login.microsoftonline.com Open in urlscan Pro
40.126.32.72 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://tmf-group.allaccesspass.com/mod/scorm/view.php?id=14251&directlaunch=1&display=popup
Effective URL:
https://login.microsoftonline.com/733f029c-6cfd-403c-9a41-6c3063491098/saml2?SAMLRequest=tZJPc9owEMW%2Fikd3%2F5FlINYAMwxMGHcgYSDQN...
Submission: On November 23 via manual (November 23rd 2022, 12:15:03 pm UTC) from IN — Scanned from DE

Summary HTTP 37 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 8 IPs in 4 countries across 7 domains to perform 37 HTTP transactions. The main IP is 40.126.32.72, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.microsoftonline.com. The Cisco Umbrella rank of the primary domain is 31.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on August 24th 2022. Valid for: a year.

This is the only time login.microsoftonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 22	2606:4700::68... 2606:4700::6811:9e2f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.218.154.59 52.218.154.59	16509 (AMAZON-02) (AMAZON-02)
4	88.221.169.5 88.221.169.5	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	54.229.120.124 54.229.120.124	16509 (AMAZON-02) (AMAZON-02)
2	40.126.32.72 40.126.32.72	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	152.199.23.37 152.199.23.37	15133 (EDGECAST) (EDGECAST)
1	20.190.160.22 20.190.160.22	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2620:1ec:46::45 2620:1ec:46::45	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
37	8

22 2606:4700::6811:9e2f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

tmf-group.allaccesspass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.154.59 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-w.amazonaws.com

aap-prod.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 88.221.169.5 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-169-5.deploy.static.akamaitechnologies.com

cdns.gigya.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdns.eu1.gigya.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.229.120.124 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-120-124.eu-west-1.compute.amazonaws.com

accounts.eu1.gigya.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
socialize.eu1.gigya.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 40.126.32.72 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.microsoftonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 152.199.23.37 (United States)

ASN15133 (EDGECAST, US)

aadcdn.msftauth.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.190.160.22 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:46::45 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

aadcdn.msftauthimages.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	allaccesspass.com 1 redirects tmf-group.allaccesspass.com	1 MB
6	msftauth.net aadcdn.msftauth.net — Cisco Umbrella Rank: 1075	178 KB
6	gigya.com 1 redirects cdns.gigya.com — Cisco Umbrella Rank: 8096 cdns.eu1.gigya.com — Cisco Umbrella Rank: 16955 accounts.eu1.gigya.com — Cisco Umbrella Rank: 32344 socialize.eu1.gigya.com — Cisco Umbrella Rank: 43067	192 KB
2	microsoftonline.com login.microsoftonline.com — Cisco Umbrella Rank: 31	108 KB
1	msftauthimages.net aadcdn.msftauthimages.net — Cisco Umbrella Rank: 3426	4 KB
1	live.com login.live.com — Cisco Umbrella Rank: 86
1	amazonaws.com aap-prod.s3.amazonaws.com	9 KB
37	7

	Domain	Requested by
22	tmf-group.allaccesspass.com	1 redirects tmf-group.allaccesspass.com
6	aadcdn.msftauth.net	login.microsoftonline.com aadcdn.msftauth.net
3	cdns.eu1.gigya.com	cdns.gigya.com cdns.eu1.gigya.com
2	login.microsoftonline.com	cdns.gigya.com login.microsoftonline.com
1	aadcdn.msftauthimages.net
1	login.live.com	login.microsoftonline.com
1	socialize.eu1.gigya.com	1 redirects
1	accounts.eu1.gigya.com	cdns.eu1.gigya.com
1	cdns.gigya.com	tmf-group.allaccesspass.com
1	aap-prod.s3.amazonaws.com	tmf-group.allaccesspass.com
37	10

This site contains links to these domains. Also see Links.

Domain
www.microsoft.com
privacy.microsoft.com

Subject Issuer	Validity	Valid
*.allaccesspass.com Go Daddy Secure Certificate Authority - G2	`2021-12-11` - `2023-01-12`	a year	crt.sh
*.s3.amazonaws.com Amazon	`2022-09-21` - `2023-08-26`	a year	crt.sh
cdns.gigya.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-04`	a year	crt.sh
*.eu1.gigya.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-02` - `2023-03-05`	a year	crt.sh
stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA	`2022-08-24` - `2023-08-24`	a year	crt.sh
aadcdn.msftauth.net DigiCert SHA2 Secure Server CA	`2022-04-01` - `2023-04-01`	a year	crt.sh
login.live.com DigiCert SHA2 Secure Server CA	`2022-10-03` - `2023-10-03`	a year	crt.sh
aadcdn.msftauthimages.net Microsoft Azure TLS Issuing CA 06	`2022-09-29` - `2023-09-24`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://login.microsoftonline.com/733f029c-6cfd-403c-9a41-6c3063491098/saml2?SAMLRequest=tZJPc9owEMW%2Fikd3%2F5FlINYAMwxMGHcgYSDQNpeMkNdEHVsyWpmGfvraTps0h%2FbWo3Z29X5v345RVGXNZ4171ls4N4DOyxYTclKnqxikMh8WyVEUUSREcgNMHKNRKiDOjwJYzEbRkXgHsKiMnpA4iIiXITaQaXRCu7YUxbFPqR%2BzBxpzmvBB%2Bki8RauitHD91LNzNfIwLM1J6aBS0ho0hTO6VBoCaapwxFgRxan0h7LI%2FSRi0k9FQtsni4YsSWmU3oSdj5h4t8ZK6N1MSCFKhI5oIxDVBd4qM0SwnfrcaGwqsDuwFyVhv1298xQqrwJoaNCvogfpNMJLazNkT%2Bf7r%2Fu7%2FL7JZ8sVWyb4%2BLBf1zBfHk6bNXO7xbfsVH%2FaDvTysMm2V%2Fuyu3yJf3zOk6c5Crg90xDrUEgk3ktVauR9DBPSWM2NQIVciwqQO8l3s%2FWKt5q8tsYZaUoyHXfdvN%2B0%2FWP%2B3%2BPit2ky%2FWDx%2F9gb97%2F9YnwFrvldC5UtNqZU8tolVYn2RP7GTAPaV1TuF30rbzTWIFWhIG8zLEvzfW5BuDZXZ5s21nD6qvrxnKc%2FAQ%3D%3D&RelayState=tk1.H7fumto1TOkFq7cZM_urEF8NTDzltp2NYiJsiPGfDvI&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=CgYGHoZcby2GPfPq9ByJBPkJNfi5ToIcM6NIgVUERg8Gu5T2JGYEQcOvOGaznNEbJZrot%2FbtXd%2F23XUb%2BxVN1WY7t4q658mx0YgerQkq2IJrFy10tvc7EVtbubg5dDYgCEPB42aSOMjPqHMnWYG6Uh%2BZUQ3L1E%2FdAijOsTu5JiBygzv%2B1PTiocyxm7QLvwojoc5wBn6kkKhnFaJOKI0hC2ecwCWm%2BG2g8UEm1nT4b%2FtKb9R%2BED%2B7yNQU9JPDwiQwid62u3NAkBwWk5OQYKaLDlBXT%2Bs1aN3BSTwSBOtK4v5e%2FlSU05On3nJMKOWKvNdCkqOIIS9bG5Ig5GuAGQbU3g%3D%3D&sso_reload=true
Frame ID: CC2F85BB38ADD3766685D43AC08EB25A
Requests: 34 HTTP requests in this frame

Frame: https://cdns.eu1.gigya.com/gs/webSdk/Api.aspx?apiKey=3_qOYUNdOudAGL3G4sZTUMpeCGVgPM3tSDjIgpJR5nGVPIRyrxSvX2zWd4_CsaeFq1&version=latest&build=13455
Frame ID: 606C7B3DAD3D33B4B14300CEE7FC7CF9
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bei Ihrem Konto anmelden

Page URL History Show full URLs

https://tmf-group.allaccesspass.com/mod/scorm/view.php?id=14251&directlaunch=1&display=popup HTTP 303
https://tmf-group.allaccesspass.com/auth/gigya/redirect.php Page URL
https://socialize.eu1.gigya.com/accounts.socialLogin?x_authFlow=redirect&x_provider=saml-tmf-group.allaccess... HTTP 302
https://login.microsoftonline.com/733f029c-6cfd-403c-9a41-6c3063491098/saml2?SAMLRequest=tZJPc9owEMW%2Fikd3%2F... Page URL
https://login.microsoftonline.com/733f029c-6cfd-403c-9a41-6c3063491098/saml2?SAMLRequest=tZJPc9owEMW%2Fikd3%2F... Page URL

Detected technologies

SAP Customer Data Cloud Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

\.gigya\.com/JS/gigya\.js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

37
Requests

100 %
HTTPS

25 %
IPv6

7
Domains

10
Subdomains

8
IPs

4
Countries

1564 kB
Transfer

6087 kB
Size

17
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.microsoft.com/de-DE/servicesagreement/
Title: Nutzungsbedingungen

Search URL Search Domain Scan URL

URL: https://privacy.microsoft.com/de-DE/privacystatement
Title: Datenschutz & Cookies

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/de-de/corporate/rechtliche-hinweise/impressum.aspx
Title: Haftungsausschluss

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://tmf-group.allaccesspass.com/mod/scorm/view.php?id=14251&directlaunch=1&display=popup HTTP 303
https://tmf-group.allaccesspass.com/auth/gigya/redirect.php Page URL
https://socialize.eu1.gigya.com/accounts.socialLogin?x_authFlow=redirect&x_provider=saml-tmf-group.allaccesspass.com&x_redirectMethod=post&x_lang=en&x_sessionExpiration=0&x_include=profile%2Cdata&x_includeUserInfo=true&x_redirectURL=https%3A%2F%2Ftmf-group.allaccesspass.com%2Fmod%2Fscorm%2Fview.php%3Fid%3D14251%26directlaunch%3D1%26display%3Dpopup&x_apiDomain=eu1.gigya.com&x_sdk=js_latest&client_id=3_qOYUNdOudAGL3G4sZTUMpeCGVgPM3tSDjIgpJR5nGVPIRyrxSvX2zWd4_CsaeFq1&redirect_uri=%2FGS%2FAfterLogin.aspx&response_type=server_token&state=domain%3Dhttps%253A%252F%252Ftmf-group.allaccesspass.com%252Fauth%252Fgigya%252Fredirect.php%26lid%3Dflid1669205698636%26messaging%3D1%26id%3Daccounts_socialLogin_16692056993101669205699310%26sourceURL%3Dhttps%253A%252F%252Ftmf-group.allaccesspass.com%252Fauth%252Fgigya%252Fredirect.php%26redirectURL%3Dhttps%253A%252F%252Ftmf-group.allaccesspass.com%252Fmod%252Fscorm%252Fview.php%253Fid%253D14251%2526directlaunch%253D1%2526display%253Dpopup%2526gig_events%253Dsocialize.login%26redirectMethod%3Dpost%26addUserInfo%3Dtrue&authMode=cookie HTTP 302
https://login.microsoftonline.com/733f029c-6cfd-403c-9a41-6c3063491098/saml2?SAMLRequest=tZJPc9owEMW%2Fikd3%2F5FlINYAMwxMGHcgYSDQNpeMkNdEHVsyWpmGfvraTps0h%2FbWo3Z29X5v345RVGXNZ4171ls4N4DOyxYTclKnqxikMh8WyVEUUSREcgNMHKNRKiDOjwJYzEbRkXgHsKiMnpA4iIiXITaQaXRCu7YUxbFPqR%2BzBxpzmvBB%2Bki8RauitHD91LNzNfIwLM1J6aBS0ho0hTO6VBoCaapwxFgRxan0h7LI%2FSRi0k9FQtsni4YsSWmU3oSdj5h4t8ZK6N1MSCFKhI5oIxDVBd4qM0SwnfrcaGwqsDuwFyVhv1298xQqrwJoaNCvogfpNMJLazNkT%2Bf7r%2Fu7%2FL7JZ8sVWyb4%2BLBf1zBfHk6bNXO7xbfsVH%2FaDvTysMm2V%2Fuyu3yJf3zOk6c5Crg90xDrUEgk3ktVauR9DBPSWM2NQIVciwqQO8l3s%2FWKt5q8tsYZaUoyHXfdvN%2B0%2FWP%2B3%2BPit2ky%2FWDx%2F9gb97%2F9YnwFrvldC5UtNqZU8tolVYn2RP7GTAPaV1TuF30rbzTWIFWhIG8zLEvzfW5BuDZXZ5s21nD6qvrxnKc%2FAQ%3D%3D&RelayState=tk1.H7fumto1TOkFq7cZM_urEF8NTDzltp2NYiJsiPGfDvI&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=CgYGHoZcby2GPfPq9ByJBPkJNfi5ToIcM6NIgVUERg8Gu5T2JGYEQcOvOGaznNEbJZrot%2FbtXd%2F23XUb%2BxVN1WY7t4q658mx0YgerQkq2IJrFy10tvc7EVtbubg5dDYgCEPB42aSOMjPqHMnWYG6Uh%2BZUQ3L1E%2FdAijOsTu5JiBygzv%2B1PTiocyxm7QLvwojoc5wBn6kkKhnFaJOKI0hC2ecwCWm%2BG2g8UEm1nT4b%2FtKb9R%2BED%2B7yNQU9JPDwiQwid62u3NAkBwWk5OQYKaLDlBXT%2Bs1aN3BSTwSBOtK4v5e%2FlSU05On3nJMKOWKvNdCkqOIIS9bG5Ig5GuAGQbU3g%3D%3D Page URL
https://login.microsoftonline.com/733f029c-6cfd-403c-9a41-6c3063491098/saml2?SAMLRequest=tZJPc9owEMW%2Fikd3%2F5FlINYAMwxMGHcgYSDQNpeMkNdEHVsyWpmGfvraTps0h%2FbWo3Z29X5v345RVGXNZ4171ls4N4DOyxYTclKnqxikMh8WyVEUUSREcgNMHKNRKiDOjwJYzEbRkXgHsKiMnpA4iIiXITaQaXRCu7YUxbFPqR%2BzBxpzmvBB%2Bki8RauitHD91LNzNfIwLM1J6aBS0ho0hTO6VBoCaapwxFgRxan0h7LI%2FSRi0k9FQtsni4YsSWmU3oSdj5h4t8ZK6N1MSCFKhI5oIxDVBd4qM0SwnfrcaGwqsDuwFyVhv1298xQqrwJoaNCvogfpNMJLazNkT%2Bf7r%2Fu7%2FL7JZ8sVWyb4%2BLBf1zBfHk6bNXO7xbfsVH%2FaDvTysMm2V%2Fuyu3yJf3zOk6c5Crg90xDrUEgk3ktVauR9DBPSWM2NQIVciwqQO8l3s%2FWKt5q8tsYZaUoyHXfdvN%2B0%2FWP%2B3%2BPit2ky%2FWDx%2F9gb97%2F9YnwFrvldC5UtNqZU8tolVYn2RP7GTAPaV1TuF30rbzTWIFWhIG8zLEvzfW5BuDZXZ5s21nD6qvrxnKc%2FAQ%3D%3D&RelayState=tk1.H7fumto1TOkFq7cZM_urEF8NTDzltp2NYiJsiPGfDvI&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=CgYGHoZcby2GPfPq9ByJBPkJNfi5ToIcM6NIgVUERg8Gu5T2JGYEQcOvOGaznNEbJZrot%2FbtXd%2F23XUb%2BxVN1WY7t4q658mx0YgerQkq2IJrFy10tvc7EVtbubg5dDYgCEPB42aSOMjPqHMnWYG6Uh%2BZUQ3L1E%2FdAijOsTu5JiBygzv%2B1PTiocyxm7QLvwojoc5wBn6kkKhnFaJOKI0hC2ecwCWm%2BG2g8UEm1nT4b%2FtKb9R%2BED%2B7yNQU9JPDwiQwid62u3NAkBwWk5OQYKaLDlBXT%2Bs1aN3BSTwSBOtK4v5e%2FlSU05On3nJMKOWKvNdCkqOIIS9bG5Ig5GuAGQbU3g%3D%3D&sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://tmf-group.allaccesspass.com/mod/scorm/view.php?id=14251&directlaunch=1&display=popup HTTP 303
https://tmf-group.allaccesspass.com/auth/gigya/redirect.php

Request Chain 27

https://socialize.eu1.gigya.com/accounts.socialLogin?x_authFlow=redirect&x_provider=saml-tmf-group.allaccesspass.com&x_redirectMethod=post&x_lang=en&x_sessionExpiration=0&x_include=profile%2Cdata&x_includeUserInfo=true&x_redirectURL=https%3A%2F%2Ftmf-group.allaccesspass.com%2Fmod%2Fscorm%2Fview.php%3Fid%3D14251%26directlaunch%3D1%26display%3Dpopup&x_apiDomain=eu1.gigya.com&x_sdk=js_latest&client_id=3_qOYUNdOudAGL3G4sZTUMpeCGVgPM3tSDjIgpJR5nGVPIRyrxSvX2zWd4_CsaeFq1&redirect_uri=%2FGS%2FAfterLogin.aspx&response_type=server_token&state=domain%3Dhttps%253A%252F%252Ftmf-group.allaccesspass.com%252Fauth%252Fgigya%252Fredirect.php%26lid%3Dflid1669205698636%26messaging%3D1%26id%3Daccounts_socialLogin_16692056993101669205699310%26sourceURL%3Dhttps%253A%252F%252Ftmf-group.allaccesspass.com%252Fauth%252Fgigya%252Fredirect.php%26redirectURL%3Dhttps%253A%252F%252Ftmf-group.allaccesspass.com%252Fmod%252Fscorm%252Fview.php%253Fid%253D14251%2526directlaunch%253D1%2526display%253Dpopup%2526gig_events%253Dsocialize.login%26redirectMethod%3Dpost%26addUserInfo%3Dtrue&authMode=cookie HTTP 302
https://login.microsoftonline.com/733f029c-6cfd-403c-9a41-6c3063491098/saml2?SAMLRequest=tZJPc9owEMW%2Fikd3%2F5FlINYAMwxMGHcgYSDQNpeMkNdEHVsyWpmGfvraTps0h%2FbWo3Z29X5v345RVGXNZ4171ls4N4DOyxYTclKnqxikMh8WyVEUUSREcgNMHKNRKiDOjwJYzEbRkXgHsKiMnpA4iIiXITaQaXRCu7YUxbFPqR%2BzBxpzmvBB%2Bki8RauitHD91LNzNfIwLM1J6aBS0ho0hTO6VBoCaapwxFgRxan0h7LI%2FSRi0k9FQtsni4YsSWmU3oSdj5h4t8ZK6N1MSCFKhI5oIxDVBd4qM0SwnfrcaGwqsDuwFyVhv1298xQqrwJoaNCvogfpNMJLazNkT%2Bf7r%2Fu7%2FL7JZ8sVWyb4%2BLBf1zBfHk6bNXO7xbfsVH%2FaDvTysMm2V%2Fuyu3yJf3zOk6c5Crg90xDrUEgk3ktVauR9DBPSWM2NQIVciwqQO8l3s%2FWKt5q8tsYZaUoyHXfdvN%2B0%2FWP%2B3%2BPit2ky%2FWDx%2F9gb97%2F9YnwFrvldC5UtNqZU8tolVYn2RP7GTAPaV1TuF30rbzTWIFWhIG8zLEvzfW5BuDZXZ5s21nD6qvrxnKc%2FAQ%3D%3D&RelayState=tk1.H7fumto1TOkFq7cZM_urEF8NTDzltp2NYiJsiPGfDvI&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=CgYGHoZcby2GPfPq9ByJBPkJNfi5ToIcM6NIgVUERg8Gu5T2JGYEQcOvOGaznNEbJZrot%2FbtXd%2F23XUb%2BxVN1WY7t4q658mx0YgerQkq2IJrFy10tvc7EVtbubg5dDYgCEPB42aSOMjPqHMnWYG6Uh%2BZUQ3L1E%2FdAijOsTu5JiBygzv%2B1PTiocyxm7QLvwojoc5wBn6kkKhnFaJOKI0hC2ecwCWm%2BG2g8UEm1nT4b%2FtKb9R%2BED%2B7yNQU9JPDwiQwid62u3NAkBwWk5OQYKaLDlBXT%2Bs1aN3BSTwSBOtK4v5e%2FlSU05On3nJMKOWKvNdCkqOIIS9bG5Ig5GuAGQbU3g%3D%3D

37 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

redirect.php Show response
tmf-group.allaccesspass.com/auth/gigya/
Redirect Chain

https://tmf-group.allaccesspass.com/mod/scorm/view.php?id=14251&directlaunch=1&display=popup
https://tmf-group.allaccesspass.com/auth/gigya/redirect.php

25 KB
25 KB

391ms
390ms

Document
text/html

2606:4700::6811:9e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tmf-group.allaccesspass.com/auth/gigya/redirect.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f73db0dc8fe00079464842772e42e9bd368d7218c38e48ca63474184acd9c39

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: none
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
access-control-allow-methods: GET, OPTIONS
cache-control: private, pre-check=0, post-check=0, max-age=0, no-transform
cf-cache-status: DYNAMIC
cf-ray: 76e9d3d6af7b9a30-FRA
content-language: de
content-script-type: text/javascript
content-style-type: text/css
content-type: text/html; charset=utf-8
date: Wed, 23 Nov 2022 12:14:57 GMT
expires
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-frame-options: sameorigin
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
access-control-allow-methods: GET, OPTIONS
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 76e9d3d49a9c9a30-FRA
content-language: de
content-type: text/html; charset=utf-8
date: Wed, 23 Nov 2022 12:14:57 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://tmf-group.allaccesspass.com/auth/gigya/redirect.php
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-redirect-by: Moodle
x-xss-protection: 1; mode=block

GET
H2 200 yui_combo.php
tmf-group.allaccesspass.com/theme/ 5 KB
2 KB 262ms
261ms Stylesheet
text/css 2606:4700::6811:9e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tmf-group.allaccesspass.com/theme/yui_combo.php?3.17.2/cssreset/cssreset-min.css&3.17.2/cssfonts/cssfonts-min.css&3.17.2/cssgrids/cssgrids-min.css&3.17.2/cssbase/cssbase-min.css

Requested by

Host: tmf-group.allaccesspass.com
URL: https://tmf-group.allaccesspass.com/auth/gigya/redirect.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3195ad9f8f03f61bbc60571b47b67ba7e41b0cf29e881ab188ff2dadf766e073

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tmf-group.allaccesspass.com/auth/gigya/redirect.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 12:14:57 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
content-disposition: inline; filename="combo"
x-xss-protection: 1; mode=block
pragma
last-modified: Fri, 21 Oct 2022 14:45:00 GMT
server: cloudflare
etag: W/"27dd1ce6eca23b53d4028dba08a0b3030dbedf0f"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css;charset=UTF-8
cache-control: public, max-age=31104000, immutable
access-control-allow-credentials: true
cf-ray: 76e9d3d93ca49a30-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Sat, 18 Nov 2023 12:14:57 GMT

GET
H2 200 yui_combo.php
tmf-group.allaccesspass.com/theme/ 4 KB
1 KB 259ms
257ms Stylesheet
text/css 2606:4700::6811:9e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tmf-group.allaccesspass.com/theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple-min.css

Requested by

Host: tmf-group.allaccesspass.com
URL: https://tmf-group.allaccesspass.com/auth/gigya/redirect.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fbd5b8255a99afe96e89a88423275ed4e93083fad3311dd349906122e63206a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tmf-group.allaccesspass.com/auth/gigya/redirect.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 12:14:57 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
content-disposition: inline; filename="combo"
x-xss-protection: 1; mode=block
pragma
last-modified: Fri, 21 Oct 2022 14:45:04 GMT
server: cloudflare
etag: W/"b9bc567c469e2872cf3bbb14603342a72de2509b"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css;charset=UTF-8
cache-control: public, max-age=31104000, immutable
access-control-allow-credentials: true
cf-ray: 76e9d3d93ca79a30-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Sat, 18 Nov 2023 12:14:57 GMT

GET
H2 200 all
tmf-group.allaccesspass.com/theme/styles.php/explore/1669010895_1665855162/ 1 MB
173 KB 338ms
337ms Stylesheet
text/css 2606:4700::6811:9e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tmf-group.allaccesspass.com/theme/styles.php/explore/1669010895_1665855162/all

Requested by

Host: tmf-group.allaccesspass.com
URL: https://tmf-group.allaccesspass.com/auth/gigya/redirect.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ac2de3e6a6056a0216b17da4138c320b453367bedeab33910a473bdcd8564fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tmf-group.allaccesspass.com/auth/gigya/redirect.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 12:14:57 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
content-disposition: inline; filename="styles.php"
x-xss-protection: 1; mode=block
pragma
last-modified: Mon, 21 Nov 2022 06:36:57 GMT
server: cloudflare
etag: W/"8812da77e5400e2b357a803ac11ffb686e2fceb2"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css; charset=utf-8
cache-control: public, max-age=7776000, immutable
access-control-allow-credentials: true
cf-ray: 76e9d3d93caa9a30-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Tue, 21 Feb 2023 12:14:57 GMT

GET
H2 200 bootstrap.css
tmf-group.allaccesspass.com/theme/explore/style/ 174 KB
23 KB 67ms
65ms Stylesheet
text/css 2606:4700::6811:9e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tmf-group.allaccesspass.com/theme/explore/style/bootstrap.css

Requested by

Host: tmf-group.allaccesspass.com
URL: https://tmf-group.allaccesspass.com/auth/gigya/redirect.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c1a4c25634d5841924aab1848acc9dcbc3d5672183053c8b71ff2139b65d7c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tmf-group.allaccesspass.com/auth/gigya/redirect.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 12:14:57 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 5077
x-xss-protection: 1; mode=block
last-modified: Sat, 15 Oct 2022 15:22:17 GMT
server: cloudflare
etag: W/"2b7e8-5eb144ec92dbc"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
cache-control: public, max-age=86400
access-control-allow-credentials: true
cf-ray: 76e9d3d93cab9a30-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Thu, 24 Nov 2022 12:14:57 GMT

GET
H2 200 polyfill.min.js Show response
tmf-group.allaccesspass.com/lib/javascript.php/1669010895/lib/babel-polyfill/ 97 KB
34 KB 293ms
292ms Script
application/javascript 2606:4700::6811:9e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tmf-group.allaccesspass.com/lib/javascript.php/1669010895/lib/babel-polyfill/polyfill.min.js

Requested by

Host: tmf-group.allaccesspass.com
URL: https://tmf-group.allaccesspass.com/auth/gigya/redirect.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9e07890edf5f6f350ef465b37479fc6192923e60e64d9f20af37eb3b011cc66

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tmf-group.allaccesspass.com/auth/gigya/redirect.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 12:14:57 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
content-disposition: inline; filename="javascript.php"
x-xss-protection: 1; mode=block
pragma
last-modified: Mon, 21 Nov 2022 06:36:55 GMT
server: cloudflare
etag: W/"b0e830472ae784481258f4759ffa7aba509ba633"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=7776000
access-control-allow-credentials: true
cf-ray: 76e9d3d93cac9a30-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Tue, 21 Feb 2023 12:14:57 GMT

GET
H2 200 polyfill.js Show response
tmf-group.allaccesspass.com/lib/javascript.php/1669010895/lib/polyfills/ 17 KB
5 KB 75ms
74ms Script
application/javascript 2606:4700::6811:9e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tmf-group.allaccesspass.com/lib/javascript.php/1669010895/lib/polyfills/polyfill.js

Requested by

Host: tmf-group.allaccesspass.com
URL: https://tmf-group.allaccesspass.com/auth/gigya/redirect.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

244ff779cc4a0d32d8a21e1dceece94080b39c4b2c77ab5c0a772f333db71216

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tmf-group.allaccesspass.com/auth/gigya/redirect.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 12:14:57 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 14933
content-disposition: inline; filename="javascript.php"
x-xss-protection: 1; mode=block
pragma
last-modified: Mon, 21 Nov 2022 06:36:55 GMT
server: cloudflare
etag: W/"b15a6e2150315afcb4831a251ca51ef1649d01ae"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=7776000
access-control-allow-credentials: true
cf-ray: 76e9d3d93cae9a30-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Tue, 21 Feb 2023 12:14:57 GMT

GET
H2 200 yui_combo.php Show response
tmf-group.allaccesspass.com/theme/ 276 KB
85 KB 310ms
309ms Script
application/javascript 2606:4700::6811:9e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tmf-group.allaccesspass.com/theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple-min.js

Requested by

Host: tmf-group.allaccesspass.com
URL: https://tmf-group.allaccesspass.com/auth/gigya/redirect.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13eaaadfa414f262b7964320054bb2b322b9ef9f3522bc25c9d60dc83b5141cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tmf-group.allaccesspass.com/auth/gigya/redirect.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 12:14:57 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
content-disposition: inline; filename="combo"
x-xss-protection: 1; mode=block
pragma
last-modified: Fri, 21 Oct 2022 14:45:04 GMT
server: cloudflare
etag: W/"78581a0bac8a932effb32db3e91e0f2f2b47c08e"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
cache-control: public, max-age=31104000, immutable
access-control-allow-credentials: true
cf-ray: 76e9d3d93caf9a30-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Sat, 18 Nov 2023 12:14:57 GMT

GET
H2 200 javascript-static.js Show response
tmf-group.allaccesspass.com/lib/javascript.php/1669010895/lib/ 21 KB
7 KB 77ms
76ms Script
application/javascript 2606:4700::6811:9e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tmf-group.allaccesspass.com/lib/javascript.php/1669010895/lib/javascript-static.js

Requested by

Host: tmf-group.allaccesspass.com
URL: https://tmf-group.allaccesspass.com/auth/gigya/redirect.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec9d65cb26cade9adcf9c012734551cf8c86c49a1ff45fef12662ae42f312e3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tmf-group.allaccesspass.com/auth/gigya/redirect.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 12:14:57 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 98934
content-disposition: inline; filename="javascript.php"
x-xss-protection: 1; mode=block
pragma
last-modified: Mon, 21 Nov 2022 06:36:55 GMT
server: cloudflare
etag: W/"4035cbeb4ad286abc10461ec8b6f4c66af0933fc"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=7776000
access-control-allow-credentials: true
cf-ray: 76e9d3d93cb19a30-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Tue, 21 Feb 2023 12:14:57 GMT

GET
H2 200 head Show response
tmf-group.allaccesspass.com/theme/javascript.php/explore/1669010895/ 247 KB
82 KB 289ms
289ms Script
application/javascript 2606:4700::6811:9e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tmf-group.allaccesspass.com/theme/javascript.php/explore/1669010895/head

Requested by

Host: tmf-group.allaccesspass.com
URL: https://tmf-group.allaccesspass.com/auth/gigya/redirect.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44e1c6e07e9368fef34008b5c7219e220bf4af5e67dd052392670cf73aac5540

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tmf-group.allaccesspass.com/auth/gigya/redirect.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 12:14:57 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
content-disposition: inline; filename="javascript.php"
x-xss-protection: 1; mode=block
pragma
last-modified: Mon, 21 Nov 2022 06:36:56 GMT
server: cloudflare
etag: W/"58f37b5b25087f585f5d7f4488824ba6e8d3029e"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=7776000, immutable
access-control-allow-credentials: true
cf-ray: 76e9d3d93cb39a30-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Tue, 21 Feb 2023 12:14:57 GMT

GET
H2 200 require.min.js Show response
tmf-group.allaccesspass.com/lib/javascript.php/1669010895/lib/requirejs/ 17 KB
7 KB 63ms
63ms Script
application/javascript 2606:4700::6811:9e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tmf-group.allaccesspass.com/lib/javascript.php/1669010895/lib/requirejs/require.min.js

Requested by

Host: tmf-group.allaccesspass.com
URL: https://tmf-group.allaccesspass.com/auth/gigya/redirect.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ce0dbd6a1df9332653e27d1ddc505c5b78fd82b4112de0ec63840c3fbe0b8c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tmf-group.allaccesspass.com/auth/gigya/redirect.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 12:14:57 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 14933
content-disposition: inline; filename="javascript.php"
x-xss-protection: 1; mode=block
pragma
last-modified: Mon, 21 Nov 2022 06:36:56 GMT
server: cloudflare
etag: W/"e33a932457c1c3f83db7f0e10f65539302a617b5"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=7776000
access-control-allow-credentials: true
cf-ray: 76e9d3d93cb59a30-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Tue, 21 Feb 2023 12:14:57 GMT

GET
H2 200 gotham-book-webfont.woff2
tmf-group.allaccesspass.com/theme/font.php/explore/theme/1669010895/ 16 KB
16 KB 271ms
270ms Font
application/font-woff2 2606:4700::6811:9e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tmf-group.allaccesspass.com/theme/font.php/explore/theme/1669010895/gotham-book-webfont.woff2

Requested by

Host: tmf-group.allaccesspass.com
URL: https://tmf-group.allaccesspass.com/theme/styles.php/explore/1669010895_1665855162/all

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88425afc6e97c1d162e0a355b790dc4e020ff80b632e5649697dca5bc784002d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tmf-group.allaccesspass.com/theme/styles.php/explore/1669010895_1665855162/all
Origin: https://tmf-group.allaccesspass.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 12:14:58 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: MISS
content-disposition: inline; filename="gotham-book-webfont.woff2"
content-length: 16700
x-xss-protection: 1; mode=block
pragma
last-modified: Mon, 21 Nov 2022 06:36:58 GMT
server: cloudflare
etag: "1c45cda1b89cc2ae25de8c604a62706a775b1dde"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/font-woff2
access-control-allow-origin: https://tmf-group.allaccesspass.com
cache-control: public, max-age=7776000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 76e9d3dc3b649a30-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Tue, 21 Feb 2023 12:14:58 GMT

GET
H2 200 yui_combo.php Show response
tmf-group.allaccesspass.com/theme/ 2 KB
1022 B 776ms
775ms Script
application/javascript 2606:4700::6811:9e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tmf-group.allaccesspass.com/theme/yui_combo.php?m/1669010895/core/event/event-min.js&m/1669010895/filter_mathjaxloader/loader/loader-min.js

Requested by

Host: tmf-group.allaccesspass.com
URL: https://tmf-group.allaccesspass.com/theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple-min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7eb61ba5b02c939a8985c145a24985cb3b4e3cadfcfc00fa5bca76aa0d8c5238

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tmf-group.allaccesspass.com/auth/gigya/redirect.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 12:14:58 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
content-disposition: inline; filename="combo"
x-xss-protection: 1; mode=block
pragma
last-modified: Fri, 21 Oct 2022 14:44:58 GMT
server: cloudflare
etag: W/"582a302761ebc777e20f2a88040a9affde1dc084"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
cache-control: public, max-age=31104000, immutable
access-control-allow-credentials: true
cf-ray: 76e9d3dc6be39a30-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Sat, 18 Nov 2023 12:14:58 GMT

GET
H/1.1 200
OK f0e85026-64d.jpg
aap-prod.s3.amazonaws.com/80800ed5b4e74b68907d565e2aa7df89/ 9 KB
9 KB 722ms
256ms Image
image/jpeg 52.218.154.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aap-prod.s3.amazonaws.com/80800ed5b4e74b68907d565e2aa7df89/f0e85026-64d.jpg
Requested by: Host: tmf-group.allaccesspass.com
URL: https://tmf-group.allaccesspass.com/theme/styles.php/explore/1669010895_1665855162/all
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.154.59 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 356a02f3243113778274eaee7c110df2a21c16bd1e6e866678cc0f508351c462

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tmf-group.allaccesspass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 23 Nov 2022 12:14:59 GMT
Last-Modified: Fri, 08 Jul 2022 14:39:43 GMT
Server: AmazonS3
x-amz-request-id: JF4JZDHM0Y29HCNZ
ETag: "1f29f29989eb71ae1f836e6d85f78eac"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 8965
x-amz-id-2: TqvUpD48kYFKXe8jar8pZPouJbbNkR1RpWjCMlqdkgB0QI66Ujx6nj75n8g3J2SIhJCJVeMfQ+4=

GET
H2 200 logo_white
tmf-group.allaccesspass.com/theme/image.php/explore/theme/1669010895/ 8 KB
8 KB 282ms
282ms Image
image/png 2606:4700::6811:9e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tmf-group.allaccesspass.com/theme/image.php/explore/theme/1669010895/logo_white

Requested by

Host: tmf-group.allaccesspass.com
URL: https://tmf-group.allaccesspass.com/theme/styles.php/explore/1669010895_1665855162/all

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8edda064d7c63f7054917d4b362a21f658c30402bbb3a2e0c2b068da5d87764

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tmf-group.allaccesspass.com/theme/styles.php/explore/1669010895_1665855162/all
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 12:14:58 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-disposition: inline; filename="logo_white.png"
content-length: 7912
x-xss-protection: 1; mode=block
pragma
last-modified: Mon, 21 Nov 2022 06:36:58 GMT
server: cloudflare
etag: "4f81d62067ce406c62dbf14b00c852cf352453c2"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
cache-control: public, max-age=7776000, no-transform, immutable
access-control-allow-credentials: true
accept-ranges: none
cf-ray: 76e9d3dc6be69a30-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Tue, 21 Feb 2023 12:14:58 GMT

GET
H2 200 fontawesome-webfont.woff2
tmf-group.allaccesspass.com/theme/font.php/explore/theme/1669010895/ 75 KB
76 KB 59ms
59ms Font
application/font-woff2 2606:4700::6811:9e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tmf-group.allaccesspass.com/theme/font.php/explore/theme/1669010895/fontawesome-webfont.woff2

Requested by

Host: tmf-group.allaccesspass.com
URL: https://tmf-group.allaccesspass.com/theme/styles.php/explore/1669010895_1665855162/all

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tmf-group.allaccesspass.com/theme/styles.php/explore/1669010895_1665855162/all
Origin: https://tmf-group.allaccesspass.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 12:14:58 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: HIT
age: 98934
content-disposition: inline; filename="fontawesome-webfont.woff2"
content-length: 77160
x-xss-protection: 1; mode=block
pragma
last-modified: Mon, 21 Nov 2022 06:36:58 GMT
server: cloudflare
etag: "8993a98d5402cf497761db387e96c39d36b3ef55"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/font-woff2
access-control-allow-origin: https://tmf-group.allaccesspass.com
cache-control: public, max-age=7776000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 76e9d3dc6beb9a30-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Tue, 21 Feb 2023 12:14:58 GMT

GET
H2 200 first.js Show response
tmf-group.allaccesspass.com/lib/requirejs.php/1669010895/core/ 2 MB
490 KB 96ms
95ms Script
application/javascript 2606:4700::6811:9e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tmf-group.allaccesspass.com/lib/requirejs.php/1669010895/core/first.js

Requested by

Host: tmf-group.allaccesspass.com
URL: https://tmf-group.allaccesspass.com/lib/javascript.php/1669010895/lib/requirejs/require.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a75d1fac0a0168607c4f90d6e75a73aba29336dcc3fdf272bc0e7a42f255046

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tmf-group.allaccesspass.com/auth/gigya/redirect.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 12:14:58 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 98933
content-disposition: inline; filename="requirejs.php"
x-xss-protection: 1; mode=block
pragma
last-modified: Mon, 21 Nov 2022 06:36:58 GMT
server: cloudflare
etag: W/"66585587102deada426014e5b9dae99ee77203fe"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=7776000
access-control-allow-credentials: true
cf-ray: 76e9d3dc6bfd9a30-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Tue, 21 Feb 2023 12:14:58 GMT

GET
H2 200 jquery-3.5.1.min.js Show response
tmf-group.allaccesspass.com/lib/javascript.php/1669010895/lib/jquery/ 87 KB
31 KB 71ms
71ms Script
application/javascript 2606:4700::6811:9e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tmf-group.allaccesspass.com/lib/javascript.php/1669010895/lib/jquery/jquery-3.5.1.min.js

Requested by

Host: tmf-group.allaccesspass.com
URL: https://tmf-group.allaccesspass.com/lib/javascript.php/1669010895/lib/requirejs/require.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

621c0f52571ccff5dab81de13db26fda4b4a7dad83a01827c9139571023abea4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tmf-group.allaccesspass.com/auth/gigya/redirect.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 12:14:58 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 6923
content-disposition: inline; filename="javascript.php"
x-xss-protection: 1; mode=block
pragma
last-modified: Mon, 21 Nov 2022 06:36:59 GMT
server: cloudflare
etag: W/"72f3c1193c37a6336e3288a407e7b37bb30bd2af"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=7776000
access-control-allow-credentials: true
cf-ray: 76e9d3ddbeb19a30-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Tue, 21 Feb 2023 12:14:58 GMT

GET
H/1.1 200
OK gigya.js Show response
cdns.gigya.com/JS/ 464 KB
146 KB 235ms
40ms Script
text/javascript 88.221.169.5
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdns.gigya.com/JS/gigya.js?apiKey=3_qOYUNdOudAGL3G4sZTUMpeCGVgPM3tSDjIgpJR5nGVPIRyrxSvX2zWd4_CsaeFq1
Requested by: Host: tmf-group.allaccesspass.com
URL: https://tmf-group.allaccesspass.com/lib/javascript.php/1669010895/lib/jquery/jquery-3.5.1.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.221.169.5 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-169-5.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3a2d6421f973af3b1b7e98b3a8eb7692de99ece157bc702261a4bfc390db0024

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tmf-group.allaccesspass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 23 Nov 2022 12:14:58 GMT
Content-Encoding: gzip
x-soa: true, Gator
Vary: Accept-Encoding
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
Access-Control-Allow-Origin: *
x-callid: 0f07cd0e7d6342709a5ee1c2edf86549
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, max-age=900, s-maxage=3600
x-server: us1d-nomad-g46
Connection: keep-alive
x-robots-tag: none
Content-Length: 149255
Expires: Wed, 23 Nov 2022 12:29:58 GMT

GET
H/1.1 200
OK sdk.config.get Show response
cdns.eu1.gigya.com/ 3 KB
2 KB 181ms
37ms Fetch
text/javascript 88.221.169.5
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdns.eu1.gigya.com/sdk.config.get?apiKey=3_qOYUNdOudAGL3G4sZTUMpeCGVgPM3tSDjIgpJR5nGVPIRyrxSvX2zWd4_CsaeFq1&httpStatusCodes=true
Requested by: Host: cdns.gigya.com
URL: https://cdns.gigya.com/JS/gigya.js?apiKey=3_qOYUNdOudAGL3G4sZTUMpeCGVgPM3tSDjIgpJR5nGVPIRyrxSvX2zWd4_CsaeFq1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.221.169.5 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-169-5.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 801a3317757f5f29dc05a23fcbd2a5d171b455bf27fee554dc77736439a0bf6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tmf-group.allaccesspass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 23 Nov 2022 12:14:58 GMT
Content-Encoding: gzip
x-soa: true, Gator
Vary: Accept-Encoding
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
Access-Control-Allow-Origin: *
x-callid: fad2368a038f4dd98fff2bc869e515c3
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, s-maxage=10800
x-server: us1d-nomad-g5
Connection: keep-alive
Accept-Ranges: bytes
x-robots-tag: none
Content-Length: 1105

GET
H2 200 yui_combo.php
tmf-group.allaccesspass.com/theme/ 5 KB
1 KB 288ms
288ms Stylesheet
text/css 2606:4700::6811:9e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tmf-group.allaccesspass.com/theme/yui_combo.php?3.17.2/cssbutton/cssbutton-min.css

Requested by

Host: tmf-group.allaccesspass.com
URL: https://tmf-group.allaccesspass.com/theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple-min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4cc4d14d94d940a82ceb24dc9c9ae9d4573a436e1369db31f2d9c2b1546fe18

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tmf-group.allaccesspass.com/auth/gigya/redirect.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 12:14:59 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
content-disposition: inline; filename="combo"
x-xss-protection: 1; mode=block
pragma
last-modified: Fri, 21 Oct 2022 14:45:00 GMT
server: cloudflare
etag: W/"323202bec286f8abd417e82b36bf85c33dc46920"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css;charset=UTF-8
cache-control: public, max-age=31104000, immutable
access-control-allow-credentials: true
cf-ray: 76e9d3e15daa9a30-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Sat, 18 Nov 2023 12:14:58 GMT

GET
H2 200 service-nologin.php Show response
tmf-group.allaccesspass.com/lib/ajax/ 2 KB
731 B 321ms
321ms XHR
application/json 2606:4700::6811:9e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tmf-group.allaccesspass.com/lib/ajax/service-nologin.php?info=core_output_load_template_with_dependencies,core_output_load_template_with_dependencies,core_output_load_template_with_dependencies,core_output_load_template_with_dependencies&cachekey=1669010895&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22loading%22%2C%22themename%22%3A%22explore%22%2C%22lang%22%3A%22de%22%7D%7D%2C%7B%22index%22%3A1%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22modal%22%2C%22themename%22%3A%22explore%22%2C%22lang%22%3A%22de%22%7D%7D%2C%7B%22index%22%3A2%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22modal_backdrop%22%2C%22themename%22%3A%22explore%22%2C%22lang%22%3A%22de%22%7D%7D%2C%7B%22index%22%3A3%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22pix_icon%22%2C%22themename%22%3A%22explore%22%2C%22lang%22%3A%22de%22%7D%7D%5D

Requested by

Host: tmf-group.allaccesspass.com
URL: https://tmf-group.allaccesspass.com/lib/javascript.php/1669010895/lib/jquery/jquery-3.5.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d48070cc41f2a2635157b17181a8c3301e2dadc903b9cb8f2cda85e4f5552181

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://tmf-group.allaccesspass.com/auth/gigya/redirect.php
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

pragma
date: Wed, 23 Nov 2022 12:14:59 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
access-control-allow-methods: GET, OPTIONS
content-type: application/json; charset=utf-8
cache-control: public, max-age=7776000, immutable
access-control-allow-credentials: true
cf-ray: 76e9d3e17def9a30-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
x-xss-protection: 1; mode=block
expires: Tue, 21 Feb 2023 12:14:59 GMT

GET
H2 200 service-nologin.php Show response
tmf-group.allaccesspass.com/lib/ajax/ 247 B
354 B 312ms
312ms XHR
application/json 2606:4700::6811:9e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tmf-group.allaccesspass.com/lib/ajax/service-nologin.php?info=6-method-calls&cachekey=1669010895&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22cancel%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22de%22%7D%7D%2C%7B%22index%22%3A1%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22closebuttontitle%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22de%22%7D%7D%2C%7B%22index%22%3A2%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22loading%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22de%22%7D%7D%2C%7B%22index%22%3A3%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22savechanges%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22de%22%7D%7D%2C%7B%22index%22%3A4%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22showless%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core_form%22%2C%22lang%22%3A%22de%22%7D%7D%2C%7B%22index%22%3A5%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22showmore%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core_form%22%2C%22lang%22%3A%22de%22%7D%7D%5D

Requested by

Host: tmf-group.allaccesspass.com
URL: https://tmf-group.allaccesspass.com/lib/javascript.php/1669010895/lib/jquery/jquery-3.5.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47d4926ac5a1fc8fb429ef63b24d171ebc2c937ddf8f365229c400981e5e5028

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://tmf-group.allaccesspass.com/auth/gigya/redirect.php
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

pragma
date: Wed, 23 Nov 2022 12:14:59 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
access-control-allow-methods: GET, OPTIONS
content-type: application/json; charset=utf-8
cache-control: public, max-age=7776000, immutable
access-control-allow-credentials: true
cf-ray: 76e9d3e17df49a30-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
x-xss-protection: 1; mode=block
expires: Tue, 21 Feb 2023 12:14:58 GMT

GET
H/1.1 200
OK Api.aspx Show response
cdns.eu1.gigya.com/gs/webSdk/ Frame 606C 116 KB
40 KB 152ms
40ms Document
text/html 88.221.169.5
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdns.eu1.gigya.com/gs/webSdk/Api.aspx?apiKey=3_qOYUNdOudAGL3G4sZTUMpeCGVgPM3tSDjIgpJR5nGVPIRyrxSvX2zWd4_CsaeFq1&version=latest&build=13455

Requested by

Host: cdns.gigya.com
URL: https://cdns.gigya.com/JS/gigya.js?apiKey=3_qOYUNdOudAGL3G4sZTUMpeCGVgPM3tSDjIgpJR5nGVPIRyrxSvX2zWd4_CsaeFq1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.221.169.5 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a88-221-169-5.deploy.static.akamaitechnologies.com

Software

Resource Hash

ed4491873cc15e90b7be65f894f70dbb1dd542486162026ab2383a4cad931556

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://tmf-group.allaccesspass.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400, s-maxage=3600
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 40573
Content-Type: text/html; charset=utf-8
Date: Wed, 23 Nov 2022 12:14:58 GMT
Vary: Accept-Encoding
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-callid: 27ad45e799c147ffa629bb5ad61ef02f
x-robots-tag: none
x-server: us1d-nomad-g40
x-soa: true, Gator

GET
H/1.1 200
OK sdk.config.get Show response
cdns.eu1.gigya.com/ Frame 606C 3 KB
2 KB 42ms
42ms Fetch
text/javascript 88.221.169.5
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdns.eu1.gigya.com/sdk.config.get?apiKey=3_qOYUNdOudAGL3G4sZTUMpeCGVgPM3tSDjIgpJR5nGVPIRyrxSvX2zWd4_CsaeFq1&httpStatusCodes=true
Requested by: Host: cdns.eu1.gigya.com
URL: https://cdns.eu1.gigya.com/gs/webSdk/Api.aspx?apiKey=3_qOYUNdOudAGL3G4sZTUMpeCGVgPM3tSDjIgpJR5nGVPIRyrxSvX2zWd4_CsaeFq1&version=latest&build=13455
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.221.169.5 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-169-5.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 801a3317757f5f29dc05a23fcbd2a5d171b455bf27fee554dc77736439a0bf6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdns.eu1.gigya.com/gs/webSdk/Api.aspx?apiKey=3_qOYUNdOudAGL3G4sZTUMpeCGVgPM3tSDjIgpJR5nGVPIRyrxSvX2zWd4_CsaeFq1&version=latest&build=13455
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 23 Nov 2022 12:14:59 GMT
Content-Encoding: gzip
x-soa: true, Gator
Vary: Accept-Encoding
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
Access-Control-Allow-Origin: *
x-callid: fad2368a038f4dd98fff2bc869e515c3
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, s-maxage=10800
x-server: us1d-nomad-g5
Connection: keep-alive
Accept-Ranges: bytes
x-robots-tag: none
Content-Length: 1105

GET
H2 200 yui_combo.php
tmf-group.allaccesspass.com/theme/ 17 KB
6 KB 259ms
259ms Script
application/javascript 2606:4700::6811:9e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tmf-group.allaccesspass.com/theme/yui_combo.php?m/1669010895/core/widget/widget-focusafterclose-min.js&3.17.2/plugin/plugin-min.js&m/1669010895/core/lockscroll/lockscroll-min.js&m/1669010895/core/notification/notification-dialogue-min.js&m/1669010895/core/tooltip/tooltip-min.js&m/1669010895/core/popuphelp/popuphelp-min.js

Requested by

Host: tmf-group.allaccesspass.com
URL: https://tmf-group.allaccesspass.com/theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple-min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tmf-group.allaccesspass.com/auth/gigya/redirect.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 12:14:59 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
content-disposition: inline; filename="combo"
x-xss-protection: 1; mode=block
pragma
last-modified: Fri, 21 Oct 2022 14:45:02 GMT
server: cloudflare
etag: W/"781f337c9c3c0a26b3a0123af7157021f9cb23ac"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
cache-control: public, max-age=31104000, immutable
access-control-allow-credentials: true
cf-ray: 76e9d3e319629a30-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Sat, 18 Nov 2023 12:14:59 GMT

GET
H2 200 accounts.webSdkBootstrap Show response
accounts.eu1.gigya.com/ Frame 606C 199 B
1 KB 205ms
63ms XHR
text/javascript 54.229.120.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.eu1.gigya.com/accounts.webSdkBootstrap?apiKey=3_qOYUNdOudAGL3G4sZTUMpeCGVgPM3tSDjIgpJR5nGVPIRyrxSvX2zWd4_CsaeFq1&pageURL=https%3A%2F%2Ftmf-group.allaccesspass.com%2F&sdk=js_latest&sdkBuild=13455&format=json
Requested by: Host: cdns.eu1.gigya.com
URL: https://cdns.eu1.gigya.com/gs/webSdk/Api.aspx?apiKey=3_qOYUNdOudAGL3G4sZTUMpeCGVgPM3tSDjIgpJR5nGVPIRyrxSvX2zWd4_CsaeFq1&version=latest&build=13455
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.229.120.124 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-120-124.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 02f488ba91e5047e8a5053a9e10398a2981c5b4c5a402936359dd19dae469cca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdns.eu1.gigya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 12:14:59 GMT
content-encoding: gzip
x-soa: true, Gator
access-control-max-age: 86400
access-control-allow-methods: GET,PUT,DELETE,HEAD,OPTIONS,POST,PATCH
content-type: text/javascript; charset=utf-8
access-control-allow-origin: https://cdns.eu1.gigya.com
x-callid: 0dd91686331c4ac391aa18685602b6c7
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
cache-control: private
access-control-allow-credentials: true
x-server: eu1b-nomad-g7
vary: Origin, Accept-Encoding
x-robots-tag: none
content-length: 173

GET
H/1.1

200
OK

saml2 Show response
login.microsoftonline.com/733f029c-6cfd-403c-9a41-6c3063491098/
Redirect Chain

https://socialize.eu1.gigya.com/accounts.socialLogin?x_authFlow=redirect&x_provider=saml-tmf-group.allaccesspass.com&x_redirectMethod=post&x_lang=en&x_sessionExpiration=0&x_include=profile%2Cdata&x...
https://login.microsoftonline.com/733f029c-6cfd-403c-9a41-6c3063491098/saml2?SAMLRequest=tZJPc9owEMW%2Fikd3%2F5FlINYAMwxMGHcgYSDQNpeMkNdEHVsyWpmGfvraTps0h%2FbWo3Z29X5v345RVGXNZ4171ls4N4DOyxYTclKnqx...

152 KB
56 KB

227ms
76ms

Document
text/html

40.126.32.72
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.microsoftonline.com/733f029c-6cfd-403c-9a41-6c3063491098/saml2?SAMLRequest=tZJPc9owEMW%2Fikd3%2F5FlINYAMwxMGHcgYSDQNpeMkNdEHVsyWpmGfvraTps0h%2FbWo3Z29X5v345RVGXNZ4171ls4N4DOyxYTclKnqxikMh8WyVEUUSREcgNMHKNRKiDOjwJYzEbRkXgHsKiMnpA4iIiXITaQaXRCu7YUxbFPqR%2BzBxpzmvBB%2Bki8RauitHD91LNzNfIwLM1J6aBS0ho0hTO6VBoCaapwxFgRxan0h7LI%2FSRi0k9FQtsni4YsSWmU3oSdj5h4t8ZK6N1MSCFKhI5oIxDVBd4qM0SwnfrcaGwqsDuwFyVhv1298xQqrwJoaNCvogfpNMJLazNkT%2Bf7r%2Fu7%2FL7JZ8sVWyb4%2BLBf1zBfHk6bNXO7xbfsVH%2FaDvTysMm2V%2Fuyu3yJf3zOk6c5Crg90xDrUEgk3ktVauR9DBPSWM2NQIVciwqQO8l3s%2FWKt5q8tsYZaUoyHXfdvN%2B0%2FWP%2B3%2BPit2ky%2FWDx%2F9gb97%2F9YnwFrvldC5UtNqZU8tolVYn2RP7GTAPaV1TuF30rbzTWIFWhIG8zLEvzfW5BuDZXZ5s21nD6qvrxnKc%2FAQ%3D%3D&RelayState=tk1.H7fumto1TOkFq7cZM_urEF8NTDzltp2NYiJsiPGfDvI&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=CgYGHoZcby2GPfPq9ByJBPkJNfi5ToIcM6NIgVUERg8Gu5T2JGYEQcOvOGaznNEbJZrot%2FbtXd%2F23XUb%2BxVN1WY7t4q658mx0YgerQkq2IJrFy10tvc7EVtbubg5dDYgCEPB42aSOMjPqHMnWYG6Uh%2BZUQ3L1E%2FdAijOsTu5JiBygzv%2B1PTiocyxm7QLvwojoc5wBn6kkKhnFaJOKI0hC2ecwCWm%2BG2g8UEm1nT4b%2FtKb9R%2BED%2B7yNQU9JPDwiQwid62u3NAkBwWk5OQYKaLDlBXT%2Bs1aN3BSTwSBOtK4v5e%2FlSU05On3nJMKOWKvNdCkqOIIS9bG5Ig5GuAGQbU3g%3D%3D

Requested by

Host: cdns.gigya.com
URL: https://cdns.gigya.com/JS/gigya.js?apiKey=3_qOYUNdOudAGL3G4sZTUMpeCGVgPM3tSDjIgpJR5nGVPIRyrxSvX2zWd4_CsaeFq1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.126.32.72 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3c10351fb41bf54fa38dd20a653f79cd66464cdddd6ba2da0ec43fc5d2a79b4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tmf-group.allaccesspass.com/auth/gigya/redirect.php
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache
Content-Encoding: gzip
Content-Length: 55941
Content-Type: text/html; charset=utf-8
Date: Wed, 23 Nov 2022 12:14:59 GMT
Expires: -1
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
x-ms-ests-server: 2.1.14059.16 - NEULR1 ProdSlices
x-ms-request-id: 32f546fa-ed5e-4886-8d9b-daadfc177b00

Redirect headers

cache-control: private
content-length: 0
date: Wed, 23 Nov 2022 12:14:59 GMT
location: https://login.microsoftonline.com/733f029c-6cfd-403c-9a41-6c3063491098/saml2?SAMLRequest=tZJPc9owEMW%2Fikd3%2F5FlINYAMwxMGHcgYSDQNpeMkNdEHVsyWpmGfvraTps0h%2FbWo3Z29X5v345RVGXNZ4171ls4N4DOyxYTclKnqxikMh8WyVEUUSREcgNMHKNRKiDOjwJYzEbRkXgHsKiMnpA4iIiXITaQaXRCu7YUxbFPqR%2BzBxpzmvBB%2Bki8RauitHD91LNzNfIwLM1J6aBS0ho0hTO6VBoCaapwxFgRxan0h7LI%2FSRi0k9FQtsni4YsSWmU3oSdj5h4t8ZK6N1MSCFKhI5oIxDVBd4qM0SwnfrcaGwqsDuwFyVhv1298xQqrwJoaNCvogfpNMJLazNkT%2Bf7r%2Fu7%2FL7JZ8sVWyb4%2BLBf1zBfHk6bNXO7xbfsVH%2FaDvTysMm2V%2Fuyu3yJf3zOk6c5Crg90xDrUEgk3ktVauR9DBPSWM2NQIVciwqQO8l3s%2FWKt5q8tsYZaUoyHXfdvN%2B0%2FWP%2B3%2BPit2ky%2FWDx%2F9gb97%2F9YnwFrvldC5UtNqZU8tolVYn2RP7GTAPaV1TuF30rbzTWIFWhIG8zLEvzfW5BuDZXZ5s21nD6qvrxnKc%2FAQ%3D%3D&RelayState=tk1.H7fumto1TOkFq7cZM_urEF8NTDzltp2NYiJsiPGfDvI&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=CgYGHoZcby2GPfPq9ByJBPkJNfi5ToIcM6NIgVUERg8Gu5T2JGYEQcOvOGaznNEbJZrot%2FbtXd%2F23XUb%2BxVN1WY7t4q658mx0YgerQkq2IJrFy10tvc7EVtbubg5dDYgCEPB42aSOMjPqHMnWYG6Uh%2BZUQ3L1E%2FdAijOsTu5JiBygzv%2B1PTiocyxm7QLvwojoc5wBn6kkKhnFaJOKI0hC2ecwCWm%2BG2g8UEm1nT4b%2FtKb9R%2BED%2B7yNQU9JPDwiQwid62u3NAkBwWk5OQYKaLDlBXT%2Bs1aN3BSTwSBOtK4v5e%2FlSU05On3nJMKOWKvNdCkqOIIS9bG5Ig5GuAGQbU3g%3D%3D
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
x-callid: 3ec93e0e8e8744c48c94aa381d554bdc
x-robots-tag: none
x-server: eu1b-nomad-g7
x-soa: true, Gator

GET
H/1.1 200
OK Primary Request saml2 Show response
login.microsoftonline.com/733f029c-6cfd-403c-9a41-6c3063491098/ 201 KB
52 KB 113ms
112ms Document
text/html 40.126.32.72
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/733f029c-6cfd-403c-9a41-6c3063491098/saml2?SAMLRequest=tZJPc9owEMW%2Fikd3%2F5FlINYAMwxMGHcgYSDQNpeMkNdEHVsyWpmGfvraTps0h%2FbWo3Z29X5v345RVGXNZ4171ls4N4DOyxYTclKnqxikMh8WyVEUUSREcgNMHKNRKiDOjwJYzEbRkXgHsKiMnpA4iIiXITaQaXRCu7YUxbFPqR%2BzBxpzmvBB%2Bki8RauitHD91LNzNfIwLM1J6aBS0ho0hTO6VBoCaapwxFgRxan0h7LI%2FSRi0k9FQtsni4YsSWmU3oSdj5h4t8ZK6N1MSCFKhI5oIxDVBd4qM0SwnfrcaGwqsDuwFyVhv1298xQqrwJoaNCvogfpNMJLazNkT%2Bf7r%2Fu7%2FL7JZ8sVWyb4%2BLBf1zBfHk6bNXO7xbfsVH%2FaDvTysMm2V%2Fuyu3yJf3zOk6c5Crg90xDrUEgk3ktVauR9DBPSWM2NQIVciwqQO8l3s%2FWKt5q8tsYZaUoyHXfdvN%2B0%2FWP%2B3%2BPit2ky%2FWDx%2F9gb97%2F9YnwFrvldC5UtNqZU8tolVYn2RP7GTAPaV1TuF30rbzTWIFWhIG8zLEvzfW5BuDZXZ5s21nD6qvrxnKc%2FAQ%3D%3D&RelayState=tk1.H7fumto1TOkFq7cZM_urEF8NTDzltp2NYiJsiPGfDvI&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=CgYGHoZcby2GPfPq9ByJBPkJNfi5ToIcM6NIgVUERg8Gu5T2JGYEQcOvOGaznNEbJZrot%2FbtXd%2F23XUb%2BxVN1WY7t4q658mx0YgerQkq2IJrFy10tvc7EVtbubg5dDYgCEPB42aSOMjPqHMnWYG6Uh%2BZUQ3L1E%2FdAijOsTu5JiBygzv%2B1PTiocyxm7QLvwojoc5wBn6kkKhnFaJOKI0hC2ecwCWm%2BG2g8UEm1nT4b%2FtKb9R%2BED%2B7yNQU9JPDwiQwid62u3NAkBwWk5OQYKaLDlBXT%2Bs1aN3BSTwSBOtK4v5e%2FlSU05On3nJMKOWKvNdCkqOIIS9bG5Ig5GuAGQbU3g%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.126.32.72 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

16661671c2d2e13ef8fc3eea751b8e25b98daa9f192e2dd47a16ab87ba09772a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://login.microsoftonline.com/733f029c-6cfd-403c-9a41-6c3063491098/saml2?SAMLRequest=tZJPc9owEMW%2Fikd3%2F5FlINYAMwxMGHcgYSDQNpeMkNdEHVsyWpmGfvraTps0h%2FbWo3Z29X5v345RVGXNZ4171ls4N4DOyxYTclKnqxikMh8WyVEUUSREcgNMHKNRKiDOjwJYzEbRkXgHsKiMnpA4iIiXITaQaXRCu7YUxbFPqR%2BzBxpzmvBB%2Bki8RauitHD91LNzNfIwLM1J6aBS0ho0hTO6VBoCaapwxFgRxan0h7LI%2FSRi0k9FQtsni4YsSWmU3oSdj5h4t8ZK6N1MSCFKhI5oIxDVBd4qM0SwnfrcaGwqsDuwFyVhv1298xQqrwJoaNCvogfpNMJLazNkT%2Bf7r%2Fu7%2FL7JZ8sVWyb4%2BLBf1zBfHk6bNXO7xbfsVH%2FaDvTysMm2V%2Fuyu3yJf3zOk6c5Crg90xDrUEgk3ktVauR9DBPSWM2NQIVciwqQO8l3s%2FWKt5q8tsYZaUoyHXfdvN%2B0%2FWP%2B3%2BPit2ky%2FWDx%2F9gb97%2F9YnwFrvldC5UtNqZU8tolVYn2RP7GTAPaV1TuF30rbzTWIFWhIG8zLEvzfW5BuDZXZ5s21nD6qvrxnKc%2FAQ%3D%3D&RelayState=tk1.H7fumto1TOkFq7cZM_urEF8NTDzltp2NYiJsiPGfDvI&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=CgYGHoZcby2GPfPq9ByJBPkJNfi5ToIcM6NIgVUERg8Gu5T2JGYEQcOvOGaznNEbJZrot%2FbtXd%2F23XUb%2BxVN1WY7t4q658mx0YgerQkq2IJrFy10tvc7EVtbubg5dDYgCEPB42aSOMjPqHMnWYG6Uh%2BZUQ3L1E%2FdAijOsTu5JiBygzv%2B1PTiocyxm7QLvwojoc5wBn6kkKhnFaJOKI0hC2ecwCWm%2BG2g8UEm1nT4b%2FtKb9R%2BED%2B7yNQU9JPDwiQwid62u3NAkBwWk5OQYKaLDlBXT%2Bs1aN3BSTwSBOtK4v5e%2FlSU05On3nJMKOWKvNdCkqOIIS9bG5Ig5GuAGQbU3g%3D%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache
Content-Encoding: gzip
Content-Length: 51534
Content-Type: text/html; charset=utf-8
Date: Wed, 23 Nov 2022 12:14:59 GMT
Expires: -1
Link: <https://aadcdn.msftauth.net>; rel=preconnect; crossorigin <https://aadcdn.msftauth.net>; rel=dns-prefetch <https://aadcdn.msauth.net>; rel=dns-prefetch
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-DNS-Prefetch-Control: on
X-Frame-Options: DENY
X-XSS-Protection: 0
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
x-ms-ests-server: 2.1.14059.16 - NEULR1 ProdSlices
x-ms-request-id: 02dce27a-d1c6-4363-b5db-96f443e68d00

GET
H2 200 ConvergedLogin_PCore_pcipSPYgxw6k0H7PwESK3w2.js Show response
aadcdn.msftauth.net/shared/1.0/content/js/ 387 KB
110 KB 164ms
38ms Script
application/x-javascript 152.199.23.37
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_pcipSPYgxw6k0H7PwESK3w2.js
Requested by: Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/733f029c-6cfd-403c-9a41-6c3063491098/saml2?SAMLRequest=tZJPc9owEMW%2Fikd3%2F5FlINYAMwxMGHcgYSDQNpeMkNdEHVsyWpmGfvraTps0h%2FbWo3Z29X5v345RVGXNZ4171ls4N4DOyxYTclKnqxikMh8WyVEUUSREcgNMHKNRKiDOjwJYzEbRkXgHsKiMnpA4iIiXITaQaXRCu7YUxbFPqR%2BzBxpzmvBB%2Bki8RauitHD91LNzNfIwLM1J6aBS0ho0hTO6VBoCaapwxFgRxan0h7LI%2FSRi0k9FQtsni4YsSWmU3oSdj5h4t8ZK6N1MSCFKhI5oIxDVBd4qM0SwnfrcaGwqsDuwFyVhv1298xQqrwJoaNCvogfpNMJLazNkT%2Bf7r%2Fu7%2FL7JZ8sVWyb4%2BLBf1zBfHk6bNXO7xbfsVH%2FaDvTysMm2V%2Fuyu3yJf3zOk6c5Crg90xDrUEgk3ktVauR9DBPSWM2NQIVciwqQO8l3s%2FWKt5q8tsYZaUoyHXfdvN%2B0%2FWP%2B3%2BPit2ky%2FWDx%2F9gb97%2F9YnwFrvldC5UtNqZU8tolVYn2RP7GTAPaV1TuF30rbzTWIFWhIG8zLEvzfW5BuDZXZ5s21nD6qvrxnKc%2FAQ%3D%3D&RelayState=tk1.H7fumto1TOkFq7cZM_urEF8NTDzltp2NYiJsiPGfDvI&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=CgYGHoZcby2GPfPq9ByJBPkJNfi5ToIcM6NIgVUERg8Gu5T2JGYEQcOvOGaznNEbJZrot%2FbtXd%2F23XUb%2BxVN1WY7t4q658mx0YgerQkq2IJrFy10tvc7EVtbubg5dDYgCEPB42aSOMjPqHMnWYG6Uh%2BZUQ3L1E%2FdAijOsTu5JiBygzv%2B1PTiocyxm7QLvwojoc5wBn6kkKhnFaJOKI0hC2ecwCWm%2BG2g8UEm1nT4b%2FtKb9R%2BED%2B7yNQU9JPDwiQwid62u3NAkBwWk5OQYKaLDlBXT%2Bs1aN3BSTwSBOtK4v5e%2FlSU05On3nJMKOWKvNdCkqOIIS9bG5Ig5GuAGQbU3g%3D%3D&sso_reload=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4D0C) /
Resource Hash: 4660771cd255710f7f04b9a391d536a2e8aa20c1617534e7941b93df1f577194

Request headers

Referer: https://login.microsoftonline.com/
Origin: https://login.microsoftonline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 23 Nov 2022 12:15:00 GMT
content-encoding: gzip
content-md5: GWIREUt3H0wPJYOZTfRfQg==
age: 3528985
x-cache: HIT
content-length: 111991
x-ms-lease-status: unlocked
last-modified: Wed, 12 Oct 2022 00:11:49 GMT
server: ECAcc (frc/4D0C)
etag: 0x8DAABE65BB403E5
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: c0c7f74e-b01e-009c-541c-df556b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H/1.1 200
OK Me.htm
login.live.com/ 0
0 280ms
129ms Other
text/html 20.190.160.22
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://login.live.com/Me.htm?v=3
Requested by: Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/733f029c-6cfd-403c-9a41-6c3063491098/saml2?SAMLRequest=tZJPc9owEMW%2Fikd3%2F5FlINYAMwxMGHcgYSDQNpeMkNdEHVsyWpmGfvraTps0h%2FbWo3Z29X5v345RVGXNZ4171ls4N4DOyxYTclKnqxikMh8WyVEUUSREcgNMHKNRKiDOjwJYzEbRkXgHsKiMnpA4iIiXITaQaXRCu7YUxbFPqR%2BzBxpzmvBB%2Bki8RauitHD91LNzNfIwLM1J6aBS0ho0hTO6VBoCaapwxFgRxan0h7LI%2FSRi0k9FQtsni4YsSWmU3oSdj5h4t8ZK6N1MSCFKhI5oIxDVBd4qM0SwnfrcaGwqsDuwFyVhv1298xQqrwJoaNCvogfpNMJLazNkT%2Bf7r%2Fu7%2FL7JZ8sVWyb4%2BLBf1zBfHk6bNXO7xbfsVH%2FaDvTysMm2V%2Fuyu3yJf3zOk6c5Crg90xDrUEgk3ktVauR9DBPSWM2NQIVciwqQO8l3s%2FWKt5q8tsYZaUoyHXfdvN%2B0%2FWP%2B3%2BPit2ky%2FWDx%2F9gb97%2F9YnwFrvldC5UtNqZU8tolVYn2RP7GTAPaV1TuF30rbzTWIFWhIG8zLEvzfW5BuDZXZ5s21nD6qvrxnKc%2FAQ%3D%3D&RelayState=tk1.H7fumto1TOkFq7cZM_urEF8NTDzltp2NYiJsiPGfDvI&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=CgYGHoZcby2GPfPq9ByJBPkJNfi5ToIcM6NIgVUERg8Gu5T2JGYEQcOvOGaznNEbJZrot%2FbtXd%2F23XUb%2BxVN1WY7t4q658mx0YgerQkq2IJrFy10tvc7EVtbubg5dDYgCEPB42aSOMjPqHMnWYG6Uh%2BZUQ3L1E%2FdAijOsTu5JiBygzv%2B1PTiocyxm7QLvwojoc5wBn6kkKhnFaJOKI0hC2ecwCWm%2BG2g8UEm1nT4b%2FtKb9R%2BED%2B7yNQU9JPDwiQwid62u3NAkBwWk5OQYKaLDlBXT%2Bs1aN3BSTwSBOtK4v5e%2FlSU05On3nJMKOWKvNdCkqOIIS9bG5Ig5GuAGQbU3g%3D%3D&sso_reload=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.190.160.22 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H2 200 converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 0
20 KB 149ms
38ms Other
text/css 152.199.23.37
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css
Requested by: Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/733f029c-6cfd-403c-9a41-6c3063491098/saml2?SAMLRequest=tZJPc9owEMW%2Fikd3%2F5FlINYAMwxMGHcgYSDQNpeMkNdEHVsyWpmGfvraTps0h%2FbWo3Z29X5v345RVGXNZ4171ls4N4DOyxYTclKnqxikMh8WyVEUUSREcgNMHKNRKiDOjwJYzEbRkXgHsKiMnpA4iIiXITaQaXRCu7YUxbFPqR%2BzBxpzmvBB%2Bki8RauitHD91LNzNfIwLM1J6aBS0ho0hTO6VBoCaapwxFgRxan0h7LI%2FSRi0k9FQtsni4YsSWmU3oSdj5h4t8ZK6N1MSCFKhI5oIxDVBd4qM0SwnfrcaGwqsDuwFyVhv1298xQqrwJoaNCvogfpNMJLazNkT%2Bf7r%2Fu7%2FL7JZ8sVWyb4%2BLBf1zBfHk6bNXO7xbfsVH%2FaDvTysMm2V%2Fuyu3yJf3zOk6c5Crg90xDrUEgk3ktVauR9DBPSWM2NQIVciwqQO8l3s%2FWKt5q8tsYZaUoyHXfdvN%2B0%2FWP%2B3%2BPit2ky%2FWDx%2F9gb97%2F9YnwFrvldC5UtNqZU8tolVYn2RP7GTAPaV1TuF30rbzTWIFWhIG8zLEvzfW5BuDZXZ5s21nD6qvrxnKc%2FAQ%3D%3D&RelayState=tk1.H7fumto1TOkFq7cZM_urEF8NTDzltp2NYiJsiPGfDvI&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=CgYGHoZcby2GPfPq9ByJBPkJNfi5ToIcM6NIgVUERg8Gu5T2JGYEQcOvOGaznNEbJZrot%2FbtXd%2F23XUb%2BxVN1WY7t4q658mx0YgerQkq2IJrFy10tvc7EVtbubg5dDYgCEPB42aSOMjPqHMnWYG6Uh%2BZUQ3L1E%2FdAijOsTu5JiBygzv%2B1PTiocyxm7QLvwojoc5wBn6kkKhnFaJOKI0hC2ecwCWm%2BG2g8UEm1nT4b%2FtKb9R%2BED%2B7yNQU9JPDwiQwid62u3NAkBwWk5OQYKaLDlBXT%2Bs1aN3BSTwSBOtK4v5e%2FlSU05On3nJMKOWKvNdCkqOIIS9bG5Ig5GuAGQbU3g%3D%3D&sso_reload=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4C94) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 23 Nov 2022 12:15:00 GMT
content-encoding: gzip
content-md5: 9K2/nGCj75WAmmAI9nZNCA==
age: 6005068
x-cache: HIT
content-length: 19970
x-ms-lease-status: unlocked
last-modified: Thu, 04 Aug 2022 19:37:00 GMT
server: ECAcc (frc/4C94)
etag: 0x8DA7650B375AC9B
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: ce9670ed-701e-0052-0a97-c89062000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 ux.converged.login.strings-de.min_w9ffmkgdjw2mvq5qbz675a2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 0
15 KB 185ms
74ms Other
application/x-javascript 152.199.23.37
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-de.min_w9ffmkgdjw2mvq5qbz675a2.js
Requested by: Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/733f029c-6cfd-403c-9a41-6c3063491098/saml2?SAMLRequest=tZJPc9owEMW%2Fikd3%2F5FlINYAMwxMGHcgYSDQNpeMkNdEHVsyWpmGfvraTps0h%2FbWo3Z29X5v345RVGXNZ4171ls4N4DOyxYTclKnqxikMh8WyVEUUSREcgNMHKNRKiDOjwJYzEbRkXgHsKiMnpA4iIiXITaQaXRCu7YUxbFPqR%2BzBxpzmvBB%2Bki8RauitHD91LNzNfIwLM1J6aBS0ho0hTO6VBoCaapwxFgRxan0h7LI%2FSRi0k9FQtsni4YsSWmU3oSdj5h4t8ZK6N1MSCFKhI5oIxDVBd4qM0SwnfrcaGwqsDuwFyVhv1298xQqrwJoaNCvogfpNMJLazNkT%2Bf7r%2Fu7%2FL7JZ8sVWyb4%2BLBf1zBfHk6bNXO7xbfsVH%2FaDvTysMm2V%2Fuyu3yJf3zOk6c5Crg90xDrUEgk3ktVauR9DBPSWM2NQIVciwqQO8l3s%2FWKt5q8tsYZaUoyHXfdvN%2B0%2FWP%2B3%2BPit2ky%2FWDx%2F9gb97%2F9YnwFrvldC5UtNqZU8tolVYn2RP7GTAPaV1TuF30rbzTWIFWhIG8zLEvzfW5BuDZXZ5s21nD6qvrxnKc%2FAQ%3D%3D&RelayState=tk1.H7fumto1TOkFq7cZM_urEF8NTDzltp2NYiJsiPGfDvI&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=CgYGHoZcby2GPfPq9ByJBPkJNfi5ToIcM6NIgVUERg8Gu5T2JGYEQcOvOGaznNEbJZrot%2FbtXd%2F23XUb%2BxVN1WY7t4q658mx0YgerQkq2IJrFy10tvc7EVtbubg5dDYgCEPB42aSOMjPqHMnWYG6Uh%2BZUQ3L1E%2FdAijOsTu5JiBygzv%2B1PTiocyxm7QLvwojoc5wBn6kkKhnFaJOKI0hC2ecwCWm%2BG2g8UEm1nT4b%2FtKb9R%2BED%2B7yNQU9JPDwiQwid62u3NAkBwWk5OQYKaLDlBXT%2Bs1aN3BSTwSBOtK4v5e%2FlSU05On3nJMKOWKvNdCkqOIIS9bG5Ig5GuAGQbU3g%3D%3D&sso_reload=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CF9) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 23 Nov 2022 12:15:00 GMT
content-encoding: gzip
content-md5: x7NkWVmGu9tvdg9HAzMd6w==
age: 3523260
x-cache: HIT
content-length: 15338
x-ms-lease-status: unlocked
last-modified: Wed, 12 Oct 2022 19:43:55 GMT
server: ECAcc (frc/4CF9)
etag: 0x8DAAC8A18FAB2DC
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 19445898-401e-0028-5029-df87fb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 convergedlogin_pcustomizationloader_8dc1586f19519d6b618f.js Show response
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 107 KB
32 KB 135ms
39ms Script
application/x-javascript 152.199.23.37
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_8dc1586f19519d6b618f.js
Requested by: Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_pcipSPYgxw6k0H7PwESK3w2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4C9C) /
Resource Hash: 89c66a143b0bcbb7377096e70b1d323900036949e52a99372332c12c27b75dcd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 23 Nov 2022 12:15:00 GMT
content-encoding: gzip
content-md5: xYMsa398BlO7oQWNFlhVpg==
age: 5980295
x-cache: HIT
content-length: 32180
x-ms-lease-status: unlocked
last-modified: Wed, 07 Sep 2022 21:52:20 GMT
server: ECAcc (frc/4C9C)
etag: 0x8DA911B3D1A0EB6
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 7435bd4a-a01e-003b-63d1-c8cbb3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 2_bc3d32a696895f78c19df6c717586a5d.svg
aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/ 2 KB
1 KB 131ms
37ms Image
image/svg+xml 152.199.23.37
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CE3) /
Resource Hash: 0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 23 Nov 2022 12:15:00 GMT
content-encoding: gzip
content-md5: DhdidjYrlCeaRJJRG/y9mA==
age: 6005067
x-cache: HIT
content-length: 673
x-ms-lease-status: unlocked
last-modified: Wed, 12 Feb 2020 22:01:50 GMT
server: ECAcc (frc/4CE3)
etag: 0x8D7B007297AE131
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: f66b17b7-a01e-0078-3697-c8c471000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 bannerlogo
aadcdn.msftauthimages.net/c1c6b6c8-5gfhiirjqq-ybr8dqhsu3iowa1ne3ps3jk7ygmdpwcm/logintenantbranding/0/ 4 KB
4 KB 273ms
47ms Image
image/jpeg 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msftauthimages.net/c1c6b6c8-5gfhiirjqq-ybr8dqhsu3iowa1ne3ps3jk7ygmdpwcm/logintenantbranding/0/bannerlogo?ts=636347699505296827
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b85163cad3e113041f3ac5ee224a285da343639bcf58f2e6ce9ef50e21006397

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 23 Nov 2022 12:15:00 GMT
last-modified: Tue, 04 Jul 2017 12:59:10 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: Lwa+ROVZPfbMG4j9034rQg==
etag: 0x8D4C2DC76D21603
vary: Origin
x-cache: TCP_HIT
content-type: image/jpeg
x-azure-ref: 0xA5+YwAAAAA5kwjFA4vNTagQnrHr4cAYQU1TMDRFREdFMTkxMQA1OTY2NTcxNS00MjZhLTRmMWMtYTA1OS1kNWRmZDQwYWU2Yjk=
x-ms-request-id: d68fdd68-001e-0037-4702-ff8900000000
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
content-length: 3856

GET
H2 200 signin-options_4e48046ce74f4b89d45037c90576bfac.svg
aadcdn.msftauth.net/shared/1.0/content/images/ 2 KB
771 B 37ms
37ms Image
image/svg+xml 152.199.23.37
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CA3) /
Resource Hash: 8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 23 Nov 2022 12:15:00 GMT
content-encoding: gzip
content-md5: R2FAVxfpONfnQAuxVxXbHg==
age: 6005065
x-cache: HIT
content-length: 621
x-ms-lease-status: unlocked
last-modified: Tue, 10 Nov 2020 03:41:05 GMT
server: ECAcc (frc/4CA3)
etag: 0x8D8852A740F01B9
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 42aceff7-b01e-0055-2797-c888ae000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
tmf-group.allaccesspass.com/	1969-12-31 23:59:59	Name: MoodleSession Value: ac7uueojm4qn12aqt545qkter1
.tmf-group.allaccesspass.com/	1969-12-31 23:59:59	Name: gig_canary Value: false
.tmf-group.allaccesspass.com/	1969-12-31 23:59:59	Name: gig_canary_ver Value: 13455-3-27820095
.gigya.com/	1970-01-20 16:25:41	Name: gmid Value: gmid.ver4.AcbHK9sqZQ.ohNHO_odkIrSgW1PElmc1NrC_4FdZW5nbPx5tMdU5X3EFpJxHwCtbVHOWmHLKqr_.KEo8_rq7ms4Q1CIEuRtapktswpkZgDf1sYz5F3ImbE0NzQdftidQ447HoO6oB6znDASaGuKih6tkA1OiBBhShA.sc3
.gigya.com/	1970-01-20 16:25:41	Name: ucid Value: QIRQtuVEaBIYyJ6gtoAxkA
.gigya.com/	1970-01-20 12:00:40	Name: hasGmid Value: ver4
.allaccesspass.com/	1970-01-20 16:25:41	Name: gig_bootstrap_3_qOYUNdOudAGL3G4sZTUMpeCGVgPM3tSDjIgpJR5nGVPIRyrxSvX2zWd4_CsaeFq1 Value: _gigya_ver4
login.microsoftonline.com/	1969-12-31 23:59:59	Name: x-ms-gateway-slice Value: estsfd
login.microsoftonline.com/	1969-12-31 23:59:59	Name: stsservicecookie Value: estsfd
.login.microsoftonline.com/	1969-12-31 23:59:59	Name: AADSSO Value: NA\|NoExtension
login.microsoftonline.com/	1970-01-20 07:40:05	Name: SSOCOOKIEPULLED Value: 1
login.microsoftonline.com/	1970-01-20 08:23:17	Name: buid Value: 0.ASAAnAI_c_1sPECaQWwwY0kQmFD06HYEicdCqG6vhdmN-JQgAAA.AQABAAEAAAD--DLA3VO7QrddgJg7WevrUDTO7Y3cl3ZLsTpUX7FhndKmz8g68Wfl2a5EMmO77YnjIdbOJsp3Z5jpImMNPDPtk0B2oIPlX8v7SmydIKU4WetHL2uI0ISW48FW69CabZUgAA
login.microsoftonline.com/	1970-01-20 08:23:17	Name: fpc Value: AlzBtTgkzk5KkNCTidFrWVXNx-izAQAAAMMFENsOAAAA
.login.microsoftonline.com/	1969-12-31 23:59:59	Name: esctx Value: AQABAAAAAAD--DLA3VO7QrddgJg7WevrHP1VmSM4QaMaN8sYpT1s7ZZeKvQ1tUtds9qlH25lD2yXLV0UN7zmcrWgho5hKZPgUCpQonT6pXeK7BvmO_XEz5Zc1iYOU7bTIJinphPubciad4ZwupRezF3wSBj6bxbjmt3MzvRbWZ1tVqaxG_2leIvxFP_L5CnI8dKSR9z0jD1HGvgkHnUACrA9JNKLPTPh2OZe7Bp0Y7PoFSER72XbPa7T7vfF9CCHhZnUiWQrKKQgAA
.login.microsoftonline.com/	1970-01-20 17:01:41	Name: brcap Value: 0
.login.live.com/	1969-12-31 23:59:59	Name: uaid Value: 3b8983165916409dbfe99b754c2aeaad
.login.live.com/	1969-12-31 23:59:59	Name: MSPRequ Value: id=N&lt=1669205700&co=1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msftauth.net
aadcdn.msftauthimages.net
aap-prod.s3.amazonaws.com
accounts.eu1.gigya.com
cdns.eu1.gigya.com
cdns.gigya.com
login.live.com
login.microsoftonline.com
socialize.eu1.gigya.com
tmf-group.allaccesspass.com
152.199.23.37
20.190.160.22
2606:4700::6811:9e2f
2620:1ec:46::45
40.126.32.72
52.218.154.59
54.229.120.124
88.221.169.5
02f488ba91e5047e8a5053a9e10398a2981c5b4c5a402936359dd19dae469cca
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
13eaaadfa414f262b7964320054bb2b322b9ef9f3522bc25c9d60dc83b5141cf
16661671c2d2e13ef8fc3eea751b8e25b98daa9f192e2dd47a16ab87ba09772a
1f73db0dc8fe00079464842772e42e9bd368d7218c38e48ca63474184acd9c39
244ff779cc4a0d32d8a21e1dceece94080b39c4b2c77ab5c0a772f333db71216
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3195ad9f8f03f61bbc60571b47b67ba7e41b0cf29e881ab188ff2dadf766e073
356a02f3243113778274eaee7c110df2a21c16bd1e6e866678cc0f508351c462
3a2d6421f973af3b1b7e98b3a8eb7692de99ece157bc702261a4bfc390db0024
3a75d1fac0a0168607c4f90d6e75a73aba29336dcc3fdf272bc0e7a42f255046
3c10351fb41bf54fa38dd20a653f79cd66464cdddd6ba2da0ec43fc5d2a79b4d
44e1c6e07e9368fef34008b5c7219e220bf4af5e67dd052392670cf73aac5540
4660771cd255710f7f04b9a391d536a2e8aa20c1617534e7941b93df1f577194
47d4926ac5a1fc8fb429ef63b24d171ebc2c937ddf8f365229c400981e5e5028
621c0f52571ccff5dab81de13db26fda4b4a7dad83a01827c9139571023abea4
7eb61ba5b02c939a8985c145a24985cb3b4e3cadfcfc00fa5bca76aa0d8c5238
801a3317757f5f29dc05a23fcbd2a5d171b455bf27fee554dc77736439a0bf6d
88425afc6e97c1d162e0a355b790dc4e020ff80b632e5649697dca5bc784002d
89c66a143b0bcbb7377096e70b1d323900036949e52a99372332c12c27b75dcd
8c1a4c25634d5841924aab1848acc9dcbc3d5672183053c8b71ff2139b65d7c3
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
9ac2de3e6a6056a0216b17da4138c320b453367bedeab33910a473bdcd8564fe
9ce0dbd6a1df9332653e27d1ddc505c5b78fd82b4112de0ec63840c3fbe0b8c2
b85163cad3e113041f3ac5ee224a285da343639bcf58f2e6ce9ef50e21006397
c4cc4d14d94d940a82ceb24dc9c9ae9d4573a436e1369db31f2d9c2b1546fe18
c8edda064d7c63f7054917d4b362a21f658c30402bbb3a2e0c2b068da5d87764
d48070cc41f2a2635157b17181a8c3301e2dadc903b9cb8f2cda85e4f5552181
d9e07890edf5f6f350ef465b37479fc6192923e60e64d9f20af37eb3b011cc66
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec9d65cb26cade9adcf9c012734551cf8c86c49a1ff45fef12662ae42f312e3f
ed4491873cc15e90b7be65f894f70dbb1dd542486162026ab2383a4cad931556
fbd5b8255a99afe96e89a88423275ed4e93083fad3311dd349906122e63206a0

login.microsoftonline.com Open in urlscan Pro 40.126.32.72 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

37 Requests

100 %HTTPS

25 %IPv6

7 Domains

10 Subdomains

8 IPs

4 Countries

1564 kBTransfer

6087 kBSize

17 Cookies

3 Outgoing links

Page URL History

Redirected requests

37 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

login.microsoftonline.com Open in urlscan Pro
40.126.32.72 Public Scan

Screenshot
Live screenshot

Full Image

37
Requests

100 %
HTTPS

25 %
IPv6

7
Domains

10
Subdomains

8
IPs

4
Countries

1564 kB
Transfer

6087 kB
Size

17
Cookies

37 HTTP transactions
0 data transactions