urlscan.io logo urlscan.io
SecurityTrails logo

login.inbcu.com Open in urlscan Pro
50.228.145.65  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://oneportallxp.bridgeapp.com/
Effective URL: https://login.inbcu.com/login/login.jsp?TYPE=33554433&REALMOID=06-000d56e9-fa73-1cdd-b904-451d6475f045&GUID=&SMAUTHREASO...
Submission: On April 30 via manual from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 3 domains to perform 27 HTTP transactions. The main IP is 50.228.145.65, located in New York, United States and belongs to NBCUNI, US. The main domain is login.inbcu.com. The Cisco Umbrella rank of the primary domain is 779514.
TLS certificate: Issued by Entrust Certification Authority - L1K on January 19th 2024. Valid for: a year.
This is the only time login.inbcu.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 3.132.202.58 16509 (AMAZON-02)
7 2600:9000:212... 16509 (AMAZON-02)
1 2600:9000:275... 16509 (AMAZON-02)
1 1 3.19.126.176 16509 (AMAZON-02)
1 1 50.228.145.84 54040 (NBCUNI)
1 1 50.228.145.45 54040 (NBCUNI)
16 50.228.145.65 54040 (NBCUNI)
27 4
4    3.132.202.58 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-132-202-58.us-east-2.compute.amazonaws.com
oneportallxp.bridgeapp.com
7    2600:9000:2127:9800:1:26e7:7300:21 (United States)

ASN16509 (AMAZON-02, US)
d2d1a1b3wf59e4.cloudfront.net
1    2600:9000:275b:8800:1e:9da5:14c0:21 (United States)

ASN16509 (AMAZON-02, US)
dw8xk2vy8bp77.cloudfront.net
1    3.19.126.176 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-19-126-176.us-east-2.compute.amazonaws.com
auth.bridgeapp.com
1    50.228.145.84 (New York, United States)

ASN54040 (NBCUNI, US)
fss.inbcu.com
1    50.228.145.45 (New York, United States)

ASN54040 (NBCUNI, US)
ssoapp.inbcu.com
16    50.228.145.65 (New York, United States)

ASN54040 (NBCUNI, US)
login.inbcu.com
Apex Domain
Subdomains		 Transfer
18 inbcu.com
fss.inbcu.com — Cisco Umbrella Rank: 743623
ssoapp.inbcu.com — Cisco Umbrella Rank: 964707
login.inbcu.com — Cisco Umbrella Rank: 779514
134 KB
8 cloudfront.net
d2d1a1b3wf59e4.cloudfront.net
dw8xk2vy8bp77.cloudfront.net
192 KB
5 bridgeapp.com
oneportallxp.bridgeapp.com
auth.bridgeapp.com — Cisco Umbrella Rank: 179044
5 KB
27 3
Domain Requested by
16 login.inbcu.com d2d1a1b3wf59e4.cloudfront.net
login.inbcu.com
7 d2d1a1b3wf59e4.cloudfront.net oneportallxp.bridgeapp.com
4 oneportallxp.bridgeapp.com 1 redirects d2d1a1b3wf59e4.cloudfront.net
1 ssoapp.inbcu.com 1 redirects
1 fss.inbcu.com 1 redirects
1 auth.bridgeapp.com 1 redirects
1 dw8xk2vy8bp77.cloudfront.net d2d1a1b3wf59e4.cloudfront.net
27 7

This site contains links to these domains. Also see Links.

Domain
sso.inbcu.com
Subject Issuer Validity Valid
*.bridgeapp.com
Amazon RSA 2048 M02		 2023-12-29 -
2025-01-26		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
login.inbcu.com
Entrust Certification Authority - L1K		 2024-01-19 -
2025-02-01		 a year crt.sh

This page contains 1 frames:

Primary Page: https://login.inbcu.com/login/login.jsp?TYPE=33554433&REALMOID=06-000d56e9-fa73-1cdd-b904-451d6475f045&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=RQKccLcMprYPqjFTCoTfY0v4Zz7Z8rTefpng0g1kZrxaLipEuRiw16SHzM7DmnGz&TARGET=-SM-HTTPS%3a%2f%2fssoapp%2einbcu%2ecom%2fsmpadapter%2fallgroupurl%2ejsp%3fresume%3d%2ffss%2fidp%2frTlkiA10Sa%2fresumeSAML20%2fidp%2fSSO%2eping%26spentity%3dhttps%3a%2f%2fauth%2ebridgeapp%2ecom%2fsaml%2fmetadata%2fda98f19a--1c31--4416--9ba8--93df89d79546
Frame ID: 0B8ABBA8F0CAF47F3148C70AD83E3258
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

NBCUniversal SSO Login

Page URL History Show full URLs

  1. http://oneportallxp.bridgeapp.com/ HTTP 307
    https://oneportallxp.bridgeapp.com/ Page URL
  2. https://oneportallxp.bridgeapp.com/sso/authmonger/login?location=%2F HTTP 302
    https://auth.bridgeapp.com/oauth2/authorize?client_id=257b485a-c779-4fee-8cdd-c04630b1ddba&redirect_uri... HTTP 302
    https://fss.inbcu.com/fss/idp/SSO.saml2?SAMLRequest=jVLBbpwwFPwV5LvBgLOLrWWjbaOokVJlFUgPuUQP2yRWwV... HTTP 302
    https://ssoapp.inbcu.com/smpadapter/allgroupurl.jsp?resume=/fss/idp/rTlkiA10Sa/resumeSAML20/idp/SSO.p... HTTP 302
    https://login.inbcu.com/login/login.jsp?TYPE=33554433&REALMOID=06-000d56e9-fa73-1cdd-b904-451d6475f0... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

27
Requests

100 %
HTTPS

29 %
IPv6

3
Domains

7
Subdomains

4
IPs

1
Countries

328 kB
Transfer

687 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://oneportallxp.bridgeapp.com/ HTTP 307
    https://oneportallxp.bridgeapp.com/ Page URL
  2. https://oneportallxp.bridgeapp.com/sso/authmonger/login?location=%2F HTTP 302
    https://auth.bridgeapp.com/oauth2/authorize?client_id=257b485a-c779-4fee-8cdd-c04630b1ddba&redirect_uri=https%3A%2F%2Foneportallxp.bridgeapp.com%2Fsso%2Fauthmonger%2Fauthorize&response_type=code&state=%2F HTTP 302
    https://fss.inbcu.com/fss/idp/SSO.saml2?SAMLRequest=jVLBbpwwFPwV5LvBgLOLrWWjbaOokVJlFUgPuUQP2yRWwVA%2Fs2r%2FvoTdVdPLtsdnz5vxzHhz%2FbPvooPxaAdXkjRmJDJODdq615I81be0INfbDULfZaPcTeHNPZofk8EQzYsO5fGmJJN3cgC0KB30BmVQstp9vZdZzOTohzCooSPRDtH4MEt9HhxOvfGV8QerzNPjfUneQhhRJgnMKnHjrX41MI6xGvrkXSVR0HUNqO%2BJBlG0qQCaqjylnKcrKhooqMh1Wwi9Fld8RaKb%2BZHWQViMnblbxNi6Rk0L7TwlVo9JVT3EixES3Q5emcVnSVro0JDo7qYkL3wlAJhOzUoYnnFWaChELlqVpWmbAzScrTW7mtG4B0R7MH%2F2ESdz5zCACyXJWMYp4zRndcokZzLncbHOnkm0P8X0ybpj%2FJcybY4glF%2Fqek%2F3D1VNom%2FnGmcAOZUmF3X%2Fsa3LxHCuaMmih3AZ%2Fn5iNW0XqDQu2PCLbP9VZW8CaAjwX1Vuko9Otqfx79%2B4%2FQ0%3D&RelayState=lRGQxg33CMxsUiKCYi_E1Wl45Fd042k4 HTTP 302
    https://ssoapp.inbcu.com/smpadapter/allgroupurl.jsp?resume=/fss/idp/rTlkiA10Sa/resumeSAML20/idp/SSO.ping&spentity=https://auth.bridgeapp.com/saml/metadata/da98f19a-1c31-4416-9ba8-93df89d79546 HTTP 302
    https://login.inbcu.com/login/login.jsp?TYPE=33554433&REALMOID=06-000d56e9-fa73-1cdd-b904-451d6475f045&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=RQKccLcMprYPqjFTCoTfY0v4Zz7Z8rTefpng0g1kZrxaLipEuRiw16SHzM7DmnGz&TARGET=-SM-HTTPS%3a%2f%2fssoapp%2einbcu%2ecom%2fsmpadapter%2fallgroupurl%2ejsp%3fresume%3d%2ffss%2fidp%2frTlkiA10Sa%2fresumeSAML20%2fidp%2fSSO%2eping%26spentity%3dhttps%3a%2f%2fauth%2ebridgeapp%2ecom%2fsaml%2fmetadata%2fda98f19a--1c31--4416--9ba8--93df89d79546 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://oneportallxp.bridgeapp.com/ HTTP 307
  • https://oneportallxp.bridgeapp.com/

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
oneportallxp.bridgeapp.com/
Redirect Chain
  • http://oneportallxp.bridgeapp.com/
  • https://oneportallxp.bridgeapp.com/
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://oneportallxp.bridgeapp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.132.202.58 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-132-202-58.us-east-2.compute.amazonaws.com
Software
AmazonS3 /
Resource Hash
e4114d65723855853221623a9af31ad74910d6235a7465918b0bb4446279d7c1

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

age
11231
cache-control
max-age=604800
content-encoding
gzip
content-type
text/html
date
Tue, 30 Apr 2024 10:40:33 GMT
etag
W/"0813ce6c290c6ad7dbea0312112eb78f"
last-modified
Wed, 07 Feb 2024 17:07:56 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 fbec6fc5d8eb145c138c3b313c9bd5ca.cloudfront.net (CloudFront)
x-amz-cf-id
-Ib_g5-nbIoknkQkv85B9uaBVCDbQO-c4tvRBvbHj8CaDZI_n8fxpg==
x-amz-cf-pop
CMH68-P3
x-amz-server-side-encryption
AES256
x-amz-version-id
K_isAH4GB6SuFCuhSDkOsb_SeQ6M3qoN
x-bsr-version
v0.2.5
x-cache
Hit from cloudfront

Redirect headers

Location
https://oneportallxp.bridgeapp.com/
Non-Authoritative-Reason
HttpsUpgrades
tapestry.a86a2643c4ab349512a2.css
d2d1a1b3wf59e4.cloudfront.net/bridge-platform/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2d1a1b3wf59e4.cloudfront.net/bridge-platform/tapestry.a86a2643c4ab349512a2.css
Requested by
Host: oneportallxp.bridgeapp.com
URL: https://oneportallxp.bridgeapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:9800:1:26e7:7300:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
62c80e12e2a39c4600b5687f79398015ae701ee7af6dd03a3ed409e0fa09c99d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://oneportallxp.bridgeapp.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 04:05:11 GMT
x-amz-version-id
4.Bvl87R71zgIP8FG_rc1v0q1nxVVbr1
content-encoding
gzip
last-modified
Wed, 07 Feb 2024 17:07:56 GMT
server
AmazonS3
via
1.1 3544838dca6112dd616da017a568e76a.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
etag
W/"83b1981fbc943b366aba90c6261217cd"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=604800
age
23723
x-amz-cf-id
uz9c2_B_9puyX09FjAHVo_bF3iGb8vywIl8aw1qJ7PN2DoEKxsCl3w==
polyfills.js
d2d1a1b3wf59e4.cloudfront.net/bridge-platform/packages/@get-bridge/tapestry-polyfills-1.0.2/ 		47 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2d1a1b3wf59e4.cloudfront.net/bridge-platform/packages/@get-bridge/tapestry-polyfills-1.0.2/polyfills.js
Requested by
Host: oneportallxp.bridgeapp.com
URL: https://oneportallxp.bridgeapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:9800:1:26e7:7300:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f550d40029e7faa84f0372ddc24f3615ce56602c6cd309a8a256b55404a2500f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://oneportallxp.bridgeapp.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
QSVJ8ppQQ30o6ZY98DFGat1sjLLzTVB0
content-encoding
gzip
via
1.1 3544838dca6112dd616da017a568e76a.cloudfront.net (CloudFront)
date
Mon, 29 Apr 2024 20:56:09 GMT
last-modified
Wed, 07 Feb 2024 17:07:55 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
49465
x-amz-server-side-encryption
AES256
etag
W/"bee9238860e52448993041bc7eaddaa1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
waqE9vPaHFcfb9nCv12fYPltAkF4wqWhrAawN3yBSaI_oKbKk1h9ug==
first-input-delay.min.js
d2d1a1b3wf59e4.cloudfront.net/bridge-platform/packages/first-input-delay-0.1.3/ 		699 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2d1a1b3wf59e4.cloudfront.net/bridge-platform/packages/first-input-delay-0.1.3/first-input-delay.min.js
Requested by
Host: oneportallxp.bridgeapp.com
URL: https://oneportallxp.bridgeapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:9800:1:26e7:7300:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdbd9081579643322c5627a6b8c67e302a6364a782c0acf12ad9c38c3630d738

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://oneportallxp.bridgeapp.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 01:54:52 GMT
x-amz-version-id
4NeHOQPeKxKejytTe3cF9uo_AOML.09b
via
1.1 3544838dca6112dd616da017a568e76a.cloudfront.net (CloudFront)
last-modified
Wed, 07 Feb 2024 17:07:56 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
31542
etag
"5718f26f0481b4043a85d9b0cac2193d"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=604800
accept-ranges
bytes
content-length
699
x-amz-cf-id
UH5u8Uo3Qf4QGic06xNCWzUZNHNP0Qo-F5OJ1HcpYcxrtvTgto8Hgg==
32.a77d6ea0a9f2d4471ca7.js
d2d1a1b3wf59e4.cloudfront.net/bridge-platform/ 		272 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2d1a1b3wf59e4.cloudfront.net/bridge-platform/32.a77d6ea0a9f2d4471ca7.js
Requested by
Host: oneportallxp.bridgeapp.com
URL: https://oneportallxp.bridgeapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:9800:1:26e7:7300:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
396960d3ea301c8078c348be345431583000e5e1ec9795f53157b654ff002a6c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://oneportallxp.bridgeapp.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
nynJ.VZzZ4gOELuzQvD61Xt2p5p5sQri
content-encoding
gzip
via
1.1 3544838dca6112dd616da017a568e76a.cloudfront.net (CloudFront)
date
Tue, 30 Apr 2024 01:20:17 GMT
last-modified
Wed, 07 Feb 2024 17:07:54 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
33617
x-amz-server-side-encryption
AES256
etag
W/"bfb402756dcb2d1741c9e25e9b03f49d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
jBx2_b2zVRZNTXzijmlKjW27upLDza5nlT6BSnvWSdh9JyJLYj0New==
tapestry.6b55b9f8a4cc611a5b22.js
d2d1a1b3wf59e4.cloudfront.net/bridge-platform/ 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2d1a1b3wf59e4.cloudfront.net/bridge-platform/tapestry.6b55b9f8a4cc611a5b22.js
Requested by
Host: oneportallxp.bridgeapp.com
URL: https://oneportallxp.bridgeapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:9800:1:26e7:7300:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f8ac3fcb5ae6bdd7b4337ae6caebedb3796077f6cc5493a6dee88376d168faab

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://oneportallxp.bridgeapp.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
FWVLR8GteEHsFWwobQW3X0FRyKUx_px5
content-encoding
gzip
via
1.1 3544838dca6112dd616da017a568e76a.cloudfront.net (CloudFront)
date
Tue, 30 Apr 2024 02:25:21 GMT
last-modified
Wed, 07 Feb 2024 17:07:56 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
29713
x-amz-server-side-encryption
AES256
etag
W/"060f7adbd2c5faadfa5bf7bd3947be56"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
cxgGXpVMFPFvs5eIPlIkZMkEkEagIcHXLrCHF_l6o6tanpzDKYtnzg==
feature_flags
oneportallxp.bridgeapp.com/api/ 		8 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oneportallxp.bridgeapp.com/api/feature_flags
Requested by
Host: d2d1a1b3wf59e4.cloudfront.net
URL: https://d2d1a1b3wf59e4.cloudfront.net/bridge-platform/tapestry.6b55b9f8a4cc611a5b22.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.132.202.58 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-132-202-58.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
5d8ad067c503875460461420dd34da53adf6cf134c4ca6a21e8182eb624321d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
undefined
X-SSO-CSRF
undefined
Accept
application/json, text/plain, */*
Referer
https://oneportallxp.bridgeapp.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 10:40:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
c19b115a-7961-4b23-8c89-699be985ec5e
x-runtime
0.033255
referrer-policy
strict-origin-when-cross-origin
server
nginx
etag
W/"5d8ad067c503875460461420dd34da53"
x-bsr-version
v0.2.5
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
max-age=0, private, must-revalidate
/
dw8xk2vy8bp77.cloudfront.net/ 		59 KB
59 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dw8xk2vy8bp77.cloudfront.net/
Requested by
Host: d2d1a1b3wf59e4.cloudfront.net
URL: https://d2d1a1b3wf59e4.cloudfront.net/bridge-platform/tapestry.6b55b9f8a4cc611a5b22.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275b:8800:1e:9da5:14c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://oneportallxp.bridgeapp.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 30 Apr 2024 09:52:24 GMT
Via
1.1 b08e1d433d62b5ab056680968a8cc7ea.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
FRA60-P7
Age
2889
X-Cache
Hit from cloudfront
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
59995
X-Amz-Cf-Id
H99m5oJIV8dzG8w9OltLZtrZk4-73xkINjyyAFgjN6683dJuc667lg==
self
oneportallxp.bridgeapp.com/sso/users/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://oneportallxp.bridgeapp.com/sso/users/self?timestamp=1714473633733
Requested by
Host: d2d1a1b3wf59e4.cloudfront.net
URL: https://d2d1a1b3wf59e4.cloudfront.net/bridge-platform/32.a77d6ea0a9f2d4471ca7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.132.202.58 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-132-202-58.us-east-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://oneportallxp.bridgeapp.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 10:40:33 GMT
content-length
0
x-bsr-version
v0.2.5
favicon.75107650.ico
d2d1a1b3wf59e4.cloudfront.net/bridge-platform/ 		9 KB
10 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://d2d1a1b3wf59e4.cloudfront.net/bridge-platform/favicon.75107650.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:9800:1:26e7:7300:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9e78986b79b25b5371eb93d4ffb81f6a3389e70192d37a6fc77ef6c3a54bbe76

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://oneportallxp.bridgeapp.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
lh3kSeT6PghClkBRHuJaR0Elma_Q3vdi
date
Tue, 30 Apr 2024 01:24:54 GMT
via
1.1 3544838dca6112dd616da017a568e76a.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
33340
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
9662
last-modified
Wed, 07 Feb 2024 17:07:55 GMT
server
AmazonS3
etag
"5dc70b67a7ab753a1339130a69b4f2b5"
vary
Accept-Encoding
content-type
image/vnd.microsoft.icon
cache-control
max-age=604800
accept-ranges
bytes
x-amz-cf-id
sQ56YAao0Eu3XYJSECB64rGtuY5qsWZwc_-r_jAiNI9SJL26MUfPpQ==
favicon-32x32.1a57b7f3.png
d2d1a1b3wf59e4.cloudfront.net/bridge-platform/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://d2d1a1b3wf59e4.cloudfront.net/bridge-platform/favicon-32x32.1a57b7f3.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:9800:1:26e7:7300:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d34d7a4271c2bfed1587246bc0a2c5fb704feae5d620ef1753e81de1c7d78f93

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://oneportallxp.bridgeapp.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 03:20:10 GMT
x-amz-version-id
Apt570OY.1XDp95dc7FzG0euScwrRbQ7
via
1.1 3544838dca6112dd616da017a568e76a.cloudfront.net (CloudFront)
last-modified
Wed, 07 Feb 2024 17:07:55 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
26424
etag
"c1c6796495ddb6aa9d543a945dc12f82"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
1255
x-amz-cf-id
25jwxkMFhhslOLYZ1xZ-_lOdUJDBrHrcRy_Eu6w8fLWD9G5_zGh63g==
Primary Request login.jsp
login.inbcu.com/login/
Redirect Chain
  • https://oneportallxp.bridgeapp.com/sso/authmonger/login?location=%2F
  • https://auth.bridgeapp.com/oauth2/authorize?client_id=257b485a-c779-4fee-8cdd-c04630b1ddba&redirect_uri=https%3A%2F%2Foneportallxp.bridgeapp.com%2Fsso%2Fauthmonger%2Fauthorize&response_type=code&st...
  • https://fss.inbcu.com/fss/idp/SSO.saml2?SAMLRequest=jVLBbpwwFPwV5LvBgLOLrWWjbaOokVJlFUgPuUQP2yRWwVA%2Fs2r%2FvoTdVdPLtsdnz5vxzHhz%2FbPvooPxaAdXkjRmJDJODdq615I81be0INfbDULfZaPcTeHNPZofk8EQzYsO5fGmJJN...
  • https://ssoapp.inbcu.com/smpadapter/allgroupurl.jsp?resume=/fss/idp/rTlkiA10Sa/resumeSAML20/idp/SSO.ping&spentity=https://auth.bridgeapp.com/saml/metadata/da98f19a-1c31-4416-9ba8-93df89d79546
  • https://login.inbcu.com/login/login.jsp?TYPE=33554433&REALMOID=06-000d56e9-fa73-1cdd-b904-451d6475f045&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=RQKccLcMprYPqjFTCoTfY0v4Zz7Z8rTefpng0g1kZrxaLipEuR...
9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.inbcu.com/login/login.jsp?TYPE=33554433&REALMOID=06-000d56e9-fa73-1cdd-b904-451d6475f045&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=RQKccLcMprYPqjFTCoTfY0v4Zz7Z8rTefpng0g1kZrxaLipEuRiw16SHzM7DmnGz&TARGET=-SM-HTTPS%3a%2f%2fssoapp%2einbcu%2ecom%2fsmpadapter%2fallgroupurl%2ejsp%3fresume%3d%2ffss%2fidp%2frTlkiA10Sa%2fresumeSAML20%2fidp%2fSSO%2eping%26spentity%3dhttps%3a%2f%2fauth%2ebridgeapp%2ecom%2fsaml%2fmetadata%2fda98f19a--1c31--4416--9ba8--93df89d79546
Requested by
Host: d2d1a1b3wf59e4.cloudfront.net
URL: https://d2d1a1b3wf59e4.cloudfront.net/bridge-platform/tapestry.6b55b9f8a4cc611a5b22.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.228.145.65 New York, United States, ASN54040 (NBCUNI, US),
Reverse DNS
Software
JBoss-EAP/7 / Undertow/1 JSP/2.3
Resource Hash
bb573c2e7c5189b7ac87ea9c54c8572abac38fc14192eeb93e820138a295b19e
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=7776000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
https://oneportallxp.bridgeapp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
no-store
Connection
Keep-Alive
Content-Encoding
gzip
Content-Security-Policy
script-src 'self' 'unsafe-inline'
Content-Type
text/html;charset=utf-8
Date
Tue, 30 Apr 2024 10:40:36 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=5, max=100
Pragma
no-cache
Server
JBoss-EAP/7
Strict-Transport-Security
max-age=7776000; includeSubdomains
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-Permitted-Cross-Domain-Policies
none
X-Powered-By
Undertow/1 JSP/2.3
X-XSS-Protection
1

Redirect headers

Cache-Control
no-store
Connection
Keep-Alive
Content-Length
680
Content-Type
text/html; charset=iso-8859-1
Date
Tue, 30 Apr 2024 10:40:36 GMT
Keep-Alive
timeout=5, max=100
Location
https://login.inbcu.com/login/login.jsp?TYPE=33554433&REALMOID=06-000d56e9-fa73-1cdd-b904-451d6475f045&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=RQKccLcMprYPqjFTCoTfY0v4Zz7Z8rTefpng0g1kZrxaLipEuRiw16SHzM7DmnGz&TARGET=-SM-HTTPS%3a%2f%2fssoapp%2einbcu%2ecom%2fsmpadapter%2fallgroupurl%2ejsp%3fresume%3d%2ffss%2fidp%2frTlkiA10Sa%2fresumeSAML20%2fidp%2fSSO%2eping%26spentity%3dhttps%3a%2f%2fauth%2ebridgeapp%2ecom%2fsaml%2fmetadata%2fda98f19a--1c31--4416--9ba8--93df89d79546
Server
Apache
style.css
login.inbcu.com/login/css/ 		35 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login.inbcu.com/login/css/style.css?1412024763
Requested by
Host: login.inbcu.com
URL: https://login.inbcu.com/login/login.jsp?TYPE=33554433&REALMOID=06-000d56e9-fa73-1cdd-b904-451d6475f045&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=RQKccLcMprYPqjFTCoTfY0v4Zz7Z8rTefpng0g1kZrxaLipEuRiw16SHzM7DmnGz&TARGET=-SM-HTTPS%3a%2f%2fssoapp%2einbcu%2ecom%2fsmpadapter%2fallgroupurl%2ejsp%3fresume%3d%2ffss%2fidp%2frTlkiA10Sa%2fresumeSAML20%2fidp%2fSSO%2eping%26spentity%3dhttps%3a%2f%2fauth%2ebridgeapp%2ecom%2fsaml%2fmetadata%2fda98f19a--1c31--4416--9ba8--93df89d79546
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.228.145.65 New York, United States, ASN54040 (NBCUNI, US),
Reverse DNS
Software
JBoss-EAP/7 / Undertow/1
Resource Hash
22fa6a139883f95204d2aa2cb090fd952cb8c9e0e25b1aef9a045a9153fdaf74
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubdomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://login.inbcu.com/login/login.jsp?TYPE=33554433&REALMOID=06-000d56e9-fa73-1cdd-b904-451d6475f045&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=RQKccLcMprYPqjFTCoTfY0v4Zz7Z8rTefpng0g1kZrxaLipEuRiw16SHzM7DmnGz&TARGET=-SM-HTTPS%3a%2f%2fssoapp%2einbcu%2ecom%2fsmpadapter%2fallgroupurl%2ejsp%3fresume%3d%2ffss%2fidp%2frTlkiA10Sa%2fresumeSAML20%2fidp%2fSSO%2eping%26spentity%3dhttps%3a%2f%2fauth%2ebridgeapp%2ecom%2fsaml%2fmetadata%2fda98f19a--1c31--4416--9ba8--93df89d79546
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 30 Apr 2024 10:40:36 GMT
Strict-Transport-Security
max-age=7776000; includeSubdomains
Content-Encoding
gzip
Last-Modified
Thu, 13 Aug 2020 13:11:23 GMT
Server
JBoss-EAP/7
X-Powered-By
Undertow/1
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
5101
font-style.css
login.inbcu.com/login/css/ 		401 B
736 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login.inbcu.com/login/css/font-style.css?1412024763
Requested by
Host: login.inbcu.com
URL: https://login.inbcu.com/login/login.jsp?TYPE=33554433&REALMOID=06-000d56e9-fa73-1cdd-b904-451d6475f045&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=RQKccLcMprYPqjFTCoTfY0v4Zz7Z8rTefpng0g1kZrxaLipEuRiw16SHzM7DmnGz&TARGET=-SM-HTTPS%3a%2f%2fssoapp%2einbcu%2ecom%2fsmpadapter%2fallgroupurl%2ejsp%3fresume%3d%2ffss%2fidp%2frTlkiA10Sa%2fresumeSAML20%2fidp%2fSSO%2eping%26spentity%3dhttps%3a%2f%2fauth%2ebridgeapp%2ecom%2fsaml%2fmetadata%2fda98f19a--1c31--4416--9ba8--93df89d79546
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.228.145.65 New York, United States, ASN54040 (NBCUNI, US),
Reverse DNS
Software
JBoss-EAP/7 / Undertow/1
Resource Hash
1354903ab12c84206aaee6fd1df1392e9e8b9327c1fb169e7786ea26110b9e41
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubdomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://login.inbcu.com/login/login.jsp?TYPE=33554433&REALMOID=06-000d56e9-fa73-1cdd-b904-451d6475f045&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=RQKccLcMprYPqjFTCoTfY0v4Zz7Z8rTefpng0g1kZrxaLipEuRiw16SHzM7DmnGz&TARGET=-SM-HTTPS%3a%2f%2fssoapp%2einbcu%2ecom%2fsmpadapter%2fallgroupurl%2ejsp%3fresume%3d%2ffss%2fidp%2frTlkiA10Sa%2fresumeSAML20%2fidp%2fSSO%2eping%26spentity%3dhttps%3a%2f%2fauth%2ebridgeapp%2ecom%2fsaml%2fmetadata%2fda98f19a--1c31--4416--9ba8--93df89d79546
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 30 Apr 2024 10:40:37 GMT
Strict-Transport-Security
max-age=7776000; includeSubdomains
Content-Encoding
gzip
Last-Modified
Thu, 13 Aug 2020 13:11:23 GMT
Server
JBoss-EAP/7
X-Powered-By
Undertow/1
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
190
jquery-3.4.0.min.js
login.inbcu.com/login/js/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.inbcu.com/login/js/jquery-3.4.0.min.js
Requested by
Host: login.inbcu.com
URL: https://login.inbcu.com/login/login.jsp?TYPE=33554433&REALMOID=06-000d56e9-fa73-1cdd-b904-451d6475f045&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=RQKccLcMprYPqjFTCoTfY0v4Zz7Z8rTefpng0g1kZrxaLipEuRiw16SHzM7DmnGz&TARGET=-SM-HTTPS%3a%2f%2fssoapp%2einbcu%2ecom%2fsmpadapter%2fallgroupurl%2ejsp%3fresume%3d%2ffss%2fidp%2frTlkiA10Sa%2fresumeSAML20%2fidp%2fSSO%2eping%26spentity%3dhttps%3a%2f%2fauth%2ebridgeapp%2ecom%2fsaml%2fmetadata%2fda98f19a--1c31--4416--9ba8--93df89d79546
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.228.145.65 New York, United States, ASN54040 (NBCUNI, US),
Reverse DNS
Software
JBoss-EAP/7 / Undertow/1
Resource Hash
0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubdomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://login.inbcu.com/login/login.jsp?TYPE=33554433&REALMOID=06-000d56e9-fa73-1cdd-b904-451d6475f045&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=RQKccLcMprYPqjFTCoTfY0v4Zz7Z8rTefpng0g1kZrxaLipEuRiw16SHzM7DmnGz&TARGET=-SM-HTTPS%3a%2f%2fssoapp%2einbcu%2ecom%2fsmpadapter%2fallgroupurl%2ejsp%3fresume%3d%2ffss%2fidp%2frTlkiA10Sa%2fresumeSAML20%2fidp%2fSSO%2eping%26spentity%3dhttps%3a%2f%2fauth%2ebridgeapp%2ecom%2fsaml%2fmetadata%2fda98f19a--1c31--4416--9ba8--93df89d79546
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 30 Apr 2024 10:40:37 GMT
Strict-Transport-Security
max-age=7776000; includeSubdomains
Content-Encoding
gzip
Last-Modified
Thu, 13 Aug 2020 13:24:28 GMT
Server
JBoss-EAP/7
X-Powered-By
Undertow/1
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
30668
edaes.js
login.inbcu.com/login/js/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.inbcu.com/login/js/edaes.js
Requested by
Host: login.inbcu.com
URL: https://login.inbcu.com/login/login.jsp?TYPE=33554433&REALMOID=06-000d56e9-fa73-1cdd-b904-451d6475f045&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=RQKccLcMprYPqjFTCoTfY0v4Zz7Z8rTefpng0g1kZrxaLipEuRiw16SHzM7DmnGz&TARGET=-SM-HTTPS%3a%2f%2fssoapp%2einbcu%2ecom%2fsmpadapter%2fallgroupurl%2ejsp%3fresume%3d%2ffss%2fidp%2frTlkiA10Sa%2fresumeSAML20%2fidp%2fSSO%2eping%26spentity%3dhttps%3a%2f%2fauth%2ebridgeapp%2ecom%2fsaml%2fmetadata%2fda98f19a--1c31--4416--9ba8--93df89d79546
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.228.145.65 New York, United States, ASN54040 (NBCUNI, US),
Reverse DNS
Software
JBoss-EAP/7 / Undertow/1
Resource Hash
bfb6615897075678bc818e1a6d845d766dd4616a08d2dca9183a1147501c0812
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubdomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://login.inbcu.com/login/login.jsp?TYPE=33554433&REALMOID=06-000d56e9-fa73-1cdd-b904-451d6475f045&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=RQKccLcMprYPqjFTCoTfY0v4Zz7Z8rTefpng0g1kZrxaLipEuRiw16SHzM7DmnGz&TARGET=-SM-HTTPS%3a%2f%2fssoapp%2einbcu%2ecom%2fsmpadapter%2fallgroupurl%2ejsp%3fresume%3d%2ffss%2fidp%2frTlkiA10Sa%2fresumeSAML20%2fidp%2fSSO%2eping%26spentity%3dhttps%3a%2f%2fauth%2ebridgeapp%2ecom%2fsaml%2fmetadata%2fda98f19a--1c31--4416--9ba8--93df89d79546
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 30 Apr 2024 10:40:37 GMT
Strict-Transport-Security
max-age=7776000; includeSubdomains
Content-Encoding
gzip
Last-Modified
Thu, 13 Aug 2020 13:24:28 GMT
Server
JBoss-EAP/7
X-Powered-By
Undertow/1
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
login.js
login.inbcu.com/login/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.inbcu.com/login/js/login.js
Requested by
Host: login.inbcu.com
URL: https://login.inbcu.com/login/login.jsp?TYPE=33554433&REALMOID=06-000d56e9-fa73-1cdd-b904-451d6475f045&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=RQKccLcMprYPqjFTCoTfY0v4Zz7Z8rTefpng0g1kZrxaLipEuRiw16SHzM7DmnGz&TARGET=-SM-HTTPS%3a%2f%2fssoapp%2einbcu%2ecom%2fsmpadapter%2fallgroupurl%2ejsp%3fresume%3d%2ffss%2fidp%2frTlkiA10Sa%2fresumeSAML20%2fidp%2fSSO%2eping%26spentity%3dhttps%3a%2f%2fauth%2ebridgeapp%2ecom%2fsaml%2fmetadata%2fda98f19a--1c31--4416--9ba8--93df89d79546
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.228.145.65 New York, United States, ASN54040 (NBCUNI, US),
Reverse DNS
Software
JBoss-EAP/7 / Undertow/1
Resource Hash
0e4509612b8d3db2e3f9ad57df6565154ecfb6531b07bdd726b73a28cfccfb66
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubdomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://login.inbcu.com/login/login.jsp?TYPE=33554433&REALMOID=06-000d56e9-fa73-1cdd-b904-451d6475f045&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=RQKccLcMprYPqjFTCoTfY0v4Zz7Z8rTefpng0g1kZrxaLipEuRiw16SHzM7DmnGz&TARGET=-SM-HTTPS%3a%2f%2fssoapp%2einbcu%2ecom%2fsmpadapter%2fallgroupurl%2ejsp%3fresume%3d%2ffss%2fidp%2frTlkiA10Sa%2fresumeSAML20%2fidp%2fSSO%2eping%26spentity%3dhttps%3a%2f%2fauth%2ebridgeapp%2ecom%2fsaml%2fmetadata%2fda98f19a--1c31--4416--9ba8--93df89d79546
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 30 Apr 2024 10:40:37 GMT
Strict-Transport-Security
max-age=7776000; includeSubdomains
Content-Encoding
gzip
Last-Modified
Tue, 13 Feb 2024 16:20:15 GMT
Server
JBoss-EAP/7
X-Powered-By
Undertow/1
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
modernizr.js
login.inbcu.com/login/js/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.inbcu.com/login/js/modernizr.js
Requested by
Host: login.inbcu.com
URL: https://login.inbcu.com/login/login.jsp?TYPE=33554433&REALMOID=06-000d56e9-fa73-1cdd-b904-451d6475f045&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=RQKccLcMprYPqjFTCoTfY0v4Zz7Z8rTefpng0g1kZrxaLipEuRiw16SHzM7DmnGz&TARGET=-SM-HTTPS%3a%2f%2fssoapp%2einbcu%2ecom%2fsmpadapter%2fallgroupurl%2ejsp%3fresume%3d%2ffss%2fidp%2frTlkiA10Sa%2fresumeSAML20%2fidp%2fSSO%2eping%26spentity%3dhttps%3a%2f%2fauth%2ebridgeapp%2ecom%2fsaml%2fmetadata%2fda98f19a--1c31--4416--9ba8--93df89d79546
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.228.145.65 New York, United States, ASN54040 (NBCUNI, US),
Reverse DNS
Software
JBoss-EAP/7 / Undertow/1
Resource Hash
6a5777984d2f574cb4207453759b7cc8af3bd75f24e90b5ceb55fc12b9a93e22
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubdomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://login.inbcu.com/login/login.jsp?TYPE=33554433&REALMOID=06-000d56e9-fa73-1cdd-b904-451d6475f045&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=RQKccLcMprYPqjFTCoTfY0v4Zz7Z8rTefpng0g1kZrxaLipEuRiw16SHzM7DmnGz&TARGET=-SM-HTTPS%3a%2f%2fssoapp%2einbcu%2ecom%2fsmpadapter%2fallgroupurl%2ejsp%3fresume%3d%2ffss%2fidp%2frTlkiA10Sa%2fresumeSAML20%2fidp%2fSSO%2eping%26spentity%3dhttps%3a%2f%2fauth%2ebridgeapp%2ecom%2fsaml%2fmetadata%2fda98f19a--1c31--4416--9ba8--93df89d79546
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 30 Apr 2024 10:40:37 GMT
Strict-Transport-Security
max-age=7776000; includeSubdomains
Content-Encoding
gzip
Last-Modified
Thu, 13 Aug 2020 13:24:28 GMT
Server
JBoss-EAP/7
X-Powered-By
Undertow/1
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
3976
jquery.backgroundSize.js
login.inbcu.com/login/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.inbcu.com/login/js/jquery.backgroundSize.js
Requested by
Host: login.inbcu.com
URL: https://login.inbcu.com/login/login.jsp?TYPE=33554433&REALMOID=06-000d56e9-fa73-1cdd-b904-451d6475f045&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=RQKccLcMprYPqjFTCoTfY0v4Zz7Z8rTefpng0g1kZrxaLipEuRiw16SHzM7DmnGz&TARGET=-SM-HTTPS%3a%2f%2fssoapp%2einbcu%2ecom%2fsmpadapter%2fallgroupurl%2ejsp%3fresume%3d%2ffss%2fidp%2frTlkiA10Sa%2fresumeSAML20%2fidp%2fSSO%2eping%26spentity%3dhttps%3a%2f%2fauth%2ebridgeapp%2ecom%2fsaml%2fmetadata%2fda98f19a--1c31--4416--9ba8--93df89d79546
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.228.145.65 New York, United States, ASN54040 (NBCUNI, US),
Reverse DNS
Software
JBoss-EAP/7 / Undertow/1
Resource Hash
e2f033c9dae3a2b58485991f580358260c2e0b124ca23f7e1b7e1175618055cb
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubdomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://login.inbcu.com/login/login.jsp?TYPE=33554433&REALMOID=06-000d56e9-fa73-1cdd-b904-451d6475f045&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=RQKccLcMprYPqjFTCoTfY0v4Zz7Z8rTefpng0g1kZrxaLipEuRiw16SHzM7DmnGz&TARGET=-SM-HTTPS%3a%2f%2fssoapp%2einbcu%2ecom%2fsmpadapter%2fallgroupurl%2ejsp%3fresume%3d%2ffss%2fidp%2frTlkiA10Sa%2fresumeSAML20%2fidp%2fSSO%2eping%26spentity%3dhttps%3a%2f%2fauth%2ebridgeapp%2ecom%2fsaml%2fmetadata%2fda98f19a--1c31--4416--9ba8--93df89d79546
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 30 Apr 2024 10:40:37 GMT
Strict-Transport-Security
max-age=7776000; includeSubdomains
Content-Encoding
gzip
Last-Modified
Thu, 13 Aug 2020 13:24:28 GMT
Server
JBoss-EAP/7
X-Powered-By
Undertow/1
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
2610
Lock_icon3_2x.png
login.inbcu.com/login/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.inbcu.com/login/images/Lock_icon3_2x.png
Requested by
Host: login.inbcu.com
URL: https://login.inbcu.com/login/login.jsp?TYPE=33554433&REALMOID=06-000d56e9-fa73-1cdd-b904-451d6475f045&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=RQKccLcMprYPqjFTCoTfY0v4Zz7Z8rTefpng0g1kZrxaLipEuRiw16SHzM7DmnGz&TARGET=-SM-HTTPS%3a%2f%2fssoapp%2einbcu%2ecom%2fsmpadapter%2fallgroupurl%2ejsp%3fresume%3d%2ffss%2fidp%2frTlkiA10Sa%2fresumeSAML20%2fidp%2fSSO%2eping%26spentity%3dhttps%3a%2f%2fauth%2ebridgeapp%2ecom%2fsaml%2fmetadata%2fda98f19a--1c31--4416--9ba8--93df89d79546
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.228.145.65 New York, United States, ASN54040 (NBCUNI, US),
Reverse DNS
Software
JBoss-EAP/7 / Undertow/1
Resource Hash
9ed4344c47fadd4147f63f1aa3499dde64174a7e3a390c38978b408d70b67e6a
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubdomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://login.inbcu.com/login/login.jsp?TYPE=33554433&REALMOID=06-000d56e9-fa73-1cdd-b904-451d6475f045&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=RQKccLcMprYPqjFTCoTfY0v4Zz7Z8rTefpng0g1kZrxaLipEuRiw16SHzM7DmnGz&TARGET=-SM-HTTPS%3a%2f%2fssoapp%2einbcu%2ecom%2fsmpadapter%2fallgroupurl%2ejsp%3fresume%3d%2ffss%2fidp%2frTlkiA10Sa%2fresumeSAML20%2fidp%2fSSO%2eping%26spentity%3dhttps%3a%2f%2fauth%2ebridgeapp%2ecom%2fsaml%2fmetadata%2fda98f19a--1c31--4416--9ba8--93df89d79546
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 30 Apr 2024 10:40:37 GMT
Strict-Transport-Security
max-age=7776000; includeSubdomains
Content-Encoding
gzip
Last-Modified
Thu, 13 Aug 2020 13:24:28 GMT
Server
JBoss-EAP/7
X-Powered-By
Undertow/1
Vary
Accept-Encoding
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1226
Check_Circle_blank.png
login.inbcu.com/login/images/ 		531 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.inbcu.com/login/images/Check_Circle_blank.png
Requested by
Host: login.inbcu.com
URL: https://login.inbcu.com/login/login.jsp?TYPE=33554433&REALMOID=06-000d56e9-fa73-1cdd-b904-451d6475f045&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=RQKccLcMprYPqjFTCoTfY0v4Zz7Z8rTefpng0g1kZrxaLipEuRiw16SHzM7DmnGz&TARGET=-SM-HTTPS%3a%2f%2fssoapp%2einbcu%2ecom%2fsmpadapter%2fallgroupurl%2ejsp%3fresume%3d%2ffss%2fidp%2frTlkiA10Sa%2fresumeSAML20%2fidp%2fSSO%2eping%26spentity%3dhttps%3a%2f%2fauth%2ebridgeapp%2ecom%2fsaml%2fmetadata%2fda98f19a--1c31--4416--9ba8--93df89d79546
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.228.145.65 New York, United States, ASN54040 (NBCUNI, US),
Reverse DNS
Software
JBoss-EAP/7 / Undertow/1
Resource Hash
5d6760573a80d40908e6ee61a7c952da6c6ecd66412f78fdf1d19e31e21fb51d
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubdomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://login.inbcu.com/login/login.jsp?TYPE=33554433&REALMOID=06-000d56e9-fa73-1cdd-b904-451d6475f045&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=RQKccLcMprYPqjFTCoTfY0v4Zz7Z8rTefpng0g1kZrxaLipEuRiw16SHzM7DmnGz&TARGET=-SM-HTTPS%3a%2f%2fssoapp%2einbcu%2ecom%2fsmpadapter%2fallgroupurl%2ejsp%3fresume%3d%2ffss%2fidp%2frTlkiA10Sa%2fresumeSAML20%2fidp%2fSSO%2eping%26spentity%3dhttps%3a%2f%2fauth%2ebridgeapp%2ecom%2fsaml%2fmetadata%2fda98f19a--1c31--4416--9ba8--93df89d79546
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 30 Apr 2024 10:40:37 GMT
Strict-Transport-Security
max-age=7776000; includeSubdomains
Content-Encoding
gzip
Last-Modified
Thu, 13 Aug 2020 13:24:28 GMT
Server
JBoss-EAP/7
X-Powered-By
Undertow/1
Vary
Accept-Encoding
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
554
rememberme.png
login.inbcu.com/login/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.inbcu.com/login/images/rememberme.png
Requested by
Host: login.inbcu.com
URL: https://login.inbcu.com/login/login.jsp?TYPE=33554433&REALMOID=06-000d56e9-fa73-1cdd-b904-451d6475f045&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=RQKccLcMprYPqjFTCoTfY0v4Zz7Z8rTefpng0g1kZrxaLipEuRiw16SHzM7DmnGz&TARGET=-SM-HTTPS%3a%2f%2fssoapp%2einbcu%2ecom%2fsmpadapter%2fallgroupurl%2ejsp%3fresume%3d%2ffss%2fidp%2frTlkiA10Sa%2fresumeSAML20%2fidp%2fSSO%2eping%26spentity%3dhttps%3a%2f%2fauth%2ebridgeapp%2ecom%2fsaml%2fmetadata%2fda98f19a--1c31--4416--9ba8--93df89d79546
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.228.145.65 New York, United States, ASN54040 (NBCUNI, US),
Reverse DNS
Software
JBoss-EAP/7 / Undertow/1
Resource Hash
ffa0cc8b2563e8b15e606584fb72212f057d1722fd187ae709dcac5691251af8
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubdomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://login.inbcu.com/login/login.jsp?TYPE=33554433&REALMOID=06-000d56e9-fa73-1cdd-b904-451d6475f045&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=RQKccLcMprYPqjFTCoTfY0v4Zz7Z8rTefpng0g1kZrxaLipEuRiw16SHzM7DmnGz&TARGET=-SM-HTTPS%3a%2f%2fssoapp%2einbcu%2ecom%2fsmpadapter%2fallgroupurl%2ejsp%3fresume%3d%2ffss%2fidp%2frTlkiA10Sa%2fresumeSAML20%2fidp%2fSSO%2eping%26spentity%3dhttps%3a%2f%2fauth%2ebridgeapp%2ecom%2fsaml%2fmetadata%2fda98f19a--1c31--4416--9ba8--93df89d79546
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 30 Apr 2024 10:40:37 GMT
Strict-Transport-Security
max-age=7776000; includeSubdomains
Content-Encoding
gzip
Last-Modified
Thu, 13 Aug 2020 13:24:28 GMT
Server
JBoss-EAP/7
X-Powered-By
Undertow/1
Vary
Accept-Encoding
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
1098
ie8.js
login.inbcu.com/login/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.inbcu.com/login/js/ie8.js
Requested by
Host: login.inbcu.com
URL: https://login.inbcu.com/login/login.jsp?TYPE=33554433&REALMOID=06-000d56e9-fa73-1cdd-b904-451d6475f045&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=RQKccLcMprYPqjFTCoTfY0v4Zz7Z8rTefpng0g1kZrxaLipEuRiw16SHzM7DmnGz&TARGET=-SM-HTTPS%3a%2f%2fssoapp%2einbcu%2ecom%2fsmpadapter%2fallgroupurl%2ejsp%3fresume%3d%2ffss%2fidp%2frTlkiA10Sa%2fresumeSAML20%2fidp%2fSSO%2eping%26spentity%3dhttps%3a%2f%2fauth%2ebridgeapp%2ecom%2fsaml%2fmetadata%2fda98f19a--1c31--4416--9ba8--93df89d79546
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.228.145.65 New York, United States, ASN54040 (NBCUNI, US),
Reverse DNS
Software
JBoss-EAP/7 / Undertow/1
Resource Hash
4509a82184a9fe6370cdf7a2526943c285f178c20e33453829c0888648609960
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubdomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://login.inbcu.com/login/login.jsp?TYPE=33554433&REALMOID=06-000d56e9-fa73-1cdd-b904-451d6475f045&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=RQKccLcMprYPqjFTCoTfY0v4Zz7Z8rTefpng0g1kZrxaLipEuRiw16SHzM7DmnGz&TARGET=-SM-HTTPS%3a%2f%2fssoapp%2einbcu%2ecom%2fsmpadapter%2fallgroupurl%2ejsp%3fresume%3d%2ffss%2fidp%2frTlkiA10Sa%2fresumeSAML20%2fidp%2fSSO%2eping%26spentity%3dhttps%3a%2f%2fauth%2ebridgeapp%2ecom%2fsaml%2fmetadata%2fda98f19a--1c31--4416--9ba8--93df89d79546
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 30 Apr 2024 10:40:37 GMT
Strict-Transport-Security
max-age=7776000; includeSubdomains
Content-Encoding
gzip
Last-Modified
Thu, 13 Aug 2020 13:24:28 GMT
Server
JBoss-EAP/7
X-Powered-By
Undertow/1
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=92
Content-Length
629
background2.jpg
login.inbcu.com/login/images/ 		55 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.inbcu.com/login/images/background2.jpg
Requested by
Host: login.inbcu.com
URL: https://login.inbcu.com/login/css/style.css?1412024763
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.228.145.65 New York, United States, ASN54040 (NBCUNI, US),
Reverse DNS
Software
JBoss-EAP/7 / Undertow/1
Resource Hash
e06d8ae32c691fadfeea67e7c43e501e11c0e6e68101c1cdc6590b8610393fe0
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubdomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://login.inbcu.com/login/css/style.css?1412024763
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 30 Apr 2024 10:40:37 GMT
Strict-Transport-Security
max-age=7776000; includeSubdomains
Content-Encoding
gzip
Last-Modified
Thu, 13 Aug 2020 13:24:28 GMT
Server
JBoss-EAP/7
X-Powered-By
Undertow/1
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
NBCUniversal_Logo3.png
login.inbcu.com/login/images/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.inbcu.com/login/images/NBCUniversal_Logo3.png
Requested by
Host: login.inbcu.com
URL: https://login.inbcu.com/login/css/style.css?1412024763
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.228.145.65 New York, United States, ASN54040 (NBCUNI, US),
Reverse DNS
Software
JBoss-EAP/7 / Undertow/1
Resource Hash
3c8d263ccf2c490be908bc20260485c2d52754d6a924a880039152857ea16196
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubdomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://login.inbcu.com/login/css/style.css?1412024763
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 30 Apr 2024 10:40:37 GMT
Strict-Transport-Security
max-age=7776000; includeSubdomains
Content-Encoding
gzip
Last-Modified
Thu, 13 Aug 2020 13:24:28 GMT
Server
JBoss-EAP/7
X-Powered-By
Undertow/1
Vary
Accept-Encoding
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
10374
Rock-SansNormal.woff2
login.inbcu.com/login/fonts/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://login.inbcu.com/login/fonts/Rock-SansNormal.woff2
Requested by
Host: login.inbcu.com
URL: https://login.inbcu.com/login/css/font-style.css?1412024763
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.228.145.65 New York, United States, ASN54040 (NBCUNI, US),
Reverse DNS
Software
JBoss-EAP/7 / Undertow/1
Resource Hash
1d1049f1a69fd00a00db1626f02a41a8241ccc23b18409f74f5f7c52e0d74372
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubdomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://login.inbcu.com/login/css/font-style.css?1412024763
Origin
https://login.inbcu.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 30 Apr 2024 10:40:37 GMT
Strict-Transport-Security
max-age=7776000; includeSubdomains
Last-Modified
Thu, 13 Aug 2020 13:24:28 GMT
Server
JBoss-EAP/7
X-Powered-By
Undertow/1
Content-Type
application/octet-stream
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
13292
favicon.ico
login.inbcu.com/ 		209 B
828 B 		Other
General
Check archive.org
Download Go to
Full URL
https://login.inbcu.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.228.145.65 New York, United States, ASN54040 (NBCUNI, US),
Reverse DNS
Software
Apache /
Resource Hash
b6682cab65d3243b5b75efb7279dbf49491957484780f2ba0a87632cc0e25642
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubdomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://login.inbcu.com/login/login.jsp?TYPE=33554433&REALMOID=06-000d56e9-fa73-1cdd-b904-451d6475f045&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=RQKccLcMprYPqjFTCoTfY0v4Zz7Z8rTefpng0g1kZrxaLipEuRiw16SHzM7DmnGz&TARGET=-SM-HTTPS%3a%2f%2fssoapp%2einbcu%2ecom%2fsmpadapter%2fallgroupurl%2ejsp%3fresume%3d%2ffss%2fidp%2frTlkiA10Sa%2fresumeSAML20%2fidp%2fSSO%2eping%26spentity%3dhttps%3a%2f%2fauth%2ebridgeapp%2ecom%2fsaml%2fmetadata%2fda98f19a--1c31--4416--9ba8--93df89d79546
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 30 Apr 2024 10:40:37 GMT
Strict-Transport-Security
max-age=7776000; includeSubdomains
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=91
Content-Length
209
Content-Type
text/html; charset=iso-8859-1

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| CryptoJS string| ckDomain1 string| faqurl string| tgtURL function| validateForm function| submitMe function| saveSSOID function| clearSSOID function| sso_onload function| rememberSSOID function| setCookie function| getCookies function| deleteCookie function| eventHandler function| validateUidAndPassword function| checkNumeric function| trim function| QueryString function| QueryString_Parse function| fullScreen function| decryptValue function| encryptValue string| sso_id object| now object| expireDate function| openFAQ object| html5 object| Modernizr function| yepnope string| ie8 string| uname

11 Cookies

Domain/Path Name / Value
ssoapp.inbcu.com/smpadapter Name: f5avraaaaaaaaaaaaaaaa_session_
Value: IFAPDCEJLNJMBGMKHACHNEGHKJFGPICFNKALAPCDDHICAOPLIOPGPIBDDCBNPLNIAPDDFOKAJKMKKDHBMADAGGABFMEJDGGBCHCCGEGKLOMMMLKFJEOINPLABMNAILEM
fss.inbcu.com/fss/idp Name: f5avraaaaaaaaaaaaaaaa_session_
Value: GDAHONAODHBHAGIPCKLBLDBPPFFGOIFDGLADDMKIHICFBMNHJEAEHDBBNGKABBGGBCDDMOEPIKGDEEFHOCMAEIMDFMJKFDDFKFFNCPFJIHPJEMGMEAHLEINBPHBAJIKM
login.inbcu.com/login Name: JSESSIONID
Value: eV27atQEIXjSy_A1fc9sIsjdi_-oKtGnrNrtUzb5.eczaplp00032la
login.inbcu.com/login Name: f5_cspm
Value: 1234
login.inbcu.com/login Name: f5avraaaaaaaaaaaaaaaa_session_
Value: IOKDCHAILNOKBPJNKCMFOBFOELOEGOBECMGKNKJNBDDCFLDILNPFHMPHLIHIEIGHEGODGLEBJKLPCPGCODGADBGIFMPFJCLJANOOHILILOKAJNLPMHEDEELPMCHBLNJM
oneportallxp.bridgeapp.com/ Name: _csrf_token
Value: PPY4MUcuVUdskbwnLI3e7GPFxFwszSB%2Bv1tAvIH4wyYPkEB%2FERZgAyH1l2se2IarVqqSDhWcShDZKxnK9Z2lVQ%3D%3D
fss.inbcu.com/ Name: PF
Value: mv1c03L4Kl0QoASdpBOIt19gKZUcoJK2A6gYDa5ifFFv
fss.inbcu.com/ Name: NBCU
Value: !UlgGhLRroDsA6ZAjRHwy9hzZ5KnRbhImovrWM/CFhPsmIfFrJtlPiKbE5Vx/MwjE/2uQgWwZCBQZyZw=
ssoapp.inbcu.com/ Name: NBCU
Value: !gYL+DU2GO+bN6dxYcZ0H1OUB4Uj8Ro2k31JpEOguqwwKnpwXMM8O+3yu7YLcGWY2AFeB13DSaymH2Q==
.inbcu.com/ Name: AppUrl
Value: HTTPS%3A//ssoapp.inbcu.com/smpadapter/allgroupurl.jsp%3Fresume%3D/fss/idp/rTlkiA10Sa/resumeSAML20/idp/SSO.ping%26spentity%3Dhttps%3A//auth.bridgeapp.com/saml/metadata/da98f19a--1c31--4416--9ba8--93df89d79546
login.inbcu.com/ Name: NBCU
Value: !d4apAte1sy8YD05YcZ0H1OUB4Uj8RrcAh/CqMv5wFI+/Ex0GJ4xYjr9g3eM1CHec5O6jaWsTTBR3qA==

3 Console Messages

Source Level URL
Text
network error URL: https://oneportallxp.bridgeapp.com/sso/users/self?timestamp=1714473633733
Message:
Failed to load resource: the server responded with a status of 401 ()
recommendation verbose URL: https://login.inbcu.com/login/login.jsp?TYPE=33554433&REALMOID=06-000d56e9-fa73-1cdd-b904-451d6475f045&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=RQKccLcMprYPqjFTCoTfY0v4Zz7Z8rTefpng0g1kZrxaLipEuRiw16SHzM7DmnGz&TARGET=-SM-HTTPS%3a%2f%2fssoapp%2einbcu%2ecom%2fsmpadapter%2fallgroupurl%2ejsp%3fresume%3d%2ffss%2fidp%2frTlkiA10Sa%2fresumeSAML20%2fidp%2fSSO%2eping%26spentity%3dhttps%3a%2f%2fauth%2ebridgeapp%2ecom%2fsaml%2fmetadata%2fda98f19a--1c31--4416--9ba8--93df89d79546
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network error URL: https://login.inbcu.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auth.bridgeapp.com
d2d1a1b3wf59e4.cloudfront.net
dw8xk2vy8bp77.cloudfront.net
fss.inbcu.com
login.inbcu.com
oneportallxp.bridgeapp.com
ssoapp.inbcu.com
2600:9000:2127:9800:1:26e7:7300:21
2600:9000:275b:8800:1e:9da5:14c0:21
3.132.202.58
3.19.126.176
50.228.145.45
50.228.145.65
50.228.145.84
0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8
0e4509612b8d3db2e3f9ad57df6565154ecfb6531b07bdd726b73a28cfccfb66
1354903ab12c84206aaee6fd1df1392e9e8b9327c1fb169e7786ea26110b9e41
1d1049f1a69fd00a00db1626f02a41a8241ccc23b18409f74f5f7c52e0d74372
22fa6a139883f95204d2aa2cb090fd952cb8c9e0e25b1aef9a045a9153fdaf74
396960d3ea301c8078c348be345431583000e5e1ec9795f53157b654ff002a6c
3c8d263ccf2c490be908bc20260485c2d52754d6a924a880039152857ea16196
4509a82184a9fe6370cdf7a2526943c285f178c20e33453829c0888648609960
5d6760573a80d40908e6ee61a7c952da6c6ecd66412f78fdf1d19e31e21fb51d
5d8ad067c503875460461420dd34da53adf6cf134c4ca6a21e8182eb624321d2
62c80e12e2a39c4600b5687f79398015ae701ee7af6dd03a3ed409e0fa09c99d
6a5777984d2f574cb4207453759b7cc8af3bd75f24e90b5ceb55fc12b9a93e22
9e78986b79b25b5371eb93d4ffb81f6a3389e70192d37a6fc77ef6c3a54bbe76
9ed4344c47fadd4147f63f1aa3499dde64174a7e3a390c38978b408d70b67e6a
b6682cab65d3243b5b75efb7279dbf49491957484780f2ba0a87632cc0e25642
bb573c2e7c5189b7ac87ea9c54c8572abac38fc14192eeb93e820138a295b19e
bdbd9081579643322c5627a6b8c67e302a6364a782c0acf12ad9c38c3630d738
bfb6615897075678bc818e1a6d845d766dd4616a08d2dca9183a1147501c0812
d34d7a4271c2bfed1587246bc0a2c5fb704feae5d620ef1753e81de1c7d78f93
e06d8ae32c691fadfeea67e7c43e501e11c0e6e68101c1cdc6590b8610393fe0
e2f033c9dae3a2b58485991f580358260c2e0b124ca23f7e1b7e1175618055cb
e4114d65723855853221623a9af31ad74910d6235a7465918b0bb4446279d7c1
f550d40029e7faa84f0372ddc24f3615ce56602c6cd309a8a256b55404a2500f
f8ac3fcb5ae6bdd7b4337ae6caebedb3796077f6cc5493a6dee88376d168faab
ffa0cc8b2563e8b15e606584fb72212f057d1722fd187ae709dcac5691251af8