urlscan.io logo urlscan.io
SecurityTrails logo

login.microsoftonline.com Open in urlscan Pro
20.190.160.20  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://identity.qvc.it/
Effective URL: https://login.microsoftonline.com/ff3213cc-c3f6-45d4-a104-8f7823656fec/oauth2/v2.0/authorize?nonce=l4czfdye7i47waahga4850gxn7ri0a6...
Submission: On October 14 via automatic, source certstream-suspicious — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 8 domains to perform 29 HTTP transactions. The main IP is 20.190.160.20, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.microsoftonline.com. The Cisco Umbrella rank of the primary domain is 9.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on September 3rd 2024. Valid for: 6 months.
This is the only time login.microsoftonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 16 184.31.83.9 16625 (AKAMAI-AS)
2 169.150.247.39 60068 (CDN77 _)
3 69.192.160.133 16625 (AKAMAI-AS)
1 23.35.232.134 16625 (AKAMAI-AS)
1 20.190.160.20 8075 (MICROSOFT...)
2 23.216.77.147 20940 (AKAMAI-ASN1)
3 13.107.253.64 8075 (MICROSOFT...)
1 20.190.160.22 8075 (MICROSOFT...)
29 9
16    184.31.83.9 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-83-9.deploy.static.akamaitechnologies.com
identity.qvc.it
2    169.150.247.39 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)
PTR: 169-150-247-39.bunnyinfra.net
fonts.bunny.net
3    69.192.160.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-133.deploy.static.akamaitechnologies.com
s.go-mpulse.net
02179919.akstat.io
1    23.35.232.134 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-232-134.deploy.static.akamaitechnologies.com
c.go-mpulse.net
1    20.190.160.20 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com
2    23.216.77.147 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-216-77-147.deploy.static.akamaitechnologies.com
qvc.scene7.com
3    13.107.253.64 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aadcdn.msauth.net
1    20.190.160.22 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.live.com
Apex Domain
Subdomains		 Transfer
16 qvc.it
identity.qvc.it
512 KB
3 msauth.net
aadcdn.msauth.net — Cisco Umbrella Rank: 860
158 KB
2 scene7.com
qvc.scene7.com — Cisco Umbrella Rank: 57202
3 KB
2 akstat.io
02179919.akstat.io — Cisco Umbrella Rank: 102952
452 B
2 go-mpulse.net
s.go-mpulse.net — Cisco Umbrella Rank: 1607
c.go-mpulse.net — Cisco Umbrella Rank: 772
50 KB
2 bunny.net
fonts.bunny.net — Cisco Umbrella Rank: 10663
23 KB
1 live.com
login.live.com — Cisco Umbrella Rank: 63
1 microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 9
16 KB
29 8
Domain Requested by
16 identity.qvc.it 1 redirects identity.qvc.it
3 aadcdn.msauth.net login.microsoftonline.com
aadcdn.msauth.net
2 qvc.scene7.com
2 02179919.akstat.io s.go-mpulse.net
2 fonts.bunny.net identity.qvc.it
fonts.bunny.net
1 login.live.com login.microsoftonline.com
1 login.microsoftonline.com identity.qvc.it
1 c.go-mpulse.net s.go-mpulse.net
1 s.go-mpulse.net identity.qvc.it
29 9

This site contains no links.

Subject Issuer Validity Valid
prd-identity.qvc.com
DigiCert Global CA G2		 2024-06-05 -
2024-11-05		 5 months crt.sh
fonts.bunny.net
R10		 2024-10-02 -
2024-12-31		 3 months crt.sh
akstat.io
DigiCert TLS RSA SHA256 2020 CA1		 2024-07-31 -
2025-07-31		 a year crt.sh
stamp2.login.microsoftonline.com
DigiCert SHA2 Secure Server CA		 2024-09-03 -
2025-03-03		 6 months crt.sh
*.scene7.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-26 -
2024-11-26		 a year crt.sh
aadcdn.msauth.net
DigiCert SHA2 Secure Server CA		 2024-07-30 -
2025-07-30		 a year crt.sh
login.live.com
DigiCert SHA2 Secure Server CA		 2024-08-28 -
2025-02-28		 6 months crt.sh

This page contains 1 frames:

Primary Page: https://login.microsoftonline.com/ff3213cc-c3f6-45d4-a104-8f7823656fec/oauth2/v2.0/authorize?nonce=l4czfdye7i47waahga4850gxn7ri0a6&response_type=code&client_id=9a826a03-be98-428b-a48d-d70327e9cf74&redirect_uri=https://openam-qvceu-euw3.id.forgerock.io/am/XUI/?realm%3Dalpha%26authIndexType%3Dservice%26authIndexValue%3DAzureLogin&scope=openid%20profile%20email&code_challenge=Qq_qjrvvortWkQZV7Aw1ASH9S75jby6k6M0l7ug7Vzo&code_challenge_method=S256&state=6zz0qrosx2m0xro3todcvhm0xtufwy5
Frame ID: D29CE540867DC1C4B3132F7C8831DAD9
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Accesso all'account

Page URL History Show full URLs

  1. https://identity.qvc.it/ HTTP 301
    https://identity.qvc.it/login/ Page URL
  2. https://login.microsoftonline.com/ff3213cc-c3f6-45d4-a104-8f7823656fec/oauth2/v2.0/authorize?nonce=l4czfdye7i4... Page URL

Page Statistics

29
Requests

97 %
HTTPS

0 %
IPv6

8
Domains

9
Subdomains

9
IPs

3
Countries

762 kB
Transfer

2839 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://identity.qvc.it/ HTTP 301
    https://identity.qvc.it/login/ Page URL
  2. https://login.microsoftonline.com/ff3213cc-c3f6-45d4-a104-8f7823656fec/oauth2/v2.0/authorize?nonce=l4czfdye7i47waahga4850gxn7ri0a6&response_type=code&client_id=9a826a03-be98-428b-a48d-d70327e9cf74&redirect_uri=https://openam-qvceu-euw3.id.forgerock.io/am/XUI/?realm%3Dalpha%26authIndexType%3Dservice%26authIndexValue%3DAzureLogin&scope=openid%20profile%20email&code_challenge=Qq_qjrvvortWkQZV7Aw1ASH9S75jby6k6M0l7ug7Vzo&code_challenge_method=S256&state=6zz0qrosx2m0xro3todcvhm0xtufwy5 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://identity.qvc.it/ HTTP 301
  • https://identity.qvc.it/login/

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
identity.qvc.it/login/
Redirect Chain
  • https://identity.qvc.it/
  • https://identity.qvc.it/login/
6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://identity.qvc.it/login/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.31.83.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-83-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ac8eb28cd1514985cbc94aeb8fb033b720bed5829d0d961d45f5daa3a6bf45cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
2719
content-security-policy-report-only
frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'
content-type
text/html
date
Mon, 14 Oct 2024 16:39:19 GMT
etag
"66dafa60-3ce"
expires
Mon, 14 Oct 2024 16:39:19 GMT
last-modified
Fri, 06 Sep 2024 12:49:36 GMT
pragma
no-cache
referrer-policy
origin
server-timing
cdn-cache; desc=MISS edge; dur=16 origin; dur=18 ak_p; desc="1728923959181_388358789_68855892_3487_11654_20_0_255";dur=1
strict-transport-security
max-age=31536000; includeSubDomains; preload;
vary
Accept-Encoding
x-akamai-transformed
9 974 0 pmb=mRUM,2
x-content-type-options
nosniff
x-robots-tag
none

Redirect headers

cache-control
max-age=0, no-cache, no-store
content-length
0
date
Mon, 14 Oct 2024 16:39:19 GMT
expires
Mon, 14 Oct 2024 16:39:19 GMT
location
/login/
pragma
no-cache
server-timing
cdn-cache; desc=MISS edge; dur=57 origin; dur=11 ak_p; desc="1728923957466_388358789_68855728_6864_18431_20_1581_255";dur=1
strict-transport-security
max-age=31536000; includeSubDomains; preload
css
fonts.bunny.net/ 		50 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.bunny.net/css?family=open-sans:300,300i,400,400i,600,600i,700,700i&display=swap
Requested by
Host: identity.qvc.it
URL: https://identity.qvc.it/login/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.39 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-39.bunnyinfra.net
Software
BunnyCDN-DE1-1082 /
Resource Hash
4ce27d0c3ccb98258f618746687f099c9fe9bc0e94b594cb320c4c795bb41975

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://identity.qvc.it/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
date
Mon, 14 Oct 2024 16:39:19 GMT
last-modified
Sun, 13 Oct 2024 03:27:59 GMT
cdn-cachedat
10/13/2024 03:27:59
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cdn-requestpullcode
200
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cache
HIT
cache-control
public, max-age=2592000
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
cdn-requestid
3571b8e2aa32e650ffcec6fcf9697900
cdn-pullzone
781720
cdn-proxyver
1.04
access-control-allow-origin
*
cdn-triggerededgerule
b3750a22-96a1-44b1-a42b-b92c4f837228, 15d6752c-ad08-4acc-ba29-e01bf646bed3, be0a35cd-098d-4e78-a9da-169af9eddd47, 07da37a9-85f7-42fb-ae2a-22a091104765, d944a892-18f1-444f-a77a-6d51a617eb58, 1539f9e2-8c51-4589-9c87-1d60cb661be4, 768ff1fe-6d3f-4876-a791-211255ac1499
cdn-edgestorageid
1080
server
BunnyCDN-DE1-1082
cdn-requestcountrycode
IT
chunk-vendors.38c40a24.js
identity.qvc.it/login/js/ 		1 MB
378 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://identity.qvc.it/login/js/chunk-vendors.38c40a24.js
Requested by
Host: identity.qvc.it
URL: https://identity.qvc.it/login/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.31.83.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-83-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8bba46211429ec1471ca8adcc18a3fe9caf8e4dbffca4b250b6f63ebaf9804c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://identity.qvc.it/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-robots-tag
none
cache-control
max-age=234239
content-encoding
gzip
etag
"66f4c2f7-13ebe7"
accept-ranges
bytes
server-timing
cdn-cache; desc=HIT, edge; dur=2, ak_p; desc="1728923959283_388358789_68856020_267_8764_19_0_146";dur=1
content-length
386668
date
Mon, 14 Oct 2024 16:39:19 GMT
content-type
application/javascript
last-modified
Thu, 26 Sep 2024 02:12:07 GMT
vary
Accept-Encoding
app.0a0afd0e.js
identity.qvc.it/login/js/ 		163 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://identity.qvc.it/login/js/app.0a0afd0e.js
Requested by
Host: identity.qvc.it
URL: https://identity.qvc.it/login/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.31.83.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-83-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4dead7682857cec78ab9cc6d3b5ba4e75b6fb4813af4dde591ea0a89d7697c08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://identity.qvc.it/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-robots-tag
none
cache-control
max-age=234302
content-encoding
gzip
etag
"66f4c2f7-28ab8"
accept-ranges
bytes
server-timing
cdn-cache; desc=HIT, edge; dur=3, ak_p; desc="1728923959688_388358789_68856529_342_9750_17_0_146";dur=1
content-length
44620
date
Mon, 14 Oct 2024 16:39:19 GMT
content-type
application/javascript
last-modified
Thu, 26 Sep 2024 02:12:07 GMT
vary
Accept-Encoding
chunk-vendors.d2b307bd.css
identity.qvc.it/login/css/ 		79 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://identity.qvc.it/login/css/chunk-vendors.d2b307bd.css
Requested by
Host: identity.qvc.it
URL: https://identity.qvc.it/login/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.31.83.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-83-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
dd642d1262d449cc048ee11d91a4ee61631b366d7d341da97687f7207454ddf8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://identity.qvc.it/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-robots-tag
none
cache-control
max-age=267485
content-encoding
gzip
etag
"66dafa60-13cf5"
accept-ranges
bytes
server-timing
cdn-cache; desc=HIT, edge; dur=4, ak_p; desc="1728923959283_388358789_68856017_468_8826_19_0_255";dur=1
content-length
10387
date
Mon, 14 Oct 2024 16:39:19 GMT
content-type
text/css
last-modified
Fri, 06 Sep 2024 12:49:36 GMT
vary
Accept-Encoding
app.800690e3.css
identity.qvc.it/login/css/ 		196 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://identity.qvc.it/login/css/app.800690e3.css
Requested by
Host: identity.qvc.it
URL: https://identity.qvc.it/login/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.31.83.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-83-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
66d6a679c539e9c78a8e5d04e4bbff47f1824b6e226172284ea0b29b5dd3e3ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://identity.qvc.it/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-robots-tag
none
cache-control
max-age=170109
content-encoding
gzip
etag
"66dafa60-30f27"
accept-ranges
bytes
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1728923959285_388358789_68856019_297_7562_19_0_255";dur=1
content-length
29292
date
Mon, 14 Oct 2024 16:39:19 GMT
content-type
text/css
last-modified
Fri, 06 Sep 2024 12:49:36 GMT
vary
Accept-Encoding
8VZ3A-S77D5-7C5WV-M5YLD-QBMND
s.go-mpulse.net/boomerang/ 		205 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.go-mpulse.net/boomerang/8VZ3A-S77D5-7C5WV-M5YLD-QBMND
Requested by
Host: identity.qvc.it
URL: https://identity.qvc.it/login/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.192.160.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-133.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://identity.qvc.it/

Response headers

cache-control
max-age=604800
timing-allow-origin
*
content-encoding
br
customappheader
mpulse-ab-boomr__git__361fdb1__git__361fdb1__p19.alsi10-lite
content-length
50393
date
Mon, 14 Oct 2024 16:39:21 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 11 Sep 2024 22:12:26 GMT
vary
Accept-Encoding
uiconfig
identity.qvc.it/openidm/info/ 		854 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://identity.qvc.it/openidm/info/uiconfig
Requested by
Host: identity.qvc.it
URL: https://identity.qvc.it/login/js/chunk-vendors.38c40a24.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.31.83.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-83-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6170fe8bee18a1cbfad5db5ec68b9d5c1b059976eb5cbcffe30ba3070f3531f9
Security Headers
Name Value
Content-Security-Policy default-src 'none';frame-ancestors 'none';sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://identity.qvc.it/

Response headers

x-robots-tag
none
x-content-type-options
nosniff
expires
Mon, 14 Oct 2024 16:39:20 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=18, origin; dur=17, ak_p; desc="1728923959980_388358789_68856917_3471_11593_19_0_219";dur=1
date
Mon, 14 Oct 2024 16:39:20 GMT
content-api-version
protocol=2.1,resource=1.0
content-type
application/json;charset=utf-8
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-security-policy
default-src 'none';frame-ancestors 'none';sandbox
cache-control
max-age=0, no-cache, no-store
cross-origin-opener-policy
same-origin
pragma
no-cache
cross-origin-resource-policy
same-origin
x-forgerock-transactionid
6bb03a53-6bc1-4ac0-9e1b-4ff51fbb0374
content-length
854
favicon.ico
identity.qvc.it/ 		184 B
462 B 		Other
General
Check archive.org
Download Go to
Full URL
https://identity.qvc.it/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.31.83.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-83-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ab5b03441676ec2257062800d1387c86389c8a36619866a4e7dd2ae93bd319bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://identity.qvc.it/

Response headers

strict-transport-security
max-age=31536000;includeSubDomains;preload
cache-control
private, no-store
server-timing
cdn-cache; desc=MISS, edge; dur=1443, origin; dur=6, ak_p; desc="1728923959997_388358789_68856939_145102_11390_20_0_219";dur=1
content-length
184
date
Mon, 14 Oct 2024 16:39:21 GMT
content-type
text/html
x-frame-options
SAMEORIGIN
en-US
identity.qvc.it/openidm/config/uilocale/ 		55 B
625 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://identity.qvc.it/openidm/config/uilocale/en-US?_fields=login,shared
Requested by
Host: identity.qvc.it
URL: https://identity.qvc.it/login/js/chunk-vendors.38c40a24.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.31.83.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-83-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
07736e451e9f9580c3ec595b3332bc2bce1b692e1c37100fc741269687bf97cb
Security Headers
Name Value
Content-Security-Policy default-src 'none';frame-ancestors 'none';sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://identity.qvc.it/

Response headers

x-robots-tag
none
x-content-type-options
nosniff
expires
Mon, 14 Oct 2024 16:39:20 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=48, origin; dur=15, ak_p; desc="1728923960082_388358789_68857028_7470_11464_20_0_219";dur=1
date
Mon, 14 Oct 2024 16:39:20 GMT
content-api-version
protocol=2.1,resource=1.0
content-type
application/json;charset=utf-8
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-security-policy
default-src 'none';frame-ancestors 'none';sandbox
cache-control
max-age=0, no-cache, no-store
cross-origin-opener-policy
same-origin
pragma
no-cache
cross-origin-resource-policy
same-origin
x-forgerock-transactionid
e9e68a32-e907-4b61-a682-8a0c107bec2f
content-length
55
en
identity.qvc.it/openidm/config/uilocale/ 		605 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://identity.qvc.it/openidm/config/uilocale/en?_fields=login,shared
Requested by
Host: identity.qvc.it
URL: https://identity.qvc.it/login/js/chunk-vendors.38c40a24.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.31.83.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-83-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
742e31c0af5fbfd27b81d84218e97e1cde639c665574ba7d2eaf5b3a9320f2fd
Security Headers
Name Value
Content-Security-Policy default-src 'none';frame-ancestors 'none';sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://identity.qvc.it/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-robots-tag
none
content-security-policy
default-src 'none';frame-ancestors 'none';sandbox
cache-control
max-age=0, no-cache, no-store
cross-origin-opener-policy
same-origin
pragma
no-cache
cross-origin-resource-policy
same-origin
x-content-type-options
nosniff
x-forgerock-transactionid
1fb5bd8b-fcd8-49da-adae-d57a81fd6ffe
expires
Mon, 14 Oct 2024 16:39:20 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=10, origin; dur=20, ak_p; desc="1728923960070_388358789_68857029_3028_12132_21_0_219";dur=1
content-length
605
date
Mon, 14 Oct 2024 16:39:20 GMT
content-type
application/json;charset=utf-8
x-frame-options
DENY
811.30fa0bcb.js
identity.qvc.it/login/js/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://identity.qvc.it/login/js/811.30fa0bcb.js
Requested by
Host: identity.qvc.it
URL: https://identity.qvc.it/login/js/app.0a0afd0e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.31.83.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-83-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e243f63c45aceffee3e8edf3d974ba41245e357110e999f983ef8e48553a0dad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://identity.qvc.it/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-robots-tag
none
cache-control
max-age=604763
content-encoding
gzip
etag
"67086c02-5d4a"
accept-ranges
bytes
server-timing
cdn-cache; desc=MISS, edge; dur=1911, origin; dur=8, ak_p; desc="1728923960458_388358789_68857511_193318_11723_21_0_146";dur=1
content-length
7475
date
Mon, 14 Oct 2024 16:39:22 GMT
content-type
application/javascript
last-modified
Fri, 11 Oct 2024 00:06:26 GMT
vary
Accept-Encoding
337.4469b31e.css
identity.qvc.it/login/css/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://identity.qvc.it/login/css/337.4469b31e.css
Requested by
Host: identity.qvc.it
URL: https://identity.qvc.it/login/js/app.0a0afd0e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.31.83.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-83-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7bd3ae5aaec07abedd495bfbc56b703b9df4f4baf692da7b7411236ddeacb7b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://identity.qvc.it/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-robots-tag
none
cache-control
max-age=604800
content-encoding
gzip
etag
"66dafa60-2dc7"
accept-ranges
bytes
server-timing
cdn-cache; desc=MISS, edge; dur=2328, origin; dur=14, ak_p; desc="1728923960447_388358789_68857510_234507_9955_19_0_255";dur=1
content-length
1624
date
Mon, 14 Oct 2024 16:39:22 GMT
content-type
text/css
last-modified
Fri, 06 Sep 2024 12:49:36 GMT
vary
Accept-Encoding
337.368574f5.js
identity.qvc.it/login/js/ 		58 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://identity.qvc.it/login/js/337.368574f5.js
Requested by
Host: identity.qvc.it
URL: https://identity.qvc.it/login/js/app.0a0afd0e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.31.83.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-83-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4f9ac3a49689f5342991b6ff9311a88d26b12a0942f15031a452e8757dea7cea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://identity.qvc.it/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-robots-tag
none
cache-control
max-age=604800
content-encoding
gzip
etag
"67086bff-e613"
accept-ranges
bytes
server-timing
cdn-cache; desc=MISS, edge; dur=1847, origin; dur=41, ak_p; desc="1728923960447_388358789_68857512_189000_10563_19_0_146";dur=1
content-length
14474
date
Mon, 14 Oct 2024 16:39:22 GMT
content-type
application/javascript
last-modified
Fri, 11 Oct 2024 00:06:23 GMT
vary
Accept-Encoding
config.json
c.go-mpulse.net/api/ 		612 B
775 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.go-mpulse.net/api/config.json?key=8VZ3A-S77D5-7C5WV-M5YLD-QBMND&d=identity.qvc.it&t=5763080&v=1.720.0&sl=0&si=dfbc2333-9c83-4d1a-bfcd-ea057f6b4108-slcu9h&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=990668
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/8VZ3A-S77D5-7C5WV-M5YLD-QBMND
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.232.134 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-232-134.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
28474b8a676526d719f0473ac84f633fff625b8472e14344560f96f40bdbeab9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://identity.qvc.it/

Response headers

access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=60, stale-if-error=120
content-length
612
alt-svc
h3=":443"; ma=93600
timing-allow-origin
*
date
Mon, 14 Oct 2024 16:39:21 GMT
content-type
application/json
/
02179919.akstat.io/ 		0
226 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://02179919.akstat.io/
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/8VZ3A-S77D5-7C5WV-M5YLD-QBMND
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.192.160.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-133.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://identity.qvc.it/

Response headers

cache-control
max-age=0, no-cache, no-store
timing-allow-origin
*
pragma
no-cache
access-control-allow-credentials
true
expires
Mon, 14 Oct 2024 16:39:21 GMT
access-control-allow-origin
https://identity.qvc.it
alt-svc
h3=":443"; ma=93600
x-xss-protection
0
date
Mon, 14 Oct 2024 16:39:21 GMT
content-type
image/gif
*
identity.qvc.it/am/json/serverinfo/ 		528 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://identity.qvc.it/am/json/serverinfo/*
Requested by
Host: identity.qvc.it
URL: https://identity.qvc.it/login/js/chunk-vendors.38c40a24.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.31.83.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-83-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
18fcd7efc1a39e76be3bbef942b8c732b8239e2c5be7f27e9489faaecbec25b7
Security Headers
Name Value
Content-Security-Policy default-src 'none';frame-ancestors 'none';sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://identity.qvc.it/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
accept-api-version
protocol=1.0,resource=1.1

Response headers

x-robots-tag
none
etag
"243502605"
x-content-type-options
nosniff
expires
Mon, 14 Oct 2024 16:39:22 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=11, origin; dur=18, ak_p; desc="1728923962949_388358789_68861169_2987_12247_27_0_219";dur=1
date
Mon, 14 Oct 2024 16:39:22 GMT
content-api-version
resource=1.1
content-type
application/json;charset=UTF-8
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-security-policy
default-src 'none';frame-ancestors 'none';sandbox
cache-control
max-age=0, no-cache, no-store
cross-origin-opener-policy
same-origin
pragma
no-cache
cross-origin-resource-policy
same-origin
content-security-policy-report-only
frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'
x-forgerock-transactionid
07a79b20-1314-496c-9bcd-c02a10d87dcd
content-length
528
open-sans-latin-400-normal.woff2
fonts.bunny.net/open-sans/files/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.bunny.net/open-sans/files/open-sans-latin-400-normal.woff2
Requested by
Host: fonts.bunny.net
URL: https://fonts.bunny.net/css?family=open-sans:300,300i,400,400i,600,600i,700,700i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.39 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-39.bunnyinfra.net
Software
BunnyCDN-DE1-1082 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://identity.qvc.it
Referer
https://fonts.bunny.net/css?family=open-sans:300,300i,400,400i,600,600i,700,700i&display=swap

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
etag
"66f072c3-48ec"
cdn-fileserver
660
date
Mon, 14 Oct 2024 16:39:23 GMT
cdn-storageserver
DE-679
content-type
font/woff2
last-modified
Sun, 22 Sep 2024 19:40:51 GMT
cdn-cachedat
10/12/2024 20:56:32
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
cache-control
public, max-age=2592000
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
cdn-requestid
a649495808d4ad383a21996a67d9063f
cdn-pullzone
781720
cdn-proxyver
1.04
accept-ranges
bytes
access-control-allow-origin
*
content-length
18668
cdn-triggerededgerule
b3750a22-96a1-44b1-a42b-b92c4f837228, 15d6752c-ad08-4acc-ba29-e01bf646bed3, be0a35cd-098d-4e78-a9da-169af9eddd47, 07da37a9-85f7-42fb-ae2a-22a091104765, d944a892-18f1-444f-a77a-6d51a617eb58, 1539f9e2-8c51-4589-9c87-1d60cb661be4, 768ff1fe-6d3f-4876-a791-211255ac1499
cdn-edgestorageid
1079
server
BunnyCDN-DE1-1082
cdn-requestcountrycode
IT
authenticate
identity.qvc.it/am/json/realms/root/realms/alpha/ 		3 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://identity.qvc.it/am/json/realms/root/realms/alpha/authenticate?
Requested by
Host: identity.qvc.it
URL: https://identity.qvc.it/login/js/chunk-vendors.38c40a24.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.31.83.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-83-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fc1f48bf5aabf4d0dcbe0370ee071878ef534af5e58e6e595daf65522b360419
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

x-forgerock-transactionid
3fb358be-17ac-4d09-85a0-e990ab64c097-request-1
Referer
https://identity.qvc.it/
x-requested-with
forgerock-sdk
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
accept
application/json
accept-api-version
protocol=1.0,resource=2.1
content-type
application/json

Response headers

x-robots-tag
none
content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 14 Oct 2024 16:39:23 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=17, origin; dur=295, ak_p; desc="1728923963042_388358789_68861316_31295_10031_24_0_219";dur=1
date
Mon, 14 Oct 2024 16:39:23 GMT
content-api-version
resource=2.1
content-type
application/json
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload;
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
access-control-allow-credentials
true
content-security-policy-report-only
frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'
x-forgerock-transactionid
3fb358be-17ac-4d09-85a0-e990ab64c097-request-1
access-control-allow-origin
https://identity.qvc.it
content-length
2249
Primary Request authorize
login.microsoftonline.com/ff3213cc-c3f6-45d4-a104-8f7823656fec/oauth2/v2.0/ 		40 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/ff3213cc-c3f6-45d4-a104-8f7823656fec/oauth2/v2.0/authorize?nonce=l4czfdye7i47waahga4850gxn7ri0a6&response_type=code&client_id=9a826a03-be98-428b-a48d-d70327e9cf74&redirect_uri=https://openam-qvceu-euw3.id.forgerock.io/am/XUI/?realm%3Dalpha%26authIndexType%3Dservice%26authIndexValue%3DAzureLogin&scope=openid%20profile%20email&code_challenge=Qq_qjrvvortWkQZV7Aw1ASH9S75jby6k6M0l7ug7Vzo&code_challenge_method=S256&state=6zz0qrosx2m0xro3todcvhm0xtufwy5
Requested by
Host: identity.qvc.it
URL: https://identity.qvc.it/login/js/337.368574f5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.190.160.20 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
88bac9a758deffc4d1351d512d4aad765143192fbe84a749f35d6f89a3d1fb3f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://identity.qvc.it/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache
content-encoding
gzip
content-length
15131
content-type
text/html; charset=utf-8
date
Mon, 14 Oct 2024 16:39:23 GMT
expires
-1
link
<https://aadcdn.msauth.net>; rel=preconnect; crossorigin,<https://aadcdn.msauth.net>; rel=dns-prefetch,<https://aadcdn.msftauth.net>; rel=dns-prefetch
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
p3p
CP="DSP CUR OTPi IND OTRi ONL FIN"
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
on
x-frame-options
DENY
x-ms-ests-server
2.1.19066.8 - SCUS ProdSlices
x-ms-request-id
81020e2c-9980-43b1-b54b-397721df0800
x-ms-srs
1.P
x-xss-protection
0
/
02179919.akstat.io/ 		0
226 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://02179919.akstat.io/
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/8VZ3A-S77D5-7C5WV-M5YLD-QBMND
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.192.160.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-133.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://identity.qvc.it/

Response headers

cache-control
max-age=0, no-cache, no-store
timing-allow-origin
*
pragma
no-cache
access-control-allow-credentials
true
expires
Mon, 14 Oct 2024 16:39:23 GMT
access-control-allow-origin
https://identity.qvc.it
alt-svc
h3=":443"; ma=93600
x-xss-protection
0
date
Mon, 14 Oct 2024 16:39:23 GMT
content-type
image/gif
themerealm
identity.qvc.it/openidm/config/ui/ 		96 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://identity.qvc.it/openidm/config/ui/themerealm
Requested by
Host: identity.qvc.it
URL: https://identity.qvc.it/login/js/chunk-vendors.38c40a24.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.31.83.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-83-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none';frame-ancestors 'none';sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://identity.qvc.it/
x-requested-with
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*

Response headers

x-robots-tag
none
content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 14 Oct 2024 16:39:23 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=11, origin; dur=15, ak_p; desc="1728923963414_388358789_68861908_2622_9430_22_0_219";dur=1
date
Mon, 14 Oct 2024 16:39:23 GMT
content-api-version
protocol=2.1,resource=1.0
content-type
application/json;charset=utf-8
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-security-policy
default-src 'none';frame-ancestors 'none';sandbox
cache-control
max-age=0, no-cache, no-store
cross-origin-opener-policy
same-origin
pragma
no-cache
cross-origin-resource-policy
same-origin
x-forgerock-transactionid
e8f54d2b-fb04-45c4-8f81-d3f03dae316f
content-length
14846
qLogo_2X
qvc.scene7.com/is/image/QVC/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qvc.scene7.com/is/image/QVC/qLogo_2X?fmt=png-alpha&wid=42&op_sharpen=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.216.77.147 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-147.deploy.static.akamaitechnologies.com
Software
Unknown /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://identity.qvc.it/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
etag
"9ba053791f1a3588357593a8f0125837"
x-adobe-smart-imaging
502
x-adobe-assetlist
QlpoOTFBWSZTWdpgPb4AAAOfgAAAkAAIBCFKgICgACAAIpiMD1CAaAFpypi7OAaLuSKcKEhtMB7fAA==
expires
Mon, 14 Oct 2024 19:13:03 GMT
access-control-allow-origin
*
content-length
1266
date
Mon, 14 Oct 2024 16:39:24 GMT
x-adobe-modifierlist
QlpoOTFBWSZTWZs0h2AAAAADgAAKp2PchCAAMU0yMTExCgA0ZilG9xqoJ3uDEEFfF3JFOFCQmzSHYA==
content-type
image/webp
last-modified
Wed, 08 May 2019 19:56:42 GMT
server
Unknown
x-akamai-cache
Hit
akamai-grn
0.936f1002.1728923964.11027755
apple-touch-icon-144x144.png
qvc.scene7.com/is/image/QVC/pic/favicon/rebrand/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://qvc.scene7.com/is/image/QVC/pic/favicon/rebrand/apple-touch-icon-144x144.png?fmt=png-alpha
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.216.77.147 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-147.deploy.static.akamaitechnologies.com
Software
Unknown /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://identity.qvc.it/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
etag
"837b800d0a9116c83c93e5ff2bfdec50"
x-adobe-smart-imaging
-1
x-adobe-assetlist
QlpoOTFBWSZTWc6mNFgAAAifgAADpAAIACEKP+XXQCAAUKNDQAAAEQDIhmiaDZM4MTOklKXAN6rW3f98n4jQt8Ivxq6uQNOiCk9IrCZQ92LuSKcKEhnUxosA
expires
Mon, 14 Oct 2024 17:55:41 GMT
access-control-allow-origin
*
content-length
1332
date
Mon, 14 Oct 2024 16:39:24 GMT
x-adobe-modifierlist
QlpoOTFBWSZTWWSXUl8AAAADgAAKAQIEACAAMM0AwaQuOLuSKcKEgyS6kvg=
content-type
image/webp
last-modified
Fri, 12 Apr 2019 12:37:18 GMT
server
Unknown
x-akamai-cache
Hit
akamai-grn
0.936f1002.1728923964.11027756
converged.v2.login.min_qzvqnltrxpy99ajspyxbgq2.css
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ 		111 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_qzvqnltrxpy99ajspyxbgq2.css
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/ff3213cc-c3f6-45d4-a104-8f7823656fec/oauth2/v2.0/authorize?nonce=l4czfdye7i47waahga4850gxn7ri0a6&response_type=code&client_id=9a826a03-be98-428b-a48d-d70327e9cf74&redirect_uri=https://openam-qvceu-euw3.id.forgerock.io/am/XUI/?realm%3Dalpha%26authIndexType%3Dservice%26authIndexValue%3DAzureLogin&scope=openid%20profile%20email&code_challenge=Qq_qjrvvortWkQZV7Aw1ASH9S75jby6k6M0l7ug7Vzo&code_challenge_method=S256&state=6zz0qrosx2m0xro3todcvhm0xtufwy5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.253.64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1f8ceb44fe7cfcf7e71dbd5122210335ca3821d697a851d2900b95af7d92d69d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://login.microsoftonline.com
Referer
https://login.microsoftonline.com/

Response headers

access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DC9BA9D4131BFD
x-ms-lease-status
unlocked
x-fd-int-roxy-purgeid
4554691
x-cache
TCP_HIT
date
Mon, 14 Oct 2024 16:39:24 GMT
content-type
text/css
last-modified
Wed, 03 Jul 2024 21:48:08 GMT
cache-control
public, max-age=31536000
x-ms-request-id
1e1a6a58-601e-001f-3ff3-197052000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
20414
x-azure-ref
20241014T163924Z-1769c9469bbr87hzuwb53pahd400000006ag000000002sw7
x-ms-blob-type
BlockBlob
ConvergedLogin_PCore_64Z6dmvJd_mCK0LlAXyiHg2.js
aadcdn.msauth.net/shared/1.0/content/js/ 		439 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_64Z6dmvJd_mCK0LlAXyiHg2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/ff3213cc-c3f6-45d4-a104-8f7823656fec/oauth2/v2.0/authorize?nonce=l4czfdye7i47waahga4850gxn7ri0a6&response_type=code&client_id=9a826a03-be98-428b-a48d-d70327e9cf74&redirect_uri=https://openam-qvceu-euw3.id.forgerock.io/am/XUI/?realm%3Dalpha%26authIndexType%3Dservice%26authIndexValue%3DAzureLogin&scope=openid%20profile%20email&code_challenge=Qq_qjrvvortWkQZV7Aw1ASH9S75jby6k6M0l7ug7Vzo&code_challenge_method=S256&state=6zz0qrosx2m0xro3todcvhm0xtufwy5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.253.64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
71ebaadab54ff8b6ef10b58f76af74d1aa7799a6995771fd6bfb709bdcf9ded0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://login.microsoftonline.com
Referer
https://login.microsoftonline.com/

Response headers

access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DCD1D6EFD1736A
x-ms-lease-status
unlocked
x-fd-int-roxy-purgeid
4554691
x-cache
TCP_HIT
date
Mon, 14 Oct 2024 16:39:24 GMT
content-type
application/x-javascript
last-modified
Tue, 10 Sep 2024 20:27:05 GMT
cache-control
public, max-age=31536000
x-ms-request-id
b87e0f52-b01e-007d-6a21-1a8dd8000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
122196
x-azure-ref
20241014T163924Z-1769c9469bbr87hzuwb53pahd400000006ag000000002sw8
x-ms-blob-type
BlockBlob
ux.converged.login.strings-it.min_bgun7cuufinrhhwjpprqew2.js
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ 		60 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-it.min_bgun7cuufinrhhwjpprqew2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/ff3213cc-c3f6-45d4-a104-8f7823656fec/oauth2/v2.0/authorize?nonce=l4czfdye7i47waahga4850gxn7ri0a6&response_type=code&client_id=9a826a03-be98-428b-a48d-d70327e9cf74&redirect_uri=https://openam-qvceu-euw3.id.forgerock.io/am/XUI/?realm%3Dalpha%26authIndexType%3Dservice%26authIndexValue%3DAzureLogin&scope=openid%20profile%20email&code_challenge=Qq_qjrvvortWkQZV7Aw1ASH9S75jby6k6M0l7ug7Vzo&code_challenge_method=S256&state=6zz0qrosx2m0xro3todcvhm0xtufwy5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.253.64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d60579925b61d2e48dd13402e01cdb3ec8553937f78d67abacda16519a8f7a8e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://login.microsoftonline.com
Referer
https://login.microsoftonline.com/

Response headers

access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DCC6D53828F9EF
x-ms-lease-status
unlocked
x-fd-int-roxy-purgeid
0
x-cache
TCP_HIT
date
Mon, 14 Oct 2024 16:39:24 GMT
content-type
application/x-javascript
last-modified
Tue, 27 Aug 2024 20:17:05 GMT
cache-control
public, max-age=31536000
x-ms-request-id
a79974d2-c01e-0058-28d8-1a24a4000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
17250
x-azure-ref
20241014T163924Z-1769c9469bbr87hzuwb53pahd400000006ag000000002sw9
x-ms-blob-type
BlockBlob
Me.htm
login.live.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://login.live.com/Me.htm?v=3
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/ff3213cc-c3f6-45d4-a104-8f7823656fec/oauth2/v2.0/authorize?nonce=l4czfdye7i47waahga4850gxn7ri0a6&response_type=code&client_id=9a826a03-be98-428b-a48d-d70327e9cf74&redirect_uri=https://openam-qvceu-euw3.id.forgerock.io/am/XUI/?realm%3Dalpha%26authIndexType%3Dservice%26authIndexValue%3DAzureLogin&scope=openid%20profile%20email&code_challenge=Qq_qjrvvortWkQZV7Aw1ASH9S75jby6k6M0l7ug7Vzo&code_challenge_method=S256&state=6zz0qrosx2m0xro3todcvhm0xtufwy5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.160.22 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://login.microsoftonline.com/

Response headers
oneDs_f2e0f4a029670f10d892.js
aadcdn.msauth.net/shared/1.0/content/js/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
aadcdn.msauth.net
URL
https://aadcdn.msauth.net/shared/1.0/content/js/oneDs_f2e0f4a029670f10d892.js

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository object| Telemetry object| telemetry_webpackJsonp boolean| __ConvergedLogin_PCore boolean| __

11 Cookies

Domain/Path Name / Value
.qvc.it/ Name: AKA_A2
Value: A
identity.qvc.it/ Name: reentry
Value: 085688e7-3561-40f6-be7d-7edf185f0fc9
.identity.qvc.it/ Name: amlbcookie
Value: 01
login.microsoftonline.com/ Name: buid
Value: 0.AQcAzBMy__bD1EWhBI94I2Vv7ANqgpqYvotCpI3XAyfpz3T_AAA.AQABGgEAAADW6jl31mB3T7ugrWTT8pFedFEJkXaiQoXHy0RKzGs6Csvv6ko9Gjs4FOnzhK86LQNIQdZPdX132YHkc5wVyermarbh6JN_rj9OTYYRwE3lw1ENRjL0VfCv12I1fDrlYAkgAA
.login.microsoftonline.com/ Name: esctx
Value: PAQABBwEAAADW6jl31mB3T7ugrWTT8pFelbgfLEmPOQVK6RkELBsCgCjepvhTdJldp2O1b9c0Dv1Jl4CCBsjE2VHFuuar2OSa3AkvvOpos3clfOEK6YHdCcpdRAJMPkQvAYvsrgc_fBZ11mZwEcRNf47_IORju3mY7uVoHYc3pVKGhHFyRttNfmeGum0PGEHkeZo94IgivyUgAA
.login.microsoftonline.com/ Name: esctx-9piyxcEeqzI
Value: AQABCQEAAADW6jl31mB3T7ugrWTT8pFeZwRIBMIcv5-kVU5YeEXhcYcTcZvFs4XnskoizC5QUNSh_8ib4cnkoIiQotnZ_QBO-ZoqXn6WgBoQdytUZZAiCv9iCC77lb9evoQnz8SJpRpOSMBNQDdqA45ll8649GGTy6h0srIhRVfA88lJ7B7M-CAA
login.microsoftonline.com/ Name: fpc
Value: AgXvIICJYrFDh_YcVph0j1tPdX86AQAAADtAn94OAAAA
login.microsoftonline.com/ Name: x-ms-gateway-slice
Value: estsfd
login.microsoftonline.com/ Name: stsservicecookie
Value: estsfd
.login.live.com/ Name: uaid
Value: 4e1c0650400a4665bda05f6d4387d4d3
.login.live.com/ Name: MSPRequ
Value: id=N&lt=1728923965&co=1

4 Console Messages

Source Level URL
Text
security error URL: https://identity.qvc.it/login/(Line 2)
Message:
[Report Only] Refused to load the script 'https://s.go-mpulse.net/boomerang/8VZ3A-S77D5-7C5WV-M5YLD-QBMND' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' 'unsafe-inline'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
network error URL: https://identity.qvc.it/openidm/config/uilocale/en-US?_fields=login,shared
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://identity.qvc.it/login/(Line 2)
Message:
[Report Only] Refused to load the script 'https://s.go-mpulse.net/boomerang/8VZ3A-S77D5-7C5WV-M5YLD-QBMND' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' 'unsafe-inline'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
network error URL: https://identity.qvc.it/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

02179919.akstat.io
aadcdn.msauth.net
c.go-mpulse.net
fonts.bunny.net
identity.qvc.it
login.live.com
login.microsoftonline.com
qvc.scene7.com
s.go-mpulse.net
aadcdn.msauth.net
13.107.253.64
169.150.247.39
184.31.83.9
20.190.160.20
20.190.160.22
23.216.77.147
23.35.232.134
69.192.160.133
07736e451e9f9580c3ec595b3332bc2bce1b692e1c37100fc741269687bf97cb
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
18fcd7efc1a39e76be3bbef942b8c732b8239e2c5be7f27e9489faaecbec25b7
1f8ceb44fe7cfcf7e71dbd5122210335ca3821d697a851d2900b95af7d92d69d
28474b8a676526d719f0473ac84f633fff625b8472e14344560f96f40bdbeab9
4ce27d0c3ccb98258f618746687f099c9fe9bc0e94b594cb320c4c795bb41975
4dead7682857cec78ab9cc6d3b5ba4e75b6fb4813af4dde591ea0a89d7697c08
4f9ac3a49689f5342991b6ff9311a88d26b12a0942f15031a452e8757dea7cea
6170fe8bee18a1cbfad5db5ec68b9d5c1b059976eb5cbcffe30ba3070f3531f9
66d6a679c539e9c78a8e5d04e4bbff47f1824b6e226172284ea0b29b5dd3e3ba
71ebaadab54ff8b6ef10b58f76af74d1aa7799a6995771fd6bfb709bdcf9ded0
742e31c0af5fbfd27b81d84218e97e1cde639c665574ba7d2eaf5b3a9320f2fd
7bd3ae5aaec07abedd495bfbc56b703b9df4f4baf692da7b7411236ddeacb7b2
88bac9a758deffc4d1351d512d4aad765143192fbe84a749f35d6f89a3d1fb3f
8bba46211429ec1471ca8adcc18a3fe9caf8e4dbffca4b250b6f63ebaf9804c3
ab5b03441676ec2257062800d1387c86389c8a36619866a4e7dd2ae93bd319bc
ac8eb28cd1514985cbc94aeb8fb033b720bed5829d0d961d45f5daa3a6bf45cd
d60579925b61d2e48dd13402e01cdb3ec8553937f78d67abacda16519a8f7a8e
dd642d1262d449cc048ee11d91a4ee61631b366d7d341da97687f7207454ddf8
e243f63c45aceffee3e8edf3d974ba41245e357110e999f983ef8e48553a0dad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fc1f48bf5aabf4d0dcbe0370ee071878ef534af5e58e6e595daf65522b360419