urlscan.io logo urlscan.io
SecurityTrails logo

login.microsoftonline.com Open in urlscan Pro
2603:1036:3000:e8::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://qa.nitro-integrations.biw.cloud/
Effective URL: https://login.microsoftonline.com/d05ff0aa-d1f9-4dc3-a612-900ffab94d9f/saml2?SAMLRequest=fZJNT8IwHMbvfoql927dBow1bISIJCZ6ENSDF9J1L...
Submission Tags: phishingrod
Submission: On September 30 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 4 domains to perform 9 HTTP transactions. The main IP is 2603:1036:3000:e8::3, located in and belongs to . The main domain is login.microsoftonline.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on July 3rd 2023. Valid for: a year.
This is the only time login.microsoftonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 99.86.4.88 16509 (AMAZON-02)
3 4 34.209.230.153 16509 (AMAZON-02)
1 1 2600:1f14:917... ()
1 2603:1036:300... ()
9 4
Domain Requested by
6 qa.nitro-integrations.biw.cloud qa.nitro-integrations.biw.cloud
4 qa.api.biw.cloud 3 redirects qa.nitro-integrations.biw.cloud
1 login.microsoftonline.com qa.nitro-integrations.biw.cloud
1 biw.auth.us-west-2.amazoncognito.com 1 redirects
0 aadcdn.msftauth.net Failed login.microsoftonline.com
9 5

This site contains no links.

Subject Issuer Validity Valid
*.qa.nitro-integrations.biw.cloud
Amazon RSA 2048 M03		 2023-09-30 -
2024-10-28		 a year crt.sh
np.cpd-apps-np.cluster.biw.cloud
Amazon RSA 2048 M01		 2023-05-06 -
2024-06-03		 a year crt.sh
stamp2.login.microsoftonline.com
DigiCert SHA2 Secure Server CA		 2023-07-03 -
2024-07-03		 a year crt.sh

This page contains 2 frames:

Primary Page: https://login.microsoftonline.com/d05ff0aa-d1f9-4dc3-a612-900ffab94d9f/saml2?SAMLRequest=fZJNT8IwHMbvfoql927dBow1bISIJCZ6ENSDF9J1LTTZ2tl%2Fp%2BKntwwxcuHY5nlpfk9n86%2B2CT6EBWV0geKQoEBobmqldwV6eV7hKZqXNzNgbZN0dNG7vV6L916ACxYAwjrvuzUa%2BlbYjbAfiouX9UOB9s51QKOoUp8h866wB%2FzpXTgJWcu%2Bje%2FYaeVMyE0bDemRqjsroPNhAgVLr1WaueFZ57DG7JQOW8WtASOd0Y3SYkioyVhKwhiuY5njUc1TzCZxgnNCpGRVPqpzeapBwf2yQNt0QrKsFhVOx9MMjxIucZXGKeZMViNe5ck0ZV4K0It7DY5pV6CEJCkmOU7JczylZEJjzyvP3lDwegaYHAF6pBroCVmBequpYaCAatYKoI7TzeLxgXop7axxhpsGlSfCdCi0wcrYlrnr3uONqrEcpFRop9zhovu6nZ3XQ%2BVRdhqF%2Fq5CoaN%2Fg23v3EFuFln3NIv%2Bv7L8PV5%2Bi%2FIH&RelayState=H4sIAAAAAAAAAD2Q227iMBCG38XXOAcH7JA7sqUrECmFlsN2tUK2YxMvThyICQnVvvsaqerdPzP_nL5PQEECrg28icZCdJjaXr5NSL0CA8BcJZ3t4NskW8DZ06tLcZciFTYtR2OJI4LO2oqquARloJrSGXJnKKytm8T3z9SjtfKYunlcm2vut6Gvcp-bY6Ws8bU5HkWuKtclXJc1J_HQ0unHRiePIPkNREmVdoGpRaVyJ-qLkUoL8GcATs673B31qmi7bGtJxfDLr9etIZCN7XQ_x4gtpDFEi7_rrr3R-jy3fVqHL4Td6fYjK39s-FO1vaehZOrEO5q2wZkwgzbdaDFhG1HxfpPP19lUPu_D3fSkMyzmaC-K3bouZqrJ3knKu76C_U1OzHxpf-5kk7J3clh9tJtlv0q7oWRa0ec07mbueO0ufgChV1t439g9WtK7qb7IeNw8UJYgCfEYB2MSktC9DRJJdSMG4OJm4BjnYS4jGGOWwyGTGMajoYACRwhRhFAcPFhZZz1EOCAkFwxGo5jAIeISsiiMIKeSDTkbozii4N9_fZMqWQoCAAA.H4sIAAAAAAAAAAEgAN__a6XoT9Rh5XXjM8agM23nLHMZ_lqwtmwQefVqXlyx-dsWKKayIAAAAA.3
Frame ID: BA6BC59AA428982B30C638AE347AA203
Requests: 6 HTTP requests in this frame

Frame: https://qa.nitro-integrations.biw.cloud/oidc_renew?error=login_required&error_description=End-User%20authentication%20is%20required&state=a76c76f5f6ac4b74893452bcef7ac125&session_state=1982603a6cb1b0b232d5df63c7b92f0160ed7fd2dbf964fd2ff4b30097c73fcc.5e666ff6616e1105
Frame ID: 66F74DC0CE6E7F9C226FBC848B1B1A31
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://qa.nitro-integrations.biw.cloud/ Page URL
  2. https://qa.api.biw.cloud/v1/id/auth?client_id=https%3A%2F%2Fqa.nitro-integrations.biw.cloud&redirect_... HTTP 302
    https://qa.api.biw.cloud/v1/id/interaction/1bc4b49b-ed8f-416c-ae0f-d23485ed7156 HTTP 302
    https://biw.auth.us-west-2.amazoncognito.com/authorize?response_type=token&client_id=7n6ovc29f6372qltenhr0m0ism&redirect_... HTTP 302
    https://login.microsoftonline.com/d05ff0aa-d1f9-4dc3-a612-900ffab94d9f/saml2?SAMLRequest=fZJNT8IwHMbvfoql927dB... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • require.*\.js

Page Statistics

9
Requests

89 %
HTTPS

50 %
IPv6

4
Domains

5
Subdomains

4
IPs

1
Countries

903 kB
Transfer

4160 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://qa.nitro-integrations.biw.cloud/ Page URL
  2. https://qa.api.biw.cloud/v1/id/auth?client_id=https%3A%2F%2Fqa.nitro-integrations.biw.cloud&redirect_uri=https%3A%2F%2Fqa.nitro-integrations.biw.cloud%2Foidc_signin&response_type=code&scope=openid%20profile%20company%20permissions%20email%20recovery%20address%20phone&state=462fd6589e5940f397fd9adc1b2efa78&code_challenge=Hmmp5dhMKv-2vst5rvPkJvcW5ByjZfi72f2UKYQUDec&code_challenge_method=S256&response_mode=query HTTP 302
    https://qa.api.biw.cloud/v1/id/interaction/1bc4b49b-ed8f-416c-ae0f-d23485ed7156 HTTP 302
    https://biw.auth.us-west-2.amazoncognito.com/authorize?response_type=token&client_id=7n6ovc29f6372qltenhr0m0ism&redirect_uri=https%3A%2F%2Fqa.api.biw.cloud%2Fv1%2Fid%2Fcognito%2Floggedin HTTP 302
    https://login.microsoftonline.com/d05ff0aa-d1f9-4dc3-a612-900ffab94d9f/saml2?SAMLRequest=fZJNT8IwHMbvfoql927dBow1bISIJCZ6ENSDF9J1LTTZ2tl%2Fp%2BKntwwxcuHY5nlpfk9n86%2B2CT6EBWV0geKQoEBobmqldwV6eV7hKZqXNzNgbZN0dNG7vV6L916ACxYAwjrvuzUa%2BlbYjbAfiouX9UOB9s51QKOoUp8h866wB%2FzpXTgJWcu%2Bje%2FYaeVMyE0bDemRqjsroPNhAgVLr1WaueFZ57DG7JQOW8WtASOd0Y3SYkioyVhKwhiuY5njUc1TzCZxgnNCpGRVPqpzeapBwf2yQNt0QrKsFhVOx9MMjxIucZXGKeZMViNe5ck0ZV4K0It7DY5pV6CEJCkmOU7JczylZEJjzyvP3lDwegaYHAF6pBroCVmBequpYaCAatYKoI7TzeLxgXop7axxhpsGlSfCdCi0wcrYlrnr3uONqrEcpFRop9zhovu6nZ3XQ%2BVRdhqF%2Fq5CoaN%2Fg23v3EFuFln3NIv%2Bv7L8PV5%2Bi%2FIH&RelayState=H4sIAAAAAAAAAD2Q227iMBCG38XXOAcH7JA7sqUrECmFlsN2tUK2YxMvThyICQnVvvsaqerdPzP_nL5PQEECrg28icZCdJjaXr5NSL0CA8BcJZ3t4NskW8DZ06tLcZciFTYtR2OJI4LO2oqquARloJrSGXJnKKytm8T3z9SjtfKYunlcm2vut6Gvcp-bY6Ws8bU5HkWuKtclXJc1J_HQ0unHRiePIPkNREmVdoGpRaVyJ-qLkUoL8GcATs673B31qmi7bGtJxfDLr9etIZCN7XQ_x4gtpDFEi7_rrr3R-jy3fVqHL4Td6fYjK39s-FO1vaehZOrEO5q2wZkwgzbdaDFhG1HxfpPP19lUPu_D3fSkMyzmaC-K3bouZqrJ3knKu76C_U1OzHxpf-5kk7J3clh9tJtlv0q7oWRa0ec07mbueO0ufgChV1t439g9WtK7qb7IeNw8UJYgCfEYB2MSktC9DRJJdSMG4OJm4BjnYS4jGGOWwyGTGMajoYACRwhRhFAcPFhZZz1EOCAkFwxGo5jAIeISsiiMIKeSDTkbozii4N9_fZMqWQoCAAA.H4sIAAAAAAAAAAEgAN__a6XoT9Rh5XXjM8agM23nLHMZ_lqwtmwQefVqXlyx-dsWKKayIAAAAA.3 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://qa.api.biw.cloud/v1/id/auth?client_id=https%3A%2F%2Fqa.nitro-integrations.biw.cloud&redirect_uri=https%3A%2F%2Fqa.nitro-integrations.biw.cloud%2Foidc_renew&response_type=code&scope=openid&state=a76c76f5f6ac4b74893452bcef7ac125&code_challenge=f4z2-5DcMK2rrnzWbsa51Baw4b_ZO_TCkvm0lX6JXXk&code_challenge_method=S256&prompt=none&response_mode=query HTTP 302
  • https://qa.nitro-integrations.biw.cloud/oidc_renew?error=login_required&error_description=End-User%20authentication%20is%20required&state=a76c76f5f6ac4b74893452bcef7ac125&session_state=1982603a6cb1b0b232d5df63c7b92f0160ed7fd2dbf964fd2ff4b30097c73fcc.5e666ff6616e1105

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
qa.nitro-integrations.biw.cloud/ 		281 B
890 B 		Document
General
Check archive.org
Download Go to
Full URL
https://qa.nitro-integrations.biw.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-88.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
51c4c73e180da5ad560d1107e4075d876b2ff9e5bb52e973451de36e118a523d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-store
content-length
281
content-type
text/html
date
Sat, 30 Sep 2023 18:06:06 GMT
etag
"a556e9167119640e2e655afb0dbcd6a7"
last-modified
Sun, 24 Sep 2023 02:26:01 GMT
referrer-policy
same-origin
server
AmazonS3
strict-transport-security
max-age=63072000; includeSubDomains; preload
via
1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
x-amz-cf-id
BgzhNilIkTYje65T3R4VhLYZurAepAzSggoMQmJ9pYJ3Jt8P-VQJhQ==
x-amz-cf-pop
FRA6-C1
x-amz-meta-biw-cpd-ci-commit
x-amz-meta-biw-cpd-ci-job
deploy-webapp-qa-us
x-amz-meta-biw-cpd-ci-pipeline
784573
x-amz-meta-biw-cpd-ci-project
nise-studio
x-amz-meta-biw-cpd-ci-system
gitlab
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-content-type-options
nosniff
904.af2938d600598517a0f6.js
qa.nitro-integrations.biw.cloud/ 		1 MB
356 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qa.nitro-integrations.biw.cloud/904.af2938d600598517a0f6.js?5e26ac621907d05b547d
Requested by
Host: qa.nitro-integrations.biw.cloud
URL: https://qa.nitro-integrations.biw.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-88.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a69cb79ccf36f0a7b45b852c6408601307297ebe4c4640d28d3c6904c343c407
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qa.nitro-integrations.biw.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 18:06:07 GMT
content-encoding
gzip
via
1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
FRA6-C1
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
x-amz-meta-biw-cpd-ci-system
gitlab
x-amz-meta-biw-cpd-ci-commit
x-amz-meta-biw-cpd-ci-job
deploy-webapp-qa-us
referrer-policy
same-origin
last-modified
Sun, 24 Sep 2023 02:16:58 GMT
x-amz-meta-biw-cpd-ci-project
nise-studio
server
AmazonS3
etag
W/"36735ce0e769dd1365f557e9b7c379ba"
vary
Accept-Encoding
content-type
application/javascript
x-amz-meta-biw-cpd-ci-pipeline
784572
x-amz-cf-id
q-DgWcHH7_NsRbKxDI1VEvwot43eWU4dXbdUcss0VIb1fnXTON_vbA==
app.aa80892b950ff62529a6.js
qa.nitro-integrations.biw.cloud/ 		816 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qa.nitro-integrations.biw.cloud/app.aa80892b950ff62529a6.js?5e26ac621907d05b547d
Requested by
Host: qa.nitro-integrations.biw.cloud
URL: https://qa.nitro-integrations.biw.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-88.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ace2288cd49b6bcfc6f8793db8232a3073f4e0ad5325e4e87f7340631fc6ee15
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qa.nitro-integrations.biw.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 18:06:07 GMT
content-encoding
gzip
via
1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
FRA6-C1
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
x-amz-meta-biw-cpd-ci-system
gitlab
x-amz-meta-biw-cpd-ci-commit
x-amz-meta-biw-cpd-ci-job
deploy-webapp-qa-us
referrer-policy
same-origin
last-modified
Sun, 24 Sep 2023 02:16:59 GMT
x-amz-meta-biw-cpd-ci-project
nise-studio
server
AmazonS3
etag
W/"99fc2fca00a2a12db96ded7187564fd0"
vary
Accept-Encoding
content-type
application/javascript
x-amz-meta-biw-cpd-ci-pipeline
784572
x-amz-cf-id
y1VW1OixkdM7cflSmKpZLlmZnNhIsZcn_Xdg2wm9eMX0j_ZoYL3J0w==
openid-configuration
qa.api.biw.cloud/v1/id/.well-known/ 		23 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://qa.api.biw.cloud/v1/id/.well-known/openid-configuration
Requested by
Host: qa.nitro-integrations.biw.cloud
URL: https://qa.nitro-integrations.biw.cloud/904.af2938d600598517a0f6.js?5e26ac621907d05b547d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.209.230.153 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-209-230-153.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
322a343726e7c8bba130a44ec5c2eddf5a16744dba27b0baf534c933f48378c8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains, max-age=63072000; includeSubDomains; preload, x-content-type-options: nosniff
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 18:06:07 GMT
strict-transport-security
max-age=15552000; includeSubDomains, max-age=63072000; includeSubDomains; preload, x-content-type-options: nosniff
x-content-type-options
nosniff
referrer-policy
no-referrer
content-encoding
gzip
x-permitted-cross-domain-policies
none
correlation-id
da0ca344-2f5f-4fb5-be71-5afe040c56c7
x-download-options
noopen
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
https://qa.nitro-integrations.biw.cloud
vary
Origin, Accept-Encoding
access-control-allow-credentials
true
x-xss-protection
0
oidc_renew
qa.nitro-integrations.biw.cloud/ Frame 66F7
Redirect Chain
  • https://qa.api.biw.cloud/v1/id/auth?client_id=https%3A%2F%2Fqa.nitro-integrations.biw.cloud&redirect_uri=https%3A%2F%2Fqa.nitro-integrations.biw.cloud%2Foidc_renew&response_type=code&scope=openid&s...
  • https://qa.nitro-integrations.biw.cloud/oidc_renew?error=login_required&error_description=End-User%20authentication%20is%20required&state=a76c76f5f6ac4b74893452bcef7ac125&session_state=1982603a6cb1...
281 B
889 B 		Document
General
Check archive.org
Download Go to
Full URL
https://qa.nitro-integrations.biw.cloud/oidc_renew?error=login_required&error_description=End-User%20authentication%20is%20required&state=a76c76f5f6ac4b74893452bcef7ac125&session_state=1982603a6cb1b0b232d5df63c7b92f0160ed7fd2dbf964fd2ff4b30097c73fcc.5e666ff6616e1105
Requested by
Host: qa.nitro-integrations.biw.cloud
URL: https://qa.nitro-integrations.biw.cloud/904.af2938d600598517a0f6.js?5e26ac621907d05b547d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-88.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
51c4c73e180da5ad560d1107e4075d876b2ff9e5bb52e973451de36e118a523d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-store
content-length
281
content-type
text/html
date
Sat, 30 Sep 2023 18:06:09 GMT
etag
"a556e9167119640e2e655afb0dbcd6a7"
last-modified
Sun, 24 Sep 2023 02:26:01 GMT
referrer-policy
same-origin
server
AmazonS3
strict-transport-security
max-age=63072000; includeSubDomains; preload
via
1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
x-amz-cf-id
u8LqAsIB2t0REUTx-qM_FFFqOrcr2etWn2aP_E3GOb97c876_QZAqA==
x-amz-cf-pop
FRA6-C1
x-amz-meta-biw-cpd-ci-commit
x-amz-meta-biw-cpd-ci-job
deploy-webapp-qa-us
x-amz-meta-biw-cpd-ci-pipeline
784573
x-amz-meta-biw-cpd-ci-project
nise-studio
x-amz-meta-biw-cpd-ci-system
gitlab
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
x-content-type-options
nosniff

Redirect headers

access-control-allow-credentials
true
cache-control
no-cache, no-store
content-length
587
content-type
text/html; charset=utf-8
correlation-id
b2ed95ff-fc70-4680-8fc8-af275dda15a6
date
Sat, 30 Sep 2023 18:06:08 GMT
location
https://qa.nitro-integrations.biw.cloud/oidc_renew?error=login_required&error_description=End-User%20authentication%20is%20required&state=a76c76f5f6ac4b74893452bcef7ac125&session_state=1982603a6cb1b0b232d5df63c7b92f0160ed7fd2dbf964fd2ff4b30097c73fcc.5e666ff6616e1105
pragma
no-cache
referrer-policy
no-referrer
strict-transport-security
max-age=15552000; includeSubDomains max-age=63072000; includeSubDomains; preload, x-content-type-options: nosniff
vary
Origin, Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
904.af2938d600598517a0f6.js
qa.nitro-integrations.biw.cloud/ Frame 66F7 		1 MB
356 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qa.nitro-integrations.biw.cloud/904.af2938d600598517a0f6.js?5e26ac621907d05b547d
Requested by
Host: qa.nitro-integrations.biw.cloud
URL: https://qa.nitro-integrations.biw.cloud/oidc_renew?error=login_required&error_description=End-User%20authentication%20is%20required&state=a76c76f5f6ac4b74893452bcef7ac125&session_state=1982603a6cb1b0b232d5df63c7b92f0160ed7fd2dbf964fd2ff4b30097c73fcc.5e666ff6616e1105
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-88.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a69cb79ccf36f0a7b45b852c6408601307297ebe4c4640d28d3c6904c343c407
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qa.nitro-integrations.biw.cloud/oidc_renew?error=login_required&error_description=End-User%20authentication%20is%20required&state=a76c76f5f6ac4b74893452bcef7ac125&session_state=1982603a6cb1b0b232d5df63c7b92f0160ed7fd2dbf964fd2ff4b30097c73fcc.5e666ff6616e1105
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 18:06:07 GMT
content-encoding
gzip
via
1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
FRA6-C1
age
3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-meta-biw-cpd-ci-system
gitlab
x-amz-meta-biw-cpd-ci-commit
x-amz-meta-biw-cpd-ci-job
deploy-webapp-qa-us
referrer-policy
same-origin
last-modified
Sun, 24 Sep 2023 02:16:58 GMT
x-amz-meta-biw-cpd-ci-project
nise-studio
server
AmazonS3
etag
W/"36735ce0e769dd1365f557e9b7c379ba"
vary
Accept-Encoding
content-type
application/javascript
x-amz-meta-biw-cpd-ci-pipeline
784572
x-amz-cf-id
0pqjIsbxCOuzwwIMc-GvtZU4LPbP2nOXe47VZu6dP_wtV1en5cATBw==
app.aa80892b950ff62529a6.js
qa.nitro-integrations.biw.cloud/ Frame 66F7 		816 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qa.nitro-integrations.biw.cloud/app.aa80892b950ff62529a6.js?5e26ac621907d05b547d
Requested by
Host: qa.nitro-integrations.biw.cloud
URL: https://qa.nitro-integrations.biw.cloud/oidc_renew?error=login_required&error_description=End-User%20authentication%20is%20required&state=a76c76f5f6ac4b74893452bcef7ac125&session_state=1982603a6cb1b0b232d5df63c7b92f0160ed7fd2dbf964fd2ff4b30097c73fcc.5e666ff6616e1105
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-88.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ace2288cd49b6bcfc6f8793db8232a3073f4e0ad5325e4e87f7340631fc6ee15
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qa.nitro-integrations.biw.cloud/oidc_renew?error=login_required&error_description=End-User%20authentication%20is%20required&state=a76c76f5f6ac4b74893452bcef7ac125&session_state=1982603a6cb1b0b232d5df63c7b92f0160ed7fd2dbf964fd2ff4b30097c73fcc.5e666ff6616e1105
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 18:06:07 GMT
content-encoding
gzip
via
1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
FRA6-C1
age
3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-meta-biw-cpd-ci-system
gitlab
x-amz-meta-biw-cpd-ci-commit
x-amz-meta-biw-cpd-ci-job
deploy-webapp-qa-us
referrer-policy
same-origin
last-modified
Sun, 24 Sep 2023 02:16:59 GMT
x-amz-meta-biw-cpd-ci-project
nise-studio
server
AmazonS3
etag
W/"99fc2fca00a2a12db96ded7187564fd0"
vary
Accept-Encoding
content-type
application/javascript
x-amz-meta-biw-cpd-ci-pipeline
784572
x-amz-cf-id
vhZ7ou2IMQCp0xpTrKx3CB5JqJx-0-IxSD8MNPLbk1lxQiW8phoNWQ==
Primary Request saml2
login.microsoftonline.com/d05ff0aa-d1f9-4dc3-a612-900ffab94d9f/
Redirect Chain
  • https://qa.api.biw.cloud/v1/id/auth?client_id=https%3A%2F%2Fqa.nitro-integrations.biw.cloud&redirect_uri=https%3A%2F%2Fqa.nitro-integrations.biw.cloud%2Foidc_signin&response_type=code&scope=openid%...
  • https://qa.api.biw.cloud/v1/id/interaction/1bc4b49b-ed8f-416c-ae0f-d23485ed7156
  • https://biw.auth.us-west-2.amazoncognito.com/authorize?response_type=token&client_id=7n6ovc29f6372qltenhr0m0ism&redirect_uri=https%3A%2F%2Fqa.api.biw.cloud%2Fv1%2Fid%2Fcognito%2Floggedin
  • https://login.microsoftonline.com/d05ff0aa-d1f9-4dc3-a612-900ffab94d9f/saml2?SAMLRequest=fZJNT8IwHMbvfoql927dBow1bISIJCZ6ENSDF9J1LTTZ2tl%2Fp%2BKntwwxcuHY5nlpfk9n86%2B2CT6EBWV0geKQoEBobmqldwV6eV7hKZ...
20 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/d05ff0aa-d1f9-4dc3-a612-900ffab94d9f/saml2?SAMLRequest=fZJNT8IwHMbvfoql927dBow1bISIJCZ6ENSDF9J1LTTZ2tl%2Fp%2BKntwwxcuHY5nlpfk9n86%2B2CT6EBWV0geKQoEBobmqldwV6eV7hKZqXNzNgbZN0dNG7vV6L916ACxYAwjrvuzUa%2BlbYjbAfiouX9UOB9s51QKOoUp8h866wB%2FzpXTgJWcu%2Bje%2FYaeVMyE0bDemRqjsroPNhAgVLr1WaueFZ57DG7JQOW8WtASOd0Y3SYkioyVhKwhiuY5njUc1TzCZxgnNCpGRVPqpzeapBwf2yQNt0QrKsFhVOx9MMjxIucZXGKeZMViNe5ck0ZV4K0It7DY5pV6CEJCkmOU7JczylZEJjzyvP3lDwegaYHAF6pBroCVmBequpYaCAatYKoI7TzeLxgXop7axxhpsGlSfCdCi0wcrYlrnr3uONqrEcpFRop9zhovu6nZ3XQ%2BVRdhqF%2Fq5CoaN%2Fg23v3EFuFln3NIv%2Bv7L8PV5%2Bi%2FIH&RelayState=H4sIAAAAAAAAAD2Q227iMBCG38XXOAcH7JA7sqUrECmFlsN2tUK2YxMvThyICQnVvvsaqerdPzP_nL5PQEECrg28icZCdJjaXr5NSL0CA8BcJZ3t4NskW8DZ06tLcZciFTYtR2OJI4LO2oqquARloJrSGXJnKKytm8T3z9SjtfKYunlcm2vut6Gvcp-bY6Ws8bU5HkWuKtclXJc1J_HQ0unHRiePIPkNREmVdoGpRaVyJ-qLkUoL8GcATs673B31qmi7bGtJxfDLr9etIZCN7XQ_x4gtpDFEi7_rrr3R-jy3fVqHL4Td6fYjK39s-FO1vaehZOrEO5q2wZkwgzbdaDFhG1HxfpPP19lUPu_D3fSkMyzmaC-K3bouZqrJ3knKu76C_U1OzHxpf-5kk7J3clh9tJtlv0q7oWRa0ec07mbueO0ufgChV1t439g9WtK7qb7IeNw8UJYgCfEYB2MSktC9DRJJdSMG4OJm4BjnYS4jGGOWwyGTGMajoYACRwhRhFAcPFhZZz1EOCAkFwxGo5jAIeISsiiMIKeSDTkbozii4N9_fZMqWQoCAAA.H4sIAAAAAAAAAAEgAN__a6XoT9Rh5XXjM8agM23nLHMZ_lqwtmwQefVqXlyx-dsWKKayIAAAAA.3
Requested by
Host: qa.nitro-integrations.biw.cloud
URL: https://qa.nitro-integrations.biw.cloud/904.af2938d600598517a0f6.js?5e26ac621907d05b547d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1036:3000:e8::3 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
9076
Content-Type
text/html; charset=utf-8
Date
Sat, 30 Sep 2023 18:06:10 GMT
Expires
-1
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+wst"}]}
x-ms-ests-server
2.1.16424.6 - EUS ProdSlices
x-ms-request-id
0a140f9f-4e74-45b4-8b4f-a1a99cc27900

Redirect headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
content-security-policy-report-only
script-src https://dpp0gtxikpq3y.cloudfront.net https://biw.auth.us-west-2.amazoncognito.com; style-src https://dpp0gtxikpq3y.cloudfront.net https://biw.auth.us-west-2.amazoncognito.com; img-src https://dpp0gtxikpq3y.cloudfront.net https://biw.auth.us-west-2.amazoncognito.com; report-uri https://biw.auth.us-west-2.amazoncognito.com/cspreport
date
Sat, 30 Sep 2023 18:06:11 GMT
location
https://login.microsoftonline.com/d05ff0aa-d1f9-4dc3-a612-900ffab94d9f/saml2?SAMLRequest=fZJNT8IwHMbvfoql927dBow1bISIJCZ6ENSDF9J1LTTZ2tl%2Fp%2BKntwwxcuHY5nlpfk9n86%2B2CT6EBWV0geKQoEBobmqldwV6eV7hKZqXNzNgbZN0dNG7vV6L916ACxYAwjrvuzUa%2BlbYjbAfiouX9UOB9s51QKOoUp8h866wB%2FzpXTgJWcu%2Bje%2FYaeVMyE0bDemRqjsroPNhAgVLr1WaueFZ57DG7JQOW8WtASOd0Y3SYkioyVhKwhiuY5njUc1TzCZxgnNCpGRVPqpzeapBwf2yQNt0QrKsFhVOx9MMjxIucZXGKeZMViNe5ck0ZV4K0It7DY5pV6CEJCkmOU7JczylZEJjzyvP3lDwegaYHAF6pBroCVmBequpYaCAatYKoI7TzeLxgXop7axxhpsGlSfCdCi0wcrYlrnr3uONqrEcpFRop9zhovu6nZ3XQ%2BVRdhqF%2Fq5CoaN%2Fg23v3EFuFln3NIv%2Bv7L8PV5%2Bi%2FIH&RelayState=H4sIAAAAAAAAAD2Q227iMBCG38XXOAcH7JA7sqUrECmFlsN2tUK2YxMvThyICQnVvvsaqerdPzP_nL5PQEECrg28icZCdJjaXr5NSL0CA8BcJZ3t4NskW8DZ06tLcZciFTYtR2OJI4LO2oqquARloJrSGXJnKKytm8T3z9SjtfKYunlcm2vut6Gvcp-bY6Ws8bU5HkWuKtclXJc1J_HQ0unHRiePIPkNREmVdoGpRaVyJ-qLkUoL8GcATs673B31qmi7bGtJxfDLr9etIZCN7XQ_x4gtpDFEi7_rrr3R-jy3fVqHL4Td6fYjK39s-FO1vaehZOrEO5q2wZkwgzbdaDFhG1HxfpPP19lUPu_D3fSkMyzmaC-K3bouZqrJ3knKu76C_U1OzHxpf-5kk7J3clh9tJtlv0q7oWRa0ec07mbueO0ufgChV1t439g9WtK7qb7IeNw8UJYgCfEYB2MSktC9DRJJdSMG4OJm4BjnYS4jGGOWwyGTGMajoYACRwhRhFAcPFhZZz1EOCAkFwxGo5jAIeISsiiMIKeSDTkbozii4N9_fZMqWQoCAAA.H4sIAAAAAAAAAAEgAN__a6XoT9Rh5XXjM8agM23nLHMZ_lqwtmwQefVqXlyx-dsWKKayIAAAAA.3
pragma
no-cache
server
Server
strict-transport-security
max-age=31536000 ; includeSubDomains
x-amz-cognito-request-id
686d1df3-86bd-4bf6-854e-e6322a22280d
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block
BssoInterrupt_Core_pOO34JFwD1EVcxt413xLZg2.js
aadcdn.msftauth.net/shared/1.0/content/js/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
aadcdn.msftauth.net
URL
https://aadcdn.msftauth.net/shared/1.0/content/js/BssoInterrupt_Core_pOO34JFwD1EVcxt413xLZg2.js

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

7 Cookies

Domain/Path Name / Value
qa.api.biw.cloud/v1/id/interaction/1bc4b49b-ed8f-416c-ae0f-d23485ed7156 Name: _grant
Value: 1bc4b49b-ed8f-416c-ae0f-d23485ed7156
qa.api.biw.cloud/v1/id/interaction/1bc4b49b-ed8f-416c-ae0f-d23485ed7156 Name: _grant.sig
Value: FSjD3KxnpbzSEf6grAKjEciSr9Y
qa.api.biw.cloud/v1/id/auth/1bc4b49b-ed8f-416c-ae0f-d23485ed7156 Name: _grant
Value: 1bc4b49b-ed8f-416c-ae0f-d23485ed7156
qa.api.biw.cloud/v1/id/auth/1bc4b49b-ed8f-416c-ae0f-d23485ed7156 Name: _grant.sig
Value: FSjD3KxnpbzSEf6grAKjEciSr9Y
qa.api.biw.cloud/ Name: _state.https://qa.nitro-integrations.biw.cloud
Value: 323217f643c3e3f1fe7532e72ac01bb0748c97be
qa.api.biw.cloud/ Name: _state.https://qa.nitro-integrations.biw.cloud.sig
Value: s3yHk1WPk1zBE-G0lomEGQbyYgw
qa.api.biw.cloud/ Name: _cognito-grant
Value: 1bc4b49b-ed8f-416c-ae0f-d23485ed7156

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff