level-alignment-client.prd.aws.netlight.com
Open in
urlscan Pro
18.245.86.102
Public Scan
Effective URL: https://level-alignment-client.prd.aws.netlight.com/login
Submission: On April 27 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by Amazon RSA 2048 M02 on June 27th 2023. Valid for: a year.
This is the only time level-alignment-client.prd.aws.netlight.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
12 | 18.245.86.102 18.245.86.102 | 16509 (AMAZON-02) (AMAZON-02) | |
4 | 2a00:1450:400... 2a00:1450:4001:806::2008 | 15169 (GOOGLE) (GOOGLE) | |
4 | 2603:1026:300... 2603:1026:3000:148::12 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 2001:4860:480... 2001:4860:4802:34::36 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2603:1026:300... 2603:1026:3000:150::a | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 216.239.32.36 216.239.32.36 | 15169 (GOOGLE) (GOOGLE) | |
31 | 7 |
ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-102.fra60.r.cloudfront.net
level-alignment-client.prd.aws.netlight.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
netlight.com
level-alignment-client.prd.aws.netlight.com |
604 KB |
6 |
microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 10 |
4 KB |
4 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39 |
92 KB |
2 |
google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2404 |
290 B |
31 | 4 |
Domain | Requested by | |
---|---|---|
12 | level-alignment-client.prd.aws.netlight.com |
level-alignment-client.prd.aws.netlight.com
|
6 | login.microsoftonline.com |
level-alignment-client.prd.aws.netlight.com
|
4 | www.googletagmanager.com |
level-alignment-client.prd.aws.netlight.com
|
2 | region1.google-analytics.com |
www.googletagmanager.com
|
31 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
netlight.com Amazon RSA 2048 M02 |
2023-06-27 - 2024-07-25 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2024-04-08 - 2024-07-01 |
3 months | crt.sh |
stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA |
2024-04-04 - 2025-04-04 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://level-alignment-client.prd.aws.netlight.com/login
Frame ID: 1A4062490AFBB7E86CDC2ABAF9A04905
Requests: 21 HTTP requests in this frame
Frame:
https://login.microsoftonline.com/d4110288-bf1e-4337-97ab-a5c51371dcea/oauth2/v2.0/authorize?client_id=69a6feea-9921-4914-9ae0-2a8760e9b69f&scope=api%3A%2F%2F717aaf54-6553-432e-85ca-b2399c7f87f6%2FMe.Read%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Flevel-alignment-client.prd.aws.netlight.com%2F&client-request-id=620b75f8-eefd-4552-8613-a54635e88bb7&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.38.4&client_info=1&code_challenge=Fx4AcKaV1AynwZmUN0Lg5k6MBiY9sOLfoUOFLz3c-wU&code_challenge_method=S256&prompt=none&nonce=498af4bd-33de-4321-bcd7-2170c722caff&state=eyJpZCI6IjI4M2FmMDE2LWNmNjEtNDNiZS05NzhiLWMwMDk3ZGJmZTFmMyIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoic2lsZW50In19
Frame ID: 5DF2247498D5B8C0FE99651F378A4742
Requests: 5 HTTP requests in this frame
Frame:
https://login.microsoftonline.com/d4110288-bf1e-4337-97ab-a5c51371dcea/oauth2/v2.0/authorize?client_id=69a6feea-9921-4914-9ae0-2a8760e9b69f&scope=api%3A%2F%2F717aaf54-6553-432e-85ca-b2399c7f87f6%2FMe.Read%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Flevel-alignment-client.prd.aws.netlight.com%2F&client-request-id=bb8894e4-ec23-4ff0-a270-928098384ba0&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.38.4&client_info=1&code_challenge=fRkeMdFUMn120hg9IJW3VeoS2cc_kYGa344nVriXHS0&code_challenge_method=S256&prompt=none&nonce=bde4f433-d2e3-43da-992f-aac060825b2e&state=eyJpZCI6IjYyMTBhYmFmLTUyOTUtNDQ0NS04M2Y4LWEwM2UyYjY0YTVlZSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoic2lsZW50In19
Frame ID: 993D158A6788058F1A4D2C784F9805C9
Requests: 5 HTTP requests in this frame
Screenshot
Page Title
Level AlignmentPage URL History Show full URLs
- https://level-alignment-client.prd.aws.netlight.com/ Page URL
- https://level-alignment-client.prd.aws.netlight.com/login Page URL
Detected technologies
Google Analytics (Analytics) ExpandDetected patterns
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://level-alignment-client.prd.aws.netlight.com/ Page URL
- https://level-alignment-client.prd.aws.netlight.com/login Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
31 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
level-alignment-client.prd.aws.netlight.com/ |
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
262 KB 92 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index-a80fe3fa.js
level-alignment-client.prd.aws.netlight.com/assets/ |
963 KB 270 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index-026e1471.css
level-alignment-client.prd.aws.netlight.com/assets/ |
34 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
proximanova-regular-webfont-bc902768.woff2
level-alignment-client.prd.aws.netlight.com/assets/ |
14 KB 15 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
instance
login.microsoftonline.com/common/discovery/ |
980 B 2 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
instance
login.microsoftonline.com/common/discovery/ |
980 B 0 |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 273 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
level-alignment-client.prd.aws.netlight.com/ |
15 KB 15 KB |
Other
image/vnd.microsoft.icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
openid-configuration
login.microsoftonline.com/d4110288-bf1e-4337-97ab-a5c51371dcea/v2.0/.well-known/ |
2 KB 2 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
openid-configuration
login.microsoftonline.com/d4110288-bf1e-4337-97ab-a5c51371dcea/v2.0/.well-known/ |
2 KB 0 |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
authorize
login.microsoftonline.com/d4110288-bf1e-4337-97ab-a5c51371dcea/oauth2/v2.0/ Frame 5DF2 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
authorize
login.microsoftonline.com/d4110288-bf1e-4337-97ab-a5c51371dcea/oauth2/v2.0/ Frame 993D |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ Frame 993D |
262 KB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
index-a80fe3fa.js
level-alignment-client.prd.aws.netlight.com/assets/ Frame 993D |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
index-026e1471.css
level-alignment-client.prd.aws.netlight.com/assets/ Frame 993D |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
proximanova-regular-webfont-bc902768.woff2
level-alignment-client.prd.aws.netlight.com/assets/ Frame 993D |
14 KB 0 |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
login
level-alignment-client.prd.aws.netlight.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ Frame 5DF2 |
262 KB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
index-a80fe3fa.js
level-alignment-client.prd.aws.netlight.com/assets/ Frame 5DF2 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
index-026e1471.css
level-alignment-client.prd.aws.netlight.com/assets/ Frame 5DF2 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
collect
region1.google-analytics.com/g/ Frame 5DF2 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
login
level-alignment-client.prd.aws.netlight.com/ |
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
collect
region1.google-analytics.com/g/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
262 KB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index-a80fe3fa.js
level-alignment-client.prd.aws.netlight.com/assets/ |
963 KB 270 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index-026e1471.css
level-alignment-client.prd.aws.netlight.com/assets/ |
34 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
region1.google-analytics.com/g/ |
0 17 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
level-alignment-client.prd.aws.netlight.com/ |
15 KB 244 B |
Other
image/vnd.microsoft.icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loginScreen.svg
level-alignment-client.prd.aws.netlight.com/assets/src/frontend-shared/assets/img/ |
1 KB 1 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
proximanova-bold-webfont-6b1a95ae.woff2
level-alignment-client.prd.aws.netlight.com/assets/ |
14 KB 15 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- level-alignment-client.prd.aws.netlight.com
- URL
- https://level-alignment-client.prd.aws.netlight.com/assets/index-a80fe3fa.js
- Domain
- level-alignment-client.prd.aws.netlight.com
- URL
- https://level-alignment-client.prd.aws.netlight.com/assets/index-026e1471.css
- Domain
- level-alignment-client.prd.aws.netlight.com
- URL
- https://level-alignment-client.prd.aws.netlight.com/login
- Domain
- level-alignment-client.prd.aws.netlight.com
- URL
- https://level-alignment-client.prd.aws.netlight.com/assets/index-a80fe3fa.js
- Domain
- level-alignment-client.prd.aws.netlight.com
- URL
- https://level-alignment-client.prd.aws.netlight.com/assets/index-026e1471.css
- Domain
- region1.google-analytics.com
- URL
- https://region1.google-analytics.com/g/collect?v=2&tid=G-3LL31KBX5S>m=45je44o0v873167964za200&_p=1714186992915&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1950483647.1714186992&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1714186992&sct=1&seg=1&dl=https%3A%2F%2Flevel-alignment-client.prd.aws.netlight.com%2F&dr=https%3A%2F%2Flogin.microsoftonline.com%2F&dt=Level%20Alignment&en=page_view&_ee=1&tfd=102
- Domain
- region1.google-analytics.com
- URL
- https://region1.google-analytics.com/g/collect?v=2&tid=G-3LL31KBX5S>m=45je44o0v873167964za200&_p=1714186992333&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1950483647.1714186992&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=AEA&_s=2&sid=1714186992&sct=1&seg=0&dl=https%3A%2F%2Flevel-alignment-client.prd.aws.netlight.com%2F&dt=Level%20Alignment&en=scroll&epn.percent_scrolled=90&_et=5&tfd=822
Verdicts & Comments Add Verdict or Comment
7 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| gtag object| dataLayer object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal string| __reactRouterVersion11 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.netlight.com/ | Name: _ga Value: GA1.1.1950483647.1714186992 |
|
.login.microsoftonline.com/ | Name: esctx-9xtdNOfhQ8Q Value: AQABCQEAAADnfolhJpSnRYB1SVj-Hgd88XZxGW88Bjvf0IK5UKzBfKy-ApTB1CNMsRK54DhhsAOtDcpBVlQMQQPcE1lO5iSKKKFqlyMKLfhaWl69SlpLD07LLcRoCHtl4TArbnEU_AfbeerRT6E-EIjE-lgOdBe4NBEcYNHVtENkCIZKYHxNQiAA |
|
login.microsoftonline.com/ | Name: x-ms-gateway-slice Value: estsfd |
|
login.microsoftonline.com/ | Name: stsservicecookie Value: estsfd |
|
.login.microsoftonline.com/ | Name: esctx-1gFFAbsDxFg Value: AQABCQEAAADnfolhJpSnRYB1SVj-Hgd8N2BE4FYqVB6eMGlm_H84nrq3FQasUmuGBiVHSejGJl70G2-uvcGzmms51mG04zBjFlRktUypJ9IJWsK1RqlvCk5a2WCAC65aIHxYjFYkjqXl-bxDxXScGWYWtm_YdK4JA9g-Z21cOqfMu9UBxlpuGiAA |
|
.login.microsoftonline.com/ | Name: esctx Value: PAQABBwEAAADnfolhJpSnRYB1SVj-Hgd8Mx6NPRZNBA9hPDupVVoJQGUBgI59-OgHoj7_glb-jKJl8WwALV1HnytzIkNRFL1TW8patqperZvUXrjlTqVATX8DlERTDlYXF9M8eSIqqPb4VtotME27OmZ165uv664D6SRgOWDG54Ya3X43HaohBRAsisqjT3qXk2cOmX7DViYgAA |
|
.login.microsoftonline.com/ | Name: AADSSO Value: NA|NoExtension |
|
login.microsoftonline.com/ | Name: SSOCOOKIEPULLED Value: 1 |
|
login.microsoftonline.com/ | Name: fpc Value: AvCbvxjzvIhIn-BFbi2SyRjzrYTcAQAAAPBhvt0OAAAA |
|
login.microsoftonline.com/ | Name: buid Value: 0.ASEAiAIR1B6_N0OXq6XFE3Hc6ur-pmkhmRRJmuAqh2Dptp-GAAA.AQABGgEAAADnfolhJpSnRYB1SVj-Hgd8eGRhrdfJOhohq602jMEBofPKgc5aJYh7z6YzA0ZJL8rZt28yUxA0BW1r0xnAxjFmRd36qj5GaN5amhW0iDHivasw57R9R6rxlsppFu2rUCIgAA |
|
.netlight.com/ | Name: _ga_3LL31KBX5S Value: GS1.1.1714186992.1.1.1714186993.0.0.0 |
36 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
level-alignment-client.prd.aws.netlight.com
login.microsoftonline.com
region1.google-analytics.com
www.googletagmanager.com
level-alignment-client.prd.aws.netlight.com
region1.google-analytics.com
18.245.86.102
2001:4860:4802:34::36
216.239.32.36
2603:1026:3000:148::12
2603:1026:3000:150::a
2a00:1450:4001:806::2008
001123d8e14b342c0d4a8d9da9650206070dd5abf4cc415c135dd935c1c1fa32
026e147117e136ecdbc2cb87b4321684708eb06e7ad4b08580c16a6b7c4cc855
2003585405464962073899d250395c258b7edc1f49d9854e86b333f46d9ce1c3
2fd378b6971345107b21333204d331a4427145600da991ae1616c87c34d87ba1
6b18ad73522d68a7a8d22dc53037ca938d297da91ca0da77aab4e35f9edfa63e
6b1a95aed3687521fcbf654063d65a3facbe97c96c888c9016bbe8d1c719637f
b64403bacbccb96a8fa238831e069a683522f29ca77906b084478ca822ce64af
bc902768c2ec3a51106337c1b7b7ee9d0994a21f795b879db7cd24029edd33c7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f14f6a900816728c81ae43cce38fb12c27f3f567a00416a9d3f396464fa0549f