urlscan.io logo urlscan.io
SecurityTrails logo

goaaa.onelogin.com Open in urlscan Pro
18.216.23.71  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://aaancnu.my.salesforce.com/?c=XWCIJnI8RmfCqzHOAuSuKP6lCN4qUK3jZQGHyLwm9ADLPRd1gQg7sMWXe6MG5CiW7E8y1kZdwkSHu3HMylxl0ri4DMnqp...
Effective URL: https://goaaa.onelogin.com/login2/?return=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1cmkiOiJodHRwczovL2dvYWFhLm9uZWxvZ2luLmNv...
Submission: On September 01 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 1 countries across 2 domains to perform 14 HTTP transactions. The main IP is 18.216.23.71, located in Columbus, United States and belongs to AMAZON-02, US. The main domain is goaaa.onelogin.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on March 22nd 2022. Valid for: a year.
This is the only time goaaa.onelogin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 13.109.184.237 14340 (SALESFORCE)
2 8 18.216.23.71 16509 (AMAZON-02)
2 52.222.236.95 16509 (AMAZON-02)
4 2600:9000:225... 16509 (AMAZON-02)
14 5
Apex Domain
Subdomains		 Transfer
14 onelogin.com
goaaa.onelogin.com
cdn.onelogin.com — Cisco Umbrella Rank: 28865
web-login-v2-cdn.onelogin.com — Cisco Umbrella Rank: 27207
1 MB
2 salesforce.com
aaancnu.my.salesforce.com
5 KB
14 2
Domain Requested by
8 goaaa.onelogin.com 2 redirects cdn.onelogin.com
web-login-v2-cdn.onelogin.com
4 web-login-v2-cdn.onelogin.com goaaa.onelogin.com
2 cdn.onelogin.com goaaa.onelogin.com
2 aaancnu.my.salesforce.com 1 redirects
14 4

This site contains links to these domains. Also see Links.

Domain
www.onelogin.com
Subject Issuer Validity Valid
*.my.salesforce.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-19 -
2023-05-17		 a year crt.sh
*.onelogin.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-22 -
2023-04-22		 a year crt.sh
cdn.onelogin.com
Amazon		 2022-04-18 -
2023-05-16		 a year crt.sh

This page contains 1 frames:

Primary Page: https://goaaa.onelogin.com/login2/?return=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1cmkiOiJodHRwczovL2dvYWFhLm9uZWxvZ2luLmNvbS90cnVzdC9zYW1sMi9odHRwLXBvc3Qvc3NvLzg1MjA1MD9zYW1sX3JlcXVlc3RfcGFyYW1zX3Rva2VuPWY5N2ZiNjgwNDIuNTBkMDJiYTE4N2E1NGYxNjcwMzQ3N2NkNDYxZTJhZGZiMGZjZTI4NS5mMFhwel9hR3FmQXlKZnozNHNCaW5oa0swR01mbC1oRHpHSS1nT0Y5VU0wJTNEIiwiYXBwX2lkIjoiODUyMDUwIiwiYXVkIjoiQUNDRVNTIiwiZmZfbXVsdGlwbGVfYnJhbmRzIjpmYWxzZSwibm90aWZpY2F0aW9uIjp7Imljb24iOiJjb25uZWN0aW9uIiwibWVzc2FnZSI6IkNvbm5lY3RpbmcgdG8gQXBwbGljYXRpb24iLCJ2YWx1ZXMiOlsiQXBwbGljYXRpb24iXSwidHlwZSI6ImluZm8iLCJ0ZW1wbGF0ZV9pZCI6ImNvbm5lY3RpbmdfdG9fYXBwIn0sImV4cCI6MTY2MjA0NjA5NSwiaXNzIjoiTU9OT1JBSUwiLCJwYXJhbXMiOnt9LCJicmFuZF9pZCI6Im1hc3RlciIsIm1ldGhvZCI6ImdldCJ9.TkmNJWkIZEPQmNwWrqY_WvKmR-aTY_WbJO8nlLTdlMA
Frame ID: 57F67EE4C6EC6D0E445B96AB424BFF36
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

OneLogin

Page URL History Show full URLs

  1. https://aaancnu.my.salesforce.com/?c=XWCIJnI8RmfCqzHOAuSuKP6lCN4qUK3jZQGHyLwm9ADLPRd1gQg7sMWXe6MG5CiW7E8y1kZdw... HTTP 302
    https://aaancnu.my.salesforce.com/saml/authn-request.jsp?saml_request_id=_2CAAAAYOJ2hCZMDAwMDAwMDAwMDAwMDAwAAA... Page URL
  2. https://goaaa.onelogin.com/trust/saml2/http-post/sso/852050 Page URL
  3. https://goaaa.onelogin.com/trust/saml2/http-post/sso/852050 HTTP 302
    https://goaaa.onelogin.com/login HTTP 302
    https://goaaa.onelogin.com/login2/?return=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1cmkiOiJodHRwczovL2dv... Page URL

Page Statistics

14
Requests

93 %
HTTPS

25 %
IPv6

2
Domains

4
Subdomains

5
IPs

1
Countries

1081 kB
Transfer

3025 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://aaancnu.my.salesforce.com/?c=XWCIJnI8RmfCqzHOAuSuKP6lCN4qUK3jZQGHyLwm9ADLPRd1gQg7sMWXe6MG5CiW7E8y1kZdwkSHu3HMylxl0ri4DMnqpRnCz6XHnMtlaivrqKIGPqWvE.ZE8K_VlqPp6NK5vKY24n8bkGFhVVNuEgDs5.zaKg%3D%3D HTTP 302
    https://aaancnu.my.salesforce.com/saml/authn-request.jsp?saml_request_id=_2CAAAAYOJ2hCZMDAwMDAwMDAwMDAwMDAwAAAA7v_LDk6IwgtpYcdZdNCDFUEgvBOeBAmQ1CFIOkT3HyHvBSuNry-Hy4Hcoxc58F18PSO4NhzvAmv89PpgIAZZa7fEb58huNs4RUOv6lPOamsBjpSNljafKsoiFlyoIdM721HU676k-o9-MSOtJUQWe9C6W4uJVOozGKDLWzTofDJQ06_gl6Nvt2P0oyXDswt62qLGHe-XB7VhKXjb6mqqFmT5xl041hbVNjUFKNCKz8rqgmD9vg-eX4pDWI1UvSfSWQ&saml_acs=https%3A%2F%2Faaancnu.my.salesforce.com%3Fso%3D00D46000000znwz&saml_binding_type=HttpPost&Issuer=https%3A%2F%2Fsaml.salesforce.com&samlSsoConfig=0LE46000000LEKe&RelayState=%2F Page URL
  2. https://goaaa.onelogin.com/trust/saml2/http-post/sso/852050 Page URL
  3. https://goaaa.onelogin.com/trust/saml2/http-post/sso/852050 HTTP 302
    https://goaaa.onelogin.com/login HTTP 302
    https://goaaa.onelogin.com/login2/?return=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1cmkiOiJodHRwczovL2dvYWFhLm9uZWxvZ2luLmNvbS90cnVzdC9zYW1sMi9odHRwLXBvc3Qvc3NvLzg1MjA1MD9zYW1sX3JlcXVlc3RfcGFyYW1zX3Rva2VuPWY5N2ZiNjgwNDIuNTBkMDJiYTE4N2E1NGYxNjcwMzQ3N2NkNDYxZTJhZGZiMGZjZTI4NS5mMFhwel9hR3FmQXlKZnozNHNCaW5oa0swR01mbC1oRHpHSS1nT0Y5VU0wJTNEIiwiYXBwX2lkIjoiODUyMDUwIiwiYXVkIjoiQUNDRVNTIiwiZmZfbXVsdGlwbGVfYnJhbmRzIjpmYWxzZSwibm90aWZpY2F0aW9uIjp7Imljb24iOiJjb25uZWN0aW9uIiwibWVzc2FnZSI6IkNvbm5lY3RpbmcgdG8gQXBwbGljYXRpb24iLCJ2YWx1ZXMiOlsiQXBwbGljYXRpb24iXSwidHlwZSI6ImluZm8iLCJ0ZW1wbGF0ZV9pZCI6ImNvbm5lY3RpbmdfdG9fYXBwIn0sImV4cCI6MTY2MjA0NjA5NSwiaXNzIjoiTU9OT1JBSUwiLCJwYXJhbXMiOnt9LCJicmFuZF9pZCI6Im1hc3RlciIsIm1ldGhvZCI6ImdldCJ9.TkmNJWkIZEPQmNwWrqY_WvKmR-aTY_WbJO8nlLTdlMA Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://aaancnu.my.salesforce.com/?c=XWCIJnI8RmfCqzHOAuSuKP6lCN4qUK3jZQGHyLwm9ADLPRd1gQg7sMWXe6MG5CiW7E8y1kZdwkSHu3HMylxl0ri4DMnqpRnCz6XHnMtlaivrqKIGPqWvE.ZE8K_VlqPp6NK5vKY24n8bkGFhVVNuEgDs5.zaKg%3D%3D HTTP 302
  • https://aaancnu.my.salesforce.com/saml/authn-request.jsp?saml_request_id=_2CAAAAYOJ2hCZMDAwMDAwMDAwMDAwMDAwAAAA7v_LDk6IwgtpYcdZdNCDFUEgvBOeBAmQ1CFIOkT3HyHvBSuNry-Hy4Hcoxc58F18PSO4NhzvAmv89PpgIAZZa7fEb58huNs4RUOv6lPOamsBjpSNljafKsoiFlyoIdM721HU676k-o9-MSOtJUQWe9C6W4uJVOozGKDLWzTofDJQ06_gl6Nvt2P0oyXDswt62qLGHe-XB7VhKXjb6mqqFmT5xl041hbVNjUFKNCKz8rqgmD9vg-eX4pDWI1UvSfSWQ&saml_acs=https%3A%2F%2Faaancnu.my.salesforce.com%3Fso%3D00D46000000znwz&saml_binding_type=HttpPost&Issuer=https%3A%2F%2Fsaml.salesforce.com&samlSsoConfig=0LE46000000LEKe&RelayState=%2F

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
authn-request.jsp
aaancnu.my.salesforce.com/saml/
Redirect Chain
  • https://aaancnu.my.salesforce.com/?c=XWCIJnI8RmfCqzHOAuSuKP6lCN4qUK3jZQGHyLwm9ADLPRd1gQg7sMWXe6MG5CiW7E8y1kZdwkSHu3HMylxl0ri4DMnqpRnCz6XHnMtlaivrqKIGPqWvE.ZE8K_VlqPp6NK5vKY24n8bkGFhVVNuEgDs5.zaKg%3...
  • https://aaancnu.my.salesforce.com/saml/authn-request.jsp?saml_request_id=_2CAAAAYOJ2hCZMDAwMDAwMDAwMDAwMDAwAAAA7v_LDk6IwgtpYcdZdNCDFUEgvBOeBAmQ1CFIOkT3HyHvBSuNry-Hy4Hcoxc58F18PSO4NhzvAmv89PpgIAZZa7...
6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aaancnu.my.salesforce.com/saml/authn-request.jsp?saml_request_id=_2CAAAAYOJ2hCZMDAwMDAwMDAwMDAwMDAwAAAA7v_LDk6IwgtpYcdZdNCDFUEgvBOeBAmQ1CFIOkT3HyHvBSuNry-Hy4Hcoxc58F18PSO4NhzvAmv89PpgIAZZa7fEb58huNs4RUOv6lPOamsBjpSNljafKsoiFlyoIdM721HU676k-o9-MSOtJUQWe9C6W4uJVOozGKDLWzTofDJQ06_gl6Nvt2P0oyXDswt62qLGHe-XB7VhKXjb6mqqFmT5xl041hbVNjUFKNCKz8rqgmD9vg-eX4pDWI1UvSfSWQ&saml_acs=https%3A%2F%2Faaancnu.my.salesforce.com%3Fso%3D00D46000000znwz&saml_binding_type=HttpPost&Issuer=https%3A%2F%2Fsaml.salesforce.com&samlSsoConfig=0LE46000000LEKe&RelayState=%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.109.184.237 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl9-ncg1-c5-iad4.na209-ia4.my.salesforce.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache,must-revalidate,max-age=0,no-store,private
Content-Encoding
gzip
Content-Security-Policy
upgrade-insecure-requests
Content-Type
text/html;charset=UTF-8
Date
Thu, 01 Sep 2022 15:25:13 GMT
Pragma
no-cache
Referrer-Policy
origin-when-cross-origin
Strict-Transport-Security
max-age=63072000; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Robots-Tag
none
X-XSS-Protection
1; mode=block

Redirect headers

Cache-Control
no-cache,must-revalidate,max-age=0,no-store,private
Content-Length
0
Content-Security-Policy
upgrade-insecure-requests
Content-Type
text/html; charset=UTF-8
Date
Thu, 01 Sep 2022 15:25:13 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aaancnu.my.salesforce.com/saml/authn-request.jsp?saml_request_id=_2CAAAAYOJ2hCZMDAwMDAwMDAwMDAwMDAwAAAA7v_LDk6IwgtpYcdZdNCDFUEgvBOeBAmQ1CFIOkT3HyHvBSuNry-Hy4Hcoxc58F18PSO4NhzvAmv89PpgIAZZa7fEb58huNs4RUOv6lPOamsBjpSNljafKsoiFlyoIdM721HU676k-o9-MSOtJUQWe9C6W4uJVOozGKDLWzTofDJQ06_gl6Nvt2P0oyXDswt62qLGHe-XB7VhKXjb6mqqFmT5xl041hbVNjUFKNCKz8rqgmD9vg-eX4pDWI1UvSfSWQ&saml_acs=https%3A%2F%2Faaancnu.my.salesforce.com%3Fso%3D00D46000000znwz&saml_binding_type=HttpPost&Issuer=https%3A%2F%2Fsaml.salesforce.com&samlSsoConfig=0LE46000000LEKe&RelayState=%2F
Referrer-Policy
origin-when-cross-origin
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
X-Robots-Tag
none
X-XSS-Protection
1; mode=block
852050
goaaa.onelogin.com/trust/saml2/http-post/sso/ 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://goaaa.onelogin.com/trust/saml2/http-post/sso/852050
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.216.23.71 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-216-23-71.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
17c00ccbe72675461157e37d5ae19aa2dc94247ee4d403357ac2731004061085
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://aaancnu.my.salesforce.com
Referer
https://aaancnu.my.salesforce.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=0, must-revalidate
content-encoding
gzip
content-length
3699
content-type
text/html; charset=utf-8
date
Thu, 01 Sep 2022 15:25:14 GMT
etag
W/"79aae5b7385fbf52aabb964ebf6a45ae"
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200 OK
strict-transport-security
max-age=63072000; includeSubDomains;
x-content-type-options
nosniff
x-frame-options
DENY
x-request-id
6310CEDA-515F052A-BD3C-0A090118-01BB-5BFAA-01FB
x-xss-protection
1; mode=block
Primary Request /
goaaa.onelogin.com/login2/
Redirect Chain
  • https://goaaa.onelogin.com/trust/saml2/http-post/sso/852050
  • https://goaaa.onelogin.com/login
  • https://goaaa.onelogin.com/login2/?return=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1cmkiOiJodHRwczovL2dvYWFhLm9uZWxvZ2luLmNvbS90cnVzdC9zYW1sMi9odHRwLXBvc3Qvc3NvLzg1MjA1MD9zYW1sX3JlcXVlc3RfcGFyYW1zX3...
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://goaaa.onelogin.com/login2/?return=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1cmkiOiJodHRwczovL2dvYWFhLm9uZWxvZ2luLmNvbS90cnVzdC9zYW1sMi9odHRwLXBvc3Qvc3NvLzg1MjA1MD9zYW1sX3JlcXVlc3RfcGFyYW1zX3Rva2VuPWY5N2ZiNjgwNDIuNTBkMDJiYTE4N2E1NGYxNjcwMzQ3N2NkNDYxZTJhZGZiMGZjZTI4NS5mMFhwel9hR3FmQXlKZnozNHNCaW5oa0swR01mbC1oRHpHSS1nT0Y5VU0wJTNEIiwiYXBwX2lkIjoiODUyMDUwIiwiYXVkIjoiQUNDRVNTIiwiZmZfbXVsdGlwbGVfYnJhbmRzIjpmYWxzZSwibm90aWZpY2F0aW9uIjp7Imljb24iOiJjb25uZWN0aW9uIiwibWVzc2FnZSI6IkNvbm5lY3RpbmcgdG8gQXBwbGljYXRpb24iLCJ2YWx1ZXMiOlsiQXBwbGljYXRpb24iXSwidHlwZSI6ImluZm8iLCJ0ZW1wbGF0ZV9pZCI6ImNvbm5lY3RpbmdfdG9fYXBwIn0sImV4cCI6MTY2MjA0NjA5NSwiaXNzIjoiTU9OT1JBSUwiLCJwYXJhbXMiOnt9LCJicmFuZF9pZCI6Im1hc3RlciIsIm1ldGhvZCI6ImdldCJ9.TkmNJWkIZEPQmNwWrqY_WvKmR-aTY_WbJO8nlLTdlMA
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.216.23.71 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-216-23-71.us-east-2.compute.amazonaws.com
Software
AmazonS3 /
Resource Hash
3fc809185f6ccb90b58153e6a7061a9b7292c91cabbd4e1db25af23b7c8f010b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=63072000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://goaaa.onelogin.com
Referer
https://goaaa.onelogin.com/trust/saml2/http-post/sso/852050
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, max-age=0
content-encoding
gzip
content-length
840
content-security-policy
frame-ancestors 'none';
content-type
text/html; charset=utf-8
date
Thu, 01 Sep 2022 15:24:16 GMT
etag
"fc8ff26f0e96adbb2a1c0ebd92b58dd2"
last-modified
Thu, 16 Jun 2022 20:14:48 GMT
server
AmazonS3
strict-transport-security
max-age=63072000; includeSubDomains;
x-amz-id-2
8Kta74gUI+qYs/XADZggr5+oIqBHnQZXcuJvHQ35kzqT3enQjgKr17xMUbWBTXyldAuKcVAY+is=
x-amz-request-id
29AZH1V7E1YG6853
x-amz-version-id
Oe_RNvj3P9Dn7A9RqiXQOX2sCYRL37wf
x-content-type-options
nosniff
x-frame-options
DENY
x-ol-canary
main

Redirect headers

cache-control
no-cache no-store max-age=0 must-revalidate private s-maxage=0
content-length
844
content-security-policy
frame-ancestors 'none';
content-type
text/html; charset=utf-8
date
Thu, 01 Sep 2022 15:25:15 GMT
expires
0
location
https://goaaa.onelogin.com/login2/?return=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1cmkiOiJodHRwczovL2dvYWFhLm9uZWxvZ2luLmNvbS90cnVzdC9zYW1sMi9odHRwLXBvc3Qvc3NvLzg1MjA1MD9zYW1sX3JlcXVlc3RfcGFyYW1zX3Rva2VuPWY5N2ZiNjgwNDIuNTBkMDJiYTE4N2E1NGYxNjcwMzQ3N2NkNDYxZTJhZGZiMGZjZTI4NS5mMFhwel9hR3FmQXlKZnozNHNCaW5oa0swR01mbC1oRHpHSS1nT0Y5VU0wJTNEIiwiYXBwX2lkIjoiODUyMDUwIiwiYXVkIjoiQUNDRVNTIiwiZmZfbXVsdGlwbGVfYnJhbmRzIjpmYWxzZSwibm90aWZpY2F0aW9uIjp7Imljb24iOiJjb25uZWN0aW9uIiwibWVzc2FnZSI6IkNvbm5lY3RpbmcgdG8gQXBwbGljYXRpb24iLCJ2YWx1ZXMiOlsiQXBwbGljYXRpb24iXSwidHlwZSI6ImluZm8iLCJ0ZW1wbGF0ZV9pZCI6ImNvbm5lY3RpbmdfdG9fYXBwIn0sImV4cCI6MTY2MjA0NjA5NSwiaXNzIjoiTU9OT1JBSUwiLCJwYXJhbXMiOnt9LCJicmFuZF9pZCI6Im1hc3RlciIsIm1ldGhvZCI6ImdldCJ9.TkmNJWkIZEPQmNwWrqY_WvKmR-aTY_WbJO8nlLTdlMA#app=852050
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
pragma
no-cache
status
302 Found
strict-transport-security
max-age=63072000; includeSubDomains;
x-content-type-options
nosniff
x-frame-options
DENY
x-request-id
6310CEDA-515F052A-BD3C-0A090118-01BB-5C023-01FB
x-xss-protection
1; mode=block
onelogin-vigilance.min.js
cdn.onelogin.com/ 		361 KB
362 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onelogin.com/onelogin-vigilance.min.js
Requested by
Host: goaaa.onelogin.com
URL: https://goaaa.onelogin.com/login2/?return=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1cmkiOiJodHRwczovL2dvYWFhLm9uZWxvZ2luLmNvbS90cnVzdC9zYW1sMi9odHRwLXBvc3Qvc3NvLzg1MjA1MD9zYW1sX3JlcXVlc3RfcGFyYW1zX3Rva2VuPWY5N2ZiNjgwNDIuNTBkMDJiYTE4N2E1NGYxNjcwMzQ3N2NkNDYxZTJhZGZiMGZjZTI4NS5mMFhwel9hR3FmQXlKZnozNHNCaW5oa0swR01mbC1oRHpHSS1nT0Y5VU0wJTNEIiwiYXBwX2lkIjoiODUyMDUwIiwiYXVkIjoiQUNDRVNTIiwiZmZfbXVsdGlwbGVfYnJhbmRzIjpmYWxzZSwibm90aWZpY2F0aW9uIjp7Imljb24iOiJjb25uZWN0aW9uIiwibWVzc2FnZSI6IkNvbm5lY3RpbmcgdG8gQXBwbGljYXRpb24iLCJ2YWx1ZXMiOlsiQXBwbGljYXRpb24iXSwidHlwZSI6ImluZm8iLCJ0ZW1wbGF0ZV9pZCI6ImNvbm5lY3RpbmdfdG9fYXBwIn0sImV4cCI6MTY2MjA0NjA5NSwiaXNzIjoiTU9OT1JBSUwiLCJwYXJhbXMiOnt9LCJicmFuZF9pZCI6Im1hc3RlciIsIm1ldGhvZCI6ImdldCJ9.TkmNJWkIZEPQmNwWrqY_WvKmR-aTY_WbJO8nlLTdlMA
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-95.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e2e33adc4b4b1fd09f4385641a21d78dfca6b96629827f0e6a30829587815cde

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://goaaa.onelogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id
VTZTgPWVzkOd0o_ztJD57dK6Q_UenlY0
Via
1.1 7831c78db9d585e32d354900cc00dca6.cloudfront.net (CloudFront)
Last-Modified
Thu, 16 Jan 2020 01:01:13 GMT
Server
AmazonS3
Age
72064
ETag
"8533b895a83abc4cc8bf2fb0898c4ace"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Date
Thu, 01 Sep 2022 00:56:32 GMT
x-amz-replication-status
COMPLETED
X-Amz-Cf-Pop
FRA56-P4
Accept-Ranges
bytes
Content-Length
370103
X-Amz-Cf-Id
zEA7wSFWMbtNot8Qfxx4bcI2ix37UChYm3QgwyoqqqSJh0isSRYniw==
vendoreff58330763449445b81ea5cd816ed212d89514f.js
web-login-v2-cdn.onelogin.com/login2/ 		177 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://web-login-v2-cdn.onelogin.com/login2/vendoreff58330763449445b81ea5cd816ed212d89514f.js
Requested by
Host: goaaa.onelogin.com
URL: https://goaaa.onelogin.com/login2/?return=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1cmkiOiJodHRwczovL2dvYWFhLm9uZWxvZ2luLmNvbS90cnVzdC9zYW1sMi9odHRwLXBvc3Qvc3NvLzg1MjA1MD9zYW1sX3JlcXVlc3RfcGFyYW1zX3Rva2VuPWY5N2ZiNjgwNDIuNTBkMDJiYTE4N2E1NGYxNjcwMzQ3N2NkNDYxZTJhZGZiMGZjZTI4NS5mMFhwel9hR3FmQXlKZnozNHNCaW5oa0swR01mbC1oRHpHSS1nT0Y5VU0wJTNEIiwiYXBwX2lkIjoiODUyMDUwIiwiYXVkIjoiQUNDRVNTIiwiZmZfbXVsdGlwbGVfYnJhbmRzIjpmYWxzZSwibm90aWZpY2F0aW9uIjp7Imljb24iOiJjb25uZWN0aW9uIiwibWVzc2FnZSI6IkNvbm5lY3RpbmcgdG8gQXBwbGljYXRpb24iLCJ2YWx1ZXMiOlsiQXBwbGljYXRpb24iXSwidHlwZSI6ImluZm8iLCJ0ZW1wbGF0ZV9pZCI6ImNvbm5lY3RpbmdfdG9fYXBwIn0sImV4cCI6MTY2MjA0NjA5NSwiaXNzIjoiTU9OT1JBSUwiLCJwYXJhbXMiOnt9LCJicmFuZF9pZCI6Im1hc3RlciIsIm1ldGhvZCI6ImdldCJ9.TkmNJWkIZEPQmNwWrqY_WvKmR-aTY_WbJO8nlLTdlMA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:9200:18:b15c:ee80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c932cd16ce2423486dedfe0a1945872d857ac890ffe59129d02e6bfa9e09a89f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://goaaa.onelogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 15:40:28 GMT
content-encoding
gzip
last-modified
Thu, 16 Jun 2022 20:14:45 GMT
server
AmazonS3
age
171887
etag
"9c25c1e583e842b524922d4289cbb4e5"
x-cache
Hit from cloudfront
x-amz-version-id
J_j44h9d8S1boWJuBUFsMgIWJ5UxvZZk
via
1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-type
application/javascript
content-length
56406
x-amz-cf-id
bglgc9XfuLPgCe56o_ZDYu6HbHYVV0rdu5bNHOVP1cgPxkWGPFmphQ==
intleff58330763449445b81ea5cd816ed212d89514f.js
web-login-v2-cdn.onelogin.com/login2/ 		44 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://web-login-v2-cdn.onelogin.com/login2/intleff58330763449445b81ea5cd816ed212d89514f.js
Requested by
Host: goaaa.onelogin.com
URL: https://goaaa.onelogin.com/login2/?return=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1cmkiOiJodHRwczovL2dvYWFhLm9uZWxvZ2luLmNvbS90cnVzdC9zYW1sMi9odHRwLXBvc3Qvc3NvLzg1MjA1MD9zYW1sX3JlcXVlc3RfcGFyYW1zX3Rva2VuPWY5N2ZiNjgwNDIuNTBkMDJiYTE4N2E1NGYxNjcwMzQ3N2NkNDYxZTJhZGZiMGZjZTI4NS5mMFhwel9hR3FmQXlKZnozNHNCaW5oa0swR01mbC1oRHpHSS1nT0Y5VU0wJTNEIiwiYXBwX2lkIjoiODUyMDUwIiwiYXVkIjoiQUNDRVNTIiwiZmZfbXVsdGlwbGVfYnJhbmRzIjpmYWxzZSwibm90aWZpY2F0aW9uIjp7Imljb24iOiJjb25uZWN0aW9uIiwibWVzc2FnZSI6IkNvbm5lY3RpbmcgdG8gQXBwbGljYXRpb24iLCJ2YWx1ZXMiOlsiQXBwbGljYXRpb24iXSwidHlwZSI6ImluZm8iLCJ0ZW1wbGF0ZV9pZCI6ImNvbm5lY3RpbmdfdG9fYXBwIn0sImV4cCI6MTY2MjA0NjA5NSwiaXNzIjoiTU9OT1JBSUwiLCJwYXJhbXMiOnt9LCJicmFuZF9pZCI6Im1hc3RlciIsIm1ldGhvZCI6ImdldCJ9.TkmNJWkIZEPQmNwWrqY_WvKmR-aTY_WbJO8nlLTdlMA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:9200:18:b15c:ee80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f35b9d064412335be86478bf73eb20afcade9c8c278c204730effafb4457c25b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://goaaa.onelogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 02:44:49 GMT
content-encoding
gzip
last-modified
Thu, 16 Jun 2022 20:14:45 GMT
server
AmazonS3
age
1255227
etag
"ba807de67f88c297f9d996292b00eaaa"
x-cache
Hit from cloudfront
x-amz-version-id
hCuOh0jjQS9OXm097ZiQjvCXOA_hin_A
via
1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-type
application/javascript
content-length
12395
x-amz-cf-id
Fr6V3kBQlWZYRjqmc2KA6LqIpz735ixVgybSYJTshAYjqXOD21OMLQ==
appeff58330763449445b81ea5cd816ed212d89514f.js
web-login-v2-cdn.onelogin.com/login2/ 		2 MB
560 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://web-login-v2-cdn.onelogin.com/login2/appeff58330763449445b81ea5cd816ed212d89514f.js
Requested by
Host: goaaa.onelogin.com
URL: https://goaaa.onelogin.com/login2/?return=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1cmkiOiJodHRwczovL2dvYWFhLm9uZWxvZ2luLmNvbS90cnVzdC9zYW1sMi9odHRwLXBvc3Qvc3NvLzg1MjA1MD9zYW1sX3JlcXVlc3RfcGFyYW1zX3Rva2VuPWY5N2ZiNjgwNDIuNTBkMDJiYTE4N2E1NGYxNjcwMzQ3N2NkNDYxZTJhZGZiMGZjZTI4NS5mMFhwel9hR3FmQXlKZnozNHNCaW5oa0swR01mbC1oRHpHSS1nT0Y5VU0wJTNEIiwiYXBwX2lkIjoiODUyMDUwIiwiYXVkIjoiQUNDRVNTIiwiZmZfbXVsdGlwbGVfYnJhbmRzIjpmYWxzZSwibm90aWZpY2F0aW9uIjp7Imljb24iOiJjb25uZWN0aW9uIiwibWVzc2FnZSI6IkNvbm5lY3RpbmcgdG8gQXBwbGljYXRpb24iLCJ2YWx1ZXMiOlsiQXBwbGljYXRpb24iXSwidHlwZSI6ImluZm8iLCJ0ZW1wbGF0ZV9pZCI6ImNvbm5lY3RpbmdfdG9fYXBwIn0sImV4cCI6MTY2MjA0NjA5NSwiaXNzIjoiTU9OT1JBSUwiLCJwYXJhbXMiOnt9LCJicmFuZF9pZCI6Im1hc3RlciIsIm1ldGhvZCI6ImdldCJ9.TkmNJWkIZEPQmNwWrqY_WvKmR-aTY_WbJO8nlLTdlMA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:9200:18:b15c:ee80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
758495fadcf7c874619c16be8299853cf15e39384329c06d090dfc9421a87133

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://goaaa.onelogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 19:28:40 GMT
content-encoding
gzip
last-modified
Thu, 16 Jun 2022 20:14:45 GMT
server
AmazonS3
age
1194995
etag
"71910e3af2e179b197107e549a982853"
x-cache
Hit from cloudfront
x-amz-version-id
HwPu644NRLdM4nIX_SMw7tdDXmeTPX9h
via
1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-type
application/javascript
content-length
571940
x-amz-cf-id
3LodIHnrmm00xVJxXM1Bif7zZHSf3u5TW2qRJVRGEOTbM6G8YC9Atg==
nonce
goaaa.onelogin.com/access/ 		128 B
761 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://goaaa.onelogin.com/access/nonce
Requested by
Host: cdn.onelogin.com
URL: https://cdn.onelogin.com/onelogin-vigilance.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.216.23.71 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-216-23-71.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
c67a8e728821b7baccdbb942d37fdb94ae0583d2bc6b964adc89294c9b5ac98a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://goaaa.onelogin.com/login2/?return=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1cmkiOiJodHRwczovL2dvYWFhLm9uZWxvZ2luLmNvbS90cnVzdC9zYW1sMi9odHRwLXBvc3Qvc3NvLzg1MjA1MD9zYW1sX3JlcXVlc3RfcGFyYW1zX3Rva2VuPWY5N2ZiNjgwNDIuNTBkMDJiYTE4N2E1NGYxNjcwMzQ3N2NkNDYxZTJhZGZiMGZjZTI4NS5mMFhwel9hR3FmQXlKZnozNHNCaW5oa0swR01mbC1oRHpHSS1nT0Y5VU0wJTNEIiwiYXBwX2lkIjoiODUyMDUwIiwiYXVkIjoiQUNDRVNTIiwiZmZfbXVsdGlwbGVfYnJhbmRzIjpmYWxzZSwibm90aWZpY2F0aW9uIjp7Imljb24iOiJjb25uZWN0aW9uIiwibWVzc2FnZSI6IkNvbm5lY3RpbmcgdG8gQXBwbGljYXRpb24iLCJ2YWx1ZXMiOlsiQXBwbGljYXRpb24iXSwidHlwZSI6ImluZm8iLCJ0ZW1wbGF0ZV9pZCI6ImNvbm5lY3RpbmdfdG9fYXBwIn0sImV4cCI6MTY2MjA0NjA5NSwiaXNzIjoiTU9OT1JBSUwiLCJwYXJhbXMiOnt9LCJicmFuZF9pZCI6Im1hc3RlciIsIm1ldGhvZCI6ImdldCJ9.TkmNJWkIZEPQmNwWrqY_WvKmR-aTY_WbJO8nlLTdlMA
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

x-runtime
0.223751
date
Thu, 01 Sep 2022 15:25:15 GMT
x-correlation-id
91491d45-768e-4d0b-8eff-2f54ffeb6597
x-content-type-options
nosniff
etag
W/"49a7dae3dd136d34879abcc6d602d068"
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
max-age=0, private, must-revalidate
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains;
x-xss-protection
1; mode=block
x-request-id
6310CEDB-515F052A-BD3C-0A090118-01BB-5C097-01FB
auth
goaaa.onelogin.com/access/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://goaaa.onelogin.com/access/auth
Requested by
Host: web-login-v2-cdn.onelogin.com
URL: https://web-login-v2-cdn.onelogin.com/login2/appeff58330763449445b81ea5cd816ed212d89514f.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.216.23.71 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-216-23-71.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
e8713dccb2219b1457bcc57485b96cfa30822f8e675abb9726b4f9a7775bdd0f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://goaaa.onelogin.com/login2/?return=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1cmkiOiJodHRwczovL2dvYWFhLm9uZWxvZ2luLmNvbS90cnVzdC9zYW1sMi9odHRwLXBvc3Qvc3NvLzg1MjA1MD9zYW1sX3JlcXVlc3RfcGFyYW1zX3Rva2VuPWY5N2ZiNjgwNDIuNTBkMDJiYTE4N2E1NGYxNjcwMzQ3N2NkNDYxZTJhZGZiMGZjZTI4NS5mMFhwel9hR3FmQXlKZnozNHNCaW5oa0swR01mbC1oRHpHSS1nT0Y5VU0wJTNEIiwiYXBwX2lkIjoiODUyMDUwIiwiYXVkIjoiQUNDRVNTIiwiZmZfbXVsdGlwbGVfYnJhbmRzIjpmYWxzZSwibm90aWZpY2F0aW9uIjp7Imljb24iOiJjb25uZWN0aW9uIiwibWVzc2FnZSI6IkNvbm5lY3RpbmcgdG8gQXBwbGljYXRpb24iLCJ2YWx1ZXMiOlsiQXBwbGljYXRpb24iXSwidHlwZSI6ImluZm8iLCJ0ZW1wbGF0ZV9pZCI6ImNvbm5lY3RpbmdfdG9fYXBwIn0sImV4cCI6MTY2MjA0NjA5NSwiaXNzIjoiTU9OT1JBSUwiLCJwYXJhbXMiOnt9LCJicmFuZF9pZCI6Im1hc3RlciIsIm1ldGhvZCI6ImdldCJ9.TkmNJWkIZEPQmNwWrqY_WvKmR-aTY_WbJO8nlLTdlMA
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
application/json

Response headers

x-runtime
0.313156
date
Thu, 01 Sep 2022 15:25:16 GMT
x-correlation-id
dbf6fc3f-23cb-43f6-be67-247f0ae6be1a
x-content-type-options
nosniff
etag
W/"aebcf2bc512b3d2dbcbae0a5228c0f17"
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
max-age=0, private, must-revalidate
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains;
x-xss-protection
1; mode=block
x-request-id
6310CEDB-515F052A-BD76-0A090304-01BB-4F40C-2C4C
branding.json
goaaa.onelogin.com/api/v1/ 		962 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://goaaa.onelogin.com/api/v1/branding.json?app_id=852050
Requested by
Host: web-login-v2-cdn.onelogin.com
URL: https://web-login-v2-cdn.onelogin.com/login2/appeff58330763449445b81ea5cd816ed212d89514f.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.216.23.71 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-216-23-71.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
2c168bfdf1a40f80b50815ddeab1c9cd72fd9be1530388316061f1f49898c8fa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://goaaa.onelogin.com/login2/?return=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1cmkiOiJodHRwczovL2dvYWFhLm9uZWxvZ2luLmNvbS90cnVzdC9zYW1sMi9odHRwLXBvc3Qvc3NvLzg1MjA1MD9zYW1sX3JlcXVlc3RfcGFyYW1zX3Rva2VuPWY5N2ZiNjgwNDIuNTBkMDJiYTE4N2E1NGYxNjcwMzQ3N2NkNDYxZTJhZGZiMGZjZTI4NS5mMFhwel9hR3FmQXlKZnozNHNCaW5oa0swR01mbC1oRHpHSS1nT0Y5VU0wJTNEIiwiYXBwX2lkIjoiODUyMDUwIiwiYXVkIjoiQUNDRVNTIiwiZmZfbXVsdGlwbGVfYnJhbmRzIjpmYWxzZSwibm90aWZpY2F0aW9uIjp7Imljb24iOiJjb25uZWN0aW9uIiwibWVzc2FnZSI6IkNvbm5lY3RpbmcgdG8gQXBwbGljYXRpb24iLCJ2YWx1ZXMiOlsiQXBwbGljYXRpb24iXSwidHlwZSI6ImluZm8iLCJ0ZW1wbGF0ZV9pZCI6ImNvbm5lY3RpbmdfdG9fYXBwIn0sImV4cCI6MTY2MjA0NjA5NSwiaXNzIjoiTU9OT1JBSUwiLCJwYXJhbXMiOnt9LCJicmFuZF9pZCI6Im1hc3RlciIsIm1ldGhvZCI6ImdldCJ9.TkmNJWkIZEPQmNwWrqY_WvKmR-aTY_WbJO8nlLTdlMA
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Sep 2022 15:25:16 GMT
x-content-type-options
nosniff
etag
"0525f472b1a72af0eca00eca0eac13e6"
x-frame-options
DENY
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200 OK
cache-control
no-cache no-store max-age=0 must-revalidate private s-maxage=0
strict-transport-security
max-age=63072000; includeSubDomains;
content-type
application/json; charset=utf-8
content-length
962
x-xss-protection
1; mode=block
x-request-id
6310CEDB-515F052A-BD78-0A090170-01BB-5BB2E-02E6
expires
0
479970ffb74f2117317f9d24d9e317fe.woff2
web-login-v2-cdn.onelogin.com/login2/ 		0
0
a91ad097d24828af724d4fee36a063ed.woff
web-login-v2-cdn.onelogin.com/login2/ 		64 KB
65 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://web-login-v2-cdn.onelogin.com/login2/a91ad097d24828af724d4fee36a063ed.woff
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:9200:18:b15c:ee80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
71aa99e21c708e5de2ff54f2e6d6bb4e4d462af3de5b9abb071fcd5c6d42fc48

Request headers

Referer
https://goaaa.onelogin.com/
Origin
https://goaaa.onelogin.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id
S.cZCBXfJ7O0WUugfHeyL36Dqiw1YB8B
content-encoding
gzip
etag
"67c9c29cd0efcb88a5a03a70a79c2637"
age
1867598
x-cache
Hit from cloudfront
content-length
65886
access-control-allow-origin
*
last-modified
Thu, 16 Jun 2022 20:14:45 GMT
server
AmazonS3
date
Thu, 11 Aug 2022 00:38:38 GMT
access-control-max-age
0
access-control-allow-methods
GET
content-type
application/x-font-woff
via
1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
x-amz-cf-id
CUx-_oo0l0z_vR0b1jEEr4onzEKVPJZrqvJ6oYmOhh-wRGX7ar7Hzw==
nonce_verify
goaaa.onelogin.com/access/ 		63 B
835 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://goaaa.onelogin.com/access/nonce_verify
Requested by
Host: cdn.onelogin.com
URL: https://cdn.onelogin.com/onelogin-vigilance.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.216.23.71 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-216-23-71.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
0f8c2cd229714aa381de64493bee80d7a8ca1bbbb4dc88069d22ed3173ae27bc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://goaaa.onelogin.com/login2/?return=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1cmkiOiJodHRwczovL2dvYWFhLm9uZWxvZ2luLmNvbS90cnVzdC9zYW1sMi9odHRwLXBvc3Qvc3NvLzg1MjA1MD9zYW1sX3JlcXVlc3RfcGFyYW1zX3Rva2VuPWY5N2ZiNjgwNDIuNTBkMDJiYTE4N2E1NGYxNjcwMzQ3N2NkNDYxZTJhZGZiMGZjZTI4NS5mMFhwel9hR3FmQXlKZnozNHNCaW5oa0swR01mbC1oRHpHSS1nT0Y5VU0wJTNEIiwiYXBwX2lkIjoiODUyMDUwIiwiYXVkIjoiQUNDRVNTIiwiZmZfbXVsdGlwbGVfYnJhbmRzIjpmYWxzZSwibm90aWZpY2F0aW9uIjp7Imljb24iOiJjb25uZWN0aW9uIiwibWVzc2FnZSI6IkNvbm5lY3RpbmcgdG8gQXBwbGljYXRpb24iLCJ2YWx1ZXMiOlsiQXBwbGljYXRpb24iXSwidHlwZSI6ImluZm8iLCJ0ZW1wbGF0ZV9pZCI6ImNvbm5lY3RpbmdfdG9fYXBwIn0sImV4cCI6MTY2MjA0NjA5NSwiaXNzIjoiTU9OT1JBSUwiLCJwYXJhbXMiOnt9LCJicmFuZF9pZCI6Im1hc3RlciIsIm1ldGhvZCI6ImdldCJ9.TkmNJWkIZEPQmNwWrqY_WvKmR-aTY_WbJO8nlLTdlMA
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

x-runtime
0.273638
date
Thu, 01 Sep 2022 15:25:16 GMT
x-correlation-id
f26611a1-4ce2-4a28-a640-c18bbd0da602
x-content-type-options
nosniff
etag
W/"49f17a8a692d056eb602c17333979a75"
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
max-age=0, private, must-revalidate
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains;
x-xss-protection
1; mode=block
x-request-id
6310CEDB-515F052A-BD3C-0A090118-01BB-5C10B-01FB
a4b8bc74bf3dc7c3c027a4588be4602bf7dbd0dc.png
cdn.onelogin.com/images/brands/logos/login/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.onelogin.com/images/brands/logos/login/a4b8bc74bf3dc7c3c027a4588be4602bf7dbd0dc.png?1564096473
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-95.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1c89a80073d2afa0cd95280434fa3e2dca4d4b0f9011bdd24dfd42643c0c3d17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://goaaa.onelogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id
0HWeIwK0X3B5MJl1a2YRykS29f2fuBwS
Via
1.1 7831c78db9d585e32d354900cc00dca6.cloudfront.net (CloudFront)
Last-Modified
Thu, 25 Jul 2019 23:14:34 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P4
ETag
"e2389ec972e3eede30c4432017865a32"
X-Cache
RefreshHit from cloudfront
Content-Type
image/png
Date
Thu, 01 Sep 2022 15:25:17 GMT
x-amz-replication-status
COMPLETED
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11083
X-Amz-Cf-Id
hVlLpmKd9y5oIzuhUBHUIrz75WOE_tVf8PMams9SMyBqx-Z7QZgQRA==
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eef376d9ba561b179c4d943f37c824d7453c6dd2d415ef98543234d2fedd3f37

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type
image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
web-login-v2-cdn.onelogin.com
URL
https://web-login-v2-cdn.onelogin.com/login2/479970ffb74f2117317f9d24d9e317fe.woff2

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| thisdata function| webpackJsonp object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| IntlPolyfill object| global object| System function| asap function| Observable object| regeneratorRuntime boolean| _babelPolyfill

11 Cookies

Domain/Path Name / Value
aaancnu.my.salesforce.com/ Name: CookieConsentPolicy
Value: 0:1
aaancnu.my.salesforce.com/ Name: LSKey-c$CookieConsentPolicy
Value: 0:1
.salesforce.com/ Name: BrowserId
Value: RhadMSoKEe2q-okc-Db61A
.salesforce.com/ Name: BrowserId_sec
Value: RhadMSoKEe2q-okc-Db61A
.onelogin.com/ Name: ol_custom_domain
Value: %7B%22tenant%22%3A%22goaaa%22%2C%22custom_domain%22%3A%22%22%7D
.onelogin.com/ Name: ol_web_login_canary_0
Value: false
.onelogin.com/ Name: ol_web_login_proxy_15
Value: true
.onelogin.com/ Name: ol_access_service_canary_14
Value: false
goaaa.onelogin.com/ Name: sub_session_onelogin.com
Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzZXNzaW9uX2lkIjoiNjFiYTc1YmYtNTRiNy00ZDQ4LWFkMzMtMzRiZWE2MWYzODJmIiwidmVyc2lvbiI6MSwiY3JlYXRlZF9hdCI6MTY2MjA0NTkxNH0.LB6oW5XTaOrm1ck-hBeU7i5eH3eujeHaIrdvBfqz3j8%7C%7CBAh7BzoOcmV0dXJuX3RvIgG4aHR0cHM6Ly9nb2FhYS5vbmVsb2dpbi5jb20vdHJ1c3Qvc2FtbDIvaHR0cC1wb3N0L3Nzby84NTIwNTA%2Fc2FtbF9yZXF1ZXN0X3BhcmFtc190b2tlbj1mOTdmYjY4MDQyLjUwZDAyYmExODdhNTRmMTY3MDM0NzdjZDQ2MWUyYWRmYjBmY2UyODUuZjBYcHpfYUdxZkF5SmZ6MzRzQmluaGtLMEdNZmwtaER6R0ktZ09GOVVNMCUzRCIfYnJvd3Nlcl92ZXJpZmljYXRpb25fdG9rZW4iRWEyZDg3NmNlMjllYjlhMGUwMWMyNmUxNTU0ZjNjYjA4ZWM4YTc1YmY4YmY0ZDgwYWZhNWE4OTI0YzM5ZGY2ZjA%3D--1f68823affeca6c4530831687e47c282771d5b11
goaaa.onelogin.com/ Name: __tdli_fp
Value: 7c6bdaf5d1148a06b6c2e2953d6f180d
goaaa.onelogin.com/ Name: __tdli
Value: 083155aba2f30b1a26fad64728f5739efe4bd996cbbd1a87d713fe31f0b60ed0

2 Console Messages

Source Level URL
Text
javascript error URL: https://goaaa.onelogin.com/login2/?return=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1cmkiOiJodHRwczovL2dvYWFhLm9uZWxvZ2luLmNvbS90cnVzdC9zYW1sMi9odHRwLXBvc3Qvc3NvLzg1MjA1MD9zYW1sX3JlcXVlc3RfcGFyYW1zX3Rva2VuPWY5N2ZiNjgwNDIuNTBkMDJiYTE4N2E1NGYxNjcwMzQ3N2NkNDYxZTJhZGZiMGZjZTI4NS5mMFhwel9hR3FmQXlKZnozNHNCaW5oa0swR01mbC1oRHpHSS1nT0Y5VU0wJTNEIiwiYXBwX2lkIjoiODUyMDUwIiwiYXVkIjoiQUNDRVNTIiwiZmZfbXVsdGlwbGVfYnJhbmRzIjpmYWxzZSwibm90aWZpY2F0aW9uIjp7Imljb24iOiJjb25uZWN0aW9uIiwibWVzc2FnZSI6IkNvbm5lY3RpbmcgdG8gQXBwbGljYXRpb24iLCJ2YWx1ZXMiOlsiQXBwbGljYXRpb24iXSwidHlwZSI6ImluZm8iLCJ0ZW1wbGF0ZV9pZCI6ImNvbm5lY3RpbmdfdG9fYXBwIn0sImV4cCI6MTY2MjA0NjA5NSwiaXNzIjoiTU9OT1JBSUwiLCJwYXJhbXMiOnt9LCJicmFuZF9pZCI6Im1hc3RlciIsIm1ldGhvZCI6ImdldCJ9.TkmNJWkIZEPQmNwWrqY_WvKmR-aTY_WbJO8nlLTdlMA#app=852050
Message:
Access to font at 'https://web-login-v2-cdn.onelogin.com/login2/479970ffb74f2117317f9d24d9e317fe.woff2' from origin 'https://goaaa.onelogin.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://web-login-v2-cdn.onelogin.com/login2/479970ffb74f2117317f9d24d9e317fe.woff2
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block