| efideu.b2clogin.com/favicon.ico |  20.190.177.20 | 404 Not Found | 103 B |
URL GET efideu.b2clogin.com/favicon.ico IP20.190.177.20:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://efideu.b2clogin.com/efideu.onmicrosoft.com/b2c_1a_auth_corp_efid/oauth2/v2.0/authorize?client_id=328f4e7d-90a7-4cee-b5c8-07194886cae6&redirect_uri=https%3a%2f%2fglobal.accounts.corporate.ef.com%2fefcorpglobal.onmicrosoft.com%2foauth2%2fauthresp&response_type=code&scope=openid&response_mode=form_post&nonce=n7vW0GjLssCltUMo7f%2b9%2fA%3d%3d&domain_hint=marriott.com&prompt=login&state=StateProperties%3deyJTSUQiOiJ4LW1zLWNwaW0tcmM6NjQ2NzhmYzYtMjMyNy00Y2U5LTg0Y2QtMDRjN2JhMGU1NDBjIiwiVElEIjoiMzFkOGRhYTctNzY3YS00YTcwLThhMjUtZGM3OTkyYTY1OGNmIiwiVE9JRCI6IjZkMDU5MTdkLWJmZTctNDAzZC05MjZkLTc1NGQ3MDllNWJiMCJ9 CertificateIssuerDigiCert Inc Subjectgraph.windows.net FingerprintF5:23:D4:6F:B2:62:DB:61:35:37:51:A2:8E:D7:EA:3D:34:7E:7D:1E ValidityFri, 28 Mar 2025 00:00:00 GMT - Sun, 28 Sep 2025 23:59:59 GMT
File typeASCII text, with no line terminators Hash96c5637e1eb8f8f8c34172f2d23eafc6 2a416f86c3c9e26f9c34bf1f8b1bb5daa46e86f9 90b2d35cd5e08370ed20db81197dd9da1a4dbb421f71293fd5733ea49eb7b3e1
GET /favicon.ico HTTP/1.1
Host: efideu.b2clogin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://efideu.b2clogin.com/efideu.onmicrosoft.com/b2c_1a_auth_corp_efid/oauth2/v2.0/authorize?client_id=328f4e7d-90a7-4cee-b5c8-07194886cae6&redirect_uri=https%3a%2f%2fglobal.accounts.corporate.ef.com%2fefcorpglobal.onmicrosoft.com%2foauth2%2fauthresp&response_type=code&scope=openid&response_mode=form_post&nonce=n7vW0GjLssCltUMo7f%2b9%2fA%3d%3d&domain_hint=marriott.com&prompt=login&state=StateProperties%3deyJTSUQiOiJ4LW1zLWNwaW0tcmM6NjQ2NzhmYzYtMjMyNy00Y2U5LTg0Y2QtMDRjN2JhMGU1NDBjIiwiVElEIjoiMzFkOGRhYTctNzY3YS00YTcwLThhMjUtZGM3OTkyYTY1OGNmIiwiVE9JRCI6IjZkMDU5MTdkLWJmZTctNDAzZC05MjZkLTc1NGQ3MDllNWJiMCJ9
Cookie: x-ms-cpim-sso:efideu.onmicrosoft.com_0=m1.TXlEvJT7BT663Zs4.FKOhAEK8E/mhp1Yv08KJjA==.0.JsIYtZLTf4X1pvOKEYtHJI7N2N689S+FMjybUULLI0r3ngebRaooLGSopnzi/Hk22T5MhZv1emWv2ubPSpvF6jOXmoJjE3tUpFT3h37an5QAU3mTLYtlHzzMkvfx1FdnQLwA3QSVHXISMZ3bgD1jKzYRMdce40mwaGpUF6pwpookOKHoRAGcREwKSxxEvJvOwrS5+2pzg7JqWalO/VbVDAHSCI1ytSE/gGajuLBDjAQSX//bF7VX8gT9CEi9KzYE7e37ZZAFn34Og45+Op0ZiWzXiL++Cr0l9skyHO22h3zS39pfAsOR8JXpGO+XusLNUR6lE81ZKx8AVEDR7ui2g4dpDL5z8j9TyBDoPzth3jdpReLXWT2O7Phyi+vvQ7ihHc5H/TaNec7oZdXO304zKU7DdpCFmEmtaHfgA9cejlvfMxNrw6wOS4gaOzBVxI1UcSnjfQoZVLQTP/fy2Pr9JgXuxFyNkDUBzvXX; x-ms-cpim-rc:09961e89-bfe9-4269-9435-6b3f0c726bf5=NDFIUWJ2UzJxUkpzSGRqSVNNZTczVkYwOGVXcnNIVlQraHo4cnE2Nld0UENoQzg2RUp0OGRJR0lVQ0pIQXptZ016U2srSFI3M2tlTEltNWJOQURMMGc9PTsyMDI1LTA0LTA3VDE1OjQ5OjAwLjgxNzg4NzhaO2MvdkZlSys1QSs5eC9ZaVkvQU1TTUE9PTt7IlRhcmdldEVudGl0eSI6IkVGLUNsYWltc0V4Y2hhbmdlLU1hcnJpb3R0Q29tIiwiT3JjaGVzdHJhdGlvblN0ZXAiOjYwfQ==; x-ms-cpim-cache|ir6wcem_aukunws_dhjr9q_0=m1.UkOBq4DWvnacq5cz.iApuuZqceHzfK/pF3GTMvA==.0.WKU/V4t8dBle7dtV1G1xrL8KWu9UB84UNp+VLQQEnMO+XD5mlzFuSCssfCcWZkUEj5gl7ysHUWfv5fa5RISVFxQ1PuiiKgEE9f1tUoVyPPtn9jNGaefz5l/TQE32KziFE/kRLshRqZ+7i+hQ+wtDz/lgYLNj3QD0ZyBLFVjj5PTqRjkY3fcQUKT1MFJAYc1Sx9VB1JI+jTasecGavlOnVKz0wRh6Pa7XiabCU3OQ4Hz46qTR1yMAlqU5lOq9OhbRLChBDK83ZZHW38qtqpm49qZgYkTKvrz1LPMo+eEipgjEPzYlyS7GBYjVafFMOePyihGMftKXXS5e5wGCtuaVNznM3JWx9O1iDCkxSwQuOVDOFcPJ7gBWV8KlogQgDAWWCPshoBKbMprPfgDNFhMnMxYkW/l2Lc5OwQ0+6jsy5P8vXUPH5lKPEFb/hDiMRwenSiO8el4fulHqQnwVT5qHcPu1LpwA2YJesjpUtPhFb2vCBOsLleUMu1vFv4qj7/VAt3vCGTmTu8fvUGO3Vg9Rspg+bC1xGQhxo+N9R/z1VOngSah8jzJqZatA4pOuPEjgfek4xjN3OSpfHsAJrIAvCPRDcnuKaD3iZG2lWQqFqU7iP0M/7pc0BzflOhp8Gdv+HuDz/RkYCTSwD52r2uoN3VYFlsAQxaOi1NJXquvM7I+248e3+vO3spo8fU3kjT0RooqohyiSobp5/v3xSiDjYgstxnulGE21tnPsn6sxhTDCFlgxGS+kRyLf9UiQkloiw7vutZd4rSkcAyC0hyUOOjTSrgOKyuRkAdcdTSfUNhe/Hok1mt1iKdwFx8CzCS8LMesei9upvWfniJ1TdoLdjWzChfI0NCO7BIobO76uTLu42HLhQ1ckpd4Yy2uP58NLV/AuRWCzKv+SzO0CI7WT72Y4RMEZNiCq83zhnrAB2LNq18Mad9Fs6//mp/ijyq7BeQuRyLS46CfVim0M/T6hYOF8VTbmNeJivlJ8m2P1t5YAxXcuijjHQHmbHa96vEg7h9piLdj4IJ1uR/30DYC9mbhdMmE0p9JyKGY1LIiSGnUMwp6F/sMryS62V4iDEkq4mhDzt3tsP4/Bi0o6GcNETFlxS8sXzW6xTcrxH7gdlhIdPbUHI3gKcC9oX35DZ7djbe7/kgxC29u9RFsn2uvNbYFQxjPztWDgTKIQchSx8iKgVckyqnKtpQtrujA82JYTkowcGatUGbcIbXkObVHQEgYAJr0NBsYgGNkXmGErpxQ/71qLiRw8SSwbOnZ/esNrwCu0xBiug32MYiPsmIZYY1QPY5sol5wQL4F5DykNfnQRj6lK6HjfKv5znMFpTcr0LJ1G4gYUFvCO4LZyfoKAlqDNuHFPG2vIYR1IlK6W+qY3JUKEdhwTpIx4cGEL9BI8NxlnOr/g95AfJq9hAyzIXjRLyV8EWqmnzolRq9gOgiFCKtpoDFw97Jgx/zNOkz5yZcKNWNAuBCqnFYLt7m3L/6Jb42CVZUwJKzW1I+f1LXv4zHMnxjkSLBjQ7Cldo+7tBs8GtphCrdM=; x-ms-cpim-trans=eyJUX0RJQyI6W3siSSI6IjA5OTYxZTg5LWJmZTktNDI2OS05NDM1LTZiM2YwYzcyNmJmNSIsIlQiOiJlZmlkZXUub25taWNyb3NvZnQuY29tIiwiUCI6ImIyY18xYV9hdXRoX2NvcnBfZWZpZCIsIkMiOiIzMjhmNGU3ZC05MGE3LTRjZWUtYjVjOC0wNzE5NDg4NmNhZTYiLCJTIjoxLCJNIjp7fSwiRCI6MCwiRSI6IiJ9XSwiQ19JRCI6IjA5OTYxZTg5LWJmZTktNDI2OS05NDM1LTZiM2YwYzcyNmJmNSJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Content-Type: text/html
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Date: Mon, 07 Apr 2025 15:49:01 GMT
Content-Length: 103
|
|
| extranetcloud.marriott.com/common/js/marriottCommon.js |  23.33.119.114 | 200 OK | 1.1 kB |
URL GET extranetcloud.marriott.com/common/js/marriottCommon.js IP23.33.119.114:443 ASN#20940 Akamai International B.V.
Requested byhttps://extranetcloud.marriott.com/marrsso/idp/SSO.saml2 CertificateIssuerEntrust, Inc. Subjectcn-san.marriott.com Fingerprint69:9C:1B:AB:A9:69:F0:76:23:33:36:3E:89:81:D4:C9:0B:6C:ED:AC ValidityMon, 09 Sep 2024 15:17:54 GMT - Thu, 09 Oct 2025 15:17:52 GMT
File typeJavaScript source, ASCII text, with very long lines (1056), with no line terminators Hashf86e154cde4963d8e55e28e174c5d1a8 676d31de3d0c682b09e6738b8dc6d355c967732b 0f56dc46c5c71c90ed629b212931836d16692f733e49a0277c7a40fd3e65161c
GET /common/js/marriottCommon.js HTTP/1.1
Host: extranetcloud.marriott.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://extranetcloud.marriott.com/marrsso/idp/SSO.saml2
Cookie: PF-PROD=rNL28oHGLmWxRGmIxtEWeD; AKA_A2=A; ak_bmsc=DE76C831373B9D06F1514CE8302112E0~000000000000000000000000000000~YAAQlAtlX7bCmwSWAQAAXODwEBsYyjoqdH2cUPXxDSTf4V0wF78kiPcSr/HUNoR8pTLCLvid4JH+TfnQvcrlPWX3OH+q/8UHW5n8etwQeY66RRu4iZgFHmZgx70TiEZ3thTkzVpUqmg/SePMcMvEvhYjqmbEfOf35kg8s1LjgCwIfu3SLHQObuYk+1v0hb1HOAefBDzwA0PZ5It/zpRyULS3elyi/xGcp5Jp8+INkyLHP6ude04j9LgBqadpIGblrIVcB/V/HVmjw7Gbef8hMgYFiTxttcgXu5kul6uLNvuVBXZ5L7lS13NsUgKF1fAEoSxPfZ24FQ4RZWjkTDo+oR/LWomG1bcjvrpbAKaziB2dprCftbxtPsk3AfQ5ztpn0PfnhmiyebcIQQ==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
x-ion-hop: v2-test
content-encoding: gzip
content-length: 733
vary: Accept-Encoding
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
expires: Mon, 07 Apr 2025 15:49:04 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 07 Apr 2025 15:49:04 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=209, origin; dur=68, ak_p; desc="1744040943979_1600457620_233559866_27728_12660_1_0_21";dur=1
er_information: ER_EXECUTED:;ER_EXECUTED_RULE:, ER_EXECUTED:;ER_EXECUTED_RULE:
strict-transport-security: max-age=86400 ; includeSubDomains
akamai-grn: 0.8b3a2f17.1744040944.5c75213, 0.940b655f.1744040943.debd73a
X-Firefox-Spdy: h2
|
|
| learn.corporate.ef.com/?domain_hint=marriott.com |  104.18.34.207 | 200 OK | 4.8 kB |
URL User Request GET learn.corporate.ef.com/?domain_hint=marriott.com IP104.18.34.207:443
CertificateIssuerGoogle Trust Services Subjectlearn.corporate.ef.com Fingerprint83:52:5C:AC:68:BE:F8:54:B0:E5:71:1B:E9:F7:4C:F0:0B:C7:65:5F ValidityFri, 14 Mar 2025 12:17:21 GMT - Thu, 12 Jun 2025 13:16:57 GMT
File typeHTML document, ASCII text, with very long lines (1681) Hash2a76f08c8c0d77adf5b72338086c5779 a3d08b3ca6c1b4959b146e802410b3333944af44 9417c409d89d46376fd2ddf965c8da9f30a00ad8c3fe2646fc7878eceabdd744
GET /?domain_hint=marriott.com HTTP/1.1
Host: learn.corporate.ef.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=bqZs9U_6ytnAOVrX22Al.ANuROljCfytJtLGZQ8eCkQ-1744040938-1.0.1.1-WJJB0PPdkyxaMCWgcIkLGSgnG9RdloudFKIRxUs5DaEdnxLiutnQD35J3sHJgj9Jsi8x5mbfT8AN9esj8uhl7eDWuuSei2N9Ue3foag9psw
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 07 Apr 2025 15:48:59 GMT
content-type: text/html
vary: Accept-Encoding
cf-cache-status: DYNAMIC
strict-transport-security: max-age=2592000; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 92caac1bc98a568f-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| learn.corporate.ef.com/app.js | 104.18.34.207 | 200 OK | 517 kB |
URL GET learn.corporate.ef.com/app.js IP104.18.34.207:443
Requested byhttps://learn.corporate.ef.com/?domain_hint=marriott.com CertificateIssuerGoogle Trust Services Subjectlearn.corporate.ef.com Fingerprint83:52:5C:AC:68:BE:F8:54:B0:E5:71:1B:E9:F7:4C:F0:0B:C7:65:5F ValidityFri, 14 Mar 2025 12:17:21 GMT - Thu, 12 Jun 2025 13:16:57 GMT
File typeJavaScript source, ASCII text, with very long lines (65475) Size517 kB (516675 bytes) Hash2c214277ad4fa9175f73307dd0febc57 1ab7ec4a7e866b72613714b97b24a7a4ce181559 6d5a3e8eb1d5aeba05ce7cb7f12cd2809f38f4f969ff388cabd96ed3135b07e6
GET /app.js HTTP/1.1
Host: learn.corporate.ef.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://learn.corporate.ef.com/?domain_hint=marriott.com
Cookie: __cf_bm=bqZs9U_6ytnAOVrX22Al.ANuROljCfytJtLGZQ8eCkQ-1744040938-1.0.1.1-WJJB0PPdkyxaMCWgcIkLGSgnG9RdloudFKIRxUs5DaEdnxLiutnQD35J3sHJgj9Jsi8x5mbfT8AN9esj8uhl7eDWuuSei2N9Ue3foag9psw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 07 Apr 2025 15:48:59 GMT
content-type: application/javascript
cache-control: no-cache
content-encoding: gzip
etag: W/"67c9c95a-7e243"
last-modified: Thu, 06 Mar 2025 16:12:10 GMT
vary: Accept-Encoding
cf-cache-status: MISS
strict-transport-security: max-age=2592000; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 92caac1e8dec568f-OSL
X-Firefox-Spdy: h2
|
|
| learn.corporate.ef.com/assets/fonts/EFCircularWeb-Book.woff | 104.18.34.207 | 200 OK | 46 kB |
URL GET learn.corporate.ef.com/assets/fonts/EFCircularWeb-Book.woff IP104.18.34.207:443
Requested byhttps://learn.corporate.ef.com/?domain_hint=marriott.com CertificateIssuerGoogle Trust Services Subjectlearn.corporate.ef.com Fingerprint83:52:5C:AC:68:BE:F8:54:B0:E5:71:1B:E9:F7:4C:F0:0B:C7:65:5F ValidityFri, 14 Mar 2025 12:17:21 GMT - Thu, 12 Jun 2025 13:16:57 GMT
File typeWeb Open Font Format, TrueType, length 46239, version 1.1 Hashd4c230153ab61ceeaf4acb073b0fa920 84a44d462eec2d0a553fb6cc7607eeb589e578fc 11229bb90fb0480fe4a93602b1776ac9f7356434610c5f1bdbfab690b37a8a60
GET /assets/fonts/EFCircularWeb-Book.woff HTTP/1.1
Host: learn.corporate.ef.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://learn.corporate.ef.com/?domain_hint=marriott.com
Cookie: __cf_bm=bqZs9U_6ytnAOVrX22Al.ANuROljCfytJtLGZQ8eCkQ-1744040938-1.0.1.1-WJJB0PPdkyxaMCWgcIkLGSgnG9RdloudFKIRxUs5DaEdnxLiutnQD35J3sHJgj9Jsi8x5mbfT8AN9esj8uhl7eDWuuSei2N9Ue3foag9psw; b2blang=en
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 07 Apr 2025 15:48:59 GMT
content-type: font/woff
cache-control: public, max-age=172800
etag: W/"67c9c95a-b49f"
last-modified: Thu, 06 Mar 2025 16:12:10 GMT
vary: Accept-Encoding
cf-cache-status: HIT
expires: Wed, 09 Apr 2025 15:48:59 GMT
strict-transport-security: max-age=2592000; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 92caac213a57568f-OSL
X-Firefox-Spdy: h2
|
|
| efideu.b2clogin.com/efideu.onmicrosoft.com/b2c_1a_auth_corp_efid/oauth2/v2.0/authorize?client_id=328f4e7d-90a7-4cee-b5c8-07194886cae6&redirect_uri=https%3a%2f%2fglobal.accounts.corporate.ef.com%2fefcorpglobal.onmicrosoft.com%2foauth2%2fauthresp&response_type=code&scope=openid&response_mode=form_post&nonce=n7vW0GjLssCltUMo7f%2b9%2fA%3d%3d&domain_hint=marriott.com&prompt=login&state=StateProperties%3deyJTSUQiOiJ4LW1zLWNwaW0tcmM6NjQ2NzhmYzYtMjMyNy00Y2U5LTg0Y2QtMDRjN2JhMGU1NDBjIiwiVElEIjoiMzFkOGRhYTctNzY3YS00YTcwLThhMjUtZGM3OTkyYTY1OGNmIiwiVE9JRCI6IjZkMDU5MTdkLWJmZTctNDAzZC05MjZkLTc1NGQ3MDllNWJiMCJ9 | 20.190.177.20 | 200 OK | 6.8 kB |
URL User Request GET efideu.b2clogin.com/efideu.onmicrosoft.com/b2c_1a_auth_corp_efid/oauth2/v2.0/authorize?client_id=328f4e7d-90a7-4cee-b5c8-07194886cae6&redirect_uri=https%3a%2f%2fglobal.accounts.corporate.ef.com%2fefcorpglobal.onmicrosoft.com%2foauth2%2fauthresp&response_type=code&scope=openid&response_mode=form_post&nonce=n7vW0GjLssCltUMo7f%2b9%2fA%3d%3d&domain_hint=marriott.com&prompt=login&state=StateProperties%3deyJTSUQiOiJ4LW1zLWNwaW0tcmM6NjQ2NzhmYzYtMjMyNy00Y2U5LTg0Y2QtMDRjN2JhMGU1NDBjIiwiVElEIjoiMzFkOGRhYTctNzY3YS00YTcwLThhMjUtZGM3OTkyYTY1OGNmIiwiVE9JRCI6IjZkMDU5MTdkLWJmZTctNDAzZC05MjZkLTc1NGQ3MDllNWJiMCJ9 IP20.190.177.20:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
CertificateIssuerDigiCert Inc Subjectgraph.windows.net FingerprintF5:23:D4:6F:B2:62:DB:61:35:37:51:A2:8E:D7:EA:3D:34:7E:7D:1E ValidityFri, 28 Mar 2025 00:00:00 GMT - Sun, 28 Sep 2025 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (6574), with CRLF line terminators Hash10bda525ad10c0299d70c7285acb50c8 f2ff3ed246be5fe2618ea25dda00052b099fec22 8e77dddd95ca67937858ac17c7998b7d184abe510f35ecd3703c61407f0d353a
GET /efideu.onmicrosoft.com/b2c_1a_auth_corp_efid/oauth2/v2.0/authorize?client_id=328f4e7d-90a7-4cee-b5c8-07194886cae6&redirect_uri=https%3a%2f%2fglobal.accounts.corporate.ef.com%2fefcorpglobal.onmicrosoft.com%2foauth2%2fauthresp&response_type=code&scope=openid&response_mode=form_post&nonce=n7vW0GjLssCltUMo7f%2b9%2fA%3d%3d&domain_hint=marriott.com&prompt=login&state=StateProperties%3deyJTSUQiOiJ4LW1zLWNwaW0tcmM6NjQ2NzhmYzYtMjMyNy00Y2U5LTg0Y2QtMDRjN2JhMGU1NDBjIiwiVElEIjoiMzFkOGRhYTctNzY3YS00YTcwLThhMjUtZGM3OTkyYTY1OGNmIiwiVE9JRCI6IjZkMDU5MTdkLWJmZTctNDAzZC05MjZkLTc1NGQ3MDllNWJiMCJ9 HTTP/1.1
Host: efideu.b2clogin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://learn.corporate.ef.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: no-store, must-revalidate, no-cache
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
x-ms-gateway-requestid: 38ef0df8-9cfa-433f-a003-8acb1aab8094
X-Frame-Options: DENY
Public: OPTIONS,TRACE,GET,HEAD,POST
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Set-Cookie: x-ms-cpim-sso:efideu.onmicrosoft.com_0=m1.TXlEvJT7BT663Zs4.FKOhAEK8E/mhp1Yv08KJjA==.0.JsIYtZLTf4X1pvOKEYtHJI7N2N689S+FMjybUULLI0r3ngebRaooLGSopnzi/Hk22T5MhZv1emWv2ubPSpvF6jOXmoJjE3tUpFT3h37an5QAU3mTLYtlHzzMkvfx1FdnQLwA3QSVHXISMZ3bgD1jKzYRMdce40mwaGpUF6pwpookOKHoRAGcREwKSxxEvJvOwrS5+2pzg7JqWalO/VbVDAHSCI1ytSE/gGajuLBDjAQSX//bF7VX8gT9CEi9KzYE7e37ZZAFn34Og45+Op0ZiWzXiL++Cr0l9skyHO22h3zS39pfAsOR8JXpGO+XusLNUR6lE81ZKx8AVEDR7ui2g4dpDL5z8j9TyBDoPzth3jdpReLXWT2O7Phyi+vvQ7ihHc5H/TaNec7oZdXO304zKU7DdpCFmEmtaHfgA9cejlvfMxNrw6wOS4gaOzBVxI1UcSnjfQoZVLQTP/fy2Pr9JgXuxFyNkDUBzvXX; domain=efideu.b2clogin.com; path=/; SameSite=None; secure; HttpOnly
x-ms-cpim-rc:09961e89-bfe9-4269-9435-6b3f0c726bf5=NDFIUWJ2UzJxUkpzSGRqSVNNZTczVkYwOGVXcnNIVlQraHo4cnE2Nld0UENoQzg2RUp0OGRJR0lVQ0pIQXptZ016U2srSFI3M2tlTEltNWJOQURMMGc9PTsyMDI1LTA0LTA3VDE1OjQ5OjAwLjgxNzg4NzhaO2MvdkZlSys1QSs5eC9ZaVkvQU1TTUE9PTt7IlRhcmdldEVudGl0eSI6IkVGLUNsYWltc0V4Y2hhbmdlLU1hcnJpb3R0Q29tIiwiT3JjaGVzdHJhdGlvblN0ZXAiOjYwfQ==; domain=efideu.b2clogin.com; path=/; SameSite=None; secure; HttpOnly
x-ms-cpim-cache|ir6wcem_aukunws_dhjr9q_0=m1.UkOBq4DWvnacq5cz.iApuuZqceHzfK/pF3GTMvA==.0.WKU/V4t8dBle7dtV1G1xrL8KWu9UB84UNp+VLQQEnMO+XD5mlzFuSCssfCcWZkUEj5gl7ysHUWfv5fa5RISVFxQ1PuiiKgEE9f1tUoVyPPtn9jNGaefz5l/TQE32KziFE/kRLshRqZ+7i+hQ+wtDz/lgYLNj3QD0ZyBLFVjj5PTqRjkY3fcQUKT1MFJAYc1Sx9VB1JI+jTasecGavlOnVKz0wRh6Pa7XiabCU3OQ4Hz46qTR1yMAlqU5lOq9OhbRLChBDK83ZZHW38qtqpm49qZgYkTKvrz1LPMo+eEipgjEPzYlyS7GBYjVafFMOePyihGMftKXXS5e5wGCtuaVNznM3JWx9O1iDCkxSwQuOVDOFcPJ7gBWV8KlogQgDAWWCPshoBKbMprPfgDNFhMnMxYkW/l2Lc5OwQ0+6jsy5P8vXUPH5lKPEFb/hDiMRwenSiO8el4fulHqQnwVT5qHcPu1LpwA2YJesjpUtPhFb2vCBOsLleUMu1vFv4qj7/VAt3vCGTmTu8fvUGO3Vg9Rspg+bC1xGQhxo+N9R/z1VOngSah8jzJqZatA4pOuPEjgfek4xjN3OSpfHsAJrIAvCPRDcnuKaD3iZG2lWQqFqU7iP0M/7pc0BzflOhp8Gdv+HuDz/RkYCTSwD52r2uoN3VYFlsAQxaOi1NJXquvM7I+248e3+vO3spo8fU3kjT0RooqohyiSobp5/v3xSiDjYgstxnulGE21tnPsn6sxhTDCFlgxGS+kRyLf9UiQkloiw7vutZd4rSkcAyC0hyUOOjTSrgOKyuRkAdcdTSfUNhe/Hok1mt1iKdwFx8CzCS8LMesei9upvWfniJ1TdoLdjWzChfI0NCO7BIobO76uTLu42HLhQ1ckpd4Yy2uP58NLV/AuRWCzKv+SzO0CI7WT72Y4RMEZNiCq83zhnrAB2LNq18Mad9Fs6//mp/ijyq7BeQuRyLS46CfVim0M/T6hYOF8VTbmNeJivlJ8m2P1t5YAxXcuijjHQHmbHa96vEg7h9piLdj4IJ1uR/30DYC9mbhdMmE0p9JyKGY1LIiSGnUMwp6F/sMryS62V4iDEkq4mhDzt3tsP4/Bi0o6GcNETFlxS8sXzW6xTcrxH7gdlhIdPbUHI3gKcC9oX35DZ7djbe7/kgxC29u9RFsn2uvNbYFQxjPztWDgTKIQchSx8iKgVckyqnKtpQtrujA82JYTkowcGatUGbcIbXkObVHQEgYAJr0NBsYgGNkXmGErpxQ/71qLiRw8SSwbOnZ/esNrwCu0xBiug32MYiPsmIZYY1QPY5sol5wQL4F5DykNfnQRj6lK6HjfKv5znMFpTcr0LJ1G4gYUFvCO4LZyfoKAlqDNuHFPG2vIYR1IlK6W+qY3JUKEdhwTpIx4cGEL9BI8NxlnOr/g95AfJq9hAyzIXjRLyV8EWqmnzolRq9gOgiFCKtpoDFw97Jgx/zNOkz5yZcKNWNAuBCqnFYLt7m3L/6Jb42CVZUwJKzW1I+f1LXv4zHMnxjkSLBjQ7Cldo+7tBs8GtphCrdM=; domain=efideu.b2clogin.com; path=/; SameSite=None; secure; HttpOnly
x-ms-cpim-trans=eyJUX0RJQyI6W3siSSI6IjA5OTYxZTg5LWJmZTktNDI2OS05NDM1LTZiM2YwYzcyNmJmNSIsIlQiOiJlZmlkZXUub25taWNyb3NvZnQuY29tIiwiUCI6ImIyY18xYV9hdXRoX2NvcnBfZWZpZCIsIkMiOiIzMjhmNGU3ZC05MGE3LTRjZWUtYjVjOC0wNzE5NDg4NmNhZTYiLCJTIjoxLCJNIjp7fSwiRCI6MCwiRSI6IiJ9XSwiQ19JRCI6IjA5OTYxZTg5LWJmZTktNDI2OS05NDM1LTZiM2YwYzcyNmJmNSJ9; domain=efideu.b2clogin.com; path=/; SameSite=None; secure; HttpOnly
Allow: OPTIONS, TRACE, GET, HEAD, POST
Date: Mon, 07 Apr 2025 15:49:00 GMT
Content-Length: 5932
|
|
| extranet.marriott.com/marrsso/idp/SSO.saml2 | 23.33.119.114 | 307 Temporary Redirect | 33 kB |
URL User Request POST extranet.marriott.com/marrsso/idp/SSO.saml2 IP23.33.119.114:443 ASN#20940 Akamai International B.V.
CertificateIssuerEntrust, Inc. Subjectcn-san.marriott.com Fingerprint69:9C:1B:AB:A9:69:F0:76:23:33:36:3E:89:81:D4:C9:0B:6C:ED:AC ValidityMon, 09 Sep 2024 15:17:54 GMT - Thu, 09 Oct 2025 15:17:52 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /marrsso/idp/SSO.saml2 HTTP/1.1
Host: extranet.marriott.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 5670
Origin: https://efideu.b2clogin.com
DNT: 1
Connection: keep-alive
Referer: https://efideu.b2clogin.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 307 Temporary Redirect
location: https://extranetcloud.marriott.com/marrsso/idp/SSO.saml2
content-length: 0
date: Mon, 07 Apr 2025 15:49:01 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=536, origin; dur=23, ak_p; desc="1744040941305_1600457620_233557318_55949_10092_6_13_41";dur=1
er_information: ER_EXECUTED:;ER_EXECUTED_RULE:
strict-transport-security: max-age=86400 ; includeSubDomains
akamai-grn: 0.940b655f.1744040941.debcd46
X-Firefox-Spdy: h2
|
|
| extranetcloud.marriott.com/userauth/ig-adapter-security-code-challenge/login-bg.png | 23.33.119.114 | 200 OK | 170 B |
URL GET extranetcloud.marriott.com/userauth/ig-adapter-security-code-challenge/login-bg.png IP23.33.119.114:443 ASN#20940 Akamai International B.V.
Requested byhttps://extranetcloud.marriott.com/marrsso/idp/SSO.saml2 CertificateIssuerEntrust, Inc. Subjectcn-san.marriott.com Fingerprint69:9C:1B:AB:A9:69:F0:76:23:33:36:3E:89:81:D4:C9:0B:6C:ED:AC ValidityMon, 09 Sep 2024 15:17:54 GMT - Thu, 09 Oct 2025 15:17:52 GMT
File typePNG image data, 3 x 3, 8-bit/color RGBA, non-interlaced Hashd3ca295eca6e1058e66f36ca9275723e 5997b52837c81754af2f674616f0904ce03134bd 6c66cb3e0eb903f81b1552a57b5409c84bfa60aca926005c1228cfc41c636542
GET /userauth/ig-adapter-security-code-challenge/login-bg.png HTTP/1.1
Host: extranetcloud.marriott.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://extranetcloud.marriott.com/marrsso/idp/SSO.saml2
Cookie: PF-PROD=rNL28oHGLmWxRGmIxtEWeD; AKA_A2=A; ak_bmsc=DE76C831373B9D06F1514CE8302112E0~000000000000000000000000000000~YAAQlAtlX7bCmwSWAQAAXODwEBsYyjoqdH2cUPXxDSTf4V0wF78kiPcSr/HUNoR8pTLCLvid4JH+TfnQvcrlPWX3OH+q/8UHW5n8etwQeY66RRu4iZgFHmZgx70TiEZ3thTkzVpUqmg/SePMcMvEvhYjqmbEfOf35kg8s1LjgCwIfu3SLHQObuYk+1v0hb1HOAefBDzwA0PZ5It/zpRyULS3elyi/xGcp5Jp8+INkyLHP6ude04j9LgBqadpIGblrIVcB/V/HVmjw7Gbef8hMgYFiTxttcgXu5kul6uLNvuVBXZ5L7lS13NsUgKF1fAEoSxPfZ24FQ4RZWjkTDo+oR/LWomG1bcjvrpbAKaziB2dprCftbxtPsk3AfQ5ztpn0PfnhmiyebcIQQ==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/png
content-length: 170
last-modified: Thu, 09 Sep 2021 03:07:51 GMT
etag: W/"4crMZHXe2tM4crNHL1Ye4o"
accept-ranges: bytes
er_information: ER_EXECUTED:;ER_EXECUTED_RULE:, ER_EXECUTED:;ER_EXECUTED_RULE:, ER_EXECUTED:;ER_EXECUTED_RULE:, ER_EXECUTED:;ER_EXECUTED_RULE:
date: Mon, 07 Apr 2025 15:49:05 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=88, origin; dur=0, ak_p; desc="1744040945070_1600457620_233560894_8892_13012_6_0_12";dur=1
strict-transport-security: max-age=86400 ; includeSubDomains
akamai-grn: 0.940b655f.1744040945.debdb3e
X-Firefox-Spdy: h2
|
|
| extranetcloud.marriott.com/userauth/ig-adapter-security-code-challenge/logo.png | 23.33.119.114 | 200 OK | 5.3 kB |
URL GET extranetcloud.marriott.com/userauth/ig-adapter-security-code-challenge/logo.png IP23.33.119.114:443 ASN#20940 Akamai International B.V.
Requested byhttps://extranetcloud.marriott.com/marrsso/idp/SSO.saml2 CertificateIssuerEntrust, Inc. Subjectcn-san.marriott.com Fingerprint69:9C:1B:AB:A9:69:F0:76:23:33:36:3E:89:81:D4:C9:0B:6C:ED:AC ValidityMon, 09 Sep 2024 15:17:54 GMT - Thu, 09 Oct 2025 15:17:52 GMT
File typePNG image data, 160 x 50, 8-bit/color RGBA, non-interlaced Hash18435798a8cfeb2ca8dafc2717438b60 6022f57bd179487db2f3e4344a38ede5ce46ca9d 8ccb4327251e98bae1486bafd153d13ed49f924f2f6a7a4e8d60dbac23541b83
GET /userauth/ig-adapter-security-code-challenge/logo.png HTTP/1.1
Host: extranetcloud.marriott.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://extranetcloud.marriott.com/marrsso/idp/SSO.saml2
Cookie: PF-PROD=rNL28oHGLmWxRGmIxtEWeD; AKA_A2=A; ak_bmsc=DE76C831373B9D06F1514CE8302112E0~000000000000000000000000000000~YAAQlAtlX7bCmwSWAQAAXODwEBsYyjoqdH2cUPXxDSTf4V0wF78kiPcSr/HUNoR8pTLCLvid4JH+TfnQvcrlPWX3OH+q/8UHW5n8etwQeY66RRu4iZgFHmZgx70TiEZ3thTkzVpUqmg/SePMcMvEvhYjqmbEfOf35kg8s1LjgCwIfu3SLHQObuYk+1v0hb1HOAefBDzwA0PZ5It/zpRyULS3elyi/xGcp5Jp8+INkyLHP6ude04j9LgBqadpIGblrIVcB/V/HVmjw7Gbef8hMgYFiTxttcgXu5kul6uLNvuVBXZ5L7lS13NsUgKF1fAEoSxPfZ24FQ4RZWjkTDo+oR/LWomG1bcjvrpbAKaziB2dprCftbxtPsk3AfQ5ztpn0PfnhmiyebcIQQ==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/png
content-length: 5295
last-modified: Thu, 09 Sep 2021 03:07:51 GMT
etag: W/"ZatzQJXOk/oZatyOF1IGA0"
accept-ranges: bytes
er_information: ER_EXECUTED:;ER_EXECUTED_RULE:, ER_EXECUTED:;ER_EXECUTED_RULE:, ER_EXECUTED:;ER_EXECUTED_RULE:
date: Mon, 07 Apr 2025 15:49:05 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=94, origin; dur=0, ak_p; desc="1744040945084_1600457620_233560915_9426_12419_4_0_12";dur=1
strict-transport-security: max-age=86400 ; includeSubDomains
akamai-grn: 0.940b655f.1744040945.debdb53
X-Firefox-Spdy: h2
|
|
| marriott.learn.corporate.ef.com/ | 104.18.34.207 | 302 Found | 4.8 kB |
URL User Request GET marriott.learn.corporate.ef.com/ IP104.18.34.207:443
CertificateIssuerGoogle Trust Services Subjectlearn.corporate.ef.com Fingerprint83:52:5C:AC:68:BE:F8:54:B0:E5:71:1B:E9:F7:4C:F0:0B:C7:65:5F ValidityFri, 14 Mar 2025 12:17:21 GMT - Thu, 12 Jun 2025 13:16:57 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: marriott.learn.corporate.ef.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Mon, 07 Apr 2025 15:48:58 GMT
content-type: text/html
content-length: 143
location: https://learn.corporate.ef.com/?domain_hint=marriott.com
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
set-cookie: __cf_bm=bqZs9U_6ytnAOVrX22Al.ANuROljCfytJtLGZQ8eCkQ-1744040938-1.0.1.1-WJJB0PPdkyxaMCWgcIkLGSgnG9RdloudFKIRxUs5DaEdnxLiutnQD35J3sHJgj9Jsi8x5mbfT8AN9esj8uhl7eDWuuSei2N9Ue3foag9psw; path=/; expires=Mon, 07-Apr-25 16:18:58 GMT; domain=.learn.corporate.ef.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
strict-transport-security: max-age=2592000; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 92caac1b9953568f-OSL
X-Firefox-Spdy: h2
|
|
| learn.corporate.ef.com/login/v1/login/oauth2/initiate?provider=AAD_US&initiator=SCHOOL_WEB&state=/&domain_hint=marriott.com&partnerCode=&sso_token_hint= | 104.18.34.207 | 302 Found | 6.8 kB |
URL User Request GET learn.corporate.ef.com/login/v1/login/oauth2/initiate?provider=AAD_US&initiator=SCHOOL_WEB&state=/&domain_hint=marriott.com&partnerCode=&sso_token_hint= IP104.18.34.207:443
CertificateIssuerGoogle Trust Services Subjectlearn.corporate.ef.com Fingerprint83:52:5C:AC:68:BE:F8:54:B0:E5:71:1B:E9:F7:4C:F0:0B:C7:65:5F ValidityFri, 14 Mar 2025 12:17:21 GMT - Thu, 12 Jun 2025 13:16:57 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /login/v1/login/oauth2/initiate?provider=AAD_US&initiator=SCHOOL_WEB&state=/&domain_hint=marriott.com&partnerCode=&sso_token_hint= HTTP/1.1
Host: learn.corporate.ef.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://learn.corporate.ef.com/?domain_hint=marriott.com
Cookie: __cf_bm=bqZs9U_6ytnAOVrX22Al.ANuROljCfytJtLGZQ8eCkQ-1744040938-1.0.1.1-WJJB0PPdkyxaMCWgcIkLGSgnG9RdloudFKIRxUs5DaEdnxLiutnQD35J3sHJgj9Jsi8x5mbfT8AN9esj8uhl7eDWuuSei2N9Ue3foag9psw; b2blang=en
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Mon, 07 Apr 2025 15:48:59 GMT
location: https://global.accounts.corporate.ef.com/global.accounts.corporate.ef.com/B2C_1A_SIGNIN_CORP_GLOBAL/oauth2/v2.0/authorize?response_type=code&prompt=login&response_mode=query&client_id=67c9a572-7ddc-4ec9-8baf-c2e132078a0c&redirect_uri=https%3A%2F%2Flearn.corporate.ef.com%2Flogin%2Fv1%2Flogin%2Foauth2%2Fcallback%2FAAD_US&scope=openid&state=%7B%22initiatorCode%22%3A%22SCHOOL_WEB%22%2C%22initiatorState%22%3A%22%2F%22%2C%22csrfToken%22%3A%22eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwcm92aWRlciI6IkFBRF9VUyIsImluaXRpYXRvciI6IlNDSE9PTF9XRUIiLCJpbml0aWF0aW9uSWQiOiI4MDAxMDgxNC1mNmY0LTQwYmEtYmQ3NS01ODBhYWVkYzUzZWEiLCJpYXQiOjE3NDQwNDA5MzksImV4cCI6MTc0NDA0MTUzOX0.VhJtMlxehEw3wAV2gCJm77qsTDakTbXpmgNhjQ-xp_E%22%7D&platform=web&domain_hint=marriott.com
set-cookie: el-b2b-lc_csrf_UUjmK=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwcm92aWRlciI6IkFBRF9VUyIsImluaXRpYXRvciI6IlNDSE9PTF9XRUIiLCJpbml0aWF0aW9uSWQiOiI4MDAxMDgxNC1mNmY0LTQwYmEtYmQ3NS01ODBhYWVkYzUzZWEiLCJpYXQiOjE3NDQwNDA5MzksImV4cCI6MTc0NDA0MTUzOX0.VhJtMlxehEw3wAV2gCJm77qsTDakTbXpmgNhjQ-xp_E; Max-Age=600; Path=/; Expires=Mon, 07 Apr 2025 15:58:59 GMT; HttpOnly
x-ef-correlation-id: e63b801b-ab3a-4110-9be0-50140ef5e3a0
x-powered-by: Express
cf-cache-status: DYNAMIC
strict-transport-security: max-age=2592000; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 92caac213a53568f-OSL
X-Firefox-Spdy: h2
|
|
| extranetcloud.marriott.com/marrsso/idp/SSO.saml2 | 23.33.119.114 | 200 OK | 33 kB |
URL User Request POST extranetcloud.marriott.com/marrsso/idp/SSO.saml2 IP23.33.119.114:443 ASN#20940 Akamai International B.V.
CertificateIssuerEntrust, Inc. Subjectcn-san.marriott.com Fingerprint69:9C:1B:AB:A9:69:F0:76:23:33:36:3E:89:81:D4:C9:0B:6C:ED:AC ValidityMon, 09 Sep 2024 15:17:54 GMT - Thu, 09 Oct 2025 15:17:52 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (6414) Hash5adf3a639d36796b75034d1c1e00318e 5d980b94490eaba05af3fe91285921410a7dc258 05b9b5d743da564498cc4a65212aaadbc6d7fdee800c0beb21041bc3b97787bf
POST /marrsso/idp/SSO.saml2 HTTP/1.1
Host: extranetcloud.marriott.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 5670
Referer: https://efideu.b2clogin.com/
Origin: https://efideu.b2clogin.com
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html;charset=utf-8
x-ua-compatible: IE=edge
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-akamai-transformed: 9 27946 0 pmb=mNONE,1mRUM,2
vary: Accept-Encoding
content-encoding: gzip
date: Mon, 07 Apr 2025 15:49:03 GMT
content-length: 10467
set-cookie: PF-PROD=rNL28oHGLmWxRGmIxtEWeD; Path=/; Domain=.marriott.com; Secure; HttpOnly; SameSite=None
AKA_A2=A; expires=Mon, 07-Apr-2025 16:49:03 GMT; path=/; domain=marriott.com; secure; HttpOnly
ak_bmsc=DE76C831373B9D06F1514CE8302112E0~000000000000000000000000000000~YAAQlAtlX7bCmwSWAQAAXODwEBsYyjoqdH2cUPXxDSTf4V0wF78kiPcSr/HUNoR8pTLCLvid4JH+TfnQvcrlPWX3OH+q/8UHW5n8etwQeY66RRu4iZgFHmZgx70TiEZ3thTkzVpUqmg/SePMcMvEvhYjqmbEfOf35kg8s1LjgCwIfu3SLHQObuYk+1v0hb1HOAefBDzwA0PZ5It/zpRyULS3elyi/xGcp5Jp8+INkyLHP6ude04j9LgBqadpIGblrIVcB/V/HVmjw7Gbef8hMgYFiTxttcgXu5kul6uLNvuVBXZ5L7lS13NsUgKF1fAEoSxPfZ24FQ4RZWjkTDo+oR/LWomG1bcjvrpbAKaziB2dprCftbxtPsk3AfQ5ztpn0PfnhmiyebcIQQ==; Domain=.marriott.com; Path=/; Expires=Mon, 07 Apr 2025 17:49:02 GMT; Max-Age=7199
server-timing: cdn-cache; desc=MISS, edge; dur=646, origin; dur=934, ak_p; desc="1744040942059_1600457620_233557995_157971_9700_4_0_41";dur=1
link: <https://d2o9p5vky89u4e.cloudfront.net>;rel="preconnect"
er_information: ER_EXECUTED:;ER_EXECUTED_RULE:
strict-transport-security: max-age=86400 ; includeSubDomains
akamai-grn: 0.940b655f.1744040942.debcfeb
X-Firefox-Spdy: h2
|
|
| extranetcloud.marriott.com/common/js/marriottCommon.js?seed=AMBs3xCWAQAAD-tmwqFogz1dQFuYenA9vQ3iGCixAb9mwdIh3ozqZymMKlmc&X-aZnN0eCb--z=q | 23.33.119.114 | 200 OK | 315 kB |
URL GET extranetcloud.marriott.com/common/js/marriottCommon.js?seed=AMBs3xCWAQAAD-tmwqFogz1dQFuYenA9vQ3iGCixAb9mwdIh3ozqZymMKlmc&X-aZnN0eCb--z=q IP23.33.119.114:443 ASN#20940 Akamai International B.V.
Requested byhttps://extranetcloud.marriott.com/marrsso/idp/SSO.saml2 CertificateIssuerEntrust, Inc. Subjectcn-san.marriott.com Fingerprint69:9C:1B:AB:A9:69:F0:76:23:33:36:3E:89:81:D4:C9:0B:6C:ED:AC ValidityMon, 09 Sep 2024 15:17:54 GMT - Thu, 09 Oct 2025 15:17:52 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size315 kB (314836 bytes) Hasha6d03a6753852dc4dad5c3e832477f9a 80c89f103b049d60ef00492ae016a6d1e3650aff 5952ede4b6932306daf81536e4759cb3505ed806e6254d640261a77767beaef3
GET /common/js/marriottCommon.js?seed=AMBs3xCWAQAAD-tmwqFogz1dQFuYenA9vQ3iGCixAb9mwdIh3ozqZymMKlmc&X-aZnN0eCb--z=q HTTP/1.1
Host: extranetcloud.marriott.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://extranetcloud.marriott.com/marrsso/idp/SSO.saml2
Cookie: PF-PROD=rNL28oHGLmWxRGmIxtEWeD; AKA_A2=A; ak_bmsc=DE76C831373B9D06F1514CE8302112E0~000000000000000000000000000000~YAAQlAtlX7bCmwSWAQAAXODwEBsYyjoqdH2cUPXxDSTf4V0wF78kiPcSr/HUNoR8pTLCLvid4JH+TfnQvcrlPWX3OH+q/8UHW5n8etwQeY66RRu4iZgFHmZgx70TiEZ3thTkzVpUqmg/SePMcMvEvhYjqmbEfOf35kg8s1LjgCwIfu3SLHQObuYk+1v0hb1HOAefBDzwA0PZ5It/zpRyULS3elyi/xGcp5Jp8+INkyLHP6ude04j9LgBqadpIGblrIVcB/V/HVmjw7Gbef8hMgYFiTxttcgXu5kul6uLNvuVBXZ5L7lS13NsUgKF1fAEoSxPfZ24FQ4RZWjkTDo+oR/LWomG1bcjvrpbAKaziB2dprCftbxtPsk3AfQ5ztpn0PfnhmiyebcIQQ==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
x-ion-hop: v2-test
content-encoding: gzip
vary: Accept-Encoding
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: public, max-age=3600
date: Mon, 07 Apr 2025 15:49:04 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=190, origin; dur=71, ak_p; desc="1744040944291_1600457620_233560191_26097_13635_1_0_21";dur=1
er_information: ER_EXECUTED:;ER_EXECUTED_RULE:, ER_EXECUTED:;ER_EXECUTED_RULE:
strict-transport-security: max-age=86400 ; includeSubDomains
akamai-grn: 0.8b3a2f17.1744040944.5c75391, 0.940b655f.1744040944.debd87f
X-Firefox-Spdy: h2
|
|
| d2o9p5vky89u4e.cloudfront.net/MDMxNjdkNjBkZGQyLm8zbi5pbw%3D%3D/epxewo0pa0j212nmmg5svcizf/bWFycmlvdHQuY29t/img.gif |  3.164.60.138 | 200 OK | 51 B |
URL GET d2o9p5vky89u4e.cloudfront.net/MDMxNjdkNjBkZGQyLm8zbi5pbw%3D%3D/epxewo0pa0j212nmmg5svcizf/bWFycmlvdHQuY29t/img.gif IP3.164.60.138:443
Requested byhttps://extranetcloud.marriott.com/marrsso/idp/SSO.saml2 CertificateIssuerAmazon Subject*.cloudfront.net Fingerprint28:D3:87:79:3C:E8:8B:3C:D9:10:45:E5:F7:64:7A:6D:44:4E:5A:62 ValidityTue, 30 Jul 2024 00:00:00 GMT - Thu, 03 Jul 2025 23:59:59 GMT
File typeGIF image data, version 89a, 1 x 1 Hash6d22e4f2d2057c6e8d6fab098e76e80f b80b11203d97fe01c5597ca3be70406ea48f5709 afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
GET /MDMxNjdkNjBkZGQyLm8zbi5pbw%3D%3D/epxewo0pa0j212nmmg5svcizf/bWFycmlvdHQuY29t/img.gif HTTP/1.1
Host: d2o9p5vky89u4e.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://extranetcloud.marriott.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: CloudFront
date: Mon, 07 Apr 2025 15:49:05 GMT
content-type: image/gif
content-length: 51
cache-control: no-store
cross-origin-resource-policy: cross-origin
x-cache: FunctionGeneratedResponse from cloudfront
via: 1.1 695ddd780581acd9820e7c6c6fb8d0e8.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P4
x-amz-cf-id: YyYCbIQAAPcbfgpRJ0FVTF7uGjl4O_olIHVIh-xrWPv57VMpDGOLSA==
X-Firefox-Spdy: h2
|
|
| learn.corporate.ef.com/api/bff/auth/initialize?state=%2F&clientTimezone=UTC | 104.18.34.207 | 403 Forbidden | 368 B |
URL GET learn.corporate.ef.com/api/bff/auth/initialize?state=%2F&clientTimezone=UTC IP104.18.34.207:443
Requested byhttps://learn.corporate.ef.com/?domain_hint=marriott.com CertificateIssuerGoogle Trust Services Subjectlearn.corporate.ef.com Fingerprint83:52:5C:AC:68:BE:F8:54:B0:E5:71:1B:E9:F7:4C:F0:0B:C7:65:5F ValidityFri, 14 Mar 2025 12:17:21 GMT - Thu, 12 Jun 2025 13:16:57 GMT
Hashe5da8c7dcb943b49341dc6814205e83f 12b9b74fbe510de546be1bf5f27275011c831fe4 9e0d1ea6038c009e10ba3dbaf4012907f21b32872c48bf1fdb8461b0654f4ee0
GET /api/bff/auth/initialize?state=%2F&clientTimezone=UTC HTTP/1.1
Host: learn.corporate.ef.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://learn.corporate.ef.com/?domain_hint=marriott.com
content-type: application/json
x-ef-correlation-id: 70803eff-1542-41ca-8a50-03dad1f73e0a
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=bqZs9U_6ytnAOVrX22Al.ANuROljCfytJtLGZQ8eCkQ-1744040938-1.0.1.1-WJJB0PPdkyxaMCWgcIkLGSgnG9RdloudFKIRxUs5DaEdnxLiutnQD35J3sHJgj9Jsi8x5mbfT8AN9esj8uhl7eDWuuSei2N9Ue3foag9psw; b2blang=en
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Mon, 07 Apr 2025 15:48:59 GMT
content-type: application/json; charset=utf-8
cache-control: no-store
strict-transport-security: max-age=2592000; preload
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 92caac20894b568f-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| global.accounts.corporate.ef.com/global.accounts.corporate.ef.com/B2C_1A_SIGNIN_CORP_GLOBAL/oauth2/v2.0/authorize?response_type=code&prompt=login&response_mode=query&client_id=67c9a572-7ddc-4ec9-8baf-c2e132078a0c&redirect_uri=https%3A%2F%2Flearn.corporate.ef.com%2Flogin%2Fv1%2Flogin%2Foauth2%2Fcallback%2FAAD_US&scope=openid&state=%7B%22initiatorCode%22%3A%22SCHOOL_WEB%22%2C%22initiatorState%22%3A%22%2F%22%2C%22csrfToken%22%3A%22eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwcm92aWRlciI6IkFBRF9VUyIsImluaXRpYXRvciI6IlNDSE9PTF9XRUIiLCJpbml0aWF0aW9uSWQiOiI4MDAxMDgxNC1mNmY0LTQwYmEtYmQ3NS01ODBhYWVkYzUzZWEiLCJpYXQiOjE3NDQwNDA5MzksImV4cCI6MTc0NDA0MTUzOX0.VhJtMlxehEw3wAV2gCJm77qsTDakTbXpmgNhjQ-xp_E%22%7D&platform=web&domain_hint=marriott.com | 13.107.246.53 | 302 Found | 6.8 kB |
URL User Request GET global.accounts.corporate.ef.com/global.accounts.corporate.ef.com/B2C_1A_SIGNIN_CORP_GLOBAL/oauth2/v2.0/authorize?response_type=code&prompt=login&response_mode=query&client_id=67c9a572-7ddc-4ec9-8baf-c2e132078a0c&redirect_uri=https%3A%2F%2Flearn.corporate.ef.com%2Flogin%2Fv1%2Flogin%2Foauth2%2Fcallback%2FAAD_US&scope=openid&state=%7B%22initiatorCode%22%3A%22SCHOOL_WEB%22%2C%22initiatorState%22%3A%22%2F%22%2C%22csrfToken%22%3A%22eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwcm92aWRlciI6IkFBRF9VUyIsImluaXRpYXRvciI6IlNDSE9PTF9XRUIiLCJpbml0aWF0aW9uSWQiOiI4MDAxMDgxNC1mNmY0LTQwYmEtYmQ3NS01ODBhYWVkYzUzZWEiLCJpYXQiOjE3NDQwNDA5MzksImV4cCI6MTc0NDA0MTUzOX0.VhJtMlxehEw3wAV2gCJm77qsTDakTbXpmgNhjQ-xp_E%22%7D&platform=web&domain_hint=marriott.com IP13.107.246.53:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
CertificateIssuerDigiCert, Inc. Subjectglobal.accounts.corporate.ef.com Fingerprint11:DC:3E:AB:3F:C2:1C:4A:97:FD:A9:B8:22:3F:A7:D4:3F:5E:0C:60 ValidityWed, 15 Jan 2025 00:00:00 GMT - Tue, 15 Jul 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /global.accounts.corporate.ef.com/B2C_1A_SIGNIN_CORP_GLOBAL/oauth2/v2.0/authorize?response_type=code&prompt=login&response_mode=query&client_id=67c9a572-7ddc-4ec9-8baf-c2e132078a0c&redirect_uri=https%3A%2F%2Flearn.corporate.ef.com%2Flogin%2Fv1%2Flogin%2Foauth2%2Fcallback%2FAAD_US&scope=openid&state=%7B%22initiatorCode%22%3A%22SCHOOL_WEB%22%2C%22initiatorState%22%3A%22%2F%22%2C%22csrfToken%22%3A%22eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwcm92aWRlciI6IkFBRF9VUyIsImluaXRpYXRvciI6IlNDSE9PTF9XRUIiLCJpbml0aWF0aW9uSWQiOiI4MDAxMDgxNC1mNmY0LTQwYmEtYmQ3NS01ODBhYWVkYzUzZWEiLCJpYXQiOjE3NDQwNDA5MzksImV4cCI6MTc0NDA0MTUzOX0.VhJtMlxehEw3wAV2gCJm77qsTDakTbXpmgNhjQ-xp_E%22%7D&platform=web&domain_hint=marriott.com HTTP/1.1
Host: global.accounts.corporate.ef.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://learn.corporate.ef.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Mon, 07 Apr 2025 15:49:00 GMT
content-type: text/html; charset=utf-8
content-length: 759
cache-control: no-store, must-revalidate, no-cache
location: https://efideu.b2clogin.com/efideu.onmicrosoft.com/b2c_1a_auth_corp_efid/oauth2/v2.0/authorize?client_id=328f4e7d-90a7-4cee-b5c8-07194886cae6&redirect_uri=https%3a%2f%2fglobal.accounts.corporate.ef.com%2fefcorpglobal.onmicrosoft.com%2foauth2%2fauthresp&response_type=code&scope=openid&response_mode=form_post&nonce=n7vW0GjLssCltUMo7f%2b9%2fA%3d%3d&domain_hint=marriott.com&prompt=login&state=StateProperties%3deyJTSUQiOiJ4LW1zLWNwaW0tcmM6NjQ2NzhmYzYtMjMyNy00Y2U5LTg0Y2QtMDRjN2JhMGU1NDBjIiwiVElEIjoiMzFkOGRhYTctNzY3YS00YTcwLThhMjUtZGM3OTkyYTY1OGNmIiwiVE9JRCI6IjZkMDU5MTdkLWJmZTctNDAzZC05MjZkLTc1NGQ3MDllNWJiMCJ9
x-ms-gateway-requestid: 0791eea0-cff1-4864-853a-8a8ec0b292ad
x-frame-options: DENY
public: OPTIONS,TRACE,GET,HEAD,POST
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
set-cookie: x-ms-cpim-sso:efcorpglobal.onmicrosoft.com_0=m1.DKW74HN0tQB0c6Df.jvHleSmEVIlvkOBdV3UTsg==.0.zBGLkQsC7IBn3yOgH2CGbid140wpY9ePSUOKDvdEO8TpfYKptywxfdvINgAA7dTGyBdb0tbRAlGd/KGnUNkwNuxTlSrK2BJdR4aUJk1rMkYGsRv5BR3jk5emc5mHbdUUf21GDTsdQfX+mQ1tobUSfK2MBaqcMbc33xjcrfsoeby6yzNZA9ZtBzS+mxH3m8uNCypd0g2Imby2KWMHdQc1r2PPSJrXoCdFN/CDva+AIMhzb/gMUNKvb9YYYFSiSr2zTlQcOgzwxHwCca3MLsfK4ITzLdTTVun1c2uVENDmL23J2F5z6WM/K8T3O1BFC1wm8/FMMZXOqiewKfK3EtNq8A4rfhPtXpwDxi9Amk9CiKgTmgB4HB+wc5of/v7+3+s8OD2HjO2xa3aRvdykxoTY2do=; domain=global.accounts.corporate.ef.com; path=/; SameSite=None; secure; HttpOnly
x-ms-cpim-rc:64678fc6-2327-4ce9-84cd-04c7ba0e540c=alR5aUQwYTR0TkdWZ1BCTzc2ckxFUng0RjcwTi9BMy9BbjBLZEJ6VU5iOHpaVkJzTHV6bUMzcFdyWVQxUjFIUy9OdHRFdklPTWRQZnR1QTFFVlA5cVE9PTsyMDI1LTA0LTA3VDE1OjQ5OjAwLjI5NTA2NjhaO25iOGRxVks2R25JTW5tcVRZSDlyR0E9PTt7IlRhcmdldEVudGl0eSI6IlNlbmRUb0VGSUQiLCJPcmNoZXN0cmF0aW9uU3RlcCI6M30=; domain=global.accounts.corporate.ef.com; path=/; SameSite=None; secure; HttpOnly
x-ms-cpim-cache|p9rymxp2ceqkjdx5kqzyzw_0=m1.67S5MsV7UC5ZmsRz.HXHDHdKRUV2C26jY/839tw==.0.QJbGirUINkhjvKRBSetoK/LkQLGBMObnUb8BYdqbGT50btLP/EJ01XXRrTKZlgdTBHn8woJain8I+kLzRpXBElvprFIqDK/qio9JCYjCNj4M0J4/S3gSgs5u9lxmOKdkLqwNeAX1kHl2ErNbu65yyr+MQOII+qEcj9HJ2BYP2auPcNgItk4ljCaY7wDoFhIzX9mQ+PI7B1zdlKPCpErlzTBJScb0/Cb6zf4g9wIgCE/m5R5W/Riyf2sv6kQnL0RCcthVicOAGuj9BztIWLhZLpa9CAp2GyfqzqNSfMOGI35Z3MBb7gPBYG0Ck0IXxFsSGFf0Ax4H+AggYAM+PkZFObDyRmAW3APodHBhZa80azmJ1pJUYFes513zKtz2kqME3/L318TgSQaMXQ80hwpnoeq/FMSOPjqVYVuJesLpd8uk1K1OgBWZoF4lfBgWyCW/dEeK99UaKMC1zAt+WJna1VsjVgE8B8puUfPpai65eBvy4vh3KMCxrw88VtBdafXal1f23OnlQjO2rNYIuMP/jzwaqSMkLkkQPRW9AMAKzwvo8gNjZeOvFWOE+BI0MYdxul1DhL8R53s4twFgpB9HzlaE0J0uRzXT33ManPhTb2RjeMTRrURoMPGoF/QmaL6V2JGmQJOPU70gnNOs7l4WWMA4Zj0bWYR61b7+y1+itFHYR+Yfvz4H6UafQgdQaL2DuvHxUPGu6hqTAJ4GGZFUGW+IwBZuAAz5+gx4OzKjlhDRggPWOW9vSn/OuoWxDSKrk3/4NOwOrlkdPhtPgTbP/zHWXWE2l1n36SllhGzwdmsJZQndtZMq0B2y4kt0Yj+lEscyBLkz3v1MG5oltzm0MMzBuD2Q576e8Yu+a9seMRPX1ENcgt26JU9WNpGuo8lCvvxunsnk3swe8XGRZAOAxY+zvQM2UKrMpo7yGNqLlaarWK28PQhXXYYfkGzsK0dAHbs+dnpMUwHSSWQP8y7CE7N9uT2m7vf6zINjNVSgPKPgKj6Wx5N7jhCSeeXHOj3Ot1XZYtn4PlS8gSOZf80xHaII+XL2DmoDNr1NjdQP0Lh+fS7OPXVeP2KnFtsZF9T4+EUXsF2rz0wBwNS5rVlX8eItp1Z3zke7SvAOz1jzWeVB0B0l; domain=global.accounts.corporate.ef.com; path=/; SameSite=None; secure; HttpOnly
x-ms-cpim-trans=eyJUX0RJQyI6W3siSSI6IjMxZDhkYWE3LTc2N2EtNGE3MC04YTI1LWRjNzk5MmE2NThjZiIsIlQiOiJlZmNvcnBnbG9iYWwub25taWNyb3NvZnQuY29tIiwiUCI6IkIyQ18xQV9TSUdOSU5fQ09SUF9HTE9CQUwiLCJDIjoiNjdjOWE1NzItN2RkYy00ZWM5LThiYWYtYzJlMTMyMDc4YTBjIiwiUyI6MSwiTSI6e30sIkQiOjAsIkUiOiIifV0sIkNfSUQiOiIzMWQ4ZGFhNy03NjdhLTRhNzAtOGEyNS1kYzc5OTJhNjU4Y2YifQ==; domain=global.accounts.corporate.ef.com; path=/; SameSite=None; secure; HttpOnly
allow: OPTIONS, TRACE, GET, HEAD, POST
x-azure-ref: 20250407T154859Z-r1ccbf87bccr6vx6hC1SVGdev0000000097g000000008hs6
x-cache: CONFIG_NOCACHE
X-Firefox-Spdy: h2
|
|
| learn.corporate.ef.com/assets/fonts/EFCircularWeb-Book.woff2 | 104.18.34.207 | | 0 B |
URL GET learn.corporate.ef.com/assets/fonts/EFCircularWeb-Book.woff2 IP104.18.34.207:443
Requested byhttps://learn.corporate.ef.com/?domain_hint=marriott.com CertificateIssuerGoogle Trust Services Subjectlearn.corporate.ef.com Fingerprint83:52:5C:AC:68:BE:F8:54:B0:E5:71:1B:E9:F7:4C:F0:0B:C7:65:5F ValidityFri, 14 Mar 2025 12:17:21 GMT - Thu, 12 Jun 2025 13:16:57 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /assets/fonts/EFCircularWeb-Book.woff2 HTTP/1.1
Host: learn.corporate.ef.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://learn.corporate.ef.com/?domain_hint=marriott.com
Cookie: __cf_bm=bqZs9U_6ytnAOVrX22Al.ANuROljCfytJtLGZQ8eCkQ-1744040938-1.0.1.1-WJJB0PPdkyxaMCWgcIkLGSgnG9RdloudFKIRxUs5DaEdnxLiutnQD35J3sHJgj9Jsi8x5mbfT8AN9esj8uhl7eDWuuSei2N9Ue3foag9psw; b2blang=en
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
|
|
| extranetcloud.marriott.com/userauth/ig-adapter-security-code-challenge/marriott_title_logo_iKk_icon.ico | 23.33.119.114 | 200 OK | 62 kB |
URL GET extranetcloud.marriott.com/userauth/ig-adapter-security-code-challenge/marriott_title_logo_iKk_icon.ico IP23.33.119.114:443 ASN#20940 Akamai International B.V.
Requested byhttps://extranetcloud.marriott.com/marrsso/idp/SSO.saml2 CertificateIssuerEntrust, Inc. Subjectcn-san.marriott.com Fingerprint69:9C:1B:AB:A9:69:F0:76:23:33:36:3E:89:81:D4:C9:0B:6C:ED:AC ValidityMon, 09 Sep 2024 15:17:54 GMT - Thu, 09 Oct 2025 15:17:52 GMT
File typeMS Windows icon resource - 5 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel Hash9fdbcb382a5786a82381d06d9e6b65d6 5fc0551abb1683460ed318925be5fc1918a4c926 bfb43d228cbac38e093fd9a9571d37e0d200a880949ea67d2a5d0acdb9b71531
GET /userauth/ig-adapter-security-code-challenge/marriott_title_logo_iKk_icon.ico HTTP/1.1
Host: extranetcloud.marriott.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://extranetcloud.marriott.com/marrsso/idp/SSO.saml2
Cookie: PF-PROD=rNL28oHGLmWxRGmIxtEWeD; AKA_A2=A; ak_bmsc=DE76C831373B9D06F1514CE8302112E0~000000000000000000000000000000~YAAQlAtlX7bCmwSWAQAAXODwEBsYyjoqdH2cUPXxDSTf4V0wF78kiPcSr/HUNoR8pTLCLvid4JH+TfnQvcrlPWX3OH+q/8UHW5n8etwQeY66RRu4iZgFHmZgx70TiEZ3thTkzVpUqmg/SePMcMvEvhYjqmbEfOf35kg8s1LjgCwIfu3SLHQObuYk+1v0hb1HOAefBDzwA0PZ5It/zpRyULS3elyi/xGcp5Jp8+INkyLHP6ude04j9LgBqadpIGblrIVcB/V/HVmjw7Gbef8hMgYFiTxttcgXu5kul6uLNvuVBXZ5L7lS13NsUgKF1fAEoSxPfZ24FQ4RZWjkTDo+oR/LWomG1bcjvrpbAKaziB2dprCftbxtPsk3AfQ5ztpn0PfnhmiyebcIQQ==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/x-icon
last-modified: Thu, 09 Sep 2021 03:07:51 GMT
etag: W/"/e+YSBTgIQI/e+ZMNxmTqg"
accept-ranges: bytes
er_information: ER_EXECUTED:;ER_EXECUTED_RULE:, ER_EXECUTED:;ER_EXECUTED_RULE:, ER_EXECUTED:;ER_EXECUTED_RULE:
vary: Accept-Encoding
content-encoding: gzip
date: Mon, 07 Apr 2025 15:49:05 GMT
content-length: 17859
server-timing: cdn-cache; desc=HIT, edge; dur=4, ak_p; desc="1744040945217_1600457620_233561066_513_12822_2_0_21";dur=1
strict-transport-security: max-age=86400 ; includeSubDomains
akamai-grn: 0.940b655f.1744040945.debdbea
X-Firefox-Spdy: h2
|
|