urlscan.io logo urlscan.io
SecurityTrails logo

mocoreapptest.b2clogin.com Open in urlscan Pro
20.190.160.67  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://client.ci.hazards.sesar.metoffice.cloud/
Effective URL: https://mocoreapptest.b2clogin.com/mocoreapptest.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1a_sheffield_susi&client_id=46624e97-a...
Submission: On January 10 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 14 HTTP transactions. The main IP is 20.190.160.67, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is mocoreapptest.b2clogin.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on December 18th 2021. Valid for: a year.
This is the only time mocoreapptest.b2clogin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2600:9000:225... 16509 (AMAZON-02)
2 20.190.160.67 8075 (MICROSOFT...)
12 2600:9000:236... 16509 (AMAZON-02)
14 2
Domain Requested by
12 d1ingjw8i262lb.cloudfront.net mocoreapptest.b2clogin.com
d1ingjw8i262lb.cloudfront.net
2 mocoreapptest.b2clogin.com mocoreapptest.b2clogin.com
1 client.ci.hazards.sesar.metoffice.cloud 1 redirects
14 3

This site contains no links.

Subject Issuer Validity Valid
graph.windows.net
DigiCert SHA2 Secure Server CA		 2021-12-18 -
2022-12-18		 a year crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh

This page contains 1 frames:

Primary Page: https://mocoreapptest.b2clogin.com/mocoreapptest.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1a_sheffield_susi&client_id=46624e97-a87c-4a9a-9a00-5c070bbe95b8&response_type=code&response_mode=query&scope=openid%20offline_access&redirect_uri=https%3A%2F%2Fclient.ci.hazards.sesar.metoffice.cloud%2F_callback&nonce=164180507677300&state=%2F
Frame ID: 93CC84ECCAA4BCF140FD4B7745A9ED99
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Log in - Met Office Services

Page URL History Show full URLs

  1. https://client.ci.hazards.sesar.metoffice.cloud/ HTTP 302
    https://mocoreapptest.b2clogin.com/mocoreapptest.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1a_sheffield_susi&... Page URL

Page Statistics

14
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

444 kB
Transfer

561 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://client.ci.hazards.sesar.metoffice.cloud/ HTTP 302
    https://mocoreapptest.b2clogin.com/mocoreapptest.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1a_sheffield_susi&client_id=46624e97-a87c-4a9a-9a00-5c070bbe95b8&response_type=code&response_mode=query&scope=openid%20offline_access&redirect_uri=https%3A%2F%2Fclient.ci.hazards.sesar.metoffice.cloud%2F_callback&nonce=164180507677300&state=%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request authorize
mocoreapptest.b2clogin.com/mocoreapptest.onmicrosoft.com/oauth2/v2.0/
Redirect Chain
  • https://client.ci.hazards.sesar.metoffice.cloud/
  • https://mocoreapptest.b2clogin.com/mocoreapptest.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1a_sheffield_susi&client_id=46624e97-a87c-4a9a-9a00-5c070bbe95b8&response_type=code&response_mode=query&...
153 KB
66 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mocoreapptest.b2clogin.com/mocoreapptest.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1a_sheffield_susi&client_id=46624e97-a87c-4a9a-9a00-5c070bbe95b8&response_type=code&response_mode=query&scope=openid%20offline_access&redirect_uri=https%3A%2F%2Fclient.ci.hazards.sesar.metoffice.cloud%2F_callback&nonce=164180507677300&state=%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.160.67 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
66fb3597b1c7898b00c2c8f16c0b5b2f11c891f4455f14ac5dd2cd55c2dbeefd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, must-revalidate, no-cache
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Expires
-1
Vary
Accept-Encoding
x-ms-gateway-requestid
8bdaf0d9-ea56-4913-9d14-5e7d68706f35
X-UA-Compatible
IE=edge
X-Request-ID
d5e8bde3-87f1-4f4f-980c-b26f0c39b04b
X-Build
1.0.2429.0
X-Frame-Options
DENY
Public
OPTIONS,TRACE,GET,HEAD,POST
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Allow
OPTIONS TRACE GET HEAD POST
Date
Mon, 10 Jan 2022 08:57:56 GMT
Content-Length
65099

Redirect headers

Content-Length
28
Connection
keep-alive
Server
CloudFront
Date
Mon, 10 Jan 2022 08:57:56 GMT
Location
https://mocoreapptest.b2clogin.com/mocoreapptest.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1a_sheffield_susi&client_id=46624e97-a87c-4a9a-9a00-5c070bbe95b8&response_type=code&response_mode=query&scope=openid%20offline_access&redirect_uri=https%3A%2F%2Fclient.ci.hazards.sesar.metoffice.cloud%2F_callback&nonce=164180507677300&state=%2F
X-Cache
LambdaGeneratedResponse from cloudfront
Via
1.1 816b7f4e336674d9d7828ef4700482e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P4
X-Amz-Cf-Id
FJ6uM_OvS0tjzqMRf_RMMgxWaUmW7POLYQEs_SYn6GYGB1ljja0jsA==
unified-sign-up-and-in.html
d1ingjw8i262lb.cloudfront.net/common/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d1ingjw8i262lb.cloudfront.net/common/unified-sign-up-and-in.html
Requested by
Host: mocoreapptest.b2clogin.com
URL: https://mocoreapptest.b2clogin.com/mocoreapptest.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1a_sheffield_susi&client_id=46624e97-a87c-4a9a-9a00-5c070bbe95b8&response_type=code&response_mode=query&scope=openid%20offline_access&redirect_uri=https%3A%2F%2Fclient.ci.hazards.sesar.metoffice.cloud%2F_callback&nonce=164180507677300&state=%2F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:e800:1a:36a7:27c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3705a8d239f0162be0cc0fb24d1559e6b7416bde74d4e946403449b696e70697

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mocoreapptest.b2clogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 08:57:58 GMT
Content-Encoding
br
X-Amz-Cf-Pop
FRA60-P1
Transfer-Encoding
chunked
X-Cache
RefreshHit from cloudfront
Connection
keep-alive
Access-Control-Allow-Origin
https://mocoreapptest.b2clogin.com
Last-Modified
Fri, 27 Aug 2021 08:25:41 GMT
Server
AmazonS3
ETag
W/"ef636778fc637df3e0c589a19f1e0aae"
Access-Control-Allow-Methods
GET, HEAD
Content-Type
text/html
Via
1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront)
Cache-Control
max-age=600
Access-Control-Allow-Credentials
true
X-Amz-Cf-Id
-8tI3G4SF03RdgHXxEBcctln4dll764JKkffFDqa_llB9LJAsX4clA==
shared-functions.js
d1ingjw8i262lb.cloudfront.net/common/js/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d1ingjw8i262lb.cloudfront.net/common/js/shared-functions.js
Requested by
Host: mocoreapptest.b2clogin.com
URL: https://mocoreapptest.b2clogin.com/mocoreapptest.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1a_sheffield_susi&client_id=46624e97-a87c-4a9a-9a00-5c070bbe95b8&response_type=code&response_mode=query&scope=openid%20offline_access&redirect_uri=https%3A%2F%2Fclient.ci.hazards.sesar.metoffice.cloud%2F_callback&nonce=164180507677300&state=%2F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:e800:1a:36a7:27c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a3d3e86867c607e6e20ab9dd2b4723d029b7f7f4d045ac0582d4dcaebfdf1d4f

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://mocoreapptest.b2clogin.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 08:57:58 GMT
Content-Encoding
br
X-Amz-Cf-Pop
FRA60-P1
Transfer-Encoding
chunked
X-Cache
RefreshHit from cloudfront
Connection
keep-alive
Access-Control-Allow-Origin
https://mocoreapptest.b2clogin.com
Last-Modified
Fri, 27 Aug 2021 08:25:45 GMT
Server
AmazonS3
ETag
W/"5b2c7edf69b6a93bfb83ed3914740b62"
Access-Control-Allow-Methods
GET, HEAD
Content-Type
application/javascript
Via
1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront)
Cache-Control
max-age=600
Access-Control-Allow-Credentials
true
X-Amz-Cf-Id
7wi4SNVWyXSTH86K5wu0QqtBtH0cdG4omgDTOTvEnV8wyD6M6zt7rw==
mo-logo.png
d1ingjw8i262lb.cloudfront.net/common/img/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ingjw8i262lb.cloudfront.net/common/img/mo-logo.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:e800:1a:36a7:27c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
10016fc9f86d623a272759e711249408582034aaf8eafe1ad42a22522b495df9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mocoreapptest.b2clogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 08:57:58 GMT
Via
1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P1
X-Cache
RefreshHit from cloudfront
Connection
keep-alive
Content-Length
5573
Last-Modified
Fri, 27 Aug 2021 08:25:42 GMT
Server
AmazonS3
ETag
"c2e3e1e8322fd0d14e7c50b495961260"
Access-Control-Allow-Methods
GET, HEAD
Content-Type
image/png
Access-Control-Allow-Origin
https://mocoreapptest.b2clogin.com
Cache-Control
max-age=600
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
X-Amz-Cf-Id
XXVWQ4FuHY8RhwVozNikb-IZpXd1S9gKqO74cAKcE7mfiwvDE6ruSw==
default-common.min.css
d1ingjw8i262lb.cloudfront.net/default/css/ 		15 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1ingjw8i262lb.cloudfront.net/default/css/default-common.min.css
Requested by
Host: mocoreapptest.b2clogin.com
URL: https://mocoreapptest.b2clogin.com/mocoreapptest.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1a_sheffield_susi&client_id=46624e97-a87c-4a9a-9a00-5c070bbe95b8&response_type=code&response_mode=query&scope=openid%20offline_access&redirect_uri=https%3A%2F%2Fclient.ci.hazards.sesar.metoffice.cloud%2F_callback&nonce=164180507677300&state=%2F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:e800:1a:36a7:27c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e0ec9934847f6588bc92463e27696ac44e14c93e7f29ad50c405cb175d389b8

Request headers

Referer
https://mocoreapptest.b2clogin.com/
Origin
https://mocoreapptest.b2clogin.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 08:57:58 GMT
Content-Encoding
br
X-Amz-Cf-Pop
FRA60-P1
Transfer-Encoding
chunked
X-Cache
RefreshHit from cloudfront
Connection
keep-alive
Access-Control-Allow-Origin
https://mocoreapptest.b2clogin.com
Last-Modified
Fri, 27 Aug 2021 08:25:40 GMT
Server
AmazonS3
ETag
W/"47c68afe876c47dd5a637cb5ed9fc1f7"
Access-Control-Allow-Methods
GET, HEAD
Content-Type
text/css
Via
1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront)
Cache-Control
max-age=600
Access-Control-Allow-Credentials
true
X-Amz-Cf-Id
XNo6D548iNSzl5WROxt3zdwSZgyHzdJakbwkJce0ptIjJ1oiBXdy2Q==
default-unified-susi.min.css
d1ingjw8i262lb.cloudfront.net/default/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1ingjw8i262lb.cloudfront.net/default/css/default-unified-susi.min.css
Requested by
Host: mocoreapptest.b2clogin.com
URL: https://mocoreapptest.b2clogin.com/mocoreapptest.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1a_sheffield_susi&client_id=46624e97-a87c-4a9a-9a00-5c070bbe95b8&response_type=code&response_mode=query&scope=openid%20offline_access&redirect_uri=https%3A%2F%2Fclient.ci.hazards.sesar.metoffice.cloud%2F_callback&nonce=164180507677300&state=%2F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:e800:1a:36a7:27c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e534af253d238472490f2476ab8a89c44b2721f2bd9773a0ced9bcf476572aa

Request headers

Referer
https://mocoreapptest.b2clogin.com/
Origin
https://mocoreapptest.b2clogin.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 08:57:58 GMT
Content-Encoding
br
X-Amz-Cf-Pop
FRA60-P1
Transfer-Encoding
chunked
X-Cache
RefreshHit from cloudfront
Connection
keep-alive
Access-Control-Allow-Origin
https://mocoreapptest.b2clogin.com
Last-Modified
Fri, 27 Aug 2021 08:25:39 GMT
Server
AmazonS3
ETag
W/"27ab65233b6dcb096baf622b7c0a1c31"
Access-Control-Allow-Methods
GET, HEAD
Content-Type
text/css
Via
1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront)
Cache-Control
max-age=600
Access-Control-Allow-Credentials
true
X-Amz-Cf-Id
DozZuExrMFXjdYJH-8BD3pwaGNws_CW_x8_yQe6ST6gtkDt6JJNOUg==
styles.css
d1ingjw8i262lb.cloudfront.net/common/css/ 		8 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1ingjw8i262lb.cloudfront.net/common/css/styles.css
Requested by
Host: mocoreapptest.b2clogin.com
URL: https://mocoreapptest.b2clogin.com/mocoreapptest.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1a_sheffield_susi&client_id=46624e97-a87c-4a9a-9a00-5c070bbe95b8&response_type=code&response_mode=query&scope=openid%20offline_access&redirect_uri=https%3A%2F%2Fclient.ci.hazards.sesar.metoffice.cloud%2F_callback&nonce=164180507677300&state=%2F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:e800:1a:36a7:27c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
17c72e6bd204d18ef3e080292c5231d37811049afbb329ebf9bd5d7472720248

Request headers

Referer
https://mocoreapptest.b2clogin.com/
Origin
https://mocoreapptest.b2clogin.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 08:57:58 GMT
Content-Encoding
br
X-Amz-Cf-Pop
FRA60-P1
Transfer-Encoding
chunked
X-Cache
RefreshHit from cloudfront
Connection
keep-alive
Access-Control-Allow-Origin
https://mocoreapptest.b2clogin.com
Last-Modified
Fri, 27 Aug 2021 09:47:34 GMT
Server
AmazonS3
ETag
W/"e0f6b50bbf368a9916bc1eaa361a10a8"
Access-Control-Allow-Methods
GET, HEAD
Content-Type
text/css
Via
1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront)
Cache-Control
max-age=600
Access-Control-Allow-Credentials
true
X-Amz-Cf-Id
me_Vzjk53PiapZb5RYxvsZM5gt4itxmGkY6w93gNMBPlanIwxSGr8w==
login.js
d1ingjw8i262lb.cloudfront.net/common/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1ingjw8i262lb.cloudfront.net/common/js/login.js
Requested by
Host: mocoreapptest.b2clogin.com
URL: https://mocoreapptest.b2clogin.com/mocoreapptest.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1a_sheffield_susi&client_id=46624e97-a87c-4a9a-9a00-5c070bbe95b8&response_type=code&response_mode=query&scope=openid%20offline_access&redirect_uri=https%3A%2F%2Fclient.ci.hazards.sesar.metoffice.cloud%2F_callback&nonce=164180507677300&state=%2F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:e800:1a:36a7:27c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0d8c7d4cb29e0e47384aa167693551072fc47f67cb5d58387b6ec829256f990e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mocoreapptest.b2clogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 08:57:58 GMT
Content-Encoding
br
X-Amz-Cf-Pop
FRA60-P1
Transfer-Encoding
chunked
X-Cache
RefreshHit from cloudfront
Connection
keep-alive
Access-Control-Allow-Origin
https://mocoreapptest.b2clogin.com
Last-Modified
Fri, 27 Aug 2021 08:25:43 GMT
Server
AmazonS3
ETag
W/"d6d48efb9067e9602fd4280f3ea4807a"
Access-Control-Allow-Methods
GET, HEAD
Content-Type
application/javascript
Via
1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront)
Cache-Control
max-age=600
Access-Control-Allow-Credentials
true
X-Amz-Cf-Id
qmGgs8PwRJcIgJVGXIxYXPcIDXX6c9dx0Zsg1EwO_mY6Uvr6gPSTvA==
scripts.js
d1ingjw8i262lb.cloudfront.net/common/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1ingjw8i262lb.cloudfront.net/common/js/scripts.js
Requested by
Host: mocoreapptest.b2clogin.com
URL: https://mocoreapptest.b2clogin.com/mocoreapptest.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1a_sheffield_susi&client_id=46624e97-a87c-4a9a-9a00-5c070bbe95b8&response_type=code&response_mode=query&scope=openid%20offline_access&redirect_uri=https%3A%2F%2Fclient.ci.hazards.sesar.metoffice.cloud%2F_callback&nonce=164180507677300&state=%2F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:e800:1a:36a7:27c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4487383c1af468f3cfee05b6351ee733c3be80995aedc2f61ce784251968d99e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mocoreapptest.b2clogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 08:57:58 GMT
Content-Encoding
br
X-Amz-Cf-Pop
FRA60-P1
Transfer-Encoding
chunked
X-Cache
RefreshHit from cloudfront
Connection
keep-alive
Access-Control-Allow-Origin
https://mocoreapptest.b2clogin.com
Last-Modified
Fri, 27 Aug 2021 08:25:45 GMT
Server
AmazonS3
ETag
W/"9c0114c5e0c1a96e78ce881fb847d471"
Access-Control-Allow-Methods
GET, HEAD
Content-Type
application/javascript
Via
1.1 fd4a8fa7c304171992e7f22fc8894904.cloudfront.net (CloudFront)
Cache-Control
max-age=600
Access-Control-Allow-Credentials
true
X-Amz-Cf-Id
HMVo1-BF8oDCeeC8bePNCGvXWggM36S-xAeMhXnJYuCpFJwtzjxIKA==
mo-logo.png
d1ingjw8i262lb.cloudfront.net/common/img/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ingjw8i262lb.cloudfront.net/common/img/mo-logo.png
Requested by
Host: mocoreapptest.b2clogin.com
URL: https://mocoreapptest.b2clogin.com/mocoreapptest.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1a_sheffield_susi&client_id=46624e97-a87c-4a9a-9a00-5c070bbe95b8&response_type=code&response_mode=query&scope=openid%20offline_access&redirect_uri=https%3A%2F%2Fclient.ci.hazards.sesar.metoffice.cloud%2F_callback&nonce=164180507677300&state=%2F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:e800:1a:36a7:27c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
10016fc9f86d623a272759e711249408582034aaf8eafe1ad42a22522b495df9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mocoreapptest.b2clogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 08:57:58 GMT
Via
1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P1
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
5573
Last-Modified
Fri, 27 Aug 2021 08:25:42 GMT
Server
AmazonS3
ETag
"c2e3e1e8322fd0d14e7c50b495961260"
Access-Control-Allow-Methods
GET, HEAD
Content-Type
image/png
Access-Control-Allow-Origin
https://mocoreapptest.b2clogin.com
Cache-Control
max-age=600
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
X-Amz-Cf-Id
mFs8qP1yjbvgpy4yD1Hdxziy9b9z2CtGPHx3WjotSxDaAtkPqRR23w==
show-form.js
d1ingjw8i262lb.cloudfront.net/common/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1ingjw8i262lb.cloudfront.net/common/js/show-form.js
Requested by
Host: mocoreapptest.b2clogin.com
URL: https://mocoreapptest.b2clogin.com/mocoreapptest.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1a_sheffield_susi&client_id=46624e97-a87c-4a9a-9a00-5c070bbe95b8&response_type=code&response_mode=query&scope=openid%20offline_access&redirect_uri=https%3A%2F%2Fclient.ci.hazards.sesar.metoffice.cloud%2F_callback&nonce=164180507677300&state=%2F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:e800:1a:36a7:27c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
073bea268424a0061ad3bddf26650a80b02f6a4e489e67074134be803712f5c1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mocoreapptest.b2clogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 08:57:58 GMT
Content-Encoding
br
X-Amz-Cf-Pop
FRA60-P1
Transfer-Encoding
chunked
X-Cache
RefreshHit from cloudfront
Connection
keep-alive
Access-Control-Allow-Origin
https://mocoreapptest.b2clogin.com
Last-Modified
Fri, 27 Aug 2021 08:25:46 GMT
Server
AmazonS3
ETag
W/"8ac97a125e2e957bf7c3cd68d09005e1"
Access-Control-Allow-Methods
GET, HEAD
Content-Type
application/javascript
Via
1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront)
Cache-Control
max-age=600
Access-Control-Allow-Credentials
true
X-Amz-Cf-Id
jAw1PyPzigECoJcyJxEP91nY7d7_VAnMZ1ssIM2XXghnJZzBCl14DA==
perftrace
mocoreapptest.b2clogin.com/mocoreapptest.onmicrosoft.com/B2C_1A_sheffield_susi/client/ 		0
447 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mocoreapptest.b2clogin.com/mocoreapptest.onmicrosoft.com/B2C_1A_sheffield_susi/client/perftrace?tx=StateProperties=eyJUSUQiOiJkNWU4YmRlMy04N2YxLTRmNGYtOTgwYy1iMjZmMGMzOWIwNGIifQ&p=B2C_1A_sheffield_susi
Requested by
Host: mocoreapptest.b2clogin.com
URL: https://mocoreapptest.b2clogin.com/mocoreapptest.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1a_sheffield_susi&client_id=46624e97-a87c-4a9a-9a00-5c070bbe95b8&response_type=code&response_mode=query&scope=openid%20offline_access&redirect_uri=https%3A%2F%2Fclient.ci.hazards.sesar.metoffice.cloud%2F_callback&nonce=164180507677300&state=%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.160.67 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://mocoreapptest.b2clogin.com/mocoreapptest.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1a_sheffield_susi&client_id=46624e97-a87c-4a9a-9a00-5c070bbe95b8&response_type=code&response_mode=query&scope=openid%20offline_access&redirect_uri=https%3A%2F%2Fclient.ci.hazards.sesar.metoffice.cloud%2F_callback&nonce=164180507677300&state=%2F
X-CSRF-TOKEN
ZVcwYVVSc1JHYWcvaGZ5VHlzNFozU1JDcTJzSXpleXo5K1JnMEY0MnJmbCtHa0dveWVMWFZOOUdQR2pRZDFuTE1aYUdKeE1SamxnQWowdVdNd2M3bGc9PTsyMDIyLTAxLTEwVDA4OjU3OjU2Ljk2MDE0ODhaO3lJc0lyS3NtNERxcHFsSUovWWpvT2c9PTt7Ik9yY2hlc3RyYXRpb25TdGVwIjozfQ==
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Date
Mon, 10 Jan 2022 08:57:56 GMT
x-ms-gateway-requestid
08df50b2-1012-486a-9edb-662fb9caf613
X-Frame-Options
DENY
Public
OPTIONS,TRACE,GET,HEAD,POST
Cache-Control
no-store, must-revalidate, no-cache
Allow
OPTIONS, TRACE, GET, HEAD, POST
Content-Length
0
X-XSS-Protection
1; mode=block
met_office_background_image.jpg
d1ingjw8i262lb.cloudfront.net/common/img/ 		285 KB
285 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ingjw8i262lb.cloudfront.net/common/img/met_office_background_image.jpg
Requested by
Host: d1ingjw8i262lb.cloudfront.net
URL: https://d1ingjw8i262lb.cloudfront.net/common/css/styles.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:e800:1a:36a7:27c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
103a256bd691e38d1ac4022009890b9f9b7ef9524112d334fb57c3e35b9740b4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d1ingjw8i262lb.cloudfront.net/common/css/styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 08:57:58 GMT
Via
1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P1
X-Cache
RefreshHit from cloudfront
Connection
keep-alive
Content-Length
291475
Last-Modified
Fri, 27 Aug 2021 08:25:43 GMT
Server
AmazonS3
ETag
"24c3f69a526bc1d9fd69d2d733f9d25a"
Access-Control-Allow-Methods
GET, HEAD
Content-Type
image/jpeg
Access-Control-Allow-Origin
https://mocoreapptest.b2clogin.com
Cache-Control
max-age=600
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
X-Amz-Cf-Id
fdVk03NKx6XcOt9KFOawYFU8ZHYWLXZnYnHAGrPE5n24lG9-oJhcnQ==
FSEmericWeb-Regular.woff
d1ingjw8i262lb.cloudfront.net/common/fonts/ 		74 KB
61 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d1ingjw8i262lb.cloudfront.net/common/fonts/FSEmericWeb-Regular.woff
Requested by
Host: d1ingjw8i262lb.cloudfront.net
URL: https://d1ingjw8i262lb.cloudfront.net/common/css/styles.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:e800:1a:36a7:27c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
85fd2cefc729d87c9007ed1296e685ce89f70b6e9864c8a6e432c4e23a98d5e8

Request headers

Referer
https://d1ingjw8i262lb.cloudfront.net/common/css/styles.css
Origin
https://mocoreapptest.b2clogin.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 08:57:58 GMT
Content-Encoding
br
X-Amz-Cf-Pop
FRA60-P1
Transfer-Encoding
chunked
X-Cache
RefreshHit from cloudfront
Connection
keep-alive
Access-Control-Allow-Origin
https://mocoreapptest.b2clogin.com
Last-Modified
Fri, 27 Aug 2021 08:25:47 GMT
Server
AmazonS3
ETag
W/"098e16a2ce133cfaad419593a6367f3d"
Access-Control-Allow-Methods
GET, HEAD
Content-Type
text/plain
Via
1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront)
Cache-Control
max-age=600
Access-Control-Allow-Credentials
true
X-Amz-Cf-Id
m7enRa7rb-bmmwjdim7Ue1_BWyX68N9CtjZIr8sdSSFHP69Hfwj6-Q==

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onsecuritypolicyviolation object| onslotchange object| CP object| SA_FIELDS object| CONTENT object| SETTINGS string| staticHost string| targetSlice string| targetDc number| initializationTimeout boolean| diagsAlways number| maxTrace function| PageLoadTime function| _isFunction function| _mapObject function| _getPerformanceObjectData function| $trace object| $diags object| $santizer object| preloadCssLink object| $i2e object| $predicateValidation object| $element function| checkCssPreloaded function| preloadJavaScript object| $cors function| applyTenantBranding function| sendPageLoadTime function| $ function| jQuery boolean| pageReady object| Handlebars boolean| contentReady function| setPwShowHideButtons function| setCopyrightYear function| showForm function| parseUriParams function| checkTokenIssuer function| decodeToken function| setForgottenPasswordLink function| setCreateNewAccountText function| setLogonLinkText function| loginAsMetOfficeStaff function| hideLocalAccountLogInElements function| showLocalAccountLogInElements function| addCollectEmailLink function| isMetOfficeDomain function| addFederatedSignInLogic function| afterPageLoaded function| waitForPageToFinishLoading

3 Cookies

Domain/Path Name / Value
.mocoreapptest.b2clogin.com/ Name: x-ms-cpim-csrf
Value: ZVcwYVVSc1JHYWcvaGZ5VHlzNFozU1JDcTJzSXpleXo5K1JnMEY0MnJmbCtHa0dveWVMWFZOOUdQR2pRZDFuTE1aYUdKeE1SamxnQWowdVdNd2M3bGc9PTsyMDIyLTAxLTEwVDA4OjU3OjU2Ljk2MDE0ODhaO3lJc0lyS3NtNERxcHFsSUovWWpvT2c9PTt7Ik9yY2hlc3RyYXRpb25TdGVwIjozfQ==
.mocoreapptest.b2clogin.com/ Name: x-ms-cpim-cache|473o1fght0-ydljvddmwsw_0
Value: m1.3PkBw64W/LBE4zP5.dz+Em/gvNFGp11JDDc1WnQ==.0.zEdkgqt34diAlxun2wvcrT5IK0/uhw1C/PV0Ya4Fk/806Idi+EUS3ijJmCyscdai4AXw7t0PD/h6Baz94hF3FdBh86Z9DORKd0vDAotvhjB1tN5Xi7oggiDjS5WNm56stODq1Aw7o+3VoMDc3zze2SZSQm5150jJDfXKezs+zQWM1RNrxS+kpIhUvpzsukwK4O2UcZTfVUYaii0QUUhrh7pQjBrb9/v8XlooEs2/jIsOFdr2qrnyrW81PlSWTk82GGTQaK8rJC3WTJIAu+GBEB3lifhNlXkWb+n0+XzuBwTbAC+ZD6OeBZeXuTO3FXbcbLb2X0xkwU2m2BhqkrXfXNG5so9LnE9NS9FT0E9xDHknuXx6UU6kjLxFgAMZPfi3DFvaTGOqT2GsyAdJpB3sQTFSVQxiH5LeXHJ+La/uAI1Sr9fYd+2Pq3hTsVOXc2rVaqBQEywiD88MQiMIQ5ybqb1ThWS/AYhZLcFYXRNIaLGfctsu+euOG8ukoff53nlLd2yOIfywJXvFz2NXiXCKHjatcY9N5hU78cleq8WvghsAN5Nu8PceCIf3FCqlKNbwhQ2ZBrslXhRADuX/cpTRB5X47EBAy31KUJkhlcAUVUtM1s57eSH0gZtFTYf+zA9o125k0FGPSKsm2i4soCcyNQilK5+PuZqGFLwc
.mocoreapptest.b2clogin.com/ Name: x-ms-cpim-trans
Value: eyJUX0RJQyI6W3siSSI6ImQ1ZThiZGUzLTg3ZjEtNGY0Zi05ODBjLWIyNmYwYzM5YjA0YiIsIlQiOiJtb2NvcmVhcHB0ZXN0Lm9ubWljcm9zb2Z0LmNvbSIsIlAiOiJiMmNfMWFfc2hlZmZpZWxkX3N1c2kiLCJDIjoiNDY2MjRlOTctYTg3Yy00YTlhLTlhMDAtNWMwNzBiYmU5NWI4IiwiUyI6MSwiTSI6e30sIkQiOjB9XSwiQ19JRCI6ImQ1ZThiZGUzLTg3ZjEtNGY0Zi05ODBjLWIyNmYwYzM5YjA0YiJ9

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block