Submitted URL: https://protect-eu.mimecast.com/s/mw64Cyw99irjY9LLFZ1yOu?domain=tmf-group.allaccesspass.com
Effective URL: https://login.microsoftonline.com/733f029c-6cfd-403c-9a41-6c3063491098/saml2?SAMLRequest=tZJbb%2BIwEIX%2FSuT3XBynQCxAQqCirKBFUOhuX...
Submission: On January 31 via manual from IN — Scanned from GB

Summary

This website contacted 9 IPs in 5 countries across 9 domains to perform 40 HTTP transactions. The main IP is 40.126.32.136, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.microsoftonline.com. The Cisco Umbrella rank of the primary domain is 20.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on November 23rd 2022. Valid for: a year.
This is the only time login.microsoftonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 91.220.42.215 42427 (MIMECAST-UK)
1 22 2606:4700::68... 13335 (CLOUDFLAR...)
1 52.218.250.83 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
4 2.18.36.250 16625 (AKAMAI-AS)
1 2 52.17.121.244 16509 (AMAZON-02)
2 40.126.32.136 8075 (MICROSOFT...)
7 152.199.23.37 15133 (EDGECAST)
1 20.190.160.14 8075 (MICROSOFT...)
1 2620:1ec:29:1... 8075 (MICROSOFT...)
40 9
Apex Domain
Subdomains
Transfer
22 allaccesspass.com
tmf-group.allaccesspass.com
982 KB
7 msftauth.net
aadcdn.msftauth.net — Cisco Umbrella Rank: 1157
213 KB
6 gigya.com
cdns.gigya.com — Cisco Umbrella Rank: 8303
cdns.eu1.gigya.com — Cisco Umbrella Rank: 17016
accounts.eu1.gigya.com — Cisco Umbrella Rank: 31917
socialize.eu1.gigya.com — Cisco Umbrella Rank: 38365
194 KB
2 microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 20
106 KB
2 franklincovey.com
analytics.franklincovey.com — Cisco Umbrella Rank: 554678
21 KB
2 mimecast.com
protect-eu.mimecast.com — Cisco Umbrella Rank: 30905
2 KB
1 msftauthimages.net
aadcdn.msftauthimages.net — Cisco Umbrella Rank: 3170
4 KB
1 live.com
login.live.com — Cisco Umbrella Rank: 93
1 amazonaws.com
aap-prod.s3.amazonaws.com
9 KB
40 9
Domain Requested by
22 tmf-group.allaccesspass.com 1 redirects tmf-group.allaccesspass.com
7 aadcdn.msftauth.net login.microsoftonline.com
aadcdn.msftauth.net
3 cdns.eu1.gigya.com cdns.gigya.com
cdns.eu1.gigya.com
2 login.microsoftonline.com cdns.gigya.com
login.microsoftonline.com
2 analytics.franklincovey.com tmf-group.allaccesspass.com
analytics.franklincovey.com
2 protect-eu.mimecast.com 2 redirects
1 aadcdn.msftauthimages.net
1 login.live.com login.microsoftonline.com
1 socialize.eu1.gigya.com 1 redirects
1 accounts.eu1.gigya.com cdns.eu1.gigya.com
1 cdns.gigya.com tmf-group.allaccesspass.com
1 aap-prod.s3.amazonaws.com tmf-group.allaccesspass.com
40 12

This site contains links to these domains. Also see Links.

Domain
www.microsoft.com
privacy.microsoft.com
Subject Issuer Validity Valid
*.allaccesspass.com
Go Daddy Secure Certificate Authority - G2
2022-12-13 -
2024-01-14
a year crt.sh
*.s3.amazonaws.com
Amazon
2022-09-21 -
2023-08-26
a year crt.sh
*.franklincovey.com
Go Daddy Secure Certificate Authority - G2
2022-02-13 -
2023-03-17
a year crt.sh
cdns.gigya.com
DigiCert TLS RSA SHA256 2020 CA1
2022-12-07 -
2023-12-07
a year crt.sh
*.eu1.gigya.com
DigiCert TLS RSA SHA256 2020 CA1
2022-02-02 -
2023-03-05
a year crt.sh
stamp2.login.microsoftonline.com
DigiCert SHA2 Secure Server CA
2022-11-23 -
2023-11-23
a year crt.sh
aadcdn.msftauth.net
DigiCert SHA2 Secure Server CA
2022-04-01 -
2023-04-01
a year crt.sh
login.live.com
DigiCert SHA2 Secure Server CA
2023-01-02 -
2024-01-02
a year crt.sh
aadcdn.msftauthimages.net
Microsoft Azure TLS Issuing CA 05
2022-12-23 -
2023-12-18
a year crt.sh

This page contains 2 frames:

Primary Page: https://login.microsoftonline.com/733f029c-6cfd-403c-9a41-6c3063491098/saml2?SAMLRequest=tZJbb%2BIwEIX%2FSuT3XBynQCxAQqCirKBFUOhuXyrjOKmrxA4ehy3769dJd3t52H3r44w8Pt%2BZM2NgddXQWWuf1FacWgHWyxYTVMrywvhoyAdFjBnj5IoljA%2FZMTnmrkyPaZQcWYIJ8g7CgNRqguIgQl4G0IpMgWXKulYUEz%2FCPsF30YjiIcWDB%2BQtnIpUzPZTT9Y2QMOw0qVUQS250aALq1UllQi4rsMhIUUUp9wf8CL3k4hwP3XSriTRgCQpjtJR2PmIkXetDRe9mwkqWAWiI9owAHkWb50ZgDCd%2BlwraGthdsKcJRf77eqdp5B5HYgWB%2F0qepBOIzw7myF5PN3%2B2N%2Fkt20%2BW67IMoGHu%2F26EfPlodysid0tnrOy%2Bba9UsvDJttezMvu%2FD3%2BdZ8nj3Ng4vqEQ2hCxgF5L3WlgPYxTFBrFNUMJFDFagHUcrqbrVfUadLGaKu5rtB03L2m%2FabNh%2Fn%2Fj7O%2FptH0k8WvsTfuf%2FvD%2BArc0BsHlS02upL80iVVM3ci%2F2LGAe47MveL%2FiltFTSCy0KK3GVYVfrn3AhmXa7WtC7WcPqq%2Bvmcp78B&RelayState=tk1.MITzgu1xRH7mJ2CilpvZI-IihPqgKhZ5bdH-APd32_0&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=csX5C39SlaDfzBnyx%2Fmanaecj4q%2FOGoKvQFTwMyL4XeiEsmvC7duYXwTgsNWucQYfmRtlJGTMVQ3wsuFzgf4TlsFMOKIu2syaq3XbFrhIy03iaU3WMQfSohpR9DYV6wO%2FfLdeZ9%2B%2B4SgTIUoicRzndTRnzH4oFCNLrwtRd2Begb7%2Bmzl4l3YN3nVqiEZ02sHIodo7RZIda1V7QrbDDb3i%2BaPoaGhG5H0zP1uwKOtwn0I6bnw6x63MA04LblzG3HLX1qo9lr18ISd%2BO02Q86BOdJjS2yiS5WJsbPMO6%2FqHCv%2B0W9WjxyqQr7BHhawA3RnXndtHsrXApjAYdNq508syg%3D%3D&sso_reload=true
Frame ID: 3BF47BD36B36375E983F9533AF925B29
Requests: 37 HTTP requests in this frame

Frame: https://cdns.eu1.gigya.com/gs/webSdk/Api.aspx?apiKey=3_qOYUNdOudAGL3G4sZTUMpeCGVgPM3tSDjIgpJR5nGVPIRyrxSvX2zWd4_CsaeFq1&version=latest&build=13622
Frame ID: 772BEA579F120AB2B76EB1411FA2BF0B
Requests: 3 HTTP requests in this frame

Screenshot

Page Title

Sign in to your account

Page URL History Show full URLs

  1. https://protect-eu.mimecast.com/s/mw64Cyw99irjY9LLFZ1yOu?domain=tmf-group.allaccesspass.com HTTP 307
    https://protect-eu.mimecast.com/r/rvwJTGB-Yafv93EsshplcmdMCafnUFpZCgSedsCMiiFaJIBI6frYlBvxQ-U-eF7Kwbv4x-8ZP3... HTTP 307
    https://tmf-group.allaccesspass.com/mod/scorm/view.php?id=16514&directlaunch=1&display=popup HTTP 303
    https://tmf-group.allaccesspass.com/auth/gigya/redirect.php Page URL
  2. https://socialize.eu1.gigya.com/accounts.socialLogin?x_authFlow=redirect&x_provider=saml-tmf-group.allaccess... HTTP 302
    https://login.microsoftonline.com/733f029c-6cfd-403c-9a41-6c3063491098/saml2?SAMLRequest=tZJbb%2BIwEIX%2FSuT3X... Page URL
  3. https://login.microsoftonline.com/733f029c-6cfd-403c-9a41-6c3063491098/saml2?SAMLRequest=tZJbb%2BIwEIX%2FSuT3X... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.gigya\.com/JS/gigya\.js

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • require.*\.js

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • piwik\.js|piwik\.php

Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

40
Requests

100 %
HTTPS

30 %
IPv6

9
Domains

12
Subdomains

9
IPs

5
Countries

1529 kB
Transfer

5857 kB
Size

19
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://protect-eu.mimecast.com/s/mw64Cyw99irjY9LLFZ1yOu?domain=tmf-group.allaccesspass.com HTTP 307
    https://protect-eu.mimecast.com/r/rvwJTGB-Yafv93EsshplcmdMCafnUFpZCgSedsCMiiFaJIBI6frYlBvxQ-U-eF7Kwbv4x-8ZP3nN01ErhoX05o6hlsMBxhGB2M2NbW3p2UxsnEK3keVl3S7oew2jSoDCi8WIt88ZpKAed1lisZ9D_tdg-QJamXWl7252kF15k5wI1eLJzp_BHiwhzOjFdTVmMP4I50QNuuAh9ovbM2P6idiiCBbImE1-TuunWpwU-e9Qv8XzcrjKQP4thp_QXzB9afcmBTezwuWrtSylzDL84GrR3nwhuWhW3SFdLhkm7brGVQRY4jouQTi8_A90CRKev8btFO2MSxNanHpPf3Br_1onHiGD-VRUMbrNsryOtE88TBVJ1x7YGmiAyrjTt34pdi0yyTLLP4975neXTwKx4ZdRbHkDvxcbMGbMiiq7IUq5a-aqEenD6npeOXcxEkRXjslxoazCEaLWkBBYgHz_idM04o3B8jveIvsYerZdfdO6Zg8DZZKsK53I5IcEZFk-Ivz1SrDvF6TWcM922TpDND1WSoTY5L-UXVu8Aoq52XyvrX-yxK5wvPieQGiAK0FVPfqBilU1oKGnaZM-tyWSDzcWFreqXZgjQTpMV2SmK0DIXLls86nNRKN8WCF5Lfb_FE1RaAQOsz_B31kf5onwqipr5232900J8t_SqLxsdwPJ2HWgbtOIDHmYIbNZNT42uXFWtJBEZ219xk-eGXP6HL8m5t9P1NUnF9GlkFos9XWGsC93wBhYmh8JhR10KKNZC2Sm9WKODISNocaQR_aTCn1553tC3sx7r0gk4jzE30Ru_R-pYienM1TRTbx5J8O8FE6EhF3AaY8RfFPwbhdwm1LKWgEdze5-24iLwzVjhTGw5823xim5RoYdjLf_9_VuCeo4cw2bxLl1t8_xcu3miPQgXb-X6r2eZ_Ydsuq6ejgRPUS82w1WskEugrZ2NQKDShMECFPTsnD56EamqDMoODA2x_TZShMwIAp_LKgGWJ9b_o6S2uPfm7m2Zoi42zdMCOAYKxrpXQRNKAvocb5shZje-g_jU0FDmjMTaiCtufB-N_pSfuiEN_TQhBiBRAbBaEOsCjlcU5DxwL47My2cA73IN2PEFyeh1xZ0VQUbW14ocWuOzHzPVUMoAWOFyCrVB_isuv_5VCeCRIelkaMHogY6REItmUBU4PI4qyWmNlHoMNK0bfT7dIHrsKcPVAdVqkn-3LydJBCydr9vdXviQMjMS9FUY60zeYmULja_XtQwAyMQ-s7QoXlNja8sPM2_ZMtHqsu7W4yY2GKnw1yGt1YPX_rxHTgr3XgPPbY0xSpfKREsprFirKDE6MehICFntWOdsxNODeW5IDgb7pIhHdZX4XN-hVmU4mjqoXUEyBt6hiovW2pr7Vh4i6tJ91amjFc1qBktIZxWTYSQ1zjsKL2-moFoRwZm-b4rbPT5xhM10p2t2U1eOISHKsApFHCZNiRk5y_38qv3xdbrPyyABrEeTRAuyK8A9V3HxpMmdhKeV7o7SobtAK2CCPqivTpz0eUftHLgH0z7djw0bWbtjxjW3W9nJCrLitxJ0H-gmWVSUjdjcgRHZklvo9OuGIO_JCw9RS7Ge2YKqj3lsJxRw2kEPGHNIzXxYJevzNXQbsfUk8_OX--Y59TcapgWST144toonQBUg3BmPZXG-zRYGMg_Ni0rOf6gIb23uTltqLNA2ubjEROTCdpNBzFbOXtbXfh-Z9iMi-i--5O0dye0z36WWKAilby-z2kVzo9boAacHwEwJypIDe2AZDl1BA60KilwILKWUSao8P1VDUZb615h0kWX6ltxJIkPfNs8HqnalvGeLZZQ9VkHJygatgQrSdeLwKa4s3MTim9Mx_uBJRCNoenfn-abbbKmDs8YhGqmlU9w8nn78PCLq5Z7uhzX HTTP 307
    https://tmf-group.allaccesspass.com/mod/scorm/view.php?id=16514&directlaunch=1&display=popup HTTP 303
    https://tmf-group.allaccesspass.com/auth/gigya/redirect.php Page URL
  2. https://socialize.eu1.gigya.com/accounts.socialLogin?x_authFlow=redirect&x_provider=saml-tmf-group.allaccesspass.com&x_redirectMethod=post&x_lang=en&x_sessionExpiration=0&x_include=profile%2Cdata&x_includeUserInfo=true&x_redirectURL=https%3A%2F%2Ftmf-group.allaccesspass.com%2Fmod%2Fscorm%2Fview.php%3Fid%3D16514%26directlaunch%3D1%26display%3Dpopup&x_apiDomain=eu1.gigya.com&x_sdk=js_latest&client_id=3_qOYUNdOudAGL3G4sZTUMpeCGVgPM3tSDjIgpJR5nGVPIRyrxSvX2zWd4_CsaeFq1&redirect_uri=%2FGS%2FAfterLogin.aspx&response_type=server_token&state=domain%3Dhttps%253A%252F%252Ftmf-group.allaccesspass.com%252Fauth%252Fgigya%252Fredirect.php%26lid%3Dflid1675153035688%26messaging%3D1%26id%3Daccounts_socialLogin_16751530364121675153036412%26sourceURL%3Dhttps%253A%252F%252Ftmf-group.allaccesspass.com%252Fauth%252Fgigya%252Fredirect.php%26redirectURL%3Dhttps%253A%252F%252Ftmf-group.allaccesspass.com%252Fmod%252Fscorm%252Fview.php%253Fid%253D16514%2526directlaunch%253D1%2526display%253Dpopup%2526gig_events%253Dsocialize.login%26redirectMethod%3Dpost%26addUserInfo%3Dtrue&authMode=cookie HTTP 302
    https://login.microsoftonline.com/733f029c-6cfd-403c-9a41-6c3063491098/saml2?SAMLRequest=tZJbb%2BIwEIX%2FSuT3XBynQCxAQqCirKBFUOhuXyrjOKmrxA4ehy3769dJd3t52H3r44w8Pt%2BZM2NgddXQWWuf1FacWgHWyxYTVMrywvhoyAdFjBnj5IoljA%2FZMTnmrkyPaZQcWYIJ8g7CgNRqguIgQl4G0IpMgWXKulYUEz%2FCPsF30YjiIcWDB%2BQtnIpUzPZTT9Y2QMOw0qVUQS250aALq1UllQi4rsMhIUUUp9wf8CL3k4hwP3XSriTRgCQpjtJR2PmIkXetDRe9mwkqWAWiI9owAHkWb50ZgDCd%2BlwraGthdsKcJRf77eqdp5B5HYgWB%2F0qepBOIzw7myF5PN3%2B2N%2Fkt20%2BW67IMoGHu%2F26EfPlodysid0tnrOy%2Bba9UsvDJttezMvu%2FD3%2BdZ8nj3Ng4vqEQ2hCxgF5L3WlgPYxTFBrFNUMJFDFagHUcrqbrVfUadLGaKu5rtB03L2m%2FabNh%2Fn%2Fj7O%2FptH0k8WvsTfuf%2FvD%2BArc0BsHlS02upL80iVVM3ci%2F2LGAe47MveL%2FiltFTSCy0KK3GVYVfrn3AhmXa7WtC7WcPqq%2Bvmcp78B&RelayState=tk1.MITzgu1xRH7mJ2CilpvZI-IihPqgKhZ5bdH-APd32_0&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=csX5C39SlaDfzBnyx%2Fmanaecj4q%2FOGoKvQFTwMyL4XeiEsmvC7duYXwTgsNWucQYfmRtlJGTMVQ3wsuFzgf4TlsFMOKIu2syaq3XbFrhIy03iaU3WMQfSohpR9DYV6wO%2FfLdeZ9%2B%2B4SgTIUoicRzndTRnzH4oFCNLrwtRd2Begb7%2Bmzl4l3YN3nVqiEZ02sHIodo7RZIda1V7QrbDDb3i%2BaPoaGhG5H0zP1uwKOtwn0I6bnw6x63MA04LblzG3HLX1qo9lr18ISd%2BO02Q86BOdJjS2yiS5WJsbPMO6%2FqHCv%2B0W9WjxyqQr7BHhawA3RnXndtHsrXApjAYdNq508syg%3D%3D Page URL
  3. https://login.microsoftonline.com/733f029c-6cfd-403c-9a41-6c3063491098/saml2?SAMLRequest=tZJbb%2BIwEIX%2FSuT3XBynQCxAQqCirKBFUOhuXyrjOKmrxA4ehy3769dJd3t52H3r44w8Pt%2BZM2NgddXQWWuf1FacWgHWyxYTVMrywvhoyAdFjBnj5IoljA%2FZMTnmrkyPaZQcWYIJ8g7CgNRqguIgQl4G0IpMgWXKulYUEz%2FCPsF30YjiIcWDB%2BQtnIpUzPZTT9Y2QMOw0qVUQS250aALq1UllQi4rsMhIUUUp9wf8CL3k4hwP3XSriTRgCQpjtJR2PmIkXetDRe9mwkqWAWiI9owAHkWb50ZgDCd%2BlwraGthdsKcJRf77eqdp5B5HYgWB%2F0qepBOIzw7myF5PN3%2B2N%2Fkt20%2BW67IMoGHu%2F26EfPlodysid0tnrOy%2Bba9UsvDJttezMvu%2FD3%2BdZ8nj3Ng4vqEQ2hCxgF5L3WlgPYxTFBrFNUMJFDFagHUcrqbrVfUadLGaKu5rtB03L2m%2FabNh%2Fn%2Fj7O%2FptH0k8WvsTfuf%2FvD%2BArc0BsHlS02upL80iVVM3ci%2F2LGAe47MveL%2FiltFTSCy0KK3GVYVfrn3AhmXa7WtC7WcPqq%2Bvmcp78B&RelayState=tk1.MITzgu1xRH7mJ2CilpvZI-IihPqgKhZ5bdH-APd32_0&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=csX5C39SlaDfzBnyx%2Fmanaecj4q%2FOGoKvQFTwMyL4XeiEsmvC7duYXwTgsNWucQYfmRtlJGTMVQ3wsuFzgf4TlsFMOKIu2syaq3XbFrhIy03iaU3WMQfSohpR9DYV6wO%2FfLdeZ9%2B%2B4SgTIUoicRzndTRnzH4oFCNLrwtRd2Begb7%2Bmzl4l3YN3nVqiEZ02sHIodo7RZIda1V7QrbDDb3i%2BaPoaGhG5H0zP1uwKOtwn0I6bnw6x63MA04LblzG3HLX1qo9lr18ISd%2BO02Q86BOdJjS2yiS5WJsbPMO6%2FqHCv%2B0W9WjxyqQr7BHhawA3RnXndtHsrXApjAYdNq508syg%3D%3D&sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://protect-eu.mimecast.com/s/mw64Cyw99irjY9LLFZ1yOu?domain=tmf-group.allaccesspass.com HTTP 307
  • https://protect-eu.mimecast.com/r/rvwJTGB-Yafv93EsshplcmdMCafnUFpZCgSedsCMiiFaJIBI6frYlBvxQ-U-eF7Kwbv4x-8ZP3nN01ErhoX05o6hlsMBxhGB2M2NbW3p2UxsnEK3keVl3S7oew2jSoDCi8WIt88ZpKAed1lisZ9D_tdg-QJamXWl7252kF15k5wI1eLJzp_BHiwhzOjFdTVmMP4I50QNuuAh9ovbM2P6idiiCBbImE1-TuunWpwU-e9Qv8XzcrjKQP4thp_QXzB9afcmBTezwuWrtSylzDL84GrR3nwhuWhW3SFdLhkm7brGVQRY4jouQTi8_A90CRKev8btFO2MSxNanHpPf3Br_1onHiGD-VRUMbrNsryOtE88TBVJ1x7YGmiAyrjTt34pdi0yyTLLP4975neXTwKx4ZdRbHkDvxcbMGbMiiq7IUq5a-aqEenD6npeOXcxEkRXjslxoazCEaLWkBBYgHz_idM04o3B8jveIvsYerZdfdO6Zg8DZZKsK53I5IcEZFk-Ivz1SrDvF6TWcM922TpDND1WSoTY5L-UXVu8Aoq52XyvrX-yxK5wvPieQGiAK0FVPfqBilU1oKGnaZM-tyWSDzcWFreqXZgjQTpMV2SmK0DIXLls86nNRKN8WCF5Lfb_FE1RaAQOsz_B31kf5onwqipr5232900J8t_SqLxsdwPJ2HWgbtOIDHmYIbNZNT42uXFWtJBEZ219xk-eGXP6HL8m5t9P1NUnF9GlkFos9XWGsC93wBhYmh8JhR10KKNZC2Sm9WKODISNocaQR_aTCn1553tC3sx7r0gk4jzE30Ru_R-pYienM1TRTbx5J8O8FE6EhF3AaY8RfFPwbhdwm1LKWgEdze5-24iLwzVjhTGw5823xim5RoYdjLf_9_VuCeo4cw2bxLl1t8_xcu3miPQgXb-X6r2eZ_Ydsuq6ejgRPUS82w1WskEugrZ2NQKDShMECFPTsnD56EamqDMoODA2x_TZShMwIAp_LKgGWJ9b_o6S2uPfm7m2Zoi42zdMCOAYKxrpXQRNKAvocb5shZje-g_jU0FDmjMTaiCtufB-N_pSfuiEN_TQhBiBRAbBaEOsCjlcU5DxwL47My2cA73IN2PEFyeh1xZ0VQUbW14ocWuOzHzPVUMoAWOFyCrVB_isuv_5VCeCRIelkaMHogY6REItmUBU4PI4qyWmNlHoMNK0bfT7dIHrsKcPVAdVqkn-3LydJBCydr9vdXviQMjMS9FUY60zeYmULja_XtQwAyMQ-s7QoXlNja8sPM2_ZMtHqsu7W4yY2GKnw1yGt1YPX_rxHTgr3XgPPbY0xSpfKREsprFirKDE6MehICFntWOdsxNODeW5IDgb7pIhHdZX4XN-hVmU4mjqoXUEyBt6hiovW2pr7Vh4i6tJ91amjFc1qBktIZxWTYSQ1zjsKL2-moFoRwZm-b4rbPT5xhM10p2t2U1eOISHKsApFHCZNiRk5y_38qv3xdbrPyyABrEeTRAuyK8A9V3HxpMmdhKeV7o7SobtAK2CCPqivTpz0eUftHLgH0z7djw0bWbtjxjW3W9nJCrLitxJ0H-gmWVSUjdjcgRHZklvo9OuGIO_JCw9RS7Ge2YKqj3lsJxRw2kEPGHNIzXxYJevzNXQbsfUk8_OX--Y59TcapgWST144toonQBUg3BmPZXG-zRYGMg_Ni0rOf6gIb23uTltqLNA2ubjEROTCdpNBzFbOXtbXfh-Z9iMi-i--5O0dye0z36WWKAilby-z2kVzo9boAacHwEwJypIDe2AZDl1BA60KilwILKWUSao8P1VDUZb615h0kWX6ltxJIkPfNs8HqnalvGeLZZQ9VkHJygatgQrSdeLwKa4s3MTim9Mx_uBJRCNoenfn-abbbKmDs8YhGqmlU9w8nn78PCLq5Z7uhzX HTTP 307
  • https://tmf-group.allaccesspass.com/mod/scorm/view.php?id=16514&directlaunch=1&display=popup HTTP 303
  • https://tmf-group.allaccesspass.com/auth/gigya/redirect.php
Request Chain 29
  • https://socialize.eu1.gigya.com/accounts.socialLogin?x_authFlow=redirect&x_provider=saml-tmf-group.allaccesspass.com&x_redirectMethod=post&x_lang=en&x_sessionExpiration=0&x_include=profile%2Cdata&x_includeUserInfo=true&x_redirectURL=https%3A%2F%2Ftmf-group.allaccesspass.com%2Fmod%2Fscorm%2Fview.php%3Fid%3D16514%26directlaunch%3D1%26display%3Dpopup&x_apiDomain=eu1.gigya.com&x_sdk=js_latest&client_id=3_qOYUNdOudAGL3G4sZTUMpeCGVgPM3tSDjIgpJR5nGVPIRyrxSvX2zWd4_CsaeFq1&redirect_uri=%2FGS%2FAfterLogin.aspx&response_type=server_token&state=domain%3Dhttps%253A%252F%252Ftmf-group.allaccesspass.com%252Fauth%252Fgigya%252Fredirect.php%26lid%3Dflid1675153035688%26messaging%3D1%26id%3Daccounts_socialLogin_16751530364121675153036412%26sourceURL%3Dhttps%253A%252F%252Ftmf-group.allaccesspass.com%252Fauth%252Fgigya%252Fredirect.php%26redirectURL%3Dhttps%253A%252F%252Ftmf-group.allaccesspass.com%252Fmod%252Fscorm%252Fview.php%253Fid%253D16514%2526directlaunch%253D1%2526display%253Dpopup%2526gig_events%253Dsocialize.login%26redirectMethod%3Dpost%26addUserInfo%3Dtrue&authMode=cookie HTTP 302
  • https://login.microsoftonline.com/733f029c-6cfd-403c-9a41-6c3063491098/saml2?SAMLRequest=tZJbb%2BIwEIX%2FSuT3XBynQCxAQqCirKBFUOhuXyrjOKmrxA4ehy3769dJd3t52H3r44w8Pt%2BZM2NgddXQWWuf1FacWgHWyxYTVMrywvhoyAdFjBnj5IoljA%2FZMTnmrkyPaZQcWYIJ8g7CgNRqguIgQl4G0IpMgWXKulYUEz%2FCPsF30YjiIcWDB%2BQtnIpUzPZTT9Y2QMOw0qVUQS250aALq1UllQi4rsMhIUUUp9wf8CL3k4hwP3XSriTRgCQpjtJR2PmIkXetDRe9mwkqWAWiI9owAHkWb50ZgDCd%2BlwraGthdsKcJRf77eqdp5B5HYgWB%2F0qepBOIzw7myF5PN3%2B2N%2Fkt20%2BW67IMoGHu%2F26EfPlodysid0tnrOy%2Bba9UsvDJttezMvu%2FD3%2BdZ8nj3Ng4vqEQ2hCxgF5L3WlgPYxTFBrFNUMJFDFagHUcrqbrVfUadLGaKu5rtB03L2m%2FabNh%2Fn%2Fj7O%2FptH0k8WvsTfuf%2FvD%2BArc0BsHlS02upL80iVVM3ci%2F2LGAe47MveL%2FiltFTSCy0KK3GVYVfrn3AhmXa7WtC7WcPqq%2Bvmcp78B&RelayState=tk1.MITzgu1xRH7mJ2CilpvZI-IihPqgKhZ5bdH-APd32_0&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=csX5C39SlaDfzBnyx%2Fmanaecj4q%2FOGoKvQFTwMyL4XeiEsmvC7duYXwTgsNWucQYfmRtlJGTMVQ3wsuFzgf4TlsFMOKIu2syaq3XbFrhIy03iaU3WMQfSohpR9DYV6wO%2FfLdeZ9%2B%2B4SgTIUoicRzndTRnzH4oFCNLrwtRd2Begb7%2Bmzl4l3YN3nVqiEZ02sHIodo7RZIda1V7QrbDDb3i%2BaPoaGhG5H0zP1uwKOtwn0I6bnw6x63MA04LblzG3HLX1qo9lr18ISd%2BO02Q86BOdJjS2yiS5WJsbPMO6%2FqHCv%2B0W9WjxyqQr7BHhawA3RnXndtHsrXApjAYdNq508syg%3D%3D

40 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
redirect.php
tmf-group.allaccesspass.com/auth/gigya/
Redirect Chain
  • https://protect-eu.mimecast.com/s/mw64Cyw99irjY9LLFZ1yOu?domain=tmf-group.allaccesspass.com
  • https://protect-eu.mimecast.com/r/rvwJTGB-Yafv93EsshplcmdMCafnUFpZCgSedsCMiiFaJIBI6frYlBvxQ-U-eF7Kwbv4x-8ZP3nN01ErhoX05o6hlsMBxhGB2M2NbW3p2UxsnEK3keVl3S7oew2jSoDCi8WIt88ZpKAed1lisZ9D_tdg-QJamXWl725...
  • https://tmf-group.allaccesspass.com/mod/scorm/view.php?id=16514&directlaunch=1&display=popup
  • https://tmf-group.allaccesspass.com/auth/gigya/redirect.php
25 KB
25 KB
Document
General
Full URL
https://tmf-group.allaccesspass.com/auth/gigya/redirect.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d7a477e8182a917efb1ec5c17415696627980510224b98c164ece2575eea4bf
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
none
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
access-control-allow-methods
GET, OPTIONS
cache-control
private, pre-check=0, post-check=0, max-age=0, no-transform
cf-cache-status
DYNAMIC
cf-ray
7921026ec8b4889e-LHR
content-language
en
content-script-type
text/javascript
content-style-type
text/css
content-type
text/html; charset=utf-8
date
Tue, 31 Jan 2023 08:17:11 GMT
expires
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=15768000
x-content-type-options
nosniff
x-frame-options
sameorigin
x-ua-compatible
IE=edge
x-xss-protection
1; mode=block

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
access-control-allow-methods
GET, OPTIONS
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7921026a6af7889e-LHR
content-language
en
content-type
text/html; charset=utf-8
date
Tue, 31 Jan 2023 08:17:11 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://tmf-group.allaccesspass.com/auth/gigya/redirect.php
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=15768000
x-content-type-options
nosniff
x-redirect-by
Moodle
x-xss-protection
1; mode=block
yui_combo.php
tmf-group.allaccesspass.com/theme/
5 KB
2 KB
Stylesheet
General
Full URL
https://tmf-group.allaccesspass.com/theme/yui_combo.php?3.17.2/cssreset/cssreset-min.css&3.17.2/cssfonts/cssfonts-min.css&3.17.2/cssgrids/cssgrids-min.css&3.17.2/cssbase/cssbase-min.css
Requested by
Host: tmf-group.allaccesspass.com
URL: https://tmf-group.allaccesspass.com/auth/gigya/redirect.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3195ad9f8f03f61bbc60571b47b67ba7e41b0cf29e881ab188ff2dadf766e073
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tmf-group.allaccesspass.com/auth/gigya/redirect.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 08:17:12 GMT
strict-transport-security
max-age=15768000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
content-disposition
inline; filename="combo"
x-xss-protection
1; mode=block
pragma
last-modified
Sat, 28 Jan 2023 08:06:06 GMT
server
cloudflare
etag
W/"27dd1ce6eca23b53d4028dba08a0b3030dbedf0f"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/css;charset=UTF-8
cache-control
public, max-age=31104000, immutable
access-control-allow-credentials
true
cf-ray
79210270bb49889e-LHR
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
expires
Fri, 26 Jan 2024 08:17:12 GMT
yui_combo.php
tmf-group.allaccesspass.com/theme/
4 KB
1 KB
Stylesheet
General
Full URL
https://tmf-group.allaccesspass.com/theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple-min.css
Requested by
Host: tmf-group.allaccesspass.com
URL: https://tmf-group.allaccesspass.com/auth/gigya/redirect.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbd5b8255a99afe96e89a88423275ed4e93083fad3311dd349906122e63206a0
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tmf-group.allaccesspass.com/auth/gigya/redirect.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 08:17:12 GMT
strict-transport-security
max-age=15768000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
content-disposition
inline; filename="combo"
x-xss-protection
1; mode=block
pragma
last-modified
Sat, 28 Jan 2023 08:06:06 GMT
server
cloudflare
etag
W/"b9bc567c469e2872cf3bbb14603342a72de2509b"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/css;charset=UTF-8
cache-control
public, max-age=31104000, immutable
access-control-allow-credentials
true
cf-ray
79210270bb4b889e-LHR
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
expires
Fri, 26 Jan 2024 08:17:12 GMT
all
tmf-group.allaccesspass.com/theme/styles.php/explore/1674951663_1674954471/
1 MB
173 KB
Stylesheet
General
Full URL
https://tmf-group.allaccesspass.com/theme/styles.php/explore/1674951663_1674954471/all
Requested by
Host: tmf-group.allaccesspass.com
URL: https://tmf-group.allaccesspass.com/auth/gigya/redirect.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b83739220d79ca81b1b6d3c8f92bd9d2093496f5898408256735938d5fff543
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tmf-group.allaccesspass.com/auth/gigya/redirect.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 08:17:12 GMT
strict-transport-security
max-age=15768000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
content-disposition
inline; filename="styles.php"
x-xss-protection
1; mode=block
pragma
last-modified
Sun, 29 Jan 2023 01:09:07 GMT
server
cloudflare
etag
W/"f17316f7bb09f2a77c4315baad5f0958be1fe1f9"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/css; charset=utf-8
cache-control
public, max-age=7776000, immutable
access-control-allow-credentials
true
cf-ray
79210270bb4c889e-LHR
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
expires
Mon, 01 May 2023 08:17:12 GMT
bootstrap.css
tmf-group.allaccesspass.com/theme/explore/style/
174 KB
24 KB
Stylesheet
General
Full URL
https://tmf-group.allaccesspass.com/theme/explore/style/bootstrap.css
Requested by
Host: tmf-group.allaccesspass.com
URL: https://tmf-group.allaccesspass.com/auth/gigya/redirect.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c1a4c25634d5841924aab1848acc9dcbc3d5672183053c8b71ff2139b65d7c3
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tmf-group.allaccesspass.com/auth/gigya/redirect.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 08:17:12 GMT
strict-transport-security
max-age=15768000
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
x-xss-protection
1; mode=block
last-modified
Sat, 28 Jan 2023 08:04:22 GMT
server
cloudflare
etag
W/"2b7e8-5f34e6dff4d80"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/css
cache-control
public, max-age=86400
access-control-allow-credentials
true
cf-ray
79210270bb4d889e-LHR
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
expires
Wed, 01 Feb 2023 08:17:12 GMT
polyfill.min.js
tmf-group.allaccesspass.com/lib/javascript.php/1674951663/lib/babel-polyfill/
97 KB
34 KB
Script
General
Full URL
https://tmf-group.allaccesspass.com/lib/javascript.php/1674951663/lib/babel-polyfill/polyfill.min.js
Requested by
Host: tmf-group.allaccesspass.com
URL: https://tmf-group.allaccesspass.com/auth/gigya/redirect.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9e07890edf5f6f350ef465b37479fc6192923e60e64d9f20af37eb3b011cc66
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tmf-group.allaccesspass.com/auth/gigya/redirect.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 08:17:12 GMT
strict-transport-security
max-age=15768000
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
content-disposition
inline; filename="javascript.php"
x-xss-protection
1; mode=block
pragma
last-modified
Sun, 29 Jan 2023 07:09:30 GMT
server
cloudflare
etag
W/"7509f035fb6f4d3d6e09723c87ddaf8a041f862f"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=7776000
access-control-allow-credentials
true
cf-ray
79210270bb4e889e-LHR
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
expires
Mon, 01 May 2023 08:17:12 GMT
polyfill.js
tmf-group.allaccesspass.com/lib/javascript.php/1674951663/lib/polyfills/
17 KB
5 KB
Script
General
Full URL
https://tmf-group.allaccesspass.com/lib/javascript.php/1674951663/lib/polyfills/polyfill.js
Requested by
Host: tmf-group.allaccesspass.com
URL: https://tmf-group.allaccesspass.com/auth/gigya/redirect.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
244ff779cc4a0d32d8a21e1dceece94080b39c4b2c77ab5c0a772f333db71216
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tmf-group.allaccesspass.com/auth/gigya/redirect.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 08:17:12 GMT
strict-transport-security
max-age=15768000
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
content-disposition
inline; filename="javascript.php"
x-xss-protection
1; mode=block
pragma
last-modified
Sun, 29 Jan 2023 07:09:29 GMT
server
cloudflare
etag
W/"f4f62e17d5ac64b26e498e245cd28209fc4dfd5b"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=7776000
access-control-allow-credentials
true
cf-ray
79210270bb4f889e-LHR
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
expires
Mon, 01 May 2023 08:17:12 GMT
yui_combo.php
tmf-group.allaccesspass.com/theme/
276 KB
84 KB
Script
General
Full URL
https://tmf-group.allaccesspass.com/theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple-min.js
Requested by
Host: tmf-group.allaccesspass.com
URL: https://tmf-group.allaccesspass.com/auth/gigya/redirect.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13eaaadfa414f262b7964320054bb2b322b9ef9f3522bc25c9d60dc83b5141cf
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tmf-group.allaccesspass.com/auth/gigya/redirect.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 08:17:12 GMT
strict-transport-security
max-age=15768000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
content-disposition
inline; filename="combo"
x-xss-protection
1; mode=block
pragma
last-modified
Sat, 28 Jan 2023 08:06:06 GMT
server
cloudflare
etag
W/"78581a0bac8a932effb32db3e91e0f2f2b47c08e"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
cache-control
public, max-age=31104000, immutable
access-control-allow-credentials
true
cf-ray
79210270bb52889e-LHR
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
expires
Fri, 26 Jan 2024 08:17:12 GMT
javascript-static.js
tmf-group.allaccesspass.com/lib/javascript.php/1674951663/lib/
21 KB
7 KB
Script
General
Full URL
https://tmf-group.allaccesspass.com/lib/javascript.php/1674951663/lib/javascript-static.js
Requested by
Host: tmf-group.allaccesspass.com
URL: https://tmf-group.allaccesspass.com/auth/gigya/redirect.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec9d65cb26cade9adcf9c012734551cf8c86c49a1ff45fef12662ae42f312e3f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tmf-group.allaccesspass.com/auth/gigya/redirect.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 08:17:12 GMT
strict-transport-security
max-age=15768000
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
content-disposition
inline; filename="javascript.php"
x-xss-protection
1; mode=block
pragma
last-modified
Sun, 29 Jan 2023 07:09:29 GMT
server
cloudflare
etag
W/"50220ebb00195da95f37e32b448755304dc8b579"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=7776000
access-control-allow-credentials
true
cf-ray
79210270bb54889e-LHR
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
expires
Mon, 01 May 2023 08:17:12 GMT
head
tmf-group.allaccesspass.com/theme/javascript.php/explore/1674951663/
247 KB
82 KB
Script
General
Full URL
https://tmf-group.allaccesspass.com/theme/javascript.php/explore/1674951663/head
Requested by
Host: tmf-group.allaccesspass.com
URL: https://tmf-group.allaccesspass.com/auth/gigya/redirect.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44e1c6e07e9368fef34008b5c7219e220bf4af5e67dd052392670cf73aac5540
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tmf-group.allaccesspass.com/auth/gigya/redirect.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 08:17:12 GMT
strict-transport-security
max-age=15768000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
content-disposition
inline; filename="javascript.php"
x-xss-protection
1; mode=block
pragma
last-modified
Sun, 29 Jan 2023 07:09:32 GMT
server
cloudflare
etag
W/"976d09b297208751e4bc85b153e4da95a3e8f2e1"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=7776000, immutable
access-control-allow-credentials
true
cf-ray
792102718c97889e-LHR
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
expires
Mon, 01 May 2023 08:17:12 GMT
require.min.js
tmf-group.allaccesspass.com/lib/javascript.php/1674951663/lib/requirejs/
17 KB
7 KB
Script
General
Full URL
https://tmf-group.allaccesspass.com/lib/javascript.php/1674951663/lib/requirejs/require.min.js
Requested by
Host: tmf-group.allaccesspass.com
URL: https://tmf-group.allaccesspass.com/auth/gigya/redirect.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ce0dbd6a1df9332653e27d1ddc505c5b78fd82b4112de0ec63840c3fbe0b8c2
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tmf-group.allaccesspass.com/auth/gigya/redirect.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 08:17:12 GMT
strict-transport-security
max-age=15768000
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
content-disposition
inline; filename="javascript.php"
x-xss-protection
1; mode=block
pragma
last-modified
Sun, 29 Jan 2023 07:09:29 GMT
server
cloudflare
etag
W/"bd5800f726ea3fb87988d4e233b91a6acef926d0"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=7776000
access-control-allow-credentials
true
cf-ray
792102718c9b889e-LHR
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
expires
Mon, 01 May 2023 08:17:12 GMT
gotham-book-webfont.woff2
tmf-group.allaccesspass.com/theme/font.php/explore/theme/1674951663/
16 KB
17 KB
Font
General
Full URL
https://tmf-group.allaccesspass.com/theme/font.php/explore/theme/1674951663/gotham-book-webfont.woff2
Requested by
Host: tmf-group.allaccesspass.com
URL: https://tmf-group.allaccesspass.com/theme/styles.php/explore/1674951663_1674954471/all
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88425afc6e97c1d162e0a355b790dc4e020ff80b632e5649697dca5bc784002d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tmf-group.allaccesspass.com/theme/styles.php/explore/1674951663_1674954471/all
Origin
https://tmf-group.allaccesspass.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 08:17:13 GMT
strict-transport-security
max-age=15768000
x-content-type-options
nosniff
cf-cache-status
MISS
content-disposition
inline; filename="gotham-book-webfont.woff2"
content-length
16700
x-xss-protection
1; mode=block
pragma
last-modified
Mon, 30 Jan 2023 09:56:30 GMT
server
cloudflare
etag
"1f908914098b9996206b5dfbb922c8262eecf241"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/font-woff2
access-control-allow-origin
https://tmf-group.allaccesspass.com
cache-control
public, max-age=7776000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
792102781d83889e-LHR
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
expires
Mon, 01 May 2023 08:17:13 GMT
yui_combo.php
tmf-group.allaccesspass.com/theme/
2 KB
968 B
Script
General
Full URL
https://tmf-group.allaccesspass.com/theme/yui_combo.php?m/1674951663/core/event/event-min.js&m/1674951663/filter_mathjaxloader/loader/loader-min.js
Requested by
Host: tmf-group.allaccesspass.com
URL: https://tmf-group.allaccesspass.com/theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7eb61ba5b02c939a8985c145a24985cb3b4e3cadfcfc00fa5bca76aa0d8c5238
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tmf-group.allaccesspass.com/auth/gigya/redirect.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 08:17:13 GMT
strict-transport-security
max-age=15768000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
content-disposition
inline; filename="combo"
x-xss-protection
1; mode=block
pragma
last-modified
Sat, 28 Jan 2023 08:06:04 GMT
server
cloudflare
etag
W/"1eb5560503f4aece60e774892278484a2e4208a1"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
cache-control
public, max-age=31104000, immutable
access-control-allow-credentials
true
cf-ray
792102791ed1889e-LHR
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
expires
Fri, 26 Jan 2024 08:17:13 GMT
f0e85026-64d.jpg
aap-prod.s3.amazonaws.com/80800ed5b4e74b68907d565e2aa7df89/
9 KB
9 KB
Image
General
Full URL
https://aap-prod.s3.amazonaws.com/80800ed5b4e74b68907d565e2aa7df89/f0e85026-64d.jpg
Requested by
Host: tmf-group.allaccesspass.com
URL: https://tmf-group.allaccesspass.com/theme/styles.php/explore/1674951663_1674954471/all
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.250.83 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
356a02f3243113778274eaee7c110df2a21c16bd1e6e866678cc0f508351c462

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tmf-group.allaccesspass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Tue, 31 Jan 2023 08:17:14 GMT
Last-Modified
Fri, 08 Jul 2022 14:39:43 GMT
Server
AmazonS3
x-amz-request-id
AP8EWMFQP2ZAHW52
ETag
"1f29f29989eb71ae1f836e6d85f78eac"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
8965
x-amz-id-2
6CGWPRicYY7NYEg4RN2FiDeMmv5oBV9jtdhD2Oui/Ct8ZasAjwRZKrjScU2xaA8DqAZIlQRg970=
logo_white
tmf-group.allaccesspass.com/theme/image.php/explore/theme/1674951663/
8 KB
8 KB
Image
General
Full URL
https://tmf-group.allaccesspass.com/theme/image.php/explore/theme/1674951663/logo_white
Requested by
Host: tmf-group.allaccesspass.com
URL: https://tmf-group.allaccesspass.com/theme/styles.php/explore/1674951663_1674954471/all
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8edda064d7c63f7054917d4b362a21f658c30402bbb3a2e0c2b068da5d87764
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tmf-group.allaccesspass.com/theme/styles.php/explore/1674951663_1674954471/all
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 08:17:13 GMT
strict-transport-security
max-age=15768000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-disposition
inline; filename="logo_white.png"
content-length
7912
x-xss-protection
1; mode=block
pragma
last-modified
Mon, 30 Jan 2023 09:56:30 GMT
server
cloudflare
etag
"4984e1a8f274f85704da10f7f1f2395d2944d9ac"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
cache-control
public, max-age=7776000, no-transform, immutable
access-control-allow-credentials
true
accept-ranges
none
cf-ray
792102791ed2889e-LHR
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
expires
Mon, 01 May 2023 08:17:13 GMT
fontawesome-webfont.woff2
tmf-group.allaccesspass.com/theme/font.php/explore/theme/1674951663/
75 KB
76 KB
Font
General
Full URL
https://tmf-group.allaccesspass.com/theme/font.php/explore/theme/1674951663/fontawesome-webfont.woff2
Requested by
Host: tmf-group.allaccesspass.com
URL: https://tmf-group.allaccesspass.com/theme/styles.php/explore/1674951663_1674954471/all
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tmf-group.allaccesspass.com/theme/styles.php/explore/1674951663_1674954471/all
Origin
https://tmf-group.allaccesspass.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 08:17:14 GMT
strict-transport-security
max-age=15768000
x-content-type-options
nosniff
cf-cache-status
MISS
content-disposition
inline; filename="fontawesome-webfont.woff2"
content-length
77160
x-xss-protection
1; mode=block
pragma
last-modified
Mon, 30 Jan 2023 09:56:30 GMT
server
cloudflare
etag
"757e1932c58e3dd316692bead9061d860e82260b"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/font-woff2
access-control-allow-origin
https://tmf-group.allaccesspass.com
cache-control
public, max-age=7776000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
792102791ed3889e-LHR
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
expires
Mon, 01 May 2023 08:17:13 GMT
first.js
tmf-group.allaccesspass.com/lib/requirejs.php/1674951663/core/
2 MB
399 KB
Script
General
Full URL
https://tmf-group.allaccesspass.com/lib/requirejs.php/1674951663/core/first.js
Requested by
Host: tmf-group.allaccesspass.com
URL: https://tmf-group.allaccesspass.com/lib/javascript.php/1674951663/lib/requirejs/require.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
464dc53c29fe2f42628ffc7f81a0fc50d8b0d37f15c4dba9b7b13058f0750cc7
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tmf-group.allaccesspass.com/auth/gigya/redirect.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 08:17:14 GMT
strict-transport-security
max-age=15768000
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
content-disposition
inline; filename="requirejs.php"
x-xss-protection
1; mode=block
pragma
last-modified
Sun, 29 Jan 2023 07:09:36 GMT
server
cloudflare
etag
W/"78f8ad1e1d0bb6c9f41eed5a4ae1960ab9108b42"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=7776000
access-control-allow-credentials
true
cf-ray
792102791ed4889e-LHR
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
expires
Mon, 01 May 2023 08:17:13 GMT
yui_combo.php
tmf-group.allaccesspass.com/theme/
5 KB
1 KB
Stylesheet
General
Full URL
https://tmf-group.allaccesspass.com/theme/yui_combo.php?3.17.2/cssbutton/cssbutton-min.css
Requested by
Host: tmf-group.allaccesspass.com
URL: https://tmf-group.allaccesspass.com/theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4cc4d14d94d940a82ceb24dc9c9ae9d4573a436e1369db31f2d9c2b1546fe18
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tmf-group.allaccesspass.com/auth/gigya/redirect.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 08:17:14 GMT
strict-transport-security
max-age=15768000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
content-disposition
inline; filename="combo"
x-xss-protection
1; mode=block
pragma
last-modified
Sat, 28 Jan 2023 08:06:06 GMT
server
cloudflare
etag
W/"323202bec286f8abd417e82b36bf85c33dc46920"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/css;charset=UTF-8
cache-control
public, max-age=31104000, immutable
access-control-allow-credentials
true
cf-ray
7921027d4ccf889e-LHR
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
expires
Fri, 26 Jan 2024 08:17:14 GMT
yui_combo.php
tmf-group.allaccesspass.com/theme/
17 KB
6 KB
Script
General
Full URL
https://tmf-group.allaccesspass.com/theme/yui_combo.php?m/1674951663/core/widget/widget-focusafterclose-min.js&3.17.2/plugin/plugin-min.js&m/1674951663/core/lockscroll/lockscroll-min.js&m/1674951663/core/notification/notification-dialogue-min.js&m/1674951663/core/tooltip/tooltip-min.js&m/1674951663/core/popuphelp/popuphelp-min.js
Requested by
Host: tmf-group.allaccesspass.com
URL: https://tmf-group.allaccesspass.com/theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0643b89f1c7ee48d7c6924f3218038573e96a141d4cabb8245f2b6e1cc114aa7
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tmf-group.allaccesspass.com/auth/gigya/redirect.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 08:17:15 GMT
strict-transport-security
max-age=15768000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
content-disposition
inline; filename="combo"
x-xss-protection
1; mode=block
pragma
last-modified
Sat, 28 Jan 2023 08:06:06 GMT
server
cloudflare
etag
W/"afa36d05c51eb89acc39d0916ea85b0e2b383b49"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
cache-control
public, max-age=31104000, immutable
access-control-allow-credentials
true
cf-ray
792102810a3c889e-LHR
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
expires
Fri, 26 Jan 2024 08:17:14 GMT
jquery-3.5.1.min.js
tmf-group.allaccesspass.com/lib/javascript.php/1674951663/lib/jquery/
87 KB
31 KB
Script
General
Full URL
https://tmf-group.allaccesspass.com/lib/javascript.php/1674951663/lib/jquery/jquery-3.5.1.min.js
Requested by
Host: tmf-group.allaccesspass.com
URL: https://tmf-group.allaccesspass.com/lib/javascript.php/1674951663/lib/requirejs/require.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
621c0f52571ccff5dab81de13db26fda4b4a7dad83a01827c9139571023abea4
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tmf-group.allaccesspass.com/auth/gigya/redirect.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 08:17:15 GMT
strict-transport-security
max-age=15768000
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
content-disposition
inline; filename="javascript.php"
x-xss-protection
1; mode=block
pragma
last-modified
Sun, 29 Jan 2023 07:09:37 GMT
server
cloudflare
etag
W/"e6e7bf70d21d227d143efaac3f89f8ca3f350d48"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=7776000
access-control-allow-credentials
true
cf-ray
792102818b63889e-LHR
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
expires
Mon, 01 May 2023 08:17:15 GMT
piwik.js
analytics.franklincovey.com/
64 KB
21 KB
Script
General
Full URL
https://analytics.franklincovey.com/piwik.js
Requested by
Host: tmf-group.allaccesspass.com
URL: https://tmf-group.allaccesspass.com/auth/gigya/redirect.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:7c6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tmf-group.allaccesspass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 08:17:15 GMT
strict-transport-security
max-age=15768000
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Mon, 24 Oct 2022 21:18:59 GMT
server
cloudflare
content-encoding
gzip
etag
W/"10132-5ebce57053031"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=172800
cf-ray
792102871b0776a3-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
expires
Thu, 02 Feb 2023 08:17:15 GMT
gigya.js
cdns.gigya.com/JS/
470 KB
148 KB
Script
General
Full URL
https://cdns.gigya.com/JS/gigya.js?apiKey=3_qOYUNdOudAGL3G4sZTUMpeCGVgPM3tSDjIgpJR5nGVPIRyrxSvX2zWd4_CsaeFq1
Requested by
Host: tmf-group.allaccesspass.com
URL: https://tmf-group.allaccesspass.com/lib/javascript.php/1674951663/lib/jquery/jquery-3.5.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.36.250 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-36-250.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
02144e8967d6201e0d659c44b4ebf1cc8fbddeb3e0b87b0f02a65926975305f2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tmf-group.allaccesspass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Tue, 31 Jan 2023 08:17:15 GMT
Content-Encoding
gzip
x-soa
true, Gator
Vary
Accept-Encoding
p3p
CP="IDC COR PSA DEV ADM OUR IND ONL"
Access-Control-Allow-Origin
*
x-callid
02903fcd24ac48aa92fbb36b774cf205
Content-Type
text/javascript; charset=utf-8
Cache-Control
public, max-age=900, s-maxage=3600
x-server
us1d-nomad-g59
Connection
keep-alive
x-error-code
0
x-robots-tag
none
Content-Length
150648
Expires
Tue, 31 Jan 2023 08:32:15 GMT
piwik.php
analytics.franklincovey.com/
0
0
Ping
General
Full URL
https://analytics.franklincovey.com/piwik.php?action_name=&idsite=7&rec=1&r=005162&h=8&m=17&s=15&url=https%3A%2F%2Ftmf-group.allaccesspass.com%2Fauth%2Fgigya%2Fredirect.php&_id=6d98668b2ffbe53c&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&dimension1=tmf-group.allaccesspass.com&dimension2=explore&dimension5=en&pv_id=IZNE3w&pf_net=0&pf_srv=303&pf_tfr=139&pf_dm1=1290&pf_dm2=2222&pf_onl=1&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by
Host: analytics.franklincovey.com
URL: https://analytics.franklincovey.com/piwik.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:7c6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tmf-group.allaccesspass.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

sdk.config.get
cdns.eu1.gigya.com/
3 KB
2 KB
Fetch
General
Full URL
https://cdns.eu1.gigya.com/sdk.config.get?apiKey=3_qOYUNdOudAGL3G4sZTUMpeCGVgPM3tSDjIgpJR5nGVPIRyrxSvX2zWd4_CsaeFq1&httpStatusCodes=true
Requested by
Host: cdns.gigya.com
URL: https://cdns.gigya.com/JS/gigya.js?apiKey=3_qOYUNdOudAGL3G4sZTUMpeCGVgPM3tSDjIgpJR5nGVPIRyrxSvX2zWd4_CsaeFq1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.36.250 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-36-250.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e2693bee38bf9cc49ab4041c9f78fc3f1ca05e3a55fb3f9b39d4eae1b0df8c7b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tmf-group.allaccesspass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Tue, 31 Jan 2023 08:17:15 GMT
Content-Encoding
gzip
x-soa
true, Gator
Vary
Accept-Encoding
p3p
CP="IDC COR PSA DEV ADM OUR IND ONL"
Access-Control-Allow-Origin
*
x-callid
c663ae69a7204d63a65a714202f452de
Content-Type
text/javascript; charset=utf-8
Cache-Control
public, s-maxage=120
x-server
us1d-nomad-g48
Connection
keep-alive
Accept-Ranges
bytes
x-error-code
0
x-robots-tag
none
Content-Length
1166
service-nologin.php
tmf-group.allaccesspass.com/lib/ajax/
2 KB
725 B
XHR
General
Full URL
https://tmf-group.allaccesspass.com/lib/ajax/service-nologin.php?info=core_output_load_template_with_dependencies,core_output_load_template_with_dependencies,core_output_load_template_with_dependencies,core_output_load_template_with_dependencies&cachekey=1674951663&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22loading%22%2C%22themename%22%3A%22explore%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A1%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22modal%22%2C%22themename%22%3A%22explore%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A2%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22modal_backdrop%22%2C%22themename%22%3A%22explore%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A3%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22pix_icon%22%2C%22themename%22%3A%22explore%22%2C%22lang%22%3A%22en%22%7D%7D%5D
Requested by
Host: tmf-group.allaccesspass.com
URL: https://tmf-group.allaccesspass.com/lib/javascript.php/1674951663/lib/jquery/jquery-3.5.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62422ec91c58f61dc9c09f25720d9f8df4805f80ba756668b17e3875b6a54ea1
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://tmf-group.allaccesspass.com/auth/gigya/redirect.php
X-Requested-With
XMLHttpRequest
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

pragma
date
Tue, 31 Jan 2023 08:17:16 GMT
strict-transport-security
max-age=15768000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
access-control-allow-methods
GET, OPTIONS
content-type
application/json; charset=utf-8
cache-control
public, max-age=7776000, immutable
access-control-allow-credentials
true
cf-ray
79210289ef1b889e-LHR
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
x-xss-protection
1; mode=block
expires
Mon, 01 May 2023 08:17:16 GMT
service-nologin.php
tmf-group.allaccesspass.com/lib/ajax/
211 B
353 B
XHR
General
Full URL
https://tmf-group.allaccesspass.com/lib/ajax/service-nologin.php?info=6-method-calls&cachekey=1674951663&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22cancel%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A1%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22closebuttontitle%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A2%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22loading%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A3%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22savechanges%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A4%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22showless%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core_form%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A5%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22showmore%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core_form%22%2C%22lang%22%3A%22en%22%7D%7D%5D
Requested by
Host: tmf-group.allaccesspass.com
URL: https://tmf-group.allaccesspass.com/lib/javascript.php/1674951663/lib/jquery/jquery-3.5.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afefe583c5a695189962783424716b19758b2a08e71480cb91a73c88c98a20be
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://tmf-group.allaccesspass.com/auth/gigya/redirect.php
X-Requested-With
XMLHttpRequest
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

pragma
date
Tue, 31 Jan 2023 08:17:16 GMT
strict-transport-security
max-age=15768000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
access-control-allow-methods
GET, OPTIONS
content-type
application/json; charset=utf-8
cache-control
public, max-age=7776000, immutable
access-control-allow-credentials
true
cf-ray
79210289ff29889e-LHR
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
x-xss-protection
1; mode=block
expires
Mon, 01 May 2023 08:17:15 GMT
Api.aspx
cdns.eu1.gigya.com/gs/webSdk/ Frame 772B
119 KB
41 KB
Document
General
Full URL
https://cdns.eu1.gigya.com/gs/webSdk/Api.aspx?apiKey=3_qOYUNdOudAGL3G4sZTUMpeCGVgPM3tSDjIgpJR5nGVPIRyrxSvX2zWd4_CsaeFq1&version=latest&build=13622
Requested by
Host: cdns.gigya.com
URL: https://cdns.gigya.com/JS/gigya.js?apiKey=3_qOYUNdOudAGL3G4sZTUMpeCGVgPM3tSDjIgpJR5nGVPIRyrxSvX2zWd4_CsaeFq1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.36.250 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-36-250.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
99a0b3faced06a4d7485f9a9210d14ac44fefc5adfaa7aa6845447e8805d0090
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://tmf-group.allaccesspass.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400, s-maxage=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Length
41409
Content-Type
text/html; charset=utf-8
Date
Tue, 31 Jan 2023 08:17:16 GMT
Vary
Accept-Encoding
p3p
CP="IDC COR PSA DEV ADM OUR IND ONL"
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-callid
c0e7ee03290b46de9a68a7a2397488cb
x-error-code
0
x-robots-tag
none
x-server
us1d-nomad-g35
x-soa
true, Gator
sdk.config.get
cdns.eu1.gigya.com/ Frame 772B
3 KB
2 KB
Fetch
General
Full URL
https://cdns.eu1.gigya.com/sdk.config.get?apiKey=3_qOYUNdOudAGL3G4sZTUMpeCGVgPM3tSDjIgpJR5nGVPIRyrxSvX2zWd4_CsaeFq1&httpStatusCodes=true
Requested by
Host: cdns.eu1.gigya.com
URL: https://cdns.eu1.gigya.com/gs/webSdk/Api.aspx?apiKey=3_qOYUNdOudAGL3G4sZTUMpeCGVgPM3tSDjIgpJR5nGVPIRyrxSvX2zWd4_CsaeFq1&version=latest&build=13622
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.36.250 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-36-250.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e2693bee38bf9cc49ab4041c9f78fc3f1ca05e3a55fb3f9b39d4eae1b0df8c7b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cdns.eu1.gigya.com/gs/webSdk/Api.aspx?apiKey=3_qOYUNdOudAGL3G4sZTUMpeCGVgPM3tSDjIgpJR5nGVPIRyrxSvX2zWd4_CsaeFq1&version=latest&build=13622
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Tue, 31 Jan 2023 08:17:16 GMT
Content-Encoding
gzip
x-soa
true, Gator
Vary
Accept-Encoding
p3p
CP="IDC COR PSA DEV ADM OUR IND ONL"
Access-Control-Allow-Origin
*
x-callid
c663ae69a7204d63a65a714202f452de
Content-Type
text/javascript; charset=utf-8
Cache-Control
public, s-maxage=120
x-server
us1d-nomad-g48
Connection
keep-alive
Accept-Ranges
bytes
x-error-code
0
x-robots-tag
none
Content-Length
1166
accounts.webSdkBootstrap
accounts.eu1.gigya.com/ Frame 772B
199 B
1 KB
XHR
General
Full URL
https://accounts.eu1.gigya.com/accounts.webSdkBootstrap?apiKey=3_qOYUNdOudAGL3G4sZTUMpeCGVgPM3tSDjIgpJR5nGVPIRyrxSvX2zWd4_CsaeFq1&pageURL=https%3A%2F%2Ftmf-group.allaccesspass.com%2F&sdk=js_latest&sdkBuild=13622&format=json
Requested by
Host: cdns.eu1.gigya.com
URL: https://cdns.eu1.gigya.com/gs/webSdk/Api.aspx?apiKey=3_qOYUNdOudAGL3G4sZTUMpeCGVgPM3tSDjIgpJR5nGVPIRyrxSvX2zWd4_CsaeFq1&version=latest&build=13622
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.17.121.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-121-244.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
fc4c1a8c5447971819550a55d0150bc7c46b025dcee14e8ec29edb0b7ab2f487

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cdns.eu1.gigya.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 08:17:15 GMT
content-encoding
gzip
x-soa
true, Gator
p3p
CP="IDC COR PSA DEV ADM OUR IND ONL"
x-error-code
0
content-length
175
access-control-max-age
86400
access-control-allow-methods
GET,PUT,DELETE,HEAD,OPTIONS,POST,PATCH
content-type
text/javascript; charset=utf-8
access-control-allow-origin
https://cdns.eu1.gigya.com
x-callid
b6ff6d68f5b5456abc6a18e729368984
cache-control
private
access-control-allow-credentials
true
x-server
eu1a-nomad-g10
vary
Origin, Accept-Encoding
x-robots-tag
none
saml2
login.microsoftonline.com/733f029c-6cfd-403c-9a41-6c3063491098/
Redirect Chain
  • https://socialize.eu1.gigya.com/accounts.socialLogin?x_authFlow=redirect&x_provider=saml-tmf-group.allaccesspass.com&x_redirectMethod=post&x_lang=en&x_sessionExpiration=0&x_include=profile%2Cdata&x...
  • https://login.microsoftonline.com/733f029c-6cfd-403c-9a41-6c3063491098/saml2?SAMLRequest=tZJbb%2BIwEIX%2FSuT3XBynQCxAQqCirKBFUOhuXyrjOKmrxA4ehy3769dJd3t52H3r44w8Pt%2BZM2NgddXQWWuf1FacWgHWyxYTVMrywv...
152 KB
56 KB
Document
General
Full URL
https://login.microsoftonline.com/733f029c-6cfd-403c-9a41-6c3063491098/saml2?SAMLRequest=tZJbb%2BIwEIX%2FSuT3XBynQCxAQqCirKBFUOhuXyrjOKmrxA4ehy3769dJd3t52H3r44w8Pt%2BZM2NgddXQWWuf1FacWgHWyxYTVMrywvhoyAdFjBnj5IoljA%2FZMTnmrkyPaZQcWYIJ8g7CgNRqguIgQl4G0IpMgWXKulYUEz%2FCPsF30YjiIcWDB%2BQtnIpUzPZTT9Y2QMOw0qVUQS250aALq1UllQi4rsMhIUUUp9wf8CL3k4hwP3XSriTRgCQpjtJR2PmIkXetDRe9mwkqWAWiI9owAHkWb50ZgDCd%2BlwraGthdsKcJRf77eqdp5B5HYgWB%2F0qepBOIzw7myF5PN3%2B2N%2Fkt20%2BW67IMoGHu%2F26EfPlodysid0tnrOy%2Bba9UsvDJttezMvu%2FD3%2BdZ8nj3Ng4vqEQ2hCxgF5L3WlgPYxTFBrFNUMJFDFagHUcrqbrVfUadLGaKu5rtB03L2m%2FabNh%2Fn%2Fj7O%2FptH0k8WvsTfuf%2FvD%2BArc0BsHlS02upL80iVVM3ci%2F2LGAe47MveL%2FiltFTSCy0KK3GVYVfrn3AhmXa7WtC7WcPqq%2Bvmcp78B&RelayState=tk1.MITzgu1xRH7mJ2CilpvZI-IihPqgKhZ5bdH-APd32_0&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=csX5C39SlaDfzBnyx%2Fmanaecj4q%2FOGoKvQFTwMyL4XeiEsmvC7duYXwTgsNWucQYfmRtlJGTMVQ3wsuFzgf4TlsFMOKIu2syaq3XbFrhIy03iaU3WMQfSohpR9DYV6wO%2FfLdeZ9%2B%2B4SgTIUoicRzndTRnzH4oFCNLrwtRd2Begb7%2Bmzl4l3YN3nVqiEZ02sHIodo7RZIda1V7QrbDDb3i%2BaPoaGhG5H0zP1uwKOtwn0I6bnw6x63MA04LblzG3HLX1qo9lr18ISd%2BO02Q86BOdJjS2yiS5WJsbPMO6%2FqHCv%2B0W9WjxyqQr7BHhawA3RnXndtHsrXApjAYdNq508syg%3D%3D
Requested by
Host: cdns.gigya.com
URL: https://cdns.gigya.com/JS/gigya.js?apiKey=3_qOYUNdOudAGL3G4sZTUMpeCGVgPM3tSDjIgpJR5nGVPIRyrxSvX2zWd4_CsaeFq1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.126.32.136 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a657b600443c7126389a66345910803fc8d868421fb5e13900cbe7fe092e8934
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tmf-group.allaccesspass.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
55804
Content-Type
text/html; charset=utf-8
Date
Tue, 31 Jan 2023 08:17:15 GMT
Expires
-1
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
x-ms-ests-server
2.1.14526.6 - NEULR1 ProdSlices
x-ms-request-id
b269ad51-3d8b-4ce2-904f-98b7b58c2d00

Redirect headers

cache-control
private
content-length
0
date
Tue, 31 Jan 2023 08:17:16 GMT
location
https://login.microsoftonline.com/733f029c-6cfd-403c-9a41-6c3063491098/saml2?SAMLRequest=tZJbb%2BIwEIX%2FSuT3XBynQCxAQqCirKBFUOhuXyrjOKmrxA4ehy3769dJd3t52H3r44w8Pt%2BZM2NgddXQWWuf1FacWgHWyxYTVMrywvhoyAdFjBnj5IoljA%2FZMTnmrkyPaZQcWYIJ8g7CgNRqguIgQl4G0IpMgWXKulYUEz%2FCPsF30YjiIcWDB%2BQtnIpUzPZTT9Y2QMOw0qVUQS250aALq1UllQi4rsMhIUUUp9wf8CL3k4hwP3XSriTRgCQpjtJR2PmIkXetDRe9mwkqWAWiI9owAHkWb50ZgDCd%2BlwraGthdsKcJRf77eqdp5B5HYgWB%2F0qepBOIzw7myF5PN3%2B2N%2Fkt20%2BW67IMoGHu%2F26EfPlodysid0tnrOy%2Bba9UsvDJttezMvu%2FD3%2BdZ8nj3Ng4vqEQ2hCxgF5L3WlgPYxTFBrFNUMJFDFagHUcrqbrVfUadLGaKu5rtB03L2m%2FabNh%2Fn%2Fj7O%2FptH0k8WvsTfuf%2FvD%2BArc0BsHlS02upL80iVVM3ci%2F2LGAe47MveL%2FiltFTSCy0KK3GVYVfrn3AhmXa7WtC7WcPqq%2Bvmcp78B&RelayState=tk1.MITzgu1xRH7mJ2CilpvZI-IihPqgKhZ5bdH-APd32_0&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=csX5C39SlaDfzBnyx%2Fmanaecj4q%2FOGoKvQFTwMyL4XeiEsmvC7duYXwTgsNWucQYfmRtlJGTMVQ3wsuFzgf4TlsFMOKIu2syaq3XbFrhIy03iaU3WMQfSohpR9DYV6wO%2FfLdeZ9%2B%2B4SgTIUoicRzndTRnzH4oFCNLrwtRd2Begb7%2Bmzl4l3YN3nVqiEZ02sHIodo7RZIda1V7QrbDDb3i%2BaPoaGhG5H0zP1uwKOtwn0I6bnw6x63MA04LblzG3HLX1qo9lr18ISd%2BO02Q86BOdJjS2yiS5WJsbPMO6%2FqHCv%2B0W9WjxyqQr7BHhawA3RnXndtHsrXApjAYdNq508syg%3D%3D
p3p
CP="IDC COR PSA DEV ADM OUR IND ONL"
x-callid
b89d55795efb4bd69f339f83914c4ddc
x-error-code
0
x-robots-tag
none
x-server
eu1a-nomad-g12
x-soa
true, Gator
Primary Request saml2
login.microsoftonline.com/733f029c-6cfd-403c-9a41-6c3063491098/
196 KB
51 KB
Document
General
Full URL
https://login.microsoftonline.com/733f029c-6cfd-403c-9a41-6c3063491098/saml2?SAMLRequest=tZJbb%2BIwEIX%2FSuT3XBynQCxAQqCirKBFUOhuXyrjOKmrxA4ehy3769dJd3t52H3r44w8Pt%2BZM2NgddXQWWuf1FacWgHWyxYTVMrywvhoyAdFjBnj5IoljA%2FZMTnmrkyPaZQcWYIJ8g7CgNRqguIgQl4G0IpMgWXKulYUEz%2FCPsF30YjiIcWDB%2BQtnIpUzPZTT9Y2QMOw0qVUQS250aALq1UllQi4rsMhIUUUp9wf8CL3k4hwP3XSriTRgCQpjtJR2PmIkXetDRe9mwkqWAWiI9owAHkWb50ZgDCd%2BlwraGthdsKcJRf77eqdp5B5HYgWB%2F0qepBOIzw7myF5PN3%2B2N%2Fkt20%2BW67IMoGHu%2F26EfPlodysid0tnrOy%2Bba9UsvDJttezMvu%2FD3%2BdZ8nj3Ng4vqEQ2hCxgF5L3WlgPYxTFBrFNUMJFDFagHUcrqbrVfUadLGaKu5rtB03L2m%2FabNh%2Fn%2Fj7O%2FptH0k8WvsTfuf%2FvD%2BArc0BsHlS02upL80iVVM3ci%2F2LGAe47MveL%2FiltFTSCy0KK3GVYVfrn3AhmXa7WtC7WcPqq%2Bvmcp78B&RelayState=tk1.MITzgu1xRH7mJ2CilpvZI-IihPqgKhZ5bdH-APd32_0&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=csX5C39SlaDfzBnyx%2Fmanaecj4q%2FOGoKvQFTwMyL4XeiEsmvC7duYXwTgsNWucQYfmRtlJGTMVQ3wsuFzgf4TlsFMOKIu2syaq3XbFrhIy03iaU3WMQfSohpR9DYV6wO%2FfLdeZ9%2B%2B4SgTIUoicRzndTRnzH4oFCNLrwtRd2Begb7%2Bmzl4l3YN3nVqiEZ02sHIodo7RZIda1V7QrbDDb3i%2BaPoaGhG5H0zP1uwKOtwn0I6bnw6x63MA04LblzG3HLX1qo9lr18ISd%2BO02Q86BOdJjS2yiS5WJsbPMO6%2FqHCv%2B0W9WjxyqQr7BHhawA3RnXndtHsrXApjAYdNq508syg%3D%3D&sso_reload=true
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/733f029c-6cfd-403c-9a41-6c3063491098/saml2?SAMLRequest=tZJbb%2BIwEIX%2FSuT3XBynQCxAQqCirKBFUOhuXyrjOKmrxA4ehy3769dJd3t52H3r44w8Pt%2BZM2NgddXQWWuf1FacWgHWyxYTVMrywvhoyAdFjBnj5IoljA%2FZMTnmrkyPaZQcWYIJ8g7CgNRqguIgQl4G0IpMgWXKulYUEz%2FCPsF30YjiIcWDB%2BQtnIpUzPZTT9Y2QMOw0qVUQS250aALq1UllQi4rsMhIUUUp9wf8CL3k4hwP3XSriTRgCQpjtJR2PmIkXetDRe9mwkqWAWiI9owAHkWb50ZgDCd%2BlwraGthdsKcJRf77eqdp5B5HYgWB%2F0qepBOIzw7myF5PN3%2B2N%2Fkt20%2BW67IMoGHu%2F26EfPlodysid0tnrOy%2Bba9UsvDJttezMvu%2FD3%2BdZ8nj3Ng4vqEQ2hCxgF5L3WlgPYxTFBrFNUMJFDFagHUcrqbrVfUadLGaKu5rtB03L2m%2FabNh%2Fn%2Fj7O%2FptH0k8WvsTfuf%2FvD%2BArc0BsHlS02upL80iVVM3ci%2F2LGAe47MveL%2FiltFTSCy0KK3GVYVfrn3AhmXa7WtC7WcPqq%2Bvmcp78B&RelayState=tk1.MITzgu1xRH7mJ2CilpvZI-IihPqgKhZ5bdH-APd32_0&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=csX5C39SlaDfzBnyx%2Fmanaecj4q%2FOGoKvQFTwMyL4XeiEsmvC7duYXwTgsNWucQYfmRtlJGTMVQ3wsuFzgf4TlsFMOKIu2syaq3XbFrhIy03iaU3WMQfSohpR9DYV6wO%2FfLdeZ9%2B%2B4SgTIUoicRzndTRnzH4oFCNLrwtRd2Begb7%2Bmzl4l3YN3nVqiEZ02sHIodo7RZIda1V7QrbDDb3i%2BaPoaGhG5H0zP1uwKOtwn0I6bnw6x63MA04LblzG3HLX1qo9lr18ISd%2BO02Q86BOdJjS2yiS5WJsbPMO6%2FqHCv%2B0W9WjxyqQr7BHhawA3RnXndtHsrXApjAYdNq508syg%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.126.32.136 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5161500cbb6467de992929edd8df2309e6fe04255d316f8a22215c1509602674
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://login.microsoftonline.com/733f029c-6cfd-403c-9a41-6c3063491098/saml2?SAMLRequest=tZJbb%2BIwEIX%2FSuT3XBynQCxAQqCirKBFUOhuXyrjOKmrxA4ehy3769dJd3t52H3r44w8Pt%2BZM2NgddXQWWuf1FacWgHWyxYTVMrywvhoyAdFjBnj5IoljA%2FZMTnmrkyPaZQcWYIJ8g7CgNRqguIgQl4G0IpMgWXKulYUEz%2FCPsF30YjiIcWDB%2BQtnIpUzPZTT9Y2QMOw0qVUQS250aALq1UllQi4rsMhIUUUp9wf8CL3k4hwP3XSriTRgCQpjtJR2PmIkXetDRe9mwkqWAWiI9owAHkWb50ZgDCd%2BlwraGthdsKcJRf77eqdp5B5HYgWB%2F0qepBOIzw7myF5PN3%2B2N%2Fkt20%2BW67IMoGHu%2F26EfPlodysid0tnrOy%2Bba9UsvDJttezMvu%2FD3%2BdZ8nj3Ng4vqEQ2hCxgF5L3WlgPYxTFBrFNUMJFDFagHUcrqbrVfUadLGaKu5rtB03L2m%2FabNh%2Fn%2Fj7O%2FptH0k8WvsTfuf%2FvD%2BArc0BsHlS02upL80iVVM3ci%2F2LGAe47MveL%2FiltFTSCy0KK3GVYVfrn3AhmXa7WtC7WcPqq%2Bvmcp78B&RelayState=tk1.MITzgu1xRH7mJ2CilpvZI-IihPqgKhZ5bdH-APd32_0&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=csX5C39SlaDfzBnyx%2Fmanaecj4q%2FOGoKvQFTwMyL4XeiEsmvC7duYXwTgsNWucQYfmRtlJGTMVQ3wsuFzgf4TlsFMOKIu2syaq3XbFrhIy03iaU3WMQfSohpR9DYV6wO%2FfLdeZ9%2B%2B4SgTIUoicRzndTRnzH4oFCNLrwtRd2Begb7%2Bmzl4l3YN3nVqiEZ02sHIodo7RZIda1V7QrbDDb3i%2BaPoaGhG5H0zP1uwKOtwn0I6bnw6x63MA04LblzG3HLX1qo9lr18ISd%2BO02Q86BOdJjS2yiS5WJsbPMO6%2FqHCv%2B0W9WjxyqQr7BHhawA3RnXndtHsrXApjAYdNq508syg%3D%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
50120
Content-Type
text/html; charset=utf-8
Date
Tue, 31 Jan 2023 08:17:16 GMT
Expires
-1
Link
<https://aadcdn.msftauth.net>; rel=preconnect; crossorigin <https://aadcdn.msftauth.net>; rel=dns-prefetch <https://aadcdn.msauth.net>; rel=dns-prefetch
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
on
X-Frame-Options
DENY
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
x-ms-ests-server
2.1.14601.8 - WEULR1 ProdSlices
x-ms-request-id
7c72ec20-e6b6-45f7-b15d-e6e5a9be0400
ConvergedLogin_PCore_107jr3BDJx7vcmkFlFtgbQ2.js
aadcdn.msftauth.net/shared/1.0/content/js/
394 KB
111 KB
Script
General
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_107jr3BDJx7vcmkFlFtgbQ2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/733f029c-6cfd-403c-9a41-6c3063491098/saml2?SAMLRequest=tZJbb%2BIwEIX%2FSuT3XBynQCxAQqCirKBFUOhuXyrjOKmrxA4ehy3769dJd3t52H3r44w8Pt%2BZM2NgddXQWWuf1FacWgHWyxYTVMrywvhoyAdFjBnj5IoljA%2FZMTnmrkyPaZQcWYIJ8g7CgNRqguIgQl4G0IpMgWXKulYUEz%2FCPsF30YjiIcWDB%2BQtnIpUzPZTT9Y2QMOw0qVUQS250aALq1UllQi4rsMhIUUUp9wf8CL3k4hwP3XSriTRgCQpjtJR2PmIkXetDRe9mwkqWAWiI9owAHkWb50ZgDCd%2BlwraGthdsKcJRf77eqdp5B5HYgWB%2F0qepBOIzw7myF5PN3%2B2N%2Fkt20%2BW67IMoGHu%2F26EfPlodysid0tnrOy%2Bba9UsvDJttezMvu%2FD3%2BdZ8nj3Ng4vqEQ2hCxgF5L3WlgPYxTFBrFNUMJFDFagHUcrqbrVfUadLGaKu5rtB03L2m%2FabNh%2Fn%2Fj7O%2FptH0k8WvsTfuf%2FvD%2BArc0BsHlS02upL80iVVM3ci%2F2LGAe47MveL%2FiltFTSCy0KK3GVYVfrn3AhmXa7WtC7WcPqq%2Bvmcp78B&RelayState=tk1.MITzgu1xRH7mJ2CilpvZI-IihPqgKhZ5bdH-APd32_0&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=csX5C39SlaDfzBnyx%2Fmanaecj4q%2FOGoKvQFTwMyL4XeiEsmvC7duYXwTgsNWucQYfmRtlJGTMVQ3wsuFzgf4TlsFMOKIu2syaq3XbFrhIy03iaU3WMQfSohpR9DYV6wO%2FfLdeZ9%2B%2B4SgTIUoicRzndTRnzH4oFCNLrwtRd2Begb7%2Bmzl4l3YN3nVqiEZ02sHIodo7RZIda1V7QrbDDb3i%2BaPoaGhG5H0zP1uwKOtwn0I6bnw6x63MA04LblzG3HLX1qo9lr18ISd%2BO02Q86BOdJjS2yiS5WJsbPMO6%2FqHCv%2B0W9WjxyqQr7BHhawA3RnXndtHsrXApjAYdNq508syg%3D%3D&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/35D1) /
Resource Hash
7882199766af67996985bc27a2da42c974810bb9e4f04e093d5ecb64bf64182e

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 31 Jan 2023 08:17:17 GMT
content-encoding
gzip
content-md5
YWec4sg4ygcaxH6rhV6EKw==
age
1503427
x-cache
HIT
content-length
112962
x-ms-lease-status
unlocked
last-modified
Tue, 10 Jan 2023 18:52:44 GMT
server
ECAcc (lhd/35D1)
etag
0x8DAF33BDC331CF2
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
988ecf6c-b01e-0031-7a9f-27e1f1000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
Me.htm
login.live.com/
0
0
Other
General
Full URL
https://login.live.com/Me.htm?v=3
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/733f029c-6cfd-403c-9a41-6c3063491098/saml2?SAMLRequest=tZJbb%2BIwEIX%2FSuT3XBynQCxAQqCirKBFUOhuXyrjOKmrxA4ehy3769dJd3t52H3r44w8Pt%2BZM2NgddXQWWuf1FacWgHWyxYTVMrywvhoyAdFjBnj5IoljA%2FZMTnmrkyPaZQcWYIJ8g7CgNRqguIgQl4G0IpMgWXKulYUEz%2FCPsF30YjiIcWDB%2BQtnIpUzPZTT9Y2QMOw0qVUQS250aALq1UllQi4rsMhIUUUp9wf8CL3k4hwP3XSriTRgCQpjtJR2PmIkXetDRe9mwkqWAWiI9owAHkWb50ZgDCd%2BlwraGthdsKcJRf77eqdp5B5HYgWB%2F0qepBOIzw7myF5PN3%2B2N%2Fkt20%2BW67IMoGHu%2F26EfPlodysid0tnrOy%2Bba9UsvDJttezMvu%2FD3%2BdZ8nj3Ng4vqEQ2hCxgF5L3WlgPYxTFBrFNUMJFDFagHUcrqbrVfUadLGaKu5rtB03L2m%2FabNh%2Fn%2Fj7O%2FptH0k8WvsTfuf%2FvD%2BArc0BsHlS02upL80iVVM3ci%2F2LGAe47MveL%2FiltFTSCy0KK3GVYVfrn3AhmXa7WtC7WcPqq%2Bvmcp78B&RelayState=tk1.MITzgu1xRH7mJ2CilpvZI-IihPqgKhZ5bdH-APd32_0&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=csX5C39SlaDfzBnyx%2Fmanaecj4q%2FOGoKvQFTwMyL4XeiEsmvC7duYXwTgsNWucQYfmRtlJGTMVQ3wsuFzgf4TlsFMOKIu2syaq3XbFrhIy03iaU3WMQfSohpR9DYV6wO%2FfLdeZ9%2B%2B4SgTIUoicRzndTRnzH4oFCNLrwtRd2Begb7%2Bmzl4l3YN3nVqiEZ02sHIodo7RZIda1V7QrbDDb3i%2BaPoaGhG5H0zP1uwKOtwn0I6bnw6x63MA04LblzG3HLX1qo9lr18ISd%2BO02Q86BOdJjS2yiS5WJsbPMO6%2FqHCv%2B0W9WjxyqQr7BHhawA3RnXndtHsrXApjAYdNq508syg%3D%3D&sso_reload=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.160.14 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

convergedlogin_pcustomizationloader_f226dd7c4f08045ad544.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/
107 KB
32 KB
Script
General
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_f226dd7c4f08045ad544.js
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_107jr3BDJx7vcmkFlFtgbQ2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/35EB) /
Resource Hash
b22fc156c87081fbd745b1742898bbba5755a779d86ada9489c08196cd4d55c8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 31 Jan 2023 08:17:17 GMT
content-encoding
gzip
content-md5
YVvRQn8alC3N3tI6cG7wJQ==
age
1503426
x-cache
HIT
content-length
32196
x-ms-lease-status
unlocked
last-modified
Tue, 10 Jan 2023 18:52:20 GMT
server
ECAcc (lhd/35EB)
etag
0x8DAF33BCDAE8569
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
5ddc9fd8-401e-0085-439f-273361000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/
0
20 KB
Other
General
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/733f029c-6cfd-403c-9a41-6c3063491098/saml2?SAMLRequest=tZJbb%2BIwEIX%2FSuT3XBynQCxAQqCirKBFUOhuXyrjOKmrxA4ehy3769dJd3t52H3r44w8Pt%2BZM2NgddXQWWuf1FacWgHWyxYTVMrywvhoyAdFjBnj5IoljA%2FZMTnmrkyPaZQcWYIJ8g7CgNRqguIgQl4G0IpMgWXKulYUEz%2FCPsF30YjiIcWDB%2BQtnIpUzPZTT9Y2QMOw0qVUQS250aALq1UllQi4rsMhIUUUp9wf8CL3k4hwP3XSriTRgCQpjtJR2PmIkXetDRe9mwkqWAWiI9owAHkWb50ZgDCd%2BlwraGthdsKcJRf77eqdp5B5HYgWB%2F0qepBOIzw7myF5PN3%2B2N%2Fkt20%2BW67IMoGHu%2F26EfPlodysid0tnrOy%2Bba9UsvDJttezMvu%2FD3%2BdZ8nj3Ng4vqEQ2hCxgF5L3WlgPYxTFBrFNUMJFDFagHUcrqbrVfUadLGaKu5rtB03L2m%2FabNh%2Fn%2Fj7O%2FptH0k8WvsTfuf%2FvD%2BArc0BsHlS02upL80iVVM3ci%2F2LGAe47MveL%2FiltFTSCy0KK3GVYVfrn3AhmXa7WtC7WcPqq%2Bvmcp78B&RelayState=tk1.MITzgu1xRH7mJ2CilpvZI-IihPqgKhZ5bdH-APd32_0&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=csX5C39SlaDfzBnyx%2Fmanaecj4q%2FOGoKvQFTwMyL4XeiEsmvC7duYXwTgsNWucQYfmRtlJGTMVQ3wsuFzgf4TlsFMOKIu2syaq3XbFrhIy03iaU3WMQfSohpR9DYV6wO%2FfLdeZ9%2B%2B4SgTIUoicRzndTRnzH4oFCNLrwtRd2Begb7%2Bmzl4l3YN3nVqiEZ02sHIodo7RZIda1V7QrbDDb3i%2BaPoaGhG5H0zP1uwKOtwn0I6bnw6x63MA04LblzG3HLX1qo9lr18ISd%2BO02Q86BOdJjS2yiS5WJsbPMO6%2FqHCv%2B0W9WjxyqQr7BHhawA3RnXndtHsrXApjAYdNq508syg%3D%3D&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/35DF) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 31 Jan 2023 08:17:17 GMT
content-encoding
gzip
content-md5
9K2/nGCj75WAmmAI9nZNCA==
age
15434573
x-cache
HIT
content-length
19970
x-ms-lease-status
unlocked
last-modified
Thu, 04 Aug 2022 19:37:00 GMT
server
ECAcc (lhd/35DF)
etag
0x8DA7650B375AC9B
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
1880728f-601e-003a-08ec-a835be000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
ux.converged.login.strings-en-gb.min_fuswktwg1niy7dxx6qlx_w2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/
0
14 KB
Other
General
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en-gb.min_fuswktwg1niy7dxx6qlx_w2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/733f029c-6cfd-403c-9a41-6c3063491098/saml2?SAMLRequest=tZJbb%2BIwEIX%2FSuT3XBynQCxAQqCirKBFUOhuXyrjOKmrxA4ehy3769dJd3t52H3r44w8Pt%2BZM2NgddXQWWuf1FacWgHWyxYTVMrywvhoyAdFjBnj5IoljA%2FZMTnmrkyPaZQcWYIJ8g7CgNRqguIgQl4G0IpMgWXKulYUEz%2FCPsF30YjiIcWDB%2BQtnIpUzPZTT9Y2QMOw0qVUQS250aALq1UllQi4rsMhIUUUp9wf8CL3k4hwP3XSriTRgCQpjtJR2PmIkXetDRe9mwkqWAWiI9owAHkWb50ZgDCd%2BlwraGthdsKcJRf77eqdp5B5HYgWB%2F0qepBOIzw7myF5PN3%2B2N%2Fkt20%2BW67IMoGHu%2F26EfPlodysid0tnrOy%2Bba9UsvDJttezMvu%2FD3%2BdZ8nj3Ng4vqEQ2hCxgF5L3WlgPYxTFBrFNUMJFDFagHUcrqbrVfUadLGaKu5rtB03L2m%2FabNh%2Fn%2Fj7O%2FptH0k8WvsTfuf%2FvD%2BArc0BsHlS02upL80iVVM3ci%2F2LGAe47MveL%2FiltFTSCy0KK3GVYVfrn3AhmXa7WtC7WcPqq%2Bvmcp78B&RelayState=tk1.MITzgu1xRH7mJ2CilpvZI-IihPqgKhZ5bdH-APd32_0&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=csX5C39SlaDfzBnyx%2Fmanaecj4q%2FOGoKvQFTwMyL4XeiEsmvC7duYXwTgsNWucQYfmRtlJGTMVQ3wsuFzgf4TlsFMOKIu2syaq3XbFrhIy03iaU3WMQfSohpR9DYV6wO%2FfLdeZ9%2B%2B4SgTIUoicRzndTRnzH4oFCNLrwtRd2Begb7%2Bmzl4l3YN3nVqiEZ02sHIodo7RZIda1V7QrbDDb3i%2BaPoaGhG5H0zP1uwKOtwn0I6bnw6x63MA04LblzG3HLX1qo9lr18ISd%2BO02Q86BOdJjS2yiS5WJsbPMO6%2FqHCv%2B0W9WjxyqQr7BHhawA3RnXndtHsrXApjAYdNq508syg%3D%3D&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/35A5) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 31 Jan 2023 08:17:17 GMT
content-encoding
gzip
content-md5
08+jyC0emxSDN3ISNv8tjA==
age
3596787
x-cache
HIT
content-length
13936
x-ms-lease-status
unlocked
last-modified
Sat, 17 Dec 2022 08:41:30 GMT
server
ECAcc (lhd/35A5)
etag
0x8DAE00A7EA38ACE
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
0cbf1b1e-601e-0058-1c96-14ba20000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
2_bc3d32a696895f78c19df6c717586a5d.svg
aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/
2 KB
837 B
Image
General
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/359B) /
Resource Hash
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 31 Jan 2023 08:17:17 GMT
content-encoding
gzip
content-md5
DhdidjYrlCeaRJJRG/y9mA==
age
22839844
x-cache
HIT
content-length
673
x-ms-lease-status
unlocked
last-modified
Wed, 12 Feb 2020 22:01:50 GMT
server
ECAcc (lhd/359B)
etag
0x8D7B007297AE131
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
b3a7c299-201e-005c-1592-65518c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
bannerlogo
aadcdn.msftauthimages.net/c1c6b6c8-5gfhiirjqq-ybr8dqhsu3iowa1ne3ps3jk7ygmdpwcm/logintenantbranding/0/
4 KB
4 KB
Image
General
Full URL
https://aadcdn.msftauthimages.net/c1c6b6c8-5gfhiirjqq-ybr8dqhsu3iowa1ne3ps3jk7ygmdpwcm/logintenantbranding/0/bannerlogo?ts=636347699505296827
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:29:1::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b85163cad3e113041f3ac5ee224a285da343639bcf58f2e6ce9ef50e21006397

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 31 Jan 2023 08:17:16 GMT
x-azure-ref-originshield
02eDXYwAAAAB9hSbwqafMRo7UN1LWwhNWTE9OMjFFREdFMTgxOAA1OTY2NTcxNS00MjZhLTRmMWMtYTA1OS1kNWRmZDQwYWU2Yjk=
content-md5
Lwa+ROVZPfbMG4j9034rQg==
x-cache
TCP_HIT
content-length
3856
x-ms-lease-status
unlocked
last-modified
Tue, 04 Jul 2017 12:59:10 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D4C2DC76D21603
vary
Origin
x-azure-ref
0jc7YYwAAAAC0S/KQaYoESIcqyR2cZb7wTE9OMjEyMDUwNzE4MDI3ADU5NjY1NzE1LTQyNmEtNGYxYy1hMDU5LWQ1ZGZkNDBhZTZiOQ==
content-type
image/jpeg
x-ms-request-id
ffc61c18-b01e-006f-4578-34515f000000
cache-control
public, max-age=86400
x-ms-version
2009-09-19
convergedlogin_pstringcustomizationhelper_881cfed13e4de9243d02.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/
111 KB
35 KB
Script
General
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_881cfed13e4de9243d02.js
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_107jr3BDJx7vcmkFlFtgbQ2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/3718) /
Resource Hash
fab4e269d8c1f352519f80252bf81bb4aa64d33556d9f812bfdb93464c5ca234

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 31 Jan 2023 08:17:17 GMT
content-encoding
gzip
content-md5
0mK+NcE8D9/LFiugof4bnQ==
age
1503426
x-cache
HIT
content-length
35791
x-ms-lease-status
unlocked
last-modified
Tue, 10 Jan 2023 18:52:21 GMT
server
ECAcc (lhd/3718)
etag
0x8DAF33BCE8405A6
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
e08f6060-a01e-0078-489f-27c471000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
signin-options_4e48046ce74f4b89d45037c90576bfac.svg
aadcdn.msftauth.net/shared/1.0/content/images/
2 KB
772 B
Image
General
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/3589) /
Resource Hash
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 31 Jan 2023 08:17:17 GMT
content-encoding
gzip
content-md5
R2FAVxfpONfnQAuxVxXbHg==
age
22839846
x-cache
HIT
content-length
621
x-ms-lease-status
unlocked
last-modified
Tue, 10 Nov 2020 03:41:05 GMT
server
ECAcc (lhd/3589)
etag
0x8D8852A740F01B9
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
101484d9-e01e-005b-7792-654940000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository object| Telemetry object| telemetry_webpackJsonp boolean| __ConvergedLogin_PCore boolean| __ boolean| __convergedlogin_pcustomizationloader_f226dd7c4f08045ad544 boolean| __convergedlogin_pstringcustomizationhelper_881cfed13e4de9243d02

19 Cookies

Domain/Path Name / Value
tmf-group.allaccesspass.com/ Name: MoodleSession
Value: kss8cvi79kqlfhmipe10llh8l9
tmf-group.allaccesspass.com/ Name: _pk_id.7.693d
Value: 6d98668b2ffbe53c.1675153036.
tmf-group.allaccesspass.com/ Name: _pk_ses.7.693d
Value: 1
.tmf-group.allaccesspass.com/ Name: gig_canary
Value: false
.tmf-group.allaccesspass.com/ Name: gig_canary_ver
Value: 13622-3-27919215
.gigya.com/ Name: gmid
Value: gmid.ver4.AcbH5BXtaw.ObMejmb10J53FspLLTOjjS8dip3jyJrlZzGY27ALg8fcJWo-bDYKGB-RvMQ_p_r5.wz-1G3RhNDHkDdBEi12UPxCznDb1zbHKgLSIjulteXGqTvk7lPhKveyR16MsPAGgaUhNN3zb3f8nl1SvY-L5YQ.sc3
.gigya.com/ Name: ucid
Value: kFl_SLaoTIp4Rp5opW8xiw
.gigya.com/ Name: hasGmid
Value: ver4
.allaccesspass.com/ Name: gig_bootstrap_3_qOYUNdOudAGL3G4sZTUMpeCGVgPM3tSDjIgpJR5nGVPIRyrxSvX2zWd4_CsaeFq1
Value: _gigya_ver4
login.microsoftonline.com/ Name: x-ms-gateway-slice
Value: estsfd
login.microsoftonline.com/ Name: stsservicecookie
Value: estsfd
.login.microsoftonline.com/ Name: AADSSO
Value: NA|NoExtension
login.microsoftonline.com/ Name: SSOCOOKIEPULLED
Value: 1
login.microsoftonline.com/ Name: buid
Value: 0.ASAAnAI_c_1sPECaQWwwY0kQmFD06HYEicdCqG6vhdmN-JQgAAA.AQABAAEAAAD--DLA3VO7QrddgJg7WevrVZ45SMevWnqHO1ErtRvkKh1z7Et7OdgQvh6f-Vau7PQNaT7G1w_9CHHtlmI7wEjDtf2LoeUvFN4NDzVe-85Y-Ry9P8l-6Up-uIApPhP2ngAgAA
login.microsoftonline.com/ Name: fpc
Value: AmeEnercQPZLjfvSoj6PG8DNx-izAQAAAIzFatsOAAAA
.login.microsoftonline.com/ Name: esctx
Value: PAQABAAEAAAD--DLA3VO7QrddgJg7Wevr9e3RBxZ-VvswCHa-XvIrzvK9epAA_r5pT7GVvQlQyKzazqmw4G-rVvzNeBbQDHUWTZVGz-mmxtak_OUsrL9hiejZ1AV4fO0Y7jDD0WU1_26dJ2hvSUO8mMKHzEWM8QhyNbawujvgAreKI6NJuGmJXNDXQ8g1C443H4VbRaj0PqMgAA
.login.microsoftonline.com/ Name: brcap
Value: 0
.login.live.com/ Name: uaid
Value: 0583d893d4d94817b153c9812976ec13
.login.live.com/ Name: MSPRequ
Value: id=N&lt=1675153037&co=1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msftauth.net
aadcdn.msftauthimages.net
aap-prod.s3.amazonaws.com
accounts.eu1.gigya.com
analytics.franklincovey.com
cdns.eu1.gigya.com
cdns.gigya.com
login.live.com
login.microsoftonline.com
protect-eu.mimecast.com
socialize.eu1.gigya.com
tmf-group.allaccesspass.com
152.199.23.37
2.18.36.250
20.190.160.14
2606:4700::6811:7c6b
2606:4700::6811:9e2f
2620:1ec:29:1::60
40.126.32.136
52.17.121.244
52.218.250.83
91.220.42.215
02144e8967d6201e0d659c44b4ebf1cc8fbddeb3e0b87b0f02a65926975305f2
0643b89f1c7ee48d7c6924f3218038573e96a141d4cabb8245f2b6e1cc114aa7
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
13eaaadfa414f262b7964320054bb2b322b9ef9f3522bc25c9d60dc83b5141cf
1b83739220d79ca81b1b6d3c8f92bd9d2093496f5898408256735938d5fff543
244ff779cc4a0d32d8a21e1dceece94080b39c4b2c77ab5c0a772f333db71216
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3195ad9f8f03f61bbc60571b47b67ba7e41b0cf29e881ab188ff2dadf766e073
356a02f3243113778274eaee7c110df2a21c16bd1e6e866678cc0f508351c462
44e1c6e07e9368fef34008b5c7219e220bf4af5e67dd052392670cf73aac5540
464dc53c29fe2f42628ffc7f81a0fc50d8b0d37f15c4dba9b7b13058f0750cc7
5161500cbb6467de992929edd8df2309e6fe04255d316f8a22215c1509602674
5d7a477e8182a917efb1ec5c17415696627980510224b98c164ece2575eea4bf
621c0f52571ccff5dab81de13db26fda4b4a7dad83a01827c9139571023abea4
62422ec91c58f61dc9c09f25720d9f8df4805f80ba756668b17e3875b6a54ea1
7882199766af67996985bc27a2da42c974810bb9e4f04e093d5ecb64bf64182e
7eb61ba5b02c939a8985c145a24985cb3b4e3cadfcfc00fa5bca76aa0d8c5238
88425afc6e97c1d162e0a355b790dc4e020ff80b632e5649697dca5bc784002d
8c1a4c25634d5841924aab1848acc9dcbc3d5672183053c8b71ff2139b65d7c3
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
99a0b3faced06a4d7485f9a9210d14ac44fefc5adfaa7aa6845447e8805d0090
9ce0dbd6a1df9332653e27d1ddc505c5b78fd82b4112de0ec63840c3fbe0b8c2
a657b600443c7126389a66345910803fc8d868421fb5e13900cbe7fe092e8934
afefe583c5a695189962783424716b19758b2a08e71480cb91a73c88c98a20be
b22fc156c87081fbd745b1742898bbba5755a779d86ada9489c08196cd4d55c8
b85163cad3e113041f3ac5ee224a285da343639bcf58f2e6ce9ef50e21006397
c4cc4d14d94d940a82ceb24dc9c9ae9d4573a436e1369db31f2d9c2b1546fe18
c8edda064d7c63f7054917d4b362a21f658c30402bbb3a2e0c2b068da5d87764
d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693
d9e07890edf5f6f350ef465b37479fc6192923e60e64d9f20af37eb3b011cc66
e2693bee38bf9cc49ab4041c9f78fc3f1ca05e3a55fb3f9b39d4eae1b0df8c7b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec9d65cb26cade9adcf9c012734551cf8c86c49a1ff45fef12662ae42f312e3f
fab4e269d8c1f352519f80252bf81bb4aa64d33556d9f812bfdb93464c5ca234
fbd5b8255a99afe96e89a88423275ed4e93083fad3311dd349906122e63206a0
fc4c1a8c5447971819550a55d0150bc7c46b025dcee14e8ec29edb0b7ab2f487