saml.gosavo.com Open in urlscan Pro
64.37.240.164 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://topdeck.gosavo.com/
Effective URL:
https://saml.gosavo.com/sp/startSSO.ping?PartnerIdpId=http://adfs.pgds.local/adfs/services/trust&TargetResource=https://...
Submission: On October 23 via manual (October 23rd 2017, 8:58:30 am UTC) from GB

Summary HTTP 18 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 1 countries across 4 domains to perform 18 HTTP transactions. The main IP is 64.37.240.164, located in Chicago, United States and belongs to SAVO - The SAVO Group, Ltd., US. The main domain is saml.gosavo.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on April 25th 2017. Valid for: 3 years.

This is the only time saml.gosavo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 14	64.37.240.155 64.37.240.155	16483 (SAVO) (SAVO - The SAVO Group)
1	151.101.114.110 151.101.114.110	54113 (FASTLY) (FASTLY - Fastly)
2	162.247.242.21 162.247.242.21	23467 (NEWRELIC-...) (NEWRELIC-AS-1 - New Relic)
1	64.37.240.164 64.37.240.164	16483 (SAVO) (SAVO - The SAVO Group)
18	5

14 64.37.240.155 (Chicago, United States) 2 redirects

ASN16483 (SAVO - The SAVO Group, Ltd., US)

topdeck.gosavo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.110 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.242.21 (United States)

ASN23467 (NEWRELIC-AS-1 - New Relic, US)
PTR: bam-9.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.37.240.164 (Chicago, United States)

ASN16483 (SAVO - The SAVO Group, Ltd., US)

saml.gosavo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	gosavo.com 2 redirects topdeck.gosavo.com saml.gosavo.com	348 KB
2	nr-data.net bam.nr-data.net	81 B
1	newrelic.com js-agent.newrelic.com	12 KB
0	Failed function sub() { [native code] }. Failed
18	4

	Domain	Requested by
14	topdeck.gosavo.com	2 redirects topdeck.gosavo.com
2	bam.nr-data.net	topdeck.gosavo.com js-agent.newrelic.com
1	saml.gosavo.com	topdeck.gosavo.com
1	js-agent.newrelic.com	topdeck.gosavo.com
0	adfs.pgds.local Failed	saml.gosavo.com
18	5

This site contains no links.

Subject Issuer	Validity	Valid
*.gosavo.com Go Daddy Secure Certificate Authority - G2	`2016-06-03` - `2018-06-07`	2 years	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2017-10-19` - `2018-05-04`	6 months	crt.sh
*.nr-data.net GeoTrust SSL CA - G3	`2017-07-18` - `2018-03-17`	8 months	crt.sh
saml.gosavo.com Go Daddy Secure Certificate Authority - G2	`2017-04-25` - `2020-04-25`	3 years	crt.sh

This page contains 1 frames:

Frame: https://adfs.pgds.local/adfs/ls/
Frame ID: 21296.1
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://topdeck.gosavo.com/ HTTP 302
https://topdeck.gosavo.com/ HTTP 302
https://topdeck.gosavo.com/Login.aspx?ReturnUrl=%2f Page URL
https://saml.gosavo.com/sp/startSSO.ping?PartnerIdpId=http://adfs.pgds.local/adfs/services/trust&Tar... Page URL

Page Statistics

18
Requests

89 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

5
IPs

1
Countries

359 kB
Transfer

397 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://topdeck.gosavo.com/ HTTP 302
https://topdeck.gosavo.com/ HTTP 302
https://topdeck.gosavo.com/Login.aspx?ReturnUrl=%2f Page URL
https://saml.gosavo.com/sp/startSSO.ping?PartnerIdpId=http://adfs.pgds.local/adfs/services/trust&TargetResource=https://topdeck.gosavo.com%2f Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://topdeck.gosavo.com/ HTTP 302
https://topdeck.gosavo.com/ HTTP 302
https://topdeck.gosavo.com/Login.aspx?ReturnUrl=%2f

18 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Cookie set Login.aspx Show response topdeck.gosavo.com/ Redirect Chain http://topdeck.gosavo.com/ https://topdeck.gosavo.com/ https://topdeck.gosavo.com/Login.aspx?ReturnUrl=%2f	33 KB 14 KB	271ms 271ms	Document text/html	64.37.240.155 The SAVO Group
General Check archive.org Show headers Download Go to Full URL https://topdeck.gosavo.com/Login.aspx?ReturnUrl=%2f Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 64.37.240.155 Chicago, United States, ASN16483 (SAVO - The SAVO Group, Ltd., US), Reverse DNS Software / Resource Hash `5186a08c5fa3efa4c5eea5dcb32d9592fc7a3d81c6c753725810ae408fbc78cd` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host topdeck.gosavo.com Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Cache-Control no-cache Connection keep-alive User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36 Response headers Date Mon, 23 Oct 2017 08:58:18 GMT Content-Encoding gzip X-Savo-RequestUserAgent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36 Actually /Login.aspx Vary Accept-Encoding, User-Agent P3P CP="IDC DSP COR ADM DEVi TAli PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Set-Cookie ASP.NET_SessionId=vnjfjzpbjjcsjxzcyorsywyp; domain=.gosavo.com; path=/; secure; HttpOnly Cache-Control private Connection Keep-Alive Content-Length 14453 Content-Type text/html; charset=utf-8 web 1 Redirect headers Date Mon, 23 Oct 2017 08:58:18 GMT X-Savo-RequestUserAgent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36 P3P CP="IDC DSP COR ADM DEVi TAli PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Location /Login.aspx?ReturnUrl=%2f Cache-Control private web 1 Content-Type text/html; charset=utf-8 Content-Length 142
GET H/1.1	200 OK	Cookie set LoginViewResource.aspx topdeck.gosavo.com/	11 KB 11 KB	160ms 160ms	Stylesheet text/css	64.37.240.155 The SAVO Group
General Check archive.org Show headers Download Go to Full URL https://topdeck.gosavo.com/LoginViewResource.aspx?ResourceId=topdeck&ResourceType=css&ResourceSubType=&ts=634848740451948449 Requested by Host: topdeck.gosavo.com URL: https://topdeck.gosavo.com/Login.aspx?ReturnUrl=%2f Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 64.37.240.155 Chicago, United States, ASN16483 (SAVO - The SAVO Group, Ltd., US), Reverse DNS Software / Resource Hash `878348ecc210d399df2355c84e24a255f15bc8298aa3b3c3f09e38baa3b7b1f9` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host topdeck.gosavo.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36 Accept text/css,/;q=0.1 Referer https://topdeck.gosavo.com/Login.aspx?ReturnUrl=%2f Cookie ASP.NET_SessionId=vnjfjzpbjjcsjxzcyorsywyp Connection keep-alive Cache-Control no-cache Referer https://topdeck.gosavo.com/Login.aspx?ReturnUrl=%2f User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36 Response headers Date Mon, 23 Oct 2017 08:58:18 GMT X-Savo-RequestUserAgent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36 Last-Modified Wed, 03 Oct 2012 15:14:05 GMT Vary Accept-Encoding, User-Agent P3P CP="IDC DSP COR ADM DEVi TAli PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Content-Type text/css Cache-Control private Content-Disposition filename="login.css" Set-Cookie ASP.NET_SessionId=vnjfjzpbjjcsjxzcyorsywyp; domain=.gosavo.com; path=/; secure; HttpOnly web 1 Content-Length 11050
GET H/1.1	200 OK	MobileBanner.css topdeck.gosavo.com/StaticContent/7.15.1.20/Css/Views/MobileView/	2 KB 2 KB	302ms 142ms	Stylesheet text/css	64.37.240.155 The SAVO Group
General Check archive.org Show headers Download Go to Full URL https://topdeck.gosavo.com/StaticContent/7.15.1.20/Css/Views/MobileView/MobileBanner.css Requested by Host: topdeck.gosavo.com URL: https://topdeck.gosavo.com/Login.aspx?ReturnUrl=%2f Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 64.37.240.155 Chicago, United States, ASN16483 (SAVO - The SAVO Group, Ltd., US), Reverse DNS Software / Resource Hash `80a3c53c5c4f43de04c96744bf4a9aa2b2a49100caa2bc8805035b2629865943` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host topdeck.gosavo.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36 Accept text/css,/;q=0.1 Referer https://topdeck.gosavo.com/Login.aspx?ReturnUrl=%2f Cookie ASP.NET_SessionId=vnjfjzpbjjcsjxzcyorsywyp Connection keep-alive Cache-Control no-cache Referer https://topdeck.gosavo.com/Login.aspx?ReturnUrl=%2f User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36 Response headers Date Mon, 23 Oct 2017 08:58:19 GMT X-Savo-RequestUserAgent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36 Last-Modified Thu, 12 Oct 2017 18:24:56 GMT ETag "08c80678743d31:0" P3P CP="IDC DSP COR ADM DEVi TAli PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Content-Length 1626 Accept-Ranges bytes Content-Type text/css web 1
GET H/1.1	200 OK	WebResource.axd Show response topdeck.gosavo.com/	23 KB 23 KB	352ms 121ms	Script application/x-javascript	64.37.240.155 The SAVO Group
General Check archive.org Show headers Download Go to Full URL https://topdeck.gosavo.com/WebResource.axd?d=m36PdFzsv-lDo635eBWnfnnAimjtnaNHHoRslbkTgq_1KXzfG-hUjjlLNViBA07HzSlv5Gm7hQrRYWl53nP0vngjtS81&t=636264156700000000 Requested by Host: topdeck.gosavo.com URL: https://topdeck.gosavo.com/Login.aspx?ReturnUrl=%2f Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 64.37.240.155 Chicago, United States, ASN16483 (SAVO - The SAVO Group, Ltd., US), Reverse DNS Software / Resource Hash `40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host topdeck.gosavo.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36 Accept / Referer https://topdeck.gosavo.com/Login.aspx?ReturnUrl=%2f Cookie ASP.NET_SessionId=vnjfjzpbjjcsjxzcyorsywyp Connection keep-alive Cache-Control no-cache Referer https://topdeck.gosavo.com/Login.aspx?ReturnUrl=%2f User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36 Response headers Date Mon, 23 Oct 2017 08:58:18 GMT X-Savo-RequestUserAgent Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.62 Safari/537.36 Last-Modified Thu, 30 Mar 2017 01:21:10 GMT Vary Accept-Encoding, User-Agent P3P CP="IDC DSP COR ADM DEVi TAli PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Content-Type application/x-javascript Cache-Control public web 8 Content-Length 23063 Expires Tue, 23 Oct 2018 03:30:53 GMT
GET H/1.1	200 OK	ScriptResource.axd Show response topdeck.gosavo.com/	26 KB 26 KB	354ms 123ms	Script application/x-javascript	64.37.240.155 The SAVO Group
General Check archive.org Show headers Download Go to Full URL https://topdeck.gosavo.com/ScriptResource.axd?d=FQcMDm8J-rC2wgGFTkjhnLyGcypzHzV0Yupo1GLcDTTO_YCbLqOUDNBVxuIXocdt5r77EBrPtRvRnGgSaWkDenLgaHpFK3qA3T8pK_32qiL-TaIFJBhf9Obu-LdtIsztbez-6RoAojqtMJvGF2dt5Sxu-Ks1&t=6abbd6ed Requested by Host: topdeck.gosavo.com URL: https://topdeck.gosavo.com/Login.aspx?ReturnUrl=%2f Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 64.37.240.155 Chicago, United States, ASN16483 (SAVO - The SAVO Group, Ltd., US), Reverse DNS Software / Resource Hash `ef9453f74b2617d43dcef4242cf5845101fcfb57289c81bceb20042b0023a192` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host topdeck.gosavo.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36 Accept / Referer https://topdeck.gosavo.com/Login.aspx?ReturnUrl=%2f Cookie ASP.NET_SessionId=vnjfjzpbjjcsjxzcyorsywyp Connection keep-alive Cache-Control no-cache Referer https://topdeck.gosavo.com/Login.aspx?ReturnUrl=%2f User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36 Response headers Date Mon, 23 Oct 2017 08:58:19 GMT X-Savo-RequestUserAgent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.157 Safari/537.36 Last-Modified Mon, 23 Oct 2017 00:02:05 GMT Vary Accept-Encoding, User-Agent P3P CP="IDC DSP COR ADM DEVi TAli PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Content-Type application/x-javascript; charset=utf-8 Cache-Control public web 1 Content-Length 26951 Expires Tue, 23 Oct 2018 00:02:05 GMT
GET H/1.1	200 OK	ScriptResource.axd Show response topdeck.gosavo.com/	100 KB 100 KB	355ms 123ms	Script application/x-javascript	64.37.240.155 The SAVO Group
General Check archive.org Show headers Download Go to Full URL https://topdeck.gosavo.com/ScriptResource.axd?d=HzkHqT1Uu2xBWO6g4n63IPOtv4NjS10VBWB24MzeeammiGN_nh_WipRb52VhyfG1ZO-Kp47bkaLjykBP9m-5bcrwtSDkBDMGz_duilSMBPr7h524_YLW53-fJTDFhm-ew26U4Wf1vM2XolZfzwRGHJVEd8k1&t=2bb02662 Requested by Host: topdeck.gosavo.com URL: https://topdeck.gosavo.com/Login.aspx?ReturnUrl=%2f Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 64.37.240.155 Chicago, United States, ASN16483 (SAVO - The SAVO Group, Ltd., US), Reverse DNS Software / Resource Hash `f086aa0e1c26471f649c6299304d8d0a03541484d73101b39092e7cd3fee1a0f` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host topdeck.gosavo.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36 Accept / Referer https://topdeck.gosavo.com/Login.aspx?ReturnUrl=%2f Cookie ASP.NET_SessionId=vnjfjzpbjjcsjxzcyorsywyp Connection keep-alive Cache-Control no-cache Referer https://topdeck.gosavo.com/Login.aspx?ReturnUrl=%2f User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36 Response headers Date Mon, 23 Oct 2017 08:58:19 GMT X-Savo-RequestUserAgent Mozilla/5.0 (Windows NT 6.1; Trident/7.0; rv:11.0) like Gecko Last-Modified Mon, 23 Oct 2017 00:30:22 GMT Vary Accept-Encoding, User-Agent P3P CP="IDC DSP COR ADM DEVi TAli PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Content-Type application/x-javascript; charset=utf-8 Cache-Control public web 2 Content-Length 102771 Expires Tue, 23 Oct 2018 00:30:22 GMT
GET H/1.1	200 OK	ScriptResource.axd Show response topdeck.gosavo.com/	39 KB 39 KB	354ms 122ms	Script application/x-javascript	64.37.240.155 The SAVO Group
General Check archive.org Show headers Download Go to Full URL https://topdeck.gosavo.com/ScriptResource.axd?d=yBOYGtZdZMP3Kw1eL6P1Z6xBofm6Gsm4qsgXf0VAYbYfuGgFGNhF85ODpS-IJuMi5fmHjOImdNg7nGYspL6sAlE5G8691mNiNluNRk5qV20KuVT5TESU2enB-Z1aAWDkNM7Uezae7YkecSdFRivALd9wx5paEb8mvt0vsnWsF1Gg_RdF0&t=2bb02662 Requested by Host: topdeck.gosavo.com URL: https://topdeck.gosavo.com/Login.aspx?ReturnUrl=%2f Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 64.37.240.155 Chicago, United States, ASN16483 (SAVO - The SAVO Group, Ltd., US), Reverse DNS Software / Resource Hash `398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host topdeck.gosavo.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36 Accept / Referer https://topdeck.gosavo.com/Login.aspx?ReturnUrl=%2f Cookie ASP.NET_SessionId=vnjfjzpbjjcsjxzcyorsywyp Connection keep-alive Cache-Control no-cache Referer https://topdeck.gosavo.com/Login.aspx?ReturnUrl=%2f User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36 Response headers Date Mon, 23 Oct 2017 08:58:19 GMT X-Savo-RequestUserAgent Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko Last-Modified Mon, 23 Oct 2017 01:01:00 GMT Vary Accept-Encoding, User-Agent P3P CP="IDC DSP COR ADM DEVi TAli PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Content-Type application/x-javascript; charset=utf-8 Cache-Control public web 3 Content-Length 40326 Expires Tue, 23 Oct 2018 01:01:00 GMT
GET H/1.1	200 OK	090-DefaultButtonFireFoxFix.js Show response topdeck.gosavo.com/StaticContent/7.15.1.20/Javascripts/SiteWide/	899 B 899 B	358ms 126ms	Script application/x-javascript	64.37.240.155 The SAVO Group
General Check archive.org Show headers Download Go to Full URL https://topdeck.gosavo.com/StaticContent/7.15.1.20/Javascripts/SiteWide/090-DefaultButtonFireFoxFix.js Requested by Host: topdeck.gosavo.com URL: https://topdeck.gosavo.com/Login.aspx?ReturnUrl=%2f Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 64.37.240.155 Chicago, United States, ASN16483 (SAVO - The SAVO Group, Ltd., US), Reverse DNS Software / Resource Hash `0357bb12ab042bbd7c452d5ec3a9fb143c5b21d5e56353eaa64740e677c740ad` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host topdeck.gosavo.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36 Accept / Referer https://topdeck.gosavo.com/Login.aspx?ReturnUrl=%2f Cookie ASP.NET_SessionId=vnjfjzpbjjcsjxzcyorsywyp Connection keep-alive Cache-Control no-cache Referer https://topdeck.gosavo.com/Login.aspx?ReturnUrl=%2f User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36 Response headers Date Mon, 23 Oct 2017 08:58:18 GMT X-Savo-RequestUserAgent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36 Last-Modified Fri, 20 Oct 2017 16:08:10 GMT ETag "051a69fbd49d31:0" P3P CP="IDC DSP COR ADM DEVi TAli PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Content-Length 899 Accept-Ranges bytes Content-Type application/x-javascript web 4
GET H/1.1	200 OK	DetectTimezone.js Show response topdeck.gosavo.com/StaticContent/7.15.1.20/Javascripts/	2 KB 2 KB	532ms 230ms	Script application/x-javascript	64.37.240.155 The SAVO Group
General Check archive.org Show headers Download Go to Full URL https://topdeck.gosavo.com/StaticContent/7.15.1.20/Javascripts/DetectTimezone.js Requested by Host: topdeck.gosavo.com URL: https://topdeck.gosavo.com/Login.aspx?ReturnUrl=%2f Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 64.37.240.155 Chicago, United States, ASN16483 (SAVO - The SAVO Group, Ltd., US), Reverse DNS Software / Resource Hash `b2e00c2c35f2ecde998400840611f6b89c4d0a04b780e99eb109ce5d7d319390` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host topdeck.gosavo.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36 Accept / Referer https://topdeck.gosavo.com/Login.aspx?ReturnUrl=%2f Cookie ASP.NET_SessionId=vnjfjzpbjjcsjxzcyorsywyp Connection keep-alive Cache-Control no-cache Referer https://topdeck.gosavo.com/Login.aspx?ReturnUrl=%2f User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36 Response headers Date Mon, 23 Oct 2017 08:58:19 GMT X-Savo-RequestUserAgent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36 Last-Modified Thu, 12 Oct 2017 18:24:58 GMT ETag "0b9b1688743d31:0" P3P CP="IDC DSP COR ADM DEVi TAli PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Content-Length 2068 Accept-Ranges bytes Content-Type application/x-javascript web 1
GET H/1.1	200 OK	MobileBanner.js Show response topdeck.gosavo.com/StaticContent/7.15.1.20/Javascripts/Views/MobileView/	4 KB 4 KB	485ms 126ms	Script application/x-javascript	64.37.240.155 The SAVO Group
General Check archive.org Show headers Download Go to Full URL https://topdeck.gosavo.com/StaticContent/7.15.1.20/Javascripts/Views/MobileView/MobileBanner.js Requested by Host: topdeck.gosavo.com URL: https://topdeck.gosavo.com/Login.aspx?ReturnUrl=%2f Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 64.37.240.155 Chicago, United States, ASN16483 (SAVO - The SAVO Group, Ltd., US), Reverse DNS Software / Resource Hash `751cc4c63d4a7b7fac9bdf975068a4e917336cb55f6b639b359b55560154a2d7` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host topdeck.gosavo.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36 Accept / Referer https://topdeck.gosavo.com/Login.aspx?ReturnUrl=%2f Cookie ASP.NET_SessionId=vnjfjzpbjjcsjxzcyorsywyp Connection keep-alive Cache-Control no-cache Referer https://topdeck.gosavo.com/Login.aspx?ReturnUrl=%2f User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36 Response headers Date Mon, 23 Oct 2017 08:58:19 GMT X-Savo-RequestUserAgent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36 Last-Modified Thu, 12 Oct 2017 18:25:00 GMT ETag "0e6e2698743d31:0" P3P CP="IDC DSP COR ADM DEVi TAli PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Content-Length 4200 Accept-Ranges bytes Content-Type application/x-javascript web 4
GET H/1.1	200 OK	WebResource.axd Show response topdeck.gosavo.com/	3 KB 3 KB	608ms 123ms	Script application/x-javascript	64.37.240.155 The SAVO Group
General Check archive.org Show headers Download Go to Full URL https://topdeck.gosavo.com/WebResource.axd?d=CV00CAInIF3Ddlg-iB2zdQXMRrYYtGnUxAOMK1NgEBdpEBuhzkGf7xH2VefEyBT2LKHP5uodP4gym594dupoupcnB5Q1&t=636264156700000000 Requested by Host: topdeck.gosavo.com URL: https://topdeck.gosavo.com/Login.aspx?ReturnUrl=%2f Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 64.37.240.155 Chicago, United States, ASN16483 (SAVO - The SAVO Group, Ltd., US), Reverse DNS Software / Resource Hash `144524233f795d6a425b76f7ae5c0bb622b5f67e2e6ae73532ad526528ca07cf` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host topdeck.gosavo.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36 Accept / Referer https://topdeck.gosavo.com/Login.aspx?ReturnUrl=%2f Cookie ASP.NET_SessionId=vnjfjzpbjjcsjxzcyorsywyp Connection keep-alive Cache-Control no-cache Referer https://topdeck.gosavo.com/Login.aspx?ReturnUrl=%2f User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36 Response headers Date Mon, 23 Oct 2017 08:58:19 GMT X-Savo-RequestUserAgent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13) AppleWebKit/604.1.38 (KHTML, like Gecko) Version/11.0 Safari/604.1.38 Last-Modified Thu, 30 Mar 2017 01:21:10 GMT Vary Accept-Encoding, User-Agent P3P CP="IDC DSP COR ADM DEVi TAli PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Content-Type application/x-javascript Cache-Control public web 4 Content-Length 3005 Expires Tue, 23 Oct 2018 01:32:10 GMT
GET H/1.1	200 OK	Cookie set LoginViewResource.aspx topdeck.gosavo.com/	121 KB 121 KB	141ms 140ms	Image image/png	64.37.240.155 The SAVO Group
General Check archive.org Show headers Download Go to Show image Full URL https://topdeck.gosavo.com/LoginViewResource.aspx?ResourceId=topdeck&ResourceType=images&ResourceSubType=customLoginBG.png&ts=634848693694038610 Requested by Host: topdeck.gosavo.com URL: https://topdeck.gosavo.com/Login.aspx?ReturnUrl=%2f Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 64.37.240.155 Chicago, United States, ASN16483 (SAVO - The SAVO Group, Ltd., US), Reverse DNS Software / Resource Hash `a55fdbeffd589a99a5b17cc58b215632957f1204b9328e6250a5ea93f2b93ad4` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host topdeck.gosavo.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://topdeck.gosavo.com/Login.aspx?ReturnUrl=%2f Cookie ASP.NET_SessionId=vnjfjzpbjjcsjxzcyorsywyp Connection keep-alive Cache-Control no-cache Referer https://topdeck.gosavo.com/Login.aspx?ReturnUrl=%2f User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36 Response headers Date Mon, 23 Oct 2017 08:58:19 GMT X-Savo-RequestUserAgent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36 Last-Modified Wed, 03 Oct 2012 13:56:09 GMT P3P CP="IDC DSP COR ADM DEVi TAli PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Content-Type image/png Cache-Control private Content-Disposition filename="customLoginBG.png" Set-Cookie ASP.NET_SessionId=vnjfjzpbjjcsjxzcyorsywyp; domain=.gosavo.com; path=/; secure; HttpOnly web 2 Content-Length 124087
GET H2	200	nr-spa-1059.min.js Show response js-agent.newrelic.com/	31 KB 12 KB	6ms 6ms	Script application/javascript	151.101.114.110 Fastly
General Check archive.org Show headers Download Go to Full URL https://js-agent.newrelic.com/nr-spa-1059.min.js Requested by Host: topdeck.gosavo.com URL: https://topdeck.gosavo.com/Login.aspx?ReturnUrl=%2f Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.114.110 San Francisco, United States, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software AmazonS3 / Resource Hash `848a263e73690f0ea5fdedf2c762d799435483a61880a60a640fa8bb65203e2f` Request headers :path /nr-spa-1059.min.js pragma no-cache accept-encoding gzip, deflate user-agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36 accept / cache-control no-cache :authority js-agent.newrelic.com referer https://topdeck.gosavo.com/Login.aspx?ReturnUrl=%2f :scheme https :method GET Referer https://topdeck.gosavo.com/Login.aspx?ReturnUrl=%2f User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36 Response headers date Mon, 23 Oct 2017 08:58:20 GMT content-encoding gzip x-amz-request-id 3B59FD18900E4F6C x-cache HIT status 200 content-length 12166 x-amz-id-2 Fi4jvZwuus2f2+wN+H7s75LwpSdQ/Osohp9U8NzyxceRLeJpPaUcucWYvet50UH+ECz3FBxPirk= x-served-by cache-hhn1529-HHN last-modified Thu, 28 Sep 2017 22:50:23 GMT server AmazonS3 x-timer S1508749100.059220,VS0,VE0 etag "32188605be7bc415b4ab9bebd1ab8b3f" vary Accept-Encoding content-type application/javascript via 1.1 varnish cache-control public, max-age=7200, stale-if-error=604800 accept-ranges bytes x-cache-hits 10627
GET H/1.1	200 OK	Cookie set 4043db0562 Show response bam.nr-data.net/1/	57 B 57 B	111ms 111ms	Script text/javascript	162.247.242.21 New Relic
General Check archive.org Show headers Download Go to Full URL https://bam.nr-data.net/1/4043db0562?a=54735218&v=1059.aa50f63&to=ZFAGYhFZVhdQAhBbCV0aJWUzF1QLVggKHAdARRw%3D&rst=2323&ref=https://topdeck.gosavo.com/Login.aspx&ap=31&be=1110&fe=2309&dc=2055&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1508749097745,%22n%22:0,%22f%22:832,%22dn%22:832,%22dne%22:832,%22c%22:832,%22ce%22:832,%22rq%22:833,%22rp%22:1104,%22rpe%22:1105,%22dl%22:1105,%22di%22:2055,%22ds%22:2055,%22de%22:2056,%22dc%22:2309,%22l%22:2309,%22le%22:2311%7D,%22navigation%22:%7B%7D%7D&at=SBcFFFlDGgpDTxBAD0N8ABRZGg9dcCBXAl4Bc1MHWwoOUAhDGU8%3D&jsonp=NREUM.setToken Requested by Host: topdeck.gosavo.com URL: https://topdeck.gosavo.com/Login.aspx?ReturnUrl=%2f Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 162.247.242.21 , United States, ASN23467 (NEWRELIC-AS-1 - New Relic, US), Reverse DNS bam-9.nr-data.net Software / Resource Hash `5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host bam.nr-data.net User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36 Accept / Referer https://topdeck.gosavo.com/Login.aspx?ReturnUrl=%2f Connection keep-alive Cache-Control no-cache Referer https://topdeck.gosavo.com/Login.aspx?ReturnUrl=%2f User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36 Response headers Set-Cookie JSESSIONID=f3a02cd1bb7f8449;Path=/;Domain=.nr-data.net;Secure Content-Type text/javascript;charset=ISO-8859-1 Content-Length 57 Expires Thu, 01 Jan 1970 00:00:00 GMT
POST H/1.1	200 OK	4043db0562 Show response bam.nr-data.net/events/1/	24 B 24 B	111ms 111ms	XHR image/gif	162.247.242.21 New Relic
General Check archive.org Show headers Download Go to Full URL https://bam.nr-data.net/events/1/4043db0562?a=54735218&v=1059.aa50f63&to=ZFAGYhFZVhdQAhBbCV0aJWUzF1QLVggKHAdARRw%3D&rst=2441&ref=https://topdeck.gosavo.com/Login.aspx Requested by Host: topdeck.gosavo.com URL: https://topdeck.gosavo.com/Login.aspx?ReturnUrl=%2f Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 162.247.242.21 , United States, ASN23467 (NEWRELIC-AS-1 - New Relic, US), Reverse DNS bam-9.nr-data.net Software / Resource Hash `0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300` Request headers Pragma no-cache Origin https://topdeck.gosavo.com Accept-Encoding gzip, deflate Host bam.nr-data.net User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36 content-type text/plain Accept / Cache-Control no-cache Referer https://topdeck.gosavo.com/Login.aspx?ReturnUrl=%2f Cookie JSESSIONID=f3a02cd1bb7f8449 Connection keep-alive Content-Length 178 Referer https://topdeck.gosavo.com/Login.aspx?ReturnUrl=%2f Origin https://topdeck.gosavo.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36 content-type text/plain Response headers Access-Control-Allow-Origin https://topdeck.gosavo.com Access-Control-Allow-Credentials true Content-Length 24 Content-Type image/gif
GET H/1.1	200 OK	Primary Request Cookie set startSSO.ping Show response saml.gosavo.com/sp/	1 KB 1 KB	582ms 118ms	Document text/html	64.37.240.164 The SAVO Group
General Check archive.org Show headers Download Go to Full URL https://saml.gosavo.com/sp/startSSO.ping?PartnerIdpId=http://adfs.pgds.local/adfs/services/trust&TargetResource=https://topdeck.gosavo.com%2f Requested by Host: topdeck.gosavo.com URL: https://topdeck.gosavo.com/Login.aspx?ReturnUrl=%2f Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 64.37.240.164 Chicago, United States, ASN16483 (SAVO - The SAVO Group, Ltd., US), Reverse DNS Software / Resource Hash `0e7c0ae9024b4ea4379f6cec6a0d9575edc75fda1da9ff128e1beb7b7326997a` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host saml.gosavo.com Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Referer https://topdeck.gosavo.com/Login.aspx?ReturnUrl=%2f Cookie ASP.NET_SessionId=vnjfjzpbjjcsjxzcyorsywyp Connection keep-alive Cache-Control no-cache Upgrade-Insecure-Requests 1 Referer https://topdeck.gosavo.com/Login.aspx?ReturnUrl=%2f User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36 Response headers Pragma no-cache Date Mon, 23 Oct 2017 08:58:23 GMT max-age Thu, 01 Jan 1970 00:00:00 GMT Transfer-Encoding chunked Content-Type text/html;charset=UTF-8 Cache-Control no-cache, no-store Set-Cookie PF=mrWu1Rd2bauEcXeNzcrsV3;Path=/;Secure;HttpOnly Expires Thu, 01 Jan 1970 00:00:00 GMT
POST		4043db0562 bam.nr-data.net/jserrors/1/	0 0

POST		/ adfs.pgds.local/adfs/ls/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: bam.nr-data.net
URL: https://bam.nr-data.net/jserrors/1/4043db0562?a=54735218&v=1059.aa50f63&to=ZFAGYhFZVhdQAhBbCV0aJWUzF1QLVggKHAdARRw%3D&rst=5632&ref=https://topdeck.gosavo.com/Login.aspx&xhr=%5B%7B%22params%22:%7B%22method%22:%22POST%22,%22host%22:%22bam.nr-data.net:443%22,%22pathname%22:%22/events/1/4043db0562%22,%22status%22:200%7D,%22metrics%22:%7B%22count%22:1,%22txSize%22:%7B%22t%22:178%7D,%22duration%22:%7B%22t%22:113%7D,%22rxSize%22:%7B%22t%22:24%7D,%22cbTime%22:%7B%22t%22:0%7D,%22time%22:%7B%22t%22:2442%7D%7D%7D%5D

Domain: adfs.pgds.local
URL: https://adfs.pgds.local/adfs/ls/

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adfs.pgds.local
bam.nr-data.net
js-agent.newrelic.com
saml.gosavo.com
topdeck.gosavo.com
adfs.pgds.local
bam.nr-data.net
151.101.114.110
162.247.242.21
64.37.240.155
64.37.240.164
0357bb12ab042bbd7c452d5ec3a9fb143c5b21d5e56353eaa64740e677c740ad
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0e7c0ae9024b4ea4379f6cec6a0d9575edc75fda1da9ff128e1beb7b7326997a
144524233f795d6a425b76f7ae5c0bb622b5f67e2e6ae73532ad526528ca07cf
398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
5186a08c5fa3efa4c5eea5dcb32d9592fc7a3d81c6c753725810ae408fbc78cd
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d
751cc4c63d4a7b7fac9bdf975068a4e917336cb55f6b639b359b55560154a2d7
80a3c53c5c4f43de04c96744bf4a9aa2b2a49100caa2bc8805035b2629865943
848a263e73690f0ea5fdedf2c762d799435483a61880a60a640fa8bb65203e2f
878348ecc210d399df2355c84e24a255f15bc8298aa3b3c3f09e38baa3b7b1f9
a55fdbeffd589a99a5b17cc58b215632957f1204b9328e6250a5ea93f2b93ad4
b2e00c2c35f2ecde998400840611f6b89c4d0a04b780e99eb109ce5d7d319390
ef9453f74b2617d43dcef4242cf5845101fcfb57289c81bceb20042b0023a192
f086aa0e1c26471f649c6299304d8d0a03541484d73101b39092e7cd3fee1a0f

saml.gosavo.com Open in urlscan Pro 64.37.240.164 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

18 Requests

89 %HTTPS

0 %IPv6

4 Domains

5 Subdomains

5 IPs

1 Countries

359 kBTransfer

397 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

0 Cookies

Indicators

saml.gosavo.com Open in urlscan Pro
64.37.240.164 Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

89 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

5
IPs

1
Countries

359 kB
Transfer

397 kB
Size

0
Cookies

18 HTTP transactions
0 data transactions