idp.mediusgo.com Open in urlscan Pro
13.107.246.45 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://55043.ascendo.se/
Effective URL:
https://idp.mediusgo.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dinvoice%26response_type%...
Submission: On August 11 via manual (August 11th 2023, 5:48:33 am UTC) from HU — Scanned from SE

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 9 HTTP transactions. The main IP is 13.107.246.45, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is idp.mediusgo.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on December 15th 2022. Valid for: a year.

This is the only time idp.mediusgo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	13.107.213.45 13.107.213.45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 9	13.107.246.45 13.107.246.45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
9	2

2 13.107.213.45 (United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

55043.ascendo.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 13.107.246.45 (United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

idp.mediusgo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	mediusgo.com 1 redirects idp.mediusgo.com	170 KB
2	ascendo.se 1 redirects 55043.ascendo.se	2 KB
9	2

	Domain	Requested by
9	idp.mediusgo.com	1 redirects 55043.ascendo.se idp.mediusgo.com
2	55043.ascendo.se	1 redirects
9	2

This site contains no links.

Subject Issuer	Validity	Valid
*.ascendo.se Sectigo RSA Domain Validation Secure Server CA	`2022-12-15` - `2023-12-15`	a year	crt.sh
*.mediusgo.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-15` - `2023-12-15`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://idp.mediusgo.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dinvoice%26response_type%3Dcode%2520id_token%26scope%3Dopenid%2520profile%2520email%2520invoice_profile%26state%3DOpenIdConnect.AuthenticationProperties%253DIcocOtHajE93Y9Cn3-NZ5DhzsSYRykDz7Xs0R02YzkdBwrIN-VfTL-fx1G8K0f4IXZhYuuH9Usu6XkJ8OxaveMwtssrTtQxH3f8dknH8yp9EPh6CV3s9KxU0hLa8OhnHTDey8UDpj5XoeeaCwBVHHA%26response_mode%3Dform_post%26nonce%3D638273297094787015.NjIzNjJkMzMtYWU0Yi00Mjg3LWI4NDUtZmNlMTQzOGRjMzBiYWEzOWMxNGItZmNmOC00NDBkLTliOWMtYjM4MGI4Yzg1ODg1%26redirect_uri%3Dhttps%253A%252F%252F55043.ascendo.se%252Fsignin-oidc%26acr_values%3Dtenant%253A55043%26x-client-SKU%3DID_NET461%26x-client-ver%3D6.8.0.0
Frame ID: B9142F57D9A2EDE5DE1F4B00D284C31F
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Logga in

Page URL History Show full URLs

https://55043.ascendo.se/ Page URL
https://55043.ascendo.se/login.aspx HTTP 302
https://idp.mediusgo.com/connect/authorize?client_id=invoice&response_type=code%20id_token&scope=open... HTTP 302
https://idp.mediusgo.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dinvo... Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

9
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

170 kB
Transfer

334 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://55043.ascendo.se/ Page URL
https://55043.ascendo.se/login.aspx HTTP 302
https://idp.mediusgo.com/connect/authorize?client_id=invoice&response_type=code%20id_token&scope=openid%20profile%20email%20invoice_profile&state=OpenIdConnect.AuthenticationProperties%3DIcocOtHajE93Y9Cn3-NZ5DhzsSYRykDz7Xs0R02YzkdBwrIN-VfTL-fx1G8K0f4IXZhYuuH9Usu6XkJ8OxaveMwtssrTtQxH3f8dknH8yp9EPh6CV3s9KxU0hLa8OhnHTDey8UDpj5XoeeaCwBVHHA&response_mode=form_post&nonce=638273297094787015.NjIzNjJkMzMtYWU0Yi00Mjg3LWI4NDUtZmNlMTQzOGRjMzBiYWEzOWMxNGItZmNmOC00NDBkLTliOWMtYjM4MGI4Yzg1ODg1&redirect_uri=https%3A%2F%2F55043.ascendo.se%2Fsignin-oidc&acr_values=tenant%3A55043&x-client-SKU=ID_NET461&x-client-ver=6.8.0.0 HTTP 302
https://idp.mediusgo.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dinvoice%26response_type%3Dcode%2520id_token%26scope%3Dopenid%2520profile%2520email%2520invoice_profile%26state%3DOpenIdConnect.AuthenticationProperties%253DIcocOtHajE93Y9Cn3-NZ5DhzsSYRykDz7Xs0R02YzkdBwrIN-VfTL-fx1G8K0f4IXZhYuuH9Usu6XkJ8OxaveMwtssrTtQxH3f8dknH8yp9EPh6CV3s9KxU0hLa8OhnHTDey8UDpj5XoeeaCwBVHHA%26response_mode%3Dform_post%26nonce%3D638273297094787015.NjIzNjJkMzMtYWU0Yi00Mjg3LWI4NDUtZmNlMTQzOGRjMzBiYWEzOWMxNGItZmNmOC00NDBkLTliOWMtYjM4MGI4Yzg1ODg1%26redirect_uri%3Dhttps%253A%252F%252F55043.ascendo.se%252Fsignin-oidc%26acr_values%3Dtenant%253A55043%26x-client-SKU%3DID_NET461%26x-client-ver%3D6.8.0.0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 /
55043.ascendo.se/ 1 KB
1 KB 311ms
59ms Document
text/html 13.107.213.45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://55043.ascendo.se/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.213.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 815
content-type: text/html
date: Fri, 11 Aug 2023 05:48:28 GMT
etag: "05f9b3599b0d91:0"
last-modified: Fri, 07 Jul 2023 06:06:46 GMT
vary: Accept-Encoding
x-azure-ref: 0rcvVZAAAAADaGJOSgm8IS50631RI+zLoU1RPRURHRTEzMTIANTFkMGFkZDItNTE4Zi00MmVjLTg2ZDUtNTc2NmU3MjYwYWY3
x-cache: CONFIG_NOCACHE
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge

GET
H2

200

Primary Request Login Show response
idp.mediusgo.com/Account/
Redirect Chain

https://55043.ascendo.se/login.aspx
https://idp.mediusgo.com/connect/authorize?client_id=invoice&response_type=code%20id_token&scope=openid%20profile%20email%20invoice_profile&state=OpenIdConnect.AuthenticationProperties%3DIcocOtHajE...
https://idp.mediusgo.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dinvoice%26response_type%3Dcode%2520id_token%26scope%3Dopenid%2520profile%2520email%2520invoice_profi...

8 KB
5 KB

56ms
55ms

Document
text/html

13.107.246.45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://idp.mediusgo.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dinvoice%26response_type%3Dcode%2520id_token%26scope%3Dopenid%2520profile%2520email%2520invoice_profile%26state%3DOpenIdConnect.AuthenticationProperties%253DIcocOtHajE93Y9Cn3-NZ5DhzsSYRykDz7Xs0R02YzkdBwrIN-VfTL-fx1G8K0f4IXZhYuuH9Usu6XkJ8OxaveMwtssrTtQxH3f8dknH8yp9EPh6CV3s9KxU0hLa8OhnHTDey8UDpj5XoeeaCwBVHHA%26response_mode%3Dform_post%26nonce%3D638273297094787015.NjIzNjJkMzMtYWU0Yi00Mjg3LWI4NDUtZmNlMTQzOGRjMzBiYWEzOWMxNGItZmNmOC00NDBkLTliOWMtYjM4MGI4Yzg1ODg1%26redirect_uri%3Dhttps%253A%252F%252F55043.ascendo.se%252Fsignin-oidc%26acr_values%3Dtenant%253A55043%26x-client-SKU%3DID_NET461%26x-client-ver%3D6.8.0.0

Requested by

Host: 55043.ascendo.se
URL: https://55043.ascendo.se/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.246.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

b41001c6d14d4d9b0b19cd22edc6a494fe93c9b8334acad19dffd2587367be74

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self'; default-src 'self'; form-action 'self'; object-src 'none'; block-all-mixed-content; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://55043.ascendo.se/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

cache-control: no-cache, no-store
content-encoding: gzip
content-security-policy: base-uri 'self'; default-src 'self'; form-action 'self'; object-src 'none'; block-all-mixed-content; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; upgrade-insecure-requests
content-type: text/html; charset=utf-8
date: Fri, 11 Aug 2023 05:48:29 GMT
permissions-policy: accelerometer=(), autoplay=(), camera=(), encrypted-media=(), fullscreen=*, geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), sync-xhr=self, usb=()
pragma: no-cache
referrer-policy: no-referrer
request-context: appId=cid-v1:b0520a4f-565a-47fb-bb94-ecc76f95a24c
strict-transport-security: max-age=2592000
vary: Accept-Encoding
x-azure-ref: 0rcvVZAAAAABKNDbjwuSISJFSVZ8Wl+3NU1RPRURHRTE5MTcANTFkMGFkZDItNTE4Zi00MmVjLTg2ZDUtNTc2NmU3MjYwYWY3
x-cache: CONFIG_NOCACHE
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: ASP.NET

Redirect headers

content-length: 0
date: Fri, 11 Aug 2023 05:48:29 GMT
location: https://idp.mediusgo.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dinvoice%26response_type%3Dcode%2520id_token%26scope%3Dopenid%2520profile%2520email%2520invoice_profile%26state%3DOpenIdConnect.AuthenticationProperties%253DIcocOtHajE93Y9Cn3-NZ5DhzsSYRykDz7Xs0R02YzkdBwrIN-VfTL-fx1G8K0f4IXZhYuuH9Usu6XkJ8OxaveMwtssrTtQxH3f8dknH8yp9EPh6CV3s9KxU0hLa8OhnHTDey8UDpj5XoeeaCwBVHHA%26response_mode%3Dform_post%26nonce%3D638273297094787015.NjIzNjJkMzMtYWU0Yi00Mjg3LWI4NDUtZmNlMTQzOGRjMzBiYWEzOWMxNGItZmNmOC00NDBkLTliOWMtYjM4MGI4Yzg1ODg1%26redirect_uri%3Dhttps%253A%252F%252F55043.ascendo.se%252Fsignin-oidc%26acr_values%3Dtenant%253A55043%26x-client-SKU%3DID_NET461%26x-client-ver%3D6.8.0.0
request-context: appId=cid-v1:b0520a4f-565a-47fb-bb94-ecc76f95a24c
strict-transport-security: max-age=2592000
x-azure-ref: 0rcvVZAAAAAAf324umnLHTJ3vYMEhpNPaU1RPRURHRTE5MTcANTFkMGFkZDItNTE4Zi00MmVjLTg2ZDUtNTc2NmU3MjYwYWY3
x-cache: CONFIG_NOCACHE
x-powered-by: ASP.NET

GET
H2 200 site.min.css
idp.mediusgo.com/css/ 3 KB
2 KB 57ms
56ms Stylesheet
text/css 13.107.246.45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://idp.mediusgo.com/css/site.min.css?v=_GK-r5s4LYNYwEL8Q-yllw7g13ArHZEmGFoc91tK0Cg

Requested by

Host: idp.mediusgo.com
URL: https://idp.mediusgo.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dinvoice%26response_type%3Dcode%2520id_token%26scope%3Dopenid%2520profile%2520email%2520invoice_profile%26state%3DOpenIdConnect.AuthenticationProperties%253DIcocOtHajE93Y9Cn3-NZ5DhzsSYRykDz7Xs0R02YzkdBwrIN-VfTL-fx1G8K0f4IXZhYuuH9Usu6XkJ8OxaveMwtssrTtQxH3f8dknH8yp9EPh6CV3s9KxU0hLa8OhnHTDey8UDpj5XoeeaCwBVHHA%26response_mode%3Dform_post%26nonce%3D638273297094787015.NjIzNjJkMzMtYWU0Yi00Mjg3LWI4NDUtZmNlMTQzOGRjMzBiYWEzOWMxNGItZmNmOC00NDBkLTliOWMtYjM4MGI4Yzg1ODg1%26redirect_uri%3Dhttps%253A%252F%252F55043.ascendo.se%252Fsignin-oidc%26acr_values%3Dtenant%253A55043%26x-client-SKU%3DID_NET461%26x-client-ver%3D6.8.0.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.246.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

fc62beaf9b382d8358c042fc43eca5970ee0d7702b1d9126185a1cf75b4ad028

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
content-encoding: gzip
date: Fri, 11 Aug 2023 05:48:29 GMT
last-modified: Tue, 25 Apr 2023 17:09:32 GMT
etag: "1d97798b3d5a2be"
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: text/css
x-azure-ref: 0rcvVZAAAAABPcaxn6CwqQa6kCjDf3KlMU1RPRURHRTE5MTcANTFkMGFkZDItNTE4Zi00MmVjLTg2ZDUtNTc2NmU3MjYwYWY3
accept-ranges: bytes
request-context: appId=cid-v1:b0520a4f-565a-47fb-bb94-ecc76f95a24c

GET
H2 200 logo.png
idp.mediusgo.com/img/ 21 KB
21 KB 131ms
130ms Image
image/png 13.107.246.45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://idp.mediusgo.com/img/logo.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.246.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

14a7d5be197a992748816bae68c76c3c7b0fea282648ed5d1241ff0bcd0c94d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
date: Fri, 11 Aug 2023 05:48:29 GMT
last-modified: Tue, 25 Apr 2023 17:06:56 GMT
etag: "1d9779856d9abfd"
x-powered-by: ASP.NET
x-azure-ref: 0rcvVZAAAAACpn7x3nk/KSYONrpbtqD1bU1RPRURHRTE5MTcANTFkMGFkZDItNTE4Zi00MmVjLTg2ZDUtNTc2NmU3MjYwYWY3
x-cache: CONFIG_NOCACHE
content-type: image/png
accept-ranges: bytes
content-length: 21501
request-context: appId=cid-v1:b0520a4f-565a-47fb-bb94-ecc76f95a24c

GET
H2 200 jquery.slim.js Show response
idp.mediusgo.com/libs/jquery/ 235 KB
92 KB 125ms
124ms Script
text/javascript 13.107.246.45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://idp.mediusgo.com/libs/jquery/jquery.slim.js?v=DKU1CmJ8kBuEwumaLuh9Tl_6ZB6jzGOBV_5YpNE2BWc

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.246.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

0ca5350a627c901b84c2e99a2ee87d4e5ffa641ea3cc638157fe58a4d1360567

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
content-encoding: gzip
date: Fri, 11 Aug 2023 05:48:29 GMT
last-modified: Tue, 25 Apr 2023 17:09:30 GMT
etag: "1d97798b2a72bf4"
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: text/javascript
x-azure-ref: 0rcvVZAAAAABAEH/quwxiSo2QeDtfLeGeU1RPRURHRTE5MTcANTFkMGFkZDItNTE4Zi00MmVjLTg2ZDUtNTc2NmU3MjYwYWY3
accept-ranges: bytes
request-context: appId=cid-v1:b0520a4f-565a-47fb-bb94-ecc76f95a24c

GET
H2 200 jquery.validate.min.js Show response
idp.mediusgo.com/libs/jquery-validate/ 24 KB
10 KB 126ms
125ms Script
text/javascript 13.107.246.45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://idp.mediusgo.com/libs/jquery-validate/jquery.validate.min.js?v=JwUksNJ6_R07ZiLRoXbGeNrtlFZMFDKX4hemPiHOmCA

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.246.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

270524b0d27afd1d3b6622d1a176c678daed94564c143297e217a63e21ce9820

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
content-encoding: gzip
date: Fri, 11 Aug 2023 05:48:29 GMT
last-modified: Tue, 25 Apr 2023 17:09:30 GMT
etag: "1d97798b2a4e119"
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: text/javascript
x-azure-ref: 0rcvVZAAAAACa3K2iQxCoR4/h3kovzCs0U1RPRURHRTE5MTcANTFkMGFkZDItNTE4Zi00MmVjLTg2ZDUtNTc2NmU3MjYwYWY3
accept-ranges: bytes
request-context: appId=cid-v1:b0520a4f-565a-47fb-bb94-ecc76f95a24c

GET
H2 200 jquery.validate.unobtrusive.min.js Show response
idp.mediusgo.com/libs/jquery-validation-unobtrusive/ 6 KB
3 KB 155ms
154ms Script
text/javascript 13.107.246.45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://idp.mediusgo.com/libs/jquery-validation-unobtrusive/jquery.validate.unobtrusive.min.js?v=RFWFWIIPsjB4DucR4jqwxTWw13ZmtI-s6tVR2LJmZXk

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.246.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

44558558820fb230780ee711e23ab0c535b0d77666b48facead551d8b2666579

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
content-encoding: gzip
date: Fri, 11 Aug 2023 05:48:29 GMT
last-modified: Tue, 25 Apr 2023 17:09:30 GMT
etag: "1d97798b2a497c7"
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: text/javascript
x-azure-ref: 0rcvVZAAAAACk2Hvf99d4RLiVw1slTsjPU1RPRURHRTE5MTcANTFkMGFkZDItNTE4Zi00MmVjLTg2ZDUtNTc2NmU3MjYwYWY3
accept-ranges: bytes
request-context: appId=cid-v1:b0520a4f-565a-47fb-bb94-ecc76f95a24c

GET
H2 200 inter-v3-latin-500.woff2
idp.mediusgo.com/fonts/ 18 KB
18 KB 86ms
86ms Font
font/woff2 13.107.246.45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://idp.mediusgo.com/fonts/inter-v3-latin-500.woff2

Requested by

Host: idp.mediusgo.com
URL: https://idp.mediusgo.com/css/site.min.css?v=_GK-r5s4LYNYwEL8Q-yllw7g13ArHZEmGFoc91tK0Cg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.246.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

73f41ad718ee0f9f8e9af244dabe4f9b947efe7748d1c05aac7db2c267de226e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://idp.mediusgo.com/css/site.min.css?v=_GK-r5s4LYNYwEL8Q-yllw7g13ArHZEmGFoc91tK0Cg
Origin: https://idp.mediusgo.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
date: Fri, 11 Aug 2023 05:48:29 GMT
last-modified: Tue, 25 Apr 2023 17:06:56 GMT
etag: "1d9779856d9be4c"
x-powered-by: ASP.NET
x-azure-ref: 0rsvVZAAAAADKguAIQb5KR64t26xHMIUMU1RPRURHRTE5MTcANTFkMGFkZDItNTE4Zi00MmVjLTg2ZDUtNTc2NmU3MjYwYWY3
x-cache: CONFIG_NOCACHE
content-type: font/woff2
accept-ranges: bytes
content-length: 17996
request-context: appId=cid-v1:b0520a4f-565a-47fb-bb94-ecc76f95a24c

GET
H2 200 inter-v3-latin-600.woff2
idp.mediusgo.com/fonts/ 18 KB
18 KB 79ms
78ms Font
font/woff2 13.107.246.45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://idp.mediusgo.com/fonts/inter-v3-latin-600.woff2

Requested by

Host: idp.mediusgo.com
URL: https://idp.mediusgo.com/css/site.min.css?v=_GK-r5s4LYNYwEL8Q-yllw7g13ArHZEmGFoc91tK0Cg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.246.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

87d718a282da60f8ef79c2c85e2999bd0fe7a6ef3fc77ccb3ad8a5ff8474b1ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://idp.mediusgo.com/css/site.min.css?v=_GK-r5s4LYNYwEL8Q-yllw7g13ArHZEmGFoc91tK0Cg
Origin: https://idp.mediusgo.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
date: Fri, 11 Aug 2023 05:48:29 GMT
last-modified: Tue, 25 Apr 2023 17:06:56 GMT
etag: "1d9779856d9beb0"
x-powered-by: ASP.NET
x-azure-ref: 0rsvVZAAAAAB5ws7B4rxjQ61Yx+GVyuZVU1RPRURHRTE5MTcANTFkMGFkZDItNTE4Zi00MmVjLTg2ZDUtNTc2NmU3MjYwYWY3
x-cache: CONFIG_NOCACHE
content-type: font/woff2
accept-ranges: bytes
content-length: 18096
request-context: appId=cid-v1:b0520a4f-565a-47fb-bb94-ecc76f95a24c

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
55043.ascendo.se/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: g4nue2hpoa4lhplx52mlyjer
55043.ascendo.se/	1970-01-20 13:55:33	Name: OpenIdConnect.nonce.JEcqgWE%2FujTRY4GIX%2FF4O7SEpxShNRqy8jbGv8IdRHs%3D Value: bU1LUVU5dnZPcDIxSFVsRXVHLWRWb1FRUEdJdXFsc1RCaHdaYnZiM1RCQnpXR29QOEJkOWZGbmNKRXpybzJMOXlvZUVNNXVBSE9ickYyNnN2Mk5FVUtsSmZrb3BwbkJwSnBoZjU0WElIZ0l3NTljbG9yWjYzZzRtTXo5bHlQSm1aZ1lEdndPMDFkSWM3X1o5NWUtRmcwRVJKVVVtRU1aM2VVMG5lUEJEVXk2enhoelZGR0RzVUw3YkxIN0pNLXF1Q1plX3hmeE9iLVpNd1k3NE9MQ0lNRnRyYmVVZ2ZSQVNnbk9fMkRfcnBoVQ%3D%3D
idp.mediusgo.com/	1969-12-31 23:59:59	Name: .AspNetCore.Antiforgery.mPKYhVK_Cyc Value: CfDJ8OKQ3S6A6WBKtyLIf9pl3y29XK7FZVOlZ4HkHnIQ1SSudwrdci36KF5yQNOyAxhN76dS3L23FzaoeJePSO_GMbXUioh50WRF3XbnqY1eUKnjsO2FbgagU30r8-Zfx6Ta4eMUqDGY41GGOHyegRH0M50

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://idp.mediusgo.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dinvoice%26response_type%3Dcode%2520id_token%26scope%3Dopenid%2520profile%2520email%2520invoice_profile%26state%3DOpenIdConnect.AuthenticationProperties%253DIcocOtHajE93Y9Cn3-NZ5DhzsSYRykDz7Xs0R02YzkdBwrIN-VfTL-fx1G8K0f4IXZhYuuH9Usu6XkJ8OxaveMwtssrTtQxH3f8dknH8yp9EPh6CV3s9KxU0hLa8OhnHTDey8UDpj5XoeeaCwBVHHA%26response_mode%3Dform_post%26nonce%3D638273297094787015.NjIzNjJkMzMtYWU0Yi00Mjg3LWI4NDUtZmNlMTQzOGRjMzBiYWEzOWMxNGItZmNmOC00NDBkLTliOWMtYjM4MGI4Yzg1ODg1%26redirect_uri%3Dhttps%253A%252F%252F55043.ascendo.se%252Fsignin-oidc%26acr_values%3Dtenant%253A55043%26x-client-SKU%3DID_NET461%26x-client-ver%3D6.8.0.0 Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	error	URL: https://idp.mediusgo.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dinvoice%26response_type%3Dcode%2520id_token%26scope%3Dopenid%2520profile%2520email%2520invoice_profile%26state%3DOpenIdConnect.AuthenticationProperties%253DIcocOtHajE93Y9Cn3-NZ5DhzsSYRykDz7Xs0R02YzkdBwrIN-VfTL-fx1G8K0f4IXZhYuuH9Usu6XkJ8OxaveMwtssrTtQxH3f8dknH8yp9EPh6CV3s9KxU0hLa8OhnHTDey8UDpj5XoeeaCwBVHHA%26response_mode%3Dform_post%26nonce%3D638273297094787015.NjIzNjJkMzMtYWU0Yi00Mjg3LWI4NDUtZmNlMTQzOGRjMzBiYWEzOWMxNGItZmNmOC00NDBkLTliOWMtYjM4MGI4Yzg1ODg1%26redirect_uri%3Dhttps%253A%252F%252F55043.ascendo.se%252Fsignin-oidc%26acr_values%3Dtenant%253A55043%26x-client-SKU%3DID_NET461%26x-client-ver%3D6.8.0.0(Line 10) Message: Refused to execute inline script because it violates the following Content Security Policy directive: "default-src 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-TZ0WP6JcZ2IRGM/3M3W5NR0DOomVaJ64DxBmNHbK3tQ='), or a nonce ('nonce-...') is required to enable inline execution. Note also that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

55043.ascendo.se
idp.mediusgo.com
13.107.213.45
13.107.246.45
0ca5350a627c901b84c2e99a2ee87d4e5ffa641ea3cc638157fe58a4d1360567
14a7d5be197a992748816bae68c76c3c7b0fea282648ed5d1241ff0bcd0c94d1
270524b0d27afd1d3b6622d1a176c678daed94564c143297e217a63e21ce9820
44558558820fb230780ee711e23ab0c535b0d77666b48facead551d8b2666579
73f41ad718ee0f9f8e9af244dabe4f9b947efe7748d1c05aac7db2c267de226e
87d718a282da60f8ef79c2c85e2999bd0fe7a6ef3fc77ccb3ad8a5ff8474b1ef
b41001c6d14d4d9b0b19cd22edc6a494fe93c9b8334acad19dffd2587367be74
fc62beaf9b382d8358c042fc43eca5970ee0d7702b1d9126185a1cf75b4ad028

idp.mediusgo.com Open in urlscan Pro 13.107.246.45 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

9 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

170 kBTransfer

334 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

3 Cookies

2 Console Messages

Indicators

idp.mediusgo.com Open in urlscan Pro
13.107.246.45 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

170 kB
Transfer

334 kB
Size

3
Cookies

9 HTTP transactions
0 data transactions