flowableaccount.b2clogin.com
Open in
urlscan Pro
20.190.159.68
Public Scan
Effective URL: https://flowableaccount.b2clogin.com/flowableaccount.onmicrosoft.com/oauth2/v2.0/authorize?p=B2C_1A_FLW_SIGNUP_SIGNIN&response_type=c...
Submission: On January 12 via automatic, source certstream-suspicious — Scanned from NL
Summary
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on October 19th 2022. Valid for: a year.
This is the only time flowableaccount.b2clogin.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 2 | 20.126.191.40 20.126.191.40 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
3 | 20.190.159.68 20.190.159.68 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
4 | 20.60.251.161 20.60.251.161 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 142.250.201.202 142.250.201.202 | 15169 (GOOGLE) (GOOGLE) | |
3 | 142.250.74.195 142.250.74.195 | 15169 (GOOGLE) (GOOGLE) | |
11 | 4 |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
work.prod.account.flowable.io |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
flowableaccount.b2clogin.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
customoauthview.blob.core.windows.net |
ASN15169 (GOOGLE, US)
PTR: bud02s35-in-f10.1e100.net
fonts.googleapis.com |
ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f3.1e100.net
fonts.gstatic.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
windows.net
customoauthview.blob.core.windows.net |
507 KB |
3 |
gstatic.com
fonts.gstatic.com |
91 KB |
3 |
b2clogin.com
flowableaccount.b2clogin.com |
158 KB |
2 |
flowable.io
2 redirects
work.prod.account.flowable.io |
942 B |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 36 |
1 KB |
11 | 5 |
Domain | Requested by | |
---|---|---|
4 | customoauthview.blob.core.windows.net |
flowableaccount.b2clogin.com
customoauthview.blob.core.windows.net |
3 | fonts.gstatic.com |
fonts.googleapis.com
|
3 | flowableaccount.b2clogin.com |
flowableaccount.b2clogin.com
|
2 | work.prod.account.flowable.io | 2 redirects |
1 | fonts.googleapis.com |
flowableaccount.b2clogin.com
|
11 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
deploy-preview-362--flowable3x.netlify.app |
Subject Issuer | Validity | Valid | |
---|---|---|---|
graph.windows.net DigiCert SHA2 Secure Server CA |
2022-10-19 - 2023-10-19 |
a year | crt.sh |
*.blob.core.windows.net Microsoft RSA TLS CA 01 |
2022-12-20 - 2023-12-20 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-11-28 - 2023-02-20 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2022-12-12 - 2023-03-06 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://flowableaccount.b2clogin.com/flowableaccount.onmicrosoft.com/oauth2/v2.0/authorize?p=B2C_1A_FLW_SIGNUP_SIGNIN&response_type=code&client_id=07314b1c-71ae-40c4-85cc-22adff89ea1d&scope=07314b1c-71ae-40c4-85cc-22adff89ea1d%20openid%20profile%20email&state=tbPTnT5A-B6_GsiHKoiiJO0qJ005fOjzHOx2Z3yoSbs%3D&redirect_uri=https://work.prod.account.flowable.io/login/oauth2/code/azure&nonce=WIPXtrqy3CuNMnVOLsL7v3TwoYbXyatjOn2sXtLJaOA
Frame ID: 5DD65F9A1C3A810D2E776CD5B9047094
Requests: 11 HTTP requests in this frame
Screenshot
Page Title
Flowable Cloud | Try Flowable Work nowPage URL History Show full URLs
-
https://work.prod.account.flowable.io/
HTTP 302
https://work.prod.account.flowable.io/oauth2/authorization/azure HTTP 302
https://flowableaccount.b2clogin.com/flowableaccount.onmicrosoft.com/oauth2/v2.0/authorize?p=B2C_1A_FLW_SIGNUP_SI... Page URL
Detected technologies
Google Font API (Font Scripts) ExpandDetected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Sign up here.
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://work.prod.account.flowable.io/
HTTP 302
https://work.prod.account.flowable.io/oauth2/authorization/azure HTTP 302
https://flowableaccount.b2clogin.com/flowableaccount.onmicrosoft.com/oauth2/v2.0/authorize?p=B2C_1A_FLW_SIGNUP_SIGNIN&response_type=code&client_id=07314b1c-71ae-40c4-85cc-22adff89ea1d&scope=07314b1c-71ae-40c4-85cc-22adff89ea1d%20openid%20profile%20email&state=tbPTnT5A-B6_GsiHKoiiJO0qJ005fOjzHOx2Z3yoSbs%3D&redirect_uri=https://work.prod.account.flowable.io/login/oauth2/code/azure&nonce=WIPXtrqy3CuNMnVOLsL7v3TwoYbXyatjOn2sXtLJaOA Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
authorize
flowableaccount.b2clogin.com/flowableaccount.onmicrosoft.com/oauth2/v2.0/ Redirect Chain
|
431 KB 157 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
cspreport
flowableaccount.b2clogin.com/flowableaccount.onmicrosoft.com/B2C_1A_FLW_signup_signin/client/ |
0 447 B |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.html
customoauthview.blob.core.windows.net/root/ |
2 KB 2 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
flowable_logo.svg
customoauthview.blob.core.windows.net/root/assets/ |
3 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
7 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
customoauthview.blob.core.windows.net/root/assets/ |
3 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
perftrace
flowableaccount.b2clogin.com/flowableaccount.onmicrosoft.com/B2C_1A_FLW_signup_signin/client/ |
0 447 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
flowable_work_banner_2800.jpg
customoauthview.blob.core.windows.net/root/assets/ |
497 KB 497 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ |
30 KB 31 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ |
30 KB 30 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ |
30 KB 30 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
33 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontentvisibilityautostatechange object| CP object| SA_FIELDS object| CONTENT object| SETTINGS string| staticHost string| targetSlice string| targetDc number| initializationTimeout boolean| diagsAlways number| maxTrace function| sanitizeHtml function| PageLoadTime function| _isFunction function| _mapObject function| _getPerformanceObjectData function| $trace object| $diags object| $santizer object| preloadCssLink object| $i2e object| $predicateValidation object| $element function| checkCssPreloaded function| preloadJavaScript object| $cors function| applyTenantBranding function| sendPageLoadTime function| $ function| jQuery boolean| pageReady object| Handlebars boolean| contentReady5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
work.prod.account.flowable.io/ | Name: XSRF-TOKEN Value: 2caf2ce9-454c-4d51-a339-609ad5751939 |
|
work.prod.account.flowable.io/ | Name: JSESSIONID Value: 2ACBC1647077968B1C92B47F0465AE1D |
|
.flowableaccount.b2clogin.com/ | Name: x-ms-cpim-csrf Value: dmdsRWVkNkVYRmRsQUhDTkZ6ZDl6bVhGK2wxclU1cG1IZUpIU3FmNTFxbXBSaCt3RmNtcnNocU9IRkRLNG93UlZ0d0xDOUtUdS9ERDNEUy9GUTE1bEE9PTsyMDIzLTAxLTEyVDE3OjAzOjMwLjg1MDk1MjNaO0sxWUwzcDFZU0tPelpDSVhRU0lGRkE9PTt7Ik9yY2hlc3RyYXRpb25TdGVwIjoxfQ== |
|
.flowableaccount.b2clogin.com/ | Name: x-ms-cpim-cache|anih-nyykus0wwpjgfzyca_0 Value: m1.BimSEt4Oso1FWC3L.bItwIB/ysjI/6A2u7Bv/Xw==.0.hcG/dH7MefV1mzflMxewL1DUtoiDYlheoXrbdAd/pADCIIkGuo/SNmcqDFo6y5zWJaPJEQ3l/F+DFKBByCgBTy+vCOZetNKm0dIt+AZd2kChsSU6LAGpUfwRTyePW0hiDCDSlGIbGbO5LdzH4qVXS4HfwPsaOU7duIzYcJvGPRep/49dbPBwigkDS4LmV0JCSTIP0oKwWpJM02W0StKwFBKOgw+bcunY9VcrgRcPGHkmgqdVCK3+7wGUM0J1c+YBizgfQjZDqzj1xqsEMDYv7PWO1wynCqWLc1AB/lAsujL1FYWXvpqR6x7MzxprOjMoApxv7Ek27rXpeOmY6HMh3xqES/ZlO/P5v63ju1f3X2XZlvf5oW4Q/fB/Lb207Sh237amgpa06VssFEozGJZJUMiu826TWCvitWG/XHImMlWdUcVgBTMH89hVDCPANeB/AsO5gky29Xnh9e9Leunx7Zej/FiEf1yGoPlinS1d47yAD/4MqxVuaK+3KdPsfDfJeT0SM09rGRR3IVR2hxMbwvn1tg4TihrCinc/zNOQe7m7NZpfVdyYX9hfQ7ln7RrSmz0bPLJMUNkKUFgS/YqCQwaIsbrHaxtAVxxVo/fupZgbJ7Ot/M+k6fxGUUq5HVt/9f4gh9Kx9mdBUH+Bu7lxKZtLBIXQMzkK6sQzvPMYGRWhE5vzChszUWUhHM7pTCq9tH8rGEG9QAuwPaUlnILY2J096+Ln5fbyRw== |
|
.flowableaccount.b2clogin.com/ | Name: x-ms-cpim-trans Value: eyJUX0RJQyI6W3siSSI6ImZhMDdkMjAwLTE4NzYtNDQ5MS1iNDU5LTYzZTM4MDVjZjIwOCIsIlQiOiJmbG93YWJsZWFjY291bnQub25taWNyb3NvZnQuY29tIiwiUCI6IkIyQ18xQV9GTFdfU0lHTlVQX1NJR05JTiIsIkMiOiIwNzMxNGIxYy03MWFlLTQwYzQtODVjYy0yMmFkZmY4OWVhMWQiLCJTIjoxLCJNIjp7fSwiRCI6MH1dLCJDX0lEIjoiZmEwN2QyMDAtMTg3Ni00NDkxLWI0NTktNjNlMzgwNWNmMjA4In0= |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | script-src 'strict-dynamic' 'self' 'nonce-d06pVWSsQsi9ebmODiG7pQ==' 'report-sample'; report-uri /flowableaccount.onmicrosoft.com/B2C_1A_FLW_signup_signin/client/cspreport?p=B2C_1A_FLW_signup_signin |
Strict-Transport-Security | max-age=31536000; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Frame-Options | DENY |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
customoauthview.blob.core.windows.net
flowableaccount.b2clogin.com
fonts.googleapis.com
fonts.gstatic.com
work.prod.account.flowable.io
142.250.201.202
142.250.74.195
20.126.191.40
20.190.159.68
20.60.251.161
45e78216d62e7ef2a2c7d0bda526ddfb789444fb8a986b024d059373acb27c16
7c379e8ad6393765f0d995d69881776533188b484351e7ca1e92a31d4140988c
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
ca69418697e18cb7886848ec2c917fafdf2bf58a2668a55866b3ecc0199a73bb
d25464e7c746ae108c03cbc12d9478d4a899e25381c85ec6929d79437cd7351d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7e6a331fe48da62ab061523e012c1a72546d25b1540c37b0c90a59bb8c30785
fe64e98033dedd770385788525d782d2d4004e7e6806c40edcafd14a7f0d0046