URL: https://b2c.fhlbc.com/224ad455-3231-40c4-b065-c1db15713e45/B2C_1A_9_SIGNIN/oauth2/v2.0/authorize?brand=ebanking&respon...
Submission: On January 12 via manual from IN — Scanned from DE

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 11 HTTP transactions. The main IP is 2620:1ec:bdf::45, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is b2c.fhlbc.com.
TLS certificate: Issued by GeoTrust Global TLS RSA4096 SHA256 20... on December 5th 2023. Valid for: 6 months.
This is the only time b2c.fhlbc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2620:1ec:bdf::45 8075 (MICROSOFT...)
4 52.239.169.164 8075 (MICROSOFT...)
1 2606:2800:133... 15133 (EDGECAST)
2 13.69.106.208 8075 (MICROSOFT...)
1 152.199.19.160 15133 (EDGECAST)
11 6
Apex Domain
Subdomains
Transfer
4 windows.net
fhlbcazureprodb2cstorage.blob.core.windows.net
170 KB
2 visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 729
281 B
2 fhlbc.com
b2c.fhlbc.com
397 KB
1 aspnetcdn.com
ajax.aspnetcdn.com — Cisco Umbrella Rank: 2316
27 KB
1 msecnd.net
az416426.vo.msecnd.net — Cisco Umbrella Rank: 2383
22 KB
0 microsoftonline.com Failed
login.microsoftonline.com Failed
11 6
Domain Requested by
4 fhlbcazureprodb2cstorage.blob.core.windows.net b2c.fhlbc.com
2 dc.services.visualstudio.com az416426.vo.msecnd.net
2 b2c.fhlbc.com az416426.vo.msecnd.net
1 ajax.aspnetcdn.com b2c.fhlbc.com
1 az416426.vo.msecnd.net b2c.fhlbc.com
0 login.microsoftonline.com Failed
11 6

This site contains no links.

Subject Issuer Validity Valid
b2c.fhlbc.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1
2023-12-05 -
2024-06-05
6 months crt.sh
*.blob.core.windows.net
Microsoft RSA TLS CA 01
2023-09-27 -
2024-09-27
a year crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA
2023-05-05 -
2024-04-28
a year crt.sh
in.applicationinsights.azure.com
Microsoft Azure RSA TLS Issuing CA 07
2023-09-02 -
2024-08-27
a year crt.sh

This page contains 1 frames:

Primary Page: https://b2c.fhlbc.com/224ad455-3231-40c4-b065-c1db15713e45/B2C_1A_9_SIGNIN/oauth2/v2.0/authorize?brand=ebanking&response_type=code&response_mode=form_post&redirect_uri=https%3A%2F%2Fmembers.fhlbc.com%2Fb4b-web%2Fmkt%2Fhome.jsf&client_id=1628ee71-1ec3-4d1a-a305-475203d8e529&scope=openid+offline_access&state=d15dbffe-b54c-4133-b8d4-24d402f41bb9&nonce=3381188a-8cec-4d2a-8aa1-6d8e3de97118
Frame ID: 47948C427FE422A82527F54A7BFF3577
Requests: 10 HTTP requests in this frame

Screenshot

Page Title

Federal Home Loan Bank of Chicago | FHLBank Chicago

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Page Statistics

11
Requests

91 %
HTTPS

40 %
IPv6

6
Domains

6
Subdomains

6
IPs

2
Countries

617 kB
Transfer

776 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request authorize
b2c.fhlbc.com/224ad455-3231-40c4-b065-c1db15713e45/B2C_1A_9_SIGNIN/oauth2/v2.0/
394 KB
396 KB
Document
General
Full URL
https://b2c.fhlbc.com/224ad455-3231-40c4-b065-c1db15713e45/B2C_1A_9_SIGNIN/oauth2/v2.0/authorize?brand=ebanking&response_type=code&response_mode=form_post&redirect_uri=https%3A%2F%2Fmembers.fhlbc.com%2Fb4b-web%2Fmkt%2Fhome.jsf&client_id=1628ee71-1ec3-4d1a-a305-475203d8e529&scope=openid+offline_access&state=d15dbffe-b54c-4133-b8d4-24d402f41bb9&nonce=3381188a-8cec-4d2a-8aa1-6d8e3de97118
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0763b0e9d2051df96e8719ae8fcf4cd289dcab6e58e2f30dc464b77ff9742165
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
allow
OPTIONS TRACE GET HEAD POST
cache-control
no-store, must-revalidate, no-cache
content-length
403087
content-type
text/html; charset=utf-8
date
Fri, 12 Jan 2024 17:32:51 GMT
expires
-1
public
OPTIONS,TRACE,GET,HEAD,POST
strict-transport-security
max-age=31536000; includeSubDomains
x-azure-ref
20240112T173249Z-a6zqqashsp7br9kaxm6avkdhr800000000m0000000012yd9
x-build
1.1.39.0
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-frame-options
DENY
x-ms-gateway-requestid
87cc30d6-e018-4168-9f4c-338b0d503971
x-request-id
86123560-0a4f-4de5-846e-c040988a2d5e
x-ua-compatible
IE=edge
x-xss-protection
1; mode=block
selfAsserted.html
fhlbcazureprodb2cstorage.blob.core.windows.net/fhlbcazureprodb2cblob/B2C-HTML-Templates/ebanking/
19 KB
20 KB
XHR
General
Full URL
https://fhlbcazureprodb2cstorage.blob.core.windows.net/fhlbcazureprodb2cblob/B2C-HTML-Templates/ebanking/selfAsserted.html?v=87148
Requested by
Host: b2c.fhlbc.com
URL: https://b2c.fhlbc.com/224ad455-3231-40c4-b065-c1db15713e45/B2C_1A_9_SIGNIN/oauth2/v2.0/authorize?brand=ebanking&response_type=code&response_mode=form_post&redirect_uri=https%3A%2F%2Fmembers.fhlbc.com%2Fb4b-web%2Fmkt%2Fhome.jsf&client_id=1628ee71-1ec3-4d1a-a305-475203d8e529&scope=openid+offline_access&state=d15dbffe-b54c-4133-b8d4-24d402f41bb9&nonce=3381188a-8cec-4d2a-8aa1-6d8e3de97118
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.169.164 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
91d1048ab772e94cb0c684b73fb4869b4ce67f03ee13688186b6de7244a9d7ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b2c.fhlbc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 12 Jan 2024 17:32:51 GMT
Last-Modified
Fri, 20 Oct 2023 00:06:53 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
9SzUtIBVmcHHRp2fvuj36Q==
ETag
0x8DBD100773AEA74
Vary
Origin
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://b2c.fhlbc.com
x-ms-request-id
4b243392-001e-00ec-707d-45ecf6000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Access-Control-Allow-Credentials
true
x-ms-version
2009-09-19
Content-Length
19806
ai.0.js
az416426.vo.msecnd.net/scripts/a/
94 KB
22 KB
Script
General
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: b2c.fhlbc.com
URL: https://b2c.fhlbc.com/224ad455-3231-40c4-b065-c1db15713e45/B2C_1A_9_SIGNIN/oauth2/v2.0/authorize?brand=ebanking&response_type=code&response_mode=form_post&redirect_uri=https%3A%2F%2Fmembers.fhlbc.com%2Fb4b-web%2Fmkt%2Fhome.jsf&client_id=1628ee71-1ec3-4d1a-a305-475203d8e529&scope=openid+offline_access&state=d15dbffe-b54c-4133-b8d4-24d402f41bb9&nonce=3381188a-8cec-4d2a-8aa1-6d8e3de97118
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CD6) /
Resource Hash
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b2c.fhlbc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 12 Jan 2024 17:32:51 GMT
content-encoding
gzip
x-ms-meta-lastmodified
2020-10-01 19:31:04
content-md5
HdY95yzx9wIyQkVEGES+Ew==
age
1139
x-cache
HIT
content-length
22495
x-ms-lease-status
unlocked
last-modified
Thu, 11 Mar 2021 07:46:59 GMT
server
ECAcc (frc/4CD6)
etag
0x8D8E461DA1A5889
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
f1bc735c-c01e-00d2-6b7a-45fae9000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
expires
Fri, 12 Jan 2024 18:02:51 GMT
track
dc.services.visualstudio.com/v2/
0
0
Preflight
General
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.106.208 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://b2c.fhlbc.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
date
Fri, 12 Jan 2024 17:32:51 GMT
x-content-type-options
nosniff
track
dc.services.visualstudio.com/v2/
96 B
281 B
XHR
General
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.106.208 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9db3a19cd24c7d3546275dbfffaef2143b476590bba18e946dd8d6010c3609d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://b2c.fhlbc.com/
accept-language
de-DE,de;q=0.9
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
36636FF3-0D35-469E-92BE-FAA904DF11F1
strict-transport-security
max-age=31536000
date
Fri, 12 Jan 2024 17:32:51 GMT
x-content-type-options
nosniff
access-control-max-age
3600
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length
96
logo.jpg
fhlbcazureprodb2cstorage.blob.core.windows.net/fhlbcazureprodb2cblob/B2C-HTML-Templates/global/images/
108 KB
108 KB
Image
General
Full URL
https://fhlbcazureprodb2cstorage.blob.core.windows.net/fhlbcazureprodb2cblob/B2C-HTML-Templates/global/images/logo.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.169.164 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
2d15d212267fdf46e779935525706816462665897d44904e2c77fb664ba8cd1c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b2c.fhlbc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 12 Jan 2024 17:32:51 GMT
Last-Modified
Fri, 20 Oct 2023 00:06:53 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
izEg9/qIdNAZqv1Tw5Pc7w==
ETag
0x8DBD1007732121E
Vary
Origin
Content-Type
application/octet-stream
x-ms-request-id
b1c1dc22-301e-009f-307d-4563f0000000
x-ms-version
2009-09-19
Content-Length
110302
brand.png
fhlbcazureprodb2cstorage.blob.core.windows.net/fhlbcazureprodb2cblob/B2C-HTML-Templates/ebanking/images/
34 KB
35 KB
Image
General
Full URL
https://fhlbcazureprodb2cstorage.blob.core.windows.net/fhlbcazureprodb2cblob/B2C-HTML-Templates/ebanking/images/brand.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.169.164 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
accfaa59db9dbc63a8dc934ebb39aa34b86de182ac69c68459943d86c7f4ea3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b2c.fhlbc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 12 Jan 2024 17:32:52 GMT
Last-Modified
Fri, 20 Oct 2023 00:06:53 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
QHmOoM+z/jUCP5DwKJPxqw==
ETag
0x8DBD10077448602
Vary
Origin
Content-Type
application/octet-stream
x-ms-request-id
2e96c527-301e-0037-1f7d-45fd87000000
x-ms-version
2009-09-19
Content-Length
35078
bootstrap.min.css
ajax.aspnetcdn.com/ajax/bootstrap/3.3.5/css/
120 KB
27 KB
Stylesheet
General
Full URL
https://ajax.aspnetcdn.com/ajax/bootstrap/3.3.5/css/bootstrap.min.css
Requested by
Host: b2c.fhlbc.com
URL: https://b2c.fhlbc.com/224ad455-3231-40c4-b065-c1db15713e45/B2C_1A_9_SIGNIN/oauth2/v2.0/authorize?brand=ebanking&response_type=code&response_mode=form_post&redirect_uri=https%3A%2F%2Fmembers.fhlbc.com%2Fb4b-web%2Fmkt%2Fhome.jsf&client_id=1628ee71-1ec3-4d1a-a305-475203d8e529&scope=openid+offline_access&state=d15dbffe-b54c-4133-b8d4-24d402f41bb9&nonce=3381188a-8cec-4d2a-8aa1-6d8e3de97118
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4C97) /
Resource Hash
31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b2c.fhlbc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 17:32:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10347411
x-cache
HIT
content-length
27825
x-xss-protection
1; mode=block
last-modified
Mon, 31 Oct 2016 23:10:15 GMT
server
ECAcc (frc/4C97)
etag
"cab57ff0cb33d21:0"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
api_modifiers.js
fhlbcazureprodb2cstorage.blob.core.windows.net/fhlbcazureprodb2cblob/B2C-HTML-Templates/global/scripts/
7 KB
7 KB
Script
General
Full URL
https://fhlbcazureprodb2cstorage.blob.core.windows.net/fhlbcazureprodb2cblob/B2C-HTML-Templates/global/scripts/api_modifiers.js?v=87148
Requested by
Host: b2c.fhlbc.com
URL: https://b2c.fhlbc.com/224ad455-3231-40c4-b065-c1db15713e45/B2C_1A_9_SIGNIN/oauth2/v2.0/authorize?brand=ebanking&response_type=code&response_mode=form_post&redirect_uri=https%3A%2F%2Fmembers.fhlbc.com%2Fb4b-web%2Fmkt%2Fhome.jsf&client_id=1628ee71-1ec3-4d1a-a305-475203d8e529&scope=openid+offline_access&state=d15dbffe-b54c-4133-b8d4-24d402f41bb9&nonce=3381188a-8cec-4d2a-8aa1-6d8e3de97118
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.169.164 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
8dc831fa58fe57445a9dda8ed683dd301d3440dabcd45e7a5c92d5286a8992fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b2c.fhlbc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 12 Jan 2024 17:32:51 GMT
Last-Modified
Fri, 20 Oct 2023 00:06:53 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
TZmIBKVmxsg7bdNmZ+xLfg==
ETag
0x8DBD1007735BB17
Vary
Origin
Content-Type
application/octet-stream
x-ms-request-id
9db8207e-001e-0094-0b7d-4546e7000000
x-ms-version
2009-09-19
Content-Length
6921
segoeui.WOFF
login.microsoftonline.com/templates/src/fonts/
0
0

perftrace
b2c.fhlbc.com/224ad455-3231-40c4-b065-c1db15713e45/B2C_1A_9_SignIn/client/
0
416 B
XHR
General
Full URL
https://b2c.fhlbc.com/224ad455-3231-40c4-b065-c1db15713e45/B2C_1A_9_SignIn/client/perftrace?tx=StateProperties=eyJUSUQiOiI4NjEyMzU2MC0wYTRmLTRkZTUtODQ2ZS1jMDQwOTg4YTJkNWUifQ&p=B2C_1A_9_SignIn
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

X-CSRF-TOKEN
a0l2SERaaHdoQTNGbFJpVXhCTmlrOXgvZUlBdDQvVkY0S0dHRmFPMEJvOThaUU45dk5yMTlMQnlqRmVOMGdFLzBuNWpMKzlUZ2EvcWpBR3NheEtBQWc9PTsyMDI0LTAxLTEyVDE3OjMyOjUwLjY3Mjg0MDdaO2dQUmpkSE1COEFxV2hCeER3ODBqRFE9PTt7IlRhcmdldEVudGl0eSI6Ik9BVVRILUJyYW5kaW5nUGF0aFRyYW5zZm9ybSIsIk9yY2hlc3RyYXRpb25TdGVwIjozfQ==
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json; charset=UTF-8
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://b2c.fhlbc.com/224ad455-3231-40c4-b065-c1db15713e45/B2C_1A_9_SIGNIN/oauth2/v2.0/authorize?brand=ebanking&response_type=code&response_mode=form_post&redirect_uri=https%3A%2F%2Fmembers.fhlbc.com%2Fb4b-web%2Fmkt%2Fhome.jsf&client_id=1628ee71-1ec3-4d1a-a305-475203d8e529&scope=openid+offline_access&state=d15dbffe-b54c-4133-b8d4-24d402f41bb9&nonce=3381188a-8cec-4d2a-8aa1-6d8e3de97118
X-Requested-With
XMLHttpRequest
Request-Id
|IhMdm.B6bTK

Response headers

date
Fri, 12 Jan 2024 17:32:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-frame-options
DENY
allow
OPTIONS, TRACE, GET, HEAD, POST
x-cache
CONFIG_NOCACHE
x-azure-ref
20240112T173251Z-a6zqqashsp7br9kaxm6avkdhr800000000m0000000012yst
public
OPTIONS,TRACE,GET,HEAD,POST
cache-control
no-store, must-revalidate, no-cache
accept-ranges
bytes
x-ms-gateway-requestid
9bec21d4-6587-42c0-a69c-612322688ce7
content-length
0
x-xss-protection
1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
login.microsoftonline.com
URL
https://login.microsoftonline.com/templates/src/fonts/segoeui.WOFF

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| SA_FIELDS object| CONTENT object| SETTINGS string| staticHost string| targetSlice string| targetDc number| initializationTimeout boolean| diagsAlways number| maxTrace function| QRCode function| PageLoadTime function| _isFunction function| _mapObject function| _getPerformanceObjectData function| $trace object| $diags object| $santizer object| preloadCssLink function| checkCssPreloaded function| preloadJavaScript object| $cors function| applyTenantBranding function| sendPageLoadTime object| $i2e object| $modal object| $predicateValidation object| $element function| $ function| jQuery boolean| pageReady object| Handlebars object| appInsights object| AI object| Microsoft function| __extends function| _endsWith boolean| contentReady function| sleep function| showPwdReqs function| inputFocus function| initQRPage undefined| observer function| initEmailTotp

6 Cookies

Domain/Path Name / Value
.b2c.fhlbc.com/ Name: x-ms-cpim-csrf
Value: a0l2SERaaHdoQTNGbFJpVXhCTmlrOXgvZUlBdDQvVkY0S0dHRmFPMEJvOThaUU45dk5yMTlMQnlqRmVOMGdFLzBuNWpMKzlUZ2EvcWpBR3NheEtBQWc9PTsyMDI0LTAxLTEyVDE3OjMyOjUwLjY3Mjg0MDdaO2dQUmpkSE1COEFxV2hCeER3ODBqRFE9PTt7IlRhcmdldEVudGl0eSI6Ik9BVVRILUJyYW5kaW5nUGF0aFRyYW5zZm9ybSIsIk9yY2hlc3RyYXRpb25TdGVwIjozfQ==
.b2c.fhlbc.com/ Name: x-ms-cpim-cache|ydushk8k5u2ebsbamiotxg_0
Value: m1.iKjPs0e5HQN0ibyy.B3B3wISpA/XunQvDVwbc5w==.0.G2ydgZEk6tM1C4OSZ6EKFMDC3Ye4N3ZD7ReeCDIliUQo1l+2LOn4Zaapsg+KaMf9YQLc87g8bX+HtPeFgOJ/aUK+aW4sYU5Z81otmHjPdlyly1wgEaxwN364SBgCDWrPWiKx1F+ykj4xwF1Ia3+UuLh0zaxKhvvl5d/wR2+MiNk+m6mIQ52cipAl/gL0fuyJ31lAKiQDYnN5eiOcLPjdxzqp82HTyWi/oxbRuKz8rMci+GCAvEriTjs+O0/nENQB//zRnBNfgpKHx9/NHS2WvbKK9OLozjaVFpq5me9WNnSzrKQNeygLvJZCB0apUUKt8WowSldTXRgUAtIdHOZ6UqFBAmkZlXtZ/EtvEMSzbOpfgCI8UwpsEhWhdCUvp6p8tPWSD2b68G/ochzMMC36MLRReS/D5lonJL8fBoK1rxrxCAeEEKY0a30qtqwuaryPEGWwuaNimt6+jQjNLu+ZBr2NAK+biq+C41WxRNEYHGkA2S2RQIkr3CXQRv/6pSIRE3QnSQLlCMbcNjceTe8k+/oNGpKOl2yWnoZdeFs4j6EyRqTip0qYgDmhpB7YaRx+s/50pNTvWxI1X/MQMWB+LklRDSXg98KBoTctJf3RHWnsu+a7884oRj+Hf7NAXQTVUNREp0c/61Ah1DnPCpWeB3CtGwC/fY1AaO1zcfyt1ICaTgxzCR+o9vFzBfIQWFSV0bTNUY7AHf9R4dYpNbh1DDJOZtZ14s0IYAQ5PzOMiE8+KRCoUdvku5V+R3JDEN3IA9ilOLdrlhNSyOnd3HCZwdsLgE06OHB5cINpYbQoqHZ89G8Kruchn3EArf0wR5n77nSr2z2hKg==
.b2c.fhlbc.com/ Name: x-ms-cpim-trans
Value: eyJUX0RJQyI6W3siSSI6Ijg2MTIzNTYwLTBhNGYtNGRlNS04NDZlLWMwNDA5ODhhMmQ1ZSIsIlQiOiJmaGxiYW5rY2hpY2Fnb3Byb2RiMmMub25taWNyb3NvZnQuY29tIiwiUCI6IkIyQ18xQV85X1NJR05JTiIsIkMiOiIxNjI4ZWU3MS0xZWMzLTRkMWEtYTMwNS00NzUyMDNkOGU1MjkiLCJTIjoxLCJNIjp7fSwiRCI6MCwiRSI6IiJ9XSwiQ19JRCI6Ijg2MTIzNTYwLTBhNGYtNGRlNS04NDZlLWMwNDA5ODhhMmQ1ZSJ9
b2c.fhlbc.com/ Name: x-ms-cpim-geo
Value: NA
b2c.fhlbc.com/ Name: ai_user
Value: dLzoP|2024-01-12T17:32:51.448Z
b2c.fhlbc.com/ Name: ai_session
Value: K8ovs|1705080771552.2|1705080771552.2

2 Console Messages

Source Level URL
Text
javascript error URL: https://b2c.fhlbc.com/224ad455-3231-40c4-b065-c1db15713e45/B2C_1A_9_SIGNIN/oauth2/v2.0/authorize?brand=ebanking&response_type=code&response_mode=form_post&redirect_uri=https%3A%2F%2Fmembers.fhlbc.com%2Fb4b-web%2Fmkt%2Fhome.jsf&client_id=1628ee71-1ec3-4d1a-a305-475203d8e529&scope=openid+offline_access&state=d15dbffe-b54c-4133-b8d4-24d402f41bb9&nonce=3381188a-8cec-4d2a-8aa1-6d8e3de97118
Message:
Access to font at 'https://login.microsoftonline.com/templates/src/fonts/segoeui.WOFF' from origin 'https://b2c.fhlbc.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://login.microsoftonline.com/templates/src/fonts/segoeui.WOFF
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block