urlscan.io logo urlscan.io
SecurityTrails logo

pass.canalplus.com Open in urlscan Pro
15.197.195.200  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://samsung.canalplus.com/
Effective URL: https://pass.canalplus.com/oauth2/default/v1/authorize?client_id=0oa7mop7kI79jDOCA416&redirect_uri=https%3A%2F%2Fpass.canal...
Submission: On October 01 via api from CZ — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 7 domains to perform 19 HTTP transactions. The main IP is 15.197.195.200, located in United States and belongs to AMAZON-02, US. The main domain is pass.canalplus.com. The Cisco Umbrella rank of the primary domain is 241942.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on September 11th 2023. Valid for: a year.
This is the only time pass.canalplus.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 6 95.101.111.170 20940 (AKAMAI-ASN1)
3 3 184.30.21.12 16625 (AKAMAI-AS)
2 15.197.195.200 16509 (AMAZON-02)
5 18.239.69.47 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
5 2600:9000:206... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 108.138.7.41 16509 (AMAZON-02)
19 8
6    95.101.111.170 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-111-170.deploy.static.akamaitechnologies.com
samsung.canalplus.com
account.canalplus.com
data.canalplus.com
data.api.canalplus.com
3    184.30.21.12 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-21-12.deploy.static.akamaitechnologies.com
pass.canal-plus.com
2    15.197.195.200 (United States)

ASN16509 (AMAZON-02, US)
PTR: ac4b547508e00da8e.awsglobalaccelerator.com
pass.canalplus.com
5    18.239.69.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-69-47.ams58.r.cloudfront.net
ok9static.oktacdn.com
1    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2600:9000:206f:4c00:2:4460:3800:93a1 (United States)

ASN16509 (AMAZON-02, US)
widget-content.prod.pass.canal.aws.io-cplus.net
1    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    108.138.7.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-41.fra56.r.cloudfront.net
login.okta.com
Apex Domain
Subdomains		 Transfer
8 canalplus.com
samsung.canalplus.com
account.canalplus.com — Cisco Umbrella Rank: 477425
pass.canalplus.com — Cisco Umbrella Rank: 241942
data.canalplus.com — Cisco Umbrella Rank: 218645
data.api.canalplus.com — Cisco Umbrella Rank: 178101
143 KB
5 io-cplus.net
widget-content.prod.pass.canal.aws.io-cplus.net — Cisco Umbrella Rank: 519767
322 KB
5 oktacdn.com
ok9static.oktacdn.com — Cisco Umbrella Rank: 61348
530 KB
3 canal-plus.com
pass.canal-plus.com — Cisco Umbrella Rank: 392019
2 KB
2 okta.com
login.okta.com — Cisco Umbrella Rank: 9163
97 KB
1 gstatic.com
fonts.gstatic.com
16 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 113
832 B
19 7
Domain Requested by
5 widget-content.prod.pass.canal.aws.io-cplus.net pass.canalplus.com
5 ok9static.oktacdn.com pass.canalplus.com
ok9static.oktacdn.com
3 pass.canal-plus.com 3 redirects
2 login.okta.com ok9static.oktacdn.com
login.okta.com
2 data.canalplus.com pass.canalplus.com
data.canalplus.com
2 pass.canalplus.com ok9static.oktacdn.com
2 account.canalplus.com 2 redirects
1 data.api.canalplus.com data.canalplus.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com pass.canalplus.com
1 samsung.canalplus.com 1 redirects
19 11

This site contains links to these domains. Also see Links.

Domain
account.canalplus.com
Subject Issuer Validity Valid
pass.canalplus.com
Sectigo RSA Organization Validation Secure Server CA		 2023-09-11 -
2024-09-10		 a year crt.sh
*.oktacdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-03 -
2024-01-02		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
widget-content.prod.pass.canal.aws.io-cplus.net
Amazon RSA 2048 M01		 2023-02-10 -
2024-03-10		 a year crt.sh
www.canalplus.com
R3		 2023-08-09 -
2023-11-07		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
accounts.okta.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2024-07-24		 a year crt.sh

This page contains 3 frames:

Primary Page: https://pass.canalplus.com/oauth2/default/v1/authorize?client_id=0oa7mop7kI79jDOCA416&redirect_uri=https%3A%2F%2Fpass.canal-plus.com%2Fprovider%2Foauth2sp%2Fauth%2FCPOKT&response_type=code&scope=profile+openid+email+address+phone+offline_access&login_hint=&state=redirect_uri%3Dhttps%253A%252F%252Faccount.canalplus.com%252Ffr%252Fcode%252Fsamsung%26platform%3DPC
Frame ID: 09CFBBC41A70CBC55E9F0D2001F7176C
Requests: 20 HTTP requests in this frame

Frame: https://data.canalplus.com/production/v2/cookie-sync.html
Frame ID: 7E6AD9FE3CB77ADABA435A937FBC5F67
Requests: 1 HTTP requests in this frame

Frame: https://login.okta.com/discovery/iframe.html
Frame ID: 82B09DAA20BA237310682F70E2AC43E0
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Canal+ Authentication

Page URL History Show full URLs

  1. https://samsung.canalplus.com/ HTTP 301
    https://account.canalplus.com/de/code/samsung HTTP 308
    https://account.canalplus.com/fr/code/samsung HTTP 307
    https://pass.canal-plus.com/provider-IdPOAuth2/auth/PROVIDER?client_id=2E4A08AA4ACEF15A&portailId=vbdTj7... HTTP 302
    https://pass.canal-plus.com/provider/oauth2/auth?appLocation=fr&clientId=2E4A08AA4ACEF15A&level=1&offerZ... HTTP 302
    https://pass.canal-plus.com/provider/oauth2sp/code/CPOKT HTTP 302
    https://pass.canalplus.com/oauth2/default/v1/authorize?client_id=0oa7mop7kI79jDOCA416&redirect_uri=http... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

100 %
HTTPS

38 %
IPv6

7
Domains

11
Subdomains

8
IPs

2
Countries

1107 kB
Transfer

2652 kB
Size

18
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://samsung.canalplus.com/ HTTP 301
    https://account.canalplus.com/de/code/samsung HTTP 308
    https://account.canalplus.com/fr/code/samsung HTTP 307
    https://pass.canal-plus.com/provider-IdPOAuth2/auth/PROVIDER?client_id=2E4A08AA4ACEF15A&portailId=vbdTj7eb6aM.&redirect_uri=https%3A%2F%2Faccount.canalplus.com%2Ffr%2Fcode%2Fsamsung&response_type=code&scope=pass_profile&state=origref%3Dhttps%3A%2F%2Faccount.canalplus.com%2Ffr%2Fcode%2Fsamsung&media=PC&appLocation=fr&offerZone=cpfra HTTP 302
    https://pass.canal-plus.com/provider/oauth2/auth?appLocation=fr&clientId=2E4A08AA4ACEF15A&level=1&offerZone=cpfra&pass_target=http%3A%2F%2Fpass.canal-plus.com%2Fprovider%2Fauth&scope=pass_profile&sourceURL=https%3A%2F%2Fpass.canal-plus.com%2Fprovider-IdPOAuth2%2Fauth%2FPROVIDER%3Fclient_id%3D2E4A08AA4ACEF15A%26portailId%3DvbdTj7eb6aM.%26redirect_uri%3Dhttps%253A%252F%252Faccount.canalplus.com%252Ffr%252Fcode%252Fsamsung%26response_type%3Dcode%26scope%3Dpass_profile%26state%3Dorigref%253Dhttps%253A%252F%252Faccount.canalplus.com%252Ffr%252Fcode%252Fsamsung%26media%3DPC%26appLocation%3Dfr%26offerZone%3Dcpfra%26sng_authz_req_id%3Dln7g62me4689%26tabId%3D1256421143 HTTP 302
    https://pass.canal-plus.com/provider/oauth2sp/code/CPOKT HTTP 302
    https://pass.canalplus.com/oauth2/default/v1/authorize?client_id=0oa7mop7kI79jDOCA416&redirect_uri=https%3A%2F%2Fpass.canal-plus.com%2Fprovider%2Foauth2sp%2Fauth%2FCPOKT&response_type=code&scope=profile+openid+email+address+phone+offline_access&login_hint=&state=redirect_uri%3Dhttps%253A%252F%252Faccount.canalplus.com%252Ffr%252Fcode%252Fsamsung%26platform%3DPC Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request authorize
pass.canalplus.com/oauth2/default/v1/
Redirect Chain
  • https://samsung.canalplus.com/
  • https://account.canalplus.com/de/code/samsung
  • https://account.canalplus.com/fr/code/samsung
  • https://pass.canal-plus.com/provider-IdPOAuth2/auth/PROVIDER?client_id=2E4A08AA4ACEF15A&portailId=vbdTj7eb6aM.&redirect_uri=https%3A%2F%2Faccount.canalplus.com%2Ffr%2Fcode%2Fsamsung&response_type=c...
  • https://pass.canal-plus.com/provider/oauth2/auth?appLocation=fr&clientId=2E4A08AA4ACEF15A&level=1&offerZone=cpfra&pass_target=http%3A%2F%2Fpass.canal-plus.com%2Fprovider%2Fauth&scope=pass_profile&s...
  • https://pass.canal-plus.com/provider/oauth2sp/code/CPOKT
  • https://pass.canalplus.com/oauth2/default/v1/authorize?client_id=0oa7mop7kI79jDOCA416&redirect_uri=https%3A%2F%2Fpass.canal-plus.com%2Fprovider%2Foauth2sp%2Fauth%2FCPOKT&response_type=code&scope=pr...
371 KB
95 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pass.canalplus.com/oauth2/default/v1/authorize?client_id=0oa7mop7kI79jDOCA416&redirect_uri=https%3A%2F%2Fpass.canal-plus.com%2Fprovider%2Foauth2sp%2Fauth%2FCPOKT&response_type=code&scope=profile+openid+email+address+phone+offline_access&login_hint=&state=redirect_uri%3Dhttps%253A%252F%252Faccount.canalplus.com%252Ffr%252Fcode%252Fsamsung%26platform%3DPC
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.195.200 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ac4b547508e00da8e.awsglobalaccelerator.com
Software
nginx /
Resource Hash
717f092e6abd17508376ff807cf026acd65e3b133d5bfb3d0cbcdf073d75f3cc
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Type
text/html;charset=utf-8
Date
Sun, 01 Oct 2023 12:37:40 GMT
Keep-Alive
timeout=5, max=100
Server
nginx
Strict-Transport-Security
max-age=315360000; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Robots-Tag
noindex,nofollow
cache-control
no-cache, no-store
content-language
de
expires
0
p3p
CP="HONK"
pragma
no-cache
referrer-policy
no-referrer
x-content-type-options
nosniff
x-okta-request-id
ZRloFKSfnnXaUSPhdRpAmwAAAms
x-rate-limit-limit
60
x-rate-limit-remaining
59
x-rate-limit-reset
1696163920
x-ua-compatible
IE=edge
x-xss-protection
0

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
*
content-language
de-DE
content-length
0
date
Sun, 01 Oct 2023 12:37:40 GMT
location
https://pass.canalplus.com/oauth2/default/v1/authorize?client_id=0oa7mop7kI79jDOCA416&redirect_uri=https%3A%2F%2Fpass.canal-plus.com%2Fprovider%2Foauth2sp%2Fauth%2FCPOKT&response_type=code&scope=profile+openid+email+address+phone+offline_access&login_hint=&state=redirect_uri%3Dhttps%253A%252F%252Faccount.canalplus.com%252Ffr%252Fcode%252Fsamsung%26platform%3DPC
server
nginx
okta-sign-in.min.js
ok9static.oktacdn.com/assets/js/sdk/okta-signin-widget/4.5.2/js/ 		1 MB
395 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ok9static.oktacdn.com/assets/js/sdk/okta-signin-widget/4.5.2/js/okta-sign-in.min.js
Requested by
Host: pass.canalplus.com
URL: https://pass.canalplus.com/oauth2/default/v1/authorize?client_id=0oa7mop7kI79jDOCA416&redirect_uri=https%3A%2F%2Fpass.canal-plus.com%2Fprovider%2Foauth2sp%2Fauth%2FCPOKT&response_type=code&scope=profile+openid+email+address+phone+offline_access&login_hint=&state=redirect_uri%3Dhttps%253A%252F%252Faccount.canalplus.com%252Ffr%252Fcode%252Fsamsung%26platform%3DPC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.69.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-69-47.ams58.r.cloudfront.net
Software
nginx /
Resource Hash
17eb4e2c1b9e78c024883990fb58cc88693ff2506038d7b5c7838d5931adff54
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security
max-age=315360000; includeSubDomains
content-encoding
gzip
via
1.1 2837e32f921e7e7517dd6f5461c37dfa.cloudfront.net (CloudFront)
date
Sat, 23 Sep 2023 23:51:31 GMT
x-amz-cf-pop
AMS58-P4
age
1392754
x-cache
Hit from cloudfront
last-modified
Tue, 10 Nov 2020 18:21:17 GMT
server
nginx
etag
W/"87241d457d985afea33124ef787f9bbe"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id
0qJnZJeLL1yPZLNWiw1AxgXipAzkRPnIe4jmt9C5bie1lLLzmn7gzA==
expires
Sat, 14 Sep 2024 09:45:06 GMT
okta-sign-in.min.css
ok9static.oktacdn.com/assets/js/sdk/okta-signin-widget/4.5.2/css/ 		192 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ok9static.oktacdn.com/assets/js/sdk/okta-signin-widget/4.5.2/css/okta-sign-in.min.css
Requested by
Host: pass.canalplus.com
URL: https://pass.canalplus.com/oauth2/default/v1/authorize?client_id=0oa7mop7kI79jDOCA416&redirect_uri=https%3A%2F%2Fpass.canal-plus.com%2Fprovider%2Foauth2sp%2Fauth%2FCPOKT&response_type=code&scope=profile+openid+email+address+phone+offline_access&login_hint=&state=redirect_uri%3Dhttps%253A%252F%252Faccount.canalplus.com%252Ffr%252Fcode%252Fsamsung%26platform%3DPC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.69.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-69-47.ams58.r.cloudfront.net
Software
nginx /
Resource Hash
1881be9edf187bf3e0c89c23e8e3cc9b87e69308b451ca647d195d69a7d16760
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security
max-age=315360000; includeSubDomains
content-encoding
gzip
via
1.1 2837e32f921e7e7517dd6f5461c37dfa.cloudfront.net (CloudFront)
date
Wed, 27 Sep 2023 02:23:30 GMT
x-amz-cf-pop
AMS58-P4
age
1603992
x-cache
Hit from cloudfront
last-modified
Tue, 10 Nov 2020 18:21:10 GMT
server
nginx
etag
W/"e808ca6874a5dc0660aebd64ba2cd49a"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id
hOE9Imw1EzZUtgfZZYUo0DvdawhmQQaA9c2hlqspxLSDQLY2kX_Xtw==
expires
Wed, 11 Sep 2024 23:04:28 GMT
custom-signin.241e0fb439244dc50c5929c0513a6765.css
ok9static.oktacdn.com/assets/loginpage/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ok9static.oktacdn.com/assets/loginpage/css/custom-signin.241e0fb439244dc50c5929c0513a6765.css
Requested by
Host: pass.canalplus.com
URL: https://pass.canalplus.com/oauth2/default/v1/authorize?client_id=0oa7mop7kI79jDOCA416&redirect_uri=https%3A%2F%2Fpass.canal-plus.com%2Fprovider%2Foauth2sp%2Fauth%2FCPOKT&response_type=code&scope=profile+openid+email+address+phone+offline_access&login_hint=&state=redirect_uri%3Dhttps%253A%252F%252Faccount.canalplus.com%252Ffr%252Fcode%252Fsamsung%26platform%3DPC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.69.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-69-47.ams58.r.cloudfront.net
Software
nginx /
Resource Hash
dcc89f32e3f978bd4c2e313916b6267abd287eea87daec0e5c049150fd9062aa
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security
max-age=315360000; includeSubDomains
content-encoding
gzip
via
1.1 2837e32f921e7e7517dd6f5461c37dfa.cloudfront.net (CloudFront)
date
Fri, 15 Sep 2023 00:08:57 GMT
x-amz-cf-pop
AMS58-P4
age
1427323
x-cache
Hit from cloudfront
last-modified
Tue, 22 Mar 2022 17:34:30 GMT
server
nginx
etag
W/"241e0fb439244dc50c5929c0513a6765"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id
LObeipMk-fzEMwc6joYTDL-Lw2dfpCzb8_wx9NEH4hRb5PWo0eqm3A==
expires
Sat, 14 Sep 2024 00:08:57 GMT
css
fonts.googleapis.com/ 		1013 B
832 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Hind
Requested by
Host: pass.canalplus.com
URL: https://pass.canalplus.com/oauth2/default/v1/authorize?client_id=0oa7mop7kI79jDOCA416&redirect_uri=https%3A%2F%2Fpass.canal-plus.com%2Fprovider%2Foauth2sp%2Fauth%2FCPOKT&response_type=code&scope=profile+openid+email+address+phone+offline_access&login_hint=&state=redirect_uri%3Dhttps%253A%252F%252Faccount.canalplus.com%252Ffr%252Fcode%252Fsamsung%26platform%3DPC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d18f46dd86d96774452a5226cb7cd290eb7a134c5ea386e71dfd2d39005d9619
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 01 Oct 2023 12:37:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 01 Oct 2023 12:09:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 01 Oct 2023 12:37:40 GMT
jquery-3.5.1.min.js
widget-content.prod.pass.canal.aws.io-cplus.net/Widget/ 		87 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget-content.prod.pass.canal.aws.io-cplus.net/Widget/jquery-3.5.1.min.js
Requested by
Host: pass.canalplus.com
URL: https://pass.canalplus.com/oauth2/default/v1/authorize?client_id=0oa7mop7kI79jDOCA416&redirect_uri=https%3A%2F%2Fpass.canal-plus.com%2Fprovider%2Foauth2sp%2Fauth%2FCPOKT&response_type=code&scope=profile+openid+email+address+phone+offline_access&login_hint=&state=redirect_uri%3Dhttps%253A%252F%252Faccount.canalplus.com%252Ffr%252Fcode%252Fsamsung%26platform%3DPC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:4c00:2:4460:3800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer
Origin
https://pass.canalplus.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id
NlmVwNSSTK.cScRnxg.HU.b3dib._1Nz
date
Sun, 01 Oct 2023 12:37:22 GMT
via
1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
41
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
89476
last-modified
Tue, 21 Feb 2023 13:59:41 GMT
server
AmazonS3
etag
"dc5e7f18c8d36ac1d3d4753a87c98d0a"
access-control-max-age
0
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
vlxuHb_OxYpJLA6BGhUXC3frlYX4oLmvqxYVgVYKxt3R2sBA2SjpQQ==
jquery.validate.min.js
widget-content.prod.pass.canal.aws.io-cplus.net/Widget/ 		24 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget-content.prod.pass.canal.aws.io-cplus.net/Widget/jquery.validate.min.js
Requested by
Host: pass.canalplus.com
URL: https://pass.canalplus.com/oauth2/default/v1/authorize?client_id=0oa7mop7kI79jDOCA416&redirect_uri=https%3A%2F%2Fpass.canal-plus.com%2Fprovider%2Foauth2sp%2Fauth%2FCPOKT&response_type=code&scope=profile+openid+email+address+phone+offline_access&login_hint=&state=redirect_uri%3Dhttps%253A%252F%252Faccount.canalplus.com%252Ffr%252Fcode%252Fsamsung%26platform%3DPC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:4c00:2:4460:3800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f8110a988bd0e88b0bf2c1dcbe276d0eb34e7593b70bd2ed14fb45d87d1d3872

Request headers

Referer
Origin
https://pass.canalplus.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id
6DwkaOpUAGJ3vdWhRplQGK2xOrfWX4Bo
date
Sun, 01 Oct 2023 12:37:22 GMT
via
1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
30
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
24443
last-modified
Tue, 21 Feb 2023 13:59:41 GMT
server
AmazonS3
etag
"014e81dd1a31bde533ebc11828eaf248"
access-control-max-age
0
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
niDK0Zz3w5fBuNTUjFcWFYAxlnixqpymaPsS4kY0OOs5l0Uu_sTtEA==
bootstrap.min.js
widget-content.prod.pass.canal.aws.io-cplus.net/Widget/ 		59 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget-content.prod.pass.canal.aws.io-cplus.net/Widget/bootstrap.min.js
Requested by
Host: pass.canalplus.com
URL: https://pass.canalplus.com/oauth2/default/v1/authorize?client_id=0oa7mop7kI79jDOCA416&redirect_uri=https%3A%2F%2Fpass.canal-plus.com%2Fprovider%2Foauth2sp%2Fauth%2FCPOKT&response_type=code&scope=profile+openid+email+address+phone+offline_access&login_hint=&state=redirect_uri%3Dhttps%253A%252F%252Faccount.canalplus.com%252Ffr%252Fcode%252Fsamsung%26platform%3DPC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:4c00:2:4460:3800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
38544024da1a0fc2f706be6582557b5722d17f48ad9a8073594a0cf928e2e3ff

Request headers

Referer
Origin
https://pass.canalplus.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id
dRzuy9pGmBXjOAP3EK7HiewgWeBGD9mG
date
Sun, 01 Oct 2023 12:37:31 GMT
via
1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
10
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
60174
last-modified
Tue, 21 Feb 2023 13:59:41 GMT
server
AmazonS3
etag
"6bea60c34c5db6797150610dacdc6bce"
access-control-max-age
0
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
CSYSRzuW3m-4TFeC34mKkxm17wP521g3gO27qlsAzhWFFD3J4ZvXFw==
libphonenumber-js-1.9.36.min.js
widget-content.prod.pass.canal.aws.io-cplus.net/Widget/libphonenumber/1.9.36/ 		149 KB
150 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget-content.prod.pass.canal.aws.io-cplus.net/Widget/libphonenumber/1.9.36/libphonenumber-js-1.9.36.min.js
Requested by
Host: pass.canalplus.com
URL: https://pass.canalplus.com/oauth2/default/v1/authorize?client_id=0oa7mop7kI79jDOCA416&redirect_uri=https%3A%2F%2Fpass.canal-plus.com%2Fprovider%2Foauth2sp%2Fauth%2FCPOKT&response_type=code&scope=profile+openid+email+address+phone+offline_access&login_hint=&state=redirect_uri%3Dhttps%253A%252F%252Faccount.canalplus.com%252Ffr%252Fcode%252Fsamsung%26platform%3DPC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:4c00:2:4460:3800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
da4577ae8bae36acbfe8c031315e6651095e54efa06d7ec85abaa518a85af762

Request headers

Referer
Origin
https://pass.canalplus.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id
k6peK3y8HvF0yE.B0XoE0e6gFkx2934W
date
Sun, 01 Oct 2023 12:37:22 GMT
via
1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
34
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
152631
last-modified
Tue, 21 Feb 2023 13:59:41 GMT
server
AmazonS3
etag
"9b47fa396d2fb23a10a9f57fd71c874f"
access-control-max-age
0
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
aIsEsfefoAHQmrA3pUu6JRv1HI7hjLcY4Pyz-FCqsJiShwINSdJb3A==
trcking.min.js
data.canalplus.com/production/v2/ 		154 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://data.canalplus.com/production/v2/trcking.min.js
Requested by
Host: pass.canalplus.com
URL: https://pass.canalplus.com/oauth2/default/v1/authorize?client_id=0oa7mop7kI79jDOCA416&redirect_uri=https%3A%2F%2Fpass.canal-plus.com%2Fprovider%2Foauth2sp%2Fauth%2FCPOKT&response_type=code&scope=profile+openid+email+address+phone+offline_access&login_hint=&state=redirect_uri%3Dhttps%253A%252F%252Faccount.canalplus.com%252Ffr%252Fcode%252Fsamsung%26platform%3DPC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-111-170.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a71c5acd4e2295b530aee5bc1d84737ed1f962c22a492c4633d29e42ad77e7a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 12:37:41 GMT
content-encoding
gzip
last-modified
Mon, 25 Sep 2023 07:42:10 GMT
server
AkamaiNetStorage
etag
"4bb64209bb354debc01197c25e94c4fc:1695642562.77874"
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/x-javascript
access-control-allow-origin
*
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
38778
initLoginPage.pack.d05a8c2e6bdf6d212b92af4d6b9cfefe.js
ok9static.oktacdn.com/assets/js/mvc/loginpage/ 		204 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ok9static.oktacdn.com/assets/js/mvc/loginpage/initLoginPage.pack.d05a8c2e6bdf6d212b92af4d6b9cfefe.js
Requested by
Host:
URL: OktaUtil.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.69.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-69-47.ams58.r.cloudfront.net
Software
nginx /
Resource Hash
bb7b04fe7a146c5260e3f1a82db4c675c3d41f53f0fe4fb7517840cef54f2b0b
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-meta-sha1sum
34f075e4d0f6b20eb712a2053d423869bb60771b
strict-transport-security
max-age=315360000; includeSubDomains
content-encoding
gzip
date
Wed, 20 Sep 2023 19:53:00 GMT
via
1.1 2837e32f921e7e7517dd6f5461c37dfa.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P4
age
1013458
x-cache
Hit from cloudfront
last-modified
Tue, 11 Jul 2023 18:51:47 GMT
server
nginx
etag
W/"d05a8c2e6bdf6d212b92af4d6b9cfefe"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id
dE3tzndbYczTtEOT5OJdIa6vKki1SPBqUE8gujKD3A9zM3L-m36eOg==
expires
Wed, 18 Sep 2024 19:06:43 GMT
cookie-sync.html
data.canalplus.com/production/v2/ Frame 7E6A 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://data.canalplus.com/production/v2/cookie-sync.html?
Requested by
Host: data.canalplus.com
URL: https://data.canalplus.com/production/v2/trcking.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-111-170.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
24570481f0253fb1424e8b8d8392cf9a892c09f9fc6689c42821e6d27bd64d66

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-headers
*
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
content-encoding
gzip
content-length
5118
content-type
text/html
date
Sun, 01 Oct 2023 12:37:41 GMT
etag
"8aa841c238f1f79a3ae573e0d98fb698:1695642557.114695"
last-modified
Mon, 25 Sep 2023 07:42:10 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
5aU69_a8oxmIdGl4BA.woff2
fonts.gstatic.com/s/hind/v16/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/hind/v16/5aU69_a8oxmIdGl4BA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Hind
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aca5dec430a7470ff1d8a16f9e7bb3ca30f2ff58f3bd60432cf1dddfa30c9d71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pass.canalplus.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 11:44:11 GMT
x-content-type-options
nosniff
age
435210
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16216
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:45:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Sep 2024 11:44:11 GMT
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
77810aa1c9130038a6262e7edbe4a4d4e52811de11b164a5dca7da3138f4c888

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/svg+xml
introspect
pass.canalplus.com/api/v1/authn/ 		1 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pass.canalplus.com/api/v1/authn/introspect
Requested by
Host: ok9static.oktacdn.com
URL: https://ok9static.oktacdn.com/assets/js/sdk/okta-signin-widget/4.5.2/js/okta-sign-in.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.195.200 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ac4b547508e00da8e.awsglobalaccelerator.com
Software
nginx /
Resource Hash
5f1bc3121fc30eead051d095fb0cb47174ae8935ac6f6dd361e7567bfbb9b55a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept
application/json
Referer
x-okta-user-agent-extended
okta-signin-widget-4.5.2
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
content-type
application/json

Response headers

x-okta-request-id
ZRloFaSfnnXaUSPhdRpAowAAAms
Date
Sun, 01 Oct 2023 12:37:41 GMT
content-security-policy
frame-ancestors 'self'
x-rate-limit-limit
30000
x-content-type-options
nosniff
Content-Encoding
gzip
x-rate-limit-remaining
29678
Strict-Transport-Security
max-age=315360000; includeSubDomains
content-security-policy-report-only
default-src 'self' canalplus-emea.okta.com pass.canalplus.com *.oktacdn.com; connect-src 'self' canalplus-emea.okta.com canalplus-emea-admin.okta.com pass.canalplus.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com *.mtls.okta.com canalplus-emea.kerberos.okta.com https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' canalplus-emea.okta.com pass.canalplus.com *.oktacdn.com; style-src 'unsafe-inline' 'self' canalplus-emea.okta.com pass.canalplus.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' canalplus-emea.okta.com canalplus-emea-admin.okta.com pass.canalplus.com login.okta.com; img-src 'self' canalplus-emea.okta.com pass.canalplus.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' canalplus-emea.okta.com pass.canalplus.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
Transfer-Encoding
chunked
p3p
CP="HONK"
Connection
Keep-Alive
x-xss-protection
0
pragma
no-cache
Server
nginx
Vary
Accept-Encoding,Origin
Content-Type
application/json
access-control-allow-origin
https://pass.canalplus.com
x-rate-limit-reset
1696163872
access-control-allow-credentials
true
cache-control
no-cache, no-store
access-control-allow-headers
Content-Type
Keep-Alive
timeout=5, max=99
expires
0
iframe.html
login.okta.com/discovery/ Frame 82B0 		451 B
954 B 		Document
General
Check archive.org
Download Go to
Full URL
https://login.okta.com/discovery/iframe.html
Requested by
Host: ok9static.oktacdn.com
URL: https://ok9static.oktacdn.com/assets/js/mvc/loginpage/initLoginPage.pack.d05a8c2e6bdf6d212b92af4d6b9cfefe.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-41.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
312961c3e2abd191b80c96dc095382f8a09226a70ea00dbccc20ee26a67ced59
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
4503
Connection
keep-alive
Content-Length
451
Content-Type
text/html
Date
Sun, 01 Oct 2023 11:22:39 GMT
ETag
"f8b177440411e7269b647ae1012388bb"
Last-Modified
Thu, 01 Jun 2023 17:31:02 GMT
Server
AmazonS3
Strict-Transport-Security
max-age=31536000; includeSubDomains
Via
1.1 002af2e4f72157b8b4bd2de012b5b57c.cloudfront.net (CloudFront)
X-Amz-Cf-Id
eAvsSrFgI80yHqKdGHbfiwAIBM5JNuo4UoOtyiAfxls9jOItQIoTWg==
X-Amz-Cf-Pop
FRA56-P6
X-Cache
Hit from cloudfront
truncated
/ 		724 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b8c8e9490029cc0f436eb04f9d1d43a9e27f64b72a225f89b9e2e0354dfd4cd6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		545 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
948aa858232ea92704b284f15644de3926754a1e5b9eb975d2628c942bdf6f46

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/svg+xml
discoveryIframe-88dc7396afa19c320b05.min.js
login.okta.com/lib/ Frame 82B0 		96 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.okta.com/lib/discoveryIframe-88dc7396afa19c320b05.min.js
Requested by
Host: login.okta.com
URL: https://login.okta.com/discovery/iframe.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-41.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ccf6add544df0956a4db5ffeab1cd89d06f63c7f5ec8081b4584d948cdb6604c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.okta.com/discovery/iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Sun, 01 Oct 2023 05:19:02 GMT
Via
1.1 002af2e4f72157b8b4bd2de012b5b57c.cloudfront.net (CloudFront)
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Thu, 01 Jun 2023 17:31:03 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P6
Age
26320
ETag
"19953e3854535d02dccdbf809bacf44a"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Content-Length
98194
X-Amz-Cf-Id
f1wu5lf06UtKervSjUHXgHPzXEPFYFVrQaqT4nEI3sttU9Q2J0E5lg==
truncated
/ 		701 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8a04acd7ccad82eb80ec3224765ff921c0bd4c8782be830c420e5342830b665e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/svg+xml
event
data.api.canalplus.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://data.api.canalplus.com/event
Requested by
Host: data.canalplus.com
URL: https://data.canalplus.com/production/v2/trcking.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-111-170.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 01 Oct 2023 12:37:41 GMT
content-encoding
gzip
x-serverid
uconnect_i-0145bdb351ad407ae
x-tid
1696163861250-0792a81eed60
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
x-acc
canalplus:main:2:event
x-region
eu-central-1
content-length
20
pragma
no-cache
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://pass.canalplus.com
x-ulver
e553b54e228b86e7757afa033bb5b65d99860536-SNAPSHOT
access-control-expose-headers
X-Region
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
x-uuid
41769e6e-002f-461c-afa9-f0b5d8243d23
expires
Sun, 01 Oct 2023 12:37:41 GMT
arrow-bcbdbe.png
widget-content.prod.pass.canal.aws.io-cplus.net/LightMode/ 		338 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget-content.prod.pass.canal.aws.io-cplus.net/LightMode/arrow-bcbdbe.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:4c00:2:4460:3800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
26cd7f0ef2fbac5414075c801f8ce29bc0b7faada95fcf8775f332d4e863d57e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id
pEt82nDLuuLI0_EiL226b9OhfuqDKw17
date
Sun, 01 Oct 2023 12:36:47 GMT
via
1.1 6def1f0ddc805dce17407cce01d5b32c.cloudfront.net (CloudFront)
last-modified
Tue, 21 Feb 2023 13:59:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
57
x-amz-server-side-encryption
AES256
etag
"9ddde8ef308e05adaf4ba63e934389b4"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
338
x-amz-cf-id
Cyt2i7hErFEFNWv6sqeh8sRCERGbIXQYM1b3d0RBQVc_4PkYHCMzjQ==
montserrat-light-webfont.woff
ok9static.oktacdn.com/assets/js/sdk/okta-signin-widget/4.5.2/font/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ok9static.oktacdn.com/assets/js/sdk/okta-signin-widget/4.5.2/font/montserrat-light-webfont.woff
Requested by
Host: ok9static.oktacdn.com
URL: https://ok9static.oktacdn.com/assets/js/sdk/okta-signin-widget/4.5.2/css/okta-sign-in.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.69.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-69-47.ams58.r.cloudfront.net
Software
nginx /
Resource Hash
feb177fb563f478cb8ecade71caea5df5ad318ca161c71875114e504ce304ace
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

Referer
https://ok9static.oktacdn.com/assets/js/sdk/okta-signin-widget/4.5.2/css/okta-sign-in.min.css
Origin
https://pass.canalplus.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security
max-age=315360000; includeSubDomains
date
Sat, 23 Sep 2023 23:51:32 GMT
via
1.1 eb78cbb81a4ab555c78ae1168deff6e2.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P4
age
1354246
x-cache
Hit from cloudfront
content-length
22112
last-modified
Tue, 10 Nov 2020 18:21:11 GMT
server
nginx
etag
"6225f3ca44b83090833064727a09cc95"
content-type
application/font-woff
access-control-allow-origin
*
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
PyMS15RlKZaB0-EgjH4V8UToPLbkHbXGlv4r9TiRtIn8TMrXoleFKg==
expires
Sat, 14 Sep 2024 20:26:55 GMT

Verdicts & Comments Add Verdict or Comment

149 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| documentPictureInPicture object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| Backbone function| jQueryCourage object| u2f function| OktaSignIn function| signInSuccessCallBackFunction object| oktaData function| runLoginPage object| OktaUtil function| $ function| jQuery object| bootstrap object| libphonenumber object| arrClientIdsToHideAccountCreationButton string| baseResourceUrl string| sendOtpUrl string| urlRegister string| goBackUrlMobile string| goBackUrlDefault string| beginRelayStateUrl string| environment string| cssmode string| androidTVcssMode undefined| loginForOtp number| ttl string| country string| redirectUriRegister function| redefineCssVariables boolean| isSwisscomBox boolean| isAndroid6OrMinus boolean| isAndroidTv string| imgSrcSelectCountry string| androidtv_css_url string| androidtv_js_url function| getAndroidStyle object| modal object| closeButton object| okButton function| toggleModal function| toggleModalLinkExpired boolean| isSafari boolean| deviceIsMobile boolean| isIphone boolean| isAndroid boolean| isXBOX string| mode string| lang object| config object| oktaSignIn object| countryNamesAndCodes boolean| emailLogin string| modeAuth object| switchTagPhone object| switchTagEmail undefined| nav undefined| input undefined| elem_of_countries object| arr_of_country object| obj object| objNameCodePrefix boolean| prefix string| hiddenPhoneNumber function| compare string| defaultLang object| objErrorCodes object| objTraduction object| zones function| localize function| enterKeyPressed object| requestContext function| manageSendPageView function| manageSendEvent function| setModeAuth function| displaySwitchTabs function| setTabindex object| arrToggles function| showPasswordToggleForResetPassword function| removeItem function| setOpacityNormal function| setOpacityPlus object| arrPasswordRules number| pwdMinLength function| validatePasswordRules function| clearTextBackButton function| sendOtp function| setResendCodeLabel function| validateCode function| addSwitchTagEmailPhone function| addError function| validateEvent function| validateEventFocusout function| applyCssForSwisscomBox function| createPrefixPhonenumberList function| checkUsername function| checkInvalidChars function| changeTitle function| getFirstBrowserLanguage function| addplaceholder function| setEmailMode function| setPhoneMode function| removeError function| addOrRemoveMultiEventListener function| setPrefixOnInput function| filterByValue function| getCountry function| getOfferZone function| setDataForCountry function| redirectAfterBack function| getCountryAndSetPrefix undefined| idxFieldOrItem undefined| arrKeyCodesHandled undefined| minIdx undefined| primaryAuthMaxIndex undefined| forgotPasswordMaxIndex undefined| mfaVerifyMaxIndex undefined| passwordResetMaxIndex undefined| recoveryChallengeMaxIndex object| tt_script object| trackingQueue object| eventQueue object| consentCallbackQueue function| sendPageView function| sendEvent function| waitForUserConsent object| utag_data object| utag_cfg_ovrd function| getVendorList function| launchPrivacyManager object| ttStore function| ttToggleLogs function| ttToggleStaging function| setPreferenceAnalytics function| setPreferenceAds object| queueManagerForLoadEvent object| ttDataLayer function| setAnonymousMeasure function| getAnonymousMeasure function| setTealiumKey function| getTealiumKey object| OktaLogin object| jQBrowser

18 Cookies

Domain/Path Name / Value
pass.canal-plus.com/provider-IdPOAuth2 Name: JSESSIONID
Value: E24F11EEABE2B74BB8126B707638D808
samsung.canalplus.com/ Name: akacd_pr_account_policy
Value: 3873616658~rv=40~id=f80618cbc07b42535ad334f4fbde6b1c
.canalplus.com/ Name: _abck
Value: 86B7459A5A9D718B6D812836E02E568C~-1~YAAQqtAXAl4wNsuKAQAAg4w+6woWZfy+ymF9RaYZ0eMuactZaxFo7yFzuJ4iuC2MMN25Rs6+uL4/ageL9aQlrKwKOwe9MT+G/lsylntsRsN7QnVv1IJq22bJJkUBjgol1pTI8VeHxR09E/n5ZE08ISRKJJ0CVesdAX9K1DyaHkUKIiwERBsaq0qerjCng03N0PifK/1dAB8qW69w3rFtmrosdPWXMnW4PJ2WEGkY71pKe9iQ5F2jujZc9UbgwhJxuCMM79wFjplrcM/t84rQmEOemLwzMXDKUz1FTjpfMI0YoGHMtkUUGPidmDutvVc1ll7occGqcRvtXneol6AazApqVGYYlod2Z0Z5KYu7x8Y0YoTIx6MAlr3mZZ0Ut8hUceShWw==~-1~-1~-1
.canalplus.com/ Name: bm_sz
Value: 4339AE929FBB90704C83C855405D983F~YAAQqtAXAl8wNsuKAQAAg4w+6xU6LnOLYDxRcoNQjBT88N22jNLQ5+oTHJuHSmAMnqdK47x0BWTZj/9cYlWBs3JCWAYrmv3uUMOIliyJ13cK7FLFb04D0ISz+wpnqs1AV+KFQ6zqcia4/VW/1xTPuktY6Iy7TyeUg5sILziyHYnPu8jOL82HHkR8UiK5QBojw1NJqv7LBSrAZsaSDjxCjzhEB7kz9wQ6ZdyDgIuCtfTaXb5Pn2zYUvdhXkV+TssVCr3gzt1boStY0ITS64r/GxXnVG3cTkizjsCdE3dov74JQcwEjU4=~4469296~3683633
account.canalplus.com/ Name: akacd_pr_account_policy
Value: 3873616658~rv=54~id=f948930ff130041a8f1640b522fac453
pass.canal-plus.com/ Name: akacd_pr_pass_origin
Value: 3873616659~rv=39~id=92c1c4032e08be7d152531d3c22cdae6
pass.canal-plus.com/ Name: s_pass_tmp
Value: BUbduzDsdEoOttHglttUv4Xg9CA0mFZuxclrH89dU3F-bVlphA36ncOG-2Y9jpe_wcFj1o3icthaoeg-sQUyiLFWtHM9c37WcV8iL81VdRLcnpiJcnZEiq3NMiO58WWUGgPnl5ypqzuK3LKFjO7mghxzJ58I_KY6uZgqR5tgsm5soTzYDOTv8z7gJDCbm29se8O2GXhKinHhnEj2SSDVIw-671CCsVcuZGg37qzzq2ut1mdom7ja58EcmJ-oS2XxC9a66A_StFGfrD3WiDyrafqBa3pXISVdB3T8rLBZzeSQAbuWkXLDhyOvF1Y3OpVQzsGS7i47Y_h7AxCRnQrKn0ghNYEWRs71cA2DuESZp0QO0rdydjo26d4nLyiqK8ristTgWUAcM6-Rn7jgAY_DbJ94-m5OHFczcTajdRu-9Y3hjvJZCSAyQ9uEba88w_sr8yhmzPxTK9zfJN86QRellaEOZn8S4tjTm88L9Zn9cs-1wOlvixSWvfilWR_PUlzkQ21Cps6JcPYy3PvbGIszmQGjYfHS1in5Q4JpM8WX5AHLjKiQXNkvE2nx-RFps-GV
pass.canalplus.com/ Name: t
Value: default
pass.canalplus.com/ Name: DT
Value: DI16Sy_Af6KQRSmVrfFZz-nuA
pass.canalplus.com/ Name: JSESSIONID
Value: F86FBE0FFF43AF57818EBCB90AA779FB
pass.canalplus.com/ Name: oktaStateToken
Value: 00EIim4hzgabOuQ8MNBRESRIRqNUOzvkSbTzymt8mj
pass.canalplus.com/ Name: adsAllowed
Value: false
pass.canalplus.com/ Name: statsAllowed
Value: false
pass.canalplus.com/ Name: anonymousAllowed
Value: true
data.canalplus.com/ Name: statsAllowed
Value: false
data.canalplus.com/ Name: adsAllowed
Value: false
data.canalplus.com/ Name: anonymousAllowed
Value: true
.canalplus.com/ Name: sessionId
Value: 1696163861790-af9333c56dc2

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

account.canalplus.com
data.api.canalplus.com
data.canalplus.com
fonts.googleapis.com
fonts.gstatic.com
login.okta.com
ok9static.oktacdn.com
pass.canal-plus.com
pass.canalplus.com
samsung.canalplus.com
widget-content.prod.pass.canal.aws.io-cplus.net
108.138.7.41
15.197.195.200
18.239.69.47
184.30.21.12
2600:9000:206f:4c00:2:4460:3800:93a1
2a00:1450:4001:810::200a
2a00:1450:4001:811::2003
95.101.111.170
17eb4e2c1b9e78c024883990fb58cc88693ff2506038d7b5c7838d5931adff54
1881be9edf187bf3e0c89c23e8e3cc9b87e69308b451ca647d195d69a7d16760
24570481f0253fb1424e8b8d8392cf9a892c09f9fc6689c42821e6d27bd64d66
26cd7f0ef2fbac5414075c801f8ce29bc0b7faada95fcf8775f332d4e863d57e
312961c3e2abd191b80c96dc095382f8a09226a70ea00dbccc20ee26a67ced59
38544024da1a0fc2f706be6582557b5722d17f48ad9a8073594a0cf928e2e3ff
5f1bc3121fc30eead051d095fb0cb47174ae8935ac6f6dd361e7567bfbb9b55a
717f092e6abd17508376ff807cf026acd65e3b133d5bfb3d0cbcdf073d75f3cc
77810aa1c9130038a6262e7edbe4a4d4e52811de11b164a5dca7da3138f4c888
8a04acd7ccad82eb80ec3224765ff921c0bd4c8782be830c420e5342830b665e
948aa858232ea92704b284f15644de3926754a1e5b9eb975d2628c942bdf6f46
a71c5acd4e2295b530aee5bc1d84737ed1f962c22a492c4633d29e42ad77e7a9
aca5dec430a7470ff1d8a16f9e7bb3ca30f2ff58f3bd60432cf1dddfa30c9d71
b8c8e9490029cc0f436eb04f9d1d43a9e27f64b72a225f89b9e2e0354dfd4cd6
bb7b04fe7a146c5260e3f1a82db4c675c3d41f53f0fe4fb7517840cef54f2b0b
ccf6add544df0956a4db5ffeab1cd89d06f63c7f5ec8081b4584d948cdb6604c
d18f46dd86d96774452a5226cb7cd290eb7a134c5ea386e71dfd2d39005d9619
da4577ae8bae36acbfe8c031315e6651095e54efa06d7ec85abaa518a85af762
dcc89f32e3f978bd4c2e313916b6267abd287eea87daec0e5c049150fd9062aa
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8110a988bd0e88b0bf2c1dcbe276d0eb34e7593b70bd2ed14fb45d87d1d3872
feb177fb563f478cb8ecade71caea5df5ad318ca161c71875114e504ce304ace