urlscan.io logo urlscan.io
SecurityTrails logo

sts.ulta.com Open in urlscan Pro
104.193.232.10  Public Scan

Go To Rescan Add Verdict Report
URL: https://sts.ulta.com/adfs/ls/IdpInitiatedSignOn.aspx
Submission: On September 19 via manual from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 4 HTTP transactions. The main IP is 104.193.232.10, located in Aurora, United States and belongs to ULTA-BGP, US. The main domain is sts.ulta.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on June 6th 2022. Valid for: a year.
This is the only time sts.ulta.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 104.193.232.10 393587 (ULTA-BGP)
4 1
Apex Domain
Subdomains		 Transfer
4 ulta.com
sts.ulta.com
226 KB
4 1
Domain Requested by
4 sts.ulta.com sts.ulta.com
4 1

This site contains no links.

Subject Issuer Validity Valid
STS.ulta.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-06 -
2023-07-07		 a year crt.sh

This page contains 1 frames:

Primary Page: https://sts.ulta.com/adfs/ls/IdpInitiatedSignOn.aspx
Frame ID: CD5B801B41597B1BC32A088F4A2B0782
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign In

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)

Page Statistics

4
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

226 kB
Transfer

225 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request IdpInitiatedSignOn.aspx
sts.ulta.com/adfs/ls/ 		28 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sts.ulta.com/adfs/ls/IdpInitiatedSignOn.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.193.232.10 Aurora, United States, ASN393587 (ULTA-BGP, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
685654b6fc8cb531c48b862babd862a8483d3b36a13b6382be2df317c01481a7
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache,no-store
Content-Length
28256
Content-Type
text/html; charset=utf-8
Date
Mon, 19 Sep 2022 16:17:28 GMT
Expires
-1
Pragma
no-cache
Server
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
X-Frame-Options
DENY
style.css
sts.ulta.com/adfs/portal/css/ 		8 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sts.ulta.com/adfs/portal/css/style.css?id=0A13280A86E7DFA6949BD016EA848912FCAFC05E88CBEDF538AC325B27041205
Requested by
Host: sts.ulta.com
URL: https://sts.ulta.com/adfs/ls/IdpInitiatedSignOn.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.193.232.10 Aurora, United States, ASN393587 (ULTA-BGP, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
0a13280a86e7dfa6949bd016ea848912fcafc05e88cbedf538ac325b27041205

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sts.ulta.com/adfs/ls/IdpInitiatedSignOn.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 16:17:28 GMT
Expires
Wed, 19 Oct 2022 16:17:28 GMT
Server
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
ETag
0A13280A86E7DFA6949BD016EA848912FCAFC05E88CBEDF538AC325B27041205
Content-Length
8144
Content-Type
text/css
logo.png
sts.ulta.com/adfs/portal/logo/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sts.ulta.com/adfs/portal/logo/logo.png?id=2E3AC0485E999604C1307C0AAE6EB09505A064E4EAEABD54FB1B73B9A161ADCF
Requested by
Host: sts.ulta.com
URL: https://sts.ulta.com/adfs/ls/IdpInitiatedSignOn.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.193.232.10 Aurora, United States, ASN393587 (ULTA-BGP, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
2e3ac0485e999604c1307c0aae6eb09505a064e4eaeabd54fb1b73b9a161adcf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sts.ulta.com/adfs/ls/IdpInitiatedSignOn.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 16:17:28 GMT
Expires
Wed, 19 Oct 2022 16:17:28 GMT
Server
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
ETag
2E3AC0485E999604C1307C0AAE6EB09505A064E4EAEABD54FB1B73B9A161ADCF
Content-Length
3127
Content-Type
image/png
illustration.jpg
sts.ulta.com/adfs/portal/illustration/ 		187 KB
187 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sts.ulta.com/adfs/portal/illustration/illustration.jpg?id=312DA80A0F6D04F764DB11F1DD011973AC265F6320546126947DBBA8345B9746
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.193.232.10 Aurora, United States, ASN393587 (ULTA-BGP, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
312da80a0f6d04f764db11f1dd011973ac265f6320546126947dbba8345b9746

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sts.ulta.com/adfs/ls/IdpInitiatedSignOn.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 16:17:28 GMT
Expires
Wed, 19 Oct 2022 16:17:28 GMT
Server
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
ETag
312DA80A0F6D04F764DB11F1DD011973AC265F6320546126947DBBA8345B9746
Content-Length
191078
Content-Type
image/jpg

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| onClickOtherRPButton function| onClickSingleSignOutRadioButton function| onClickLocalSignOutRadioButton function| onClickThisRPButton function| controlDisplayOfPanelBasedOnRelyingPartyCount undefined| emails undefined| msViewportStyle undefined| viewport function| getStyle function| computeLoadIllustration object| loginMessage object| myCheckHRD undefined| hrdui

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options DENY