auth.benefitsapi.com
Open in
urlscan Pro
2600:9000:20e8:e600:1c:8e73:f140:93a1
Public Scan
Effective URL: https://auth.benefitsapi.com/login?state=g6Fo2SBXcHZHbVV2bnlTUjhtdlp0QW56eXdMaF9fZjJQYnl5S6N0aWTZIEhiaTZ5N0hnZWZyZXZDVHVzQzBC...
Submission: On September 18 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by Amazon on April 28th 2020. Valid for: a year.
This is the only time auth.benefitsapi.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 143.204.201.82 143.204.201.82 | 16509 (AMAZON-02) (AMAZON-02) | |
4 | 143.204.103.120 143.204.103.120 | 16509 (AMAZON-02) (AMAZON-02) | |
1 4 | 2600:9000:20e... 2600:9000:20e8:e600:1c:8e73:f140:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 52.217.97.126 52.217.97.126 | 16509 (AMAZON-02) (AMAZON-02) | |
9 | 5 |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-201-82.fra53.r.cloudfront.net
ssoverify.benefitsapi.com |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-103-120.fra50.r.cloudfront.net
cdn.auth0.com |
ASN16509 (AMAZON-02, US)
auth.benefitsapi.com |
ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
benefitsapi.com
1 redirects
ssoverify.benefitsapi.com auth.benefitsapi.com |
7 KB |
4 |
auth0.com
cdn.auth0.com |
257 KB |
1 |
amazonaws.com
s3.amazonaws.com |
12 KB |
9 | 3 |
Domain | Requested by | |
---|---|---|
4 | auth.benefitsapi.com |
1 redirects
cdn.auth0.com
|
4 | cdn.auth0.com |
ssoverify.benefitsapi.com
auth.benefitsapi.com cdn.auth0.com |
1 | s3.amazonaws.com |
auth.benefitsapi.com
|
1 | ssoverify.benefitsapi.com | |
9 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
ssoverify.benefitsapi.com Amazon |
2020-09-18 - 2021-10-18 |
a year | crt.sh |
*.auth0.com Amazon |
2020-05-23 - 2021-06-23 |
a year | crt.sh |
auth.benefitsapi.com Amazon |
2020-04-28 - 2021-05-28 |
a year | crt.sh |
s3.amazonaws.com DigiCert Baltimore CA-2 G2 |
2020-08-04 - 2021-08-09 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://auth.benefitsapi.com/login?state=g6Fo2SBXcHZHbVV2bnlTUjhtdlp0QW56eXdMaF9fZjJQYnl5S6N0aWTZIEhiaTZ5N0hnZWZyZXZDVHVzQzBCdEhGcENtdVhMR2Rvo2NpZNkgQmtMMkc0Vk1jbkgzalBFalBCNEM2ZEpOWDJMVUdvRmU&client=BkL2G4VMcnH3jPEjPB4C6dJNX2LUGoFe&protocol=oauth2&scope=openid%20profile%20email&response_type=code&response_mode=query&nonce=ekVmQ2dHY0hJYjI3WmJ2MVJsYnk1dzVKM3FUa1QuTUUubjNpTkRMNGZXMA%3D%3D&redirect_uri=https%3A%2F%2Fssoverify.benefitsapi.com&code_challenge=rLaqCf0CYdeRip0PZG4MyTQe7QWEYQLCrC-JdOdwY0Y&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuOS4wIn0%3D
Frame ID: CDC0C3B11A2DB52DC268D16646946A89
Requests: 10 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://ssoverify.benefitsapi.com/ Page URL
-
https://auth.benefitsapi.com/authorize?client_id=BkL2G4VMcnH3jPEjPB4C6dJNX2LUGoFe&scope=openid%20profile%...
HTTP 302
https://auth.benefitsapi.com/login?state=g6Fo2SBXcHZHbVV2bnlTUjhtdlp0QW56eXdMaF9fZjJQYnl5S6N0aWTZIEhiaTZ5... Page URL
Detected technologies
Amazon Web Services (PaaS) ExpandDetected patterns
- headers via /\(CloudFront\)$/i
- headers server /^AmazonS3$/i
Amazon Cloudfront (CDN) Expand
Detected patterns
- headers via /\(CloudFront\)$/i
Amazon S3 (Miscellaneous) Expand
Detected patterns
- headers server /^AmazonS3$/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://ssoverify.benefitsapi.com/ Page URL
-
https://auth.benefitsapi.com/authorize?client_id=BkL2G4VMcnH3jPEjPB4C6dJNX2LUGoFe&scope=openid%20profile%20email&response_type=code&response_mode=query&state=VGN5a2lXSE5QUnNaaDgweDB1azFIRDFheWdOam0tYmU4MURSakd2RVhWMg%3D%3D&nonce=ekVmQ2dHY0hJYjI3WmJ2MVJsYnk1dzVKM3FUa1QuTUUubjNpTkRMNGZXMA%3D%3D&redirect_uri=https%3A%2F%2Fssoverify.benefitsapi.com&code_challenge=rLaqCf0CYdeRip0PZG4MyTQe7QWEYQLCrC-JdOdwY0Y&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuOS4wIn0%3D
HTTP 302
https://auth.benefitsapi.com/login?state=g6Fo2SBXcHZHbVV2bnlTUjhtdlp0QW56eXdMaF9fZjJQYnl5S6N0aWTZIEhiaTZ5N0hnZWZyZXZDVHVzQzBCdEhGcENtdVhMR2Rvo2NpZNkgQmtMMkc0Vk1jbkgzalBFalBCNEM2ZEpOWDJMVUdvRmU&client=BkL2G4VMcnH3jPEjPB4C6dJNX2LUGoFe&protocol=oauth2&scope=openid%20profile%20email&response_type=code&response_mode=query&nonce=ekVmQ2dHY0hJYjI3WmJ2MVJsYnk1dzVKM3FUa1QuTUUubjNpTkRMNGZXMA%3D%3D&redirect_uri=https%3A%2F%2Fssoverify.benefitsapi.com&code_challenge=rLaqCf0CYdeRip0PZG4MyTQe7QWEYQLCrC-JdOdwY0Y&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuOS4wIn0%3D Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
9 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
ssoverify.benefitsapi.com/ |
1 KB 928 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
auth0-spa-js.production.js
cdn.auth0.com/js/auth0-spa-js/1.9/ |
67 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
login
auth.benefitsapi.com/ Redirect Chain
|
5 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lock.min.js
cdn.auth0.com/js/lock/11.25/ |
816 KB 230 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Benepass_Icon.png
s3.amazonaws.com/assets.benefitsapi.com/ |
12 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en.js
cdn.auth0.com/js/lock/11.25.1/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BkL2G4VMcnH3jPEjPB4C6dJNX2LUGoFe.js
cdn.auth0.com/client/ |
545 B 848 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
challenge
auth.benefitsapi.com/usernamepassword/ |
18 B 678 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ssodata
auth.benefitsapi.com/user/ |
0 452 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
12 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| trustedTypes object| Auth0 function| Auth0Lock function| Auth0LockPasswordless object| config undefined| connection object| languageDictionary undefined| language undefined| loginHint object| computedConnections object| lockConfig object| lock4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
auth.benefitsapi.com/ | Name: did_compat Value: s%3Av0%3A94cdac50-f9e7-11ea-bc39-7767ec086d76.ZhMFJw4WbjcuVjLQKG%2FKi2XRSWGl%2FrJcP%2BEWBndAQgc |
|
auth.benefitsapi.com/ | Name: auth0 Value: s%3A3-lBeUig3m4B4V8jBo-14PL6piI3CwrD.Tj%2FUTssyMRd1qo2ppgA%2B3aiFdaSH%2BX8D2J8sJx2s4Kc |
|
auth.benefitsapi.com/ | Name: auth0_compat Value: s%3A3-lBeUig3m4B4V8jBo-14PL6piI3CwrD.Tj%2FUTssyMRd1qo2ppgA%2B3aiFdaSH%2BX8D2J8sJx2s4Kc |
|
auth.benefitsapi.com/ | Name: did Value: s%3Av0%3A94cdac50-f9e7-11ea-bc39-7767ec086d76.ZhMFJw4WbjcuVjLQKG%2FKi2XRSWGl%2FrJcP%2BEWBndAQgc |
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
auth.benefitsapi.com
cdn.auth0.com
s3.amazonaws.com
ssoverify.benefitsapi.com
143.204.103.120
143.204.201.82
2600:9000:20e8:e600:1c:8e73:f140:93a1
52.217.97.126
0c66c855006ab2ae4f702be94152ccc855d729ee985a3676d7e046763430e431
0d8b8088d517f4fd5001f185e286b45adf7acdbd21555a42041b19626f44cc71
59e1c18cd7ca3e3916ba39e079b6fae86cb1384d1d13764518d9a909d27568c1
70212eacf2b641df77cb7f0b97262908d1f8abde30a8b77b1a7cd8ef7031ab7a
78f991561757f77208f4502582e9217ce716e6d6504ef8dd1386157636b4718f
8376431f05ed0574aa914db9f36153ed5837a067d6d3450847c49d89b37ad1bf
a3443786566c1e1c8252d56da98f7a9e7dce5f5b5c4fae46e83edce31e7c1740
c5e029f746677f3b05e442b576b8bca66192b43c4dbcb85e8fc920e5c8a31045
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f4ba2d5c93954539b53cefde572b3ccc88fd6612120444c0e8df93781854b3b9