absatt.my.salesforce.com Open in urlscan Pro
13.110.33.205 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://asf-prod-assignedaccount-ui.herokuapp.com/
Effective URL:
https://absatt.my.salesforce.com/saml/authn-request.jsp?saml_request_id=_2CAAAAX6v8nDkMDAwMDAwMDAwMDAwMDAwAAAA6t45Xx1YsEytmKWRhfe...
Submission Tags: phishing
Submission: On January 03 via api (January 3rd 2022, 11:43:31 am UTC) from US — Scanned from DE

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 13 HTTP transactions. The main IP is 13.110.33.205, located in San Francisco, United States and belongs to SALESFORCE, US. The main domain is absatt.my.salesforce.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on July 9th 2021. Valid for: a year.

This is the only time absatt.my.salesforce.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 11	52.2.237.5 52.2.237.5	14618 (AMAZON-AES) (AMAZON-AES)
1 3	13.110.33.205 13.110.33.205	14340 (SALESFORCE) (SALESFORCE)
1 2	144.161.77.205 144.161.77.205	() ()
13	3

11 52.2.237.5 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-237-5.compute-1.amazonaws.com

asf-prod-assignedaccount-ui.herokuapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.110.33.205 (San Francisco, United States) 1 redirects

ASN14340 (SALESFORCE, US)
PTR: dcl4-ncg0-iad3.na110-ia2.my.salesforce.com

absatt.my.salesforce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 144.161.77.205 (None, ) 1 redirects

ASN- ()

saml.e-access.att.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	herokuapp.com 1 redirects asf-prod-assignedaccount-ui.herokuapp.com	3 MB
3	salesforce.com 1 redirects absatt.my.salesforce.com	6 KB
2	att.com 1 redirects saml.e-access.att.com	739 B
13	3

	Domain	Requested by
11	asf-prod-assignedaccount-ui.herokuapp.com	1 redirects asf-prod-assignedaccount-ui.herokuapp.com
3	absatt.my.salesforce.com	1 redirects asf-prod-assignedaccount-ui.herokuapp.com absatt.my.salesforce.com
2	saml.e-access.att.com	1 redirects
13	3

This site contains no links.

Subject Issuer	Validity	Valid
asf-prod-assignedaccount-ui.herokuapp.com R3	`2021-12-31` - `2022-03-31`	3 months	crt.sh
*.my.salesforce.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-09` - `2022-07-08`	a year	crt.sh
saml.e-access.att.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-18` - `2022-07-19`	a year	crt.sh

This page contains 1 frames:

Frame: https://saml.e-access.att.com/isam/sps/auth?PartnerId=https%3A%2F%2Fabsatt.my.salesforce.com
Frame ID: AAC2FB7698B2E6D4612EA4CB332A8F5F
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://asf-prod-assignedaccount-ui.herokuapp.com/ Page URL
https://asf-prod-assignedaccount-ui.herokuapp.com/login HTTP 302
https://absatt.my.salesforce.com/idp/endpoint/HttpRedirect?SAMLRequest=nZJNTwIxEIb%2Fyqb3%2FeoCMQ0sWSUGEj%2BI... HTTP 302
https://absatt.my.salesforce.com/idp/login?app=0sp3g000000Kylg&binding=HttpPost&inresponseto=_361a4ffe20d263e... Page URL
https://absatt.my.salesforce.com/saml/authn-request.jsp?saml_request_id=_2CAAAAX6v8nDkMDAwMDAwMDAwMDAwMDAwAAA... Page URL

Page Statistics

13
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

3227 kB
Transfer

3227 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://asf-prod-assignedaccount-ui.herokuapp.com/ Page URL
https://asf-prod-assignedaccount-ui.herokuapp.com/login HTTP 302
https://absatt.my.salesforce.com/idp/endpoint/HttpRedirect?SAMLRequest=nZJNTwIxEIb%2Fyqb3%2FeoCMQ0sWSUGEj%2BIEA9eTNnOQuNuu3ZmVf69dRGDBzl4nXna5%2B1Mx9OPpg7ewKG2ZsLSKGHTfIyyqVtRdLQzD%2FDaAVLgMYOib0xY54ywEjUKIxtAQaVYFbc3gkeJaJ0lW9qaBYvZhD1no1QOqgp4ovgog8FFMhyx4PEo9Cc8iNjBwiBJQ76UcB4maZhk6zQVg0zwUTTk%2FIkFy%2B%2BrL7VR2mzP59gcIBTz9XoZLu9XaxbM%2FEu0kdSrd0QtijiWG5REUbOPUNaAlXUlRKVtYq3aGIxqrTYUzz39AEo7KIkdJiT63O5kNOcTSURwX26W%2F7ixCv3AVOh7emtAybK0naGw09EOnH3pZNv2YcbxifK4oTvvWMyWttbl%2Fj8buraukfQ3nUZpX9EqrHpUQCN1XSjlAJEFRV3b9ysHkmDCyHXA4vwQ9PfvyT8B HTTP 302
https://absatt.my.salesforce.com/idp/login?app=0sp3g000000Kylg&binding=HttpPost&inresponseto=_361a4ffe20d263e48056 Page URL
https://absatt.my.salesforce.com/saml/authn-request.jsp?saml_request_id=_2CAAAAX6v8nDkMDAwMDAwMDAwMDAwMDAwAAAA6t45Xx1YsEytmKWRhfexSUbsKE1eNrgoLbf6HQ7_Pm7OmIsYodfJg9dChooQ-igPB64_zwUuGjMHRW0QlKjuEV0AxdwRiLJARcDOoDZMxRUYNjCIbBP4sotFpBBH1VDp2VeEwjy3lJLmQQApDQngu7vQiKWPuhVPlGuIQKKEOKDGts_0UcT8Td0XPTgIOUjU3uKYo5cXtdA_HL1oYl1g-x3bPNENm2eAotegDwy8xwUjg9OGSolxGr088bvAoD4Pbg&saml_acs=https%3A%2F%2Fabsatt.my.salesforce.com%3Fso%3D00D1U000000reFa&saml_binding_type=HttpPost&Issuer=https%3A%2F%2Fabsatt.my.salesforce.com&samlSsoConfig=0LE3g000000PFEz&RelayState=%2Fidp%2Flogin%3Fapp%3D0sp3g000000Kylg%26binding%3DHttpPost%26inresponseto%3D_361a4ffe20d263e48056 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://asf-prod-assignedaccount-ui.herokuapp.com/login HTTP 302
https://absatt.my.salesforce.com/idp/endpoint/HttpRedirect?SAMLRequest=nZJNTwIxEIb%2Fyqb3%2FeoCMQ0sWSUGEj%2BIEA9eTNnOQuNuu3ZmVf69dRGDBzl4nXna5%2B1Mx9OPpg7ewKG2ZsLSKGHTfIyyqVtRdLQzD%2FDaAVLgMYOib0xY54ywEjUKIxtAQaVYFbc3gkeJaJ0lW9qaBYvZhD1no1QOqgp4ovgog8FFMhyx4PEo9Cc8iNjBwiBJQ76UcB4maZhk6zQVg0zwUTTk%2FIkFy%2B%2BrL7VR2mzP59gcIBTz9XoZLu9XaxbM%2FEu0kdSrd0QtijiWG5REUbOPUNaAlXUlRKVtYq3aGIxqrTYUzz39AEo7KIkdJiT63O5kNOcTSURwX26W%2F7ixCv3AVOh7emtAybK0naGw09EOnH3pZNv2YcbxifK4oTvvWMyWttbl%2Fj8buraukfQ3nUZpX9EqrHpUQCN1XSjlAJEFRV3b9ysHkmDCyHXA4vwQ9PfvyT8B HTTP 302
https://absatt.my.salesforce.com/idp/login?app=0sp3g000000Kylg&binding=HttpPost&inresponseto=_361a4ffe20d263e48056

Request Chain 11

https://saml.e-access.att.com/isam/sps/ATTIDPDefault/saml20/login HTTP 302
https://saml.e-access.att.com/isam/sps/auth?PartnerId=https%3A%2F%2Fabsatt.my.salesforce.com

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
asf-prod-assignedaccount-ui.herokuapp.com/ 1 KB
1 KB 292ms
94ms Document
text/html 52.2.237.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://asf-prod-assignedaccount-ui.herokuapp.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.2.237.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-2-237-5.compute-1.amazonaws.com
Software: / Express
Resource Hash: eddfa69c92c279576e4ace69f792b66427be0bd195771cfafa6a08811cf59746

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Accept-Language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Content-Length: 1039
Content-Type: text/html; charset=UTF-8
Date: Mon, 03 Jan 2022 11:43:25 GMT
Etag: W/"40f-17dcaba45e8"
Last-Modified: Fri, 17 Dec 2021 23:29:05 GMT
Via: 1.1 spaces-router (279557a225d7)
X-Powered-By: Express

GET
H/1.1 200
OK styles.3f75156742e13ae1e8fe.css
asf-prod-assignedaccount-ui.herokuapp.com/ 591 KB
591 KB 94ms
94ms Stylesheet
text/css 52.2.237.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://asf-prod-assignedaccount-ui.herokuapp.com/styles.3f75156742e13ae1e8fe.css
Requested by: Host: asf-prod-assignedaccount-ui.herokuapp.com
URL: https://asf-prod-assignedaccount-ui.herokuapp.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.2.237.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-2-237-5.compute-1.amazonaws.com
Software: / Express
Resource Hash: b1d797be3df75876358a99ced57596b58e0a64181c98b6b61ed591e2d949b668

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://asf-prod-assignedaccount-ui.herokuapp.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Date: Mon, 03 Jan 2022 11:43:25 GMT
Via: 1.1 spaces-router (279557a225d7)
Etag: W/"93b49-17dcaba45e8"
Last-Modified: Fri, 17 Dec 2021 23:29:05 GMT
X-Powered-By: Express
Content-Type: text/css; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Accept-Ranges: bytes
Content-Length: 605001

GET
H/1.1 200
OK runtime.7d9d4678f9511567f211.js Show response
asf-prod-assignedaccount-ui.herokuapp.com/ 1 KB
2 KB 276ms
92ms Script
application/javascript 52.2.237.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://asf-prod-assignedaccount-ui.herokuapp.com/runtime.7d9d4678f9511567f211.js
Requested by: Host: asf-prod-assignedaccount-ui.herokuapp.com
URL: https://asf-prod-assignedaccount-ui.herokuapp.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.2.237.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-2-237-5.compute-1.amazonaws.com
Software: / Express
Resource Hash: 6c5acbb82a46a4971660f65131241dffcc28828f4dbd76b8ec7bab0b468250f8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://asf-prod-assignedaccount-ui.herokuapp.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Date: Mon, 03 Jan 2022 11:43:25 GMT
Via: 1.1 spaces-router (279557a225d7)
Etag: W/"5cd-17dcaba45e8"
Last-Modified: Fri, 17 Dec 2021 23:29:05 GMT
X-Powered-By: Express
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Accept-Ranges: bytes
Content-Length: 1485

GET
H/1.1 200
OK polyfills.30127bf68467c9a43ca9.js Show response
asf-prod-assignedaccount-ui.herokuapp.com/ 49 KB
49 KB 279ms
94ms Script
application/javascript 52.2.237.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://asf-prod-assignedaccount-ui.herokuapp.com/polyfills.30127bf68467c9a43ca9.js
Requested by: Host: asf-prod-assignedaccount-ui.herokuapp.com
URL: https://asf-prod-assignedaccount-ui.herokuapp.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.2.237.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-2-237-5.compute-1.amazonaws.com
Software: / Express
Resource Hash: 0e0706dc98971a5b85fa631abb1ad8cf45833febc1e4fb9adbaedaae7b428817

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://asf-prod-assignedaccount-ui.herokuapp.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Date: Mon, 03 Jan 2022 11:43:25 GMT
Via: 1.1 spaces-router (279557a225d7)
Etag: W/"c286-17dcaba45e8"
Last-Modified: Fri, 17 Dec 2021 23:29:05 GMT
X-Powered-By: Express
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Accept-Ranges: bytes
Content-Length: 49798

GET
H/1.1 200
OK vendor.4cb736a3c459af758b85.js Show response
asf-prod-assignedaccount-ui.herokuapp.com/ 2 MB
2 MB 304ms
102ms Script
application/javascript 52.2.237.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://asf-prod-assignedaccount-ui.herokuapp.com/vendor.4cb736a3c459af758b85.js
Requested by: Host: asf-prod-assignedaccount-ui.herokuapp.com
URL: https://asf-prod-assignedaccount-ui.herokuapp.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.2.237.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-2-237-5.compute-1.amazonaws.com
Software: / Express
Resource Hash: 54fe49b78716a75c94ce2b5710baed74c1a0041d074f0b4b97a711b692957987

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://asf-prod-assignedaccount-ui.herokuapp.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Date: Mon, 03 Jan 2022 11:43:25 GMT
Via: 1.1 spaces-router (279557a225d7)
Etag: W/"1aad83-17dcaba45e8"
Last-Modified: Fri, 17 Dec 2021 23:29:05 GMT
X-Powered-By: Express
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Accept-Ranges: bytes
Content-Length: 1748355

GET
H/1.1 200
OK main.7452a657cce772f8a35e.js Show response
asf-prod-assignedaccount-ui.herokuapp.com/ 489 KB
489 KB 309ms
106ms Script
application/javascript 52.2.237.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://asf-prod-assignedaccount-ui.herokuapp.com/main.7452a657cce772f8a35e.js
Requested by: Host: asf-prod-assignedaccount-ui.herokuapp.com
URL: https://asf-prod-assignedaccount-ui.herokuapp.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.2.237.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-2-237-5.compute-1.amazonaws.com
Software: / Express
Resource Hash: 8fe5ca38ceae001f4b4b5d351f4000a69fb23f9adb5e76fd1265c19b4f8fc882

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://asf-prod-assignedaccount-ui.herokuapp.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Date: Mon, 03 Jan 2022 11:43:25 GMT
Via: 1.1 spaces-router (279557a225d7)
Etag: W/"7a3ee-17dcaba45e8"
Last-Modified: Fri, 17 Dec 2021 23:29:05 GMT
X-Powered-By: Express
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Accept-Ranges: bytes
Content-Length: 500718

GET
H/1.1 200
OK symbols.svg
asf-prod-assignedaccount-ui.herokuapp.com/assets/icons/standard-sprite/svg/ 174 KB
174 KB 103ms
103ms Other
image/svg+xml 52.2.237.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://asf-prod-assignedaccount-ui.herokuapp.com/assets/icons/standard-sprite/svg/symbols.svg
Requested by: Host: asf-prod-assignedaccount-ui.herokuapp.com
URL: https://asf-prod-assignedaccount-ui.herokuapp.com/vendor.4cb736a3c459af758b85.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.2.237.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-2-237-5.compute-1.amazonaws.com
Software: / Express
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://asf-prod-assignedaccount-ui.herokuapp.com/AssignedAccount/Lemonade/accountmfe
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Date: Mon, 03 Jan 2022 11:43:26 GMT
Via: 1.1 spaces-router (279557a225d7)
Etag: W/"2b6fb-17dcaba45e8"
Last-Modified: Fri, 17 Dec 2021 23:29:05 GMT
X-Powered-By: Express
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Accept-Ranges: bytes
Content-Length: 177915

GET
H/1.1 200
OK symbols.svg
asf-prod-assignedaccount-ui.herokuapp.com/assets/icons/utility-sprite/svg/ 207 KB
207 KB 104ms
104ms Other
image/svg+xml 52.2.237.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://asf-prod-assignedaccount-ui.herokuapp.com/assets/icons/utility-sprite/svg/symbols.svg
Requested by: Host: asf-prod-assignedaccount-ui.herokuapp.com
URL: https://asf-prod-assignedaccount-ui.herokuapp.com/vendor.4cb736a3c459af758b85.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.2.237.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-2-237-5.compute-1.amazonaws.com
Software: / Express
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://asf-prod-assignedaccount-ui.herokuapp.com/AssignedAccount/Lemonade/accountmfe
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Date: Mon, 03 Jan 2022 11:43:26 GMT
Via: 1.1 spaces-router (279557a225d7)
Etag: W/"33b47-17dcaba45e8"
Last-Modified: Fri, 17 Dec 2021 23:29:05 GMT
X-Powered-By: Express
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Accept-Ranges: bytes
Content-Length: 211783

GET
H/1.1 200
OK getConfigVar
asf-prod-assignedaccount-ui.herokuapp.com/ 182 B
423 B 96ms
95ms XHR
application/json 52.2.237.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://asf-prod-assignedaccount-ui.herokuapp.com/getConfigVar
Requested by: Host: asf-prod-assignedaccount-ui.herokuapp.com
URL: https://asf-prod-assignedaccount-ui.herokuapp.com/polyfills.30127bf68467c9a43ca9.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.2.237.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-2-237-5.compute-1.amazonaws.com
Software: / Express
Resource Hash

Request headers

Accept: application/json, text/plain, */*
ATTUID: 0
Referer: https://asf-prod-assignedaccount-ui.herokuapp.com/AssignedAccount/Lemonade/accountmfe
Authorization: Basic MTZhNjYwOWYtNDc3NC00YWFhLTk5NTItNmNiYTQ4NTFiZGQ4OjJmYjUxNTNmLWZiYmEtNDBhZS05NzZhLTdlN2Q1OGMxYWVlMQ==
Accept-Language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 03 Jan 2022 11:43:26 GMT
Via: 1.1 spaces-router (279557a225d7)
X-Powered-By: Express
Content-Length: 182
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8

GET
H/1.1 200
OK getuser
asf-prod-assignedaccount-ui.herokuapp.com/ 55 B
295 B 93ms
93ms XHR
application/json 52.2.237.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://asf-prod-assignedaccount-ui.herokuapp.com/getuser
Requested by: Host: asf-prod-assignedaccount-ui.herokuapp.com
URL: https://asf-prod-assignedaccount-ui.herokuapp.com/polyfills.30127bf68467c9a43ca9.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.2.237.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-2-237-5.compute-1.amazonaws.com
Software: / Express
Resource Hash

Request headers

Accept: application/json, text/plain, */*
ATTUID: 0
Referer: https://asf-prod-assignedaccount-ui.herokuapp.com/AssignedAccount/login
Authorization: Basic MTZhNjYwOWYtNDc3NC00YWFhLTk5NTItNmNiYTQ4NTFiZGQ4OjJmYjUxNTNmLWZiYmEtNDBhZS05NzZhLTdlN2Q1OGMxYWVlMQ==
Accept-Language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 03 Jan 2022 11:43:26 GMT
Via: 1.1 spaces-router (279557a225d7)
X-Powered-By: Express
Content-Length: 55
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8

GET
H/1.1

200
OK

https://asf-prod-assignedaccount-ui.herokuapp.com/login
https://absatt.my.salesforce.com/idp/endpoint/HttpRedirect?SAMLRequest=nZJNTwIxEIb%2Fyqb3%2FeoCMQ0sWSUGEj%2BIEA9eTNnOQuNuu3ZmVf69dRGDBzl4nXna5%2B1Mx9OPpg7ewKG2ZsLSKGHTfIyyqVtRdLQzD%2FDaAVLgMYOib0xY...
https://absatt.my.salesforce.com/idp/login?app=0sp3g000000Kylg&binding=HttpPost&inresponseto=_361a4ffe20d263e48056

2 KB
1 KB

109ms
109ms

Document
text/html

13.110.33.205
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://absatt.my.salesforce.com/idp/login?app=0sp3g000000Kylg&binding=HttpPost&inresponseto=_361a4ffe20d263e48056

Requested by

Host: asf-prod-assignedaccount-ui.herokuapp.com
URL: https://asf-prod-assignedaccount-ui.herokuapp.com/main.7452a657cce772f8a35e.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.33.205 San Francisco, United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl4-ncg0-iad3.na110-ia2.my.salesforce.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Accept-Language: de-DE,de;q=0.9
Referer: https://asf-prod-assignedaccount-ui.herokuapp.com/

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: upgrade-insecure-requests
X-Robots-Tag: none
Cache-Control: must-revalidate,no-cache,no-store
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Connection: close

Redirect headers

Date: Mon, 03 Jan 2022 11:43:28 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: upgrade-insecure-requests
X-Robots-Tag: none
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Location: https://absatt.my.salesforce.com/idp/login?app=0sp3g000000Kylg&binding=HttpPost&inresponseto=_361a4ffe20d263e48056
Content-Length: 0

GET
H/1.1 200
OK Primary Request authn-request.jsp Show response
absatt.my.salesforce.com/saml/ 6 KB
4 KB 346ms
153ms Document
text/html 13.110.33.205
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://absatt.my.salesforce.com/saml/authn-request.jsp?saml_request_id=_2CAAAAX6v8nDkMDAwMDAwMDAwMDAwMDAwAAAA6t45Xx1YsEytmKWRhfexSUbsKE1eNrgoLbf6HQ7_Pm7OmIsYodfJg9dChooQ-igPB64_zwUuGjMHRW0QlKjuEV0AxdwRiLJARcDOoDZMxRUYNjCIbBP4sotFpBBH1VDp2VeEwjy3lJLmQQApDQngu7vQiKWPuhVPlGuIQKKEOKDGts_0UcT8Td0XPTgIOUjU3uKYo5cXtdA_HL1oYl1g-x3bPNENm2eAotegDwy8xwUjg9OGSolxGr088bvAoD4Pbg&saml_acs=https%3A%2F%2Fabsatt.my.salesforce.com%3Fso%3D00D1U000000reFa&saml_binding_type=HttpPost&Issuer=https%3A%2F%2Fabsatt.my.salesforce.com&samlSsoConfig=0LE3g000000PFEz&RelayState=%2Fidp%2Flogin%3Fapp%3D0sp3g000000Kylg%26binding%3DHttpPost%26inresponseto%3D_361a4ffe20d263e48056

Requested by

Host: absatt.my.salesforce.com
URL: https://absatt.my.salesforce.com/idp/login?app=0sp3g000000Kylg&binding=HttpPost&inresponseto=_361a4ffe20d263e48056

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.33.205 San Francisco, United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl4-ncg0-iad3.na110-ia2.my.salesforce.com

Software

Resource Hash

8e4041307682345d149c94ef12e2ee5c7b5ec57053b0fd4e32a7cd711370e8d8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Accept-Language: de-DE,de;q=0.9
Referer: https://absatt.my.salesforce.com/idp/login?app=0sp3g000000Kylg&binding=HttpPost&inresponseto=_361a4ffe20d263e48056

Response headers

Date: Mon, 03 Jan 2022 11:43:29 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: upgrade-insecure-requests
X-Robots-Tag: none
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Content-Type: text/html;charset=UTF-8
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked

GET
H/1.1

200
OK

auth
saml.e-access.att.com/isam/sps/
Redirect Chain

https://saml.e-access.att.com/isam/sps/ATTIDPDefault/saml20/login
https://saml.e-access.att.com/isam/sps/auth?PartnerId=https%3A%2F%2Fabsatt.my.salesforce.com

0
0

162ms
162ms

Document
text/html

144.161.77.205

General

Check archive.org

Show headers Download Go to

Full URL

https://saml.e-access.att.com/isam/sps/auth?PartnerId=https%3A%2F%2Fabsatt.my.salesforce.com

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

144.161.77.205 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://absatt.my.salesforce.com
Content-Type: application/x-www-form-urlencoded
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Accept-Language: de-DE,de;q=0.9
Referer: https://absatt.my.salesforce.com/

Response headers

content-length: 2402
content-type: text/html
date: Mon, 03 Jan 2022 11:43:30 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-content-type-options: nosniff
cache-control: no-store
x-xss-protection: 1
strict-transport-security: max-age=31536000; includeSubDomains
pragma: no-cache

Redirect headers

content-language: en-US
date: Mon, 03 Jan 2022 11:43:30 GMT
location: https://saml.e-access.att.com/isam/sps/auth?PartnerId=https%3A%2F%2Fabsatt.my.salesforce.com
p3p: CP="NON CUR OTPi OUR NOR UNI"
transfer-encoding: chunked
cache-control: no-cache="set-cookie, set-cookie2"
expires: Thu, 01 Dec 1994 16:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.absatt.my.salesforce.com/	1970-01-20 08:39:06	Name: CookieConsentPolicy Value: 0:1
.absatt.my.salesforce.com/	1970-01-20 08:39:06	Name: LSKey-c$CookieConsentPolicy Value: 0:1
.salesforce.com/	1970-01-20 08:39:06	Name: BrowserId Value: XjhXjWyKEey_FTtIse_aiA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

absatt.my.salesforce.com
asf-prod-assignedaccount-ui.herokuapp.com
saml.e-access.att.com
13.110.33.205
144.161.77.205
52.2.237.5
0e0706dc98971a5b85fa631abb1ad8cf45833febc1e4fb9adbaedaae7b428817
54fe49b78716a75c94ce2b5710baed74c1a0041d074f0b4b97a711b692957987
6c5acbb82a46a4971660f65131241dffcc28828f4dbd76b8ec7bab0b468250f8
8e4041307682345d149c94ef12e2ee5c7b5ec57053b0fd4e32a7cd711370e8d8
8fe5ca38ceae001f4b4b5d351f4000a69fb23f9adb5e76fd1265c19b4f8fc882
b1d797be3df75876358a99ced57596b58e0a64181c98b6b61ed591e2d949b668
eddfa69c92c279576e4ace69f792b66427be0bd195771cfafa6a08811cf59746

absatt.my.salesforce.com Open in urlscan Pro 13.110.33.205 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

13 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

1 Countries

3227 kBTransfer

3227 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

3 Cookies

Indicators

absatt.my.salesforce.com Open in urlscan Pro
13.110.33.205 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

3227 kB
Transfer

3227 kB
Size

3
Cookies

13 HTTP transactions
0 data transactions