urlscan.io logo urlscan.io
SecurityTrails logo

sit.login.myob.com Open in urlscan Pro
20.46.104.234  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://myaccount.sab.dev.myob.com/
Effective URL: https://sit.login.myob.com/oauth2/authorize?response_type=id_token%20token&client_id=self-service-portal-web&redirect_uri=h...
Submission: On September 03 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 12 HTTP transactions. The main IP is 20.46.104.234, located in Melbourne, Australia and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is sit.login.myob.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on March 26th 2019. Valid for: 2 years.
This is the only time sit.login.myob.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 143.204.201.10 16509 (AMAZON-02)
1 99.86.0.85 16509 (AMAZON-02)
7 20.46.104.234 8075 (MICROSOFT...)
12 3
Apex Domain
Subdomains		 Transfer
11 myob.com
myaccount.sab.dev.myob.com
sit.login.myob.com
1 MB
1 segment.com
cdn.segment.com
62 KB
12 2
Domain Requested by
7 sit.login.myob.com myaccount.sab.dev.myob.com
sit.login.myob.com
4 myaccount.sab.dev.myob.com myaccount.sab.dev.myob.com
1 cdn.segment.com myaccount.sab.dev.myob.com
12 3

This site contains no links.

Subject Issuer Validity Valid
myaccount.sab.dev.myob.com
Amazon		 2020-09-03 -
2021-10-03		 a year crt.sh
*.segment.com
DigiCert SHA2 Secure Server CA		 2020-06-12 -
2021-07-27		 a year crt.sh
*.login.myob.com
DigiCert SHA2 Secure Server CA		 2019-03-26 -
2021-04-28		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://sit.login.myob.com/oauth2/authorize?response_type=id_token%20token&client_id=self-service-portal-web&redirect_uri=https%3A%2F%2Fmyaccount.sab.dev.myob.com&resource=self-service-portal-bff&scope=openid&state=d8f4111e-9329-417a-894b-13672c04e5c8_eyJsb2dpblN0YXRlIjp7fSwicmVzb3VyY2UiOiJzZWxmLXNlcnZpY2UtcG9ydGFsLWJmZiJ9&nonce=1e8ae001-1567-4fb7-8bd8-9430e053ea8e&client-request-id=a9a68efe-e7a1-43dd-9c72-39f30eda26a3&x-client-sku=js&x-client-ver=1.0.0
Frame ID: 1C74EC601B929F76D5860E14A73BF280
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://myaccount.sab.dev.myob.com/ Page URL
  2. https://sit.login.myob.com/oauth2/authorize?response_type=id_token%20token&client_id=self-service-porta... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
  • headers server /^AmazonS3$/i
Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
Overall confidence: 100%
Detected patterns
  • headers server /^AmazonS3$/i

Page Statistics

12
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

3
IPs

2
Countries

1238 kB
Transfer

3435 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://myaccount.sab.dev.myob.com/ Page URL
  2. https://sit.login.myob.com/oauth2/authorize?response_type=id_token%20token&client_id=self-service-portal-web&redirect_uri=https%3A%2F%2Fmyaccount.sab.dev.myob.com&resource=self-service-portal-bff&scope=openid&state=d8f4111e-9329-417a-894b-13672c04e5c8_eyJsb2dpblN0YXRlIjp7fSwicmVzb3VyY2UiOiJzZWxmLXNlcnZpY2UtcG9ydGFsLWJmZiJ9&nonce=1e8ae001-1567-4fb7-8bd8-9430e053ea8e&client-request-id=a9a68efe-e7a1-43dd-9c72-39f30eda26a3&x-client-sku=js&x-client-ver=1.0.0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
myaccount.sab.dev.myob.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://myaccount.sab.dev.myob.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.201.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-201-10.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
23e119ea6b1945c9da93458f3c90171e5ab053f26d6718d309443562155408d1

Request headers

:method
GET
:authority
myaccount.sab.dev.myob.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
content-type
text/html
date
Thu, 03 Sep 2020 07:07:02 GMT
last-modified
Mon, 31 Aug 2020 09:27:54 GMT
etag
W/"72ea818da3277e149130e8d3e02a6ce0"
cache-control
max-age=0
server
AmazonS3
content-encoding
gzip
vary
Accept-Encoding
x-cache
Miss from cloudfront
via
1.1 86ef89199388021c33b079c598103b12.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
lg-sF7aT0N70BzuR6duw0KW_W4RTIw04su-7Gg5gWAYN9eA0ZK8ifw==
2.f8d9b118.chunk.css
myaccount.sab.dev.myob.com/static/css/ 		296 KB
60 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://myaccount.sab.dev.myob.com/static/css/2.f8d9b118.chunk.css
Requested by
Host: myaccount.sab.dev.myob.com
URL: https://myaccount.sab.dev.myob.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.201.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-201-10.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
92daddc4b3ab8f9ad436d0a286c884bc0a8eab24063c5e1297507bbe95e94c8f

Request headers

Referer
https://myaccount.sab.dev.myob.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 03 Sep 2020 07:07:03 GMT
content-encoding
gzip
last-modified
Mon, 31 Aug 2020 09:27:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
etag
W/"0e0a50965df53c90d80cc17ff59c0cea"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
status
200
x-amz-cf-id
fVwEoVSrAiXZtd7cjZXGByXd4KBSOHvIpXdQm2tl7Dx-Tjc0dwBBLg==
via
1.1 86ef89199388021c33b079c598103b12.cloudfront.net (CloudFront)
2.dc2859ef.chunk.js
myaccount.sab.dev.myob.com/static/js/ 		1 MB
389 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://myaccount.sab.dev.myob.com/static/js/2.dc2859ef.chunk.js
Requested by
Host: myaccount.sab.dev.myob.com
URL: https://myaccount.sab.dev.myob.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.201.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-201-10.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
352aaab86c52e18b1ad749be462a0840655a5ce22a7bc061f4830c2729a2ce24

Request headers

Referer
https://myaccount.sab.dev.myob.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 03 Sep 2020 07:07:04 GMT
content-encoding
gzip
last-modified
Mon, 31 Aug 2020 09:27:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
etag
W/"8aa028b8aa973f6a930d86789213e18e"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
status
200
x-amz-cf-id
ZkRPxnskTVVnSovwJ5yhjLPRJ80DSahSKNeVUdfkN2B6LTrallspNg==
via
1.1 86ef89199388021c33b079c598103b12.cloudfront.net (CloudFront)
main.2cae5e36.chunk.js
myaccount.sab.dev.myob.com/static/js/ 		92 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://myaccount.sab.dev.myob.com/static/js/main.2cae5e36.chunk.js
Requested by
Host: myaccount.sab.dev.myob.com
URL: https://myaccount.sab.dev.myob.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.201.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-201-10.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b47cc8a23b534551c4f3cc4348f26fe646ea8c55a58307531e3d4d241bee2fd8

Request headers

Referer
https://myaccount.sab.dev.myob.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 03 Sep 2020 07:07:04 GMT
content-encoding
gzip
last-modified
Mon, 31 Aug 2020 09:27:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
etag
W/"7e2877a51f85c0484ff2bfcc0677e296"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
status
200
x-amz-cf-id
VCScsvTMWH5ejgqXBP5fx4Gvx_fuQS377lWV-wjNM5WdFZcputDa9Q==
via
1.1 86ef89199388021c33b079c598103b12.cloudfront.net (CloudFront)
analytics.min.js
cdn.segment.com/analytics.js/v1/I16r71qZMc5d6lMdl5pyM7okZKZ1j4mZ/ 		343 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics.js/v1/I16r71qZMc5d6lMdl5pyM7okZKZ1j4mZ/analytics.min.js
Requested by
Host: myaccount.sab.dev.myob.com
URL: https://myaccount.sab.dev.myob.com/static/js/main.2cae5e36.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.0.85 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-0-85.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://myaccount.sab.dev.myob.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 03 Sep 2020 07:07:06 GMT
content-encoding
gzip
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
status
200
x-amz-replication-status
COMPLETED
content-length
62917
access-control-allow-origin
*
last-modified
Thu, 03 Sep 2020 02:11:13 GMT
server
AmazonS3
etag
"ce7cd1141c5bdebaec380f7104a898df"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
x-amz-version-id
.PHBvO_wzJERS3dNAAoVR0amF1ty4lZ3
via
1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
cache-control
public, max-age=300
accept-ranges
bytes
content-type
text/javascript; charset=utf-8
x-amz-cf-id
dFGS9-q8uzsZqoI4nmwG7w4zW9707mNOQ05sokGjlToXAKZuFzqBPA==
Primary Request Cookie set authorize
sit.login.myob.com/oauth2/ 		4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sit.login.myob.com/oauth2/authorize?response_type=id_token%20token&client_id=self-service-portal-web&redirect_uri=https%3A%2F%2Fmyaccount.sab.dev.myob.com&resource=self-service-portal-bff&scope=openid&state=d8f4111e-9329-417a-894b-13672c04e5c8_eyJsb2dpblN0YXRlIjp7fSwicmVzb3VyY2UiOiJzZWxmLXNlcnZpY2UtcG9ydGFsLWJmZiJ9&nonce=1e8ae001-1567-4fb7-8bd8-9430e053ea8e&client-request-id=a9a68efe-e7a1-43dd-9c72-39f30eda26a3&x-client-sku=js&x-client-ver=1.0.0
Requested by
Host: myaccount.sab.dev.myob.com
URL: https://myaccount.sab.dev.myob.com/static/js/2.dc2859ef.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.46.104.234 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
27233f7d176046bc6e4b03fd1c4419e7020ac73033f2f5f6d9d450e619340e31
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' https://www.google-analytics.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/api.js;img-src 'self' https://myobsitidammelbdata.blob.core.windows.net https://www.google-analytics.com https://stats.g.doubleclick.net https://www.google.com.au/ads/ga-audiences*;frame-src 'self' https://www.google.com/recaptcha/;connect-src 'self' https://www.google-analytics.com https://stats.g.doubleclick.net https://api.segment.io
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Host
sit.login.myob.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://myaccount.sab.dev.myob.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://myaccount.sab.dev.myob.com/

Response headers

Date
Thu, 03 Sep 2020 07:07:05 GMT
Content-Type
text/html; charset=utf-8
Content-Length
3594
Connection
keep-alive
Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Expires
-1
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self';script-src 'self' https://www.google-analytics.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/api.js;img-src 'self' https://myobsitidammelbdata.blob.core.windows.net https://www.google-analytics.com https://stats.g.doubleclick.net https://www.google.com.au/ads/ga-audiences*;frame-src 'self' https://www.google.com/recaptcha/;connect-src 'self' https://www.google-analytics.com https://stats.g.doubleclick.net https://api.segment.io
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-Robots-Tag
noindex, nofollow
X-XSS-Protection
1; mode=block
Set-Cookie
.myob.analytics.parameters=; path=/; expires=Thu, 03-Sep-2020 08:07:05 GMT
all
sit.login.myob.com/Styles/ 		418 KB
90 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sit.login.myob.com/Styles/all?v=d9Hd_tUg9_dFzSG9DxiRc5vgFYfZIB45QSRKhqsgXSY1
Requested by
Host: sit.login.myob.com
URL: https://sit.login.myob.com/oauth2/authorize?response_type=id_token%20token&client_id=self-service-portal-web&redirect_uri=https%3A%2F%2Fmyaccount.sab.dev.myob.com&resource=self-service-portal-bff&scope=openid&state=d8f4111e-9329-417a-894b-13672c04e5c8_eyJsb2dpblN0YXRlIjp7fSwicmVzb3VyY2UiOiJzZWxmLXNlcnZpY2UtcG9ydGFsLWJmZiJ9&nonce=1e8ae001-1567-4fb7-8bd8-9430e053ea8e&client-request-id=a9a68efe-e7a1-43dd-9c72-39f30eda26a3&x-client-sku=js&x-client-ver=1.0.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.46.104.234 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
08fd8d781599dc0ed8ce96a48b4e996f7b1b8efb25a270626fdfce1a482e6686
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' https://www.google-analytics.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/api.js;img-src 'self' https://myobsitidammelbdata.blob.core.windows.net https://www.google-analytics.com https://stats.g.doubleclick.net https://www.google.com.au/ads/ga-audiences*;frame-src 'self' https://www.google.com/recaptcha/;connect-src 'self' https://www.google-analytics.com https://stats.g.doubleclick.net https://api.segment.io
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sit.login.myob.com/oauth2/authorize?response_type=id_token%20token&client_id=self-service-portal-web&redirect_uri=https%3A%2F%2Fmyaccount.sab.dev.myob.com&resource=self-service-portal-bff&scope=openid&state=d8f4111e-9329-417a-894b-13672c04e5c8_eyJsb2dpblN0YXRlIjp7fSwicmVzb3VyY2UiOiJzZWxmLXNlcnZpY2UtcG9ydGFsLWJmZiJ9&nonce=1e8ae001-1567-4fb7-8bd8-9430e053ea8e&client-request-id=a9a68efe-e7a1-43dd-9c72-39f30eda26a3&x-client-sku=js&x-client-ver=1.0.0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 03 Sep 2020 07:07:06 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 03 Sep 2020 07:07:06 GMT
X-Frame-Options
DENY
Vary
User-Agent,Accept-Encoding
Connection
keep-alive
Content-Type
text/css; charset=utf-8
Cache-Control
public
Transfer-Encoding
chunked
Content-Security-Policy
default-src 'self';script-src 'self' https://www.google-analytics.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/api.js;img-src 'self' https://myobsitidammelbdata.blob.core.windows.net https://www.google-analytics.com https://stats.g.doubleclick.net https://www.google.com.au/ads/ga-audiences*;frame-src 'self' https://www.google.com/recaptcha/;connect-src 'self' https://www.google-analytics.com https://stats.g.doubleclick.net https://api.segment.io
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Robots-Tag
noindex, nofollow
X-XSS-Protection
1; mode=block
Expires
Fri, 03 Sep 2021 07:07:06 GMT
myob-logo.svg
sit.login.myob.com/Images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sit.login.myob.com/Images/myob-logo.svg
Requested by
Host: sit.login.myob.com
URL: https://sit.login.myob.com/oauth2/authorize?response_type=id_token%20token&client_id=self-service-portal-web&redirect_uri=https%3A%2F%2Fmyaccount.sab.dev.myob.com&resource=self-service-portal-bff&scope=openid&state=d8f4111e-9329-417a-894b-13672c04e5c8_eyJsb2dpblN0YXRlIjp7fSwicmVzb3VyY2UiOiJzZWxmLXNlcnZpY2UtcG9ydGFsLWJmZiJ9&nonce=1e8ae001-1567-4fb7-8bd8-9430e053ea8e&client-request-id=a9a68efe-e7a1-43dd-9c72-39f30eda26a3&x-client-sku=js&x-client-ver=1.0.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.46.104.234 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9b25e3c7188eff529c78749865594f119b3a4caf1cf56db543dd0be5e47342cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://sit.login.myob.com/oauth2/authorize?response_type=id_token%20token&client_id=self-service-portal-web&redirect_uri=https%3A%2F%2Fmyaccount.sab.dev.myob.com&resource=self-service-portal-bff&scope=openid&state=d8f4111e-9329-417a-894b-13672c04e5c8_eyJsb2dpblN0YXRlIjp7fSwicmVzb3VyY2UiOiJzZWxmLXNlcnZpY2UtcG9ydGFsLWJmZiJ9&nonce=1e8ae001-1567-4fb7-8bd8-9430e053ea8e&client-request-id=a9a68efe-e7a1-43dd-9c72-39f30eda26a3&x-client-sku=js&x-client-ver=1.0.0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 03 Sep 2020 07:07:06 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Aug 2020 03:56:55 GMT
ETag
"80dd599e5c70d61:0"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Connection
keep-alive
Strict-Transport-Security
max-age=31536000; includeSubDomains
Accept-Ranges
bytes
Content-Length
1822
error.svg
sit.login.myob.com/Images/ 		12 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sit.login.myob.com/Images/error.svg
Requested by
Host: sit.login.myob.com
URL: https://sit.login.myob.com/oauth2/authorize?response_type=id_token%20token&client_id=self-service-portal-web&redirect_uri=https%3A%2F%2Fmyaccount.sab.dev.myob.com&resource=self-service-portal-bff&scope=openid&state=d8f4111e-9329-417a-894b-13672c04e5c8_eyJsb2dpblN0YXRlIjp7fSwicmVzb3VyY2UiOiJzZWxmLXNlcnZpY2UtcG9ydGFsLWJmZiJ9&nonce=1e8ae001-1567-4fb7-8bd8-9430e053ea8e&client-request-id=a9a68efe-e7a1-43dd-9c72-39f30eda26a3&x-client-sku=js&x-client-ver=1.0.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.46.104.234 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
fea77a995d8cc8e059b1bdd7098fbd07ec319db34f0a3c123f8fafe068a14dcc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://sit.login.myob.com/oauth2/authorize?response_type=id_token%20token&client_id=self-service-portal-web&redirect_uri=https%3A%2F%2Fmyaccount.sab.dev.myob.com&resource=self-service-portal-bff&scope=openid&state=d8f4111e-9329-417a-894b-13672c04e5c8_eyJsb2dpblN0YXRlIjp7fSwicmVzb3VyY2UiOiJzZWxmLXNlcnZpY2UtcG9ydGFsLWJmZiJ9&nonce=1e8ae001-1567-4fb7-8bd8-9430e053ea8e&client-request-id=a9a68efe-e7a1-43dd-9c72-39f30eda26a3&x-client-sku=js&x-client-ver=1.0.0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 03 Sep 2020 07:07:06 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Aug 2020 03:56:55 GMT
ETag
"80dd599e5c70d61:0"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Connection
keep-alive
Strict-Transport-Security
max-age=31536000; includeSubDomains
Accept-Ranges
bytes
Content-Length
3968
gte-ie-9
sit.login.myob.com/Bundles/Scripts/Shared/ 		907 KB
503 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sit.login.myob.com/Bundles/Scripts/Shared/gte-ie-9?v=AKGLQfsCLckaAczHvgYUjsHlVwTu4IiQXodfTMb2EoU1
Requested by
Host: sit.login.myob.com
URL: https://sit.login.myob.com/oauth2/authorize?response_type=id_token%20token&client_id=self-service-portal-web&redirect_uri=https%3A%2F%2Fmyaccount.sab.dev.myob.com&resource=self-service-portal-bff&scope=openid&state=d8f4111e-9329-417a-894b-13672c04e5c8_eyJsb2dpblN0YXRlIjp7fSwicmVzb3VyY2UiOiJzZWxmLXNlcnZpY2UtcG9ydGFsLWJmZiJ9&nonce=1e8ae001-1567-4fb7-8bd8-9430e053ea8e&client-request-id=a9a68efe-e7a1-43dd-9c72-39f30eda26a3&x-client-sku=js&x-client-ver=1.0.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.46.104.234 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
68b78bc3e3288bcfc46f0777c30f762d90e62deb17bc21f13488eeebd31ad2e7
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' https://www.google-analytics.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/api.js;img-src 'self' https://myobsitidammelbdata.blob.core.windows.net https://www.google-analytics.com https://stats.g.doubleclick.net https://www.google.com.au/ads/ga-audiences*;frame-src 'self' https://www.google.com/recaptcha/;connect-src 'self' https://www.google-analytics.com https://stats.g.doubleclick.net https://api.segment.io
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sit.login.myob.com/oauth2/authorize?response_type=id_token%20token&client_id=self-service-portal-web&redirect_uri=https%3A%2F%2Fmyaccount.sab.dev.myob.com&resource=self-service-portal-bff&scope=openid&state=d8f4111e-9329-417a-894b-13672c04e5c8_eyJsb2dpblN0YXRlIjp7fSwicmVzb3VyY2UiOiJzZWxmLXNlcnZpY2UtcG9ydGFsLWJmZiJ9&nonce=1e8ae001-1567-4fb7-8bd8-9430e053ea8e&client-request-id=a9a68efe-e7a1-43dd-9c72-39f30eda26a3&x-client-sku=js&x-client-ver=1.0.0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 03 Sep 2020 07:07:06 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 03 Sep 2020 07:07:06 GMT
X-Frame-Options
DENY
Vary
User-Agent,Accept-Encoding
Connection
keep-alive
Content-Type
text/javascript; charset=utf-8
Cache-Control
public
Transfer-Encoding
chunked
Content-Security-Policy
default-src 'self';script-src 'self' https://www.google-analytics.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/api.js;img-src 'self' https://myobsitidammelbdata.blob.core.windows.net https://www.google-analytics.com https://stats.g.doubleclick.net https://www.google.com.au/ads/ga-audiences*;frame-src 'self' https://www.google.com/recaptcha/;connect-src 'self' https://www.google-analytics.com https://stats.g.doubleclick.net https://api.segment.io
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Robots-Tag
noindex, nofollow
X-XSS-Protection
1; mode=block
Expires
Fri, 03 Sep 2021 07:07:06 GMT
NeutroMYOB-Medium.woff2
sit.login.myob.com/fonts/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sit.login.myob.com/fonts/NeutroMYOB-Medium.woff2
Requested by
Host: sit.login.myob.com
URL: https://sit.login.myob.com/Styles/all?v=d9Hd_tUg9_dFzSG9DxiRc5vgFYfZIB45QSRKhqsgXSY1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.46.104.234 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
95fef526547e03ef68c2c3c235b12de0b3450250d4c0d849eec93c8e52290eb1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Origin
https://sit.login.myob.com
Referer
https://sit.login.myob.com/Styles/all?v=d9Hd_tUg9_dFzSG9DxiRc5vgFYfZIB45QSRKhqsgXSY1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 03 Sep 2020 07:07:06 GMT
Last-Modified
Wed, 12 Aug 2020 03:56:56 GMT
ETag
"b58369f5c70d61:0"
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/font-woff2
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
48356
NeutroMYOB-Regular.woff2
sit.login.myob.com/fonts/ 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sit.login.myob.com/fonts/NeutroMYOB-Regular.woff2
Requested by
Host: sit.login.myob.com
URL: https://sit.login.myob.com/Styles/all?v=d9Hd_tUg9_dFzSG9DxiRc5vgFYfZIB45QSRKhqsgXSY1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.46.104.234 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2bdc21b1c93aec282a76b2cb6e677f461e0f11aa9f68d00dafa636094be73c8c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Origin
https://sit.login.myob.com
Referer
https://sit.login.myob.com/Styles/all?v=d9Hd_tUg9_dFzSG9DxiRc5vgFYfZIB45QSRKhqsgXSY1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 03 Sep 2020 07:07:06 GMT
Last-Modified
Wed, 12 Aug 2020 03:56:56 GMT
ETag
"cef869f5c70d61:0"
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/font-woff2
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
49836

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes function| addWinFormCheck function| isWinForm function| $ function| jQuery object| Modernizr function| moment function| zxcvbn function| Cookies

1 Cookies

Domain/Path Name / Value
sit.login.myob.com/ Name: .myob.analytics.parameters
Value: