login.microsoftonline.com Open in urlscan Pro
40.126.32.68 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://sabre-glbl.allaccesspass.com/login/index.php
Effective URL:
https://login.microsoftonline.com/03ceccf2-fe27-4c66-abdb-699141848e61/saml2?SAMLRequest=tZJPb9pAEMW%2FirV32%2Bu%2FhRUgIVCQK0gQBNr...
Submission: On February 05 via api (February 5th 2023, 9:31:48 am UTC) from US — Scanned from DE

Summary HTTP 65 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 12 IPs in 4 countries across 10 domains to perform 65 HTTP transactions. The main IP is 40.126.32.68, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.microsoftonline.com. The Cisco Umbrella rank of the primary domain is 20.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on November 23rd 2022. Valid for: a year.

This is the only time login.microsoftonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 23	2606:4700::68... 2606:4700::6811:9e2f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	23.203.124.246 23.203.124.246	16625 (AKAMAI-AS) (AKAMAI-AS)
10	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
2	2606:4700::68... 2606:4700::6811:7c6b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	162.247.243.29 162.247.243.29	54113 (FASTLY) (FASTLY)
1 2	54.229.120.124 54.229.120.124	16509 (AMAZON-02) (AMAZON-02)
3	40.126.32.68 40.126.32.68	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
11	152.199.23.37 152.199.23.37	15133 (EDGECAST) (EDGECAST)
1	20.190.159.75 20.190.159.75	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2620:1ec:4e:1... 2620:1ec:4e:1::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2603:1026:300... 2603:1026:3000:c8::9	() ()
65	12

23 2606:4700::6811:9e2f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

sabre-glbl.allaccesspass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.203.124.246 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-124-246.deploy.static.akamaitechnologies.com

cdns.gigya.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdns.eu1.gigya.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:7c6b (United States)

ASN13335 (CLOUDFLARENET, US)

analytics.franklincovey.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.247.243.29 (United States)

ASN54113 (FASTLY, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.229.120.124 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-120-124.eu-west-1.compute.amazonaws.com

accounts.eu1.gigya.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
socialize.eu1.gigya.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 40.126.32.68 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.microsoftonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 152.199.23.37 (United States)

ASN15133 (EDGECAST, US)

aadcdn.msftauth.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.190.159.75 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:4e:1::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

aadcdn.msftauthimages.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2603:1026:3000:c8::9 (None, )

ASN- ()

autologon.microsoftazuread-sso.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	allaccesspass.com 1 redirects sabre-glbl.allaccesspass.com	1 MB
11	msftauth.net aadcdn.msftauth.net — Cisco Umbrella Rank: 1157	232 KB
10	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 314	27 KB
6	gigya.com 1 redirects cdns.gigya.com — Cisco Umbrella Rank: 8303 cdns.eu1.gigya.com — Cisco Umbrella Rank: 17016 accounts.eu1.gigya.com — Cisco Umbrella Rank: 31917 socialize.eu1.gigya.com — Cisco Umbrella Rank: 38365	195 KB
3	microsoftonline.com login.microsoftonline.com — Cisco Umbrella Rank: 20	109 KB
3	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 208	1 KB
2	msftauthimages.net aadcdn.msftauthimages.net — Cisco Umbrella Rank: 3170	255 KB
2	franklincovey.com analytics.franklincovey.com — Cisco Umbrella Rank: 554678	21 KB
1	microsoftazuread-sso.com autologon.microsoftazuread-sso.com	1 KB
1	live.com login.live.com — Cisco Umbrella Rank: 93
65	10

	Domain	Requested by
23	sabre-glbl.allaccesspass.com	1 redirects sabre-glbl.allaccesspass.com
11	aadcdn.msftauth.net	login.microsoftonline.com aadcdn.msftauth.net
10	js-agent.newrelic.com	sabre-glbl.allaccesspass.com
3	login.microsoftonline.com	cdns.gigya.com login.microsoftonline.com aadcdn.msftauth.net
3	bam.nr-data.net	sabre-glbl.allaccesspass.com js-agent.newrelic.com
3	cdns.eu1.gigya.com	sabre-glbl.allaccesspass.com cdns.eu1.gigya.com
2	aadcdn.msftauthimages.net
2	analytics.franklincovey.com	sabre-glbl.allaccesspass.com analytics.franklincovey.com
1	autologon.microsoftazuread-sso.com
1	login.live.com	login.microsoftonline.com
1	socialize.eu1.gigya.com	1 redirects
1	accounts.eu1.gigya.com	cdns.eu1.gigya.com
1	cdns.gigya.com	sabre-glbl.allaccesspass.com
65	13

This site contains links to these domains. Also see Links.

Domain
www.microsoft.com
privacy.microsoft.com

Subject Issuer	Validity	Valid
*.allaccesspass.com Go Daddy Secure Certificate Authority - G2	`2022-12-13` - `2024-01-14`	a year	crt.sh
cdns.gigya.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-07` - `2023-12-07`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-07-10` - `2023-08-11`	a year	crt.sh
*.franklincovey.com Go Daddy Secure Certificate Authority - G2	`2022-02-13` - `2023-03-17`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-18` - `2023-12-19`	a year	crt.sh
*.eu1.gigya.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-02` - `2023-03-05`	a year	crt.sh
stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA	`2022-11-23` - `2023-11-23`	a year	crt.sh
aadcdn.msftauth.net DigiCert SHA2 Secure Server CA	`2022-04-01` - `2023-04-01`	a year	crt.sh
login.live.com DigiCert SHA2 Secure Server CA	`2022-12-30` - `2023-12-30`	a year	crt.sh
aadcdn.msftauthimages.net Microsoft Azure TLS Issuing CA 05	`2022-12-23` - `2023-12-18`	a year	crt.sh
autologon.microsoftazuread-sso.com DigiCert SHA2 Secure Server CA	`2023-01-03` - `2024-01-03`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://login.microsoftonline.com/03ceccf2-fe27-4c66-abdb-699141848e61/saml2?SAMLRequest=tZJPb9pAEMW%2FirV32%2Bu%2FhRUgIVCQK0gQBNrmEi3rsbOVvWt21jTk09d2mrQ5tLdeRzPzfm%2FeTJDXVcPmrX1SOzi3gNbJllNSyvLKY8rTIE05h1Oe8FhElI8gobzIw4QG42gU0Ig4RzAotZqS0KPEyRBbyBRarmxXomHk0tClyT0dsyhgcfpAnGWnIhW3w9STtQ0y3690KZVXS2E06sJqVUkFntC1TyMBQhShW0D4yY1Fmrr8lJ%2FcdDwO4mAUjyAN%2FN5HSJwbbQQMbqak4BVCT7TliPIC75U5IphefaEVtjWYPZiLFHDYrX%2FzFDKvPWgDbzjFANJr%2BJfOph89nu%2B%2BHW7zuzafr9bRKsaH%2B8OmgcXqWG43kd0vv2dl83mXqNVxm%2B2u5nl%2F%2BRq%2BfMnjxwVyuDl3wI3PBRLnua4UsiGGKWmNYpqjRKZ4DcisYPv5Zs06TdYYbbXQFZlN%2Bm42XNr8Mf%2Fvcf5mmsw%2BWPw%2F9ibDtl%2BMr8ANu%2B2gsuVWV1Jc%2B6Rq3r3I35gDLxgqMneLoZW1ChsQspCQdxlWlf6xMMBtl6s1bRerP3tV%2FfjOs58%3D&RelayState=tk1.UXlKJPEtbIeGfTRJHsg4WtezW55LtBwm5xZT27KZS2Q&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=TxsDvy496qr0%2BWQB2qZVzLBBwMzcZi2AOYks6OWXyvI59m%2FDDUEUJB3OqgNjkavjolqDa6xQz%2Fu2k8xu6ZomvV%2BRoTAw5Dr81j86rR8VKv78SPcgRUGaTRAoRkQQhKIRU071NhhIA09pKhfw516NTLfH1iy6aOyuJgzdBaBWd2Nf6GKPaYXTpx75Al7%2BecZ4j0kOUp3IB8dNxqoqYuXnQ9n6ViJq1VJ9Dg2tZWSc4GBe0baBXSC7xaqNMgXNRugeGxvGbzm%2Fpyw9SJX2UzlLBHqY0LZbhhWcsc7q489JOwLKxR60TFigwBFTaS298eYUfia4zzh8znJAe9tCR8Ic0A%3D%3D&sso_reload=true
Frame ID: B3E56A09D44149870063FCC3C258ACF6
Requests: 62 HTTP requests in this frame

Frame: https://cdns.eu1.gigya.com/gs/webSdk/Api.aspx?apiKey=3_qOYUNdOudAGL3G4sZTUMpeCGVgPM3tSDjIgpJR5nGVPIRyrxSvX2zWd4_CsaeFq1&version=latest&build=13622
Frame ID: B22D58C868824033AE413BAECEFA6FE8
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bei Ihrem Konto anmelden

Page URL History Show full URLs

https://sabre-glbl.allaccesspass.com/login/index.php HTTP 303
https://sabre-glbl.allaccesspass.com/auth/gigya/redirect.php Page URL
https://socialize.eu1.gigya.com/accounts.socialLogin?x_authFlow=redirect&x_provider=saml-sabre-glbl.allacces... HTTP 302
https://login.microsoftonline.com/03ceccf2-fe27-4c66-abdb-699141848e61/saml2?SAMLRequest=tZJPb9pAEMW%2FirV32%2... Page URL
https://login.microsoftonline.com/03ceccf2-fe27-4c66-abdb-699141848e61/saml2?SAMLRequest=tZJPb9pAEMW%2FirV32%2... Page URL

Detected technologies

SAP Customer Data Cloud Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

\.gigya\.com/JS/gigya\.js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Matomo Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

piwik\.js|piwik\.php

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

65
Requests

92 %
HTTPS

36 %
IPv6

10
Domains

13
Subdomains

12
IPs

4
Countries

1887 kB
Transfer

6256 kB
Size

19
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.microsoft.com/de-DE/servicesagreement/
Title: Nutzungsbedingungen

Search URL Search Domain Scan URL

URL: https://privacy.microsoft.com/de-DE/privacystatement
Title: Datenschutz & Cookies

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/de-de/corporate/rechtliche-hinweise/impressum.aspx
Title: Haftungsausschluss

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://sabre-glbl.allaccesspass.com/login/index.php HTTP 303
https://sabre-glbl.allaccesspass.com/auth/gigya/redirect.php Page URL
https://socialize.eu1.gigya.com/accounts.socialLogin?x_authFlow=redirect&x_provider=saml-sabre-glbl.allaccesspass.com&x_redirectMethod=post&x_lang=en&x_sessionExpiration=0&x_include=profile%2Cdata&x_includeUserInfo=true&x_redirectURL=https%3A%2F%2Fsabre-glbl.allaccesspass.com%2Fmy%2F&x_apiDomain=eu1.gigya.com&x_sdk=js_latest&client_id=3_qOYUNdOudAGL3G4sZTUMpeCGVgPM3tSDjIgpJR5nGVPIRyrxSvX2zWd4_CsaeFq1&redirect_uri=%2FGS%2FAfterLogin.aspx&response_type=server_token&state=domain%3Dhttps%253A%252F%252Fsabre-glbl.allaccesspass.com%252Fauth%252Fgigya%252Fredirect.php%26lid%3Dflid1675589505383%26messaging%3D1%26id%3Daccounts_socialLogin_16755895064481675589506448%26sourceURL%3Dhttps%253A%252F%252Fsabre-glbl.allaccesspass.com%252Fauth%252Fgigya%252Fredirect.php%26redirectURL%3Dhttps%253A%252F%252Fsabre-glbl.allaccesspass.com%252Fmy%252F%253Fgig_events%253Dsocialize.login%26redirectMethod%3Dpost%26addUserInfo%3Dtrue&authMode=cookie HTTP 302
https://login.microsoftonline.com/03ceccf2-fe27-4c66-abdb-699141848e61/saml2?SAMLRequest=tZJPb9pAEMW%2FirV32%2Bu%2FhRUgIVCQK0gQBNrmEi3rsbOVvWt21jTk09d2mrQ5tLdeRzPzfm%2FeTJDXVcPmrX1SOzi3gNbJllNSyvLKY8rTIE05h1Oe8FhElI8gobzIw4QG42gU0Ig4RzAotZqS0KPEyRBbyBRarmxXomHk0tClyT0dsyhgcfpAnGWnIhW3w9STtQ0y3690KZVXS2E06sJqVUkFntC1TyMBQhShW0D4yY1Fmrr8lJ%2FcdDwO4mAUjyAN%2FN5HSJwbbQQMbqak4BVCT7TliPIC75U5IphefaEVtjWYPZiLFHDYrX%2FzFDKvPWgDbzjFANJr%2BJfOph89nu%2B%2BHW7zuzafr9bRKsaH%2B8OmgcXqWG43kd0vv2dl83mXqNVxm%2B2u5nl%2F%2BRq%2BfMnjxwVyuDl3wI3PBRLnua4UsiGGKWmNYpqjRKZ4DcisYPv5Zs06TdYYbbXQFZlN%2Bm42XNr8Mf%2Fvcf5mmsw%2BWPw%2F9ibDtl%2BMr8ANu%2B2gsuVWV1Jc%2B6Rq3r3I35gDLxgqMneLoZW1ChsQspCQdxlWlf6xMMBtl6s1bRerP3tV%2FfjOs58%3D&RelayState=tk1.UXlKJPEtbIeGfTRJHsg4WtezW55LtBwm5xZT27KZS2Q&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=TxsDvy496qr0%2BWQB2qZVzLBBwMzcZi2AOYks6OWXyvI59m%2FDDUEUJB3OqgNjkavjolqDa6xQz%2Fu2k8xu6ZomvV%2BRoTAw5Dr81j86rR8VKv78SPcgRUGaTRAoRkQQhKIRU071NhhIA09pKhfw516NTLfH1iy6aOyuJgzdBaBWd2Nf6GKPaYXTpx75Al7%2BecZ4j0kOUp3IB8dNxqoqYuXnQ9n6ViJq1VJ9Dg2tZWSc4GBe0baBXSC7xaqNMgXNRugeGxvGbzm%2Fpyw9SJX2UzlLBHqY0LZbhhWcsc7q489JOwLKxR60TFigwBFTaS298eYUfia4zzh8znJAe9tCR8Ic0A%3D%3D Page URL
https://login.microsoftonline.com/03ceccf2-fe27-4c66-abdb-699141848e61/saml2?SAMLRequest=tZJPb9pAEMW%2FirV32%2Bu%2FhRUgIVCQK0gQBNrmEi3rsbOVvWt21jTk09d2mrQ5tLdeRzPzfm%2FeTJDXVcPmrX1SOzi3gNbJllNSyvLKY8rTIE05h1Oe8FhElI8gobzIw4QG42gU0Ig4RzAotZqS0KPEyRBbyBRarmxXomHk0tClyT0dsyhgcfpAnGWnIhW3w9STtQ0y3690KZVXS2E06sJqVUkFntC1TyMBQhShW0D4yY1Fmrr8lJ%2FcdDwO4mAUjyAN%2FN5HSJwbbQQMbqak4BVCT7TliPIC75U5IphefaEVtjWYPZiLFHDYrX%2FzFDKvPWgDbzjFANJr%2BJfOph89nu%2B%2BHW7zuzafr9bRKsaH%2B8OmgcXqWG43kd0vv2dl83mXqNVxm%2B2u5nl%2F%2BRq%2BfMnjxwVyuDl3wI3PBRLnua4UsiGGKWmNYpqjRKZ4DcisYPv5Zs06TdYYbbXQFZlN%2Bm42XNr8Mf%2Fvcf5mmsw%2BWPw%2F9ibDtl%2BMr8ANu%2B2gsuVWV1Jc%2B6Rq3r3I35gDLxgqMneLoZW1ChsQspCQdxlWlf6xMMBtl6s1bRerP3tV%2FfjOs58%3D&RelayState=tk1.UXlKJPEtbIeGfTRJHsg4WtezW55LtBwm5xZT27KZS2Q&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=TxsDvy496qr0%2BWQB2qZVzLBBwMzcZi2AOYks6OWXyvI59m%2FDDUEUJB3OqgNjkavjolqDa6xQz%2Fu2k8xu6ZomvV%2BRoTAw5Dr81j86rR8VKv78SPcgRUGaTRAoRkQQhKIRU071NhhIA09pKhfw516NTLfH1iy6aOyuJgzdBaBWd2Nf6GKPaYXTpx75Al7%2BecZ4j0kOUp3IB8dNxqoqYuXnQ9n6ViJq1VJ9Dg2tZWSc4GBe0baBXSC7xaqNMgXNRugeGxvGbzm%2Fpyw9SJX2UzlLBHqY0LZbhhWcsc7q489JOwLKxR60TFigwBFTaS298eYUfia4zzh8znJAe9tCR8Ic0A%3D%3D&sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://sabre-glbl.allaccesspass.com/login/index.php HTTP 303
https://sabre-glbl.allaccesspass.com/auth/gigya/redirect.php

Request Chain 42

https://socialize.eu1.gigya.com/accounts.socialLogin?x_authFlow=redirect&x_provider=saml-sabre-glbl.allaccesspass.com&x_redirectMethod=post&x_lang=en&x_sessionExpiration=0&x_include=profile%2Cdata&x_includeUserInfo=true&x_redirectURL=https%3A%2F%2Fsabre-glbl.allaccesspass.com%2Fmy%2F&x_apiDomain=eu1.gigya.com&x_sdk=js_latest&client_id=3_qOYUNdOudAGL3G4sZTUMpeCGVgPM3tSDjIgpJR5nGVPIRyrxSvX2zWd4_CsaeFq1&redirect_uri=%2FGS%2FAfterLogin.aspx&response_type=server_token&state=domain%3Dhttps%253A%252F%252Fsabre-glbl.allaccesspass.com%252Fauth%252Fgigya%252Fredirect.php%26lid%3Dflid1675589505383%26messaging%3D1%26id%3Daccounts_socialLogin_16755895064481675589506448%26sourceURL%3Dhttps%253A%252F%252Fsabre-glbl.allaccesspass.com%252Fauth%252Fgigya%252Fredirect.php%26redirectURL%3Dhttps%253A%252F%252Fsabre-glbl.allaccesspass.com%252Fmy%252F%253Fgig_events%253Dsocialize.login%26redirectMethod%3Dpost%26addUserInfo%3Dtrue&authMode=cookie HTTP 302
https://login.microsoftonline.com/03ceccf2-fe27-4c66-abdb-699141848e61/saml2?SAMLRequest=tZJPb9pAEMW%2FirV32%2Bu%2FhRUgIVCQK0gQBNrmEi3rsbOVvWt21jTk09d2mrQ5tLdeRzPzfm%2FeTJDXVcPmrX1SOzi3gNbJllNSyvLKY8rTIE05h1Oe8FhElI8gobzIw4QG42gU0Ig4RzAotZqS0KPEyRBbyBRarmxXomHk0tClyT0dsyhgcfpAnGWnIhW3w9STtQ0y3690KZVXS2E06sJqVUkFntC1TyMBQhShW0D4yY1Fmrr8lJ%2FcdDwO4mAUjyAN%2FN5HSJwbbQQMbqak4BVCT7TliPIC75U5IphefaEVtjWYPZiLFHDYrX%2FzFDKvPWgDbzjFANJr%2BJfOph89nu%2B%2BHW7zuzafr9bRKsaH%2B8OmgcXqWG43kd0vv2dl83mXqNVxm%2B2u5nl%2F%2BRq%2BfMnjxwVyuDl3wI3PBRLnua4UsiGGKWmNYpqjRKZ4DcisYPv5Zs06TdYYbbXQFZlN%2Bm42XNr8Mf%2Fvcf5mmsw%2BWPw%2F9ibDtl%2BMr8ANu%2B2gsuVWV1Jc%2B6Rq3r3I35gDLxgqMneLoZW1ChsQspCQdxlWlf6xMMBtl6s1bRerP3tV%2FfjOs58%3D&RelayState=tk1.UXlKJPEtbIeGfTRJHsg4WtezW55LtBwm5xZT27KZS2Q&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=TxsDvy496qr0%2BWQB2qZVzLBBwMzcZi2AOYks6OWXyvI59m%2FDDUEUJB3OqgNjkavjolqDa6xQz%2Fu2k8xu6ZomvV%2BRoTAw5Dr81j86rR8VKv78SPcgRUGaTRAoRkQQhKIRU071NhhIA09pKhfw516NTLfH1iy6aOyuJgzdBaBWd2Nf6GKPaYXTpx75Al7%2BecZ4j0kOUp3IB8dNxqoqYuXnQ9n6ViJq1VJ9Dg2tZWSc4GBe0baBXSC7xaqNMgXNRugeGxvGbzm%2Fpyw9SJX2UzlLBHqY0LZbhhWcsc7q489JOwLKxR60TFigwBFTaS298eYUfia4zzh8znJAe9tCR8Ic0A%3D%3D

65 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

redirect.php Show response
sabre-glbl.allaccesspass.com/auth/gigya/
Redirect Chain

https://sabre-glbl.allaccesspass.com/login/index.php
https://sabre-glbl.allaccesspass.com/auth/gigya/redirect.php

84 KB
85 KB

459ms
459ms

Document
text/html

2606:4700::6811:9e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sabre-glbl.allaccesspass.com/auth/gigya/redirect.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e65e816468e378398c8b6b03778512b0b7b589357f6f71d08d552eb589fb4a32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: none
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
access-control-allow-methods: GET, OPTIONS
cache-control: private, pre-check=0, post-check=0, max-age=0, no-transform
cf-cache-status: DYNAMIC
cf-ray: 794aa278697f3a4f-FRA
content-language: de
content-script-type: text/javascript
content-style-type: text/css
content-type: text/html; charset=utf-8
date: Sun, 05 Feb 2023 09:31:43 GMT
expires
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-frame-options: sameorigin
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
access-control-allow-methods: GET, OPTIONS
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 794aa273bb1f3a4f-FRA
content-language: de
content-type: text/html; charset=utf-8
date: Sun, 05 Feb 2023 09:31:42 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://sabre-glbl.allaccesspass.com/auth/gigya/redirect.php
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-redirect-by: Moodle
x-xss-protection: 1; mode=block

GET
H2 200 yui_combo.php
sabre-glbl.allaccesspass.com/theme/ 5 KB
2 KB 247ms
246ms Stylesheet
text/css 2606:4700::6811:9e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sabre-glbl.allaccesspass.com/theme/yui_combo.php?3.17.2/cssreset/cssreset-min.css&3.17.2/cssfonts/cssfonts-min.css&3.17.2/cssgrids/cssgrids-min.css&3.17.2/cssbase/cssbase-min.css

Requested by

Host: sabre-glbl.allaccesspass.com
URL: https://sabre-glbl.allaccesspass.com/auth/gigya/redirect.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3195ad9f8f03f61bbc60571b47b67ba7e41b0cf29e881ab188ff2dadf766e073

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sabre-glbl.allaccesspass.com/auth/gigya/redirect.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 09:31:43 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
content-disposition: inline; filename="combo"
x-xss-protection: 1; mode=block
pragma
last-modified: Sat, 28 Jan 2023 08:06:06 GMT
server: cloudflare
etag: W/"27dd1ce6eca23b53d4028dba08a0b3030dbedf0f"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css;charset=UTF-8
cache-control: public, max-age=31104000, immutable
access-control-allow-credentials: true
cf-ray: 794aa27b9da53a4f-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Wed, 31 Jan 2024 09:31:43 GMT

GET
H2 200 yui_combo.php
sabre-glbl.allaccesspass.com/theme/ 4 KB
1 KB 262ms
262ms Stylesheet
text/css 2606:4700::6811:9e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sabre-glbl.allaccesspass.com/theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple-min.css

Requested by

Host: sabre-glbl.allaccesspass.com
URL: https://sabre-glbl.allaccesspass.com/auth/gigya/redirect.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fbd5b8255a99afe96e89a88423275ed4e93083fad3311dd349906122e63206a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sabre-glbl.allaccesspass.com/auth/gigya/redirect.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 09:31:43 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
content-disposition: inline; filename="combo"
x-xss-protection: 1; mode=block
pragma
last-modified: Sat, 28 Jan 2023 08:06:06 GMT
server: cloudflare
etag: W/"b9bc567c469e2872cf3bbb14603342a72de2509b"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css;charset=UTF-8
cache-control: public, max-age=31104000, immutable
access-control-allow-credentials: true
cf-ray: 794aa27b9da73a4f-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Wed, 31 Jan 2024 09:31:43 GMT

GET
H2 200 all
sabre-glbl.allaccesspass.com/theme/styles.php/explore/1674949325_1674955291/ 1 MB
176 KB 324ms
324ms Stylesheet
text/css 2606:4700::6811:9e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sabre-glbl.allaccesspass.com/theme/styles.php/explore/1674949325_1674955291/all

Requested by

Host: sabre-glbl.allaccesspass.com
URL: https://sabre-glbl.allaccesspass.com/auth/gigya/redirect.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9f005e089d9b3687422ecf086ea3591799905a1a07d14296eb227a9a7c31ef5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sabre-glbl.allaccesspass.com/auth/gigya/redirect.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 09:31:43 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
content-disposition: inline; filename="styles.php"
x-xss-protection: 1; mode=block
pragma
last-modified: Sun, 29 Jan 2023 01:23:05 GMT
server: cloudflare
etag: W/"35e577c8766624077f509a1eb8a25badccba89c3"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css; charset=utf-8
cache-control: public, max-age=7776000, immutable
access-control-allow-credentials: true
cf-ray: 794aa27b9da93a4f-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Sat, 06 May 2023 09:31:43 GMT

GET
H2 200 bootstrap.css
sabre-glbl.allaccesspass.com/theme/explore/style/ 174 KB
24 KB 227ms
226ms Stylesheet
text/css 2606:4700::6811:9e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sabre-glbl.allaccesspass.com/theme/explore/style/bootstrap.css

Requested by

Host: sabre-glbl.allaccesspass.com
URL: https://sabre-glbl.allaccesspass.com/auth/gigya/redirect.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c1a4c25634d5841924aab1848acc9dcbc3d5672183053c8b71ff2139b65d7c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sabre-glbl.allaccesspass.com/auth/gigya/redirect.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 09:31:43 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Sat, 28 Jan 2023 08:04:22 GMT
server: cloudflare
etag: W/"2b7e8-5f34e6dff4d80"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
cache-control: public, max-age=86400
access-control-allow-credentials: true
cf-ray: 794aa27b9dab3a4f-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Mon, 06 Feb 2023 09:31:43 GMT

GET
H2 200 polyfill.min.js Show response
sabre-glbl.allaccesspass.com/lib/javascript.php/1674949325/lib/babel-polyfill/ 97 KB
34 KB 302ms
301ms Script
application/javascript 2606:4700::6811:9e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sabre-glbl.allaccesspass.com/lib/javascript.php/1674949325/lib/babel-polyfill/polyfill.min.js

Requested by

Host: sabre-glbl.allaccesspass.com
URL: https://sabre-glbl.allaccesspass.com/auth/gigya/redirect.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9e07890edf5f6f350ef465b37479fc6192923e60e64d9f20af37eb3b011cc66

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sabre-glbl.allaccesspass.com/auth/gigya/redirect.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 09:31:43 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
content-disposition: inline; filename="javascript.php"
x-xss-protection: 1; mode=block
pragma
last-modified: Sun, 29 Jan 2023 05:38:08 GMT
server: cloudflare
etag: W/"e8f3b480b579ea03b124ea719717f3aac2fb540e"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=7776000
access-control-allow-credentials: true
cf-ray: 794aa27b9dae3a4f-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Sat, 06 May 2023 09:31:43 GMT

GET
H2 200 polyfill.js Show response
sabre-glbl.allaccesspass.com/lib/javascript.php/1674949325/lib/polyfills/ 17 KB
5 KB 257ms
256ms Script
application/javascript 2606:4700::6811:9e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sabre-glbl.allaccesspass.com/lib/javascript.php/1674949325/lib/polyfills/polyfill.js

Requested by

Host: sabre-glbl.allaccesspass.com
URL: https://sabre-glbl.allaccesspass.com/auth/gigya/redirect.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

244ff779cc4a0d32d8a21e1dceece94080b39c4b2c77ab5c0a772f333db71216

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sabre-glbl.allaccesspass.com/auth/gigya/redirect.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 09:31:43 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
content-disposition: inline; filename="javascript.php"
x-xss-protection: 1; mode=block
pragma
last-modified: Sun, 29 Jan 2023 05:38:09 GMT
server: cloudflare
etag: W/"3086cedcb43df49f7003f685c6097f11c30a740c"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=7776000
access-control-allow-credentials: true
cf-ray: 794aa27b9daf3a4f-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Sat, 06 May 2023 09:31:43 GMT

GET
H2 200 yui_combo.php Show response
sabre-glbl.allaccesspass.com/theme/ 276 KB
84 KB 279ms
278ms Script
application/javascript 2606:4700::6811:9e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sabre-glbl.allaccesspass.com/theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple-min.js

Requested by

Host: sabre-glbl.allaccesspass.com
URL: https://sabre-glbl.allaccesspass.com/auth/gigya/redirect.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13eaaadfa414f262b7964320054bb2b322b9ef9f3522bc25c9d60dc83b5141cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sabre-glbl.allaccesspass.com/auth/gigya/redirect.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 09:31:43 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
content-disposition: inline; filename="combo"
x-xss-protection: 1; mode=block
pragma
last-modified: Sat, 28 Jan 2023 08:06:06 GMT
server: cloudflare
etag: W/"78581a0bac8a932effb32db3e91e0f2f2b47c08e"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
cache-control: public, max-age=31104000, immutable
access-control-allow-credentials: true
cf-ray: 794aa27b9db03a4f-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Wed, 31 Jan 2024 09:31:43 GMT

GET
H2 200 javascript-static.js Show response
sabre-glbl.allaccesspass.com/lib/javascript.php/1674949325/lib/ 21 KB
7 KB 259ms
258ms Script
application/javascript 2606:4700::6811:9e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sabre-glbl.allaccesspass.com/lib/javascript.php/1674949325/lib/javascript-static.js

Requested by

Host: sabre-glbl.allaccesspass.com
URL: https://sabre-glbl.allaccesspass.com/auth/gigya/redirect.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec9d65cb26cade9adcf9c012734551cf8c86c49a1ff45fef12662ae42f312e3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sabre-glbl.allaccesspass.com/auth/gigya/redirect.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 09:31:43 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
content-disposition: inline; filename="javascript.php"
x-xss-protection: 1; mode=block
pragma
last-modified: Sun, 29 Jan 2023 05:38:08 GMT
server: cloudflare
etag: W/"822cbdc6dc6b5e9d2fb5877f540d69bfa1641366"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=7776000
access-control-allow-credentials: true
cf-ray: 794aa27b9db23a4f-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Sat, 06 May 2023 09:31:43 GMT

GET
H2 200 head Show response
sabre-glbl.allaccesspass.com/theme/javascript.php/explore/1674949325/ 247 KB
82 KB 259ms
259ms Script
application/javascript 2606:4700::6811:9e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sabre-glbl.allaccesspass.com/theme/javascript.php/explore/1674949325/head

Requested by

Host: sabre-glbl.allaccesspass.com
URL: https://sabre-glbl.allaccesspass.com/auth/gigya/redirect.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44e1c6e07e9368fef34008b5c7219e220bf4af5e67dd052392670cf73aac5540

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sabre-glbl.allaccesspass.com/auth/gigya/redirect.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 09:31:43 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
content-disposition: inline; filename="javascript.php"
x-xss-protection: 1; mode=block
pragma
last-modified: Sun, 29 Jan 2023 05:38:09 GMT
server: cloudflare
etag: W/"98c28b21c9fcaf122a68aacef518ddbb90e1bbff"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=7776000, immutable
access-control-allow-credentials: true
cf-ray: 794aa27b9db43a4f-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Sat, 06 May 2023 09:31:43 GMT

GET
H2 200 require.min.js Show response
sabre-glbl.allaccesspass.com/lib/javascript.php/1674949325/lib/requirejs/ 17 KB
7 KB 267ms
267ms Script
application/javascript 2606:4700::6811:9e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sabre-glbl.allaccesspass.com/lib/javascript.php/1674949325/lib/requirejs/require.min.js

Requested by

Host: sabre-glbl.allaccesspass.com
URL: https://sabre-glbl.allaccesspass.com/auth/gigya/redirect.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ce0dbd6a1df9332653e27d1ddc505c5b78fd82b4112de0ec63840c3fbe0b8c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sabre-glbl.allaccesspass.com/auth/gigya/redirect.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 09:31:43 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
content-disposition: inline; filename="javascript.php"
x-xss-protection: 1; mode=block
pragma
last-modified: Sun, 29 Jan 2023 05:38:09 GMT
server: cloudflare
etag: W/"72ae426c2e608e33160990911777997d08d08556"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=7776000
access-control-allow-credentials: true
cf-ray: 794aa27b9db53a4f-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Sat, 06 May 2023 09:31:43 GMT

GET
H2 200 gotham-book-webfont.woff2
sabre-glbl.allaccesspass.com/theme/font.php/explore/theme/1674949325/ 16 KB
17 KB 257ms
257ms Font
application/font-woff2 2606:4700::6811:9e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sabre-glbl.allaccesspass.com/theme/font.php/explore/theme/1674949325/gotham-book-webfont.woff2

Requested by

Host: sabre-glbl.allaccesspass.com
URL: https://sabre-glbl.allaccesspass.com/theme/styles.php/explore/1674949325_1674955291/all

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88425afc6e97c1d162e0a355b790dc4e020ff80b632e5649697dca5bc784002d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sabre-glbl.allaccesspass.com/theme/styles.php/explore/1674949325_1674955291/all
Origin: https://sabre-glbl.allaccesspass.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 09:31:44 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: MISS
content-disposition: inline; filename="gotham-book-webfont.woff2"
content-length: 16700
x-xss-protection: 1; mode=block
pragma
last-modified: Sun, 29 Jan 2023 05:38:11 GMT
server: cloudflare
etag: "997bdb0aa8d3d5cd9a89dcd4e5d9529c81a4e657"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/font-woff2
access-control-allow-origin: https://sabre-glbl.allaccesspass.com
cache-control: public, max-age=7776000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 794aa27ea9603a4f-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Sat, 06 May 2023 09:31:44 GMT

GET
H2 200 yui_combo.php Show response
sabre-glbl.allaccesspass.com/theme/ 2 KB
1023 B 234ms
234ms Script
application/javascript 2606:4700::6811:9e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sabre-glbl.allaccesspass.com/theme/yui_combo.php?m/1674949325/core/event/event-min.js&m/1674949325/filter_mathjaxloader/loader/loader-min.js

Requested by

Host: sabre-glbl.allaccesspass.com
URL: https://sabre-glbl.allaccesspass.com/auth/gigya/redirect.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7eb61ba5b02c939a8985c145a24985cb3b4e3cadfcfc00fa5bca76aa0d8c5238

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sabre-glbl.allaccesspass.com/auth/gigya/redirect.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 09:31:44 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
content-disposition: inline; filename="combo"
x-xss-protection: 1; mode=block
pragma
last-modified: Sat, 28 Jan 2023 08:06:04 GMT
server: cloudflare
etag: W/"4f735b02a7b2f3c2cf2c10df173d892bcc296acd"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
cache-control: public, max-age=31104000, immutable
access-control-allow-credentials: true
cf-ray: 794aa27ed99e3a4f-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Wed, 31 Jan 2024 09:31:43 GMT

GET
H2 200 fc-all-access-pass.svg
sabre-glbl.allaccesspass.com/theme/explore/pix/ 6 KB
2 KB 236ms
236ms Image
image/svg+xml 2606:4700::6811:9e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sabre-glbl.allaccesspass.com/theme/explore/pix/fc-all-access-pass.svg

Requested by

Host: sabre-glbl.allaccesspass.com
URL: https://sabre-glbl.allaccesspass.com/theme/styles.php/explore/1674949325_1674955291/all

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3244bd74b32ba997b08940680a1c95511a9b8f529fb11b87b1df7c0378b8214

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sabre-glbl.allaccesspass.com/theme/styles.php/explore/1674949325_1674955291/all
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 09:31:44 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Sat, 28 Jan 2023 08:04:22 GMT
server: cloudflare
etag: W/"1964-5f34e6dff4d80"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/svg+xml
cache-control: public, max-age=86400
access-control-allow-credentials: true
cf-ray: 794aa27ee9ac3a4f-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Mon, 06 Feb 2023 09:31:44 GMT

GET
H2 200 logo_white
sabre-glbl.allaccesspass.com/theme/image.php/explore/theme/1674949325/ 8 KB
8 KB 212ms
212ms Image
image/png 2606:4700::6811:9e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sabre-glbl.allaccesspass.com/theme/image.php/explore/theme/1674949325/logo_white

Requested by

Host: sabre-glbl.allaccesspass.com
URL: https://sabre-glbl.allaccesspass.com/theme/styles.php/explore/1674949325_1674955291/all

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8edda064d7c63f7054917d4b362a21f658c30402bbb3a2e0c2b068da5d87764

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sabre-glbl.allaccesspass.com/theme/styles.php/explore/1674949325_1674955291/all
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 09:31:44 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-disposition: inline; filename="logo_white.png"
content-length: 7912
x-xss-protection: 1; mode=block
pragma
last-modified: Sun, 29 Jan 2023 05:38:10 GMT
server: cloudflare
etag: "67d54e27005f4a74822e071106d178d8c66e66ed"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
cache-control: public, max-age=7776000, no-transform, immutable
access-control-allow-credentials: true
accept-ranges: none
cf-ray: 794aa27ee9ad3a4f-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Sat, 06 May 2023 09:31:43 GMT

GET
H2 200 fontawesome-webfont.woff2
sabre-glbl.allaccesspass.com/theme/font.php/explore/theme/1674949325/ 75 KB
76 KB 273ms
272ms Font
application/font-woff2 2606:4700::6811:9e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sabre-glbl.allaccesspass.com/theme/font.php/explore/theme/1674949325/fontawesome-webfont.woff2

Requested by

Host: sabre-glbl.allaccesspass.com
URL: https://sabre-glbl.allaccesspass.com/theme/styles.php/explore/1674949325_1674955291/all

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sabre-glbl.allaccesspass.com/theme/styles.php/explore/1674949325_1674955291/all
Origin: https://sabre-glbl.allaccesspass.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 09:31:44 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: MISS
content-disposition: inline; filename="fontawesome-webfont.woff2"
content-length: 77160
x-xss-protection: 1; mode=block
pragma
last-modified: Sun, 29 Jan 2023 05:38:10 GMT
server: cloudflare
etag: "2ea073115127e72000aaa855160d9aafaf3642a3"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/font-woff2
access-control-allow-origin: https://sabre-glbl.allaccesspass.com
cache-control: public, max-age=7776000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 794aa27ee9b03a4f-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Sat, 06 May 2023 09:31:44 GMT

GET
H2 200 first.js Show response
sabre-glbl.allaccesspass.com/lib/requirejs.php/1674949325/core/ 2 MB
399 KB 398ms
398ms Script
application/javascript 2606:4700::6811:9e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sabre-glbl.allaccesspass.com/lib/requirejs.php/1674949325/core/first.js

Requested by

Host: sabre-glbl.allaccesspass.com
URL: https://sabre-glbl.allaccesspass.com/auth/gigya/redirect.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

464dc53c29fe2f42628ffc7f81a0fc50d8b0d37f15c4dba9b7b13058f0750cc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sabre-glbl.allaccesspass.com/auth/gigya/redirect.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 09:31:44 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
content-disposition: inline; filename="requirejs.php"
x-xss-protection: 1; mode=block
pragma
last-modified: Sun, 29 Jan 2023 05:38:11 GMT
server: cloudflare
etag: W/"0c1c311ad2c5de41653e18cc0ed53140e516d872"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=7776000
access-control-allow-credentials: true
cf-ray: 794aa27f09e13a4f-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Sat, 06 May 2023 09:31:44 GMT

GET
H2 200 yui_combo.php
sabre-glbl.allaccesspass.com/theme/ 5 KB
1 KB 223ms
222ms Stylesheet
text/css 2606:4700::6811:9e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sabre-glbl.allaccesspass.com/theme/yui_combo.php?3.17.2/cssbutton/cssbutton-min.css

Requested by

Host: sabre-glbl.allaccesspass.com
URL: https://sabre-glbl.allaccesspass.com/auth/gigya/redirect.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4cc4d14d94d940a82ceb24dc9c9ae9d4573a436e1369db31f2d9c2b1546fe18

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sabre-glbl.allaccesspass.com/auth/gigya/redirect.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 09:31:44 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
content-disposition: inline; filename="combo"
x-xss-protection: 1; mode=block
pragma
last-modified: Sat, 28 Jan 2023 08:06:06 GMT
server: cloudflare
etag: W/"323202bec286f8abd417e82b36bf85c33dc46920"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css;charset=UTF-8
cache-control: public, max-age=31104000, immutable
access-control-allow-credentials: true
cf-ray: 794aa2805b8e3a4f-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Wed, 31 Jan 2024 09:31:44 GMT

GET
H2 200 yui_combo.php Show response
sabre-glbl.allaccesspass.com/theme/ 17 KB
6 KB 223ms
223ms Script
application/javascript 2606:4700::6811:9e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sabre-glbl.allaccesspass.com/theme/yui_combo.php?m/1674949325/core/widget/widget-focusafterclose-min.js&3.17.2/plugin/plugin-min.js&m/1674949325/core/lockscroll/lockscroll-min.js&m/1674949325/core/notification/notification-dialogue-min.js&m/1674949325/core/tooltip/tooltip-min.js&m/1674949325/core/popuphelp/popuphelp-min.js

Requested by

Host: sabre-glbl.allaccesspass.com
URL: https://sabre-glbl.allaccesspass.com/auth/gigya/redirect.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0643b89f1c7ee48d7c6924f3218038573e96a141d4cabb8245f2b6e1cc114aa7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sabre-glbl.allaccesspass.com/auth/gigya/redirect.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 09:31:44 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
content-disposition: inline; filename="combo"
x-xss-protection: 1; mode=block
pragma
last-modified: Sat, 28 Jan 2023 08:06:06 GMT
server: cloudflare
etag: W/"9c7e70fbe4893aeffc2d630ed9dd6a59a385e5ae"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
cache-control: public, max-age=31104000, immutable
access-control-allow-credentials: true
cf-ray: 794aa281ce0d3a4f-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Wed, 31 Jan 2024 09:31:44 GMT

GET
H2 200 jquery-3.5.1.min.js Show response
sabre-glbl.allaccesspass.com/lib/javascript.php/1674949325/lib/jquery/ 87 KB
32 KB 41ms
41ms Script
application/javascript 2606:4700::6811:9e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sabre-glbl.allaccesspass.com/lib/javascript.php/1674949325/lib/jquery/jquery-3.5.1.min.js

Requested by

Host: sabre-glbl.allaccesspass.com
URL: https://sabre-glbl.allaccesspass.com/auth/gigya/redirect.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

621c0f52571ccff5dab81de13db26fda4b4a7dad83a01827c9139571023abea4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sabre-glbl.allaccesspass.com/auth/gigya/redirect.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 09:31:44 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 263686
content-disposition: inline; filename="javascript.php"
x-xss-protection: 1; mode=block
pragma
last-modified: Sun, 29 Jan 2023 05:38:15 GMT
server: cloudflare
etag: W/"13db4059cb7251456aadbcd0bcad72a5a285a17f"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=7776000
access-control-allow-credentials: true
cf-ray: 794aa2821e6e3a4f-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Sat, 06 May 2023 09:31:44 GMT

GET
H/1.1 200
OK gigya.js Show response
cdns.gigya.com/JS/ 470 KB
148 KB 705ms
595ms Script
text/javascript 23.203.124.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdns.gigya.com/JS/gigya.js?apiKey=3_qOYUNdOudAGL3G4sZTUMpeCGVgPM3tSDjIgpJR5nGVPIRyrxSvX2zWd4_CsaeFq1
Requested by: Host: sabre-glbl.allaccesspass.com
URL: https://sabre-glbl.allaccesspass.com/auth/gigya/redirect.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.203.124.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-124-246.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9bd56c050af4879339542dd853a667ba1986a1f4d98c329b300b32dc2327dd6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sabre-glbl.allaccesspass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Sun, 05 Feb 2023 09:31:45 GMT
Content-Encoding: gzip
x-soa: true, Gator
Vary: Accept-Encoding
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
Access-Control-Allow-Origin: *
x-callid: 667a899181ee493a8f0b0e67d71d6b40
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, max-age=900, s-maxage=3600
x-server: us1d-nomad-g51
Connection: keep-alive
x-error-code: 0
x-robots-tag: none
Content-Length: 150658
Expires: Sun, 05 Feb 2023 09:46:45 GMT

GET
H2 200 service-nologin.php Show response
sabre-glbl.allaccesspass.com/lib/ajax/ 2 KB
871 B 286ms
285ms XHR
application/json 2606:4700::6811:9e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sabre-glbl.allaccesspass.com/lib/ajax/service-nologin.php?info=core_output_load_template_with_dependencies,core_output_load_template_with_dependencies,core_output_load_template_with_dependencies,core_output_load_template_with_dependencies&cachekey=1674949325&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22loading%22%2C%22themename%22%3A%22explore%22%2C%22lang%22%3A%22de%22%7D%7D%2C%7B%22index%22%3A1%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22modal%22%2C%22themename%22%3A%22explore%22%2C%22lang%22%3A%22de%22%7D%7D%2C%7B%22index%22%3A2%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22modal_backdrop%22%2C%22themename%22%3A%22explore%22%2C%22lang%22%3A%22de%22%7D%7D%2C%7B%22index%22%3A3%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22pix_icon%22%2C%22themename%22%3A%22explore%22%2C%22lang%22%3A%22de%22%7D%7D%5D

Requested by

Host: sabre-glbl.allaccesspass.com
URL: https://sabre-glbl.allaccesspass.com/auth/gigya/redirect.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d48070cc41f2a2635157b17181a8c3301e2dadc903b9cb8f2cda85e4f5552181

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-NewRelic-ID: VwYGUlZQDBAJUllRBAcFX1U=
tracestate: 3013034@nr=0-1-3013034-968336352-09ef33e36d52b899----1675589504899
traceparent: 00-f7d8cb2b0cbaaccaa9e8533cf3516570-09ef33e36d52b899-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMwMTMwMzQiLCJhcCI6Ijk2ODMzNjM1MiIsImlkIjoiMDllZjMzZTM2ZDUyYjg5OSIsInRyIjoiZjdkOGNiMmIwY2JhYWNjYWE5ZTg1MzNjZjM1MTY1NzAiLCJ0aSI6MTY3NTU4OTUwNDg5OX19
Content-Type: application/json
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://sabre-glbl.allaccesspass.com/auth/gigya/redirect.php
X-Requested-With: XMLHttpRequest

Response headers

pragma
date: Sun, 05 Feb 2023 09:31:45 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
access-control-allow-methods: GET, OPTIONS
content-type: application/json; charset=utf-8
cache-control: public, max-age=7776000, immutable
access-control-allow-credentials: true
cf-ray: 794aa285aadd3a4f-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
x-xss-protection: 1; mode=block
expires: Sat, 06 May 2023 09:31:45 GMT

GET
H2 200 service-nologin.php Show response
sabre-glbl.allaccesspass.com/lib/ajax/ 247 B
178 B 292ms
292ms XHR
application/json 2606:4700::6811:9e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sabre-glbl.allaccesspass.com/lib/ajax/service-nologin.php?info=6-method-calls&cachekey=1674949325&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22cancel%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22de%22%7D%7D%2C%7B%22index%22%3A1%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22closebuttontitle%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22de%22%7D%7D%2C%7B%22index%22%3A2%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22loading%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22de%22%7D%7D%2C%7B%22index%22%3A3%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22savechanges%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22de%22%7D%7D%2C%7B%22index%22%3A4%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22showless%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core_form%22%2C%22lang%22%3A%22de%22%7D%7D%2C%7B%22index%22%3A5%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22showmore%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core_form%22%2C%22lang%22%3A%22de%22%7D%7D%5D

Requested by

Host: sabre-glbl.allaccesspass.com
URL: https://sabre-glbl.allaccesspass.com/auth/gigya/redirect.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47d4926ac5a1fc8fb429ef63b24d171ebc2c937ddf8f365229c400981e5e5028

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-NewRelic-ID: VwYGUlZQDBAJUllRBAcFX1U=
tracestate: 3013034@nr=0-1-3013034-968336352-39e49f5160325cba----1675589504905
traceparent: 00-bc893660b1ef77ed37263dc95ab12090-39e49f5160325cba-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMwMTMwMzQiLCJhcCI6Ijk2ODMzNjM1MiIsImlkIjoiMzllNDlmNTE2MDMyNWNiYSIsInRyIjoiYmM4OTM2NjBiMWVmNzdlZDM3MjYzZGM5NWFiMTIwOTAiLCJ0aSI6MTY3NTU4OTUwNDkwNX19
Content-Type: application/json
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://sabre-glbl.allaccesspass.com/auth/gigya/redirect.php
X-Requested-With: XMLHttpRequest

Response headers

pragma
date: Sun, 05 Feb 2023 09:31:45 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
access-control-allow-methods: GET, OPTIONS
content-type: application/json; charset=utf-8
cache-control: public, max-age=7776000, immutable
access-control-allow-credentials: true
cf-ray: 794aa285aae53a4f-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
x-xss-protection: 1; mode=block
expires: Sat, 06 May 2023 09:31:45 GMT

GET
H/1.1 200
OK sdk.config.get Show response
cdns.eu1.gigya.com/ 3 KB
2 KB 493ms
351ms Fetch
text/javascript 23.203.124.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdns.eu1.gigya.com/sdk.config.get?apiKey=3_qOYUNdOudAGL3G4sZTUMpeCGVgPM3tSDjIgpJR5nGVPIRyrxSvX2zWd4_CsaeFq1&httpStatusCodes=true
Requested by: Host: sabre-glbl.allaccesspass.com
URL: https://sabre-glbl.allaccesspass.com/auth/gigya/redirect.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.203.124.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-124-246.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4c4315a802a524908b6bdb663ec91621674f4874187586d885f188f7e141dbe1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sabre-glbl.allaccesspass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Sun, 05 Feb 2023 09:31:45 GMT
Content-Encoding: gzip
x-soa: true, Gator
Vary: Accept-Encoding
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
Access-Control-Allow-Origin: *
x-callid: cb48af3d9da1455baefe2f2a7210cf84
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, s-maxage=120
x-server: us1d-nomad-g60
Connection: keep-alive
Accept-Ranges: bytes
x-error-code: 0
x-robots-tag: none
Content-Length: 1195

GET
H2 200 692.215647de-1223.js Show response
js-agent.newrelic.com/ 2 KB
2 KB 27ms
7ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/692.215647de-1223.js
Requested by: Host: sabre-glbl.allaccesspass.com
URL: https://sabre-glbl.allaccesspass.com/auth/gigya/redirect.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a757f891e9f4a002a7aecb7fcf4e1d74e3e43cc2dc74c3a1fe3812fe7c9a3545

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sabre-glbl.allaccesspass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: I.n_PBR7fU5g2cmlAwgMlzr4Oik5bP_f
content-encoding: gzip
via: 1.1 varnish
date: Sun, 05 Feb 2023 09:31:45 GMT
x-amz-request-id: JWQRWPTWFQTBVE63
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1087
x-amz-id-2: TFxJY3g2BNvW0+h3snSqRJ78VqyviLqrYjsgDJfga3RpaFjmwAAEntq0mKIg/RdWvFFaggo6uWc=
x-served-by: cache-hhn-etou8220067-HHN
last-modified: Fri, 27 Jan 2023 21:42:05 GMT
server: AmazonS3
x-timer: S1675589505.426053,VS0,VE0
etag: "2a9c8457fef96067bf92a4ec54fb10b8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 6579

GET
H2 200 779.215647de-1223.js Show response
js-agent.newrelic.com/ 8 KB
4 KB 27ms
7ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/779.215647de-1223.js
Requested by: Host: sabre-glbl.allaccesspass.com
URL: https://sabre-glbl.allaccesspass.com/auth/gigya/redirect.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 226b38d4dd6197b2d2989ef529f69e83ee3ff816b601033ee5ad3ba07fa76307

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sabre-glbl.allaccesspass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: d0hMUd3mWD9ItciiSIXCSy8OWToOTtsf
content-encoding: gzip
via: 1.1 varnish
date: Sun, 05 Feb 2023 09:31:45 GMT
x-amz-request-id: PJQVE2SANNV0CKB7
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3516
x-amz-id-2: hEapgtqQyNMW5lxoLEUAGZ5YQwX3OOSDRs+S/p1wy5ZURGBDpqS+8PXzdDsoXiaPBO1QrCfmfpg=
x-served-by: cache-hhn-etou8220067-HHN
last-modified: Fri, 27 Jan 2023 21:42:05 GMT
server: AmazonS3
x-timer: S1675589505.425993,VS0,VE0
etag: "1f9dc6167676d6db728e844d20a97ad5"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 6576

GET
H2 200 823.215647de-1223.js Show response
js-agent.newrelic.com/ 3 KB
2 KB 28ms
8ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/823.215647de-1223.js
Requested by: Host: sabre-glbl.allaccesspass.com
URL: https://sabre-glbl.allaccesspass.com/auth/gigya/redirect.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cf2b7b8c9c5756454079e4eb012128b38f569bcc9d32a5b895df5396ae5052b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sabre-glbl.allaccesspass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: W2tA0gkaWp6JlPnYeFhc2plzNBl_myPN
content-encoding: gzip
via: 1.1 varnish
date: Sun, 05 Feb 2023 09:31:45 GMT
x-amz-request-id: JWQY2YFAVQP3V4KV
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1365
x-amz-id-2: wgIjfzxQvFKrwT6t3cNQbsXGER1qt6NYKLgJn9wCmyWHg/n78NsBzC63exSAdsvnu0WKYo3tYK0=
x-served-by: cache-hhn-etou8220067-HHN
last-modified: Fri, 27 Jan 2023 21:42:05 GMT
server: AmazonS3
x-timer: S1675589505.426623,VS0,VE0
etag: "ce7762cf4b6665f79c15503dbccd6c68"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 6573

GET
H2 200 785.215647de-1223.js Show response
js-agent.newrelic.com/ 5 KB
2 KB 27ms
8ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/785.215647de-1223.js
Requested by: Host: sabre-glbl.allaccesspass.com
URL: https://sabre-glbl.allaccesspass.com/auth/gigya/redirect.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e87e201d3ac066d6522dc7a17d02df52163ae9e47173244f017d23476f9e1eda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sabre-glbl.allaccesspass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: 24gfKeCbKAAA6djjTUpWk6gRfGGq6MlZ
content-encoding: gzip
via: 1.1 varnish
date: Sun, 05 Feb 2023 09:31:45 GMT
x-amz-request-id: JWQSXS3XRYHAWNT1
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2103
x-amz-id-2: mznAU7fdQzGKE5yOd7gdc8UbJAYFJKMjFoXL8t+kNaCVqrrLRGUeF9zPkx2FnGjk0K74DD8fLaM=
x-served-by: cache-hhn-etou8220067-HHN
last-modified: Fri, 27 Jan 2023 21:42:05 GMT
server: AmazonS3
x-timer: S1675589505.426518,VS0,VE0
etag: "85340359c90104ea511047eb2b57ebb5"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 7114

GET
H2 200 325.215647de-1223.js Show response
js-agent.newrelic.com/ 1 KB
766 B 27ms
8ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/325.215647de-1223.js
Requested by: Host: sabre-glbl.allaccesspass.com
URL: https://sabre-glbl.allaccesspass.com/auth/gigya/redirect.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b1ffa703af97cbc8af57a71d2ba52caf7f68d6d34b50190aa9b7d0cb53233e9a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sabre-glbl.allaccesspass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: TZXfN40R6cv9QsF3fTfxRxppzwQ_LugL
content-encoding: gzip
via: 1.1 varnish
date: Sun, 05 Feb 2023 09:31:45 GMT
x-amz-request-id: JWQRACDTXEQ6CHSR
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 560
x-amz-id-2: QqQ/hEYT9d3WSlxe8kiulGVy83u/+USYX+4qRxlPjhyGBjgMKtfQa8Wpd7nR8x79V8vFmGs5Bxw=
x-served-by: cache-hhn-etou8220067-HHN
last-modified: Fri, 27 Jan 2023 21:42:05 GMT
server: AmazonS3
x-timer: S1675589505.426504,VS0,VE0
etag: "8bfb1318203f2143642fa7f2620e90b9"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 7111

GET
H2 200 112.215647de-1223.js Show response
js-agent.newrelic.com/ 7 KB
3 KB 27ms
8ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/112.215647de-1223.js
Requested by: Host: sabre-glbl.allaccesspass.com
URL: https://sabre-glbl.allaccesspass.com/auth/gigya/redirect.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c408e00f3bc7c005e9abb9d43b2e6ad3def85e0941ab974a9e3bd76673c8a4d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sabre-glbl.allaccesspass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: 9bSPwe8fMEYRcVSv2EMBWMHRAeUObfWk
content-encoding: gzip
via: 1.1 varnish
date: Sun, 05 Feb 2023 09:31:45 GMT
x-amz-request-id: JWQRZ3ZD52X10955
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2800
x-amz-id-2: VZu7D2hG7yRFdu3eS8/uVM78r92GFHWBf2FDCLWS5c4dds2PSAv5sSaeEqoYHupkMw+mHEJtM1g=
x-served-by: cache-hhn-etou8220067-HHN
last-modified: Fri, 27 Jan 2023 21:42:05 GMT
server: AmazonS3
x-timer: S1675589505.426467,VS0,VE0
etag: "b225b095bddb200dcb67ba7625a14e0b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 4980

GET
H2 200 960.215647de-1223.js Show response
js-agent.newrelic.com/ 5 KB
2 KB 9ms
8ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/960.215647de-1223.js
Requested by: Host: sabre-glbl.allaccesspass.com
URL: https://sabre-glbl.allaccesspass.com/auth/gigya/redirect.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 88e0b9009e3713315a92b60c0b4bf76feb8d00397659b1ddcc6ec50a7e0f7f17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sabre-glbl.allaccesspass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: iCdpSHjuiF_zf7kNvVpWKcwVkVeojeJa
content-encoding: gzip
via: 1.1 varnish
date: Sun, 05 Feb 2023 09:31:45 GMT
x-amz-request-id: DVN1YQWRMA65D7TM
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2233
x-amz-id-2: mwRToOIEMzV06tuAwYWB52xJhWsUo6vvvchrgW6PUz2Hvn13646ediOqFVasTdLxq1+qU8Nzw/8=
x-served-by: cache-hhn-etou8220067-HHN
last-modified: Fri, 27 Jan 2023 21:42:05 GMT
server: AmazonS3
x-timer: S1675589505.436555,VS0,VE0
etag: "57e420fb6a7c52d0c27d5548fef4de16"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 4844

GET
H2 200 307.215647de-1223.js Show response
js-agent.newrelic.com/ 9 KB
4 KB 8ms
8ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/307.215647de-1223.js
Requested by: Host: sabre-glbl.allaccesspass.com
URL: https://sabre-glbl.allaccesspass.com/auth/gigya/redirect.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ffa86b44a28a0a3cb18c772b09c2b4cd5812be3c763b445ec5c9d70ff48b0dc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sabre-glbl.allaccesspass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: ED2qEQGkNHGjLDyC2ELlsbsj8AXnsN9k
content-encoding: gzip
via: 1.1 varnish
date: Sun, 05 Feb 2023 09:31:45 GMT
x-amz-request-id: 49B1S9QJ86K966HT
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3648
x-amz-id-2: cz4cUKpGOuGIjfAt8mgSfepa/Oh2csSqqKRWbI3uVMugXfsGADNnM/7i4wBJu73x5yNwA4LgktM=
x-served-by: cache-hhn-etou8220067-HHN
last-modified: Fri, 27 Jan 2023 21:42:05 GMT
server: AmazonS3
x-timer: S1675589505.436547,VS0,VE0
etag: "cca13aa273adc25aced599968bea0601"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 4971

GET
H2 200 817.215647de-1223.js Show response
js-agent.newrelic.com/ 2 KB
1 KB 8ms
8ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/817.215647de-1223.js
Requested by: Host: sabre-glbl.allaccesspass.com
URL: https://sabre-glbl.allaccesspass.com/auth/gigya/redirect.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ebd6c996822a5f23a3cd2a32ba98f37e4672270107d2cc7c9f220fdaed67482a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sabre-glbl.allaccesspass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: fbj3lJUaysglBYTWHHCwffYncZ19MQ50
content-encoding: gzip
via: 1.1 varnish
date: Sun, 05 Feb 2023 09:31:45 GMT
x-amz-request-id: JWQQ6GXDYYN0RWVS
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1044
x-amz-id-2: hBgn24Y0ZUirvijBvdYy2tvnfpHp19SV7wcXoO55VgHUrZzdZwpYh/q+/rKwuuW+B5CXt0Xuai0=
x-served-by: cache-hhn-etou8220067-HHN
last-modified: Fri, 27 Jan 2023 21:42:05 GMT
server: AmazonS3
x-timer: S1675589505.436539,VS0,VE0
etag: "a5dc24e5a104adfcf70621ff7fb620ff"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 4971

GET
H2 200 378.215647de-1223.js Show response
js-agent.newrelic.com/ 17 KB
6 KB 8ms
7ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/378.215647de-1223.js
Requested by: Host: sabre-glbl.allaccesspass.com
URL: https://sabre-glbl.allaccesspass.com/auth/gigya/redirect.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6dabc51abad962efcfc47a6303909ba3cf193bcb33b21573090186f42b3384cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sabre-glbl.allaccesspass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: tRin0ET_go6ogNo.J2ffgT9M6xH6BEos
content-encoding: gzip
via: 1.1 varnish
date: Sun, 05 Feb 2023 09:31:45 GMT
x-amz-request-id: JWQZRAG96NVM41FD
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 6410
x-amz-id-2: FAk/vWbuEtAuog87IXrIrYvj741ahKxePLZjbyWDAfEjZ5i2ubVpoxL7DWDU5ZntbWUUfeGGpM0=
x-served-by: cache-hhn-etou8220067-HHN
last-modified: Fri, 27 Jan 2023 21:42:05 GMT
server: AmazonS3
x-timer: S1675589505.436588,VS0,VE0
etag: "2705e6768fceda2e9c8355d65e268d7c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 3718

GET
H2 200 piwik.js Show response
analytics.franklincovey.com/ 64 KB
21 KB 235ms
208ms Script
application/javascript 2606:4700::6811:7c6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.franklincovey.com/piwik.js

Requested by

Host: sabre-glbl.allaccesspass.com
URL: https://sabre-glbl.allaccesspass.com/auth/gigya/redirect.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:7c6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sabre-glbl.allaccesspass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 09:31:45 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 24 Oct 2022 21:18:59 GMT
server: cloudflare
content-encoding: gzip
etag: W/"10132-5ebce57053031"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=172800
cf-ray: 794aa288fe3b371d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Tue, 07 Feb 2023 09:31:45 GMT

GET
H/1.1 200
OK NRJS-d9c4bb1739ab8c490bd Show response
bam.nr-data.net/1/ 49 B
508 B 245ms
217ms Script
text/javascript 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/NRJS-d9c4bb1739ab8c490bd?a=968336291&v=1223.PROD&to=blFVMUpZXxYHUExQVlcbYhdRF1AQElsXXlBeTVZKSl1VDBRWW00XSVxH&rst=3448&ck=0&s=cc15015a7c54c99f&ref=https://sabre-glbl.allaccesspass.com/auth/gigya/redirect.php&ap=181&be=1289&fe=2124&dc=568&perf=%7B%22timing%22:%7B%22of%22:1675589501990,%22n%22:0,%22r%22:0,%22re%22:794,%22f%22:794,%22dn%22:794,%22dne%22:794,%22c%22:794,%22ce%22:794,%22rq%22:794,%22rp%22:1253,%22rpe%22:1286,%22dl%22:1256,%22di%22:1857,%22ds%22:1857,%22de%22:1862,%22dc%22:3412,%22l%22:3412,%22le%22:3419%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&fp=1838&fcp=1838&at=QhZWRwJDTBg%3D&jsonp=NREUM.setToken
Requested by: Host: sabre-glbl.allaccesspass.com
URL: https://sabre-glbl.allaccesspass.com/auth/gigya/redirect.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a83848cf5c3d96caefe490c19e41659609b3691dd4c531cf925016c084d8e1b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sabre-glbl.allaccesspass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-served-by: cache-hhn-etou8220094-HHN
date: Sun, 05 Feb 2023 09:31:45 GMT
via: 1.1 varnish
x-timer: S1675589506.577719,VS0,VE101
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
x-cache: MISS
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
accept-ranges: bytes
Content-Length: 49
x-cache-hits: 0

POST
H2 204 piwik.php
analytics.franklincovey.com/ 0
0 380ms
380ms Ping
text/html 2606:4700::6811:7c6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.franklincovey.com/piwik.php?action_name=&idsite=7&rec=1&r=744740&h=9&m=31&s=45&url=https%3A%2F%2Fsabre-glbl.allaccesspass.com%2Fauth%2Fgigya%2Fredirect.php&_id=ede60d06b6262c15&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&dimension1=sabre-glbl.allaccesspass.com&dimension2=explore&dimension5=de&pv_id=KwlYFE&pf_net=0&pf_srv=459&pf_tfr=33&pf_dm1=601&pf_dm2=1555&pf_onl=7&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by: Host: analytics.franklincovey.com
URL: https://analytics.franklincovey.com/piwik.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7c6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sabre-glbl.allaccesspass.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

POST
H/1.1 200
OK NRJS-d9c4bb1739ab8c490bd Show response
bam.nr-data.net/resources/1/ 36 B
481 B 217ms
216ms XHR
text/plain 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/resources/1/NRJS-d9c4bb1739ab8c490bd?a=968336291&v=1223.PROD&to=blFVMUpZXxYHUExQVlcbYhdRF1AQElsXXlBeTVZKSl1VDBRWW00XSVxH&rst=3697&ck=0&s=cc15015a7c54c99f&ref=https://sabre-glbl.allaccesspass.com/auth/gigya/redirect.php&st=1675589503279&at=QhZWRwJDTBg%3D
Requested by: Host: sabre-glbl.allaccesspass.com
URL: https://sabre-glbl.allaccesspass.com/auth/gigya/redirect.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ea517d78750e7290d56ed539f4109f6a9e8f0fed191eaee0696ef7d7d0873d27

Request headers

Referer: https://sabre-glbl.allaccesspass.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
content-type: text/plain

Response headers

x-served-by: cache-hhn-etou8220094-HHN
date: Sun, 05 Feb 2023 09:31:45 GMT
via: 1.1 varnish
x-timer: S1675589506.799125,VS0,VE100
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/plain
access-control-allow-origin: https://sabre-glbl.allaccesspass.com
x-cache: MISS
access-control-allow-credentials: true
Connection: keep-alive
accept-ranges: bytes
Content-Length: 36
x-cache-hits: 0

POST
H/1.1 200
OK NRJS-d9c4bb1739ab8c490bd Show response
bam.nr-data.net/events/1/ 24 B
468 B 124ms
112ms XHR
image/gif 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/NRJS-d9c4bb1739ab8c490bd?a=968336291&v=1223.PROD&to=blFVMUpZXxYHUExQVlcbYhdRF1AQElsXXlBeTVZKSl1VDBRWW00XSVxH&rst=3705&ck=0&s=cc15015a7c54c99f&ref=https://sabre-glbl.allaccesspass.com/auth/gigya/redirect.php
Requested by: Host: sabre-glbl.allaccesspass.com
URL: https://sabre-glbl.allaccesspass.com/auth/gigya/redirect.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://sabre-glbl.allaccesspass.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
content-type: text/plain

Response headers

x-served-by: cache-hhn-etou8220085-HHN
date: Sun, 05 Feb 2023 09:31:45 GMT
via: 1.1 varnish
x-timer: S1675589506.714260,VS0,VE100
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: image/gif
access-control-allow-origin: https://sabre-glbl.allaccesspass.com
x-cache: MISS
access-control-allow-credentials: true
Connection: keep-alive
accept-ranges: bytes
Content-Length: 24
x-cache-hits: 0

GET
H/1.1 200
OK Api.aspx Show response
cdns.eu1.gigya.com/gs/webSdk/ Frame B22D 119 KB
41 KB 226ms
141ms Document
text/html 23.203.124.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdns.eu1.gigya.com/gs/webSdk/Api.aspx?apiKey=3_qOYUNdOudAGL3G4sZTUMpeCGVgPM3tSDjIgpJR5nGVPIRyrxSvX2zWd4_CsaeFq1&version=latest&build=13622

Requested by

Host: sabre-glbl.allaccesspass.com
URL: https://sabre-glbl.allaccesspass.com/auth/gigya/redirect.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.203.124.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-203-124-246.deploy.static.akamaitechnologies.com

Software

Resource Hash

99a0b3faced06a4d7485f9a9210d14ac44fefc5adfaa7aa6845447e8805d0090

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://sabre-glbl.allaccesspass.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400, s-maxage=3600
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 41409
Content-Type: text/html; charset=utf-8
Date: Sun, 05 Feb 2023 09:31:46 GMT
Vary: Accept-Encoding
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-callid: f24c8c12efed496ab3e8998114f38367
x-error-code: 0
x-robots-tag: none
x-server: us1d-nomad-g40
x-soa: true, Gator

GET
H/1.1 200
OK sdk.config.get Show response
cdns.eu1.gigya.com/ Frame B22D 3 KB
2 KB 29ms
29ms Fetch
text/javascript 23.203.124.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdns.eu1.gigya.com/sdk.config.get?apiKey=3_qOYUNdOudAGL3G4sZTUMpeCGVgPM3tSDjIgpJR5nGVPIRyrxSvX2zWd4_CsaeFq1&httpStatusCodes=true
Requested by: Host: cdns.eu1.gigya.com
URL: https://cdns.eu1.gigya.com/gs/webSdk/Api.aspx?apiKey=3_qOYUNdOudAGL3G4sZTUMpeCGVgPM3tSDjIgpJR5nGVPIRyrxSvX2zWd4_CsaeFq1&version=latest&build=13622
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.203.124.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-124-246.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4c4315a802a524908b6bdb663ec91621674f4874187586d885f188f7e141dbe1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdns.eu1.gigya.com/gs/webSdk/Api.aspx?apiKey=3_qOYUNdOudAGL3G4sZTUMpeCGVgPM3tSDjIgpJR5nGVPIRyrxSvX2zWd4_CsaeFq1&version=latest&build=13622
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Sun, 05 Feb 2023 09:31:46 GMT
Content-Encoding: gzip
x-soa: true, Gator
Vary: Accept-Encoding
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
Access-Control-Allow-Origin: *
x-callid: cb48af3d9da1455baefe2f2a7210cf84
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, s-maxage=120
x-server: us1d-nomad-g60
Connection: keep-alive
Accept-Ranges: bytes
x-error-code: 0
x-robots-tag: none
Content-Length: 1195

GET
H/1.1 200
OK accounts.webSdkBootstrap Show response
accounts.eu1.gigya.com/ Frame B22D 199 B
1 KB 181ms
46ms XHR
text/javascript 54.229.120.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.eu1.gigya.com/accounts.webSdkBootstrap?apiKey=3_qOYUNdOudAGL3G4sZTUMpeCGVgPM3tSDjIgpJR5nGVPIRyrxSvX2zWd4_CsaeFq1&pageURL=https%3A%2F%2Fsabre-glbl.allaccesspass.com%2F&sdk=js_latest&sdkBuild=13622&format=json
Requested by: Host: cdns.eu1.gigya.com
URL: https://cdns.eu1.gigya.com/gs/webSdk/Api.aspx?apiKey=3_qOYUNdOudAGL3G4sZTUMpeCGVgPM3tSDjIgpJR5nGVPIRyrxSvX2zWd4_CsaeFq1&version=latest&build=13622
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.229.120.124 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-120-124.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 53bdcee8a9cdd9361a8b66d4b70711ce2c87593b340b38f8cabeecfb1b37ffc8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdns.eu1.gigya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 09:31:45 GMT
content-encoding: gzip
x-soa: true, Gator
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
x-error-code: 0
content-length: 174
access-control-max-age: 86400
access-control-allow-methods: GET,PUT,DELETE,HEAD,OPTIONS,POST,PATCH
content-type: text/javascript; charset=utf-8
access-control-allow-origin: https://cdns.eu1.gigya.com
x-callid: ef683d0e7e4049dbb43dfe612dd1d7aa
cache-control: private
access-control-allow-credentials: true
x-server: eu1b-nomad-g6
vary: Origin, Accept-Encoding
x-robots-tag: none

GET
H/1.1

200
OK

saml2 Show response
login.microsoftonline.com/03ceccf2-fe27-4c66-abdb-699141848e61/
Redirect Chain

https://socialize.eu1.gigya.com/accounts.socialLogin?x_authFlow=redirect&x_provider=saml-sabre-glbl.allaccesspass.com&x_redirectMethod=post&x_lang=en&x_sessionExpiration=0&x_include=profile%2Cdata&...
https://login.microsoftonline.com/03ceccf2-fe27-4c66-abdb-699141848e61/saml2?SAMLRequest=tZJPb9pAEMW%2FirV32%2Bu%2FhRUgIVCQK0gQBNrmEi3rsbOVvWt21jTk09d2mrQ5tLdeRzPzfm%2FeTJDXVcPmrX1SOzi3gNbJllNSyvLK...

152 KB
56 KB

263ms
192ms

Document
text/html

40.126.32.68
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.microsoftonline.com/03ceccf2-fe27-4c66-abdb-699141848e61/saml2?SAMLRequest=tZJPb9pAEMW%2FirV32%2Bu%2FhRUgIVCQK0gQBNrmEi3rsbOVvWt21jTk09d2mrQ5tLdeRzPzfm%2FeTJDXVcPmrX1SOzi3gNbJllNSyvLKY8rTIE05h1Oe8FhElI8gobzIw4QG42gU0Ig4RzAotZqS0KPEyRBbyBRarmxXomHk0tClyT0dsyhgcfpAnGWnIhW3w9STtQ0y3690KZVXS2E06sJqVUkFntC1TyMBQhShW0D4yY1Fmrr8lJ%2FcdDwO4mAUjyAN%2FN5HSJwbbQQMbqak4BVCT7TliPIC75U5IphefaEVtjWYPZiLFHDYrX%2FzFDKvPWgDbzjFANJr%2BJfOph89nu%2B%2BHW7zuzafr9bRKsaH%2B8OmgcXqWG43kd0vv2dl83mXqNVxm%2B2u5nl%2F%2BRq%2BfMnjxwVyuDl3wI3PBRLnua4UsiGGKWmNYpqjRKZ4DcisYPv5Zs06TdYYbbXQFZlN%2Bm42XNr8Mf%2Fvcf5mmsw%2BWPw%2F9ibDtl%2BMr8ANu%2B2gsuVWV1Jc%2B6Rq3r3I35gDLxgqMneLoZW1ChsQspCQdxlWlf6xMMBtl6s1bRerP3tV%2FfjOs58%3D&RelayState=tk1.UXlKJPEtbIeGfTRJHsg4WtezW55LtBwm5xZT27KZS2Q&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=TxsDvy496qr0%2BWQB2qZVzLBBwMzcZi2AOYks6OWXyvI59m%2FDDUEUJB3OqgNjkavjolqDa6xQz%2Fu2k8xu6ZomvV%2BRoTAw5Dr81j86rR8VKv78SPcgRUGaTRAoRkQQhKIRU071NhhIA09pKhfw516NTLfH1iy6aOyuJgzdBaBWd2Nf6GKPaYXTpx75Al7%2BecZ4j0kOUp3IB8dNxqoqYuXnQ9n6ViJq1VJ9Dg2tZWSc4GBe0baBXSC7xaqNMgXNRugeGxvGbzm%2Fpyw9SJX2UzlLBHqY0LZbhhWcsc7q489JOwLKxR60TFigwBFTaS298eYUfia4zzh8znJAe9tCR8Ic0A%3D%3D

Requested by

Host: cdns.gigya.com
URL: https://cdns.gigya.com/JS/gigya.js?apiKey=3_qOYUNdOudAGL3G4sZTUMpeCGVgPM3tSDjIgpJR5nGVPIRyrxSvX2zWd4_CsaeFq1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.126.32.68 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c393342c57c8667be14de099b8a6706d29c722e4b60cec05b2282eea35ce1d6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sabre-glbl.allaccesspass.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache
Content-Encoding: gzip
Content-Length: 55800
Content-Type: text/html; charset=utf-8
Date: Sun, 05 Feb 2023 09:31:46 GMT
Expires: -1
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
x-ms-ests-server: 2.1.14526.6 - EUS ProdSlices
x-ms-request-id: a9d3cfb8-b1c4-48a1-ab56-a3adb87a7b00

Redirect headers

cache-control: private
content-length: 0
date: Sun, 05 Feb 2023 09:31:45 GMT
location: https://login.microsoftonline.com/03ceccf2-fe27-4c66-abdb-699141848e61/saml2?SAMLRequest=tZJPb9pAEMW%2FirV32%2Bu%2FhRUgIVCQK0gQBNrmEi3rsbOVvWt21jTk09d2mrQ5tLdeRzPzfm%2FeTJDXVcPmrX1SOzi3gNbJllNSyvLKY8rTIE05h1Oe8FhElI8gobzIw4QG42gU0Ig4RzAotZqS0KPEyRBbyBRarmxXomHk0tClyT0dsyhgcfpAnGWnIhW3w9STtQ0y3690KZVXS2E06sJqVUkFntC1TyMBQhShW0D4yY1Fmrr8lJ%2FcdDwO4mAUjyAN%2FN5HSJwbbQQMbqak4BVCT7TliPIC75U5IphefaEVtjWYPZiLFHDYrX%2FzFDKvPWgDbzjFANJr%2BJfOph89nu%2B%2BHW7zuzafr9bRKsaH%2B8OmgcXqWG43kd0vv2dl83mXqNVxm%2B2u5nl%2F%2BRq%2BfMnjxwVyuDl3wI3PBRLnua4UsiGGKWmNYpqjRKZ4DcisYPv5Zs06TdYYbbXQFZlN%2Bm42XNr8Mf%2Fvcf5mmsw%2BWPw%2F9ibDtl%2BMr8ANu%2B2gsuVWV1Jc%2B6Rq3r3I35gDLxgqMneLoZW1ChsQspCQdxlWlf6xMMBtl6s1bRerP3tV%2FfjOs58%3D&RelayState=tk1.UXlKJPEtbIeGfTRJHsg4WtezW55LtBwm5xZT27KZS2Q&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=TxsDvy496qr0%2BWQB2qZVzLBBwMzcZi2AOYks6OWXyvI59m%2FDDUEUJB3OqgNjkavjolqDa6xQz%2Fu2k8xu6ZomvV%2BRoTAw5Dr81j86rR8VKv78SPcgRUGaTRAoRkQQhKIRU071NhhIA09pKhfw516NTLfH1iy6aOyuJgzdBaBWd2Nf6GKPaYXTpx75Al7%2BecZ4j0kOUp3IB8dNxqoqYuXnQ9n6ViJq1VJ9Dg2tZWSc4GBe0baBXSC7xaqNMgXNRugeGxvGbzm%2Fpyw9SJX2UzlLBHqY0LZbhhWcsc7q489JOwLKxR60TFigwBFTaS298eYUfia4zzh8znJAe9tCR8Ic0A%3D%3D
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
x-callid: e5aab4ede4c34abba7551316ca45a7b2
x-error-code: 0
x-robots-tag: none
x-server: eu1b-nomad-g6
x-soa: true, Gator

POST NRJS-d9c4bb1739ab8c490bd
bam.nr-data.net/events/1/ 0
0

POST NRJS-d9c4bb1739ab8c490bd
bam.nr-data.net/jserrors/1/ 0
0

POST NRJS-d9c4bb1739ab8c490bd
bam.nr-data.net/events/1/ 0
0

POST NRJS-d9c4bb1739ab8c490bd
bam.nr-data.net/resources/1/ 0
0

GET
H/1.1 200
OK Primary Request saml2 Show response
login.microsoftonline.com/03ceccf2-fe27-4c66-abdb-699141848e61/ 201 KB
52 KB 165ms
165ms Document
text/html 40.126.32.68
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/03ceccf2-fe27-4c66-abdb-699141848e61/saml2?SAMLRequest=tZJPb9pAEMW%2FirV32%2Bu%2FhRUgIVCQK0gQBNrmEi3rsbOVvWt21jTk09d2mrQ5tLdeRzPzfm%2FeTJDXVcPmrX1SOzi3gNbJllNSyvLKY8rTIE05h1Oe8FhElI8gobzIw4QG42gU0Ig4RzAotZqS0KPEyRBbyBRarmxXomHk0tClyT0dsyhgcfpAnGWnIhW3w9STtQ0y3690KZVXS2E06sJqVUkFntC1TyMBQhShW0D4yY1Fmrr8lJ%2FcdDwO4mAUjyAN%2FN5HSJwbbQQMbqak4BVCT7TliPIC75U5IphefaEVtjWYPZiLFHDYrX%2FzFDKvPWgDbzjFANJr%2BJfOph89nu%2B%2BHW7zuzafr9bRKsaH%2B8OmgcXqWG43kd0vv2dl83mXqNVxm%2B2u5nl%2F%2BRq%2BfMnjxwVyuDl3wI3PBRLnua4UsiGGKWmNYpqjRKZ4DcisYPv5Zs06TdYYbbXQFZlN%2Bm42XNr8Mf%2Fvcf5mmsw%2BWPw%2F9ibDtl%2BMr8ANu%2B2gsuVWV1Jc%2B6Rq3r3I35gDLxgqMneLoZW1ChsQspCQdxlWlf6xMMBtl6s1bRerP3tV%2FfjOs58%3D&RelayState=tk1.UXlKJPEtbIeGfTRJHsg4WtezW55LtBwm5xZT27KZS2Q&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=TxsDvy496qr0%2BWQB2qZVzLBBwMzcZi2AOYks6OWXyvI59m%2FDDUEUJB3OqgNjkavjolqDa6xQz%2Fu2k8xu6ZomvV%2BRoTAw5Dr81j86rR8VKv78SPcgRUGaTRAoRkQQhKIRU071NhhIA09pKhfw516NTLfH1iy6aOyuJgzdBaBWd2Nf6GKPaYXTpx75Al7%2BecZ4j0kOUp3IB8dNxqoqYuXnQ9n6ViJq1VJ9Dg2tZWSc4GBe0baBXSC7xaqNMgXNRugeGxvGbzm%2Fpyw9SJX2UzlLBHqY0LZbhhWcsc7q489JOwLKxR60TFigwBFTaS298eYUfia4zzh8znJAe9tCR8Ic0A%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.126.32.68 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

17bacf087c81de247458f36e0955f3240530631a8be29df58b95002460ad8b9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://login.microsoftonline.com/03ceccf2-fe27-4c66-abdb-699141848e61/saml2?SAMLRequest=tZJPb9pAEMW%2FirV32%2Bu%2FhRUgIVCQK0gQBNrmEi3rsbOVvWt21jTk09d2mrQ5tLdeRzPzfm%2FeTJDXVcPmrX1SOzi3gNbJllNSyvLKY8rTIE05h1Oe8FhElI8gobzIw4QG42gU0Ig4RzAotZqS0KPEyRBbyBRarmxXomHk0tClyT0dsyhgcfpAnGWnIhW3w9STtQ0y3690KZVXS2E06sJqVUkFntC1TyMBQhShW0D4yY1Fmrr8lJ%2FcdDwO4mAUjyAN%2FN5HSJwbbQQMbqak4BVCT7TliPIC75U5IphefaEVtjWYPZiLFHDYrX%2FzFDKvPWgDbzjFANJr%2BJfOph89nu%2B%2BHW7zuzafr9bRKsaH%2B8OmgcXqWG43kd0vv2dl83mXqNVxm%2B2u5nl%2F%2BRq%2BfMnjxwVyuDl3wI3PBRLnua4UsiGGKWmNYpqjRKZ4DcisYPv5Zs06TdYYbbXQFZlN%2Bm42XNr8Mf%2Fvcf5mmsw%2BWPw%2F9ibDtl%2BMr8ANu%2B2gsuVWV1Jc%2B6Rq3r3I35gDLxgqMneLoZW1ChsQspCQdxlWlf6xMMBtl6s1bRerP3tV%2FfjOs58%3D&RelayState=tk1.UXlKJPEtbIeGfTRJHsg4WtezW55LtBwm5xZT27KZS2Q&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=TxsDvy496qr0%2BWQB2qZVzLBBwMzcZi2AOYks6OWXyvI59m%2FDDUEUJB3OqgNjkavjolqDa6xQz%2Fu2k8xu6ZomvV%2BRoTAw5Dr81j86rR8VKv78SPcgRUGaTRAoRkQQhKIRU071NhhIA09pKhfw516NTLfH1iy6aOyuJgzdBaBWd2Nf6GKPaYXTpx75Al7%2BecZ4j0kOUp3IB8dNxqoqYuXnQ9n6ViJq1VJ9Dg2tZWSc4GBe0baBXSC7xaqNMgXNRugeGxvGbzm%2Fpyw9SJX2UzlLBHqY0LZbhhWcsc7q489JOwLKxR60TFigwBFTaS298eYUfia4zzh8znJAe9tCR8Ic0A%3D%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache
Content-Encoding: gzip
Content-Length: 51532
Content-Type: text/html; charset=utf-8
Date: Sun, 05 Feb 2023 09:31:47 GMT
Expires: -1
Link: <https://aadcdn.msftauth.net>; rel=preconnect; crossorigin <https://aadcdn.msftauth.net>; rel=dns-prefetch <https://aadcdn.msauth.net>; rel=dns-prefetch
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-DNS-Prefetch-Control: on
X-Frame-Options: DENY
X-XSS-Protection: 0
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
x-ms-ests-server: 2.1.14526.6 - EUS ProdSlices
x-ms-request-id: d91cf6f4-442d-404b-b7c9-834c5cf17500

GET
H2 200 ConvergedLogin_PCore_NnFX4S8X6vb-OgGnD82WNA2.js Show response
aadcdn.msftauth.net/shared/1.0/content/js/ 393 KB
111 KB 66ms
12ms Script
application/x-javascript 152.199.23.37
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_NnFX4S8X6vb-OgGnD82WNA2.js
Requested by: Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/03ceccf2-fe27-4c66-abdb-699141848e61/saml2?SAMLRequest=tZJPb9pAEMW%2FirV32%2Bu%2FhRUgIVCQK0gQBNrmEi3rsbOVvWt21jTk09d2mrQ5tLdeRzPzfm%2FeTJDXVcPmrX1SOzi3gNbJllNSyvLKY8rTIE05h1Oe8FhElI8gobzIw4QG42gU0Ig4RzAotZqS0KPEyRBbyBRarmxXomHk0tClyT0dsyhgcfpAnGWnIhW3w9STtQ0y3690KZVXS2E06sJqVUkFntC1TyMBQhShW0D4yY1Fmrr8lJ%2FcdDwO4mAUjyAN%2FN5HSJwbbQQMbqak4BVCT7TliPIC75U5IphefaEVtjWYPZiLFHDYrX%2FzFDKvPWgDbzjFANJr%2BJfOph89nu%2B%2BHW7zuzafr9bRKsaH%2B8OmgcXqWG43kd0vv2dl83mXqNVxm%2B2u5nl%2F%2BRq%2BfMnjxwVyuDl3wI3PBRLnua4UsiGGKWmNYpqjRKZ4DcisYPv5Zs06TdYYbbXQFZlN%2Bm42XNr8Mf%2Fvcf5mmsw%2BWPw%2F9ibDtl%2BMr8ANu%2B2gsuVWV1Jc%2B6Rq3r3I35gDLxgqMneLoZW1ChsQspCQdxlWlf6xMMBtl6s1bRerP3tV%2FfjOs58%3D&RelayState=tk1.UXlKJPEtbIeGfTRJHsg4WtezW55LtBwm5xZT27KZS2Q&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=TxsDvy496qr0%2BWQB2qZVzLBBwMzcZi2AOYks6OWXyvI59m%2FDDUEUJB3OqgNjkavjolqDa6xQz%2Fu2k8xu6ZomvV%2BRoTAw5Dr81j86rR8VKv78SPcgRUGaTRAoRkQQhKIRU071NhhIA09pKhfw516NTLfH1iy6aOyuJgzdBaBWd2Nf6GKPaYXTpx75Al7%2BecZ4j0kOUp3IB8dNxqoqYuXnQ9n6ViJq1VJ9Dg2tZWSc4GBe0baBXSC7xaqNMgXNRugeGxvGbzm%2Fpyw9SJX2UzlLBHqY0LZbhhWcsc7q489JOwLKxR60TFigwBFTaS298eYUfia4zzh8znJAe9tCR8Ic0A%3D%3D&sso_reload=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48BB) /
Resource Hash: c974a0be091a8f09353472bbb41cb939e48a6796f6d0cf95686a7b4d73aa8490

Request headers

Referer: https://login.microsoftonline.com/
Origin: https://login.microsoftonline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 05 Feb 2023 09:31:47 GMT
content-encoding: gzip
content-md5: 2lcEQ5vglpXqxT8YZRDC3A==
age: 4037633
x-cache: HIT
content-length: 112847
x-ms-lease-status: unlocked
last-modified: Fri, 16 Dec 2022 22:42:44 GMT
server: ECAcc (ama/48BB)
etag: 0x8DADFB6D8C61632
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 8a3e9391-c01e-000c-0e8b-141206000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H/1.1 200
OK Me.htm
login.live.com/ 0
0 199ms
100ms Other
text/html 20.190.159.75
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://login.live.com/Me.htm?v=3
Requested by: Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/03ceccf2-fe27-4c66-abdb-699141848e61/saml2?SAMLRequest=tZJPb9pAEMW%2FirV32%2Bu%2FhRUgIVCQK0gQBNrmEi3rsbOVvWt21jTk09d2mrQ5tLdeRzPzfm%2FeTJDXVcPmrX1SOzi3gNbJllNSyvLKY8rTIE05h1Oe8FhElI8gobzIw4QG42gU0Ig4RzAotZqS0KPEyRBbyBRarmxXomHk0tClyT0dsyhgcfpAnGWnIhW3w9STtQ0y3690KZVXS2E06sJqVUkFntC1TyMBQhShW0D4yY1Fmrr8lJ%2FcdDwO4mAUjyAN%2FN5HSJwbbQQMbqak4BVCT7TliPIC75U5IphefaEVtjWYPZiLFHDYrX%2FzFDKvPWgDbzjFANJr%2BJfOph89nu%2B%2BHW7zuzafr9bRKsaH%2B8OmgcXqWG43kd0vv2dl83mXqNVxm%2B2u5nl%2F%2BRq%2BfMnjxwVyuDl3wI3PBRLnua4UsiGGKWmNYpqjRKZ4DcisYPv5Zs06TdYYbbXQFZlN%2Bm42XNr8Mf%2Fvcf5mmsw%2BWPw%2F9ibDtl%2BMr8ANu%2B2gsuVWV1Jc%2B6Rq3r3I35gDLxgqMneLoZW1ChsQspCQdxlWlf6xMMBtl6s1bRerP3tV%2FfjOs58%3D&RelayState=tk1.UXlKJPEtbIeGfTRJHsg4WtezW55LtBwm5xZT27KZS2Q&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=TxsDvy496qr0%2BWQB2qZVzLBBwMzcZi2AOYks6OWXyvI59m%2FDDUEUJB3OqgNjkavjolqDa6xQz%2Fu2k8xu6ZomvV%2BRoTAw5Dr81j86rR8VKv78SPcgRUGaTRAoRkQQhKIRU071NhhIA09pKhfw516NTLfH1iy6aOyuJgzdBaBWd2Nf6GKPaYXTpx75Al7%2BecZ4j0kOUp3IB8dNxqoqYuXnQ9n6ViJq1VJ9Dg2tZWSc4GBe0baBXSC7xaqNMgXNRugeGxvGbzm%2Fpyw9SJX2UzlLBHqY0LZbhhWcsc7q489JOwLKxR60TFigwBFTaS298eYUfia4zzh8znJAe9tCR8Ic0A%3D%3D&sso_reload=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.190.159.75 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H2 200 convergedlogin_pcustomizationloader_f3782014f3739160dbfd.js Show response
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 107 KB
32 KB 51ms
14ms Script
application/x-javascript 152.199.23.37
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_f3782014f3739160dbfd.js
Requested by: Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_NnFX4S8X6vb-OgGnD82WNA2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48DF) /
Resource Hash: 0e2ef54a0f3644ed15e5b535dd3a30b94ba2cbf05631efc41039ae793c8b0efe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 05 Feb 2023 09:31:47 GMT
content-encoding: gzip
content-md5: e/EZAgcGdIaZjab5+bzwzw==
age: 4913932
x-cache: HIT
content-length: 32186
x-ms-lease-status: unlocked
last-modified: Wed, 07 Dec 2022 05:02:00 GMT
server: ECAcc (ama/48DF)
etag: 0x8DAD8102C79D54C
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: bea42d98-901e-0041-2793-0cdc2a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 0
20 KB 49ms
28ms Other
text/css 152.199.23.37
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css
Requested by: Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/03ceccf2-fe27-4c66-abdb-699141848e61/saml2?SAMLRequest=tZJPb9pAEMW%2FirV32%2Bu%2FhRUgIVCQK0gQBNrmEi3rsbOVvWt21jTk09d2mrQ5tLdeRzPzfm%2FeTJDXVcPmrX1SOzi3gNbJllNSyvLKY8rTIE05h1Oe8FhElI8gobzIw4QG42gU0Ig4RzAotZqS0KPEyRBbyBRarmxXomHk0tClyT0dsyhgcfpAnGWnIhW3w9STtQ0y3690KZVXS2E06sJqVUkFntC1TyMBQhShW0D4yY1Fmrr8lJ%2FcdDwO4mAUjyAN%2FN5HSJwbbQQMbqak4BVCT7TliPIC75U5IphefaEVtjWYPZiLFHDYrX%2FzFDKvPWgDbzjFANJr%2BJfOph89nu%2B%2BHW7zuzafr9bRKsaH%2B8OmgcXqWG43kd0vv2dl83mXqNVxm%2B2u5nl%2F%2BRq%2BfMnjxwVyuDl3wI3PBRLnua4UsiGGKWmNYpqjRKZ4DcisYPv5Zs06TdYYbbXQFZlN%2Bm42XNr8Mf%2Fvcf5mmsw%2BWPw%2F9ibDtl%2BMr8ANu%2B2gsuVWV1Jc%2B6Rq3r3I35gDLxgqMneLoZW1ChsQspCQdxlWlf6xMMBtl6s1bRerP3tV%2FfjOs58%3D&RelayState=tk1.UXlKJPEtbIeGfTRJHsg4WtezW55LtBwm5xZT27KZS2Q&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=TxsDvy496qr0%2BWQB2qZVzLBBwMzcZi2AOYks6OWXyvI59m%2FDDUEUJB3OqgNjkavjolqDa6xQz%2Fu2k8xu6ZomvV%2BRoTAw5Dr81j86rR8VKv78SPcgRUGaTRAoRkQQhKIRU071NhhIA09pKhfw516NTLfH1iy6aOyuJgzdBaBWd2Nf6GKPaYXTpx75Al7%2BecZ4j0kOUp3IB8dNxqoqYuXnQ9n6ViJq1VJ9Dg2tZWSc4GBe0baBXSC7xaqNMgXNRugeGxvGbzm%2Fpyw9SJX2UzlLBHqY0LZbhhWcsc7q489JOwLKxR60TFigwBFTaS298eYUfia4zzh8znJAe9tCR8Ic0A%3D%3D&sso_reload=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48D6) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 05 Feb 2023 09:31:47 GMT
content-encoding: gzip
content-md5: 9K2/nGCj75WAmmAI9nZNCA==
age: 5040068
x-cache: HIT
content-length: 19970
x-ms-lease-status: unlocked
last-modified: Thu, 04 Aug 2022 19:37:00 GMT
server: ECAcc (ama/48D6)
etag: 0x8DA7650B375AC9B
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: a8ff09ea-801e-0082-326d-0b2bad000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 ux.converged.login.strings-de.min_egm72xgxis3arkcshl_vsg2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 0
15 KB 38ms
17ms Other
application/x-javascript 152.199.23.37
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-de.min_egm72xgxis3arkcshl_vsg2.js
Requested by: Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/03ceccf2-fe27-4c66-abdb-699141848e61/saml2?SAMLRequest=tZJPb9pAEMW%2FirV32%2Bu%2FhRUgIVCQK0gQBNrmEi3rsbOVvWt21jTk09d2mrQ5tLdeRzPzfm%2FeTJDXVcPmrX1SOzi3gNbJllNSyvLKY8rTIE05h1Oe8FhElI8gobzIw4QG42gU0Ig4RzAotZqS0KPEyRBbyBRarmxXomHk0tClyT0dsyhgcfpAnGWnIhW3w9STtQ0y3690KZVXS2E06sJqVUkFntC1TyMBQhShW0D4yY1Fmrr8lJ%2FcdDwO4mAUjyAN%2FN5HSJwbbQQMbqak4BVCT7TliPIC75U5IphefaEVtjWYPZiLFHDYrX%2FzFDKvPWgDbzjFANJr%2BJfOph89nu%2B%2BHW7zuzafr9bRKsaH%2B8OmgcXqWG43kd0vv2dl83mXqNVxm%2B2u5nl%2F%2BRq%2BfMnjxwVyuDl3wI3PBRLnua4UsiGGKWmNYpqjRKZ4DcisYPv5Zs06TdYYbbXQFZlN%2Bm42XNr8Mf%2Fvcf5mmsw%2BWPw%2F9ibDtl%2BMr8ANu%2B2gsuVWV1Jc%2B6Rq3r3I35gDLxgqMneLoZW1ChsQspCQdxlWlf6xMMBtl6s1bRerP3tV%2FfjOs58%3D&RelayState=tk1.UXlKJPEtbIeGfTRJHsg4WtezW55LtBwm5xZT27KZS2Q&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=TxsDvy496qr0%2BWQB2qZVzLBBwMzcZi2AOYks6OWXyvI59m%2FDDUEUJB3OqgNjkavjolqDa6xQz%2Fu2k8xu6ZomvV%2BRoTAw5Dr81j86rR8VKv78SPcgRUGaTRAoRkQQhKIRU071NhhIA09pKhfw516NTLfH1iy6aOyuJgzdBaBWd2Nf6GKPaYXTpx75Al7%2BecZ4j0kOUp3IB8dNxqoqYuXnQ9n6ViJq1VJ9Dg2tZWSc4GBe0baBXSC7xaqNMgXNRugeGxvGbzm%2Fpyw9SJX2UzlLBHqY0LZbhhWcsc7q489JOwLKxR60TFigwBFTaS298eYUfia4zzh8znJAe9tCR8Ic0A%3D%3D&sso_reload=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48F8) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 05 Feb 2023 09:31:47 GMT
content-encoding: gzip
content-md5: k7fVZXvzmEOgfmeeNd3Kyw==
age: 3946503
x-cache: HIT
content-length: 15207
x-ms-lease-status: unlocked
last-modified: Sat, 17 Dec 2022 08:41:30 GMT
server: ECAcc (ama/48F8)
etag: 0x8DAE00A7E7EF121
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 71a80d57-601e-007f-0160-15dcbd000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 convergedlogin_pfetchsessionsprogress_85acbcb9234972130506.js Show response
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 15 KB
6 KB 13ms
13ms Script
application/x-javascript 152.199.23.37
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_85acbcb9234972130506.js
Requested by: Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_NnFX4S8X6vb-OgGnD82WNA2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48BC) /
Resource Hash: 28fa8f3ba41d8801e3d95e7128f5b2189a4344ebee1a56d4be7a313959f608e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 05 Feb 2023 09:31:47 GMT
content-encoding: gzip
content-md5: 4CzbHQsOMg8rU5bCeKMGlw==
age: 4994676
x-cache: HIT
content-length: 5530
x-ms-lease-status: unlocked
last-modified: Tue, 15 Nov 2022 20:11:58 GMT
server: ECAcc (ama/48BC)
etag: 0x8DAC745A6527E64
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 29499165-c01e-006e-33d7-0b9d98000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 marching_ants_white_166de53471265253ab3a456defe6da23.gif
aadcdn.msftauth.net/shared/1.0/content/images/ 3 KB
3 KB 13ms
13ms Image
image/gif 152.199.23.37
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/images/marching_ants_white_166de53471265253ab3a456defe6da23.gif
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48B2) /
Resource Hash: a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 05 Feb 2023 09:31:47 GMT
content-md5: Fm3lNHEmUlOrOkVt7+baIw==
age: 5040065
x-cache: HIT
content-length: 2672
x-ms-lease-status: unlocked
last-modified: Thu, 16 Jan 2020 00:32:52 GMT
server: ECAcc (ama/48B2)
etag: 0x8D79A1B9F2C6EC8
content-type: image/gif
access-control-allow-origin: *
x-ms-request-id: 7f4aa7f7-d01e-0006-336d-0b3844000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
aadcdn.msftauth.net/shared/1.0/content/images/ 4 KB
4 KB 13ms
13ms Image
image/gif 152.199.23.37
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/images/marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/4894) /
Resource Hash: 8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 05 Feb 2023 09:31:47 GMT
content-md5: tUCo5RgDcZLjLE/li/Lbqw==
age: 5040065
x-cache: HIT
content-length: 3620
x-ms-lease-status: unlocked
last-modified: Thu, 16 Jan 2020 00:32:52 GMT
server: ECAcc (ama/4894)
etag: 0x8D79A1B9F8A840E
content-type: image/gif
access-control-allow-origin: *
x-ms-request-id: 996a1b1c-501e-008f-5d6d-0b1923000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 illustration
aadcdn.msftauthimages.net/dbd5a2dd-dxwkn8zmqorrvfrpezrqqbiqs-op92gz1eht3ws7w0/logintenantbranding/0/ 252 KB
253 KB 163ms
12ms Image
image/* 2620:1ec:4e:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msftauthimages.net/dbd5a2dd-dxwkn8zmqorrvfrpezrqqbiqs-op92gz1eht3ws7w0/logintenantbranding/0/illustration?ts=636966718686804972
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: bd31b5ad4e0e741f2066270580ff1324e97e726e5a3f42b2c11c06978600db4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 05 Feb 2023 09:31:47 GMT
x-azure-ref-originshield: 0QE3fYwAAAAB/HghwNvrmRIbCJ+tbIkOURlJBMjMxMDUwNDE3MDM3ADU5NjY1NzE1LTQyNmEtNGYxYy1hMDU5LWQ1ZGZkNDBhZTZiOQ==
content-md5: G9EA1WSIasfYta+kLnpy+A==
x-cache: TCP_HIT
content-length: 258399
x-ms-lease-status: unlocked
last-modified: Thu, 20 Jun 2019 23:57:49 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D6F5DB199C57DE
vary: Origin
x-azure-ref: 0g3ffYwAAAAAmMUbUNBStSbY+nC8lfMDaRlJBMzFFREdFMDkxNQA1OTY2NTcxNS00MjZhLTRmMWMtYTA1OS1kNWRmZDQwYWU2Yjk=
content-type: image/*
x-ms-request-id: e8a1dd6f-901e-0018-0c9f-38c971000000
cache-control: public, max-age=86400
x-ms-version: 2009-09-19

GET
H2 200 bannerlogo
aadcdn.msftauthimages.net/dbd5a2dd-dxwkn8zmqorrvfrpezrqqbiqs-op92gz1eht3ws7w0/logintenantbranding/0/ 2 KB
2 KB 161ms
10ms Image
image/* 2620:1ec:4e:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msftauthimages.net/dbd5a2dd-dxwkn8zmqorrvfrpezrqqbiqs-op92gz1eht3ws7w0/logintenantbranding/0/bannerlogo?ts=636966718706694231
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 9155cfd404c1c5fa95ec2d1d7e1c07b2f0ea87fb8a2c41cf737bd13088c018e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 05 Feb 2023 09:31:47 GMT
x-azure-ref-originshield: 06GneYwAAAACiYZD/SnLQR4W83G1RZAObRlJBMjMxMDUwNDE3MDExADU5NjY1NzE1LTQyNmEtNGYxYy1hMDU5LWQ1ZGZkNDBhZTZiOQ==
content-md5: w64OZkbrFTjCnRQqLz9f0w==
x-cache: TCP_HIT
content-length: 1913
x-ms-lease-status: unlocked
last-modified: Thu, 20 Jun 2019 23:57:51 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D6F5DB1AC09A8D
vary: Origin
x-azure-ref: 0g3ffYwAAAABQUc0y2IGbQ6K2LNTVAw2rRlJBMzFFREdFMDkxNQA1OTY2NTcxNS00MjZhLTRmMWMtYTA1OS1kNWRmZDQwYWU2Yjk=
content-type: image/*
x-ms-request-id: 71bb17bc-d01e-00f1-5687-383577000000
cache-control: public, max-age=86400
x-ms-version: 2009-09-19

GET
H2 200 marching_ants_white_166de53471265253ab3a456defe6da23.gif
aadcdn.msftauth.net/shared/1.0/content/images/ 3 KB
3 KB 13ms
13ms Image
image/gif 152.199.23.37
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/images/marching_ants_white_166de53471265253ab3a456defe6da23.gif
Requested by: Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_NnFX4S8X6vb-OgGnD82WNA2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48B2) /
Resource Hash: a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 05 Feb 2023 09:31:47 GMT
content-md5: Fm3lNHEmUlOrOkVt7+baIw==
age: 5040065
x-cache: HIT
content-length: 2672
x-ms-lease-status: unlocked
last-modified: Thu, 16 Jan 2020 00:32:52 GMT
server: ECAcc (ama/48B2)
etag: 0x8D79A1B9F2C6EC8
content-type: image/gif
access-control-allow-origin: *
x-ms-request-id: 7f4aa7f7-d01e-0006-336d-0b3844000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
aadcdn.msftauth.net/shared/1.0/content/images/ 4 KB
4 KB 13ms
13ms Image
image/gif 152.199.23.37
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/images/marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
Requested by: Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_NnFX4S8X6vb-OgGnD82WNA2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/4894) /
Resource Hash: 8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 05 Feb 2023 09:31:47 GMT
content-md5: tUCo5RgDcZLjLE/li/Lbqw==
age: 5040065
x-cache: HIT
content-length: 3620
x-ms-lease-status: unlocked
last-modified: Thu, 16 Jan 2020 00:32:52 GMT
server: ECAcc (ama/4894)
etag: 0x8D79A1B9F8A840E
content-type: image/gif
access-control-allow-origin: *
x-ms-request-id: 996a1b1c-501e-008f-5d6d-0b1923000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H/1.1 401
Unauthorized ssoprobe
autologon.microsoftazuread-sso.com/03ceccf2-fe27-4c66-abdb-699141848e61/winauth/ 12 B
1 KB 250ms
152ms Image
image/png 2603:1026:3000:c8::9

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://autologon.microsoftazuread-sso.com/03ceccf2-fe27-4c66-abdb-699141848e61/winauth/ssoprobe?client-request-id=be55e8d8-ee59-47f4-9e7d-3faa782786d1&_=1675589507503

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2603:1026:3000:c8::9 -, , ASN (),

Reverse DNS

Software

Resource Hash

d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Sun, 05 Feb 2023 09:31:47 GMT
X-Content-Type-Options: nosniff
WWW-Authenticate: Negotiate
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Content-Length: 12
X-XSS-Protection: 0
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Vary: Origin
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: image/png; charset=utf-8
Access-Control-Allow-Origin: https://login.microsoftonline.com
x-ms-request-id: 19ae586d-53c5-41d1-9a1c-91f34a8e6f00
Cache-Control: no-store, no-cache
Access-Control-Allow-Credentials: true
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub2"}]}
x-ms-ests-server: 2.1.14526.6 - SCUS ProdSlices
Expires: -1

POST
H/1.1 200
OK dssostatus Show response
login.microsoftonline.com/common/instrumentation/ 264 B
1 KB 158ms
158ms XHR
application/json 40.126.32.68
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.microsoftonline.com/common/instrumentation/dssostatus

Requested by

Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_NnFX4S8X6vb-OgGnD82WNA2.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.126.32.68 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2b03dd5f0d72cebc2b4be306d76654f7bde7f7a7739e01563836a2a36deacb36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

hpgrequestid: d91cf6f4-442d-404b-b7c9-834c5cf17500
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
client-request-id: be55e8d8-ee59-47f4-9e7d-3faa782786d1
canary: AQABAAAAAAD--DLA3VO7QrddgJg7WevrbfhYDvyWLkv-_nv2ypboUZdtQ5Q0e3O8ptkuan5q8HkqyGlEk7HJQAytYc-Rd4WVX7MUix0PnqGElxmElB1wCM3sYxI3yn4dAZeSzFlpWE6QWgZfN6bcs1_HpVX6pKv3IztsP1083Qf4r4dquAoOqiT2ItCmrfrNgV9S9-p39HrI5YhkV8w1SxwyvAcphwKdCDMXR48sR11ac9iZvNcokSAA
Content-type: application/json; charset=UTF-8
hpgid: 1104
Accept: application/json
Referer: https://login.microsoftonline.com/03ceccf2-fe27-4c66-abdb-699141848e61/saml2?SAMLRequest=tZJPb9pAEMW%2FirV32%2Bu%2FhRUgIVCQK0gQBNrmEi3rsbOVvWt21jTk09d2mrQ5tLdeRzPzfm%2FeTJDXVcPmrX1SOzi3gNbJllNSyvLKY8rTIE05h1Oe8FhElI8gobzIw4QG42gU0Ig4RzAotZqS0KPEyRBbyBRarmxXomHk0tClyT0dsyhgcfpAnGWnIhW3w9STtQ0y3690KZVXS2E06sJqVUkFntC1TyMBQhShW0D4yY1Fmrr8lJ%2FcdDwO4mAUjyAN%2FN5HSJwbbQQMbqak4BVCT7TliPIC75U5IphefaEVtjWYPZiLFHDYrX%2FzFDKvPWgDbzjFANJr%2BJfOph89nu%2B%2BHW7zuzafr9bRKsaH%2B8OmgcXqWG43kd0vv2dl83mXqNVxm%2B2u5nl%2F%2BRq%2BfMnjxwVyuDl3wI3PBRLnua4UsiGGKWmNYpqjRKZ4DcisYPv5Zs06TdYYbbXQFZlN%2Bm42XNr8Mf%2Fvcf5mmsw%2BWPw%2F9ibDtl%2BMr8ANu%2B2gsuVWV1Jc%2B6Rq3r3I35gDLxgqMneLoZW1ChsQspCQdxlWlf6xMMBtl6s1bRerP3tV%2FfjOs58%3D&RelayState=tk1.UXlKJPEtbIeGfTRJHsg4WtezW55LtBwm5xZT27KZS2Q&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=TxsDvy496qr0%2BWQB2qZVzLBBwMzcZi2AOYks6OWXyvI59m%2FDDUEUJB3OqgNjkavjolqDa6xQz%2Fu2k8xu6ZomvV%2BRoTAw5Dr81j86rR8VKv78SPcgRUGaTRAoRkQQhKIRU071NhhIA09pKhfw516NTLfH1iy6aOyuJgzdBaBWd2Nf6GKPaYXTpx75Al7%2BecZ4j0kOUp3IB8dNxqoqYuXnQ9n6ViJq1VJ9Dg2tZWSc4GBe0baBXSC7xaqNMgXNRugeGxvGbzm%2Fpyw9SJX2UzlLBHqY0LZbhhWcsc7q489JOwLKxR60TFigwBFTaS298eYUfia4zzh8znJAe9tCR8Ic0A%3D%3D&sso_reload=true
hpgact: 1900

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Date: Sun, 05 Feb 2023 09:31:47 GMT
X-Content-Type-Options: nosniff
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
client-request-id: be55e8d8-ee59-47f4-9e7d-3faa782786d1
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Content-Length: 264
X-XSS-Protection: 0
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Access-Control-Allow-Methods: POST, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://autologon.microsoftazuread-sso.com/
x-ms-request-id: 0c56824d-5722-4f49-bd6c-044f70a9ad00
Cache-Control: no-store, no-cache
Access-Control-Allow-Credentials: true
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
x-ms-ests-server: 2.1.14526.6 - WUS2 ProdSlices
Expires: -1

GET
H2 200 convergedlogin_pstringcustomizationhelper_44ba818dfa55d8749503.js Show response
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 111 KB
35 KB 13ms
13ms Script
application/x-javascript 152.199.23.37
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_44ba818dfa55d8749503.js
Requested by: Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_NnFX4S8X6vb-OgGnD82WNA2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48B9) /
Resource Hash: 79af9d6414cc1d900d943eb4e3bfca28338a72e0931ebfd6f93dcc0d7a6abcd2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 05 Feb 2023 09:31:47 GMT
content-encoding: gzip
content-md5: x+Nhj00unyDBcQ40kWZ5lw==
age: 4994675
x-cache: HIT
content-length: 35786
x-ms-lease-status: unlocked
last-modified: Tue, 15 Nov 2022 20:11:59 GMT
server: ECAcc (ama/48B9)
etag: 0x8DAC745A6C2BC42
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 170bc6d1-401e-0028-2ad7-0b87fb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 signin-options_4e48046ce74f4b89d45037c90576bfac.svg
aadcdn.msftauth.net/shared/1.0/content/images/ 2 KB
783 B 13ms
13ms Image
image/svg+xml 152.199.23.37
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48C2) /
Resource Hash: 8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 05 Feb 2023 09:31:47 GMT
content-encoding: gzip
content-md5: R2FAVxfpONfnQAuxVxXbHg==
age: 5040067
x-cache: HIT
content-length: 621
x-ms-lease-status: unlocked
last-modified: Tue, 10 Nov 2020 03:41:05 GMT
server: ECAcc (ama/48C2)
etag: 0x8D8852A740F01B9
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: fbad164b-e01e-0092-046d-0b9485000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: bam.nr-data.net
URL: https://bam.nr-data.net/events/1/NRJS-d9c4bb1739ab8c490bd?a=968336291&v=1223.PROD&to=blFVMUpZXxYHUExQVlcbYhdRF1AQElsXXlBeTVZKSl1VDBRWW00XSVxH&rst=4984&ck=0&s=cc15015a7c54c99f&ref=https://sabre-glbl.allaccesspass.com/auth/gigya/redirect.php&ptid=3c9cc8fb-0001-bc63-dc61-018620ead338

Domain: bam.nr-data.net
URL: https://bam.nr-data.net/jserrors/1/NRJS-d9c4bb1739ab8c490bd?a=968336291&v=1223.PROD&to=blFVMUpZXxYHUExQVlcbYhdRF1AQElsXXlBeTVZKSl1VDBRWW00XSVxH&rst=4986&ck=0&s=cc15015a7c54c99f&ref=https://sabre-glbl.allaccesspass.com/auth/gigya/redirect.php&ptid=3c9cc8fb-0001-bc63-dc61-018620ead338

Domain: bam.nr-data.net
URL: https://bam.nr-data.net/jserrors/1/NRJS-d9c4bb1739ab8c490bd?a=968336291&v=1223.PROD&to=blFVMUpZXxYHUExQVlcbYhdRF1AQElsXXlBeTVZKSl1VDBRWW00XSVxH&rst=4988&ck=0&s=cc15015a7c54c99f&ref=https://sabre-glbl.allaccesspass.com/auth/gigya/redirect.php&ptid=3c9cc8fb-0001-bc63-dc61-018620ead338

Domain: bam.nr-data.net
URL: https://bam.nr-data.net/events/1/NRJS-d9c4bb1739ab8c490bd?a=968336291&v=1223.PROD&to=blFVMUpZXxYHUExQVlcbYhdRF1AQElsXXlBeTVZKSl1VDBRWW00XSVxH&rst=4991&ck=0&s=cc15015a7c54c99f&ref=https://sabre-glbl.allaccesspass.com/auth/gigya/redirect.php&ptid=3c9cc8fb-0001-bc63-dc61-018620ead338

Domain: bam.nr-data.net
URL: https://bam.nr-data.net/resources/1/NRJS-d9c4bb1739ab8c490bd?a=968336291&v=1223.PROD&to=blFVMUpZXxYHUExQVlcbYhdRF1AQElsXXlBeTVZKSl1VDBRWW00XSVxH&rst=4993&ck=0&s=cc15015a7c54c99f&ref=https://sabre-glbl.allaccesspass.com/auth/gigya/redirect.php&ptid=3c9cc8fb-0001-bc63-dc61-018620ead338&st=1675589503279

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sabre-glbl.allaccesspass.com/	1969-12-31 23:59:59	Name: MoodleSession Value: g0rd3cunakmmugbt32i6ojipnv
.sabre-glbl.allaccesspass.com/	1969-12-31 23:59:59	Name: gig_canary Value: false
.sabre-glbl.allaccesspass.com/	1969-12-31 23:59:59	Name: gig_canary_ver Value: 13637-3-27926490
sabre-glbl.allaccesspass.com/	1970-01-20 18:52:24	Name: _pk_id.7.9a0f Value: ede60d06b6262c15.1675589506.
sabre-glbl.allaccesspass.com/	1970-01-20 09:26:31	Name: _pk_ses.7.9a0f Value: 1
.gigya.com/	1970-01-20 18:12:05	Name: gmid Value: gmid.ver4.AcbHlkM7_Q.UN1QQfVF9MfkQqwUl02rzTHiLdJbE-q1dQzT-Bla__nF_7fvXG7sxSxqRSmbsSFB.iAnoNhStzi0opdX-oSKwuA66bfmAhOl_GIHKwlAL0wVlEupUOwuHh0bB1t2YSyAI_FAXTLsUnvrQHOapGzrojg.sc3
.gigya.com/	1970-01-20 18:12:05	Name: ucid Value: k-p9C5DkcMMxFmEJS9Fgiw
.gigya.com/	1970-01-20 13:47:04	Name: hasGmid Value: ver4
.allaccesspass.com/	1970-01-20 18:12:05	Name: gig_bootstrap_3_qOYUNdOudAGL3G4sZTUMpeCGVgPM3tSDjIgpJR5nGVPIRyrxSvX2zWd4_CsaeFq1 Value: _gigya_ver4
login.microsoftonline.com/	1969-12-31 23:59:59	Name: x-ms-gateway-slice Value: estsfd
login.microsoftonline.com/	1969-12-31 23:59:59	Name: stsservicecookie Value: estsfd
.login.microsoftonline.com/	1969-12-31 23:59:59	Name: AADSSO Value: NA\|NoExtension
login.microsoftonline.com/	1970-01-20 09:26:29	Name: SSOCOOKIEPULLED Value: 1
login.microsoftonline.com/	1970-01-20 10:09:41	Name: buid Value: 0.ARcA8szOAyf-Zkyr22mRQYSOYYD1Xs3uCsdMh4eHja0GYrsXAAA.AQABAAEAAAD--DLA3VO7QrddgJg7Wevr8w3D2wY7KRlAnd1fBrtu40ChJVq8Owm5MFTTrv89Zin_J2nHyIVm3qtl2p5zV6vrjG8L3G5hdjTQCGD3D8mdaoVM2kOp5XfwqSmctVXhXsAgAA
login.microsoftonline.com/	1970-01-20 10:09:41	Name: fpc Value: AiXXNRzyIP5ImDzVxVZWYkBHQIVZAQAAAINucdsOAAAA
.login.microsoftonline.com/	1969-12-31 23:59:59	Name: esctx Value: PAQABAAEAAAD--DLA3VO7QrddgJg7Wevrum2usbb3dRkT0K3eKdljLMS-I4SIlRfCH5KNLAxcp3_uBp4JuLtDqsLEjNPQ03f82bbY8EFDIq4if3nOMdDZnahqd6U3r0QGs2fk04jP4ZCfppv8TTKdzfJDwshu7E7YrWxjOc5WV7-rVabhy6WTtedhLKRVsf4GQdIun5N2UQcgAA
.login.microsoftonline.com/	1970-01-20 18:48:05	Name: brcap Value: 0
.login.live.com/	1969-12-31 23:59:59	Name: uaid Value: 5862d2dcf69044aab668f999c56a7bf2
.login.live.com/	1969-12-31 23:59:59	Name: MSPRequ Value: id=N&lt=1675589507&co=1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://autologon.microsoftazuread-sso.com/03ceccf2-fe27-4c66-abdb-699141848e61/winauth/ssoprobe?client-request-id=be55e8d8-ee59-47f4-9e7d-3faa782786d1&_=1675589507503 Message: Failed to load resource: the server responded with a status of 401 (Unauthorized)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msftauth.net
aadcdn.msftauthimages.net
accounts.eu1.gigya.com
analytics.franklincovey.com
autologon.microsoftazuread-sso.com
bam.nr-data.net
cdns.eu1.gigya.com
cdns.gigya.com
js-agent.newrelic.com
login.live.com
login.microsoftonline.com
sabre-glbl.allaccesspass.com
socialize.eu1.gigya.com
bam.nr-data.net
151.101.2.137
152.199.23.37
162.247.243.29
20.190.159.75
23.203.124.246
2603:1026:3000:c8::9
2606:4700::6811:7c6b
2606:4700::6811:9e2f
2620:1ec:4e:1::45
40.126.32.68
54.229.120.124
0643b89f1c7ee48d7c6924f3218038573e96a141d4cabb8245f2b6e1cc114aa7
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0e2ef54a0f3644ed15e5b535dd3a30b94ba2cbf05631efc41039ae793c8b0efe
13eaaadfa414f262b7964320054bb2b322b9ef9f3522bc25c9d60dc83b5141cf
17bacf087c81de247458f36e0955f3240530631a8be29df58b95002460ad8b9b
226b38d4dd6197b2d2989ef529f69e83ee3ff816b601033ee5ad3ba07fa76307
244ff779cc4a0d32d8a21e1dceece94080b39c4b2c77ab5c0a772f333db71216
28fa8f3ba41d8801e3d95e7128f5b2189a4344ebee1a56d4be7a313959f608e1
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b03dd5f0d72cebc2b4be306d76654f7bde7f7a7739e01563836a2a36deacb36
3195ad9f8f03f61bbc60571b47b67ba7e41b0cf29e881ab188ff2dadf766e073
44e1c6e07e9368fef34008b5c7219e220bf4af5e67dd052392670cf73aac5540
464dc53c29fe2f42628ffc7f81a0fc50d8b0d37f15c4dba9b7b13058f0750cc7
47d4926ac5a1fc8fb429ef63b24d171ebc2c937ddf8f365229c400981e5e5028
4c4315a802a524908b6bdb663ec91621674f4874187586d885f188f7e141dbe1
53bdcee8a9cdd9361a8b66d4b70711ce2c87593b340b38f8cabeecfb1b37ffc8
621c0f52571ccff5dab81de13db26fda4b4a7dad83a01827c9139571023abea4
6dabc51abad962efcfc47a6303909ba3cf193bcb33b21573090186f42b3384cc
79af9d6414cc1d900d943eb4e3bfca28338a72e0931ebfd6f93dcc0d7a6abcd2
7eb61ba5b02c939a8985c145a24985cb3b4e3cadfcfc00fa5bca76aa0d8c5238
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d
88425afc6e97c1d162e0a355b790dc4e020ff80b632e5649697dca5bc784002d
88e0b9009e3713315a92b60c0b4bf76feb8d00397659b1ddcc6ec50a7e0f7f17
8c1a4c25634d5841924aab1848acc9dcbc3d5672183053c8b71ff2139b65d7c3
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
9155cfd404c1c5fa95ec2d1d7e1c07b2f0ea87fb8a2c41cf737bd13088c018e8
99a0b3faced06a4d7485f9a9210d14ac44fefc5adfaa7aa6845447e8805d0090
9bd56c050af4879339542dd853a667ba1986a1f4d98c329b300b32dc2327dd6f
9ce0dbd6a1df9332653e27d1ddc505c5b78fd82b4112de0ec63840c3fbe0b8c2
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13
a757f891e9f4a002a7aecb7fcf4e1d74e3e43cc2dc74c3a1fe3812fe7c9a3545
a83848cf5c3d96caefe490c19e41659609b3691dd4c531cf925016c084d8e1b0
a9f005e089d9b3687422ecf086ea3591799905a1a07d14296eb227a9a7c31ef5
b1ffa703af97cbc8af57a71d2ba52caf7f68d6d34b50190aa9b7d0cb53233e9a
bd31b5ad4e0e741f2066270580ff1324e97e726e5a3f42b2c11c06978600db4e
c393342c57c8667be14de099b8a6706d29c722e4b60cec05b2282eea35ce1d6c
c408e00f3bc7c005e9abb9d43b2e6ad3def85e0941ab974a9e3bd76673c8a4d5
c4cc4d14d94d940a82ceb24dc9c9ae9d4573a436e1369db31f2d9c2b1546fe18
c8edda064d7c63f7054917d4b362a21f658c30402bbb3a2e0c2b068da5d87764
c974a0be091a8f09353472bbb41cb939e48a6796f6d0cf95686a7b4d73aa8490
cf2b7b8c9c5756454079e4eb012128b38f569bcc9d32a5b895df5396ae5052b2
d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f
d48070cc41f2a2635157b17181a8c3301e2dadc903b9cb8f2cda85e4f5552181
d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693
d9e07890edf5f6f350ef465b37479fc6192923e60e64d9f20af37eb3b011cc66
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e65e816468e378398c8b6b03778512b0b7b589357f6f71d08d552eb589fb4a32
e87e201d3ac066d6522dc7a17d02df52163ae9e47173244f017d23476f9e1eda
ea517d78750e7290d56ed539f4109f6a9e8f0fed191eaee0696ef7d7d0873d27
ebd6c996822a5f23a3cd2a32ba98f37e4672270107d2cc7c9f220fdaed67482a
ec9d65cb26cade9adcf9c012734551cf8c86c49a1ff45fef12662ae42f312e3f
f3244bd74b32ba997b08940680a1c95511a9b8f529fb11b87b1df7c0378b8214
fbd5b8255a99afe96e89a88423275ed4e93083fad3311dd349906122e63206a0
ffa86b44a28a0a3cb18c772b09c2b4cd5812be3c763b445ec5c9d70ff48b0dc2

login.microsoftonline.com Open in urlscan Pro 40.126.32.68 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

65 Requests

92 %HTTPS

36 %IPv6

10 Domains

13 Subdomains

12 IPs

4 Countries

1887 kBTransfer

6256 kBSize

19 Cookies

3 Outgoing links

Page URL History

Redirected requests

65 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

login.microsoftonline.com Open in urlscan Pro
40.126.32.68 Public Scan

Screenshot
Live screenshot

Full Image

65
Requests

92 %
HTTPS

36 %
IPv6

10
Domains

13
Subdomains

12
IPs

4
Countries

1887 kB
Transfer

6256 kB
Size

19
Cookies

65 HTTP transactions
0 data transactions