Submitted URL: http://safehaven.adm.cloud.com/
Effective URL: https://accounts.cloud.com/core/login?ReturnUrl=%2Fcore%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DRtmydVjvjLZBbU3qU3b8...
Submission: On April 23 via manual — Scanned from NZ

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 18 HTTP transactions. The main IP is 40.115.64.138, located in Melbourne, Australia and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is accounts.cloud.com. The Cisco Umbrella rank of the primary domain is 15146.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on July 1st 2022. Valid for: a year.
This is the only time accounts.cloud.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 54.164.44.169 14618 (AMAZON-AES)
2 2 54.208.132.223 14618 (AMAZON-AES)
1 1 20.193.35.83 8075 (MICROSOFT...)
1 14 40.115.64.138 8075 (MICROSOFT...)
1 172.217.194.97 15169 (GOOGLE)
1 13.35.8.97 16509 (AMAZON-02)
3 172.217.194.121 15169 (GOOGLE)
18 4
Apex Domain
Subdomains
Transfer
18 cloud.com
safehaven.adm.cloud.com — Cisco Umbrella Rank: 51976
citrix.cloud.com — Cisco Umbrella Rank: 54579
accounts.cloud.com — Cisco Umbrella Rank: 15146
2 MB
4 pendo.io
citrix-cloud-content.customer.pendo.io — Cisco Umbrella Rank: 92117
citrix-cloud-data.customer.pendo.io — Cisco Umbrella Rank: 60547
139 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
63 KB
18 3
Domain Requested by
14 accounts.cloud.com 1 redirects accounts.cloud.com
3 citrix-cloud-data.customer.pendo.io citrix-cloud-content.customer.pendo.io
3 safehaven.adm.cloud.com 3 redirects
1 citrix-cloud-content.customer.pendo.io accounts.cloud.com
1 www.googletagmanager.com accounts.cloud.com
1 citrix.cloud.com 1 redirects
18 6

This site contains links to these domains. Also see Links.

Domain
onboarding.cloud.com
docs.citrix.com
Subject Issuer Validity Valid
accounts.cloud.com
DigiCert TLS RSA SHA256 2020 CA1
2022-07-01 -
2023-06-30
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-04-03 -
2023-06-26
3 months crt.sh
citrix-cloud-content.customer.pendo.io
Amazon RSA 2048 M02
2023-02-23 -
2023-11-16
9 months crt.sh
citrix-cloud-data.customer.pendo.io
GTS CA 1D4
2023-03-03 -
2023-06-01
3 months crt.sh

This page contains 1 frames:

Primary Page: https://accounts.cloud.com/core/login?ReturnUrl=%2Fcore%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DRtmydVjvjLZBbU3qU3b8eQ%253D%253D%26redirect_uri%3Dhttps%253A%252F%252Fcitrix.cloud.com%252Foauth%26response_type%3Dcode%26scope%3Dopenid%2520email%2520profile%2520ctx_principal_aliases%2520offline_access%2520ctx_universal%2520ctx_adoid%2520allow_compressed_groups%26state%3Dhttps%253A%252F%252Fcitrix.cloud.com%252Foauth.05feb6a1-2a7f-4ee0-91ea-962e163c9233
Frame ID: A3DE06EFBDDE1929EB321E2095A7EBF9
Requests: 18 HTTP requests in this frame

Screenshot

Page Title

Citrix Secure Sign In

Page URL History Show full URLs

  1. http://safehaven.adm.cloud.com/ HTTP 301
    https://safehaven.adm.cloud.com/ HTTP 302
    https://safehaven.adm.cloud.com//admin_ui/mas/svc/html/main.html HTTP 302
    https://citrix.cloud.com//login?redirectUrl=aHR0cHM6Ly9hZG0uY2xvdWQuY29tL2FkbWluX3VpL21hcy9zdmMvaHRtb... HTTP 302
    https://accounts.cloud.com/core/connect/authorize?client_id=RtmydVjvjLZBbU3qU3b8eQ%3D%3D&redirect_uri=h... HTTP 302
    https://accounts.cloud.com/core/login?ReturnUrl=%2Fcore%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3D... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

18
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

6
Subdomains

4
IPs

2
Countries

2222 kB
Transfer

2688 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://safehaven.adm.cloud.com/ HTTP 301
    https://safehaven.adm.cloud.com/ HTTP 302
    https://safehaven.adm.cloud.com//admin_ui/mas/svc/html/main.html HTTP 302
    https://citrix.cloud.com//login?redirectUrl=aHR0cHM6Ly9hZG0uY2xvdWQuY29tL2FkbWluX3VpL21hcy9zdmMvaHRtbC9tYWluLmh0bWw7UTBNdFVsTkJMVk5JUVRJMU5pMHlPekUyT0RJeU9ERTJOVFU3WXpSa05URmpNekEzWVdGaE1HRmtObUZtTkROaE9XRmpaRFU0TUdJek16TTdaalpKY0hOMlFsUkdlVVZaU0RNdk16QnVLMU5hYnpGcFZEaFRZVWhKYVhKNWFuVlNiakk0T1RCNWNYZG1Va2d6U0ZVeFVHMXpORTQwZVhkcGVtUmFjbUl3Y1dwdE4zbGFObWxLSzFwUVkxWlBORzQwYkZSRU9GVnVSRE5OWkZWak5WTlBaSEk1VG5CTlVGSTRSbXh4YVVOMk1teENPSGN6Y0V4VFZFSk1WR2RaZEVzNFFYWkVjRVExVlVkelZGcHBRVVpTUm1kVVVYcFhkVFZHZGs1VFVUaGtaSEJ3VVV0SmVHcDFjblJ5V0RsR1UwbzJXRWMxY0dOUE9FSkJhVzlCTjA5UWRGRTNZVlpKTVV0NGRGVlRWRlpzYlU1MVFWcEpTazFrY1ZCMk5ISnlZbUV2YkRoalJVUnBTbE5NWlV4NlIxTjNRa1ZOZG1nd1VGZERNM1F4V0RGdlZXWjJkVWMwTld4V1VVUk9WME16VDJwU1dtcEZZVzUxY0RkT1dtWkRTMkYwUjJKMlZrRmFPU3RVUlM5M1lUWlhPSEJFU0dGNllsTkpUSGxPY1RkNWJ6aG9OV2M0YlM4MWIxTnNlVmh3UnpsTlZEaG5QVDA3VFVGVA== HTTP 302
    https://accounts.cloud.com/core/connect/authorize?client_id=RtmydVjvjLZBbU3qU3b8eQ%3D%3D&redirect_uri=https%3A%2F%2Fcitrix.cloud.com%2Foauth&response_type=code&scope=openid%20email%20profile%20ctx_principal_aliases%20offline_access%20ctx_universal%20ctx_adoid%20allow_compressed_groups&state=https%3A%2F%2Fcitrix.cloud.com%2Foauth.05feb6a1-2a7f-4ee0-91ea-962e163c9233 HTTP 302
    https://accounts.cloud.com/core/login?ReturnUrl=%2Fcore%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DRtmydVjvjLZBbU3qU3b8eQ%253D%253D%26redirect_uri%3Dhttps%253A%252F%252Fcitrix.cloud.com%252Foauth%26response_type%3Dcode%26scope%3Dopenid%2520email%2520profile%2520ctx_principal_aliases%2520offline_access%2520ctx_universal%2520ctx_adoid%2520allow_compressed_groups%26state%3Dhttps%253A%252F%252Fcitrix.cloud.com%252Foauth.05feb6a1-2a7f-4ee0-91ea-962e163c9233 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request login
accounts.cloud.com/core/
Redirect Chain
  • http://safehaven.adm.cloud.com/
  • https://safehaven.adm.cloud.com/
  • https://safehaven.adm.cloud.com//admin_ui/mas/svc/html/main.html
  • https://citrix.cloud.com//login?redirectUrl=aHR0cHM6Ly9hZG0uY2xvdWQuY29tL2FkbWluX3VpL21hcy9zdmMvaHRtbC9tYWluLmh0bWw7UTBNdFVsTkJMVk5JUVRJMU5pMHlPekUyT0RJeU9ERTJOVFU3WXpSa05URmpNekEzWVdGaE1HRmtObUZtT...
  • https://accounts.cloud.com/core/connect/authorize?client_id=RtmydVjvjLZBbU3qU3b8eQ%3D%3D&redirect_uri=https%3A%2F%2Fcitrix.cloud.com%2Foauth&response_type=code&scope=openid%20email%20profile%20ctx_...
  • https://accounts.cloud.com/core/login?ReturnUrl=%2Fcore%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DRtmydVjvjLZBbU3qU3b8eQ%253D%253D%26redirect_uri%3Dhttps%253A%252F%252Fcitrix.cloud.com%252Foau...
4 KB
5 KB
Document
General
Full URL
https://accounts.cloud.com/core/login?ReturnUrl=%2Fcore%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DRtmydVjvjLZBbU3qU3b8eQ%253D%253D%26redirect_uri%3Dhttps%253A%252F%252Fcitrix.cloud.com%252Foauth%26response_type%3Dcode%26scope%3Dopenid%2520email%2520profile%2520ctx_principal_aliases%2520offline_access%2520ctx_universal%2520ctx_adoid%2520allow_compressed_groups%26state%3Dhttps%253A%252F%252Fcitrix.cloud.com%252Foauth.05feb6a1-2a7f-4ee0-91ea-962e163c9233
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.115.64.138 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
49e888ef28ab2b921acedf92cc8fc8dd9f71956f1fb6f76bdb8ad3d69cde0e8e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
no-cache, no-store
Citrix-TransactionId
7e0ecd71-9718-48ce-8db9-9e5bd38a17a4
Content-Length
3617
Content-Security-Policy
frame-ancestors 'self'
Content-Type
text/html
Date
Sun, 23 Apr 2023 20:27:36 GMT
Pragma
no-cache
Referrer-Policy
no-referrer
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-ATH-SessionId
4b6387c5-87b8-46e7-914d-0bc28e320ead
X-ATH-TransactionId
7e0ecd71-9718-48ce-8db9-9e5bd38a17a4
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN

Redirect headers

Citrix-TransactionId
b31482a2-032f-4f0d-817a-17a3ab84ec20
Content-Length
0
Content-Security-Policy
frame-ancestors 'self'
Date
Sun, 23 Apr 2023 20:27:35 GMT
Location
https://accounts.cloud.com/core/login?ReturnUrl=%2Fcore%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DRtmydVjvjLZBbU3qU3b8eQ%253D%253D%26redirect_uri%3Dhttps%253A%252F%252Fcitrix.cloud.com%252Foauth%26response_type%3Dcode%26scope%3Dopenid%2520email%2520profile%2520ctx_principal_aliases%2520offline_access%2520ctx_universal%2520ctx_adoid%2520allow_compressed_groups%26state%3Dhttps%253A%252F%252Fcitrix.cloud.com%252Foauth.05feb6a1-2a7f-4ee0-91ea-962e163c9233
Referrer-Policy
no-referrer
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-ATH-SessionId
4b6387c5-87b8-46e7-914d-0bc28e320ead
X-ATH-TransactionId
b31482a2-032f-4f0d-817a-17a3ab84ec20
X-Content-Type-Options
nosniff
common.js
accounts.cloud.com/identity/assets/
805 KB
805 KB
Script
General
Full URL
https://accounts.cloud.com/identity/assets/common.js
Requested by
Host: accounts.cloud.com
URL: https://accounts.cloud.com/core/login?ReturnUrl=%2Fcore%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DRtmydVjvjLZBbU3qU3b8eQ%253D%253D%26redirect_uri%3Dhttps%253A%252F%252Fcitrix.cloud.com%252Foauth%26response_type%3Dcode%26scope%3Dopenid%2520email%2520profile%2520ctx_principal_aliases%2520offline_access%2520ctx_universal%2520ctx_adoid%2520allow_compressed_groups%26state%3Dhttps%253A%252F%252Fcitrix.cloud.com%252Foauth.05feb6a1-2a7f-4ee0-91ea-962e163c9233
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.115.64.138 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
60cd5822d7e981cdfad593102e8fb818d04933593c85a7be99eb6c7acc708b0d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Citrix-TransactionId
0ad8bf4f-65b8-4e34-b171-81d7ba67195f
Date
Sun, 23 Apr 2023 20:27:36 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
no-referrer
Last-Modified
Mon, 20 Mar 2023 14:23:22 GMT
Content-Security-Policy
frame-ancestors 'self'
ETag
"1d95b37866dfa4b"
Content-Type
application/javascript
X-ATH-TransactionId
0ad8bf4f-65b8-4e34-b171-81d7ba67195f
Content-Length
824139
X-ATH-SessionId
4b6387c5-87b8-46e7-914d-0bc28e320ead
app.js
accounts.cloud.com/identity/assets/
560 KB
560 KB
Script
General
Full URL
https://accounts.cloud.com/identity/assets/app.js
Requested by
Host: accounts.cloud.com
URL: https://accounts.cloud.com/core/login?ReturnUrl=%2Fcore%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DRtmydVjvjLZBbU3qU3b8eQ%253D%253D%26redirect_uri%3Dhttps%253A%252F%252Fcitrix.cloud.com%252Foauth%26response_type%3Dcode%26scope%3Dopenid%2520email%2520profile%2520ctx_principal_aliases%2520offline_access%2520ctx_universal%2520ctx_adoid%2520allow_compressed_groups%26state%3Dhttps%253A%252F%252Fcitrix.cloud.com%252Foauth.05feb6a1-2a7f-4ee0-91ea-962e163c9233
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.115.64.138 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c984a566bf2196bf3b10c7996a866691834f2b9a63062344baa21f4522321f2f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Citrix-TransactionId
f6db96e7-f719-4fc5-96df-4d5847aa67a2
Date
Sun, 23 Apr 2023 20:27:36 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
no-referrer
Last-Modified
Mon, 20 Mar 2023 14:23:22 GMT
Content-Security-Policy
frame-ancestors 'self'
ETag
"1d95b378669d676"
Content-Type
application/javascript
X-ATH-TransactionId
f6db96e7-f719-4fc5-96df-4d5847aa67a2
Content-Length
573302
X-ATH-SessionId
4b6387c5-87b8-46e7-914d-0bc28e320ead
1.js
accounts.cloud.com/identity/assets/
31 KB
31 KB
Script
General
Full URL
https://accounts.cloud.com/identity/assets/1.js
Requested by
Host: accounts.cloud.com
URL: https://accounts.cloud.com/identity/assets/app.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.115.64.138 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
999ec1849ce90f621f38c162a65d43a12cf90109330a2b5b5c2ce5da0cd8834e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Citrix-TransactionId
3ab31a26-8b7b-4575-8838-11a418d6d16a
Date
Sun, 23 Apr 2023 20:27:38 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
no-referrer
Last-Modified
Mon, 20 Mar 2023 14:23:22 GMT
Content-Security-Policy
frame-ancestors 'self'
ETag
"1d95b37866112c3"
Content-Type
application/javascript
X-ATH-TransactionId
3ab31a26-8b7b-4575-8838-11a418d6d16a
Content-Length
31683
X-ATH-SessionId
4b6387c5-87b8-46e7-914d-0bc28e320ead
2.js
accounts.cloud.com/identity/assets/
146 KB
147 KB
Script
General
Full URL
https://accounts.cloud.com/identity/assets/2.js
Requested by
Host: accounts.cloud.com
URL: https://accounts.cloud.com/identity/assets/app.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.115.64.138 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4f73a6ca56452897589caff5a702199d8f1e372a172acbbe5b0af2aa0e312c1b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Citrix-TransactionId
ca8102ed-0775-44cd-bb1f-a7423e5e5da4
Date
Sun, 23 Apr 2023 20:27:38 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
no-referrer
Last-Modified
Mon, 20 Mar 2023 14:23:22 GMT
Content-Security-Policy
frame-ancestors 'self'
ETag
"1d95b37866321e8"
Content-Type
application/javascript
X-ATH-TransactionId
ca8102ed-0775-44cd-bb1f-a7423e5e5da4
Content-Length
149736
X-ATH-SessionId
4b6387c5-87b8-46e7-914d-0bc28e320ead
5.js
accounts.cloud.com/identity/assets/
349 KB
349 KB
Script
General
Full URL
https://accounts.cloud.com/identity/assets/5.js
Requested by
Host: accounts.cloud.com
URL: https://accounts.cloud.com/identity/assets/app.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.115.64.138 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9461bfbc3a5280677dcfb7a6b2b8974fbaecf55036f35ad53373ba0ce9e1456d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Citrix-TransactionId
eec461e8-298c-4c34-9e75-5d7130bd586e
Date
Sun, 23 Apr 2023 20:27:38 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
no-referrer
Last-Modified
Mon, 20 Mar 2023 14:23:22 GMT
Content-Security-Policy
frame-ancestors 'self'
ETag
"1d95b3786641b1f"
Content-Type
application/javascript
X-ATH-TransactionId
eec461e8-298c-4c34-9e75-5d7130bd586e
Content-Length
356895
X-ATH-SessionId
4b6387c5-87b8-46e7-914d-0bc28e320ead
gtm.js
www.googletagmanager.com/
258 KB
63 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NW58833
Requested by
Host: accounts.cloud.com
URL: https://accounts.cloud.com/core/login?ReturnUrl=%2Fcore%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DRtmydVjvjLZBbU3qU3b8eQ%253D%253D%26redirect_uri%3Dhttps%253A%252F%252Fcitrix.cloud.com%252Foauth%26response_type%3Dcode%26scope%3Dopenid%2520email%2520profile%2520ctx_principal_aliases%2520offline_access%2520ctx_universal%2520ctx_adoid%2520allow_compressed_groups%26state%3Dhttps%253A%252F%252Fcitrix.cloud.com%252Foauth.05feb6a1-2a7f-4ee0-91ea-962e163c9233
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
b419e6b94d0a9bc07167898e4f48db276ae59a935545d360306fdfc0fe94e72b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 20:27:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63632
x-xss-protection
0
last-modified
Sun, 23 Apr 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 23 Apr 2023 20:27:39 GMT
b4e0e33c7a311bd4f6eaa04efc2d42e9.svg
accounts.cloud.com/identity/assets/
7 KB
7 KB
Image
General
Full URL
https://accounts.cloud.com/identity/assets/b4e0e33c7a311bd4f6eaa04efc2d42e9.svg
Requested by
Host: accounts.cloud.com
URL: https://accounts.cloud.com/core/login?ReturnUrl=%2Fcore%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DRtmydVjvjLZBbU3qU3b8eQ%253D%253D%26redirect_uri%3Dhttps%253A%252F%252Fcitrix.cloud.com%252Foauth%26response_type%3Dcode%26scope%3Dopenid%2520email%2520profile%2520ctx_principal_aliases%2520offline_access%2520ctx_universal%2520ctx_adoid%2520allow_compressed_groups%26state%3Dhttps%253A%252F%252Fcitrix.cloud.com%252Foauth.05feb6a1-2a7f-4ee0-91ea-962e163c9233
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.115.64.138 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a657dc21967cc110f043c1955a0269741d0a63bc1e89f150379aef01b1b1df41
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://accounts.cloud.com/core/login?ReturnUrl=%2Fcore%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DRtmydVjvjLZBbU3qU3b8eQ%253D%253D%26redirect_uri%3Dhttps%253A%252F%252Fcitrix.cloud.com%252Foauth%26response_type%3Dcode%26scope%3Dopenid%2520email%2520profile%2520ctx_principal_aliases%2520offline_access%2520ctx_universal%2520ctx_adoid%2520allow_compressed_groups%26state%3Dhttps%253A%252F%252Fcitrix.cloud.com%252Foauth.05feb6a1-2a7f-4ee0-91ea-962e163c9233
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Citrix-TransactionId
5e53ab5c-5b7b-4650-b52d-65c5e601096f
Date
Sun, 23 Apr 2023 20:27:38 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
no-referrer
Last-Modified
Mon, 20 Mar 2023 14:23:20 GMT
Content-Security-Policy
frame-ancestors 'self'
ETag
"1d95b37853026e5"
Content-Type
image/svg+xml
X-ATH-TransactionId
5e53ab5c-5b7b-4650-b52d-65c5e601096f
Content-Length
6885
X-ATH-SessionId
4b6387c5-87b8-46e7-914d-0bc28e320ead
32e5254aa11e7847aec338fb567da2dd.svg
accounts.cloud.com/identity/assets/
1 KB
2 KB
Image
General
Full URL
https://accounts.cloud.com/identity/assets/32e5254aa11e7847aec338fb567da2dd.svg
Requested by
Host: accounts.cloud.com
URL: https://accounts.cloud.com/core/login?ReturnUrl=%2Fcore%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DRtmydVjvjLZBbU3qU3b8eQ%253D%253D%26redirect_uri%3Dhttps%253A%252F%252Fcitrix.cloud.com%252Foauth%26response_type%3Dcode%26scope%3Dopenid%2520email%2520profile%2520ctx_principal_aliases%2520offline_access%2520ctx_universal%2520ctx_adoid%2520allow_compressed_groups%26state%3Dhttps%253A%252F%252Fcitrix.cloud.com%252Foauth.05feb6a1-2a7f-4ee0-91ea-962e163c9233
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.115.64.138 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0bcdf83b17380f3b4b9da9111be805788fafb6a64ad4a535f9b60168407795fe
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://accounts.cloud.com/core/login?ReturnUrl=%2Fcore%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DRtmydVjvjLZBbU3qU3b8eQ%253D%253D%26redirect_uri%3Dhttps%253A%252F%252Fcitrix.cloud.com%252Foauth%26response_type%3Dcode%26scope%3Dopenid%2520email%2520profile%2520ctx_principal_aliases%2520offline_access%2520ctx_universal%2520ctx_adoid%2520allow_compressed_groups%26state%3Dhttps%253A%252F%252Fcitrix.cloud.com%252Foauth.05feb6a1-2a7f-4ee0-91ea-962e163c9233
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Citrix-TransactionId
efb4d8f5-02bc-45ce-bbd8-00679fcb8e4c
Date
Sun, 23 Apr 2023 20:27:39 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
no-referrer
Last-Modified
Mon, 20 Mar 2023 14:23:22 GMT
Content-Security-Policy
frame-ancestors 'self'
ETag
"1d95b3786616da1"
Content-Type
image/svg+xml
X-ATH-TransactionId
efb4d8f5-02bc-45ce-bbd8-00679fcb8e4c
Content-Length
1185
X-ATH-SessionId
4b6387c5-87b8-46e7-914d-0bc28e320ead
c30db027aac89ba426ef2bbe1047648a.svg
accounts.cloud.com/identity/assets/
1 KB
2 KB
Image
General
Full URL
https://accounts.cloud.com/identity/assets/c30db027aac89ba426ef2bbe1047648a.svg
Requested by
Host: accounts.cloud.com
URL: https://accounts.cloud.com/core/login?ReturnUrl=%2Fcore%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DRtmydVjvjLZBbU3qU3b8eQ%253D%253D%26redirect_uri%3Dhttps%253A%252F%252Fcitrix.cloud.com%252Foauth%26response_type%3Dcode%26scope%3Dopenid%2520email%2520profile%2520ctx_principal_aliases%2520offline_access%2520ctx_universal%2520ctx_adoid%2520allow_compressed_groups%26state%3Dhttps%253A%252F%252Fcitrix.cloud.com%252Foauth.05feb6a1-2a7f-4ee0-91ea-962e163c9233
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.115.64.138 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d7cc490a16129b68ddd75590075bd80b99f69f26c9b993618d41a3c1338b3bbf
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://accounts.cloud.com/core/login?ReturnUrl=%2Fcore%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DRtmydVjvjLZBbU3qU3b8eQ%253D%253D%26redirect_uri%3Dhttps%253A%252F%252Fcitrix.cloud.com%252Foauth%26response_type%3Dcode%26scope%3Dopenid%2520email%2520profile%2520ctx_principal_aliases%2520offline_access%2520ctx_universal%2520ctx_adoid%2520allow_compressed_groups%26state%3Dhttps%253A%252F%252Fcitrix.cloud.com%252Foauth.05feb6a1-2a7f-4ee0-91ea-962e163c9233
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Citrix-TransactionId
cda9ca09-515e-4728-bc0a-833963610bf1
Date
Sun, 23 Apr 2023 20:27:39 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
no-referrer
Last-Modified
Mon, 20 Mar 2023 14:23:20 GMT
Content-Security-Policy
frame-ancestors 'self'
ETag
"1d95b37853038f7"
Content-Type
image/svg+xml
X-ATH-TransactionId
cda9ca09-515e-4728-bc0a-833963610bf1
Content-Length
1271
X-ATH-SessionId
4b6387c5-87b8-46e7-914d-0bc28e320ead
96ca2a24c1787dd7f2d08e4a01df959c.woff2
accounts.cloud.com/identity/assets/
32 KB
32 KB
Font
General
Full URL
https://accounts.cloud.com/identity/assets/96ca2a24c1787dd7f2d08e4a01df959c.woff2
Requested by
Host: accounts.cloud.com
URL: https://accounts.cloud.com/core/login?ReturnUrl=%2Fcore%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DRtmydVjvjLZBbU3qU3b8eQ%253D%253D%26redirect_uri%3Dhttps%253A%252F%252Fcitrix.cloud.com%252Foauth%26response_type%3Dcode%26scope%3Dopenid%2520email%2520profile%2520ctx_principal_aliases%2520offline_access%2520ctx_universal%2520ctx_adoid%2520allow_compressed_groups%26state%3Dhttps%253A%252F%252Fcitrix.cloud.com%252Foauth.05feb6a1-2a7f-4ee0-91ea-962e163c9233
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.115.64.138 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
bea988eeadc7c0ddf9644c2dce7efb35f1767eac0187c0967f8a2567473cbbfe
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://accounts.cloud.com/core/login?ReturnUrl=%2Fcore%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DRtmydVjvjLZBbU3qU3b8eQ%253D%253D%26redirect_uri%3Dhttps%253A%252F%252Fcitrix.cloud.com%252Foauth%26response_type%3Dcode%26scope%3Dopenid%2520email%2520profile%2520ctx_principal_aliases%2520offline_access%2520ctx_universal%2520ctx_adoid%2520allow_compressed_groups%26state%3Dhttps%253A%252F%252Fcitrix.cloud.com%252Foauth.05feb6a1-2a7f-4ee0-91ea-962e163c9233
Origin
https://accounts.cloud.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Citrix-TransactionId
23bdc7fc-b396-4124-b678-7a4ae686dfde
Date
Sun, 23 Apr 2023 20:27:39 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
no-referrer
Last-Modified
Mon, 20 Mar 2023 14:23:20 GMT
Content-Security-Policy
frame-ancestors 'self'
ETag
"1d95b3785304324"
Content-Type
application/font-woff2
X-ATH-TransactionId
23bdc7fc-b396-4124-b678-7a4ae686dfde
Content-Length
32548
X-ATH-SessionId
4b6387c5-87b8-46e7-914d-0bc28e320ead
029f6f0129beaededd6e592095429d81.woff2
accounts.cloud.com/identity/assets/
32 KB
32 KB
Font
General
Full URL
https://accounts.cloud.com/identity/assets/029f6f0129beaededd6e592095429d81.woff2
Requested by
Host: accounts.cloud.com
URL: https://accounts.cloud.com/core/login?ReturnUrl=%2Fcore%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DRtmydVjvjLZBbU3qU3b8eQ%253D%253D%26redirect_uri%3Dhttps%253A%252F%252Fcitrix.cloud.com%252Foauth%26response_type%3Dcode%26scope%3Dopenid%2520email%2520profile%2520ctx_principal_aliases%2520offline_access%2520ctx_universal%2520ctx_adoid%2520allow_compressed_groups%26state%3Dhttps%253A%252F%252Fcitrix.cloud.com%252Foauth.05feb6a1-2a7f-4ee0-91ea-962e163c9233
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.115.64.138 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
eb2423d9ac27b2c8974304b1bcdfc5031a84f3d5f22b31cb888127967c6bd906
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://accounts.cloud.com/core/login?ReturnUrl=%2Fcore%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DRtmydVjvjLZBbU3qU3b8eQ%253D%253D%26redirect_uri%3Dhttps%253A%252F%252Fcitrix.cloud.com%252Foauth%26response_type%3Dcode%26scope%3Dopenid%2520email%2520profile%2520ctx_principal_aliases%2520offline_access%2520ctx_universal%2520ctx_adoid%2520allow_compressed_groups%26state%3Dhttps%253A%252F%252Fcitrix.cloud.com%252Foauth.05feb6a1-2a7f-4ee0-91ea-962e163c9233
Origin
https://accounts.cloud.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Citrix-TransactionId
7ab2ad1b-cd15-4651-a744-87c25e84c0b9
Date
Sun, 23 Apr 2023 20:27:39 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
no-referrer
Last-Modified
Mon, 20 Mar 2023 14:23:20 GMT
Content-Security-Policy
frame-ancestors 'self'
ETag
"1d95b37853043b0"
Content-Type
application/font-woff2
X-ATH-TransactionId
7ab2ad1b-cd15-4651-a744-87c25e84c0b9
Content-Length
32688
X-ATH-SessionId
4b6387c5-87b8-46e7-914d-0bc28e320ead
bab5db784f9808fd1f54baf45ba0a790.woff
accounts.cloud.com/identity/assets/
15 KB
15 KB
Font
General
Full URL
https://accounts.cloud.com/identity/assets/bab5db784f9808fd1f54baf45ba0a790.woff
Requested by
Host: accounts.cloud.com
URL: https://accounts.cloud.com/core/login?ReturnUrl=%2Fcore%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DRtmydVjvjLZBbU3qU3b8eQ%253D%253D%26redirect_uri%3Dhttps%253A%252F%252Fcitrix.cloud.com%252Foauth%26response_type%3Dcode%26scope%3Dopenid%2520email%2520profile%2520ctx_principal_aliases%2520offline_access%2520ctx_universal%2520ctx_adoid%2520allow_compressed_groups%26state%3Dhttps%253A%252F%252Fcitrix.cloud.com%252Foauth.05feb6a1-2a7f-4ee0-91ea-962e163c9233
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.115.64.138 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d3fa2a3c3ab4022c954fd4f1f891be9acea7bd78c6ff6ebb1e8d031a63cfc1fc
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://accounts.cloud.com/core/login?ReturnUrl=%2Fcore%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DRtmydVjvjLZBbU3qU3b8eQ%253D%253D%26redirect_uri%3Dhttps%253A%252F%252Fcitrix.cloud.com%252Foauth%26response_type%3Dcode%26scope%3Dopenid%2520email%2520profile%2520ctx_principal_aliases%2520offline_access%2520ctx_universal%2520ctx_adoid%2520allow_compressed_groups%26state%3Dhttps%253A%252F%252Fcitrix.cloud.com%252Foauth.05feb6a1-2a7f-4ee0-91ea-962e163c9233
Origin
https://accounts.cloud.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Citrix-TransactionId
f719473e-264d-4a61-b69e-8ac723b02bfe
Date
Sun, 23 Apr 2023 20:27:38 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
no-referrer
Last-Modified
Mon, 20 Mar 2023 14:23:20 GMT
Content-Security-Policy
frame-ancestors 'self'
ETag
"1d95b3785300614"
Content-Type
application/font-woff
X-ATH-TransactionId
f719473e-264d-4a61-b69e-8ac723b02bfe
Content-Length
14868
X-ATH-SessionId
4b6387c5-87b8-46e7-914d-0bc28e320ead
82ee13d8c71c9fe2af41c81666cc6e9d.woff2
accounts.cloud.com/identity/assets/
32 KB
32 KB
Font
General
Full URL
https://accounts.cloud.com/identity/assets/82ee13d8c71c9fe2af41c81666cc6e9d.woff2
Requested by
Host: accounts.cloud.com
URL: https://accounts.cloud.com/core/login?ReturnUrl=%2Fcore%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DRtmydVjvjLZBbU3qU3b8eQ%253D%253D%26redirect_uri%3Dhttps%253A%252F%252Fcitrix.cloud.com%252Foauth%26response_type%3Dcode%26scope%3Dopenid%2520email%2520profile%2520ctx_principal_aliases%2520offline_access%2520ctx_universal%2520ctx_adoid%2520allow_compressed_groups%26state%3Dhttps%253A%252F%252Fcitrix.cloud.com%252Foauth.05feb6a1-2a7f-4ee0-91ea-962e163c9233
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.115.64.138 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
44077e6ceb62b989c9ef0d4659d5b6a261c31fdec49e317e8833a9fb9550e02c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://accounts.cloud.com/core/login?ReturnUrl=%2Fcore%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DRtmydVjvjLZBbU3qU3b8eQ%253D%253D%26redirect_uri%3Dhttps%253A%252F%252Fcitrix.cloud.com%252Foauth%26response_type%3Dcode%26scope%3Dopenid%2520email%2520profile%2520ctx_principal_aliases%2520offline_access%2520ctx_universal%2520ctx_adoid%2520allow_compressed_groups%26state%3Dhttps%253A%252F%252Fcitrix.cloud.com%252Foauth.05feb6a1-2a7f-4ee0-91ea-962e163c9233
Origin
https://accounts.cloud.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Citrix-TransactionId
5277859c-5847-468c-8e61-72a15533fab8
Date
Sun, 23 Apr 2023 20:27:39 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
no-referrer
Last-Modified
Mon, 20 Mar 2023 14:23:20 GMT
Content-Security-Policy
frame-ancestors 'self'
ETag
"1d95b378530434c"
Content-Type
application/font-woff2
X-ATH-TransactionId
5277859c-5847-468c-8e61-72a15533fab8
Content-Length
32588
X-ATH-SessionId
4b6387c5-87b8-46e7-914d-0bc28e320ead
pendo.js
citrix-cloud-content.customer.pendo.io/agent/static/abed0313-153d-4162-49b1-18a3df280498/
416 KB
137 KB
Script
General
Full URL
https://citrix-cloud-content.customer.pendo.io/agent/static/abed0313-153d-4162-49b1-18a3df280498/pendo.js
Requested by
Host: accounts.cloud.com
URL: https://accounts.cloud.com/core/login?ReturnUrl=%2Fcore%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DRtmydVjvjLZBbU3qU3b8eQ%253D%253D%26redirect_uri%3Dhttps%253A%252F%252Fcitrix.cloud.com%252Foauth%26response_type%3Dcode%26scope%3Dopenid%2520email%2520profile%2520ctx_principal_aliases%2520offline_access%2520ctx_universal%2520ctx_adoid%2520allow_compressed_groups%26state%3Dhttps%253A%252F%252Fcitrix.cloud.com%252Foauth.05feb6a1-2a7f-4ee0-91ea-962e163c9233
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.8.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-8-97.sin5.r.cloudfront.net
Software
UploadServer /
Resource Hash
3fb9615e273e70668cc983738fd97ee30a093dc13c83cf09f65a6ab0a5c422df

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 20:25:41 GMT
content-encoding
gzip
via
1.1 dcb42c70bda10759ea456b517bba08fa.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN5-C1
age
120
x-guploader-uploadid
ADPycdtibInlKZA_2O4BelLEvcozlg_ZzvHtCrnuJpJ28zvaF9xNC6O6dkjnYbysHypjbJO1HJ5D_gWmK1g3TOqd49xjx8ao--yl
x-cache
Hit from cloudfront
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
139809
last-modified
Thu, 20 Apr 2023 18:12:13 GMT
server
UploadServer
etag
"76a7275fa796b5daaf88fafb91821497"
vary
Accept-Encoding
x-goog-generation
1682014332883202
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=kerbjA==, md5=dqcnX6eWtdqviPr7kYIUlw==
access-control-expose-headers
*
cache-control
max-age=450
x-goog-stored-content-length
139809
accept-ranges
bytes
x-amz-cf-id
ligoXpfnlddm9czBleSu-2eJrL9VeJxCBaQuuSGxAS7hXL3g-DgDbg==
expires
Sun, 23 Apr 2023 20:33:11 GMT
abed0313-153d-4162-49b1-18a3df280498
citrix-cloud-data.customer.pendo.io/data/ptm.gif/
42 B
280 B
Image
General
Full URL
https://citrix-cloud-data.customer.pendo.io/data/ptm.gif/abed0313-153d-4162-49b1-18a3df280498?v=2.181.0_prod&ct=1682281661759&jzb=eJztk11v0z4Uxr9LpN61aeK0TjMJoY21GmgwGOsfAUKWYzudh2MH2-kL0777jrNoLwjQn4vdtReu8_gc-_Hx73y9jvyuEdFBJLnQXla7aBiV1mycsMTLGlZSPENolmKc5pN8GK2lk95YIjkk6VYpSKCMmVb7J1prFXxcet-4g_G4j3AxU6blMTP1mBkrxsqspH55Lnxr9dKqFwO0CHr3p7VgHma09ZfGyp-dSpUqKfs-yBZMSXAMZw6y43Nf7_h_V-ur0y9H5TL7sczKmfgwQNPsuB-wFVxa2JC0VkJGZyysHcKAFt3ApLdy-2CxE004vst3jdFOkFAv2IAZDoawY6b7hFGDFchIRE2l6maNNZVUEAZz5reksVIz2VBFqJLUiWAAJaaqlNSCQI2Eu5NCcKvlWlhH77YKCuWmPwKqYDYELDZgywlOVta04T7YeeqDn3-7X5xMK1Fimo4QzavRRIhkVKSCjgqMRIozVqAsg0eFCzUuOriOjOLkCQnk_fzd8Rm5IHwrN-iNmi7KQEGI-x0d_4-iGziRWnjlC1q-BjWIw8jffUT12Vt58qm-OlnQ5fxyzmGLytJadIvzoxp_3r7anea15eV6E7DeeQHm8wm-Gd5jXwtP_4p8sUd-j3xAvqcgTB8_uqJ61dJVYElosvwYoO2f_tdQxgh4hddfgZY80H14Hw4Sh8vAMsrGyWSMEhQ8hKJIo4Mcp7M0TqCshj9Te8wet4cyNCT-sT2myb499u0RQA-k9HxM8iKNURJ-OUZFVjwLqBjPbr7dAsXi4b4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.121 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f121.1e100.net
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 20:27:42 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-max-age
600
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
access-control-allow-credentials
false
access-control-allow-headers
Origin,Accept,Content-Type,Authorization
content-length
42
abed0313-153d-4162-49b1-18a3df280498
citrix-cloud-data.customer.pendo.io/data/guide.json/
1 KB
1 KB
XHR
General
Full URL
https://citrix-cloud-data.customer.pendo.io/data/guide.json/abed0313-153d-4162-49b1-18a3df280498?id=4&jzb=eJyVUk1v2zAM_S8Gclv8IaVeE2AoOhQBBuyyDtlhF4GRaJedInn6yNoN-e-l3CArdtuFpp4fycePP9WRIiUfPplqU7lsbfWuAq19duktlIPlx0NKU9w0zZkQa219NrX2h0b7gI31I7mbe0w5uF2wHxZiW_D54xzqxB7k9OAD_Z5RsHYP-sdCbrUldEmRWci7-3R4Nt8ej4-fv3_c7-TPndxf45eFuJJ3Z9MHNBQ4ocqBOGIWVv7dshHb2WhKgZ7-SpxBX8rP8XHyLqJKzxNyAu0NC-qj9vOTrWMpHNHiAcjO3hT8QJZp7Ov0pKZATtMEVoEliFgEiNYPgyWHimeE8RUq5OzoiCHCa6qCgPHnEjwF_0uxxIllRTRqDD6XfvqYIBU9_9df3V4NuO-hWwp4PyxXiO1y3SEs173Arpd6LaTkpR4wgYEE1eZyBsWlN3u34MYMIzKCTu2-VqfLefxL1VqxXD6AkbG2ECcIvNPbC50hLldyCdm0q0a0osgocyHvClx3113d8mS9qU6nF3ao3H0&v=2.181.0_prod&ct=1682281661762
Requested by
Host: citrix-cloud-content.customer.pendo.io
URL: https://citrix-cloud-content.customer.pendo.io/agent/static/abed0313-153d-4162-49b1-18a3df280498/pendo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.121 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f121.1e100.net
Software
/
Resource Hash
77527e9fb40b56a6a2826e95d5f997222e8132ff580edb4f69abf539bcfd1440
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 20:27:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 google
access-control-max-age
600
vary
Accept-Encoding
access-control-allow-methods
GET,POST
access-control-allow-origin
*
content-type
application/json
access-control-allow-credentials
false
access-control-allow-headers
Origin,Accept,Content-Type,Authorization
abed0313-153d-4162-49b1-18a3df280498
citrix-cloud-data.customer.pendo.io/data/guide.gif/
42 B
280 B
XHR
General
Full URL
https://citrix-cloud-data.customer.pendo.io/data/guide.gif/abed0313-153d-4162-49b1-18a3df280498?jzb=eJwFwIEIAAAAwDDQd3-N1QABFQC5&ct=1682281661762&v=2.181.0_prod
Requested by
Host: citrix-cloud-content.customer.pendo.io
URL: https://citrix-cloud-content.customer.pendo.io/agent/static/abed0313-153d-4162-49b1-18a3df280498/pendo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.121 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f121.1e100.net
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 20:27:42 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-max-age
600
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
access-control-allow-credentials
false
access-control-allow-headers
Origin,Accept,Content-Type,Authorization
content-length
42

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless undefined| __REACT_DEVTOOLS_GLOBAL_HOOK__ object| webpackJsonp object| core object| __core-js_shared__ object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate function| Dict function| delay object| _ object| recaptchaOptions object| dataLayer object| google_tag_manager object| google_tag_data object| pendo object| visitor_data object| account_data

11 Cookies

Domain/Path Name / Value
accounts.cloud.com/core Name: idsrv.xsrf
Value: CfDJ8LclyOhazMdJkkZzS2eIseUqWFVXXiRXKxK7D-LK0JDH31JO8xrCvWbyYQmw-8qzJeuJloSiq5UZXi1L0nMqui_mvgHM43ZY9UZxLeEBEBg0_S5sNh6Po5gIM8HYpMlOYfsdt07Fkex9oSFgkjriU6s
.cloud.com/ Name: X-Cws-TransactionId
Value: e1dd849d-9db8-4f93-839f-993670dfa5f0
.cloud.com/ Name: navbarRedirect
Value: aHR0cHM6Ly9hZG0uY2xvdWQuY29tL2FkbWluX3VpL21hcy9zdmMvaHRtbC9tYWluLmh0bWw7UTBNdFVsTkJMVk5JUVRJMU5pMHlPekUyT0RJeU9ERTJOVFU3WXpSa05URmpNekEzWVdGaE1HRmtObUZtTkROaE9XRmpaRFU0TUdJek16TTdaalpKY0hOMlFsUkdlVVZaU0RNdk16QnVLMU5hYnpGcFZEaFRZVWhKYVhKNWFuVlNiakk0T1RCNWNYZG1Va2d6U0ZVeFVHMXpORTQwZVhkcGVtUmFjbUl3Y1dwdE4zbGFObWxLSzFwUVkxWlBORzQwYkZSRU9GVnVSRE5OWkZWak5WTlBaSEk1VG5CTlVGSTRSbXh4YVVOMk1teENPSGN6Y0V4VFZFSk1WR2RaZEVzNFFYWkVjRVExVlVkelZGcHBRVVpTUm1kVVVYcFhkVFZHZGs1VFVUaGtaSEJ3VVV0SmVHcDFjblJ5V0RsR1UwbzJXRWMxY0dOUE9FSkJhVzlCTjA5UWRGRTNZVlpKTVV0NGRGVlRWRlpzYlU1MVFWcEpTazFrY1ZCMk5ISnlZbUV2YkRoalJVUnBTbE5NWlV4NlIxTjNRa1ZOZG1nd1VGZERNM1F4V0RGdlZXWjJkVWMwTld4V1VVUk9WME16VDJwU1dtcEZZVzUxY0RkT1dtWkRTMkYwUjJKMlZrRmFPU3RVUlM5M1lUWlhPSEJFU0dGNllsTkpUSGxPY1RkNWJ6aG9OV2M0YlM4MWIxTnNlVmh3UnpsTlZEaG5QVDA3VFVGVA%3D%3D
.cloud.com/ Name: isIdpInternal
Value: false
.cloud.com/ Name: state
Value: 05feb6a1-2a7f-4ee0-91ea-962e163c9233
.cloud.com/ Name: idp
Value: athena
.cloud.com/ Name: regionSessionId
Value: YXVzdHJhbGlhc291dGhlYXN0OjRiNjM4N2M1LTg3YjgtNDZlNy05MTRkLTBiYzI4ZTMyMGVhZA%3D%3D
.cloud.com/ Name: X-ATH-SessionId
Value: 4b6387c5-87b8-46e7-914d-0bc28e320ead
.cloud.com/ Name: language
Value: en
.cloud.com/ Name: includeTracking
Value: true
.cloud.com/ Name: uiTheme
Value: console-vnext

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.cloud.com
citrix-cloud-content.customer.pendo.io
citrix-cloud-data.customer.pendo.io
citrix.cloud.com
safehaven.adm.cloud.com
www.googletagmanager.com
13.35.8.97
172.217.194.121
172.217.194.97
20.193.35.83
40.115.64.138
54.164.44.169
54.208.132.223
0bcdf83b17380f3b4b9da9111be805788fafb6a64ad4a535f9b60168407795fe
3fb9615e273e70668cc983738fd97ee30a093dc13c83cf09f65a6ab0a5c422df
44077e6ceb62b989c9ef0d4659d5b6a261c31fdec49e317e8833a9fb9550e02c
49e888ef28ab2b921acedf92cc8fc8dd9f71956f1fb6f76bdb8ad3d69cde0e8e
4f73a6ca56452897589caff5a702199d8f1e372a172acbbe5b0af2aa0e312c1b
60cd5822d7e981cdfad593102e8fb818d04933593c85a7be99eb6c7acc708b0d
77527e9fb40b56a6a2826e95d5f997222e8132ff580edb4f69abf539bcfd1440
9461bfbc3a5280677dcfb7a6b2b8974fbaecf55036f35ad53373ba0ce9e1456d
999ec1849ce90f621f38c162a65d43a12cf90109330a2b5b5c2ce5da0cd8834e
a657dc21967cc110f043c1955a0269741d0a63bc1e89f150379aef01b1b1df41
b419e6b94d0a9bc07167898e4f48db276ae59a935545d360306fdfc0fe94e72b
bea988eeadc7c0ddf9644c2dce7efb35f1767eac0187c0967f8a2567473cbbfe
c984a566bf2196bf3b10c7996a866691834f2b9a63062344baa21f4522321f2f
d3fa2a3c3ab4022c954fd4f1f891be9acea7bd78c6ff6ebb1e8d031a63cfc1fc
d7cc490a16129b68ddd75590075bd80b99f69f26c9b993618d41a3c1338b3bbf
eb2423d9ac27b2c8974304b1bcdfc5031a84f3d5f22b31cb888127967c6bd906
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629