federationdv.snclavalin.com
Open in
urlscan Pro
142.242.15.35
Public Scan
Effective URL: https://federationdv.snclavalin.com/adfs/ls/?SAMLRequest=jJFBT4NAEIXvTfofNnuHBUoqbICE2EuTeinqwdsAQ7oJ7OLOQvTfS6tG24Px%2BibfmzdvMoKhj...
Submission: On November 18 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on January 3rd 2020. Valid for: 2 years.
This is the only time federationdv.snclavalin.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 51.140.146.128 51.140.146.128 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
3 3 | 51.140.59.233 51.140.59.233 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
4 | 142.242.15.35 142.242.15.35 | 30409 (SNCLAV-AS) (SNCLAV-AS) | |
4 | 1 |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
employeesearch-uat.atkinsglobal.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
identity-uat.snclavalin.com |
ASN30409 (SNCLAV-AS, CA)
PTR: concurexpense-test.snclavalin.com
federationdv.snclavalin.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
snclavalin.com
3 redirects
identity-uat.snclavalin.com federationdv.snclavalin.com |
92 KB |
1 |
atkinsglobal.com
1 redirects
employeesearch-uat.atkinsglobal.com |
2 KB |
4 | 2 |
Domain | Requested by | |
---|---|---|
4 | federationdv.snclavalin.com |
federationdv.snclavalin.com
|
3 | identity-uat.snclavalin.com | 3 redirects |
1 | employeesearch-uat.atkinsglobal.com | 1 redirects |
4 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
password.snclavalin.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
federationdv.snclavalin.com DigiCert SHA2 Secure Server CA |
2020-01-03 - 2022-01-19 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://federationdv.snclavalin.com/adfs/ls/?SAMLRequest=jJFBT4NAEIXvTfofNnuHBUoqbICE2EuTeinqwdsAQ7oJ7OLOQvTfS6tG24Px%2BibfmzdvMoKhj0ZZTu6kj%2Fg6ITn2NvSa5Ock55PV0gApkhoGJOkaWZUPBxn5gRytcaYxPf%2FN%2FI0AEVqnjOZsv8u5aoO4a6N028GmjuMO7%2Bo02iZpGEBSA0KScvaMlhYg5wu%2FUEQT7jU50G6RgijwwtALk8doI8NYBvELZ7vlDKXhvCbnJ%2BdGkkJ02KK9aO3sk256mKFX2m%2FMIKDtSPQkOCu%2F890bTdOAtkI7qwafjocfK9Widsq9exO4W6vq3IEoG%2BLFesVYdulEXlLb4j8GmbhC1qsv4fpLxQcAAAD%2F%2FwMA&RelayState=Wy2uNU3xBi9lE3NtSDbHG4pP
Frame ID: 93463D32B7284FC36D8A08A49231C918
Requests: 4 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://employeesearch-uat.atkinsglobal.com/
HTTP 302
https://identity-uat.snclavalin.com/connect/authorize?client_id=mvc-est-uat&redirect_uri=https%3A%2F%2Femployees... HTTP 302
https://identity-uat.snclavalin.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dmvc-... HTTP 302
https://identity-uat.snclavalin.com/Account/ExternalLogin?provider=Saml2&returnUrl=%2Fconnect%2Fauthorize%2Fcall... HTTP 303
https://federationdv.snclavalin.com/adfs/ls/?SAMLRequest=jJFBT4NAEIXvTfofNnuHBUoqbICE2EuTeinqwdsAQ7oJ7OLOQvTfS6t... Page URL
Detected technologies
Microsoft HTTPAPI (Web Servers) ExpandDetected patterns
- headers server /Microsoft-HTTPAPI(?:\/([\d.]+))?/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Forgot Password
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://employeesearch-uat.atkinsglobal.com/
HTTP 302
https://identity-uat.snclavalin.com/connect/authorize?client_id=mvc-est-uat&redirect_uri=https%3A%2F%2Femployeesearch-uat.atkinsglobal.com%2Fsignin-oidc&response_type=code%20id_token&scope=openid%20profile%20email%20offline_access%20roles&response_mode=form_post&nonce=637413380438177301.N2E5MDBhOWMtMjUzNy00NmFiLTgwZWYtOWVmMGYyYjViNDgzNTVmYWIyYTEtYmRkYy00NTY1LTlmMGUtMDBmMDcyOWM2YWZh&state=CfDJ8GXorfVPGXxJlFlkfxDZLYvaBCU3voRSpG6cmF7zP9CVM9ONFA74RxqAXgN_zC60CckJaQB-19QLgoyzmrklJ_7SuD1-zZH4zWxNRdoyEjN-OPVmLgB0cfQY5qsCs8ZxyU-wcvhRbMh_P1C6sPYTtPzThEc3_oZBfgQHR87tjs9Pioa2HPbB1tHKsTugGogtnfg6tNdgN0pY8cHUYfS4xbV-5inegHyBnumyHcDl4-R8YXFqbAKr3UIXBVtKO9gV4n0JE8BPlhingMza6NTD-DJx6gho6Qz0C6ipW_S751GuIZbWL_2IYSM18haW4o_DSyhGFe155u4PS-BcAPIIwDdtfoqc_aEkwL8sPC-YJ2OOHxGbPxVbnbPMb0FI4ZhVVQ&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=5.3.0.0 HTTP 302
https://identity-uat.snclavalin.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dmvc-est-uat%26redirect_uri%3Dhttps%253A%252F%252Femployeesearch-uat.atkinsglobal.com%252Fsignin-oidc%26response_type%3Dcode%2520id_token%26scope%3Dopenid%2520profile%2520email%2520offline_access%2520roles%26response_mode%3Dform_post%26nonce%3D637413380438177301.N2E5MDBhOWMtMjUzNy00NmFiLTgwZWYtOWVmMGYyYjViNDgzNTVmYWIyYTEtYmRkYy00NTY1LTlmMGUtMDBmMDcyOWM2YWZh%26state%3DCfDJ8GXorfVPGXxJlFlkfxDZLYvaBCU3voRSpG6cmF7zP9CVM9ONFA74RxqAXgN_zC60CckJaQB-19QLgoyzmrklJ_7SuD1-zZH4zWxNRdoyEjN-OPVmLgB0cfQY5qsCs8ZxyU-wcvhRbMh_P1C6sPYTtPzThEc3_oZBfgQHR87tjs9Pioa2HPbB1tHKsTugGogtnfg6tNdgN0pY8cHUYfS4xbV-5inegHyBnumyHcDl4-R8YXFqbAKr3UIXBVtKO9gV4n0JE8BPlhingMza6NTD-DJx6gho6Qz0C6ipW_S751GuIZbWL_2IYSM18haW4o_DSyhGFe155u4PS-BcAPIIwDdtfoqc_aEkwL8sPC-YJ2OOHxGbPxVbnbPMb0FI4ZhVVQ%26x-client-SKU%3DID_NETSTANDARD2_0%26x-client-ver%3D5.3.0.0 HTTP 302
https://identity-uat.snclavalin.com/Account/ExternalLogin?provider=Saml2&returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dmvc-est-uat%26redirect_uri%3Dhttps%253A%252F%252Femployeesearch-uat.atkinsglobal.com%252Fsignin-oidc%26response_type%3Dcode%2520id_token%26scope%3Dopenid%2520profile%2520email%2520offline_access%2520roles%26response_mode%3Dform_post%26nonce%3D637413380438177301.N2E5MDBhOWMtMjUzNy00NmFiLTgwZWYtOWVmMGYyYjViNDgzNTVmYWIyYTEtYmRkYy00NTY1LTlmMGUtMDBmMDcyOWM2YWZh%26state%3DCfDJ8GXorfVPGXxJlFlkfxDZLYvaBCU3voRSpG6cmF7zP9CVM9ONFA74RxqAXgN_zC60CckJaQB-19QLgoyzmrklJ_7SuD1-zZH4zWxNRdoyEjN-OPVmLgB0cfQY5qsCs8ZxyU-wcvhRbMh_P1C6sPYTtPzThEc3_oZBfgQHR87tjs9Pioa2HPbB1tHKsTugGogtnfg6tNdgN0pY8cHUYfS4xbV-5inegHyBnumyHcDl4-R8YXFqbAKr3UIXBVtKO9gV4n0JE8BPlhingMza6NTD-DJx6gho6Qz0C6ipW_S751GuIZbWL_2IYSM18haW4o_DSyhGFe155u4PS-BcAPIIwDdtfoqc_aEkwL8sPC-YJ2OOHxGbPxVbnbPMb0FI4ZhVVQ%26x-client-SKU%3DID_NETSTANDARD2_0%26x-client-ver%3D5.3.0.0 HTTP 303
https://federationdv.snclavalin.com/adfs/ls/?SAMLRequest=jJFBT4NAEIXvTfofNnuHBUoqbICE2EuTeinqwdsAQ7oJ7OLOQvTfS6tG24Px%2BibfmzdvMoKhj0ZZTu6kj%2Fg6ITn2NvSa5Ock55PV0gApkhoGJOkaWZUPBxn5gRytcaYxPf%2FN%2FI0AEVqnjOZsv8u5aoO4a6N028GmjuMO7%2Bo02iZpGEBSA0KScvaMlhYg5wu%2FUEQT7jU50G6RgijwwtALk8doI8NYBvELZ7vlDKXhvCbnJ%2BdGkkJ02KK9aO3sk256mKFX2m%2FMIKDtSPQkOCu%2F890bTdOAtkI7qwafjocfK9Widsq9exO4W6vq3IEoG%2BLFesVYdulEXlLb4j8GmbhC1qsv4fpLxQcAAAD%2F%2FwMA&RelayState=Wy2uNU3xBi9lE3NtSDbHG4pP Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
4 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
federationdv.snclavalin.com/adfs/ls/ Redirect Chain
|
17 KB 17 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
federationdv.snclavalin.com/adfs/portal/css/ |
9 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.jpg
federationdv.snclavalin.com/adfs/portal/logo/ |
4 KB 4 KB |
Image
image/jpg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
illustration.jpg
federationdv.snclavalin.com/adfs/portal/illustration/ |
57 KB 57 KB |
Image
image/jpg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
19 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| LoginErrors number| maxPasswordLength function| InputUtil function| SelectOption function| Login undefined| emails undefined| msViewportStyle undefined| viewport function| getStyle function| computeLoadIllustration0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Frame-Options | DENY |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
employeesearch-uat.atkinsglobal.com
federationdv.snclavalin.com
identity-uat.snclavalin.com
142.242.15.35
51.140.146.128
51.140.59.233
33eb7f79e8f0564d0e4056f3f1eb34aa1703d70d9061acd6c4108e28869bbfd8
4bc522aa4ed699e5f12077330adcc9dee4c6cd3ceac45dcfec6bf712f9f071c3
a90c2da659bd2f2d706d07a465ee24671a8a2f8496d7f9b9dd5468f0a68020fa
d2f6d70d0d2fc541d2ceb23a22af2fde692e7e4968b7fb50fed2532f31c66876