![](/screenshots/bf80b18e-cabb-4227-bba3-32cc40a8a1a2.png)
login.24sevenoffice.com
Open in
urlscan Pro
2606:4700::6810:605e
Public Scan
Effective URL: https://login.24sevenoffice.com/login?state=hKFo2SBCZnlnaFBac1RFcVk1dHlZcTZHRVRRQTdNS2NQUXVCaKFupWxvZ2luo3RpZNkgdGVNb1JFVTVjVjBD...
Submission: On September 03 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 1st 2020. Valid for: a year.
This is the only time login.24sevenoffice.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2a01:5b40:0:2... 2a01:5b40:0:248::52 | 12996 (DOMENESHO...) (DOMENESHOP Oslo) | |
1 8 | 82.117.32.38 82.117.32.38 | 21119 (WAN-) (WAN-) | |
1 | 151.101.13.26 151.101.13.26 | 54113 (FASTLY) (FASTLY) | |
1 | 2a00:1450:400... 2a00:1450:4001:810::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 213.179.55.47 213.179.55.47 | 16186 (ASN-SSC) (ASN-SSC) | |
1 4 | 2606:4700::68... 2606:4700::6810:605e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 2606:4700::68... 2606:4700::6810:125e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 143.204.103.120 143.204.103.120 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 65.9.64.184 65.9.64.184 | 16509 (AMAZON-02) (AMAZON-02) | |
1 1 | 13.32.121.33 13.32.121.33 | 16509 (AMAZON-02) (AMAZON-02) | |
3 | 18.66.112.111 18.66.112.111 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 99.83.219.81 99.83.219.81 | 16509 (AMAZON-02) (AMAZON-02) | |
24 | 11 |
ASN16186 (ASN-SSC, NO)
PTR: mldjnf.ip.ssc.net
translation.api.24sevenoffice.com | |
identity.api.24sevenoffice.com |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-103-120.fra50.r.cloudfront.net
cdn.auth0.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-33.fra60.r.cloudfront.net
widget.intercom.io |
ASN16509 (AMAZON-02, US)
PTR: ad8b87a22ce463223.awsglobalaccelerator.com
api-iam.intercom.io |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
24sevenoffice.com
2 redirects
app.24sevenoffice.com translation.api.24sevenoffice.com login.24sevenoffice.com Failed identity.api.24sevenoffice.com |
449 KB |
3 |
intercomcdn.com
js.intercomcdn.com |
114 KB |
3 |
cloudflare.com
cdnjs.cloudflare.com |
44 KB |
2 |
intercom.io
1 redirects
widget.intercom.io api-iam.intercom.io |
3 KB |
2 |
auth0.com
cdn.auth0.com cdn.eu.auth0.com |
230 KB |
1 |
googleapis.com
fonts.googleapis.com |
1 KB |
1 |
polyfill.io
cdn.polyfill.io |
545 B |
1 |
styringsgruppen.no
1 redirects
regnskap.styringsgruppen.no |
153 B |
24 | 8 |
Domain | Requested by | |
---|---|---|
8 | app.24sevenoffice.com |
1 redirects
app.24sevenoffice.com
login.24sevenoffice.com |
4 | login.24sevenoffice.com |
app.24sevenoffice.com
cdn.auth0.com |
3 | js.intercomcdn.com |
widget.intercom.io
|
3 | cdnjs.cloudflare.com |
login.24sevenoffice.com
|
1 | api-iam.intercom.io |
js.intercomcdn.com
|
1 | widget.intercom.io | 1 redirects |
1 | identity.api.24sevenoffice.com |
app.24sevenoffice.com
|
1 | cdn.eu.auth0.com |
cdn.auth0.com
|
1 | cdn.auth0.com |
login.24sevenoffice.com
|
1 | translation.api.24sevenoffice.com |
app.24sevenoffice.com
|
1 | fonts.googleapis.com |
app.24sevenoffice.com
|
1 | cdn.polyfill.io |
app.24sevenoffice.com
|
1 | regnskap.styringsgruppen.no | 1 redirects |
24 | 13 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.24sevenoffice.com AlphaSSL CA - SHA256 - G2 |
2020-01-13 - 2022-02-10 |
2 years | crt.sh |
polyfill.io GlobalSign Atlas R3 DV TLS CA 2020 |
2021-06-04 - 2022-07-06 |
a year | crt.sh |
upload.video.google.com GTS CA 1O1 |
2021-08-16 - 2021-11-08 |
3 months | crt.sh |
*.api.24sevenoffice.com R3 |
2021-07-23 - 2021-10-21 |
3 months | crt.sh |
login.24sevenoffice.com Cloudflare Inc ECC CA-3 |
2020-12-01 - 2021-11-30 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-10-21 - 2021-10-20 |
a year | crt.sh |
*.auth0.com Amazon |
2021-04-25 - 2022-05-24 |
a year | crt.sh |
*.eu.auth0.com Amazon |
2021-06-15 - 2022-07-14 |
a year | crt.sh |
*.intercomcdn.com Amazon |
2021-03-01 - 2022-03-30 |
a year | crt.sh |
*.intercom.com Amazon |
2021-04-15 - 2022-05-14 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://login.24sevenoffice.com/login?state=hKFo2SBCZnlnaFBac1RFcVk1dHlZcTZHRVRRQTdNS2NQUXVCaKFupWxvZ2luo3RpZNkgdGVNb1JFVTVjVjBDdi1rd1F5dDFLc04xbmoxTUcxSEujY2lk2SBJTkdvWXVEWkRnYXhUOEpPTDY0TTd2bkpjeEVHeENpMA&client=INGoYuDZDgaxT8JOL64M7vnJcxEGxCi0&protocol=oauth2&audience=https%3A%2F%2Fapp.24sevenoffice.com&response_type=token&redirect_uri=https%3A%2F%2Fapp.24sevenoffice.com%2Fmodules%2Fauth%2Flogin-callback&scope=openid%20profile%20email&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4wIn0%3D
Frame ID: ED2ECE8B161EA2CCB1D300F621C4FF6F
Requests: 21 HTTP requests in this frame
Frame:
https://js.intercomcdn.com/frame-modern.d29790fe.js
Frame ID: FAAD2FDC43741A74014625F77DA62038
Requests: 3 HTTP requests in this frame
Screenshot
![](/screenshots/bf80b18e-cabb-4227-bba3-32cc40a8a1a2.png)
Page Title
Login | 24SevenOfficePage URL History Show full URLs
-
https://regnskap.styringsgruppen.no/
HTTP 301
https://app.24sevenoffice.com/login/ HTTP 302
https://app.24sevenoffice.com/modules/auth/login Page URL
-
https://login.24sevenoffice.com/authorize?client_id=INGoYuDZDgaxT8JOL64M7vnJcxEGxCi0&audience=https%3A%2F%2F...
HTTP 302
https://login.24sevenoffice.com/login?state=hKFo2SBCZnlnaFBac1RFcVk1dHlZcTZHRVRRQTdNS2NQUXVCaKFupWxvZ2luo3Rp... Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://regnskap.styringsgruppen.no/
HTTP 301
https://app.24sevenoffice.com/login/ HTTP 302
https://app.24sevenoffice.com/modules/auth/login Page URL
-
https://login.24sevenoffice.com/authorize?client_id=INGoYuDZDgaxT8JOL64M7vnJcxEGxCi0&audience=https%3A%2F%2Fapp.24sevenoffice.com&response_type=token&redirect_uri=https%3A%2F%2Fapp.24sevenoffice.com%2Fmodules%2Fauth%2Flogin-callback&state=76GL2iawsCnzoftbTwl64HNImQjNNhZx&scope=openid%20profile%20email&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4wIn0%3D
HTTP 302
https://login.24sevenoffice.com/login?state=hKFo2SBCZnlnaFBac1RFcVk1dHlZcTZHRVRRQTdNS2NQUXVCaKFupWxvZ2luo3RpZNkgdGVNb1JFVTVjVjBDdi1rd1F5dDFLc04xbmoxTUcxSEujY2lk2SBJTkdvWXVEWkRnYXhUOEpPTDY0TTd2bkpjeEVHeENpMA&client=INGoYuDZDgaxT8JOL64M7vnJcxEGxCi0&protocol=oauth2&audience=https%3A%2F%2Fapp.24sevenoffice.com&response_type=token&redirect_uri=https%3A%2F%2Fapp.24sevenoffice.com%2Fmodules%2Fauth%2Flogin-callback&scope=openid%20profile%20email&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4wIn0%3D Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://regnskap.styringsgruppen.no/ HTTP 301
- https://app.24sevenoffice.com/login/ HTTP 302
- https://app.24sevenoffice.com/modules/auth/login
- https://widget.intercom.io/widget/rd2w6ddu HTTP 302
- https://js.intercomcdn.com/shim.latest.js
24 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
login
app.24sevenoffice.com/modules/auth/ Redirect Chain
|
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
.env.js
app.24sevenoffice.com/modules/well-known/ |
12 KB 12 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
polyfill.min.js
cdn.polyfill.io/v3/ |
101 B 545 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2.4483069e.chunk.css
app.24sevenoffice.com/modules/auth/static/css/ |
309 B 809 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2.b10fd56f.chunk.js
app.24sevenoffice.com/modules/auth/static/js/ |
1 MB 395 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.db7316ab.chunk.js
app.24sevenoffice.com/modules/auth/static/js/ |
47 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
24 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
words
translation.api.24sevenoffice.com/ |
224 KB 0 |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
authorize
login.24sevenoffice.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
Primary Request
login
login.24sevenoffice.com/ Redirect Chain
|
14 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
moment.min.js
cdnjs.cloudflare.com/ajax/libs/moment.js/2.24.0/ |
52 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
moment-timezone-with-data.min.js
cdnjs.cloudflare.com/ajax/libs/moment-timezone/0.5.25/ |
909 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lock.min.js
cdn.auth0.com/js/lock/11.21.1/ |
810 KB 229 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
qs.min.js
cdnjs.cloudflare.com/ajax/libs/qs/6.8.0/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
intercom.min.js
app.24sevenoffice.com/scriptaspx/tfsoheader/build/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
24SevenOffice_logo_vert_blue.png
app.24sevenoffice.com/login/img/24so/ |
16 KB 16 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
INGoYuDZDgaxT8JOL64M7vnJcxEGxCi0.js
cdn.eu.auth0.com/client/ |
822 B 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-29 |
challenge
login.24sevenoffice.com/usernamepassword/ |
9 B 797 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
identity.api.24sevenoffice.com/ |
115 B 444 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
ssodata
login.24sevenoffice.com/user/ |
13 B 519 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
shim.latest.js
js.intercomcdn.com/ Redirect Chain
|
18 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
frame-modern.d29790fe.js
js.intercomcdn.com/ Frame FAAD |
258 KB 69 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor-modern.b64a202f.js
js.intercomcdn.com/ Frame FAAD |
125 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
ping
api-iam.intercom.io/messenger/web/ Frame FAAD |
11 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- login.24sevenoffice.com
- URL
- https://login.24sevenoffice.com/authorize?client_id=INGoYuDZDgaxT8JOL64M7vnJcxEGxCi0&audience=https%3A%2F%2Fapp.24sevenoffice.com&response_type=token&redirect_uri=https%3A%2F%2Fapp.24sevenoffice.com%2Fmodules%2Fauth%2Flogin-callback&state=g8qNll~lZqewT_eUGJFAM7Sk1aBFipa6&scope=openid%20profile%20email&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4wIn0%3D
Verdicts & Comments Add Verdict or Comment
37 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| moment object| Auth0 function| Auth0Lock function| Auth0LockPasswordless object| Qs function| getLocale object| additionalTranslationsByLanguage object| config string| returnUrl object| __loadedAt function| __ensureValid undefined| connection object| languageDictionary string| language object| validLanguages object| tfsoLanguageMap string| tfsoLanguage object| additionalTranslations undefined| loginHint object| options object| lock function| getReturnUrl object| _intercomSettings function| Intercom function| __intercomAssignLocation2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
login.24sevenoffice.com/ | Name: did_compat Value: s%3Av0%3Aa7c0bca0-0c86-11ec-8c83-093bfeff3664.HCdrNZ2FQnAiqTO5SK7Vw5rk4P%2BGq1hF41IhtCh%2FaCM |
|
login.24sevenoffice.com/ | Name: did Value: s%3Av0%3Aa7c0bca0-0c86-11ec-8c83-093bfeff3664.HCdrNZ2FQnAiqTO5SK7Vw5rk4P%2BGq1hF41IhtCh%2FaCM |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api-iam.intercom.io
app.24sevenoffice.com
cdn.auth0.com
cdn.eu.auth0.com
cdn.polyfill.io
cdnjs.cloudflare.com
fonts.googleapis.com
identity.api.24sevenoffice.com
js.intercomcdn.com
login.24sevenoffice.com
regnskap.styringsgruppen.no
translation.api.24sevenoffice.com
widget.intercom.io
login.24sevenoffice.com
13.32.121.33
143.204.103.120
151.101.13.26
18.66.112.111
213.179.55.47
2606:4700::6810:125e
2606:4700::6810:605e
2a00:1450:4001:810::200a
2a01:5b40:0:248::52
65.9.64.184
82.117.32.38
99.83.219.81
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5
01a87ba4d5ac9945edbe0501627f363e6bf0b493e238dac7911cab9cd563123e
06486cabfb771c2f089c450b8a00c03c02014c682f44b9c3989123bb206f03a5
069a660398be8db8f9b6d8dad3f052d9a061b697b5354c24784c62d3df0a82f7
109cdd7ef931af5342f8282754524658d3817fbb3f4476f46548fb66a9fb2e3e
4b463bb14e596f489375e5838968175b0d50e84e333d79fcc81e01ee6e006d96
55a99e5640117caff517054f278e38f7de4e51d1ef783f61956f205a5440e791
5fdfefc7da89f4b24de55c8ee72a8114df9ebfd8f9e0ffbaccf52bfbe6ee9dbf
6faf004abae72c73552d27043e1dee276e2a3fe1f895b5d664bdd8837ef6928b
7608d3bea58991c0eeefb46b4b1bf49f3392bb11e95514d73540dba980a98ca3
7742176d36a9ea889f4db0a843e62f522ba690a8d514e91dd5aa09eccf7340ce
784f8c90c53913634e7eafea055b58d8c2eb36cc321bd78f5d45087df9aef5b2
787301591190f8c21f818c212ad4937bb427dfc3172aae54966a34577ca5cbac
7f3a42e840e5f19de6c884091e098b4f7bbd8a7a4393e4b2898f176d9ffbcfcc
7f675fb37400f775564e140c1d0a4b7f4cffb302b5eccf06bed35f895d16fc58
823d0eb0480d805592859cc99edd37931b91c3ab371d67cb1b8889672df30eaf
973e18dabfea713b649e725af4cec8c49087fb4b9a8a8f7e53f119efcb3110cf
c5588b782ff216c3594ddbb975c4f4cacfe6b436d0701972a6bb56dcc73eb8c7
cf7a79cd54bdab6bc6ff70c36eb0c5807b65cc9d5bb0f2b2d87b4034d4e70e3d
d554bc666a0a220d97a4c0e374a664a5043fc3da1717b547124db369a97f5812
e22419e8154be2a34a950dbb4c4c448413751c53ef02f00c6c56af28aa2c4964
ff2ef4585cd81a9ae2272ae77472c0a259f140c59928bad35e78c177c6ced01b