miloginworkerqa.michigan.gov

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 4 HTTP transactions. The main IP is 172.64.150.213, located in United States and belongs to CLOUDFLARENET, US. The main domain is miloginworkerqa.michigan.gov.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 21st 2022. Valid for: a year.

This is the only time miloginworkerqa.michigan.gov was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	172.64.151.104 172.64.151.104	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.64.150.213 172.64.150.213	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	3

1 172.64.151.104 (United States)

ASN13335 (CLOUDFLARENET, US)

wrk-mctrack-uat.state.mi.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.150.213 (United States)

ASN13335 (CLOUDFLARENET, US)

miloginworkerqa.michigan.gov	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	michigan.gov miloginworkerqa.michigan.gov	17 KB
1	state.mi.us wrk-mctrack-uat.state.mi.us	4 KB
4	2

	Domain	Requested by
2	miloginworkerqa.michigan.gov	miloginworkerqa.michigan.gov
1	wrk-mctrack-uat.state.mi.us
4	2

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-08-01` - `2024-07-30`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://miloginworkerqa.michigan.gov/sps/WorkersExternalSAML20/saml20/login
Frame ID: 6FDFDA9C1839325EDB5FC040EB05EC6A
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

A SAML error has occurred

Page URL History Show full URLs

https://wrk-mctrack-uat.state.mi.us/ Page URL
https://miloginworkerqa.michigan.gov/sps/WorkersExternalSAML20/saml20/login Page URL

Page Statistics

4
Requests

75 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

21 kB
Transfer

22 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://wrk-mctrack-uat.state.mi.us/ Page URL
https://miloginworkerqa.michigan.gov/sps/WorkersExternalSAML20/saml20/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
wrk-mctrack-uat.state.mi.us/ 6 KB
4 KB 179ms
122ms Document
text/html 172.64.151.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wrk-mctrack-uat.state.mi.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9df4fc4528b6663e75abda1eb2771636925122f3b796490fcd75c995e290c396

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate, private
cf-cache-status: DYNAMIC
cf-ray: 7f0053e9e86f420d-EWR
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 01 Aug 2023 19:01:06 GMT
expires: 01-Jan-1997 12:00:00 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lCKHFi%2BNEjtr%2FuOPZUawYR0CLP0vYM0Kned8wPKO4Rzu8OjP4AUe9KeD5%2BoJuCxbjl91xYlPSbrbeVM9rRKtJ%2FWIVKGR0%2BuZzXC7JnMcgV6kEnopmjW3wJb6nWCdiv1kjRplis0Z1bzfWJMk8w%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

POST
H2 200 Primary Request login Show response
miloginworkerqa.michigan.gov/sps/WorkersExternalSAML20/saml20/ 1 KB
2 KB 311ms
254ms Document
text/html 172.64.150.213
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://miloginworkerqa.michigan.gov/sps/WorkersExternalSAML20/saml20/login

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

172.64.150.213 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5ffc901eaa7b14d7cc716c203d86d7b393edb2cbda597df6c0e7b0f6ee63616

Security Headers

Name	Value
Content-Security-Policy	default-src'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://wrk-mctrack-uat.state.mi.us
Referer: https://wrk-mctrack-uat.state.mi.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache="set-cookie, set-cookie2"
cf-cache-status: DYNAMIC
cf-ray: 7f0053eb4e4bc431-EWR
content-encoding: gzip
content-language: en-US
content-security-policy: default-src'self'
content-type: text/html;charset=UTF-8
date: Tue, 01 Aug 2023 19:01:06 GMT
expires: Thu, 01 Dec 1994 16:00:00 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: CP="NON CUR OTPi OUR NOR UNI"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VfTkfeCnRPIAMbf8%2BfJxfSwbmn8L7Ir4zRM%2BfDEcyV%2BUE%2Fl7csURwPybe0e1z04CZ%2BWoH3XQAnV%2BLHd%2Fi78qK7eArbu02V0cc2UR1ar5Vk3gKCyGXC8CEBs1xMZ%2BBTKs2T6suUPtN1Pt0G9oO5o%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
session-timeout: 0
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-xss-protection: 1

GET styles.css
miloginworkerqa.michigan.gov/sps/static/ 0
0

GET
H2 200 ibm-logo.png
miloginworkerqa.michigan.gov/sps/static/ 15 KB
15 KB 48ms
48ms Image
text/html 172.64.150.213
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miloginworkerqa.michigan.gov/sps/static/ibm-logo.png

Requested by

Host: miloginworkerqa.michigan.gov
URL: https://miloginworkerqa.michigan.gov/sps/WorkersExternalSAML20/saml20/login

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

172.64.150.213 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://miloginworkerqa.michigan.gov/sps/WorkersExternalSAML20/saml20/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 01 Aug 2023 19:01:06 GMT
content-security-policy: default-src'self'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
content-encoding: gzip
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-xss-protection: 1
pragma: no-cache
session-timeout: 1800
server: cloudflare
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7aG1El%2BTo%2BXRCnZCxTkKV%2FscrVpsTf92x0xf%2Fg6%2FJSzArR%2BUKByL3VnsXUEu320SrPELCMcNGj7MFJvOiBEqdg8vZduMOcJ2ru6YhHLRcCIMRh%2BhRoyOQMF72KOM2NrrLo39JeSsnScfxM4zuKo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: no-store
cf-ray: 7f0053ece80dc431-EWR

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: miloginworkerqa.michigan.gov
URL: https://miloginworkerqa.michigan.gov/sps/static/styles.css

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
wrk-mctrack-uat.state.mi.us/	1969-12-31 23:59:59	Name: _opensaml_req_ss%3Amem%3A461ba1c5a3b40bc26a447aa539849a70c93ee7b656a165eae4354c04bd7ab757 Value: _dbfcbbc3e32674527fc22bcb5d64a099
miloginworkerqa.michigan.gov/	1969-12-31 23:59:59	Name: AMWEBJCT!%2Fsps!JSESSIONID Value: 0000wpEeNHwkZk4HdIBkmZ8XT_L:57ec9202-443d-4c9d-a04a-b84b944f45e3
miloginworkerqa.michigan.gov/	1969-12-31 23:59:59	Name: PD_STATEFUL_138f46b4-6525-11ea-8982-005056892783 Value: %2Fsps
miloginworkerqa.michigan.gov/	1969-12-31 23:59:59	Name: BIGipServer~DTMB_Center_for_Shared_Solutions~DTMB_27.142_443_Pool Value: !8T9w52HH49gLmd9b62MPGGZi15ChZO6gIbDRhMy7mGtfpVPWVHr/ncWMREQuS5XotNPbUGu7s7abGnw=
miloginworkerqa.michigan.gov/	1969-12-31 23:59:59	Name: IV_JCT Value: %2Fsps
miloginworkerqa.michigan.gov/	1969-12-31 23:59:59	Name: PD-S-SESSION-ID Value: 0_w2idMTJbrAvqx4lG/F4ABVbZj9qSGiXbOE0mmppHnWqIylk1biI=

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://miloginworkerqa.michigan.gov/sps/WorkersExternalSAML20/saml20/login Message: The Content-Security-Policy directive name 'default-src'self'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://miloginworkerqa.michigan.gov/sps/WorkersExternalSAML20/saml20/login Message: Refused to apply style from 'https://miloginworkerqa.michigan.gov/sps/static/styles.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

miloginworkerqa.michigan.gov
wrk-mctrack-uat.state.mi.us
miloginworkerqa.michigan.gov
172.64.150.213
172.64.151.104
9df4fc4528b6663e75abda1eb2771636925122f3b796490fcd75c995e290c396
d5ffc901eaa7b14d7cc716c203d86d7b393edb2cbda597df6c0e7b0f6ee63616
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

miloginworkerqa.michigan.gov Open in urlscan Pro 172.64.150.213 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

4 Requests

75 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

3 IPs

1 Countries

21 kBTransfer

22 kBSize

6 Cookies

0 Outgoing links

Page URL History

Redirected requests

4 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

6 Cookies

2 Console Messages

Indicators

miloginworkerqa.michigan.gov Open in urlscan Pro
172.64.150.213 Public Scan

Screenshot
Live screenshot

Full Image

4
Requests

75 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

21 kB
Transfer

22 kB
Size

6
Cookies

4 HTTP transactions
0 data transactions