urlscan.io logo urlscan.io
SecurityTrails logo

mocoreappdev.b2clogin.com Open in urlscan Pro
20.190.154.17  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://client.dev.hazards.sesar.metoffice.cloud/
Effective URL: https://mocoreappdev.b2clogin.com/mocoreappdev.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1a_sheffield_susi&client_id=925c6c32-fa...
Submission: On January 10 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 3 domains to perform 14 HTTP transactions. The main IP is 20.190.154.17, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is mocoreappdev.b2clogin.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on November 16th 2021. Valid for: a year.
This is the only time mocoreappdev.b2clogin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2600:9000:21f... 16509 (AMAZON-02)
2 20.190.154.17 8075 (MICROSOFT...)
12 2600:9000:20e... 16509 (AMAZON-02)
14 2
Domain Requested by
12 d3e8mmggxvnu29.cloudfront.net mocoreappdev.b2clogin.com
d3e8mmggxvnu29.cloudfront.net
2 mocoreappdev.b2clogin.com mocoreappdev.b2clogin.com
1 client.dev.hazards.sesar.metoffice.cloud 1 redirects
14 3

This site contains no links.

Subject Issuer Validity Valid
graph.windows.net
DigiCert SHA2 Secure Server CA		 2021-11-16 -
2022-11-16		 a year crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh

This page contains 1 frames:

Primary Page: https://mocoreappdev.b2clogin.com/mocoreappdev.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1a_sheffield_susi&client_id=925c6c32-faaf-4f70-adc1-5ec11be0d3c3&response_type=code&response_mode=query&scope=openid%20offline_access&redirect_uri=https%3A%2F%2Fclient.dev.hazards.sesar.metoffice.cloud%2F_callback&nonce=164179559207300&state=%2F
Frame ID: 5280CB7BB98279053644803E6BDC35F3
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Log in - Met Office Services

Page URL History Show full URLs

  1. https://client.dev.hazards.sesar.metoffice.cloud/ HTTP 302
    https://mocoreappdev.b2clogin.com/mocoreappdev.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1a_sheffield_susi&c... Page URL

Page Statistics

14
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

2
IPs

1
Countries

458 kB
Transfer

614 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://client.dev.hazards.sesar.metoffice.cloud/ HTTP 302
    https://mocoreappdev.b2clogin.com/mocoreappdev.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1a_sheffield_susi&client_id=925c6c32-faaf-4f70-adc1-5ec11be0d3c3&response_type=code&response_mode=query&scope=openid%20offline_access&redirect_uri=https%3A%2F%2Fclient.dev.hazards.sesar.metoffice.cloud%2F_callback&nonce=164179559207300&state=%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request authorize
mocoreappdev.b2clogin.com/mocoreappdev.onmicrosoft.com/oauth2/v2.0/
Redirect Chain
  • https://client.dev.hazards.sesar.metoffice.cloud/
  • https://mocoreappdev.b2clogin.com/mocoreappdev.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1a_sheffield_susi&client_id=925c6c32-faaf-4f70-adc1-5ec11be0d3c3&response_type=code&response_mode=query&sc...
206 KB
79 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mocoreappdev.b2clogin.com/mocoreappdev.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1a_sheffield_susi&client_id=925c6c32-faaf-4f70-adc1-5ec11be0d3c3&response_type=code&response_mode=query&scope=openid%20offline_access&redirect_uri=https%3A%2F%2Fclient.dev.hazards.sesar.metoffice.cloud%2F_callback&nonce=164179559207300&state=%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.154.17 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
809de49b13cb57400dfadd5d7a4a86be3bceedd4e581cd835702eb9463773509
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, must-revalidate, no-cache
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Expires
-1
Vary
Accept-Encoding
x-ms-gateway-requestid
9e21d8f1-d873-4561-bea5-58dd73f1b277
X-UA-Compatible
IE=edge
X-Request-ID
4c01da2f-5e79-43d5-988b-a67e102ea352
X-Build
1.0.2453.0
X-Frame-Options
DENY
Public
OPTIONS,TRACE,GET,HEAD,POST
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Allow
OPTIONS TRACE GET HEAD POST
Date
Mon, 10 Jan 2022 06:19:54 GMT
Content-Length
78430

Redirect headers

Content-Length
28
Connection
keep-alive
Server
CloudFront
Date
Mon, 10 Jan 2022 06:19:52 GMT
Location
https://mocoreappdev.b2clogin.com/mocoreappdev.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1a_sheffield_susi&client_id=925c6c32-faaf-4f70-adc1-5ec11be0d3c3&response_type=code&response_mode=query&scope=openid%20offline_access&redirect_uri=https%3A%2F%2Fclient.dev.hazards.sesar.metoffice.cloud%2F_callback&nonce=164179559207300&state=%2F
X-Cache
LambdaGeneratedResponse from cloudfront
Via
1.1 df26103dc140569d7032449c70c3b140.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA2-C2
X-Amz-Cf-Id
mggVvr7NBN97-M-nDGodJnreHY01aqpUYt8gT72-MB7CYA8FiM4LvA==
unified-sign-up-and-in.html
d3e8mmggxvnu29.cloudfront.net/common/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d3e8mmggxvnu29.cloudfront.net/common/unified-sign-up-and-in.html
Requested by
Host: mocoreappdev.b2clogin.com
URL: https://mocoreappdev.b2clogin.com/mocoreappdev.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1a_sheffield_susi&client_id=925c6c32-faaf-4f70-adc1-5ec11be0d3c3&response_type=code&response_mode=query&scope=openid%20offline_access&redirect_uri=https%3A%2F%2Fclient.dev.hazards.sesar.metoffice.cloud%2F_callback&nonce=164179559207300&state=%2F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:be00:d:e766:bc40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4cd3be249a2fa9ff56f3b35af1bf8ee12946b5327d0dbf778262172293557662

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mocoreappdev.b2clogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 06:19:56 GMT
Content-Encoding
br
X-Amz-Cf-Pop
FRA2-C1
Transfer-Encoding
chunked
X-Cache
RefreshHit from cloudfront
Connection
keep-alive
Access-Control-Allow-Origin
https://mocoreappdev.b2clogin.com
Last-Modified
Thu, 26 Aug 2021 12:44:14 GMT
Server
AmazonS3
ETag
W/"67fde365785f55a65e60714eac32709f"
Access-Control-Allow-Methods
GET, HEAD
Content-Type
text/html
Via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
Cache-Control
max-age=600
Access-Control-Allow-Credentials
true
X-Amz-Cf-Id
WxC61bY0tK2GXgwxwaDVQcN6xXbRD0hsG2iE8RUC0qJ2WESE5MaJcQ==
shared-functions.js
d3e8mmggxvnu29.cloudfront.net/common/js/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d3e8mmggxvnu29.cloudfront.net/common/js/shared-functions.js
Requested by
Host: mocoreappdev.b2clogin.com
URL: https://mocoreappdev.b2clogin.com/mocoreappdev.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1a_sheffield_susi&client_id=925c6c32-faaf-4f70-adc1-5ec11be0d3c3&response_type=code&response_mode=query&scope=openid%20offline_access&redirect_uri=https%3A%2F%2Fclient.dev.hazards.sesar.metoffice.cloud%2F_callback&nonce=164179559207300&state=%2F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:be00:d:e766:bc40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a3d3e86867c607e6e20ab9dd2b4723d029b7f7f4d045ac0582d4dcaebfdf1d4f

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://mocoreappdev.b2clogin.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 06:19:57 GMT
Content-Encoding
br
X-Amz-Cf-Pop
FRA2-C1
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
Connection
keep-alive
Access-Control-Allow-Origin
https://mocoreappdev.b2clogin.com
Last-Modified
Thu, 26 Aug 2021 12:44:18 GMT
Server
AmazonS3
ETag
W/"5b2c7edf69b6a93bfb83ed3914740b62"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, HEAD
Content-Type
application/javascript
Via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
Cache-Control
max-age=600
Access-Control-Allow-Credentials
true
X-Amz-Cf-Id
F3he-Tlroi8WCp_DbpfeZrAga-8q-nSY82JVPOf0PqUCiroUkdGFhQ==
mo-logo.png
d3e8mmggxvnu29.cloudfront.net/common/img/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3e8mmggxvnu29.cloudfront.net/common/img/mo-logo.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:be00:d:e766:bc40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
10016fc9f86d623a272759e711249408582034aaf8eafe1ad42a22522b495df9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mocoreappdev.b2clogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 06:19:57 GMT
Via
1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA2-C1
X-Cache
RefreshHit from cloudfront
Connection
keep-alive
Content-Length
5573
Last-Modified
Thu, 26 Aug 2021 12:44:15 GMT
Server
AmazonS3
ETag
"c2e3e1e8322fd0d14e7c50b495961260"
Access-Control-Allow-Methods
GET, HEAD
Content-Type
image/png
Access-Control-Allow-Origin
https://mocoreappdev.b2clogin.com
Cache-Control
max-age=600
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
X-Amz-Cf-Id
sn6hGz6jERmwLmosBn-lxwjm9UEl2h_awqtyYMgIHmLU8sG3Ugh-DA==
default-common.min.css
d3e8mmggxvnu29.cloudfront.net/default/css/ 		15 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3e8mmggxvnu29.cloudfront.net/default/css/default-common.min.css
Requested by
Host: mocoreappdev.b2clogin.com
URL: https://mocoreappdev.b2clogin.com/mocoreappdev.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1a_sheffield_susi&client_id=925c6c32-faaf-4f70-adc1-5ec11be0d3c3&response_type=code&response_mode=query&scope=openid%20offline_access&redirect_uri=https%3A%2F%2Fclient.dev.hazards.sesar.metoffice.cloud%2F_callback&nonce=164179559207300&state=%2F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:be00:d:e766:bc40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e0ec9934847f6588bc92463e27696ac44e14c93e7f29ad50c405cb175d389b8

Request headers

Referer
https://mocoreappdev.b2clogin.com/
Origin
https://mocoreappdev.b2clogin.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 06:19:57 GMT
Content-Encoding
br
X-Amz-Cf-Pop
FRA2-C1
Transfer-Encoding
chunked
X-Cache
RefreshHit from cloudfront
Connection
keep-alive
Access-Control-Allow-Origin
https://mocoreappdev.b2clogin.com
Last-Modified
Thu, 26 Aug 2021 12:44:13 GMT
Server
AmazonS3
ETag
W/"47c68afe876c47dd5a637cb5ed9fc1f7"
Access-Control-Allow-Methods
GET, HEAD
Content-Type
text/css
Via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
Cache-Control
max-age=600
Access-Control-Allow-Credentials
true
X-Amz-Cf-Id
qXQVzUzaxj8BCLMGnjOlK4mLG68OPDBi8Gu64vSvq5lFw-rO68_NJw==
default-unified-susi.min.css
d3e8mmggxvnu29.cloudfront.net/default/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3e8mmggxvnu29.cloudfront.net/default/css/default-unified-susi.min.css
Requested by
Host: mocoreappdev.b2clogin.com
URL: https://mocoreappdev.b2clogin.com/mocoreappdev.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1a_sheffield_susi&client_id=925c6c32-faaf-4f70-adc1-5ec11be0d3c3&response_type=code&response_mode=query&scope=openid%20offline_access&redirect_uri=https%3A%2F%2Fclient.dev.hazards.sesar.metoffice.cloud%2F_callback&nonce=164179559207300&state=%2F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:be00:d:e766:bc40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e534af253d238472490f2476ab8a89c44b2721f2bd9773a0ced9bcf476572aa

Request headers

Referer
https://mocoreappdev.b2clogin.com/
Origin
https://mocoreappdev.b2clogin.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 06:19:57 GMT
Content-Encoding
br
X-Amz-Cf-Pop
FRA2-C1
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
Connection
keep-alive
Access-Control-Allow-Origin
https://mocoreappdev.b2clogin.com
Last-Modified
Thu, 26 Aug 2021 12:44:12 GMT
Server
AmazonS3
ETag
W/"27ab65233b6dcb096baf622b7c0a1c31"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, HEAD
Content-Type
text/css
Via
1.1 1ac3fd533bf6be1b511077f8b8e23bfc.cloudfront.net (CloudFront)
Cache-Control
max-age=600
Access-Control-Allow-Credentials
true
X-Amz-Cf-Id
OkfXK1SoyFW5-gO90Jv_4VtFJHND2ToPkl6Vh_rHZjLnd3dSkDRaBA==
styles.css
d3e8mmggxvnu29.cloudfront.net/common/css/ 		8 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3e8mmggxvnu29.cloudfront.net/common/css/styles.css
Requested by
Host: mocoreappdev.b2clogin.com
URL: https://mocoreappdev.b2clogin.com/mocoreappdev.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1a_sheffield_susi&client_id=925c6c32-faaf-4f70-adc1-5ec11be0d3c3&response_type=code&response_mode=query&scope=openid%20offline_access&redirect_uri=https%3A%2F%2Fclient.dev.hazards.sesar.metoffice.cloud%2F_callback&nonce=164179559207300&state=%2F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:be00:d:e766:bc40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e261e68f1d43c613c36a04ffbcb8dfe7994b55b02a56ade83d72edad620fb06f

Request headers

Referer
https://mocoreappdev.b2clogin.com/
Origin
https://mocoreappdev.b2clogin.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 06:19:57 GMT
Content-Encoding
br
X-Amz-Cf-Pop
FRA2-C1
Transfer-Encoding
chunked
X-Cache
RefreshHit from cloudfront
Connection
keep-alive
Access-Control-Allow-Origin
https://mocoreappdev.b2clogin.com
Last-Modified
Fri, 27 Aug 2021 10:00:04 GMT
Server
AmazonS3
ETag
W/"7e1247a4e9c694742bae0a9a1b4f0f82"
Access-Control-Allow-Methods
GET, HEAD
Content-Type
text/css
Via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
Cache-Control
max-age=600
Access-Control-Allow-Credentials
true
X-Amz-Cf-Id
tc4dpe10e3HB1eAGkZxV_wRqBtplMK0RMEL7NzeHvb7feHvuwnHEZw==
login.js
d3e8mmggxvnu29.cloudfront.net/common/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3e8mmggxvnu29.cloudfront.net/common/js/login.js
Requested by
Host: mocoreappdev.b2clogin.com
URL: https://mocoreappdev.b2clogin.com/mocoreappdev.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1a_sheffield_susi&client_id=925c6c32-faaf-4f70-adc1-5ec11be0d3c3&response_type=code&response_mode=query&scope=openid%20offline_access&redirect_uri=https%3A%2F%2Fclient.dev.hazards.sesar.metoffice.cloud%2F_callback&nonce=164179559207300&state=%2F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:be00:d:e766:bc40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0d8c7d4cb29e0e47384aa167693551072fc47f67cb5d58387b6ec829256f990e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mocoreappdev.b2clogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 06:19:57 GMT
Content-Encoding
br
X-Amz-Cf-Pop
FRA2-C1
Transfer-Encoding
chunked
X-Cache
RefreshHit from cloudfront
Connection
keep-alive
Access-Control-Allow-Origin
https://mocoreappdev.b2clogin.com
Last-Modified
Thu, 26 Aug 2021 12:44:16 GMT
Server
AmazonS3
ETag
W/"d6d48efb9067e9602fd4280f3ea4807a"
Access-Control-Allow-Methods
GET, HEAD
Content-Type
application/javascript
Via
1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront)
Cache-Control
max-age=600
Access-Control-Allow-Credentials
true
X-Amz-Cf-Id
X-50OthLE8gl2qxLhNtPpafwmT644q4pY1ExkTKTbLhRW7Arv-dHIg==
scripts.js
d3e8mmggxvnu29.cloudfront.net/common/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3e8mmggxvnu29.cloudfront.net/common/js/scripts.js
Requested by
Host: mocoreappdev.b2clogin.com
URL: https://mocoreappdev.b2clogin.com/mocoreappdev.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1a_sheffield_susi&client_id=925c6c32-faaf-4f70-adc1-5ec11be0d3c3&response_type=code&response_mode=query&scope=openid%20offline_access&redirect_uri=https%3A%2F%2Fclient.dev.hazards.sesar.metoffice.cloud%2F_callback&nonce=164179559207300&state=%2F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:be00:d:e766:bc40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4487383c1af468f3cfee05b6351ee733c3be80995aedc2f61ce784251968d99e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mocoreappdev.b2clogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 06:19:57 GMT
Content-Encoding
br
X-Amz-Cf-Pop
FRA2-C1
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
Connection
keep-alive
Access-Control-Allow-Origin
https://mocoreappdev.b2clogin.com
Last-Modified
Thu, 26 Aug 2021 12:44:18 GMT
Server
AmazonS3
ETag
W/"9c0114c5e0c1a96e78ce881fb847d471"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, HEAD
Content-Type
application/javascript
Via
1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront)
Cache-Control
max-age=600
Access-Control-Allow-Credentials
true
X-Amz-Cf-Id
p5-Avk-UlzsdLxr4RUsVKlz5_ZctdPnZpqjCLkfCmNMwKUPrAFHZtg==
mo-logo.png
d3e8mmggxvnu29.cloudfront.net/common/img/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3e8mmggxvnu29.cloudfront.net/common/img/mo-logo.png
Requested by
Host: mocoreappdev.b2clogin.com
URL: https://mocoreappdev.b2clogin.com/mocoreappdev.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1a_sheffield_susi&client_id=925c6c32-faaf-4f70-adc1-5ec11be0d3c3&response_type=code&response_mode=query&scope=openid%20offline_access&redirect_uri=https%3A%2F%2Fclient.dev.hazards.sesar.metoffice.cloud%2F_callback&nonce=164179559207300&state=%2F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:be00:d:e766:bc40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
10016fc9f86d623a272759e711249408582034aaf8eafe1ad42a22522b495df9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mocoreappdev.b2clogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 06:19:57 GMT
Via
1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA2-C1
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
5573
Last-Modified
Thu, 26 Aug 2021 12:44:15 GMT
Server
AmazonS3
ETag
"c2e3e1e8322fd0d14e7c50b495961260"
Access-Control-Allow-Methods
GET, HEAD
Content-Type
image/png
Access-Control-Allow-Origin
https://mocoreappdev.b2clogin.com
Cache-Control
max-age=600
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
X-Amz-Cf-Id
3cyO8DvqXbiXctFVIsEki3NwPNnRWY_2Pur_mQlApylCFIJXXpie6g==
show-form.js
d3e8mmggxvnu29.cloudfront.net/common/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3e8mmggxvnu29.cloudfront.net/common/js/show-form.js
Requested by
Host: mocoreappdev.b2clogin.com
URL: https://mocoreappdev.b2clogin.com/mocoreappdev.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1a_sheffield_susi&client_id=925c6c32-faaf-4f70-adc1-5ec11be0d3c3&response_type=code&response_mode=query&scope=openid%20offline_access&redirect_uri=https%3A%2F%2Fclient.dev.hazards.sesar.metoffice.cloud%2F_callback&nonce=164179559207300&state=%2F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:be00:d:e766:bc40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
073bea268424a0061ad3bddf26650a80b02f6a4e489e67074134be803712f5c1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mocoreappdev.b2clogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 06:19:57 GMT
Content-Encoding
br
X-Amz-Cf-Pop
FRA2-C1
Transfer-Encoding
chunked
X-Cache
RefreshHit from cloudfront
Connection
keep-alive
Access-Control-Allow-Origin
https://mocoreappdev.b2clogin.com
Last-Modified
Thu, 26 Aug 2021 12:44:19 GMT
Server
AmazonS3
ETag
W/"8ac97a125e2e957bf7c3cd68d09005e1"
Access-Control-Allow-Methods
GET, HEAD
Content-Type
application/javascript
Via
1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
Cache-Control
max-age=600
Access-Control-Allow-Credentials
true
X-Amz-Cf-Id
lHA38bYse-FdIx8qSFWgUUpkjl0Vshw8y7YYpphpSbAcaLNyFB7R9Q==
perftrace
mocoreappdev.b2clogin.com/mocoreappdev.onmicrosoft.com/B2C_1A_sheffield_susi/client/ 		0
447 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mocoreappdev.b2clogin.com/mocoreappdev.onmicrosoft.com/B2C_1A_sheffield_susi/client/perftrace?tx=StateProperties=eyJUSUQiOiI0YzAxZGEyZi01ZTc5LTQzZDUtOTg4Yi1hNjdlMTAyZWEzNTIifQ&p=B2C_1A_sheffield_susi
Requested by
Host: mocoreappdev.b2clogin.com
URL: https://mocoreappdev.b2clogin.com/mocoreappdev.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1a_sheffield_susi&client_id=925c6c32-faaf-4f70-adc1-5ec11be0d3c3&response_type=code&response_mode=query&scope=openid%20offline_access&redirect_uri=https%3A%2F%2Fclient.dev.hazards.sesar.metoffice.cloud%2F_callback&nonce=164179559207300&state=%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.154.17 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://mocoreappdev.b2clogin.com/mocoreappdev.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1a_sheffield_susi&client_id=925c6c32-faaf-4f70-adc1-5ec11be0d3c3&response_type=code&response_mode=query&scope=openid%20offline_access&redirect_uri=https%3A%2F%2Fclient.dev.hazards.sesar.metoffice.cloud%2F_callback&nonce=164179559207300&state=%2F
X-CSRF-TOKEN
dCtaaGRGRHB2a01hY28wMTlySTFpalNPUGx0TkJackI4bm5KZkF1TmZaUkVwT2VGUERlZEZGNFRhM1llam9qeng4RW52YXhtT1RRMHAxTW1tcWZ0WEE9PTsyMDIyLTAxLTEwVDA2OjE5OjU1LjAwMjYzNzdaO2FJWWFqRjNVclBZNlFVZFlQK1VoUEE9PTt7Ik9yY2hlc3RyYXRpb25TdGVwIjozfQ==
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Date
Mon, 10 Jan 2022 06:19:56 GMT
x-ms-gateway-requestid
50714cf2-e37f-4ad0-a30d-d70fe7ff560d
X-Frame-Options
DENY
Public
OPTIONS,TRACE,GET,HEAD,POST
Cache-Control
no-store, must-revalidate, no-cache
Allow
OPTIONS, TRACE, GET, HEAD, POST
Content-Length
0
X-XSS-Protection
1; mode=block
met_office_background_image.jpg
d3e8mmggxvnu29.cloudfront.net/common/img/ 		285 KB
285 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3e8mmggxvnu29.cloudfront.net/common/img/met_office_background_image.jpg
Requested by
Host: d3e8mmggxvnu29.cloudfront.net
URL: https://d3e8mmggxvnu29.cloudfront.net/common/css/styles.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:be00:d:e766:bc40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
103a256bd691e38d1ac4022009890b9f9b7ef9524112d334fb57c3e35b9740b4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d3e8mmggxvnu29.cloudfront.net/common/css/styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 06:19:57 GMT
Via
1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA2-C1
X-Cache
RefreshHit from cloudfront
Connection
keep-alive
Content-Length
291475
Last-Modified
Thu, 26 Aug 2021 12:44:16 GMT
Server
AmazonS3
ETag
"24c3f69a526bc1d9fd69d2d733f9d25a"
Access-Control-Allow-Methods
GET, HEAD
Content-Type
image/jpeg
Access-Control-Allow-Origin
https://mocoreappdev.b2clogin.com
Cache-Control
max-age=600
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
X-Amz-Cf-Id
qCmcM-j3srtmuMJiLA1bB7lcKUCOSUBAs7nxB04A8MZhr8RoR7BVVw==
FSEmericWeb-Regular.woff
d3e8mmggxvnu29.cloudfront.net/common/fonts/ 		74 KB
61 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d3e8mmggxvnu29.cloudfront.net/common/fonts/FSEmericWeb-Regular.woff
Requested by
Host: d3e8mmggxvnu29.cloudfront.net
URL: https://d3e8mmggxvnu29.cloudfront.net/common/css/styles.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:be00:d:e766:bc40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
85fd2cefc729d87c9007ed1296e685ce89f70b6e9864c8a6e432c4e23a98d5e8

Request headers

Referer
https://d3e8mmggxvnu29.cloudfront.net/common/css/styles.css
Origin
https://mocoreappdev.b2clogin.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 06:19:57 GMT
Content-Encoding
br
X-Amz-Cf-Pop
FRA2-C1
Transfer-Encoding
chunked
X-Cache
RefreshHit from cloudfront
Connection
keep-alive
Access-Control-Allow-Origin
https://mocoreappdev.b2clogin.com
Last-Modified
Thu, 26 Aug 2021 12:44:20 GMT
Server
AmazonS3
ETag
W/"098e16a2ce133cfaad419593a6367f3d"
Access-Control-Allow-Methods
GET, HEAD
Content-Type
text/plain
Via
1.1 1ac3fd533bf6be1b511077f8b8e23bfc.cloudfront.net (CloudFront)
Cache-Control
max-age=600
Access-Control-Allow-Credentials
true
X-Amz-Cf-Id
QWhZ0O4QcwzdOc2x7cERFLosnpD8FMTsK0qVK0Fm9Hbpti03f7vWoA==

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onsecuritypolicyviolation object| onslotchange object| CP object| SA_FIELDS object| CONTENT object| SETTINGS string| staticHost string| targetSlice string| targetDc number| initializationTimeout boolean| diagsAlways number| maxTrace function| PageLoadTime function| _isFunction function| _mapObject function| _getPerformanceObjectData function| $trace object| $diags object| $santizer object| preloadCssLink function| checkCssPreloaded function| preloadJavaScript object| $cors function| applyTenantBranding function| sendPageLoadTime object| $i2e object| $predicateValidation object| $element function| $ function| jQuery boolean| pageReady object| Handlebars boolean| contentReady function| setPwShowHideButtons function| setCopyrightYear function| showForm function| parseUriParams function| checkTokenIssuer function| decodeToken function| setForgottenPasswordLink function| setCreateNewAccountText function| setLogonLinkText function| loginAsMetOfficeStaff function| hideLocalAccountLogInElements function| showLocalAccountLogInElements function| addCollectEmailLink function| isMetOfficeDomain function| addFederatedSignInLogic function| afterPageLoaded function| waitForPageToFinishLoading

3 Cookies

Domain/Path Name / Value
.mocoreappdev.b2clogin.com/ Name: x-ms-cpim-csrf
Value: dCtaaGRGRHB2a01hY28wMTlySTFpalNPUGx0TkJackI4bm5KZkF1TmZaUkVwT2VGUERlZEZGNFRhM1llam9qeng4RW52YXhtT1RRMHAxTW1tcWZ0WEE9PTsyMDIyLTAxLTEwVDA2OjE5OjU1LjAwMjYzNzdaO2FJWWFqRjNVclBZNlFVZFlQK1VoUEE9PTt7Ik9yY2hlc3RyYXRpb25TdGVwIjozfQ==
.mocoreappdev.b2clogin.com/ Name: x-ms-cpim-cache|l9obthle1uoyi6z-ec6jug_0
Value: m1.nREhULbVDuDOIW7g.vkv4QFElkoFvHA1Vf6ktZA==.0.SZyytLmCBf8iFPVE8WYZDfhUMiQDVnNaw7NFdEsgkrgGFoD92GckGp2lhPEKYxRavzhqIIjnnGszOi7pn7nuMtibNeVWej3stQJpUquniKmyd0RdZ53Yy17l1A4NPdrJMLJaIXdpWSB0EJci5X+GqNMc7/lrFQN15p5ToOzsPvYI/oU1OjmsqltkXya6ztz9/V4yh8OIura8J1ZR0/fRdjDnffK8QO1T7MuGgxOIGYkz9w+RqoLkn8PA8x4rbKIfdbPGF1qLKtYGtf8zaeKOa0tT0eH7FgpabBNDn4Q4zEkdeiNqdzGQW0FK5qSstpruEVnJuAGWMwR2KyrkEhyA8i7V37uYf8wrdvaSabmdyTO/2uZtzG6EgWG4ynx7qKcEO1v01M5EnIkriNy7+6G9w+fHl4h0d2opQ35ZmO2I9wks9AdcJFesLHLFBB7gdjw6VoXy0zHmIyfIlLis+/k7b6LDMW3tvPc5eKT0OTuqt+WekeOXUYqhtfKXXmmNruUncMZZycwL9xnFtqTLJsttnH8iPejtZjubwY21XpfqpIXSY6NjYgBQ2SCkmn365wi5swFgyJOTHpfhxwjiTzSLLifW40fE5JT2ssXcwIWFCAeS7ZmvgfPy9IWiJtVr/sbalf1PWjyjXPyzSEXMbZI9
.mocoreappdev.b2clogin.com/ Name: x-ms-cpim-trans
Value: eyJUX0RJQyI6W3siSSI6IjRjMDFkYTJmLTVlNzktNDNkNS05ODhiLWE2N2UxMDJlYTM1MiIsIlQiOiJtb2NvcmVhcHBkZXYub25taWNyb3NvZnQuY29tIiwiUCI6ImIyY18xYV9zaGVmZmllbGRfc3VzaSIsIkMiOiI5MjVjNmMzMi1mYWFmLTRmNzAtYWRjMS01ZWMxMWJlMGQzYzMiLCJTIjoxLCJNIjp7fSwiRCI6MH1dLCJDX0lEIjoiNGMwMWRhMmYtNWU3OS00M2Q1LTk4OGItYTY3ZTEwMmVhMzUyIn0=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block