qa.nitro-integrations.biw.cloud Open in urlscan Pro
18.245.46.60 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://qa.nitro-integrations.biw.cloud/
Submission Tags: phishingrod
Submission: On August 30 via api (August 30th 2024, 8:24:08 am UTC) from DE — Scanned from DE

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 1 countries across 2 domains to perform 11 HTTP transactions. The main IP is 18.245.46.60, located in United States and belongs to AMAZON-02, US. The main domain is qa.nitro-integrations.biw.cloud.
TLS certificate: Issued by Amazon RSA 2048 M03 on September 30th 2023. Valid for: a year.

This is the only time qa.nitro-integrations.biw.cloud was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	18.245.46.60 18.245.46.60	16509 (AMAZON-02) (AMAZON-02)
2	13.32.110.68 13.32.110.68	16509 (AMAZON-02) (AMAZON-02)
1 2	35.81.198.235 35.81.198.235	16509 (AMAZON-02) (AMAZON-02)
11	4

7 18.245.46.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-46-60.fra56.r.cloudfront.net

qa.nitro-integrations.biw.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.110.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-68.vie50.r.cloudfront.net

scripts.biw.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.81.198.235 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-81-198-235.us-west-2.compute.amazonaws.com

qa.api.biw.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	biw.cloud 1 redirects qa.nitro-integrations.biw.cloud scripts.biw.cloud qa.api.biw.cloud	1 MB
0	microsoftonline.com Failed login.microsoftonline.com Failed
11	2

	Domain	Requested by
7	qa.nitro-integrations.biw.cloud	qa.nitro-integrations.biw.cloud
2	qa.api.biw.cloud	1 redirects qa.nitro-integrations.biw.cloud
2	scripts.biw.cloud	qa.nitro-integrations.biw.cloud
0	login.microsoftonline.com Failed	qa.nitro-integrations.biw.cloud
11	4

This site contains no links.

Subject Issuer	Validity	Valid
*.qa.nitro-integrations.biw.cloud Amazon RSA 2048 M03	`2023-09-30` - `2024-10-28`	a year	crt.sh
*.scripts.biw.cloud Amazon RSA 2048 M03	`2023-11-26` - `2024-12-25`	a year	crt.sh
qa-apps-us.cpd-apps-np.cluster.biw.cloud Amazon RSA 2048 M02	`2024-06-12` - `2025-07-11`	a year	crt.sh

This page contains 2 frames:

Frame: https://login.microsoftonline.com/d05ff0aa-d1f9-4dc3-a612-900ffab94d9f/saml2?SAMLRequest=fZLPT8MgHMXv%2FhUNd1pK69aStWbxR7JkHtzUgxfDCkySFipf6px%2FvazbjF48Qt7nPfIes6vPro0%2BpANtTYXSmKBImsYKbbYVenq8wwW6qi9mwLuW9mw%2B%2BDezku%2BDBB%2FNAaTzgbu2BoZOurV0H7qRT6tlhd6874ElyUbvYh6oeAC8CxSmMe%2F4lw0ZW6O9jRvbJaN7okXvJPTBTKLoJmi14X581tmstVtt4k43zoJV3ppWGzk6CHKpFOEci1SVOBdNhvkkpbgkRCm%2BKXNRqmMMihY3FXoVQtC0UBs8yaYC50WhMC%2BmEjeBSGlWpjwrghRgkAsDnhtfIUpojkmBM%2FJICkZzRqZxXqYvKHo%2BF0gPBYZKDbBjZRUanGGWgwZmeCeB%2BYat5%2FdLFqSsd9bbxraoPjbMxkAX3VnXcf8%2Fe7jRAqtRyqTx2u%2F%2FZP%2BP8%2FN6qD7IjqOw0yoMevYz2Out36v1fNo%2FzJLfr6xPx7%2Ffov4G&RelayState=H4sIAAAAAAAAAD2RW7OaMBSF_0ueDZeAEHhT8HjBU_WotLbTYUISID2BoCJeOv3vDTOdvq3svXb2ypffgIAQ3K7wzq8dRNmsexb7id_uwAjkujNdfoX7yfsaLuOtLlFd8htP9RQFhef46Cw73lQXq7bEtdYGpg1V17XX0DTPxCCtMHJxN6hUN2b2timYSVXZiE6ZUpUlZ6LRU1xPdeqTD7rQetioZQnCH4DXREh9UC1vBNOivahCSA5-jsCn9h69dDYnxfztsJZxcM54tFlJ8YDJartcTFldV2lUBW_2c_uKy3tySJ5pRqZJVZQyGT-r4_z0Wqb2bYYRe1Wnep1m080mbtLSo2jZH-YXmagT9d2yuXi7YEZ36149JlH0_i3eizb-9bHCX74fF9niLtcf4ybd9XQTbf1HP79tdqqMUYTsSfBY9a6lw0udeABCbl1l_MdukJq8VPOPjEHVgLIGoe2jsWV5yPX1s0FYEHnlI3DRd2CCLYIcCjEnPnTHgQ9zl1GYU27bjuMW2BtYddqaMcaQjYsc6g9j0MW4gAT7HNLAsmzkBDZxMPjzF_ZcUqMKAgAA.H4sIAAAAAAAAAAEgAN__72Ep6ZUO6E2xeEbkIIoT5z28LgcM6DLOr5AA-eK372tUOIJ_IAAAAA.3
Frame ID: F02162D91E8C2AA809633C718C6D6B0A
Requests: 7 HTTP requests in this frame

Frame: https://qa.nitro-integrations.biw.cloud/oidc_renew?error=login_required&error_description=End-User%20authentication%20is%20required&state=d4e408316fcf40bd95e4a57664d8e68e&session_state=ad3360a02cc66bc630ff61c50a500bd0993d6f8fcb7023efdf69089cbb0caa99.91940b7dd3dc9d4e
Frame ID: 1FD71620CC402DA149E424D1E4DEBB75
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Nitro Integrations

Detected technologies

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

Page Statistics

11
Requests

91 %
HTTPS

0 %
IPv6

2
Domains

4
Subdomains

4
IPs

1
Countries

1076 kB
Transfer

8791 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://qa.api.biw.cloud/v1/id/auth?client_id=https%3A%2F%2Fqa.nitro-integrations.biw.cloud&redirect_uri=https%3A%2F%2Fqa.nitro-integrations.biw.cloud%2Foidc_renew&response_type=code&scope=openid&state=d4e408316fcf40bd95e4a57664d8e68e&code_challenge=dewlNSWrgrKu_EKt5Z3biC-HRpJ4_HM-pwilwLekwa4&code_challenge_method=S256&prompt=none&response_mode=query HTTP 302
https://qa.nitro-integrations.biw.cloud/oidc_renew?error=login_required&error_description=End-User%20authentication%20is%20required&state=d4e408316fcf40bd95e4a57664d8e68e&session_state=ad3360a02cc66bc630ff61c50a500bd0993d6f8fcb7023efdf69089cbb0caa99.91940b7dd3dc9d4e

Request Chain 9

https://qa.api.biw.cloud/v1/id/auth?client_id=https%3A%2F%2Fqa.nitro-integrations.biw.cloud&redirect_uri=https%3A%2F%2Fqa.nitro-integrations.biw.cloud%2Foidc_signin&response_type=code&scope=openid%20profile%20company%20permissions%20email%20recovery%20address%20phone&state=ca124e3648134f8da9892b70209e150e&code_challenge=Q371yL2vtNKYVq40IgGt-I843W6MuYCn8tsyz7O-j_o&code_challenge_method=S256&response_mode=query HTTP 302
https://qa.api.biw.cloud/v1/id/interaction/7e926164-8d79-4c7c-a840-fdcda7d6ca34 HTTP 302
https://biw.auth.us-west-2.amazoncognito.com/authorize?response_type=token&client_id=7n6ovc29f6372qltenhr0m0ism&redirect_uri=https%3A%2F%2Fqa.api.biw.cloud%2Fv1%2Fid%2Fcognito%2Floggedin HTTP 302
https://login.microsoftonline.com/d05ff0aa-d1f9-4dc3-a612-900ffab94d9f/saml2?SAMLRequest=fZLPT8MgHMXv%2FhUNd1pK69aStWbxR7JkHtzUgxfDCkySFipf6px%2FvazbjF48Qt7nPfIes6vPro0%2BpANtTYXSmKBImsYKbbYVenq8wwW6qi9mwLuW9mw%2B%2BDezku%2BDBB%2FNAaTzgbu2BoZOurV0H7qRT6tlhd6874ElyUbvYh6oeAC8CxSmMe%2F4lw0ZW6O9jRvbJaN7okXvJPTBTKLoJmi14X581tmstVtt4k43zoJV3ppWGzk6CHKpFOEci1SVOBdNhvkkpbgkRCm%2BKXNRqmMMihY3FXoVQtC0UBs8yaYC50WhMC%2BmEjeBSGlWpjwrghRgkAsDnhtfIUpojkmBM%2FJICkZzRqZxXqYvKHo%2BF0gPBYZKDbBjZRUanGGWgwZmeCeB%2BYat5%2FdLFqSsd9bbxraoPjbMxkAX3VnXcf8%2Fe7jRAqtRyqTx2u%2F%2FZP%2BP8%2FN6qD7IjqOw0yoMevYz2Out36v1fNo%2FzJLfr6xPx7%2Ffov4G&RelayState=H4sIAAAAAAAAAD2RW7OaMBSF_0ueDZeAEHhT8HjBU_WotLbTYUISID2BoCJeOv3vDTOdvq3svXb2ypffgIAQ3K7wzq8dRNmsexb7id_uwAjkujNdfoX7yfsaLuOtLlFd8htP9RQFhef46Cw73lQXq7bEtdYGpg1V17XX0DTPxCCtMHJxN6hUN2b2timYSVXZiE6ZUpUlZ6LRU1xPdeqTD7rQetioZQnCH4DXREh9UC1vBNOivahCSA5-jsCn9h69dDYnxfztsJZxcM54tFlJ8YDJartcTFldV2lUBW_2c_uKy3tySJ5pRqZJVZQyGT-r4_z0Wqb2bYYRe1Wnep1m080mbtLSo2jZH-YXmagT9d2yuXi7YEZ36149JlH0_i3eizb-9bHCX74fF9niLtcf4ybd9XQTbf1HP79tdqqMUYTsSfBY9a6lw0udeABCbl1l_MdukJq8VPOPjEHVgLIGoe2jsWV5yPX1s0FYEHnlI3DRd2CCLYIcCjEnPnTHgQ9zl1GYU27bjuMW2BtYddqaMcaQjYsc6g9j0MW4gAT7HNLAsmzkBDZxMPjzF_ZcUqMKAgAA.H4sIAAAAAAAAAAEgAN__72Ep6ZUO6E2xeEbkIIoT5z28LgcM6DLOr5AA-eK372tUOIJ_IAAAAA.3

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
qa.nitro-integrations.biw.cloud/ 368 B
981 B 675ms
597ms Document
text/html 18.245.46.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://qa.nitro-integrations.biw.cloud/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.46.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-46-60.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d7c94bf1201d2cca479f28f54fe53fb8791b707245dc86ef4159cf18632a9646

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: no-store
content-length: 368
content-type: text/html
date: Fri, 30 Aug 2024 08:24:01 GMT
etag: "45823748c4823f5d38b4ea25d70bc8d8"
last-modified: Mon, 26 Aug 2024 21:46:37 GMT
referrer-policy: same-origin
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 3a52599b74209adc8297b59f7eaa4bce.cloudfront.net (CloudFront)
x-amz-cf-id: zF-RR51Qog48tpyh5_BxKjkC_TMliz0c781HCEAZPR8QYTX7M8NqMw==
x-amz-cf-pop: FRA56-P9
x-amz-meta-biw-cpd-ci-commit
x-amz-meta-biw-cpd-ci-job: deploy-webapp-qa-us
x-amz-meta-biw-cpd-ci-pipeline: 1069293
x-amz-meta-biw-cpd-ci-project: nise-studio
x-amz-meta-biw-cpd-ci-system: gitlab
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-content-type-options: nosniff

GET
H2 200 clickjacking.js Show response
scripts.biw.cloud/ 709 B
1 KB 823ms
630ms Script
application/javascript 13.32.110.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://scripts.biw.cloud/clickjacking.js

Requested by

Host: qa.nitro-integrations.biw.cloud
URL: https://qa.nitro-integrations.biw.cloud/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-110-68.vie50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d91aa73904fd8dd44b4d5c8578a4f0fc0c668de4d569ba0e16d7f34ccd24d492

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 08:24:02 GMT
via: 1.1 485f9ba84065b3ff587a6c536942e6c0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: VIE50-C2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-amz-meta-biw-cpd-ci-system: gitlab
x-amz-meta-biw-cpd-ci-commit
content-length: 709
x-amz-meta-biw-cpd-ci-job: deploy-webapp-prod-us
referrer-policy: same-origin
last-modified: Mon, 05 Feb 2024 17:17:08 GMT
x-amz-meta-biw-cpd-ci-project: script-hosting
server: AmazonS3
etag: "ccdd50344486f098f5582ffffcdd46a1"
vary: Accept-Encoding
content-type: application/javascript
x-amz-meta-biw-cpd-ci-pipeline: 900361
accept-ranges: bytes
x-amz-cf-id: JYCOBl_YsibJS0mTD48lRNrULEPZ77ebKorXmhkh65JQpgscJ4JqbQ==

GET
H2 200 768.ecdf135377f5c59b0de6.js Show response
qa.nitro-integrations.biw.cloud/ 3 MB
969 KB 834ms
832ms Script
application/javascript 18.245.46.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://qa.nitro-integrations.biw.cloud/768.ecdf135377f5c59b0de6.js?04c3328909971429256e

Requested by

Host: qa.nitro-integrations.biw.cloud
URL: https://qa.nitro-integrations.biw.cloud/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.46.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-46-60.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

22e9ad8d9f983d5ecaee9cb2039fe08e6a6690265abe227b977fc7a9906fda19

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://qa.nitro-integrations.biw.cloud/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 08:24:02 GMT
content-encoding: gzip
via: 1.1 3a52599b74209adc8297b59f7eaa4bce.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P9
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-meta-biw-cpd-ci-system: gitlab
x-amz-meta-biw-cpd-ci-commit
x-amz-meta-biw-cpd-ci-job: deploy-webapp-qa-us
referrer-policy: same-origin
last-modified: Mon, 26 Aug 2024 21:46:35 GMT
x-amz-meta-biw-cpd-ci-project: nise-studio
server: AmazonS3
etag: W/"3d645ec105f57648842be3626b05f128"
vary: Accept-Encoding
content-type: application/javascript
x-amz-meta-biw-cpd-ci-pipeline: 1069293
x-amz-cf-id: e_UY3rA-SthAebCq4WuV1O6l8871m2K-0k0tbUlJILr73-RWPH_7mg==

GET
H2 200 app.a18a2e0251fb04725aae.js Show response
qa.nitro-integrations.biw.cloud/ 858 KB
100 KB 783ms
782ms Script
application/javascript 18.245.46.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://qa.nitro-integrations.biw.cloud/app.a18a2e0251fb04725aae.js?04c3328909971429256e

Requested by

Host: qa.nitro-integrations.biw.cloud
URL: https://qa.nitro-integrations.biw.cloud/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.46.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-46-60.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

afd8f8be4e0003777c13069332430a299af9b5515c9993eb360493a780230ae2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://qa.nitro-integrations.biw.cloud/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 08:24:03 GMT
content-encoding: gzip
via: 1.1 3a52599b74209adc8297b59f7eaa4bce.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P9
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-meta-biw-cpd-ci-system: gitlab
x-amz-meta-biw-cpd-ci-commit
x-amz-meta-biw-cpd-ci-job: deploy-webapp-qa-us
referrer-policy: same-origin
last-modified: Mon, 26 Aug 2024 21:46:35 GMT
x-amz-meta-biw-cpd-ci-project: nise-studio
server: AmazonS3
etag: W/"2a9a328745e86f9b547734f759994bde"
vary: Accept-Encoding
content-type: application/javascript
x-amz-meta-biw-cpd-ci-pipeline: 1069293
x-amz-cf-id: 0r4xJGxPRBjPGMxY4HayyOmhC5DQH9eg0CSutJqIC23g7li3xHx3Jw==

GET
H2 200 openid-configuration Show response
qa.api.biw.cloud/v1/id/.well-known/ 27 KB
4 KB 715ms
193ms XHR
application/json 35.81.198.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://qa.api.biw.cloud/v1/id/.well-known/openid-configuration

Requested by

Host: qa.nitro-integrations.biw.cloud
URL: https://qa.nitro-integrations.biw.cloud/768.ecdf135377f5c59b0de6.js?04c3328909971429256e

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.81.198.235 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-81-198-235.us-west-2.compute.amazonaws.com

Software

Resource Hash

cc15c079be457a25e7284305d58dc4f1092295b9434a2963e74aa2ad069bccc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 08:24:04 GMT
strict-transport-security: max-age=15552000; includeSubDomains
referrer-policy: no-referrer
x-content-type-options: nosniff
content-encoding: gzip
x-permitted-cross-domain-policies: none
correlation-id: 92c0d345-3612-4386-ac89-da3c5eb5b701
x-download-options: noopen
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://qa.nitro-integrations.biw.cloud
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
x-xss-protection: 0

GET
H2 200 favicon.ico
qa.nitro-integrations.biw.cloud/ 368 B
980 B 760ms
759ms Other
text/html 18.245.46.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://qa.nitro-integrations.biw.cloud/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.46.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-46-60.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d7c94bf1201d2cca479f28f54fe53fb8791b707245dc86ef4159cf18632a9646

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://qa.nitro-integrations.biw.cloud/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 08:24:05 GMT
via: 1.1 3a52599b74209adc8297b59f7eaa4bce.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P9
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
x-amz-meta-biw-cpd-ci-system: gitlab
x-amz-meta-biw-cpd-ci-commit
content-length: 368
x-amz-meta-biw-cpd-ci-job: deploy-webapp-qa-us
referrer-policy: same-origin
last-modified: Mon, 26 Aug 2024 21:46:37 GMT
x-amz-meta-biw-cpd-ci-project: nise-studio
server: AmazonS3
etag: "45823748c4823f5d38b4ea25d70bc8d8"
content-type: text/html
cache-control: no-store
x-amz-meta-biw-cpd-ci-pipeline: 1069293
accept-ranges: bytes
x-amz-cf-id: 5-coPrhbopoxwgjm3HzfFzh-aQTmqB6mUrFbCRvgLzboZhnJHQeT3w==

GET
H2

200

oidc_renew Show response
qa.nitro-integrations.biw.cloud/ Frame 1FD7
Redirect Chain

https://qa.api.biw.cloud/v1/id/auth?client_id=https%3A%2F%2Fqa.nitro-integrations.biw.cloud&redirect_uri=https%3A%2F%2Fqa.nitro-integrations.biw.cloud%2Foidc_renew&response_type=code&scope=openid&s...
https://qa.nitro-integrations.biw.cloud/oidc_renew?error=login_required&error_description=End-User%20authentication%20is%20required&state=d4e408316fcf40bd95e4a57664d8e68e&session_state=ad3360a02cc6...

368 B
980 B

1233ms
1233ms

Document
text/html

18.245.46.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://qa.nitro-integrations.biw.cloud/oidc_renew?error=login_required&error_description=End-User%20authentication%20is%20required&state=d4e408316fcf40bd95e4a57664d8e68e&session_state=ad3360a02cc66bc630ff61c50a500bd0993d6f8fcb7023efdf69089cbb0caa99.91940b7dd3dc9d4e

Requested by

Host: qa.nitro-integrations.biw.cloud
URL: https://qa.nitro-integrations.biw.cloud/768.ecdf135377f5c59b0de6.js?04c3328909971429256e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.46.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-46-60.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d7c94bf1201d2cca479f28f54fe53fb8791b707245dc86ef4159cf18632a9646

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: no-store
content-length: 368
content-type: text/html
date: Fri, 30 Aug 2024 08:24:07 GMT
etag: "45823748c4823f5d38b4ea25d70bc8d8"
last-modified: Mon, 26 Aug 2024 21:46:37 GMT
referrer-policy: same-origin
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 3a52599b74209adc8297b59f7eaa4bce.cloudfront.net (CloudFront)
x-amz-cf-id: G7xM6y6ngvE-rC24eWVINJ2BCPcVE1jStGoUugD4NT01jdV1h9Zx1g==
x-amz-cf-pop: FRA56-P9
x-amz-meta-biw-cpd-ci-commit
x-amz-meta-biw-cpd-ci-job: deploy-webapp-qa-us
x-amz-meta-biw-cpd-ci-pipeline: 1069293
x-amz-meta-biw-cpd-ci-project: nise-studio
x-amz-meta-biw-cpd-ci-system: gitlab
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
x-content-type-options: nosniff

Redirect headers

access-control-allow-credentials: true
cache-control: no-cache, no-store
content-length: 587
content-type: text/html; charset=utf-8
correlation-id: daac5cd6-ff1d-4b1d-9b2e-586e1a0ad476
date: Fri, 30 Aug 2024 08:24:04 GMT
location: https://qa.nitro-integrations.biw.cloud/oidc_renew?error=login_required&error_description=End-User%20authentication%20is%20required&state=d4e408316fcf40bd95e4a57664d8e68e&session_state=ad3360a02cc66bc630ff61c50a500bd0993d6f8fcb7023efdf69089cbb0caa99.91940b7dd3dc9d4e
pragma: no-cache
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
vary: Origin, Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

GET
H2 200 clickjacking.js Show response
scripts.biw.cloud/ Frame 1FD7 709 B
0 0ms
0ms Script
application/javascript 13.32.110.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://scripts.biw.cloud/clickjacking.js

Requested by

Host: qa.nitro-integrations.biw.cloud
URL: https://qa.nitro-integrations.biw.cloud/oidc_renew?error=login_required&error_description=End-User%20authentication%20is%20required&state=d4e408316fcf40bd95e4a57664d8e68e&session_state=ad3360a02cc66bc630ff61c50a500bd0993d6f8fcb7023efdf69089cbb0caa99.91940b7dd3dc9d4e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-110-68.vie50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d91aa73904fd8dd44b4d5c8578a4f0fc0c668de4d569ba0e16d7f34ccd24d492

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 08:24:02 GMT
via: 1.1 485f9ba84065b3ff587a6c536942e6c0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: VIE50-C2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-amz-meta-biw-cpd-ci-system: gitlab
x-amz-meta-biw-cpd-ci-commit
content-length: 709
x-amz-meta-biw-cpd-ci-job: deploy-webapp-prod-us
referrer-policy: same-origin
last-modified: Mon, 05 Feb 2024 17:17:08 GMT
x-amz-meta-biw-cpd-ci-project: script-hosting
server: AmazonS3
etag: "ccdd50344486f098f5582ffffcdd46a1"
vary: Accept-Encoding
content-type: application/javascript
x-amz-meta-biw-cpd-ci-pipeline: 900361
accept-ranges: bytes
x-amz-cf-id: JYCOBl_YsibJS0mTD48lRNrULEPZ77ebKorXmhkh65JQpgscJ4JqbQ==

GET
H2 200 768.ecdf135377f5c59b0de6.js Show response
qa.nitro-integrations.biw.cloud/ Frame 1FD7 3 MB
0 2ms
2ms Script
application/javascript 18.245.46.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://qa.nitro-integrations.biw.cloud/768.ecdf135377f5c59b0de6.js?04c3328909971429256e

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.46.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-46-60.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

22e9ad8d9f983d5ecaee9cb2039fe08e6a6690265abe227b977fc7a9906fda19

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://qa.nitro-integrations.biw.cloud/oidc_renew?error=login_required&error_description=End-User%20authentication%20is%20required&state=d4e408316fcf40bd95e4a57664d8e68e&session_state=ad3360a02cc66bc630ff61c50a500bd0993d6f8fcb7023efdf69089cbb0caa99.91940b7dd3dc9d4e
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 08:24:02 GMT
content-encoding: gzip
via: 1.1 3a52599b74209adc8297b59f7eaa4bce.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P9
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-meta-biw-cpd-ci-system: gitlab
x-amz-meta-biw-cpd-ci-commit
x-amz-meta-biw-cpd-ci-job: deploy-webapp-qa-us
referrer-policy: same-origin
last-modified: Mon, 26 Aug 2024 21:46:35 GMT
x-amz-meta-biw-cpd-ci-project: nise-studio
server: AmazonS3
etag: W/"3d645ec105f57648842be3626b05f128"
vary: Accept-Encoding
content-type: application/javascript
x-amz-meta-biw-cpd-ci-pipeline: 1069293
x-amz-cf-id: e_UY3rA-SthAebCq4WuV1O6l8871m2K-0k0tbUlJILr73-RWPH_7mg==

GET
H2 200 app.a18a2e0251fb04725aae.js Show response
qa.nitro-integrations.biw.cloud/ Frame 1FD7 858 KB
0 1ms
1ms Script
application/javascript 18.245.46.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://qa.nitro-integrations.biw.cloud/app.a18a2e0251fb04725aae.js?04c3328909971429256e

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.46.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-46-60.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

afd8f8be4e0003777c13069332430a299af9b5515c9993eb360493a780230ae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://qa.nitro-integrations.biw.cloud/oidc_renew?error=login_required&error_description=End-User%20authentication%20is%20required&state=d4e408316fcf40bd95e4a57664d8e68e&session_state=ad3360a02cc66bc630ff61c50a500bd0993d6f8fcb7023efdf69089cbb0caa99.91940b7dd3dc9d4e
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 08:24:03 GMT
content-encoding: gzip
via: 1.1 3a52599b74209adc8297b59f7eaa4bce.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P9
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-meta-biw-cpd-ci-system: gitlab
x-amz-meta-biw-cpd-ci-commit
x-amz-meta-biw-cpd-ci-job: deploy-webapp-qa-us
referrer-policy: same-origin
last-modified: Mon, 26 Aug 2024 21:46:35 GMT
x-amz-meta-biw-cpd-ci-project: nise-studio
server: AmazonS3
etag: W/"2a9a328745e86f9b547734f759994bde"
vary: Accept-Encoding
content-type: application/javascript
x-amz-meta-biw-cpd-ci-pipeline: 1069293
x-amz-cf-id: 0r4xJGxPRBjPGMxY4HayyOmhC5DQH9eg0CSutJqIC23g7li3xHx3Jw==

GET

saml2
login.microsoftonline.com/d05ff0aa-d1f9-4dc3-a612-900ffab94d9f/
Redirect Chain

https://qa.api.biw.cloud/v1/id/auth?client_id=https%3A%2F%2Fqa.nitro-integrations.biw.cloud&redirect_uri=https%3A%2F%2Fqa.nitro-integrations.biw.cloud%2Foidc_signin&response_type=code&scope=openid%...
https://qa.api.biw.cloud/v1/id/interaction/7e926164-8d79-4c7c-a840-fdcda7d6ca34
https://biw.auth.us-west-2.amazoncognito.com/authorize?response_type=token&client_id=7n6ovc29f6372qltenhr0m0ism&redirect_uri=https%3A%2F%2Fqa.api.biw.cloud%2Fv1%2Fid%2Fcognito%2Floggedin
https://login.microsoftonline.com/d05ff0aa-d1f9-4dc3-a612-900ffab94d9f/saml2?SAMLRequest=fZLPT8MgHMXv%2FhUNd1pK69aStWbxR7JkHtzUgxfDCkySFipf6px%2FvazbjF48Qt7nPfIes6vPro0%2BpANtTYXSmKBImsYKbbYVenq8ww...

0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: login.microsoftonline.com
URL: https://login.microsoftonline.com/d05ff0aa-d1f9-4dc3-a612-900ffab94d9f/saml2?SAMLRequest=fZLPT8MgHMXv%2FhUNd1pK69aStWbxR7JkHtzUgxfDCkySFipf6px%2FvazbjF48Qt7nPfIes6vPro0%2BpANtTYXSmKBImsYKbbYVenq8wwW6qi9mwLuW9mw%2B%2BDezku%2BDBB%2FNAaTzgbu2BoZOurV0H7qRT6tlhd6874ElyUbvYh6oeAC8CxSmMe%2F4lw0ZW6O9jRvbJaN7okXvJPTBTKLoJmi14X581tmstVtt4k43zoJV3ppWGzk6CHKpFOEci1SVOBdNhvkkpbgkRCm%2BKXNRqmMMihY3FXoVQtC0UBs8yaYC50WhMC%2BmEjeBSGlWpjwrghRgkAsDnhtfIUpojkmBM%2FJICkZzRqZxXqYvKHo%2BF0gPBYZKDbBjZRUanGGWgwZmeCeB%2BYat5%2FdLFqSsd9bbxraoPjbMxkAX3VnXcf8%2Fe7jRAqtRyqTx2u%2F%2FZP%2BP8%2FN6qD7IjqOw0yoMevYz2Out36v1fNo%2FzJLfr6xPx7%2Ffov4G&RelayState=H4sIAAAAAAAAAD2RW7OaMBSF_0ueDZeAEHhT8HjBU_WotLbTYUISID2BoCJeOv3vDTOdvq3svXb2ypffgIAQ3K7wzq8dRNmsexb7id_uwAjkujNdfoX7yfsaLuOtLlFd8htP9RQFhef46Cw73lQXq7bEtdYGpg1V17XX0DTPxCCtMHJxN6hUN2b2timYSVXZiE6ZUpUlZ6LRU1xPdeqTD7rQetioZQnCH4DXREh9UC1vBNOivahCSA5-jsCn9h69dDYnxfztsJZxcM54tFlJ8YDJartcTFldV2lUBW_2c_uKy3tySJ5pRqZJVZQyGT-r4_z0Wqb2bYYRe1Wnep1m080mbtLSo2jZH-YXmagT9d2yuXi7YEZ36149JlH0_i3eizb-9bHCX74fF9niLtcf4ybd9XQTbf1HP79tdqqMUYTsSfBY9a6lw0udeABCbl1l_MdukJq8VPOPjEHVgLIGoe2jsWV5yPX1s0FYEHnlI3DRd2CCLYIcCjEnPnTHgQ9zl1GYU27bjuMW2BtYddqaMcaQjYsc6g9j0MW4gAT7HNLAsmzkBDZxMPjzF_ZcUqMKAgAA.H4sIAAAAAAAAAAEgAN__72Ep6ZUO6E2xeEbkIIoT5z28LgcM6DLOr5AA-eK372tUOIJ_IAAAAA.3

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| webpackChunknise_studio object| regeneratorRuntime function| _

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
qa.api.biw.cloud/v1/id/interaction/7e926164-8d79-4c7c-a840-fdcda7d6ca34	1970-01-20 23:11:32	Name: _grant Value: 7e926164-8d79-4c7c-a840-fdcda7d6ca34
qa.api.biw.cloud/v1/id/interaction/7e926164-8d79-4c7c-a840-fdcda7d6ca34	1970-01-20 23:11:32	Name: _grant.sig Value: gy0FWFjm-Li3fgJ0ubJ-BLkUl_A
qa.api.biw.cloud/v1/id/auth/7e926164-8d79-4c7c-a840-fdcda7d6ca34	1970-01-20 23:11:32	Name: _grant Value: 7e926164-8d79-4c7c-a840-fdcda7d6ca34
qa.api.biw.cloud/v1/id/auth/7e926164-8d79-4c7c-a840-fdcda7d6ca34	1970-01-20 23:11:32	Name: _grant.sig Value: gy0FWFjm-Li3fgJ0ubJ-BLkUl_A
qa.api.biw.cloud/	1970-01-20 23:30:15	Name: _state.https://qa.nitro-integrations.biw.cloud Value: 323217f643c3e3f1fe7532e72ac01bb0748c97be
qa.api.biw.cloud/	1970-01-20 23:30:15	Name: _state.https://qa.nitro-integrations.biw.cloud.sig Value: s3yHk1WPk1zBE-G0lomEGQbyYgw
qa.api.biw.cloud/	1969-12-31 23:59:59	Name: _cognito-grant Value: 7e926164-8d79-4c7c-a840-fdcda7d6ca34
biw.auth.us-west-2.amazoncognito.com/	1969-12-31 23:59:59	Name: XSRF-TOKEN Value: f809c135-fb77-4a12-b814-0650b40d516f
biw.auth.us-west-2.amazoncognito.com/	1970-01-20 23:10:06	Name: csrf-state Value: U6VEGafGFTLlD9q_eCOJlix-KJPIHBdmmhVCh9F1yPzDgwKTKyV_aBKhfglK5yhUGYzIV1uE82dzhYmLV_BOODnVg6c2IvTGrlKoYc74gnr6Q9EcQLvoxACCMXDSipDjRJ8NZUH_HwlLR5nVQvcOCP7xvGuOQogD2C21A9xJv40
biw.auth.us-west-2.amazoncognito.com/	1970-01-20 23:10:06	Name: csrf-state-legacy Value: U6VEGafGFTLlD9q_eCOJlix-KJPIHBdmmhVCh9F1yPzDgwKTKyV_aBKhfglK5yhUGYzIV1uE82dzhYmLV_BOODnVg6c2IvTGrlKoYc74gnr6Q9EcQLvoxACCMXDSipDjRJ8NZUH_HwlLR5nVQvcOCP7xvGuOQogD2C21A9xJv40

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

login.microsoftonline.com
qa.api.biw.cloud
qa.nitro-integrations.biw.cloud
scripts.biw.cloud
login.microsoftonline.com
13.32.110.68
18.245.46.60
35.81.198.235
22e9ad8d9f983d5ecaee9cb2039fe08e6a6690265abe227b977fc7a9906fda19
afd8f8be4e0003777c13069332430a299af9b5515c9993eb360493a780230ae2
cc15c079be457a25e7284305d58dc4f1092295b9434a2963e74aa2ad069bccc0
d7c94bf1201d2cca479f28f54fe53fb8791b707245dc86ef4159cf18632a9646
d91aa73904fd8dd44b4d5c8578a4f0fc0c668de4d569ba0e16d7f34ccd24d492

qa.nitro-integrations.biw.cloud Open in urlscan Pro 18.245.46.60 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

11 Requests

91 %HTTPS

0 %IPv6

2 Domains

4 Subdomains

4 IPs

1 Countries

1076 kBTransfer

8791 kBSize

10 Cookies

0 Outgoing links

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

10 Cookies

Security Headers

Indicators

qa.nitro-integrations.biw.cloud Open in urlscan Pro
18.245.46.60 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

91 %
HTTPS

0 %
IPv6

2
Domains

4
Subdomains

4
IPs

1
Countries

1076 kB
Transfer

8791 kB
Size

10
Cookies

11 HTTP transactions
0 data transactions