urlscan.io logo urlscan.io
SecurityTrails logo

sso.burberry.com Open in urlscan Pro
184.31.91.28  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://burberrysupport--bmcservicedesk.eu7.visual.force.com/apex/BMCServiceDesk__SelfServiceNew?fromSiteUrl=#/support/problem-requests/all?id=a3S0J000002j82...
Effective URL: https://sso.burberry.com/idp/RysvO_AT8IQ/resumeSAML20/idp/SSO.ping
Submission: On February 10 via manual from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 4 domains to perform 10 HTTP transactions. The main IP is 184.31.91.28, located in Netherlands and belongs to AKAMAI-ASN1, US. The main domain is sso.burberry.com.
TLS certificate: Issued by GeoTrust RSA CA 2018 on November 8th 2019. Valid for: a year.
This is the only time sso.burberry.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 85.222.129.186 14340 (SALESFORCE)
1 1 85.222.147.101 14340 (SALESFORCE)
2 85.222.144.228 14340 (SALESFORCE)
2 9 184.31.91.28 20940 (AKAMAI-ASN1)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
10 3
1    85.222.129.186 (United Kingdom)

ASN14340 (SALESFORCE, US)
PTR: dcl4-frf.eu7-frf.force.com
burberrysupport--bmcservicedesk.eu7.visual.force.com
1    85.222.147.101 (United Kingdom)

ASN14340 (SALESFORCE, US)
PTR: dcl7-ncg0-cdg3.eu28-cdg.force.com
burberrysupport--bmcservicedesk.eu28.visual.force.com
2    85.222.144.228 (United Kingdom)

ASN14340 (SALESFORCE, US)
PTR: dcl2-ncg0-cdg3.eu28-cdg.my.salesforce.com
burberrysupport.my.salesforce.com
9    184.31.91.28 (Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a184-31-91-28.deploy.static.akamaitechnologies.com
sso.burberry.com
1    2a02:26f0:6c00:28b::9b6 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
burberry.scene7.com
Domain Requested by
9 sso.burberry.com 2 redirects burberrysupport.my.salesforce.com
sso.burberry.com
2 burberrysupport.my.salesforce.com burberrysupport.my.salesforce.com
1 burberry.scene7.com sso.burberry.com
1 burberrysupport--bmcservicedesk.eu28.visual.force.com 1 redirects
1 burberrysupport--bmcservicedesk.eu7.visual.force.com 1 redirects
10 5

This site contains no links.

Subject Issuer Validity Valid
*.my.salesforce.com
DigiCert SHA2 Secure Server CA		 2017-12-03 -
2020-12-02		 3 years crt.sh
burberry.com
GeoTrust RSA CA 2018		 2019-11-08 -
2021-02-06		 a year crt.sh
*.scene7.com
DigiCert SHA2 Secure Server CA		 2020-01-02 -
2021-04-02		 a year crt.sh

This page contains 1 frames:

Primary Page: https://sso.burberry.com/idp/RysvO_AT8IQ/resumeSAML20/idp/SSO.ping
Frame ID: C1CE2D596CD3E34BFF64E014AE65E96B
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://burberrysupport--bmcservicedesk.eu7.visual.force.com/apex/BMCServiceDesk__SelfServiceNew?fromSiteUrl= HTTP 301
    https://burberrysupport--bmcservicedesk.eu28.visual.force.com/apex/SelfServiceNew?fromSiteUrl= HTTP 302
    https://burberrysupport.my.salesforce.com/visualforce/session?url=https%3A%2F%2Fburberrysupport--bmcservicedesk.eu28.v... Page URL
  2. https://burberrysupport.my.salesforce.com/saml/authn-request.jsp?saml_request_id=_2CAAAAXC9WgAfME8wM1cwMDAwMDA0Qzk1AAA... Page URL
  3. https://sso.burberry.com/idp/SSO.saml2?PartnerSpId=https://burberrysupport.force.com HTTP 302
    https://sso.burberry.com/idp/AT8IQ/resumeSAML20/idp/SSO.ping Page URL
  4. https://sso.burberry.com/idp/AT8IQ/resumeSAML20/idp/SSO.ping HTTP 302
    https://sso.burberry.com/idp/RysvO_AT8IQ/resumeSAML20/idp/SSO.ping Page URL

Page Statistics

10
Requests

100 %
HTTPS

20 %
IPv6

4
Domains

5
Subdomains

3
IPs

3
Countries

458 kB
Transfer

592 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://burberrysupport--bmcservicedesk.eu7.visual.force.com/apex/BMCServiceDesk__SelfServiceNew?fromSiteUrl= HTTP 301
    https://burberrysupport--bmcservicedesk.eu28.visual.force.com/apex/SelfServiceNew?fromSiteUrl= HTTP 302
    https://burberrysupport.my.salesforce.com/visualforce/session?url=https%3A%2F%2Fburberrysupport--bmcservicedesk.eu28.visual.force.com%2Fapex%2Fbmcservicedesk__SelfServiceNew%3FfromSiteUrl%3D Page URL
  2. https://burberrysupport.my.salesforce.com/saml/authn-request.jsp?saml_request_id=_2CAAAAXC9WgAfME8wM1cwMDAwMDA0Qzk1AAAA3jSijPF6ljvU6nmgXozy6qrdXHmClL5mDNkh6qqDmlt-0MkZBv78GZ0Ua395DF9lDeKCljgnEOFl-tCXg6t3n5Xi7vI1kEzfrpRGkUwrF96VIFrvNUZaEJcCv_eF-nlVW0LxWGjHLNJbIHZNsRdSGAfg-ChHgtf-NCo-TQTOXOQsRluhDkgAXx8R5wDnwhCpAqsvgCPy69cglUUtjzU9fTdiFnyJu_WMO7mItVG0eDea-_1384Nf7ecEwqn4gWiOoQ&saml_acs=https%3A%2F%2Fburberrysupport.my.salesforce.com%3Fso%3D00D20000000o1bH&saml_binding_type=HttpPost&Issuer=https%3A%2F%2Fburberrysupport.force.com&samlSsoConfig=0LE20000000009h&RelayState=%2Fvisualforce%2Fsession%3Furl%3Dhttps%253A%252F%252Fburberrysupport--bmcservicedesk.eu28.visual.force.com%252Fapex%252Fbmcservicedesk__SelfServiceNew%253FfromSiteUrl%253D%23/support/problem-requests/all?id=a3S0J000002j82gUAA Page URL
  3. https://sso.burberry.com/idp/SSO.saml2?PartnerSpId=https://burberrysupport.force.com HTTP 302
    https://sso.burberry.com/idp/AT8IQ/resumeSAML20/idp/SSO.ping Page URL
  4. https://sso.burberry.com/idp/AT8IQ/resumeSAML20/idp/SSO.ping HTTP 302
    https://sso.burberry.com/idp/RysvO_AT8IQ/resumeSAML20/idp/SSO.ping Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://burberrysupport--bmcservicedesk.eu7.visual.force.com/apex/BMCServiceDesk__SelfServiceNew?fromSiteUrl= HTTP 301
  • https://burberrysupport--bmcservicedesk.eu28.visual.force.com/apex/SelfServiceNew?fromSiteUrl= HTTP 302
  • https://burberrysupport.my.salesforce.com/visualforce/session?url=https%3A%2F%2Fburberrysupport--bmcservicedesk.eu28.visual.force.com%2Fapex%2Fbmcservicedesk__SelfServiceNew%3FfromSiteUrl%3D
Request Chain 2
  • https://sso.burberry.com/idp/SSO.saml2?PartnerSpId=https://burberrysupport.force.com HTTP 302
  • https://sso.burberry.com/idp/AT8IQ/resumeSAML20/idp/SSO.ping

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set session
burberrysupport.my.salesforce.com/visualforce/
Redirect Chain
  • https://burberrysupport--bmcservicedesk.eu7.visual.force.com/apex/BMCServiceDesk__SelfServiceNew?fromSiteUrl=
  • https://burberrysupport--bmcservicedesk.eu28.visual.force.com/apex/SelfServiceNew?fromSiteUrl=
  • https://burberrysupport.my.salesforce.com/visualforce/session?url=https%3A%2F%2Fburberrysupport--bmcservicedesk.eu28.visual.force.com%2Fapex%2Fbmcservicedesk__SelfServiceNew%3FfromSiteUrl%3D
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://burberrysupport.my.salesforce.com/visualforce/session?url=https%3A%2F%2Fburberrysupport--bmcservicedesk.eu28.visual.force.com%2Fapex%2Fbmcservicedesk__SelfServiceNew%3FfromSiteUrl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.144.228 , United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl2-ncg0-cdg3.eu28-cdg.my.salesforce.com
Software
/
Resource Hash
779c8eacaa70bcf1ed5bc562f16b1bfd8be162ddd1473c755c85d63705c68a0c
Security Headers
Name Value
Strict-Transport-Security max-age=31536002; includeSubDomains

Request headers

Host
burberrysupport.my.salesforce.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-User
?1
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-User
?1

Response headers

Set-Cookie
BrowserId=-5OcG0u1Eeqyjf0dQauHVg; domain=.salesforce.com; path=/; expires=Tue, 09-Feb-2021 03:32:37 GMT; Max-Age=31536000
Strict-Transport-Security
max-age=31536002; includeSubDomains
Public-Key-Pins-Report-Only
pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/00D20000000o1bHm";
Expect-CT
max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/00D20000000o1bHm"
X-Robots-Tag
none
Referrer-Policy
origin-when-cross-origin
Cache-Control
no-cache,must-revalidate,max-age=0,no-store,private
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Connection
close

Redirect headers

Date
Mon, 10 Feb 2020 03:32:36 GMT
Public-Key-Pins-Report-Only
pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/nullm";
Expect-CT
max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/nullm"
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Content-Security-Policy
upgrade-insecure-requests
X-Robots-Tag
none
Referrer-Policy
origin-when-cross-origin
Cache-Control
no-cache,must-revalidate,max-age=0,no-store,private
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://burberrysupport.my.salesforce.com/visualforce/session?url=https%3A%2F%2Fburberrysupport--bmcservicedesk.eu28.visual.force.com%2Fapex%2Fbmcservicedesk__SelfServiceNew%3FfromSiteUrl%3D
Content-Length
0
authn-request.jsp
burberrysupport.my.salesforce.com/saml/ 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://burberrysupport.my.salesforce.com/saml/authn-request.jsp?saml_request_id=_2CAAAAXC9WgAfME8wM1cwMDAwMDA0Qzk1AAAA3jSijPF6ljvU6nmgXozy6qrdXHmClL5mDNkh6qqDmlt-0MkZBv78GZ0Ua395DF9lDeKCljgnEOFl-tCXg6t3n5Xi7vI1kEzfrpRGkUwrF96VIFrvNUZaEJcCv_eF-nlVW0LxWGjHLNJbIHZNsRdSGAfg-ChHgtf-NCo-TQTOXOQsRluhDkgAXx8R5wDnwhCpAqsvgCPy69cglUUtjzU9fTdiFnyJu_WMO7mItVG0eDea-_1384Nf7ecEwqn4gWiOoQ&saml_acs=https%3A%2F%2Fburberrysupport.my.salesforce.com%3Fso%3D00D20000000o1bH&saml_binding_type=HttpPost&Issuer=https%3A%2F%2Fburberrysupport.force.com&samlSsoConfig=0LE20000000009h&RelayState=%2Fvisualforce%2Fsession%3Furl%3Dhttps%253A%252F%252Fburberrysupport--bmcservicedesk.eu28.visual.force.com%252Fapex%252Fbmcservicedesk__SelfServiceNew%253FfromSiteUrl%253D%23/support/problem-requests/all?id=a3S0J000002j82gUAA
Requested by
Host: burberrysupport.my.salesforce.com
URL: https://burberrysupport.my.salesforce.com/visualforce/session?url=https%3A%2F%2Fburberrysupport--bmcservicedesk.eu28.visual.force.com%2Fapex%2Fbmcservicedesk__SelfServiceNew%3FfromSiteUrl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.144.228 , United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl2-ncg0-cdg3.eu28-cdg.my.salesforce.com
Software
/
Resource Hash
c549bed419d56aba5a4598f505bbdff7037c7017beea14aa32a2b813799151c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536002; includeSubDomains

Request headers

Host
burberrysupport.my.salesforce.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Referer
https://burberrysupport.my.salesforce.com/visualforce/session?url=https%3A%2F%2Fburberrysupport--bmcservicedesk.eu28.visual.force.com%2Fapex%2Fbmcservicedesk__SelfServiceNew%3FfromSiteUrl%3D
Accept-Encoding
gzip, deflate, br
Cookie
BrowserId=-5OcG0u1Eeqyjf0dQauHVg
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://burberrysupport.my.salesforce.com/visualforce/session?url=https%3A%2F%2Fburberrysupport--bmcservicedesk.eu28.visual.force.com%2Fapex%2Fbmcservicedesk__SelfServiceNew%3FfromSiteUrl%3D

Response headers

Date
Mon, 10 Feb 2020 03:32:37 GMT
Strict-Transport-Security
max-age=31536002; includeSubDomains
Public-Key-Pins-Report-Only
pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/00D20000000o1bHm";
Expect-CT
max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/00D20000000o1bHm"
X-Robots-Tag
none
Referrer-Policy
origin-when-cross-origin
Cache-Control
no-cache,must-revalidate,max-age=0,no-store,private
Content-Type
text/html;charset=UTF-8
Pragma
no-cache
Vary
Accept-Encoding
Content-Encoding
gzip
Transfer-Encoding
chunked
Cookie set SSO.ping
sso.burberry.com/idp/AT8IQ/resumeSAML20/idp/
Redirect Chain
  • https://sso.burberry.com/idp/SSO.saml2?PartnerSpId=https://burberrysupport.force.com
  • https://sso.burberry.com/idp/AT8IQ/resumeSAML20/idp/SSO.ping
1006 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sso.burberry.com/idp/AT8IQ/resumeSAML20/idp/SSO.ping
Requested by
Host: burberrysupport.my.salesforce.com
URL: https://burberrysupport.my.salesforce.com/saml/authn-request.jsp?saml_request_id=_2CAAAAXC9WgAfME8wM1cwMDAwMDA0Qzk1AAAA3jSijPF6ljvU6nmgXozy6qrdXHmClL5mDNkh6qqDmlt-0MkZBv78GZ0Ua395DF9lDeKCljgnEOFl-tCXg6t3n5Xi7vI1kEzfrpRGkUwrF96VIFrvNUZaEJcCv_eF-nlVW0LxWGjHLNJbIHZNsRdSGAfg-ChHgtf-NCo-TQTOXOQsRluhDkgAXx8R5wDnwhCpAqsvgCPy69cglUUtjzU9fTdiFnyJu_WMO7mItVG0eDea-_1384Nf7ecEwqn4gWiOoQ&saml_acs=https%3A%2F%2Fburberrysupport.my.salesforce.com%3Fso%3D00D20000000o1bH&saml_binding_type=HttpPost&Issuer=https%3A%2F%2Fburberrysupport.force.com&samlSsoConfig=0LE20000000009h&RelayState=%2Fvisualforce%2Fsession%3Furl%3Dhttps%253A%252F%252Fburberrysupport--bmcservicedesk.eu28.visual.force.com%252Fapex%252Fbmcservicedesk__SelfServiceNew%253FfromSiteUrl%253D%23/support/problem-requests/all?id=a3S0J000002j82gUAA
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.31.91.28 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a184-31-91-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8a415b10226b7f406cd36ed0faaeac79f5850745ccec8533e69863d74db37f66
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'unsafe-eval' 'self' data: https://burberry.scene7.com https://api.burberry.com ; frame-ancestors 'self' https://*.hana.ondemand.com https://*.crm.ondemand.com https://z2.le.liveperson.net https://oauth.apps.burberry.com http://clt-uat.apps.burberry.com http://clt.apps.burberry.com https://teamburberry.com https://api.burberry.com;
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Host
sso.burberry.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Referer
https://burberrysupport.my.salesforce.com/
Accept-Encoding
gzip, deflate, br
Cookie
JSESSIONID=1gjet4q3uff1617vzz82b1h9ye; PF=uuNaG7DnSylOaAH8xntuS91B10cnsp66sApBLUCCTnqm
Origin
https://burberrysupport.my.salesforce.com
Upgrade-Insecure-Requests
1
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://burberrysupport.my.salesforce.com/

Response headers

Referrer-Policy
origin
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000
Content-Security-Policy
default-src 'unsafe-inline' 'unsafe-eval' 'self' data: https://burberry.scene7.com https://api.burberry.com ; frame-ancestors 'self' https://*.hana.ondemand.com https://*.crm.ondemand.com https://z2.le.liveperson.net https://oauth.apps.burberry.com http://clt-uat.apps.burberry.com http://clt.apps.burberry.com https://teamburberry.com https://api.burberry.com;
Cache-Control
no-cache, no-store
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Type
text/html;charset=utf-8
WWW-Authenticate
Negotiate
Content-Length
1006
Date
Mon, 10 Feb 2020 03:32:37 GMT
Connection
keep-alive
Set-Cookie
JSESSIONID=qrhrtv48sh4o14nrrftpta172;Path=/;SameSite=None;Secure;HttpOnly PF=uuNaG7DnSylOaAH8xntuS91K9r3fv8npCGKMYP47jW7h;Path=/;SameSite=None;Secure;HttpOnly

Redirect headers

Cache-Control
no-cache, no-store
Content-Type
text/html;charset=utf-8
Strict-Transport-Security
max-age=31536000
Content-Security-Policy
default-src 'unsafe-inline' 'unsafe-eval' 'self' data: https://burberry.scene7.com https://api.burberry.com ; frame-ancestors 'self' https://*.hana.ondemand.com https://*.crm.ondemand.com https://z2.le.liveperson.net https://oauth.apps.burberry.com http://clt-uat.apps.burberry.com http://clt.apps.burberry.com https://teamburberry.com https://api.burberry.com;
Location
https://sso.burberry.com/idp/AT8IQ/resumeSAML20/idp/SSO.ping
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
X-Frame-Options
SAMEORIGIN
Referrer-Policy
origin
Content-Length
0
Date
Mon, 10 Feb 2020 03:32:37 GMT
Connection
keep-alive
Set-Cookie
JSESSIONID=1gjet4q3uff1617vzz82b1h9ye;Path=/;SameSite=None;Secure;HttpOnly PF=uuNaG7DnSylOaAH8xntuS91B10cnsp66sApBLUCCTnqm;Path=/;SameSite=None;Secure;HttpOnly
Primary Request SSO.ping
sso.burberry.com/idp/RysvO_AT8IQ/resumeSAML20/idp/
Redirect Chain
  • https://sso.burberry.com/idp/AT8IQ/resumeSAML20/idp/SSO.ping
  • https://sso.burberry.com/idp/RysvO_AT8IQ/resumeSAML20/idp/SSO.ping
7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sso.burberry.com/idp/RysvO_AT8IQ/resumeSAML20/idp/SSO.ping
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.31.91.28 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a184-31-91-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c9f9eaf982627f03a7cd2482f2955545e27dcd658867b3078ec4def55d35bb77
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'unsafe-eval' 'self' data: https://burberry.scene7.com https://api.burberry.com ; frame-ancestors 'self' https://*.hana.ondemand.com https://*.crm.ondemand.com https://z2.le.liveperson.net https://oauth.apps.burberry.com http://clt-uat.apps.burberry.com http://clt.apps.burberry.com https://teamburberry.com https://api.burberry.com;
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Host
sso.burberry.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Referer
https://sso.burberry.com/
Accept-Encoding
gzip, deflate, br
Cookie
JSESSIONID=qrhrtv48sh4o14nrrftpta172; PF=uuNaG7DnSylOaAH8xntuS9xkO2fedUoIuLm9gvr6kb1b
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://sso.burberry.com/

Response headers

Referrer-Policy
origin
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000
Content-Security-Policy
default-src 'unsafe-inline' 'unsafe-eval' 'self' data: https://burberry.scene7.com https://api.burberry.com ; frame-ancestors 'self' https://*.hana.ondemand.com https://*.crm.ondemand.com https://z2.le.liveperson.net https://oauth.apps.burberry.com http://clt-uat.apps.burberry.com http://clt.apps.burberry.com https://teamburberry.com https://api.burberry.com;
Cache-Control
no-cache, no-store
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Type
text/html;charset=utf-8
Vary
Accept-Encoding
Content-Encoding
gzip
Date
Mon, 10 Feb 2020 03:32:38 GMT
Content-Length
2109
Connection
keep-alive

Redirect headers

Cache-Control
no-cache, no-store
Content-Type
text/html;charset=utf-8
Strict-Transport-Security
max-age=31536000
Content-Security-Policy
default-src 'unsafe-inline' 'unsafe-eval' 'self' data: https://burberry.scene7.com https://api.burberry.com ; frame-ancestors 'self' https://*.hana.ondemand.com https://*.crm.ondemand.com https://z2.le.liveperson.net https://oauth.apps.burberry.com http://clt-uat.apps.burberry.com http://clt.apps.burberry.com https://teamburberry.com https://api.burberry.com;
Location
https://sso.burberry.com/idp/RysvO_AT8IQ/resumeSAML20/idp/SSO.ping
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
X-Frame-Options
SAMEORIGIN
Referrer-Policy
origin
Content-Length
0
Date
Mon, 10 Feb 2020 03:32:38 GMT
Connection
keep-alive
Set-Cookie
PF=uuNaG7DnSylOaAH8xntuS9xkO2fedUoIuLm9gvr6kb1b;Path=/;SameSite=None;Secure;HttpOnly
main.css
sso.burberry.com/assets/css/ 		150 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sso.burberry.com/assets/css/main.css
Requested by
Host: sso.burberry.com
URL: https://sso.burberry.com/idp/RysvO_AT8IQ/resumeSAML20/idp/SSO.ping
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.31.91.28 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a184-31-91-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6e00bd06a0a9c3bf4a098872d0f332162b4c9a44162a4517d8ba85e6dfa6944d
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'unsafe-eval' 'self' data: https://burberry.scene7.com https://api.burberry.com ; frame-ancestors 'self' https://*.hana.ondemand.com https://*.crm.ondemand.com https://z2.le.liveperson.net https://oauth.apps.burberry.com http://clt-uat.apps.burberry.com http://clt.apps.burberry.com https://teamburberry.com https://api.burberry.com;
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://sso.burberry.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
Referrer-Policy
origin
Last-Modified
Sun, 02 Feb 2020 12:55:51 GMT
Date
Mon, 10 Feb 2020 03:32:38 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
must-revalidate, max-age=0
Content-Security-Policy
default-src 'unsafe-inline' 'unsafe-eval' 'self' data: https://burberry.scene7.com https://api.burberry.com ; frame-ancestors 'self' https://*.hana.ondemand.com https://*.crm.ondemand.com https://z2.le.liveperson.net https://oauth.apps.burberry.com http://clt-uat.apps.burberry.com http://clt.apps.burberry.com https://teamburberry.com https://api.burberry.com;
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
19904
burberry.css
sso.burberry.com/assets/css/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sso.burberry.com/assets/css/burberry.css
Requested by
Host: sso.burberry.com
URL: https://sso.burberry.com/idp/RysvO_AT8IQ/resumeSAML20/idp/SSO.ping
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.31.91.28 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a184-31-91-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
99920cd12205ad6031f3d3d34a9e2913dff0a5a6fad8a1f25b75f67114b38c7e
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'unsafe-eval' 'self' data: https://burberry.scene7.com https://api.burberry.com ; frame-ancestors 'self' https://*.hana.ondemand.com https://*.crm.ondemand.com https://z2.le.liveperson.net https://oauth.apps.burberry.com http://clt-uat.apps.burberry.com http://clt.apps.burberry.com https://teamburberry.com https://api.burberry.com;
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://sso.burberry.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
Referrer-Policy
origin
Last-Modified
Sun, 02 Feb 2020 13:05:19 GMT
Date
Mon, 10 Feb 2020 03:32:38 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
must-revalidate, max-age=0
Content-Security-Policy
default-src 'unsafe-inline' 'unsafe-eval' 'self' data: https://burberry.scene7.com https://api.burberry.com ; frame-ancestors 'self' https://*.hana.ondemand.com https://*.crm.ondemand.com https://z2.le.liveperson.net https://oauth.apps.burberry.com http://clt-uat.apps.burberry.com http://clt.apps.burberry.com https://teamburberry.com https://api.burberry.com;
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
1134
bg
burberry.scene7.com/is/image/Burberryltd/ 		269 KB
270 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://burberry.scene7.com/is/image/Burberryltd/bg?$login_screen_backgrounds$
Requested by
Host: sso.burberry.com
URL: https://sso.burberry.com/idp/RysvO_AT8IQ/resumeSAML20/idp/SSO.ping
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28b::9b6 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Unknown /
Resource Hash
ae863c6915fdeeeae7c401552cccb0d4884504cac077da5d325dd3cc68be5d3c

Request headers

Referer
https://sso.burberry.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 10 Feb 2020 03:32:38 GMT
last-modified
Wed, 05 Feb 2020 10:04:01 GMT
server
Unknown
access-control-allow-origin
*
etag
"57cf978177741004424e5783fd6adbd6"
content-type
image/jpeg
status
200
content-length
275489
expires
Mon, 10 Feb 2020 08:48:15 GMT
logo.png
sso.burberry.com/assets/images/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sso.burberry.com/assets/images/logo.png
Requested by
Host: sso.burberry.com
URL: https://sso.burberry.com/idp/RysvO_AT8IQ/resumeSAML20/idp/SSO.ping
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.31.91.28 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a184-31-91-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
10c7481934625c188f4b75debcc67ecadee340591c8de49d1180eabb9a155a03
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'unsafe-eval' 'self' data: https://burberry.scene7.com https://api.burberry.com ; frame-ancestors 'self' https://*.hana.ondemand.com https://*.crm.ondemand.com https://z2.le.liveperson.net https://oauth.apps.burberry.com http://clt-uat.apps.burberry.com http://clt.apps.burberry.com https://teamburberry.com https://api.burberry.com;
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://sso.burberry.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Referrer-Policy
origin
Last-Modified
Sun, 02 Feb 2020 13:01:34 GMT
Date
Mon, 10 Feb 2020 03:32:38 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
must-revalidate, max-age=0
Content-Security-Policy
default-src 'unsafe-inline' 'unsafe-eval' 'self' data: https://burberry.scene7.com https://api.burberry.com ; frame-ancestors 'self' https://*.hana.ondemand.com https://*.crm.ondemand.com https://z2.le.liveperson.net https://oauth.apps.burberry.com http://clt-uat.apps.burberry.com http://clt.apps.burberry.com https://teamburberry.com https://api.burberry.com;
Connection
keep-alive
Content-Length
31115
ProximaNova-Light.otf
sso.burberry.com/assets/fonts/proxima-nova/ 		61 KB
62 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sso.burberry.com/assets/fonts/proxima-nova/ProximaNova-Light.otf
Requested by
Host: sso.burberry.com
URL: https://sso.burberry.com/idp/RysvO_AT8IQ/resumeSAML20/idp/SSO.ping
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.31.91.28 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a184-31-91-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0f77660e06a5f61a45c4dbdab511722357cf29e7f5ba1b2cf097550afdb0ed20
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'unsafe-eval' 'self' data: https://burberry.scene7.com https://api.burberry.com ; frame-ancestors 'self' https://*.hana.ondemand.com https://*.crm.ondemand.com https://z2.le.liveperson.net https://oauth.apps.burberry.com http://clt-uat.apps.burberry.com http://clt.apps.burberry.com https://teamburberry.com https://api.burberry.com;
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://sso.burberry.com/
Origin
https://sso.burberry.com

Response headers

Strict-Transport-Security
max-age=31536000
Referrer-Policy
origin
Last-Modified
Sun, 02 Feb 2020 12:50:09 GMT
Date
Mon, 10 Feb 2020 03:32:38 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/vnd.oasis.opendocument.formula-template
Cache-Control
max-age=0, must-revalidate
Content-Security-Policy
default-src 'unsafe-inline' 'unsafe-eval' 'self' data: https://burberry.scene7.com https://api.burberry.com ; frame-ancestors 'self' https://*.hana.ondemand.com https://*.crm.ondemand.com https://z2.le.liveperson.net https://oauth.apps.burberry.com http://clt-uat.apps.burberry.com http://clt.apps.burberry.com https://teamburberry.com https://api.burberry.com;
Connection
keep-alive
Content-Length
62968
ProximaNova-Regular.otf
sso.burberry.com/assets/fonts/proxima-nova/ 		61 KB
62 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sso.burberry.com/assets/fonts/proxima-nova/ProximaNova-Regular.otf
Requested by
Host: sso.burberry.com
URL: https://sso.burberry.com/idp/RysvO_AT8IQ/resumeSAML20/idp/SSO.ping
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.31.91.28 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a184-31-91-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2b80fbe521e07e4e84eb52e707b364c3e6c05c57e483276dc4b3be93a9794ba9
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'unsafe-eval' 'self' data: https://burberry.scene7.com https://api.burberry.com ; frame-ancestors 'self' https://*.hana.ondemand.com https://*.crm.ondemand.com https://z2.le.liveperson.net https://oauth.apps.burberry.com http://clt-uat.apps.burberry.com http://clt.apps.burberry.com https://teamburberry.com https://api.burberry.com;
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://sso.burberry.com/
Origin
https://sso.burberry.com

Response headers

Strict-Transport-Security
max-age=31536000
Referrer-Policy
origin
Last-Modified
Sun, 02 Feb 2020 12:49:59 GMT
Date
Mon, 10 Feb 2020 03:32:38 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/vnd.oasis.opendocument.formula-template
Cache-Control
max-age=0, must-revalidate
Content-Security-Policy
default-src 'unsafe-inline' 'unsafe-eval' 'self' data: https://burberry.scene7.com https://api.burberry.com ; frame-ancestors 'self' https://*.hana.ondemand.com https://*.crm.ondemand.com https://z2.le.liveperson.net https://oauth.apps.burberry.com http://clt-uat.apps.burberry.com http://clt.apps.burberry.com https://teamburberry.com https://api.burberry.com;
Connection
keep-alive
Content-Length
62892

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| postForgotPassword function| postAlternateAuthnSystem function| postRegistration function| postOk function| postCancel function| postOnReturn function| setFocus function| setMobile function| getScreenWidth object| bodyTag number| width boolean| remember

2 Cookies

Domain/Path Name / Value
sso.burberry.com/ Name: PF
Value: uuNaG7DnSylOaAH8xntuS9xkO2fedUoIuLm9gvr6kb1b
sso.burberry.com/ Name: JSESSIONID
Value: qrhrtv48sh4o14nrrftpta172

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536002; includeSubDomains