hnp2bx1uxvzupmqdqqtb9jtwk1rt24k2ge9jezcmcajdd2r.zschern.com.br
Open in
urlscan Pro
146.70.41.166
Public Scan
Effective URL: https://hnp2bx1uxvzupmqdqqtb9jtwk1rt24k2ge9jezcmcajdd2r.zschern.com.br/adfs/ls/?login_hint=andreas.gmelin%40assaabloy.com&client-request-id=4c13fc4b-cf80-4431-8af2-921...
Submission: On August 11 via manual from SE — Scanned from SE
Summary
TLS certificate: Issued by R3 on August 11th 2023. Valid for: 3 months.
This is the only time hnp2bx1uxvzupmqdqqtb9jtwk1rt24k2ge9jezcmcajdd2r.zschern.com.br was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 13.107.42.14 13.107.42.14 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 43.255.154.55 43.255.154.55 | 26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC) | |
1 6 | 146.70.41.166 146.70.41.166 | 9009 (M247) (M247) | |
7 | 3 |
ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: 55.154.255.43.host.secureserver.net
symposivevivi.com |
ASN9009 (M247, RO)
login.zschern.com.br | |
5y15eftqgj4bey3p4vpbfgr9ka2u06b5hjdj2wmuc2jx6.zschern.com.br | |
hnp2bx1uxvzupmqdqqtb9jtwk1rt24k2ge9jezcmcajdd2r.zschern.com.br |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
zschern.com.br
1 redirects
login.zschern.com.br 5y15eftqgj4bey3p4vpbfgr9ka2u06b5hjdj2wmuc2jx6.zschern.com.br hnp2bx1uxvzupmqdqqtb9jtwk1rt24k2ge9jezcmcajdd2r.zschern.com.br 5yrv888ave9rjtm8hj9xy9h77a9aehprptahuw4xcamx53a913yqqwr.zschern.com.br Failed |
109 KB |
1 |
symposivevivi.com
symposivevivi.com |
2 KB |
1 |
linkedin.com
1 redirects
www.linkedin.com — Cisco Umbrella Rank: 543 |
3 KB |
7 | 3 |
Domain | Requested by | |
---|---|---|
3 | hnp2bx1uxvzupmqdqqtb9jtwk1rt24k2ge9jezcmcajdd2r.zschern.com.br |
5y15eftqgj4bey3p4vpbfgr9ka2u06b5hjdj2wmuc2jx6.zschern.com.br
hnp2bx1uxvzupmqdqqtb9jtwk1rt24k2ge9jezcmcajdd2r.zschern.com.br |
2 | login.zschern.com.br |
1 redirects
symposivevivi.com
|
1 | 5y15eftqgj4bey3p4vpbfgr9ka2u06b5hjdj2wmuc2jx6.zschern.com.br |
login.zschern.com.br
|
1 | symposivevivi.com | |
1 | www.linkedin.com | 1 redirects |
0 | 5yrv888ave9rjtm8hj9xy9h77a9aehprptahuw4xcamx53a913yqqwr.zschern.com.br Failed |
hnp2bx1uxvzupmqdqqtb9jtwk1rt24k2ge9jezcmcajdd2r.zschern.com.br
|
7 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
symposivevivi.com ZeroSSL RSA Domain Secure Site CA |
2023-07-03 - 2023-10-01 |
3 months | crt.sh |
*.zschern.com.br R3 |
2023-08-11 - 2023-11-09 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://hnp2bx1uxvzupmqdqqtb9jtwk1rt24k2ge9jezcmcajdd2r.zschern.com.br/adfs/ls/?login_hint=andreas.gmelin%40assaabloy.com&client-request-id=4c13fc4b-cf80-4431-8af2-9213adb2533d&username=andreas.gmelin%40assaabloy.com&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuAS8_wj7NJw3dOn6NEl47aZg21WMyoSN0L_AyPiCkXESk0xiXkpRamKxXnpuKlDSIbG4ODExKSe_EqTqFpOgf1G6Z0p4sVtqSmpRYklmft4jZrxaLrAIvGLhMWC24uDgEmCQYFBg-MHCuIgV6M4aSfN5i3LZPbcpNi5mncfGeIpVPygtOLQ0Ja_AyCnLTN8kNdM1yq3EVz81yyslLDUg2zLbwqzUI8VQO1I_N9nW0MpwApvQBDamU2wMH9gYO9gZZrEzHOBkPMDL8IPv7431N-ZeffbW4xW_TmV2WGpwZLKPS2RhqU9wjrdRslFySnJyummmq7tlSlmYiZFxWIZXmXFxZLEtAA2
Frame ID: F52A05687B7E040411F4CE261FDB77DD
Requests: 7 HTTP requests in this frame
Screenshot
Page Title
SSO Sign-OnPage URL History Show full URLs
-
https://www.linkedin.com/slink?code=eFqdT-b3
HTTP 301
https://symposivevivi.com/our-team/pickup/P57292873289333/ Page URL
- https://login.zschern.com.br/?username=andreas.gmelin@assaabloy.com Page URL
-
https://login.zschern.com.br/?username=andreas.gmelin@assaabloy.com&sso_reload=true
HTTP 302
https://hnp2bx1uxvzupmqdqqtb9jtwk1rt24k2ge9jezcmcajdd2r.zschern.com.br/adfs/ls/?login_hint=andreas.gmelin%40assaabloy.com&client-request-id=4c13fc4... Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://www.linkedin.com/slink?code=eFqdT-b3
HTTP 301
https://symposivevivi.com/our-team/pickup/P57292873289333/ Page URL
- https://login.zschern.com.br/?username=andreas.gmelin@assaabloy.com Page URL
-
https://login.zschern.com.br/?username=andreas.gmelin@assaabloy.com&sso_reload=true
HTTP 302
https://hnp2bx1uxvzupmqdqqtb9jtwk1rt24k2ge9jezcmcajdd2r.zschern.com.br/adfs/ls/?login_hint=andreas.gmelin%40assaabloy.com&client-request-id=4c13fc4b-cf80-4431-8af2-9213adb2533d&username=andreas.gmelin%40assaabloy.com&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuAS8_wj7NJw3dOn6NEl47aZg21WMyoSN0L_AyPiCkXESk0xiXkpRamKxXnpuKlDSIbG4ODExKSe_EqTqFpOgf1G6Z0p4sVtqSmpRYklmft4jZrxaLrAIvGLhMWC24uDgEmCQYFBg-MHCuIgV6M4aSfN5i3LZPbcpNi5mncfGeIpVPygtOLQ0Ja_AyCnLTN8kNdM1yq3EVz81yyslLDUg2zLbwqzUI8VQO1I_N9nW0MpwApvQBDamU2wMH9gYO9gZZrEzHOBkPMDL8IPv7431N-ZeffbW4xW_TmV2WGpwZLKPS2RhqU9wjrdRslFySnJyummmq7tlSlmYiZFxWIZXmXFxZLEtAA2 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://www.linkedin.com/slink?code=eFqdT-b3 HTTP 301
- https://symposivevivi.com/our-team/pickup/P57292873289333/
7 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
symposivevivi.com/our-team/pickup/P57292873289333/ Redirect Chain
|
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
login.zschern.com.br/ |
24 KB 11 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
BssoInterrupt_Core_nun_Nob0yT2WjCUfgBCTog2.js
5y15eftqgj4bey3p4vpbfgr9ka2u06b5hjdj2wmuc2jx6.zschern.com.br/shared/1.0/content/js/ |
136 KB 49 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
/
hnp2bx1uxvzupmqdqqtb9jtwk1rt24k2ge9jezcmcajdd2r.zschern.com.br/adfs/ls/ Redirect Chain
|
28 KB 28 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
hnp2bx1uxvzupmqdqqtb9jtwk1rt24k2ge9jezcmcajdd2r.zschern.com.br/adfs/portal/css/ |
8 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.png
hnp2bx1uxvzupmqdqqtb9jtwk1rt24k2ge9jezcmcajdd2r.zschern.com.br/adfs/portal/logo/ |
9 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
ai.0.js
5yrv888ave9rjtm8hj9xy9h77a9aehprptahuw4xcamx53a913yqqwr.zschern.com.br/scripts/a/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- 5yrv888ave9rjtm8hj9xy9h77a9aehprptahuw4xcamx53a913yqqwr.zschern.com.br
- URL
- https://5yrv888ave9rjtm8hj9xy9h77a9aehprptahuw4xcamx53a913yqqwr.zschern.com.br/scripts/a/ai.0.js
Verdicts & Comments Add Verdict or Comment
3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| LoginErrors number| maxPasswordLength function| InputUtil6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.linkedin.com/ | Name: bcookie Value: "v=2&bdd6a485-8c3f-40bf-89d0-456cf85a2744" |
|
.www.linkedin.com/ | Name: bscookie Value: "v=1&202308112030487c081bdc-ca75-45fe-8a09-3496cdc92617AQHYa4LX_qF2bdisEQpaUYTUHBApHYEC" |
|
.linkedin.com/ | Name: li_gc Value: MTswOzE2OTE3ODU4NDg7MjswMjFjWdOzITW5faJNmE8s9K8omvL8UiFpQUqXdfYeiHQWew== |
|
.linkedin.com/ | Name: lidc Value: "b=OGST08:s=O:r=O:a=O:p=O:g=2612:u=1:x=1:i=1691785848:t=1691872248:v=2:sig=AQHYecc141iOBodK5cr-CstdUBCtk1oW" |
|
.login.zschern.com.br/ | Name: AADSSO Value: NA|NoExtension |
|
login.zschern.com.br/ | Name: SSOCOOKIEPULLED Value: 1 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
5y15eftqgj4bey3p4vpbfgr9ka2u06b5hjdj2wmuc2jx6.zschern.com.br
5yrv888ave9rjtm8hj9xy9h77a9aehprptahuw4xcamx53a913yqqwr.zschern.com.br
hnp2bx1uxvzupmqdqqtb9jtwk1rt24k2ge9jezcmcajdd2r.zschern.com.br
login.zschern.com.br
symposivevivi.com
www.linkedin.com
5yrv888ave9rjtm8hj9xy9h77a9aehprptahuw4xcamx53a913yqqwr.zschern.com.br
13.107.42.14
146.70.41.166
43.255.154.55
1d8169c8e840aa2cf34dcc1d66ff922725579290acdad71337b731a55b609056
705e9c45570242e0c01f49bec358b4e77fdd3e1071ae871ab13e586099448614
d74d4d6943f32ae6f7f11d14d601dbb0e1a58919176ee512150366b6279aaf99
efce17e8977740d492d7a787e865c70c9d8bd77acfeb1f765be025f1a15ee161
fbfd0fb7802792a321c92a0eb61ff646c0d2b63dd3c30b14953ea2133b1d1634