qa.nitro-integrations.biw.cloud
Open in
urlscan Pro
18.245.46.60
Public Scan
Submission Tags: phishingrod
Submission: On August 30 via api from DE — Scanned from DE
Summary
TLS certificate: Issued by Amazon RSA 2048 M03 on September 30th 2023. Valid for: a year.
This is the only time qa.nitro-integrations.biw.cloud was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
7 | 18.245.46.60 18.245.46.60 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 13.32.110.68 13.32.110.68 | 16509 (AMAZON-02) (AMAZON-02) | |
1 2 | 35.81.198.235 35.81.198.235 | 16509 (AMAZON-02) (AMAZON-02) | |
11 | 4 |
ASN16509 (AMAZON-02, US)
PTR: server-18-245-46-60.fra56.r.cloudfront.net
qa.nitro-integrations.biw.cloud |
ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-68.vie50.r.cloudfront.net
scripts.biw.cloud |
ASN16509 (AMAZON-02, US)
PTR: ec2-35-81-198-235.us-west-2.compute.amazonaws.com
qa.api.biw.cloud |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
biw.cloud
1 redirects
qa.nitro-integrations.biw.cloud scripts.biw.cloud qa.api.biw.cloud |
1 MB |
0 |
microsoftonline.com
Failed
login.microsoftonline.com Failed |
|
11 | 2 |
Domain | Requested by | |
---|---|---|
7 | qa.nitro-integrations.biw.cloud |
qa.nitro-integrations.biw.cloud
|
2 | qa.api.biw.cloud |
1 redirects
qa.nitro-integrations.biw.cloud
|
2 | scripts.biw.cloud |
qa.nitro-integrations.biw.cloud
|
0 | login.microsoftonline.com Failed |
qa.nitro-integrations.biw.cloud
|
11 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.qa.nitro-integrations.biw.cloud Amazon RSA 2048 M03 |
2023-09-30 - 2024-10-28 |
a year | crt.sh |
*.scripts.biw.cloud Amazon RSA 2048 M03 |
2023-11-26 - 2024-12-25 |
a year | crt.sh |
qa-apps-us.cpd-apps-np.cluster.biw.cloud Amazon RSA 2048 M02 |
2024-06-12 - 2025-07-11 |
a year | crt.sh |
This page contains 2 frames:
Frame:
https://login.microsoftonline.com/d05ff0aa-d1f9-4dc3-a612-900ffab94d9f/saml2?SAMLRequest=fZLPT8MgHMXv%2FhUNd1pK69aStWbxR7JkHtzUgxfDCkySFipf6px%2FvazbjF48Qt7nPfIes6vPro0%2BpANtTYXSmKBImsYKbbYVenq8wwW6qi9mwLuW9mw%2B%2BDezku%2BDBB%2FNAaTzgbu2BoZOurV0H7qRT6tlhd6874ElyUbvYh6oeAC8CxSmMe%2F4lw0ZW6O9jRvbJaN7okXvJPTBTKLoJmi14X581tmstVtt4k43zoJV3ppWGzk6CHKpFOEci1SVOBdNhvkkpbgkRCm%2BKXNRqmMMihY3FXoVQtC0UBs8yaYC50WhMC%2BmEjeBSGlWpjwrghRgkAsDnhtfIUpojkmBM%2FJICkZzRqZxXqYvKHo%2BF0gPBYZKDbBjZRUanGGWgwZmeCeB%2BYat5%2FdLFqSsd9bbxraoPjbMxkAX3VnXcf8%2Fe7jRAqtRyqTx2u%2F%2FZP%2BP8%2FN6qD7IjqOw0yoMevYz2Out36v1fNo%2FzJLfr6xPx7%2Ffov4G&RelayState=H4sIAAAAAAAAAD2RW7OaMBSF_0ueDZeAEHhT8HjBU_WotLbTYUISID2BoCJeOv3vDTOdvq3svXb2ypffgIAQ3K7wzq8dRNmsexb7id_uwAjkujNdfoX7yfsaLuOtLlFd8htP9RQFhef46Cw73lQXq7bEtdYGpg1V17XX0DTPxCCtMHJxN6hUN2b2timYSVXZiE6ZUpUlZ6LRU1xPdeqTD7rQetioZQnCH4DXREh9UC1vBNOivahCSA5-jsCn9h69dDYnxfztsJZxcM54tFlJ8YDJartcTFldV2lUBW_2c_uKy3tySJ5pRqZJVZQyGT-r4_z0Wqb2bYYRe1Wnep1m080mbtLSo2jZH-YXmagT9d2yuXi7YEZ36149JlH0_i3eizb-9bHCX74fF9niLtcf4ybd9XQTbf1HP79tdqqMUYTsSfBY9a6lw0udeABCbl1l_MdukJq8VPOPjEHVgLIGoe2jsWV5yPX1s0FYEHnlI3DRd2CCLYIcCjEnPnTHgQ9zl1GYU27bjuMW2BtYddqaMcaQjYsc6g9j0MW4gAT7HNLAsmzkBDZxMPjzF_ZcUqMKAgAA.H4sIAAAAAAAAAAEgAN__72Ep6ZUO6E2xeEbkIIoT5z28LgcM6DLOr5AA-eK372tUOIJ_IAAAAA.3
Frame ID: F02162D91E8C2AA809633C718C6D6B0A
Requests: 7 HTTP requests in this frame
Frame:
https://qa.nitro-integrations.biw.cloud/oidc_renew?error=login_required&error_description=End-User%20authentication%20is%20required&state=d4e408316fcf40bd95e4a57664d8e68e&session_state=ad3360a02cc66bc630ff61c50a500bd0993d6f8fcb7023efdf69089cbb0caa99.91940b7dd3dc9d4e
Frame ID: 1FD71620CC402DA149E424D1E4DEBB75
Requests: 4 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 5- https://qa.api.biw.cloud/v1/id/auth?client_id=https%3A%2F%2Fqa.nitro-integrations.biw.cloud&redirect_uri=https%3A%2F%2Fqa.nitro-integrations.biw.cloud%2Foidc_renew&response_type=code&scope=openid&state=d4e408316fcf40bd95e4a57664d8e68e&code_challenge=dewlNSWrgrKu_EKt5Z3biC-HRpJ4_HM-pwilwLekwa4&code_challenge_method=S256&prompt=none&response_mode=query HTTP 302
- https://qa.nitro-integrations.biw.cloud/oidc_renew?error=login_required&error_description=End-User%20authentication%20is%20required&state=d4e408316fcf40bd95e4a57664d8e68e&session_state=ad3360a02cc66bc630ff61c50a500bd0993d6f8fcb7023efdf69089cbb0caa99.91940b7dd3dc9d4e
- https://qa.api.biw.cloud/v1/id/auth?client_id=https%3A%2F%2Fqa.nitro-integrations.biw.cloud&redirect_uri=https%3A%2F%2Fqa.nitro-integrations.biw.cloud%2Foidc_signin&response_type=code&scope=openid%20profile%20company%20permissions%20email%20recovery%20address%20phone&state=ca124e3648134f8da9892b70209e150e&code_challenge=Q371yL2vtNKYVq40IgGt-I843W6MuYCn8tsyz7O-j_o&code_challenge_method=S256&response_mode=query HTTP 302
- https://qa.api.biw.cloud/v1/id/interaction/7e926164-8d79-4c7c-a840-fdcda7d6ca34 HTTP 302
- https://biw.auth.us-west-2.amazoncognito.com/authorize?response_type=token&client_id=7n6ovc29f6372qltenhr0m0ism&redirect_uri=https%3A%2F%2Fqa.api.biw.cloud%2Fv1%2Fid%2Fcognito%2Floggedin HTTP 302
- https://login.microsoftonline.com/d05ff0aa-d1f9-4dc3-a612-900ffab94d9f/saml2?SAMLRequest=fZLPT8MgHMXv%2FhUNd1pK69aStWbxR7JkHtzUgxfDCkySFipf6px%2FvazbjF48Qt7nPfIes6vPro0%2BpANtTYXSmKBImsYKbbYVenq8wwW6qi9mwLuW9mw%2B%2BDezku%2BDBB%2FNAaTzgbu2BoZOurV0H7qRT6tlhd6874ElyUbvYh6oeAC8CxSmMe%2F4lw0ZW6O9jRvbJaN7okXvJPTBTKLoJmi14X581tmstVtt4k43zoJV3ppWGzk6CHKpFOEci1SVOBdNhvkkpbgkRCm%2BKXNRqmMMihY3FXoVQtC0UBs8yaYC50WhMC%2BmEjeBSGlWpjwrghRgkAsDnhtfIUpojkmBM%2FJICkZzRqZxXqYvKHo%2BF0gPBYZKDbBjZRUanGGWgwZmeCeB%2BYat5%2FdLFqSsd9bbxraoPjbMxkAX3VnXcf8%2Fe7jRAqtRyqTx2u%2F%2FZP%2BP8%2FN6qD7IjqOw0yoMevYz2Out36v1fNo%2FzJLfr6xPx7%2Ffov4G&RelayState=H4sIAAAAAAAAAD2RW7OaMBSF_0ueDZeAEHhT8HjBU_WotLbTYUISID2BoCJeOv3vDTOdvq3svXb2ypffgIAQ3K7wzq8dRNmsexb7id_uwAjkujNdfoX7yfsaLuOtLlFd8htP9RQFhef46Cw73lQXq7bEtdYGpg1V17XX0DTPxCCtMHJxN6hUN2b2timYSVXZiE6ZUpUlZ6LRU1xPdeqTD7rQetioZQnCH4DXREh9UC1vBNOivahCSA5-jsCn9h69dDYnxfztsJZxcM54tFlJ8YDJartcTFldV2lUBW_2c_uKy3tySJ5pRqZJVZQyGT-r4_z0Wqb2bYYRe1Wnep1m080mbtLSo2jZH-YXmagT9d2yuXi7YEZ36149JlH0_i3eizb-9bHCX74fF9niLtcf4ybd9XQTbf1HP79tdqqMUYTsSfBY9a6lw0udeABCbl1l_MdukJq8VPOPjEHVgLIGoe2jsWV5yPX1s0FYEHnlI3DRd2CCLYIcCjEnPnTHgQ9zl1GYU27bjuMW2BtYddqaMcaQjYsc6g9j0MW4gAT7HNLAsmzkBDZxMPjzF_ZcUqMKAgAA.H4sIAAAAAAAAAAEgAN__72Ep6ZUO6E2xeEbkIIoT5z28LgcM6DLOr5AA-eK372tUOIJ_IAAAAA.3
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
qa.nitro-integrations.biw.cloud/ |
368 B 981 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clickjacking.js
scripts.biw.cloud/ |
709 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
768.ecdf135377f5c59b0de6.js
qa.nitro-integrations.biw.cloud/ |
3 MB 969 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.a18a2e0251fb04725aae.js
qa.nitro-integrations.biw.cloud/ |
858 KB 100 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
openid-configuration
qa.api.biw.cloud/v1/id/.well-known/ |
27 KB 4 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
qa.nitro-integrations.biw.cloud/ |
368 B 980 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
oidc_renew
qa.nitro-integrations.biw.cloud/ Frame 1FD7 Redirect Chain
|
368 B 980 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clickjacking.js
scripts.biw.cloud/ Frame 1FD7 |
709 B 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
768.ecdf135377f5c59b0de6.js
qa.nitro-integrations.biw.cloud/ Frame 1FD7 |
3 MB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.a18a2e0251fb04725aae.js
qa.nitro-integrations.biw.cloud/ Frame 1FD7 |
858 KB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
saml2
login.microsoftonline.com/d05ff0aa-d1f9-4dc3-a612-900ffab94d9f/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- login.microsoftonline.com
- URL
- https://login.microsoftonline.com/d05ff0aa-d1f9-4dc3-a612-900ffab94d9f/saml2?SAMLRequest=fZLPT8MgHMXv%2FhUNd1pK69aStWbxR7JkHtzUgxfDCkySFipf6px%2FvazbjF48Qt7nPfIes6vPro0%2BpANtTYXSmKBImsYKbbYVenq8wwW6qi9mwLuW9mw%2B%2BDezku%2BDBB%2FNAaTzgbu2BoZOurV0H7qRT6tlhd6874ElyUbvYh6oeAC8CxSmMe%2F4lw0ZW6O9jRvbJaN7okXvJPTBTKLoJmi14X581tmstVtt4k43zoJV3ppWGzk6CHKpFOEci1SVOBdNhvkkpbgkRCm%2BKXNRqmMMihY3FXoVQtC0UBs8yaYC50WhMC%2BmEjeBSGlWpjwrghRgkAsDnhtfIUpojkmBM%2FJICkZzRqZxXqYvKHo%2BF0gPBYZKDbBjZRUanGGWgwZmeCeB%2BYat5%2FdLFqSsd9bbxraoPjbMxkAX3VnXcf8%2Fe7jRAqtRyqTx2u%2F%2FZP%2BP8%2FN6qD7IjqOw0yoMevYz2Out36v1fNo%2FzJLfr6xPx7%2Ffov4G&RelayState=H4sIAAAAAAAAAD2RW7OaMBSF_0ueDZeAEHhT8HjBU_WotLbTYUISID2BoCJeOv3vDTOdvq3svXb2ypffgIAQ3K7wzq8dRNmsexb7id_uwAjkujNdfoX7yfsaLuOtLlFd8htP9RQFhef46Cw73lQXq7bEtdYGpg1V17XX0DTPxCCtMHJxN6hUN2b2timYSVXZiE6ZUpUlZ6LRU1xPdeqTD7rQetioZQnCH4DXREh9UC1vBNOivahCSA5-jsCn9h69dDYnxfztsJZxcM54tFlJ8YDJartcTFldV2lUBW_2c_uKy3tySJ5pRqZJVZQyGT-r4_z0Wqb2bYYRe1Wnep1m080mbtLSo2jZH-YXmagT9d2yuXi7YEZ36149JlH0_i3eizb-9bHCX74fF9niLtcf4ybd9XQTbf1HP79tdqqMUYTsSfBY9a6lw0udeABCbl1l_MdukJq8VPOPjEHVgLIGoe2jsWV5yPX1s0FYEHnlI3DRd2CCLYIcCjEnPnTHgQ9zl1GYU27bjuMW2BtYddqaMcaQjYsc6g9j0MW4gAT7HNLAsmzkBDZxMPjzF_ZcUqMKAgAA.H4sIAAAAAAAAAAEgAN__72Ep6ZUO6E2xeEbkIIoT5z28LgcM6DLOr5AA-eK372tUOIJ_IAAAAA.3
Verdicts & Comments Add Verdict or Comment
3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| webpackChunknise_studio object| regeneratorRuntime function| _10 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
qa.api.biw.cloud/v1/id/interaction/7e926164-8d79-4c7c-a840-fdcda7d6ca34 | Name: _grant Value: 7e926164-8d79-4c7c-a840-fdcda7d6ca34 |
|
qa.api.biw.cloud/v1/id/interaction/7e926164-8d79-4c7c-a840-fdcda7d6ca34 | Name: _grant.sig Value: gy0FWFjm-Li3fgJ0ubJ-BLkUl_A |
|
qa.api.biw.cloud/v1/id/auth/7e926164-8d79-4c7c-a840-fdcda7d6ca34 | Name: _grant Value: 7e926164-8d79-4c7c-a840-fdcda7d6ca34 |
|
qa.api.biw.cloud/v1/id/auth/7e926164-8d79-4c7c-a840-fdcda7d6ca34 | Name: _grant.sig Value: gy0FWFjm-Li3fgJ0ubJ-BLkUl_A |
|
qa.api.biw.cloud/ | Name: _state.https://qa.nitro-integrations.biw.cloud Value: 323217f643c3e3f1fe7532e72ac01bb0748c97be |
|
qa.api.biw.cloud/ | Name: _state.https://qa.nitro-integrations.biw.cloud.sig Value: s3yHk1WPk1zBE-G0lomEGQbyYgw |
|
qa.api.biw.cloud/ | Name: _cognito-grant Value: 7e926164-8d79-4c7c-a840-fdcda7d6ca34 |
|
biw.auth.us-west-2.amazoncognito.com/ | Name: XSRF-TOKEN Value: f809c135-fb77-4a12-b814-0650b40d516f |
|
biw.auth.us-west-2.amazoncognito.com/ | Name: csrf-state Value: U6VEGafGFTLlD9q_eCOJlix-KJPIHBdmmhVCh9F1yPzDgwKTKyV_aBKhfglK5yhUGYzIV1uE82dzhYmLV_BOODnVg6c2IvTGrlKoYc74gnr6Q9EcQLvoxACCMXDSipDjRJ8NZUH_HwlLR5nVQvcOCP7xvGuOQogD2C21A9xJv40 |
|
biw.auth.us-west-2.amazoncognito.com/ | Name: csrf-state-legacy Value: U6VEGafGFTLlD9q_eCOJlix-KJPIHBdmmhVCh9F1yPzDgwKTKyV_aBKhfglK5yhUGYzIV1uE82dzhYmLV_BOODnVg6c2IvTGrlKoYc74gnr6Q9EcQLvoxACCMXDSipDjRJ8NZUH_HwlLR5nVQvcOCP7xvGuOQogD2C21A9xJv40 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options | nosniff |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
login.microsoftonline.com
qa.api.biw.cloud
qa.nitro-integrations.biw.cloud
scripts.biw.cloud
login.microsoftonline.com
13.32.110.68
18.245.46.60
35.81.198.235
22e9ad8d9f983d5ecaee9cb2039fe08e6a6690265abe227b977fc7a9906fda19
afd8f8be4e0003777c13069332430a299af9b5515c9993eb360493a780230ae2
cc15c079be457a25e7284305d58dc4f1092295b9434a2963e74aa2ad069bccc0
d7c94bf1201d2cca479f28f54fe53fb8791b707245dc86ef4159cf18632a9646
d91aa73904fd8dd44b4d5c8578a4f0fc0c668de4d569ba0e16d7f34ccd24d492