Submitted URL: https://petrobras.myhbp.org/hmm12/articles/H0578O-PDF-ENG.PDF
Effective URL: https://hcm19.sapsf.com/saml2/Login?company=C0000162754P&RelayState=/sf/idp/SAML2/SSO/POST/company/C0000162754P&_s.crb=XDIBc4XwD2RkLEzMrTKRap54DAkvsXSwDR2azwsBCBY%253d
Submission: On June 30 via api from US

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 9 HTTP transactions. The main IP is 23.8.8.241, located in Netherlands and belongs to AKAMAI-ASN1, EU. The main domain is hcm19.sapsf.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on May 15th 2020. Valid for: a year.
This is the only time hcm19.sapsf.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 13.224.102.50 16509 (AMAZON-02)
1 5 23.8.8.241 20940 (AKAMAI-ASN1)
4 164.85.5.33 23074 (PETROLEO ...)
9 3
Domain
Subdomains
Transfer
5 sapsf.com
11 KB
4 petrobras.com.br
220 KB
2 myhbp.org
2 KB
9 3
Domain Requested by
5 hcm19.sapsf.com 1 redirects myhbp.org
hcm19.sapsf.com
4 idp.petrobras.com.br idp.petrobras.com.br
1 myhbp.org
1 petrobras.myhbp.org 1 redirects
9 4

This site contains links to these domains. Also see Links.

Domain
Subject / Issuer Validity Valid
*.myhbp.org
DigiCert SHA2 High Assurance Server CA
2020-06-22 -
2022-07-15
2 years
*.sapsf.com
DigiCert SHA2 Secure Server CA
2020-05-15 -
2021-08-14
a year
idp.petrobras.com.br
DigiCert SHA2 Secure Server CA
2019-11-29 -
2020-11-29
a year

Screenshot


Detected technologies

Web
Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i

Web
Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i


Stats

0
Requests

0
Ad-blocked

0
Malicious

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

0
IPs

0
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

9 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
startSSO.ping?PartnerIdpId=https%3A%2F%2Fhcm19.sapsf.com%2Fsf%2Fidp%2FSAML2%2Fcompany%2FC0000162754P&RequestedAcsUrl=https%3A%2F%2Fmyhbp.org%2Fping%2Fsp%2FACS.saml2&TargetResource=https%3A%2F%2Fpet...
myhbp.org/ping/sp
Redirect Chain
  • https://petrobras.myhbp.org/hmm12/articles/H0578O-PDF-ENG.PDF
  • https://myhbp.org/ping/sp/startSSO.ping?PartnerIdpId=https%3A%2F%2Fhcm19.sapsf.com%2Fsf%2Fidp%2FSAML2%2Fcompany%2FC0000162754P&RequestedAcsUrl=https%3A%2F%2Fmyhbp.org%2Fping%2Fsp%2FACS.saml2&Target...
1 KB
2 KB
Document
General
Full URL
https://myhbp.org/ping/sp/startSSO.ping?PartnerIdpId=https%3A%2F%2Fhcm19.sapsf.com%2Fsf%2Fidp%2FSAML2%2Fcompany%2FC0000162754P&RequestedAcsUrl=https%3A%2F%2Fmyhbp.org%2Fping%2Fsp%2FACS.saml2&TargetResource=https%3A%2F%2Fpetrobras.myhbp.org%3A443%2Fhmm12%2Fauthenticate%3Fcontinue%3D%252Farticles%252FH0578O-PDF-ENG.PDF
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.102.50 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-50.zrh50.r.cloudfront.net
Software
/
Resource Hash
b272509ca5b46e446a01ea6faed0d02a87a847d71bc03b6313f5b18628c87bc3
Security Headers
Name Value
Content-Security-Policy referrer origin

Request headers

:method
GET
:authority
myhbp.org
:scheme
https
:path
/ping/sp/startSSO.ping?PartnerIdpId=https%3A%2F%2Fhcm19.sapsf.com%2Fsf%2Fidp%2FSAML2%2Fcompany%2FC0000162754P&RequestedAcsUrl=https%3A%2F%2Fmyhbp.org%2Fping%2Fsp%2FACS.saml2&TargetResource=https%3A%2F%2Fpetrobras.myhbp.org%3A443%2Fhmm12%2Fauthenticate%3Fcontinue%3D%252Farticles%252FH0578O-PDF-ENG.PDF
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
content-type
text/html;charset=utf-8
content-length
868
cache-control
no-cache, no-store no-cache="set-cookie"
content-encoding
gzip
content-security-policy
referrer origin
date
Tue, 30 Jun 2020 09:40:12 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
leg
PROD2
pragma
no-cache
server
set-cookie
PF=8wQny6mQqbW2a2Vlg8K8Ck;Path=/;SameSite=None;Secure;HttpOnly AWSELB=BD61035906F6E439A79D6CEF1F8FFD74ACD03CFC76F721753E35DEF7F4AA412499E56C558B8C7C3A6FBEF1D903B5AE4F390B50B9749C2C3593DC2D36FA0CBD695296EC958A;PATH=/;MAX-AGE=86400 AWSELBCORS=BD61035906F6E439A79D6CEF1F8FFD74ACD03CFC76F721753E35DEF7F4AA412499E56C558B8C7C3A6FBEF1D903B5AE4F390B50B9749C2C3593DC2D36FA0CBD695296EC958A;PATH=/;MAX-AGE=86400;SECURE;SAMESITE=None
vary
Accept-Encoding Accept-Encoding
x-cache
Miss from cloudfront
via
1.1 6b0e09b8a7d995016df1513b4b11c17e.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
3mrLeLdrHPErDRKRSJQWiS2Z5yldZZQCzzDewwne0bqI9dAmyCD7vg==

Redirect headers

status
302
content-length
0
location
https://myhbp.org/ping/sp/startSSO.ping?PartnerIdpId=https%3A%2F%2Fhcm19.sapsf.com%2Fsf%2Fidp%2FSAML2%2Fcompany%2FC0000162754P&RequestedAcsUrl=https%3A%2F%2Fmyhbp.org%2Fping%2Fsp%2FACS.saml2&TargetResource=https%3A%2F%2Fpetrobras.myhbp.org%3A443%2Fhmm12%2Fauthenticate%3Fcontinue%3D%252Farticles%252FH0578O-PDF-ENG.PDF
cache-control
no-cache, no-store, max-age=0, must-revalidate
date
Tue, 30 Jun 2020 09:40:12 GMT
expires
0
pragma
no-cache
server
set-cookie
app-context=/hmm12; Domain=petrobras.myhbp.org; Path=/; Secure SESSION=1be9fd98-3498-443f-80ef-4c7145a32836; Path=/hmm12/; Secure; HttpOnly
strict-transport-security
max-age=31536000 ; includeSubDomains
x-xss-protection
1; mode=block
x-cache
Miss from cloudfront
via
1.1 6b0e09b8a7d995016df1513b4b11c17e.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
nFViowPE9p-YnfQ64L5_sNabjYASd76PE7vVfdSe7BWb66ExRHXJOQ==
C0000162754P&_s.crb=XDIBc4XwD2RkLEzMrTKRap54DAkvsXSwDR2azwsBCBY%253d
/saml2/Login?company=C0000162754P&RelayState=/sf/idp/SAML2/SSO/POST/company
Redirect Chain
  • https://hcm19.sapsf.com/sf/idp/SAML2/SSO/POST/company/C0000162754P
  • https://hcm19.sapsf.com/saml2/Login?company=C0000162754P&RelayState=/sf/idp/SAML2/SSO/POST/company/C0000162754P&_s.crb=XDIBc4XwD2RkLEzMrTKRap54DAkvsXSwDR2azwsBCBY%253d
2 KB
2 KB
Document
General
Full URL
https://hcm19.sapsf.com/saml2/Login?company=C0000162754P&RelayState=/sf/idp/SAML2/SSO/POST/company/C0000162754P&_s.crb=XDIBc4XwD2RkLEzMrTKRap54DAkvsXSwDR2azwsBCBY%253d
Requested by
Host: myhbp.org
URL: https://myhbp.org/ping/sp/startSSO.ping?PartnerIdpId=https%3A%2F%2Fhcm19.sapsf.com%2Fsf%2Fidp%2FSAML2%2Fcompany%2FC0000162754P&RequestedAcsUrl=https%3A%2F%2Fmyhbp.org%2Fping%2Fsp%2FACS.saml2&TargetResource=https%3A%2F%2Fpetrobras.myhbp.org%3A443%2Fhmm12%2Fauthenticate%3Fcontinue%3D%252Farticles%252FH0578O-PDF-ENG.PDF
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.8.8.241 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a23-8-8-241.deploy.static.akamaitechnologies.com
Software
Successfactors /
Resource Hash
b6a6d2fad625906b8063dfad91027a4bc3bf1f416f45a5683ca1cda031db66cb
Security Headers
Name Value
Strict-Transport-Security max-age=16070400

Request headers

Host
hcm19.sapsf.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://myhbp.org/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
route=198c0408c25c44592f8510d4ef776a0c1e4ac4dd; OptierRQUUID=b2b737a7-bab5-11ea-97f6-4d86ce33a7b7; JSESSIONID=A50F6B031A4F4032CAF65BE6164711C6.mo-2b1137fa9
Upgrade-Insecure-Requests
1
Origin
https://myhbp.org
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://myhbp.org/

Response headers

Content-Type
text/html;charset=UTF-8
Vary
Accept-Encoding
OPTR_CXT
0100010000b2e01c69-bab5-11ea-97f6-4d86ce33a7b700000000-0000-0000-0000-000000000001-1 HTTP ;
X-Unique-ID
b0d01b4fddc9432916dc9ceb1b5ea896
X-Event-ID
EVENT-UNKNOWN-UNKNOWN-lnF1a0026eb8-20200630094014-451306
Pragma
no-cache
Expires
Wed, 31 Dec 1969 23:59:59 GMT
Cache-Control
no-store,no-cache
X-Request-Stats
SQLT=0&FWR=0&NRE=0&ST=1593510014112&EID=EVENT-UNKNOWN-UNKNOWN-lnF1a0026eb8-20200630094014-451306&NWR=0&CPU=20&SVT=19&SQLC=0&SCPU=0&MEM=8981&UCPU=20&FRE=0
Server
Successfactors
Strict-Transport-Security
max-age=16070400
X-ITR-Target-Cluster
defaultCluster
X-ITR-Server
fbe9eb46b4315923a12b25e8c395872ec48121f8
Content-Encoding
gzip
Content-Length
1120
Date
Tue, 30 Jun 2020 09:40:14 GMT
Connection
keep-alive

Redirect headers

Content-Length
0
OPTR_CXT
0100010000b2b737a7-bab5-11ea-97f6-4d86ce33a7b700000000-0000-0000-0000-000000000001-1 HTTP ;
X-Unique-ID
a1f181d5fb046c3c87c4402674cb0108
X-Event-ID
EVENT-UNKNOWN-UNKNOWN-lnF1a0026eb8-20200630094013-451305
Location
/saml2/Login?company=C0000162754P&RelayState=/sf/idp/SAML2/SSO/POST/company/C0000162754P&_s.crb=XDIBc4XwD2RkLEzMrTKRap54DAkvsXSwDR2azwsBCBY%253d
Server
Successfactors
Strict-Transport-Security
max-age=16070400
Cache-Control
no-store,no-cache
X-ITR-Target-Cluster
defaultCluster
X-ITR-Server
fbe9eb46b4315923a12b25e8c395872ec48121f8
Date
Tue, 30 Jun 2020 09:40:13 GMT
Connection
keep-alive
Set-Cookie
route=198c0408c25c44592f8510d4ef776a0c1e4ac4dd; Path=/; Secure; HttpOnly; SameSite=None OptierRQUUID=b2b737a7-bab5-11ea-97f6-4d86ce33a7b7; Max-Age=30; Expires=Tue, 30-Jun-2020 09:40:43 GMT; Path=/ %2Fsf%2Fidp%2FSAML2%2FSSO%2FPOST%2Fcompany%2FC0000162754P-markFromServer=true; Max-Age=60; Expires=Tue, 30-Jun-2020 09:41:13 GMT JSESSIONID=A50F6B031A4F4032CAF65BE6164711C6.mo-2b1137fa9; Path=/; Secure; HttpOnly; SameSite=None
XMLHttpRequest.js
/ui/extlib/XMLHttpRequest_1.0.5_sf.17
7 KB
3 KB
Script
General
Full URL
https://hcm19.sapsf.com/ui/extlib/XMLHttpRequest_1.0.5_sf.17/XMLHttpRequest.js
Requested by
Host: hcm19.sapsf.com
URL: https://hcm19.sapsf.com/saml2/Login?company=C0000162754P&RelayState=/sf/idp/SAML2/SSO/POST/company/C0000162754P&_s.crb=XDIBc4XwD2RkLEzMrTKRap54DAkvsXSwDR2azwsBCBY%253d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.8.8.241 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a23-8-8-241.deploy.static.akamaitechnologies.com
Software
Successfactors /
Resource Hash
7e6379700b493a70d66cb2af4adc231a22dc68968ac8b57a87485b3ae2ccdfa8
Security Headers
Name Value
Strict-Transport-Security max-age=16070400

Request headers

Referer
https://hcm19.sapsf.com/saml2/Login?company=C0000162754P&RelayState=/sf/idp/SAML2/SSO/POST/company/C0000162754P&_s.crb=XDIBc4XwD2RkLEzMrTKRap54DAkvsXSwDR2azwsBCBY%253d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=16070400
Content-Encoding
gzip
Server
Successfactors
ETag
W/"5ee459d5-1b9f"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=313982432
Date
Tue, 30 Jun 2020 09:40:14 GMT
Connection
keep-alive
Content-Length
2721
Expires
Wed, 12 Jun 2030 11:00:46 GMT
perflog_e24d858ee7ba94db00772f3135206a89.js
/ui/perflog/js
10 KB
4 KB
Script
General
Full URL
https://hcm19.sapsf.com/ui/perflog/js/perflog_e24d858ee7ba94db00772f3135206a89.js
Requested by
Host: hcm19.sapsf.com
URL: https://hcm19.sapsf.com/saml2/Login?company=C0000162754P&RelayState=/sf/idp/SAML2/SSO/POST/company/C0000162754P&_s.crb=XDIBc4XwD2RkLEzMrTKRap54DAkvsXSwDR2azwsBCBY%253d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.8.8.241 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a23-8-8-241.deploy.static.akamaitechnologies.com
Software
Successfactors /
Resource Hash
952141efafc083f700e82804d55c6e806a0d0020954eaece7d3e962216f79424
Security Headers
Name Value
Strict-Transport-Security max-age=16070400

Request headers

Referer
https://hcm19.sapsf.com/saml2/Login?company=C0000162754P&RelayState=/sf/idp/SAML2/SSO/POST/company/C0000162754P&_s.crb=XDIBc4XwD2RkLEzMrTKRap54DAkvsXSwDR2azwsBCBY%253d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=16070400
Content-Encoding
gzip
Server
Successfactors
ETag
W/"5ee45a56-27ce"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=313982447
Date
Tue, 30 Jun 2020 09:40:14 GMT
Connection
keep-alive
Content-Length
3805
Expires
Wed, 12 Jun 2030 11:01:01 GMT
perfLogServlet?callId=2601944003-X&ST=1593510012982&ET=1593510014322&RED=1&TTB=255&RSR=1269&DIA=1339&DCP=1340
0
720 B
XHR
General
Full URL
https://hcm19.sapsf.com/perfLogServlet?callId=2601944003-X&ST=1593510012982&ET=1593510014322&RED=1&TTB=255&RSR=1269&DIA=1339&DCP=1340
Requested by
Host: hcm19.sapsf.com
URL: https://hcm19.sapsf.com/ui/extlib/XMLHttpRequest_1.0.5_sf.17/XMLHttpRequest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.8.8.241 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a23-8-8-241.deploy.static.akamaitechnologies.com
Software
Successfactors /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=16070400

Request headers

X-Req-Hash
-j-DH_-jCjEh9xjQ_gvOpQn5_gLjzdOMn7aLotqOmdaNlv4AuPqXmtuTmNuLmdaLm78Sm6zfvdOLnt8NnteKmdeOmNiMj9jfrdOLj9ruq7OMntuAu9nspteMn78Are9bpteNmK
Referer
https://hcm19.sapsf.com/saml2/Login?company=C0000162754P&RelayState=/sf/idp/SAML2/SSO/POST/company/C0000162754P&_s.crb=XDIBc4XwD2RkLEzMrTKRap54DAkvsXSwDR2azwsBCBY%253d
X-Ajax-Token
undefined
X-Subaction
0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

Strict-Transport-Security
max-age=16070400
X-Unique-ID
431e9bf066896cee1c4f6fccb88ababb
Server
Successfactors
Date
Tue, 30 Jun 2020 09:40:14 GMT
X-ITR-Target-Cluster
defaultCluster
X-Request-Stats
SQLT=0&FWR=0&NRE=0&ST=1593510014432&EID=EVENT-UNKNOWN-UNKNOWN-lnF1a0026eb8-20200630094014-451307&NWR=0&CPU=0&SVT=1&SQLC=0&SCPU=0&MEM=291&UCPU=0&FRE=0
Cache-Control
no-store,no-cache
X-ITR-Server
fbe9eb46b4315923a12b25e8c395872ec48121f8
X-Event-ID
EVENT-UNKNOWN-UNKNOWN-lnF1a0026eb8-20200630094014-451307
Connection
keep-alive
OPTR_CXT
0100010000b311177b-bab5-11ea-97f6-4d86ce33a7b700000000-0000-0000-0000-000000000001-1 HTTP ;
Content-Length
0
?SAMLRequest=fZJNT8MwDIb%2FSuR72rSEskXr0GBCTOKjgsKBC0rTFCK1SYlTBv%2Be0g0EB8jRee3XfuzF8VvXklft0TibQxIxINoqVxv7lMNdeUZncLxcoOzatBerITzbG%2F0yaAxkTLQodj85DN4KJ9GgsLLTKIISt6vLC5FGTPTeBadcC2Q9Jhorw2T2HE...
idp.petrobras.com.br/adfs/ls
18 KB
19 KB
Document
General
Full URL
https://idp.petrobras.com.br/adfs/ls/?SAMLRequest=fZJNT8MwDIb%2FSuR72rSEskXr0GBCTOKjgsKBC0rTFCK1SYlTBv%2Be0g0EB8jRee3XfuzF8VvXklft0TibQxIxINoqVxv7lMNdeUZncLxcoOzatBerITzbG%2F0yaAxkTLQodj85DN4KJ9GgsLLTKIISt6vLC5FGTPTeBadcC2Q9Jhorw2T2HEKPIo5N3Ue9Dt5VXmKkXBdVPpZ1g3GLMZAz55WenHNoZIsayGadw%2BPhvMoO0kzR5qhSlKc8o7NkxmnNWTqfs4pXnI9SxEFvLAZpQw4pSxllGT1gJZsLzkTCoySZPQAp9j2eGLub%2Fb%2BBqp0IxXlZFrS4vi2B3H8xHAWwJyYmd%2F8T1f%2BFJaL2n3Rg%2BUVnu91GOCilERupgvMToviUjS%2FJ0qNDXizin27f27oay2%2FWhWuNeiertnXbU69l0DkEP%2BgJbCfD3w0lUTJFTE2bSSoGi71WpjG6hni5t%2F19FssP&RelayState=%2Fsf%2Fidp%2FSAML2%2FSSO%2FPOST%2Fcompany%2FC0000162754P&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=OTsiqn1jMXzgDiU89F7xvHF6qvPL4%2FO%2Bh8dwIu0L8Vb%2BNqCkkzLtN5wAK%2Fdsx4m7nV2sC3GL%2FZAZlsip41E2RzBp7TyPyfaPnAWQMcgurAMTM4OF57fFaD66z3LMyH%2FRRvW86IP2yEnAsTUwXqnkx26ZrgA5ftFKBimhM30Cprs%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
164.85.5.33 , Brazil, ASN23074 (PETROLEO BRASILEIRO S.A. - PETROBRAS, BR),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d079cc82f326124b4be17783172b369078ce1c4f1eb8a154a066e4463876ac88
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Host
idp.petrobras.com.br
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://hcm19.sapsf.com/saml2/Login?company=C0000162754P&RelayState=/sf/idp/SAML2/SSO/POST/company/C0000162754P&_s.crb=XDIBc4XwD2RkLEzMrTKRap54DAkvsXSwDR2azwsBCBY%253d
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://hcm19.sapsf.com/saml2/Login?company=C0000162754P&RelayState=/sf/idp/SAML2/SSO/POST/company/C0000162754P&_s.crb=XDIBc4XwD2RkLEzMrTKRap54DAkvsXSwDR2azwsBCBY%253d

Response headers

Cache-Control
no-cache,no-store
Pragma
no-cache
Content-Length
18733
Content-Type
text/html; charset=utf-8
Expires
-1
Server
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
X-Frame-Options
DENY
Date
Tue, 30 Jun 2020 09:40:16 GMT
style.css?id=D74D4D6943F32AE6F7F11D14D601DBB0E1A58919176EE512150366B6279AAF99
idp.petrobras.com.br/adfs/portal/css
8 KB
8 KB
Stylesheet
General
Full URL
https://idp.petrobras.com.br/adfs/portal/css/style.css?id=D74D4D6943F32AE6F7F11D14D601DBB0E1A58919176EE512150366B6279AAF99
Requested by
Host: idp.petrobras.com.br
URL: https://idp.petrobras.com.br/adfs/ls/?SAMLRequest=fZJNT8MwDIb%2FSuR72rSEskXr0GBCTOKjgsKBC0rTFCK1SYlTBv%2Be0g0EB8jRee3XfuzF8VvXklft0TibQxIxINoqVxv7lMNdeUZncLxcoOzatBerITzbG%2F0yaAxkTLQodj85DN4KJ9GgsLLTKIISt6vLC5FGTPTeBadcC2Q9Jhorw2T2HEKPIo5N3Ue9Dt5VXmKkXBdVPpZ1g3GLMZAz55WenHNoZIsayGadw%2BPhvMoO0kzR5qhSlKc8o7NkxmnNWTqfs4pXnI9SxEFvLAZpQw4pSxllGT1gJZsLzkTCoySZPQAp9j2eGLub%2Fb%2BBqp0IxXlZFrS4vi2B3H8xHAWwJyYmd%2F8T1f%2BFJaL2n3Rg%2BUVnu91GOCilERupgvMToviUjS%2FJ0qNDXizin27f27oay2%2FWhWuNeiertnXbU69l0DkEP%2BgJbCfD3w0lUTJFTE2bSSoGi71WpjG6hni5t%2F19FssP&RelayState=%2Fsf%2Fidp%2FSAML2%2FSSO%2FPOST%2Fcompany%2FC0000162754P&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=OTsiqn1jMXzgDiU89F7xvHF6qvPL4%2FO%2Bh8dwIu0L8Vb%2BNqCkkzLtN5wAK%2Fdsx4m7nV2sC3GL%2FZAZlsip41E2RzBp7TyPyfaPnAWQMcgurAMTM4OF57fFaD66z3LMyH%2FRRvW86IP2yEnAsTUwXqnkx26ZrgA5ftFKBimhM30Cprs%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
164.85.5.33 , Brazil, ASN23074 (PETROLEO BRASILEIRO S.A. - PETROBRAS, BR),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d74d4d6943f32ae6f7f11d14d601dbb0e1a58919176ee512150366b6279aaf99

Request headers

Referer
https://idp.petrobras.com.br/adfs/ls/?SAMLRequest=fZJNT8MwDIb%2FSuR72rSEskXr0GBCTOKjgsKBC0rTFCK1SYlTBv%2Be0g0EB8jRee3XfuzF8VvXklft0TibQxIxINoqVxv7lMNdeUZncLxcoOzatBerITzbG%2F0yaAxkTLQodj85DN4KJ9GgsLLTKIISt6vLC5FGTPTeBadcC2Q9Jhorw2T2HEKPIo5N3Ue9Dt5VXmKkXBdVPpZ1g3GLMZAz55WenHNoZIsayGadw%2BPhvMoO0kzR5qhSlKc8o7NkxmnNWTqfs4pXnI9SxEFvLAZpQw4pSxllGT1gJZsLzkTCoySZPQAp9j2eGLub%2Fb%2BBqp0IxXlZFrS4vi2B3H8xHAWwJyYmd%2F8T1f%2BFJaL2n3Rg%2BUVnu91GOCilERupgvMToviUjS%2FJ0qNDXizin27f27oay2%2FWhWuNeiertnXbU69l0DkEP%2BgJbCfD3w0lUTJFTE2bSSoGi71WpjG6hni5t%2F19FssP&RelayState=%2Fsf%2Fidp%2FSAML2%2FSSO%2FPOST%2Fcompany%2FC0000162754P&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=OTsiqn1jMXzgDiU89F7xvHF6qvPL4%2FO%2Bh8dwIu0L8Vb%2BNqCkkzLtN5wAK%2Fdsx4m7nV2sC3GL%2FZAZlsip41E2RzBp7TyPyfaPnAWQMcgurAMTM4OF57fFaD66z3LMyH%2FRRvW86IP2yEnAsTUwXqnkx26ZrgA5ftFKBimhM30Cprs%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 30 Jun 2020 09:40:16 GMT
Expires
Thu, 30 Jul 2020 09:40:17 GMT
Server
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
ETag
D74D4D6943F32AE6F7F11D14D601DBB0E1A58919176EE512150366B6279AAF99
Content-Length
7812
Content-Type
text/css
logo.png?id=9CFCA99D1902FE4FBF62301982415231DBD782140DC5BD7B700EBFD480D76E13
idp.petrobras.com.br/adfs/portal/logo
7 KB
8 KB
Image
General
Full URL
https://idp.petrobras.com.br/adfs/portal/logo/logo.png?id=9CFCA99D1902FE4FBF62301982415231DBD782140DC5BD7B700EBFD480D76E13
Requested by
Host: idp.petrobras.com.br
URL: https://idp.petrobras.com.br/adfs/ls/?SAMLRequest=fZJNT8MwDIb%2FSuR72rSEskXr0GBCTOKjgsKBC0rTFCK1SYlTBv%2Be0g0EB8jRee3XfuzF8VvXklft0TibQxIxINoqVxv7lMNdeUZncLxcoOzatBerITzbG%2F0yaAxkTLQodj85DN4KJ9GgsLLTKIISt6vLC5FGTPTeBadcC2Q9Jhorw2T2HEKPIo5N3Ue9Dt5VXmKkXBdVPpZ1g3GLMZAz55WenHNoZIsayGadw%2BPhvMoO0kzR5qhSlKc8o7NkxmnNWTqfs4pXnI9SxEFvLAZpQw4pSxllGT1gJZsLzkTCoySZPQAp9j2eGLub%2Fb%2BBqp0IxXlZFrS4vi2B3H8xHAWwJyYmd%2F8T1f%2BFJaL2n3Rg%2BUVnu91GOCilERupgvMToviUjS%2FJ0qNDXizin27f27oay2%2FWhWuNeiertnXbU69l0DkEP%2BgJbCfD3w0lUTJFTE2bSSoGi71WpjG6hni5t%2F19FssP&RelayState=%2Fsf%2Fidp%2FSAML2%2FSSO%2FPOST%2Fcompany%2FC0000162754P&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=OTsiqn1jMXzgDiU89F7xvHF6qvPL4%2FO%2Bh8dwIu0L8Vb%2BNqCkkzLtN5wAK%2Fdsx4m7nV2sC3GL%2FZAZlsip41E2RzBp7TyPyfaPnAWQMcgurAMTM4OF57fFaD66z3LMyH%2FRRvW86IP2yEnAsTUwXqnkx26ZrgA5ftFKBimhM30Cprs%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
164.85.5.33 , Brazil, ASN23074 (PETROLEO BRASILEIRO S.A. - PETROBRAS, BR),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
9cfca99d1902fe4fbf62301982415231dbd782140dc5bd7b700ebfd480d76e13

Request headers

Referer
https://idp.petrobras.com.br/adfs/ls/?SAMLRequest=fZJNT8MwDIb%2FSuR72rSEskXr0GBCTOKjgsKBC0rTFCK1SYlTBv%2Be0g0EB8jRee3XfuzF8VvXklft0TibQxIxINoqVxv7lMNdeUZncLxcoOzatBerITzbG%2F0yaAxkTLQodj85DN4KJ9GgsLLTKIISt6vLC5FGTPTeBadcC2Q9Jhorw2T2HEKPIo5N3Ue9Dt5VXmKkXBdVPpZ1g3GLMZAz55WenHNoZIsayGadw%2BPhvMoO0kzR5qhSlKc8o7NkxmnNWTqfs4pXnI9SxEFvLAZpQw4pSxllGT1gJZsLzkTCoySZPQAp9j2eGLub%2Fb%2BBqp0IxXlZFrS4vi2B3H8xHAWwJyYmd%2F8T1f%2BFJaL2n3Rg%2BUVnu91GOCilERupgvMToviUjS%2FJ0qNDXizin27f27oay2%2FWhWuNeiertnXbU69l0DkEP%2BgJbCfD3w0lUTJFTE2bSSoGi71WpjG6hni5t%2F19FssP&RelayState=%2Fsf%2Fidp%2FSAML2%2FSSO%2FPOST%2Fcompany%2FC0000162754P&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=OTsiqn1jMXzgDiU89F7xvHF6qvPL4%2FO%2Bh8dwIu0L8Vb%2BNqCkkzLtN5wAK%2Fdsx4m7nV2sC3GL%2FZAZlsip41E2RzBp7TyPyfaPnAWQMcgurAMTM4OF57fFaD66z3LMyH%2FRRvW86IP2yEnAsTUwXqnkx26ZrgA5ftFKBimhM30Cprs%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 30 Jun 2020 09:40:16 GMT
Expires
Thu, 30 Jul 2020 09:40:17 GMT
Server
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
ETag
9CFCA99D1902FE4FBF62301982415231DBD782140DC5BD7B700EBFD480D76E13
Content-Length
7485
Content-Type
image/png
illustration.jpg?id=EB1AD3E512943AFF7BC50A50B342107068ACFC3AC059A528736DB7C99965325D
idp.petrobras.com.br/adfs/portal/illustration
185 KB
186 KB
Image
General
Full URL
https://idp.petrobras.com.br/adfs/portal/illustration/illustration.jpg?id=EB1AD3E512943AFF7BC50A50B342107068ACFC3AC059A528736DB7C99965325D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
164.85.5.33 , Brazil, ASN23074 (PETROLEO BRASILEIRO S.A. - PETROBRAS, BR),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
eb1ad3e512943aff7bc50a50b342107068acfc3ac059a528736db7c99965325d

Request headers

Referer
https://idp.petrobras.com.br/adfs/ls/?SAMLRequest=fZJNT8MwDIb%2FSuR72rSEskXr0GBCTOKjgsKBC0rTFCK1SYlTBv%2Be0g0EB8jRee3XfuzF8VvXklft0TibQxIxINoqVxv7lMNdeUZncLxcoOzatBerITzbG%2F0yaAxkTLQodj85DN4KJ9GgsLLTKIISt6vLC5FGTPTeBadcC2Q9Jhorw2T2HEKPIo5N3Ue9Dt5VXmKkXBdVPpZ1g3GLMZAz55WenHNoZIsayGadw%2BPhvMoO0kzR5qhSlKc8o7NkxmnNWTqfs4pXnI9SxEFvLAZpQw4pSxllGT1gJZsLzkTCoySZPQAp9j2eGLub%2Fb%2BBqp0IxXlZFrS4vi2B3H8xHAWwJyYmd%2F8T1f%2BFJaL2n3Rg%2BUVnu91GOCilERupgvMToviUjS%2FJ0qNDXizin27f27oay2%2FWhWuNeiertnXbU69l0DkEP%2BgJbCfD3w0lUTJFTE2bSSoGi71WpjG6hni5t%2F19FssP&RelayState=%2Fsf%2Fidp%2FSAML2%2FSSO%2FPOST%2Fcompany%2FC0000162754P&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=OTsiqn1jMXzgDiU89F7xvHF6qvPL4%2FO%2Bh8dwIu0L8Vb%2BNqCkkzLtN5wAK%2Fdsx4m7nV2sC3GL%2FZAZlsip41E2RzBp7TyPyfaPnAWQMcgurAMTM4OF57fFaD66z3LMyH%2FRRvW86IP2yEnAsTUwXqnkx26ZrgA5ftFKBimhM30Cprs%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 30 Jun 2020 09:40:16 GMT
Expires
Thu, 30 Jul 2020 09:40:17 GMT
Server
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
ETag
EB1AD3E512943AFF7BC50A50B342107068ACFC3AC059A528736DB7C99965325D
Content-Length
189704
Content-Type
image/jpg

Redirect requests

There were HTTP redirects (301, 302) for the following requests:

Request 0
  • https://petrobras.myhbp.org/hmm12/articles/H0578O-PDF-ENG.PDF
  • https://myhbp.org/ping/sp/startSSO.ping?PartnerIdpId=https%3A%2F%2Fhcm19.sapsf.com%2Fsf%2Fidp%2FSAML2%2Fcompany%2FC0000162754P&RequestedAcsUrl=https%3A%2F%2Fmyhbp.org%2Fping%2Fsp%2FACS.saml2&Target...
Request 1
  • https://hcm19.sapsf.com/sf/idp/SAML2/SSO/POST/company/C0000162754P
  • https://hcm19.sapsf.com/saml2/Login?company=C0000162754P&RelayState=/sf/idp/SAML2/SSO/POST/company/C0000162754P&_s.crb=XDIBc4XwD2RkLEzMrTKRap54DAkvsXSwDR2azwsBCBY%253d

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| LoginErrors number| maxPasswordLength function| InputUtil function| SelectOption function| Login object| loginMessage undefined| emails undefined| msViewportStyle undefined| viewport function| getStyle function| computeLoadIllustration

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy referrer origin