icc-abbvie--iccuat.sandbox.my.site.com
Open in
urlscan Pro
2a02:26f0:3500:18::1724:a299
Public Scan
Effective URL: https://icc-abbvie--iccuat.sandbox.my.site.com/_nc_external/identity/saml/SamlError?idpError=1505
Submission: On August 11 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by DigiCert Global G3 TLS ECC SHA384 202... on April 3rd 2023. Valid for: a year.
This is the only time icc-abbvie--iccuat.sandbox.my.site.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 3 | 3.238.94.52 3.238.94.52 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 1 | 85.222.155.76 85.222.155.76 | 14340 (SALESFORCE) (SALESFORCE) | |
1 6 | 2a02:26f0:350... 2a02:26f0:3500:18::1724:a299 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
5 | 1 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-238-94-52.compute-1.amazonaws.com
abbvie.sso.evermedtv.com |
ASN14340 (SALESFORCE, US)
PTR: dcl7-ncg0-fra3.cs88-fra.force.com
iccuat-icc-abbvie.cs88.force.com |
ASN20940 (AKAMAI-ASN1, NL)
icc-abbvie--iccuat.sandbox.my.site.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
site.com
1 redirects
icc-abbvie--iccuat.sandbox.my.site.com |
64 KB |
3 |
evermedtv.com
3 redirects
abbvie.sso.evermedtv.com |
2 KB |
1 |
force.com
1 redirects
iccuat-icc-abbvie.cs88.force.com |
1 KB |
5 | 3 |
Domain | Requested by | |
---|---|---|
6 | icc-abbvie--iccuat.sandbox.my.site.com |
1 redirects
icc-abbvie--iccuat.sandbox.my.site.com
|
3 | abbvie.sso.evermedtv.com | 3 redirects |
1 | iccuat-icc-abbvie.cs88.force.com | 1 redirects |
5 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
prod.cdn.salesforce-experience.com DigiCert Global G3 TLS ECC SHA384 2020 CA1 |
2023-04-03 - 2024-03-26 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://icc-abbvie--iccuat.sandbox.my.site.com/_nc_external/identity/saml/SamlError?idpError=1505
Frame ID: 10042DAA4A2BCB86AEF94EC1924F1379
Requests: 5 HTTP requests in this frame
Screenshot
Page Title
Single Sign-On Error | Identity and Consent Cloud (SSO)Page URL History Show full URLs
-
https://abbvie.sso.evermedtv.com/
HTTP 302
http://abbvie.sso.evermedtv.com/saml/login HTTP 301
https://abbvie.sso.evermedtv.com/saml/login HTTP 302
https://iccuat-icc-abbvie.cs88.force.com/idp/endpoint/HttpPost?SAMLRequest=jVLBbtswDL33KwrfbUdRknpCEiBtujVAlhiN18Mugy... HTTP 301
https://icc-abbvie--iccuat.sandbox.my.site.com/idp/endpoint/HttpPost?SAMLRequest=jVLBbtswDL33KwrfbUdRknpCEiBtujVAlhiN18Mugy... HTTP 302
https://icc-abbvie--iccuat.sandbox.my.site.com/_nc_external/identity/saml/SamlError?idpError=1505 Page URL
Detected technologies
Akamai Bot Manager (Security) ExpandDetected patterns
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://abbvie.sso.evermedtv.com/
HTTP 302
http://abbvie.sso.evermedtv.com/saml/login HTTP 301
https://abbvie.sso.evermedtv.com/saml/login HTTP 302
https://iccuat-icc-abbvie.cs88.force.com/idp/endpoint/HttpPost?SAMLRequest=jVLBbtswDL33KwrfbUdRknpCEiBtujVAlhiN18MugywxrQBbckXa3f5%2Bit21W4EW00USxff4%2BKg5yrpqxKqlB3sLjy0gnZ2H9bOuLIr%2BcRG13gon0aCwsgYUpMRh9XUrxslINN6RU66K3sA%2BRklE8GScHWCb9SLa7663%2By%2Bb3Q%2FOYVrORtOMjyd88onN%2BFQdJ6WeQplpNtOMzbKSyYsBegceA88iCrRDJPeuMxr8LlRdRNcd%2BBp0cfdcCbGFjUWSlgJmNObxKIsZKxgX%2FEJw9n3IWwcjjJXUUz8QNSjS1CjVSorDFsuy7AwkCrMsOTqvwtHVqdFNClY3zlhKbwIqd0gvqnqfLo3Vxt5%2FbE85JKG4KYo8zveHYiBZ%2FbHtyllsa%2FAH8J1R8O12%2B6ryWRqiS2Bonrpe3WksqVQYLXuy%2BekuekP88v%2FANZDUkuQ8%2FRv7ytaIk%2Bmbde4qo3718dP67Hwt6f2WWcL6iNHxsU8VrcUGlDka0NELzaqq3NOVB0lhruRbiM7T5dmg5d8vvPwN&RelayState=http%3A%2F%2Fabbvie.sso.evermedtv.com%2F HTTP 301
https://icc-abbvie--iccuat.sandbox.my.site.com/idp/endpoint/HttpPost?SAMLRequest=jVLBbtswDL33KwrfbUdRknpCEiBtujVAlhiN18MugywxrQBbckXa3f5%2Bit21W4EW00USxff4%2BKg5yrpqxKqlB3sLjy0gnZ2H9bOuLIr%2BcRG13gon0aCwsgYUpMRh9XUrxslINN6RU66K3sA%2BRklE8GScHWCb9SLa7663%2By%2Bb3Q%2FOYVrORtOMjyd88onN%2BFQdJ6WeQplpNtOMzbKSyYsBegceA88iCrRDJPeuMxr8LlRdRNcd%2BBp0cfdcCbGFjUWSlgJmNObxKIsZKxgX%2FEJw9n3IWwcjjJXUUz8QNSjS1CjVSorDFsuy7AwkCrMsOTqvwtHVqdFNClY3zlhKbwIqd0gvqnqfLo3Vxt5%2FbE85JKG4KYo8zveHYiBZ%2FbHtyllsa%2FAH8J1R8O12%2B6ryWRqiS2Bonrpe3WksqVQYLXuy%2BekuekP88v%2FANZDUkuQ8%2FRv7ytaIk%2Bmbde4qo3718dP67Hwt6f2WWcL6iNHxsU8VrcUGlDka0NELzaqq3NOVB0lhruRbiM7T5dmg5d8vvPwN&RelayState=http%3A%2F%2Fabbvie.sso.evermedtv.com%2F HTTP 302
https://icc-abbvie--iccuat.sandbox.my.site.com/_nc_external/identity/saml/SamlError?idpError=1505 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
5 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
SamlError
icc-abbvie--iccuat.sandbox.my.site.com/_nc_external/identity/saml/ Redirect Chain
|
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sfdc_210.css
icc-abbvie--iccuat.sandbox.my.site.com/css/ |
15 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
servlet.ImageServer
icc-abbvie--iccuat.sandbox.my.site.com/servlet/ |
2 KB 3 KB |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SalesforceSans-Regular.woff2
icc-abbvie--iccuat.sandbox.my.site.com/login/assets/fonts/SalesforceSans/ |
27 KB 27 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SalesforceSans-Light.woff2
icc-abbvie--iccuat.sandbox.my.site.com/login/assets/fonts/SalesforceSans/ |
27 KB 27 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| p function| bodyOnLoad function| bodyOnBeforeUnload function| bodyOnFocus function| bodyOnUnload8 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
abbvie.sso.evermedtv.com/ | Name: PHPSESSID Value: 1727527b711d551a7c998978e0c568bf |
|
iccuat-icc-abbvie.cs88.force.com/ | Name: CookieConsentPolicy Value: 0:1 |
|
iccuat-icc-abbvie.cs88.force.com/ | Name: LSKey-c$CookieConsentPolicy Value: 0:1 |
|
icc-abbvie--iccuat.sandbox.my.site.com/ | Name: CookieConsentPolicy Value: 0:1 |
|
icc-abbvie--iccuat.sandbox.my.site.com/ | Name: LSKey-c$CookieConsentPolicy Value: 0:1 |
|
icc-abbvie--iccuat.sandbox.my.site.com/ | Name: BrowserId Value: OUoUUThMEe6-MIGWWbeISA |
|
icc-abbvie--iccuat.sandbox.my.site.com/ | Name: BrowserId_sec Value: OUoUUThMEe6-MIGWWbeISA |
|
.sandbox.my.site.com/ | Name: ak_bmsc Value: 48556F259A570E57CC3711BFDBDBD689~000000000000000000000000000000~YAAQmaAkF8/NSuOJAQAA5gvR5BQjnwFHa+fw8SWUvI5PJMaJUYNBot0660jlTO5ASH/u/930NhzqZGEgYC8ajGY2PoE3E9hJnMaYmMRSZ2CLY9dDZfMyztCrL3rSeKeDXnUxDj/IJK4kRMv22kLndHLZT8W9/Kq6wNjSsTE8XblgwOSjUR2DLl/P74SQKLrHfyZ7ztSF1u5Af8bTST3iT73v5FnOunHtwsAgY0658xDNexz9y/46c69ZvxeqicinHGnU0mHzZCUcJW/IYZLSgDr/5+gjwkZQkpQ2wGXCUuEtbC3b9mIA6CrQeEEXjQQJAEYZymJd2oqBHYoBd2jksDeNUO7uBorsAoP6k0S7cwME8PDy01uUPYpTq0jGcNbHGvIe+wqs8HT95Mj8VrPNo6UCUfs7kuUT8A== |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | upgrade-insecure-requests |
Strict-Transport-Security | max-age=63072000; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
abbvie.sso.evermedtv.com
icc-abbvie--iccuat.sandbox.my.site.com
iccuat-icc-abbvie.cs88.force.com
2a02:26f0:3500:18::1724:a299
3.238.94.52
85.222.155.76
1f1752651aca663f40e45c60e182172fc426a40df042098f6e68a56db2c459f3
963b993083b3f95c661d1e664562b49a20e2832927f67e5ac337c6cf5d85a194
b7df2d6cb9d0ecda707a1de1302b3c9d9bda16247dc382e696579a8308d49771
c225ba1069485484b90206a0c6526046c88de0505eedab79c65612e22dcac98c
c78e01229af859bf2fa0b79a71141d2fb7e36d156c6baeac7f145f31ce3682ea