safesaml.aep.com Open in urlscan Pro
167.239.226.205 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://aep.medallia.com/sso/aep/respInvForm.do?surveyid=8390457
Effective URL:
https://safesaml.aep.com/my.policy
Submission: On August 31 via manual (August 31st 2022, 1:13:39 pm UTC) from US — Scanned from DE

Summary HTTP 12 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 12 HTTP transactions. The main IP is 167.239.226.205, located in United States and belongs to AEP, US. The main domain is safesaml.aep.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on August 23rd 2021. Valid for: a year.

This is the only time safesaml.aep.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 6	147.75.243.130 147.75.243.130	30109 (MEDALLIA-INC) (MEDALLIA-INC)
2	143.204.215.78 143.204.215.78	16509 (AMAZON-02) (AMAZON-02)
1 7	167.239.226.205 167.239.226.205	13695 (AEP) (AEP)
12	3

6 147.75.243.130 (Seattle, United States) 2 redirects

ASN30109 (MEDALLIA-INC, US)

aep.medallia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.215.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-78.fra53.r.cloudfront.net

cdn.medallia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 167.239.226.205 (United States) 1 redirects

ASN13695 (AEP, US)
PTR: hos25136.aep.com

safesaml.aep.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	medallia.com 2 redirects aep.medallia.com cdn.medallia.com — Cisco Umbrella Rank: 29306	204 KB
7	aep.com 1 redirects safesaml.aep.com	105 KB
12	2

	Domain	Requested by
7	safesaml.aep.com	1 redirects safesaml.aep.com
6	aep.medallia.com	2 redirects aep.medallia.com
2	cdn.medallia.com	aep.medallia.com cdn.medallia.com
12	3

This site contains links to these domains. Also see Links.

Domain
iforgot.aep.com

Subject Issuer	Validity	Valid
*.medallia.com SSL.com RSA SSL subCA	`2022-03-07` - `2023-04-07`	a year	crt.sh
cdn.medallia.com SSL.com RSA SSL subCA	`2022-03-24` - `2023-04-24`	a year	crt.sh
safesaml.aep.com Entrust Certification Authority - L1K	`2021-08-23` - `2022-09-19`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://safesaml.aep.com/my.policy
Frame ID: 4D48B152253FB48EF7EB0CF98E8B4652
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

AEP S.A.F.E. logon page

Page URL History Show full URLs

https://aep.medallia.com/sso/aep/respInvForm.do?surveyid=8390457 HTTP 302
https://aep.medallia.com/sso/aep/ssoLoginRequest.do?goToUrl=https%3A%2F%2Faep.medallia.com%2Fsso%2Fae... HTTP 302
https://aep.medallia.com/sso/aep/samlRequest.do?goToUrl=https%3A%2F%2Faep.medallia.com%2Fsso%2Faep%2F... Page URL
https://safesaml.aep.com/saml/idp/profile/redirectorpost/sso HTTP 302
https://safesaml.aep.com/my.policy Page URL

Detected technologies

YUI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/yui/|yui\.yahooapis\.com)

Page Statistics

12
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

3
IPs

1
Countries

307 kB
Transfer

786 kB
Size

6
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://iforgot.aep.com/
Title: Trouble logging in?

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://aep.medallia.com/sso/aep/respInvForm.do?surveyid=8390457 HTTP 302
https://aep.medallia.com/sso/aep/ssoLoginRequest.do?goToUrl=https%3A%2F%2Faep.medallia.com%2Fsso%2Faep%2FrespInvForm.do%3Fsurveyid%3D8390457 HTTP 302
https://aep.medallia.com/sso/aep/samlRequest.do?goToUrl=https%3A%2F%2Faep.medallia.com%2Fsso%2Faep%2FrespInvForm.do%3Fsurveyid%3D8390457 Page URL
https://safesaml.aep.com/saml/idp/profile/redirectorpost/sso HTTP 302
https://safesaml.aep.com/my.policy Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://aep.medallia.com/sso/aep/respInvForm.do?surveyid=8390457 HTTP 302
https://aep.medallia.com/sso/aep/ssoLoginRequest.do?goToUrl=https%3A%2F%2Faep.medallia.com%2Fsso%2Faep%2FrespInvForm.do%3Fsurveyid%3D8390457 HTTP 302
https://aep.medallia.com/sso/aep/samlRequest.do?goToUrl=https%3A%2F%2Faep.medallia.com%2Fsso%2Faep%2FrespInvForm.do%3Fsurveyid%3D8390457

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

samlRequest.do Show response
aep.medallia.com/sso/aep/
Redirect Chain

https://aep.medallia.com/sso/aep/respInvForm.do?surveyid=8390457
https://aep.medallia.com/sso/aep/ssoLoginRequest.do?goToUrl=https%3A%2F%2Faep.medallia.com%2Fsso%2Faep%2FrespInvForm.do%3Fsurveyid%3D8390457
https://aep.medallia.com/sso/aep/samlRequest.do?goToUrl=https%3A%2F%2Faep.medallia.com%2Fsso%2Faep%2FrespInvForm.do%3Fsurveyid%3D8390457

2 KB
2 KB

161ms
161ms

Document
text/html

147.75.243.130
MEDALLIA-INC

General

Check archive.org

Show headers Download Go to

Full URL

https://aep.medallia.com/sso/aep/samlRequest.do?goToUrl=https%3A%2F%2Faep.medallia.com%2Fsso%2Faep%2FrespInvForm.do%3Fsurveyid%3D8390457

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.243.130 Seattle, United States, ASN30109 (MEDALLIA-INC, US),

Reverse DNS

Software

Resource Hash

336b41568c729a72b765da449a391eab4fb3e91094c758bf66e725d165fb9ed9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache,no-store,max-age=0
Content-Encoding: gzip
Content-Type: text/html;charset=utf-8
Date: Wed, 31 Aug 2022 13:13:32 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="This is not a P3P policy! See http://www.medallia.com/privacy/ for more info."
Pragma: No-cache
Referrer-Policy: no-referrer-when-downgrade
Strict-Transport-Security: max-age=31536000; includeSubDomains
Transfer-Encoding: chunked
Vary: Accept-Encoding, User-Agent
X-Content-Type-Options: nosniff
X-Frame-Options: deny
X-Medallia-Rpc-Request-Id: 68511217-d33f-4956-9e16-0a25b88ad017
X-UA-Compatible: IE=edge

Redirect headers

Cache-Control: no-cache,no-store,max-age=0
Content-Length: 0
Content-Type: text/html;charset=utf-8
Date: Wed, 31 Aug 2022 13:13:32 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://aep.medallia.com/sso/aep/samlRequest.do?goToUrl=https%3A%2F%2Faep.medallia.com%2Fsso%2Faep%2FrespInvForm.do%3Fsurveyid%3D8390457
P3P: CP="This is not a P3P policy! See http://www.medallia.com/privacy/ for more info."
Pragma: No-cache
Referrer-Policy: no-referrer-when-downgrade
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: deny
X-Medallia-Rpc-Request-Id: 8b39da5c-8306-455b-a584-4d379fd6b42c
X-UA-Compatible: IE=edge

GET
H2 200 alchemy-fonts.css
cdn.medallia.com/alchemy-fonts/1.1.1/ 3 KB
1 KB 71ms
15ms Stylesheet
text/css 143.204.215.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.medallia.com/alchemy-fonts/1.1.1/alchemy-fonts.css
Requested by: Host: aep.medallia.com
URL: https://aep.medallia.com/sso/aep/samlRequest.do?goToUrl=https%3A%2F%2Faep.medallia.com%2Fsso%2Faep%2FrespInvForm.do%3Fsurveyid%3D8390457
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-78.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 787662f6159503b79f7a319baa77b7fa4578cee323a71d607f747ee32666bdef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aep.medallia.com/sso/aep/samlRequest.do?goToUrl=https%3A%2F%2Faep.medallia.com%2Fsso%2Faep%2FrespInvForm.do%3Fsurveyid%3D8390457
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 00:02:25 GMT
content-encoding: gzip
last-modified: Thu, 16 Sep 2021 20:00:52 GMT
server: AmazonS3
age: 1948268
etag: W/"61a797ba20f90f3b9899edb9d7892535"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: RCz7ej.iQChHh6FMJYWqrOm_o013AWRj
via: 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-meta-version-id: 3HP0ZfChJA1xtsmy9JfiIJFPVCMozcu2
x-amz-cf-pop: FRA53-C1
content-type: text/css
x-amz-cf-id: dzolgBmHcasZ5UekxIfGurvFGAL8LCyq8aMqfcdPtkRT_msaUAku-A==

GET
H/1.1 200
OK sass
aep.medallia.com/ 141 KB
24 KB 155ms
153ms Stylesheet
text/css 147.75.243.130
MEDALLIA-INC

General

Check archive.org

Show headers Download Go to

Full URL

https://aep.medallia.com/sass?md5=ed5c761bd61ee8464a81052a97661d65&module=manifest-login.scss

Requested by

Host: aep.medallia.com
URL: https://aep.medallia.com/sso/aep/samlRequest.do?goToUrl=https%3A%2F%2Faep.medallia.com%2Fsso%2Faep%2FrespInvForm.do%3Fsurveyid%3D8390457

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.243.130 Seattle, United States, ASN30109 (MEDALLIA-INC, US),

Reverse DNS

Software

Resource Hash

a61d946d5992a7cc37fbcf4dbec53e1f839b4a530e4064a590eb8e2b10d182de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aep.medallia.com/sso/aep/samlRequest.do?goToUrl=https%3A%2F%2Faep.medallia.com%2Fsso%2Faep%2FrespInvForm.do%3Fsurveyid%3D8390457
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: cache
Date: Wed, 31 Aug 2022 13:13:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy-Report-Only: default-src 'self' 'unsafe-inline' data: static.medallia.com bugreport.medallia.com https://www.google-analytics.com/ https://fonts.gstatic.com/ https://fonts.googleapis.com/ https://chart.googleapis.com/ https://cdnjs.cloudflare.com/ https://maxcdn.bootstrapcdn.com/ https://netdna.bootstrapcdn.com/ cdn.medallia.com https://*.cdn.survey.medallia.com/ https://col.eum-appdynamics.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' 'nonce-f11bf2e75985a8f5e314d876ebb8f442' static.medallia.com bugreport.medallia.com https://www.google-analytics.com/ https://fonts.gstatic.com/ https://fonts.googleapis.com/ https://chart.googleapis.com/ https://cdnjs.cloudflare.com/ https://maxcdn.bootstrapcdn.com/ https://netdna.bootstrapcdn.com/ cdn.medallia.com https://*.cdn.survey.medallia.com/ https://col.eum-appdynamics.com/ https://s3.amazonaws.com/cdn.m8s.io/ https://s3.amazonaws.com/cdn.medallia.com/ https://nebula-cdn.kampyle.com/; report-uri /csp-report/;
Content-Type: text/css;charset=UTF-8
Cache-Control: max-age=946080000, public, cache
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Medallia-Rpc-Request-Id: dc95e579-f723-4ccf-9c28-a781f8808c61
Vary: Accept-Encoding, User-Agent
Expires: Tue, 31 Dec 2030 00:00:00 GMT

GET
H/1.1 200
OK yui_manual_concat.js Show response
aep.medallia.com/yui/concat/ 366 KB
100 KB 454ms
154ms Script
application/javascript 147.75.243.130
MEDALLIA-INC

General

Check archive.org

Show headers Download Go to

Full URL

https://aep.medallia.com/yui/concat/yui_manual_concat.js?66f8cece98039d046d9e651887facf23

Requested by

Host: aep.medallia.com
URL: https://aep.medallia.com/sso/aep/samlRequest.do?goToUrl=https%3A%2F%2Faep.medallia.com%2Fsso%2Faep%2FrespInvForm.do%3Fsurveyid%3D8390457

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.243.130 Seattle, United States, ASN30109 (MEDALLIA-INC, US),

Reverse DNS

Software

Resource Hash

389ce38d3950a5bf53ccfbe90f22604c8b7cc01f8fc9ae8ddea0a069456ef48a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aep.medallia.com/sso/aep/samlRequest.do?goToUrl=https%3A%2F%2Faep.medallia.com%2Fsso%2Faep%2FrespInvForm.do%3Fsurveyid%3D8390457
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

X-Medallia-Rpc-Request-Id: 6112ed23-7736-469b-aab5-a5527b053a54
Pragma: cache
Date: Wed, 31 Aug 2022 13:13:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 10 Aug 2022 22:30:21 GMT
Content-Security-Policy-Report-Only: default-src 'self' 'unsafe-inline' data: static.medallia.com bugreport.medallia.com https://www.google-analytics.com/ https://fonts.gstatic.com/ https://fonts.googleapis.com/ https://chart.googleapis.com/ https://cdnjs.cloudflare.com/ https://maxcdn.bootstrapcdn.com/ https://netdna.bootstrapcdn.com/ cdn.medallia.com https://*.cdn.survey.medallia.com/ https://col.eum-appdynamics.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' 'nonce-5fc626544bd51549a625651d65ad6b49' static.medallia.com bugreport.medallia.com https://www.google-analytics.com/ https://fonts.gstatic.com/ https://fonts.googleapis.com/ https://chart.googleapis.com/ https://cdnjs.cloudflare.com/ https://maxcdn.bootstrapcdn.com/ https://netdna.bootstrapcdn.com/ cdn.medallia.com https://*.cdn.survey.medallia.com/ https://col.eum-appdynamics.com/ https://s3.amazonaws.com/cdn.m8s.io/ https://s3.amazonaws.com/cdn.medallia.com/ https://nebula-cdn.kampyle.com/; report-uri /csp-report/;
Content-Type: application/javascript
Cache-Control: max-age=946080000, public, cache
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains
Accept-Ranges: bytes
Vary: Accept-Encoding, User-Agent
Expires: Tue, 31 Dec 2030 00:00:00 GMT

GET
H/1.1 200
OK pubjs.min.js Show response
aep.medallia.com/build/ 151 KB
54 KB 452ms
152ms Script
application/javascript 147.75.243.130
MEDALLIA-INC

General

Check archive.org

Show headers Download Go to

Full URL

https://aep.medallia.com/build/pubjs.min.js?4a94495bd6dcab2c624ec784280b6426

Requested by

Host: aep.medallia.com
URL: https://aep.medallia.com/sso/aep/samlRequest.do?goToUrl=https%3A%2F%2Faep.medallia.com%2Fsso%2Faep%2FrespInvForm.do%3Fsurveyid%3D8390457

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.243.130 Seattle, United States, ASN30109 (MEDALLIA-INC, US),

Reverse DNS

Software

Resource Hash

403d2bde68d0e57d6420e88f112d13ed6fdfee851a3049380aa8e423695f3566

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aep.medallia.com/sso/aep/samlRequest.do?goToUrl=https%3A%2F%2Faep.medallia.com%2Fsso%2Faep%2FrespInvForm.do%3Fsurveyid%3D8390457
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

X-Medallia-Rpc-Request-Id: 3d4f21d2-ed19-4d6c-86a0-af37fe1a2d1f
Pragma: cache
Date: Wed, 31 Aug 2022 13:13:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 10 Aug 2022 22:30:20 GMT
Content-Security-Policy-Report-Only: default-src 'self' 'unsafe-inline' data: static.medallia.com bugreport.medallia.com https://www.google-analytics.com/ https://fonts.gstatic.com/ https://fonts.googleapis.com/ https://chart.googleapis.com/ https://cdnjs.cloudflare.com/ https://maxcdn.bootstrapcdn.com/ https://netdna.bootstrapcdn.com/ cdn.medallia.com https://*.cdn.survey.medallia.com/ https://col.eum-appdynamics.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' 'nonce-6c25581e0241bf66ed2d0472e2800c92' static.medallia.com bugreport.medallia.com https://www.google-analytics.com/ https://fonts.gstatic.com/ https://fonts.googleapis.com/ https://chart.googleapis.com/ https://cdnjs.cloudflare.com/ https://maxcdn.bootstrapcdn.com/ https://netdna.bootstrapcdn.com/ cdn.medallia.com https://*.cdn.survey.medallia.com/ https://col.eum-appdynamics.com/ https://s3.amazonaws.com/cdn.m8s.io/ https://s3.amazonaws.com/cdn.medallia.com/ https://nebula-cdn.kampyle.com/; report-uri /csp-report/;
Content-Type: application/javascript
Cache-Control: max-age=946080000, public, cache
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains
Accept-Ranges: bytes
Vary: Accept-Encoding, User-Agent
Expires: Tue, 31 Dec 2030 00:00:00 GMT

GET
H2 200 GothamNarrow-Book_Web.woff2
cdn.medallia.com/alchemy-fonts/1.1.1/ 21 KB
21 KB 53ms
21ms Font
application/woff2 143.204.215.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.medallia.com/alchemy-fonts/1.1.1/GothamNarrow-Book_Web.woff2
Requested by: Host: cdn.medallia.com
URL: https://cdn.medallia.com/alchemy-fonts/1.1.1/alchemy-fonts.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-78.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://cdn.medallia.com/alchemy-fonts/1.1.1/alchemy-fonts.css
Origin: https://aep.medallia.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 14:01:20 GMT
via: 1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
age: 169934
x-cache: Hit from cloudfront
content-length: 21056
last-modified: Fri, 18 Mar 2022 16:34:54 GMT
server: AmazonS3
etag: "b65d6ada74699adeb90bed27f212b70b"
vary: Origin
access-control-allow-methods: GET
x-amz-version-id: YZCJ1L8EuZTF3oO2csjKtK.rWybdIxbA
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-meta-version-id: Benj0scTU094CJHJOiKV56BBM0dQXqZh
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: application/woff2
x-amz-cf-id: WW5XTSGKYH_k1u_zY9xNAnG_aXfMFUsXk5Ys4dZCM07hF-lAcUNKkQ==

GET
H/1.1

200
OK

Primary Request my.policy Show response
safesaml.aep.com/
Redirect Chain

https://safesaml.aep.com/saml/idp/profile/redirectorpost/sso
https://safesaml.aep.com/my.policy

28 KB
29 KB

257ms
256ms

Document
text/html

167.239.226.205
AEP

General

Check archive.org

Show headers Download Go to

Full URL

https://safesaml.aep.com/my.policy

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

167.239.226.205 , United States, ASN13695 (AEP, US),

Reverse DNS

hos25136.aep.com

Software

Resource Hash

231144a241b197ab812c1f5b63b988bbd0fc399b17617b2a02b69138cbddc4a5

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://aep.medallia.com
Referer: https://aep.medallia.com/sso/aep/samlRequest.do?goToUrl=https%3A%2F%2Faep.medallia.com%2Fsso%2Faep%2FrespInvForm.do%3Fsurveyid%3D8390457
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Age: 19020
Cache-Control: no-cache, must-revalidate
Connection: close
Content-Length: 28665
Content-Type: text/html; charset=utf-8
Date: Wed, 31 Aug 2022 13:13:34 GMT
Pragma: no-cache
X-Frame-Options: DENY

Redirect headers

Connection: close
Content-Length: 0
Location: /my.policy

GET
H/1.1 200
OK apm.css
safesaml.aep.com/public/include/css/ 42 KB
43 KB 490ms
249ms Stylesheet
text/css 167.239.226.205
AEP

General

Check archive.org

Show headers Download Go to

Full URL

https://safesaml.aep.com/public/include/css/apm.css

Requested by

Host: safesaml.aep.com
URL: https://safesaml.aep.com/my.policy

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

167.239.226.205 , United States, ASN13695 (AEP, US),

Reverse DNS

hos25136.aep.com

Software

Resource Hash

59a6293f1f4da10de79701623917c7c55715c655cd92844b631e7148e45218ac

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safesaml.aep.com/my.policy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 13:13:34 GMT
Age: 805
X-Frame-Options: DENY
Content-Type: text/css; charset=utf-8
Cache-Control: max-age=3600
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 43323

GET
H/1.1 200
OK session_check.js Show response
safesaml.aep.com/public/include/js/ 7 KB
8 KB 370ms
129ms Script
application/javascript 167.239.226.205
AEP

General

Check archive.org

Show headers Download Go to

Full URL: https://safesaml.aep.com/public/include/js/session_check.js?v=13
Requested by: Host: safesaml.aep.com
URL: https://safesaml.aep.com/my.policy
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 167.239.226.205 , United States, ASN13695 (AEP, US),
Reverse DNS: hos25136.aep.com
Software: /
Resource Hash: a5ea9b6d1aa661f4df9f86ec4cd271bff35c6c1f243b49ad3b9ee4986f9ac8ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safesaml.aep.com/my.policy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 13:13:34 GMT
Last-Modified: Fri, 23 Sep 2016 00:53:19 GMT
Age: 3084
ETag: "1dd6-53d223449fdc0"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 7638

GET
H/1.1 200
OK agent_common.js Show response
safesaml.aep.com/public/include/js/ 899 B
1 KB 368ms
127ms Script
application/javascript 167.239.226.205
AEP

General

Check archive.org

Show headers Download Go to

Full URL

https://safesaml.aep.com/public/include/js/agent_common.js

Requested by

Host: safesaml.aep.com
URL: https://safesaml.aep.com/my.policy

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

167.239.226.205 , United States, ASN13695 (AEP, US),

Reverse DNS

hos25136.aep.com

Software

Resource Hash

be8d30e8dc85ed41a63a231766adaac8e301ddb3ec9237d02ceed9f73989e9f5

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safesaml.aep.com/my.policy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 13:13:34 GMT
Last-Modified: Mon, 25 Apr 2016 22:29:01 GMT
Age: 3033
ETag: "383-53156b4092540"
X-Frame-Options: DENY
Content-Type: application/javascript
Cache-Control: max-age=3600, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 899

GET
H/1.1 200
OK web_host.js Show response
safesaml.aep.com/public/include/js/ 14 KB
15 KB 489ms
247ms Script
application/javascript 167.239.226.205
AEP

General

Check archive.org

Show headers Download Go to

Full URL: https://safesaml.aep.com/public/include/js/web_host.js
Requested by: Host: safesaml.aep.com
URL: https://safesaml.aep.com/my.policy
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 167.239.226.205 , United States, ASN13695 (AEP, US),
Reverse DNS: hos25136.aep.com
Software: /
Resource Hash: 1ecfafb468fd9fc0adc1c714b32058d65190da19abccc6985312f44fc4aa6d61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safesaml.aep.com/my.policy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 13:13:34 GMT
Last-Modified: Wed, 31 May 2017 21:27:00 GMT
Age: 3084
ETag: "39d9-550d8949c9100"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 14809

GET
H/1.1 200
OK front_image_en.png
safesaml.aep.com/public/images/customization/Common/safesaml.profile_act_logon_page_ag/ 9 KB
10 KB 125ms
125ms Image
image/png 167.239.226.205
AEP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://safesaml.aep.com/public/images/customization/Common/safesaml.profile_act_logon_page_ag/front_image_en.png

Requested by

Host: safesaml.aep.com
URL: https://safesaml.aep.com/my.policy

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

167.239.226.205 , United States, ASN13695 (AEP, US),

Reverse DNS

hos25136.aep.com

Software

Resource Hash

6449086e5f2fa8120095a5e39ab40a451764b9399058b18ecad0663314dd7ff0

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safesaml.aep.com/my.policy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 13:13:35 GMT
Last-Modified: Thu, 11 Aug 2022 22:16:34 GMT
Age: 17772
ETag: "25d0-5e5fe84adf480"
X-Frame-Options: DENY
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 9680

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
aep.medallia.com/	1969-12-31 23:59:59	Name: NODE_ID Value: cTYwmbPo1VqTPRw2bPh5eKPjnvEBz8lmLnP9-WdTKBU=
aep.medallia.com/	1970-01-20 05:39:13	Name: NSC_fyqsftt-qfstjtufodf-hspvq Value: 30dfa3db328105282f717c92ce262e744f4cb700de703dbed7f1f1a60cbbc1bbf2655c69
safesaml.aep.com/	1969-12-31 23:59:59	Name: LastMRH_Session Value: c6c9822a
safesaml.aep.com/	1969-12-31 23:59:59	Name: BIGipServersafesaml-443-prd-nadc-dmz.pool Value: 3022139402.47873.0000
safesaml.aep.com/	1969-12-31 23:59:59	Name: TS017047e1 Value: 015dc8343eea975ca9a07bdc49b6797ea84da4bb1f5b08ddd025c17aadad85a3dcc44af3ecb0b32946676509716de6296ef2226a3f
safesaml.aep.com/	1969-12-31 23:59:59	Name: MRHSession Value: 43c5445dba769ab558271c9fc6c9822a

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aep.medallia.com
cdn.medallia.com
safesaml.aep.com
143.204.215.78
147.75.243.130
167.239.226.205
1ecfafb468fd9fc0adc1c714b32058d65190da19abccc6985312f44fc4aa6d61
231144a241b197ab812c1f5b63b988bbd0fc399b17617b2a02b69138cbddc4a5
336b41568c729a72b765da449a391eab4fb3e91094c758bf66e725d165fb9ed9
389ce38d3950a5bf53ccfbe90f22604c8b7cc01f8fc9ae8ddea0a069456ef48a
403d2bde68d0e57d6420e88f112d13ed6fdfee851a3049380aa8e423695f3566
59a6293f1f4da10de79701623917c7c55715c655cd92844b631e7148e45218ac
6449086e5f2fa8120095a5e39ab40a451764b9399058b18ecad0663314dd7ff0
787662f6159503b79f7a319baa77b7fa4578cee323a71d607f747ee32666bdef
a5ea9b6d1aa661f4df9f86ec4cd271bff35c6c1f243b49ad3b9ee4986f9ac8ff
a61d946d5992a7cc37fbcf4dbec53e1f839b4a530e4064a590eb8e2b10d182de
be8d30e8dc85ed41a63a231766adaac8e301ddb3ec9237d02ceed9f73989e9f5

safesaml.aep.com Open in urlscan Pro 167.239.226.205 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

12 Requests

100 %HTTPS

0 %IPv6

2 Domains

3 Subdomains

3 IPs

1 Countries

307 kBTransfer

786 kBSize

6 Cookies

1 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

6 Cookies

Security Headers

Indicators

safesaml.aep.com Open in urlscan Pro
167.239.226.205 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

3
IPs

1
Countries

307 kB
Transfer

786 kB
Size

6
Cookies

12 HTTP transactions
0 data transactions