urlscan.io logo urlscan.io
SecurityTrails logo

iam-saml-uat.bba-app.com Open in urlscan Pro
218.25.95.80  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://edm-test.bmw.com.cn/
Effective URL: https://iam-saml-uat.bba-app.com/bba/index.html?bmctx=FA11A5F8B091DCCE2601AC00C81E26B292757F6C711E07A68F4D1746183F01A2A915A01EDFB...
Submission: On September 15 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 10 HTTP transactions. The main IP is 218.25.95.80, located in China and belongs to CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN. The main domain is iam-saml-uat.bba-app.com.
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on July 12th 2022. Valid for: a year.
This is the only time iam-saml-uat.bba-app.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 39.105.215.101 37963 (ALIBABA-C...)
3 7 218.25.95.80 4837 (CHINA169-...)
10 3
Apex Domain
Subdomains		 Transfer
7 bba-app.com
iam-saml-uat.bba-app.com
44 KB
5 bmw.com.cn
edm-test.bmw.com.cn
2 MB
10 2
Domain Requested by
7 iam-saml-uat.bba-app.com 3 redirects edm-test.bmw.com.cn
iam-saml-uat.bba-app.com
5 edm-test.bmw.com.cn edm-test.bmw.com.cn
10 2

This site contains no links.

Subject Issuer Validity Valid
*.bba-app.biz
GlobalSign RSA OV SSL CA 2018		 2022-07-12 -
2023-08-13		 a year crt.sh

This page contains 1 frames:

Primary Page: https://iam-saml-uat.bba-app.com/bba/index.html?bmctx=FA11A5F8B091DCCE2601AC00C81E26B292757F6C711E07A68F4D1746183F01A2A915A01EDFB2BAF2099F7AA00936ADF8&contextType=external&username=string&password=secure_string&challenge_url=https%3A%2F%2Fiam-saml-uat.bba-app.com%2Fbba%2Findex.html&targetid=did_bmw&request_id=5001218812532490880&authn_try_count=0&locale=en_US&resource_url=https%253A%252F%252Fiam-saml-uat.bba-app.com%252Fms_oauth%252Foauth2%252Fui%252Foauthservice%252Fshowconsent%253Fresponse_type%253Dcode%2526client_id%253D04c7291a0c9a47a0b453ec74cfb643c7%2526redirect_uri%253Dhttp%25253A%25252F%25252Fedm-test.bmw.com.cn%2526scope%253DUserProfile.me%2526state%253Dxyz%2526oracle_client_name%253DDTS-online
Frame ID: F8CFEAA1D5953207A607B7196E225A3E
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

B2B Portal

Page URL History Show full URLs

  1. http://edm-test.bmw.com.cn/ Page URL
  2. https://iam-saml-uat.bba-app.com/ms_oauth/oauth2/endpoints/oauthservice/authorize?client_id=04c7291a0c9a47a0b... HTTP 302
    https://iam-saml-uat.bba-app.com/ms_oauth/oauth2/ui/oauthservice/showconsent?response_type=code&client_id=04c... HTTP 302
    https://iam-saml-uat.bba-app.com/oam/server/obrareq.cgi?encquery%3DvMVjPZgjirvZ5ArTpHLasqjveYNKqtmidLvMrCGcqa... HTTP 302
    https://iam-saml-uat.bba-app.com/bba/index.html?bmctx=FA11A5F8B091DCCE2601AC00C81E26B292757F6C711E07A68F4D174... Page URL

Page Statistics

10
Requests

40 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

1879 kB
Transfer

2023 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://edm-test.bmw.com.cn/ Page URL
  2. https://iam-saml-uat.bba-app.com/ms_oauth/oauth2/endpoints/oauthservice/authorize?client_id=04c7291a0c9a47a0b453ec74cfb643c7&response_type=code&redirect_uri=http://edm-test.bmw.com.cn&scope=UserProfile.me&state=xyz HTTP 302
    https://iam-saml-uat.bba-app.com/ms_oauth/oauth2/ui/oauthservice/showconsent?response_type=code&client_id=04c7291a0c9a47a0b453ec74cfb643c7&redirect_uri=http%3A%2F%2Fedm-test.bmw.com.cn&scope=UserProfile.me&state=xyz&oracle_client_name=DTS-online HTTP 302
    https://iam-saml-uat.bba-app.com/oam/server/obrareq.cgi?encquery%3DvMVjPZgjirvZ5ArTpHLasqjveYNKqtmidLvMrCGcqa3KruGoJtfIexmsV8ELO9gPrewxUrVaFIF9KC2FPYoIBH00%2BkbfXgVrfrnyb7TSqmzmyXCwZ8Tqr89puhLbkQ3MdGBhurs57l%2F3hxeRyB1UdAskBlRn6uudBA4pcnPwACMb%2FvFBeRthCV4BNe1VEelfE7PtzoAfo4WDGP74DoKY0OkAF2Hh61wkF6yUCnATyZMDaz5YR1qO3Pmz5knGVB7wKf%2B0Umbr6O8KHv1Y%2F9roau1aWek9RfcBRJ%2FL4fdLbp9uLcfIkuHPTK6s2ohb1GcYtbx0vVblIvW0E25uUkOIo2p505sudJFMSriP18qxlrA60uhfWCDmySUJPHucu1uoCK1QVKpluAZVIKIiX7rDi%2Bu7uLWDYmfUc5%2By3F1u%2FwgUcn9JYPURLGKK1rlKY60CDkZTV1YfW8Mu7TPPnBeZJMRA7aapPxUmSyX2leQJLTFHiOF3KoAQGJRhhWPvyD%2BBJOEeaP2lqZ74Dbzp5dVJQQGOSLy3bGMCOokRds4Ny24Zh8AvXONYp4sDBexnTpTsEFzsRWbjz711c0AnK4YHJ2XIk6%2FakM4FLWb3URk8YyfnVlHCHS5kv62r189bY1HU8sDUooqNbgwU4GVDB9P6L7%2Bs89DyGPkAx3AnPx6Xow%2FdKqp3UH1dub4ZySZCMCxrd7rvo4zfsNd1reEzRGZlDnV%2Bi%2BXUxQvz0%2FLdDGL4d7mjdbJSfO6pI5xX6PFo3AbbvbFz4VCn1S323dMUb%2FJc3J5cuLQIMdA9LssjB8jwaP6D%2BcoT5hxtK8fNnwSnoJ9IK2cGh6SAaZagfP4xZJ0WCFIfK1ywahJp35YRBzl0QKLngM49yFmoVADdRlL1VhjQRaAKhiyIBaalijl0f8%2BU3z6lV328h1mIhzEAsC5AzE8%3D%20agentid%3DWebgate_IDM_11g%20ver%3D1%20crmethod%3D2%26cksum%3D5b19b1608fc4f7fe87c1249db0eef8321ca3bd8f&ECID-Context=1.005uBPAsj%5Et6aMlS%5EuHrWq0001B6000NFn%3BkXjE HTTP 302
    https://iam-saml-uat.bba-app.com/bba/index.html?bmctx=FA11A5F8B091DCCE2601AC00C81E26B292757F6C711E07A68F4D1746183F01A2A915A01EDFB2BAF2099F7AA00936ADF8&contextType=external&username=string&password=secure_string&challenge_url=https%3A%2F%2Fiam-saml-uat.bba-app.com%2Fbba%2Findex.html&targetid=did_bmw&request_id=5001218812532490880&authn_try_count=0&locale=en_US&resource_url=https%253A%252F%252Fiam-saml-uat.bba-app.com%252Fms_oauth%252Foauth2%252Fui%252Foauthservice%252Fshowconsent%253Fresponse_type%253Dcode%2526client_id%253D04c7291a0c9a47a0b453ec74cfb643c7%2526redirect_uri%253Dhttp%25253A%25252F%25252Fedm-test.bmw.com.cn%2526scope%253DUserProfile.me%2526state%253Dxyz%2526oracle_client_name%253DDTS-online Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
edm-test.bmw.com.cn/ 		598 B
845 B 		Document
General
Check archive.org
Download Go to
Full URL
http://edm-test.bmw.com.cn/
Protocol
HTTP/1.1
Server
39.105.215.101 Beijing, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
istio-envoy /
Resource Hash
7abaf11f85db27c9fc03a855297b2732b28150d8234adccb8356b2309ceec578

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
content-length
598
content-type
text/html
date
Thu, 15 Sep 2022 12:21:46 GMT
etag
"631565e6-256"
last-modified
Mon, 05 Sep 2022 02:58:46 GMT
server
istio-envoy
x-envoy-upstream-service-time
3
index.72e255bd.js
edm-test.bmw.com.cn/assets/ 		2 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
http://edm-test.bmw.com.cn/assets/index.72e255bd.js
Requested by
Host: edm-test.bmw.com.cn
URL: http://edm-test.bmw.com.cn/
Protocol
HTTP/1.1
Server
39.105.215.101 Beijing, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
istio-envoy /
Resource Hash
8f6e8392c5c03cbbd96a88d698f9418f4f2ef97f0043012aef1bb226badcd2c5

Request headers

Referer
http://edm-test.bmw.com.cn/
Origin
http://edm-test.bmw.com.cn
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 12:21:46 GMT
last-modified
Mon, 05 Sep 2022 02:58:46 GMT
server
istio-envoy
etag
"631565e6-1c3a40"
content-type
application/javascript
x-envoy-upstream-service-time
0
accept-ranges
bytes
content-length
1849920
index.1ba0e3bd.css
edm-test.bmw.com.cn/assets/ 		33 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://edm-test.bmw.com.cn/assets/index.1ba0e3bd.css
Requested by
Host: edm-test.bmw.com.cn
URL: http://edm-test.bmw.com.cn/
Protocol
HTTP/1.1
Server
39.105.215.101 Beijing, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
istio-envoy /
Resource Hash
f6606c6429edf8e7a0cede550a9959a0b3d413a24a031e097b71a954952e9000

Request headers

accept-language
en-US,en;q=0.9
Referer
http://edm-test.bmw.com.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 12:21:46 GMT
last-modified
Mon, 05 Sep 2022 02:58:46 GMT
server
istio-envoy
etag
"631565e6-85f9"
content-type
text/css
x-envoy-upstream-service-time
1
accept-ranges
bytes
content-length
34297
Login.a17525d8.js
edm-test.bmw.com.cn/assets/ 		435 B
695 B 		Script
General
Check archive.org
Download Go to
Full URL
http://edm-test.bmw.com.cn/assets/Login.a17525d8.js
Requested by
Host: edm-test.bmw.com.cn
URL: http://edm-test.bmw.com.cn/assets/index.72e255bd.js
Protocol
HTTP/1.1
Server
39.105.215.101 Beijing, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
istio-envoy /
Resource Hash

Request headers

Referer
http://edm-test.bmw.com.cn/
Origin
http://edm-test.bmw.com.cn
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 12:21:59 GMT
last-modified
Mon, 05 Sep 2022 02:58:46 GMT
server
istio-envoy
etag
"631565e6-1b3"
content-type
application/javascript
x-envoy-upstream-service-time
0
accept-ranges
bytes
content-length
435
getDIDLoginUrl
edm-test.bmw.com.cn/edm/login/ 		254 B
525 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://edm-test.bmw.com.cn/edm/login/getDIDLoginUrl
Requested by
Host: edm-test.bmw.com.cn
URL: http://edm-test.bmw.com.cn/assets/index.72e255bd.js
Protocol
HTTP/1.1
Server
39.105.215.101 Beijing, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
istio-envoy /
Resource Hash

Request headers

Accept
application/json
Referer
http://edm-test.bmw.com.cn/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 12:22:00 GMT
x-envoy-upstream-service-time
6
server
istio-envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
Primary Request index.html
iam-saml-uat.bba-app.com/bba/
Redirect Chain
  • https://iam-saml-uat.bba-app.com/ms_oauth/oauth2/endpoints/oauthservice/authorize?client_id=04c7291a0c9a47a0b453ec74cfb643c7&response_type=code&redirect_uri=http://edm-test.bmw.com.cn&scope=UserPro...
  • https://iam-saml-uat.bba-app.com/ms_oauth/oauth2/ui/oauthservice/showconsent?response_type=code&client_id=04c7291a0c9a47a0b453ec74cfb643c7&redirect_uri=http%3A%2F%2Fedm-test.bmw.com.cn&scope=UserPr...
  • https://iam-saml-uat.bba-app.com/oam/server/obrareq.cgi?encquery%3DvMVjPZgjirvZ5ArTpHLasqjveYNKqtmidLvMrCGcqa3KruGoJtfIexmsV8ELO9gPrewxUrVaFIF9KC2FPYoIBH00%2BkbfXgVrfrnyb7TSqmzmyXCwZ8Tqr89puhLbkQ3M...
  • https://iam-saml-uat.bba-app.com/bba/index.html?bmctx=FA11A5F8B091DCCE2601AC00C81E26B292757F6C711E07A68F4D1746183F01A2A915A01EDFB2BAF2099F7AA00936ADF8&contextType=external&username=string&password=...
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://iam-saml-uat.bba-app.com/bba/index.html?bmctx=FA11A5F8B091DCCE2601AC00C81E26B292757F6C711E07A68F4D1746183F01A2A915A01EDFB2BAF2099F7AA00936ADF8&contextType=external&username=string&password=secure_string&challenge_url=https%3A%2F%2Fiam-saml-uat.bba-app.com%2Fbba%2Findex.html&targetid=did_bmw&request_id=5001218812532490880&authn_try_count=0&locale=en_US&resource_url=https%253A%252F%252Fiam-saml-uat.bba-app.com%252Fms_oauth%252Foauth2%252Fui%252Foauthservice%252Fshowconsent%253Fresponse_type%253Dcode%2526client_id%253D04c7291a0c9a47a0b453ec74cfb643c7%2526redirect_uri%253Dhttp%25253A%25252F%25252Fedm-test.bmw.com.cn%2526scope%253DUserProfile.me%2526state%253Dxyz%2526oracle_client_name%253DDTS-online
Requested by
Host: edm-test.bmw.com.cn
URL: http://edm-test.bmw.com.cn/assets/Login.a17525d8.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
218.25.95.80 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
nginx /
Resource Hash
f2c7af540cce8223802ee3ded03a679c37390c97319017b209171d3939df7a38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;preload

Request headers

Referer
http://edm-test.bmw.com.cn/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Headers
*
Access-Control-Allow-Methods
*
Access-Control-Allow-Origin
*
Access-Control-Max-Age
3600
Cache-control
private
Connection
close
Content-Encoding
gzip
Content-Language
en
Content-Type
text/html; charset=utf-8
Date
Thu, 15 Sep 2022 12:22:02 GMT
ETag
W/"63180f69-865"
Last-Modified
Wed, 07 Sep 2022 03:26:33 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains;preload

Redirect headers

Access-Control-Allow-Headers
*
Access-Control-Allow-Methods
*
Access-Control-Allow-Origin
*
Access-Control-Max-Age
3600
Connection
close
Content-Language
en
Content-Type
text/html;charset=UTF-8
Date
Thu, 15 Sep 2022 12:22:02 GMT
Location
https://iam-saml-uat.bba-app.com/bba/index.html?bmctx=FA11A5F8B091DCCE2601AC00C81E26B292757F6C711E07A68F4D1746183F01A2A915A01EDFB2BAF2099F7AA00936ADF8&contextType=external&username=string&password=secure_string&challenge_url=https%3A%2F%2Fiam-saml-uat.bba-app.com%2Fbba%2Findex.html&targetid=did_bmw&request_id=5001218812532490880&authn_try_count=0&locale=en_US&resource_url=https%253A%252F%252Fiam-saml-uat.bba-app.com%252Fms_oauth%252Foauth2%252Fui%252Foauthservice%252Fshowconsent%253Fresponse_type%253Dcode%2526client_id%253D04c7291a0c9a47a0b453ec74cfb643c7%2526redirect_uri%253Dhttp%25253A%25252F%25252Fedm-test.bmw.com.cn%2526scope%253DUserProfile.me%2526state%253Dxyz%2526oracle_client_name%253DDTS-online
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains;preload
X-ORACLE-DMS-ECID
005uBPAsj^t6aMlS^uHrWq0001B6000NFn
app.8991a5b4.css
iam-saml-uat.bba-app.com/bba/css/ 		60 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://iam-saml-uat.bba-app.com/bba/css/app.8991a5b4.css
Requested by
Host: iam-saml-uat.bba-app.com
URL: https://iam-saml-uat.bba-app.com/bba/index.html?bmctx=FA11A5F8B091DCCE2601AC00C81E26B292757F6C711E07A68F4D1746183F01A2A915A01EDFB2BAF2099F7AA00936ADF8&contextType=external&username=string&password=secure_string&challenge_url=https%3A%2F%2Fiam-saml-uat.bba-app.com%2Fbba%2Findex.html&targetid=did_bmw&request_id=5001218812532490880&authn_try_count=0&locale=en_US&resource_url=https%253A%252F%252Fiam-saml-uat.bba-app.com%252Fms_oauth%252Foauth2%252Fui%252Foauthservice%252Fshowconsent%253Fresponse_type%253Dcode%2526client_id%253D04c7291a0c9a47a0b453ec74cfb643c7%2526redirect_uri%253Dhttp%25253A%25252F%25252Fedm-test.bmw.com.cn%2526scope%253DUserProfile.me%2526state%253Dxyz%2526oracle_client_name%253DDTS-online
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
218.25.95.80 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
nginx /
Resource Hash
a92091505170d3fb1241346080e81f23baa651e0ccf7a4c3da5ef99d7b2542ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iam-saml-uat.bba-app.com/bba/index.html?bmctx=FA11A5F8B091DCCE2601AC00C81E26B292757F6C711E07A68F4D1746183F01A2A915A01EDFB2BAF2099F7AA00936ADF8&contextType=external&username=string&password=secure_string&challenge_url=https%3A%2F%2Fiam-saml-uat.bba-app.com%2Fbba%2Findex.html&targetid=did_bmw&request_id=5001218812532490880&authn_try_count=0&locale=en_US&resource_url=https%253A%252F%252Fiam-saml-uat.bba-app.com%252Fms_oauth%252Foauth2%252Fui%252Foauthservice%252Fshowconsent%253Fresponse_type%253Dcode%2526client_id%253D04c7291a0c9a47a0b453ec74cfb643c7%2526redirect_uri%253Dhttp%25253A%25252F%25252Fedm-test.bmw.com.cn%2526scope%253DUserProfile.me%2526state%253Dxyz%2526oracle_client_name%253DDTS-online
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Thu, 15 Sep 2022 12:22:03 GMT
Content-Encoding
gzip
Last-Modified
Wed, 07 Sep 2022 03:26:33 GMT
Server
nginx
ETag
W/"63180f69-f031"
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
*
Content-Language
en
Access-Control-Allow-Origin
*
Connection
close
Strict-Transport-Security
max-age=31536000; includeSubDomains;preload
Content-Type
text/css
Access-Control-Allow-Headers
*
chunk-vendors.902ebb66.css
iam-saml-uat.bba-app.com/bba/css/ 		995 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://iam-saml-uat.bba-app.com/bba/css/chunk-vendors.902ebb66.css
Requested by
Host: iam-saml-uat.bba-app.com
URL: https://iam-saml-uat.bba-app.com/bba/index.html?bmctx=FA11A5F8B091DCCE2601AC00C81E26B292757F6C711E07A68F4D1746183F01A2A915A01EDFB2BAF2099F7AA00936ADF8&contextType=external&username=string&password=secure_string&challenge_url=https%3A%2F%2Fiam-saml-uat.bba-app.com%2Fbba%2Findex.html&targetid=did_bmw&request_id=5001218812532490880&authn_try_count=0&locale=en_US&resource_url=https%253A%252F%252Fiam-saml-uat.bba-app.com%252Fms_oauth%252Foauth2%252Fui%252Foauthservice%252Fshowconsent%253Fresponse_type%253Dcode%2526client_id%253D04c7291a0c9a47a0b453ec74cfb643c7%2526redirect_uri%253Dhttp%25253A%25252F%25252Fedm-test.bmw.com.cn%2526scope%253DUserProfile.me%2526state%253Dxyz%2526oracle_client_name%253DDTS-online
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
218.25.95.80 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
nginx /
Resource Hash
77e36b82b43bf239a6cf44f79fa11e1a23f458c71fd89909d32ca230f840b82c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iam-saml-uat.bba-app.com/bba/index.html?bmctx=FA11A5F8B091DCCE2601AC00C81E26B292757F6C711E07A68F4D1746183F01A2A915A01EDFB2BAF2099F7AA00936ADF8&contextType=external&username=string&password=secure_string&challenge_url=https%3A%2F%2Fiam-saml-uat.bba-app.com%2Fbba%2Findex.html&targetid=did_bmw&request_id=5001218812532490880&authn_try_count=0&locale=en_US&resource_url=https%253A%252F%252Fiam-saml-uat.bba-app.com%252Fms_oauth%252Foauth2%252Fui%252Foauthservice%252Fshowconsent%253Fresponse_type%253Dcode%2526client_id%253D04c7291a0c9a47a0b453ec74cfb643c7%2526redirect_uri%253Dhttp%25253A%25252F%25252Fedm-test.bmw.com.cn%2526scope%253DUserProfile.me%2526state%253Dxyz%2526oracle_client_name%253DDTS-online
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Thu, 15 Sep 2022 12:22:03 GMT
Last-Modified
Wed, 07 Sep 2022 03:26:33 GMT
Server
nginx
ETag
"63180f69-3e3"
Strict-Transport-Security
max-age=31536000; includeSubDomains;preload
Access-Control-Allow-Methods
*
Content-Language
en
Access-Control-Allow-Origin
*
Access-Control-Max-Age
3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/css
Access-Control-Allow-Headers
*
Content-Length
995
app.5a21e00c.js
iam-saml-uat.bba-app.com/bba/js/ 		118 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iam-saml-uat.bba-app.com/bba/js/app.5a21e00c.js
Requested by
Host: iam-saml-uat.bba-app.com
URL: https://iam-saml-uat.bba-app.com/bba/index.html?bmctx=FA11A5F8B091DCCE2601AC00C81E26B292757F6C711E07A68F4D1746183F01A2A915A01EDFB2BAF2099F7AA00936ADF8&contextType=external&username=string&password=secure_string&challenge_url=https%3A%2F%2Fiam-saml-uat.bba-app.com%2Fbba%2Findex.html&targetid=did_bmw&request_id=5001218812532490880&authn_try_count=0&locale=en_US&resource_url=https%253A%252F%252Fiam-saml-uat.bba-app.com%252Fms_oauth%252Foauth2%252Fui%252Foauthservice%252Fshowconsent%253Fresponse_type%253Dcode%2526client_id%253D04c7291a0c9a47a0b453ec74cfb643c7%2526redirect_uri%253Dhttp%25253A%25252F%25252Fedm-test.bmw.com.cn%2526scope%253DUserProfile.me%2526state%253Dxyz%2526oracle_client_name%253DDTS-online
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
218.25.95.80 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
nginx /
Resource Hash
06fab54f8659eef6425063e26d754bf4348a0637bf953acf6f8d56b321b64803
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iam-saml-uat.bba-app.com/bba/index.html?bmctx=FA11A5F8B091DCCE2601AC00C81E26B292757F6C711E07A68F4D1746183F01A2A915A01EDFB2BAF2099F7AA00936ADF8&contextType=external&username=string&password=secure_string&challenge_url=https%3A%2F%2Fiam-saml-uat.bba-app.com%2Fbba%2Findex.html&targetid=did_bmw&request_id=5001218812532490880&authn_try_count=0&locale=en_US&resource_url=https%253A%252F%252Fiam-saml-uat.bba-app.com%252Fms_oauth%252Foauth2%252Fui%252Foauthservice%252Fshowconsent%253Fresponse_type%253Dcode%2526client_id%253D04c7291a0c9a47a0b453ec74cfb643c7%2526redirect_uri%253Dhttp%25253A%25252F%25252Fedm-test.bmw.com.cn%2526scope%253DUserProfile.me%2526state%253Dxyz%2526oracle_client_name%253DDTS-online
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Thu, 15 Sep 2022 12:22:03 GMT
Content-Encoding
gzip
Last-Modified
Wed, 07 Sep 2022 03:26:33 GMT
Server
nginx
ETag
W/"63180f69-1d8ee"
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
*
Content-Language
en
Access-Control-Allow-Origin
*
Connection
close
Strict-Transport-Security
max-age=31536000; includeSubDomains;preload
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Headers
*
chunk-vendors.88faaef7.js
iam-saml-uat.bba-app.com/bba/js/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
iam-saml-uat.bba-app.com
URL
https://iam-saml-uat.bba-app.com/bba/js/chunk-vendors.88faaef7.js

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation

6 Cookies

Domain/Path Name / Value
.bba-app.com/ Name: OAMAuthnHintCookie
Value: 0@1663244521
iam-saml-uat.bba-app.com/ Name: OAMRequestContext_iam-saml-uat.bba-app.com:443_303131
Value: 011EIhYR1+vFvdumpLIv5g==
iam-saml-uat.bba-app.com/ Name: OAM_REQ_0
Value: VERSION_4~kXfOiOO5%2fi3dmBZkAg7UEls4XWFfSAol%2bvuxAM142TVIEpDN6ULs%2bBN%2bcB1%2fq9pwc%2bF%2bE98Kc0e4joJWDj6GGGj5ZBQKKJPzt0qjoP3L7wJhIcwua6upM0PeKUSCYUeSnHZJdK0a%2b3nudb8kTbrEu6eu8IqyZtn3BSFKEET%2fYklg%2f9PUn65VGY%2bk%2fdnPNPZPXptmCryG5j1W0WV4QBR3caq9pZcL5Jc3vyyB4mr4X8ZXGtNy2C2gkCQ7LN2l7%2bzpsF56Mne%2fiTYykFv118Af%2fQ4v%2fWJgKTvQdJhb5nbPHC%2bsiKNwb%2bMpXzEzDlmQfXNqNWlUdVYmykzCqyL3%2bXaINkZZWAb6grMGw9yuUxqY8zUJHS7i7Ci9C4N8NmuWkEzrB%2bRrW1eruug1rlt1Ea26PtLL7mT1hXRmSz8%2bKqb6mz2PkKy5GiVjppieAqKxbGR5w%2fT7V2IfXd%2fm6GG1YeMW1PhL2NJckOdOTyiDN5uXES1rloPENzW7V7dmV%2byep1ZVXqpLeU%2bEPsCGzB%2bminDOcqu2YEUXam0X%2f6Org2m3CF9ldAwpn9NW92r7PG%2bP2cEHl6Bpzy3CCwacxBPSEHvcOHmnmOa94q1KtarW8ISdeAz5eArYueFFwq1kA%2f0sZ705uUndotMIUonB%2foCkbG0GJwRxewUsooROdZtP4homYjo0PBD3W2SOI1uKIFDRmsgcGbN1z0cDBG7uM0Xbzcu2JEtunLT1DsNuXiQYQppySuLd8WjID7T%2b4HGSpbWrmnlsgrO25DSMiy%2bpTNVoML%2f12OpH%2fYdWYa4r5r4okrBsILn2pfWOuRN6BhTGjCFcg0xeAeTde%2fD4EQx1nVT08F4AmUAMu1da2kPUXXpZ9js5K%2b0m8mHTcFshDnOyMMwBfinhkCHuuw74%2fkAfZt19%2bYYnLIcLpcJvOVEEq%2bwgYc7F4JUNne1lslcndiXfbokMDfXJdpE2ONXKN1kzOGZecsxw6ndrhl3vLm5Vl6eFl0qobtSwjWnBI5%2fZX1nCsTj3RjSfmS3b%2fJwSAS%2baxEJ70Ou50s68LMzn5YJzXwCl1zCawTjZ5HkicTP1B4zuP6276puH%2flpzol0UuNWJUHKYlYBxN67s6mZvkbSBp5WHPL%2fDXHy2syzKTyqiu%2b2TiDVR6eOkFUjCYIDE6cB%2bd9gAtbtEn5qRPfWACdmKVqhH1lh1xXqEPwAMk5pFAceKFDYKyiXyyOMok3VjPbsE%2bUgQOfqGFnccx0yxTbkgLSG%2bTbaJSjcj6%2fj1QdMkOtaLdx9GeByttUU%2fCDozVlFUJwLU6hxDixSw%2bfC7vUAE6S1Bd%2feC0UMtZuvGcm8c%2bjo6N139V251JiLgQxlixIZzviKJMNlwt5UVlxaJqZ6CEHgo5RB1A2okOYnMBfWBu8%2bX0%2fxV5bsvngf5C7qGUFr%2bMhXICV9BO71I%2fLEufjGeoZddHMa2llBhR9QVYG%2bXYREetSxztxIUOLANsx1WRvGZygNLTE4%2fxPRbB75zkpIzNRY1ffAbekrDrsA1oyyQRs6%2bebX%2brarrMPwaVEEv%2fIy%2fhQozr3FLLMJYF86rYtkR33NndzkNBA25HCTTMV1fRcFxaqSDBewTmLoeBVMXhNXKocdmLoHJ2Gvuqhd4C4YiB%2be%2fu4eLuL7X5AlpGeBzQLVTQnFOvDTiKGg%2baNjFY1rjpkR0%2f9O1EyR41FFTXTNWk8J%2b1IaKy%2bMb5tZF2BsbBhIZblyLs00mNCFps2dI6Y6wHJCpUldh1To5MGAEBEg6DXivh7Kdv9fauoD%2bnFD1JeXvlsNDiK4ZqvFoJoN4el%2fptkwW3GR8lBGBoNwSCkVeCFt4%2fYN27cEikFEoSZEKSFgILJTsNyjwUchQ3YfV9cT4O3TK01eVRVjILnevaVj4kiB83w7tXrpsBdNtOtPBQ0hQUu6QehuB1t2ZE31qxk2dv1RG3EK%2bst359CXmJeNfYRgazXJ2%2fgXuxb1oqBAXH9a2%2fBQbXILVKDIrU6n9V%2bdXx8ClxVTJD8lSxGlXm9ospUjEAkBlQhTztKSq5ycLdfIjNagWXLOpUVvBvQ%2bjLCmuqUigoV9O4XFaRyvAUoThRsMdz1fM2FuDX8g5s31XbGY%2b7MrVj2nF0JF7N4zZ551zQvwiIfSi6H4ahSST7pZp5gjCfMAbKxaIsfOq5uOltyh4EGpvMXFExlfu%2bEBsUDkPV%2b3XrX4i2SBCtX%2ffq0CT33N5sC0vLVfE0CqWe%2b1GZgqKU80GEjLvFLt5Kmhngv5nIVFCnHykMXp5GxFlcY%2bjbpmRfesfHqDBjX3Kz9S5IREXY76LACGZj%2fC5JM3hGIF3qOon%2bfCn%2bWvB1WSVkWM%2bwUFfw8JQC8qFSHJfwgdiSQxV73fwxHbcxocIkOoAEJFpvRvY%2faeo6Az1%2flpzSm6SRqQPsx4fHiHV2wezOdQNh4pBwH99yq%2fdB0g6ZJietNT6ZTDDJS5KaRWzyLfAF%2bHGF3cI7iywgBgHHsbkFMiiFsrGpuNmZxFc0M20XHcEpnkGQORLLrsdoYnKfu1WKlTyZcxFTWkVsNgRKQxYqXUyuSWQPcKgq%2bkRCF%2blPtFdDpWOrRnossQcovLlrYe1p3jNNg2OunCgyivjnEapkbzmj9si9WCmKX87Qzgq5hCI%2ftaraEDOba6fPxnrQTjpPAeJ4BqTjX9PlHb0s1HcoNp%2fU%2blZQQBM1x0QTHuI4DDbVqQeIZyqx%2fAAXVAFmQ%2bAcakCQ694514W3XQ42TPIhQYma2orAeUjjhO%2b2rCxnRoJ748UA26hUOiQ%2bxw40biyMhOs1uwJGDovFbMfFMEf2OD0LgOCMhhECrNyDNR%2fVvsanmdVzlJG8dfUDHO%2fEB%2bnpohg2TsNiNlXt4bGP2OXCuVayhY5hUDRVRvgFAc6775X8sgFlrXxSPVQLuAUpAVOgQ115B%2bXmMk64I2x17OWK7Ye7wA0lqg4ujw44uyD24IDPC6pjray4ae1K7L4%2fb8AsZyc2AkQXrMrDgYNAie0Z1zGGMJ%2bBgCxSSKovt0ZTzHYDLEPRffWe8opj%2bDu40FJ%2f%2f3dfG7UJx9NeMy9dy%2bvvMfUgAH%2by4XBoOHInXr3pGbPGwi1j6yCrFy5UNQiUsxOFn4U0KKCavv58Gg63zjR%2ffpTGOw%2bMB6yW5xMVMLqdrDBZVLxbuVRHffjxedBbUenc9ZM1cJGobwGSrCp34sqU8TpBi3F5i2QOewh0B5QJ91jKDWzURa7Tiv84pgpRbCgSnhd0DyRLoLnFBn4tdtOyrglJMiIUn61jgDcqizQoe0yZ6hmzlOK3tZg4KQyhq3X22soPTJ6Cb0b0DwegnAwIkvCWDBbkXOBxvEtNf7IZhnqz8suzt%2byirOfoyGs9IjMmYCxSQECY12W2OqQlS%2btVza84%2bZOvmXyp%2fWPQ%2fPWSFpCVUapM%2fnDtpj52st96lJVABt0i5ov82NMNZo0SYloZoOvyjtGhHs2wN1OJKUF66%2bmcDqUErncl0Ev47%2bVOn%2beOVpdZ7aRcVyZ%2fTG5ePN4f4nqDuYqx0jBeL76
iam-saml-uat.bba-app.com/ Name: OAM_REQ_COUNT
Value: VERSION_4~1
iam-saml-uat.bba-app.com/ Name: ECID-Context
Value: 1.005uBPAsj^t6aMlS^uHrWq0001B6000NFn@kXhgv0ZGZKSULGSPXKTPJHSRo4USpLO
iam-saml-uat.bba-app.com/ Name: 8638ff90b568242ce3a22b536c03bc13
Value: 731e0dde4ceea9a6c14779c85a055bbb