Submitted URL: http://origin-barclaysba-stage.plateau.com/
Effective URL: https://federation.client.barclayscorp.com/idp/SSO.saml2
Submission: On November 25 via api from US — Scanned from US

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 8 HTTP transactions. The main IP is 23.34.59.19, located in Edison, United States and belongs to AKAMAI-ASN1, NL. The main domain is federation.client.barclayscorp.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on June 14th 2022. Valid for: a year.
This is the only time federation.client.barclayscorp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 3 35.204.26.114 396982 (GOOGLE-CL...)
1 4 104.107.217.79 20940 (AKAMAI-ASN1)
1 3.64.78.167 16509 (AMAZON-02)
3 23.34.59.19 20940 (AKAMAI-ASN1)
8 4
Domain Requested by
4 performancemanager.successfactors.eu 1 redirects performancemanager.successfactors.eu
3 federation.client.barclayscorp.com federation.client.barclayscorp.com
3 origin-barclaysba-stage.plateau.com 2 redirects
1 afc1hfrok.accounts.ondemand.com
8 4

This site contains no links.

Subject Issuer Validity Valid
plateau.com
DigiCert TLS RSA SHA256 2020 CA1
2022-06-16 -
2023-06-16
a year crt.sh
eu-only.successfactors.eu
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-04-14 -
2023-04-14
a year crt.sh
*.accounts.ondemand.com
DigiCert TLS RSA SHA256 2020 CA1
2022-02-25 -
2022-12-21
10 months crt.sh
federation.client.barclayscorp.com
DigiCert SHA2 Extended Validation Server CA
2022-06-14 -
2023-06-14
a year crt.sh

This page contains 1 frames:

Primary Page: https://federation.client.barclayscorp.com/idp/SSO.saml2
Frame ID: 2957E9D8A829B00BDEE89B8B778D0964
Requests: 8 HTTP requests in this frame

Screenshot

Page Title

Error

Page URL History Show full URLs

  1. http://origin-barclaysba-stage.plateau.com/ HTTP 302
    https://origin-barclaysba-stage.plateau.com/ Page URL
  2. https://origin-barclaysba-stage.plateau.com/learning/user/login.jsp HTTP 302
    https://performancemanager.successfactors.eu/login?company=C0001164326P1 HTTP 302
    https://performancemanager.successfactors.eu/saml2/Login?company=C0001164326P1&RelayState=/login?company=C0001164326P1&_s... Page URL
  3. https://afc1hfrok.accounts.ondemand.com/saml2/idp/sso/afc1hfrok.accounts.ondemand.com?SAMLRequest=hZJNb9wgEIb%2FCuIO... Page URL
  4. https://federation.client.barclayscorp.com/idp/SSO.saml2 Page URL

Page Statistics

8
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

42 kB
Transfer

201 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://origin-barclaysba-stage.plateau.com/ HTTP 302
    https://origin-barclaysba-stage.plateau.com/ Page URL
  2. https://origin-barclaysba-stage.plateau.com/learning/user/login.jsp HTTP 302
    https://performancemanager.successfactors.eu/login?company=C0001164326P1 HTTP 302
    https://performancemanager.successfactors.eu/saml2/Login?company=C0001164326P1&RelayState=/login?company=C0001164326P1&_s.crb=aaP%252bI4quH1lLZ4kbK%252fW3Bk%252fthiM7zjr0NwNvgNSSr5g%253d Page URL
  3. https://afc1hfrok.accounts.ondemand.com/saml2/idp/sso/afc1hfrok.accounts.ondemand.com?SAMLRequest=hZJNb9wgEIb%2FCuIOBuJkN2i90TarqCv1w0rcHnKpCIy7qDa4DO62%2Fz6Od1OlhyZXeGeemQdWV7%2F7jvyChD6GikouKIFgo%2FPhe0W%2FNDdsSa%2FWKzR9pwa9GfM%2B3MLPETCTqTCgPt5UdExBR4MedTA9oM5W320%2BftCKCz2kmKONHSXbqdAHk2fYPucBdVGY1sp9m%2BIPbqyNY8jIY3DQm%2BC4jX0xIwrvhgIxvpWm5CYmC%2FOkFW1Nh0DJblvRb5dKleLcKeagNax08owZqwwziyUs5cOlWAg7RRFH2AXMJuSKKqEUk5Kp80YqrYQuJS%2FF4p6S%2BrTTOx%2BOrl4T8HAMoX7fNDWrP981lHx9dj4F6MmwnunppdrXGxtESE826frZ5uFw4DhaC4itsTkm5DAW10IIKS%2FKM3VRy1Xxkvb3dT9N7XfbOnbe%2FiGbrouH6wQmQ0VzGmEW25v8%2F4Ekl%2FOJd6ydo3oMOID1rQdHi%2FUJ%2B%2B83Wj8C&RelayState=%2Flogin%3Fcompany%3DC0001164326P1&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=Z7b8pUWXJ2CnKXjKEeLK4ghUuvEHN827r2GRMtY9PEK5CQKXqujvliv5psUXQDvfnvHoUHWZJhRgLiwRUMEVhjcPlPtGPMYFMPHmtpNu%2BpVsHC9YOVl3HFf18PcB1B7SZ7x60nYFnDcmo5BCV7sRiJGV6JhkzDJJCj8iDzw6cn4%3D Page URL
  4. https://federation.client.barclayscorp.com/idp/SSO.saml2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://origin-barclaysba-stage.plateau.com/ HTTP 302
  • https://origin-barclaysba-stage.plateau.com/
Request Chain 1
  • https://origin-barclaysba-stage.plateau.com/learning/user/login.jsp HTTP 302
  • https://performancemanager.successfactors.eu/login?company=C0001164326P1 HTTP 302
  • https://performancemanager.successfactors.eu/saml2/Login?company=C0001164326P1&RelayState=/login?company=C0001164326P1&_s.crb=aaP%252bI4quH1lLZ4kbK%252fW3Bk%252fthiM7zjr0NwNvgNSSr5g%253d

8 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
origin-barclaysba-stage.plateau.com/
Redirect Chain
  • http://origin-barclaysba-stage.plateau.com/
  • https://origin-barclaysba-stage.plateau.com/
68 B
557 B
Document
General
Full URL
https://origin-barclaysba-stage.plateau.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.204.26.114 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
114.26.204.35.bc.googleusercontent.com
Software
Successfactors /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Type
text/html
Date
Fri, 25 Nov 2022 12:20:40 GMT
ETag
"63512110-44"
Last-Modified
Thu, 20 Oct 2022 10:21:04 GMT
Server
Successfactors
X-Robots-Tag
noindex,nofollow

Redirect headers

Connection
Keep-Alive
Content-Length
0
Location
https://origin-barclaysba-stage.plateau.com/
Server
BigIP
Login
performancemanager.successfactors.eu/saml2/
Redirect Chain
  • https://origin-barclaysba-stage.plateau.com/learning/user/login.jsp
  • https://performancemanager.successfactors.eu/login?company=C0001164326P1
  • https://performancemanager.successfactors.eu/saml2/Login?company=C0001164326P1&RelayState=/login?company=C0001164326P1&_s.crb=aaP%252bI4quH1lLZ4kbK%252fW3Bk%252fthiM7zjr0NwNvgNSSr5g%253d
2 KB
2 KB
Document
General
Full URL
https://performancemanager.successfactors.eu/saml2/Login?company=C0001164326P1&RelayState=/login?company=C0001164326P1&_s.crb=aaP%252bI4quH1lLZ4kbK%252fW3Bk%252fthiM7zjr0NwNvgNSSr5g%253d
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.107.217.79 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-107-217-79.deploy.static.akamaitechnologies.com
Software
Successfactors /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://origin-barclaysba-stage.plateau.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store,no-cache
content-length
1694
content-type
text/html;charset=UTF-8
date
Fri, 25 Nov 2022 12:20:41 GMT
expires
Fri, 25 Nov 2022 12:20:41 GMT Wed, 31 Dec 1969 23:59:59 GMT
optr_cxt
010001000093e0a2bd-6cbb-11ed-8e37-87ea2ecf8c6700000000-0000-0000-0000-000000000001-1 HTTP ;
pragma
no-cache no-cache
referrer-policy
strict-origin-when-cross-origin
server
Successfactors
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-event-id
EVENT-UNKNOWN-UNKNOWN-ob46abe03-20221125132041-2147933
x-itr-server
704c732bf17939acd03735c47d5b6c6a101ede2f
x-itr-target-cluster
defaultCluster
x-request-stats
SQLT=0&CCON=0&FWR=0&NRE=0&CEXT=0&ST=1669378841402&EID=EVENT-UNKNOWN-UNKNOWN-ob46abe03-20221125132041-2147933&CLOC=0&CREM=0&NWR=0&CPU=20&SVT=21&SQLC=0&SCPU=0&CSUP=1&MEM=10730&UCPU=20&FRE=0
x-unique-id
c77b7d4aa3157e26f66f062119c3dedb
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-store,no-cache
date
Fri, 25 Nov 2022 12:20:41 GMT
expires
Fri, 25 Nov 2022 12:20:41 GMT
location
/saml2/Login?company=C0001164326P1&RelayState=/login?company=C0001164326P1&_s.crb=aaP%252bI4quH1lLZ4kbK%252fW3Bk%252fthiM7zjr0NwNvgNSSr5g%253d
optr_cxt
010001000093c63ce7-6cbb-11ed-8e37-87ea2ecf8c6700000000-0000-0000-0000-000000000001-1 HTTP ;
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
Successfactors
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-event-id
EVENT-PLT-LOGINPAGE-ob46abe03-20221125132041-2147931
x-itr-server
704c732bf17939acd03735c47d5b6c6a101ede2f
x-itr-target-cluster
defaultCluster
x-unique-id
48d95166be697312c08475cf6977725c
x-xss-protection
1; mode=block
XMLHttpRequest.js
performancemanager.successfactors.eu/ui/extlib/XMLHttpRequest_1.0.5_sf.17/
7 KB
3 KB
Script
General
Full URL
https://performancemanager.successfactors.eu/ui/extlib/XMLHttpRequest_1.0.5_sf.17/XMLHttpRequest.js
Requested by
Host: performancemanager.successfactors.eu
URL: https://performancemanager.successfactors.eu/saml2/Login?company=C0001164326P1&RelayState=/login?company=C0001164326P1&_s.crb=aaP%252bI4quH1lLZ4kbK%252fW3Bk%252fthiM7zjr0NwNvgNSSr5g%253d
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.107.217.79 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-107-217-79.deploy.static.akamaitechnologies.com
Software
Successfactors /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://performancemanager.successfactors.eu/saml2/Login?company=C0001164326P1&RelayState=/login?company=C0001164326P1&_s.crb=aaP%252bI4quH1lLZ4kbK%252fW3Bk%252fthiM7zjr0NwNvgNSSr5g%253d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 29 Apr 2022 22:02:50 GMT
server
Successfactors
date
Fri, 25 Nov 2022 12:20:41 GMT
vary
Accept-Encoding
content-type
application/javascript
content-length
2721
x-xss-protection
1; mode=block
expires
Fri, 30 Apr 2032 06:51:19 GMT
perflog_6afbc835fd7bc8ec51a93324df511558.js
performancemanager.successfactors.eu/ui/perflog/js/
11 KB
5 KB
Script
General
Full URL
https://performancemanager.successfactors.eu/ui/perflog/js/perflog_6afbc835fd7bc8ec51a93324df511558.js
Requested by
Host: performancemanager.successfactors.eu
URL: https://performancemanager.successfactors.eu/saml2/Login?company=C0001164326P1&RelayState=/login?company=C0001164326P1&_s.crb=aaP%252bI4quH1lLZ4kbK%252fW3Bk%252fthiM7zjr0NwNvgNSSr5g%253d
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.107.217.79 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-107-217-79.deploy.static.akamaitechnologies.com
Software
Successfactors /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://performancemanager.successfactors.eu/saml2/Login?company=C0001164326P1&RelayState=/login?company=C0001164326P1&_s.crb=aaP%252bI4quH1lLZ4kbK%252fW3Bk%252fthiM7zjr0NwNvgNSSr5g%253d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 20 May 2022 23:32:07 GMT
server
Successfactors
date
Fri, 25 Nov 2022 12:20:41 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=314882582
content-length
4421
x-xss-protection
1; mode=block
expires
Tue, 16 Nov 2032 23:43:43 GMT
afc1hfrok.accounts.ondemand.com
afc1hfrok.accounts.ondemand.com/saml2/idp/sso/
7 KB
5 KB
Document
General
Full URL
https://afc1hfrok.accounts.ondemand.com/saml2/idp/sso/afc1hfrok.accounts.ondemand.com?SAMLRequest=hZJNb9wgEIb%2FCuIOBuJkN2i90TarqCv1w0rcHnKpCIy7qDa4DO62%2Fz6Od1OlhyZXeGeemQdWV7%2F7jvyChD6GikouKIFgo%2FPhe0W%2FNDdsSa%2FWKzR9pwa9GfM%2B3MLPETCTqTCgPt5UdExBR4MedTA9oM5W320%2BftCKCz2kmKONHSXbqdAHk2fYPucBdVGY1sp9m%2BIPbqyNY8jIY3DQm%2BC4jX0xIwrvhgIxvpWm5CYmC%2FOkFW1Nh0DJblvRb5dKleLcKeagNax08owZqwwziyUs5cOlWAg7RRFH2AXMJuSKKqEUk5Kp80YqrYQuJS%2FF4p6S%2BrTTOx%2BOrl4T8HAMoX7fNDWrP981lHx9dj4F6MmwnunppdrXGxtESE826frZ5uFw4DhaC4itsTkm5DAW10IIKS%2FKM3VRy1Xxkvb3dT9N7XfbOnbe%2FiGbrouH6wQmQ0VzGmEW25v8%2F4Ekl%2FOJd6ydo3oMOID1rQdHi%2FUJ%2B%2B83Wj8C&RelayState=%2Flogin%3Fcompany%3DC0001164326P1&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=Z7b8pUWXJ2CnKXjKEeLK4ghUuvEHN827r2GRMtY9PEK5CQKXqujvliv5psUXQDvfnvHoUHWZJhRgLiwRUMEVhjcPlPtGPMYFMPHmtpNu%2BpVsHC9YOVl3HFf18PcB1B7SZ7x60nYFnDcmo5BCV7sRiJGV6JhkzDJJCj8iDzw6cn4%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.64.78.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-64-78-167.eu-central-1.compute.amazonaws.com
Software
SAP /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'nonce-6gVr0QBGy18Hydz5NxLQ28f+si5m1FnR7qX/ggpT8/g='
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://performancemanager.successfactors.eu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private,no-cache,no-store
Connection
Keep-Alive
Content-Encoding
gzip
Content-Language
en-US
Content-Security-Policy
script-src 'self' 'nonce-6gVr0QBGy18Hydz5NxLQ28f+si5m1FnR7qX/ggpT8/g='
Content-Type
text/html;charset=utf-8
Date
Fri, 25 Nov 2022 12:20:42 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=5, max=100
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Pragma
no-cache
Referrer-Policy
origin
Server
SAP
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-IDS-ID
A4EB1AE4-13AB-49C8-9C2D-FC8C776B6520
X-IDS-Landscape
aws-eu-central-1
X-IDS-Node
http-pdk62
X-IDS-Pool
purple
X-IDS-Project
prod
X-Robots-Tag
none
vary
accept-encoding,X-CSP-STRIP
x-xss-protection
1; mode=block
Primary Request SSO.saml2
federation.client.barclayscorp.com/idp/
2 KB
2 KB
Document
General
Full URL
https://federation.client.barclayscorp.com/idp/SSO.saml2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.34.59.19 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-34-59-19.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
355006de59ba17f841873a812e50ab583b09cff52d7b0bbd7d5b3aafaed8683e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Xss-Protection 1;mode=block

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://afc1hfrok.accounts.ondemand.com
Referer
https://afc1hfrok.accounts.ondemand.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-language
en-US
content-length
1589
content-type
text/html;charset=UTF-8
date
Fri, 25 Nov 2022 12:20:43 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-xss-protection
1;mode=block
main.css
federation.client.barclayscorp.com/assets/css/
171 KB
23 KB
Stylesheet
General
Full URL
https://federation.client.barclayscorp.com/assets/css/main.css
Requested by
Host: federation.client.barclayscorp.com
URL: https://federation.client.barclayscorp.com/idp/SSO.saml2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.34.59.19 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-34-59-19.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3615326640054eff387c6b09a53a38c2a6ea6498e9564e9ebb6e297888d50128
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://federation.client.barclayscorp.com/idp/SSO.saml2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 12:20:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
last-modified
Sun, 20 Nov 2022 04:06:00 GMT
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/css;charset=ISO-8859-1
content-length
22699
x-xss-protection
1;mode=block
barclays-small.png
federation.client.barclayscorp.com/assets/images/
2 KB
2 KB
Image
General
Full URL
https://federation.client.barclayscorp.com/assets/images/barclays-small.png
Requested by
Host: federation.client.barclayscorp.com
URL: https://federation.client.barclayscorp.com/idp/SSO.saml2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.34.59.19 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-34-59-19.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6e797123a89586582a7a26ee18c3c3efb67261a7f98bb421e7b0d466291695c6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://federation.client.barclayscorp.com/idp/SSO.saml2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 12:20:43 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
last-modified
Sun, 20 Nov 2022 04:06:00 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options
SAMEORIGIN
content-type
image/png;charset=ISO-8859-1
accept-ranges
bytes
content-length
2123
x-xss-protection
1;mode=block

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Domain/Path Name / Value
origin-barclaysba-stage.plateau.com/learning Name: JSESSIONID
Value: 0C9F9203DB736CDAD0EE2FB998804578
origin-barclaysba-stage.plateau.com/ Name: BIGipServerorigin-dc57-preview.lms.plateau.com
Value: 60176650.20480.0000
origin-barclaysba-stage.plateau.com/ Name: BIGipServerP_lms_sapsf_com_80
Value: !NIbBuIwdomEXO8J8v4KArBS8hpbV4c3Z03Z2m7SFJFlWw9eJ4y7JBHkk6N7Cs5Hxm0AfKcVCy8i++A==
origin-barclaysba-stage.plateau.com/ Name: route
Value: a969c3f0f5e8a020ad1d570cd9493016369fa0ac
performancemanager.successfactors.eu/ Name: route
Value: 73c8f142949ce9c0b5b31befac9961d528758593
performancemanager.successfactors.eu/ Name: %2Flogin-markFromServer
Value: true
performancemanager.successfactors.eu/ Name: bizxCompanyId
Value: C0001164326P1
performancemanager.successfactors.eu/ Name: JSESSIONID
Value: FCF3086EE3294E82BE7A94F43A27CBB0.pc57bcf14
performancemanager.successfactors.eu/ Name: BIGipServerhcm57.sapsf.com
Value: 378026250.20480.0000
performancemanager.successfactors.eu/ Name: oiosaml-fragment
Value:
afc1hfrok.accounts.ondemand.com/ Name: arca14e6c
Value: AAAADPytHrm1bJHteb5wbDW9K8uoKWELekojFgsA%2FhRQZ9xUF%2FiOZLbdWipCEDpy5enh6WblWWZsYKKmP3dqj6U068tpXyXQ1kyU7DoLF8Wu2Yxi%2FFVrYAlIHiqM5hh3QjJNsi4JltVL3NJ1Sfx9s%2BUD5D9dpu6XlAgW3nTadlkX%2FJpQjJMf95vaSqxFAeYcqJOir%2F5tIyyrYlP%2FfIA97svnx3LNvacVuarDmvhbWFvb4mRsB6IWlpj2ZCY7CfPGdCTumylcfKj2lOhbQkrztobd6pfbiVYHhdiIRpaZv8LIpJTLgAbYCKe1Hl6344kruMe9zdQ9yuzNkCISxLVUskJ1uHf33wB0taahzRfknqJJVjWYurXvnPIdwcsv0QBXm0Lsa1swlw6VjX5xhCpcgovFXQ6u2Yuw%2FPDJFoNfMPCryFbEyXiU5Q2LYzRot5YR0%2F07mo1bC5chJ8J2ZwNNlKCCB8n7mCKUssA4QkKEOyNZleMIAN3HyKDbYo8NqpcABf4gqPITFPw2g6oSYxUvsJCEe81iE7VohoAd9ItcCrUcGQY7e2pq9W%2FRsEgm2FBjPB%2FOy3KlikSTxXhbTcZlNWNjW2GcBEfQ7uhL2Dk9Kxi1kDq%2FcObHANEm9I5JIJ%2Bnl93svYF7%2BKN42iTNDmjbdPOWDyxGCOQOMXGl6M0DUAYusYuyli4EfbRHseA%3D
afc1hfrok.accounts.ondemand.com/ Name: XSRF_COOKIE
Value: "OTfvv71B77+977+977+9zroKfe+/ve+/vVVk77+977+9fzHVve+/vQwHKu+/vSUoa0vvv706MTY2OTM3ODg0MjUxOQ=="
afc1hfrok.accounts.ondemand.com/ Name: JSESSIONID
Value: 51F3A0582CCA2AEAE4A985066A2B73DF

1 Console Messages

Source Level URL
Text
network error URL: https://federation.client.barclayscorp.com/idp/SSO.saml2
Message:
Failed to load resource: the server responded with a status of 400 ()