urlscan.io logo urlscan.io
SecurityTrails logo

login.thefa.com Open in urlscan Pro
2620:1ec:40::69  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://falearning.thefa.com/
Effective URL: https://login.thefa.com/b2cthefa.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1a_signup_signinactdyn&FAAppToken=LMS&scope...
Submission: On February 07 via manual from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 23 HTTP transactions. The main IP is 2620:1ec:40::69, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.thefa.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on February 2nd 2022. Valid for: a year.
This is the only time login.thefa.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 3 3.11.4.215 16509 (AMAZON-02)
4 2620:1ec:40::69 8075 (MICROSOFT...)
11 20.38.109.164 8075 (MICROSOFT...)
8 2606:4700:10:... 13335 (CLOUDFLAR...)
23 3
Apex Domain
Subdomains		 Transfer
11 windows.net
faapplogs.blob.core.windows.net
443 KB
8 onetrust.com
cdn-ukwest.onetrust.com — Cisco Umbrella Rank: 6476
geolocation.onetrust.com — Cisco Umbrella Rank: 743
113 KB
7 thefa.com
falearning.thefa.com
login.thefa.com
150 KB
23 3
Domain Requested by
11 faapplogs.blob.core.windows.net login.thefa.com
faapplogs.blob.core.windows.net
7 cdn-ukwest.onetrust.com login.thefa.com
cdn-ukwest.onetrust.com
4 login.thefa.com login.thefa.com
3 falearning.thefa.com 3 redirects
1 geolocation.onetrust.com cdn-ukwest.onetrust.com
23 5

This site contains links to these domains. Also see Links.

Domain
falearning.thefa.com
www.thefa.com
pffmyaccountpp.thefa.com
www.onetrust.com
Subject Issuer Validity Valid
login.thefa.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-02 -
2023-02-02		 a year crt.sh
*.blob.core.windows.net
Microsoft RSA TLS CA 01		 2021-12-13 -
2022-12-13		 a year crt.sh
*.onetrust.com
DigiCert SHA2 Secure Server CA		 2020-05-21 -
2022-07-27		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://login.thefa.com/b2cthefa.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1a_signup_signinactdyn&FAAppToken=LMS&scope=https%3A%2F%2Fb2cthefa.onmicrosoft.com%2FActScopeApp%2FWRITE%20https%3A%2F%2Fb2cthefa.onmicrosoft.com%2FActScopeApp%2FREAD%20https%3A%2F%2Fb2cthefa.onmicrosoft.com%2FActScopeApp%2Fuser_impersonation%20openid%20email%20profile&client_id=405d82df-a242-40c1-b379-b82489b80765&nonce=N6200ee9d270f6&response_mode=form_post&resource=https%3A%2F%2Fgraph.windows.net&response_type=code&prompt=login&state=e7vchI3czfYW1B2&redirect_uri=https%3A%2F%2Ffalearning.thefa.com%2Fauth%2Fazureb2c%2F&ui_locales=en
Frame ID: BE258933AEA86A4BD02BF18EB90341C0
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign InBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

  1. http://falearning.thefa.com/ HTTP 301
    https://falearning.thefa.com/ HTTP 303
    https://falearning.thefa.com/login/index.php HTTP 303
    https://login.thefa.com/b2cthefa.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1a_signup_signinactdyn&... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • otSDKStub\.js

Page Statistics

23
Requests

100 %
HTTPS

50 %
IPv6

3
Domains

5
Subdomains

3
IPs

3
Countries

704 kB
Transfer

1033 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://falearning.thefa.com/ HTTP 301
    https://falearning.thefa.com/ HTTP 303
    https://falearning.thefa.com/login/index.php HTTP 303
    https://login.thefa.com/b2cthefa.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1a_signup_signinactdyn&FAAppToken=LMS&scope=https%3A%2F%2Fb2cthefa.onmicrosoft.com%2FActScopeApp%2FWRITE%20https%3A%2F%2Fb2cthefa.onmicrosoft.com%2FActScopeApp%2FREAD%20https%3A%2F%2Fb2cthefa.onmicrosoft.com%2FActScopeApp%2Fuser_impersonation%20openid%20email%20profile&client_id=405d82df-a242-40c1-b379-b82489b80765&nonce=N6200ee9d270f6&response_mode=form_post&resource=https%3A%2F%2Fgraph.windows.net&response_type=code&prompt=login&state=e7vchI3czfYW1B2&redirect_uri=https%3A%2F%2Ffalearning.thefa.com%2Fauth%2Fazureb2c%2F&ui_locales=en Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request authorize
login.thefa.com/b2cthefa.onmicrosoft.com/oauth2/v2.0/
Redirect Chain
  • http://falearning.thefa.com/
  • https://falearning.thefa.com/
  • https://falearning.thefa.com/login/index.php
  • https://login.thefa.com/b2cthefa.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1a_signup_signinactdyn&FAAppToken=LMS&scope=https%3A%2F%2Fb2cthefa.onmicrosoft.com%2FActScopeApp%2FWRITE%20https%3A%2F%2...
146 KB
148 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.thefa.com/b2cthefa.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1a_signup_signinactdyn&FAAppToken=LMS&scope=https%3A%2F%2Fb2cthefa.onmicrosoft.com%2FActScopeApp%2FWRITE%20https%3A%2F%2Fb2cthefa.onmicrosoft.com%2FActScopeApp%2FREAD%20https%3A%2F%2Fb2cthefa.onmicrosoft.com%2FActScopeApp%2Fuser_impersonation%20openid%20email%20profile&client_id=405d82df-a242-40c1-b379-b82489b80765&nonce=N6200ee9d270f6&response_mode=form_post&resource=https%3A%2F%2Fgraph.windows.net&response_type=code&prompt=login&state=e7vchI3czfYW1B2&redirect_uri=https%3A%2F%2Ffalearning.thefa.com%2Fauth%2Fazureb2c%2F&ui_locales=en
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:40::69 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ecc0ad7c09aebcb34ff664cc9d99a61d506493fe608d80c5f8650e870ee178c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9

Response headers

cache-control
no-store, must-revalidate, no-cache
allow
OPTIONS,TRACE,GET,HEAD,POST
content-length
149604
content-type
text/html; charset=utf-8
expires
-1
x-ms-gateway-requestid
0c15cbf4-5351-47e6-89d4-e9f38b9841c6
x-ua-compatible
IE=edge
x-request-id
3ad7aab8-42d6-48b5-8a39-2eaf37e0aead
x-build
1.0.2492.0
x-frame-options
DENY
public
OPTIONS,TRACE,GET,HEAD,POST
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-xss-protection
1; mode=block
x-cache
CONFIG_NOCACHE
x-azure-ref
0nu4AYgAAAACNmMxmyKmwR5PXqhtkA44pTU5aMjIxMDYwNjEyMDA5ADQxZjFlNmY0LWRkODktNDZlOC05Y2IxLTNmOGRhYTUwOWQ0MA==
date
Mon, 07 Feb 2022 10:04:13 GMT

Redirect headers

Server
nginx
Date
Mon, 07 Feb 2022 10:04:13 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Location
https://login.thefa.com/b2cthefa.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1a_signup_signinactdyn&FAAppToken=LMS&scope=https%3A%2F%2Fb2cthefa.onmicrosoft.com%2FActScopeApp%2FWRITE%20https%3A%2F%2Fb2cthefa.onmicrosoft.com%2FActScopeApp%2FREAD%20https%3A%2F%2Fb2cthefa.onmicrosoft.com%2FActScopeApp%2Fuser_impersonation%20openid%20email%20profile&client_id=405d82df-a242-40c1-b379-b82489b80765&nonce=N6200ee9d270f6&response_mode=form_post&resource=https%3A%2F%2Fgraph.windows.net&response_type=code&prompt=login&state=e7vchI3czfYW1B2&redirect_uri=https%3A%2F%2Ffalearning.thefa.com%2Fauth%2Fazureb2c%2F&ui_locales=en
Content-Language
en
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
indexLMSPRDV1.html
faapplogs.blob.core.windows.net/b2cact/ 		24 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://faapplogs.blob.core.windows.net/b2cact/indexLMSPRDV1.html?FAAppToken=LMS&ClientId=405d82df-a242-40c1-b379-b82489b80765
Requested by
Host: login.thefa.com
URL: https://login.thefa.com/b2cthefa.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1a_signup_signinactdyn&FAAppToken=LMS&scope=https%3A%2F%2Fb2cthefa.onmicrosoft.com%2FActScopeApp%2FWRITE%20https%3A%2F%2Fb2cthefa.onmicrosoft.com%2FActScopeApp%2FREAD%20https%3A%2F%2Fb2cthefa.onmicrosoft.com%2FActScopeApp%2Fuser_impersonation%20openid%20email%20profile&client_id=405d82df-a242-40c1-b379-b82489b80765&nonce=N6200ee9d270f6&response_mode=form_post&resource=https%3A%2F%2Fgraph.windows.net&response_type=code&prompt=login&state=e7vchI3czfYW1B2&redirect_uri=https%3A%2F%2Ffalearning.thefa.com%2Fauth%2Fazureb2c%2F&ui_locales=en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.38.109.164 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a8ae527e83eead868a963b9f729d7d16ac77ff8b0a58641224c09cc28cf28824

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://login.thefa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 07 Feb 2022 10:04:14 GMT
Last-Modified
Tue, 07 Sep 2021 14:04:38 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
7U3RdXqBF32VW5u015FoLw==
ETag
0x8D972086E674ABD
Content-Type
text/html
Access-Control-Allow-Origin
*
x-ms-request-id
8415451c-001e-0004-750a-1c1a79000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
24728
styles.css
faapplogs.blob.core.windows.net/b2cact/ 		346 B
978 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://faapplogs.blob.core.windows.net/b2cact/styles.css
Requested by
Host: login.thefa.com
URL: https://login.thefa.com/b2cthefa.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1a_signup_signinactdyn&FAAppToken=LMS&scope=https%3A%2F%2Fb2cthefa.onmicrosoft.com%2FActScopeApp%2FWRITE%20https%3A%2F%2Fb2cthefa.onmicrosoft.com%2FActScopeApp%2FREAD%20https%3A%2F%2Fb2cthefa.onmicrosoft.com%2FActScopeApp%2Fuser_impersonation%20openid%20email%20profile&client_id=405d82df-a242-40c1-b379-b82489b80765&nonce=N6200ee9d270f6&response_mode=form_post&resource=https%3A%2F%2Fgraph.windows.net&response_type=code&prompt=login&state=e7vchI3czfYW1B2&redirect_uri=https%3A%2F%2Ffalearning.thefa.com%2Fauth%2Fazureb2c%2F&ui_locales=en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.38.109.164 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d4f3457006d69567f44bda1101a321724a1020a275e73820a5b12e5aa2fc9883

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://login.thefa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 07 Feb 2022 10:04:15 GMT
Last-Modified
Wed, 19 Feb 2020 09:40:22 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
XYEEdpIKt4ZUumREn5b8Fg==
ETag
0x8D7B51FBD936073
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
x-ms-request-id
334cb74a-601e-005f-340a-1c2342000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
346
otSDKStub.js
cdn-ukwest.onetrust.com/scripttemplates/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js
Requested by
Host: login.thefa.com
URL: https://login.thefa.com/b2cthefa.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1a_signup_signinactdyn&FAAppToken=LMS&scope=https%3A%2F%2Fb2cthefa.onmicrosoft.com%2FActScopeApp%2FWRITE%20https%3A%2F%2Fb2cthefa.onmicrosoft.com%2FActScopeApp%2FREAD%20https%3A%2F%2Fb2cthefa.onmicrosoft.com%2FActScopeApp%2Fuser_impersonation%20openid%20email%20profile&client_id=405d82df-a242-40c1-b379-b82489b80765&nonce=N6200ee9d270f6&response_mode=form_post&resource=https%3A%2F%2Fgraph.windows.net&response_type=code&prompt=login&state=e7vchI3czfYW1B2&redirect_uri=https%3A%2F%2Ffalearning.thefa.com%2Fauth%2Fazureb2c%2F&ui_locales=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
134482ec36c8980c2c7a3f2454c76546abcd612c9ae596d011251a7cd1d0fcbb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://login.thefa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 07 Feb 2022 10:04:15 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
content-md5
IVhKS9vCZ6N2xbLKU0Dl/w==
age
1878
content-length
6456
x-ms-lease-status
unlocked
last-modified
Tue, 25 Jan 2022 21:00:42 GMT
server
cloudflare
etag
0x8D9E045BF8ADDD1
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
9cd760a8-401e-0047-7b32-12fbf0000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6d9bcb04bffa775b-LHR
expires
Mon, 07 Feb 2022 14:04:15 GMT
BG_Desktop.jpg
login.thefa.com/b2cthefa.onmicrosoft.com/oauth2/v2.0/ 		103 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.thefa.com/b2cthefa.onmicrosoft.com/oauth2/v2.0/BG_Desktop.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:40::69 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
90b2d35cd5e08370ed20db81197dd9da1a4dbb421f71293fd5733ea49eb7b3e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://login.thefa.com/b2cthefa.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1a_signup_signinactdyn&FAAppToken=LMS&scope=https%3A%2F%2Fb2cthefa.onmicrosoft.com%2FActScopeApp%2FWRITE%20https%3A%2F%2Fb2cthefa.onmicrosoft.com%2FActScopeApp%2FREAD%20https%3A%2F%2Fb2cthefa.onmicrosoft.com%2FActScopeApp%2Fuser_impersonation%20openid%20email%20profile&client_id=405d82df-a242-40c1-b379-b82489b80765&nonce=N6200ee9d270f6&response_mode=form_post&resource=https%3A%2F%2Fgraph.windows.net&response_type=code&prompt=login&state=e7vchI3czfYW1B2&redirect_uri=https%3A%2F%2Ffalearning.thefa.com%2Fauth%2Fazureb2c%2F&ui_locales=en
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
date
Mon, 07 Feb 2022 10:04:14 GMT
x-azure-ref
0n+4AYgAAAADfLFsr3NoaR4DpJeFacLShTU5aMjIxMDYwNjEyMDA5ADQxZjFlNmY0LWRkODktNDZlOC05Y2IxLTNmOGRhYTUwOWQ0MA==
x-cache
CONFIG_NOCACHE
content-type
text/html
content-length
103
x-xss-protection
1; mode=block
btn-arrow.svg
login.thefa.com/b2cthefa.onmicrosoft.com/oauth2/v2.0/ 		103 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.thefa.com/b2cthefa.onmicrosoft.com/oauth2/v2.0/btn-arrow.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:40::69 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
90b2d35cd5e08370ed20db81197dd9da1a4dbb421f71293fd5733ea49eb7b3e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://login.thefa.com/b2cthefa.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1a_signup_signinactdyn&FAAppToken=LMS&scope=https%3A%2F%2Fb2cthefa.onmicrosoft.com%2FActScopeApp%2FWRITE%20https%3A%2F%2Fb2cthefa.onmicrosoft.com%2FActScopeApp%2FREAD%20https%3A%2F%2Fb2cthefa.onmicrosoft.com%2FActScopeApp%2Fuser_impersonation%20openid%20email%20profile&client_id=405d82df-a242-40c1-b379-b82489b80765&nonce=N6200ee9d270f6&response_mode=form_post&resource=https%3A%2F%2Fgraph.windows.net&response_type=code&prompt=login&state=e7vchI3czfYW1B2&redirect_uri=https%3A%2F%2Ffalearning.thefa.com%2Fauth%2Fazureb2c%2F&ui_locales=en
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
date
Mon, 07 Feb 2022 10:04:14 GMT
x-azure-ref
0n+4AYgAAAABwbcDBW+J9SLUXwh+QlBe2TU5aMjIxMDYwNjEyMDA5ADQxZjFlNmY0LWRkODktNDZlOC05Y2IxLTNmOGRhYTUwOWQ0MA==
x-cache
CONFIG_NOCACHE
content-type
text/html
content-length
103
x-xss-protection
1; mode=block
perftrace
login.thefa.com/b2cthefa.onmicrosoft.com/B2C_1A_signup_signinACTDYN/client/ 		0
173 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://login.thefa.com/b2cthefa.onmicrosoft.com/B2C_1A_signup_signinACTDYN/client/perftrace?tx=StateProperties=eyJUSUQiOiIzYWQ3YWFiOC00MmQ2LTQ4YjUtOGEzOS0yZWFmMzdlMGFlYWQifQ&p=B2C_1A_signup_signinACTDYN
Requested by
Host: login.thefa.com
URL: https://login.thefa.com/b2cthefa.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1a_signup_signinactdyn&FAAppToken=LMS&scope=https%3A%2F%2Fb2cthefa.onmicrosoft.com%2FActScopeApp%2FWRITE%20https%3A%2F%2Fb2cthefa.onmicrosoft.com%2FActScopeApp%2FREAD%20https%3A%2F%2Fb2cthefa.onmicrosoft.com%2FActScopeApp%2Fuser_impersonation%20openid%20email%20profile&client_id=405d82df-a242-40c1-b379-b82489b80765&nonce=N6200ee9d270f6&response_mode=form_post&resource=https%3A%2F%2Fgraph.windows.net&response_type=code&prompt=login&state=e7vchI3czfYW1B2&redirect_uri=https%3A%2F%2Ffalearning.thefa.com%2Fauth%2Fazureb2c%2F&ui_locales=en
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:40::69 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://login.thefa.com/b2cthefa.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1a_signup_signinactdyn&FAAppToken=LMS&scope=https%3A%2F%2Fb2cthefa.onmicrosoft.com%2FActScopeApp%2FWRITE%20https%3A%2F%2Fb2cthefa.onmicrosoft.com%2FActScopeApp%2FREAD%20https%3A%2F%2Fb2cthefa.onmicrosoft.com%2FActScopeApp%2Fuser_impersonation%20openid%20email%20profile&client_id=405d82df-a242-40c1-b379-b82489b80765&nonce=N6200ee9d270f6&response_mode=form_post&resource=https%3A%2F%2Fgraph.windows.net&response_type=code&prompt=login&state=e7vchI3czfYW1B2&redirect_uri=https%3A%2F%2Ffalearning.thefa.com%2Fauth%2Fazureb2c%2F&ui_locales=en
X-CSRF-TOKEN
dUQxQXlPdXR1TlhwV3Fnd2NxK1MrZi90MERPdG1MZjZDZWZMWVBwaVhBSmNsMjBUQUc4b2ppWUladDdqd0xEVXZZaTFZOVVzVVdGWjJSM291R01ndWc9PTsyMDIyLTAyLTA3VDEwOjA0OjE0LjIzNTM3NFo7K1NHWUF1eFdDbERyQnB3aTIwemlVZz09O3siT3JjaGVzdHJhdGlvblN0ZXAiOjJ9
X-Requested-With
XMLHttpRequest
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
date
Mon, 07 Feb 2022 10:04:15 GMT
x-ms-gateway-requestid
4501fa44-8c53-4496-8186-2d0ac1512750
x-frame-options
DENY
x-cache
CONFIG_NOCACHE
public
OPTIONS,TRACE,GET,HEAD,POST
cache-control
no-store, must-revalidate, no-cache
x-azure-ref
0n+4AYgAAAABmnYDJhnxhRaHdAW5oeiXyTU5aMjIxMDYwNjEyMDA5ADQxZjFlNmY0LWRkODktNDZlOC05Y2IxLTNmOGRhYTUwOWQ0MA==
allow
OPTIONS,TRACE,GET,HEAD,POST
content-length
0
x-xss-protection
1; mode=block
41536284-5e9f-4b08-a1c2-9254a0317187.json
cdn-ukwest.onetrust.com/consent/41536284-5e9f-4b08-a1c2-9254a0317187/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/consent/41536284-5e9f-4b08-a1c2-9254a0317187/41536284-5e9f-4b08-a1c2-9254a0317187.json
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47fa7aed66761e3bd81facf89250e086bb875393dc5fe4ebeb59309fc8fcdeb5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://login.thefa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 07 Feb 2022 10:04:15 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
content-md5
ztLQjD3D/pS0HPRkphwoVA==
age
2573
content-length
1244
x-ms-lease-status
unlocked
last-modified
Mon, 25 Oct 2021 09:30:26 GMT
server
cloudflare
etag
0x8D9979A13E1AF5E
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
50e11de3-e01e-0041-68f0-110c88000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6d9bcb05bcbe4057-LHR
bootstrap.min.css
faapplogs.blob.core.windows.net/b2cact/ 		118 KB
119 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://faapplogs.blob.core.windows.net/b2cact/bootstrap.min.css
Requested by
Host: faapplogs.blob.core.windows.net
URL: https://faapplogs.blob.core.windows.net/b2cact/styles.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.38.109.164 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5a3d8c05785485d36ee5c94d4681e5b1d9e4b94c5be8b5bd7b0f3168fff1bd9a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://faapplogs.blob.core.windows.net/b2cact/styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 07 Feb 2022 10:04:15 GMT
Last-Modified
Wed, 19 Feb 2020 09:40:22 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
UFfzIfDchc2NqUoMX2eo9A==
ETag
0x8D7B51FBD944B15
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
x-ms-request-id
334cb782-601e-005f-690a-1c2342000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
121205
fonts.css
faapplogs.blob.core.windows.net/b2cact/ 		3 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://faapplogs.blob.core.windows.net/b2cact/fonts.css
Requested by
Host: faapplogs.blob.core.windows.net
URL: https://faapplogs.blob.core.windows.net/b2cact/styles.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.38.109.164 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
612e6d06616717ae1e7516fd9204e5fb737a54714882e35cb914df6a9facf80e

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://faapplogs.blob.core.windows.net/b2cact/styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 07 Feb 2022 10:04:15 GMT
Last-Modified
Thu, 01 Apr 2021 06:13:41 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
/0Ka4oI7Oh4yrFWPnH++uQ==
ETag
0x8D8F4D54C2C0B69
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
x-ms-request-id
f418f92f-001e-0049-1c0a-1cd595000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
3468
common.css
faapplogs.blob.core.windows.net/b2cact/ 		4 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://faapplogs.blob.core.windows.net/b2cact/common.css
Requested by
Host: faapplogs.blob.core.windows.net
URL: https://faapplogs.blob.core.windows.net/b2cact/styles.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.38.109.164 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f740848fc85af5ba27780811314c1bbdf625b7f467d3313bc74b6095092f25cd

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://faapplogs.blob.core.windows.net/b2cact/styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 07 Feb 2022 10:04:15 GMT
Last-Modified
Wed, 19 Feb 2020 09:40:22 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
Fw+Zv+UzvHTCYGKxxf2t8Q==
ETag
0x8D7B51FBD933958
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
x-ms-request-id
e01fbf07-b01e-0011-200a-1c0dca000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
4320
login.min.css
faapplogs.blob.core.windows.net/b2cact/ 		17 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://faapplogs.blob.core.windows.net/b2cact/login.min.css
Requested by
Host: faapplogs.blob.core.windows.net
URL: https://faapplogs.blob.core.windows.net/b2cact/styles.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.38.109.164 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
483302f3e5ad7033c62c19d496bf4b58f1d6bbc03988567bba50a298394108cd

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://faapplogs.blob.core.windows.net/b2cact/styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 07 Feb 2022 10:04:15 GMT
Last-Modified
Tue, 11 Aug 2020 11:18:24 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
40yGF6dtJUe1MoHgYO+6EQ==
ETag
0x8D83DE84334733A
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
x-ms-request-id
07e0a757-301e-0042-420a-1c2efe000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
17914
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		176 B
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bb57548114158248eff7588b52a51a1740695dd8792bd45227246b0f77d31c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://login.thefa.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 10:04:15 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6d9bcb062d484057-LHR
access-control-allow-headers
Content-Type
otBannerSdk.js
cdn-ukwest.onetrust.com/scripttemplates/6.21.0/ 		311 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/scripttemplates/6.21.0/otBannerSdk.js
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0068b328dc886133e94de712c57b93368f820f34c3dc9562792b36bace8599c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://login.thefa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 07 Feb 2022 10:04:15 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
content-md5
pGGMtIN6zlnW55bGN1NE3w==
age
1868
content-length
75797
x-ms-lease-status
unlocked
last-modified
Tue, 20 Jul 2021 20:08:29 GMT
server
cloudflare
etag
0x8D94BBA244BE35A
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
2c6c47ff-701e-0000-59ef-11249b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6d9bcb068b74775b-LHR
expires
Mon, 07 Feb 2022 14:04:15 GMT
BG_Desktop.jpg
faapplogs.blob.core.windows.net/b2cact/ 		94 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://faapplogs.blob.core.windows.net/b2cact/BG_Desktop.jpg
Requested by
Host: faapplogs.blob.core.windows.net
URL: https://faapplogs.blob.core.windows.net/b2cact/login.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.38.109.164 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b3ee9cd947dfde6ed50b1c23032191b14dfb96cbe146810455274ff20abbbf38

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://faapplogs.blob.core.windows.net/b2cact/login.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 07 Feb 2022 10:04:15 GMT
Last-Modified
Wed, 19 Feb 2020 09:40:22 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
Gxj4t/wQhSItWOXuY3ep3w==
ETag
0x8D7B51FBD944B15
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
x-ms-request-id
e01fbf2c-b01e-0011-380a-1c0dca000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
95862
FSJackPoster.woff
faapplogs.blob.core.windows.net/b2cact/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://faapplogs.blob.core.windows.net/b2cact/FSJackPoster.woff
Requested by
Host: faapplogs.blob.core.windows.net
URL: https://faapplogs.blob.core.windows.net/b2cact/fonts.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.38.109.164 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
aacee381ce097e426a86b328c475db3a8014b7cf30781da6e1d71761d71de02f

Request headers

Referer
https://faapplogs.blob.core.windows.net/b2cact/fonts.css
Origin
https://login.thefa.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 07 Feb 2022 10:04:15 GMT
Last-Modified
Wed, 19 Feb 2020 09:40:22 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
otpR59VAPKVRJcq7WZ0v3w==
ETag
0x8D7B51FBD94C05A
Content-Type
font/woff
Access-Control-Allow-Origin
*
x-ms-request-id
841546fc-001e-0004-240a-1c1a79000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
47904
FSJack.woff
faapplogs.blob.core.windows.net/b2cact/ 		48 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://faapplogs.blob.core.windows.net/b2cact/FSJack.woff
Requested by
Host: faapplogs.blob.core.windows.net
URL: https://faapplogs.blob.core.windows.net/b2cact/fonts.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.38.109.164 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
8cb17377a0475b73f8277764d2997fcf7319f926aae4e84a3932ce89f037cb08

Request headers

Referer
https://faapplogs.blob.core.windows.net/b2cact/fonts.css
Origin
https://login.thefa.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 07 Feb 2022 10:04:15 GMT
Last-Modified
Wed, 19 Feb 2020 09:40:22 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
xc7AlYN0Ur+y5bnbXEfvJQ==
ETag
0x8D7B51FBD94E776
Content-Type
font/woff
Access-Control-Allow-Origin
*
x-ms-request-id
84154755-001e-0004-750a-1c1a79000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
48984
btn-arrow.svg
faapplogs.blob.core.windows.net/b2cact/ 		963 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://faapplogs.blob.core.windows.net/b2cact/btn-arrow.svg
Requested by
Host: faapplogs.blob.core.windows.net
URL: https://faapplogs.blob.core.windows.net/b2cact/login.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.38.109.164 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
7b90487a87559d0538b7ad7310a27767b04f8e78e25aa54837e4c93c3f286893

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://faapplogs.blob.core.windows.net/b2cact/login.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 07 Feb 2022 10:04:15 GMT
Last-Modified
Wed, 19 Feb 2020 09:40:22 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
PIg6DWQjnNgslBfxfjjIxQ==
ETag
0x8D7B51FBD93D5C6
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
x-ms-request-id
07e0a788-301e-0042-700a-1c2efe000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
963
fs_jack-bold.woff
faapplogs.blob.core.windows.net/b2cact/ 		79 KB
79 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://faapplogs.blob.core.windows.net/b2cact/fs_jack-bold.woff
Requested by
Host: faapplogs.blob.core.windows.net
URL: https://faapplogs.blob.core.windows.net/b2cact/fonts.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.38.109.164 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a0cbbd1ec54f0581843aabf286947e6ed23b3f047dc76e71962495fd0b61188d

Request headers

Referer
https://faapplogs.blob.core.windows.net/b2cact/fonts.css
Origin
https://login.thefa.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 07 Feb 2022 10:04:15 GMT
Last-Modified
Wed, 19 Feb 2020 09:40:22 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
8LnS3/l/CKjQ5Ti4brzkKQ==
ETag
0x8D7B51FBD947235
Content-Type
font/woff
Access-Control-Allow-Origin
*
x-ms-request-id
230662d2-b01e-002e-580a-1cc569000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
80560
en.json
cdn-ukwest.onetrust.com/consent/41536284-5e9f-4b08-a1c2-9254a0317187/9701b50b-31ed-4a0b-91b6-76f596177c3b/ 		37 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/consent/41536284-5e9f-4b08-a1c2-9254a0317187/9701b50b-31ed-4a0b-91b6-76f596177c3b/en.json
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/6.21.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0755bb0bbefe6745269f3c61a7380588dfb1527dbee680cb36146c9ce92bfb8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://login.thefa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 07 Feb 2022 10:04:15 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
content-md5
zNJuvN3cLvDRAE29ZiRTLg==
age
2571
content-length
10897
x-ms-lease-status
unlocked
last-modified
Mon, 25 Oct 2021 09:30:31 GMT
server
cloudflare
etag
0x8D9979A1733A563
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
c5d29abf-001e-002d-53f0-11a75b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6d9bcb075ed04057-LHR
otFlat.json
cdn-ukwest.onetrust.com/scripttemplates/6.21.0/assets/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/scripttemplates/6.21.0/assets/otFlat.json
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/6.21.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72562f00bd821b6edc0368065bf009468955ba01f8ead742d8bbc2470c4358c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://login.thefa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 07 Feb 2022 10:04:15 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
content-md5
h27oznMDITC5RVEkLZtwKw==
age
2571
content-length
2950
x-ms-lease-status
unlocked
last-modified
Tue, 20 Jul 2021 20:08:21 GMT
server
cloudflare
etag
0x8D94BBA1F439556
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
465bbef4-401e-0065-2cf0-1195c6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6d9bcb07df504057-LHR
expires
Mon, 07 Feb 2022 14:04:15 GMT
otPcPanel.json
cdn-ukwest.onetrust.com/scripttemplates/6.21.0/assets/v2/ 		47 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/scripttemplates/6.21.0/assets/v2/otPcPanel.json
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/6.21.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a8a26d3efad04ddfeacd48c69e9e1ff2eea2b9af102f33dc30426711af4ded1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://login.thefa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 07 Feb 2022 10:04:15 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
content-md5
u8EaqidU9OSNaAt9Am0JZQ==
age
2571
content-length
11487
x-ms-lease-status
unlocked
last-modified
Tue, 20 Jul 2021 20:08:22 GMT
server
cloudflare
etag
0x8D94BBA206774CC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
b5bcbc1c-501e-0071-0df0-1156a2000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6d9bcb07df514057-LHR
expires
Mon, 07 Feb 2022 14:04:15 GMT
otCommonStyles.css
cdn-ukwest.onetrust.com/scripttemplates/6.21.0/assets/ 		20 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/scripttemplates/6.21.0/assets/otCommonStyles.css
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/6.21.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6be3efeb998248db9cc1083aef162ee483cbde10b893057e4b5ae1a612c0ae3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://login.thefa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 07 Feb 2022 10:04:15 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
content-md5
F/Fs54+x9bQK/ULkNRp4fA==
age
2571
x-ms-lease-status
unlocked
last-modified
Tue, 20 Jul 2021 20:08:36 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
f2681480-a01e-0046-1af0-11fa0d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
cf-ray
6d9bcb07df524057-LHR
expires
Mon, 07 Feb 2022 14:04:15 GMT

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| CP object| SA_FIELDS object| CONTENT object| SETTINGS string| staticHost string| targetSlice string| targetDc number| initializationTimeout boolean| diagsAlways number| maxTrace function| PageLoadTime function| _isFunction function| _mapObject function| _getPerformanceObjectData function| $trace object| $diags object| $santizer object| preloadCssLink object| $i2e object| $element function| checkCssPreloaded function| preloadJavaScript object| $cors function| applyTenantBranding function| sendPageLoadTime function| $ function| jQuery boolean| pageReady object| Handlebars boolean| contentReady function| OptanonWrapper object| OneTrustStub string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer object| otStubData object| Optanon object| OneTrust

4 Cookies

Domain/Path Name / Value
falearning.thefa.com/ Name: TotaraSessiontot9template
Value: 8afd3a8d155298aa86762c2c14340334
.login.thefa.com/ Name: x-ms-cpim-csrf
Value: dUQxQXlPdXR1TlhwV3Fnd2NxK1MrZi90MERPdG1MZjZDZWZMWVBwaVhBSmNsMjBUQUc4b2ppWUladDdqd0xEVXZZaTFZOVVzVVdGWjJSM291R01ndWc9PTsyMDIyLTAyLTA3VDEwOjA0OjE0LjIzNTM3NFo7K1NHWUF1eFdDbERyQnB3aTIwemlVZz09O3siT3JjaGVzdHJhdGlvblN0ZXAiOjJ9
.login.thefa.com/ Name: x-ms-cpim-cache|ukrxotzctuikos6vn-curq_0
Value: m1.UWmxplSwVarKGukk.DrL8LIIeR8PuY3iLL3VODA==.0.acjUNPnE5DTM8Rw1nHFbVUEhZiUrJdLPphUoDaTcf6j5WifRgZil87dpI6C/zEwLcJCN8metztZMqJzJPL9OEFF47BTD9cMnHXWGmqCANz7JKmVtTi/rN0pxcwZjwNJ51LwmWCCPT3yGNuiknbL8B+vD5RrvZNitqEk4c7sMvXTbYC0e8oMQl2gZdk9hqmMBQ4TIbW56mBKc1XyBYDfelIZsfvtwhMdm11i0vTbMYHCsGSRZhm/bYWZMBd+QJ3oLZrUTTgGhOfoc4/v89pAwXvttRulSLfRM9Kc83wnVGOblV8aR+GgMVW5XuHDmpprZlOrjISVvbTWlAK6wkl7C7rVEzmZ0rARhD6NSSoIQGmxoIMDSw24rUoDepVY3Y7rKTDAyjNB6l7TsY2SbibOHfKvoLdVvzMFXd/yU4Zi7Hk7xjoT2N5VB8jyNFCSY6cNIc/zuFIv0y8AhB1WMZAxNLTRFBRkBx0PAKV98SVfHN2LgpjsRVN1zrffzTywhOyqnWZrhVYyakSY3lRhXPxIpdrxr/SIRyH49bvU+6YS7nnU1CogLgR06PT7gFZqKdYXPoueNxjHta7zG6TCBAX4LqviEPL8RoXrm35ZujQNsKJlxsuZMDC02qsQ6a9/X72e6266oyT5iNl08PhsZn+MX0bX7JlBFSimLWlKSID5hqItSu15V1vzSb1qcaZhKSKkP78NWw4QC1jmnG3W5XEEhWYJlLE3iGdQD0nhQqG5Kzc8z4y+jn2MWVYvw/ohsDSETEuCcrCC81LY=
.login.thefa.com/ Name: x-ms-cpim-trans
Value: eyJUX0RJQyI6W3siSSI6IjNhZDdhYWI4LTQyZDYtNDhiNS04YTM5LTJlYWYzN2UwYWVhZCIsIlQiOiJiMmN0aGVmYS5vbm1pY3Jvc29mdC5jb20iLCJQIjoiYjJjXzFhX3NpZ251cF9zaWduaW5hY3RkeW4iLCJDIjoiNDA1ZDgyZGYtYTI0Mi00MGMxLWIzNzktYjgyNDg5YjgwNzY1IiwiUyI6MSwiTSI6e30sIkQiOjB9XSwiQ19JRCI6IjNhZDdhYWI4LTQyZDYtNDhiNS04YTM5LTJlYWYzN2UwYWVhZCJ9

2 Console Messages

Source Level URL
Text
network error URL: https://login.thefa.com/b2cthefa.onmicrosoft.com/oauth2/v2.0/BG_Desktop.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://login.thefa.com/b2cthefa.onmicrosoft.com/oauth2/v2.0/btn-arrow.svg
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn-ukwest.onetrust.com
faapplogs.blob.core.windows.net
falearning.thefa.com
geolocation.onetrust.com
login.thefa.com
20.38.109.164
2606:4700:10::6814:b844
2620:1ec:40::69
3.11.4.215
0068b328dc886133e94de712c57b93368f820f34c3dc9562792b36bace8599c0
134482ec36c8980c2c7a3f2454c76546abcd612c9ae596d011251a7cd1d0fcbb
47fa7aed66761e3bd81facf89250e086bb875393dc5fe4ebeb59309fc8fcdeb5
483302f3e5ad7033c62c19d496bf4b58f1d6bbc03988567bba50a298394108cd
5a3d8c05785485d36ee5c94d4681e5b1d9e4b94c5be8b5bd7b0f3168fff1bd9a
612e6d06616717ae1e7516fd9204e5fb737a54714882e35cb914df6a9facf80e
6be3efeb998248db9cc1083aef162ee483cbde10b893057e4b5ae1a612c0ae3a
72562f00bd821b6edc0368065bf009468955ba01f8ead742d8bbc2470c4358c4
7b90487a87559d0538b7ad7310a27767b04f8e78e25aa54837e4c93c3f286893
8cb17377a0475b73f8277764d2997fcf7319f926aae4e84a3932ce89f037cb08
90b2d35cd5e08370ed20db81197dd9da1a4dbb421f71293fd5733ea49eb7b3e1
9a8a26d3efad04ddfeacd48c69e9e1ff2eea2b9af102f33dc30426711af4ded1
9bb57548114158248eff7588b52a51a1740695dd8792bd45227246b0f77d31c0
a0cbbd1ec54f0581843aabf286947e6ed23b3f047dc76e71962495fd0b61188d
a8ae527e83eead868a963b9f729d7d16ac77ff8b0a58641224c09cc28cf28824
aacee381ce097e426a86b328c475db3a8014b7cf30781da6e1d71761d71de02f
b3ee9cd947dfde6ed50b1c23032191b14dfb96cbe146810455274ff20abbbf38
d4f3457006d69567f44bda1101a321724a1020a275e73820a5b12e5aa2fc9883
e0755bb0bbefe6745269f3c61a7380588dfb1527dbee680cb36146c9ce92bfb8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecc0ad7c09aebcb34ff664cc9d99a61d506493fe608d80c5f8650e870ee178c8
f740848fc85af5ba27780811314c1bbdf625b7f467d3313bc74b6095092f25cd