clientportal.wtwsaas.dev
Open in
urlscan Pro
13.107.246.45
Public Scan
Effective URL: https://clientportal.wtwsaas.dev/
Submission: On July 11 via manual from SG — Scanned from NL
Summary
TLS certificate: Issued by GeoTrust Global TLS RSA4096 SHA256 20... on July 3rd 2023. Valid for: 6 months.
This is the only time clientportal.wtwsaas.dev was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 1 | 2603:1026:300... 2603:1026:3000:148::10 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 2 2 | 2603:1027:1:1... 2603:1027:1:148::b | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 1 | 13.107.246.45 13.107.246.45 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 1 | 1 |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| login.microsoftonline.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| invitations.microsoft.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 2 |
microsoft.com
2 redirects
invitations.microsoft.com — Cisco Umbrella Rank: 163782 |
921 B |
| 1 |
wtwsaas.dev
clientportal.wtwsaas.dev |
1 KB |
| 1 |
microsoftonline.com
1 redirects
login.microsoftonline.com — Cisco Umbrella Rank: 23 |
2 KB |
| 1 | 3 |
| Domain | Requested by | |
|---|---|---|
| 2 | invitations.microsoft.com | 2 redirects |
| 1 | clientportal.wtwsaas.dev | |
| 1 | login.microsoftonline.com | 1 redirects |
| 1 | 3 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| clientportal.wtwsaas.dev GeoTrust Global TLS RSA4096 SHA256 2022 CA1 |
2023-07-03 - 2024-01-03 |
6 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://clientportal.wtwsaas.dev/
Frame ID: FEAF6B4F63041D193C744468037EC0BB
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
MicrosoftPage URL History Show full URLs
-
https://login.microsoftonline.com/redeem?rd=https%3a%2f%2finvitations.microsoft.com%2fredeem%2f%3ftenant%3d725...
HTTP 302
https://invitations.microsoft.com/redeem/?tenant=725aa4e2-8992-4c15-931a-93719d2b5e12&user=46c08e9a-ecdc-4b85-... HTTP 302
https://invitations.microsoft.com/redeem/redeeming?tenant=725aa4e2-8992-4c15-931a-93719d2b5e12&user=46c08e9a-e... HTTP 302
https://clientportal.wtwsaas.dev/ Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://login.microsoftonline.com/redeem?rd=https%3a%2f%2finvitations.microsoft.com%2fredeem%2f%3ftenant%3d725aa4e2-8992-4c15-931a-93719d2b5e12%26user%3d46c08e9a-ecdc-4b85-a039-12a7fd977865%26ticket%3dpwjUmBPv5kBum6KoQoz8Y4qxJIyB9QrgtpkdjfdwnDg%25253d%26ver%3d2.0
HTTP 302
https://invitations.microsoft.com/redeem/?tenant=725aa4e2-8992-4c15-931a-93719d2b5e12&user=46c08e9a-ecdc-4b85-a039-12a7fd977865&ticket=pwjUmBPv5kBum6KoQoz8Y4qxJIyB9QrgtpkdjfdwnDg%253d&ver=2.0 HTTP 302
https://invitations.microsoft.com/redeem/redeeming?tenant=725aa4e2-8992-4c15-931a-93719d2b5e12&user=46c08e9a-ecdc-4b85-a039-12a7fd977865&ticket=pwjUmBPv5kBum6KoQoz8Y4qxJIyB9QrgtpkdjfdwnDg%3D&ver=2.0 HTTP 302
https://clientportal.wtwsaas.dev/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
1 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
clientportal.wtwsaas.dev/ Redirect Chain
|
886 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| onbeforetoggle object| onscrollend6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| login.microsoftonline.com/ | Name: rrc Value: 1 |
|
| login.microsoftonline.com/ | Name: fpc Value: Ah50pvqBEitMpCEmgNXvWlE |
|
| .login.microsoftonline.com/ | Name: esctx Value: PAQABAAEAAAD--DLA3VO7QrddgJg7Wevra3qcuwTSE1eMXSY1QHIdFsaVPA-uhEfIhSDVYgby2s22fqgZ5-n8mIWKY72bNkPVWRlkn3pPKylpgY2NRvcMBEk0VYilmvn3ShChTXedwcjUw4dgqVI3YQdl2wMyIWEpckRft6nXH_X4NHnNwUS-fa5Z28G_ZFof4YD50KbBrT4gAA |
|
| login.microsoftonline.com/ | Name: x-ms-gateway-slice Value: estsfd |
|
| login.microsoftonline.com/ | Name: stsservicecookie Value: estsfd |
|
| invitations.microsoft.com/ | Name: AadB2BLoggingSessionId Value: ee5e4b02-eea2-4efd-86aa-9650b50cad41 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
clientportal.wtwsaas.dev
invitations.microsoft.com
login.microsoftonline.com
13.107.246.45
2603:1026:3000:148::10
2603:1027:1:148::b
ca38eba03979e75b048ea02979a9b81f3fffb47bb4a0bea5824d8b6b2227bdce