urlscan.io logo urlscan.io
SecurityTrails logo

gdit2-rsso-demo.onbmc.com Open in urlscan Pro
216.52.6.123  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://gdit2-demo-smartit.onbmc.com/
Effective URL: https://gdit2-rsso-demo.onbmc.com/rsso/start
Submission: On December 01 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 16 HTTP transactions. The main IP is 216.52.6.123, located in United States and belongs to BMCSAAS-, US. The main domain is gdit2-rsso-demo.onbmc.com.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on March 10th 2023. Valid for: a year.
This is the only time gdit2-rsso-demo.onbmc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 44.208.94.102 14618 (AMAZON-AES)
15 216.52.6.123 394439 (BMCSAAS-)
16 2
Apex Domain
Subdomains		 Transfer
17 onbmc.com
gdit2-demo-smartit.onbmc.com
gdit2-rsso-demo.onbmc.com
366 KB
16 1
Domain Requested by
15 gdit2-rsso-demo.onbmc.com gdit2-rsso-demo.onbmc.com
2 gdit2-demo-smartit.onbmc.com 1 redirects
16 2

This site contains no links.

Subject Issuer Validity Valid
*.onbmc.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-10 -
2024-03-12		 a year crt.sh

This page contains 1 frames:

Primary Page: https://gdit2-rsso-demo.onbmc.com/rsso/start
Frame ID: BDBFA134996216D3BE62F7DB1A74CAC3
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

BMC Helix Single Sign-On

Page URL History Show full URLs

  1. https://gdit2-demo-smartit.onbmc.com/ HTTP 302
    https://gdit2-demo-smartit.onbmc.com/smartit/ Page URL
  2. https://gdit2-rsso-demo.onbmc.com/rsso/start Page URL
  3. https://gdit2-rsso-demo.onbmc.com/rsso/start Page URL

Page Statistics

16
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

2
IPs

1
Countries

366 kB
Transfer

433 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://gdit2-demo-smartit.onbmc.com/ HTTP 302
    https://gdit2-demo-smartit.onbmc.com/smartit/ Page URL
  2. https://gdit2-rsso-demo.onbmc.com/rsso/start Page URL
  3. https://gdit2-rsso-demo.onbmc.com/rsso/start Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://gdit2-demo-smartit.onbmc.com/ HTTP 302
  • https://gdit2-demo-smartit.onbmc.com/smartit/

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
gdit2-demo-smartit.onbmc.com/smartit/
Redirect Chain
  • https://gdit2-demo-smartit.onbmc.com/
  • https://gdit2-demo-smartit.onbmc.com/smartit/
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gdit2-demo-smartit.onbmc.com/smartit/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
44.208.94.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-208-94-102.compute-1.amazonaws.com
Software
nginx /
Resource Hash
18310a4500e753760cee41e1a482c79123cdb7fb1cbd9a93f5a02504cc219ecc
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval' 'unsafe-inline' http://cdn.ckeditor.com http://loader.webspellchecker.net http://s1.webspellchecker.net https://www.webspellchecker.net maps.google.com maps.googleapis.com whatfix.com cdn.whatfix.com;object-src 'self';connect-src 'self'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
1384
content-security-policy
script-src 'self' 'unsafe-eval' 'unsafe-inline' http://cdn.ckeditor.com http://loader.webspellchecker.net http://s1.webspellchecker.net https://www.webspellchecker.net maps.google.com maps.googleapis.com whatfix.com cdn.whatfix.com;object-src 'self';connect-src 'self'
content-type
text/html;charset=UTF-8
date
Fri, 01 Dec 2023 14:57:13 GMT
referrer-policy
origin
server
nginx
x-content-type-options
nosniff
x-frame-options
DENY
x-request-id
9b844eba42889d628ce78ffea9ab4358
x-xss-protection
1; mode=block

Redirect headers

content-length
0
content-type
text/html;charset=ISO-8859-1
date
Fri, 01 Dec 2023 14:57:13 GMT
location
/smartit/
server
nginx
x-request-id
680b39d92f5cb4652e0815a1622689c2
start
gdit2-rsso-demo.onbmc.com/rsso/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gdit2-rsso-demo.onbmc.com/rsso/start
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.52.6.123 , United States, ASN394439 (BMCSAAS-, US),
Reverse DNS
Software
/
Resource Hash
43f469fcb5cdafe7112d3df84a3ffc7f1dcd12f4a13615cd8c68f40461fa6307
Security Headers
Name Value
Content-Security-Policy script-src 'self' https://www.google.com https://www.gstatic.com https://cdn.whatfix.com https://whatfix.com 'nonce-NFeIhHJZmQAmYCvtBDSne3lWAe+BVtuRwQg3CnQEdN5XaggVVG6/NZ0X79/AiaUyWFEvrzFnNasP8nrsB8AMwr3B+vzytp3TusceoIt3fT4gyUUPv1bdLe8GDFXc6Jvzwij4XX5YLBt9bhfe52gQPK2cvAHdVuNJijXT9ywZjLE='; object-src 'none'; frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://gdit2-demo-smartit.onbmc.com
Referer
https://gdit2-demo-smartit.onbmc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-store
Connection
keep-alive
Content-Encoding
gzip
Content-Security-Policy
script-src 'self' https://www.google.com https://www.gstatic.com https://cdn.whatfix.com https://whatfix.com 'nonce-NFeIhHJZmQAmYCvtBDSne3lWAe+BVtuRwQg3CnQEdN5XaggVVG6/NZ0X79/AiaUyWFEvrzFnNasP8nrsB8AMwr3B+vzytp3TusceoIt3fT4gyUUPv1bdLe8GDFXc6Jvzwij4XX5YLBt9bhfe52gQPK2cvAHdVuNJijXT9ywZjLE='; object-src 'none'; frame-ancestors 'self'
Content-Type
text/html;charset=UTF-8
Date
Fri, 01 Dec 2023 14:57:14 GMT
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Primary Request start
gdit2-rsso-demo.onbmc.com/rsso/ 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gdit2-rsso-demo.onbmc.com/rsso/start
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.52.6.123 , United States, ASN394439 (BMCSAAS-, US),
Reverse DNS
Software
/
Resource Hash
96e74a5080ad60afe8ee54048c216d95598fc67b9f93ede39a30243a1c7272a4
Security Headers
Name Value
Content-Security-Policy script-src 'self' https://www.google.com https://www.gstatic.com https://cdn.whatfix.com https://whatfix.com 'nonce-XRe5FS+TQZLViaeUitVRfnsuv6K+8OwXdRiXeQryTaHI0vf9D5iJgCwb+5Xh16y9w+ZZzFSU1XUNjITRSAVJVqvBCf2/BevyQkcli4f+xb+NecGh7Nkbp7CwUaJ90KK6u07PIp6xx+jmjjxmlqVmM4wlm0vdFRSrFycfNpRhPN0='; object-src 'none'; frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://gdit2-rsso-demo.onbmc.com
Referer
https://gdit2-rsso-demo.onbmc.com/rsso/start
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-store
Connection
keep-alive
Content-Encoding
gzip
Content-Security-Policy
script-src 'self' https://www.google.com https://www.gstatic.com https://cdn.whatfix.com https://whatfix.com 'nonce-XRe5FS+TQZLViaeUitVRfnsuv6K+8OwXdRiXeQryTaHI0vf9D5iJgCwb+5Xh16y9w+ZZzFSU1XUNjITRSAVJVqvBCf2/BevyQkcli4f+xb+NecGh7Nkbp7CwUaJ90KK6u07PIp6xx+jmjjxmlqVmM4wlm0vdFRSrFycfNpRhPN0='; object-src 'none'; frame-ancestors 'self'
Content-Type
text/html;charset=UTF-8
Date
Fri, 01 Dec 2023 14:57:14 GMT
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
vary
accept-encoding
rsso-login.css
gdit2-rsso-demo.onbmc.com/rsso/css/ 		64 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gdit2-rsso-demo.onbmc.com/rsso/css/rsso-login.css?v=20220427142057
Requested by
Host: gdit2-rsso-demo.onbmc.com
URL: https://gdit2-rsso-demo.onbmc.com/rsso/start
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.52.6.123 , United States, ASN394439 (BMCSAAS-, US),
Reverse DNS
Software
/
Resource Hash
5dc6ebbe6490d424ac67e05a50660f951c41fc7f618eb1f47e7b8a38ed5a9d77
Security Headers
Name Value
Content-Security-Policy script-src 'self' https://www.google.com https://www.gstatic.com https://cdn.whatfix.com https://whatfix.com; object-src 'none'; frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gdit2-rsso-demo.onbmc.com/rsso/start
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 14:57:14 GMT
Content-Security-Policy
script-src 'self' https://www.google.com https://www.gstatic.com https://cdn.whatfix.com https://whatfix.com; object-src 'none'; frame-ancestors 'self'
X-Content-Type-Options
nosniff
Last-Modified
Wed, 22 Sep 2021 00:25:22 GMT
Content-Encoding
gzip
ETag
W/"66046-1632270322000"
Transfer-Encoding
chunked
vary
accept-encoding
Content-Type
text/css
Cache-Control
public,max-age=7776000
Connection
keep-alive
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
Expires
Thu, 29 Feb 2024 14:57:14 GMT
change-password.css
gdit2-rsso-demo.onbmc.com/rsso/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gdit2-rsso-demo.onbmc.com/rsso/css/change-password.css?v=20220427142057
Requested by
Host: gdit2-rsso-demo.onbmc.com
URL: https://gdit2-rsso-demo.onbmc.com/rsso/start
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.52.6.123 , United States, ASN394439 (BMCSAAS-, US),
Reverse DNS
Software
/
Resource Hash
b533eea7940d26e62dcfe9e1814533bd5b9387e90e7c1c766ac785da3ba94b24
Security Headers
Name Value
Content-Security-Policy script-src 'self' https://www.google.com https://www.gstatic.com https://cdn.whatfix.com https://whatfix.com; object-src 'none'; frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gdit2-rsso-demo.onbmc.com/rsso/start
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 14:57:14 GMT
Content-Security-Policy
script-src 'self' https://www.google.com https://www.gstatic.com https://cdn.whatfix.com https://whatfix.com; object-src 'none'; frame-ancestors 'self'
X-Content-Type-Options
nosniff
Last-Modified
Wed, 22 Sep 2021 00:25:22 GMT
Content-Encoding
gzip
ETag
W/"1635-1632270322000"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public,max-age=7776000
Connection
keep-alive
X-XSS-Protection
1; mode=block
Expires
Thu, 29 Feb 2024 14:57:14 GMT
promise.js
gdit2-rsso-demo.onbmc.com/rsso/js/polyfill/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gdit2-rsso-demo.onbmc.com/rsso/js/polyfill/promise.js?v=20220427142057
Requested by
Host: gdit2-rsso-demo.onbmc.com
URL: https://gdit2-rsso-demo.onbmc.com/rsso/start
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.52.6.123 , United States, ASN394439 (BMCSAAS-, US),
Reverse DNS
Software
/
Resource Hash
cc1a1c6f0308da059c0a0c6f0f1ff4a262e6cec5a11b2beb0216dc4a22ea402b
Security Headers
Name Value
Content-Security-Policy script-src 'self' https://www.google.com https://www.gstatic.com https://cdn.whatfix.com https://whatfix.com; object-src 'none'; frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gdit2-rsso-demo.onbmc.com/rsso/start
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 14:57:14 GMT
Content-Security-Policy
script-src 'self' https://www.google.com https://www.gstatic.com https://cdn.whatfix.com https://whatfix.com; object-src 'none'; frame-ancestors 'self'
X-Content-Type-Options
nosniff
Last-Modified
Wed, 22 Sep 2021 00:25:22 GMT
Content-Encoding
gzip
ETag
W/"2879-1632270322000"
Transfer-Encoding
chunked
vary
accept-encoding
Content-Type
application/javascript
Cache-Control
public,max-age=7776000
Connection
keep-alive
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
Expires
Thu, 29 Feb 2024 14:57:14 GMT
unfetch.js
gdit2-rsso-demo.onbmc.com/rsso/js/polyfill/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gdit2-rsso-demo.onbmc.com/rsso/js/polyfill/unfetch.js?v=20220427142057
Requested by
Host: gdit2-rsso-demo.onbmc.com
URL: https://gdit2-rsso-demo.onbmc.com/rsso/start
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.52.6.123 , United States, ASN394439 (BMCSAAS-, US),
Reverse DNS
Software
/
Resource Hash
1973a04da446bf6e14e71b6c6599e7802fd1619355b55a44aa226aac7b286f39
Security Headers
Name Value
Content-Security-Policy script-src 'self' https://www.google.com https://www.gstatic.com https://cdn.whatfix.com https://whatfix.com; object-src 'none'; frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gdit2-rsso-demo.onbmc.com/rsso/start
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 14:57:14 GMT
Content-Security-Policy
script-src 'self' https://www.google.com https://www.gstatic.com https://cdn.whatfix.com https://whatfix.com; object-src 'none'; frame-ancestors 'self'
X-Content-Type-Options
nosniff
Last-Modified
Wed, 22 Sep 2021 00:25:22 GMT
Content-Encoding
gzip
ETag
W/"1136-1632270322000"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public,max-age=7776000
Connection
keep-alive
X-XSS-Protection
1; mode=block
Expires
Thu, 29 Feb 2024 14:57:14 GMT
serialize.js
gdit2-rsso-demo.onbmc.com/rsso/js/app/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gdit2-rsso-demo.onbmc.com/rsso/js/app/serialize.js?v=20220427142057
Requested by
Host: gdit2-rsso-demo.onbmc.com
URL: https://gdit2-rsso-demo.onbmc.com/rsso/start
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.52.6.123 , United States, ASN394439 (BMCSAAS-, US),
Reverse DNS
Software
/
Resource Hash
56c6251626b515b6e27a9f058cdfcc522934f311de53f71f39a089496a02208b
Security Headers
Name Value
Content-Security-Policy script-src 'self' https://www.google.com https://www.gstatic.com https://cdn.whatfix.com https://whatfix.com; object-src 'none'; frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gdit2-rsso-demo.onbmc.com/rsso/start
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 14:57:14 GMT
Content-Security-Policy
script-src 'self' https://www.google.com https://www.gstatic.com https://cdn.whatfix.com https://whatfix.com; object-src 'none'; frame-ancestors 'self'
X-Content-Type-Options
nosniff
Last-Modified
Wed, 22 Sep 2021 00:25:22 GMT
Content-Encoding
gzip
ETag
W/"1207-1632270322000"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public,max-age=7776000
Connection
keep-alive
X-XSS-Protection
1; mode=block
Expires
Thu, 29 Feb 2024 14:57:14 GMT
app.js
gdit2-rsso-demo.onbmc.com/rsso/js/app/ 		550 B
1022 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gdit2-rsso-demo.onbmc.com/rsso/js/app/app.js?v=20220427142057
Requested by
Host: gdit2-rsso-demo.onbmc.com
URL: https://gdit2-rsso-demo.onbmc.com/rsso/start
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.52.6.123 , United States, ASN394439 (BMCSAAS-, US),
Reverse DNS
Software
/
Resource Hash
2a2a5bbd0cdedd106b4b049bf1f98362a24e86e4eff69ee3de2ab12c9d409a89
Security Headers
Name Value
Content-Security-Policy script-src 'self' https://www.google.com https://www.gstatic.com https://cdn.whatfix.com https://whatfix.com; object-src 'none'; frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gdit2-rsso-demo.onbmc.com/rsso/start
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 14:57:14 GMT
Content-Security-Policy
script-src 'self' https://www.google.com https://www.gstatic.com https://cdn.whatfix.com https://whatfix.com; object-src 'none'; frame-ancestors 'self'
X-Content-Type-Options
nosniff
Last-Modified
Wed, 22 Sep 2021 00:25:22 GMT
Content-Encoding
gzip
ETag
W/"550-1632270322000"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public,max-age=7776000
Connection
keep-alive
X-XSS-Protection
1; mode=block
Expires
Thu, 29 Feb 2024 14:57:14 GMT
change-password.js
gdit2-rsso-demo.onbmc.com/rsso/js/app/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gdit2-rsso-demo.onbmc.com/rsso/js/app/change-password.js?v=20220427142057
Requested by
Host: gdit2-rsso-demo.onbmc.com
URL: https://gdit2-rsso-demo.onbmc.com/rsso/start
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.52.6.123 , United States, ASN394439 (BMCSAAS-, US),
Reverse DNS
Software
/
Resource Hash
e5aae0bae993a8cf9725ffa20eb4cd1c14074550c9eae04921f4b2844d627816
Security Headers
Name Value
Content-Security-Policy script-src 'self' https://www.google.com https://www.gstatic.com https://cdn.whatfix.com https://whatfix.com; object-src 'none'; frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gdit2-rsso-demo.onbmc.com/rsso/start
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 14:57:14 GMT
Content-Security-Policy
script-src 'self' https://www.google.com https://www.gstatic.com https://cdn.whatfix.com https://whatfix.com; object-src 'none'; frame-ancestors 'self'
X-Content-Type-Options
nosniff
Last-Modified
Wed, 22 Sep 2021 00:25:22 GMT
Content-Encoding
gzip
ETag
W/"13700-1632270322000"
Transfer-Encoding
chunked
vary
accept-encoding
Content-Type
application/javascript
Cache-Control
public,max-age=7776000
Connection
keep-alive
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
Expires
Thu, 29 Feb 2024 14:57:14 GMT
bmc_logo_header.svg
gdit2-rsso-demo.onbmc.com/rsso/img/bmc/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gdit2-rsso-demo.onbmc.com/rsso/img/bmc/bmc_logo_header.svg
Requested by
Host: gdit2-rsso-demo.onbmc.com
URL: https://gdit2-rsso-demo.onbmc.com/rsso/css/rsso-login.css?v=20220427142057
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.52.6.123 , United States, ASN394439 (BMCSAAS-, US),
Reverse DNS
Software
/
Resource Hash
0b8cba77adb5ec7e838ec831fd69dcc308e7739a12a287b248b78ca0226415e5
Security Headers
Name Value
Content-Security-Policy script-src 'self' https://www.google.com https://www.gstatic.com https://cdn.whatfix.com https://whatfix.com; object-src 'none'; frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gdit2-rsso-demo.onbmc.com/rsso/css/rsso-login.css?v=20220427142057
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 14:57:14 GMT
Content-Security-Policy
script-src 'self' https://www.google.com https://www.gstatic.com https://cdn.whatfix.com https://whatfix.com; object-src 'none'; frame-ancestors 'self'
X-Content-Type-Options
nosniff
Last-Modified
Wed, 22 Sep 2021 00:25:22 GMT
Content-Encoding
gzip
ETag
W/"2855-1632270322000"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
public,max-age=7776000
Connection
keep-alive
X-XSS-Protection
1; mode=block
Expires
Thu, 29 Feb 2024 14:57:14 GMT
HelveticaNeueLTW1G-Roman.woff
gdit2-rsso-demo.onbmc.com/rsso/fonts/Helvetica/ 		62 KB
63 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gdit2-rsso-demo.onbmc.com/rsso/fonts/Helvetica/HelveticaNeueLTW1G-Roman.woff
Requested by
Host: gdit2-rsso-demo.onbmc.com
URL: https://gdit2-rsso-demo.onbmc.com/rsso/css/rsso-login.css?v=20220427142057
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.52.6.123 , United States, ASN394439 (BMCSAAS-, US),
Reverse DNS
Software
/
Resource Hash
a323ddc6daaebb5cdd54e7b6aa79ae465557d4d4f9619bf442a73b4e338112c4
Security Headers
Name Value
Content-Security-Policy script-src 'self' https://www.google.com https://www.gstatic.com https://cdn.whatfix.com https://whatfix.com; object-src 'none'; frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gdit2-rsso-demo.onbmc.com/rsso/css/rsso-login.css?v=20220427142057
Origin
https://gdit2-rsso-demo.onbmc.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 14:57:14 GMT
Content-Security-Policy
script-src 'self' https://www.google.com https://www.gstatic.com https://cdn.whatfix.com https://whatfix.com; object-src 'none'; frame-ancestors 'self'
X-Content-Type-Options
nosniff
Last-Modified
Wed, 22 Sep 2021 00:25:22 GMT
ETag
W/"63723-1632270322000"
Content-Type
font/woff
Cache-Control
public,max-age=7776000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
63723
X-XSS-Protection
1; mode=block
Expires
Thu, 29 Feb 2024 14:57:14 GMT
footer-logo.svg
gdit2-rsso-demo.onbmc.com/rsso/img/login/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gdit2-rsso-demo.onbmc.com/rsso/img/login/footer-logo.svg
Requested by
Host: gdit2-rsso-demo.onbmc.com
URL: https://gdit2-rsso-demo.onbmc.com/rsso/css/rsso-login.css?v=20220427142057
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.52.6.123 , United States, ASN394439 (BMCSAAS-, US),
Reverse DNS
Software
/
Resource Hash
73c1235900a1f7d6e0e2f13d71ead74184fee53de0fd5a5585d7c24be35fc861
Security Headers
Name Value
Content-Security-Policy script-src 'self' https://www.google.com https://www.gstatic.com https://cdn.whatfix.com https://whatfix.com; object-src 'none'; frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gdit2-rsso-demo.onbmc.com/rsso/css/rsso-login.css?v=20220427142057
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 14:57:14 GMT
Content-Security-Policy
script-src 'self' https://www.google.com https://www.gstatic.com https://cdn.whatfix.com https://whatfix.com; object-src 'none'; frame-ancestors 'self'
X-Content-Type-Options
nosniff
Last-Modified
Wed, 22 Sep 2021 00:25:22 GMT
Content-Encoding
gzip
ETag
W/"2846-1632270322000"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
public,max-age=7776000
Connection
keep-alive
X-XSS-Protection
1; mode=block
Expires
Thu, 29 Feb 2024 14:57:14 GMT
HelveticaNeueLTW1G-Lt.woff
gdit2-rsso-demo.onbmc.com/rsso/fonts/Helvetica/ 		60 KB
61 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gdit2-rsso-demo.onbmc.com/rsso/fonts/Helvetica/HelveticaNeueLTW1G-Lt.woff
Requested by
Host: gdit2-rsso-demo.onbmc.com
URL: https://gdit2-rsso-demo.onbmc.com/rsso/css/rsso-login.css?v=20220427142057
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.52.6.123 , United States, ASN394439 (BMCSAAS-, US),
Reverse DNS
Software
/
Resource Hash
a441375f5abb54cf13950b29794ff3ae08e9357d86be0c8c937af865373cfe0b
Security Headers
Name Value
Content-Security-Policy script-src 'self' https://www.google.com https://www.gstatic.com https://cdn.whatfix.com https://whatfix.com; object-src 'none'; frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gdit2-rsso-demo.onbmc.com/rsso/css/rsso-login.css?v=20220427142057
Origin
https://gdit2-rsso-demo.onbmc.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 14:57:14 GMT
Content-Security-Policy
script-src 'self' https://www.google.com https://www.gstatic.com https://cdn.whatfix.com https://whatfix.com; object-src 'none'; frame-ancestors 'self'
X-Content-Type-Options
nosniff
Last-Modified
Wed, 22 Sep 2021 00:25:22 GMT
ETag
W/"61740-1632270322000"
Content-Type
font/woff
Cache-Control
public,max-age=7776000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
61740
X-XSS-Protection
1; mode=block
Expires
Thu, 29 Feb 2024 14:57:14 GMT
DPL_Iconfont_v.0.0.2.woff
gdit2-rsso-demo.onbmc.com/rsso/fonts/ 		42 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gdit2-rsso-demo.onbmc.com/rsso/fonts/DPL_Iconfont_v.0.0.2.woff
Requested by
Host: gdit2-rsso-demo.onbmc.com
URL: https://gdit2-rsso-demo.onbmc.com/rsso/css/rsso-login.css?v=20220427142057
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.52.6.123 , United States, ASN394439 (BMCSAAS-, US),
Reverse DNS
Software
/
Resource Hash
94bf00933675f7019193999eca35ce0a216d27e0b196f3ef27ea8c32a7cee173
Security Headers
Name Value
Content-Security-Policy script-src 'self' https://www.google.com https://www.gstatic.com https://cdn.whatfix.com https://whatfix.com; object-src 'none'; frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gdit2-rsso-demo.onbmc.com/rsso/css/rsso-login.css?v=20220427142057
Origin
https://gdit2-rsso-demo.onbmc.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 14:57:14 GMT
Content-Security-Policy
script-src 'self' https://www.google.com https://www.gstatic.com https://cdn.whatfix.com https://whatfix.com; object-src 'none'; frame-ancestors 'self'
X-Content-Type-Options
nosniff
Last-Modified
Wed, 22 Sep 2021 00:25:22 GMT
ETag
W/"42768-1632270322000"
Content-Type
font/woff
Cache-Control
public,max-age=7776000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
42768
X-XSS-Protection
1; mode=block
Expires
Thu, 29 Feb 2024 14:57:14 GMT
login-cover-5.jpg
gdit2-rsso-demo.onbmc.com/rsso/img/login/backgrounds/ 		167 KB
167 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gdit2-rsso-demo.onbmc.com/rsso/img/login/backgrounds/login-cover-5.jpg
Requested by
Host: gdit2-rsso-demo.onbmc.com
URL: https://gdit2-rsso-demo.onbmc.com/rsso/start
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.52.6.123 , United States, ASN394439 (BMCSAAS-, US),
Reverse DNS
Software
/
Resource Hash
1be275f139d20859ff7e6837c797ca8dfbcd476b504b2d60bf68b35f06aebaf7
Security Headers
Name Value
Content-Security-Policy script-src 'self' https://www.google.com https://www.gstatic.com https://cdn.whatfix.com https://whatfix.com; object-src 'none'; frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gdit2-rsso-demo.onbmc.com/rsso/start
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 14:57:14 GMT
Content-Security-Policy
script-src 'self' https://www.google.com https://www.gstatic.com https://cdn.whatfix.com https://whatfix.com; object-src 'none'; frame-ancestors 'self'
X-Content-Type-Options
nosniff
Last-Modified
Wed, 22 Sep 2021 00:25:22 GMT
ETag
W/"170688-1632270322000"
Content-Type
image/jpeg
Cache-Control
public,max-age=7776000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
170688
X-XSS-Protection
1; mode=block
Expires
Thu, 29 Feb 2024 14:57:14 GMT

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| onClick function| unfetch function| serialize function| backgroundChange object| pathNameArray boolean| redirectedFromUrl string| rssoBaseUrl string| changePasswordRESTEndpoint string| forgotPasswordRESTEndpoint string| passwordChangeErrorText object| loginForm object| usernameField object| passwordField object| confirmPasswordField object| newPassField object| loginButton object| changePasswordAndLoginButton object| forgotPasswordConfirmButton object| changePwdBackButton object| changePasswordButton object| showChangePwdFormButton object| showForgotPwdFormButton object| serverErrorMessageContainer object| serverSuccessMessageContainer object| extendedBrandingContainer object| loginUsernameInput object| loginPasswordInput object| changePasswordInput object| changePasswordShowButton boolean| changePasswordFormActive boolean| forgotPasswordFormActive function| doLogin function| showServerErrorInForm function| getAppPath function| buildMessage function| showServerErrorMessage function| showServerSuccessMessage function| showServerMessage function| emptyDomNode function| requirePasswordChange function| changePassword function| showChangePasswordForm function| showForgotPasswordForm function| cancel function| checkStatus function| parseResponse function| doRegister function| requestForgotPassword function| doResetPassword

5 Cookies

Domain/Path Name / Value
gdit2-demo-smartit.onbmc.com/smartit Name: JSESSIONID
Value: 02F56E262E500B0858A4EBE8E0ABA557
gdit2-rsso-demo.onbmc.com/rsso Name: route
Value: 1701442635.445.102832.658711
gdit2-demo-smartit.onbmc.com/ Name: route
Value: 1701442634.701.49266.236078
gdit2-demo-smartit.onbmc.com/ Name: onbmc_pool
Value: !YKiIuEQCmNKq4Usyj6MhDh3vM3mAVeMd8Zm2QZlxzQOYKebZPgJcD9UgLj61nIsPvYmwScfcega9DXo=
gdit2-rsso-demo.onbmc.com/ Name: onbmc_pool
Value: !47r64H6aMErRpfQyj6MhDh3vM3mAVXKHZx7Cgj/+ZqbKaA8w03bSmSFN8tml5g3cuED6gyR/AnLyhg==

1 Console Messages

Source Level URL
Text
network error URL: https://gdit2-demo-smartit.onbmc.com/smartit/
Message:
Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy script-src 'self' 'unsafe-eval' 'unsafe-inline' http://cdn.ckeditor.com http://loader.webspellchecker.net http://s1.webspellchecker.net https://www.webspellchecker.net maps.google.com maps.googleapis.com whatfix.com cdn.whatfix.com;object-src 'self';connect-src 'self'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block