urlscan.io logo urlscan.io
SecurityTrails logo

cir2login.b2clogin.com Open in urlscan Pro
20.190.159.73  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://cir2.com/
Effective URL: https://cir2login.b2clogin.com/login.cir2.com/B2C_1A_Signin_SAML/samlp/sso/login
Submission: On July 20 via manual from IL — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 9 HTTP transactions. The main IP is 20.190.159.73, located in Dublin, Ireland and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is cir2login.b2clogin.com. The Cisco Umbrella rank of the primary domain is 356779.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on June 9th 2022. Valid for: a year.
This is the only time cir2login.b2clogin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 192.153.59.210 19149 (TEAMTECH-DSM)
1 35.169.22.150 14618 (AMAZON-AES)
2 20.190.159.73 8075 (MICROSOFT...)
1 52.239.177.228 ()
9 4
Apex Domain
Subdomains		 Transfer
3 cir2.com
cir2.com — Cisco Umbrella Rank: 573252
www.cir2.com — Cisco Umbrella Rank: 728633
2 KB
2 b2clogin.com
cir2login.b2clogin.com — Cisco Umbrella Rank: 356779
129 KB
1 windows.net
prodcir2sso.blob.core.windows.net
38 KB
0 adobedtm.com Failed
assets.adobedtm.com Failed
9 4
Domain Requested by
2 cir2login.b2clogin.com cir2login.b2clogin.com
2 cir2.com 2 redirects
1 prodcir2sso.blob.core.windows.net cir2login.b2clogin.com
1 www.cir2.com
0 assets.adobedtm.com Failed cir2login.b2clogin.com
9 5

This site contains no links.

Subject Issuer Validity Valid
joincambridge.com
Go Daddy Secure Certificate Authority - G2		 2021-11-18 -
2022-11-18		 a year crt.sh
graph.windows.net
DigiCert SHA2 Secure Server CA		 2022-06-09 -
2023-06-09		 a year crt.sh
*.blob.core.windows.net
Microsoft RSA TLS CA 02		 2022-05-14 -
2023-05-14		 a year crt.sh

This page contains 1 frames:

Primary Page: https://cir2login.b2clogin.com/login.cir2.com/B2C_1A_Signin_SAML/samlp/sso/login
Frame ID: A3DEEE609D50068EC6A24AEA19135042
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Loading...

Page URL History Show full URLs

  1. http://cir2.com/ HTTP 302
    https://cir2.com/ HTTP 302
    https://www.cir2.com/ Page URL
  2. https://cir2login.b2clogin.com/login.cir2.com/B2C_1A_Signin_SAML/samlp/sso/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

9
Requests

44 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

4
IPs

2
Countries

169 kB
Transfer

220 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://cir2.com/ HTTP 302
    https://cir2.com/ HTTP 302
    https://www.cir2.com/ Page URL
  2. https://cir2login.b2clogin.com/login.cir2.com/B2C_1A_Signin_SAML/samlp/sso/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://cir2.com/ HTTP 302
  • https://cir2.com/ HTTP 302
  • https://www.cir2.com/

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
www.cir2.com/
Redirect Chain
  • http://cir2.com/
  • https://cir2.com/
  • https://www.cir2.com/
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.cir2.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.22.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-22-150.compute-1.amazonaws.com
Software
Apache /
Resource Hash
195f77cde76e743c92a64ee43c04149caabb60517dd09e8e2dcd58a35e47346b
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://wealthport.cir2.com https://rc.wealthmsi.com;
X-Frame-Options ALLOW-FROM https://wealthport.cir2.com

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-PINGOTHER,Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods
GET,OPTIONS
Cache-Control
private, max-age=0, no-cache, no-store
Cache-control
no-cache="set-cookie"
Connection
keep-alive
Content-Disposition
inline
Content-Encoding
gzip
Content-Length
1152
Content-Security-Policy
frame-ancestors https://wealthport.cir2.com https://rc.wealthmsi.com;
Content-Type
text/html; charset=UTF-8
Date
Wed, 20 Jul 2022 14:18:57 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
X-Dispatcher
dispatcher1useast1
X-Frame-Options
ALLOW-FROM https://wealthport.cir2.com
X-Vhost
publish

Redirect headers

Connection
Keep-Alive
Content-Length
0
Location
https://www.cir2.com/
Server
BigIP
Primary Request login
cir2login.b2clogin.com/login.cir2.com/B2C_1A_Signin_SAML/samlp/sso/ 		82 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cir2login.b2clogin.com/login.cir2.com/B2C_1A_Signin_SAML/samlp/sso/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.159.73 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d82df52f58fdcf47666902e947bc58d0dfbf24c333498ff647b07365e2f11f7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.cir2.com
Referer
https://www.cir2.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Allow
OPTIONS TRACE GET HEAD POST
Cache-Control
no-store, must-revalidate, no-cache
Content-Encoding
gzip
Content-Length
27479
Content-Type
text/html; charset=utf-8
Date
Wed, 20 Jul 2022 14:19:00 GMT
Expires
-1
Public
OPTIONS,TRACE,GET,HEAD,POST
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Build
1.0.2665.0
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-Request-ID
d01a0270-fde1-4d58-9e89-3853adff4650
X-UA-Compatible
IE=edge
X-XSS-Protection
1; mode=block
x-ms-gateway-requestid
b985ba16-a1b3-4399-a388-8bc5c834d380
jquery-bundle-1.10.2.min.js
cir2login.b2clogin.com/static/bundles/ 		100 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cir2login.b2clogin.com/static/bundles/jquery-bundle-1.10.2.min.js?slice=001-000&dc=DB3
Requested by
Host: cir2login.b2clogin.com
URL: https://cir2login.b2clogin.com/login.cir2.com/B2C_1A_Signin_SAML/samlp/sso/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.159.73 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a035f5bc873960a65bcb6493b4d18782247a5a5d8cad443d297c853b09ea7bb4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cir2login.b2clogin.com/login.cir2.com/B2C_1A_Signin_SAML/samlp/sso/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Wed, 13 Jul 2022 10:07:00 GMT
ETag
"0fab84aa096d81:0"
X-Frame-Options
DENY
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Max-Age
3600
Date
Wed, 20 Jul 2022 14:19:00 GMT
Accept-Ranges
bytes
Content-Length
101973
X-XSS-Protection
1; mode=block
custom_idpSelector.cshtml
prodcir2sso.blob.core.windows.net/cir2sso/ 		37 KB
38 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prodcir2sso.blob.core.windows.net/cir2sso/custom_idpSelector.cshtml
Requested by
Host: cir2login.b2clogin.com
URL: https://cir2login.b2clogin.com/login.cir2.com/B2C_1A_Signin_SAML/samlp/sso/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.177.228 -, , ASN (),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
238bd0420898770a315b3731da3cb706cc288a253d2b8e64c8fcdcc20032f6c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cir2login.b2clogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Wed, 20 Jul 2022 14:19:00 GMT
Content-MD5
KOUDcZqnNJLf00UgAof00A==
Content-Length
38145
x-ms-lease-status
unlocked
Last-Modified
Wed, 04 May 2022 00:57:00 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
0x8DA2D68FEE566D5
Vary
Origin
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://cir2login.b2clogin.com
x-ms-request-id
e8341553-b01e-00a8-3843-9c9a6f000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
max-age=3600
Access-Control-Allow-Credentials
true
x-ms-version
2009-09-19
cambridgelogo.svg
prodcir2sso.blob.core.windows.net/cir2sso/ 		0
0
Background.jpg
prodcir2sso.blob.core.windows.net/cir2sso/ 		0
0
launch-ee6034ce4224.min.js
assets.adobedtm.com/e3f907a05819/b6d255440478/ 		0
0
segoeui_bold.WOFF
cir2login.b2clogin.com/static/tenant/templates/fonts/ 		0
0
segoeui.WOFF
cir2login.b2clogin.com/static/tenant/templates/fonts/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
prodcir2sso.blob.core.windows.net
URL
https://prodcir2sso.blob.core.windows.net/cir2sso/cambridgelogo.svg
Domain
prodcir2sso.blob.core.windows.net
URL
https://prodcir2sso.blob.core.windows.net/cir2sso/Background.jpg
Domain
assets.adobedtm.com
URL
https://assets.adobedtm.com/e3f907a05819/b6d255440478/launch-ee6034ce4224.min.js?_=1658326740918
Domain
cir2login.b2clogin.com
URL
https://cir2login.b2clogin.com/static/tenant/templates/fonts/segoeui_bold.WOFF
Domain
cir2login.b2clogin.com
URL
https://cir2login.b2clogin.com/static/tenant/templates/fonts/segoeui.WOFF

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery object| CP object| SA_FIELDS object| CONTENT object| SETTINGS string| staticHost string| targetSlice string| targetDc number| initializationTimeout boolean| diagsAlways number| maxTrace function| $trace object| $diags object| $santizer object| $cors object| $i2e object| $element boolean| pageReady object| Handlebars

6 Cookies

Domain/Path Name / Value
www.cir2.com/ Name: AWSELB
Value: BF51A5430657547F64A55BB5DDE3B5211E8322694E5FCA0513A485AC6B50F771DA7743E3AE8628BF5C2CCE1EA5F8010B6B995E3B798C1B881C20D91B75E9D42F9B9E3A3021
www.cir2.com/ Name: AWSELBCORS
Value: BF51A5430657547F64A55BB5DDE3B5211E8322694E5FCA0513A485AC6B50F771DA7743E3AE8628BF5C2CCE1EA5F8010B6B995E3B798C1B881C20D91B75E9D42F9B9E3A3021
www.cir2.com/ Name: saml_request_path
Value: %2F
.cir2login.b2clogin.com/ Name: x-ms-cpim-csrf
Value: TGxRSllYVlZjZDJBQWd3clhqc3V3dmhUdFJacmQzYTFIMzQ5ZzVLMUlleWdacll2TEV2RFBHMVFRMDlURlpNL3h5enExSDc2bFl6UkhFUHZ0bUxzTGc9PTsyMDIyLTA3LTIwVDE0OjE5OjAwLjczNTk4MDNaOzhPUDREenRMYmVsUTdvTDhxUWszN3c9PTt7Ik9yY2hlc3RyYXRpb25TdGVwIjoxfQ==
.cir2login.b2clogin.com/ Name: x-ms-cpim-cache|caia0oh9we2eithtrf9gua_0
Value: m1.3cgUX1hpv5dQTSKJ.B6eZvr06OCNw78smhUARcA==.0.qX57NtfY9fgyRctsBoWrDk3Ne15o2tS3UgbD8m7YXHP539aci8p8OulGUwuqzq+Ka6EopxPZ8dm4lLg0jSkKBeZLJ4Ceiwkfb4iylCleXA6Pbbl5VxCNBDcE7IjB8xAzKIdEOSODFztYm33SCVy26S9cBN7+hsRXSetOnhFT21j76xxji/7qqJimgwf+y2Qk6TmjW2JQYayNZ+T2z0EoxwaShuGiummXq6S+/rbzUMXT87ec3r3L6Sdn+QsxMp1O5nllZoE1gNesKxfOrhV8tqYuaDgZ+WrR66Vo6OIqo749kZsvTIyAF0lhMVic+RsSKV9gS+K3AUariBTi+yzbQWLlPOMgVqM1e+omBqrnt352HQHoA6Gy+6aElmS/qTWZ8wjpMX7347dByNSX6MkH4tbTiAWrbMX13u0Olp1v5XfmKj559dSBhVMDzdXNEn2gjIyhGC2vsX4Jhwkhs0MevCNL5ohG4eQzKzxmFxN+SaLDiI+NImMBqV5oTr5YCn1fFStwzvooCGb0R2tfKXXrDLb7GtsA79lesRSHXC6/awhgFSuok5Ee4N9qhlv0z6NiGDoroVAV80LyMu2N256OGlJ3KtBGgswRsIUBwgd4NcJzl23YDuxs3eaVI66htHqEtdpGcH60b2uyN/jm1/NY0oyOhZ5x5i6KDCCQ8uJK5eqjQP8S2tfRp72f3wb+HjfC4WgIPDefTNPRAb6RBUztDgwHpWAx2AQyqSk3BTB2q64c3vnpK8t4okDR
.cir2login.b2clogin.com/ Name: x-ms-cpim-trans
Value: eyJUX0RJQyI6W3siSSI6ImQwMWEwMjcwLWZkZTEtNGQ1OC05ZTg5LTM4NTNhZGZmNDY1MCIsIlQiOiJjaXIybG9naW4ub25taWNyb3NvZnQuY29tIiwiUCI6IkIyQ18xQV9TaWduaW5fU0FNTCIsIkMiOiJkMGEyY2IzZC1kMzBiLTQzYzUtOTc2My01MmUyZTU2YmQ0Y2EiLCJTIjoxLCJNIjp7fSwiRCI6MH1dLCJDX0lEIjoiZDAxYTAyNzAtZmRlMS00ZDU4LTllODktMzg1M2FkZmY0NjUwIn0=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors https://wealthport.cir2.com https://rc.wealthmsi.com;
X-Frame-Options ALLOW-FROM https://wealthport.cir2.com