adfs.exelaonline.com

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 4 HTTP transactions. The main IP is 216.9.113.220, located in United States and belongs to EXELA-25813, US. The main domain is adfs.exelaonline.com.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on June 9th 2023. Valid for: a year.

This is the only time adfs.exelaonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
4	216.9.113.220 216.9.113.220		25813 (EXELA-25813) (EXELA-25813)
4	1

4 216.9.113.220 (United States)

ASN25813 (EXELA-25813, US)

adfs.exelaonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	exelaonline.com adfs.exelaonline.com	63 KB
4	1

	Domain	Requested by
4	adfs.exelaonline.com	adfs.exelaonline.com
4	1

This site contains no links.

Subject Issuer	Validity	Valid
*.exelaonline.com Sectigo RSA Organization Validation Secure Server CA	`2023-06-09` - `2024-06-08`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://adfs.exelaonline.com/adfs/ls/IdpInitiatedSignon.aspx
Frame ID: 86D8183F4F76DD0C3BD0D05A316F82F6
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Anmelden

Detected technologies

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

\.aspx?(?:$|\?)

Page Statistics

4
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

63 kB
Transfer

60 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request IdpInitiatedSignon.aspx Show response
adfs.exelaonline.com/adfs/ls/ 14 KB
15 KB 3067ms
314ms Document
text/html 216.9.113.220
EXELA-25813

General

Check archive.org

Show headers Download Go to

Full URL

https://adfs.exelaonline.com/adfs/ls/IdpInitiatedSignon.aspx

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

216.9.113.220 , United States, ASN25813 (EXELA-25813, US),

Reverse DNS

Software

/

Resource Hash

f78ef5b08c0b7411dd7a6273d88f5dbd120034802414cb90830f42cb533277f0

Security Headers

Name	Value
Content-Security-Policy	script-src 'self'
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Security-Policy	default-src 'none'; style-src https://adfs.exelaonline.com ; script-src https://adfs.exelaonline.com ; connect-src https://adfs.exelaonline.com; font-src https://adfs.exelaonline.com; img-src https:/adfs.exelaonline.com; child-src https://auth.exelaonline.com
X-Content-Type-Options	nosniff
X-Frame-Options	DENY SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

'self': usermedia https://adfs.exelaonline.com
*: sync-xhr
Cache-Control: private
Content-Length: 14184
Content-Security-Policy: script-src 'self'
Content-Type: text/html; charset=utf-8
Date: Fri, 24 May 2024 09:29:10 GMT
Expires: -1
Permissions-Policy: microphone
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Content-Security-Policy: default-src 'none'; style-src https://adfs.exelaonline.com ; script-src https://adfs.exelaonline.com ; connect-src https://adfs.exelaonline.com; font-src https://adfs.exelaonline.com; img-src https:/adfs.exelaonline.com; child-src https://auth.exelaonline.com
X-Content-Type-Options: nosniff
X-Frame-Options: DENY SAMEORIGIN
X-forwarded-for: 146.70.117.69

GET
H/1.1 200
OK style.css
adfs.exelaonline.com/adfs/portal/css/ 8 KB
9 KB 108ms
108ms Stylesheet
text/css 216.9.113.220
EXELA-25813

General

Check archive.org

Show headers Download Go to

Full URL

https://adfs.exelaonline.com/adfs/portal/css/style.css?id=026E060A473735E13E3B3A737F91A03264E5BE86F772F4B07BB623ED7EA7D37C

Requested by

Host: adfs.exelaonline.com
URL: https://adfs.exelaonline.com/adfs/ls/IdpInitiatedSignon.aspx

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

216.9.113.220 , United States, ASN25813 (EXELA-25813, US),

Reverse DNS

Software

/

Resource Hash

ced6a1de4345c43d6106c2c8fa44b22d14d46af0163ab6e5252fa6052b052aa3

Security Headers

Name	Value
Content-Security-Policy	script-src 'self'
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Security-Policy	default-src 'none'; style-src https://adfs.exelaonline.com ; script-src https://adfs.exelaonline.com ; connect-src https://adfs.exelaonline.com; font-src https://adfs.exelaonline.com; img-src https:/adfs.exelaonline.com; child-src https://auth.exelaonline.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://adfs.exelaonline.com/adfs/ls/IdpInitiatedSignon.aspx
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-Content-Security-Policy: default-src 'none'; style-src https://adfs.exelaonline.com ; script-src https://adfs.exelaonline.com ; connect-src https://adfs.exelaonline.com; font-src https://adfs.exelaonline.com; img-src https:/adfs.exelaonline.com; child-src https://auth.exelaonline.com
Date: Fri, 24 May 2024 09:29:12 GMT
Content-Security-Policy: script-src 'self'
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-forwarded-for: 146.70.117.69
*: sync-xhr
Content-Length: 8161
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
ETag: 026E060A473735E13E3B3A737F91A03264E5BE86F772F4B07BB623ED7EA7D37C
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: private
'self': usermedia, https://adfs.exelaonline.com
Permissions-Policy: microphone
Expires: -1

GET
H/1.1 200
OK logo.png
adfs.exelaonline.com/adfs/portal/logo/ 38 KB
39 KB 216ms
108ms Image
image/png 216.9.113.220
EXELA-25813

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adfs.exelaonline.com/adfs/portal/logo/logo.png?id=28EBCA2CB14D09EDDB43BEB612F66E31AEA2F4689B1F21ECBCC3CD3A5BE07034

Requested by

Host: adfs.exelaonline.com
URL: https://adfs.exelaonline.com/adfs/ls/IdpInitiatedSignon.aspx

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

216.9.113.220 , United States, ASN25813 (EXELA-25813, US),

Reverse DNS

Software

/

Resource Hash

28ebca2cb14d09eddb43beb612f66e31aea2f4689b1f21ecbcc3cd3a5be07034

Security Headers

Name	Value
Content-Security-Policy	script-src 'self'
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Security-Policy	default-src 'none'; style-src https://adfs.exelaonline.com ; script-src https://adfs.exelaonline.com ; connect-src https://adfs.exelaonline.com; font-src https://adfs.exelaonline.com; img-src https:/adfs.exelaonline.com; child-src https://auth.exelaonline.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://adfs.exelaonline.com/adfs/ls/IdpInitiatedSignon.aspx
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-Content-Security-Policy: default-src 'none'; style-src https://adfs.exelaonline.com ; script-src https://adfs.exelaonline.com ; connect-src https://adfs.exelaonline.com; font-src https://adfs.exelaonline.com; img-src https:/adfs.exelaonline.com; child-src https://auth.exelaonline.com
Date: Fri, 24 May 2024 09:29:12 GMT
Content-Security-Policy: script-src 'self'
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-forwarded-for: 146.70.117.69
*: sync-xhr
Content-Length: 38683
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
ETag: 28EBCA2CB14D09EDDB43BEB612F66E31AEA2F4689B1F21ECBCC3CD3A5BE07034
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: private
'self': usermedia, https://adfs.exelaonline.com
Permissions-Policy: microphone
Expires: -1

GET
H/1.1 404
Not Found favicon.ico
adfs.exelaonline.com/ 315 B
1 KB 108ms
107ms Other
text/html 216.9.113.220
EXELA-25813

General

Check archive.org

Show headers Download Go to

Full URL

https://adfs.exelaonline.com/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

216.9.113.220 , United States, ASN25813 (EXELA-25813, US),

Reverse DNS

Software

/

Resource Hash

ce7127c38e30e92a021ed2bd09287713c6a923db9ffdb43f126e8965d777fbf0

Security Headers

Name	Value
Content-Security-Policy	script-src 'self'
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Security-Policy	default-src 'none'; style-src https://adfs.exelaonline.com ; script-src https://adfs.exelaonline.com ; connect-src https://adfs.exelaonline.com; font-src https://adfs.exelaonline.com; img-src https:/adfs.exelaonline.com; child-src https://auth.exelaonline.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://adfs.exelaonline.com/adfs/ls/IdpInitiatedSignon.aspx
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-Content-Security-Policy: default-src 'none'; style-src https://adfs.exelaonline.com ; script-src https://adfs.exelaonline.com ; connect-src https://adfs.exelaonline.com; font-src https://adfs.exelaonline.com; img-src https:/adfs.exelaonline.com; child-src https://auth.exelaonline.com
Date: Fri, 24 May 2024 09:29:12 GMT
Content-Security-Policy: script-src 'self'
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-forwarded-for: 146.70.117.69
*: sync-xhr
Connection: close
Content-Length: 315
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=us-ascii
Cache-Control: private
'self': usermedia, https://adfs.exelaonline.com
Permissions-Policy: microphone
Expires: -1

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Invalid allowlist item for feature microphone. Allowlist item must be *, self, or quoted url.
security	error	URL: https://adfs.exelaonline.com/adfs/ls/IdpInitiatedSignon.aspx(Line 23) Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-oGCVGedVB6kSNC38zUGyd1+AZf+jqTZit87AnpY92CQ='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: https://adfs.exelaonline.com/adfs/ls/IdpInitiatedSignon.aspx(Line 88) Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-7L+28J3EXQXVnqEi3cop3iSuyajN+m1o5hHIiQUSkzc='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: https://adfs.exelaonline.com/adfs/ls/IdpInitiatedSignon.aspx(Line 153) Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-Bd52RXRQDU7kaLJduI0HM0/7UMJrX1sQ5sSS2xedW7c='), or a nonce ('nonce-...') is required to enable inline execution.
network	error	URL: https://adfs.exelaonline.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	script-src 'self'
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Security-Policy	default-src 'none'; style-src https://adfs.exelaonline.com ; script-src https://adfs.exelaonline.com ; connect-src https://adfs.exelaonline.com; font-src https://adfs.exelaonline.com; img-src https:/adfs.exelaonline.com; child-src https://auth.exelaonline.com
X-Content-Type-Options	nosniff
X-Frame-Options	DENY SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adfs.exelaonline.com
216.9.113.220
28ebca2cb14d09eddb43beb612f66e31aea2f4689b1f21ecbcc3cd3a5be07034
ce7127c38e30e92a021ed2bd09287713c6a923db9ffdb43f126e8965d777fbf0
ced6a1de4345c43d6106c2c8fa44b22d14d46af0163ab6e5252fa6052b052aa3
f78ef5b08c0b7411dd7a6273d88f5dbd120034802414cb90830f42cb533277f0

adfs.exelaonline.com Open in urlscan Pro 216.9.113.220 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

4 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

63 kBTransfer

60 kBSize

0 Cookies

0 Outgoing links

Redirected requests

4 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

0 Cookies

5 Console Messages

Security Headers

Indicators

adfs.exelaonline.com Open in urlscan Pro
216.9.113.220 Public Scan

Screenshot
Live screenshot

Full Image

4
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

63 kB
Transfer

60 kB
Size

0
Cookies

4 HTTP transactions
0 data transactions