bonjour.cforp.io Open in urlscan Pro
52.228.84.36 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://litteratout-demo.cforp.io/
Effective URL:
https://bonjour.cforp.io/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3Did_token%26scope%3Dopenid%25...
Submission: On April 22 via api (April 22nd 2024, 10:14:25 pm UTC) from US — Scanned from CA

Summary HTTP 31 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 31 HTTP transactions. The main IP is 52.228.84.36, located in Toronto, Canada and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is bonjour.cforp.io.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on August 14th 2023. Valid for: a year.

This is the only time bonjour.cforp.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.138.1.32 52.138.1.32	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 27	52.228.84.36 52.228.84.36	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	172.253.115.95 172.253.115.95	15169 (GOOGLE) (GOOGLE)
1	13.107.253.38 13.107.253.38	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	142.251.167.94 142.251.167.94	15169 (GOOGLE) (GOOGLE)
2	20.220.1.65 20.220.1.65	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
31	5

1 52.138.1.32 (Toronto, Canada) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

litteratout-demo.cforp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 52.228.84.36 (Toronto, Canada) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bonjour.cforp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.115.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.253.38 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

js.monitor.azure.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.167.94 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.220.1.65 (Toronto, Canada)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

canadacentral-1.in.applicationinsights.azure.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	cforp.io 2 redirects litteratout-demo.cforp.io bonjour.cforp.io	270 KB
3	azure.com js.monitor.azure.com — Cisco Umbrella Rank: 657 canadacentral-1.in.applicationinsights.azure.com — Cisco Umbrella Rank: 85723	46 KB
1	gstatic.com fonts.gstatic.com	16 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	1003 B
31	4

	Domain	Requested by
27	bonjour.cforp.io	1 redirects bonjour.cforp.io
2	canadacentral-1.in.applicationinsights.azure.com	js.monitor.azure.com
1	fonts.gstatic.com	fonts.googleapis.com
1	js.monitor.azure.com	bonjour.cforp.io
1	fonts.googleapis.com	bonjour.cforp.io
1	litteratout-demo.cforp.io	1 redirects
31	6

This site contains no links.

Subject Issuer	Validity	Valid
bonjour.cforp.io Go Daddy Secure Certificate Authority - G2	`2023-08-14` - `2024-08-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-03-18` - `2024-06-10`	3 months	crt.sh
js.monitor.azure.com Microsoft Azure RSA TLS Issuing CA 07	`2024-03-18` - `2025-03-13`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-03-18` - `2024-06-10`	3 months	crt.sh
prod.ai.ingestion.msftcloudes.com Microsoft Azure RSA TLS Issuing CA 04	`2024-04-15` - `2025-04-10`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://bonjour.cforp.io/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3Did_token%26scope%3Dopenid%2520profile%2520bonjour_org%26client_id%3D6cd70c67-760b-4104-b423-1f3c57b5b667%26state%3DvHqGhlYDrBQwjew8oBQZH3Lud6Q%26redirect_uri%3Dhttps%253A%252F%252Flitteratout-demo.cforp.io%252Fsignin-oidc%26nonce%3DV31KW29rgDJlnrs7QazB4VEljvRPw38uf_33f0-eLls
Frame ID: 2EC879986B4BF17225590690A0533133
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bonjour - CFORP single sign-on

Page URL History Show full URLs

https://litteratout-demo.cforp.io/ HTTP 302
https://bonjour.cforp.io/connect/authorize?response_type=id_token&scope=openid%20profile%20bonjour_or... HTTP 302
https://bonjour.cforp.io/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3Did_token... Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

31
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

6
Subdomains

5
IPs

2
Countries

331 kB
Transfer

421 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://litteratout-demo.cforp.io/ HTTP 302
https://bonjour.cforp.io/connect/authorize?response_type=id_token&scope=openid%20profile%20bonjour_org&client_id=6cd70c67-760b-4104-b423-1f3c57b5b667&state=vHqGhlYDrBQwjew8oBQZH3Lud6Q&redirect_uri=https%3A%2F%2Flitteratout-demo.cforp.io%2Fsignin-oidc&nonce=V31KW29rgDJlnrs7QazB4VEljvRPw38uf_33f0-eLls HTTP 302
https://bonjour.cforp.io/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3Did_token%26scope%3Dopenid%2520profile%2520bonjour_org%26client_id%3D6cd70c67-760b-4104-b423-1f3c57b5b667%26state%3DvHqGhlYDrBQwjew8oBQZH3Lud6Q%26redirect_uri%3Dhttps%253A%252F%252Flitteratout-demo.cforp.io%252Fsignin-oidc%26nonce%3DV31KW29rgDJlnrs7QazB4VEljvRPw38uf_33f0-eLls Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request Login Show response
bonjour.cforp.io/
Redirect Chain

https://litteratout-demo.cforp.io/
https://bonjour.cforp.io/connect/authorize?response_type=id_token&scope=openid%20profile%20bonjour_org&client_id=6cd70c67-760b-4104-b423-1f3c57b5b667&state=vHqGhlYDrBQwjew8oBQZH3Lud6Q&redirect_uri=...
https://bonjour.cforp.io/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3Did_token%26scope%3Dopenid%2520profile%2520bonjour_org%26client_id%3D6cd70c67-760b-4104-b423-1f3c57b5b667...

20 KB
6 KB

42ms
42ms

Document
text/html

52.228.84.36
MICROSOFT-CORP-MS...

General

Domain/Path	Expires	Name / Value
litteratout-demo.cforp.io/	1969-12-31 23:59:59	Name: mod_auth_openidc_state_vHqGhlYDrBQwjew8oBQZH3Lud6Q Value: eyJhbGciOiAiZGlyIiwgImVuYyI6ICJBMjU2R0NNIn0..cKPlmDBGI86Ot_3Q.HgIL8J2tDgkjcg0Y9u9K1zlkok-2gl-nZTaoNWvdYmF2t8x5NYMBMdHeTSN89FQFLTD4U9NKjs-CESmrZr9zTh3TLzD3STvWVJ0iXWAPyHgG-0XNu7SQUM0UoTZVUoCnN5WkCYlLYYxakPpNSSt9uLwusZ7riPbAIHFf_Seegge7Kz9T_NeL5bUh-vqCqJjKtKYcfo5w3sPEBblpitC8a-n-y5ndZu5icCY3s2Az3ezCYldauRoONtAoaP19Xuz5P6ETbjoI76UdKJMf04vXyL5NJUZvdeAOHboTfcR3Ad_t5FdZnXX6rdneIvTKGVIFkEaJf4lfzGCwWgGsgYzML1c_VIaAgIduGqt8Xi_3V1SqA_I7HcOQqZPZC9Bj6-kw3w.NsST870jkcfVUv6mjVJh_Q
.bonjour.cforp.io/	1969-12-31 23:59:59	Name: ARRAffinity Value: 792fc2f61675aeee2bad0e7e62dcdd0c28ed7ea67039ae12c9f77b0caaf13b01
.bonjour.cforp.io/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: 792fc2f61675aeee2bad0e7e62dcdd0c28ed7ea67039ae12c9f77b0caaf13b01
bonjour.cforp.io/	1970-01-21 04:49:20	Name: ai_user Value: AM+fNavDHXjK5Nea138zmc\|2024-04-22T22:14:21.692Z
bonjour.cforp.io/	1970-01-20 20:03:45	Name: ai_session Value: Gvdhrm0O/OZvp1FNv5I5DT\|1713824061798\|1713824061798

bonjour.cforp.io Open in urlscan Pro 52.228.84.36 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

31 Requests

100 %HTTPS

0 %IPv6

4 Domains

6 Subdomains

5 IPs

2 Countries

331 kBTransfer

421 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

31 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

bonjour.cforp.io Open in urlscan Pro
52.228.84.36 Public Scan

Screenshot
Live screenshot

Full Image

31
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

6
Subdomains

5
IPs

2
Countries

331 kB
Transfer

421 kB
Size

5
Cookies

31 HTTP transactions
0 data transactions