urlscan.io logo urlscan.io
SecurityTrails logo

login.microsoftonline.com Open in urlscan Pro
20.190.159.68  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://travelex.employee.eu.people-doc.com/requests/9c3d5107-2f6e-4362-8eda-00219d153805
Effective URL: https://login.microsoftonline.com/8b7af355-f664-486c-abed-deb79d19e86d/saml2?SAMLRequest=tVNLc9sgEL77V2h0x3pZssTYnnHjPjzj2prY7aGXz...
Submission Tags: falconsandbox
Submission: On December 13 via api from US — Scanned from IL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 9 domains to perform 34 HTTP transactions. The main IP is 20.190.159.68, located in Dublin, Ireland and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.microsoftonline.com. The Cisco Umbrella rank of the primary domain is 10.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on August 31st 2024. Valid for: 6 months.
This is the only time login.microsoftonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
18 104.18.175.228 13335 (CLOUDFLAR...)
3 13.35.58.113 16509 (AMAZON-02)
1 13.33.219.205 16509 (AMAZON-02)
1 1 104.17.95.157 13335 (CLOUDFLAR...)
1 1 104.18.35.183 13335 (CLOUDFLAR...)
2 20.190.159.68 8075 (MICROSOFT...)
2 34.149.135.19 396982 (GOOGLE-CL...)
1 13.107.253.45 ()
3 152.199.21.175 ()
34 8
18    104.18.175.228 (None, )

ASN13335 (CLOUDFLARENET, US)
travelex.employee.eu.people-doc.com
3    13.35.58.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-58-113.fra60.r.cloudfront.net
sdk.privacy-center.org
1    13.33.219.205 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-219-205.fra60.r.cloudfront.net
www.datadoghq-browser-agent.com
1    104.17.95.157 (None, )

ASN13335 (CLOUDFLARENET, US)
travelex.requests.eu.people-doc.com
1    104.18.35.183 (None, )

ASN13335 (CLOUDFLARENET, US)
novaauth.safe-access.com
2    20.190.159.68 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com
2    34.149.135.19 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 19.135.149.34.bc.googleusercontent.com
browser-intake-datadoghq.eu
1    13.107.253.45 (None, )

ASN- ()
aadcdn.msauth.net
3    152.199.21.175 (None, )

ASN- ()
aadcdn.msftauth.net
Apex Domain
Subdomains		 Transfer
19 people-doc.com
travelex.employee.eu.people-doc.com
travelex.requests.eu.people-doc.com
2 MB
3 msftauth.net
aadcdn.msftauth.net Failed
49 KB
3 privacy-center.org
sdk.privacy-center.org — Cisco Umbrella Rank: 4542
155 KB
2 browser-intake-datadoghq.eu
browser-intake-datadoghq.eu — Cisco Umbrella Rank: 8807
340 B
2 microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 10
19 KB
1 msauth.net
aadcdn.msauth.net
20 KB
1 safe-access.com
novaauth.safe-access.com — Cisco Umbrella Rank: 554585
1 KB
1 datadoghq-browser-agent.com
www.datadoghq-browser-agent.com — Cisco Umbrella Rank: 1279
13 KB
0 live.com Failed
login.live.com Failed
34 9
Domain Requested by
18 travelex.employee.eu.people-doc.com travelex.employee.eu.people-doc.com
3 aadcdn.msftauth.net login.microsoftonline.com
3 sdk.privacy-center.org travelex.employee.eu.people-doc.com
sdk.privacy-center.org
2 browser-intake-datadoghq.eu travelex.employee.eu.people-doc.com
2 login.microsoftonline.com travelex.employee.eu.people-doc.com
aadcdn.msftauth.net
1 aadcdn.msauth.net login.microsoftonline.com
1 novaauth.safe-access.com 1 redirects
1 travelex.requests.eu.people-doc.com 1 redirects
1 www.datadoghq-browser-agent.com travelex.employee.eu.people-doc.com
0 login.live.com Failed login.microsoftonline.com
34 10

This site contains no links.

Subject Issuer Validity Valid
*.employee.eu.people-doc.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-06-21 -
2025-06-20		 a year crt.sh
*.privacy-center.org
Amazon RSA 2048 M03		 2024-03-10 -
2025-04-07		 a year crt.sh
*.datadoghq-browser-agent.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-30 -
2025-08-03		 a year crt.sh
stamp2.login.microsoftonline.com
DigiCert SHA2 Secure Server CA		 2024-08-31 -
2025-02-28		 6 months crt.sh
*.browser-intake-datadoghq.eu
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-30 -
2025-08-03		 a year crt.sh
aadcdn.msauth.net
DigiCert SHA2 Secure Server CA		 2024-10-29 -
2025-10-29		 a year crt.sh
aadcdn.msftauth.net
DigiCert SHA2 Secure Server CA		 2024-05-25 -
2025-05-25		 a year crt.sh

This page contains 1 frames:

Primary Page: https://login.microsoftonline.com/8b7af355-f664-486c-abed-deb79d19e86d/saml2?SAMLRequest=tVNLc9sgEL77V2h0x3pZssTYnnHjPjzj2prY7aGXzAqWhBkJVEBu8%2B8jlLZpDs2t3Fj2e%2FAtrCx0bU%2B3g3tQt%2Fh9QOtmQfCza5Wl09E6HIyiGqy0VEGHljpGz9vPB5rOY9ob7TTTbfgK9DYGrEXjpFYetN%2Btw9Px%2FeH0cX%2B8yxreiCYWWVXmi5I3kAkBUKV5k%2BQsQ4CkSpkQiQd%2BRWNHjnU4Uvp9ENRGXyVHcxwV12GNum9xp1lwrichawfcK%2BtAuREUpwuSpCTJLklMs4zGy2%2B%2BazfeXypwE%2FODc72lUdTqe6nmnWRGWy2cVq1UOGe6i8pmCSLLcyKKYkEWZcEINMgJx2ZZ8aTCsuCRTyT15PWvsN5JxaW6fzul5rnJ0k%2BXS03q0%2FniKba%2Fs7vRyg4dmjOaq2T45fbw4lfpK8A40LkFgQQYQ2snu95JZPuIZXnB8oyR0jteLKEkVRELMmabcQZNXpXZHXZ9qx8RI2A2CjdTxCvPQKcozeY%2FyXXogIODaBX9rfai31M%2F4f2u1q1kj1Pdrw%2FadOD%2BHWoyT6aK5ERMrXRQtkcmhUQe%2FqHZtq3%2BcWMQ3PiInBkwDKLNbPZs5vVH2TwB&RelayState=https%3A%2F%2Ftravelex.requests.eu.people-doc.com%2Femployee%2Flogin%2Fcheck%2F%3Flocale%3Den-gb%26next%3D%2Femployee%2Fleap%2Frequests%2F9c3d5107-2f6e-4362-8eda-00219d153805&Signature=yBmCOuycVLCZ0JX9QdtoRWobMs5BGFP6UfoXRGKpN19GII5geL9R%2F19PNNQIB7RNFSJzwfhGnZ6kVXDl1EerlUpnlFoh2VDOJfM5VzbGuCvzpal9IDWW8Ng9B8vRwS5DmCa7rFBp4s39uWAK3eqk61nUqNtP1BI5tCYeXhxDjTg0VJ117sbT4Nkv8VITqwUJIAEkwzR4a5BHrvQMJd6ZnfO9mio9MG%2BHm0QmcZHyzlDWOYVsrSXAlmqZFN3xlFMsD1bYWmkgIn1kKFDvj0P2J%2Fc7MjCyXLxqmkY5r%2FJf7AcFKTya1g%2ByljEqXxDho7LaADZdrsk7kFqiymknL%2FiqLA%3D%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256
Frame ID: 0DFFDA81B7F80CEBF307EAC2F9629489
Requests: 34 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

היכנס לחשבון שלך

Page URL History Show full URLs

  1. https://travelex.employee.eu.people-doc.com/requests/9c3d5107-2f6e-4362-8eda-00219d153805 Page URL
  2. https://travelex.requests.eu.people-doc.com/employee/login/check/?locale=en-gb&next=%2Femployee%2Fleap%2Frequests%2F9c3d... HTTP 302
    https://novaauth.safe-access.com/session/?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuZXh0IjoiaHR0cHM6Ly90cm... HTTP 302
    https://login.microsoftonline.com/8b7af355-f664-486c-abed-deb79d19e86d/saml2?SAMLRequest=tVNLc9sgEL77V2h0x3pZs... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • sdk\.privacy-center\.org/.*/loader\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

34
Requests

88 %
HTTPS

0 %
IPv6

9
Domains

10
Subdomains

8
IPs

3
Countries

2713 kB
Transfer

12748 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://travelex.employee.eu.people-doc.com/requests/9c3d5107-2f6e-4362-8eda-00219d153805 Page URL
  2. https://travelex.requests.eu.people-doc.com/employee/login/check/?locale=en-gb&next=%2Femployee%2Fleap%2Frequests%2F9c3d5107-2f6e-4362-8eda-00219d153805 HTTP 302
    https://novaauth.safe-access.com/session/?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuZXh0IjoiaHR0cHM6Ly90cmF2ZWxleC5yZXF1ZXN0cy5ldS5wZW9wbGUtZG9jLmNvbS9lbXBsb3llZS9sb2dpbi9jaGVjay8_bG9jYWxlPWVuLWdiJm5leHQ9L2VtcGxveWVlL2xlYXAvcmVxdWVzdHMvOWMzZDUxMDctMmY2ZS00MzYyLThlZGEtMDAyMTlkMTUzODA1Iiwic2NvcGUiOiJjMzU2YzUzYy04ODZjLTQ3YTgtOTYwZi1jZmYzZGNhYjU5ODNfZW1wbG95ZWUiLCJuZXh0X2ZhaWwiOiJodHRwczovL3RyYXZlbGV4LnJlcXVlc3RzLmV1LnBlb3BsZS1kb2MuY29tL2VtcGxveWVlL2xvZ2luL2NoZWNrLz9sb2NhbGU9ZW4tZ2ImbmV4dD0vZW1wbG95ZWUvbGVhcC9yZXF1ZXN0cy85YzNkNTEwNy0yZjZlLTQzNjItOGVkYS0wMDIxOWQxNTM4MDUiLCJqdGkiOiI2NDM3OTFmNy0wMDdhLTQ0ZTYtYmQ3Yi1hM2YwMTMyMjMyMDgifQ.JQDU3uNptAVy5oxN2NPnwK-2XNkMX9N-jXXOx9n5xQI HTTP 302
    https://login.microsoftonline.com/8b7af355-f664-486c-abed-deb79d19e86d/saml2?SAMLRequest=tVNLc9sgEL77V2h0x3pZssTYnnHjPjzj2prY7aGXzAqWhBkJVEBu8%2B8jlLZpDs2t3Fj2e%2FAtrCx0bU%2B3g3tQt%2Fh9QOtmQfCza5Wl09E6HIyiGqy0VEGHljpGz9vPB5rOY9ob7TTTbfgK9DYGrEXjpFYetN%2Btw9Px%2FeH0cX%2B8yxreiCYWWVXmi5I3kAkBUKV5k%2BQsQ4CkSpkQiQd%2BRWNHjnU4Uvp9ENRGXyVHcxwV12GNum9xp1lwrichawfcK%2BtAuREUpwuSpCTJLklMs4zGy2%2B%2BazfeXypwE%2FODc72lUdTqe6nmnWRGWy2cVq1UOGe6i8pmCSLLcyKKYkEWZcEINMgJx2ZZ8aTCsuCRTyT15PWvsN5JxaW6fzul5rnJ0k%2BXS03q0%2FniKba%2Fs7vRyg4dmjOaq2T45fbw4lfpK8A40LkFgQQYQ2snu95JZPuIZXnB8oyR0jteLKEkVRELMmabcQZNXpXZHXZ9qx8RI2A2CjdTxCvPQKcozeY%2FyXXogIODaBX9rfai31M%2F4f2u1q1kj1Pdrw%2FadOD%2BHWoyT6aK5ERMrXRQtkcmhUQe%2FqHZtq3%2BcWMQ3PiInBkwDKLNbPZs5vVH2TwB&RelayState=https%3A%2F%2Ftravelex.requests.eu.people-doc.com%2Femployee%2Flogin%2Fcheck%2F%3Flocale%3Den-gb%26next%3D%2Femployee%2Fleap%2Frequests%2F9c3d5107-2f6e-4362-8eda-00219d153805&Signature=yBmCOuycVLCZ0JX9QdtoRWobMs5BGFP6UfoXRGKpN19GII5geL9R%2F19PNNQIB7RNFSJzwfhGnZ6kVXDl1EerlUpnlFoh2VDOJfM5VzbGuCvzpal9IDWW8Ng9B8vRwS5DmCa7rFBp4s39uWAK3eqk61nUqNtP1BI5tCYeXhxDjTg0VJ117sbT4Nkv8VITqwUJIAEkwzR4a5BHrvQMJd6ZnfO9mio9MG%2BHm0QmcZHyzlDWOYVsrSXAlmqZFN3xlFMsD1bYWmkgIn1kKFDvj0P2J%2Fc7MjCyXLxqmkY5r%2FJf7AcFKTya1g%2ByljEqXxDho7LaADZdrsk7kFqiymknL%2FiqLA%3D%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
9c3d5107-2f6e-4362-8eda-00219d153805
travelex.employee.eu.people-doc.com/requests/ 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://travelex.employee.eu.people-doc.com/requests/9c3d5107-2f6e-4362-8eda-00219d153805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.175.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ced7cdfc247adbb8e7b7de29a4b32063de5842087df54bc6783dcce6234ef84
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
max-age=0, no-cache
cf-cache-status
DYNAMIC
cf-ray
8f154b2d7a3d7d98-TLV
content-encoding
gzip
content-type
text/html
date
Fri, 13 Dec 2024 10:33:02 GMT
last-modified
Wed, 09 Oct 2024 12:13:40 GMT
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
strict-transport-security
max-age=15552000
x-amz-id-2
VMTy7nLbwGWxv282IuedKBDtLmAVLxbvTO8vwu1yLMaffzvyDRxXUtAdY0SEPIVpRnYL4fFdpKXRgyn4orj0IQ==
x-amz-request-id
AJ4SNQKW6JE91A1F
x-frame-options
SAMEORIGIN
vendor-76b932b493f7ea3c976f0bbcbf832acc.css
travelex.employee.eu.people-doc.com/assets/ 		85 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://travelex.employee.eu.people-doc.com/assets/vendor-76b932b493f7ea3c976f0bbcbf832acc.css
Requested by
Host: travelex.employee.eu.people-doc.com
URL: https://travelex.employee.eu.people-doc.com/requests/9c3d5107-2f6e-4362-8eda-00219d153805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.175.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
097ee3b74108ecdf0ad25276330ffd095a1465c7920ca2add851cffebc122724
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://travelex.employee.eu.people-doc.com/requests/9c3d5107-2f6e-4362-8eda-00219d153805

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"c761d157f460ad24e225af48ac694ba2"
expires
Sun, 13 Dec 2026 10:33:02 GMT
date
Fri, 13 Dec 2024 10:33:02 GMT
content-type
text/css; charset=utf-8
last-modified
Wed, 09 Oct 2024 12:13:32 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
x-amz-id-2
9evq2TGZomsYpU+M53m6YBjH3fu9Bei6qPTfasxBNYaspSEvomePgaOsTwUzMqcNH+Jris56C4k=
strict-transport-security
max-age=15552000
cache-control
public, max-age=63072000
referrer-policy
strict-origin-when-cross-origin
x-amz-request-id
6V8FJ3QQ5ZGERP37
cf-ray
8f154b2faca17d98-TLV
accept-ranges
bytes
content-length
7894
server
cloudflare
employee-2f244c0924782fbc9621fe6006c2e2cb.css
travelex.employee.eu.people-doc.com/assets/ 		68 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://travelex.employee.eu.people-doc.com/assets/employee-2f244c0924782fbc9621fe6006c2e2cb.css
Requested by
Host: travelex.employee.eu.people-doc.com
URL: https://travelex.employee.eu.people-doc.com/requests/9c3d5107-2f6e-4362-8eda-00219d153805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.175.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4018db5a035ac72f98fa66929fb85372eb5937e955566741c8542854902ae08
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://travelex.employee.eu.people-doc.com/requests/9c3d5107-2f6e-4362-8eda-00219d153805

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"dbb4bec9ea8d754c6dfe9d68706ff432"
expires
Sun, 13 Dec 2026 10:33:02 GMT
date
Fri, 13 Dec 2024 10:33:02 GMT
content-type
text/css; charset=utf-8
last-modified
Wed, 09 Oct 2024 12:13:32 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
x-amz-id-2
UjHT4iOnKhbx5EORV+2pm18cbmSdJ0afJAQ66VIpn6HdKpR7WgDp8c49V8Asf7St61Po8ZFI3Cw=
strict-transport-security
max-age=15552000
cache-control
public, max-age=63072000
referrer-policy
strict-origin-when-cross-origin
x-amz-request-id
6V86JVKJP5C4F0WA
cf-ray
8f154b2faca27d98-TLV
accept-ranges
bytes
content-length
10793
server
cloudflare
ignite.esm-76b2f45574dd561f63937c7515b001f3.js
travelex.employee.eu.people-doc.com/assets/ignite/ 		61 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://travelex.employee.eu.people-doc.com/assets/ignite/ignite.esm-76b2f45574dd561f63937c7515b001f3.js
Requested by
Host: travelex.employee.eu.people-doc.com
URL: https://travelex.employee.eu.people-doc.com/requests/9c3d5107-2f6e-4362-8eda-00219d153805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.175.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8de91620bf5b3d2d83ab83b991ff390d6bbe9767a780eb17ae3d01ad436a2c7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://travelex.employee.eu.people-doc.com
Referer
https://travelex.employee.eu.people-doc.com/requests/9c3d5107-2f6e-4362-8eda-00219d153805

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"06ba9ed6397d97a281187380266351a7"
expires
Sun, 13 Dec 2026 10:33:02 GMT
date
Fri, 13 Dec 2024 10:33:02 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 09 Oct 2024 12:13:36 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
x-amz-id-2
kvxxPFbP+zQ8o5poTzIUxGb4woTucaYFKBek9zKtEAeoc/mLm5hBp0XJAdV/bfnVV7TgzJe6KNg=
strict-transport-security
max-age=15552000
cache-control
public, max-age=63072000
referrer-policy
strict-origin-when-cross-origin
x-amz-request-id
8YHSJDNQ2KY12QVD
cf-ray
8f154b2faca67d98-TLV
accept-ranges
bytes
content-length
15388
server
cloudflare
ignite-fonts-noto-hinted-cdn-f5823efc0053194eb5d72ca3a9690b3b.css
travelex.employee.eu.people-doc.com/assets/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://travelex.employee.eu.people-doc.com/assets/ignite-fonts-noto-hinted-cdn-f5823efc0053194eb5d72ca3a9690b3b.css
Requested by
Host: travelex.employee.eu.people-doc.com
URL: https://travelex.employee.eu.people-doc.com/requests/9c3d5107-2f6e-4362-8eda-00219d153805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.175.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3391a17bb1cd96a3e55221c2c3d4fa9212f8e2987925b2993202d0528868d9cd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://travelex.employee.eu.people-doc.com/requests/9c3d5107-2f6e-4362-8eda-00219d153805

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"3dffbd8a5023e8f11d4c7637ee0d3221"
expires
Sun, 13 Dec 2026 10:33:02 GMT
date
Fri, 13 Dec 2024 10:33:02 GMT
content-type
text/css; charset=utf-8
last-modified
Wed, 09 Oct 2024 12:13:32 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
x-amz-id-2
i6bxQbBXqJhjJH3nyDSGXUVasCiAWXzS0DXj6qtsCOTx2FqlkmvyPOIDkjn/+ii9pl6pK7l1SH8=
strict-transport-security
max-age=15552000
cache-control
public, max-age=63072000
referrer-policy
strict-origin-when-cross-origin
x-amz-request-id
6V80CRJ2J98NMQYX
cf-ray
8f154b2faca47d98-TLV
accept-ranges
bytes
content-length
909
server
cloudflare
ignite-fonts-volte-cdn-71e49ca272efe450d18a0baf5c83502c.css
travelex.employee.eu.people-doc.com/assets/ 		1 KB
533 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://travelex.employee.eu.people-doc.com/assets/ignite-fonts-volte-cdn-71e49ca272efe450d18a0baf5c83502c.css
Requested by
Host: travelex.employee.eu.people-doc.com
URL: https://travelex.employee.eu.people-doc.com/requests/9c3d5107-2f6e-4362-8eda-00219d153805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.175.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7de94207612e62e80367e6ea351588aca101e2b044afda4e09b49d4a87c1d70
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://travelex.employee.eu.people-doc.com/requests/9c3d5107-2f6e-4362-8eda-00219d153805

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"05c6e7fbc8096e8939e8c047773118f7"
expires
Sun, 13 Dec 2026 10:33:02 GMT
date
Fri, 13 Dec 2024 10:33:02 GMT
content-type
text/css; charset=utf-8
last-modified
Wed, 09 Oct 2024 12:13:32 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
x-amz-id-2
50fMKkL7jw/RB74nVziMyyKufhLhjeRfuaSyuwe/G/bIoHHTNOKowMkR+o/bfBeonvt+CFFo+Qg=
strict-transport-security
max-age=15552000
cache-control
public, max-age=63072000
referrer-policy
strict-origin-when-cross-origin
x-amz-request-id
EEXCTG7DPZSMASWZ
cf-ray
8f154b2faca57d98-TLV
accept-ranges
bytes
content-length
357
server
cloudflare
vendor-1d4b485f67a541ee51f006c5cecf5983.js
travelex.employee.eu.people-doc.com/assets/ 		3 MB
832 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://travelex.employee.eu.people-doc.com/assets/vendor-1d4b485f67a541ee51f006c5cecf5983.js
Requested by
Host: travelex.employee.eu.people-doc.com
URL: https://travelex.employee.eu.people-doc.com/requests/9c3d5107-2f6e-4362-8eda-00219d153805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.175.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddb69a7a8b436ab4a680a54d97ed8848b15d8fc52f10f67f3edee465df2d65c9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://travelex.employee.eu.people-doc.com/requests/9c3d5107-2f6e-4362-8eda-00219d153805

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"e676bf383f8759c0b0f76f3006a683e2"
expires
Sun, 13 Dec 2026 10:33:02 GMT
date
Fri, 13 Dec 2024 10:33:02 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 09 Oct 2024 12:13:33 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
x-amz-id-2
ejYAnF0PdlEsYvheaLsrq3gAaBrG0rKYG77ffP5IAs46S1nCTPmNqOBhM8TIk7xBvMAoUJNNAOQ=
strict-transport-security
max-age=15552000
cache-control
public, max-age=63072000
referrer-policy
strict-origin-when-cross-origin
x-amz-request-id
8YHT3P0H6HBFMTEG
cf-ray
8f154b2faca87d98-TLV
accept-ranges
bytes
content-length
850594
server
cloudflare
chunk.725.21f36be1d12fca761186.js
travelex.employee.eu.people-doc.com/assets/ 		6 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://travelex.employee.eu.people-doc.com/assets/chunk.725.21f36be1d12fca761186.js
Requested by
Host: travelex.employee.eu.people-doc.com
URL: https://travelex.employee.eu.people-doc.com/requests/9c3d5107-2f6e-4362-8eda-00219d153805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.175.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
009f2974bf7925502a241af43f77bc77249a6c4b55ab89a74c1aef6a717cd91d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://travelex.employee.eu.people-doc.com/requests/9c3d5107-2f6e-4362-8eda-00219d153805

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"11f6298c34a79b42086da2666441e59f"
expires
Sun, 13 Dec 2026 10:33:02 GMT
date
Fri, 13 Dec 2024 10:33:02 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 09 Oct 2024 12:13:32 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
x-amz-id-2
WlBCMDB24dr1cMomoOfBVrhobMijC+hCc/88jWHCxoYGkPCRs8fLP7y4Vn3E37yWI7q7TCQvfYw=
strict-transport-security
max-age=15552000
cache-control
public, max-age=63072000
referrer-policy
strict-origin-when-cross-origin
x-amz-request-id
6V8F0DR8G9VCDNVW
cf-ray
8f154b2faca97d98-TLV
accept-ranges
bytes
content-length
1179133
server
cloudflare
chunk.143.4b7966a547ceb84dd66b.js
travelex.employee.eu.people-doc.com/assets/ 		27 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://travelex.employee.eu.people-doc.com/assets/chunk.143.4b7966a547ceb84dd66b.js
Requested by
Host: travelex.employee.eu.people-doc.com
URL: https://travelex.employee.eu.people-doc.com/requests/9c3d5107-2f6e-4362-8eda-00219d153805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.175.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fadc22e03ef27f662d090ee73c54bf3c8801bfa6e73470a5a3c7f6d91f36c25c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://travelex.employee.eu.people-doc.com/requests/9c3d5107-2f6e-4362-8eda-00219d153805

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"e647dc924f1bdaf06b9ba21dcc9f49d7"
expires
Sun, 13 Dec 2026 10:33:02 GMT
date
Fri, 13 Dec 2024 10:33:02 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 09 Oct 2024 12:13:32 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
x-amz-id-2
RDpSh7Bubabkz0Gk75zjv6fbodLnLOz0CiNTKuYqtZU6Wz3ylLMhrfjBMIDe4ll4PpxXbJeBTG8=
strict-transport-security
max-age=15552000
cache-control
public, max-age=63072000
referrer-policy
strict-origin-when-cross-origin
x-amz-request-id
6V8BR8PCGF7FG8WP
cf-ray
8f154b2facaa7d98-TLV
accept-ranges
bytes
content-length
4786
server
cloudflare
employee-ad33cfb6df5da62317e6f0e564cafc11.js
travelex.employee.eu.people-doc.com/assets/ 		903 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://travelex.employee.eu.people-doc.com/assets/employee-ad33cfb6df5da62317e6f0e564cafc11.js
Requested by
Host: travelex.employee.eu.people-doc.com
URL: https://travelex.employee.eu.people-doc.com/requests/9c3d5107-2f6e-4362-8eda-00219d153805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.175.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf524d9e550d23d14bd421fdfe7c5fd6370cf09f5c844cb3783e26df2c855771
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://travelex.employee.eu.people-doc.com/requests/9c3d5107-2f6e-4362-8eda-00219d153805

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"6f9cb73f1ee57ac695af36f2291c6108"
expires
Sun, 13 Dec 2026 10:33:02 GMT
date
Fri, 13 Dec 2024 10:33:02 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 09 Oct 2024 12:13:32 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
x-amz-id-2
G4YsfinVKk50HDMFVupr2H1S6n2K2H6sCTVgrI4cWTDIJBEdyYgfpj70zc0t+lYZptNyX9B7YcK08CSbn17eNw==
strict-transport-security
max-age=15552000
cache-control
public, max-age=63072000
referrer-policy
strict-origin-when-cross-origin
x-amz-request-id
EEXDGS6KG9FMK6KY
cf-ray
8f154b2facae7d98-TLV
accept-ranges
bytes
content-length
129936
server
cloudflare
p-7eb5f00b.js
travelex.employee.eu.people-doc.com/assets/ignite/ 		14 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://travelex.employee.eu.people-doc.com/assets/ignite/p-7eb5f00b.js
Requested by
Host: travelex.employee.eu.people-doc.com
URL: https://travelex.employee.eu.people-doc.com/requests/9c3d5107-2f6e-4362-8eda-00219d153805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.175.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ec2f581548fd1630190211559607a35334c5884706f0b6bbc7daedb2eb65aaa
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://travelex.employee.eu.people-doc.com
Referer
https://travelex.employee.eu.people-doc.com/assets/ignite/ignite.esm-76b2f45574dd561f63937c7515b001f3.js

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"bda13d04185fdff42bbf05ac0f63b8ba"
expires
Sun, 13 Dec 2026 10:33:02 GMT
date
Fri, 13 Dec 2024 10:33:02 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 09 Oct 2024 12:13:34 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
x-amz-id-2
lqja9XdcV5coLpsG4FRTUQGAKXF1+2Yoj94E06ZcKE63sV27et9ZyA7ruJXVHBdE8+MAM+VI0RA=
strict-transport-security
max-age=15552000
cache-control
public, max-age=63072000
referrer-policy
strict-origin-when-cross-origin
x-amz-request-id
5ZY9W869C46J66JH
cf-ray
8f154b312e5b7d98-TLV
accept-ranges
bytes
content-length
6540
server
cloudflare
p-98e3a7ed.js
travelex.employee.eu.people-doc.com/assets/ignite/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://travelex.employee.eu.people-doc.com/assets/ignite/p-98e3a7ed.js
Requested by
Host: travelex.employee.eu.people-doc.com
URL: https://travelex.employee.eu.people-doc.com/requests/9c3d5107-2f6e-4362-8eda-00219d153805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.175.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77d3198dbc1b3ca19afa515e82b85801625c86887f59e048b399d89ddf4e450e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://travelex.employee.eu.people-doc.com
Referer
https://travelex.employee.eu.people-doc.com/assets/ignite/ignite.esm-76b2f45574dd561f63937c7515b001f3.js

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"4195b9ff465b1aaa7c87bf6d2462305b"
expires
Sun, 13 Dec 2026 10:33:03 GMT
date
Fri, 13 Dec 2024 10:33:03 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 09 Oct 2024 12:13:34 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
x-amz-id-2
U4BAnVphDZcfjEcKXohqMTYX9qmKInW9GMA9PURsKo3ZVREk2lPgsD/JM6OqNJJgivWvtcPQMDQE6t3oaRl5CfunkjvcYoyFbLD9bNO7/OA=
strict-transport-security
max-age=15552000
cache-control
public, max-age=63072000
referrer-policy
strict-origin-when-cross-origin
x-amz-request-id
ESK0Y01KJABZ0AE2
cf-ray
8f154b312e5e7d98-TLV
accept-ranges
bytes
content-length
2499
server
cloudflare
p-0754145d.js
travelex.employee.eu.people-doc.com/assets/ignite/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://travelex.employee.eu.people-doc.com/assets/ignite/p-0754145d.js
Requested by
Host: travelex.employee.eu.people-doc.com
URL: https://travelex.employee.eu.people-doc.com/requests/9c3d5107-2f6e-4362-8eda-00219d153805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.175.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18ed6e84b321571f509cd861bf3784999e916c3a69d8b502b0b4bd1ddf5f6d60
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://travelex.employee.eu.people-doc.com
Referer
https://travelex.employee.eu.people-doc.com/assets/ignite/ignite.esm-76b2f45574dd561f63937c7515b001f3.js

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"3075a44c90de42eb6f0f02e1090148cd"
expires
Sun, 13 Dec 2026 10:33:03 GMT
date
Fri, 13 Dec 2024 10:33:03 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 09 Oct 2024 12:13:35 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
x-amz-id-2
g5JjdsvsSKxpA3xYqoeE4Md0z/BFcqjCjPHK9mZAhNH+pn7blFhGs1qzZN5pPeJp0ZLZG6UFi+o=
strict-transport-security
max-age=15552000
cache-control
public, max-age=63072000
referrer-policy
strict-origin-when-cross-origin
x-amz-request-id
6V81PN389K2HD7P6
cf-ray
8f154b312e5f7d98-TLV
accept-ranges
bytes
content-length
1073
server
cloudflare
pdui-02a14df8e8b181487b906a3841abd62a.css
travelex.employee.eu.people-doc.com/assets/ 		402 KB
45 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://travelex.employee.eu.people-doc.com/assets/pdui-02a14df8e8b181487b906a3841abd62a.css
Requested by
Host: travelex.employee.eu.people-doc.com
URL: https://travelex.employee.eu.people-doc.com/requests/9c3d5107-2f6e-4362-8eda-00219d153805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.175.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bf31c3f0d7ca9dd5629205d17415638abe55dc793edb77b08391b5be7c91aa3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://travelex.employee.eu.people-doc.com/requests/9c3d5107-2f6e-4362-8eda-00219d153805

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"458597f1577f3360f4bd5a6db2710156"
expires
Sun, 13 Dec 2026 10:33:04 GMT
date
Fri, 13 Dec 2024 10:33:05 GMT
content-type
text/css; charset=utf-8
last-modified
Wed, 09 Oct 2024 12:13:32 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
x-amz-id-2
W33zfUbRI0K6y68M5oPrrgBs9nMaSlP1LjySQYAj+12/n7yywipZmetE8DIyJF+QhMwHih9JH9GnzGpkxBA2nQ==
strict-transport-security
max-age=15552000
cache-control
public, max-age=63072000
referrer-policy
strict-origin-when-cross-origin
x-amz-request-id
R5MK3A11XD914305
cf-ray
8f154b3dad057d98-TLV
accept-ranges
bytes
content-length
45413
server
cloudflare
pdui-theme.css
travelex.employee.eu.people-doc.com/pdui/38.0.7/ 		4 KB
926 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://travelex.employee.eu.people-doc.com/pdui/38.0.7/pdui-theme.css
Requested by
Host: travelex.employee.eu.people-doc.com
URL: https://travelex.employee.eu.people-doc.com/requests/9c3d5107-2f6e-4362-8eda-00219d153805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.175.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6ffed4798d996a64bdfb15059c0b0bb59dbd18e06e764f2d392577d32ce3908
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://travelex.employee.eu.people-doc.com/requests/9c3d5107-2f6e-4362-8eda-00219d153805

Response headers

strict-transport-security
max-age=15552000
x-version
2024.1.6.0
cache-control
public, max-age=14400
content-encoding
gzip
cf-cache-status
HIT
referrer-policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
cf-ray
8f154b3dad0f7d98-TLV
expires
Fri, 13 Dec 2024 14:33:05 GMT
date
Fri, 13 Dec 2024 10:33:05 GMT
content-type
text/css;charset=UTF-8
last-modified
Fri, 13 Dec 2024 08:13:32 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
SAMEORIGIN
loader.js
sdk.privacy-center.org/9dcf4f6a-5a49-43a8-b371-c1572ce5a033/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/9dcf4f6a-5a49-43a8-b371-c1572ce5a033/loader.js?target_type=notice&target=YKHbyhxn
Requested by
Host: travelex.employee.eu.people-doc.com
URL: https://travelex.employee.eu.people-doc.com/assets/employee-ad33cfb6df5da62317e6f0e564cafc11.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-113.fra60.r.cloudfront.net
Software
/
Resource Hash
641827400f154179d233307cd528d212b79232e17d7d9a67013885c9ffd3f3b8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://travelex.employee.eu.people-doc.com/

Response headers

cache-control
max-age=7200, public
x-didomi-remote-config-metadata
multiReg:true;legacyGlobalGdpr:true
content-encoding
br
etag
W/"101ce65d96332ee410ce026f4bde76a5"
x-amzn-trace-id
Root=1-675c0d61-3ba3908b4577631548d9fdfe;Sampled=1;Lineage=1:eaae1266:0
x-amzn-requestid
6f6c9f18-1e92-4db3-a5f0-9c6c502262c0
via
1.1 b8f260e966cae470dbec70a43fd5e0ca.cloudfront.net (CloudFront)
x-didomi-configs-version
113
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
Z5dixNEhh9gdcEnUapQVlr06r97pzRvHzWFmzI-LfyMEGcheQAUovw==
date
Fri, 13 Dec 2024 10:33:05 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
x-amz-cf-pop
FRA60-P10
init
travelex.employee.eu.people-doc.com/api/ 		832 B
589 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://travelex.employee.eu.people-doc.com/api/init
Requested by
Host: travelex.employee.eu.people-doc.com
URL: https://travelex.employee.eu.people-doc.com/assets/vendor-1d4b485f67a541ee51f006c5cecf5983.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.175.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/json; charset=UTF-8
Referer
https://travelex.employee.eu.people-doc.com/requests/9c3d5107-2f6e-4362-8eda-00219d153805

Response headers

strict-transport-security
max-age=15552000
x-request-id
1ae67a5f-e1ce-4ae7-b08e-4df3dcbc0ae8
content-encoding
gzip
cf-cache-status
DYNAMIC
referrer-policy
strict-origin-when-cross-origin
cf-ray
8f154b3eeedc7d98-TLV
date
Fri, 13 Dec 2024 10:33:06 GMT
content-type
application/json; charset=utf-8
server
cloudflare
x-frame-options
SAMEORIGIN
NotoSans-Regular-28f1cfd3b2f6583d814a0633dacfff1d.woff2
travelex.employee.eu.people-doc.com/assets/hinted/ 		181 KB
181 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://travelex.employee.eu.people-doc.com/assets/hinted/NotoSans-Regular-28f1cfd3b2f6583d814a0633dacfff1d.woff2
Requested by
Host: travelex.employee.eu.people-doc.com
URL: https://travelex.employee.eu.people-doc.com/assets/ignite-fonts-noto-hinted-cdn-f5823efc0053194eb5d72ca3a9690b3b.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.175.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07c0ea6241393418ae2ada9d66231309bfa45c0b753c8d1b7d267839a39e0fab
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://travelex.employee.eu.people-doc.com
Referer
https://travelex.employee.eu.people-doc.com/assets/ignite-fonts-noto-hinted-cdn-f5823efc0053194eb5d72ca3a9690b3b.css

Response headers

cf-cache-status
HIT
etag
"28f1cfd3b2f6583d814a0633dacfff1d"
expires
Sun, 13 Dec 2026 10:33:05 GMT
date
Fri, 13 Dec 2024 10:33:05 GMT
content-type
font/woff2
last-modified
Wed, 09 Oct 2024 12:13:39 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
x-amz-id-2
+8A32TIet7wIZgvQUkPX03aQ/R9PkRify0dvp4QCwblDiiPhjY7ff3JPxFTLWq1mwXxKRinKHncuF/AuvD2VIw==
strict-transport-security
max-age=15552000
cache-control
public, max-age=63072000
referrer-policy
strict-origin-when-cross-origin
x-amz-request-id
6V88NG2NPAHA1T5E
cf-ray
8f154b3f1f307d98-TLV
accept-ranges
bytes
content-length
185216
server
cloudflare
sdk.4c4acdd038b3f1dbe6dbc0d3f9797027ef589e6b.js
sdk.privacy-center.org/sdk/4c4acdd038b3f1dbe6dbc0d3f9797027ef589e6b/modern/ 		375 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/sdk/4c4acdd038b3f1dbe6dbc0d3f9797027ef589e6b/modern/sdk.4c4acdd038b3f1dbe6dbc0d3f9797027ef589e6b.js
Requested by
Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/9dcf4f6a-5a49-43a8-b371-c1572ce5a033/loader.js?target_type=notice&target=YKHbyhxn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-113.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c7c513e1c0a577a49663b00e5deb8b0bc7e5525547f9cc6ce2d38596537f5d5b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://travelex.employee.eu.people-doc.com/

Response headers

vary
Accept-Encoding
cache-control
public, max-age=31536000
content-encoding
br
etag
W/"a0b189a335dae6d610972dd1dcc05391-1"
age
11499
via
1.1 b8f260e966cae470dbec70a43fd5e0ca.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
f8ENsWmCa7QUK3wy7uW1FkwlZSjKqfWKqzZFe_Z4HJNP9Js7vBrEiw==
date
Fri, 13 Dec 2024 07:21:27 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 13 Dec 2024 07:21:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P10
x-amz-server-side-encryption
AES256
ui-web-en-web.4c4acdd038b3f1dbe6dbc0d3f9797027ef589e6b.js
sdk.privacy-center.org/sdk/4c4acdd038b3f1dbe6dbc0d3f9797027ef589e6b/modern/ 		266 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/sdk/4c4acdd038b3f1dbe6dbc0d3f9797027ef589e6b/modern/ui-web-en-web.4c4acdd038b3f1dbe6dbc0d3f9797027ef589e6b.js
Requested by
Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/sdk/4c4acdd038b3f1dbe6dbc0d3f9797027ef589e6b/modern/sdk.4c4acdd038b3f1dbe6dbc0d3f9797027ef589e6b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.35.58.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-113.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
049795582a4656b036b8a66e59b15800e2d7b56bca715ee3b6dc85d051df3ee8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://travelex.employee.eu.people-doc.com/

Response headers

vary
Accept-Encoding
cache-control
public, max-age=31536000
content-encoding
br
etag
W/"1b8a0a27d3d2e799f1a1702c8111f802-1"
age
11247
via
1.1 e53a38d449135904e00f29f17c559950.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
noC3tYoCzzz6nRJkcElMIYgA1rtiu_xUwe0jHqYTSJ6YBwiylBd-2Q==
date
Fri, 13 Dec 2024 07:25:39 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 13 Dec 2024 07:21:14 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P10
x-amz-server-side-encryption
AES256
Roboto-Regular-73f0a88bbca1bec19fb1303c689d04c6.woff2
travelex.employee.eu.people-doc.com/assets/fonts/roboto/ 		63 KB
63 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://travelex.employee.eu.people-doc.com/assets/fonts/roboto/Roboto-Regular-73f0a88bbca1bec19fb1303c689d04c6.woff2
Requested by
Host: travelex.employee.eu.people-doc.com
URL: https://travelex.employee.eu.people-doc.com/assets/pdui-02a14df8e8b181487b906a3841abd62a.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.175.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://travelex.employee.eu.people-doc.com
Referer
https://travelex.employee.eu.people-doc.com/assets/pdui-02a14df8e8b181487b906a3841abd62a.css

Response headers

cf-cache-status
HIT
etag
"73f0a88bbca1bec19fb1303c689d04c6"
expires
Sun, 13 Dec 2026 10:33:06 GMT
date
Fri, 13 Dec 2024 10:33:06 GMT
content-type
font/woff2
last-modified
Wed, 09 Oct 2024 12:13:39 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
x-amz-id-2
bunWOd373XynCFxLnIVSOsKYat7JKWsEple69KUQasyKO4UpV/hJgUrygrVFfJ+ZZMyYxvnH4drgcYC4jGiDVg==
strict-transport-security
max-age=15552000
cache-control
public, max-age=63072000
referrer-policy
strict-origin-when-cross-origin
x-amz-request-id
B4PYZXDBK1EG16DH
cf-ray
8f154b464f977d98-TLV
accept-ranges
bytes
content-length
64632
server
cloudflare
datadog-logs-eu.js
www.datadoghq-browser-agent.com/ 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.datadoghq-browser-agent.com/datadog-logs-eu.js
Requested by
Host: travelex.employee.eu.people-doc.com
URL: https://travelex.employee.eu.people-doc.com/assets/vendor-1d4b485f67a541ee51f006c5cecf5983.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.219.205 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-219-205.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://travelex.employee.eu.people-doc.com/

Response headers

cache-control
max-age=14400, s-maxage=60
timing-allow-origin
*
content-encoding
br
etag
W/"6ade25110fdca17b6f30e02a37d2fb98"
age
48
via
1.1 0ccdc706b9b907d47a4960eec0e95f2a.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
t1NElDOGH0QpZgwfhocmMOEKJYIM6oji7_hgDbi9q37B0J2H1lXOGw==
date
Fri, 13 Dec 2024 10:32:23 GMT
content-type
application/javascript
last-modified
Tue, 27 Jul 2021 15:01:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P10
vary
accept-encoding
Primary Request saml2
login.microsoftonline.com/8b7af355-f664-486c-abed-deb79d19e86d/
Redirect Chain
  • https://travelex.requests.eu.people-doc.com/employee/login/check/?locale=en-gb&next=%2Femployee%2Fleap%2Frequests%2F9c3d5107-2f6e-4362-8eda-00219d153805
  • https://novaauth.safe-access.com/session/?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuZXh0IjoiaHR0cHM6Ly90cmF2ZWxleC5yZXF1ZXN0cy5ldS5wZW9wbGUtZG9jLmNvbS9lbXBsb3llZS9sb2dpbi9jaGVjay8_bG9jYWxlPWVuLW...
  • https://login.microsoftonline.com/8b7af355-f664-486c-abed-deb79d19e86d/saml2?SAMLRequest=tVNLc9sgEL77V2h0x3pZssTYnnHjPjzj2prY7aGXzAqWhBkJVEBu8%2B8jlLZpDs2t3Fj2e%2FAtrCx0bU%2B3g3tQt%2Fh9QOtmQfCza5Wl...
43 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/8b7af355-f664-486c-abed-deb79d19e86d/saml2?SAMLRequest=tVNLc9sgEL77V2h0x3pZssTYnnHjPjzj2prY7aGXzAqWhBkJVEBu8%2B8jlLZpDs2t3Fj2e%2FAtrCx0bU%2B3g3tQt%2Fh9QOtmQfCza5Wl09E6HIyiGqy0VEGHljpGz9vPB5rOY9ob7TTTbfgK9DYGrEXjpFYetN%2Btw9Px%2FeH0cX%2B8yxreiCYWWVXmi5I3kAkBUKV5k%2BQsQ4CkSpkQiQd%2BRWNHjnU4Uvp9ENRGXyVHcxwV12GNum9xp1lwrichawfcK%2BtAuREUpwuSpCTJLklMs4zGy2%2B%2BazfeXypwE%2FODc72lUdTqe6nmnWRGWy2cVq1UOGe6i8pmCSLLcyKKYkEWZcEINMgJx2ZZ8aTCsuCRTyT15PWvsN5JxaW6fzul5rnJ0k%2BXS03q0%2FniKba%2Fs7vRyg4dmjOaq2T45fbw4lfpK8A40LkFgQQYQ2snu95JZPuIZXnB8oyR0jteLKEkVRELMmabcQZNXpXZHXZ9qx8RI2A2CjdTxCvPQKcozeY%2FyXXogIODaBX9rfai31M%2F4f2u1q1kj1Pdrw%2FadOD%2BHWoyT6aK5ERMrXRQtkcmhUQe%2FqHZtq3%2BcWMQ3PiInBkwDKLNbPZs5vVH2TwB&RelayState=https%3A%2F%2Ftravelex.requests.eu.people-doc.com%2Femployee%2Flogin%2Fcheck%2F%3Flocale%3Den-gb%26next%3D%2Femployee%2Fleap%2Frequests%2F9c3d5107-2f6e-4362-8eda-00219d153805&Signature=yBmCOuycVLCZ0JX9QdtoRWobMs5BGFP6UfoXRGKpN19GII5geL9R%2F19PNNQIB7RNFSJzwfhGnZ6kVXDl1EerlUpnlFoh2VDOJfM5VzbGuCvzpal9IDWW8Ng9B8vRwS5DmCa7rFBp4s39uWAK3eqk61nUqNtP1BI5tCYeXhxDjTg0VJ117sbT4Nkv8VITqwUJIAEkwzR4a5BHrvQMJd6ZnfO9mio9MG%2BHm0QmcZHyzlDWOYVsrSXAlmqZFN3xlFMsD1bYWmkgIn1kKFDvj0P2J%2Fc7MjCyXLxqmkY5r%2FJf7AcFKTya1g%2ByljEqXxDho7LaADZdrsk7kFqiymknL%2FiqLA%3D%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256
Requested by
Host: travelex.employee.eu.people-doc.com
URL: https://travelex.employee.eu.people-doc.com/assets/employee-ad33cfb6df5da62317e6f0e564cafc11.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.190.159.68 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ea1c8d1be38cce714fd956733615ce2e7cf6af56a4ac4cd3c52cd700c29a8373
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://travelex.employee.eu.people-doc.com/requests/9c3d5107-2f6e-4362-8eda-00219d153805
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache
content-encoding
gzip
content-length
15764
content-security-policy-report-only
object-src 'none'; base-uri 'self'; script-src 'self' 'nonce-sMFsocoaOkIa-boIWglD5Q' 'unsafe-inline' 'unsafe-eval' https://*.msauth.net https://*.msftauth.net https://*.msftauthimages.net https://*.msauthimages.net https://*.msidentity.com https://*.microsoftonline-p.com https://*.microsoftazuread-sso.com https://*.azureedge.net https://*.outlook.com https://*.office.com https://*.office365.com https://*.microsoft.com https://*.bing.com 'report-sample'; img-src 'self' data: https://*.msauth.net https://*.msftauth.net https://*.msftauthimages.net https://*.msauthimages.net https://*.msidentity.com https://*.microsoftonline-p.com https://*.microsoftazuread-sso.com https://*.azureedge.net https://*.outlook.com https://*.office.com https://*.office365.com https://*.microsoft.com https://*.bing.com 'report-sample'; report-uri https://csp.microsoft.com/report/ESTS-UX-All
content-type
text/html; charset=utf-8
date
Fri, 13 Dec 2024 10:33:08 GMT
expires
-1
link
<https://aadcdn.msftauth.net>; rel=preconnect; crossorigin <https://aadcdn.msftauth.net>; rel=preconnect; crossorigin,<https://aadcdn.msftauth.net>; rel=dns-prefetch <https://aadcdn.msftauth.net>; rel=preconnect; crossorigin,<https://aadcdn.msftauth.net>; rel=dns-prefetch,<https://aadcdn.msauth.net>; rel=dns-prefetch
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
p3p
CP="DSP CUR OTPi IND OTRi ONL FIN"
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub2"}]}
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
on
x-frame-options
DENY
x-ms-ests-server
2.1.19683.3 - WEULR1 ProdSlices
x-ms-request-id
66b3f92e-834c-4865-a4ce-7723f0f47400
x-ms-srs
1.P
x-xss-protection
0

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
8f154b4e78e2c227-TLV
content-type
text/html; charset=utf-8
date
Fri, 13 Dec 2024 10:33:07 GMT
location
https://login.microsoftonline.com/8b7af355-f664-486c-abed-deb79d19e86d/saml2?SAMLRequest=tVNLc9sgEL77V2h0x3pZssTYnnHjPjzj2prY7aGXzAqWhBkJVEBu8%2B8jlLZpDs2t3Fj2e%2FAtrCx0bU%2B3g3tQt%2Fh9QOtmQfCza5Wl09E6HIyiGqy0VEGHljpGz9vPB5rOY9ob7TTTbfgK9DYGrEXjpFYetN%2Btw9Px%2FeH0cX%2B8yxreiCYWWVXmi5I3kAkBUKV5k%2BQsQ4CkSpkQiQd%2BRWNHjnU4Uvp9ENRGXyVHcxwV12GNum9xp1lwrichawfcK%2BtAuREUpwuSpCTJLklMs4zGy2%2B%2BazfeXypwE%2FODc72lUdTqe6nmnWRGWy2cVq1UOGe6i8pmCSLLcyKKYkEWZcEINMgJx2ZZ8aTCsuCRTyT15PWvsN5JxaW6fzul5rnJ0k%2BXS03q0%2FniKba%2Fs7vRyg4dmjOaq2T45fbw4lfpK8A40LkFgQQYQ2snu95JZPuIZXnB8oyR0jteLKEkVRELMmabcQZNXpXZHXZ9qx8RI2A2CjdTxCvPQKcozeY%2FyXXogIODaBX9rfai31M%2F4f2u1q1kj1Pdrw%2FadOD%2BHWoyT6aK5ERMrXRQtkcmhUQe%2FqHZtq3%2BcWMQ3PiInBkwDKLNbPZs5vVH2TwB&RelayState=https%3A%2F%2Ftravelex.requests.eu.people-doc.com%2Femployee%2Flogin%2Fcheck%2F%3Flocale%3Den-gb%26next%3D%2Femployee%2Fleap%2Frequests%2F9c3d5107-2f6e-4362-8eda-00219d153805&Signature=yBmCOuycVLCZ0JX9QdtoRWobMs5BGFP6UfoXRGKpN19GII5geL9R%2F19PNNQIB7RNFSJzwfhGnZ6kVXDl1EerlUpnlFoh2VDOJfM5VzbGuCvzpal9IDWW8Ng9B8vRwS5DmCa7rFBp4s39uWAK3eqk61nUqNtP1BI5tCYeXhxDjTg0VJ117sbT4Nkv8VITqwUJIAEkwzR4a5BHrvQMJd6ZnfO9mio9MG%2BHm0QmcZHyzlDWOYVsrSXAlmqZFN3xlFMsD1bYWmkgIn1kKFDvj0P2J%2Fc7MjCyXLxqmkY5r%2FJf7AcFKTya1g%2ByljEqXxDho7LaADZdrsk7kFqiymknL%2FiqLA%3D%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
strict-transport-security
max-age=15552000
vary
Cookie
x-robots-tag
noindex, nofollow
rum
browser-intake-datadoghq.eu/api/v2/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://browser-intake-datadoghq.eu/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.7.0%2Capi%3Abeacon%2Cenv%3Aprod-eu%2Cservice%3Ahrsd-employee-app-front%2Cversion%3A74a0b4f179aa21225f69811d5a22109df08fb86d&dd-api-key=pub3ebaf3e8d429ee659369fff137761567&dd-evp-origin-version=5.7.0&dd-evp-origin=browser&dd-request-id=61c18e25-5050-4f31-a7ce-21ece2b3040a&batch_time=1734085986329
Requested by
Host: travelex.employee.eu.people-doc.com
URL: https://travelex.employee.eu.people-doc.com/assets/chunk.725.21f36be1d12fca761186.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.135.19 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
19.135.149.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://travelex.employee.eu.people-doc.com/

Response headers
rum
browser-intake-datadoghq.eu/api/v2/ 		53 B
340 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://browser-intake-datadoghq.eu/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.7.0%2Capi%3Afetch%2Cenv%3Aprod-eu%2Cservice%3Ahrsd-employee-app-front%2Cversion%3A74a0b4f179aa21225f69811d5a22109df08fb86d&dd-api-key=pub3ebaf3e8d429ee659369fff137761567&dd-evp-origin-version=5.7.0&dd-evp-origin=browser&dd-request-id=4af3eae5-b1db-485b-b635-ec42c95a19f5&batch_time=1734085986396
Requested by
Host: travelex.employee.eu.people-doc.com
URL: https://travelex.employee.eu.people-doc.com/assets/chunk.725.21f36be1d12fca761186.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.135.19 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
19.135.149.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://travelex.employee.eu.people-doc.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
date
Fri, 13 Dec 2024 10:33:06 GMT
content-type
application/json
dd-request-id
4af3eae5-b1db-485b-b635-ec42c95a19f5
converged.v2.login_rtl.min_nvy7uubieug3cmdexcjugq2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 		0
0
ConvergedLogin_PCore_kAx9qZOSH4g90FNHstHMCA2.js
aadcdn.msftauth.net/shared/1.0/content/js/ 		0
0
ux.converged.login.strings-he.min_upfj9w7ccr_xvbybv1_9zw2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 		0
0
Me.htm
login.live.com/ 		0
0
converged.v2.login_rtl.min_nvy7uubieug3cmdexcjugq2.css
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ 		111 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login_rtl.min_nvy7uubieug3cmdexcjugq2.css
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/8b7af355-f664-486c-abed-deb79d19e86d/saml2?SAMLRequest=tVNLc9sgEL77V2h0x3pZssTYnnHjPjzj2prY7aGXzAqWhBkJVEBu8%2B8jlLZpDs2t3Fj2e%2FAtrCx0bU%2B3g3tQt%2Fh9QOtmQfCza5Wl09E6HIyiGqy0VEGHljpGz9vPB5rOY9ob7TTTbfgK9DYGrEXjpFYetN%2Btw9Px%2FeH0cX%2B8yxreiCYWWVXmi5I3kAkBUKV5k%2BQsQ4CkSpkQiQd%2BRWNHjnU4Uvp9ENRGXyVHcxwV12GNum9xp1lwrichawfcK%2BtAuREUpwuSpCTJLklMs4zGy2%2B%2BazfeXypwE%2FODc72lUdTqe6nmnWRGWy2cVq1UOGe6i8pmCSLLcyKKYkEWZcEINMgJx2ZZ8aTCsuCRTyT15PWvsN5JxaW6fzul5rnJ0k%2BXS03q0%2FniKba%2Fs7vRyg4dmjOaq2T45fbw4lfpK8A40LkFgQQYQ2snu95JZPuIZXnB8oyR0jteLKEkVRELMmabcQZNXpXZHXZ9qx8RI2A2CjdTxCvPQKcozeY%2FyXXogIODaBX9rfai31M%2F4f2u1q1kj1Pdrw%2FadOD%2BHWoyT6aK5ERMrXRQtkcmhUQe%2FqHZtq3%2BcWMQ3PiInBkwDKLNbPZs5vVH2TwB&RelayState=https%3A%2F%2Ftravelex.requests.eu.people-doc.com%2Femployee%2Flogin%2Fcheck%2F%3Flocale%3Den-gb%26next%3D%2Femployee%2Fleap%2Frequests%2F9c3d5107-2f6e-4362-8eda-00219d153805&Signature=yBmCOuycVLCZ0JX9QdtoRWobMs5BGFP6UfoXRGKpN19GII5geL9R%2F19PNNQIB7RNFSJzwfhGnZ6kVXDl1EerlUpnlFoh2VDOJfM5VzbGuCvzpal9IDWW8Ng9B8vRwS5DmCa7rFBp4s39uWAK3eqk61nUqNtP1BI5tCYeXhxDjTg0VJ117sbT4Nkv8VITqwUJIAEkwzR4a5BHrvQMJd6ZnfO9mio9MG%2BHm0QmcZHyzlDWOYVsrSXAlmqZFN3xlFMsD1bYWmkgIn1kKFDvj0P2J%2Fc7MjCyXLxqmkY5r%2FJf7AcFKTya1g%2ByljEqXxDho7LaADZdrsk7kFqiymknL%2FiqLA%3D%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.253.45 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
54c6b3505d1e44cde6aa5e251e856a7e7b9e7661cfb63c34c6a242cab8e1b4de

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://login.microsoftonline.com
Referer
https://login.microsoftonline.com/

Response headers

access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DCFFB21E441E08
x-ms-lease-status
unlocked
x-fd-int-roxy-purgeid
0
x-cache
TCP_HIT
date
Fri, 13 Dec 2024 10:33:09 GMT
content-type
text/css
last-modified
Fri, 08 Nov 2024 04:59:25 GMT
cache-control
public, max-age=31536000
x-ms-request-id
10d800fb-c01e-002a-44fc-4a23eb000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
20413
x-azure-ref
20241213T103309Z-17b87fb9764m7wdvhC1PAR0vs800000008xg000000008rf4
x-ms-blob-type
BlockBlob
watsonsupportwithjquery.3.5.min_dc940oomzau4rsu8qesnvg2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 		117 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/watsonsupportwithjquery.3.5.min_dc940oomzau4rsu8qesnvg2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/8b7af355-f664-486c-abed-deb79d19e86d/saml2?SAMLRequest=tVNLc9sgEL77V2h0x3pZssTYnnHjPjzj2prY7aGXzAqWhBkJVEBu8%2B8jlLZpDs2t3Fj2e%2FAtrCx0bU%2B3g3tQt%2Fh9QOtmQfCza5Wl09E6HIyiGqy0VEGHljpGz9vPB5rOY9ob7TTTbfgK9DYGrEXjpFYetN%2Btw9Px%2FeH0cX%2B8yxreiCYWWVXmi5I3kAkBUKV5k%2BQsQ4CkSpkQiQd%2BRWNHjnU4Uvp9ENRGXyVHcxwV12GNum9xp1lwrichawfcK%2BtAuREUpwuSpCTJLklMs4zGy2%2B%2BazfeXypwE%2FODc72lUdTqe6nmnWRGWy2cVq1UOGe6i8pmCSLLcyKKYkEWZcEINMgJx2ZZ8aTCsuCRTyT15PWvsN5JxaW6fzul5rnJ0k%2BXS03q0%2FniKba%2Fs7vRyg4dmjOaq2T45fbw4lfpK8A40LkFgQQYQ2snu95JZPuIZXnB8oyR0jteLKEkVRELMmabcQZNXpXZHXZ9qx8RI2A2CjdTxCvPQKcozeY%2FyXXogIODaBX9rfai31M%2F4f2u1q1kj1Pdrw%2FadOD%2BHWoyT6aK5ERMrXRQtkcmhUQe%2FqHZtq3%2BcWMQ3PiInBkwDKLNbPZs5vVH2TwB&RelayState=https%3A%2F%2Ftravelex.requests.eu.people-doc.com%2Femployee%2Flogin%2Fcheck%2F%3Flocale%3Den-gb%26next%3D%2Femployee%2Fleap%2Frequests%2F9c3d5107-2f6e-4362-8eda-00219d153805&Signature=yBmCOuycVLCZ0JX9QdtoRWobMs5BGFP6UfoXRGKpN19GII5geL9R%2F19PNNQIB7RNFSJzwfhGnZ6kVXDl1EerlUpnlFoh2VDOJfM5VzbGuCvzpal9IDWW8Ng9B8vRwS5DmCa7rFBp4s39uWAK3eqk61nUqNtP1BI5tCYeXhxDjTg0VJ117sbT4Nkv8VITqwUJIAEkwzR4a5BHrvQMJd6ZnfO9mio9MG%2BHm0QmcZHyzlDWOYVsrSXAlmqZFN3xlFMsD1bYWmkgIn1kKFDvj0P2J%2Fc7MjCyXLxqmkY5r%2FJf7AcFKTya1g%2ByljEqXxDho7LaADZdrsk7kFqiymknL%2FiqLA%3D%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.175 -, , ASN (),
Reverse DNS
Software
ECAcc (frc/4CC5) /
Resource Hash
df2aa8537c1992c94846a0ffffaa9031d430d9d0210b9e396ec059aff62627e0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://login.microsoftonline.com
Referer
https://login.microsoftonline.com/

Response headers

content-md5
HWW92uTq7vx3y5z+zFZbXQ==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-lease-status
unlocked
etag
0x8D8DA1E5A71125A
age
22834427
x-ms-version
2009-09-19
x-cache
HIT
date
Fri, 13 Dec 2024 10:33:09 GMT
content-type
application/x-javascript
last-modified
Fri, 26 Feb 2021 06:18:37 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
x-ms-request-id
f2ff615e-201e-0065-559c-7d9f0e000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
40454
x-ms-blob-type
BlockBlob
server
ECAcc (frc/4CC5)
frameworksupport.min_oadrnc13magb009k4d20lg2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/frameworksupport.min_oadrnc13magb009k4d20lg2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/8b7af355-f664-486c-abed-deb79d19e86d/saml2?SAMLRequest=tVNLc9sgEL77V2h0x3pZssTYnnHjPjzj2prY7aGXzAqWhBkJVEBu8%2B8jlLZpDs2t3Fj2e%2FAtrCx0bU%2B3g3tQt%2Fh9QOtmQfCza5Wl09E6HIyiGqy0VEGHljpGz9vPB5rOY9ob7TTTbfgK9DYGrEXjpFYetN%2Btw9Px%2FeH0cX%2B8yxreiCYWWVXmi5I3kAkBUKV5k%2BQsQ4CkSpkQiQd%2BRWNHjnU4Uvp9ENRGXyVHcxwV12GNum9xp1lwrichawfcK%2BtAuREUpwuSpCTJLklMs4zGy2%2B%2BazfeXypwE%2FODc72lUdTqe6nmnWRGWy2cVq1UOGe6i8pmCSLLcyKKYkEWZcEINMgJx2ZZ8aTCsuCRTyT15PWvsN5JxaW6fzul5rnJ0k%2BXS03q0%2FniKba%2Fs7vRyg4dmjOaq2T45fbw4lfpK8A40LkFgQQYQ2snu95JZPuIZXnB8oyR0jteLKEkVRELMmabcQZNXpXZHXZ9qx8RI2A2CjdTxCvPQKcozeY%2FyXXogIODaBX9rfai31M%2F4f2u1q1kj1Pdrw%2FadOD%2BHWoyT6aK5ERMrXRQtkcmhUQe%2FqHZtq3%2BcWMQ3PiInBkwDKLNbPZs5vVH2TwB&RelayState=https%3A%2F%2Ftravelex.requests.eu.people-doc.com%2Femployee%2Flogin%2Fcheck%2F%3Flocale%3Den-gb%26next%3D%2Femployee%2Fleap%2Frequests%2F9c3d5107-2f6e-4362-8eda-00219d153805&Signature=yBmCOuycVLCZ0JX9QdtoRWobMs5BGFP6UfoXRGKpN19GII5geL9R%2F19PNNQIB7RNFSJzwfhGnZ6kVXDl1EerlUpnlFoh2VDOJfM5VzbGuCvzpal9IDWW8Ng9B8vRwS5DmCa7rFBp4s39uWAK3eqk61nUqNtP1BI5tCYeXhxDjTg0VJ117sbT4Nkv8VITqwUJIAEkwzR4a5BHrvQMJd6ZnfO9mio9MG%2BHm0QmcZHyzlDWOYVsrSXAlmqZFN3xlFMsD1bYWmkgIn1kKFDvj0P2J%2Fc7MjCyXLxqmkY5r%2FJf7AcFKTya1g%2ByljEqXxDho7LaADZdrsk7kFqiymknL%2FiqLA%3D%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.175 -, , ASN (),
Reverse DNS
Software
ECAcc (frc/4CD0) /
Resource Hash
c8cef105fcaf7cbf3f8682c861045505c24d41cf6686c20c1c03e14031a3db69

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://login.microsoftonline.com
Referer
https://login.microsoftonline.com/

Response headers

content-md5
A8dgUeRfi6/VknMbox6Cuw==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-lease-status
unlocked
etag
0x8D876CB1F3EA0D9
age
22834358
x-ms-version
2009-09-19
x-cache
HIT
date
Fri, 13 Dec 2024 10:33:10 GMT
content-type
application/x-javascript
last-modified
Thu, 22 Oct 2020 20:43:24 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
x-ms-request-id
ad7963ee-b01e-0088-429d-7d5562000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
4880
x-ms-blob-type
BlockBlob
server
ECAcc (frc/4CD0)
watson.min_q5ptmu8aniymd4ftuqdkda2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/watson.min_q5ptmu8aniymd4ftuqdkda2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/8b7af355-f664-486c-abed-deb79d19e86d/saml2?SAMLRequest=tVNLc9sgEL77V2h0x3pZssTYnnHjPjzj2prY7aGXzAqWhBkJVEBu8%2B8jlLZpDs2t3Fj2e%2FAtrCx0bU%2B3g3tQt%2Fh9QOtmQfCza5Wl09E6HIyiGqy0VEGHljpGz9vPB5rOY9ob7TTTbfgK9DYGrEXjpFYetN%2Btw9Px%2FeH0cX%2B8yxreiCYWWVXmi5I3kAkBUKV5k%2BQsQ4CkSpkQiQd%2BRWNHjnU4Uvp9ENRGXyVHcxwV12GNum9xp1lwrichawfcK%2BtAuREUpwuSpCTJLklMs4zGy2%2B%2BazfeXypwE%2FODc72lUdTqe6nmnWRGWy2cVq1UOGe6i8pmCSLLcyKKYkEWZcEINMgJx2ZZ8aTCsuCRTyT15PWvsN5JxaW6fzul5rnJ0k%2BXS03q0%2FniKba%2Fs7vRyg4dmjOaq2T45fbw4lfpK8A40LkFgQQYQ2snu95JZPuIZXnB8oyR0jteLKEkVRELMmabcQZNXpXZHXZ9qx8RI2A2CjdTxCvPQKcozeY%2FyXXogIODaBX9rfai31M%2F4f2u1q1kj1Pdrw%2FadOD%2BHWoyT6aK5ERMrXRQtkcmhUQe%2FqHZtq3%2BcWMQ3PiInBkwDKLNbPZs5vVH2TwB&RelayState=https%3A%2F%2Ftravelex.requests.eu.people-doc.com%2Femployee%2Flogin%2Fcheck%2F%3Flocale%3Den-gb%26next%3D%2Femployee%2Fleap%2Frequests%2F9c3d5107-2f6e-4362-8eda-00219d153805&Signature=yBmCOuycVLCZ0JX9QdtoRWobMs5BGFP6UfoXRGKpN19GII5geL9R%2F19PNNQIB7RNFSJzwfhGnZ6kVXDl1EerlUpnlFoh2VDOJfM5VzbGuCvzpal9IDWW8Ng9B8vRwS5DmCa7rFBp4s39uWAK3eqk61nUqNtP1BI5tCYeXhxDjTg0VJ117sbT4Nkv8VITqwUJIAEkwzR4a5BHrvQMJd6ZnfO9mio9MG%2BHm0QmcZHyzlDWOYVsrSXAlmqZFN3xlFMsD1bYWmkgIn1kKFDvj0P2J%2Fc7MjCyXLxqmkY5r%2FJf7AcFKTya1g%2ByljEqXxDho7LaADZdrsk7kFqiymknL%2FiqLA%3D%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.175 -, , ASN (),
Reverse DNS
Software
ECAcc (frc/4CB8) /
Resource Hash
441bfa485fb0eb8ad2be7001209868b57c41769cae9512a774419f5882c093e6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://login.microsoftonline.com
Referer
https://login.microsoftonline.com/

Response headers

content-md5
up2irhKVlrgd4fr/sCzQ9w==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-lease-status
unlocked
etag
0x8DA5944E2DB65A3
age
6354837
x-ms-version
2009-09-19
x-cache
HIT
date
Fri, 13 Dec 2024 10:33:10 GMT
content-type
application/x-javascript
last-modified
Tue, 28 Jun 2022 20:29:22 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
x-ms-request-id
bc084caf-901e-004f-117e-13259a000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
3921
x-ms-blob-type
BlockBlob
server
ECAcc (frc/4CB8)
watson
login.microsoftonline.com/common/handlers/ 		265 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/common/handlers/watson
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/watsonsupportwithjquery.3.5.min_dc940oomzau4rsu8qesnvg2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.190.159.68 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
03e8f7578aa793126499fb68ebf24c1c547e0c81b48affcee22bb40f84288b20
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

hpgid
1104
Referer
https://login.microsoftonline.com/8b7af355-f664-486c-abed-deb79d19e86d/saml2?SAMLRequest=tVNLc9sgEL77V2h0x3pZssTYnnHjPjzj2prY7aGXzAqWhBkJVEBu8%2B8jlLZpDs2t3Fj2e%2FAtrCx0bU%2B3g3tQt%2Fh9QOtmQfCza5Wl09E6HIyiGqy0VEGHljpGz9vPB5rOY9ob7TTTbfgK9DYGrEXjpFYetN%2Btw9Px%2FeH0cX%2B8yxreiCYWWVXmi5I3kAkBUKV5k%2BQsQ4CkSpkQiQd%2BRWNHjnU4Uvp9ENRGXyVHcxwV12GNum9xp1lwrichawfcK%2BtAuREUpwuSpCTJLklMs4zGy2%2B%2BazfeXypwE%2FODc72lUdTqe6nmnWRGWy2cVq1UOGe6i8pmCSLLcyKKYkEWZcEINMgJx2ZZ8aTCsuCRTyT15PWvsN5JxaW6fzul5rnJ0k%2BXS03q0%2FniKba%2Fs7vRyg4dmjOaq2T45fbw4lfpK8A40LkFgQQYQ2snu95JZPuIZXnB8oyR0jteLKEkVRELMmabcQZNXpXZHXZ9qx8RI2A2CjdTxCvPQKcozeY%2FyXXogIODaBX9rfai31M%2F4f2u1q1kj1Pdrw%2FadOD%2BHWoyT6aK5ERMrXRQtkcmhUQe%2FqHZtq3%2BcWMQ3PiInBkwDKLNbPZs5vVH2TwB&RelayState=https%3A%2F%2Ftravelex.requests.eu.people-doc.com%2Femployee%2Flogin%2Fcheck%2F%3Flocale%3Den-gb%26next%3D%2Femployee%2Fleap%2Frequests%2F9c3d5107-2f6e-4362-8eda-00219d153805&Signature=yBmCOuycVLCZ0JX9QdtoRWobMs5BGFP6UfoXRGKpN19GII5geL9R%2F19PNNQIB7RNFSJzwfhGnZ6kVXDl1EerlUpnlFoh2VDOJfM5VzbGuCvzpal9IDWW8Ng9B8vRwS5DmCa7rFBp4s39uWAK3eqk61nUqNtP1BI5tCYeXhxDjTg0VJ117sbT4Nkv8VITqwUJIAEkwzR4a5BHrvQMJd6ZnfO9mio9MG%2BHm0QmcZHyzlDWOYVsrSXAlmqZFN3xlFMsD1bYWmkgIn1kKFDvj0P2J%2Fc7MjCyXLxqmkY5r%2FJf7AcFKTya1g%2ByljEqXxDho7LaADZdrsk7kFqiymknL%2FiqLA%3D%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256
hpgact
1900
canary
PAQABDgEAAADW6jl31mB3T7ugrWTT8pFeG_soLDeL0gndZZSDb3JDP419nfV5AeZzb3guSxsOnqm_I_tm2f4tVkVA4_ck74BaEcWWaRThNR27tyi0WGS8UeDxCYCu8tZfHuZHc9RIH50ZxkEfGD8IeZiB8b7ocZ4fFCLAVrYkQ__Sc4JffXZJYXDwRkgI1m4EZuXPH2EMe5ukOMicMedGbvbeKYKbW_TXWL2eWWJclln-7l5x3XpoiSAA
client-request-id
c8913246-79ba-4087-a436-78e7af6ddfac
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/json; charset=UTF-8

Response headers

x-ms-ests-server
2.1.19683.3 - NEULR1 ProdSlices
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub2"}]}
x-content-type-options
nosniff
expires
-1
p3p
CP="DSP CUR OTPi IND OTRi ONL FIN"
date
Fri, 13 Dec 2024 10:33:09 GMT
content-type
application/json; charset=utf-8
x-ms-srs
1.P
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-store, no-cache
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
x-ms-request-id
5b00de02-0e39-47ad-8634-7cd6b8fb1700
content-security-policy-report-only
object-src 'none'; base-uri 'self'; script-src 'self' 'nonce-QOOKjUDYGj7o6gaS4dd6xA' 'unsafe-inline' 'unsafe-eval' https://*.msauth.net https://*.msftauth.net https://*.msftauthimages.net https://*.msauthimages.net https://*.msidentity.com https://*.microsoftonline-p.com https://*.microsoftazuread-sso.com https://*.azureedge.net https://*.outlook.com https://*.office.com https://*.office365.com https://*.microsoft.com https://*.bing.com 'report-sample'; img-src 'self' data: https://*.msauth.net https://*.msftauth.net https://*.msftauthimages.net https://*.msauthimages.net https://*.msidentity.com https://*.microsoftonline-p.com https://*.microsoftazuread-sso.com https://*.azureedge.net https://*.outlook.com https://*.office.com https://*.office365.com https://*.microsoft.com https://*.bing.com 'report-sample'; report-uri https://csp.microsoft.com/report/ESTS-UX-All
client-request-id
c8913246-79ba-4087-a436-78e7af6ddfac
content-length
265
x-xss-protection
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
aadcdn.msftauth.net
URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login_rtl.min_nvy7uubieug3cmdexcjugq2.css
Domain
aadcdn.msftauth.net
URL
https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_kAx9qZOSH4g90FNHstHMCA2.js
Domain
aadcdn.msftauth.net
URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-he.min_upfj9w7ccr_xvbybv1_9zw2.js
Domain
login.live.com
URL
https://login.live.com/Me.htm?v=3

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData

11 Cookies

Domain/Path Name / Value
.people-doc.com/ Name: __cf_bm
Value: qA5XJYK10Fgd0PAtBMTbbCkKhM4Qvw3z45arh9donS8-1734085982-1.0.1.1-Eu1Azr.E2eZOz3RGX1U.Hxwk74bi0QNqLPrLVPip.TY8pSDcQLHsVZI14xO80IbHhHiS.vWg3OFi5ms7VG6DMQ
.people-doc.com/ Name: didomi_token
Value: eyJ1c2VyX2lkIjoiMTkzYmY5NDQtNjM4Ny02NDA2LWI1NTktNjMzNjVkZTgyYmM5IiwiY3JlYXRlZCI6IjIwMjQtMTItMTNUMTA6MzM6MDUuODQ4WiIsInVwZGF0ZWQiOiIyMDI0LTEyLTEzVDEwOjMzOjA1Ljg0OVoiLCJ2ZXJzaW9uIjpudWxsfQ==
novaauth.safe-access.com/ Name: sessionid
Value: su4fvppjwtdsz6rj2dlbr0nvmypvk01h
.safe-access.com/ Name: __cf_bm
Value: RNGuaggtaCb5QGPkfTuGydA.4AbRLVLZyx5pK8i711A-1734085987-1.0.1.1-kGUSTlb3xeB.bZhKslrBdZ8uJPm_vPtBT7wO7XXdydsP2mWK5ROp2YrBiDpmDYXzGGX3BMhhJJyy__zHrZ5UJg
travelex.employee.eu.people-doc.com/ Name: _dd_s
Value: rum=2&id=715dce62-6f29-4123-97c7-806738f30696&created=1734085986291&expire=1734086887112&logs=1
login.microsoftonline.com/ Name: buid
Value: 1.AXQAVfN6i2T2bEir7d63nRnobUkHARZfD4ZKiMx1bFwtIgJ0AAB0AA.AQABGgEAAADW6jl31mB3T7ugrWTT8pFe5slrqtsITzUxdgKvIyTT4ZmFWbTxs_iRTGsXDNVdgiIolhXygKCrdtSGoZQAPMaIO7FPK5p5CZ6xhoRWP0hg6IRkU3B8Y-h5VvKN6ND3558gAA
.login.microsoftonline.com/ Name: esctx
Value: PAQABBwEAAADW6jl31mB3T7ugrWTT8pFeGoV2rWfX26UYDPs1eny0ya5IiyrUS7i4c22N8dOfyeO40CSu8UUf3KbAjNJBPHFjzPQmJPV0Bu4TIPrdZNEsC5RxtzZj95NCfKmc20rHgw0FiXYvIrKHlKhKRtvokTP5u6F5F33RyxU5QXVdMb3TJ31AK-H8b3GULUPUh1DCfv4gAA
.login.microsoftonline.com/ Name: esctx-6KDIBLW3Usk
Value: AQABCQEAAADW6jl31mB3T7ugrWTT8pFeY4NSAowGMu-Zn2l63eCnfgr6zlX_FELj-al-sveU0jP1pfyh2JLOeM2LFOm_VXbL0whj_tv2hOsMcjdBWsOdpMJT8jE4v4_xvzQeFLcOd2hV0NHKnMnKsTGSH_tLRK1R165rnfJFBYUGguMbX9_cByAA
login.microsoftonline.com/ Name: fpc
Value: AqiRuMBw8nVAsNGPOyOUHXdDJDBpAQAAAGQE7t4OAAAA
login.microsoftonline.com/ Name: x-ms-gateway-slice
Value: estsfd
login.microsoftonline.com/ Name: stsservicecookie
Value: estsfd

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msauth.net
aadcdn.msftauth.net
browser-intake-datadoghq.eu
login.live.com
login.microsoftonline.com
novaauth.safe-access.com
sdk.privacy-center.org
travelex.employee.eu.people-doc.com
travelex.requests.eu.people-doc.com
www.datadoghq-browser-agent.com
aadcdn.msftauth.net
login.live.com
104.17.95.157
104.18.175.228
104.18.35.183
13.107.253.45
13.33.219.205
13.35.58.113
152.199.21.175
20.190.159.68
34.149.135.19
009f2974bf7925502a241af43f77bc77249a6c4b55ab89a74c1aef6a717cd91d
03e8f7578aa793126499fb68ebf24c1c547e0c81b48affcee22bb40f84288b20
049795582a4656b036b8a66e59b15800e2d7b56bca715ee3b6dc85d051df3ee8
07c0ea6241393418ae2ada9d66231309bfa45c0b753c8d1b7d267839a39e0fab
097ee3b74108ecdf0ad25276330ffd095a1465c7920ca2add851cffebc122724
0bf31c3f0d7ca9dd5629205d17415638abe55dc793edb77b08391b5be7c91aa3
0ec2f581548fd1630190211559607a35334c5884706f0b6bbc7daedb2eb65aaa
18ed6e84b321571f509cd861bf3784999e916c3a69d8b502b0b4bd1ddf5f6d60
1ced7cdfc247adbb8e7b7de29a4b32063de5842087df54bc6783dcce6234ef84
3391a17bb1cd96a3e55221c2c3d4fa9212f8e2987925b2993202d0528868d9cd
441bfa485fb0eb8ad2be7001209868b57c41769cae9512a774419f5882c093e6
54c6b3505d1e44cde6aa5e251e856a7e7b9e7661cfb63c34c6a242cab8e1b4de
641827400f154179d233307cd528d212b79232e17d7d9a67013885c9ffd3f3b8
77d3198dbc1b3ca19afa515e82b85801625c86887f59e048b399d89ddf4e450e
a8de91620bf5b3d2d83ab83b991ff390d6bbe9767a780eb17ae3d01ad436a2c7
c4018db5a035ac72f98fa66929fb85372eb5937e955566741c8542854902ae08
c7c513e1c0a577a49663b00e5deb8b0bc7e5525547f9cc6ce2d38596537f5d5b
c8cef105fcaf7cbf3f8682c861045505c24d41cf6686c20c1c03e14031a3db69
cf524d9e550d23d14bd421fdfe7c5fd6370cf09f5c844cb3783e26df2c855771
ddb69a7a8b436ab4a680a54d97ed8848b15d8fc52f10f67f3edee465df2d65c9
df2aa8537c1992c94846a0ffffaa9031d430d9d0210b9e396ec059aff62627e0
e7de94207612e62e80367e6ea351588aca101e2b044afda4e09b49d4a87c1d70
ea1c8d1be38cce714fd956733615ce2e7cf6af56a4ac4cd3c52cd700c29a8373
f6ffed4798d996a64bdfb15059c0b0bb59dbd18e06e764f2d392577d32ce3908
fadc22e03ef27f662d090ee73c54bf3c8801bfa6e73470a5a3c7f6d91f36c25c