.1650614726;u1=%2F;~oref=https%3A%2F%2Fsp-poc-login.codeinthecloud.com...
  • https://9583095.fls.doubleclick.net/activityi;dc_pre=CLq514Obp_cCFZVCHQkdi7cO2w;src=9583095;type=pagev0;cat=canad0;ord=2415898786039;gtm=2wg4k0;auiddc=1928954810.1650614726;u1=%2F;~oref=https%3A%2F...
503 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://9583095.fls.doubleclick.net/activityi;dc_pre=CLq514Obp_cCFZVCHQkdi7cO2w;src=9583095;type=pagev0;cat=canad0;ord=2415898786039;gtm=2wg4k0;auiddc=1928954810.1650614726;u1=%2F;~oref=https%3A%2F%2Fsp-poc-login.codeinthecloud.com%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MVL2B6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f6.1e100.net
Software
cafe /
Resource Hash
3fa4a23df877d93a0e0ce85327f66a7addcb91e22f3d12061dcabdb500ff256e
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
about:blank
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
401
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 22 Apr 2022 08:05:26 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 22 Apr 2022 08:05:26 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://9583095.fls.doubleclick.net/activityi;dc_pre=CLq514Obp_cCFZVCHQkdi7cO2w;src=9583095;type=pagev0;cat=canad0;ord=2415898786039;gtm=2wg4k0;auiddc=1928954810.1650614726;u1=%2F;~oref=https%3A%2F%2Fsp-poc-login.codeinthecloud.com%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
insight.min.js
snap.licdn.com/li.lms-analytics/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MVL2B6
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:7::17d8:4dd2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sp-poc-login.codeinthecloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 22 Apr 2022 08:05:26 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 Apr 2022 23:25:22 GMT
X-CDN
AKAM
X-EdgeConnect-Cache-Status
1
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=65064
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3085
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3547890&time=1650614726183&url=https%3A%2F%2Fsp-poc-login.codeinthecloud.com%2F
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3547890%26time%3D1650614726183%26url%3Dhttps%253A%252F%252Fsp-poc-login.codeinthe...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3547890&time=1650614726183&url=https%3A%2F%2Fsp-poc-login.codeinthecloud.com%2F&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3547890&time=1650614726183&url=https%3A%2F%2Fsp-poc-login.codeinthecloud.com%2F&liSync=true&e_ipv6=AQKh1nPyQQ6dGAAAAYBQTfLO7T-BQ8vD8AG2VQZHWZfkVU...
0
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3547890&time=1650614726183&url=https%3A%2F%2Fsp-poc-login.codeinthecloud.com%2F&liSync=true&e_ipv6=AQKh1nPyQQ6dGAAAAYBQTfLO7T-BQ8vD8AG2VQZHWZfkVUMEnU9gb_7LKkhTuXQ3SVOPTHWU
Requested by
Host: sp-poc-login.codeinthecloud.com
URL: https://sp-poc-login.codeinthecloud.com/
Protocol
H2
Server
13.107.43.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sp-poc-login.codeinthecloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 08:05:27 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: EC5EECCA81C546D3889822C7A472946A Ref B: VIEEDGE2709 Ref C: 2022-04-22T08:05:27Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-proto
http/2
content-length
0
x-li-uuid
AAXdObB/9wx79Ss9aUXX6w==
x-li-fabric
prod-lor1

Redirect headers

date
Fri, 22 Apr 2022 08:05:26 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 28BEB867308C4A9C91F646B2A5A59A08 Ref B: FRAEDGE1513 Ref C: 2022-04-22T08:05:27Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3547890&time=1650614726183&url=https%3A%2F%2Fsp-poc-login.codeinthecloud.com%2F&liSync=true&e_ipv6=AQKh1nPyQQ6dGAAAAYBQTfLO7T-BQ8vD8AG2VQZHWZfkVUMEnU9gb_7LKkhTuXQ3SVOPTHWU
x-li-proto
http/2
content-length
0
x-li-uuid
AAXdObB8SADqmj/F/A1IWQ==
collect
www.google-analytics.com/j/ 		1 B
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1295493183&t=event&ni=1&_s=1&dl=https%3A%2F%2Fsp-poc-login.codeinthecloud.com%2F&ul=en-us&de=UTF-8&dt=Canada%20Life%20-%20Anmelden&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=All%20Events&ea=gtm.init_consent&_u=YEBAAEABAAAAAC~&jid=1322494399&gjid=78073614&cid=67621862.1650614726&tid=UA-41782682-5&_gid=1452589258.1650614726&_r=1&gtm=2wg4k0MVL2B6&cd1=false&cd2=https%3A%2F%2Fsp-poc-login.codeinthecloud.com%2F&cd3=&cd4=2022-04-22T08%3A05%3A26.105%2B00%3A00&cd5=GTM-MVL2B6%20-%20103&z=758354281
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://sp-poc-login.codeinthecloud.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 22 Apr 2022 08:05:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://sp-poc-login.codeinthecloud.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1295493183&t=pageview&_s=1&dl=https%3A%2F%2Fsp-poc-login.codeinthecloud.com%2F&ul=en-us&de=UTF-8&dt=Canada%20Life%20-%20Anmelden&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDACEABBAAAAC~&jid=515194018&gjid=1972457985&cid=67621862.1650614726&tid=UA-41782682-1&_gid=1452589258.1650614726&_r=1&gtm=2wg4k0MVL2B6&cd3=GTM-MVL2B6%3A%20103&cg2=sp-poc-login.codeinthecloud.com&cd7=https%3A%2F%2Fsp-poc-login.codeinthecloud.com%2F&cd8=&cd9=d780e9f6-4b50-4824-9459-3cf1f326ca27&cd10=2022-04-22T08%3A05%3A26.118%2B00%3A00&cd17=false&cd11=pageview&z=1785781452
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://sp-poc-login.codeinthecloud.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 22 Apr 2022 08:05:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://sp-poc-login.codeinthecloud.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
132 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1295493183&t=event&ni=1&_s=1&dl=https%3A%2F%2Fsp-poc-login.codeinthecloud.com%2F&ul=en-us&de=UTF-8&dt=Canada%20Life%20-%20Anmelden&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=All%20Events&ea=gtm.init&_u=YEDAAEABAAAAAC~&jid=&gjid=&cid=67621862.1650614726&tid=UA-41782682-5&_gid=1452589258.1650614726&gtm=2wg4k0MVL2B6&cd1=false&cd2=https%3A%2F%2Fsp-poc-login.codeinthecloud.com%2F&cd3=&cd4=2022-04-22T08%3A05%3A26.113%2B00%3A00&cd5=GTM-MVL2B6%20-%20103&z=1968998266
Requested by
Host: sp-poc-login.codeinthecloud.com
URL: https://sp-poc-login.codeinthecloud.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sp-poc-login.codeinthecloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 08:10:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
86072
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1295493183&t=event&ni=1&_s=1&dl=https%3A%2F%2Fsp-poc-login.codeinthecloud.com%2F&ul=en-us&de=UTF-8&dt=Canada%20Life%20-%20Anmelden&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=All%20Events&ea=gtm.js&el=%5B%7B%22gtm.start%22%3A1650614725860%2C%22event%22%3A%22gtm.js%22%2C%22gtm.uniqueEventId%22%3A25%7D%5D&_u=YGDACEABBAAAAC~&jid=&gjid=&cid=67621862.1650614726&tid=UA-41782682-5&_gid=1452589258.1650614726&gtm=2wg4k0MVL2B6&cd1=false&cd2=https%3A%2F%2Fsp-poc-login.codeinthecloud.com%2F&cd3=&cd4=2022-04-22T08%3A05%3A26.132%2B00%3A00&cd5=GTM-MVL2B6%20-%20103&z=1372648046
Requested by
Host: sp-poc-login.codeinthecloud.com
URL: https://sp-poc-login.codeinthecloud.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sp-poc-login.codeinthecloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 08:10:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
86072
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1295493183&t=event&ni=1&_s=1&dl=https%3A%2F%2Fsp-poc-login.codeinthecloud.com%2F&ul=en-us&de=UTF-8&dt=Canada%20Life%20-%20Anmelden&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=All%20Events&ea=gtm.dom&el=%7B%22event%22%3A%22gtm.dom%22%2C%22gtm.uniqueEventId%22%3A38%7D&_u=YGDACEABBAAAAC~&jid=&gjid=&cid=67621862.1650614726&tid=UA-41782682-5&_gid=1452589258.1650614726&gtm=2wg4k0MVL2B6&cd1=false&cd2=https%3A%2F%2Fsp-poc-login.codeinthecloud.com%2F&cd3=&cd4=2022-04-22T08%3A05%3A26.139%2B00%3A00&cd5=GTM-MVL2B6%20-%20103&z=1201332559
Requested by
Host: sp-poc-login.codeinthecloud.com
URL: https://sp-poc-login.codeinthecloud.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sp-poc-login.codeinthecloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 08:10:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
86072
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1295493183&t=event&ni=1&_s=1&dl=https%3A%2F%2Fsp-poc-login.codeinthecloud.com%2F&ul=en-us&de=UTF-8&dt=Canada%20Life%20-%20Anmelden&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=All%20Events&ea=gtm.scrollDepth&el=%7B%22event%22%3A%22gtm.scrollDepth%22%2C%22gtm.scrollThreshold%22%3A75%2C%22gtm.scrollUnits%22%3A%22percent%22%2C%22gtm.scrollDirection%22%3A%22vertical%22%2C%22gtm.triggers%22%3A%221981690_195%22%2C%22gtm.uniqueEventId%22%3A50%7D&_u=YGDACEABBAAAAC~&jid=&gjid=&cid=67621862.1650614726&tid=UA-41782682-5&_gid=1452589258.1650614726&gtm=2wg4k0MVL2B6&cd1=false&cd2=https%3A%2F%2Fsp-poc-login.codeinthecloud.com%2F&cd3=&cd4=2022-04-22T08%3A05%3A26.144%2B00%3A00&cd5=GTM-MVL2B6%20-%20103&z=235412922
Requested by
Host: sp-poc-login.codeinthecloud.com
URL: https://sp-poc-login.codeinthecloud.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sp-poc-login.codeinthecloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 08:10:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
86072
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1295493183&t=event&ni=0&_s=1&dl=https%3A%2F%2Fsp-poc-login.codeinthecloud.com%2F&ul=en-us&de=UTF-8&dt=Canada%20Life%20-%20Anmelden&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=75%25&_u=YGDACEABBAAAAC~&jid=&gjid=&cid=67621862.1650614726&tid=UA-41782682-1&_gid=1452589258.1650614726&gtm=2wg4k0MVL2B6&cd3=GTM-MVL2B6%3A%20103&cg2=sp-poc-login.codeinthecloud.com&cd7=https%3A%2F%2Fsp-poc-login.codeinthecloud.com%2F&cd8=&cd9=4af9aa90-a27e-418f-9407-0182396baf9f&cd10=2022-04-22T08%3A05%3A26.146%2B00%3A00&cd17=false&cd11=event&z=1933208447
Requested by
Host: sp-poc-login.codeinthecloud.com
URL: https://sp-poc-login.codeinthecloud.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sp-poc-login.codeinthecloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 08:10:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
86072
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?z=1650614726145&v=1&tid=UA-41782682-5&cid=false&t=event&dp=%2F&dh=sp-poc-login.codeinthecloud.com&dl=https%3A%2F%2Fsp-poc-login.codeinthecloud.com%2F&pa=purchase&ta=sp-poc-login.codeinthecloud.com&ec=gtm_monitor&ea=gtm.scrollDepth&ti=1650614726145&el={%22event%22:%22gtm.scrollDepth%22,%22gtm.scrollThreshold%22:75,%22gtm.scrollUnits%22:%22percent%22,%22gtm.scrollDirection%22:%22vertical%22,%22gtm.triggers%22:%221981690_195%22,%22gtm.uniqueEventId%22:50}&pr1id=196&pr1nm=unnamed%20tag%20with%20ID%3A%20196&pr1va=success&pr1ca=gtm.scrollDepth&pr1br=%2F&pr1qt=1&pr1pr=169.00&tr=1.00&ev=1
Requested by
Host: sp-poc-login.codeinthecloud.com
URL: https://sp-poc-login.codeinthecloud.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sp-poc-login.codeinthecloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 08:10:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
86073
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?z=1650614726139&v=1&tid=UA-41782682-5&cid=false&t=event&dp=%2F&dh=sp-poc-login.codeinthecloud.com&dl=https%3A%2F%2Fsp-poc-login.codeinthecloud.com%2F&pa=purchase&ta=sp-poc-login.codeinthecloud.com&ec=gtm_monitor&ea=gtm.dom&ti=1650614726139&el={%22event%22:%22gtm.dom%22,%22gtm.uniqueEventId%22:38}&pr1id=130&pr1nm=HTML%20pardot%20parent%20frame%20form%20listener&pr1va=success&pr1ca=gtm.dom&pr1br=%2F&pr1qt=1&pr1pr=0.00&tr=1.00&ev=1
Requested by
Host: sp-poc-login.codeinthecloud.com
URL: https://sp-poc-login.codeinthecloud.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sp-poc-login.codeinthecloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 08:10:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
86073
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
dc_pre=CLq514Obp_cCFZVCHQkdi7cO2w;src=9583095;type=pagev0;cat=canad0;ord=2415898786039;gtm=2wg4k0;auiddc=1928954810.1650614726;u1=%2F;~oref=https%3A%2F%2Fsp-poc-login.codeinthecloud.com%2F
adservice.google.com/ddm/fls/i/ Frame 37A4 		502 B
868 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CLq514Obp_cCFZVCHQkdi7cO2w;src=9583095;type=pagev0;cat=canad0;ord=2415898786039;gtm=2wg4k0;auiddc=1928954810.1650614726;u1=%2F;~oref=https%3A%2F%2Fsp-poc-login.codeinthecloud.com%2F
Requested by
Host: 9583095.fls.doubleclick.net
URL: https://9583095.fls.doubleclick.net/activityi;dc_pre=CLq514Obp_cCFZVCHQkdi7cO2w;src=9583095;type=pagev0;cat=canad0;ord=2415898786039;gtm=2wg4k0;auiddc=1928954810.1650614726;u1=%2F;~oref=https%3A%2F%2Fsp-poc-login.codeinthecloud.com%2F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5bbbe3e7324d202e3a451e114428a016113cd489b62d67d1628b40f2f7088638
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9583095.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
400
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 22 Apr 2022 08:05:27 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dc_pre=CLq514Obp_cCFZVCHQkdi7cO2w;src=9583095;type=pagev0;cat=canad0;ord=2415898786039;gtm=2wg4k0;auiddc=1928954810.1650614726;u1=%2F;~oref=https%3A%2F%2Fsp-poc-login.codeinthecloud.com%2F
adservice.google.de/ddm/fls/i/ Frame CA49 		194 B
870 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/ddm/fls/i/dc_pre=CLq514Obp_cCFZVCHQkdi7cO2w;src=9583095;type=pagev0;cat=canad0;ord=2415898786039;gtm=2wg4k0;auiddc=1928954810.1650614726;u1=%2F;~oref=https%3A%2F%2Fsp-poc-login.codeinthecloud.com%2F
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CLq514Obp_cCFZVCHQkdi7cO2w;src=9583095;type=pagev0;cat=canad0;ord=2415898786039;gtm=2wg4k0;auiddc=1928954810.1650614726;u1=%2F;~oref=https%3A%2F%2Fsp-poc-login.codeinthecloud.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adservice.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
gzip
content-length
177
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 22 Apr 2022 08:05:27 GMT
expires
Fri, 22 Apr 2022 08:05:27 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?z=1650614726133&v=1&tid=UA-41782682-5&cid=false&t=event&dp=%2F&dh=sp-poc-login.codeinthecloud.com&dl=https%3A%2F%2Fsp-poc-login.codeinthecloud.com%2F&pa=purchase&ta=sp-poc-login.codeinthecloud.com&ec=gtm_monitor&ea=gtm.js&ti=1650614726133&el=[{%22gtm.start%22:1650614725860,%22event%22:%22gtm.js%22,%22gtm.uniqueEventId%22:25}]&pr1id=17&pr1nm=Conversion%20Linker&pr1va=success&pr1ca=gtm.js&pr1br=%2F&pr1qt=1&pr1pr=26.00&pr2id=2&pr2nm=GAP%20canadalife%20all%20websites&pr2va=success&pr2ca=gtm.js&pr2br=%2F&pr2qt=1&pr2pr=188.00&pr3id=42&pr3nm=Floodlight%20-%20Page%20Views%20-%20Canada%20Life%20Google&pr3va=success&pr3ca=gtm.js&pr3br=%2F&pr3qt=1&pr3pr=584.00&pr4id=251&pr4nm=unnamed%20tag%20with%20ID%3A%20251&pr4va=success&pr4ca=gtm.js&pr4br=%2F&pr4qt=1&pr4pr=52.00&pr5id=4&pr5nm=HTML%20pardot%20base%20tag&pr5va=success&pr5ca=gtm.js&pr5br=%2F&pr5qt=1&pr5pr=0.00&tr=5.00&ev=5
Requested by
Host: sp-poc-login.codeinthecloud.com
URL: https://sp-poc-login.codeinthecloud.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sp-poc-login.codeinthecloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:29:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
63343
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
pd.js
pi.pardot.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pi.pardot.com/pd.js
Requested by
Host: sp-poc-login.codeinthecloud.com
URL: https://sp-poc-login.codeinthecloud.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.174.150.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
pi0-lba1-3-ue1.aws.pardot.com
Software
PardotServer /
Resource Hash
3b91e6a4b14493d67f9660e6d4a2e27c1eea54d97ccb7c30acf3b89998b3be99

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sp-poc-login.codeinthecloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 08:05:28 GMT
content-encoding
gzip
X-Pardot-Route
8f46b7608980401223b1d0300f1fdf0e
X-Pardot-LB
a083ac6fc1531fb089982e922db67d20
last-modified
Thu, 21 Apr 2022 05:16:52 GMT
Server
PardotServer
etag
"1547-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=63072000
accept-ranges
bytes
content-length
1946
expires
Sun, 21 Apr 2024 08:05:28 GMT
/
extreme-ip-lookup.com/json/ 		435 B
583 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://extreme-ip-lookup.com/json/
Requested by
Host: sp-poc-login.codeinthecloud.com
URL: https://sp-poc-login.codeinthecloud.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.236.91.3 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx /
Resource Hash
188f3f2e9896fa49f5b45f335b3c5550939dde01e841dd3e05f4e99467e0d206

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sp-poc-login.codeinthecloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 22 Apr 2022 08:05:27 GMT
cache-control
max-age=3600
server
nginx
access-control-allow-headers
*
content-length
435
content-type
application/json; charset=utf-8;
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1295493183&t=event&ni=1&_s=1&dl=https%3A%2F%2Fsp-poc-login.codeinthecloud.com%2F&ul=en-us&de=UTF-8&dt=Canada%20Life%20-%20Anmelden&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=All%20Events&ea=gtm.load&el=%7B%22event%22%3A%22gtm.load%22%2C%22gtm.uniqueEventId%22%3A63%7D&_u=aHDACEABBAAAAC~&jid=&gjid=&cid=67621862.1650614726&tid=UA-41782682-5&_gid=1452589258.1650614726&gtm=2wg4k0MVL2B6&cd1=67621862.1650614726&cd2=https%3A%2F%2Fsp-poc-login.codeinthecloud.com%2F&cd3=&cd4=2022-04-22T08%3A05%3A27.50%2B00%3A00&cd5=GTM-MVL2B6%20-%20103&z=910296880
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sp-poc-login.codeinthecloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:29:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
63343
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1295493183&t=pageview&_s=1&dl=https%3A%2F%2Fsp-poc-login.codeinthecloud.com%2F&ul=en-us&de=UTF-8&dt=Canada%20Life%20-%20Anmelden&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHDACEABBAAAAC~&jid=&gjid=&cid=67621862.1650614726&tid=UA-41782682-5&_gid=1452589258.1650614726&gtm=2wg4k0MVL2B6&cd1=67621862.1650614726&cd2=https%3A%2F%2Fsp-poc-login.codeinthecloud.com%2F&cd3=&cd4=2022-04-22T08%3A05%3A27.59%2B00%3A00&cd5=GTM-MVL2B6%20-%20103&cm1=2259&cm2=1545&cm3=1549&cm4=382&z=1677186217
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sp-poc-login.codeinthecloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:29:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
63343
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1295493183&t=timing&_s=2&dl=https%3A%2F%2Fsp-poc-login.codeinthecloud.com%2F&ul=en-us&de=UTF-8&dt=Canada%20Life%20-%20Anmelden&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=2257&pdt=1&dns=0&rrt=615&srt=71&tcp=22&dit=1090&clt=1090&_gst=1320&_gbt=1459&_cst=0&_cbt=1313&_u=aHDACEABBAAAAC~&jid=&gjid=&cid=67621862.1650614726&tid=UA-41782682-1&_gid=1452589258.1650614726&gtm=2wg4k0MVL2B6&cd3=GTM-MVL2B6%3A%20103&cg2=sp-poc-login.codeinthecloud.com&cd7=https%3A%2F%2Fsp-poc-login.codeinthecloud.com%2F&cd8=&cd9=d780e9f6-4b50-4824-9459-3cf1f326ca27&cd10=2022-04-22T08%3A05%3A26.118%2B00%3A00&cd17=false&cd11=timing&z=1442932445
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sp-poc-login.codeinthecloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:29:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
63343
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?z=1650614727058&v=1&tid=UA-41782682-5&cid=67621862.1650614726&t=event&dp=%2F&dh=sp-poc-login.codeinthecloud.com&dl=https%3A%2F%2Fsp-poc-login.codeinthecloud.com%2F&pa=purchase&ta=sp-poc-login.codeinthecloud.com&ec=gtm_monitor&ea=gtm.load&ti=1650614727058&el={%22event%22:%22gtm.load%22,%22gtm.uniqueEventId%22:63}&pr1id=109&pr1nm=HTML%20extreme%20ip%20isp%20lookup&pr1va=success&pr1ca=gtm.load&pr1br=%2F&pr1qt=1&pr1pr=1.00&tr=1.00&ev=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sp-poc-login.codeinthecloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:29:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
63343
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
analytics
pi.pardot.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=2102&account_id=94102&title=Canada%20Life%20-%20Anmelden&url=https%3A%2F%2Fsp-poc-login.codeinthecloud.com%2F&referrer=
Requested by
Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.174.150.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
pi0-lba1-3-ue1.aws.pardot.com
Software
PardotServer /
Resource Hash
8ee9fe7ab072499e94efd02ab2386d7e43cb8d8b6dc1578255fd68a4d9664142
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sp-poc-login.codeinthecloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Apr 2022 08:05:28 GMT
content-encoding
gzip
X-Pardot-Route
403edde838d926b2f64a33ea88db7473
X-Pardot-LB
a083ac6fc1531fb089982e922db67d20
x-pardot-rsp
0/0/1
vary
Accept-Encoding,User-Agent
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
cache-control
no-store, no-cache, must-revalidate
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
552
Server
PardotServer
expires
Thu, 19 Nov 1981 08:52:00 GMT
analytics
www2.canadalife.co.uk/ 		50 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www2.canadalife.co.uk/analytics?conly=true&visitor_id=778670066&visitor_id_sign=1e27afa42590bbd12be5bb05dd854432ef0a30335f448a8d62b93569fa8d6ff1e75cc7b58145adf38e6e2f840f9f4e9ca508be7b&pi_opt_in=&campaign_id=2102&account_id=94102&title=Canada%20Life%20-%20Anmelden&url=https%3A%2F%2Fsp-poc-login.codeinthecloud.com%2F&referrer=
Requested by
Host: pi.pardot.com
URL: https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=2102&account_id=94102&title=Canada%20Life%20-%20Anmelden&url=https%3A%2F%2Fsp-poc-login.codeinthecloud.com%2F&referrer=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.202.69.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
pi0-lba1-1-ue1.aws.pardot.com
Software
PardotServer /
Resource Hash
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sp-poc-login.codeinthecloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Apr 2022 08:05:28 GMT
X-Pardot-Route
403edde838d926b2f64a33ea88db7473
X-Pardot-LB
4208770abb36eec2b2f3a1c951758cc1
x-pardot-rsp
0/0/1
vary
User-Agent
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
cache-control
no-store, no-cache, must-revalidate
content-type
text/javascript; charset=utf-8
content-length
50
Server
PardotServer
expires
Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| regeneratorRuntime function| setImmediate function| clearImmediate object| Backbone function| jQueryCourage object| u2f function| OktaSignIn function| signInSuccessCallBackFunction object| oktaData function| runLoginPage object| OktaUtil object| dataLayer object| config undefined| oktaSignIn function| InsertUnlockAccountCustomSubTitleAfter object| OktaLogin object| jQBrowser object| google_tag_manager function| postscribe object| google_tag_manager_external number| len string| e object| google_tag_data string| GoogleAnalyticsObject function| ga string| _linkedin_data_partner_id string| piAId string| piCId string| piHostname function| onYouTubeIframeAPIReady function| lintrk boolean| _already_called_lintrk object| gaplugins object| gaGlobal object| gaData function| _ga_originalSendHitTask function| checkNamespace function| getPardotUrl function| piTracker function| piGetParameter function| piGetCookie function| piSetCookie string| piVersion number| piScriptNum object| piScriptObj object| pi number| c_start string| property function| piResponse

25 Cookies

Domain/Path Name / Value
sp-poc-login.codeinthecloud.com/ Name: JSESSIONID
Value: 0F2CAEE749941DDD18939ECA4FC1E7DB
sp-poc-login.codeinthecloud.com/ Name: t
Value: red-bright
sp-poc-login.codeinthecloud.com/ Name: DT
Value: DI0lji0IKV0S1O9QbkL5M7t6Q
.codeinthecloud.com/ Name: _gcl_au
Value: 1.1.1928954810.1650614726
.codeinthecloud.com/ Name: _ga
Value: GA1.2.67621862.1650614726
.codeinthecloud.com/ Name: _gid
Value: GA1.2.1452589258.1650614726
.codeinthecloud.com/ Name: _gat_UA-41782682-5
Value: 1
.codeinthecloud.com/ Name: _gat_UA-41782682-1
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.linkedin.com/ Name: UserMatchHistory
Value: AQLYgngy1jM7_wAAAYBQTfFW-X3svd56pt0fkmnTNAzOmfL5pYLEpoy6bFW1axxHc-ShhVxO1_Du9g
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQKdfgqGCDXH7wAAAYBQTfFW7ERw1F8WjL6qTaziWg9BImPx3EOlO839QpOvC924KclajHPkiXbe-QHRzvA-sw
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&1a4b34f2-48af-459c-818f-c350749002da"
.linkedin.com/ Name: lidc
Value: "b=OGST02:s=O:r=O:a=O:p=O:g=2652:u=1:x=1:i=1650614727:t=1650701127:v=2:sig=AQFXOq_7Azv-8vav68S0UEL8p5M2okTq"
.linkedin.com/ Name: lang
Value: v=2&lang=de-de
.www.linkedin.com/ Name: bscookie
Value: "v=1&2022042208052727c952ee-940c-434b-8315-19d864ca6d16AQFWrEGk3GRylOwb5kOgcZX5oGmyzNsf"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NTA2MTQ3Mjc7MjswMjFDpy2BIAi7ulxLDq6ZgjmMwIebSO9u3zNdGU8Ff0uXWg==
.sp-poc-login.codeinthecloud.com/ Name: gtm_isp_lookup
Value: true
.pardot.com/ Name: visitor_id93102
Value: 778670066
.pardot.com/ Name: visitor_id93102-hash
Value: 1e27afa42590bbd12be5bb05dd854432ef0a30335f448a8d62b93569fa8d6ff1e75cc7b58145adf38e6e2f840f9f4e9ca508be7b
pi.pardot.com/ Name: lpv93102
Value: aHR0cHM6Ly9zcC1wb2MtbG9naW4uY29kZWludGhlY2xvdWQuY29tLw%3D%3D
sp-poc-login.codeinthecloud.com/ Name: visitor_id93102
Value: 778670066
sp-poc-login.codeinthecloud.com/ Name: visitor_id93102-hash
Value: 1e27afa42590bbd12be5bb05dd854432ef0a30335f448a8d62b93569fa8d6ff1e75cc7b58145adf38e6e2f840f9f4e9ca508be7b
www2.canadalife.co.uk/ Name: visitor_id93102
Value: 778670066
www2.canadalife.co.uk/ Name: visitor_id93102-hash
Value: 1e27afa42590bbd12be5bb05dd854432ef0a30335f448a8d62b93569fa8d6ff1e75cc7b58145adf38e6e2f840f9f4e9ca508be7b

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9583095.fls.doubleclick.net
adservice.google.com
adservice.google.de
cluksandboxssostorage.blob.core.windows.net
extreme-ip-lookup.com
fonts.googleapis.com
fonts.gstatic.com
login.okta.com
op2static.oktacdn.com
pi.pardot.com
px.ads.linkedin.com
px4.ads.linkedin.com
snap.licdn.com
sp-poc-login.codeinthecloud.com
www.google-analytics.com
www.googletagmanager.com
www.linkedin.com
www2.canadalife.co.uk
109.236.91.3
13.107.43.14
142.250.186.102
143.204.201.118
18.184.2.86
20.150.40.4
2620:1ec:21::14
2a00:1450:4001:802::200a
2a00:1450:4001:803::200e
2a00:1450:4001:808::2002
2a00:1450:4001:812::2002
2a00:1450:4001:828::2003
2a00:1450:4001:829::2008
2a02:26f0:3500:7::17d8:4dd2
35.174.150.168
52.202.69.186
65.9.63.98
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c
188f3f2e9896fa49f5b45f335b3c5550939dde01e841dd3e05f4e99467e0d206
1e68998c2e0dfcc3bad613fc759c6bac86632d4cb18f6fa8df090339153e05b6
20ee233ff0c201afc8851e117d1aca429d52d233d91fddf84348201719e2b151
3b91e6a4b14493d67f9660e6d4a2e27c1eea54d97ccb7c30acf3b89998b3be99
3fa4a23df877d93a0e0ce85327f66a7addcb91e22f3d12061dcabdb500ff256e
42c369758345c856816ae96c47fb721160f9c4c0c3d3315d5853458813c4ed00
5bbbe3e7324d202e3a451e114428a016113cd489b62d67d1628b40f2f7088638
5f1521c80ca2b0db15fc561ab33b812e493b61771cd0cefc5dc74ac142b9ad92
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8ee9fe7ab072499e94efd02ab2386d7e43cb8d8b6dc1578255fd68a4d9664142
9088ba84bd8facb1ae216959655256308143f85f3608acb93880347b60f9a620
9c618b308eebf4d4427f520b7b6e0c3e821ac072853069a71c1e711425fcefdf
9d75be9fa71d9de02417f044d50b1264dc564d453ee20efc7faa9d819a8ffdfb
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
ac376323e65d78aab60feb0f3bf2e0988d02e16eebe7ff0bc1d92086d2f173b3
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c71558cf94e0875c93b552d52dd5974ae4697ba14e5a8d7c3694247a291ca9b8
dcc89f32e3f978bd4c2e313916b6267abd287eea87daec0e5c049150fd9062aa
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e899060d294cd2e7db4544c88c031272590fe5f9b72a8334dc42ee1f1868ce6a