bpaccsnzuatb2c.b2clogin.com Open in urlscan Pro
2603:1016:1400::10  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://cp-uat.apps.nz.bpac-dev.net/ Page URL
2. https://bpaccsnzuatb2c.b2clogin.com/bpaccsnzuatb2c.onmicrosoft.com/b2c_1_local_susi_bpac_aad_sso/oauth2/v2.0/authorize?client_id=bc6411c9-adf0-4c0b-ba4f-73010688a08f&redirect_uri=https%3A%2F%2Fcp-uat.apps.nz.bpac-dev.net%2Fauth-callback&response_type=code&scope=openid+https%3A%2F%2Fbpaccsnzuatb2c.onmicrosoft.com%2Fsmartcare%2Fanalytics.read&state=8e0bc98bdc8e4bb8af7dbba7d5e27013&code_challenge=NijD6W-NIxRwHvQCyaBywxpodbWzo-0AdEjDppE9Bkc&code_challenge_method=S256&response_mode=query Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ Show response cp-uat.apps.nz.bpac-dev.net/	33 KB 9 KB	303ms 149ms	Document text/html	2620:1ec:bdf::31 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://cp-uat.apps.nz.bpac-dev.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:bdf::31 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Express ASP.NET Resource Hash bfe0a0ab335acbdb5260b362a44cf0375b8217211692d44a049a7e7da08097b2 Request headers Accept-Language en-NZ,en;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers accept-ranges bytes cache-control public, max-age=0 content-encoding gzip content-length 8733 content-type text/html; charset=utf-8 date Thu, 06 Jun 2024 10:26:20 GMT etag W/"8216-18fdd5e4d40" last-modified Mon, 03 Jun 2024 09:11:36 GMT vary Accept-Encoding x-azure-ref 20240606T102620Z-156497df44dp4d7pkpvzwtadc40000000hgg000000000sn6 x-cache CONFIG_NOCACHE x-powered-by Express ASP.NET
GET H2	200	chunk-DLDOR3YA.js Show response cp-uat.apps.nz.bpac-dev.net/	2 KB 1 KB	70ms 69ms	Script application/javascript	2620:1ec:bdf::31 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://cp-uat.apps.nz.bpac-dev.net/chunk-DLDOR3YA.js Requested by Host: cp-uat.apps.nz.bpac-dev.net URL: https://cp-uat.apps.nz.bpac-dev.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:bdf::31 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Express, ASP.NET Resource Hash 589eda31ef565efc927a26e6b106af8be1db06732e634d1c6ce540eb820913b5 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://cp-uat.apps.nz.bpac-dev.net/ Origin https://cp-uat.apps.nz.bpac-dev.net Accept-Language en-NZ,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 06 Jun 2024 10:26:20 GMT content-encoding gzip last-modified Mon, 03 Jun 2024 09:11:36 GMT etag W/"62f-18fdd5e4d40" x-powered-by Express, ASP.NET vary Accept-Encoding x-azure-ref 20240606T102620Z-156497df44dp4d7pkpvzwtadc40000000hgg000000000sn8 content-type application/javascript; charset=UTF-8 x-cache CONFIG_NOCACHE cache-control public, max-age=0 accept-ranges bytes content-length 989
GET H2	200	polyfills-RT5I6R6G.js Show response cp-uat.apps.nz.bpac-dev.net/	33 KB 15 KB	104ms 103ms	Script application/javascript	2620:1ec:bdf::31 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://cp-uat.apps.nz.bpac-dev.net/polyfills-RT5I6R6G.js Requested by Host: cp-uat.apps.nz.bpac-dev.net URL: https://cp-uat.apps.nz.bpac-dev.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:bdf::31 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Express, ASP.NET Resource Hash 7d437f49c77dbb0b91300036c9f74528aee819efe92520ec49e93862e63c3eeb Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://cp-uat.apps.nz.bpac-dev.net/ Origin https://cp-uat.apps.nz.bpac-dev.net Accept-Language en-NZ,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 06 Jun 2024 10:26:20 GMT content-encoding gzip last-modified Mon, 03 Jun 2024 09:11:36 GMT etag W/"846a-18fdd5e4d40" x-powered-by Express, ASP.NET vary Accept-Encoding x-azure-ref 20240606T102620Z-156497df44dp4d7pkpvzwtadc40000000hgg000000000sn9 content-type application/javascript; charset=UTF-8 x-cache CONFIG_NOCACHE cache-control public, max-age=0 accept-ranges bytes content-length 14768
GET H2	200	main-NECPWBRY.js Show response cp-uat.apps.nz.bpac-dev.net/	2 MB 870 KB	142ms 141ms	Script application/javascript	2620:1ec:bdf::31 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://cp-uat.apps.nz.bpac-dev.net/main-NECPWBRY.js Requested by Host: cp-uat.apps.nz.bpac-dev.net URL: https://cp-uat.apps.nz.bpac-dev.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:bdf::31 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Express, ASP.NET Resource Hash 0206f978665dd243a91560e07aefbdd0fffc1abbd3101c8410ba5777af4b8ed3 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://cp-uat.apps.nz.bpac-dev.net/ Origin https://cp-uat.apps.nz.bpac-dev.net Accept-Language en-NZ,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 06 Jun 2024 10:26:20 GMT content-encoding gzip last-modified Mon, 03 Jun 2024 09:11:36 GMT etag W/"250291-18fdd5e4d40" x-powered-by Express, ASP.NET vary Accept-Encoding x-azure-ref 20240606T102620Z-156497df44dp4d7pkpvzwtadc40000000hgg000000000sna content-type application/javascript; charset=UTF-8 x-cache CONFIG_NOCACHE cache-control public, max-age=0
GET H2	200	styles-DYTJ3F2Q.css cp-uat.apps.nz.bpac-dev.net/	1 MB 217 KB	118ms 117ms	Stylesheet text/css	2620:1ec:bdf::31 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://cp-uat.apps.nz.bpac-dev.net/styles-DYTJ3F2Q.css Requested by Host: cp-uat.apps.nz.bpac-dev.net URL: https://cp-uat.apps.nz.bpac-dev.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:bdf::31 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Express, ASP.NET Resource Hash e9f5668abc4e4a3ccde8aff0e09a7fc1378e646d5df93972cba7036fad2ff4ec Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://cp-uat.apps.nz.bpac-dev.net/ Accept-Language en-NZ,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 06 Jun 2024 10:26:20 GMT content-encoding gzip last-modified Mon, 03 Jun 2024 09:11:36 GMT etag W/"101a46-18fdd5e4d40" x-powered-by Express, ASP.NET vary Accept-Encoding x-azure-ref 20240606T102620Z-156497df44dp4d7pkpvzwtadc40000000hgg000000000snb content-type text/css; charset=UTF-8 x-cache CONFIG_NOCACHE cache-control public, max-age=0
GET H2	200	o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2 fonts.gstatic.com/s/notosans/v36/	38 KB 39 KB	545ms 150ms	Font font/woff2	2404:6800:4006:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/notosans/v36/o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2 Requested by Host: cp-uat.apps.nz.bpac-dev.net URL: https://cp-uat.apps.nz.bpac-dev.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4006:810::2003 Sydney, Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 91c01ec0de315f973f4c00041b7ae25e1a790cedff79a6fbb56c571bba379142 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://cp-uat.apps.nz.bpac-dev.net/ Origin https://cp-uat.apps.nz.bpac-dev.net Accept-Language en-NZ,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 04 Jun 2024 02:26:43 GMT x-content-type-options nosniff age 201577 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 39412 x-xss-protection 0 last-modified Wed, 14 Feb 2024 22:43:09 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 04 Jun 2025 02:26:43 GMT
GET H2	200	configuration Show response cp-uat.apps.nz.bpac-dev.net/api/ClinicalApplications/c5892952-d9fc-4769-9c39-9610e4614b2d/.well-known/	7 KB 2 KB	130ms 129ms	XHR application/json	2620:1ec:bdf::31 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://cp-uat.apps.nz.bpac-dev.net/api/ClinicalApplications/c5892952-d9fc-4769-9c39-9610e4614b2d/.well-known/configuration Requested by Host: cp-uat.apps.nz.bpac-dev.net URL: https://cp-uat.apps.nz.bpac-dev.net/polyfills-RT5I6R6G.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:bdf::31 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / ASP.NET, ASP.NET Resource Hash 43dad0a59e6e239db43c68b4b024b1b789d95305149673cb959cc3531c26d325 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Accept application/json, text/plain, */* Referer https://cp-uat.apps.nz.bpac-dev.net/ Accept-Language en-NZ,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-azure-ref 20240606T102621Z-156497df44dp4d7pkpvzwtadc40000000hgg000000000snt date Thu, 06 Jun 2024 10:26:21 GMT content-encoding gzip x-powered-by ASP.NET, ASP.NET vary Accept-Encoding x-cache CONFIG_NOCACHE content-type application/json; charset=utf-8
GET H2	200	favicon.ico cp-uat.apps.nz.bpac-dev.net/	15 KB 15 KB	70ms 70ms	Other image/x-icon	2620:1ec:bdf::31 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://cp-uat.apps.nz.bpac-dev.net/favicon.ico Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:bdf::31 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Express, ASP.NET Resource Hash bee93668e1fb5d23101a51f18da55daea35a400feac9e0174170efd0cf3e6293 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://cp-uat.apps.nz.bpac-dev.net/ Accept-Language en-NZ,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 06 Jun 2024 10:26:21 GMT last-modified Mon, 03 Jun 2024 09:09:34 GMT etag W/"3c2e-18fdd5c70b0" x-powered-by Express, ASP.NET x-azure-ref 20240606T102621Z-156497df44dp4d7pkpvzwtadc40000000hgg000000000snw x-cache CONFIG_NOCACHE content-type image/x-icon cache-control public, max-age=0 accept-ranges bytes content-length 15406
GET H/1.1	200 OK	openid-configuration Show response bpaccsnzuatb2c.b2clogin.com/bpaccsnzuatb2c.onmicrosoft.com/B2C_1_LOCAL_SUSI_BPAC_AAD_SSO/v2.0/.well-known/	1 KB 2 KB	553ms 251ms	Fetch application/json	2603:1016:1400::e MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bpaccsnzuatb2c.b2clogin.com/bpaccsnzuatb2c.onmicrosoft.com/B2C_1_LOCAL_SUSI_BPAC_AAD_SSO/v2.0/.well-known/openid-configuration Requested by Host: cp-uat.apps.nz.bpac-dev.net URL: https://cp-uat.apps.nz.bpac-dev.net/polyfills-RT5I6R6G.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2603:1016:1400::e Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 17fdf4ad72944963658c41f9bb9543efc2daad5ae5a70ef725af54eb08aaadc3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Accept application/jwk-set+json, application/json Referer https://cp-uat.apps.nz.bpac-dev.net/ Accept-Language en-NZ,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Strict-Transport-Security max-age=31536000; includeSubDomains Date Thu, 06 Jun 2024 10:26:21 GMT X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Access-Control-Allow-Methods GET, OPTIONS Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin https://cp-uat.apps.nz.bpac-dev.net Public OPTIONS,TRACE,GET,HEAD,POST Cache-Control no-store, must-revalidate, no-cache Allow OPTIONS, TRACE, GET, HEAD, POST x-ms-gateway-requestid b5dae546-7122-47de-a124-cf928570bf1c Content-Length 1507 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	Primary Request authorize Show response bpaccsnzuatb2c.b2clogin.com/bpaccsnzuatb2c.onmicrosoft.com/b2c_1_local_susi_bpac_aad_sso/oauth2/v2.0/	448 KB 162 KB	670ms 456ms	Document text/html	2603:1016:1400::10 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bpaccsnzuatb2c.b2clogin.com/bpaccsnzuatb2c.onmicrosoft.com/b2c_1_local_susi_bpac_aad_sso/oauth2/v2.0/authorize?client_id=bc6411c9-adf0-4c0b-ba4f-73010688a08f&redirect_uri=https%3A%2F%2Fcp-uat.apps.nz.bpac-dev.net%2Fauth-callback&response_type=code&scope=openid+https%3A%2F%2Fbpaccsnzuatb2c.onmicrosoft.com%2Fsmartcare%2Fanalytics.read&state=8e0bc98bdc8e4bb8af7dbba7d5e27013&code_challenge=NijD6W-NIxRwHvQCyaBywxpodbWzo-0AdEjDppE9Bkc&code_challenge_method=S256&response_mode=query Requested by Host: cp-uat.apps.nz.bpac-dev.net URL: https://cp-uat.apps.nz.bpac-dev.net/main-NECPWBRY.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2603:1016:1400::10 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash cb18392735c3657da7cc888504a2da57d21827d3555543ca91bcf83e535c332b Security Headers Name Value Content-Security-Policy script-src 'strict-dynamic' 'self' 'nonce-Kp4pXE7qMjdS13gnaJvimA==' 'report-sample'; report-uri /bpaccsnzuatb2c.onmicrosoft.com/B2C_1_LOCAL_SUSI_BPAC_AAD_SSO/client/cspreport?p=B2C_1_LOCAL_SUSI_BPAC_AAD_SSO Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept-Language en-NZ,en;q=0.9;q=0.9 Referer https://cp-uat.apps.nz.bpac-dev.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers Allow OPTIONS TRACE GET HEAD POST Cache-Control no-store, must-revalidate, no-cache Content-Encoding gzip Content-Length 162630 Content-Security-Policy script-src 'strict-dynamic' 'self' 'nonce-Kp4pXE7qMjdS13gnaJvimA==' 'report-sample'; report-uri /bpaccsnzuatb2c.onmicrosoft.com/B2C_1_LOCAL_SUSI_BPAC_AAD_SSO/client/cspreport?p=B2C_1_LOCAL_SUSI_BPAC_AAD_SSO Content-Type text/html; charset=utf-8 Date Thu, 06 Jun 2024 10:26:22 GMT Expires -1 Public OPTIONS,TRACE,GET,HEAD,POST Strict-Transport-Security max-age=31536000; includeSubDomains Vary Accept-Encoding X-Build 1.1.172.0 X-Content-Type-Options nosniff X-Frame-Options DENY X-Request-ID f2d009c8-b388-4d4b-8df6-ded2acfcc3d4 X-UA-Compatible IE=edge X-XSS-Protection 1; mode=block x-ms-gateway-requestid e61e9e2a-428d-478c-ab9b-a425c9d7a0e6
GET H/1.1	200 OK	unified.cshtml Show response bpaccsnzuatb2c.b2clogin.com/static/tenant/templates/AzureBlue/	59 KB 38 KB	95ms 95ms	XHR text/html	2603:1016:1400::10 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bpaccsnzuatb2c.b2clogin.com/static/tenant/templates/AzureBlue/unified.cshtml?slice=001-000&dc=MEL Requested by Host: bpaccsnzuatb2c.b2clogin.com URL: https://bpaccsnzuatb2c.b2clogin.com/bpaccsnzuatb2c.onmicrosoft.com/b2c_1_local_susi_bpac_aad_sso/oauth2/v2.0/authorize?client_id=bc6411c9-adf0-4c0b-ba4f-73010688a08f&redirect_uri=https%3A%2F%2Fcp-uat.apps.nz.bpac-dev.net%2Fauth-callback&response_type=code&scope=openid+https%3A%2F%2Fbpaccsnzuatb2c.onmicrosoft.com%2Fsmartcare%2Fanalytics.read&state=8e0bc98bdc8e4bb8af7dbba7d5e27013&code_challenge=NijD6W-NIxRwHvQCyaBywxpodbWzo-0AdEjDppE9Bkc&code_challenge_method=S256&response_mode=query Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2603:1016:1400::10 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 16fd1b44d68cc94ea4f5b87e2c2dd33839dba705b243d1834c6def1e8741792e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://bpaccsnzuatb2c.b2clogin.com/bpaccsnzuatb2c.onmicrosoft.com/b2c_1_local_susi_bpac_aad_sso/oauth2/v2.0/authorize?client_id=bc6411c9-adf0-4c0b-ba4f-73010688a08f&redirect_uri=https%3A%2F%2Fcp-uat.apps.nz.bpac-dev.net%2Fauth-callback&response_type=code&scope=openid+https%3A%2F%2Fbpaccsnzuatb2c.onmicrosoft.com%2Fsmartcare%2Fanalytics.read&state=8e0bc98bdc8e4bb8af7dbba7d5e27013&code_challenge=NijD6W-NIxRwHvQCyaBywxpodbWzo-0AdEjDppE9Bkc&code_challenge_method=S256&response_mode=query Accept-Language en-NZ,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Strict-Transport-Security max-age=31536000; includeSubDomains Content-Encoding gzip X-Content-Type-Options nosniff Date Thu, 06 Jun 2024 10:26:22 GMT Vary Accept-Encoding Access-Control-Allow-Methods GET, OPTIONS Content-Type text/html; charset=utf-8 Access-Control-Allow-Origin * Cache-Control private Access-Control-Max-Age 3600 X-Frame-Options DENY X-XSS-Protection 1; mode=block Content-Length 38393
GET H/1.1	200 OK	1-1.png bpaccsnzuatb2c.b2clogin.com/static/tenant/templates/backgrounds/	57 KB 58 KB	97ms 96ms	Image image/png	2603:1016:1400::10 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://bpaccsnzuatb2c.b2clogin.com/static/tenant/templates/backgrounds/1-1.png Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2603:1016:1400::10 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 839660044af8616438ea4f12446f2f05034459ddf15ca6e8815944b1e7f58784 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://bpaccsnzuatb2c.b2clogin.com/bpaccsnzuatb2c.onmicrosoft.com/b2c_1_local_susi_bpac_aad_sso/oauth2/v2.0/authorize?client_id=bc6411c9-adf0-4c0b-ba4f-73010688a08f&redirect_uri=https%3A%2F%2Fcp-uat.apps.nz.bpac-dev.net%2Fauth-callback&response_type=code&scope=openid+https%3A%2F%2Fbpaccsnzuatb2c.onmicrosoft.com%2Fsmartcare%2Fanalytics.read&state=8e0bc98bdc8e4bb8af7dbba7d5e27013&code_challenge=NijD6W-NIxRwHvQCyaBywxpodbWzo-0AdEjDppE9Bkc&code_challenge_method=S256&response_mode=query Accept-Language en-NZ,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Strict-Transport-Security max-age=31536000; includeSubDomains Date Thu, 06 Jun 2024 10:26:22 GMT X-Content-Type-Options nosniff Last-Modified Wed, 29 May 2024 10:06:50 GMT ETag "09923ecafb1da1:0" Access-Control-Max-Age 3600 Access-Control-Allow-Methods GET, OPTIONS Content-Type image/png Access-Control-Allow-Origin * X-Frame-Options DENY Accept-Ranges bytes Content-Length 58649 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	logo.svg bpaccsnzuatb2c.b2clogin.com/static/tenant/templates/images/	849 B 1 KB	331ms 92ms	Image image/svg+xml	2603:1016:1400::10 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://bpaccsnzuatb2c.b2clogin.com/static/tenant/templates/images/logo.svg Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2603:1016:1400::10 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 01fcc92e6ecdf91eaa60cd3472fa1deefbe9865c0e80d905a34a35eff9ddc556 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://bpaccsnzuatb2c.b2clogin.com/bpaccsnzuatb2c.onmicrosoft.com/b2c_1_local_susi_bpac_aad_sso/oauth2/v2.0/authorize?client_id=bc6411c9-adf0-4c0b-ba4f-73010688a08f&redirect_uri=https%3A%2F%2Fcp-uat.apps.nz.bpac-dev.net%2Fauth-callback&response_type=code&scope=openid+https%3A%2F%2Fbpaccsnzuatb2c.onmicrosoft.com%2Fsmartcare%2Fanalytics.read&state=8e0bc98bdc8e4bb8af7dbba7d5e27013&code_challenge=NijD6W-NIxRwHvQCyaBywxpodbWzo-0AdEjDppE9Bkc&code_challenge_method=S256&response_mode=query Accept-Language en-NZ,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Strict-Transport-Security max-age=31536000; includeSubDomains Date Thu, 06 Jun 2024 10:26:23 GMT X-Content-Type-Options nosniff Last-Modified Wed, 29 May 2024 10:06:50 GMT ETag "09923ecafb1da1:0" Access-Control-Max-Age 3600 Access-Control-Allow-Methods GET, OPTIONS Content-Type image/svg+xml Access-Control-Allow-Origin * X-Frame-Options DENY Accept-Ranges bytes Content-Length 849 X-XSS-Protection 1; mode=block
GET H2	200	bootstrap.min.css ajax.aspnetcdn.com/ajax/bootstrap/3.3.5/css/	120 KB 27 KB	271ms 66ms	Stylesheet text/css	117.18.232.200 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://ajax.aspnetcdn.com/ajax/bootstrap/3.3.5/css/bootstrap.min.css Requested by Host: bpaccsnzuatb2c.b2clogin.com URL: https://bpaccsnzuatb2c.b2clogin.com/bpaccsnzuatb2c.onmicrosoft.com/b2c_1_local_susi_bpac_aad_sso/oauth2/v2.0/authorize?client_id=bc6411c9-adf0-4c0b-ba4f-73010688a08f&redirect_uri=https%3A%2F%2Fcp-uat.apps.nz.bpac-dev.net%2Fauth-callback&response_type=code&scope=openid+https%3A%2F%2Fbpaccsnzuatb2c.onmicrosoft.com%2Fsmartcare%2Fanalytics.read&state=8e0bc98bdc8e4bb8af7dbba7d5e27013&code_challenge=NijD6W-NIxRwHvQCyaBywxpodbWzo-0AdEjDppE9Bkc&code_challenge_method=S256&response_mode=query Protocol H2 Security TLS 1.3, , AES_256_GCM Server 117.18.232.200 , Australia, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (nwa/E7B3) / Resource Hash 31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://bpaccsnzuatb2c.b2clogin.com/ Accept-Language en-NZ,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 06 Jun 2024 10:26:23 GMT content-encoding gzip x-content-type-options nosniff age 6283798 x-cache HIT content-length 27825 x-xss-protection 1; mode=block last-modified Mon, 31 Oct 2016 23:10:15 GMT server ECAcc (nwa/E7B3) etag "cab57ff0cb33d21:0" vary Accept-Encoding content-type text/css access-control-allow-origin * cache-control public,max-age=31536000 accept-ranges bytes timing-allow-origin *
GET H/1.1	200 OK	segoeui.WOFF bpaccsnzuatb2c.b2clogin.com/static/tenant/templates/fonts/	399 KB 400 KB	179ms 106ms	Font font/x-woff	2603:1016:1400::10 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bpaccsnzuatb2c.b2clogin.com/static/tenant/templates/fonts/segoeui.WOFF Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2603:1016:1400::10 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash b6042231476473cd446768f85add8d8d63162d88cd5113a7d6c2398a0406320c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://bpaccsnzuatb2c.b2clogin.com/bpaccsnzuatb2c.onmicrosoft.com/b2c_1_local_susi_bpac_aad_sso/oauth2/v2.0/authorize?client_id=bc6411c9-adf0-4c0b-ba4f-73010688a08f&redirect_uri=https%3A%2F%2Fcp-uat.apps.nz.bpac-dev.net%2Fauth-callback&response_type=code&scope=openid+https%3A%2F%2Fbpaccsnzuatb2c.onmicrosoft.com%2Fsmartcare%2Fanalytics.read&state=8e0bc98bdc8e4bb8af7dbba7d5e27013&code_challenge=NijD6W-NIxRwHvQCyaBywxpodbWzo-0AdEjDppE9Bkc&code_challenge_method=S256&response_mode=query Origin https://bpaccsnzuatb2c.b2clogin.com Accept-Language en-NZ,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Strict-Transport-Security max-age=31536000; includeSubDomains Date Thu, 06 Jun 2024 10:26:22 GMT X-Content-Type-Options nosniff Last-Modified Wed, 29 May 2024 10:06:50 GMT ETag "09923ecafb1da1:0" Access-Control-Max-Age 3600 Access-Control-Allow-Methods GET, OPTIONS Content-Type font/x-woff Access-Control-Allow-Origin * X-Frame-Options DENY Accept-Ranges bytes Content-Length 408688 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	segoeui_bold.WOFF bpaccsnzuatb2c.b2clogin.com/static/tenant/templates/fonts/	389 KB 389 KB	314ms 129ms	Font font/x-woff	2603:1016:1400::10 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bpaccsnzuatb2c.b2clogin.com/static/tenant/templates/fonts/segoeui_bold.WOFF Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2603:1016:1400::10 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 01fd91e1d22f75cf9af8f478b0edb0f78d52c9069e9d7e6b566b4d44d76f86ba Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://bpaccsnzuatb2c.b2clogin.com/bpaccsnzuatb2c.onmicrosoft.com/b2c_1_local_susi_bpac_aad_sso/oauth2/v2.0/authorize?client_id=bc6411c9-adf0-4c0b-ba4f-73010688a08f&redirect_uri=https%3A%2F%2Fcp-uat.apps.nz.bpac-dev.net%2Fauth-callback&response_type=code&scope=openid+https%3A%2F%2Fbpaccsnzuatb2c.onmicrosoft.com%2Fsmartcare%2Fanalytics.read&state=8e0bc98bdc8e4bb8af7dbba7d5e27013&code_challenge=NijD6W-NIxRwHvQCyaBywxpodbWzo-0AdEjDppE9Bkc&code_challenge_method=S256&response_mode=query Origin https://bpaccsnzuatb2c.b2clogin.com Accept-Language en-NZ,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Strict-Transport-Security max-age=31536000; includeSubDomains Date Thu, 06 Jun 2024 10:26:22 GMT X-Content-Type-Options nosniff Last-Modified Wed, 29 May 2024 10:06:50 GMT ETag "09923ecafb1da1:0" Access-Control-Max-Age 3600 Access-Control-Allow-Methods GET, OPTIONS Content-Type font/x-woff Access-Control-Allow-Origin * X-Frame-Options DENY Accept-Ranges bytes Content-Length 398176 X-XSS-Protection 1; mode=block
POST H/1.1	200 OK	perftrace Show response bpaccsnzuatb2c.b2clogin.com/bpaccsnzuatb2c.onmicrosoft.com/B2C_1_LOCAL_SUSI_BPAC_AAD_SSO/client/	0 447 B	369ms 158ms	XHR text/plain	2603:1016:1400::10 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bpaccsnzuatb2c.b2clogin.com/bpaccsnzuatb2c.onmicrosoft.com/B2C_1_LOCAL_SUSI_BPAC_AAD_SSO/client/perftrace?tx=StateProperties=eyJUSUQiOiJmMmQwMDljOC1iMzg4LTRkNGItOGRmNi1kZWQyYWNmY2MzZDQifQ&p=B2C_1_LOCAL_SUSI_BPAC_AAD_SSO Requested by Host: bpaccsnzuatb2c.b2clogin.com URL: https://bpaccsnzuatb2c.b2clogin.com/bpaccsnzuatb2c.onmicrosoft.com/b2c_1_local_susi_bpac_aad_sso/oauth2/v2.0/authorize?client_id=bc6411c9-adf0-4c0b-ba4f-73010688a08f&redirect_uri=https%3A%2F%2Fcp-uat.apps.nz.bpac-dev.net%2Fauth-callback&response_type=code&scope=openid+https%3A%2F%2Fbpaccsnzuatb2c.onmicrosoft.com%2Fsmartcare%2Fanalytics.read&state=8e0bc98bdc8e4bb8af7dbba7d5e27013&code_challenge=NijD6W-NIxRwHvQCyaBywxpodbWzo-0AdEjDppE9Bkc&code_challenge_method=S256&response_mode=query Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2603:1016:1400::10 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" X-CSRF-TOKEN a2FmVTV0NkRTNy95RDgvcndWT1I2S29WS01pU0J3WllZT04zMGI5MExmRmdLNjRTNEtoVEc4UWFHcnpYenhhNUZNMHlObEZFQlMxYXN0WHdJamFSbXc9PTsyMDI0LTA2LTA2VDEwOjI2OjIyLjU3ODg3MDZaO3FUQTBWZTBkU1QyWVk3NFhFYWpBa1E9PTt7Ik9yY2hlc3RyYXRpb25TdGVwIjoxfQ== Accept-Language en-NZ,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type application/json; charset=UTF-8 Accept application/json, text/javascript, */*; q=0.01 Referer https://bpaccsnzuatb2c.b2clogin.com/bpaccsnzuatb2c.onmicrosoft.com/b2c_1_local_susi_bpac_aad_sso/oauth2/v2.0/authorize?client_id=bc6411c9-adf0-4c0b-ba4f-73010688a08f&redirect_uri=https%3A%2F%2Fcp-uat.apps.nz.bpac-dev.net%2Fauth-callback&response_type=code&scope=openid+https%3A%2F%2Fbpaccsnzuatb2c.onmicrosoft.com%2Fsmartcare%2Fanalytics.read&state=8e0bc98bdc8e4bb8af7dbba7d5e27013&code_challenge=NijD6W-NIxRwHvQCyaBywxpodbWzo-0AdEjDppE9Bkc&code_challenge_method=S256&response_mode=query X-Requested-With XMLHttpRequest sec-ch-ua-platform "Win32" Response headers Strict-Transport-Security max-age=31536000; includeSubDomains Date Thu, 06 Jun 2024 10:26:23 GMT X-Content-Type-Options nosniff Allow OPTIONS, TRACE, GET, HEAD, POST X-Frame-Options DENY Public OPTIONS,TRACE,GET,HEAD,POST Cache-Control no-store, must-revalidate, no-cache x-ms-gateway-requestid 0e9c70d9-2cf7-49f7-a76b-6f30615a04e2 Content-Length 0 X-XSS-Protection 1; mode=block

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| CP object| SA_FIELDS object| CONTENT object| SETTINGS string| staticHost string| targetSlice string| targetDc number| initializationTimeout boolean| diagsAlways number| maxTrace function| sanitizeHtml function| PageLoadTime function| _isFunction function| _mapObject function| _getPerformanceObjectData function| HelperFunctions function| $trace object| $diags object| $santizer object| preloadCssLink object| $i2e object| $predicateValidation object| $element function| checkCssPreloaded function| preloadJavaScript object| $cors function| applyTenantBranding function| sendPageLoadTime function| $ function| jQuery boolean| pageReady object| Handlebars boolean| contentReady

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.bpaccsnzuatb2c.b2clogin.com/	1969-12-31 23:59:59	Name: x-ms-cpim-sso:bpaccsnzuatb2c.onmicrosoft.com_0 Value: m1.qQC/NzbcyuDbUbbQ.VfkjohPZUPVFwcWkyG2dBA==.0.a3w1rpaxERHVPVL5MAznT95+jcCpqAiDPpCdMC5gcUYbrj4cEkdCiHEd1SbVVlK2/UqwETxTRPIv+f2aDBQJ/xjlkHC7QnVwmNJeUpS2RZ63yeXtC0gvPmDeMJetOcW62wDmzodKZi/kmuHa8TiflG0wnPcvTGuU63GBJ2TlkpY39mdv8TaCqCoLrHxIEjiAbfgS9eYD2hQGYhoT4C0rqqofB/uekzLv5WaExdYvaQiiTK3cbc9VOMGy4j17P/yVmpY25knANgP/AuDfxnqlZU0H7J2eM30qp6lJ7r07FbjCw1xneewKAVlzfxzOHVc9V+PJR47XkXH23CD3CGiWxTbtLPshzqLEGAeyFwM=
			.bpaccsnzuatb2c.b2clogin.com/	1969-12-31 23:59:59	Name: x-ms-cpim-csrf Value: a2FmVTV0NkRTNy95RDgvcndWT1I2S29WS01pU0J3WllZT04zMGI5MExmRmdLNjRTNEtoVEc4UWFHcnpYenhhNUZNMHlObEZFQlMxYXN0WHdJamFSbXc9PTsyMDI0LTA2LTA2VDEwOjI2OjIyLjU3ODg3MDZaO3FUQTBWZTBkU1QyWVk3NFhFYWpBa1E9PTt7Ik9yY2hlc3RyYXRpb25TdGVwIjoxfQ==
			.bpaccsnzuatb2c.b2clogin.com/	1969-12-31 23:59:59	Name: x-ms-cpim-cache|yanq8oizs02n9t7srpzd1a_0 Value: m1.4JiY+ZottHqt6Ssj.OpYt2WoBXvqVWGHeJEqurA==.0.IQwOW12/zWfm3LnENjhomx+ng2xSEiiw47fGwvnJ1KFck86+Ng8XWzhjgW7yPeWQ6+0924X/wxW/mf2jDyb+tKHz6t4aCf9mzU/ji/FvKw3JiB919OUfoZcEwEnQUavlMCUegCnnuZYkcyfr9CbhM8oqv1+hlzJg1MJGaDEvz3RmZBjb/mnyywSMTLKPGg9RQIXy7W7NYBk0oX8pxIYwIqLbAKZgiMIc/DiR9N1FXxFs5kC6yKgXsCMptW4ZRQd4EvCp79/ve0zXihv1bZoONSs46DlEDxzzh8xJOmHQkAdozrq3aPGBqHzKvLyDg2m2DNgMupWEft28JD8dGqXv3uvpfT7i0RmPKXWlTAuyyhO800mzAXlbvt6zxusvwIfc5dwyXTEqupd3CFm8O1d5a4efK6fFC+R6gMjc7npfuPpH1BEHVUF06Ek/gr0dEB3+hyiaQZdXi5QEuSaqtL93hTeFE6eYqZQf9voj8j7FOgcUrF4q2tW7US2f61lkNhiLo0CpCmfyUMyL1pIM7YOTUupqFNNCyxGiumStKsLxs7WzoOxnYWhLAiPKjq4vtRN/9HQypH32XUcl7pHpnWZ/edDGfqf8HUl2uYegqTUQb4HH8dhOo0TR/GkZCoBWcOhlQASwjWCa/M5IfjTBuXSw9diXTTX6SsaC1iA9dpYuku0dB6ysLNYcb4P/5XYF4efkEif8gTIV/1f8m0F6u+GFnJyPqRXd16HmoHZI2TyKXidRx5xC9HC1Ha4SGKINZnSPo42aZKYzdJY56ohmunp3+JRbuKDHKr1XKnBEf9rZv5yD2/+7c2J9QSizp45slTbYvS8A2Q2iqeypqxs/U5cIUd2fa1iuymksFXP/sEX471vCJ9qSrFLB60Mkbrs0dirvyZuf+MFUGNMmP3Slf0c+J0gzX2bHOxnfRtwP8pvKcZ7SdFQO0m5dRqrsGM+urSJCdQwbMZ78Ok2RvyAvhZVc95Sr/H5fIF39yV13V0Y8i4+esXp3yJ9KUG34YU8scPpRSMFJd+hqLhlFKeAxQydxpFE5R47elk27pdL89QHme1SuHZ/hgu6TGepFSkAAOs3KU+SMQ55leRpiwNzEDVZvHtxHTclHmDE4yEuqiPoTfWzgS/JP4zXEu+Z1HafUdEtigQvxGLvWdXUICAHezTDCiRpkcsMQhWoDfkjZqXAfsymoyRR85OpwNkyQg4guKe9QKSHl5gllvdvPSVxsgadmbry4JY0UmHDRE6fFXsrHcmuv
			.bpaccsnzuatb2c.b2clogin.com/	1969-12-31 23:59:59	Name: x-ms-cpim-trans Value: eyJUX0RJQyI6W3siSSI6ImYyZDAwOWM4LWIzODgtNGQ0Yi04ZGY2LWRlZDJhY2ZjYzNkNCIsIlQiOiJicGFjY3NuenVhdGIyYy5vbm1pY3Jvc29mdC5jb20iLCJQIjoiYjJjXzFfbG9jYWxfc3VzaV9icGFjX2FhZF9zc28iLCJDIjoiYmM2NDExYzktYWRmMC00YzBiLWJhNGYtNzMwMTA2ODhhMDhmIiwiUyI6MSwiTSI6e30sIkQiOjAsIkUiOiIifV0sIkNfSUQiOiJmMmQwMDljOC1iMzg4LTRkNGItOGRmNi1kZWQyYWNmY2MzZDQifQ==

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://bpaccsnzuatb2c.b2clogin.com/bpaccsnzuatb2c.onmicrosoft.com/b2c_1_local_susi_bpac_aad_sso/oauth2/v2.0/authorize?client_id=bc6411c9-adf0-4c0b-ba4f-73010688a08f&redirect_uri=https%3A%2F%2Fcp-uat.apps.nz.bpac-dev.net%2Fauth-callback&response_type=code&scope=openid+https%3A%2F%2Fbpaccsnzuatb2c.onmicrosoft.com%2Fsmartcare%2Fanalytics.read&state=8e0bc98bdc8e4bb8af7dbba7d5e27013&code_challenge=NijD6W-NIxRwHvQCyaBywxpodbWzo-0AdEjDppE9Bkc&code_challenge_method=S256&response_mode=query Message: [DOM] Input elements should have autocomplete attributes (suggested: "username"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.aspnetcdn.com
bpaccsnzuatb2c.b2clogin.com
cp-uat.apps.nz.bpac-dev.net
fonts.gstatic.com
117.18.232.200
2404:6800:4006:810::2003
2603:1016:1400::10
2603:1016:1400::e
2620:1ec:bdf::31
01fcc92e6ecdf91eaa60cd3472fa1deefbe9865c0e80d905a34a35eff9ddc556
01fd91e1d22f75cf9af8f478b0edb0f78d52c9069e9d7e6b566b4d44d76f86ba
0206f978665dd243a91560e07aefbdd0fffc1abbd3101c8410ba5777af4b8ed3
16fd1b44d68cc94ea4f5b87e2c2dd33839dba705b243d1834c6def1e8741792e
17fdf4ad72944963658c41f9bb9543efc2daad5ae5a70ef725af54eb08aaadc3
31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87
43dad0a59e6e239db43c68b4b024b1b789d95305149673cb959cc3531c26d325
589eda31ef565efc927a26e6b106af8be1db06732e634d1c6ce540eb820913b5
7d437f49c77dbb0b91300036c9f74528aee819efe92520ec49e93862e63c3eeb
839660044af8616438ea4f12446f2f05034459ddf15ca6e8815944b1e7f58784
91c01ec0de315f973f4c00041b7ae25e1a790cedff79a6fbb56c571bba379142
b6042231476473cd446768f85add8d8d63162d88cd5113a7d6c2398a0406320c
bee93668e1fb5d23101a51f18da55daea35a400feac9e0174170efd0cf3e6293
bfe0a0ab335acbdb5260b362a44cf0375b8217211692d44a049a7e7da08097b2
cb18392735c3657da7cc888504a2da57d21827d3555543ca91bcf83e535c332b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9f5668abc4e4a3ccde8aff0e09a7fc1378e646d5df93972cba7036fad2ff4ec