mocoreappdev.b2clogin.com
Open in
urlscan Pro
20.190.154.17
Public Scan
Effective URL: https://mocoreappdev.b2clogin.com/mocoreappdev.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1a_sheffield_susi&client_id=925c6c32-fa...
Submission: On January 10 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on November 16th 2021. Valid for: a year.
This is the only time mocoreappdev.b2clogin.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2600:9000:21f... 2600:9000:21f3:6c00:18:5710:1dc0:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 20.190.154.17 20.190.154.17 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
12 | 2600:9000:20e... 2600:9000:20eb:be00:d:e766:bc40:21 | 16509 (AMAZON-02) (AMAZON-02) | |
14 | 2 |
ASN16509 (AMAZON-02, US)
client.dev.hazards.sesar.metoffice.cloud |
ASN16509 (AMAZON-02, US)
d3e8mmggxvnu29.cloudfront.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
cloudfront.net
d3e8mmggxvnu29.cloudfront.net |
378 KB |
2 |
b2clogin.com
mocoreappdev.b2clogin.com |
79 KB |
1 |
metoffice.cloud
1 redirects
client.dev.hazards.sesar.metoffice.cloud |
686 B |
14 | 3 |
Domain | Requested by | |
---|---|---|
12 | d3e8mmggxvnu29.cloudfront.net |
mocoreappdev.b2clogin.com
d3e8mmggxvnu29.cloudfront.net |
2 | mocoreappdev.b2clogin.com |
mocoreappdev.b2clogin.com
|
1 | client.dev.hazards.sesar.metoffice.cloud | 1 redirects |
14 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
graph.windows.net DigiCert SHA2 Secure Server CA |
2021-11-16 - 2022-11-16 |
a year | crt.sh |
*.cloudfront.net Amazon |
2021-03-19 - 2022-03-17 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://mocoreappdev.b2clogin.com/mocoreappdev.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1a_sheffield_susi&client_id=925c6c32-faaf-4f70-adc1-5ec11be0d3c3&response_type=code&response_mode=query&scope=openid%20offline_access&redirect_uri=https%3A%2F%2Fclient.dev.hazards.sesar.metoffice.cloud%2F_callback&nonce=164179559207300&state=%2F
Frame ID: 5280CB7BB98279053644803E6BDC35F3
Requests: 14 HTTP requests in this frame
Screenshot
Page Title
Log in - Met Office ServicesPage URL History Show full URLs
-
https://client.dev.hazards.sesar.metoffice.cloud/
HTTP 302
https://mocoreappdev.b2clogin.com/mocoreappdev.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1a_sheffield_susi&c... Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://client.dev.hazards.sesar.metoffice.cloud/
HTTP 302
https://mocoreappdev.b2clogin.com/mocoreappdev.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1a_sheffield_susi&client_id=925c6c32-faaf-4f70-adc1-5ec11be0d3c3&response_type=code&response_mode=query&scope=openid%20offline_access&redirect_uri=https%3A%2F%2Fclient.dev.hazards.sesar.metoffice.cloud%2F_callback&nonce=164179559207300&state=%2F Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
14 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
authorize
mocoreappdev.b2clogin.com/mocoreappdev.onmicrosoft.com/oauth2/v2.0/ Redirect Chain
|
206 KB 79 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
unified-sign-up-and-in.html
d3e8mmggxvnu29.cloudfront.net/common/ |
2 KB 1 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
shared-functions.js
d3e8mmggxvnu29.cloudfront.net/common/js/ |
2 KB 1 KB |
XHR
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mo-logo.png
d3e8mmggxvnu29.cloudfront.net/common/img/ |
5 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
default-common.min.css
d3e8mmggxvnu29.cloudfront.net/default/css/ |
15 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
default-unified-susi.min.css
d3e8mmggxvnu29.cloudfront.net/default/css/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles.css
d3e8mmggxvnu29.cloudfront.net/common/css/ |
8 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login.js
d3e8mmggxvnu29.cloudfront.net/common/js/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
scripts.js
d3e8mmggxvnu29.cloudfront.net/common/js/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mo-logo.png
d3e8mmggxvnu29.cloudfront.net/common/img/ |
5 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
show-form.js
d3e8mmggxvnu29.cloudfront.net/common/js/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
perftrace
mocoreappdev.b2clogin.com/mocoreappdev.onmicrosoft.com/B2C_1A_sheffield_susi/client/ |
0 447 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
met_office_background_image.jpg
d3e8mmggxvnu29.cloudfront.net/common/img/ |
285 KB 285 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
FSEmericWeb-Regular.woff
d3e8mmggxvnu29.cloudfront.net/common/fonts/ |
74 KB 61 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
50 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onsecuritypolicyviolation object| onslotchange object| CP object| SA_FIELDS object| CONTENT object| SETTINGS string| staticHost string| targetSlice string| targetDc number| initializationTimeout boolean| diagsAlways number| maxTrace function| PageLoadTime function| _isFunction function| _mapObject function| _getPerformanceObjectData function| $trace object| $diags object| $santizer object| preloadCssLink function| checkCssPreloaded function| preloadJavaScript object| $cors function| applyTenantBranding function| sendPageLoadTime object| $i2e object| $predicateValidation object| $element function| $ function| jQuery boolean| pageReady object| Handlebars boolean| contentReady function| setPwShowHideButtons function| setCopyrightYear function| showForm function| parseUriParams function| checkTokenIssuer function| decodeToken function| setForgottenPasswordLink function| setCreateNewAccountText function| setLogonLinkText function| loginAsMetOfficeStaff function| hideLocalAccountLogInElements function| showLocalAccountLogInElements function| addCollectEmailLink function| isMetOfficeDomain function| addFederatedSignInLogic function| afterPageLoaded function| waitForPageToFinishLoading3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.mocoreappdev.b2clogin.com/ | Name: x-ms-cpim-csrf Value: dCtaaGRGRHB2a01hY28wMTlySTFpalNPUGx0TkJackI4bm5KZkF1TmZaUkVwT2VGUERlZEZGNFRhM1llam9qeng4RW52YXhtT1RRMHAxTW1tcWZ0WEE9PTsyMDIyLTAxLTEwVDA2OjE5OjU1LjAwMjYzNzdaO2FJWWFqRjNVclBZNlFVZFlQK1VoUEE9PTt7Ik9yY2hlc3RyYXRpb25TdGVwIjozfQ== |
|
.mocoreappdev.b2clogin.com/ | Name: x-ms-cpim-cache|l9obthle1uoyi6z-ec6jug_0 Value: m1.nREhULbVDuDOIW7g.vkv4QFElkoFvHA1Vf6ktZA==.0.SZyytLmCBf8iFPVE8WYZDfhUMiQDVnNaw7NFdEsgkrgGFoD92GckGp2lhPEKYxRavzhqIIjnnGszOi7pn7nuMtibNeVWej3stQJpUquniKmyd0RdZ53Yy17l1A4NPdrJMLJaIXdpWSB0EJci5X+GqNMc7/lrFQN15p5ToOzsPvYI/oU1OjmsqltkXya6ztz9/V4yh8OIura8J1ZR0/fRdjDnffK8QO1T7MuGgxOIGYkz9w+RqoLkn8PA8x4rbKIfdbPGF1qLKtYGtf8zaeKOa0tT0eH7FgpabBNDn4Q4zEkdeiNqdzGQW0FK5qSstpruEVnJuAGWMwR2KyrkEhyA8i7V37uYf8wrdvaSabmdyTO/2uZtzG6EgWG4ynx7qKcEO1v01M5EnIkriNy7+6G9w+fHl4h0d2opQ35ZmO2I9wks9AdcJFesLHLFBB7gdjw6VoXy0zHmIyfIlLis+/k7b6LDMW3tvPc5eKT0OTuqt+WekeOXUYqhtfKXXmmNruUncMZZycwL9xnFtqTLJsttnH8iPejtZjubwY21XpfqpIXSY6NjYgBQ2SCkmn365wi5swFgyJOTHpfhxwjiTzSLLifW40fE5JT2ssXcwIWFCAeS7ZmvgfPy9IWiJtVr/sbalf1PWjyjXPyzSEXMbZI9 |
|
.mocoreappdev.b2clogin.com/ | Name: x-ms-cpim-trans Value: eyJUX0RJQyI6W3siSSI6IjRjMDFkYTJmLTVlNzktNDNkNS05ODhiLWE2N2UxMDJlYTM1MiIsIlQiOiJtb2NvcmVhcHBkZXYub25taWNyb3NvZnQuY29tIiwiUCI6ImIyY18xYV9zaGVmZmllbGRfc3VzaSIsIkMiOiI5MjVjNmMzMi1mYWFmLTRmNzAtYWRjMS01ZWMxMWJlMGQzYzMiLCJTIjoxLCJNIjp7fSwiRCI6MH1dLCJDX0lEIjoiNGMwMWRhMmYtNWU3OS00M2Q1LTk4OGItYTY3ZTEwMmVhMzUyIn0= |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Frame-Options | DENY |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
client.dev.hazards.sesar.metoffice.cloud
d3e8mmggxvnu29.cloudfront.net
mocoreappdev.b2clogin.com
20.190.154.17
2600:9000:20eb:be00:d:e766:bc40:21
2600:9000:21f3:6c00:18:5710:1dc0:93a1
073bea268424a0061ad3bddf26650a80b02f6a4e489e67074134be803712f5c1
0d8c7d4cb29e0e47384aa167693551072fc47f67cb5d58387b6ec829256f990e
10016fc9f86d623a272759e711249408582034aaf8eafe1ad42a22522b495df9
103a256bd691e38d1ac4022009890b9f9b7ef9524112d334fb57c3e35b9740b4
3e0ec9934847f6588bc92463e27696ac44e14c93e7f29ad50c405cb175d389b8
3e534af253d238472490f2476ab8a89c44b2721f2bd9773a0ced9bcf476572aa
4487383c1af468f3cfee05b6351ee733c3be80995aedc2f61ce784251968d99e
4cd3be249a2fa9ff56f3b35af1bf8ee12946b5327d0dbf778262172293557662
809de49b13cb57400dfadd5d7a4a86be3bceedd4e581cd835702eb9463773509
85fd2cefc729d87c9007ed1296e685ce89f70b6e9864c8a6e432c4e23a98d5e8
a3d3e86867c607e6e20ab9dd2b4723d029b7f7f4d045ac0582d4dcaebfdf1d4f
e261e68f1d43c613c36a04ffbcb8dfe7994b55b02a56ade83d72edad620fb06f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855