urlscan.io logo urlscan.io
SecurityTrails logo

login.microsoftonline.com Open in urlscan Pro
2603:1037:1:148::e  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://rivcoitprod.service-now.com/auth_redirect.do?sysparm_stack=no&sysparm_url=https%3A%2F%2Flogin.windows.net%2Fd7f03410-e0a8-41...
Effective URL: https://login.microsoftonline.com/d7f03410-e0a8-4159-b300-54980ef605d0/saml2?SAMLRequest=lVJdb5swFP0ryO8GG8JCrBApTVQtUtuhJuvD3hz7k...
Submission: On September 27 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 4 domains to perform 30 HTTP transactions. The main IP is 2603:1037:1:148::e, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.microsoftonline.com. The Cisco Umbrella rank of the primary domain is 28.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on September 4th 2023. Valid for: a year.
This is the only time login.microsoftonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
18 149.96.45.142 16839 (SNC)
1 1 2603:1036:300... 8075 (MICROSOFT...)
1 2603:1037:1:1... 8075 (MICROSOFT...)
11 2620:1ec:48:1... 8075 (MICROSOFT...)
30 3
Apex Domain
Subdomains		 Transfer
18 service-now.com
rivcoitprod.service-now.com
722 KB
11 msauth.net
aadcdn.msauth.net — Cisco Umbrella Rank: 2466
198 KB
1 microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 28
10 KB
1 windows.net
login.windows.net — Cisco Umbrella Rank: 2302
914 B
30 4
Domain Requested by
18 rivcoitprod.service-now.com rivcoitprod.service-now.com
11 aadcdn.msauth.net login.microsoftonline.com
aadcdn.msauth.net
1 login.microsoftonline.com rivcoitprod.service-now.com
1 login.windows.net 1 redirects
30 4

This site contains links to these domains. Also see Links.

Domain
www.microsoft.com
privacy.microsoft.com
Subject Issuer Validity Valid
*.service-now.com
Entrust Certification Authority - L1K		 2023-06-26 -
2024-04-12		 10 months crt.sh
stamp2.login.microsoftonline.com
DigiCert SHA2 Secure Server CA		 2023-09-04 -
2024-09-04		 a year crt.sh
aadcdn.msauth.net
DigiCert SHA2 Secure Server CA		 2023-07-29 -
2024-07-29		 a year crt.sh

This page contains 1 frames:

Primary Page: https://login.microsoftonline.com/d7f03410-e0a8-4159-b300-54980ef605d0/saml2?SAMLRequest=lVJdb5swFP0ryO8GG8JCrBApTVQtUtuhJuvD3hz7kloCm%2Foasv37UZKp3cOq7tX3nHs%2Brpco2ybtxLoPz%2FYRXnrAEP1sG4viMilJ761wEg0KK1tAEZTYr%2B%2FvRBoz0XkXnHINidaI4INxduMs9i34PfjBKPj%2BeFeS5xA6FEnizaCcCSNLx3i
Frame ID: 883657D099E66154E4BE04A96BD8384D
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign in to your account

Page URL History Show full URLs

  1. https://rivcoitprod.service-now.com/auth_redirect.do?sysparm_stack=no&sysparm_url=https%3A%2F%2Flogin.windows.ne... Page URL
  2. https://login.windows.net/d7f03410-e0a8-4159-b300-54980ef605d0/saml2?SAMLRequest=lVJdb5swFP0ryO8GG8JCr... HTTP 302
    https://login.microsoftonline.com/d7f03410-e0a8-4159-b300-54980ef605d0/saml2?SAMLRequest=lVJdb5swFP0ryO8GG8JCr... Page URL

Page Statistics

30
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

3
IPs

1
Countries

930 kB
Transfer

3688 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://rivcoitprod.service-now.com/auth_redirect.do?sysparm_stack=no&sysparm_url=https%3A%2F%2Flogin.windows.net%2Fd7f03410-e0a8-4159-b300-54980ef605d0%2Fsaml2%3FSAMLRequest%3DlVJdb5swFP0ryO8GG8JCrBApTVQtUtuhJuvD3hz7kloCm%252Foasv37UZKp3cOq7tX3nHs%252Brpco2ybtxLoPz%252FYRXnrAEP1sG4viMilJ761wEg0KK1tAEZTYr%252B%252FvRBoz0XkXnHINidaI4INxduMs9i34PfjBKPj%252BeFeS5xA6FEnizaCcCSNLx3i Page URL
  2. https://login.windows.net/d7f03410-e0a8-4159-b300-54980ef605d0/saml2?SAMLRequest=lVJdb5swFP0ryO8GG8JCrBApTVQtUtuhJuvD3hz7kloCm%2Foasv37UZKp3cOq7tX3nHs%2Brpco2ybtxLoPz%2FYRXnrAEP1sG4viMilJ761wEg0KK1tAEZTYr%2B%2FvRBoz0XkXnHINidaI4INxduMs9i34PfjBKPj%2BeFeS5xA6FEnizaCcCSNLx3i HTTP 302
    https://login.microsoftonline.com/d7f03410-e0a8-4159-b300-54980ef605d0/saml2?SAMLRequest=lVJdb5swFP0ryO8GG8JCrBApTVQtUtuhJuvD3hz7kloCm%2Foasv37UZKp3cOq7tX3nHs%2Brpco2ybtxLoPz%2FYRXnrAEP1sG4viMilJ761wEg0KK1tAEZTYr%2B%2FvRBoz0XkXnHINidaI4INxduMs9i34PfjBKPj%2BeFeS5xA6FEnizaCcCSNLx3i Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
auth_redirect.do
rivcoitprod.service-now.com/ 		32 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rivcoitprod.service-now.com/auth_redirect.do?sysparm_stack=no&sysparm_url=https%3A%2F%2Flogin.windows.net%2Fd7f03410-e0a8-4159-b300-54980ef605d0%2Fsaml2%3FSAMLRequest%3DlVJdb5swFP0ryO8GG8JCrBApTVQtUtuhJuvD3hz7kloCm%252Foasv37UZKp3cOq7tX3nHs%252Brpco2ybtxLoPz%252FYRXnrAEP1sG4viMilJ761wEg0KK1tAEZTYr%252B%252FvRBoz0XkXnHINidaI4INxduMs9i34PfjBKPj%252BeFeS5xA6FEnizaCcCSNLx3i
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.96.45.142 , United States, ASN16839 (SNC, US),
Reverse DNS
vip-149-96-45-142.cust.service-now.com
Software
snow_adc /
Resource Hash
74c78b49d252d48b60608a1519326d8b7026164132c982d7c188610e6ce5dfaf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache,no-store,must-revalidate,max-age=-1
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8
Date
Wed, 27 Sep 2023 04:35:57 GMT
Expires
0
Pragma
no-store,no-cache
Referrer-Policy
same-origin
Server
snow_adc
Server-Timing
sem_wait;dur=0, sesh_wait;dur=0
Strict-Transport-Security
max-age=63072000; includeSubDomains
Transfer-Encoding
chunked
X-Frame-Options
SAMEORIGIN
X-Is-Logged-In
false
X-Transaction-ID
9b1346111bed
loader.jsdbx
rivcoitprod.service-now.com/uxasset/externals/service-worker/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rivcoitprod.service-now.com/uxasset/externals/service-worker/loader.jsdbx?uxpcb=1695465335315&sysparm_substitute=false
Requested by
Host: rivcoitprod.service-now.com
URL: https://rivcoitprod.service-now.com/auth_redirect.do?sysparm_stack=no&sysparm_url=https%3A%2F%2Flogin.windows.net%2Fd7f03410-e0a8-4159-b300-54980ef605d0%2Fsaml2%3FSAMLRequest%3DlVJdb5swFP0ryO8GG8JCrBApTVQtUtuhJuvD3hz7kloCm%252Foasv37UZKp3cOq7tX3nHs%252Brpco2ybtxLoPz%252FYRXnrAEP1sG4viMilJ761wEg0KK1tAEZTYr%252B%252FvRBoz0XkXnHINidaI4INxduMs9i34PfjBKPj%252BeFeS5xA6FEnizaCcCSNLx3i
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.96.45.142 , United States, ASN16839 (SNC, US),
Reverse DNS
vip-149-96-45-142.cust.service-now.com
Software
snow_adc /
Resource Hash
c9183806acf5d348d36088ab511f7ef0553a8c1ef5cf66415b13f7a0956c429d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rivcoitprod.service-now.com/auth_redirect.do?sysparm_stack=no&sysparm_url=https%3A%2F%2Flogin.windows.net%2Fd7f03410-e0a8-4159-b300-54980ef605d0%2Fsaml2%3FSAMLRequest%3DlVJdb5swFP0ryO8GG8JCrBApTVQtUtuhJuvD3hz7kloCm%252Foasv37UZKp3cOq7tX3nHs%252Brpco2ybtxLoPz%252FYRXnrAEP1sG4viMilJ761wEg0KK1tAEZTYr%252B%252FvRBoz0XkXnHINidaI4INxduMs9i34PfjBKPj%252BeFeS5xA6FEnizaCcCSNLx3i
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date
Wed, 27 Sep 2023 04:35:58 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=63072000; includeSubDomains
Last-Modified
Sat, 23 Sep 2023 10:36:21 GMT
Server
snow_adc
Cross-Origin-Embedder-Policy
require-corp
Content-Type
text/javascript;charset=UTF-8
Cache-Control
public
x-edge-enc-proxy-static
true
Connection
keep-alive
Content-Length
1502
Expires
Mon, 30 Sep 2024 04:35:58 GMT
ConditionalFocus.jsdbx
rivcoitprod.service-now.com/ 		376 B
762 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rivcoitprod.service-now.com/ConditionalFocus.jsdbx?v=08-01-2023_1829&c=28_773
Requested by
Host: rivcoitprod.service-now.com
URL: https://rivcoitprod.service-now.com/auth_redirect.do?sysparm_stack=no&sysparm_url=https%3A%2F%2Flogin.windows.net%2Fd7f03410-e0a8-4159-b300-54980ef605d0%2Fsaml2%3FSAMLRequest%3DlVJdb5swFP0ryO8GG8JCrBApTVQtUtuhJuvD3hz7kloCm%252Foasv37UZKp3cOq7tX3nHs%252Brpco2ybtxLoPz%252FYRXnrAEP1sG4viMilJ761wEg0KK1tAEZTYr%252B%252FvRBoz0XkXnHINidaI4INxduMs9i34PfjBKPj%252BeFeS5xA6FEnizaCcCSNLx3i
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.96.45.142 , United States, ASN16839 (SNC, US),
Reverse DNS
vip-149-96-45-142.cust.service-now.com
Software
snow_adc /
Resource Hash
35a86319d80b941df7db498279450d00c7aaff7f890b8c0779a8536a2a51ebef
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rivcoitprod.service-now.com/auth_redirect.do?sysparm_stack=no&sysparm_url=https%3A%2F%2Flogin.windows.net%2Fd7f03410-e0a8-4159-b300-54980ef605d0%2Fsaml2%3FSAMLRequest%3DlVJdb5swFP0ryO8GG8JCrBApTVQtUtuhJuvD3hz7kloCm%252Foasv37UZKp3cOq7tX3nHs%252Brpco2ybtxLoPz%252FYRXnrAEP1sG4viMilJ761wEg0KK1tAEZTYr%252B%252FvRBoz0XkXnHINidaI4INxduMs9i34PfjBKPj%252BeFeS5xA6FEnizaCcCSNLx3i
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date
Wed, 27 Sep 2023 04:35:58 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=63072000; includeSubDomains
Last-Modified
Tue, 17 Sep 2019 10:30:50 GMT
Server
snow_adc
Cross-Origin-Embedder-Policy
require-corp
Content-Type
text/javascript;charset=UTF-8
Cache-Control
public
x-edge-enc-proxy-static
true
Connection
keep-alive
Content-Length
211
Expires
Mon, 30 Sep 2024 04:35:58 GMT
css_includes_doctype_polaris.cssx
rivcoitprod.service-now.com/styles/ 		161 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rivcoitprod.service-now.com/styles/css_includes_doctype_polaris.cssx?v=08-01-2023_1829&c=c97f6a001b213110fe4cca2b234bcb47&theme=Polaris
Requested by
Host: rivcoitprod.service-now.com
URL: https://rivcoitprod.service-now.com/auth_redirect.do?sysparm_stack=no&sysparm_url=https%3A%2F%2Flogin.windows.net%2Fd7f03410-e0a8-4159-b300-54980ef605d0%2Fsaml2%3FSAMLRequest%3DlVJdb5swFP0ryO8GG8JCrBApTVQtUtuhJuvD3hz7kloCm%252Foasv37UZKp3cOq7tX3nHs%252Brpco2ybtxLoPz%252FYRXnrAEP1sG4viMilJ761wEg0KK1tAEZTYr%252B%252FvRBoz0XkXnHINidaI4INxduMs9i34PfjBKPj%252BeFeS5xA6FEnizaCcCSNLx3i
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.96.45.142 , United States, ASN16839 (SNC, US),
Reverse DNS
vip-149-96-45-142.cust.service-now.com
Software
snow_adc /
Resource Hash
10a0542a06e8ebef6554b1093f1597f08e86ad90b80f6540f45c51b0026b6039
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rivcoitprod.service-now.com/auth_redirect.do?sysparm_stack=no&sysparm_url=https%3A%2F%2Flogin.windows.net%2Fd7f03410-e0a8-4159-b300-54980ef605d0%2Fsaml2%3FSAMLRequest%3DlVJdb5swFP0ryO8GG8JCrBApTVQtUtuhJuvD3hz7kloCm%252Foasv37UZKp3cOq7tX3nHs%252Brpco2ybtxLoPz%252FYRXnrAEP1sG4viMilJ761wEg0KK1tAEZTYr%252B%252FvRBoz0XkXnHINidaI4INxduMs9i34PfjBKPj%252BeFeS5xA6FEnizaCcCSNLx3i
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date
Wed, 27 Sep 2023 04:35:58 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=63072000; includeSubDomains
Last-Modified
Wed, 02 Aug 2023 01:34:46 GMT
Server
snow_adc
Cross-Origin-Embedder-Policy
require-corp
Transfer-Encoding
chunked
Content-Type
text/css;charset=UTF-8
Cache-Control
public
x-edge-enc-proxy-static
true
Connection
keep-alive
Expires
Mon, 30 Sep 2024 04:35:57 GMT
css_includes_polarisberg.cssx
rivcoitprod.service-now.com/styles/polarisberg/ 		466 KB
64 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rivcoitprod.service-now.com/styles/polarisberg/css_includes_polarisberg.cssx?v=08-01-2023_1829&c=c97f6a001b213110fe4cca2b234bcb47&theme=Polaris
Requested by
Host: rivcoitprod.service-now.com
URL: https://rivcoitprod.service-now.com/auth_redirect.do?sysparm_stack=no&sysparm_url=https%3A%2F%2Flogin.windows.net%2Fd7f03410-e0a8-4159-b300-54980ef605d0%2Fsaml2%3FSAMLRequest%3DlVJdb5swFP0ryO8GG8JCrBApTVQtUtuhJuvD3hz7kloCm%252Foasv37UZKp3cOq7tX3nHs%252Brpco2ybtxLoPz%252FYRXnrAEP1sG4viMilJ761wEg0KK1tAEZTYr%252B%252FvRBoz0XkXnHINidaI4INxduMs9i34PfjBKPj%252BeFeS5xA6FEnizaCcCSNLx3i
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.96.45.142 , United States, ASN16839 (SNC, US),
Reverse DNS
vip-149-96-45-142.cust.service-now.com
Software
snow_adc /
Resource Hash
f062eb384d1ecc7de1efe9f3ec5bf612c88a414f7906d8f24075e7911811c86f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rivcoitprod.service-now.com/auth_redirect.do?sysparm_stack=no&sysparm_url=https%3A%2F%2Flogin.windows.net%2Fd7f03410-e0a8-4159-b300-54980ef605d0%2Fsaml2%3FSAMLRequest%3DlVJdb5swFP0ryO8GG8JCrBApTVQtUtuhJuvD3hz7kloCm%252Foasv37UZKp3cOq7tX3nHs%252Brpco2ybtxLoPz%252FYRXnrAEP1sG4viMilJ761wEg0KK1tAEZTYr%252B%252FvRBoz0XkXnHINidaI4INxduMs9i34PfjBKPj%252BeFeS5xA6FEnizaCcCSNLx3i
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date
Wed, 27 Sep 2023 04:35:58 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=63072000; includeSubDomains
Last-Modified
Wed, 02 Aug 2023 01:34:46 GMT
Server
snow_adc
Cross-Origin-Embedder-Policy
require-corp
Transfer-Encoding
chunked
Content-Type
text/css;charset=UTF-8
Cache-Control
public
x-edge-enc-proxy-static
true
Connection
keep-alive
Expires
Mon, 30 Sep 2024 04:35:58 GMT
polarisberg_theme_variables.do
rivcoitprod.service-now.com/ 		105 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rivcoitprod.service-now.com/polarisberg_theme_variables.do?c=XAsw%2B9ipP19WCtmEfPGMqfbvFXI%3D&exclude_dark=true
Requested by
Host: rivcoitprod.service-now.com
URL: https://rivcoitprod.service-now.com/auth_redirect.do?sysparm_stack=no&sysparm_url=https%3A%2F%2Flogin.windows.net%2Fd7f03410-e0a8-4159-b300-54980ef605d0%2Fsaml2%3FSAMLRequest%3DlVJdb5swFP0ryO8GG8JCrBApTVQtUtuhJuvD3hz7kloCm%252Foasv37UZKp3cOq7tX3nHs%252Brpco2ybtxLoPz%252FYRXnrAEP1sG4viMilJ761wEg0KK1tAEZTYr%252B%252FvRBoz0XkXnHINidaI4INxduMs9i34PfjBKPj%252BeFeS5xA6FEnizaCcCSNLx3i
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.96.45.142 , United States, ASN16839 (SNC, US),
Reverse DNS
vip-149-96-45-142.cust.service-now.com
Software
snow_adc /
Resource Hash
c3cd112e7d013c9a87f57ce1ba19389705cd92b19fc5aa8e4500246c40a07cc7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rivcoitprod.service-now.com/auth_redirect.do?sysparm_stack=no&sysparm_url=https%3A%2F%2Flogin.windows.net%2Fd7f03410-e0a8-4159-b300-54980ef605d0%2Fsaml2%3FSAMLRequest%3DlVJdb5swFP0ryO8GG8JCrBApTVQtUtuhJuvD3hz7kloCm%252Foasv37UZKp3cOq7tX3nHs%252Brpco2ybtxLoPz%252FYRXnrAEP1sG4viMilJ761wEg0KK1tAEZTYr%252B%252FvRBoz0XkXnHINidaI4INxduMs9i34PfjBKPj%252BeFeS5xA6FEnizaCcCSNLx3i
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date
Wed, 27 Sep 2023 04:35:58 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=63072000; includeSubDomains
Server
snow_adc
Transfer-Encoding
chunked
Content-Type
text/css
X-TRANSACTION-TIME
0:00:00.009
X-Transaction-ID
db1386dd1bad
Cache-Control
public
Connection
keep-alive
Server-Timing
sem_wait;dur=0, sesh_wait;dur=0
X-Is-Logged-In
false
X-TRANSACTION-TIME-MS
9
Expires
Mon, 30 Sep 2024 04:35:58 GMT
js_includes_doctype.jsx
rivcoitprod.service-now.com/scripts/doctype/ 		1 MB
335 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rivcoitprod.service-now.com/scripts/doctype/js_includes_doctype.jsx?v=08-01-2023_1829&lp=Tue_Jul_18_10_51_45_PDT_2023&c=28_773
Requested by
Host: rivcoitprod.service-now.com
URL: https://rivcoitprod.service-now.com/auth_redirect.do?sysparm_stack=no&sysparm_url=https%3A%2F%2Flogin.windows.net%2Fd7f03410-e0a8-4159-b300-54980ef605d0%2Fsaml2%3FSAMLRequest%3DlVJdb5swFP0ryO8GG8JCrBApTVQtUtuhJuvD3hz7kloCm%252Foasv37UZKp3cOq7tX3nHs%252Brpco2ybtxLoPz%252FYRXnrAEP1sG4viMilJ761wEg0KK1tAEZTYr%252B%252FvRBoz0XkXnHINidaI4INxduMs9i34PfjBKPj%252BeFeS5xA6FEnizaCcCSNLx3i
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.96.45.142 , United States, ASN16839 (SNC, US),
Reverse DNS
vip-149-96-45-142.cust.service-now.com
Software
snow_adc /
Resource Hash
c267a26af11f51c5a4e32d43a02b07f28f3e36dfe39e7dc317d33dff67ea792e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rivcoitprod.service-now.com/auth_redirect.do?sysparm_stack=no&sysparm_url=https%3A%2F%2Flogin.windows.net%2Fd7f03410-e0a8-4159-b300-54980ef605d0%2Fsaml2%3FSAMLRequest%3DlVJdb5swFP0ryO8GG8JCrBApTVQtUtuhJuvD3hz7kloCm%252Foasv37UZKp3cOq7tX3nHs%252Brpco2ybtxLoPz%252FYRXnrAEP1sG4viMilJ761wEg0KK1tAEZTYr%252B%252FvRBoz0XkXnHINidaI4INxduMs9i34PfjBKPj%252BeFeS5xA6FEnizaCcCSNLx3i
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date
Wed, 27 Sep 2023 04:35:58 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=63072000; includeSubDomains
Last-Modified
Wed, 02 Aug 2023 01:34:46 GMT
Server
snow_adc
Cross-Origin-Embedder-Policy
require-corp
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
Cache-Control
public
x-edge-enc-proxy-static
true
Connection
keep-alive
Expires
Mon, 30 Sep 2024 04:35:58 GMT
js_includes_customer.jsx
rivcoitprod.service-now.com/scripts/ 		108 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rivcoitprod.service-now.com/scripts/js_includes_customer.jsx?v=08-01-2023_1829&lp=Tue_Jul_18_10_51_45_PDT_2023&c=28_773
Requested by
Host: rivcoitprod.service-now.com
URL: https://rivcoitprod.service-now.com/auth_redirect.do?sysparm_stack=no&sysparm_url=https%3A%2F%2Flogin.windows.net%2Fd7f03410-e0a8-4159-b300-54980ef605d0%2Fsaml2%3FSAMLRequest%3DlVJdb5swFP0ryO8GG8JCrBApTVQtUtuhJuvD3hz7kloCm%252Foasv37UZKp3cOq7tX3nHs%252Brpco2ybtxLoPz%252FYRXnrAEP1sG4viMilJ761wEg0KK1tAEZTYr%252B%252FvRBoz0XkXnHINidaI4INxduMs9i34PfjBKPj%252BeFeS5xA6FEnizaCcCSNLx3i
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.96.45.142 , United States, ASN16839 (SNC, US),
Reverse DNS
vip-149-96-45-142.cust.service-now.com
Software
snow_adc /
Resource Hash
de5ab6c906db76746d8be7bb8544bff768a31b924658792a230c4aa1cc51dad5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rivcoitprod.service-now.com/auth_redirect.do?sysparm_stack=no&sysparm_url=https%3A%2F%2Flogin.windows.net%2Fd7f03410-e0a8-4159-b300-54980ef605d0%2Fsaml2%3FSAMLRequest%3DlVJdb5swFP0ryO8GG8JCrBApTVQtUtuhJuvD3hz7kloCm%252Foasv37UZKp3cOq7tX3nHs%252Brpco2ybtxLoPz%252FYRXnrAEP1sG4viMilJ761wEg0KK1tAEZTYr%252B%252FvRBoz0XkXnHINidaI4INxduMs9i34PfjBKPj%252BeFeS5xA6FEnizaCcCSNLx3i
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date
Wed, 27 Sep 2023 04:35:58 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=63072000; includeSubDomains
Last-Modified
Wed, 02 Aug 2023 01:34:46 GMT
Server
snow_adc
Cross-Origin-Embedder-Policy
require-corp
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
Cache-Control
public
x-edge-enc-proxy-static
true
Connection
keep-alive
Expires
Mon, 30 Sep 2024 04:35:58 GMT
js_includes_legacy.jsx
rivcoitprod.service-now.com/scripts/doctype/ 		64 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rivcoitprod.service-now.com/scripts/doctype/js_includes_legacy.jsx?v=08-01-2023_1829&lp=Tue_Jul_18_10_51_45_PDT_2023&c=28_773
Requested by
Host: rivcoitprod.service-now.com
URL: https://rivcoitprod.service-now.com/auth_redirect.do?sysparm_stack=no&sysparm_url=https%3A%2F%2Flogin.windows.net%2Fd7f03410-e0a8-4159-b300-54980ef605d0%2Fsaml2%3FSAMLRequest%3DlVJdb5swFP0ryO8GG8JCrBApTVQtUtuhJuvD3hz7kloCm%252Foasv37UZKp3cOq7tX3nHs%252Brpco2ybtxLoPz%252FYRXnrAEP1sG4viMilJ761wEg0KK1tAEZTYr%252B%252FvRBoz0XkXnHINidaI4INxduMs9i34PfjBKPj%252BeFeS5xA6FEnizaCcCSNLx3i
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.96.45.142 , United States, ASN16839 (SNC, US),
Reverse DNS
vip-149-96-45-142.cust.service-now.com
Software
snow_adc /
Resource Hash
bbca68dc2dc0f9ae073c15df72c4232ad8b9722c861e3946582cb8bfe37d6301
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rivcoitprod.service-now.com/auth_redirect.do?sysparm_stack=no&sysparm_url=https%3A%2F%2Flogin.windows.net%2Fd7f03410-e0a8-4159-b300-54980ef605d0%2Fsaml2%3FSAMLRequest%3DlVJdb5swFP0ryO8GG8JCrBApTVQtUtuhJuvD3hz7kloCm%252Foasv37UZKp3cOq7tX3nHs%252Brpco2ybtxLoPz%252FYRXnrAEP1sG4viMilJ761wEg0KK1tAEZTYr%252B%252FvRBoz0XkXnHINidaI4INxduMs9i34PfjBKPj%252BeFeS5xA6FEnizaCcCSNLx3i
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date
Wed, 27 Sep 2023 04:35:58 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=63072000; includeSubDomains
Last-Modified
Wed, 02 Aug 2023 01:34:46 GMT
Server
snow_adc
Cross-Origin-Embedder-Policy
require-corp
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
Cache-Control
public
x-edge-enc-proxy-static
true
Connection
keep-alive
Expires
Mon, 30 Sep 2024 04:35:58 GMT
js_guided_tours_includes.jsx
rivcoitprod.service-now.com/scripts/app.guided_tours/ 		47 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rivcoitprod.service-now.com/scripts/app.guided_tours/js_guided_tours_includes.jsx?v=08-01-2023_1829
Requested by
Host: rivcoitprod.service-now.com
URL: https://rivcoitprod.service-now.com/auth_redirect.do?sysparm_stack=no&sysparm_url=https%3A%2F%2Flogin.windows.net%2Fd7f03410-e0a8-4159-b300-54980ef605d0%2Fsaml2%3FSAMLRequest%3DlVJdb5swFP0ryO8GG8JCrBApTVQtUtuhJuvD3hz7kloCm%252Foasv37UZKp3cOq7tX3nHs%252Brpco2ybtxLoPz%252FYRXnrAEP1sG4viMilJ761wEg0KK1tAEZTYr%252B%252FvRBoz0XkXnHINidaI4INxduMs9i34PfjBKPj%252BeFeS5xA6FEnizaCcCSNLx3i
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.96.45.142 , United States, ASN16839 (SNC, US),
Reverse DNS
vip-149-96-45-142.cust.service-now.com
Software
snow_adc /
Resource Hash
2e931a26d27eedc693f8a236f1e6dd7162359688b7b35974082f6a7cc1e53fd4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rivcoitprod.service-now.com/auth_redirect.do?sysparm_stack=no&sysparm_url=https%3A%2F%2Flogin.windows.net%2Fd7f03410-e0a8-4159-b300-54980ef605d0%2Fsaml2%3FSAMLRequest%3DlVJdb5swFP0ryO8GG8JCrBApTVQtUtuhJuvD3hz7kloCm%252Foasv37UZKp3cOq7tX3nHs%252Brpco2ybtxLoPz%252FYRXnrAEP1sG4viMilJ761wEg0KK1tAEZTYr%252B%252FvRBoz0XkXnHINidaI4INxduMs9i34PfjBKPj%252BeFeS5xA6FEnizaCcCSNLx3i
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date
Wed, 27 Sep 2023 04:35:58 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=63072000; includeSubDomains
Last-Modified
Sat, 23 Sep 2023 10:36:21 GMT
Server
snow_adc
Cross-Origin-Embedder-Policy
require-corp
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
Cache-Control
public
x-edge-enc-proxy-static
true
Connection
keep-alive
Expires
Mon, 30 Sep 2024 04:35:58 GMT
js_includes_last_doctype.jsx
rivcoitprod.service-now.com/scripts/doctype/ 		247 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rivcoitprod.service-now.com/scripts/doctype/js_includes_last_doctype.jsx?v=08-01-2023_1829&lp=Tue_Jul_18_10_51_45_PDT_2023&c=28_773
Requested by
Host: rivcoitprod.service-now.com
URL: https://rivcoitprod.service-now.com/auth_redirect.do?sysparm_stack=no&sysparm_url=https%3A%2F%2Flogin.windows.net%2Fd7f03410-e0a8-4159-b300-54980ef605d0%2Fsaml2%3FSAMLRequest%3DlVJdb5swFP0ryO8GG8JCrBApTVQtUtuhJuvD3hz7kloCm%252Foasv37UZKp3cOq7tX3nHs%252Brpco2ybtxLoPz%252FYRXnrAEP1sG4viMilJ761wEg0KK1tAEZTYr%252B%252FvRBoz0XkXnHINidaI4INxduMs9i34PfjBKPj%252BeFeS5xA6FEnizaCcCSNLx3i
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.96.45.142 , United States, ASN16839 (SNC, US),
Reverse DNS
vip-149-96-45-142.cust.service-now.com
Software
snow_adc /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rivcoitprod.service-now.com/auth_redirect.do?sysparm_stack=no&sysparm_url=https%3A%2F%2Flogin.windows.net%2Fd7f03410-e0a8-4159-b300-54980ef605d0%2Fsaml2%3FSAMLRequest%3DlVJdb5swFP0ryO8GG8JCrBApTVQtUtuhJuvD3hz7kloCm%252Foasv37UZKp3cOq7tX3nHs%252Brpco2ybtxLoPz%252FYRXnrAEP1sG4viMilJ761wEg0KK1tAEZTYr%252B%252FvRBoz0XkXnHINidaI4INxduMs9i34PfjBKPj%252BeFeS5xA6FEnizaCcCSNLx3i
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date
Wed, 27 Sep 2023 04:35:58 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=63072000; includeSubDomains
Last-Modified
Wed, 02 Aug 2023 01:34:46 GMT
Server
snow_adc
Cross-Origin-Embedder-Policy
require-corp
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
Cache-Control
public
x-edge-enc-proxy-static
true
Connection
keep-alive
Expires
Mon, 30 Sep 2024 04:35:58 GMT
heisenberg_all.jsx
rivcoitprod.service-now.com/scripts/heisenberg/ 		140 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rivcoitprod.service-now.com/scripts/heisenberg/heisenberg_all.jsx?v=08-01-2023_1829
Requested by
Host: rivcoitprod.service-now.com
URL: https://rivcoitprod.service-now.com/auth_redirect.do?sysparm_stack=no&sysparm_url=https%3A%2F%2Flogin.windows.net%2Fd7f03410-e0a8-4159-b300-54980ef605d0%2Fsaml2%3FSAMLRequest%3DlVJdb5swFP0ryO8GG8JCrBApTVQtUtuhJuvD3hz7kloCm%252Foasv37UZKp3cOq7tX3nHs%252Brpco2ybtxLoPz%252FYRXnrAEP1sG4viMilJ761wEg0KK1tAEZTYr%252B%252FvRBoz0XkXnHINidaI4INxduMs9i34PfjBKPj%252BeFeS5xA6FEnizaCcCSNLx3i
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.96.45.142 , United States, ASN16839 (SNC, US),
Reverse DNS
vip-149-96-45-142.cust.service-now.com
Software
snow_adc /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rivcoitprod.service-now.com/auth_redirect.do?sysparm_stack=no&sysparm_url=https%3A%2F%2Flogin.windows.net%2Fd7f03410-e0a8-4159-b300-54980ef605d0%2Fsaml2%3FSAMLRequest%3DlVJdb5swFP0ryO8GG8JCrBApTVQtUtuhJuvD3hz7kloCm%252Foasv37UZKp3cOq7tX3nHs%252Brpco2ybtxLoPz%252FYRXnrAEP1sG4viMilJ761wEg0KK1tAEZTYr%252B%252FvRBoz0XkXnHINidaI4INxduMs9i34PfjBKPj%252BeFeS5xA6FEnizaCcCSNLx3i
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date
Wed, 27 Sep 2023 04:35:58 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=63072000; includeSubDomains
Last-Modified
Wed, 02 Aug 2023 01:34:46 GMT
Server
snow_adc
Cross-Origin-Embedder-Policy
require-corp
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
Cache-Control
public
x-edge-enc-proxy-static
true
Connection
keep-alive
Expires
Mon, 30 Sep 2024 04:35:58 GMT
js_includes_list_edit_doctype.jsx
rivcoitprod.service-now.com/scripts/ 		187 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rivcoitprod.service-now.com/scripts/js_includes_list_edit_doctype.jsx?v=08-01-2023_1829&lp=Tue_Jul_18_10_51_45_PDT_2023&c=28_773
Requested by
Host: rivcoitprod.service-now.com
URL: https://rivcoitprod.service-now.com/auth_redirect.do?sysparm_stack=no&sysparm_url=https%3A%2F%2Flogin.windows.net%2Fd7f03410-e0a8-4159-b300-54980ef605d0%2Fsaml2%3FSAMLRequest%3DlVJdb5swFP0ryO8GG8JCrBApTVQtUtuhJuvD3hz7kloCm%252Foasv37UZKp3cOq7tX3nHs%252Brpco2ybtxLoPz%252FYRXnrAEP1sG4viMilJ761wEg0KK1tAEZTYr%252B%252FvRBoz0XkXnHINidaI4INxduMs9i34PfjBKPj%252BeFeS5xA6FEnizaCcCSNLx3i
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.96.45.142 , United States, ASN16839 (SNC, US),
Reverse DNS
vip-149-96-45-142.cust.service-now.com
Software
snow_adc /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rivcoitprod.service-now.com/auth_redirect.do?sysparm_stack=no&sysparm_url=https%3A%2F%2Flogin.windows.net%2Fd7f03410-e0a8-4159-b300-54980ef605d0%2Fsaml2%3FSAMLRequest%3DlVJdb5swFP0ryO8GG8JCrBApTVQtUtuhJuvD3hz7kloCm%252Foasv37UZKp3cOq7tX3nHs%252Brpco2ybtxLoPz%252FYRXnrAEP1sG4viMilJ761wEg0KK1tAEZTYr%252B%252FvRBoz0XkXnHINidaI4INxduMs9i34PfjBKPj%252BeFeS5xA6FEnizaCcCSNLx3i
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date
Wed, 27 Sep 2023 04:35:58 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=63072000; includeSubDomains
Last-Modified
Wed, 02 Aug 2023 01:34:44 GMT
Server
snow_adc
Cross-Origin-Embedder-Policy
require-corp
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
Cache-Control
public
x-edge-enc-proxy-static
true
Connection
keep-alive
Expires
Mon, 30 Sep 2024 04:35:58 GMT
transaction_scope_includes.jsx
rivcoitprod.service-now.com/scripts/ 		1 KB
946 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rivcoitprod.service-now.com/scripts/transaction_scope_includes.jsx?v=08-01-2023_1829
Requested by
Host: rivcoitprod.service-now.com
URL: https://rivcoitprod.service-now.com/auth_redirect.do?sysparm_stack=no&sysparm_url=https%3A%2F%2Flogin.windows.net%2Fd7f03410-e0a8-4159-b300-54980ef605d0%2Fsaml2%3FSAMLRequest%3DlVJdb5swFP0ryO8GG8JCrBApTVQtUtuhJuvD3hz7kloCm%252Foasv37UZKp3cOq7tX3nHs%252Brpco2ybtxLoPz%252FYRXnrAEP1sG4viMilJ761wEg0KK1tAEZTYr%252B%252FvRBoz0XkXnHINidaI4INxduMs9i34PfjBKPj%252BeFeS5xA6FEnizaCcCSNLx3i
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.96.45.142 , United States, ASN16839 (SNC, US),
Reverse DNS
vip-149-96-45-142.cust.service-now.com
Software
snow_adc /
Resource Hash
5a82f71dc61d033dc7a9832aa2c44b7d0b25705c268d6cf6a6cbbd687fe7ab10
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rivcoitprod.service-now.com/auth_redirect.do?sysparm_stack=no&sysparm_url=https%3A%2F%2Flogin.windows.net%2Fd7f03410-e0a8-4159-b300-54980ef605d0%2Fsaml2%3FSAMLRequest%3DlVJdb5swFP0ryO8GG8JCrBApTVQtUtuhJuvD3hz7kloCm%252Foasv37UZKp3cOq7tX3nHs%252Brpco2ybtxLoPz%252FYRXnrAEP1sG4viMilJ761wEg0KK1tAEZTYr%252B%252FvRBoz0XkXnHINidaI4INxduMs9i34PfjBKPj%252BeFeS5xA6FEnizaCcCSNLx3i
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date
Wed, 27 Sep 2023 04:35:58 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=63072000; includeSubDomains
Last-Modified
Sat, 23 Sep 2023 10:36:21 GMT
Server
snow_adc
Cross-Origin-Embedder-Policy
require-corp
Content-Type
text/javascript;charset=UTF-8
Cache-Control
public
x-edge-enc-proxy-static
true
Connection
keep-alive
Content-Length
395
Expires
Mon, 30 Sep 2024 04:35:58 GMT
z_last_include.jsx
rivcoitprod.service-now.com/scripts/doctype/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rivcoitprod.service-now.com/scripts/doctype/z_last_include.jsx?v=08-01-2023_1829
Requested by
Host: rivcoitprod.service-now.com
URL: https://rivcoitprod.service-now.com/auth_redirect.do?sysparm_stack=no&sysparm_url=https%3A%2F%2Flogin.windows.net%2Fd7f03410-e0a8-4159-b300-54980ef605d0%2Fsaml2%3FSAMLRequest%3DlVJdb5swFP0ryO8GG8JCrBApTVQtUtuhJuvD3hz7kloCm%252Foasv37UZKp3cOq7tX3nHs%252Brpco2ybtxLoPz%252FYRXnrAEP1sG4viMilJ761wEg0KK1tAEZTYr%252B%252FvRBoz0XkXnHINidaI4INxduMs9i34PfjBKPj%252BeFeS5xA6FEnizaCcCSNLx3i
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.96.45.142 , United States, ASN16839 (SNC, US),
Reverse DNS
vip-149-96-45-142.cust.service-now.com
Software
snow_adc /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rivcoitprod.service-now.com/auth_redirect.do?sysparm_stack=no&sysparm_url=https%3A%2F%2Flogin.windows.net%2Fd7f03410-e0a8-4159-b300-54980ef605d0%2Fsaml2%3FSAMLRequest%3DlVJdb5swFP0ryO8GG8JCrBApTVQtUtuhJuvD3hz7kloCm%252Foasv37UZKp3cOq7tX3nHs%252Brpco2ybtxLoPz%252FYRXnrAEP1sG4viMilJ761wEg0KK1tAEZTYr%252B%252FvRBoz0XkXnHINidaI4INxduMs9i34PfjBKPj%252BeFeS5xA6FEnizaCcCSNLx3i
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date
Wed, 27 Sep 2023 04:35:58 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=63072000; includeSubDomains
Last-Modified
Wed, 02 Aug 2023 01:34:46 GMT
Server
snow_adc
Cross-Origin-Embedder-Policy
require-corp
Content-Type
text/javascript;charset=UTF-8
Cache-Control
public
x-edge-enc-proxy-static
true
Connection
keep-alive
Content-Length
568
Expires
Mon, 30 Sep 2024 04:35:58 GMT
legacy
rivcoitprod.service-now.com/api/now/ui/date_time/ 		18 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rivcoitprod.service-now.com/api/now/ui/date_time/legacy
Requested by
Host: rivcoitprod.service-now.com
URL: https://rivcoitprod.service-now.com/scripts/doctype/js_includes_doctype.jsx?v=08-01-2023_1829&lp=Tue_Jul_18_10_51_45_PDT_2023&c=28_773
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.96.45.142 , United States, ASN16839 (SNC, US),
Reverse DNS
vip-149-96-45-142.cust.service-now.com
Software
snow_adc /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Accept
application/json
Referer
https://rivcoitprod.service-now.com/auth_redirect.do?sysparm_stack=no&sysparm_url=https%3A%2F%2Flogin.windows.net%2Fd7f03410-e0a8-4159-b300-54980ef605d0%2Fsaml2%3FSAMLRequest%3DlVJdb5swFP0ryO8GG8JCrBApTVQtUtuhJuvD3hz7kloCm%252Foasv37UZKp3cOq7tX3nHs%252Brpco2ybtxLoPz%252FYRXnrAEP1sG4viMilJ761wEg0KK1tAEZTYr%252B%252FvRBoz0XkXnHINidaI4INxduMs9i34PfjBKPj%252BeFeS5xA6FEnizaCcCSNLx3i
X-UserToken
d71346111bed3910fe4cca2b234bcb5579a7cbda40db68b0d8ca4c14c677131ebc020b24
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Pragma
no-store,no-cache
Date
Wed, 27 Sep 2023 04:35:58 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=63072000; includeSubDomains
Server
snow_adc
Transfer-Encoding
chunked
Content-Type
application/json;charset=UTF-8
X-Transaction-ID
6f13cedd1bad
Cache-Control
no-cache,no-store,must-revalidate,max-age=-1
Connection
keep-alive
Server-Timing
sem_wait;dur=0, sesh_wait;dur=0
X-Is-Logged-In
false
Expires
0
now-icons.woff
rivcoitprod.service-now.com/styles/now_icons/ 		42 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rivcoitprod.service-now.com/styles/now_icons/now-icons.woff?4d56c4d57a4f0533bc994a580fb7e606
Requested by
Host: rivcoitprod.service-now.com
URL: https://rivcoitprod.service-now.com/styles/polarisberg/css_includes_polarisberg.cssx?v=08-01-2023_1829&c=c97f6a001b213110fe4cca2b234bcb47&theme=Polaris
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.96.45.142 , United States, ASN16839 (SNC, US),
Reverse DNS
vip-149-96-45-142.cust.service-now.com
Software
snow_adc /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Referer
https://rivcoitprod.service-now.com/styles/polarisberg/css_includes_polarisberg.cssx?v=08-01-2023_1829&c=c97f6a001b213110fe4cca2b234bcb47&theme=Polaris
Origin
https://rivcoitprod.service-now.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date
Wed, 27 Sep 2023 04:35:58 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=63072000; includeSubDomains
Last-Modified
Wed, 02 Aug 2023 01:34:46 GMT
Server
snow_adc
Cross-Origin-Embedder-Policy
require-corp
Transfer-Encoding
chunked
Content-Type
application/font-woff;charset=UTF-8
Cache-Control
public
x-edge-enc-proxy-static
true
Connection
keep-alive
Accept-Ranges
bytes
Expires
Mon, 30 Sep 2024 04:35:58 GMT
lato-v17-latin-ext_latin-regular.woff2
rivcoitprod.service-now.com/styles/polarisberg/fonts/lato/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rivcoitprod.service-now.com/styles/polarisberg/fonts/lato/lato-v17-latin-ext_latin-regular.woff2
Requested by
Host: rivcoitprod.service-now.com
URL: https://rivcoitprod.service-now.com/styles/polarisberg/css_includes_polarisberg.cssx?v=08-01-2023_1829&c=c97f6a001b213110fe4cca2b234bcb47&theme=Polaris
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.96.45.142 , United States, ASN16839 (SNC, US),
Reverse DNS
vip-149-96-45-142.cust.service-now.com
Software
snow_adc /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Referer
https://rivcoitprod.service-now.com/styles/polarisberg/css_includes_polarisberg.cssx?v=08-01-2023_1829&c=c97f6a001b213110fe4cca2b234bcb47&theme=Polaris
Origin
https://rivcoitprod.service-now.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date
Wed, 27 Sep 2023 04:35:58 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=63072000; includeSubDomains
Last-Modified
Wed, 02 Aug 2023 01:34:46 GMT
Server
snow_adc
Cross-Origin-Embedder-Policy
require-corp
Transfer-Encoding
chunked
Content-Type
application/octet-stream;charset=UTF-8
Cache-Control
public
x-edge-enc-proxy-static
true
Connection
keep-alive
Accept-Ranges
bytes
Expires
Mon, 30 Sep 2024 04:35:58 GMT
Primary Request saml2
login.microsoftonline.com/d7f03410-e0a8-4159-b300-54980ef605d0/
Redirect Chain
  • https://login.windows.net/d7f03410-e0a8-4159-b300-54980ef605d0/saml2?SAMLRequest=lVJdb5swFP0ryO8GG8JCrBApTVQtUtuhJuvD3hz7kloCm%2Foasv37UZKp3cOq7tX3nHs%2Brpco2ybtxLoPz%2FYRXnrAEP1sG4viMilJ761wEg0KK1...
  • https://login.microsoftonline.com/d7f03410-e0a8-4159-b300-54980ef605d0/saml2?SAMLRequest=lVJdb5swFP0ryO8GG8JCrBApTVQtUtuhJuvD3hz7kloCm%2Foasv37UZKp3cOq7tX3nHs%2Brpco2ybtxLoPz%2FYRXnrAEP1sG4viMilJ76...
20 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/d7f03410-e0a8-4159-b300-54980ef605d0/saml2?SAMLRequest=lVJdb5swFP0ryO8GG8JCrBApTVQtUtuhJuvD3hz7kloCm%2Foasv37UZKp3cOq7tX3nHs%2Brpco2ybtxLoPz%2FYRXnrAEP1sG4viMilJ761wEg0KK1tAEZTYr%2B%2FvRBoz0XkXnHINidaI4INxduMs9i34PfjBKPj%2BeFeS5xA6FEnizaCcCSNLx3i
Requested by
Host: rivcoitprod.service-now.com
URL: https://rivcoitprod.service-now.com/auth_redirect.do?sysparm_stack=no&sysparm_url=https%3A%2F%2Flogin.windows.net%2Fd7f03410-e0a8-4159-b300-54980ef605d0%2Fsaml2%3FSAMLRequest%3DlVJdb5swFP0ryO8GG8JCrBApTVQtUtuhJuvD3hz7kloCm%252Foasv37UZKp3cOq7tX3nHs%252Brpco2ybtxLoPz%252FYRXnrAEP1sG4viMilJ761wEg0KK1tAEZTYr%252B%252FvRBoz0XkXnHINidaI4INxduMs9i34PfjBKPj%252BeFeS5xA6FEnizaCcCSNLx3i
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1037:1:148::e , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
22aaefc4b7f5dfa652df86280add4d22e53f3587cb0c17751009f228e8362a8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://rivcoitprod.service-now.com/auth_redirect.do?sysparm_stack=no&sysparm_url=https%3A%2F%2Flogin.windows.net%2Fd7f03410-e0a8-4159-b300-54980ef605d0%2Fsaml2%3FSAMLRequest%3DlVJdb5swFP0ryO8GG8JCrBApTVQtUtuhJuvD3hz7kloCm%252Foasv37UZKp3cOq7tX3nHs%252Brpco2ybtxLoPz%252FYRXnrAEP1sG4viMilJ761wEg0KK1tAEZTYr%252B%252FvRBoz0XkXnHINidaI4INxduMs9i34PfjBKPj%252BeFeS5xA6FEnizaCcCSNLx3i
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
8248
Content-Type
text/html; charset=utf-8
Date
Wed, 27 Sep 2023 04:35:58 GMT
Expires
-1
Link
<https://aadcdn.msauth.net>; rel=preconnect; crossorigin <https://aadcdn.msauth.net>; rel=dns-prefetch <https://aadcdn.msftauth.net>; rel=dns-prefetch
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
on
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+san"}]}
x-ms-ests-server
2.1.16368.10 - SCUS ProdSlices
x-ms-request-id
dc4654e5-f6f9-437b-95eb-468875b33900

Redirect headers

Cache-Control
private
Content-Encoding
gzip
Content-Length
345
Content-Type
text/html; charset=utf-8
Date
Wed, 27 Sep 2023 04:35:58 GMT
Location
https://login.microsoftonline.com/d7f03410-e0a8-4159-b300-54980ef605d0/saml2?SAMLRequest=lVJdb5swFP0ryO8GG8JCrBApTVQtUtuhJuvD3hz7kloCm%2Foasv37UZKp3cOq7tX3nHs%2Brpco2ybtxLoPz%2FYRXnrAEP1sG4viMilJ761wEg0KK1tAEZTYr%2B%2FvRBoz0XkXnHINidaI4INxduMs9i34PfjBKPj%2BeFeS5xA6FEnizaCcCSNLx3i
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
x-ms-ests-server
2.1.16368.10 - WUS3 ProdSlices
x-ms-request-id
254b52b6-b91d-4c4d-8a11-6914ab156a00
converged.v2.login.min_prc91eyu9sqvbxj8tusclg2.css
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ 		109 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_prc91eyu9sqvbxj8tusclg2.css
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/d7f03410-e0a8-4159-b300-54980ef605d0/saml2?SAMLRequest=lVJdb5swFP0ryO8GG8JCrBApTVQtUtuhJuvD3hz7kloCm%2Foasv37UZKp3cOq7tX3nHs%2Brpco2ybtxLoPz%2FYRXnrAEP1sG4viMilJ761wEg0KK1tAEZTYr%2B%2FvRBoz0XkXnHINidaI4INxduMs9i34PfjBKPj%2BeFeS5xA6FEnizaCcCSNLx3i
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:48:1::38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
afc0898b6e7779ecd64b6a5a5b2626284d3e0316ad79cc45662c6d0158f4b2a1

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 27 Sep 2023 04:35:59 GMT
content-encoding
gzip
content-md5
130lE3UdeNphf/ypsCLZsw==
x-cache
TCP_HIT
content-length
20154
x-ms-lease-status
unlocked
last-modified
Thu, 10 Aug 2023 17:23:18 GMT
etag
0x8DB99C67D4E04C3
x-azure-ref
0L7ETZQAAAAA5TuI6Df+gQpNo494rGmi2TU5aMjIxMDYwNjEyMDM5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
09abefdc-501e-005a-6fd1-eb5a55000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
ConvergedError_Core_NfKj5frmMVjQG5b-NJAYUg2.js
aadcdn.msauth.net/shared/1.0/content/js/ 		341 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedError_Core_NfKj5frmMVjQG5b-NJAYUg2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/d7f03410-e0a8-4159-b300-54980ef605d0/saml2?SAMLRequest=lVJdb5swFP0ryO8GG8JCrBApTVQtUtuhJuvD3hz7kloCm%2Foasv37UZKp3cOq7tX3nHs%2Brpco2ybtxLoPz%2FYRXnrAEP1sG4viMilJ761wEg0KK1tAEZTYr%2B%2FvRBoz0XkXnHINidaI4INxduMs9i34PfjBKPj%2BeFeS5xA6FEnizaCcCSNLx3i
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:48:1::38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5f72bf15e5cc1443603d355cc8a46da19521d68203f8baa2b362b20cbb0b9a6d

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 27 Sep 2023 04:35:59 GMT
content-encoding
gzip
content-md5
J/0hbge0qGpvolfJCZBUaA==
x-cache
TCP_HIT
content-length
95552
x-ms-lease-status
unlocked
last-modified
Fri, 01 Sep 2023 10:52:19 GMT
etag
0x8DBAAD98357DF82
x-azure-ref
0L7ETZQAAAAA7BLAcUbbpRJkNTgOH9Gw+TU5aMjIxMDYwNjEyMDM5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
e870fb5f-601e-0029-7fcd-ebd553000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
ux.converged.error.strings-en.min_doxaydpyl8kj0jbtgfuoka2.js
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/ux.converged.error.strings-en.min_doxaydpyl8kj0jbtgfuoka2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/d7f03410-e0a8-4159-b300-54980ef605d0/saml2?SAMLRequest=lVJdb5swFP0ryO8GG8JCrBApTVQtUtuhJuvD3hz7kloCm%2Foasv37UZKp3cOq7tX3nHs%2Brpco2ybtxLoPz%2FYRXnrAEP1sG4viMilJ761wEg0KK1tAEZTYr%2B%2FvRBoz0XkXnHINidaI4INxduMs9i34PfjBKPj%2BeFeS5xA6FEnizaCcCSNLx3i
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:48:1::38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
08d2ec3caa61fb4bf94265e55efe5201866fefd93e9c41f806d1904f113bbee2

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 27 Sep 2023 04:35:59 GMT
content-encoding
gzip
content-md5
RzL7wJ9edafLnkdIdotwyw==
x-cache
TCP_HIT
content-length
10584
x-ms-lease-status
unlocked
last-modified
Fri, 01 Sep 2023 14:23:52 GMT
etag
0x8DBAAF7114ED486
x-azure-ref
0L7ETZQAAAAC6BVCRfffXSqkJtxE/cGxPTU5aMjIxMDYwNjEyMDM5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
e66c3935-a01e-0019-1e52-eef442000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
convergederror_customizationloader_ba2fa0868308863a7e1d.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ 		107 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergederror_customizationloader_ba2fa0868308863a7e1d.js
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedError_Core_NfKj5frmMVjQG5b-NJAYUg2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:48:1::38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
589d6dc691a230c3472680ab46fa5ff78fda0ad4fc862c44ae186ce0a242db3b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 27 Sep 2023 04:35:59 GMT
content-encoding
gzip
x-azure-ref-originshield
00yMLZQAAAADUwRDfvlynTa/kIGkNhvl9TU5aMjIxMDYwNjExMDE3ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
9lkWpZas2BSJBRMBc0/b4w==
x-cache
TCP_HIT
content-length
32253
x-ms-lease-status
unlocked
last-modified
Fri, 01 Sep 2023 10:52:13 GMT
etag
0x8DBAAD97FB64C6D
x-azure-ref
0L7ETZQAAAAD5gxUl9hzGRrYY2qC24dI6TU5aMjIxMDYwNjEzMDUzADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
d4f72a1c-001e-0003-70ef-e74a75000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
check_small_48540c930333871c385fcba2c659ccdb.svg
aadcdn.msauth.net/shared/1.0/content/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/check_small_48540c930333871c385fcba2c659ccdb.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:48:1::38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
22d511adce8d3498f842b05df7281ce582fdc6817fe27606ecd21e72277857f3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 27 Sep 2023 04:35:59 GMT
content-encoding
gzip
x-azure-ref-originshield
0ZiMLZQAAAACLB+YJY6DnSosyTDyFmV2ETU5aMjIxMDYwNjExMDQ1ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
iYTzOJM089b1SPwrN/KdOg==
x-cache
TCP_HIT
content-length
1009
x-ms-lease-status
unlocked
last-modified
Wed, 24 May 2023 10:11:46 GMT
etag
0x8DB5C3F48118378
x-azure-ref
0L7ETZQAAAAAkcUOl5h4aTKPCuw4B51lcTU5aMjIxMDYwNjEzMDUzADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
f7d57f2b-501e-005a-1945-e75a55000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
close_790189870c9543725dc3f5a15fb25e46.svg
aadcdn.msauth.net/shared/1.0/content/images/ 		270 B
506 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/close_790189870c9543725dc3f5a15fb25e46.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:48:1::38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
765709425a5b9209e875dccf2217d3161429d2d48159fc1df7b253b77c1574f4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 27 Sep 2023 04:35:59 GMT
content-encoding
gzip
x-azure-ref-originshield
0fkwLZQAAAAAjZgSvw6P+SZPIgK/OrfUQTU5aMjIxMDYwNjExMDM1ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
rp+/fadJKxLUo+jgFmYTeQ==
x-cache
TCP_HIT
content-length
190
x-ms-lease-status
unlocked
last-modified
Wed, 24 May 2023 10:11:46 GMT
etag
0x8DB5C3F4823AA6E
x-azure-ref
0L7ETZQAAAABC9qvp3tizQKfDoMZ/GxrFTU5aMjIxMDYwNjEzMDUzADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
96780e90-201e-0045-1ec8-eb6368000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
check_small_48540c930333871c385fcba2c659ccdb.svg
aadcdn.msauth.net/shared/1.0/content/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/check_small_48540c930333871c385fcba2c659ccdb.svg
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedError_Core_NfKj5frmMVjQG5b-NJAYUg2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:48:1::38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
22d511adce8d3498f842b05df7281ce582fdc6817fe27606ecd21e72277857f3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 27 Sep 2023 04:35:59 GMT
content-encoding
gzip
x-azure-ref-originshield
0ZiMLZQAAAACLB+YJY6DnSosyTDyFmV2ETU5aMjIxMDYwNjExMDQ1ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
iYTzOJM089b1SPwrN/KdOg==
x-cache
TCP_HIT
content-length
1009
x-ms-lease-status
unlocked
last-modified
Wed, 24 May 2023 10:11:46 GMT
etag
0x8DB5C3F48118378
x-azure-ref
0L7ETZQAAAACF3nDZWc+vR6UH+541XjaPTU5aMjIxMDYwNjEzMDUzADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
f7d57f2b-501e-005a-1945-e75a55000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
close_790189870c9543725dc3f5a15fb25e46.svg
aadcdn.msauth.net/shared/1.0/content/images/ 		270 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/close_790189870c9543725dc3f5a15fb25e46.svg
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedError_Core_NfKj5frmMVjQG5b-NJAYUg2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:48:1::38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
765709425a5b9209e875dccf2217d3161429d2d48159fc1df7b253b77c1574f4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 27 Sep 2023 04:35:59 GMT
content-encoding
gzip
x-azure-ref-originshield
0fkwLZQAAAAAjZgSvw6P+SZPIgK/OrfUQTU5aMjIxMDYwNjExMDM1ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
rp+/fadJKxLUo+jgFmYTeQ==
x-cache
TCP_HIT
content-length
190
x-ms-lease-status
unlocked
last-modified
Wed, 24 May 2023 10:11:46 GMT
etag
0x8DB5C3F4823AA6E
x-azure-ref
0L7ETZQAAAAAIn73Xq5B1RIj3EZhn8XLxTU5aMjIxMDYwNjEzMDUzADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
96780e90-201e-0045-1ec8-eb6368000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg
aadcdn.msauth.net/shared/1.0/content/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:48:1::38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 27 Sep 2023 04:35:59 GMT
content-encoding
gzip
x-azure-ref-originshield
07foKZQAAAAADFcvEh3UBQLobAoOQWZ7GTU5aMjIxMDYwNjExMDI1ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
nzaLxFgP7ZB3dfMcaybWzw==
x-cache
TCP_HIT
content-length
1435
x-ms-lease-status
unlocked
last-modified
Wed, 24 May 2023 10:11:48 GMT
etag
0x8DB5C3F4911527F
x-azure-ref
0L7ETZQAAAAC18vROZdwkSbJQb7wc2FOLTU5aMjIxMDYwNjEzMDUzADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
ab8cbf00-301e-0008-717e-e66f62000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg
aadcdn.msauth.net/shared/1.0/content/images/backgrounds/ 		2 KB
987 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:48:1::38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68

Request headers

accept-language
en-US,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 27 Sep 2023 04:35:59 GMT
content-encoding
gzip
x-azure-ref-originshield
0whsLZQAAAADtfj+IJ1WfTKCs4acBvVQRTU5aMjIxMDYwNjEyMDUzADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
DhdidjYrlCeaRJJRG/y9mA==
x-cache
TCP_HIT
content-length
673
x-ms-lease-status
unlocked
last-modified
Wed, 24 May 2023 10:11:46 GMT
etag
0x8DB5C3F47E260FD
x-azure-ref
0L7ETZQAAAADyUs97sVC6T4T4BryW6pd1TU5aMjIxMDYwNjEzMDUzADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
e9776f98-e01e-0059-115b-e82753000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
convergederror_stringcustomizationhelper_68ebee4abe4408b2e412.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ 		111 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergederror_stringcustomizationhelper_68ebee4abe4408b2e412.js
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedError_Core_NfKj5frmMVjQG5b-NJAYUg2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:48:1::38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
48c7f135e7021a47436fae49d08256c9d0b551df55aeb78bd0a817db19dbb8c9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 27 Sep 2023 04:35:59 GMT
content-encoding
gzip
x-azure-ref-originshield
0akwLZQAAAABdHrhPeTnnQqjPtMEVeD7DTU5aMjIxMDYwNjEyMDI5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
gD1IKoGQNDR0Ggh4o7s3bw==
x-cache
TCP_HIT
content-length
35832
x-ms-lease-status
unlocked
last-modified
Fri, 01 Sep 2023 10:52:13 GMT
etag
0x8DBAAD97FD3BD16
x-azure-ref
0L7ETZQAAAAD5nJhJkYAoR7Bs870g3hgYTU5aMjIxMDYwNjEzMDUzADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
92bca9b8-501e-004a-03fb-ebea77000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository boolean| __ConvergedError_Core boolean| __ object| Telemetry object| telemetry_webpackJsonp boolean| __convergederror_customizationloader_ba2fa0868308863a7e1d boolean| __convergederror_stringcustomizationhelper_68ebee4abe4408b2e412

9 Cookies

Domain/Path Name / Value
rivcoitprod.service-now.com/ Name: BIGipServerpool_rivcoitprod
Value: adc06a822db66f6f2d30062ebf88b684
rivcoitprod.service-now.com/ Name: JSESSIONID
Value: ECA7414DFF5BD35CB1FEB32FCDD0EE40
rivcoitprod.service-now.com/ Name: glide_user_route
Value: glide.dfa38552b3b175abf40aa980a7fb4622
login.windows.net/ Name: x-ms-gateway-slice
Value: estsfd
login.windows.net/ Name: stsservicecookie
Value: estsfd
login.microsoftonline.com/ Name: fpc
Value: Av_DoQhmnvlMiqrhbudPHx8
.login.microsoftonline.com/ Name: esctx
Value: PAQABAAEAAAAtyolDObpQQ5VtlI4uGjEPT9ELGSHsHzMYpqz9pX-XFGl5O2wsNGweyQSoV11T7e-lKBi7SsJgcp0FYbOMmvzM84ojn1KvIQQ97D78PfixMeC5EFbN5OKfwMy53GauHa1IEz6lkSWa_ALWOQ5GPkeTrVw4BRfSy3CAALxKGAijOSpyGz3NFG5pldy7nTdXojYgAA
login.microsoftonline.com/ Name: x-ms-gateway-slice
Value: estsfd
login.microsoftonline.com/ Name: stsservicecookie
Value: estsfd

1 Console Messages

Source Level URL
Text
network error URL: https://login.microsoftonline.com/d7f03410-e0a8-4159-b300-54980ef605d0/saml2?SAMLRequest=lVJdb5swFP0ryO8GG8JCrBApTVQtUtuhJuvD3hz7kloCm%2Foasv37UZKp3cOq7tX3nHs%2Brpco2ybtxLoPz%2FYRXnrAEP1sG4viMilJ761wEg0KK1tAEZTYr%2B%2FvRBoz0XkXnHINidaI4INxduMs9i34PfjBKPj%2BeFeS5xA6FEnizaCcCSNLx3i
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msauth.net
login.microsoftonline.com
login.windows.net
rivcoitprod.service-now.com
149.96.45.142
2603:1036:3000:138::4
2603:1037:1:148::e
2620:1ec:48:1::38
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
08d2ec3caa61fb4bf94265e55efe5201866fefd93e9c41f806d1904f113bbee2
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
10a0542a06e8ebef6554b1093f1597f08e86ad90b80f6540f45c51b0026b6039
22aaefc4b7f5dfa652df86280add4d22e53f3587cb0c17751009f228e8362a8a
22d511adce8d3498f842b05df7281ce582fdc6817fe27606ecd21e72277857f3
2e931a26d27eedc693f8a236f1e6dd7162359688b7b35974082f6a7cc1e53fd4
35a86319d80b941df7db498279450d00c7aaff7f890b8c0779a8536a2a51ebef
48c7f135e7021a47436fae49d08256c9d0b551df55aeb78bd0a817db19dbb8c9
589d6dc691a230c3472680ab46fa5ff78fda0ad4fc862c44ae186ce0a242db3b
5a82f71dc61d033dc7a9832aa2c44b7d0b25705c268d6cf6a6cbbd687fe7ab10
5f72bf15e5cc1443603d355cc8a46da19521d68203f8baa2b362b20cbb0b9a6d
74c78b49d252d48b60608a1519326d8b7026164132c982d7c188610e6ce5dfaf
765709425a5b9209e875dccf2217d3161429d2d48159fc1df7b253b77c1574f4
afc0898b6e7779ecd64b6a5a5b2626284d3e0316ad79cc45662c6d0158f4b2a1
bbca68dc2dc0f9ae073c15df72c4232ad8b9722c861e3946582cb8bfe37d6301
c267a26af11f51c5a4e32d43a02b07f28f3e36dfe39e7dc317d33dff67ea792e
c3cd112e7d013c9a87f57ce1ba19389705cd92b19fc5aa8e4500246c40a07cc7
c9183806acf5d348d36088ab511f7ef0553a8c1ef5cf66415b13f7a0956c429d
de5ab6c906db76746d8be7bb8544bff768a31b924658792a230c4aa1cc51dad5
f062eb384d1ecc7de1efe9f3ec5bf612c88a414f7906d8f24075e7911811c86f