auth.baplc.com
Open in
urlscan Pro
104.83.4.51
Public Scan
Effective URL: https://auth.baplc.com/baAuthnApp/Login.jsp?level=10
Submission: On February 03 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on November 23rd 2022. Valid for: a year.
This is the only time auth.baplc.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
6 | 143.204.215.75 143.204.215.75 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 2a00:1450:400... 2a00:1450:400d:80a::2003 | 15169 (GOOGLE) (GOOGLE) | |
3 14 | 104.83.4.51 104.83.4.51 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
19 | 4 |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-75.fra53.r.cloudfront.net
dev-cpmportal.customer360.ba.com |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-83-4-51.deploy.static.akamaitechnologies.com
fedhub.iairgroup.com | |
fed.baplc.com | |
auth.baplc.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
baplc.com
3 redirects
fed.baplc.com auth.baplc.com — Cisco Umbrella Rank: 740817 |
27 KB |
6 |
ba.com
dev-cpmportal.customer360.ba.com |
416 KB |
3 |
iairgroup.com
fedhub.iairgroup.com |
13 KB |
2 |
gstatic.com
fonts.gstatic.com |
22 KB |
19 | 4 |
Domain | Requested by | |
---|---|---|
9 | auth.baplc.com |
1 redirects
auth.baplc.com
|
6 | dev-cpmportal.customer360.ba.com |
dev-cpmportal.customer360.ba.com
|
3 | fedhub.iairgroup.com |
dev-cpmportal.customer360.ba.com
fedhub.iairgroup.com |
2 | fed.baplc.com | 2 redirects |
2 | fonts.gstatic.com |
dev-cpmportal.customer360.ba.com
|
19 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
auth2.baplc.com |
my.baplc.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.dev-cpmportal.customer360.ba.com Amazon RSA 2048 M01 |
2023-02-03 - 2024-03-03 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-01-09 - 2023-04-03 |
3 months | crt.sh |
auth.baplc.com GlobalSign RSA OV SSL CA 2018 |
2022-11-23 - 2023-12-25 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://auth.baplc.com/baAuthnApp/Login.jsp?level=10
Frame ID: D2BADC11D111797D0864818BA48036FE
Requests: 23 HTTP requests in this frame
Screenshot
Page Title
Employee Self Service LoginPage URL History Show full URLs
- https://dev-cpmportal.customer360.ba.com/ Page URL
- https://fedhub.iairgroup.com/as/authorization.oauth2?response_type=code&client_id=CPM_Portal_DEV&redirect... Page URL
-
https://fed.baplc.com/fed/idp/samlv20
HTTP 302
https://fed.baplc.com/fed/user/authnoam?refid=id-9buXKCc66heLca6vY4ylSwOx-lg- HTTP 302
https://auth.baplc.com/obrareq.cgi?wh%3Dfed.baplc.com%20wu%3D%2Ffed%2Fuser%2Fauthnoam%3Frefid%3Did-... HTTP 302
https://auth.baplc.com/baAuthnApp/Login.jsp?level=10 Page URL
Detected technologies
Akamai Bot Manager (Security) ExpandDetected patterns
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
Title: Don't know your password?
Search URL Search Domain Scan URL
Title: Help
Search URL Search Domain Scan URL
Title: my.baplc.com
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://dev-cpmportal.customer360.ba.com/ Page URL
- https://fedhub.iairgroup.com/as/authorization.oauth2?response_type=code&client_id=CPM_Portal_DEV&redirect_uri=https://dev-cust360-cpm-portal-app.d38atb8spsega2.amplifyapp.com/oauth/callback&scope=openid Page URL
-
https://fed.baplc.com/fed/idp/samlv20
HTTP 302
https://fed.baplc.com/fed/user/authnoam?refid=id-9buXKCc66heLca6vY4ylSwOx-lg- HTTP 302
https://auth.baplc.com/obrareq.cgi?wh%3Dfed.baplc.com%20wu%3D%2Ffed%2Fuser%2Fauthnoam%3Frefid%3Did-9buXKCc66heLca6vY4ylSwOx-lg-%20wo%3D1%20rh%3Dhttps%3A%2F%2Ffed.baplc.com%20ru%3D%252Ffed%252Fuser%252Fauthnoam%20rq%3Drefid%253Did-9buXKCc66heLca6vY4ylSwOx-lg- HTTP 302
https://auth.baplc.com/baAuthnApp/Login.jsp?level=10 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
19 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
dev-cpmportal.customer360.ba.com/ |
9 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runtime.81184651b1ba8d20.js
dev-cpmportal.customer360.ba.com/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
polyfills.49a0b918b7661d9a.js
dev-cpmportal.customer360.ba.com/ |
33 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.bc5017018308924d.js
dev-cpmportal.customer360.ba.com/ |
1 MB 330 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.2b6020a6b44fb9bf.css
dev-cpmportal.customer360.ba.com/ |
153 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v30/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
authorization.oauth2
fedhub.iairgroup.com/as/ |
2 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BA-logo.png
dev-cpmportal.customer360.ba.com/assets/ |
50 KB 50 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v30/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
47622925
fedhub.iairgroup.com/akam/13/ |
26 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
9 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
157 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
Login.jsp
auth.baplc.com/baAuthnApp/ Redirect Chain
|
5 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
pixel_47622925
fedhub.iairgroup.com/akam/13/ |
0 900 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sso.css
auth.baplc.com/baAuthnApp/style/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login.js
auth.baplc.com/baAuthnApp/ |
16 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
6d61bc
auth.baplc.com/akam/13/ |
26 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.gif
auth.baplc.com/baAuthnApp/ |
2 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bttnLPrmry.gif
auth.baplc.com/baAuthnApp/ |
195 B 551 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bttnRPrmry.gif
auth.baplc.com/baAuthnApp/ |
794 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
9 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
157 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
pixel_6d61bc
auth.baplc.com/akam/13/ |
0 800 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
31 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontentvisibilityautostatechange string| browser string| b_version number| version boolean| ie12andabove boolean| ie11andabove boolean| ie10andbelow boolean| chromiumedge boolean| is_ie boolean| kiosk_machine function| validate_securid function| validate_string_numbers function| strip function| createCookie function| eraseCookie function| openLogWin function| getCookieVal function| getCookie function| brakeframe function| makeSSORequest function| pluginRedirect function| update_error_msg function| toggle_div function| slctRadioBtn function| getNextRadioButton function| checkKeycode function| updateFields function| getFormMethod function| formSubmit string| bazadebezolkohpepadr string| urhehlevkedkilrobacf13 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
auth.baplc.com/securid-cgi/securid.pl | Name: ObFormLoginCookie Value: wh%3Dfed.baplc.com%20wu%3D%2Ffed%2Fuser%2Fauthnoam%3Frefid%3Did-9buXKCc66heLca6vY4ylSwOx-lg-%20wo%3D1%20rh%3Dhttps%3A%2F%2Ffed.baplc.com%20ru%3D%2Ffed%2Fuser%2Fauthnoam%20rq%3Drefid%253Did-9buXKCc66heLca6vY4ylSwOx-lg- |
|
auth.baplc.com/baAuthnApp | Name: JSESSIONID Value: 3B8F59AAA2CAB69FAD9A689735D716DB.rgprd226 |
|
fedhub.iairgroup.com/ | Name: PF Value: RZaEnx8urwmfETZCxfhFNY |
|
fedhub.iairgroup.com/ | Name: pfbrowserid Value: pT8OSwfGMVGDzQG7TxGJ |
|
fedhub.iairgroup.com/ | Name: BIGipServer Value: !fnMw6lksMVYosw0gVhVMNszX3n/87UUPJTzFcjaPwVZAHlOzsgVOT4otxH2oGnwOiptPTPSMVUGFWSU= |
|
.iairgroup.com/ | Name: ak_bmsc Value: 964F62DAABA0B0063F6A2B88280CBEBA~000000000000000000000000000000~YAAQLwRTaPcnu9KFAQAAaGvPFxL3qbHgTrMT5MPnSStJ0obalZTfKrmdQGRmBB7/ACH9G8oKuM6mD+dXhV3BwcsNSD+W/+E+uRl7tWM/dV82qlJGi5DDalkrWuy1wdC2Ts2oyUhsivS9Ix+PdnM8F0RCXSr+50vKGSE3JsX46scgPY1qB8zfd1ffChso9O82x2LiDpBmyfU+drxiPO3dwg190hPLMZDHRVa74HtbjbOoVK3qUGPwjkZiSS6qsB8lrhh277d3hoyBNxcwb0KiwFQQC0z1I8eOTcyv0ltNsNWCeziKeWMMlOb9zWiYEfUGGMr1cwKtnWpKN5jENYKDGOK7sYWXUGQjKHPxUUuUFWopMB333Juwsaaq+zQvBVKQpwUOqyqr31JV1cMGRQb2OGrZwFyMvtoRZMnkSQBV1fUr4XV6WBMQlfk4J78BLEY2k9zdT9X7nDV25DW1LTTRTg/XG0ciCYGCbxmyuWqtzw28 |
|
fed.baplc.com/ | Name: OIFJSESSION Value: 71g8jdvKgd1rjV93MZHG8znQQs1BsvpQcGS7LBNYWwQGsVbVXsvM!-239236649 |
|
fed.baplc.com/ | Name: BIGipServer Value: !uXRSLu7WKDwV7sQgVhVMNszX3n/87YaQH0CqGdIsoD4o38AVih4qx5wGZBD1yPY6oDiJJeh4zA1XOl4= |
|
auth.baplc.com/ | Name: BIGipServer Value: !S6g/23a6ns2vAf0gVhVMNszX3n/87dvlAl9sa7+pbkHXDnGgQMyXvKt0owvPOgTou4F4U7RBzdmOAw0= |
|
.baplc.com/ | Name: ObSSOCookie Value: 9FALVAZqE%2FloykSyJBneeqiX8F%2BD3%2FlRsi6wgJ4C3k9GmtsZ9Syy4rNoUXQfakXxCeeOYqNws0U4Wmb7yMCf%2FBYq2DiIIRKSahQPajVvnWD80WjI%2BcKofHXB%2BvvzMaX4WwlsdJ5G34eYhjCvCLRxKT4F7Hm3SsfgJSAgo9jU3%2FaP09n%2BJymtEUnnH%2FlN8ZW564BNKKmb2HUvTzGwUqXREpe8I7vJXKI%2F51mJzgqTIVRwkkzdyKnnY62ZIWdQpEF08n3Mx1iPxTzqJELUfEPJuCd8aeSqSsrTGPdpItBWlfX0%2FQkWEg55DYq2bsQlDflA5JGsb0CC%2FKmLq2PcBRqZ%2FatAUBFh7Iks6Lqjgaoh%2BH%2BVWo%2FH2QPU4DFOGjFTWKewgvRFZoGpX1n2KpU6tutuinjDuY6XaxznshDWr8rsVXPjjnW38a05%2F9z5OdwR6SnsI06oFNUMKPOOphrXhIhZ5YlMEm1yjSFfns6ZGU4xrzQ%3D |
|
.baplc.com/ | Name: bm_mi Value: 28DE8F6AD13B6C60FA492C989720220B~YAAQLwRTaCsou9KFAQAA0m3PFxK9tFxxnoC/oiM0rrLQAd4Cu2DNXGpkegFblQxOPQxFTN+fKVjOvjs3gHhlyu2+gwv74PgZsgXawhNxIuIkyWf4RhzEIQHY7rbRK/5bFrdE2he863L8pv6oYLkF6ZMjr+bF2ELvfSSp6ujHt9eYZfmuQE2Qno3jZ8OcOJf4b1Xj3ql9YKfNMQiU4mcWABoJXt6STiOsiPzhnSbqH5b/qHUvjYnDg2KeLiSGi5w8p9iFTInM6tRGDvA5TdQqoxrmsdGm4t45/eu776H9zXImu2YHtKZYH1CSuQRh8xqQjgcp2rofGtN+92E6~1 |
|
.baplc.com/ | Name: bm_sv Value: 37E7629605E0447EC40638DD29BD1FE1~YAAQLwRTaCwou9KFAQAA0m3PFxK/cuXSmlnAY7TXE+MBSMZLsNPet5TuQWL6cPnZ/lwuoZkZUd6SzzI3J6rCd7/xdnpsyUFYQOGi1+6JREbz3n6PRpp2i3ivOLolI0Bamw5xsltqAit+d/4jXZKrXtfENVeFGjbruT6YXBsPh/KzytkQX3QPLheIdMOX/BlQ3GjDCh8We9udbRwhUZsJIbHNnQsGo9hrGraaloJeqV/nfUYHLY2FPxAYb5RRIas=~1 |
|
.baplc.com/ | Name: ak_bmsc Value: 015120FE198464E4750B7BD2DC7E4163~000000000000000000000000000000~YAAQLwRTaFgou9KFAQAA9HDPFxJ2zZw6Q9i47oTvaCRwDn1yIIrhh1wtrN8m17g18Fqh3Vbd4uGYM8i1ig3XbfJ73iDkq4WlP50O4tdSZ2fRBnvr6siTl5Z7cM6ZY9NAL9Z1HprJDsdocIpWu4pYyO+q28wfd27GZZsDvLsbyCqvWy1A/WTk3ukg8cxx0iBq61skP4wtfjLIdg+LRravZ7Lis5GoMTxDr0ioziyQK28cCEIIZYjyfYdjNQXKG1/tDCH2FzADFWSVeUuQfEXsO/yVQNRb6qGRCtkyt9v2zSFXGcUuqBUOLhW0sxhNcKyKHkIIgsn0oI0Dx0a8yizcXqiYWeq8KPg+k6ataPiJn3zoUh8VYxzAM7ZRXGvRKAqf7hnfnyFHIfQ= |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
auth.baplc.com
dev-cpmportal.customer360.ba.com
fed.baplc.com
fedhub.iairgroup.com
fonts.gstatic.com
104.83.4.51
143.204.215.75
2a00:1450:400d:80a::2003
051388899c5256386951f7301aa35997a7a74b4ae6c7c79dc56431881b537303
0e83ac9b45c3c0f2ed23f06f8a27387bb40ac58096bc04107a9f835439aeaf3a
42718f78b61a9787f849a8bcc6a034b1342c98c008412a04d23666e852d9918d
5a9f581594c55436401a63fee664519d1e148294986096d1d586539422253acc
5c6bd2e200fa59d3d5c4cbc682d3b79dba9cd7e00e1f30d16a48c836348ec011
63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7
64bc2041cee4d591f16ea903dd55e9a8530f2256f00a043a72865807ffdaffa9
739ae1169f7f331349572a42340941f8f3a99e29cfee8b6b534453de792ed767
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
7a8f1dd57001a80164eaca9d38b0fce854efda700a8b7b9bcc3d6208b5913462
7bc5ef548dbde54ff0472e34814e5a79a711865437493388d8d01e7eb7f7220e
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
85494d64b2ee6ff0dce6bb0e4f30dd2e9c3638da2ee2d1222e4adf4c33db19fb
8f99c045ade1226907be8137930d8ddb656d47ebc14f11a8873f17f45d450469
a05121ea07e43858d69eb504f20a2c0b35b55e363fdce8694b845503ec033815
d27ad9023ed56791edfc5f3e7c3a7cd8ee0cc5b579252b8e14bb8bec2761a4f2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f59afa40647ce04a823c8ff7cbeab77918f3c898249bc4d05b0b7b350d912e88