urlscan.io logo urlscan.io
SecurityTrails logo

loginuat.colesgroup.com.au Open in urlscan Pro
45.60.150.17  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://cstest.sf68.cloud.opentext.com/otcs/llisapi.dll?func=ll&objId=24190468&objAction=browse&viewType=1
Effective URL: https://loginuat.colesgroup.com.au/nidp/saml2/sso?sid=0&option=credential
Submission: On May 16 via manual from AU — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 21 HTTP transactions. The main IP is 45.60.150.17, located in United States and belongs to INCAPSULA, US. The main domain is loginuat.colesgroup.com.au.
TLS certificate: Issued by Thawte RSA CA 2018 on January 29th 2023. Valid for: a year.
This is the only time loginuat.colesgroup.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 142.75.27.107 23760 (XPEDITE-A...)
6 142.75.27.108 23760 (XPEDITE-A...)
1 4 23.52.147.208 16625 (AKAMAI-AS)
1 157.133.168.73 35039 (SAP_CC)
1 12 45.60.150.17 19551 (INCAPSULA)
21 4
1    142.75.27.107 (Canada)

ASN23760 (XPEDITE-AS-AU Xpedite Systems, AU)
PTR: cstest.sf68.cloud.opentext.com
cstest.sf68.cloud.opentext.com
6    142.75.27.108 (Canada)

ASN23760 (XPEDITE-AS-AU Xpedite Systems, AU)
PTR: dstest.sf68.cloud.opentext.com
dstest.sf68.cloud.opentext.com
4    23.52.147.208 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-147-208.deploy.static.akamaitechnologies.com
performancemanager10.successfactors.com
1    157.133.168.73 (United States)

ASN35039 (SAP_CC, DE)
a8txx00ft.accounts.ondemand.com
12    45.60.150.17 (United States)

ASN19551 (INCAPSULA, US)
loginuat.colesgroup.com.au
Domain Requested by
12 loginuat.colesgroup.com.au 1 redirects loginuat.colesgroup.com.au
6 dstest.sf68.cloud.opentext.com dstest.sf68.cloud.opentext.com
4 performancemanager10.successfactors.com 1 redirects performancemanager10.successfactors.com
1 a8txx00ft.accounts.ondemand.com
1 cstest.sf68.cloud.opentext.com 1 redirects
21 5

This site contains no links.

Subject Issuer Validity Valid
dstest.sf68.cloud.opentext.com
Sectigo RSA Organization Validation Secure Server CA		 2022-10-10 -
2023-11-10		 a year crt.sh
*.successfactors.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-14 -
2024-02-13		 a year crt.sh
*.accounts.ondemand.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-21 -
2023-12-21		 a year crt.sh
loginuat.colesgroup.com.au
Thawte RSA CA 2018		 2023-01-29 -
2024-02-15		 a year crt.sh

This page contains 1 frames:

Primary Page: https://loginuat.colesgroup.com.au/nidp/saml2/sso?sid=0&option=credential
Frame ID: E39978F0EFAC8EC9073092B9F63B0572
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://cstest.sf68.cloud.opentext.com/otcs/llisapi.dll?func=ll&objId=24190468&objAction=browse&viewType=1 HTTP 302
    https://dstest.sf68.cloud.opentext.com/otdsws/login?RFA=e7a47b9a%2D9738%2D43a1%2D8c7c%2Dd53dbd0c67c8%3Ahttps%3A%2F%... Page URL
  2. https://dstest.sf68.cloud.opentext.com/otdsws/login?RFA=eyJhbGciOiJub25lIn0.eyJwb3N0VGlja2V0Ijp0cnVlLCJwb3N0UGFyYW1... Page URL
  3. https://performancemanager10.successfactors.com/sf/idp/SAML2/SSO/POST/company/colesgroupD HTTP 302
    https://performancemanager10.successfactors.com/saml2/Login?company=colesgroupD&RelayState=/sf/idp/SAML2/SSO/POST/company/co... Page URL
  4. https://a8txx00ft.accounts.ondemand.com/saml2/idp/sso/?SAMLRequest=fZJBb9swDIX%2FiqC7bNmNA1eIU2QLigXotqB1e%2BhloGW6F... Page URL
  5. https://loginuat.colesgroup.com.au/nidp/saml2/sso HTTP 302
    https://loginuat.colesgroup.com.au/nidp/saml2/sso?sid=0&option=credential Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /_Incapsula_Resource
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

21
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

4
IPs

2
Countries

349 kB
Transfer

654 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://cstest.sf68.cloud.opentext.com/otcs/llisapi.dll?func=ll&objId=24190468&objAction=browse&viewType=1 HTTP 302
    https://dstest.sf68.cloud.opentext.com/otdsws/login?RFA=e7a47b9a%2D9738%2D43a1%2D8c7c%2Dd53dbd0c67c8%3Ahttps%3A%2F%2Fcstest%2Esf68%2Ecloud%2Eopentext%2Ecom%2Fotcs%2Fllisapi%2Edll%3Ffunc%3Dotdsintegration%2Eredirect%26NextURL%3Dhttps%253A%252F%252Fcstest%252Esf68%252Ecloud%252Eopentext%252Ecom%252Fotcs%252Fllisapi%252Edll%253Ffunc%253Dll%2526objId%253D24190468%2526objAction%253Dbrowse%2526viewType%253D1&PostTicket=true&PostParams=true&ux_version=1&PreserveFragment=true&logon_style=signin-cs&logon_appname=OpenText%20Extended%20ECM%20CE%2022%2E2 Page URL
  2. https://dstest.sf68.cloud.opentext.com/otdsws/login?RFA=eyJhbGciOiJub25lIn0.eyJwb3N0VGlja2V0Ijp0cnVlLCJwb3N0UGFyYW1zIjp0cnVlLCJsb2dvbkFwcE5hbWUiOiJPcGVuVGV4dCBFeHRlbmRlZCBFQ00gQ0UgMjIuMiIsInV4VmVyc2lvbiI6MSwiZm9yd2FyZEFkZHJlc3MiOiJodHRwczovL2NzdGVzdC5zZjY4LmNsb3VkLm9wZW50ZXh0LmNvbS9vdGNzL2xsaXNhcGkuZGxsP2Z1bmM9b3Rkc2ludGVncmF0aW9uLnJlZGlyZWN0Jk5leHRVUkw9aHR0cHMlM0ElMkYlMkZjc3Rlc3QlMkVzZjY4JTJFY2xvdWQlMkVvcGVudGV4dCUyRWNvbSUyRm90Y3MlMkZsbGlzYXBpJTJFZGxsJTNGZnVuYyUzRGxsJTI2b2JqSWQlM0QyNDE5MDQ2OCUyNm9iakFjdGlvbiUzRGJyb3dzZSUyNnZpZXdUeXBlJTNEMSIsInJlc291cmNlSUQiOiJlN2E0N2I5YS05NzM4LTQzYTEtOGM3Yy1kNTNkYmQwYzY3YzgifQ&fragment= Page URL
  3. https://performancemanager10.successfactors.com/sf/idp/SAML2/SSO/POST/company/colesgroupD HTTP 302
    https://performancemanager10.successfactors.com/saml2/Login?company=colesgroupD&RelayState=/sf/idp/SAML2/SSO/POST/company/colesgroupD&_s.crb=IU4EiergEw4%252bCxkFKBXPM%252fGWeKIWCFCbQufJP3vHiEc%253d Page URL
  4. https://a8txx00ft.accounts.ondemand.com/saml2/idp/sso/?SAMLRequest=fZJBb9swDIX%2FiqC7bNmNA1eIU2QLigXotqB1e%2BhloGW6FWBLrigt2b%2Bf66RDd2iv5CPf4yetro5Dz36jJ%2BNsxbNEcoZWu9bYp4rf19ei5FfrFcHQ56PaxPBsb%2FElIgU2DVpSp07Fo7fKARlSFgYkFbS623y%2FUXki1ehdcNr1nG2nQWMhzGbPIYyk0hTKcDxK2YUEtHbRBkqcbXEA2ybaDelskZp2TIlcytm18xrnKBXvoCfkbLet%2BK%2BiaTpsL6Vo9XIhFo0uBciiEU2BlyUA5BdlMUmJIu4sBbCh4rnML4QsRLas5VIVS5VnSZkvHjnbn0N%2FMfYE47MLm5OI1Le63ov9z7uas4c3qJOAnxGq2d2%2FZ%2Ff5YiBC%2F4qLr99wHQ6HhKLWSNSBDs7TTGmKivTkXRy3q%2FS92b%2FX%2BzFt3233rjf6D9v0vTt89QgBKx58xJnrAOHjPFmSzRXTim6WqmhpRG06gy1P12fb%2F7%2FJ%2Bi8%3D&RelayState=%2Fsf%2Fidp%2FSAML2%2FSSO%2FPOST%2Fcompany%2FcolesgroupD&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=jH6KhMQI4P0%2FwPIxi%2BCHfQOGF%2FUOVMWHGghcWJzRjWuBstzHYOe%2FmUWbi7qA6IvTG1ICjtQWVCym1BTWc3dBSqZdzc%2BkQjAzhpsDgwUk6YXt3kKEpsCGopusleFzGtFaR1QZKBF%2B6GUWgXyict4eKcRXTyNhnizhZjl15uzgnF8%3D Page URL
  5. https://loginuat.colesgroup.com.au/nidp/saml2/sso HTTP 302
    https://loginuat.colesgroup.com.au/nidp/saml2/sso?sid=0&option=credential Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://cstest.sf68.cloud.opentext.com/otcs/llisapi.dll?func=ll&objId=24190468&objAction=browse&viewType=1 HTTP 302
  • https://dstest.sf68.cloud.opentext.com/otdsws/login?RFA=e7a47b9a%2D9738%2D43a1%2D8c7c%2Dd53dbd0c67c8%3Ahttps%3A%2F%2Fcstest%2Esf68%2Ecloud%2Eopentext%2Ecom%2Fotcs%2Fllisapi%2Edll%3Ffunc%3Dotdsintegration%2Eredirect%26NextURL%3Dhttps%253A%252F%252Fcstest%252Esf68%252Ecloud%252Eopentext%252Ecom%252Fotcs%252Fllisapi%252Edll%253Ffunc%253Dll%2526objId%253D24190468%2526objAction%253Dbrowse%2526viewType%253D1&PostTicket=true&PostParams=true&ux_version=1&PreserveFragment=true&logon_style=signin-cs&logon_appname=OpenText%20Extended%20ECM%20CE%2022%2E2
Request Chain 6
  • https://performancemanager10.successfactors.com/sf/idp/SAML2/SSO/POST/company/colesgroupD HTTP 302
  • https://performancemanager10.successfactors.com/saml2/Login?company=colesgroupD&RelayState=/sf/idp/SAML2/SSO/POST/company/colesgroupD&_s.crb=IU4EiergEw4%252bCxkFKBXPM%252fGWeKIWCFCbQufJP3vHiEc%253d

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
login
dstest.sf68.cloud.opentext.com/otdsws/
Redirect Chain
  • https://cstest.sf68.cloud.opentext.com/otcs/llisapi.dll?func=ll&objId=24190468&objAction=browse&viewType=1
  • https://dstest.sf68.cloud.opentext.com/otdsws/login?RFA=e7a47b9a%2D9738%2D43a1%2D8c7c%2Dd53dbd0c67c8%3Ahttps%3A%2F%2Fcstest%2Esf68%2Ecloud%2Eopentext%2Ecom%2Fotcs%2Fllisapi%2Edll%3Ffunc%3Dotdsinteg...
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dstest.sf68.cloud.opentext.com/otdsws/login?RFA=e7a47b9a%2D9738%2D43a1%2D8c7c%2Dd53dbd0c67c8%3Ahttps%3A%2F%2Fcstest%2Esf68%2Ecloud%2Eopentext%2Ecom%2Fotcs%2Fllisapi%2Edll%3Ffunc%3Dotdsintegration%2Eredirect%26NextURL%3Dhttps%253A%252F%252Fcstest%252Esf68%252Ecloud%252Eopentext%252Ecom%252Fotcs%252Fllisapi%252Edll%253Ffunc%253Dll%2526objId%253D24190468%2526objAction%253Dbrowse%2526viewType%253D1&PostTicket=true&PostParams=true&ux_version=1&PreserveFragment=true&logon_style=signin-cs&logon_appname=OpenText%20Extended%20ECM%20CE%2022%2E2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
142.75.27.108 , Canada, ASN23760 (XPEDITE-AS-AU Xpedite Systems, AU),
Reverse DNS
dstest.sf68.cloud.opentext.com
Software
/
Resource Hash
f00eeeab81c4c66eba0895307d9ea8387483dffe67b33a0682abaf916ffde9b9
Security Headers
Name Value
Content-Security-Policy style-src 'unsafe-inline' 'self'; frame-ancestors 'self'; default-src 'self'
X-Content-Type-Options nosniff nosniff
X-Frame-Options ALLOW-FROM https://performancemanager10.successfactors.com SAMEORIGIN
X-Xss-Protection 1; mode=block 1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache, no-store
Connection
keep-alive
Content-Language
en
Content-Length
1357
Content-Security-Policy
style-src 'unsafe-inline' 'self'; frame-ancestors 'self'; default-src 'self'
Content-Type
text/html;charset=UTF-8
Date
Tue, 16 May 2023 06:56:19 GMT
Keep-Alive
timeout=20
P3P
CP="NON IND UNI COM NAV INT"
X-Content-Type-Options
nosniff nosniff
X-Frame-Options
ALLOW-FROM https://performancemanager10.successfactors.com SAMEORIGIN
X-XSS-Protection
1; mode=block 1

Redirect headers

Cache-Control
no-cache
Content-Length
1889
Content-Security-Policy
frame-ancestors 'self' *.sapsf.eu *.successfactors.eu *.sapsf.com *.successfactors.com *.sapsf.cn *.successfactors.cn frame-ancestors 'self' https://performancemanager10.successfactors.com https://dstest.sf68.cloud.opentext.com
Content-Type
text/html;charset=UTF-8
Date
Tue, 16 May 2023 06:56:17 GMT
Location
https://dstest.sf68.cloud.opentext.com/otdsws/login?RFA=e7a47b9a%2D9738%2D43a1%2D8c7c%2Dd53dbd0c67c8%3Ahttps%3A%2F%2Fcstest%2Esf68%2Ecloud%2Eopentext%2Ecom%2Fotcs%2Fllisapi%2Edll%3Ffunc%3Dotdsintegration%2Eredirect%26NextURL%3Dhttps%253A%252F%252Fcstest%252Esf68%252Ecloud%252Eopentext%252Ecom%252Fotcs%252Fllisapi%252Edll%253Ffunc%253Dll%2526objId%253D24190468%2526objAction%253Dbrowse%2526viewType%253D1&PostTicket=true&PostParams=true&ux_version=1&PreserveFragment=true&logon_style=signin-cs&logon_appname=OpenText%20Extended%20ECM%20CE%2022%2E2
Server
Microsoft-IIS/10.0
X-Content-Type-Options
nosniff
X-Frame-Options
ALLOW-FROM *.sapsf.eu *.successfactors.eu *.sapsf.com *.successfactors.com *.sapsf.cn *.successfactors.cn ALLOW-FROM https://performancemanager10.successfactors.com
X-Powered-By
ASP.NET
X-UA-Compatible
IE=edge
X-XSS-Protection
1; mode=block
jquery.min.js
dstest.sf68.cloud.opentext.com/otdsws/ 		87 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dstest.sf68.cloud.opentext.com/otdsws/jquery.min.js?v=22.2.4.4696
Requested by
Host: dstest.sf68.cloud.opentext.com
URL: https://dstest.sf68.cloud.opentext.com/otdsws/login?RFA=e7a47b9a%2D9738%2D43a1%2D8c7c%2Dd53dbd0c67c8%3Ahttps%3A%2F%2Fcstest%2Esf68%2Ecloud%2Eopentext%2Ecom%2Fotcs%2Fllisapi%2Edll%3Ffunc%3Dotdsintegration%2Eredirect%26NextURL%3Dhttps%253A%252F%252Fcstest%252Esf68%252Ecloud%252Eopentext%252Ecom%252Fotcs%252Fllisapi%252Edll%253Ffunc%253Dll%2526objId%253D24190468%2526objAction%253Dbrowse%2526viewType%253D1&PostTicket=true&PostParams=true&ux_version=1&PreserveFragment=true&logon_style=signin-cs&logon_appname=OpenText%20Extended%20ECM%20CE%2022%2E2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
142.75.27.108 , Canada, ASN23760 (XPEDITE-AS-AU Xpedite Systems, AU),
Reverse DNS
dstest.sf68.cloud.opentext.com
Software
/
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://performancemanager10.successfactors.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dstest.sf68.cloud.opentext.com/otdsws/login?RFA=e7a47b9a%2D9738%2D43a1%2D8c7c%2Dd53dbd0c67c8%3Ahttps%3A%2F%2Fcstest%2Esf68%2Ecloud%2Eopentext%2Ecom%2Fotcs%2Fllisapi%2Edll%3Ffunc%3Dotdsintegration%2Eredirect%26NextURL%3Dhttps%253A%252F%252Fcstest%252Esf68%252Ecloud%252Eopentext%252Ecom%252Fotcs%252Fllisapi%252Edll%253Ffunc%253Dll%2526objId%253D24190468%2526objAction%253Dbrowse%2526viewType%253D1&PostTicket=true&PostParams=true&ux_version=1&PreserveFragment=true&logon_style=signin-cs&logon_appname=OpenText%20Extended%20ECM%20CE%2022%2E2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Tue, 16 May 2023 06:56:19 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 04 Nov 2022 14:03:14 GMT
ETag
W/"89476-1667570594169"
X-Frame-Options
ALLOW-FROM https://performancemanager10.successfactors.com
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
89476
X-XSS-Protection
1; mode=block
getfragment.js
dstest.sf68.cloud.opentext.com/otdsws/login1/ 		104 B
505 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dstest.sf68.cloud.opentext.com/otdsws/login1/getfragment.js?v=22.2.4.4696
Requested by
Host: dstest.sf68.cloud.opentext.com
URL: https://dstest.sf68.cloud.opentext.com/otdsws/login?RFA=e7a47b9a%2D9738%2D43a1%2D8c7c%2Dd53dbd0c67c8%3Ahttps%3A%2F%2Fcstest%2Esf68%2Ecloud%2Eopentext%2Ecom%2Fotcs%2Fllisapi%2Edll%3Ffunc%3Dotdsintegration%2Eredirect%26NextURL%3Dhttps%253A%252F%252Fcstest%252Esf68%252Ecloud%252Eopentext%252Ecom%252Fotcs%252Fllisapi%252Edll%253Ffunc%253Dll%2526objId%253D24190468%2526objAction%253Dbrowse%2526viewType%253D1&PostTicket=true&PostParams=true&ux_version=1&PreserveFragment=true&logon_style=signin-cs&logon_appname=OpenText%20Extended%20ECM%20CE%2022%2E2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
142.75.27.108 , Canada, ASN23760 (XPEDITE-AS-AU Xpedite Systems, AU),
Reverse DNS
dstest.sf68.cloud.opentext.com
Software
/
Resource Hash
004af506e311530e0f7c8e33775fca2a63182ff2f1bce708e7aa2ec6803be2ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://performancemanager10.successfactors.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dstest.sf68.cloud.opentext.com/otdsws/login?RFA=e7a47b9a%2D9738%2D43a1%2D8c7c%2Dd53dbd0c67c8%3Ahttps%3A%2F%2Fcstest%2Esf68%2Ecloud%2Eopentext%2Ecom%2Fotcs%2Fllisapi%2Edll%3Ffunc%3Dotdsintegration%2Eredirect%26NextURL%3Dhttps%253A%252F%252Fcstest%252Esf68%252Ecloud%252Eopentext%252Ecom%252Fotcs%252Fllisapi%252Edll%253Ffunc%253Dll%2526objId%253D24190468%2526objAction%253Dbrowse%2526viewType%253D1&PostTicket=true&PostParams=true&ux_version=1&PreserveFragment=true&logon_style=signin-cs&logon_appname=OpenText%20Extended%20ECM%20CE%2022%2E2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Tue, 16 May 2023 06:56:19 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 04 Nov 2022 14:03:13 GMT
ETag
W/"104-1667570593603"
X-Frame-Options
ALLOW-FROM https://performancemanager10.successfactors.com
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
104
X-XSS-Protection
1; mode=block
login
dstest.sf68.cloud.opentext.com/otdsws/ 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dstest.sf68.cloud.opentext.com/otdsws/login?RFA=eyJhbGciOiJub25lIn0.eyJwb3N0VGlja2V0Ijp0cnVlLCJwb3N0UGFyYW1zIjp0cnVlLCJsb2dvbkFwcE5hbWUiOiJPcGVuVGV4dCBFeHRlbmRlZCBFQ00gQ0UgMjIuMiIsInV4VmVyc2lvbiI6MSwiZm9yd2FyZEFkZHJlc3MiOiJodHRwczovL2NzdGVzdC5zZjY4LmNsb3VkLm9wZW50ZXh0LmNvbS9vdGNzL2xsaXNhcGkuZGxsP2Z1bmM9b3Rkc2ludGVncmF0aW9uLnJlZGlyZWN0Jk5leHRVUkw9aHR0cHMlM0ElMkYlMkZjc3Rlc3QlMkVzZjY4JTJFY2xvdWQlMkVvcGVudGV4dCUyRWNvbSUyRm90Y3MlMkZsbGlzYXBpJTJFZGxsJTNGZnVuYyUzRGxsJTI2b2JqSWQlM0QyNDE5MDQ2OCUyNm9iakFjdGlvbiUzRGJyb3dzZSUyNnZpZXdUeXBlJTNEMSIsInJlc291cmNlSUQiOiJlN2E0N2I5YS05NzM4LTQzYTEtOGM3Yy1kNTNkYmQwYzY3YzgifQ&fragment=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
142.75.27.108 , Canada, ASN23760 (XPEDITE-AS-AU Xpedite Systems, AU),
Reverse DNS
dstest.sf68.cloud.opentext.com
Software
/
Resource Hash
8eab62a0d2e4813fb00e42c51833fea41d22837f2f12633cede51ea7e161bb1a
Security Headers
Name Value
Content-Security-Policy style-src 'unsafe-inline' 'self'; default-src 'self'
X-Content-Type-Options nosniff nosniff
X-Frame-Options ALLOW-FROM https://performancemanager10.successfactors.com
X-Xss-Protection 1; mode=block 1

Request headers

Referer
https://dstest.sf68.cloud.opentext.com/otdsws/login?RFA=e7a47b9a%2D9738%2D43a1%2D8c7c%2Dd53dbd0c67c8%3Ahttps%3A%2F%2Fcstest%2Esf68%2Ecloud%2Eopentext%2Ecom%2Fotcs%2Fllisapi%2Edll%3Ffunc%3Dotdsintegration%2Eredirect%26NextURL%3Dhttps%253A%252F%252Fcstest%252Esf68%252Ecloud%252Eopentext%252Ecom%252Fotcs%252Fllisapi%252Edll%253Ffunc%253Dll%2526objId%253D24190468%2526objAction%253Dbrowse%2526viewType%253D1&PostTicket=true&PostParams=true&ux_version=1&PreserveFragment=true&logon_style=signin-cs&logon_appname=OpenText%20Extended%20ECM%20CE%2022%2E2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache, no-store
Connection
keep-alive
Content-Language
en
Content-Length
2517
Content-Security-Policy
style-src 'unsafe-inline' 'self'; default-src 'self'
Content-Type
text/html;charset=UTF-8
Date
Tue, 16 May 2023 06:56:20 GMT
Keep-Alive
timeout=20
P3P
CP="NON IND UNI COM NAV INT"
X-Content-Type-Options
nosniff nosniff
X-Frame-Options
ALLOW-FROM https://performancemanager10.successfactors.com
X-XSS-Protection
1; mode=block 1
jquery.min.js
dstest.sf68.cloud.opentext.com/otdsws/ 		87 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dstest.sf68.cloud.opentext.com/otdsws/jquery.min.js?v=22.2.4.4696
Requested by
Host: dstest.sf68.cloud.opentext.com
URL: https://dstest.sf68.cloud.opentext.com/otdsws/login?RFA=eyJhbGciOiJub25lIn0.eyJwb3N0VGlja2V0Ijp0cnVlLCJwb3N0UGFyYW1zIjp0cnVlLCJsb2dvbkFwcE5hbWUiOiJPcGVuVGV4dCBFeHRlbmRlZCBFQ00gQ0UgMjIuMiIsInV4VmVyc2lvbiI6MSwiZm9yd2FyZEFkZHJlc3MiOiJodHRwczovL2NzdGVzdC5zZjY4LmNsb3VkLm9wZW50ZXh0LmNvbS9vdGNzL2xsaXNhcGkuZGxsP2Z1bmM9b3Rkc2ludGVncmF0aW9uLnJlZGlyZWN0Jk5leHRVUkw9aHR0cHMlM0ElMkYlMkZjc3Rlc3QlMkVzZjY4JTJFY2xvdWQlMkVvcGVudGV4dCUyRWNvbSUyRm90Y3MlMkZsbGlzYXBpJTJFZGxsJTNGZnVuYyUzRGxsJTI2b2JqSWQlM0QyNDE5MDQ2OCUyNm9iakFjdGlvbiUzRGJyb3dzZSUyNnZpZXdUeXBlJTNEMSIsInJlc291cmNlSUQiOiJlN2E0N2I5YS05NzM4LTQzYTEtOGM3Yy1kNTNkYmQwYzY3YzgifQ&fragment=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
142.75.27.108 , Canada, ASN23760 (XPEDITE-AS-AU Xpedite Systems, AU),
Reverse DNS
dstest.sf68.cloud.opentext.com
Software
/
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://performancemanager10.successfactors.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dstest.sf68.cloud.opentext.com/otdsws/login?RFA=eyJhbGciOiJub25lIn0.eyJwb3N0VGlja2V0Ijp0cnVlLCJwb3N0UGFyYW1zIjp0cnVlLCJsb2dvbkFwcE5hbWUiOiJPcGVuVGV4dCBFeHRlbmRlZCBFQ00gQ0UgMjIuMiIsInV4VmVyc2lvbiI6MSwiZm9yd2FyZEFkZHJlc3MiOiJodHRwczovL2NzdGVzdC5zZjY4LmNsb3VkLm9wZW50ZXh0LmNvbS9vdGNzL2xsaXNhcGkuZGxsP2Z1bmM9b3Rkc2ludGVncmF0aW9uLnJlZGlyZWN0Jk5leHRVUkw9aHR0cHMlM0ElMkYlMkZjc3Rlc3QlMkVzZjY4JTJFY2xvdWQlMkVvcGVudGV4dCUyRWNvbSUyRm90Y3MlMkZsbGlzYXBpJTJFZGxsJTNGZnVuYyUzRGxsJTI2b2JqSWQlM0QyNDE5MDQ2OCUyNm9iakFjdGlvbiUzRGJyb3dzZSUyNnZpZXdUeXBlJTNEMSIsInJlc291cmNlSUQiOiJlN2E0N2I5YS05NzM4LTQzYTEtOGM3Yy1kNTNkYmQwYzY3YzgifQ&fragment=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Tue, 16 May 2023 06:56:20 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 04 Nov 2022 14:03:14 GMT
ETag
W/"89476-1667570594169"
X-Frame-Options
ALLOW-FROM https://performancemanager10.successfactors.com
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
89476
X-XSS-Protection
1; mode=block
redirect.js
dstest.sf68.cloud.opentext.com/otdsws/login1/ 		67 B
466 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dstest.sf68.cloud.opentext.com/otdsws/login1/redirect.js?v=22.2.4.4696
Requested by
Host: dstest.sf68.cloud.opentext.com
URL: https://dstest.sf68.cloud.opentext.com/otdsws/login?RFA=eyJhbGciOiJub25lIn0.eyJwb3N0VGlja2V0Ijp0cnVlLCJwb3N0UGFyYW1zIjp0cnVlLCJsb2dvbkFwcE5hbWUiOiJPcGVuVGV4dCBFeHRlbmRlZCBFQ00gQ0UgMjIuMiIsInV4VmVyc2lvbiI6MSwiZm9yd2FyZEFkZHJlc3MiOiJodHRwczovL2NzdGVzdC5zZjY4LmNsb3VkLm9wZW50ZXh0LmNvbS9vdGNzL2xsaXNhcGkuZGxsP2Z1bmM9b3Rkc2ludGVncmF0aW9uLnJlZGlyZWN0Jk5leHRVUkw9aHR0cHMlM0ElMkYlMkZjc3Rlc3QlMkVzZjY4JTJFY2xvdWQlMkVvcGVudGV4dCUyRWNvbSUyRm90Y3MlMkZsbGlzYXBpJTJFZGxsJTNGZnVuYyUzRGxsJTI2b2JqSWQlM0QyNDE5MDQ2OCUyNm9iakFjdGlvbiUzRGJyb3dzZSUyNnZpZXdUeXBlJTNEMSIsInJlc291cmNlSUQiOiJlN2E0N2I5YS05NzM4LTQzYTEtOGM3Yy1kNTNkYmQwYzY3YzgifQ&fragment=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
142.75.27.108 , Canada, ASN23760 (XPEDITE-AS-AU Xpedite Systems, AU),
Reverse DNS
dstest.sf68.cloud.opentext.com
Software
/
Resource Hash
f0cb03dac64bf20f41bfb56e68b0cd8b5547d559c808a6ac77523450dd587f98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://performancemanager10.successfactors.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dstest.sf68.cloud.opentext.com/otdsws/login?RFA=eyJhbGciOiJub25lIn0.eyJwb3N0VGlja2V0Ijp0cnVlLCJwb3N0UGFyYW1zIjp0cnVlLCJsb2dvbkFwcE5hbWUiOiJPcGVuVGV4dCBFeHRlbmRlZCBFQ00gQ0UgMjIuMiIsInV4VmVyc2lvbiI6MSwiZm9yd2FyZEFkZHJlc3MiOiJodHRwczovL2NzdGVzdC5zZjY4LmNsb3VkLm9wZW50ZXh0LmNvbS9vdGNzL2xsaXNhcGkuZGxsP2Z1bmM9b3Rkc2ludGVncmF0aW9uLnJlZGlyZWN0Jk5leHRVUkw9aHR0cHMlM0ElMkYlMkZjc3Rlc3QlMkVzZjY4JTJFY2xvdWQlMkVvcGVudGV4dCUyRWNvbSUyRm90Y3MlMkZsbGlzYXBpJTJFZGxsJTNGZnVuYyUzRGxsJTI2b2JqSWQlM0QyNDE5MDQ2OCUyNm9iakFjdGlvbiUzRGJyb3dzZSUyNnZpZXdUeXBlJTNEMSIsInJlc291cmNlSUQiOiJlN2E0N2I5YS05NzM4LTQzYTEtOGM3Yy1kNTNkYmQwYzY3YzgifQ&fragment=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Tue, 16 May 2023 06:56:20 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 04 Nov 2022 14:03:13 GMT
ETag
W/"67-1667570593702"
X-Frame-Options
ALLOW-FROM https://performancemanager10.successfactors.com
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
67
X-XSS-Protection
1; mode=block
Login
performancemanager10.successfactors.com/saml2/
Redirect Chain
  • https://performancemanager10.successfactors.com/sf/idp/SAML2/SSO/POST/company/colesgroupD
  • https://performancemanager10.successfactors.com/saml2/Login?company=colesgroupD&RelayState=/sf/idp/SAML2/SSO/POST/company/colesgroupD&_s.crb=IU4EiergEw4%252bCxkFKBXPM%252fGWeKIWCFCbQufJP3vHiEc%253d
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://performancemanager10.successfactors.com/saml2/Login?company=colesgroupD&RelayState=/sf/idp/SAML2/SSO/POST/company/colesgroupD&_s.crb=IU4EiergEw4%252bCxkFKBXPM%252fGWeKIWCFCbQufJP3vHiEc%253d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.147.208 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-147-208.deploy.static.akamaitechnologies.com
Software
Successfactors /
Resource Hash
03c7a84b9f1c5937178be613be47a751925a8559a111aa5f1b68cc4952ac39ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://dstest.sf68.cloud.opentext.com
Referer
https://dstest.sf68.cloud.opentext.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store,no-cache
content-length
1688
content-type
text/html;charset=UTF-8
date
Tue, 16 May 2023 06:56:21 GMT
expires
Tue, 16 May 2023 06:56:21 GMT Wed, 31 Dec 1969 23:59:59 GMT
pragma
no-cache no-cache
referrer-policy
strict-origin-when-cross-origin
server
Successfactors
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-correlation-id
9888154ccddc80880d7170f265b0d8de
x-event-id
EVENT-UNKNOWN-UNKNOWN-ob55abe0131-20230516165621-1473986
x-itr-server
b847706e2ab3eb636246338e8c3fc9939afb0329
x-itr-target-cluster
defaultCluster
x-request-stats
SQLT=2&CCON=0&FWR=0&NRE=0&CEXT=0&ST=1684220181817&EID=EVENT-UNKNOWN-UNKNOWN-ob55abe0131-20230516165621-1473986&CLOC=0&CREM=0&NWR=0&CPU=35&SVT=67&SQLC=5&SCPU=5&CSUP=1&MEM=8092&UCPU=30&FRE=0
x-unique-id
9888154ccddc80880d7170f265b0d8de
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-store,no-cache
content-length
0
date
Tue, 16 May 2023 06:56:21 GMT
expires
Tue, 16 May 2023 06:56:21 GMT
location
/saml2/Login?company=colesgroupD&RelayState=/sf/idp/SAML2/SSO/POST/company/colesgroupD&_s.crb=IU4EiergEw4%252bCxkFKBXPM%252fGWeKIWCFCbQufJP3vHiEc%253d
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
Successfactors
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-correlation-id
0b986fae21adc1928cec132b1980d94c
x-event-id
EVENT-UNKNOWN-UNKNOWN-ob55abe0131-20230516165621-1473985
x-itr-server
b847706e2ab3eb636246338e8c3fc9939afb0329
x-itr-target-cluster
defaultCluster
x-unique-id
0b986fae21adc1928cec132b1980d94c
x-xss-protection
1; mode=block
XMLHttpRequest.js
performancemanager10.successfactors.com/ui/extlib/XMLHttpRequest_1.0.5_sf.18/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://performancemanager10.successfactors.com/ui/extlib/XMLHttpRequest_1.0.5_sf.18/XMLHttpRequest.js
Requested by
Host: performancemanager10.successfactors.com
URL: https://performancemanager10.successfactors.com/saml2/Login?company=colesgroupD&RelayState=/sf/idp/SAML2/SSO/POST/company/colesgroupD&_s.crb=IU4EiergEw4%252bCxkFKBXPM%252fGWeKIWCFCbQufJP3vHiEc%253d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.147.208 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-147-208.deploy.static.akamaitechnologies.com
Software
Successfactors /
Resource Hash
e2aaec9826f489c85b078bbbec0efdb872fcbd16c74677111288bd7b02e807a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://performancemanager10.successfactors.com/saml2/Login?company=colesgroupD&RelayState=/sf/idp/SAML2/SSO/POST/company/colesgroupD&_s.crb=IU4EiergEw4%252bCxkFKBXPM%252fGWeKIWCFCbQufJP3vHiEc%253d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 09 Dec 2022 16:04:43 GMT
server
Successfactors
date
Tue, 16 May 2023 06:56:22 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=301746721
content-length
2704
x-xss-protection
1; mode=block
expires
Mon, 06 Dec 2032 17:28:23 GMT
perflog_6afbc835fd7bc8ec51a93324df511558.js
performancemanager10.successfactors.com/ui/perflog/js/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://performancemanager10.successfactors.com/ui/perflog/js/perflog_6afbc835fd7bc8ec51a93324df511558.js
Requested by
Host: performancemanager10.successfactors.com
URL: https://performancemanager10.successfactors.com/saml2/Login?company=colesgroupD&RelayState=/sf/idp/SAML2/SSO/POST/company/colesgroupD&_s.crb=IU4EiergEw4%252bCxkFKBXPM%252fGWeKIWCFCbQufJP3vHiEc%253d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.147.208 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-147-208.deploy.static.akamaitechnologies.com
Software
Successfactors /
Resource Hash
2ee483c6c8ac0a1a070fa2a1af9ef0c46fca385b84ffad5a0abba2b48e226e02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://performancemanager10.successfactors.com/saml2/Login?company=colesgroupD&RelayState=/sf/idp/SAML2/SSO/POST/company/colesgroupD&_s.crb=IU4EiergEw4%252bCxkFKBXPM%252fGWeKIWCFCbQufJP3vHiEc%253d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 20 Oct 2022 14:10:07 GMT
server
Successfactors
date
Tue, 16 May 2023 06:56:22 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=300456356
content-length
4421
x-xss-protection
1; mode=block
expires
Sun, 21 Nov 2032 19:02:18 GMT
/
a8txx00ft.accounts.ondemand.com/saml2/idp/sso/ 		7 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a8txx00ft.accounts.ondemand.com/saml2/idp/sso/?SAMLRequest=fZJBb9swDIX%2FiqC7bNmNA1eIU2QLigXotqB1e%2BhloGW6FWBLrigt2b%2Bf66RDd2iv5CPf4yetro5Dz36jJ%2BNsxbNEcoZWu9bYp4rf19ei5FfrFcHQ56PaxPBsb%2FElIgU2DVpSp07Fo7fKARlSFgYkFbS623y%2FUXki1ehdcNr1nG2nQWMhzGbPIYyk0hTKcDxK2YUEtHbRBkqcbXEA2ybaDelskZp2TIlcytm18xrnKBXvoCfkbLet%2BK%2BiaTpsL6Vo9XIhFo0uBciiEU2BlyUA5BdlMUmJIu4sBbCh4rnML4QsRLas5VIVS5VnSZkvHjnbn0N%2FMfYE47MLm5OI1Le63ov9z7uas4c3qJOAnxGq2d2%2FZ%2Ff5YiBC%2F4qLr99wHQ6HhKLWSNSBDs7TTGmKivTkXRy3q%2FS92b%2FX%2BzFt3233rjf6D9v0vTt89QgBKx58xJnrAOHjPFmSzRXTim6WqmhpRG06gy1P12fb%2F7%2FJ%2Bi8%3D&RelayState=%2Fsf%2Fidp%2FSAML2%2FSSO%2FPOST%2Fcompany%2FcolesgroupD&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=jH6KhMQI4P0%2FwPIxi%2BCHfQOGF%2FUOVMWHGghcWJzRjWuBstzHYOe%2FmUWbi7qA6IvTG1ICjtQWVCym1BTWc3dBSqZdzc%2BkQjAzhpsDgwUk6YXt3kKEpsCGopusleFzGtFaR1QZKBF%2B6GUWgXyict4eKcRXTyNhnizhZjl15uzgnF8%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.133.168.73 , United States, ASN35039 (SAP_CC, DE),
Reverse DNS
Software
SAP /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'self' consent.trustarc.com 'nonce-VVd6K39bKHPcsE8JMrdOBTbZtGIyxgXhqTBtpe2ol/4='
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://performancemanager10.successfactors.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private,no-cache,no-store
Connection
Keep-Alive
Content-Encoding
gzip
Content-Language
en-CA
Content-Security-Policy
script-src 'self' consent.trustarc.com 'nonce-VVd6K39bKHPcsE8JMrdOBTbZtGIyxgXhqTBtpe2ol/4='
Content-Type
text/html;charset=utf-8
Date
Tue, 16 May 2023 06:56:23 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=5, max=100
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Pragma
no-cache
Referrer-Policy
origin
Server
SAP
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-IDS-ID
F0567A76-161B-4EE6-8EA5-FB2B6EE7FAC2
X-IDS-Landscape
ap-au-1
X-IDS-Node
idp02
X-IDS-Pool
blue
X-IDS-Project
prod
X-Robots-Tag
none
vary
accept-encoding,X-CSP-STRIP
x-xss-protection
1; mode=block
Primary Request sso
loginuat.colesgroup.com.au/nidp/saml2/
Redirect Chain
  • https://loginuat.colesgroup.com.au/nidp/saml2/sso
  • https://loginuat.colesgroup.com.au/nidp/saml2/sso?sid=0&option=credential
5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://loginuat.colesgroup.com.au/nidp/saml2/sso?sid=0&option=credential
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.150.17 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
8a3314f5364e21a59e2f016182b71b9ad28a2419621119fe0a6047b49f57879f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://a8txx00ft.accounts.ondemand.com
Referer
https://a8txx00ft.accounts.ondemand.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Tue, 16 May 2023 06:56:24 GMT
pragma
No-cache
strict-transport-security
max-age=31536000
via-esp
null,NIDPLOGGING.600105004 session33-5A4B01D7B884FFF423E12A5963B42A0B null,NIDPLOGGING.600105004 session33-5A4B01D7B884FFF423E12A5963B42A0B,NIDPLOGGING.600105002 session220-5A4B01D7B884FFF423E12A5963B42A0B
www-authenticate
Negotiate
x-cdn
Imperva
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-iinfo
10-60723710-60723738 PNYN RT(1684220183427 1283) q(0 0 0 -1) r(2 2) U24
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-cache
content-length
0
date
Tue, 16 May 2023 06:56:24 GMT
location
https://loginuat.colesgroup.com.au/nidp/saml2/sso?sid=0&option=credential
pragma
No-cache
strict-transport-security
max-age=31536000
x-cdn
Imperva
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-iinfo
10-60723710-60723738 NNNN CT(269 560 0) RT(1684220183427 21) q(0 1 9 99) r(12 12) U24
x-xss-protection
1; mode=block
mycoles.css
loginuat.colesgroup.com.au/nidp/resources/css/ 		124 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://loginuat.colesgroup.com.au/nidp/resources/css/mycoles.css
Requested by
Host: loginuat.colesgroup.com.au
URL: https://loginuat.colesgroup.com.au/nidp/saml2/sso?sid=0&option=credential
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.150.17 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
02fa1e9fc48e9b92c0de23e7af85be7382468ead9c084425bd46e877811e0db0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://loginuat.colesgroup.com.au/nidp/saml2/sso?sid=0&option=credential
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 16 May 2023 06:56:25 GMT
x-content-type-options
nosniff
last-modified
Wed, 09 Nov 2022 04:52:50 GMT
x-cdn
Imperva
content-encoding
gzip
etag
W/"127240-1667969570935"
x-frame-options
SAMEORIGIN
content-type
text/css
x-iinfo
10-60723710-60723738 PNYN RT(1684220183427 1612) q(0 0 0 -1) r(3 3) U24
accept-ranges
bytes
x-xss-protection
1; mode=block
jquery-1.9.1.min.js
loginuat.colesgroup.com.au/nidp/resources/js/ 		90 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://loginuat.colesgroup.com.au/nidp/resources/js/jquery-1.9.1.min.js
Requested by
Host: loginuat.colesgroup.com.au
URL: https://loginuat.colesgroup.com.au/nidp/saml2/sso?sid=0&option=credential
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.150.17 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
20638e363fcc5152155f24b281303e17da62da62d24ef5dcf863b184d9a25734
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://loginuat.colesgroup.com.au/nidp/saml2/sso?sid=0&option=credential
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 16 May 2023 06:56:25 GMT
x-content-type-options
nosniff
last-modified
Wed, 09 Nov 2022 04:53:40 GMT
x-cdn
Imperva
content-encoding
gzip
etag
W/"92633-1667969620333"
x-frame-options
SAMEORIGIN
content-type
text/javascript
x-iinfo
10-60723710-60723927 NNYN CT(262 262 0) RT(1684220183427 1614) q(0 0 5 -1) r(8 8) U24
accept-ranges
bytes
x-xss-protection
1; mode=block
jquery.selectbox-1.2.js
loginuat.colesgroup.com.au/nidp/resources/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://loginuat.colesgroup.com.au/nidp/resources/js/jquery.selectbox-1.2.js
Requested by
Host: loginuat.colesgroup.com.au
URL: https://loginuat.colesgroup.com.au/nidp/saml2/sso?sid=0&option=credential
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.150.17 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
0e58048c30277fd33bc8d075bd74887eeb82db2acec1ad20b171da52235582ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://loginuat.colesgroup.com.au/nidp/saml2/sso?sid=0&option=credential
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 16 May 2023 06:56:25 GMT
x-content-type-options
nosniff
last-modified
Wed, 09 Nov 2022 04:53:41 GMT
x-cdn
Imperva
content-encoding
gzip
etag
W/"10062-1667969621581"
x-frame-options
SAMEORIGIN
content-type
text/javascript
x-iinfo
10-60723710-60723929 NNYN CT(269 278 0) RT(1684220183427 1618) q(0 0 5 -1) r(8 8) U24
accept-ranges
bytes
x-xss-protection
1; mode=block
jquery.cookie.js
loginuat.colesgroup.com.au/nidp/resources/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://loginuat.colesgroup.com.au/nidp/resources/js/jquery.cookie.js
Requested by
Host: loginuat.colesgroup.com.au
URL: https://loginuat.colesgroup.com.au/nidp/saml2/sso?sid=0&option=credential
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.150.17 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
0032b7c67f96c4a33a5cbf68ecaec4c1798f02dcee76d095df8c1393bd7ce7c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://loginuat.colesgroup.com.au/nidp/saml2/sso?sid=0&option=credential
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 16 May 2023 06:56:25 GMT
x-content-type-options
nosniff
last-modified
Wed, 09 Nov 2022 04:53:40 GMT
x-cdn
Imperva
content-encoding
gzip
etag
W/"2318-1667969620962"
x-frame-options
SAMEORIGIN
content-type
text/javascript
x-iinfo
10-60723710-60723931 NNYN CT(270 276 0) RT(1684220183427 1621) q(0 0 5 -1) r(8 8) U24
accept-ranges
bytes
x-xss-protection
1; mode=block
respond.min.js
loginuat.colesgroup.com.au/nidp/resources/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://loginuat.colesgroup.com.au/nidp/resources/js/respond.min.js
Requested by
Host: loginuat.colesgroup.com.au
URL: https://loginuat.colesgroup.com.au/nidp/saml2/sso?sid=0&option=credential
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.150.17 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
749816ecfebd27111a8d3c3afbbd228c3f427d7ab9733d5a8f61f55c7844b1b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://loginuat.colesgroup.com.au/nidp/saml2/sso?sid=0&option=credential
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 16 May 2023 06:56:25 GMT
x-content-type-options
nosniff
last-modified
Wed, 09 Nov 2022 04:53:42 GMT
x-cdn
Imperva
content-encoding
gzip
etag
W/"4048-1667969622888"
x-frame-options
SAMEORIGIN
content-type
text/javascript
x-iinfo
10-60723710-60723933 NNYN CT(262 265 0) RT(1684220183427 1624) q(0 0 5 -1) r(8 8) U24
accept-ranges
bytes
x-xss-protection
1; mode=block
logo-footer.png
loginuat.colesgroup.com.au/nidp/resources/images/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loginuat.colesgroup.com.au/nidp/resources/images/logo-footer.png
Requested by
Host: loginuat.colesgroup.com.au
URL: https://loginuat.colesgroup.com.au/nidp/saml2/sso?sid=0&option=credential
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.150.17 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
b9a654bf049aa9e0de8e2ba666e92ce958ca578e3fae5465ac32aef848d84a51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://loginuat.colesgroup.com.au/nidp/saml2/sso?sid=0&option=credential
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 16 May 2023 06:56:26 GMT
x-content-type-options
nosniff
last-modified
Wed, 09 Nov 2022 04:53:26 GMT
x-cdn
Imperva
etag
W/"37546-1667969606281"
x-frame-options
SAMEORIGIN
content-type
image/png
x-iinfo
10-60723710-60723927 PNNN RT(1684220183427 2781) q(0 0 0 -1) r(3 3) U24
accept-ranges
bytes
content-length
37546
x-xss-protection
1; mode=block
mycoles.js
loginuat.colesgroup.com.au/nidp/resources/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://loginuat.colesgroup.com.au/nidp/resources/js/mycoles.js
Requested by
Host: loginuat.colesgroup.com.au
URL: https://loginuat.colesgroup.com.au/nidp/saml2/sso?sid=0&option=credential
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.150.17 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
380b88d0c281918ca320c8de386ee2a2deb97a0a30fd247d9cd85e75ab8c2875
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://loginuat.colesgroup.com.au/nidp/saml2/sso?sid=0&option=credential
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 16 May 2023 06:56:25 GMT
x-content-type-options
nosniff
last-modified
Wed, 09 Nov 2022 04:53:42 GMT
x-cdn
Imperva
content-encoding
gzip
etag
W/"3692-1667969622226"
x-frame-options
SAMEORIGIN
content-type
text/javascript
x-iinfo
10-60723710-60723931 PNYN RT(1684220183427 2488) q(0 0 0 -1) r(2 2) U24
accept-ranges
bytes
x-xss-protection
1; mode=block
_Incapsula_Resource
loginuat.colesgroup.com.au/ 		143 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://loginuat.colesgroup.com.au/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=2&cb=155024952
Requested by
Host: loginuat.colesgroup.com.au
URL: https://loginuat.colesgroup.com.au/nidp/saml2/sso?sid=0&option=credential
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.150.17 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
585870d8463d5ed3b4faaeee65abdfd2fae4986e32a2ded56ff7efcb3c328d56

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://loginuat.colesgroup.com.au/nidp/saml2/sso?sid=0&option=credential
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

cache-control
no-cache, no-store
content-encoding
gzip
x-robots-tag
noindex
content-length
20568
content-type
application/javascript
henning_skibbe_-_haptic-bold-webfont.woff
loginuat.colesgroup.com.au/nidp/resources/fonts/haptic/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://loginuat.colesgroup.com.au/nidp/resources/fonts/haptic/henning_skibbe_-_haptic-bold-webfont.woff
Requested by
Host: loginuat.colesgroup.com.au
URL: https://loginuat.colesgroup.com.au/nidp/resources/css/mycoles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.150.17 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
fddfb4834eb949f9f82b10f2be2a214debb2320cf418e1a8b8af96a4a6bee727
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://loginuat.colesgroup.com.au/nidp/resources/css/mycoles.css
Origin
https://loginuat.colesgroup.com.au
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 16 May 2023 06:56:26 GMT
x-content-type-options
nosniff
last-modified
Wed, 09 Nov 2022 04:53:04 GMT
x-cdn
Imperva
etag
W/"30248-1667969584369"
x-frame-options
SAMEORIGIN
x-iinfo
10-60723710-60723931 PNNN RT(1684220183427 2800) q(0 0 0 -1) r(3 3) U24
accept-ranges
bytes
content-length
30248
x-xss-protection
1; mode=block
_Incapsula_Resource
loginuat.colesgroup.com.au/ 		1 B
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loginuat.colesgroup.com.au/_Incapsula_Resource?SWKMTFSR=1&e=0.06477540116651936
Requested by
Host: loginuat.colesgroup.com.au
URL: https://loginuat.colesgroup.com.au/nidp/saml2/sso?sid=0&option=credential
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.150.17 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://loginuat.colesgroup.com.au/nidp/saml2/sso?sid=0&option=credential
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
1
content-type
text/plain

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless

15 Cookies

Domain/Path Name / Value
dstest.sf68.cloud.opentext.com/otdsws Name: nonce_b0334d23075c44bfa6c87435787e9766
Value: y
dstest.sf68.cloud.opentext.com/otdsws Name: OTDSTRUST
Value: https%3A%2F%2Fperformancemanager10.successfactors.com
dstest.sf68.cloud.opentext.com/otdsws Name: otdscsrf
Value: aad34f9080740f24cce2f16a909884e5
loginuat.colesgroup.com.au/nidp Name: JSESSIONID
Value: 5A4B01D7B884FFF423E12A5963B42A0B
loginuat.colesgroup.com.au/nidp Name: UrnNovellNidpClusterMemberId
Value: ~03~05~7Dbb~01~16~16hnq~0D~0E
cstest.sf68.cloud.opentext.com/ Name: BIGipServercstest.sf68.cloud.opentext.com_80
Value: !+2KJvMYQFTxK+YJJTAJh/nzT+1orq/tD6RJh0W3uLTqT8gzDjR691hwkj7+J9k5zr2a7/bLj/FPTQRo=
dstest.sf68.cloud.opentext.com/ Name: BIGipServerdstest.sf68.cloud.opentext.com_8080
Value: !gh/tzTq78ogrW09JTAJh/nzT+1orqymLLUHpOkJvIv0j/POo8m02RBZ7m4TO/hp8CfxzI35Ys7e6+V4=
performancemanager10.successfactors.com/ Name: route
Value: 1c14f7c618b961572500d3d9696e89dde88d9659
performancemanager10.successfactors.com/ Name: JSESSIONID
Value: D1C8B680A0C8BE90503237C2C4EBAE00.pc66bcf1042
performancemanager10.successfactors.com/ Name: oiosaml-fragment
Value:
a8txx00ft.accounts.ondemand.com/ Name: arc2d78e5
Value: AAAADLbv7ZYPLFuj6ESUyE8zcpuE22E7JxR1EpWtT5d3VVEEDZL%2BIolnODztROI4ftPrFEptpHz%2F%2B7WbPsE%2FHzKI07ZAnkrG8qOh7VAn2db05ONyInT2noXiNiZn0XKZlaM8%2BKu3k0E2g6HfYop1jgnj7VwzBSKR6XkK0w12TUgUT1IBdXS8wqG3u6d9JW7mQ3LJe4jjlEnNB1exToeUbCYCQK1mRToE6ELrmM0uM9ya%2Fny1l2fc29yzZDxOOtA7qW%2FGc3u%2Fl4oIEu1uWOvvnN0L4veyJkGmk1sho5ixatp3HocDatSBZftPbKcDwPqSZ3wA2sM1puPLPS7HqRxdsSmdG%2BmYlh5ZnbQU0oK%2FTvl4t7ezgD71GXN1Fr%2FPE%2BpMkzmO836yN4nu3Psk0b29Zmj3Xv4DSf05QJJKW27j3ii4CsLpx1nFP4THpyzQZUwug945s%2FmgwsG1YMXUohq9kJWBIEVU8jjjj7nVZ%2FAydIxNXKNr5yp6fj9SZBjzjM4SHdpUvv6OeuJ4sKY1mGfS0HtMd0tATxvd1nvdevchaA5FzqkYOf28%2B7Fwa2gCW3HutYEW9gq40%2FdcixYpPaM2zBCB1mXKyW9c0n0NoRQKk2h6c1swiN2fs44OvWpzS%2F6e%2BwNwObUmTb4hqOs%2FoSBHvfZlZnDXWyLcRRQZAlXDMNoW3kM2j14Mc45W5gFtlfdPbIKV6amNMSDSrSNGKGzzCfC%2F
a8txx00ft.accounts.ondemand.com/ Name: XSRF_COOKIE
Value: "FTtDZUkeFO+/ve+/vQjvv73IpgJzKmLvv71lAO+/ve+/vVrfj0Hvv73YnO+/vXNtOjE2ODQyMjAxODMyNTA="
a8txx00ft.accounts.ondemand.com/ Name: JSESSIONID
Value: 71BF51311A26259EB0B83203F32C6901
.colesgroup.com.au/ Name: visid_incap_2884711
Value: 8Wkd8EAJQ227vRrhvQWCXxcpY2QAAAAAQUIPAAAAAABEh2OAE7qLXHJu+4fVadSw
.colesgroup.com.au/ Name: incap_ses_8074_2884711
Value: D8CNNnAjhQQljygw85wMcBgpY2QAAAAAgGMBjkoBXRmm2LFLRBLu5g==

1 Console Messages

Source Level URL
Text
network error URL: https://loginuat.colesgroup.com.au/nidp/saml2/sso?sid=0&option=credential
Message:
Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy style-src 'unsafe-inline' 'self'; frame-ancestors 'self'; default-src 'self'
X-Content-Type-Options nosniff nosniff
X-Frame-Options ALLOW-FROM https://performancemanager10.successfactors.com SAMEORIGIN
X-Xss-Protection 1; mode=block 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a8txx00ft.accounts.ondemand.com
cstest.sf68.cloud.opentext.com
dstest.sf68.cloud.opentext.com
loginuat.colesgroup.com.au
performancemanager10.successfactors.com
142.75.27.107
142.75.27.108
157.133.168.73
23.52.147.208
45.60.150.17
0032b7c67f96c4a33a5cbf68ecaec4c1798f02dcee76d095df8c1393bd7ce7c0
004af506e311530e0f7c8e33775fca2a63182ff2f1bce708e7aa2ec6803be2ba
02fa1e9fc48e9b92c0de23e7af85be7382468ead9c084425bd46e877811e0db0
03c7a84b9f1c5937178be613be47a751925a8559a111aa5f1b68cc4952ac39ea
0e58048c30277fd33bc8d075bd74887eeb82db2acec1ad20b171da52235582ff
20638e363fcc5152155f24b281303e17da62da62d24ef5dcf863b184d9a25734
2ee483c6c8ac0a1a070fa2a1af9ef0c46fca385b84ffad5a0abba2b48e226e02
380b88d0c281918ca320c8de386ee2a2deb97a0a30fd247d9cd85e75ab8c2875
585870d8463d5ed3b4faaeee65abdfd2fae4986e32a2ded56ff7efcb3c328d56
749816ecfebd27111a8d3c3afbbd228c3f427d7ab9733d5a8f61f55c7844b1b5
8a3314f5364e21a59e2f016182b71b9ad28a2419621119fe0a6047b49f57879f
8eab62a0d2e4813fb00e42c51833fea41d22837f2f12633cede51ea7e161bb1a
b9a654bf049aa9e0de8e2ba666e92ce958ca578e3fae5465ac32aef848d84a51
e2aaec9826f489c85b078bbbec0efdb872fcbd16c74677111288bd7b02e807a9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f00eeeab81c4c66eba0895307d9ea8387483dffe67b33a0682abaf916ffde9b9
f0cb03dac64bf20f41bfb56e68b0cd8b5547d559c808a6ac77523450dd587f98
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fddfb4834eb949f9f82b10f2be2a214debb2320cf418e1a8b8af96a4a6bee727