urlscan.io logo urlscan.io
SecurityTrails logo

federation.recovery.pr Open in urlscan Pro
64.178.211.14  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://login.cor3.pr/Lists/TrainingSelfRegistration/Register.aspx
Effective URL: https://federation.recovery.pr/adfs/ls/idpinitiatedsignon.htm?wa=wsignin1.0&wtrealm=urn%3asharepoint%3alogin&wctx=https%3a%2f%2...
Submission: On August 29 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 4 HTTP transactions. The main IP is 64.178.211.14, located in Guaynabo, Puerto Rico and belongs to EVERTEC, PR. The main domain is federation.recovery.pr.
TLS certificate: Issued by Thawte RSA CA 2018 on August 2nd 2022. Valid for: a year.
This is the only time federation.recovery.pr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 4 64.178.217.121 14920 (EVERTEC)
4 64.178.211.14 14920 (EVERTEC)
4 2
Apex Domain
Subdomains		 Transfer
4 recovery.pr
federation.recovery.pr
492 KB
4 cor3.pr
login.cor3.pr
1 KB
4 2
Domain Requested by
4 federation.recovery.pr federation.recovery.pr
4 login.cor3.pr 4 redirects
4 2

This site contains links to these domains. Also see Links.

Domain
bpm.cor3.pr
sspr.cor3.pr
www.google.com
www.microsoft.com
www.mozilla.org
Subject Issuer Validity Valid
*.recovery.pr
Thawte RSA CA 2018		 2022-08-02 -
2023-09-02		 a year crt.sh

This page contains 1 frames:

Primary Page: https://federation.recovery.pr/adfs/ls/idpinitiatedsignon.htm?wa=wsignin1.0&wtrealm=urn%3asharepoint%3alogin&wctx=https%3a%2f%2flogin.cor3.pr%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252FLists%252FTrainingSelfRegistration%252FRegister%252Easpx
Frame ID: F05EF000072D17A2558E3A4E31257C50
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

PR DRS Login

Page URL History Show full URLs

  1. https://login.cor3.pr/Lists/TrainingSelfRegistration/Register.aspx HTTP 302
    https://login.cor3.pr/_layouts/15/Authenticate.aspx?Source=%2FLists%2FTrainingSelfRegistration%2FR... HTTP 302
    https://login.cor3.pr/_login/Bypass/BypassLogin.aspx?ReturnUrl=%2f_layouts%2f15%2fAuthenticate.asp... HTTP 302
    https://login.cor3.pr/_trust/default.aspx?trust=ADFS&ReturnUrl=%2f_layouts%2f15%2fAuthenticate.asp... HTTP 302
    https://federation.recovery.pr/adfs/ls/idpinitiatedsignon.htm?wa=wsignin1.0&wtrealm=urn%3asharepoint%3alogi... Page URL

Page Statistics

4
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

492 kB
Transfer

505 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://login.cor3.pr/Lists/TrainingSelfRegistration/Register.aspx HTTP 302
    https://login.cor3.pr/_layouts/15/Authenticate.aspx?Source=%2FLists%2FTrainingSelfRegistration%2FRegister%2Easpx HTTP 302
    https://login.cor3.pr/_login/Bypass/BypassLogin.aspx?ReturnUrl=%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252FLists%252FTrainingSelfRegistration%252FRegister%252Easpx&Source=%2FLists%2FTrainingSelfRegistration%2FRegister%2Easpx HTTP 302
    https://login.cor3.pr/_trust/default.aspx?trust=ADFS&ReturnUrl=%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252FLists%252FTrainingSelfRegistration%252FRegister%252Easpx&Source=%2fLists%2fTrainingSelfRegistration%2fRegister.aspx& HTTP 302
    https://federation.recovery.pr/adfs/ls/idpinitiatedsignon.htm?wa=wsignin1.0&wtrealm=urn%3asharepoint%3alogin&wctx=https%3a%2f%2flogin.cor3.pr%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252FLists%252FTrainingSelfRegistration%252FRegister%252Easpx Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request idpinitiatedsignon.htm
federation.recovery.pr/adfs/ls/
Redirect Chain
  • https://login.cor3.pr/Lists/TrainingSelfRegistration/Register.aspx
  • https://login.cor3.pr/_layouts/15/Authenticate.aspx?Source=%2FLists%2FTrainingSelfRegistration%2FRegister%2Easpx
  • https://login.cor3.pr/_login/Bypass/BypassLogin.aspx?ReturnUrl=%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252FLists%252FTrainingSelfRegistration%252FRegister%252Easpx&Source=%2FLists%2FTraini...
  • https://login.cor3.pr/_trust/default.aspx?trust=ADFS&ReturnUrl=%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252FLists%252FTrainingSelfRegistration%252FRegister%252Easpx&Source=%2fLists%2fTraini...
  • https://federation.recovery.pr/adfs/ls/idpinitiatedsignon.htm?wa=wsignin1.0&wtrealm=urn%3asharepoint%3alogin&wctx=https%3a%2f%2flogin.cor3.pr%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252FLis...
203 KB
203 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://federation.recovery.pr/adfs/ls/idpinitiatedsignon.htm?wa=wsignin1.0&wtrealm=urn%3asharepoint%3alogin&wctx=https%3a%2f%2flogin.cor3.pr%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252FLists%252FTrainingSelfRegistration%252FRegister%252Easpx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.178.211.14 Guaynabo, Puerto Rico, ASN14920 (EVERTEC, PR),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f369f88b48f0711b2ec3439e9fcfdb9849d4fd229429ff6307d6ed5471e67192
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache,no-store
Content-Length
207447
Content-Type
text/html; charset=utf-8
Date
Mon, 29 Aug 2022 18:57:09 GMT
Expires
-1
Pragma
no-cache
Server
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
X-Frame-Options
DENY

Redirect headers

cache-control
private, no-store
content-length
375
content-type
text/html; charset=utf-8
date
Mon, 29 Aug 2022 18:56:57 GMT
location
https://federation.recovery.pr/adfs/ls/idpinitiatedsignon.htm?wa=wsignin1.0&wtrealm=urn%3asharepoint%3alogin&wctx=https%3a%2f%2flogin.cor3.pr%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252FLists%252FTrainingSelfRegistration%252FRegister%252Easpx
microsoftsharepointteamservices
16.0.0.5356
request-id
3ad25fa0-0719-7057-80c2-8c71d024b0b2
server
Microsoft-IIS/10.0
spiislatency
1
sprequestduration
6
sprequestguid
3ad25fa0-0719-7057-80c2-8c71d024b0b2
x-aspnet-version
4.0.30319
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-ms-invokeapp
1; RequireReadOnly
x-powered-by
ASP.NET
x-sharepointhealthscore
0
style.css
federation.recovery.pr/adfs/portal/css/ 		10 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://federation.recovery.pr/adfs/portal/css/style.css?id=4B6C96ECC9B51257B5CD451519E8A587566D94F32A2FD3B070C3EB9C171F2E2D
Requested by
Host: federation.recovery.pr
URL: https://federation.recovery.pr/adfs/ls/idpinitiatedsignon.htm?wa=wsignin1.0&wtrealm=urn%3asharepoint%3alogin&wctx=https%3a%2f%2flogin.cor3.pr%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252FLists%252FTrainingSelfRegistration%252FRegister%252Easpx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.178.211.14 Guaynabo, Puerto Rico, ASN14920 (EVERTEC, PR),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
2f2b59c11b2d7bdcfb13324a299ba474820f4ec433aae8c182b223243d61f6c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://federation.recovery.pr/adfs/ls/idpinitiatedsignon.htm?wa=wsignin1.0&wtrealm=urn%3asharepoint%3alogin&wctx=https%3a%2f%2flogin.cor3.pr%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252FLists%252FTrainingSelfRegistration%252FRegister%252Easpx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Mon, 29 Aug 2022 18:57:09 GMT
Expires
Wed, 28 Sep 2022 18:57:10 GMT
Server
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
ETag
4B6C96ECC9B51257B5CD451519E8A587566D94F32A2FD3B070C3EB9C171F2E2D
Content-Length
9906
Content-Type
text/css
logo.png
federation.recovery.pr/adfs/portal/logo/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://federation.recovery.pr/adfs/portal/logo/logo.png?id=627AAC1D494A33D9D60C7793A1489D01C719D55B0988837482A54771D8A1CFCA
Requested by
Host: federation.recovery.pr
URL: https://federation.recovery.pr/adfs/ls/idpinitiatedsignon.htm?wa=wsignin1.0&wtrealm=urn%3asharepoint%3alogin&wctx=https%3a%2f%2flogin.cor3.pr%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252FLists%252FTrainingSelfRegistration%252FRegister%252Easpx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.178.211.14 Guaynabo, Puerto Rico, ASN14920 (EVERTEC, PR),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
627aac1d494a33d9d60c7793a1489d01c719d55b0988837482a54771d8a1cfca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://federation.recovery.pr/adfs/ls/idpinitiatedsignon.htm?wa=wsignin1.0&wtrealm=urn%3asharepoint%3alogin&wctx=https%3a%2f%2flogin.cor3.pr%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252FLists%252FTrainingSelfRegistration%252FRegister%252Easpx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Mon, 29 Aug 2022 18:57:09 GMT
Expires
Wed, 28 Sep 2022 18:57:10 GMT
Server
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
ETag
627AAC1D494A33D9D60C7793A1489D01C719D55B0988837482A54771D8A1CFCA
Content-Length
11458
Content-Type
image/png
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef72cb463382f4ffcd6b9be93d11c81d87f7ad1c966bcd61cecb8c9489bb5aed

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2d6d51b02cd577fa4b0d3b8700b8575be36f4372f4f4e1e5f88f0aae8e551730

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41414c04c6c90769ee7ab55baa8205e947bee45aa46c260b165a139479646ffa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
illustration.jpg
federation.recovery.pr/adfs/portal/illustration/ 		268 KB
268 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://federation.recovery.pr/adfs/portal/illustration/illustration.jpg?id=CA91745FFBB6349B9137B6B883DB7715B720A2BB5AF0C0D6C1E40F70AD081583
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.178.211.14 Guaynabo, Puerto Rico, ASN14920 (EVERTEC, PR),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
ca91745ffbb6349b9137b6b883db7715b720a2bb5af0c0d6c1e40f70ad081583

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://federation.recovery.pr/adfs/ls/idpinitiatedsignon.htm?wa=wsignin1.0&wtrealm=urn%3asharepoint%3alogin&wctx=https%3a%2f%2flogin.cor3.pr%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252FLists%252FTrainingSelfRegistration%252FRegister%252Easpx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Mon, 29 Aug 2022 18:57:09 GMT
Expires
Wed, 28 Sep 2022 18:57:11 GMT
Server
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
ETag
CA91745FFBB6349B9137B6B883DB7715B720A2BB5AF0C0D6C1E40F70AD081583
Content-Length
273938
Content-Type
image/jpg

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| LoginErrors number| maxPasswordLength function| InputUtil function| SelectOption function| Login undefined| emails undefined| msViewportStyle undefined| viewport function| getStyle function| computeLoadIllustration function| SetIllustrationImage function| GetTitle object| loginMessage function| UpdatePlaceholders function| SignoutOnLoad function| setSignoutText function| HasLogoutError function| redirectToLogoutSuccess function| redirectByParameter function| redirectByUrl function| changeFavicon object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| bowser function| Cookies

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options DENY