urlscan.io logo urlscan.io
SecurityTrails logo

safe.thomson.com Open in urlscan Pro
163.231.5.34  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://fed.octanner.net/sp/startSSO.ping?PartnerIdpId=https%3A%2F%2Fsafe.thomson.com&TARGET=https%3A%2F%2Fwww.appreciate...
Effective URL: https://safe.thomson.com/auth/router?action=Login&ProtectionLevel=SAFE5&TYPE=33554433&REALMOID=06-4adfa57b-7644-43cd-8101...
Submission: On December 17 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 21 HTTP transactions. The main IP is 163.231.5.34, located in United States and belongs to WESTPUB-A, US. The main domain is safe.thomson.com.
TLS certificate: Issued by COMODO RSA Organization Validation Se... on September 11th 2020. Valid for: a year.
This is the only time safe.thomson.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 198.91.21.51 13649 (ASN-VINS)
17 163.231.5.34 4583 (WESTPUB-A)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
21 5
1    198.91.21.51 (United States)

ASN13649 (ASN-VINS, US)
fed.octanner.net
17    163.231.5.34 (United States)

ASN4583 (WESTPUB-A, US)
PTR: safe.ha.corptr.com
safe.thomson.com
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a00:1450:4001:824::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
1    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
Domain Requested by
17 safe.thomson.com safe.thomson.com
ajax.googleapis.com
2 ssl.google-analytics.com safe.thomson.com
1 ajax.googleapis.com safe.thomson.com
1 fed.octanner.net
21 4

This site contains no links.

Subject Issuer Validity Valid
fed.octanner.net
DigiCert SHA2 High Assurance Server CA		 2020-02-26 -
2022-03-02		 2 years crt.sh
*.thomson.com
COMODO RSA Organization Validation Secure Server CA		 2020-09-11 -
2021-09-11		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://safe.thomson.com/auth/router?action=Login&ProtectionLevel=SAFE5&TYPE=33554433&REALMOID=06-4adfa57b-7644-43cd-8101-842e88965ef7&GUID=&SMAUTHREASON=0&METHOD=POST&SMAGENTNAME=$SM$gNW0md%2bsMuvGQzbDDuh6DYs%2bNZBvIyDUm03q6eXS44rjYkLiEidwAshKyiJ0AjbI&TARGET=$SM$https%3a%2f%2fsafe%2ethomson%2ecom%2fSAML2%2fsso%2fSAML2Service
Frame ID: CC498E67ED3E2B369302D48E06A8D9DA
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://fed.octanner.net/sp/startSSO.ping?PartnerIdpId=https%3A%2F%2Fsafe.thomson.com&TARGET=https%3A... Page URL
  2. https://safe.thomson.com/SAML2/sso/SAML2Service Page URL
  3. https://safe.thomson.com/auth/router?action=Login&ProtectionLevel=SAFE5&TYPE=33554433&REALMOID=06-4ad... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

21
Requests

100 %
HTTPS

60 %
IPv6

4
Domains

4
Subdomains

5
IPs

2
Countries

152 kB
Transfer

370 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://fed.octanner.net/sp/startSSO.ping?PartnerIdpId=https%3A%2F%2Fsafe.thomson.com&TARGET=https%3A%2F%2Fwww.appreciatehub.com%2Fhub.seam%3Fcustomer%3D6978566%26fed%3Dtrue Page URL
  2. https://safe.thomson.com/SAML2/sso/SAML2Service Page URL
  3. https://safe.thomson.com/auth/router?action=Login&ProtectionLevel=SAFE5&TYPE=33554433&REALMOID=06-4adfa57b-7644-43cd-8101-842e88965ef7&GUID=&SMAUTHREASON=0&METHOD=POST&SMAGENTNAME=$SM$gNW0md%2bsMuvGQzbDDuh6DYs%2bNZBvIyDUm03q6eXS44rjYkLiEidwAshKyiJ0AjbI&TARGET=$SM$https%3a%2f%2fsafe%2ethomson%2ecom%2fSAML2%2fsso%2fSAML2Service Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set startSSO.ping
fed.octanner.net/sp/ 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fed.octanner.net/sp/startSSO.ping?PartnerIdpId=https%3A%2F%2Fsafe.thomson.com&TARGET=https%3A%2F%2Fwww.appreciatehub.com%2Fhub.seam%3Fcustomer%3D6978566%26fed%3Dtrue
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.91.21.51 , United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software
/
Resource Hash
92cd19b47ef2b39b732fbde1745b94d02b7ec7ce7179c7eae721dfb2697ab349
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Frame-Options SAMEORIGIN

Request headers

Host
fed.octanner.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 17 Dec 2020 12:01:34 GMT
X-Frame-Options
SAMEORIGIN
Referrer-Policy
origin
Cache-Control
no-cache, no-store
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Type
text/html;charset=utf-8
Set-Cookie
PF=6wh9P9nLdVMlDgCHcmnj15;Path=/;Secure;HttpOnly;SameSite=None
Content-Length
1335
Strict-Transport-Security
max-age=16070400
Cookie set SAML2Service
safe.thomson.com/SAML2/sso/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://safe.thomson.com/SAML2/sso/SAML2Service
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.231.5.34 , United States, ASN4583 (WESTPUB-A, US),
Reverse DNS
safe.ha.corptr.com
Software
Microsoft-IIS /
Resource Hash
658f7a537ad9705b884ae48b57ae42bfa9f5c0a43ae89269e7076de5cbdc9e02

Request headers

Host
safe.thomson.com
Connection
keep-alive
Content-Length
484
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
Origin
https://fed.octanner.net
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://fed.octanner.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
Origin
https://fed.octanner.net
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fed.octanner.net/

Response headers

Server
Microsoft-IIS
Date
Thu, 17 Dec 2020 12:01:35 GMT
Cache-Control
no-store
Content-type
text/html
Content-Length
1546
Set-Cookie
BIGipServerSAFE-443=1096345507.47873.0000; path=/; Httponly; Secure; SameSite=None; Secure=True;
Primary Request Cookie set router
safe.thomson.com/auth/ 		25 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://safe.thomson.com/auth/router?action=Login&ProtectionLevel=SAFE5&TYPE=33554433&REALMOID=06-4adfa57b-7644-43cd-8101-842e88965ef7&GUID=&SMAUTHREASON=0&METHOD=POST&SMAGENTNAME=$SM$gNW0md%2bsMuvGQzbDDuh6DYs%2bNZBvIyDUm03q6eXS44rjYkLiEidwAshKyiJ0AjbI&TARGET=$SM$https%3a%2f%2fsafe%2ethomson%2ecom%2fSAML2%2fsso%2fSAML2Service
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.231.5.34 , United States, ASN4583 (WESTPUB-A, US),
Reverse DNS
safe.ha.corptr.com
Software
Microsoft-IIS/7.5 WebSphere Application Server/7.0 / ASP.NET
Resource Hash
256cb102eb33ef95bf926da0820be68c85f35b8aa2281df48e43e73d2eeaadf5

Request headers

Host
safe.thomson.com
Connection
keep-alive
Content-Length
757
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
Origin
https://safe.thomson.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://safe.thomson.com/SAML2/sso/SAML2Service
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
BIGipServerSAFE-443=1096345507.47873.0000
Upgrade-Insecure-Requests
1
Origin
https://safe.thomson.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://safe.thomson.com/SAML2/sso/SAML2Service

Response headers

Cache-Control
no-cache
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Content-Language
en-US
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Server
Microsoft-IIS/7.5 WebSphere Application Server/7.0
X-Powered-By
ASP.NET
Date
Thu, 17 Dec 2020 12:01:36 GMT
Connection
close
Content-Length
8449
Set-Cookie
safe2.protectionlevel=SAFE5; Secure; SameSite=None; Secure=True; JSESSIONID=00000hBTvfN9ZWGGoKeOhwPFjav:-1; Path=/; SameSite=None; Secure=True; safe2.target=$SM$https%3a%2f%2fsafe%2ethomson%2ecom%2fSAML2%2fsso%2fSAML2Service; Secure; SameSite=None; Secure=True; safe2.target=https://safe.thomson.com/SAML2/sso/SAML2Service; Secure; SameSite=None; Secure=True;
style_min.css
safe.thomson.com/safe-ui/css/ 		19 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://safe.thomson.com/safe-ui/css/style_min.css
Requested by
Host: safe.thomson.com
URL: https://safe.thomson.com/auth/router?action=Login&ProtectionLevel=SAFE5&TYPE=33554433&REALMOID=06-4adfa57b-7644-43cd-8101-842e88965ef7&GUID=&SMAUTHREASON=0&METHOD=POST&SMAGENTNAME=$SM$gNW0md%2bsMuvGQzbDDuh6DYs%2bNZBvIyDUm03q6eXS44rjYkLiEidwAshKyiJ0AjbI&TARGET=$SM$https%3a%2f%2fsafe%2ethomson%2ecom%2fSAML2%2fsso%2fSAML2Service
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.231.5.34 , United States, ASN4583 (WESTPUB-A, US),
Reverse DNS
safe.ha.corptr.com
Software
Microsoft-IIS/7.5 /
Resource Hash
c531168567600088d6bc7f6663ba22c4d16883069b3a61f3c6a1bc539cf7ea90

Request headers

Referer
https://safe.thomson.com/auth/router?action=Login&ProtectionLevel=SAFE5&TYPE=33554433&REALMOID=06-4adfa57b-7644-43cd-8101-842e88965ef7&GUID=&SMAUTHREASON=0&METHOD=POST&SMAGENTNAME=$SM$gNW0md%2bsMuvGQzbDDuh6DYs%2bNZBvIyDUm03q6eXS44rjYkLiEidwAshKyiJ0AjbI&TARGET=$SM$https%3a%2f%2fsafe%2ethomson%2ecom%2fSAML2%2fsso%2fSAML2Service
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 17 Dec 2020 12:01:36 GMT
Content-Encoding
gzip
Last-Modified
Fri, 16 Dec 2016 11:20:08 GMT
Server
Microsoft-IIS/7.5
ETag
"0648b5b8e57d21:0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public,max-age=604800
Accept-Ranges
bytes
Content-Length
5286
respond.min.js
safe.thomson.com/safe-ui/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://safe.thomson.com/safe-ui/js/respond.min.js
Requested by
Host: safe.thomson.com
URL: https://safe.thomson.com/auth/router?action=Login&ProtectionLevel=SAFE5&TYPE=33554433&REALMOID=06-4adfa57b-7644-43cd-8101-842e88965ef7&GUID=&SMAUTHREASON=0&METHOD=POST&SMAGENTNAME=$SM$gNW0md%2bsMuvGQzbDDuh6DYs%2bNZBvIyDUm03q6eXS44rjYkLiEidwAshKyiJ0AjbI&TARGET=$SM$https%3a%2f%2fsafe%2ethomson%2ecom%2fSAML2%2fsso%2fSAML2Service
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.231.5.34 , United States, ASN4583 (WESTPUB-A, US),
Reverse DNS
safe.ha.corptr.com
Software
Microsoft-IIS/7.5 /
Resource Hash
712bd07564cb32b21c51129e5b9fcaee8c79182473e16cdaacfe6ffadbd7a5eb

Request headers

Referer
https://safe.thomson.com/auth/router?action=Login&ProtectionLevel=SAFE5&TYPE=33554433&REALMOID=06-4adfa57b-7644-43cd-8101-842e88965ef7&GUID=&SMAUTHREASON=0&METHOD=POST&SMAGENTNAME=$SM$gNW0md%2bsMuvGQzbDDuh6DYs%2bNZBvIyDUm03q6eXS44rjYkLiEidwAshKyiJ0AjbI&TARGET=$SM$https%3a%2f%2fsafe%2ethomson%2ecom%2fSAML2%2fsso%2fSAML2Service
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 17 Dec 2020 12:01:36 GMT
Content-Encoding
gzip
Last-Modified
Tue, 18 Nov 2014 21:04:25 GMT
Server
Microsoft-IIS/7.5
ETag
"80d29c3b733d01:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=604800
Accept-Ranges
bytes
Content-Length
1715
DwrMethodController.js
safe.thomson.com/auth/dwr/interface/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://safe.thomson.com/auth/dwr/interface/DwrMethodController.js
Requested by
Host: safe.thomson.com
URL: https://safe.thomson.com/auth/router?action=Login&ProtectionLevel=SAFE5&TYPE=33554433&REALMOID=06-4adfa57b-7644-43cd-8101-842e88965ef7&GUID=&SMAUTHREASON=0&METHOD=POST&SMAGENTNAME=$SM$gNW0md%2bsMuvGQzbDDuh6DYs%2bNZBvIyDUm03q6eXS44rjYkLiEidwAshKyiJ0AjbI&TARGET=$SM$https%3a%2f%2fsafe%2ethomson%2ecom%2fSAML2%2fsso%2fSAML2Service
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.231.5.34 , United States, ASN4583 (WESTPUB-A, US),
Reverse DNS
safe.ha.corptr.com
Software
Microsoft-IIS/7.5, WebSphere Application Server/7.0 / ASP.NET
Resource Hash
e54dc140bf29aa03bccecdd6ffc6c4c0b9c6320fcbf86c614b0b9cc7e9f4595c

Request headers

Referer
https://safe.thomson.com/auth/router?action=Login&ProtectionLevel=SAFE5&TYPE=33554433&REALMOID=06-4adfa57b-7644-43cd-8101-842e88965ef7&GUID=&SMAUTHREASON=0&METHOD=POST&SMAGENTNAME=$SM$gNW0md%2bsMuvGQzbDDuh6DYs%2bNZBvIyDUm03q6eXS44rjYkLiEidwAshKyiJ0AjbI&TARGET=$SM$https%3a%2f%2fsafe%2ethomson%2ecom%2fSAML2%2fsso%2fSAML2Service
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 17 Dec 2020 12:01:36 GMT
Content-Encoding
gzip
ETag
"1607249359000"
Last-Modified
Sun, 06 Dec 2020 10:09:19 GMT
Server
Microsoft-IIS/7.5, WebSphere Application Server/7.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Language
en-US
Cache-Control
no-cache="set-cookie, set-cookie2"
Content-Type
text/javascript; charset=utf-8
Content-Length
579
Expires
Thu, 01 Dec 1994 16:00:00 GMT
engine.js
safe.thomson.com/auth/dwr/ 		77 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://safe.thomson.com/auth/dwr/engine.js
Requested by
Host: safe.thomson.com
URL: https://safe.thomson.com/auth/router?action=Login&ProtectionLevel=SAFE5&TYPE=33554433&REALMOID=06-4adfa57b-7644-43cd-8101-842e88965ef7&GUID=&SMAUTHREASON=0&METHOD=POST&SMAGENTNAME=$SM$gNW0md%2bsMuvGQzbDDuh6DYs%2bNZBvIyDUm03q6eXS44rjYkLiEidwAshKyiJ0AjbI&TARGET=$SM$https%3a%2f%2fsafe%2ethomson%2ecom%2fSAML2%2fsso%2fSAML2Service
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.231.5.34 , United States, ASN4583 (WESTPUB-A, US),
Reverse DNS
safe.ha.corptr.com
Software
Microsoft-IIS/7.5, WebSphere Application Server/7.0 / ASP.NET
Resource Hash
5f270b4dada904a5b43cbb16e3b1bf8201e60f4dccf96e158b62d15dd3baf58e

Request headers

Referer
https://safe.thomson.com/auth/router?action=Login&ProtectionLevel=SAFE5&TYPE=33554433&REALMOID=06-4adfa57b-7644-43cd-8101-842e88965ef7&GUID=&SMAUTHREASON=0&METHOD=POST&SMAGENTNAME=$SM$gNW0md%2bsMuvGQzbDDuh6DYs%2bNZBvIyDUm03q6eXS44rjYkLiEidwAshKyiJ0AjbI&TARGET=$SM$https%3a%2f%2fsafe%2ethomson%2ecom%2fSAML2%2fsso%2fSAML2Service
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 17 Dec 2020 12:01:36 GMT
Content-Encoding
gzip
ETag
"1607249359000"
Last-Modified
Sun, 06 Dec 2020 10:09:19 GMT
Server
Microsoft-IIS/7.5, WebSphere Application Server/7.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Language
en-US
Cache-Control
no-cache="set-cookie, set-cookie2"
Connection
close
Content-Type
text/javascript; charset=utf-8
Content-Length
25098
Expires
Thu, 01 Dec 1994 16:00:00 GMT
util.js
safe.thomson.com/auth/dwr/ 		47 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://safe.thomson.com/auth/dwr/util.js
Requested by
Host: safe.thomson.com
URL: https://safe.thomson.com/auth/router?action=Login&ProtectionLevel=SAFE5&TYPE=33554433&REALMOID=06-4adfa57b-7644-43cd-8101-842e88965ef7&GUID=&SMAUTHREASON=0&METHOD=POST&SMAGENTNAME=$SM$gNW0md%2bsMuvGQzbDDuh6DYs%2bNZBvIyDUm03q6eXS44rjYkLiEidwAshKyiJ0AjbI&TARGET=$SM$https%3a%2f%2fsafe%2ethomson%2ecom%2fSAML2%2fsso%2fSAML2Service
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.231.5.34 , United States, ASN4583 (WESTPUB-A, US),
Reverse DNS
safe.ha.corptr.com
Software
Microsoft-IIS/7.5, WebSphere Application Server/7.0 / ASP.NET
Resource Hash
0b077275b97f382827dd8c70f4ee8d7eccd1be9b9fab33a0800de5fdea82e79a

Request headers

Referer
https://safe.thomson.com/auth/router?action=Login&ProtectionLevel=SAFE5&TYPE=33554433&REALMOID=06-4adfa57b-7644-43cd-8101-842e88965ef7&GUID=&SMAUTHREASON=0&METHOD=POST&SMAGENTNAME=$SM$gNW0md%2bsMuvGQzbDDuh6DYs%2bNZBvIyDUm03q6eXS44rjYkLiEidwAshKyiJ0AjbI&TARGET=$SM$https%3a%2f%2fsafe%2ethomson%2ecom%2fSAML2%2fsso%2fSAML2Service
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 17 Dec 2020 12:01:36 GMT
Content-Encoding
gzip
ETag
"1607249359000"
Last-Modified
Sun, 06 Dec 2020 10:09:19 GMT
Server
Microsoft-IIS/7.5, WebSphere Application Server/7.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Language
en-US
Cache-Control
no-cache="set-cookie, set-cookie2"
Connection
close
Content-Type
text/javascript; charset=utf-8
Content-Length
14519
Expires
Thu, 01 Dec 1994 16:00:00 GMT
captcha
safe.thomson.com/auth/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safe.thomson.com/auth/captcha
Requested by
Host: safe.thomson.com
URL: https://safe.thomson.com/auth/router?action=Login&ProtectionLevel=SAFE5&TYPE=33554433&REALMOID=06-4adfa57b-7644-43cd-8101-842e88965ef7&GUID=&SMAUTHREASON=0&METHOD=POST&SMAGENTNAME=$SM$gNW0md%2bsMuvGQzbDDuh6DYs%2bNZBvIyDUm03q6eXS44rjYkLiEidwAshKyiJ0AjbI&TARGET=$SM$https%3a%2f%2fsafe%2ethomson%2ecom%2fSAML2%2fsso%2fSAML2Service
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.231.5.34 , United States, ASN4583 (WESTPUB-A, US),
Reverse DNS
safe.ha.corptr.com
Software
Microsoft-IIS/7.5, WebSphere Application Server/7.0 / ASP.NET
Resource Hash
02b2f9897a04e819584fcf426f5b3569b2ff685dbb2e4672cf397dd356bf10ef

Request headers

Referer
https://safe.thomson.com/auth/router?action=Login&ProtectionLevel=SAFE5&TYPE=33554433&REALMOID=06-4adfa57b-7644-43cd-8101-842e88965ef7&GUID=&SMAUTHREASON=0&METHOD=POST&SMAGENTNAME=$SM$gNW0md%2bsMuvGQzbDDuh6DYs%2bNZBvIyDUm03q6eXS44rjYkLiEidwAshKyiJ0AjbI&TARGET=$SM$https%3a%2f%2fsafe%2ethomson%2ecom%2fSAML2%2fsso%2fSAML2Service
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 17 Dec 2020 12:01:37 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/7.5, WebSphere Application Server/7.0
X-Powered-By
ASP.NET
Content-Language
en-US
Cache-Control
private,no-cache,no-store
Connection
close
Content-Type
image/png
Content-Length
11038
Expires
Thu, 01 Dec 1994 16:00:00 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.6.1/ 		89 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.6.1/jquery.min.js
Requested by
Host: safe.thomson.com
URL: https://safe.thomson.com/auth/router?action=Login&ProtectionLevel=SAFE5&TYPE=33554433&REALMOID=06-4adfa57b-7644-43cd-8101-842e88965ef7&GUID=&SMAUTHREASON=0&METHOD=POST&SMAGENTNAME=$SM$gNW0md%2bsMuvGQzbDDuh6DYs%2bNZBvIyDUm03q6eXS44rjYkLiEidwAshKyiJ0AjbI&TARGET=$SM$https%3a%2f%2fsafe%2ethomson%2ecom%2fSAML2%2fsso%2fSAML2Service
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c784376960f3163dc760bc019e72e5fed78203745a5510c69992a39d1d8fe776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://safe.thomson.com/auth/router?action=Login&ProtectionLevel=SAFE5&TYPE=33554433&REALMOID=06-4adfa57b-7644-43cd-8101-842e88965ef7&GUID=&SMAUTHREASON=0&METHOD=POST&SMAGENTNAME=$SM$gNW0md%2bsMuvGQzbDDuh6DYs%2bNZBvIyDUm03q6eXS44rjYkLiEidwAshKyiJ0AjbI&TARGET=$SM$https%3a%2f%2fsafe%2ethomson%2ecom%2fSAML2%2fsso%2fSAML2Service
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Dec 2020 20:14:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
143201
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32124
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 15 Dec 2021 20:14:56 GMT
__System.pageLoaded.dwr
safe.thomson.com/auth/dwr/call/plaincall/ 		200 B
758 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://safe.thomson.com/auth/dwr/call/plaincall/__System.pageLoaded.dwr
Requested by
Host: safe.thomson.com
URL: https://safe.thomson.com/auth/dwr/engine.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.231.5.34 , United States, ASN4583 (WESTPUB-A, US),
Reverse DNS
safe.ha.corptr.com
Software
Microsoft-IIS/7.5, WebSphere Application Server/7.0 / ASP.NET
Resource Hash
aab02bcf96a41b42be9345f6ad8c774d434cbb2611375c5702eaaa4c24ec8db8

Request headers

Referer
https://safe.thomson.com/auth/router?action=Login&ProtectionLevel=SAFE5&TYPE=33554433&REALMOID=06-4adfa57b-7644-43cd-8101-842e88965ef7&GUID=&SMAUTHREASON=0&METHOD=POST&SMAGENTNAME=$SM$gNW0md%2bsMuvGQzbDDuh6DYs%2bNZBvIyDUm03q6eXS44rjYkLiEidwAshKyiJ0AjbI&TARGET=$SM$https%3a%2f%2fsafe%2ethomson%2ecom%2fSAML2%2fsso%2fSAML2Service
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 17 Dec 2020 12:01:37 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/7.5, WebSphere Application Server/7.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Language
en-US
Cache-Control
no-cache="set-cookie, set-cookie2"
Content-Type
text/javascript; charset=utf-8
Content-Length
269
Expires
Thu, 01 Dec 1994 16:00:00 GMT
wrap-bg.png
safe.thomson.com/safe-ui/img/ 		952 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safe.thomson.com/safe-ui/img/wrap-bg.png
Requested by
Host: safe.thomson.com
URL: https://safe.thomson.com/safe-ui/css/style_min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.231.5.34 , United States, ASN4583 (WESTPUB-A, US),
Reverse DNS
safe.ha.corptr.com
Software
Microsoft-IIS/7.5 /
Resource Hash
f63903515e837208b0de93a9725b15ae86427d969574301b7d01e9d900e99872

Request headers

Referer
https://safe.thomson.com/safe-ui/css/style_min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 17 Dec 2020 12:01:37 GMT
Last-Modified
Tue, 18 Nov 2014 21:04:26 GMT
Server
Microsoft-IIS/7.5
ETag
"1f98463c733d01:0"
Content-Type
image/png
Cache-Control
public,max-age=604800
Accept-Ranges
bytes
Content-Length
952
sprite.gif
safe.thomson.com/safe-ui/img/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safe.thomson.com/safe-ui/img/sprite.gif
Requested by
Host: safe.thomson.com
URL: https://safe.thomson.com/safe-ui/css/style_min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.231.5.34 , United States, ASN4583 (WESTPUB-A, US),
Reverse DNS
safe.ha.corptr.com
Software
Microsoft-IIS/7.5 /
Resource Hash
02cf1424531a5cd6441fa74fb2cf625e2363c3df8e25aeccb77cb847769bf33a

Request headers

Referer
https://safe.thomson.com/safe-ui/css/style_min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 17 Dec 2020 12:01:37 GMT
Last-Modified
Tue, 18 Nov 2014 21:04:26 GMT
Server
Microsoft-IIS/7.5
ETag
"c641573c733d01:0"
Content-Type
image/gif
Cache-Control
public,max-age=604800
Accept-Ranges
bytes
Content-Length
10433
thomsonreuters_transparent.gif
safe.thomson.com/safe-ui/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safe.thomson.com/safe-ui/img/thomsonreuters_transparent.gif
Requested by
Host: safe.thomson.com
URL: https://safe.thomson.com/safe-ui/css/style_min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.231.5.34 , United States, ASN4583 (WESTPUB-A, US),
Reverse DNS
safe.ha.corptr.com
Software
Microsoft-IIS/7.5 /
Resource Hash
be135e2279b56f4dc64c4b104ac2aa151bb6ad95b31b9d7581f48f5f1aad6fd3

Request headers

Referer
https://safe.thomson.com/safe-ui/css/style_min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 17 Dec 2020 12:01:37 GMT
Last-Modified
Tue, 18 Nov 2014 21:04:26 GMT
Server
Microsoft-IIS/7.5
ETag
"ab28633c733d01:0"
Content-Type
image/gif
Cache-Control
public,max-age=604800
Accept-Ranges
bytes
Content-Length
4958
header-bg.gif
safe.thomson.com/safe-ui/img/ 		842 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safe.thomson.com/safe-ui/img/header-bg.gif
Requested by
Host: safe.thomson.com
URL: https://safe.thomson.com/safe-ui/css/style_min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.231.5.34 , United States, ASN4583 (WESTPUB-A, US),
Reverse DNS
safe.ha.corptr.com
Software
Microsoft-IIS/7.5 /
Resource Hash
d407d69bd83898e45f38abe172695de9fdd5d045ec1ca6fffa7b583858efabb2

Request headers

Referer
https://safe.thomson.com/safe-ui/css/style_min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 17 Dec 2020 12:01:37 GMT
Last-Modified
Tue, 18 Nov 2014 21:04:26 GMT
Server
Microsoft-IIS/7.5
ETag
"b333763c733d01:0"
Content-Type
image/gif
Cache-Control
public,max-age=604800
Accept-Ranges
bytes
Content-Length
842
icon-lock.png
safe.thomson.com/safe-ui/img/ 		543 B
804 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safe.thomson.com/safe-ui/img/icon-lock.png
Requested by
Host: safe.thomson.com
URL: https://safe.thomson.com/safe-ui/css/style_min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.231.5.34 , United States, ASN4583 (WESTPUB-A, US),
Reverse DNS
safe.ha.corptr.com
Software
Microsoft-IIS/7.5 /
Resource Hash
c9b87a12835f4faa9901181d23a83eccd52804829f46c4551df0fa1a7385a238

Request headers

Referer
https://safe.thomson.com/safe-ui/css/style_min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 17 Dec 2020 12:01:37 GMT
Last-Modified
Tue, 18 Nov 2014 21:04:25 GMT
Server
Microsoft-IIS/7.5
ETag
"d144253c733d01:0"
Content-Type
image/png
Cache-Control
public,max-age=604800
Accept-Ranges
bytes
Content-Length
543
input-bg.png
safe.thomson.com/safe-ui/img/ 		119 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safe.thomson.com/safe-ui/img/input-bg.png
Requested by
Host: safe.thomson.com
URL: https://safe.thomson.com/safe-ui/css/style_min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.231.5.34 , United States, ASN4583 (WESTPUB-A, US),
Reverse DNS
safe.ha.corptr.com
Software
Microsoft-IIS/7.5 /
Resource Hash
d3f1c02cda72c02f23c27dbbb6604c3887d053c8e74203ea2ecd7df721f8e080

Request headers

Referer
https://safe.thomson.com/safe-ui/css/style_min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 17 Dec 2020 12:01:37 GMT
Last-Modified
Tue, 18 Nov 2014 21:04:25 GMT
Server
Microsoft-IIS/7.5
ETag
"ff6bfa3b733d01:0"
Content-Type
image/png
Cache-Control
public,max-age=604800
Accept-Ranges
bytes
Content-Length
119
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: safe.thomson.com
URL: https://safe.thomson.com/auth/router?action=Login&ProtectionLevel=SAFE5&TYPE=33554433&REALMOID=06-4adfa57b-7644-43cd-8101-842e88965ef7&GUID=&SMAUTHREASON=0&METHOD=POST&SMAGENTNAME=$SM$gNW0md%2bsMuvGQzbDDuh6DYs%2bNZBvIyDUm03q6eXS44rjYkLiEidwAshKyiJ0AjbI&TARGET=$SM$https%3a%2f%2fsafe%2ethomson%2ecom%2fSAML2%2fsso%2fSAML2Service
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://safe.thomson.com/auth/router?action=Login&ProtectionLevel=SAFE5&TYPE=33554433&REALMOID=06-4adfa57b-7644-43cd-8101-842e88965ef7&GUID=&SMAUTHREASON=0&METHOD=POST&SMAGENTNAME=$SM$gNW0md%2bsMuvGQzbDDuh6DYs%2bNZBvIyDUm03q6eXS44rjYkLiEidwAshKyiJ0AjbI&TARGET=$SM$https%3a%2f%2fsafe%2ethomson%2ecom%2fSAML2%2fsso%2fSAML2Service
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
1186
date
Thu, 17 Dec 2020 11:41:51 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Thu, 17 Dec 2020 13:41:51 GMT
script.min.js
safe.thomson.com/safe-ui/js/ 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://safe.thomson.com/safe-ui/js/script.min.js?_=1608206497445
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.6.1/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.231.5.34 , United States, ASN4583 (WESTPUB-A, US),
Reverse DNS
safe.ha.corptr.com
Software
Microsoft-IIS/7.5 /
Resource Hash
1628d9552e67d29d36791070b49c58c24462a8fb1e4386ad35c84ca529569c01

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://safe.thomson.com/auth/router?action=Login&ProtectionLevel=SAFE5&TYPE=33554433&REALMOID=06-4adfa57b-7644-43cd-8101-842e88965ef7&GUID=&SMAUTHREASON=0&METHOD=POST&SMAGENTNAME=$SM$gNW0md%2bsMuvGQzbDDuh6DYs%2bNZBvIyDUm03q6eXS44rjYkLiEidwAshKyiJ0AjbI&TARGET=$SM$https%3a%2f%2fsafe%2ethomson%2ecom%2fSAML2%2fsso%2fSAML2Service
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 17 Dec 2020 12:01:37 GMT
Content-Encoding
gzip
Last-Modified
Tue, 18 Nov 2014 21:04:25 GMT
Server
Microsoft-IIS/7.5
ETag
"80d29c3b733d01:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=604800
Accept-Ranges
bytes
Content-Length
3131
__utm.gif
ssl.google-analytics.com/r/ 		35 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1080339536&utmhn=safe.thomson.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Sign%20in%20to%20SAFE&utmhid=1463835015&utmr=0&utmp=%2Fauth%2Frouter%3Faction%3DLogin%26ProtectionLevel%3DSAFE5%26TYPE%3D33554433%26REALMOID%3D06-4adfa57b-7644-43cd-8101-842e88965ef7%26GUID%3D%26SMAUTHREASON%3D0%26METHOD%3DPOST%26SMAGENTNAME%3D%24SM%24gNW0md%25252bsMuvGQzbDDuh6DYs%25252bNZBvIyDUm03q6eXS44rjYkLiEidwAshKyiJ0AjbI%26TARGET%3D%24SM%24https%25253a%25252f%25252fsafe%25252ethomson%25252ecom%25252fSAML2%25252fsso%25252fSAML2Service&utmht=1608206497484&utmac=UA-12968810-3&utmcc=__utma%3D232658333.1845709170.1608206497.1608206497.1608206497.1%3B%2B__utmz%3D232658333.1608206497.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1061562386&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: safe.thomson.com
URL: https://safe.thomson.com/auth/router?action=Login&ProtectionLevel=SAFE5&TYPE=33554433&REALMOID=06-4adfa57b-7644-43cd-8101-842e88965ef7&GUID=&SMAUTHREASON=0&METHOD=POST&SMAGENTNAME=$SM$gNW0md%2bsMuvGQzbDDuh6DYs%2bNZBvIyDUm03q6eXS44rjYkLiEidwAshKyiJ0AjbI&TARGET=$SM$https%3a%2f%2fsafe%2ethomson%2ecom%2fSAML2%2fsso%2fSAML2Service
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://safe.thomson.com/auth/router?action=Login&ProtectionLevel=SAFE5&TYPE=33554433&REALMOID=06-4adfa57b-7644-43cd-8101-842e88965ef7&GUID=&SMAUTHREASON=0&METHOD=POST&SMAGENTNAME=$SM$gNW0md%2bsMuvGQzbDDuh6DYs%2bNZBvIyDUm03q6eXS44rjYkLiEidwAshKyiJ0AjbI&TARGET=$SM$https%3a%2f%2fsafe%2ethomson%2ecom%2fSAML2%2fsso%2fSAML2Service
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Dec 2020 12:01:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
plugins.min.js
safe.thomson.com/safe-ui/js/ 		24 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://safe.thomson.com/safe-ui/js/plugins.min.js?_=1608206497893
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.6.1/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.231.5.34 , United States, ASN4583 (WESTPUB-A, US),
Reverse DNS
safe.ha.corptr.com
Software
Microsoft-IIS/7.5 /
Resource Hash
3d55f11a265e107bdbe4945dddaf4197a29d0bf050dce3ba5355cc2de2e2fc8c

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://safe.thomson.com/auth/router?action=Login&ProtectionLevel=SAFE5&TYPE=33554433&REALMOID=06-4adfa57b-7644-43cd-8101-842e88965ef7&GUID=&SMAUTHREASON=0&METHOD=POST&SMAGENTNAME=$SM$gNW0md%2bsMuvGQzbDDuh6DYs%2bNZBvIyDUm03q6eXS44rjYkLiEidwAshKyiJ0AjbI&TARGET=$SM$https%3a%2f%2fsafe%2ethomson%2ecom%2fSAML2%2fsso%2fSAML2Service
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 17 Dec 2020 12:01:37 GMT
Content-Encoding
gzip
Last-Modified
Tue, 18 Nov 2014 21:04:26 GMT
Server
Microsoft-IIS/7.5
ETag
"069353c733d01:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=604800
Accept-Ranges
bytes
Content-Length
7693

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| getQueryVariable object| respond string| jsSafeEnvironment string| envSuffix string| jsRoot string| cssRoot string| imageRoot string| docRoot string| dwrRoot string| dwrRoot2 undefined| SAFELogo object| dwr object| DwrMethodController string| httpMethod function| $ function| jQuery object| _gaq function| getCaptchaResults function| createSpan function| getCaptchaButtonText object| isMobile function| buildHTML object| jQuery16109337790363147165 object| _gat object| gaGlobal object| entityToCode object| charToEntity string| entityName function| UnescapeEntities function| EscapeEntities boolean| bInvalid string| completeHREF string| baseurl function| fireClickEvent function| getBaseUrl function| isDefined function| createMessageSpan function| invalidFrmInputs string| paramString function| log

9 Cookies

Domain/Path Name / Value
.safe.thomson.com/ Name: __utmb
Value: 232658333.1.10.1608206497
.safe.thomson.com/ Name: __utmt
Value: 1
.safe.thomson.com/ Name: __utmz
Value: 232658333.1608206497.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.safe.thomson.com/ Name: __utmc
Value: 232658333
safe.thomson.com/auth Name: safe2.protectionlevel
Value: SAFE5
.safe.thomson.com/ Name: __utma
Value: 232658333.1845709170.1608206497.1608206497.1608206497.1
safe.thomson.com/ Name: JSESSIONID
Value: 00000hBTvfN9ZWGGoKeOhwPFjav:-1
safe.thomson.com/ Name: BIGipServerSAFE-443
Value: 1096345507.47873.0000
safe.thomson.com/auth Name: safe2.target
Value: https://safe.thomson.com/SAML2/sso/SAML2Service

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=16070400
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
fed.octanner.net
safe.thomson.com
ssl.google-analytics.com
163.231.5.34
198.91.21.51
2a00:1450:4001:800::200a
2a00:1450:4001:80b::2008
2a00:1450:4001:824::2008
02b2f9897a04e819584fcf426f5b3569b2ff685dbb2e4672cf397dd356bf10ef
02cf1424531a5cd6441fa74fb2cf625e2363c3df8e25aeccb77cb847769bf33a
0b077275b97f382827dd8c70f4ee8d7eccd1be9b9fab33a0800de5fdea82e79a
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1628d9552e67d29d36791070b49c58c24462a8fb1e4386ad35c84ca529569c01
256cb102eb33ef95bf926da0820be68c85f35b8aa2281df48e43e73d2eeaadf5
3d55f11a265e107bdbe4945dddaf4197a29d0bf050dce3ba5355cc2de2e2fc8c
5f270b4dada904a5b43cbb16e3b1bf8201e60f4dccf96e158b62d15dd3baf58e
658f7a537ad9705b884ae48b57ae42bfa9f5c0a43ae89269e7076de5cbdc9e02
712bd07564cb32b21c51129e5b9fcaee8c79182473e16cdaacfe6ffadbd7a5eb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
92cd19b47ef2b39b732fbde1745b94d02b7ec7ce7179c7eae721dfb2697ab349
aab02bcf96a41b42be9345f6ad8c774d434cbb2611375c5702eaaa4c24ec8db8
be135e2279b56f4dc64c4b104ac2aa151bb6ad95b31b9d7581f48f5f1aad6fd3
c531168567600088d6bc7f6663ba22c4d16883069b3a61f3c6a1bc539cf7ea90
c784376960f3163dc760bc019e72e5fed78203745a5510c69992a39d1d8fe776
c9b87a12835f4faa9901181d23a83eccd52804829f46c4551df0fa1a7385a238
d3f1c02cda72c02f23c27dbbb6604c3887d053c8e74203ea2ecd7df721f8e080
d407d69bd83898e45f38abe172695de9fdd5d045ec1ca6fffa7b583858efabb2
e54dc140bf29aa03bccecdd6ffc6c4c0b9c6320fcbf86c614b0b9cc7e9f4595c
f63903515e837208b0de93a9725b15ae86427d969574301b7d01e9d900e99872