urlscan.io logo urlscan.io
SecurityTrails logo

gdit2-rsso-demo.onbmc.com Open in urlscan Pro
216.52.6.123  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://gdit2-demo-dwpcatalog.onbmc.com/
Effective URL: https://gdit2-rsso-demo.onbmc.com/rsso/start
Submission: On December 04 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 16 HTTP transactions. The main IP is 216.52.6.123, located in United States and belongs to AS-INAPCDN-OCY, US. The main domain is gdit2-rsso-demo.onbmc.com.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on March 10th 2023. Valid for: a year.
This is the only time gdit2-rsso-demo.onbmc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 17 216.52.6.123 30282 (AS-INAPCD...)
16 1
Apex Domain
Subdomains		 Transfer
17 onbmc.com
gdit2-demo-dwpcatalog.onbmc.com
gdit2-rsso-demo.onbmc.com
418 KB
16 1
Domain Requested by
15 gdit2-rsso-demo.onbmc.com gdit2-rsso-demo.onbmc.com
2 gdit2-demo-dwpcatalog.onbmc.com 1 redirects
16 2

This site contains no links.

Subject Issuer Validity Valid
*.onbmc.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-10 -
2024-03-12		 a year crt.sh

This page contains 1 frames:

Primary Page: https://gdit2-rsso-demo.onbmc.com/rsso/start
Frame ID: CF6FCBD9C42CA5AE721B74365A34220C
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

BMC Helix Single Sign-On

Page URL History Show full URLs

  1. https://gdit2-demo-dwpcatalog.onbmc.com/ HTTP 302
    https://gdit2-demo-dwpcatalog.onbmc.com/dwpc/index.html Page URL
  2. https://gdit2-rsso-demo.onbmc.com/rsso/start Page URL
  3. https://gdit2-rsso-demo.onbmc.com/rsso/start Page URL

Page Statistics

16
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

1
IPs

1
Countries

417 kB
Transfer

484 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://gdit2-demo-dwpcatalog.onbmc.com/ HTTP 302
    https://gdit2-demo-dwpcatalog.onbmc.com/dwpc/index.html Page URL
  2. https://gdit2-rsso-demo.onbmc.com/rsso/start Page URL
  3. https://gdit2-rsso-demo.onbmc.com/rsso/start Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://gdit2-demo-dwpcatalog.onbmc.com/ HTTP 302
  • https://gdit2-demo-dwpcatalog.onbmc.com/dwpc/index.html

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
index.html
gdit2-demo-dwpcatalog.onbmc.com/dwpc/
Redirect Chain
  • https://gdit2-demo-dwpcatalog.onbmc.com/
  • https://gdit2-demo-dwpcatalog.onbmc.com/dwpc/index.html
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gdit2-demo-dwpcatalog.onbmc.com/dwpc/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.52.6.123 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
1410
Content-Security-Policy
frame-ancestors 'self'; frame-ancestors 'self'
Content-Type
text/html;charset=utf-8
Date
Mon, 04 Dec 2023 14:51:14 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block

Redirect headers

Connection
keep-alive
Content-Length
138
Content-Type
text/html
Date
Mon, 04 Dec 2023 14:51:14 GMT
Location
https://gdit2-demo-dwpcatalog.onbmc.com/dwpc/index.html
start
gdit2-rsso-demo.onbmc.com/rsso/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gdit2-rsso-demo.onbmc.com/rsso/start
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.52.6.123 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'self' https://www.google.com https://www.gstatic.com https://cdn.whatfix.com https://whatfix.com 'nonce-T1rI8jwBJbSiw7Db841Gft55RIN5wec5wCm7M3VHTYIiz682wLc/Dnf+JnRNfC51NGgWruaQ+AJiTdX7Kwz6Yg3pxNholmBc6DF4rxCYO77J73sHqY7VNvHdumYPbeiTiGmao7NCTkrngFf1xY4MOM9c8UEQYHMePbsMqSbgIY0='; object-src 'none'; frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://gdit2-demo-dwpcatalog.onbmc.com
Referer
https://gdit2-demo-dwpcatalog.onbmc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-store
Connection
keep-alive
Content-Encoding
gzip
Content-Security-Policy
script-src 'self' https://www.google.com https://www.gstatic.com https://cdn.whatfix.com https://whatfix.com 'nonce-T1rI8jwBJbSiw7Db841Gft55RIN5wec5wCm7M3VHTYIiz682wLc/Dnf+JnRNfC51NGgWruaQ+AJiTdX7Kwz6Yg3pxNholmBc6DF4rxCYO77J73sHqY7VNvHdumYPbeiTiGmao7NCTkrngFf1xY4MOM9c8UEQYHMePbsMqSbgIY0='; object-src 'none'; frame-ancestors 'self'
Content-Type
text/html;charset=UTF-8
Date
Mon, 04 Dec 2023 14:51:15 GMT
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Primary Request start
gdit2-rsso-demo.onbmc.com/rsso/ 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gdit2-rsso-demo.onbmc.com/rsso/start
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.52.6.123 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
99b49a0bcab8eadbcec76af4ae1f152aaa0d9f06fb976cd411b04bc63a866d75
Security Headers
Name Value
Content-Security-Policy script-src 'self' https://www.google.com https://www.gstatic.com https://cdn.whatfix.com https://whatfix.com 'nonce-l+HcvwPm50vill3/X5CWUtG0ohaTEJEC6Y0tSoxX87QnAmNp/n1TaY1Gh4nftGe9MJ6KmJkKWPMtwMZ6VmvwcENYJyDRZVzoBo4MLCNZma0pRETSNy7zFRZRfWv/cMFqF4EEayUxqWIORH9rGqBk+YJmhk7QESxW6KbA+xTgdIQ='; object-src 'none'; frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://gdit2-rsso-demo.onbmc.com
Referer
https://gdit2-rsso-demo.onbmc.com/rsso/start
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-store
Connection
keep-alive
Content-Encoding
gzip
Content-Security-Policy
script-src 'self' https://www.google.com https://www.gstatic.com https://cdn.whatfix.com https://whatfix.com 'nonce-l+HcvwPm50vill3/X5CWUtG0ohaTEJEC6Y0tSoxX87QnAmNp/n1TaY1Gh4nftGe9MJ6KmJkKWPMtwMZ6VmvwcENYJyDRZVzoBo4MLCNZma0pRETSNy7zFRZRfWv/cMFqF4EEayUxqWIORH9rGqBk+YJmhk7QESxW6KbA+xTgdIQ='; object-src 'none'; frame-ancestors 'self'
Content-Type
text/html;charset=UTF-8
Date
Mon, 04 Dec 2023 14:51:15 GMT
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
vary
accept-encoding
rsso-login.css
gdit2-rsso-demo.onbmc.com/rsso/css/ 		64 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gdit2-rsso-demo.onbmc.com/rsso/css/rsso-login.css?v=20220427142057
Requested by
Host: gdit2-rsso-demo.onbmc.com
URL: https://gdit2-rsso-demo.onbmc.com/rsso/start
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.52.6.123 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
5dc6ebbe6490d424ac67e05a50660f951c41fc7f618eb1f47e7b8a38ed5a9d77
Security Headers
Name Value
Content-Security-Policy script-src 'self' https://www.google.com https://www.gstatic.com https://cdn.whatfix.com https://whatfix.com; object-src 'none'; frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gdit2-rsso-demo.onbmc.com/rsso/start
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Mon, 04 Dec 2023 14:51:15 GMT
Content-Security-Policy
script-src 'self' https://www.google.com https://www.gstatic.com https://cdn.whatfix.com https://whatfix.com; object-src 'none'; frame-ancestors 'self'
X-Content-Type-Options
nosniff
Last-Modified
Wed, 22 Sep 2021 00:25:22 GMT
Content-Encoding
gzip
ETag
W/"66046-1632270322000"
Transfer-Encoding
chunked
vary
accept-encoding
Content-Type
text/css
Cache-Control
public,max-age=7776000
Connection
keep-alive
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
Expires
Sun, 03 Mar 2024 14:51:15 GMT
change-password.css
gdit2-rsso-demo.onbmc.com/rsso/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gdit2-rsso-demo.onbmc.com/rsso/css/change-password.css?v=20220427142057
Requested by
Host: gdit2-rsso-demo.onbmc.com
URL: https://gdit2-rsso-demo.onbmc.com/rsso/start
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.52.6.123 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b533eea7940d26e62dcfe9e1814533bd5b9387e90e7c1c766ac785da3ba94b24
Security Headers
Name Value
Content-Security-Policy script-src 'self' https://www.google.com https://www.gstatic.com https://cdn.whatfix.com https://whatfix.com; object-src 'none'; frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gdit2-rsso-demo.onbmc.com/rsso/start
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Mon, 04 Dec 2023 14:51:15 GMT
Content-Security-Policy
script-src 'self' https://www.google.com https://www.gstatic.com https://cdn.whatfix.com https://whatfix.com; object-src 'none'; frame-ancestors 'self'
X-Content-Type-Options
nosniff
Last-Modified
Wed, 22 Sep 2021 00:25:22 GMT
Content-Encoding
gzip
ETag
W/"1635-1632270322000"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public,max-age=7776000
Connection
keep-alive
X-XSS-Protection
1; mode=block
Expires
Sun, 03 Mar 2024 14:51:15 GMT
promise.js
gdit2-rsso-demo.onbmc.com/rsso/js/polyfill/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gdit2-rsso-demo.onbmc.com/rsso/js/polyfill/promise.js?v=20220427142057
Requested by
Host: gdit2-rsso-demo.onbmc.com
URL: https://gdit2-rsso-demo.onbmc.com/rsso/start
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.52.6.123 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
cc1a1c6f0308da059c0a0c6f0f1ff4a262e6cec5a11b2beb0216dc4a22ea402b
Security Headers
Name Value
Content-Security-Policy script-src 'self' https://www.google.com https://www.gstatic.com https://cdn.whatfix.com https://whatfix.com; object-src 'none'; frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gdit2-rsso-demo.onbmc.com/rsso/start
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Mon, 04 Dec 2023 14:51:15 GMT
Content-Security-Policy
script-src 'self' https://www.google.com https://www.gstatic.com https://cdn.whatfix.com https://whatfix.com; object-src 'none'; frame-ancestors 'self'
X-Content-Type-Options
nosniff
Last-Modified
Wed, 22 Sep 2021 00:25:22 GMT
Content-Encoding
gzip
ETag
W/"2879-1632270322000"
Transfer-Encoding
chunked
vary
accept-encoding
Content-Type
application/javascript
Cache-Control
public,max-age=7776000
Connection
keep-alive
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
Expires
Sun, 03 Mar 2024 14:51:15 GMT
unfetch.js
gdit2-rsso-demo.onbmc.com/rsso/js/polyfill/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gdit2-rsso-demo.onbmc.com/rsso/js/polyfill/unfetch.js?v=20220427142057
Requested by
Host: gdit2-rsso-demo.onbmc.com
URL: https://gdit2-rsso-demo.onbmc.com/rsso/start
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.52.6.123 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
1973a04da446bf6e14e71b6c6599e7802fd1619355b55a44aa226aac7b286f39
Security Headers
Name Value
Content-Security-Policy script-src 'self' https://www.google.com https://www.gstatic.com https://cdn.whatfix.com https://whatfix.com; object-src 'none'; frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gdit2-rsso-demo.onbmc.com/rsso/start
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Mon, 04 Dec 2023 14:51:15 GMT
Content-Security-Policy
script-src 'self' https://www.google.com https://www.gstatic.com https://cdn.whatfix.com https://whatfix.com; object-src 'none'; frame-ancestors 'self'
X-Content-Type-Options
nosniff
Last-Modified
Wed, 22 Sep 2021 00:25:22 GMT
Content-Encoding
gzip
ETag
W/"1136-1632270322000"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public,max-age=7776000
Connection
keep-alive
X-XSS-Protection
1; mode=block
Expires
Sun, 03 Mar 2024 14:51:15 GMT
serialize.js
gdit2-rsso-demo.onbmc.com/rsso/js/app/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gdit2-rsso-demo.onbmc.com/rsso/js/app/serialize.js?v=20220427142057
Requested by
Host: gdit2-rsso-demo.onbmc.com
URL: https://gdit2-rsso-demo.onbmc.com/rsso/start
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.52.6.123 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
56c6251626b515b6e27a9f058cdfcc522934f311de53f71f39a089496a02208b
Security Headers
Name Value
Content-Security-Policy script-src 'self' https://www.google.com https://www.gstatic.com https://cdn.whatfix.com https://whatfix.com; object-src 'none'; frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gdit2-rsso-demo.onbmc.com/rsso/start
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Mon, 04 Dec 2023 14:51:15 GMT
Content-Security-Policy
script-src 'self' https://www.google.com https://www.gstatic.com https://cdn.whatfix.com https://whatfix.com; object-src 'none'; frame-ancestors 'self'
X-Content-Type-Options
nosniff
Last-Modified
Wed, 22 Sep 2021 00:25:22 GMT
Content-Encoding
gzip
ETag
W/"1207-1632270322000"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public,max-age=7776000
Connection
keep-alive
X-XSS-Protection
1; mode=block
Expires
Sun, 03 Mar 2024 14:51:15 GMT
app.js
gdit2-rsso-demo.onbmc.com/rsso/js/app/ 		550 B
1022 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gdit2-rsso-demo.onbmc.com/rsso/js/app/app.js?v=20220427142057
Requested by
Host: gdit2-rsso-demo.onbmc.com
URL: https://gdit2-rsso-demo.onbmc.com/rsso/start
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.52.6.123 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
2a2a5bbd0cdedd106b4b049bf1f98362a24e86e4eff69ee3de2ab12c9d409a89
Security Headers
Name Value
Content-Security-Policy script-src 'self' https://www.google.com https://www.gstatic.com https://cdn.whatfix.com https://whatfix.com; object-src 'none'; frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gdit2-rsso-demo.onbmc.com/rsso/start
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Mon, 04 Dec 2023 14:51:15 GMT
Content-Security-Policy
script-src 'self' https://www.google.com https://www.gstatic.com https://cdn.whatfix.com https://whatfix.com; object-src 'none'; frame-ancestors 'self'
X-Content-Type-Options
nosniff
Last-Modified
Wed, 22 Sep 2021 00:25:22 GMT
Content-Encoding
gzip
ETag
W/"550-1632270322000"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public,max-age=7776000
Connection
keep-alive
X-XSS-Protection
1; mode=block
Expires
Sun, 03 Mar 2024 14:51:15 GMT
change-password.js
gdit2-rsso-demo.onbmc.com/rsso/js/app/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gdit2-rsso-demo.onbmc.com/rsso/js/app/change-password.js?v=20220427142057
Requested by
Host: gdit2-rsso-demo.onbmc.com
URL: https://gdit2-rsso-demo.onbmc.com/rsso/start
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.52.6.123 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e5aae0bae993a8cf9725ffa20eb4cd1c14074550c9eae04921f4b2844d627816
Security Headers
Name Value
Content-Security-Policy script-src 'self' https://www.google.com https://www.gstatic.com https://cdn.whatfix.com https://whatfix.com; object-src 'none'; frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gdit2-rsso-demo.onbmc.com/rsso/start
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Mon, 04 Dec 2023 14:51:15 GMT
Content-Security-Policy
script-src 'self' https://www.google.com https://www.gstatic.com https://cdn.whatfix.com https://whatfix.com; object-src 'none'; frame-ancestors 'self'
X-Content-Type-Options
nosniff
Last-Modified
Wed, 22 Sep 2021 00:25:22 GMT
Content-Encoding
gzip
ETag
W/"13700-1632270322000"
Transfer-Encoding
chunked
vary
accept-encoding
Content-Type
application/javascript
Cache-Control
public,max-age=7776000
Connection
keep-alive
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
Expires
Sun, 03 Mar 2024 14:51:15 GMT
bmc_logo_header.svg
gdit2-rsso-demo.onbmc.com/rsso/img/bmc/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gdit2-rsso-demo.onbmc.com/rsso/img/bmc/bmc_logo_header.svg
Requested by
Host: gdit2-rsso-demo.onbmc.com
URL: https://gdit2-rsso-demo.onbmc.com/rsso/css/rsso-login.css?v=20220427142057
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.52.6.123 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
0b8cba77adb5ec7e838ec831fd69dcc308e7739a12a287b248b78ca0226415e5
Security Headers
Name Value
Content-Security-Policy script-src 'self' https://www.google.com https://www.gstatic.com https://cdn.whatfix.com https://whatfix.com; object-src 'none'; frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gdit2-rsso-demo.onbmc.com/rsso/css/rsso-login.css?v=20220427142057
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Mon, 04 Dec 2023 14:51:15 GMT
Content-Security-Policy
script-src 'self' https://www.google.com https://www.gstatic.com https://cdn.whatfix.com https://whatfix.com; object-src 'none'; frame-ancestors 'self'
X-Content-Type-Options
nosniff
Last-Modified
Wed, 22 Sep 2021 00:25:22 GMT
Content-Encoding
gzip
ETag
W/"2855-1632270322000"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
public,max-age=7776000
Connection
keep-alive
X-XSS-Protection
1; mode=block
Expires
Sun, 03 Mar 2024 14:51:15 GMT
HelveticaNeueLTW1G-Roman.woff
gdit2-rsso-demo.onbmc.com/rsso/fonts/Helvetica/ 		62 KB
63 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gdit2-rsso-demo.onbmc.com/rsso/fonts/Helvetica/HelveticaNeueLTW1G-Roman.woff
Requested by
Host: gdit2-rsso-demo.onbmc.com
URL: https://gdit2-rsso-demo.onbmc.com/rsso/css/rsso-login.css?v=20220427142057
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.52.6.123 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
a323ddc6daaebb5cdd54e7b6aa79ae465557d4d4f9619bf442a73b4e338112c4
Security Headers
Name Value
Content-Security-Policy script-src 'self' https://www.google.com https://www.gstatic.com https://cdn.whatfix.com https://whatfix.com; object-src 'none'; frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gdit2-rsso-demo.onbmc.com/rsso/css/rsso-login.css?v=20220427142057
Origin
https://gdit2-rsso-demo.onbmc.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Mon, 04 Dec 2023 14:51:15 GMT
Content-Security-Policy
script-src 'self' https://www.google.com https://www.gstatic.com https://cdn.whatfix.com https://whatfix.com; object-src 'none'; frame-ancestors 'self'
X-Content-Type-Options
nosniff
Last-Modified
Wed, 22 Sep 2021 00:25:22 GMT
ETag
W/"63723-1632270322000"
Content-Type
font/woff
Cache-Control
public,max-age=7776000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
63723
X-XSS-Protection
1; mode=block
Expires
Sun, 03 Mar 2024 14:51:15 GMT
footer-logo.svg
gdit2-rsso-demo.onbmc.com/rsso/img/login/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gdit2-rsso-demo.onbmc.com/rsso/img/login/footer-logo.svg
Requested by
Host: gdit2-rsso-demo.onbmc.com
URL: https://gdit2-rsso-demo.onbmc.com/rsso/css/rsso-login.css?v=20220427142057
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.52.6.123 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
73c1235900a1f7d6e0e2f13d71ead74184fee53de0fd5a5585d7c24be35fc861
Security Headers
Name Value
Content-Security-Policy script-src 'self' https://www.google.com https://www.gstatic.com https://cdn.whatfix.com https://whatfix.com; object-src 'none'; frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gdit2-rsso-demo.onbmc.com/rsso/css/rsso-login.css?v=20220427142057
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Mon, 04 Dec 2023 14:51:15 GMT
Content-Security-Policy
script-src 'self' https://www.google.com https://www.gstatic.com https://cdn.whatfix.com https://whatfix.com; object-src 'none'; frame-ancestors 'self'
X-Content-Type-Options
nosniff
Last-Modified
Wed, 22 Sep 2021 00:25:22 GMT
Content-Encoding
gzip
ETag
W/"2846-1632270322000"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
public,max-age=7776000
Connection
keep-alive
X-XSS-Protection
1; mode=block
Expires
Sun, 03 Mar 2024 14:51:15 GMT
HelveticaNeueLTW1G-Lt.woff
gdit2-rsso-demo.onbmc.com/rsso/fonts/Helvetica/ 		60 KB
61 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gdit2-rsso-demo.onbmc.com/rsso/fonts/Helvetica/HelveticaNeueLTW1G-Lt.woff
Requested by
Host: gdit2-rsso-demo.onbmc.com
URL: https://gdit2-rsso-demo.onbmc.com/rsso/css/rsso-login.css?v=20220427142057
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.52.6.123 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
a441375f5abb54cf13950b29794ff3ae08e9357d86be0c8c937af865373cfe0b
Security Headers
Name Value
Content-Security-Policy script-src 'self' https://www.google.com https://www.gstatic.com https://cdn.whatfix.com https://whatfix.com; object-src 'none'; frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gdit2-rsso-demo.onbmc.com/rsso/css/rsso-login.css?v=20220427142057
Origin
https://gdit2-rsso-demo.onbmc.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Mon, 04 Dec 2023 14:51:15 GMT
Content-Security-Policy
script-src 'self' https://www.google.com https://www.gstatic.com https://cdn.whatfix.com https://whatfix.com; object-src 'none'; frame-ancestors 'self'
X-Content-Type-Options
nosniff
Last-Modified
Wed, 22 Sep 2021 00:25:22 GMT
ETag
W/"61740-1632270322000"
Content-Type
font/woff
Cache-Control
public,max-age=7776000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
61740
X-XSS-Protection
1; mode=block
Expires
Sun, 03 Mar 2024 14:51:15 GMT
DPL_Iconfont_v.0.0.2.woff
gdit2-rsso-demo.onbmc.com/rsso/fonts/ 		42 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gdit2-rsso-demo.onbmc.com/rsso/fonts/DPL_Iconfont_v.0.0.2.woff
Requested by
Host: gdit2-rsso-demo.onbmc.com
URL: https://gdit2-rsso-demo.onbmc.com/rsso/css/rsso-login.css?v=20220427142057
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.52.6.123 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
94bf00933675f7019193999eca35ce0a216d27e0b196f3ef27ea8c32a7cee173
Security Headers
Name Value
Content-Security-Policy script-src 'self' https://www.google.com https://www.gstatic.com https://cdn.whatfix.com https://whatfix.com; object-src 'none'; frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gdit2-rsso-demo.onbmc.com/rsso/css/rsso-login.css?v=20220427142057
Origin
https://gdit2-rsso-demo.onbmc.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Mon, 04 Dec 2023 14:51:15 GMT
Content-Security-Policy
script-src 'self' https://www.google.com https://www.gstatic.com https://cdn.whatfix.com https://whatfix.com; object-src 'none'; frame-ancestors 'self'
X-Content-Type-Options
nosniff
Last-Modified
Wed, 22 Sep 2021 00:25:22 GMT
ETag
W/"42768-1632270322000"
Content-Type
font/woff
Cache-Control
public,max-age=7776000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
42768
X-XSS-Protection
1; mode=block
Expires
Sun, 03 Mar 2024 14:51:15 GMT
login-cover-4.jpg
gdit2-rsso-demo.onbmc.com/rsso/img/login/backgrounds/ 		218 KB
219 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gdit2-rsso-demo.onbmc.com/rsso/img/login/backgrounds/login-cover-4.jpg
Requested by
Host: gdit2-rsso-demo.onbmc.com
URL: https://gdit2-rsso-demo.onbmc.com/rsso/start
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.52.6.123 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
a8ee2b9d3a4998fbb055fba374c2ce9c7dbcc33a0e14b5afcdb6e583186842ea
Security Headers
Name Value
Content-Security-Policy script-src 'self' https://www.google.com https://www.gstatic.com https://cdn.whatfix.com https://whatfix.com; object-src 'none'; frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gdit2-rsso-demo.onbmc.com/rsso/start
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Mon, 04 Dec 2023 14:51:15 GMT
Content-Security-Policy
script-src 'self' https://www.google.com https://www.gstatic.com https://cdn.whatfix.com https://whatfix.com; object-src 'none'; frame-ancestors 'self'
X-Content-Type-Options
nosniff
Last-Modified
Wed, 22 Sep 2021 00:25:22 GMT
ETag
W/"223300-1632270322000"
Content-Type
image/jpeg
Cache-Control
public,max-age=7776000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
223300
X-XSS-Protection
1; mode=block
Expires
Sun, 03 Mar 2024 14:51:15 GMT

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| onClick function| unfetch function| serialize function| backgroundChange object| pathNameArray boolean| redirectedFromUrl string| rssoBaseUrl string| changePasswordRESTEndpoint string| forgotPasswordRESTEndpoint string| passwordChangeErrorText object| loginForm object| usernameField object| passwordField object| confirmPasswordField object| newPassField object| loginButton object| changePasswordAndLoginButton object| forgotPasswordConfirmButton object| changePwdBackButton object| changePasswordButton object| showChangePwdFormButton object| showForgotPwdFormButton object| serverErrorMessageContainer object| serverSuccessMessageContainer object| extendedBrandingContainer object| loginUsernameInput object| loginPasswordInput object| changePasswordInput object| changePasswordShowButton boolean| changePasswordFormActive boolean| forgotPasswordFormActive function| doLogin function| showServerErrorInForm function| getAppPath function| buildMessage function| showServerErrorMessage function| showServerSuccessMessage function| showServerMessage function| emptyDomNode function| requirePasswordChange function| changePassword function| showChangePasswordForm function| showForgotPasswordForm function| cancel function| checkStatus function| parseResponse function| doRegister function| requestForgotPassword function| doResetPassword

4 Cookies

Domain/Path Name / Value
gdit2-rsso-demo.onbmc.com/rsso Name: route
Value: 1701701476.161.103279.515981
gdit2-demo-dwpcatalog.onbmc.com/ Name: route
Value: 1701701475.801.48691.269038
gdit2-demo-dwpcatalog.onbmc.com/ Name: onbmc_pool
Value: !PHHLBfVIQd5f5oIyj6MhDh3vM3mAVen3LZMwfvMny62kY+RU+B8M2+efYon9NmERRVjfLhi043aez6s=
gdit2-rsso-demo.onbmc.com/ Name: onbmc_pool
Value: !WfW7RK6qob7JJMkyj6MhDh3vM3mAVUWg+Kj+8XF1KSfot6Q+xBLUIqrCoMovSEkJSHb3Z1W2IswfnJM=

2 Console Messages

Source Level URL
Text
network error URL: https://gdit2-demo-dwpcatalog.onbmc.com/dwpc/index.html
Message:
Failed to load resource: the server responded with a status of 401 (Unauthorized)
security error URL: https://gdit2-demo-dwpcatalog.onbmc.com/dwpc/index.html
Message:
Ignoring duplicate Content-Security-Policy directive 'frame-ancestors'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'; frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block