Submitted URL: https://wrk-mctrack-uat.state.mi.us/
Effective URL: https://miloginworkerqa.michigan.gov/sps/WorkersExternalSAML20/saml20/login
Submission: On August 01 via automatic, source certstream-suspicious — Scanned from US

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 4 HTTP transactions. The main IP is 172.64.150.213, located in United States and belongs to CLOUDFLARENET, US. The main domain is miloginworkerqa.michigan.gov.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 21st 2022. Valid for: a year.
This is the only time miloginworkerqa.michigan.gov was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 172.64.151.104 13335 (CLOUDFLAR...)
2 172.64.150.213 13335 (CLOUDFLAR...)
4 3
Domain Requested by
2 miloginworkerqa.michigan.gov miloginworkerqa.michigan.gov
1 wrk-mctrack-uat.state.mi.us
4 2

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-08-01 -
2024-07-30
a year crt.sh

This page contains 1 frames:

Primary Page: https://miloginworkerqa.michigan.gov/sps/WorkersExternalSAML20/saml20/login
Frame ID: 6FDFDA9C1839325EDB5FC040EB05EC6A
Requests: 4 HTTP requests in this frame

Screenshot

Page Title

A SAML error has occurred

Page URL History Show full URLs

  1. https://wrk-mctrack-uat.state.mi.us/ Page URL
  2. https://miloginworkerqa.michigan.gov/sps/WorkersExternalSAML20/saml20/login Page URL

Page Statistics

4
Requests

75 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

21 kB
Transfer

22 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://wrk-mctrack-uat.state.mi.us/ Page URL
  2. https://miloginworkerqa.michigan.gov/sps/WorkersExternalSAML20/saml20/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
wrk-mctrack-uat.state.mi.us/
6 KB
4 KB
Document
General
Full URL
https://wrk-mctrack-uat.state.mi.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9df4fc4528b6663e75abda1eb2771636925122f3b796490fcd75c995e290c396

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate, private
cf-cache-status
DYNAMIC
cf-ray
7f0053e9e86f420d-EWR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 01 Aug 2023 19:01:06 GMT
expires
01-Jan-1997 12:00:00 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lCKHFi%2BNEjtr%2FuOPZUawYR0CLP0vYM0Kned8wPKO4Rzu8OjP4AUe9KeD5%2BoJuCxbjl91xYlPSbrbeVM9rRKtJ%2FWIVKGR0%2BuZzXC7JnMcgV6kEnopmjW3wJb6nWCdiv1kjRplis0Z1bzfWJMk8w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
Primary Request login
miloginworkerqa.michigan.gov/sps/WorkersExternalSAML20/saml20/
1 KB
2 KB
Document
General
Full URL
https://miloginworkerqa.michigan.gov/sps/WorkersExternalSAML20/saml20/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.150.213 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5ffc901eaa7b14d7cc716c203d86d7b393edb2cbda597df6c0e7b0f6ee63616
Security Headers
Name Value
Content-Security-Policy default-src'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://wrk-mctrack-uat.state.mi.us
Referer
https://wrk-mctrack-uat.state.mi.us/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache="set-cookie, set-cookie2"
cf-cache-status
DYNAMIC
cf-ray
7f0053eb4e4bc431-EWR
content-encoding
gzip
content-language
en-US
content-security-policy
default-src'self'
content-type
text/html;charset=UTF-8
date
Tue, 01 Aug 2023 19:01:06 GMT
expires
Thu, 01 Dec 1994 16:00:00 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
CP="NON CUR OTPi OUR NOR UNI"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VfTkfeCnRPIAMbf8%2BfJxfSwbmn8L7Ir4zRM%2BfDEcyV%2BUE%2Fl7csURwPybe0e1z04CZ%2BWoH3XQAnV%2BLHd%2Fi78qK7eArbu02V0cc2UR1ar5Vk3gKCyGXC8CEBs1xMZ%2BBTKs2T6suUPtN1Pt0G9oO5o%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
session-timeout
0
strict-transport-security
max-age=31536000; includeSubDomains
x-frame-options
SAMEORIGIN
x-xss-protection
1
styles.css
miloginworkerqa.michigan.gov/sps/static/
0
0

ibm-logo.png
miloginworkerqa.michigan.gov/sps/static/
15 KB
15 KB
Image
General
Full URL
https://miloginworkerqa.michigan.gov/sps/static/ibm-logo.png
Requested by
Host: miloginworkerqa.michigan.gov
URL: https://miloginworkerqa.michigan.gov/sps/WorkersExternalSAML20/saml20/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.150.213 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://miloginworkerqa.michigan.gov/sps/WorkersExternalSAML20/saml20/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 19:01:06 GMT
content-security-policy
default-src'self'
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
content-encoding
gzip
p3p
CP="NON CUR OTPi OUR NOR UNI"
x-xss-protection
1
pragma
no-cache
session-timeout
1800
server
cloudflare
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7aG1El%2BTo%2BXRCnZCxTkKV%2FscrVpsTf92x0xf%2Fg6%2FJSzArR%2BUKByL3VnsXUEu320SrPELCMcNGj7MFJvOiBEqdg8vZduMOcJ2ru6YhHLRcCIMRh%2BhRoyOQMF72KOM2NrrLo39JeSsnScfxM4zuKo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
no-store
cf-ray
7f0053ece80dc431-EWR

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
miloginworkerqa.michigan.gov
URL
https://miloginworkerqa.michigan.gov/sps/static/styles.css

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Domain/Path Name / Value
wrk-mctrack-uat.state.mi.us/ Name: _opensaml_req_ss%3Amem%3A461ba1c5a3b40bc26a447aa539849a70c93ee7b656a165eae4354c04bd7ab757
Value: _dbfcbbc3e32674527fc22bcb5d64a099
miloginworkerqa.michigan.gov/ Name: AMWEBJCT!%2Fsps!JSESSIONID
Value: 0000wpEeNHwkZk4HdIBkmZ8XT_L:57ec9202-443d-4c9d-a04a-b84b944f45e3
miloginworkerqa.michigan.gov/ Name: PD_STATEFUL_138f46b4-6525-11ea-8982-005056892783
Value: %2Fsps
miloginworkerqa.michigan.gov/ Name: BIGipServer~DTMB_Center_for_Shared_Solutions~DTMB_27.142_443_Pool
Value: !8T9w52HH49gLmd9b62MPGGZi15ChZO6gIbDRhMy7mGtfpVPWVHr/ncWMREQuS5XotNPbUGu7s7abGnw=
miloginworkerqa.michigan.gov/ Name: IV_JCT
Value: %2Fsps
miloginworkerqa.michigan.gov/ Name: PD-S-SESSION-ID
Value: 0_w2idMTJbrAvqx4lG/F4ABVbZj9qSGiXbOE0mmppHnWqIylk1biI=

2 Console Messages

Source Level URL
Text
security error URL: https://miloginworkerqa.michigan.gov/sps/WorkersExternalSAML20/saml20/login
Message:
The Content-Security-Policy directive name 'default-src'self'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security error URL: https://miloginworkerqa.michigan.gov/sps/WorkersExternalSAML20/saml20/login
Message:
Refused to apply style from 'https://miloginworkerqa.michigan.gov/sps/static/styles.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.