stg-login.moodysanalytics.com Open in urlscan Pro
76.223.112.12 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://qa.quiqspread.moodysanalytics.net/
Effective URL:
https://stg-login.moodysanalytics.com/login/login.htm?fromURI=%2Fapp%2Fstg-moodysanalytics_ssov2saml_1%2FexkcdvlzsyuBISSdY697%2Fsso%2F...
Submission: On May 18 via api (May 18th 2024, 11:42:10 am UTC) from US — Scanned from DE

Summary HTTP 49 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 3 countries across 11 domains to perform 49 HTTP transactions. The main IP is 76.223.112.12, located in and belongs to . The main domain is stg-login.moodysanalytics.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on May 6th 2024. Valid for: a year.

This is the only time stg-login.moodysanalytics.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	18.244.18.40 18.244.18.40	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1 6	54.189.123.176 54.189.123.176	16509 (AMAZON-02) (AMAZON-02)
5	2600:9000:249... 2600:9000:2490:6400:1b:9558:2140:93a1	16509 (AMAZON-02) (AMAZON-02)
1	13.32.27.5 13.32.27.5	16509 (AMAZON-02) (AMAZON-02)
2	34.225.48.49 34.225.48.49	14618 (AMAZON-AES) (AMAZON-AES)
6	23.207.110.35 23.207.110.35	16625 (AKAMAI-AS) (AKAMAI-AS)
6	2600:9000:235... 2600:9000:235a:a600:1:bff1:b00:93a1	() ()
3	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
1 1	54.68.12.220 54.68.12.220	() ()
1 1	2606:4700:440... 2606:4700:4400::6812:2bca	() ()
1 1	2600:1f14:917... 2600:1f14:917:5701:3d62:1e13:8cab:d2ee	() ()
1 2	76.223.112.12 76.223.112.12	() ()
49	11

7 18.244.18.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-40.fra56.r.cloudfront.net

qa.quiqspread.moodysanalytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.189.123.176 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-189-123-176.us-west-2.compute.amazonaws.com

qa-api.sso.moodysanalytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2490:6400:1b:9558:2140:93a1 (United States)

ASN16509 (AMAZON-02, US)

qa.banking.moodysanalytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-5.fra56.r.cloudfront.net

cdn.heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.225.48.49 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-48-49.compute-1.amazonaws.com

heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.207.110.35 (Schiphol, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-207-110-35.deploy.static.akamaitechnologies.com

cdn.walkme.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:235a:a600:1:bff1:b00:93a1 (None, )

ASN- ()

qa.webcomponents.moodysanalytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.68.12.220 (None, ) 1 redirects

ASN- ()

qa-auth.rafa.moodysanalytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2bca (None, ) 1 redirects

ASN- ()

login.map-canary.moodys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f14:917:5701:3d62:1e13:8cab:d2ee (None, ) 1 redirects

ASN- ()

canary-auth.auth.us-west-2.amazoncognito.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.112.12 (None, ) 1 redirects

ASN- ()

stg-login.moodysanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	moodysanalytics.net 2 redirects qa.quiqspread.moodysanalytics.net qa-api.sso.moodysanalytics.net qa.banking.moodysanalytics.net Failed qa.webcomponents.moodysanalytics.net qa-auth.rafa.moodysanalytics.net	9 MB
6	walkme.com cdn.walkme.com — Cisco Umbrella Rank: 1463	443 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	2 KB
3	heapanalytics.com cdn.heapanalytics.com — Cisco Umbrella Rank: 1984 heapanalytics.com — Cisco Umbrella Rank: 1452	39 KB
3	gstatic.com fonts.gstatic.com	42 KB
2	moodysanalytics.com 1 redirects stg-login.moodysanalytics.com	16 KB
1	amazoncognito.com 1 redirects canary-auth.auth.us-west-2.amazoncognito.com	2 KB
1	moodys.com stg.moodys.com Failed login.map-canary.moodys.com	569 B
0	amazonaws.com Failed okta-login-chiclet.s3.amazonaws.com Failed
0	oktacdn.com Failed ok14static.oktacdn.com Failed
0	recaptcha.net Failed www.recaptcha.net Failed
49	11

	Domain	Requested by
7	qa.quiqspread.moodysanalytics.net	qa.quiqspread.moodysanalytics.net
6	qa.webcomponents.moodysanalytics.net	qa.banking.moodysanalytics.net
6	cdn.walkme.com	qa.banking.moodysanalytics.net cdn.walkme.com
6	qa-api.sso.moodysanalytics.net	1 redirects qa.quiqspread.moodysanalytics.net qa.banking.moodysanalytics.net
5	qa.banking.moodysanalytics.net	qa.quiqspread.moodysanalytics.net qa.banking.moodysanalytics.net
3	fonts.googleapis.com	qa.banking.moodysanalytics.net
3	fonts.gstatic.com	qa.quiqspread.moodysanalytics.net fonts.googleapis.com
2	stg-login.moodysanalytics.com	1 redirects qa.banking.moodysanalytics.net
2	heapanalytics.com	qa.banking.moodysanalytics.net
1	canary-auth.auth.us-west-2.amazoncognito.com	1 redirects
1	login.map-canary.moodys.com	1 redirects
1	qa-auth.rafa.moodysanalytics.net	1 redirects
1	cdn.heapanalytics.com	qa.banking.moodysanalytics.net
0	okta-login-chiclet.s3.amazonaws.com Failed	stg-login.moodysanalytics.com
0	ok14static.oktacdn.com Failed	stg-login.moodysanalytics.com
0	www.recaptcha.net Failed	stg-login.moodysanalytics.com
0	stg.moodys.com Failed	qa.banking.moodysanalytics.net
49	17

This site contains no links.

Subject Issuer	Validity	Valid
*.quiqspread.moodysanalytics.net Entrust Certification Authority - L1K	`2024-02-02` - `2025-03-02`	a year	crt.sh
*.gstatic.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.sso.moodysanalytics.net Entrust Certification Authority - L1K	`2024-02-02` - `2025-03-02`	a year	crt.sh
*.banking.moodysanalytics.net Entrust Certification Authority - L1K	`2024-02-02` - `2025-03-02`	a year	crt.sh
cdn.heapanalytics.com Amazon RSA 2048 M01	`2023-06-29` - `2024-07-27`	a year	crt.sh
heapanalytics.com Amazon RSA 2048 M02	`2023-11-09` - `2024-12-08`	a year	crt.sh
walkme.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-04` - `2024-12-03`	a year	crt.sh
*.webcomponents.moodysanalytics.net Entrust Certification Authority - L1K	`2024-02-02` - `2025-03-02`	a year	crt.sh
upload.video.google.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
stg-login.moodysanalytics.com Entrust Certification Authority - L1K	`2024-05-06` - `2025-05-19`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://stg-login.moodysanalytics.com/login/login.htm?fromURI=%2Fapp%2Fstg-moodysanalytics_ssov2saml_1%2FexkcdvlzsyuBISSdY697%2Fsso%2Fsaml%3FSAMLRequest%3DfVJbT8IwGH33Vyx9724M2Ro2gxoTEnwRMNEX8tEVqG7t7Neh89dbBhj1wZeml3P5ck7HVx915e2FQalVTiI%252FJJ5QXJdSbXOyXNzRlFwVF2OEuoobNmntTj2It1ag9SaIwljHu9EK21qYuTB7ycXyYZaTnbUNsiDgoMB0FBzR75cW6btj09iHGj6189oqabXPdR30LoEsGyOwcaKCeLcOKxXYfryzKNotrfRWKr%252FWuuzQeVSdlRx7FWiaHvHnbYWo9%252FHBYhUF4uOVl%252FvqE7v2ejqfl0%252BX2ShwgH4E4k1vc7IahEkKWTakack3NMmylKZw6XawXosYBqNEJA6K2IqpQgvK5iQO44SGQxqliyhiSczCzA8Hw2fiPZ4zjg8Zu9QVsmOqOWmNYhpQIlNQC2SWs%252FnkfsYclDVGW811RYpjCaw3NN6dNjXY%252F7mHG1nSTQ9lQllpu1%252Fe%252F9PhXDApDrBjX%252BxUGMOGfXe52rXrCs3mRY6Dn1MWp%252BPvn1N8AQ%253D%253D%26RelayState%3DH4sIAAAAAAAAAD1R2ZLaMBD8Fz0jY8uneFtMWCAhy8acm0pRkiVj4UPGkjGQyr9HbFXyouma7ulR9fwGBIxAp2DPlYbomHe0VG12FmAAqGGUklcElT5BWWhimqlpEtacCu27HaNNfkW5DHDWnqv8bHhm-FzrRo2Gw1KeRG1VpIEpqUl7tyop2V1ZqayGknQ6R8OrM8w44y3R3IjKkpK0MC7cuKSScQMzA5OX5TcDT2D0E5D-aXCqhZaWEqbWVqd4axFWifo5WhFRmiobXgtmQJPL-mnUtDITJQe_BiA3npgiP4hQAFPmYOg5fgAxZTak2HZYhDyf0tRMFUY6m_YinBCRPGbZbsPI-oZex_2PmDdJMfnovf7Kj-VFbQ7x9fZW6_Cm4qU9iZz1frkt-ixpy9l21fpLMd2L-7l2vl_gmWw3pJgVyXzp36fj7U6vmrH78bqV8J68d_HXN3dxucQLH6W7L3Qx3p_7VezMl2varET3mOv3-cuk2x2kUz_KU5_MH-MiP0w98-Pymd1n3vCZsfX5_L-wRSrykPW_BM0pzEgFRk7oBLaLfIRNUmCUkVLxAWiNV8idIHRxAF3fY9CjEYfYtxHEge0znBEnRM-12kiPru1FBGMfRizNoIdxBCMSGEQo5Yi4occ98Ocvo5MAOXUCAAA.H4sIAAAAAAAAAPNR5XCZHWZav2WyktRLPvvv56eecLY9d3Hxk1cHO8LZMqoAIcAcMCAAAAA.3
Frame ID: E862941168833FFA9991E1D0A24F6E2B
Requests: 48 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://qa.quiqspread.moodysanalytics.net/ Page URL
https://qa.banking.moodysanalytics.net/federatedlogin?referrerurl=https%3A%2F%2Fqa.quiqspread.moodysanalytics.net%2F Page URL
https://qa-api.sso.moodysanalytics.net/sso-api/auth/ma/login HTTP 302
https://qa-auth.rafa.moodysanalytics.net/oauth2/authorize?scope=openid&response_type=code&redirect_uri=https%3A%2F%2F... HTTP 302
https://login.map-canary.moodys.com/oauth2/v1/authorize?scope=openid&response_type=code&redirect_uri=https%3A%2F... HTTP 302
https://canary-auth.auth.us-west-2.amazoncognito.com/oauth2/authorize?identity_provider=ssov2-stg-okta&redirect_uri=https://login... HTTP 302
https://stg-login.moodysanalytics.com/app/stg-moodysanalytics_ssov2saml_1/exkcdvlzsyuBISSdY697/sso/saml?SAMLReques... HTTP 302
https://stg-login.moodysanalytics.com/login/login.htm?fromURI=%2Fapp%2Fstg-moodysanalytics_ssov2saml_1%2Fexkcdvlzs... Page URL

Detected technologies

Heap (Analytics) Expand

Overall confidence: 100%
Detected patterns

heap-\d+\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

49
Requests

80 %
HTTPS

46 %
IPv6

11
Domains

17
Subdomains

11
IPs

3
Countries

9770 kB
Transfer

11276 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://qa.quiqspread.moodysanalytics.net/ Page URL
https://qa.banking.moodysanalytics.net/federatedlogin?referrerurl=https%3A%2F%2Fqa.quiqspread.moodysanalytics.net%2F Page URL
https://qa-api.sso.moodysanalytics.net/sso-api/auth/ma/login HTTP 302
https://qa-auth.rafa.moodysanalytics.net/oauth2/authorize?scope=openid&response_type=code&redirect_uri=https%3A%2F%2Fqa-api.sso.moodysanalytics.net%2Fsso-api%2Fauth%2Fma%2FcallBack&client_id=mM3er81UA2MtrElfci1PLQxzfaIa HTTP 302
https://login.map-canary.moodys.com/oauth2/v1/authorize?scope=openid&response_type=code&redirect_uri=https%3A%2F%2Fqa-auth.rafa.moodysanalytics.net%2Fcommonauth&state=841bc568-2b78-4669-90e7-f08ae5cbd5c6%2COIDC&client_id=c9bd587194b141d8b0930e660e256743 HTTP 302
https://canary-auth.auth.us-west-2.amazoncognito.com/oauth2/authorize?identity_provider=ssov2-stg-okta&redirect_uri=https://login.map-canary.moodys.com/oauth2/v1/federate-callback&response_type=code&state=9b256826-cd19-4156-9bd0-b901d8245bbc&client_id=adpgkt53udbphv2ho69frjmhj HTTP 302
https://stg-login.moodysanalytics.com/app/stg-moodysanalytics_ssov2saml_1/exkcdvlzsyuBISSdY697/sso/saml?SAMLRequest=fVJbT8IwGH33Vyx9724M2Ro2gxoTEnwRMNEX8tEVqG7t7Neh89dbBhj1wZeml3P5ck7HVx915e2FQalVTiI%2FJJ5QXJdSbXOyXNzRlFwVF2OEuoobNmntTj2It1ag9SaIwljHu9EK21qYuTB7ycXyYZaTnbUNsiDgoMB0FBzR75cW6btj09iHGj6189oqabXPdR30LoEsGyOwcaKCeLcOKxXYfryzKNotrfRWKr%2FWuuzQeVSdlRx7FWiaHvHnbYWo9%2FHBYhUF4uOVl%2FvqE7v2ejqfl0%2BX2ShwgH4E4k1vc7IahEkKWTakack3NMmylKZw6XawXosYBqNEJA6K2IqpQgvK5iQO44SGQxqliyhiSczCzA8Hw2fiPZ4zjg8Zu9QVsmOqOWmNYhpQIlNQC2SWs%2FnkfsYclDVGW811RYpjCaw3NN6dNjXY%2F7mHG1nSTQ9lQllpu1%2Fe%2F9PhXDApDrBjX%2BxUGMOGfXe52rXrCs3mRY6Dn1MWp%2BPvn1N8AQ%3D%3D&RelayState=H4sIAAAAAAAAAD1R2ZLaMBD8Fz0jY8uneFtMWCAhy8acm0pRkiVj4UPGkjGQyr9HbFXyouma7ulR9fwGBIxAp2DPlYbomHe0VG12FmAAqGGUklcElT5BWWhimqlpEtacCu27HaNNfkW5DHDWnqv8bHhm-FzrRo2Gw1KeRG1VpIEpqUl7tyop2V1ZqayGknQ6R8OrM8w44y3R3IjKkpK0MC7cuKSScQMzA5OX5TcDT2D0E5D-aXCqhZaWEqbWVqd4axFWifo5WhFRmiobXgtmQJPL-mnUtDITJQe_BiA3npgiP4hQAFPmYOg5fgAxZTak2HZYhDyf0tRMFUY6m_YinBCRPGbZbsPI-oZex_2PmDdJMfnovf7Kj-VFbQ7x9fZW6_Cm4qU9iZz1frkt-ixpy9l21fpLMd2L-7l2vl_gmWw3pJgVyXzp36fj7U6vmrH78bqV8J68d_HXN3dxucQLH6W7L3Qx3p_7VezMl2varET3mOv3-cuk2x2kUz_KU5_MH-MiP0w98-Pymd1n3vCZsfX5_L-wRSrykPW_BM0pzEgFRk7oBLaLfIRNUmCUkVLxAWiNV8idIHRxAF3fY9CjEYfYtxHEge0znBEnRM-12kiPru1FBGMfRizNoIdxBCMSGEQo5Yi4occ98Ocvo5MAOXUCAAA.H4sIAAAAAAAAAPNR5XCZHWZav2WyktRLPvvv56eecLY9d3Hxk1cHO8LZMqoAIcAcMCAAAAA.3 HTTP 302
https://stg-login.moodysanalytics.com/login/login.htm?fromURI=%2Fapp%2Fstg-moodysanalytics_ssov2saml_1%2FexkcdvlzsyuBISSdY697%2Fsso%2Fsaml%3FSAMLRequest%3DfVJbT8IwGH33Vyx9724M2Ro2gxoTEnwRMNEX8tEVqG7t7Neh89dbBhj1wZeml3P5ck7HVx915e2FQalVTiI%252FJJ5QXJdSbXOyXNzRlFwVF2OEuoobNmntTj2It1ag9SaIwljHu9EK21qYuTB7ycXyYZaTnbUNsiDgoMB0FBzR75cW6btj09iHGj6189oqabXPdR30LoEsGyOwcaKCeLcOKxXYfryzKNotrfRWKr%252FWuuzQeVSdlRx7FWiaHvHnbYWo9%252FHBYhUF4uOVl%252FvqE7v2ejqfl0%252BX2ShwgH4E4k1vc7IahEkKWTakack3NMmylKZw6XawXosYBqNEJA6K2IqpQgvK5iQO44SGQxqliyhiSczCzA8Hw2fiPZ4zjg8Zu9QVsmOqOWmNYhpQIlNQC2SWs%252FnkfsYclDVGW811RYpjCaw3NN6dNjXY%252F7mHG1nSTQ9lQllpu1%252Fe%252F9PhXDApDrBjX%252BxUGMOGfXe52rXrCs3mRY6Dn1MWp%252BPvn1N8AQ%253D%253D%26RelayState%3DH4sIAAAAAAAAAD1R2ZLaMBD8Fz0jY8uneFtMWCAhy8acm0pRkiVj4UPGkjGQyr9HbFXyouma7ulR9fwGBIxAp2DPlYbomHe0VG12FmAAqGGUklcElT5BWWhimqlpEtacCu27HaNNfkW5DHDWnqv8bHhm-FzrRo2Gw1KeRG1VpIEpqUl7tyop2V1ZqayGknQ6R8OrM8w44y3R3IjKkpK0MC7cuKSScQMzA5OX5TcDT2D0E5D-aXCqhZaWEqbWVqd4axFWifo5WhFRmiobXgtmQJPL-mnUtDITJQe_BiA3npgiP4hQAFPmYOg5fgAxZTak2HZYhDyf0tRMFUY6m_YinBCRPGbZbsPI-oZex_2PmDdJMfnovf7Kj-VFbQ7x9fZW6_Cm4qU9iZz1frkt-ixpy9l21fpLMd2L-7l2vl_gmWw3pJgVyXzp36fj7U6vmrH78bqV8J68d_HXN3dxucQLH6W7L3Qx3p_7VezMl2varET3mOv3-cuk2x2kUz_KU5_MH-MiP0w98-Pymd1n3vCZsfX5_L-wRSrykPW_BM0pzEgFRk7oBLaLfIRNUmCUkVLxAWiNV8idIHRxAF3fY9CjEYfYtxHEge0znBEnRM-12kiPru1FBGMfRizNoIdxBCMSGEQo5Yi4occ98Ocvo5MAOXUCAAA.H4sIAAAAAAAAAPNR5XCZHWZav2WyktRLPvvv56eecLY9d3Hxk1cHO8LZMqoAIcAcMCAAAAA.3 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

49 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
qa.quiqspread.moodysanalytics.net/ 33 KB
33 KB 741ms
652ms Document
text/html 18.244.18.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://qa.quiqspread.moodysanalytics.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-40.fra56.r.cloudfront.net

Software

none /

Resource Hash

50dcb4909a55e546015eb1ae8166fdbb766575b07122a95d573c7217b822a9f7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self' https: .moodysanalytics.net; font-src 'self' https: .moodysanalytics.net .walkme.com .googleapis.com .gstatic.com data:; img-src 'self' https: .moodysanalytics.net .dtn.com .walkme.com s3.walkmeusercontent.com d3sbxpiag177w8.cloudfront.net data: blob:; style-src 'self' 'unsafe-inline' https: .moodysanalytics.net .walkme.com .googleapis.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: .moodysanalytics.net .dtn.com .walkme.com .googleapis.com .heapanalytics.com; frame-src 'self' https: .walkme.com; worker-src 'self' blob: ; connect-src https: wss: .moodysanalytics.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
content-length: 33299
content-security-policy: upgrade-insecure-requests; default-src 'self' https: *.moodysanalytics.net; font-src 'self' https: *.moodysanalytics.net *.walkme.com *.googleapis.com *.gstatic.com data:; img-src 'self' https: *.moodysanalytics.net *.dtn.com *.walkme.com s3.walkmeusercontent.com d3sbxpiag177w8.cloudfront.net data: blob:; style-src 'self' 'unsafe-inline' https: *.moodysanalytics.net *.walkme.com *.googleapis.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: *.moodysanalytics.net *.dtn.com *.walkme.com *.googleapis.com *.heapanalytics.com; frame-src 'self' https: *.walkme.com; worker-src 'self' blob: ; connect-src https: wss: *.moodysanalytics.net;
content-type: text/html
date: Sat, 18 May 2024 11:41:58 GMT
etag: "765764c80406d511775b2d0e4122097f"
last-modified: Thu, 16 May 2024 14:32:46 GMT
server: none
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 e4f83d72be7853fbcceb590827a5b68a.cloudfront.net (CloudFront)
x-amz-cf-id: fAkE8fhjl_850qxwNgCpbBa_3nPKZ08mKPZWBjaEG2WioW4Hsxa73A==
x-amz-cf-pop: FRA56-P11
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 styles.7af4ea555ad0c58f.css
qa.quiqspread.moodysanalytics.net/ 988 KB
990 KB 680ms
677ms Stylesheet
text/css 18.244.18.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://qa.quiqspread.moodysanalytics.net/styles.7af4ea555ad0c58f.css

Requested by

Host: qa.quiqspread.moodysanalytics.net
URL: https://qa.quiqspread.moodysanalytics.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-40.fra56.r.cloudfront.net

Software

none /

Resource Hash

6b35c4c36a5d864095fe0b92858ca27984d266e2023edb3ee2ea34a3bedb2d83

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self' https: .moodysanalytics.net; font-src 'self' https: .moodysanalytics.net .walkme.com .googleapis.com .gstatic.com data:; img-src 'self' https: .moodysanalytics.net .dtn.com .walkme.com s3.walkmeusercontent.com d3sbxpiag177w8.cloudfront.net data: blob:; style-src 'self' 'unsafe-inline' https: .moodysanalytics.net .walkme.com .googleapis.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: .moodysanalytics.net .dtn.com .walkme.com .googleapis.com .heapanalytics.com; frame-src 'self' https: .walkme.com; worker-src 'self' blob: ; connect-src https: wss: .moodysanalytics.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://qa.quiqspread.moodysanalytics.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 18 May 2024 11:41:59 GMT
via: 1.1 e4f83d72be7853fbcceb590827a5b68a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests; default-src 'self' https: *.moodysanalytics.net; font-src 'self' https: *.moodysanalytics.net *.walkme.com *.googleapis.com *.gstatic.com data:; img-src 'self' https: *.moodysanalytics.net *.dtn.com *.walkme.com s3.walkmeusercontent.com d3sbxpiag177w8.cloudfront.net data: blob:; style-src 'self' 'unsafe-inline' https: *.moodysanalytics.net *.walkme.com *.googleapis.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: *.moodysanalytics.net *.dtn.com *.walkme.com *.googleapis.com *.heapanalytics.com; frame-src 'self' https: *.walkme.com; worker-src 'self' blob: ; connect-src https: wss: *.moodysanalytics.net;
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P11
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 1011280
x-xss-protection: 0
last-modified: Thu, 16 May 2024 14:32:46 GMT
server: none
etag: "f6bff459b2ba29e6f444449558088bc7"
x-frame-options: SAMEORIGIN
content-type: text/css
accept-ranges: bytes
x-amz-cf-id: HCWMVNFunEtRxMTqB1JedbjzlTy0Xr1XEDnsMDEWtJf9zghxakN2-g==

GET
H2 200 runtime.65e2d0c1a663d4f3.js Show response
qa.quiqspread.moodysanalytics.net/ 3 KB
4 KB 667ms
665ms Script
application/javascript 18.244.18.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://qa.quiqspread.moodysanalytics.net/runtime.65e2d0c1a663d4f3.js

Requested by

Host: qa.quiqspread.moodysanalytics.net
URL: https://qa.quiqspread.moodysanalytics.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-40.fra56.r.cloudfront.net

Software

none /

Resource Hash

ae9d0912b9e5adb4f3f852f67bcd31c96bcae0c4cdeadde200985489f3709254

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self' https: .moodysanalytics.net; font-src 'self' https: .moodysanalytics.net .walkme.com .googleapis.com .gstatic.com data:; img-src 'self' https: .moodysanalytics.net .dtn.com .walkme.com s3.walkmeusercontent.com d3sbxpiag177w8.cloudfront.net data: blob:; style-src 'self' 'unsafe-inline' https: .moodysanalytics.net .walkme.com .googleapis.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: .moodysanalytics.net .dtn.com .walkme.com .googleapis.com .heapanalytics.com; frame-src 'self' https: .walkme.com; worker-src 'self' blob: ; connect-src https: wss: .moodysanalytics.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://qa.quiqspread.moodysanalytics.net/
Origin: https://qa.quiqspread.moodysanalytics.net
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 18 May 2024 11:41:59 GMT
via: 1.1 e4f83d72be7853fbcceb590827a5b68a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests; default-src 'self' https: *.moodysanalytics.net; font-src 'self' https: *.moodysanalytics.net *.walkme.com *.googleapis.com *.gstatic.com data:; img-src 'self' https: *.moodysanalytics.net *.dtn.com *.walkme.com s3.walkmeusercontent.com d3sbxpiag177w8.cloudfront.net data: blob:; style-src 'self' 'unsafe-inline' https: *.moodysanalytics.net *.walkme.com *.googleapis.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: *.moodysanalytics.net *.dtn.com *.walkme.com *.googleapis.com *.heapanalytics.com; frame-src 'self' https: *.walkme.com; worker-src 'self' blob: ; connect-src https: wss: *.moodysanalytics.net;
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P11
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 2840
x-xss-protection: 0
last-modified: Thu, 16 May 2024 14:32:46 GMT
server: none
etag: "24900890220b7860ae5314f96c87710c"
x-frame-options: SAMEORIGIN
content-type: application/javascript
accept-ranges: bytes
x-amz-cf-id: VBosbmCZwoIljlsLXeoMD_LCpSXeVKVp8pTif2HtFaVU7GXMaarnnw==

GET
H2 200 polyfills.771eb7227365647b.js Show response
qa.quiqspread.moodysanalytics.net/ 33 KB
34 KB 681ms
679ms Script
application/javascript 18.244.18.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://qa.quiqspread.moodysanalytics.net/polyfills.771eb7227365647b.js

Requested by

Host: qa.quiqspread.moodysanalytics.net
URL: https://qa.quiqspread.moodysanalytics.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-40.fra56.r.cloudfront.net

Software

none /

Resource Hash

72314fdda8c489ed53881a99b42ab4f6d60254bcee5c78079985c39b80820ce8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self' https: .moodysanalytics.net; font-src 'self' https: .moodysanalytics.net .walkme.com .googleapis.com .gstatic.com data:; img-src 'self' https: .moodysanalytics.net .dtn.com .walkme.com s3.walkmeusercontent.com d3sbxpiag177w8.cloudfront.net data: blob:; style-src 'self' 'unsafe-inline' https: .moodysanalytics.net .walkme.com .googleapis.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: .moodysanalytics.net .dtn.com .walkme.com .googleapis.com .heapanalytics.com; frame-src 'self' https: .walkme.com; worker-src 'self' blob: ; connect-src https: wss: .moodysanalytics.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://qa.quiqspread.moodysanalytics.net/
Origin: https://qa.quiqspread.moodysanalytics.net
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 18 May 2024 11:41:59 GMT
via: 1.1 e4f83d72be7853fbcceb590827a5b68a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests; default-src 'self' https: *.moodysanalytics.net; font-src 'self' https: *.moodysanalytics.net *.walkme.com *.googleapis.com *.gstatic.com data:; img-src 'self' https: *.moodysanalytics.net *.dtn.com *.walkme.com s3.walkmeusercontent.com d3sbxpiag177w8.cloudfront.net data: blob:; style-src 'self' 'unsafe-inline' https: *.moodysanalytics.net *.walkme.com *.googleapis.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: *.moodysanalytics.net *.dtn.com *.walkme.com *.googleapis.com *.heapanalytics.com; frame-src 'self' https: *.walkme.com; worker-src 'self' blob: ; connect-src https: wss: *.moodysanalytics.net;
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P11
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 33849
x-xss-protection: 0
last-modified: Thu, 16 May 2024 14:32:46 GMT
server: none
etag: "8bf64d45d9d35acffd14357b577f63ac"
x-frame-options: SAMEORIGIN
content-type: application/javascript
accept-ranges: bytes
x-amz-cf-id: -7rG-YxbG3xi04Vh3vz-ppdeqedGIwKz9iGHqfDXvZqHWS2ily9qwA==

GET
H2 200 main.a30e7b1bda86c804.js Show response
qa.quiqspread.moodysanalytics.net/ 3 MB
3 MB 684ms
683ms Script
application/javascript 18.244.18.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://qa.quiqspread.moodysanalytics.net/main.a30e7b1bda86c804.js

Requested by

Host: qa.quiqspread.moodysanalytics.net
URL: https://qa.quiqspread.moodysanalytics.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-40.fra56.r.cloudfront.net

Software

none /

Resource Hash

657441cdebca95ae1b225ba7e33b7850737d1d075a666ca928f3c1ef507b29fd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self' https: .moodysanalytics.net; font-src 'self' https: .moodysanalytics.net .walkme.com .googleapis.com .gstatic.com data:; img-src 'self' https: .moodysanalytics.net .dtn.com .walkme.com s3.walkmeusercontent.com d3sbxpiag177w8.cloudfront.net data: blob:; style-src 'self' 'unsafe-inline' https: .moodysanalytics.net .walkme.com .googleapis.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: .moodysanalytics.net .dtn.com .walkme.com .googleapis.com .heapanalytics.com; frame-src 'self' https: .walkme.com; worker-src 'self' blob: ; connect-src https: wss: .moodysanalytics.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://qa.quiqspread.moodysanalytics.net/
Origin: https://qa.quiqspread.moodysanalytics.net
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 18 May 2024 11:41:59 GMT
via: 1.1 e4f83d72be7853fbcceb590827a5b68a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests; default-src 'self' https: *.moodysanalytics.net; font-src 'self' https: *.moodysanalytics.net *.walkme.com *.googleapis.com *.gstatic.com data:; img-src 'self' https: *.moodysanalytics.net *.dtn.com *.walkme.com s3.walkmeusercontent.com d3sbxpiag177w8.cloudfront.net data: blob:; style-src 'self' 'unsafe-inline' https: *.moodysanalytics.net *.walkme.com *.googleapis.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: *.moodysanalytics.net *.dtn.com *.walkme.com *.googleapis.com *.heapanalytics.com; frame-src 'self' https: *.walkme.com; worker-src 'self' blob: ; connect-src https: wss: *.moodysanalytics.net;
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P11
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 3316890
x-xss-protection: 0
last-modified: Thu, 16 May 2024 14:32:46 GMT
server: none
etag: "08061731c02823daa7bde66469517254"
x-frame-options: SAMEORIGIN
content-type: application/javascript
accept-ranges: bytes
x-amz-cf-id: hsmUrvKFR7G5rIIMaOG63pwEhuVqFXojo6bN0PNvcP3OzR6krYfIOw==

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v30/ 11 KB
11 KB 80ms
21ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: qa.quiqspread.moodysanalytics.net
URL: https://qa.quiqspread.moodysanalytics.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://qa.quiqspread.moodysanalytics.net/
Origin: https://qa.quiqspread.moodysanalytics.net
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 07:45:36 GMT
x-content-type-options: nosniff
age: 359781
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11028
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 May 2025 07:45:36 GMT

OPTIONS
H2 200 ssotoken
qa-api.sso.moodysanalytics.net/sso-api/auth/ 0
0 640ms
205ms Preflight 54.189.123.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://qa-api.sso.moodysanalytics.net/sso-api/auth/ssotoken
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.189.123.176 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-189-123-176.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-moodys-app
Access-Control-Request-Method: GET
Origin: https://qa.quiqspread.moodysanalytics.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-moodys-app
access-control-allow-methods: GET
access-control-allow-origin: https://qa.quiqspread.moodysanalytics.net
access-control-max-age: 3600
content-length: 0
date: Sat, 18 May 2024 11:42:03 GMT
server: nginx
vary: Origin

GET
H2 200 app.config.json Show response
qa.quiqspread.moodysanalytics.net/assets/config/ 221 B
1 KB 642ms
642ms XHR
application/json 18.244.18.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://qa.quiqspread.moodysanalytics.net/assets/config/app.config.json

Requested by

Host: qa.quiqspread.moodysanalytics.net
URL: https://qa.quiqspread.moodysanalytics.net/polyfills.771eb7227365647b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-40.fra56.r.cloudfront.net

Software

none /

Resource Hash

92ec95e67445b09853141cfe20f2d267bf24bf23f8da8fe77647db168cf62caf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self' https: .moodysanalytics.net; font-src 'self' https: .moodysanalytics.net .walkme.com .googleapis.com .gstatic.com data:; img-src 'self' https: .moodysanalytics.net .dtn.com .walkme.com s3.walkmeusercontent.com d3sbxpiag177w8.cloudfront.net data: blob:; style-src 'self' 'unsafe-inline' https: .moodysanalytics.net .walkme.com .googleapis.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: .moodysanalytics.net .dtn.com .walkme.com .googleapis.com .heapanalytics.com; frame-src 'self' https: .walkme.com; worker-src 'self' blob: ; connect-src https: wss: .moodysanalytics.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/json, text/plain, */*
Referer: https://qa.quiqspread.moodysanalytics.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 18 May 2024 11:42:04 GMT
via: 1.1 e4f83d72be7853fbcceb590827a5b68a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests; default-src 'self' https: *.moodysanalytics.net; font-src 'self' https: *.moodysanalytics.net *.walkme.com *.googleapis.com *.gstatic.com data:; img-src 'self' https: *.moodysanalytics.net *.dtn.com *.walkme.com s3.walkmeusercontent.com d3sbxpiag177w8.cloudfront.net data: blob:; style-src 'self' 'unsafe-inline' https: *.moodysanalytics.net *.walkme.com *.googleapis.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: *.moodysanalytics.net *.dtn.com *.walkme.com *.googleapis.com *.heapanalytics.com; frame-src 'self' https: *.walkme.com; worker-src 'self' blob: ; connect-src https: wss: *.moodysanalytics.net;
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P11
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 221
x-xss-protection: 0
last-modified: Thu, 16 May 2024 14:32:46 GMT
server: none
etag: "33721fb15fff01caad0a315abbe7f887"
x-frame-options: SAMEORIGIN
content-type: application/json
accept-ranges: bytes
x-amz-cf-id: kP46Dg1KocNcdSANtHSoV3YgDiKjJW-sRgaCwDdXFJYU_UH6q2HFJg==

GET
H2 401 ssotoken Show response
qa-api.sso.moodysanalytics.net/sso-api/auth/ 35 B
529 B 602ms
206ms XHR
text/plain 54.189.123.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://qa-api.sso.moodysanalytics.net/sso-api/auth/ssotoken

Requested by

Host: qa.quiqspread.moodysanalytics.net
URL: https://qa.quiqspread.moodysanalytics.net/polyfills.771eb7227365647b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.189.123.176 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-189-123-176.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

6b47b3917c4feef8987cc2975e40f35ad4289a437eb9e9cab98f67fc58e39409

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com
Strict-Transport-Security	max-age=345360000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
x-moodys-app: creditlens
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://qa.quiqspread.moodysanalytics.net/
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 18 May 2024 11:42:04 GMT
content-encoding: gzip
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
server: nginx
content-security-policy: style-src 'self' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com
strict-transport-security: max-age=345360000
vary: Accept-Encoding,Origin
request-time: 0
content-type: text/plain; charset=UTF-8
x-frame-options: SAMEORIGIN
access-control-allow-origin: https://qa.quiqspread.moodysanalytics.net
cache-control: no-cache,max-age=0
access-control-allow-credentials: true
content-length: 61

GET
H2 200 favicon.ico
qa.quiqspread.moodysanalytics.net/ 1 KB
2 KB 621ms
621ms Other
image/vnd.microsoft.icon 18.244.18.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://qa.quiqspread.moodysanalytics.net/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-40.fra56.r.cloudfront.net

Software

none /

Resource Hash

28416318d535c7f5a1e104073147cb4f5b6ecf567a47ac7fefbe04b9e97623cd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self' https: .moodysanalytics.net; font-src 'self' https: .moodysanalytics.net .walkme.com .googleapis.com .gstatic.com data:; img-src 'self' https: .moodysanalytics.net .dtn.com .walkme.com s3.walkmeusercontent.com d3sbxpiag177w8.cloudfront.net data: blob:; style-src 'self' 'unsafe-inline' https: .moodysanalytics.net .walkme.com .googleapis.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: .moodysanalytics.net .dtn.com .walkme.com .googleapis.com .heapanalytics.com; frame-src 'self' https: .walkme.com; worker-src 'self' blob: ; connect-src https: wss: .moodysanalytics.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://qa.quiqspread.moodysanalytics.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 18 May 2024 11:42:04 GMT
via: 1.1 e4f83d72be7853fbcceb590827a5b68a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests; default-src 'self' https: *.moodysanalytics.net; font-src 'self' https: *.moodysanalytics.net *.walkme.com *.googleapis.com *.gstatic.com data:; img-src 'self' https: *.moodysanalytics.net *.dtn.com *.walkme.com s3.walkmeusercontent.com d3sbxpiag177w8.cloudfront.net data: blob:; style-src 'self' 'unsafe-inline' https: *.moodysanalytics.net *.walkme.com *.googleapis.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: *.moodysanalytics.net *.dtn.com *.walkme.com *.googleapis.com *.heapanalytics.com; frame-src 'self' https: *.walkme.com; worker-src 'self' blob: ; connect-src https: wss: *.moodysanalytics.net;
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P11
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 1150
x-xss-protection: 0
last-modified: Mon, 13 May 2024 08:42:22 GMT
server: none
etag: "2743eb2916f01985fb1d87548062011e"
x-frame-options: SAMEORIGIN
content-type: image/vnd.microsoft.icon
accept-ranges: bytes
x-amz-cf-id: B_sIyCP8KJhj75ejJgt_FNUZFit7y6aJ2Qn_ziMr_w4nIRcxJP9pDA==

GET federatedlogin
qa.banking.moodysanalytics.net/ 0
0

GET
H2 401 ssotoken
qa-api.sso.moodysanalytics.net/sso-api/auth/ 35 B
528 B 205ms
205ms XHR
text/plain 54.189.123.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://qa-api.sso.moodysanalytics.net/sso-api/auth/ssotoken

Requested by

Host: qa.quiqspread.moodysanalytics.net
URL: https://qa.quiqspread.moodysanalytics.net/polyfills.771eb7227365647b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.189.123.176 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-189-123-176.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com
Strict-Transport-Security	max-age=345360000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
x-moodys-app: creditlens
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://qa.quiqspread.moodysanalytics.net/
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 18 May 2024 11:42:04 GMT
content-encoding: gzip
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
server: nginx
content-security-policy: style-src 'self' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com
strict-transport-security: max-age=345360000
vary: Accept-Encoding,Origin
request-time: 1
content-type: text/plain; charset=UTF-8
x-frame-options: SAMEORIGIN
access-control-allow-origin: https://qa.quiqspread.moodysanalytics.net
cache-control: no-cache,max-age=0
access-control-allow-credentials: true
content-length: 61

GET federatedlogin
qa.banking.moodysanalytics.net/ 0
0

GET
H2 200 federatedlogin Show response
qa.banking.moodysanalytics.net/ 10 KB
11 KB 1213ms
1213ms Document
text/html 2600:9000:2490:6400:1b:9558:2140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://qa.banking.moodysanalytics.net/federatedlogin?referrerurl=https%3A%2F%2Fqa.quiqspread.moodysanalytics.net%2F

Requested by

Host: qa.quiqspread.moodysanalytics.net
URL: https://qa.quiqspread.moodysanalytics.net/main.a30e7b1bda86c804.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:6400:1b:9558:2140:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

none /

Resource Hash

8b87866e12fbe30abc905fc3e57b2f5864dffee46a335d65e81b81435677927f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self' https: .moodysanalytics.net; font-src 'self' https: .moodysanalytics.net .walkme.com .googleapis.com .gstatic.com data:; img-src 'self' https: .moodysanalytics.net .walkme.com s3.walkmeusercontent.com d3sbxpiag177w8.cloudfront.net data:; style-src 'self' 'unsafe-inline' https: .moodysanalytics.net .walkme.com .googleapis.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: .moodysanalytics.net .walkme.com .googleapis.com .heapanalytics.com; frame-src 'self' https: *.walkme.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://qa.quiqspread.moodysanalytics.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
content-length: 10050
content-security-policy: upgrade-insecure-requests; default-src 'self' https: *.moodysanalytics.net; font-src 'self' https: *.moodysanalytics.net *.walkme.com *.googleapis.com *.gstatic.com data:; img-src 'self' https: *.moodysanalytics.net *.walkme.com s3.walkmeusercontent.com d3sbxpiag177w8.cloudfront.net data:; style-src 'self' 'unsafe-inline' https: *.moodysanalytics.net *.walkme.com *.googleapis.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: *.moodysanalytics.net *.walkme.com *.googleapis.com *.heapanalytics.com; frame-src 'self' https: *.walkme.com;
content-type: text/html
date: Sat, 18 May 2024 11:42:06 GMT
etag: "02ebc3c298d9df9fd713d8ce7ab5a7e2"
last-modified: Wed, 08 May 2024 20:38:48 GMT
server: none
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 002af2e4f72157b8b4bd2de012b5b57c.cloudfront.net (CloudFront)
x-amz-cf-id: MiqUYp-jxi-3hMZ1M9e7Ay5pEwKqwiv2lWxxEV2MNDKaeGBpP_xvcw==
x-amz-cf-pop: FRA56-P6
x-amz-server-side-encryption: AES256
x-amz-version-id: null
x-cache: Error from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 runtime.809a76b24ab5fb50.js Show response
qa.banking.moodysanalytics.net/ 1 KB
2 KB 622ms
620ms Script
application/x-javascript 2600:9000:2490:6400:1b:9558:2140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://qa.banking.moodysanalytics.net/runtime.809a76b24ab5fb50.js

Requested by

Host: qa.banking.moodysanalytics.net
URL: https://qa.banking.moodysanalytics.net/federatedlogin?referrerurl=https%3A%2F%2Fqa.quiqspread.moodysanalytics.net%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:6400:1b:9558:2140:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

none /

Resource Hash

b695db41cd42937c0fdd9b52f83cf2064ffb63bcf0cabbf2e6e2503884b560fe

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self' https: .moodysanalytics.net; font-src 'self' https: .moodysanalytics.net .walkme.com .googleapis.com .gstatic.com data:; img-src 'self' https: .moodysanalytics.net .walkme.com s3.walkmeusercontent.com d3sbxpiag177w8.cloudfront.net data:; style-src 'self' 'unsafe-inline' https: .moodysanalytics.net .walkme.com .googleapis.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: .moodysanalytics.net .walkme.com .googleapis.com .heapanalytics.com; frame-src 'self' https: *.walkme.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://qa.banking.moodysanalytics.net/federatedlogin?referrerurl=https%3A%2F%2Fqa.quiqspread.moodysanalytics.net%2F
Origin: https://qa.banking.moodysanalytics.net
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: null
date: Sat, 18 May 2024 11:42:07 GMT
via: 1.1 002af2e4f72157b8b4bd2de012b5b57c.cloudfront.net (CloudFront)
content-security-policy: upgrade-insecure-requests; default-src 'self' https: *.moodysanalytics.net; font-src 'self' https: *.moodysanalytics.net *.walkme.com *.googleapis.com *.gstatic.com data:; img-src 'self' https: *.moodysanalytics.net *.walkme.com s3.walkmeusercontent.com d3sbxpiag177w8.cloudfront.net data:; style-src 'self' 'unsafe-inline' https: *.moodysanalytics.net *.walkme.com *.googleapis.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: *.moodysanalytics.net *.walkme.com *.googleapis.com *.heapanalytics.com; frame-src 'self' https: *.walkme.com;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P6
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 1227
x-xss-protection: 0
last-modified: Wed, 08 May 2024 20:38:49 GMT
server: none
etag: "f936ff2325523a534ed9651a61fa53c7"
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
accept-ranges: bytes
x-amz-cf-id: T3rc_0FtEmVhE_3XE-IKCODEH_JO57mfJsqyKdygrTcwGsJwNzUWtg==

GET
H2 200 polyfills.884ec4115f17caa0.js Show response
qa.banking.moodysanalytics.net/ 46 KB
47 KB 714ms
713ms Script
application/x-javascript 2600:9000:2490:6400:1b:9558:2140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://qa.banking.moodysanalytics.net/polyfills.884ec4115f17caa0.js

Requested by

Host: qa.banking.moodysanalytics.net
URL: https://qa.banking.moodysanalytics.net/federatedlogin?referrerurl=https%3A%2F%2Fqa.quiqspread.moodysanalytics.net%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:6400:1b:9558:2140:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

none /

Resource Hash

349b6dfbf445be0730c47e42981c60573d02b906eee9a1cdf04c3140ce92a7df

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self' https: .moodysanalytics.net; font-src 'self' https: .moodysanalytics.net .walkme.com .googleapis.com .gstatic.com data:; img-src 'self' https: .moodysanalytics.net .walkme.com s3.walkmeusercontent.com d3sbxpiag177w8.cloudfront.net data:; style-src 'self' 'unsafe-inline' https: .moodysanalytics.net .walkme.com .googleapis.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: .moodysanalytics.net .walkme.com .googleapis.com .heapanalytics.com; frame-src 'self' https: *.walkme.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://qa.banking.moodysanalytics.net/federatedlogin?referrerurl=https%3A%2F%2Fqa.quiqspread.moodysanalytics.net%2F
Origin: https://qa.banking.moodysanalytics.net
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: null
date: Sat, 18 May 2024 11:42:07 GMT
via: 1.1 002af2e4f72157b8b4bd2de012b5b57c.cloudfront.net (CloudFront)
content-security-policy: upgrade-insecure-requests; default-src 'self' https: *.moodysanalytics.net; font-src 'self' https: *.moodysanalytics.net *.walkme.com *.googleapis.com *.gstatic.com data:; img-src 'self' https: *.moodysanalytics.net *.walkme.com s3.walkmeusercontent.com d3sbxpiag177w8.cloudfront.net data:; style-src 'self' 'unsafe-inline' https: *.moodysanalytics.net *.walkme.com *.googleapis.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: *.moodysanalytics.net *.walkme.com *.googleapis.com *.heapanalytics.com; frame-src 'self' https: *.walkme.com;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P6
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 47485
x-xss-protection: 0
last-modified: Wed, 08 May 2024 20:38:49 GMT
server: none
etag: "692b3f6d2bb34a6cf2c78f60461ec2ab"
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
accept-ranges: bytes
x-amz-cf-id: TZ9o5j8rxYSx5WDGhUflSn1za9JtxxGfqTj3elchglcLD4UcflHT1g==

GET
H2 200 main.44001f49d2990667.js Show response
qa.banking.moodysanalytics.net/ 817 KB
818 KB 627ms
626ms Script
application/x-javascript 2600:9000:2490:6400:1b:9558:2140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://qa.banking.moodysanalytics.net/main.44001f49d2990667.js

Requested by

Host: qa.banking.moodysanalytics.net
URL: https://qa.banking.moodysanalytics.net/federatedlogin?referrerurl=https%3A%2F%2Fqa.quiqspread.moodysanalytics.net%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:6400:1b:9558:2140:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

none /

Resource Hash

3ecde4cedad90eeabd3a82b8d6c48491275048a91fcd2a98020b3189325e4e31

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self' https: .moodysanalytics.net; font-src 'self' https: .moodysanalytics.net .walkme.com .googleapis.com .gstatic.com data:; img-src 'self' https: .moodysanalytics.net .walkme.com s3.walkmeusercontent.com d3sbxpiag177w8.cloudfront.net data:; style-src 'self' 'unsafe-inline' https: .moodysanalytics.net .walkme.com .googleapis.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: .moodysanalytics.net .walkme.com .googleapis.com .heapanalytics.com; frame-src 'self' https: *.walkme.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://qa.banking.moodysanalytics.net/federatedlogin?referrerurl=https%3A%2F%2Fqa.quiqspread.moodysanalytics.net%2F
Origin: https://qa.banking.moodysanalytics.net
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: null
date: Sat, 18 May 2024 11:42:07 GMT
via: 1.1 002af2e4f72157b8b4bd2de012b5b57c.cloudfront.net (CloudFront)
content-security-policy: upgrade-insecure-requests; default-src 'self' https: *.moodysanalytics.net; font-src 'self' https: *.moodysanalytics.net *.walkme.com *.googleapis.com *.gstatic.com data:; img-src 'self' https: *.moodysanalytics.net *.walkme.com s3.walkmeusercontent.com d3sbxpiag177w8.cloudfront.net data:; style-src 'self' 'unsafe-inline' https: *.moodysanalytics.net *.walkme.com *.googleapis.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: *.moodysanalytics.net *.walkme.com *.googleapis.com *.heapanalytics.com; frame-src 'self' https: *.walkme.com;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P6
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 836231
x-xss-protection: 0
last-modified: Wed, 08 May 2024 20:38:48 GMT
server: none
etag: "9708094d072c847564d5151994207869"
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
accept-ranges: bytes
x-amz-cf-id: YqkIbHjh-c3yLw-wX1p3yhW_2yO1wLSmoy4zX2qz6hWLeUaCPHFMCw==

GET
H2 200 heap-2200169407.js Show response
cdn.heapanalytics.com/js/ 119 KB
38 KB 270ms
213ms Script
application/javascript 13.32.27.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-2200169407.js

Requested by

Host: qa.banking.moodysanalytics.net
URL: https://qa.banking.moodysanalytics.net/federatedlogin?referrerurl=https%3A%2F%2Fqa.quiqspread.moodysanalytics.net%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-5.fra56.r.cloudfront.net

Software

nginx / Express

Resource Hash

69f558c50fd0875c29d69425f314b5e367ae5029b6f9aa5bd5ae2ca7f2e018db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://qa.banking.moodysanalytics.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 18 May 2024 11:42:06 GMT
content-encoding: br
via: 1.1 a4af9b42c2ec29f616825af32712c204.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"1dd1e-JUiu9h2HXPq23oVVGgwM6EdPXdA"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=120
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: wZGxKvMhnB4pc7fx7YxvWhKn5lLoXpyzMl6d6zYfnk5KmGP6vLLtmw==

GET
H2 200 styles.200aec8cb5bc1d0e.css
qa.banking.moodysanalytics.net/ 93 KB
94 KB 700ms
700ms Stylesheet
text/css 2600:9000:2490:6400:1b:9558:2140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://qa.banking.moodysanalytics.net/styles.200aec8cb5bc1d0e.css

Requested by

Host: qa.banking.moodysanalytics.net
URL: https://qa.banking.moodysanalytics.net/federatedlogin?referrerurl=https%3A%2F%2Fqa.quiqspread.moodysanalytics.net%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:6400:1b:9558:2140:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

none /

Resource Hash

55f7caf3c62664ad127b14e1aaacce102d1617de59755f665ded1774af301439

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self' https: .moodysanalytics.net; font-src 'self' https: .moodysanalytics.net .walkme.com .googleapis.com .gstatic.com data:; img-src 'self' https: .moodysanalytics.net .walkme.com s3.walkmeusercontent.com d3sbxpiag177w8.cloudfront.net data:; style-src 'self' 'unsafe-inline' https: .moodysanalytics.net .walkme.com .googleapis.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: .moodysanalytics.net .walkme.com .googleapis.com .heapanalytics.com; frame-src 'self' https: *.walkme.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://qa.banking.moodysanalytics.net/federatedlogin?referrerurl=https%3A%2F%2Fqa.quiqspread.moodysanalytics.net%2F
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: null
date: Sat, 18 May 2024 11:42:07 GMT
via: 1.1 002af2e4f72157b8b4bd2de012b5b57c.cloudfront.net (CloudFront)
content-security-policy: upgrade-insecure-requests; default-src 'self' https: *.moodysanalytics.net; font-src 'self' https: *.moodysanalytics.net *.walkme.com *.googleapis.com *.gstatic.com data:; img-src 'self' https: *.moodysanalytics.net *.walkme.com s3.walkmeusercontent.com d3sbxpiag177w8.cloudfront.net data:; style-src 'self' 'unsafe-inline' https: *.moodysanalytics.net *.walkme.com *.googleapis.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: *.moodysanalytics.net *.walkme.com *.googleapis.com *.heapanalytics.com; frame-src 'self' https: *.walkme.com;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P6
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 95354
x-xss-protection: 0
last-modified: Wed, 08 May 2024 20:38:49 GMT
server: none
etag: "0267460f6d07eb51873d3ed1a0549966"
x-frame-options: SAMEORIGIN
content-type: text/css
accept-ranges: bytes
x-amz-cf-id: UUrJdQktboN3CiZ06jqrndSbJ_dM-Be0j3GEi2Ar0F8XQ2xYIVA2DQ==

GET
H2 200 h
heapanalytics.com/ 37 B
261 B 353ms
114ms Image
image/gif 34.225.48.49
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=2200169407&u=4084961100469244&v=3988383575093114&s=954285252452164&b=web&tv=4.0&z=0&h=%2Ffederatedlogin&q=%3Freferrerurl%3Dhttps%253A%252F%252Fqa.quiqspread.moodysanalytics.net%252F&d=qa.banking.moodysanalytics.net&t=Banking%20Portal&r=https%3A%2F%2Fqa.quiqspread.moodysanalytics.net%2F&k=Screen%20Resolution&k=1600%20x%201200&ts=1716032526122&ubv=124.0.6367.207&upv=10.0.0&st=1716032526125

Requested by

Host: qa.banking.moodysanalytics.net
URL: https://qa.banking.moodysanalytics.net/federatedlogin?referrerurl=https%3A%2F%2Fqa.quiqspread.moodysanalytics.net%2F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.225.48.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-225-48-49.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://qa.banking.moodysanalytics.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 18 May 2024 11:42:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 walkme_e451ae027c83467bb6cb3b559a24c29e_https.js
cdn.walkme.com/users/e451ae027c83467bb6cb3b559a24c29e/test/ 24 KB
9 KB 513ms
393ms Script
application/javascript 23.207.110.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.walkme.com/users/e451ae027c83467bb6cb3b559a24c29e/test/walkme_e451ae027c83467bb6cb3b559a24c29e_https.js

Requested by

Host: qa.banking.moodysanalytics.net
URL: https://qa.banking.moodysanalytics.net/main.44001f49d2990667.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.207.110.35 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-207-110-35.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000;includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://qa.banking.moodysanalytics.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 8geL_nRbllKovQ1VkUZafBO00diZ2pjB
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 18 May 2024 11:42:07 GMT
access-control-allow-private-network: true
x-amz-request-id: WC0W9H5T8VN5JRRG
x-amz-server-side-encryption: AES256
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=31536000;includeSubdomains
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
content-length: 8515
x-amz-id-2: 2Yo7aPv3rUlY5Rf4k87JiiPL0razS+mPIQ72E1PRP8SBTOU7SZXFhEjv7vqRGQRcmqAGJ6saCio=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 12 Jul 2023 19:16:31 GMT
etag: "d3a4ae3ce3ead13f741724af87ac1acd"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 sisense-sdk-element.js
qa.webcomponents.moodysanalytics.net/sisense-sdk-element/latest/ 1 MB
1 MB 759ms
659ms Script
application/javascript 2600:9000:235a:a600:1:bff1:b00:93a1

General

Check archive.org

Show headers Download Go to

Full URL

https://qa.webcomponents.moodysanalytics.net/sisense-sdk-element/latest/sisense-sdk-element.js

Requested by

Host: qa.banking.moodysanalytics.net
URL: https://qa.banking.moodysanalytics.net/main.44001f49d2990667.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:235a:a600:1:bff1:b00:93a1 -, , ASN (),

Reverse DNS

Software

none /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self' https: .moodysanalytics.net; font-src 'self' https: .moodysanalytics.net .walkme.com .googleapis.com .gstatic.com data:; img-src 'self' https: .moodysanalytics.net .walkme.com s3.walkmeusercontent.com d3sbxpiag177w8.cloudfront.net data:; style-src 'self' 'unsafe-inline' https: .moodysanalytics.net .walkme.com .googleapis.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: .moodysanalytics.net .walkme.com .googleapis.com .heapanalytics.com; frame-src 'self' https: *.walkme.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://qa.banking.moodysanalytics.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 18 May 2024 11:42:08 GMT
via: 1.1 7a0989f96d7fa4864ba49c5b0d586bb2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests; default-src 'self' https: *.moodysanalytics.net; font-src 'self' https: *.moodysanalytics.net *.walkme.com *.googleapis.com *.gstatic.com data:; img-src 'self' https: *.moodysanalytics.net *.walkme.com s3.walkmeusercontent.com d3sbxpiag177w8.cloudfront.net data:; style-src 'self' 'unsafe-inline' https: *.moodysanalytics.net *.walkme.com *.googleapis.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: *.moodysanalytics.net *.walkme.com *.googleapis.com *.heapanalytics.com; frame-src 'self' https: *.walkme.com;
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 1383145
x-xss-protection: 0
last-modified: Sat, 13 Apr 2024 17:50:27 GMT
server: none
etag: "c7be4d801330ed65ed2f24ba784d3874"
x-frame-options: SAMEORIGIN
content-type: application/javascript
accept-ranges: bytes
x-amz-cf-id: yz6A7_lwz4opS58uuzrsuqXSQKTu97FZv4El-FE6dgAlWF56daEqQw==

GET mdc-gateway-drawer.js
stg.moodys.com/mfe/mdc-gateway-drawer/build/ 0
0

GET
H2 200 odi-element.js
qa.webcomponents.moodysanalytics.net/odi-element/latest/ 3 MB
3 MB 859ms
760ms Script
text/javascript 2600:9000:235a:a600:1:bff1:b00:93a1

General

Check archive.org

Show headers Download Go to

Full URL

https://qa.webcomponents.moodysanalytics.net/odi-element/latest/odi-element.js

Requested by

Host: qa.banking.moodysanalytics.net
URL: https://qa.banking.moodysanalytics.net/main.44001f49d2990667.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:235a:a600:1:bff1:b00:93a1 -, , ASN (),

Reverse DNS

Software

none /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self' https: .moodysanalytics.net; font-src 'self' https: .moodysanalytics.net .walkme.com .googleapis.com .gstatic.com data:; img-src 'self' https: .moodysanalytics.net .walkme.com s3.walkmeusercontent.com d3sbxpiag177w8.cloudfront.net data:; style-src 'self' 'unsafe-inline' https: .moodysanalytics.net .walkme.com .googleapis.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: .moodysanalytics.net .walkme.com .googleapis.com .heapanalytics.com; frame-src 'self' https: *.walkme.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://qa.banking.moodysanalytics.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 18 May 2024 11:42:08 GMT
via: 1.1 7a0989f96d7fa4864ba49c5b0d586bb2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests; default-src 'self' https: *.moodysanalytics.net; font-src 'self' https: *.moodysanalytics.net *.walkme.com *.googleapis.com *.gstatic.com data:; img-src 'self' https: *.moodysanalytics.net *.walkme.com s3.walkmeusercontent.com d3sbxpiag177w8.cloudfront.net data:; style-src 'self' 'unsafe-inline' https: *.moodysanalytics.net *.walkme.com *.googleapis.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: *.moodysanalytics.net *.walkme.com *.googleapis.com *.heapanalytics.com; frame-src 'self' https: *.walkme.com;
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 2623354
x-xss-protection: 0
last-modified: Tue, 26 Mar 2024 18:16:29 GMT
server: none
etag: "3959959fef5bbe5ae3a564e33f219531"
x-frame-options: SAMEORIGIN
content-type: text/javascript
accept-ranges: bytes
x-amz-cf-id: NagmXRiDlohMQ6k6RZ_TuiYolJ3iCqpf4G0RHX-xYIJ-vyXnVIH1og==

GET
H2 200 icon
fonts.googleapis.com/ 2 KB
916 B 80ms
29ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons|Material+Icons+Outlined|Material+Icons+Round&display=block

Requested by

Host: qa.banking.moodysanalytics.net
URL: https://qa.banking.moodysanalytics.net/main.44001f49d2990667.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://qa.banking.moodysanalytics.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Sat, 18 May 2024 11:42:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 18 May 2024 11:42:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 18 May 2024 11:42:06 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
801 B 80ms
30ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500

Requested by

Host: qa.banking.moodysanalytics.net
URL: https://qa.banking.moodysanalytics.net/main.44001f49d2990667.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://qa.banking.moodysanalytics.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Sat, 18 May 2024 11:42:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 18 May 2024 10:25:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 18 May 2024 11:42:06 GMT

GET
H2 200 css2
fonts.googleapis.com/ 631 B
450 B 81ms
30ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Material+Symbols+Outlined:opsz,wght,FILL,GRAD@20..48,100..700,0..1,-50..200

Requested by

Host: qa.banking.moodysanalytics.net
URL: https://qa.banking.moodysanalytics.net/main.44001f49d2990667.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://qa.banking.moodysanalytics.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Sat, 18 May 2024 11:42:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 18 May 2024 11:42:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 18 May 2024 11:42:06 GMT

GET
H2 401 ssotoken
qa-api.sso.moodysanalytics.net/sso-api/auth/ 35 B
525 B 207ms
207ms XHR
text/plain 54.189.123.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://qa-api.sso.moodysanalytics.net/sso-api/auth/ssotoken

Requested by

Host: qa.banking.moodysanalytics.net
URL: https://qa.banking.moodysanalytics.net/polyfills.884ec4115f17caa0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.189.123.176 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-189-123-176.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com
Strict-Transport-Security	max-age=345360000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/json, text/plain, */*
Referer: https://qa.banking.moodysanalytics.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 18 May 2024 11:42:06 GMT
content-encoding: gzip
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
server: nginx
content-security-policy: style-src 'self' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com
strict-transport-security: max-age=345360000
vary: Accept-Encoding,Origin
request-time: 1
content-type: text/plain; charset=UTF-8
x-frame-options: SAMEORIGIN
access-control-allow-origin: https://qa.banking.moodysanalytics.net
cache-control: no-cache,max-age=0
access-control-allow-credentials: true
content-length: 61

GET
H2 401 ssotoken
qa-api.sso.moodysanalytics.net/sso-api/auth/ 35 B
525 B 380ms
205ms XHR
text/plain 54.189.123.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://qa-api.sso.moodysanalytics.net/sso-api/auth/ssotoken

Requested by

Host: qa.banking.moodysanalytics.net
URL: https://qa.banking.moodysanalytics.net/polyfills.884ec4115f17caa0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.189.123.176 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-189-123-176.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com
Strict-Transport-Security	max-age=345360000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/json, text/plain, */*
Referer: https://qa.banking.moodysanalytics.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 18 May 2024 11:42:06 GMT
content-encoding: gzip
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
server: nginx
content-security-policy: style-src 'self' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com
strict-transport-security: max-age=345360000
vary: Accept-Encoding,Origin
request-time: 0
content-type: text/plain; charset=UTF-8
x-frame-options: SAMEORIGIN
access-control-allow-origin: https://qa.banking.moodysanalytics.net
cache-control: no-cache,max-age=0
access-control-allow-credentials: true
content-length: 61

GET
H/1.1

200
OK

Primary Request login.htm
stg-login.moodysanalytics.com/login/
Redirect Chain

https://qa-api.sso.moodysanalytics.net/sso-api/auth/ma/login
https://qa-auth.rafa.moodysanalytics.net/oauth2/authorize?scope=openid&response_type=code&redirect_uri=https%3A%2F%2Fqa-api.sso.moodysanalytics.net%2Fsso-api%2Fauth%2Fma%2FcallBack&client_id=mM3er8...
https://login.map-canary.moodys.com/oauth2/v1/authorize?scope=openid&response_type=code&redirect_uri=https%3A%2F%2Fqa-auth.rafa.moodysanalytics.net%2Fcommonauth&state=841bc568-2b78-4669-90e7-f08ae5...
https://canary-auth.auth.us-west-2.amazoncognito.com/oauth2/authorize?identity_provider=ssov2-stg-okta&redirect_uri=https://login.map-canary.moodys.com/oauth2/v1/federate-callback&response_type=cod...
https://stg-login.moodysanalytics.com/app/stg-moodysanalytics_ssov2saml_1/exkcdvlzsyuBISSdY697/sso/saml?SAMLRequest=fVJbT8IwGH33Vyx9724M2Ro2gxoTEnwRMNEX8tEVqG7t7Neh89dbBhj1wZeml3P5ck7HVx915e2FQalVT...
https://stg-login.moodysanalytics.com/login/login.htm?fromURI=%2Fapp%2Fstg-moodysanalytics_ssov2saml_1%2FexkcdvlzsyuBISSdY697%2Fsso%2Fsaml%3FSAMLRequest%3DfVJbT8IwGH33Vyx9724M2Ro2gxoTEnwRMNEX8tEVqG...

35 KB
13 KB

370ms
369ms

Document
text/html

76.223.112.12

General

Check archive.org

Show headers Download Go to

Full URL

https://stg-login.moodysanalytics.com/login/login.htm?fromURI=%2Fapp%2Fstg-moodysanalytics_ssov2saml_1%2FexkcdvlzsyuBISSdY697%2Fsso%2Fsaml%3FSAMLRequest%3DfVJbT8IwGH33Vyx9724M2Ro2gxoTEnwRMNEX8tEVqG7t7Neh89dbBhj1wZeml3P5ck7HVx915e2FQalVTiI%252FJJ5QXJdSbXOyXNzRlFwVF2OEuoobNmntTj2It1ag9SaIwljHu9EK21qYuTB7ycXyYZaTnbUNsiDgoMB0FBzR75cW6btj09iHGj6189oqabXPdR30LoEsGyOwcaKCeLcOKxXYfryzKNotrfRWKr%252FWuuzQeVSdlRx7FWiaHvHnbYWo9%252FHBYhUF4uOVl%252FvqE7v2ejqfl0%252BX2ShwgH4E4k1vc7IahEkKWTakack3NMmylKZw6XawXosYBqNEJA6K2IqpQgvK5iQO44SGQxqliyhiSczCzA8Hw2fiPZ4zjg8Zu9QVsmOqOWmNYhpQIlNQC2SWs%252FnkfsYclDVGW811RYpjCaw3NN6dNjXY%252F7mHG1nSTQ9lQllpu1%252Fe%252F9PhXDApDrBjX%252BxUGMOGfXe52rXrCs3mRY6Dn1MWp%252BPvn1N8AQ%253D%253D%26RelayState%3DH4sIAAAAAAAAAD1R2ZLaMBD8Fz0jY8uneFtMWCAhy8acm0pRkiVj4UPGkjGQyr9HbFXyouma7ulR9fwGBIxAp2DPlYbomHe0VG12FmAAqGGUklcElT5BWWhimqlpEtacCu27HaNNfkW5DHDWnqv8bHhm-FzrRo2Gw1KeRG1VpIEpqUl7tyop2V1ZqayGknQ6R8OrM8w44y3R3IjKkpK0MC7cuKSScQMzA5OX5TcDT2D0E5D-aXCqhZaWEqbWVqd4axFWifo5WhFRmiobXgtmQJPL-mnUtDITJQe_BiA3npgiP4hQAFPmYOg5fgAxZTak2HZYhDyf0tRMFUY6m_YinBCRPGbZbsPI-oZex_2PmDdJMfnovf7Kj-VFbQ7x9fZW6_Cm4qU9iZz1frkt-ixpy9l21fpLMd2L-7l2vl_gmWw3pJgVyXzp36fj7U6vmrH78bqV8J68d_HXN3dxucQLH6W7L3Qx3p_7VezMl2varET3mOv3-cuk2x2kUz_KU5_MH-MiP0w98-Pymd1n3vCZsfX5_L-wRSrykPW_BM0pzEgFRk7oBLaLfIRNUmCUkVLxAWiNV8idIHRxAF3fY9CjEYfYtxHEge0znBEnRM-12kiPru1FBGMfRizNoIdxBCMSGEQo5Yi4occ98Ocvo5MAOXUCAAA.H4sIAAAAAAAAAPNR5XCZHWZav2WyktRLPvvv56eecLY9d3Hxk1cHO8LZMqoAIcAcMCAAAAA.3

Requested by

Host: qa.banking.moodysanalytics.net
URL: https://qa.banking.moodysanalytics.net/main.44001f49d2990667.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.112.12 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://qa.banking.moodysanalytics.net/federatedlogin?referrerurl=https:%2F%2Fqa.quiqspread.moodysanalytics.net%2F
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=utf-8
Date: Sat, 18 May 2024 11:42:09 GMT
Keep-Alive: timeout=5, max=99
Server: nginx
Strict-Transport-Security: max-age=315360000; includeSubDomains
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Robots-Tag: noindex,nofollow
accept-ch: Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store
content-language: de
content-security-policy-report-only: default-src 'self' stg-moodysanalytics.okta.com stg-login.moodysanalytics.com *.oktacdn.com; connect-src 'self' stg-moodysanalytics.okta.com stg-moodysanalytics-admin.okta.com stg-login.moodysanalytics.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta.com stg-moodysanalytics.kerberos.okta.com https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' stg-moodysanalytics.okta.com stg-login.moodysanalytics.com *.oktacdn.com; style-src 'unsafe-inline' 'self' stg-moodysanalytics.okta.com stg-login.moodysanalytics.com *.oktacdn.com; frame-src 'self' stg-moodysanalytics.okta.com stg-moodysanalytics-admin.okta.com stg-login.moodysanalytics.com login.okta.com; img-src 'self' stg-moodysanalytics.okta.com stg-login.moodysanalytics.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' stg-moodysanalytics.okta.com stg-login.moodysanalytics.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self' https://login.map-canary.moodys.com https://canary-auth.auth.us-west-2.amazoncognito.com
expires: 0
p3p: CP="HONK"
pragma: no-cache
x-content-type-options: nosniff
x-okta-request-id: ZkiUESAXRqeueUckuzcXowAAAiY
x-rate-limit-limit: 60
x-rate-limit-remaining: 59
x-rate-limit-reset: 1716032589
x-ua-compatible: IE=edge
x-xss-protection: 0

Redirect headers

Connection: Keep-Alive
Content-Length: 0
Date: Sat, 18 May 2024 11:42:09 GMT
Keep-Alive: timeout=5, max=100
Server: nginx
Strict-Transport-Security: max-age=315360000; includeSubDomains
X-Robots-Tag: noindex,nofollow
content-language: en
content-security-policy-report-only: default-src 'self' stg-moodysanalytics.okta.com stg-login.moodysanalytics.com *.oktacdn.com; connect-src 'self' stg-moodysanalytics.okta.com stg-moodysanalytics-admin.okta.com stg-login.moodysanalytics.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta.com stg-moodysanalytics.kerberos.okta.com https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' stg-moodysanalytics.okta.com stg-login.moodysanalytics.com *.oktacdn.com; style-src 'unsafe-inline' 'self' stg-moodysanalytics.okta.com stg-login.moodysanalytics.com *.oktacdn.com; frame-src 'self' stg-moodysanalytics.okta.com stg-moodysanalytics-admin.okta.com stg-login.moodysanalytics.com login.okta.com; img-src 'self' stg-moodysanalytics.okta.com stg-login.moodysanalytics.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' stg-moodysanalytics.okta.com stg-login.moodysanalytics.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self' https://login.map-canary.moodys.com https://canary-auth.auth.us-west-2.amazoncognito.com
location: https://stg-login.moodysanalytics.com/login/login.htm?fromURI=%2Fapp%2Fstg-moodysanalytics_ssov2saml_1%2FexkcdvlzsyuBISSdY697%2Fsso%2Fsaml%3FSAMLRequest%3DfVJbT8IwGH33Vyx9724M2Ro2gxoTEnwRMNEX8tEVqG7t7Neh89dbBhj1wZeml3P5ck7HVx915e2FQalVTiI%252FJJ5QXJdSbXOyXNzRlFwVF2OEuoobNmntTj2It1ag9SaIwljHu9EK21qYuTB7ycXyYZaTnbUNsiDgoMB0FBzR75cW6btj09iHGj6189oqabXPdR30LoEsGyOwcaKCeLcOKxXYfryzKNotrfRWKr%252FWuuzQeVSdlRx7FWiaHvHnbYWo9%252FHBYhUF4uOVl%252FvqE7v2ejqfl0%252BX2ShwgH4E4k1vc7IahEkKWTakack3NMmylKZw6XawXosYBqNEJA6K2IqpQgvK5iQO44SGQxqliyhiSczCzA8Hw2fiPZ4zjg8Zu9QVsmOqOWmNYhpQIlNQC2SWs%252FnkfsYclDVGW811RYpjCaw3NN6dNjXY%252F7mHG1nSTQ9lQllpu1%252Fe%252F9PhXDApDrBjX%252BxUGMOGfXe52rXrCs3mRY6Dn1MWp%252BPvn1N8AQ%253D%253D%26RelayState%3DH4sIAAAAAAAAAD1R2ZLaMBD8Fz0jY8uneFtMWCAhy8acm0pRkiVj4UPGkjGQyr9HbFXyouma7ulR9fwGBIxAp2DPlYbomHe0VG12FmAAqGGUklcElT5BWWhimqlpEtacCu27HaNNfkW5DHDWnqv8bHhm-FzrRo2Gw1KeRG1VpIEpqUl7tyop2V1ZqayGknQ6R8OrM8w44y3R3IjKkpK0MC7cuKSScQMzA5OX5TcDT2D0E5D-aXCqhZaWEqbWVqd4axFWifo5WhFRmiobXgtmQJPL-mnUtDITJQe_BiA3npgiP4hQAFPmYOg5fgAxZTak2HZYhDyf0tRMFUY6m_YinBCRPGbZbsPI-oZex_2PmDdJMfnovf7Kj-VFbQ7x9fZW6_Cm4qU9iZz1frkt-ixpy9l21fpLMd2L-7l2vl_gmWw3pJgVyXzp36fj7U6vmrH78bqV8J68d_HXN3dxucQLH6W7L3Qx3p_7VezMl2varET3mOv3-cuk2x2kUz_KU5_MH-MiP0w98-Pymd1n3vCZsfX5_L-wRSrykPW_BM0pzEgFRk7oBLaLfIRNUmCUkVLxAWiNV8idIHRxAF3fY9CjEYfYtxHEge0znBEnRM-12kiPru1FBGMfRizNoIdxBCMSGEQo5Yi4occ98Ocvo5MAOXUCAAA.H4sIAAAAAAAAAPNR5XCZHWZav2WyktRLPvvv56eecLY9d3Hxk1cHO8LZMqoAIcAcMCAAAAA.3
p3p: CP="HONK"
x-okta-request-id: ZkiUESAXRqeueUckuzcXoQAAAiY
x-xss-protection: 0

GET
H2 200 MoodysLogoWhite-2024.svg
qa.webcomponents.moodysanalytics.net/images/logos/ 2 KB
3 KB 703ms
654ms Image
image/svg+xml 2600:9000:235a:a600:1:bff1:b00:93a1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://qa.webcomponents.moodysanalytics.net/images/logos/MoodysLogoWhite-2024.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:235a:a600:1:bff1:b00:93a1 -, , ASN (),

Reverse DNS

Software

none /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self' https: .moodysanalytics.net; font-src 'self' https: .moodysanalytics.net .walkme.com .googleapis.com .gstatic.com data:; img-src 'self' https: .moodysanalytics.net .walkme.com s3.walkmeusercontent.com d3sbxpiag177w8.cloudfront.net data:; style-src 'self' 'unsafe-inline' https: .moodysanalytics.net .walkme.com .googleapis.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: .moodysanalytics.net .walkme.com .googleapis.com .heapanalytics.com; frame-src 'self' https: *.walkme.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://qa.banking.moodysanalytics.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 18 May 2024 11:42:08 GMT
via: 1.1 7a0989f96d7fa4864ba49c5b0d586bb2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests; default-src 'self' https: *.moodysanalytics.net; font-src 'self' https: *.moodysanalytics.net *.walkme.com *.googleapis.com *.gstatic.com data:; img-src 'self' https: *.moodysanalytics.net *.walkme.com s3.walkmeusercontent.com d3sbxpiag177w8.cloudfront.net data:; style-src 'self' 'unsafe-inline' https: *.moodysanalytics.net *.walkme.com *.googleapis.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: *.moodysanalytics.net *.walkme.com *.googleapis.com *.heapanalytics.com; frame-src 'self' https: *.walkme.com;
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 1936
x-xss-protection: 0
last-modified: Tue, 07 May 2024 20:43:32 GMT
server: none
etag: "fe9db1f22b49164cca8e33d2bc50890a"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
x-amz-cf-id: _XvggvEbaMYLdSR-QGKau46jgAYon3sStP4uifhX7fZ5owt1DYKu5w==

GET
H2 200 Banking_Portal_Duo.svg
qa.webcomponents.moodysanalytics.net/images/logos/ 2 KB
3 KB 772ms
724ms Image
image/svg+xml 2600:9000:235a:a600:1:bff1:b00:93a1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://qa.webcomponents.moodysanalytics.net/images/logos/Banking_Portal_Duo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:235a:a600:1:bff1:b00:93a1 -, , ASN (),

Reverse DNS

Software

none /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self' https: .moodysanalytics.net; font-src 'self' https: .moodysanalytics.net .walkme.com .googleapis.com .gstatic.com data:; img-src 'self' https: .moodysanalytics.net .walkme.com s3.walkmeusercontent.com d3sbxpiag177w8.cloudfront.net data:; style-src 'self' 'unsafe-inline' https: .moodysanalytics.net .walkme.com .googleapis.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: .moodysanalytics.net .walkme.com .googleapis.com .heapanalytics.com; frame-src 'self' https: *.walkme.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://qa.banking.moodysanalytics.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 18 May 2024 11:42:08 GMT
via: 1.1 7a0989f96d7fa4864ba49c5b0d586bb2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests; default-src 'self' https: *.moodysanalytics.net; font-src 'self' https: *.moodysanalytics.net *.walkme.com *.googleapis.com *.gstatic.com data:; img-src 'self' https: *.moodysanalytics.net *.walkme.com s3.walkmeusercontent.com d3sbxpiag177w8.cloudfront.net data:; style-src 'self' 'unsafe-inline' https: *.moodysanalytics.net *.walkme.com *.googleapis.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: *.moodysanalytics.net *.walkme.com *.googleapis.com *.heapanalytics.com; frame-src 'self' https: *.walkme.com;
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 07 May 2024 20:43:32 GMT
server: none
etag: "37ce897f38127bb8f18f8e22af7daefa"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
x-amz-cf-id: knUClYgiF1xouiO2cSRuJC_yY9nLAvqSeBH4cBX_Gjj4utVNtc0F4A==

GET
H2 200 ma-logo.svg
qa.webcomponents.moodysanalytics.net/images/logos/ 3 KB
4 KB 670ms
622ms Image
image/svg+xml 2600:9000:235a:a600:1:bff1:b00:93a1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://qa.webcomponents.moodysanalytics.net/images/logos/ma-logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:235a:a600:1:bff1:b00:93a1 -, , ASN (),

Reverse DNS

Software

none /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self' https: .moodysanalytics.net; font-src 'self' https: .moodysanalytics.net .walkme.com .googleapis.com .gstatic.com data:; img-src 'self' https: .moodysanalytics.net .walkme.com s3.walkmeusercontent.com d3sbxpiag177w8.cloudfront.net data:; style-src 'self' 'unsafe-inline' https: .moodysanalytics.net .walkme.com .googleapis.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: .moodysanalytics.net .walkme.com .googleapis.com .heapanalytics.com; frame-src 'self' https: *.walkme.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://qa.banking.moodysanalytics.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 18 May 2024 11:42:08 GMT
via: 1.1 7a0989f96d7fa4864ba49c5b0d586bb2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests; default-src 'self' https: *.moodysanalytics.net; font-src 'self' https: *.moodysanalytics.net *.walkme.com *.googleapis.com *.gstatic.com data:; img-src 'self' https: *.moodysanalytics.net *.walkme.com s3.walkmeusercontent.com d3sbxpiag177w8.cloudfront.net data:; style-src 'self' 'unsafe-inline' https: *.moodysanalytics.net *.walkme.com *.googleapis.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: *.moodysanalytics.net *.walkme.com *.googleapis.com *.heapanalytics.com; frame-src 'self' https: *.walkme.com;
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 3454
x-xss-protection: 0
last-modified: Tue, 07 May 2024 20:43:32 GMT
server: none
etag: "6bd8989f7f86ed0ffbf00aee4f2a855e"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
x-amz-cf-id: Qc_7Wz7A51oNTLVotceu4x6PlQI9AxUm5Url86CaLodfo6wpJ3UMRw==

GET
H2 200 icon-social-new.svg
qa.webcomponents.moodysanalytics.net/images/ 18 KB
19 KB 665ms
620ms Image
image/svg+xml 2600:9000:235a:a600:1:bff1:b00:93a1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://qa.webcomponents.moodysanalytics.net/images/icon-social-new.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:235a:a600:1:bff1:b00:93a1 -, , ASN (),

Reverse DNS

Software

none /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self' https: .moodysanalytics.net; font-src 'self' https: .moodysanalytics.net .walkme.com .googleapis.com .gstatic.com data:; img-src 'self' https: .moodysanalytics.net .walkme.com s3.walkmeusercontent.com d3sbxpiag177w8.cloudfront.net data:; style-src 'self' 'unsafe-inline' https: .moodysanalytics.net .walkme.com .googleapis.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: .moodysanalytics.net .walkme.com .googleapis.com .heapanalytics.com; frame-src 'self' https: *.walkme.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://qa.banking.moodysanalytics.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 18 May 2024 11:42:08 GMT
via: 1.1 7a0989f96d7fa4864ba49c5b0d586bb2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests; default-src 'self' https: *.moodysanalytics.net; font-src 'self' https: *.moodysanalytics.net *.walkme.com *.googleapis.com *.gstatic.com data:; img-src 'self' https: *.moodysanalytics.net *.walkme.com s3.walkmeusercontent.com d3sbxpiag177w8.cloudfront.net data:; style-src 'self' 'unsafe-inline' https: *.moodysanalytics.net *.walkme.com *.googleapis.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: *.moodysanalytics.net *.walkme.com *.googleapis.com *.heapanalytics.com; frame-src 'self' https: *.walkme.com;
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 18332
x-xss-protection: 0
last-modified: Tue, 07 May 2024 20:43:32 GMT
server: none
etag: "dcbbab5bb4832387fbab795816a9a989"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
x-amz-cf-id: CzzO85RkY4bpqjZkttRX2d3G5RH1jh63bx0cRUrw6QxrL6yW0GYqJw==

GET
H2 200 h
heapanalytics.com/ 37 B
260 B 115ms
114ms Image
image/gif 34.225.48.49
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=2200169407&u=4084961100469244&v=6210192052805514&s=954285252452164&b=web&tv=4.0&z=2&h=%2Ffederatedlogin&q=%3Freferrerurl%3Dhttps%3A%252F%252Fqa.quiqspread.moodysanalytics.net%252F&d=qa.banking.moodysanalytics.net&t=Banking%20Portal&r=https%3A%2F%2Fqa.quiqspread.moodysanalytics.net%2F&k=Screen%20Resolution&k=1600%20x%201200&ts=1716032526733&pr=%2Ffederatedlogin&sp=r&sp=https%3A%2F%2Fqa.quiqspread.moodysanalytics.net%2F&sp=ts&sp=1716032526122&sp=d&sp=qa.banking.moodysanalytics.net&sp=h&sp=%2Ffederatedlogin&sp=q&sp=%3Freferrerurl%3Dhttps%253A%252F%252Fqa.quiqspread.moodysanalytics.net%252F&ubv=124.0.6367.207&upv=10.0.0&st=1716032526734

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.225.48.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-225-48-49.compute-1.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://qa.banking.moodysanalytics.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 18 May 2024 11:42:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 22ms
21ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://qa.banking.moodysanalytics.net
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 14:07:33 GMT
x-content-type-options: nosniff
age: 336873
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 May 2025 14:07:33 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 27ms
27ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://qa.banking.moodysanalytics.net
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 14:12:21 GMT
x-content-type-options: nosniff
age: 336585
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 May 2025 14:12:21 GMT

GET
H2 200 settings.txt
cdn.walkme.com/users/e451ae027c83467bb6cb3b559a24c29e/test/ 2 KB
1 KB 133ms
132ms Script
application/javascript 23.207.110.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.walkme.com/users/e451ae027c83467bb6cb3b559a24c29e/test/settings.txt

Requested by

Host: cdn.walkme.com
URL: https://cdn.walkme.com/users/e451ae027c83467bb6cb3b559a24c29e/test/walkme_e451ae027c83467bb6cb3b559a24c29e_https.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.207.110.35 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-207-110-35.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000;includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://qa.banking.moodysanalytics.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: fG6kN0xpMQWcoxi0aNmJA4Wjrrbhxsxb
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 18 May 2024 11:42:07 GMT
access-control-allow-private-network: true
x-amz-request-id: 44KJ2Z6WZWFX5BRZ
x-amz-server-side-encryption: AES256
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=31536000;includeSubdomains
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
content-length: 658
x-amz-id-2: Sobhzak3dOEXPV/J53FZcPbWgc/W8b2c9qWpTvD422SGpKOW2fS6+FjjJbdHmX7tfZ8j0wNGRDQ=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 12 Jul 2023 19:16:31 GMT
etag: "6ff4c805801b75f95f012744374fab57"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 wmjQuery33121.js
cdn.walkme.com/player/resources/ 87 KB
30 KB 35ms
34ms Script
application/javascript 23.207.110.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.walkme.com/player/resources/wmjQuery33121.js

Requested by

Host: cdn.walkme.com
URL: https://cdn.walkme.com/users/e451ae027c83467bb6cb3b559a24c29e/test/walkme_e451ae027c83467bb6cb3b559a24c29e_https.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.207.110.35 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-207-110-35.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000;includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://qa.banking.moodysanalytics.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: dpj4bAlfG6UlhFPdf_TGly9sgsSAJ5Ge
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 18 May 2024 11:42:07 GMT
access-control-allow-private-network: true
x-amz-request-id: 0BZ0WVQT2KGA3NMM
x-amz-server-side-encryption: AES256
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=31536000;includeSubdomains
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
content-length: 30035
x-amz-id-2: fTRsypoPal4NJISh5NRr42eo2Mu4CHT7ypdbXf/Lkp5EBBAlomjt82L45OdOS3utbBYlpuIrDOw=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 03 May 2022 06:44:33 GMT
etag: "b00eee8317d72ce865b995c31f1f95ff"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=22230493
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 prelib-plugin-1f85f949-2108-3a8c-b6fb-f6b1a5e07f98.js
cdn.walkme.com/users/e451ae027c83467bb6cb3b559a24c29e/test/scripts/ 101 KB
30 KB 131ms
131ms Script
application/x-javascript 23.207.110.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.walkme.com/users/e451ae027c83467bb6cb3b559a24c29e/test/scripts/prelib-plugin-1f85f949-2108-3a8c-b6fb-f6b1a5e07f98.js

Requested by

Host: cdn.walkme.com
URL: https://cdn.walkme.com/users/e451ae027c83467bb6cb3b559a24c29e/test/walkme_e451ae027c83467bb6cb3b559a24c29e_https.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.207.110.35 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-207-110-35.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000;includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://qa.banking.moodysanalytics.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 67KHjMBYpedWZKbE26ThyXCRCpzHFMZV
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 18 May 2024 11:42:07 GMT
access-control-allow-private-network: true
x-amz-request-id: SPMQE43A04NE02YZ
x-amz-server-side-encryption: AES256
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=31536000;includeSubdomains
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
content-length: 30135
x-amz-id-2: 2Otqk3aArQJboVslsxsuqEQ8l9ETPk7FVqqG6epj/8bYuj31+LxsnMCr2K9OELWK2VboQXZMA0Y=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 24 Jan 2022 23:09:29 GMT
etag: "41a8dcd68fc8bb2ab3f7e832abb99b7a"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=30027557
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 walkme_lib_20230705-123713-231711f4-3fc88405.br.js
cdn.walkme.com/player/lib/ 2 MB
370 KB 51ms
51ms Script
application/javascript 23.207.110.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.walkme.com/player/lib/walkme_lib_20230705-123713-231711f4-3fc88405.br.js

Requested by

Host: cdn.walkme.com
URL: https://cdn.walkme.com/users/e451ae027c83467bb6cb3b559a24c29e/test/walkme_e451ae027c83467bb6cb3b559a24c29e_https.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.207.110.35 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-207-110-35.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000;includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://qa.banking.moodysanalytics.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: leLib7wHa3mrXfZzty4FjpSWgmsKVBvj
content-encoding: br
x-content-type-options: nosniff
date: Sat, 18 May 2024 11:42:07 GMT
access-control-allow-private-network: true
x-amz-request-id: DHM0PHSJE196SC5F
x-amz-server-side-encryption: AES256
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=31536000;includeSubdomains
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
content-length: 378379
x-amz-id-2: cCwRkevor3Z6/3CTs/sJo+VwDPMfH/VBuoP0IrdXP4fMfYlcGmItMfYHNDglwvSKInxnkYqANw0=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 05 Jul 2023 12:57:25 GMT
etag: "e702d40fc18d32aa4fe3d49a5f098898"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=22287911
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 walkme_config_4a6670249c554a9e962bfdc7344e2ea3.js
cdn.walkme.com/users/e451ae027c83467bb6cb3b559a24c29e/test/ 5 KB
3 KB 154ms
154ms Script
application/javascript 23.207.110.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.walkme.com/users/e451ae027c83467bb6cb3b559a24c29e/test/walkme_config_4a6670249c554a9e962bfdc7344e2ea3.js

Requested by

Host: cdn.walkme.com
URL: https://cdn.walkme.com/users/e451ae027c83467bb6cb3b559a24c29e/test/walkme_e451ae027c83467bb6cb3b559a24c29e_https.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.207.110.35 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-207-110-35.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000;includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://qa.banking.moodysanalytics.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: Zsx2dJLMEE0U3rlUwQrks9eZDncWb4Z8
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 18 May 2024 11:42:07 GMT
access-control-allow-private-network: true
x-amz-request-id: SPMMYWJ3PD4V4QCX
x-amz-server-side-encryption: AES256
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=31536000;includeSubdomains
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
content-length: 2013
x-amz-id-2: qYjpnSAbcCfttuYd18HaqNOtIAhBeLaB5CHXUPrYVvkgM5ngKszfJ/CH3c11KoZwMBUPWJ5mK5I=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 12 Jul 2023 19:16:31 GMT
etag: "c30427ce0a39e3119c692025a8fc6446"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=30027525
accept-ranges: bytes
timing-allow-origin: *

GET api.js
www.recaptcha.net/recaptcha/ 0
0

GET okta-sign-in.min.js
ok14static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.18.0/js/ 0
0

GET okta-sign-in.min.css
ok14static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.18.0/css/ 0
0

GET custom-signin.73947dcedbe30f708373f1b3405f6417.css
ok14static.oktacdn.com/assets/loginpage/css/ 0
0

GET SignIn.css
okta-login-chiclet.s3.amazonaws.com/css/ 0
0

GET default.6770228fb0dab49a1695ef440a5279bb.png
ok14static.oktacdn.com/assets/img/logos/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: qa.banking.moodysanalytics.net
URL: https://qa.banking.moodysanalytics.net/federatedlogin?referrerurl=https%3A%2F%2Fqa.quiqspread.moodysanalytics.net%2F

Domain: qa.banking.moodysanalytics.net
URL: https://qa.banking.moodysanalytics.net/federatedlogin?referrerurl=https%3A%2F%2Fqa.quiqspread.moodysanalytics.net%2F

Domain: qa.banking.moodysanalytics.net
URL: https://qa.banking.moodysanalytics.net/federatedlogin?referrerurl=https%3A%2F%2Fqa.quiqspread.moodysanalytics.net%2F

Domain: stg.moodys.com
URL: https://stg.moodys.com/mfe/mdc-gateway-drawer/build/mdc-gateway-drawer.js

Domain: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js?render=6LcUeO0jAAAAAFYeIFwINXUWVm31XXrnrExKqbTc

Domain: ok14static.oktacdn.com
URL: https://ok14static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.18.0/js/okta-sign-in.min.js

Domain: ok14static.oktacdn.com
URL: https://ok14static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.18.0/css/okta-sign-in.min.css

Domain: ok14static.oktacdn.com
URL: https://ok14static.oktacdn.com/assets/loginpage/css/custom-signin.73947dcedbe30f708373f1b3405f6417.css

Domain: okta-login-chiclet.s3.amazonaws.com
URL: https://okta-login-chiclet.s3.amazonaws.com/css/SignIn.css

Domain: ok14static.oktacdn.com
URL: https://ok14static.oktacdn.com/assets/img/logos/default.6770228fb0dab49a1695ef440a5279bb.png

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.moodysanalytics.net/	1970-01-20 20:40:34	Name: _hp2_ses_props.2200169407 Value: %7B%22r%22%3A%22https%3A%2F%2Fqa.quiqspread.moodysanalytics.net%2F%22%2C%22ts%22%3A1716032526122%2C%22d%22%3A%22qa.banking.moodysanalytics.net%22%2C%22h%22%3A%22%2Ffederatedlogin%22%2C%22q%22%3A%22%3Freferrerurl%3Dhttps%253A%252F%252Fqa.quiqspread.moodysanalytics.net%252F%22%7D
.moodysanalytics.net/	1970-01-21 06:08:30	Name: _hp2_id.2200169407 Value: %7B%22userId%22%3A%224084961100469244%22%2C%22pageviewId%22%3A%226210192052805514%22%2C%22sessionId%22%3A%22954285252452164%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
.stg.moodys.com/	1970-01-20 20:40:34	Name: __cf_bm Value: 7_f0dusgVaHc1TV5_Llt4Z_pwoYMsdw9GXTohBWq9hc-1716032526-1.0.1.1-WiVmwp7Eqx3BE_JLNtY4.zU2Ae522b_pooqtjQ5BDprwfh4_lmm7hxrq9mXGSZi2t6Iu3tsOzXWugR7tjQYW4Q

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://qa-api.sso.moodysanalytics.net/sso-api/auth/ssotoken Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://qa-api.sso.moodysanalytics.net/sso-api/auth/ssotoken Message: Failed to load resource: the server responded with a status of 401 ()
other	warning	URL: https://qa.banking.moodysanalytics.net/federatedlogin?referrerurl=https:%2F%2Fqa.quiqspread.moodysanalytics.net%2F Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://qa-api.sso.moodysanalytics.net/sso-api/auth/ssotoken Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://qa-api.sso.moodysanalytics.net/sso-api/auth/ssotoken Message: Failed to load resource: the server responded with a status of 401 ()
security	error	URL: https://stg-login.moodysanalytics.com/login/login.htm?fromURI=%2Fapp%2Fstg-moodysanalytics_ssov2saml_1%2FexkcdvlzsyuBISSdY697%2Fsso%2Fsaml%3FSAMLRequest%3DfVJbT8IwGH33Vyx9724M2Ro2gxoTEnwRMNEX8tEVqG7t7Neh89dbBhj1wZeml3P5ck7HVx915e2FQalVTiI%252FJJ5QXJdSbXOyXNzRlFwVF2OEuoobNmntTj2It1ag9SaIwljHu9EK21qYuTB7ycXyYZaTnbUNsiDgoMB0FBzR75cW6btj09iHGj6189oqabXPdR30LoEsGyOwcaKCeLcOKxXYfryzKNotrfRWKr%252FWuuzQeVSdlRx7FWiaHvHnbYWo9%252FHBYhUF4uOVl%252FvqE7v2ejqfl0%252BX2ShwgH4E4k1vc7IahEkKWTakack3NMmylKZw6XawXosYBqNEJA6K2IqpQgvK5iQO44SGQxqliyhiSczCzA8Hw2fiPZ4zjg8Zu9QVsmOqOWmNYhpQIlNQC2SWs%252FnkfsYclDVGW811RYpjCaw3NN6dNjXY%252F7mHG1nSTQ9lQllpu1%252Fe%252F9PhXDApDrBjX%252BxUGMOGfXe52rXrCs3mRY6Dn1MWp%252BPvn1N8AQ%253D%253D%26RelayState%3DH4sIAAAAAAAAAD1R2ZLaMBD8Fz0jY8uneFtMWCAhy8acm0pRkiVj4UPGkjGQyr9HbFXyouma7ulR9fwGBIxAp2DPlYbomHe0VG12FmAAqGGUklcElT5BWWhimqlpEtacCu27HaNNfkW5DHDWnqv8bHhm-FzrRo2Gw1KeRG1VpIEpqUl7tyop2V1ZqayGknQ6R8OrM8w44y3R3IjKkpK0MC7cuKSScQMzA5OX5TcDT2D0E5D-aXCqhZaWEqbWVqd4axFWifo5WhFRmiobXgtmQJPL-mnUtDITJQe_BiA3npgiP4hQAFPmYOg5fgAxZTak2HZYhDyf0tRMFUY6m_YinBCRPGbZbsPI-oZex_2PmDdJMfnovf7Kj-VFbQ7x9fZW6_Cm4qU9iZz1frkt-ixpy9l21fpLMd2L-7l2vl_gmWw3pJgVyXzp36fj7U6vmrH78bqV8J68d_HXN3dxucQLH6W7L3Qx3p_7VezMl2varET3mOv3-cuk2x2kUz_KU5_MH-MiP0w98-Pymd1n3vCZsfX5_L-wRSrykPW_BM0pzEgFRk7oBLaLfIRNUmCUkVLxAWiNV8idIHRxAF3fY9CjEYfYtxHEge0znBEnRM-12kiPru1FBGMfRizNoIdxBCMSGEQo5Yi4occ98Ocvo5MAOXUCAAA.H4sIAAAAAAAAAPNR5XCZHWZav2WyktRLPvvv56eecLY9d3Hxk1cHO8LZMqoAIcAcMCAAAAA.3 Message: [Report Only] Refused to load the script 'https://www.recaptcha.net/recaptcha/api.js?render=6LcUeO0jAAAAAFYeIFwINXUWVm31XXrnrExKqbTc' because it violates the following Content Security Policy directive: "script-src 'unsafe-inline' 'unsafe-eval' 'self' stg-moodysanalytics.okta.com stg-login.moodysanalytics.com *.oktacdn.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self' https: .moodysanalytics.net; font-src 'self' https: .moodysanalytics.net .walkme.com .googleapis.com .gstatic.com data:; img-src 'self' https: .moodysanalytics.net .dtn.com .walkme.com s3.walkmeusercontent.com d3sbxpiag177w8.cloudfront.net data: blob:; style-src 'self' 'unsafe-inline' https: .moodysanalytics.net .walkme.com .googleapis.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: .moodysanalytics.net .dtn.com .walkme.com .googleapis.com .heapanalytics.com; frame-src 'self' https: .walkme.com; worker-src 'self' blob: ; connect-src https: wss: .moodysanalytics.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

canary-auth.auth.us-west-2.amazoncognito.com
cdn.heapanalytics.com
cdn.walkme.com
fonts.googleapis.com
fonts.gstatic.com
heapanalytics.com
login.map-canary.moodys.com
ok14static.oktacdn.com
okta-login-chiclet.s3.amazonaws.com
qa-api.sso.moodysanalytics.net
qa-auth.rafa.moodysanalytics.net
qa.banking.moodysanalytics.net
qa.quiqspread.moodysanalytics.net
qa.webcomponents.moodysanalytics.net
stg-login.moodysanalytics.com
stg.moodys.com
www.recaptcha.net
ok14static.oktacdn.com
okta-login-chiclet.s3.amazonaws.com
qa.banking.moodysanalytics.net
stg.moodys.com
www.recaptcha.net
13.32.27.5
18.244.18.40
23.207.110.35
2600:1f14:917:5701:3d62:1e13:8cab:d2ee
2600:9000:235a:a600:1:bff1:b00:93a1
2600:9000:2490:6400:1b:9558:2140:93a1
2606:4700:4400::6812:2bca
2a00:1450:4001:80b::200a
2a00:1450:4001:831::2003
34.225.48.49
54.189.123.176
54.68.12.220
76.223.112.12
28416318d535c7f5a1e104073147cb4f5b6ecf567a47ac7fefbe04b9e97623cd
349b6dfbf445be0730c47e42981c60573d02b906eee9a1cdf04c3140ce92a7df
3ecde4cedad90eeabd3a82b8d6c48491275048a91fcd2a98020b3189325e4e31
50dcb4909a55e546015eb1ae8166fdbb766575b07122a95d573c7217b822a9f7
55f7caf3c62664ad127b14e1aaacce102d1617de59755f665ded1774af301439
657441cdebca95ae1b225ba7e33b7850737d1d075a666ca928f3c1ef507b29fd
69f558c50fd0875c29d69425f314b5e367ae5029b6f9aa5bd5ae2ca7f2e018db
6b35c4c36a5d864095fe0b92858ca27984d266e2023edb3ee2ea34a3bedb2d83
6b47b3917c4feef8987cc2975e40f35ad4289a437eb9e9cab98f67fc58e39409
72314fdda8c489ed53881a99b42ab4f6d60254bcee5c78079985c39b80820ce8
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
8b87866e12fbe30abc905fc3e57b2f5864dffee46a335d65e81b81435677927f
92ec95e67445b09853141cfe20f2d267bf24bf23f8da8fe77647db168cf62caf
ae9d0912b9e5adb4f3f852f67bcd31c96bcae0c4cdeadde200985489f3709254
b695db41cd42937c0fdd9b52f83cf2064ffb63bcf0cabbf2e6e2503884b560fe
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

stg-login.moodysanalytics.com Open in urlscan Pro 76.223.112.12 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

49 Requests

80 %HTTPS

46 %IPv6

11 Domains

17 Subdomains

11 IPs

3 Countries

9770 kBTransfer

11276 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

stg-login.moodysanalytics.com Open in urlscan Pro
76.223.112.12 Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

80 %
HTTPS

46 %
IPv6

11
Domains

17
Subdomains

11
IPs

3
Countries

9770 kB
Transfer

11276 kB
Size

3
Cookies

49 HTTP transactions
0 data transactions