federation.client.barclayscorp.com
Open in
urlscan Pro
23.34.59.19
Public Scan
Effective URL: https://federation.client.barclayscorp.com/idp/SSO.saml2
Submission: On November 25 via api from US — Scanned from US
Summary
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on June 14th 2022. Valid for: a year.
This is the only time federation.client.barclayscorp.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 3 | 35.204.26.114 35.204.26.114 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
1 4 | 104.107.217.79 104.107.217.79 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 3.64.78.167 3.64.78.167 | 16509 (AMAZON-02) (AMAZON-02) | |
3 | 23.34.59.19 23.34.59.19 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
8 | 4 |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 114.26.204.35.bc.googleusercontent.com
origin-barclaysba-stage.plateau.com |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-107-217-79.deploy.static.akamaitechnologies.com
performancemanager.successfactors.eu |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-78-167.eu-central-1.compute.amazonaws.com
afc1hfrok.accounts.ondemand.com |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-34-59-19.deploy.static.akamaitechnologies.com
federation.client.barclayscorp.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
successfactors.eu
1 redirects
performancemanager.successfactors.eu — Cisco Umbrella Rank: 29239 |
11 KB |
3 |
barclayscorp.com
federation.client.barclayscorp.com |
27 KB |
3 |
plateau.com
2 redirects
origin-barclaysba-stage.plateau.com |
3 KB |
1 |
ondemand.com
afc1hfrok.accounts.ondemand.com |
5 KB |
8 | 4 |
Domain | Requested by | |
---|---|---|
4 | performancemanager.successfactors.eu |
1 redirects
performancemanager.successfactors.eu
|
3 | federation.client.barclayscorp.com |
federation.client.barclayscorp.com
|
3 | origin-barclaysba-stage.plateau.com | 2 redirects |
1 | afc1hfrok.accounts.ondemand.com | |
8 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
plateau.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-06-16 - 2023-06-16 |
a year | crt.sh |
eu-only.successfactors.eu DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2022-04-14 - 2023-04-14 |
a year | crt.sh |
*.accounts.ondemand.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-02-25 - 2022-12-21 |
10 months | crt.sh |
federation.client.barclayscorp.com DigiCert SHA2 Extended Validation Server CA |
2022-06-14 - 2023-06-14 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://federation.client.barclayscorp.com/idp/SSO.saml2
Frame ID: 2957E9D8A829B00BDEE89B8B778D0964
Requests: 8 HTTP requests in this frame
Screenshot
Page Title
ErrorPage URL History Show full URLs
-
http://origin-barclaysba-stage.plateau.com/
HTTP 302
https://origin-barclaysba-stage.plateau.com/ Page URL
-
https://origin-barclaysba-stage.plateau.com/learning/user/login.jsp
HTTP 302
https://performancemanager.successfactors.eu/login?company=C0001164326P1 HTTP 302
https://performancemanager.successfactors.eu/saml2/Login?company=C0001164326P1&RelayState=/login?company=C0001164326P1&_s... Page URL
- https://afc1hfrok.accounts.ondemand.com/saml2/idp/sso/afc1hfrok.accounts.ondemand.com?SAMLRequest=hZJNb9wgEIb%2FCuIO... Page URL
- https://federation.client.barclayscorp.com/idp/SSO.saml2 Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://origin-barclaysba-stage.plateau.com/
HTTP 302
https://origin-barclaysba-stage.plateau.com/ Page URL
-
https://origin-barclaysba-stage.plateau.com/learning/user/login.jsp
HTTP 302
https://performancemanager.successfactors.eu/login?company=C0001164326P1 HTTP 302
https://performancemanager.successfactors.eu/saml2/Login?company=C0001164326P1&RelayState=/login?company=C0001164326P1&_s.crb=aaP%252bI4quH1lLZ4kbK%252fW3Bk%252fthiM7zjr0NwNvgNSSr5g%253d Page URL
- https://afc1hfrok.accounts.ondemand.com/saml2/idp/sso/afc1hfrok.accounts.ondemand.com?SAMLRequest=hZJNb9wgEIb%2FCuIOBuJkN2i90TarqCv1w0rcHnKpCIy7qDa4DO62%2Fz6Od1OlhyZXeGeemQdWV7%2F7jvyChD6GikouKIFgo%2FPhe0W%2FNDdsSa%2FWKzR9pwa9GfM%2B3MLPETCTqTCgPt5UdExBR4MedTA9oM5W320%2BftCKCz2kmKONHSXbqdAHk2fYPucBdVGY1sp9m%2BIPbqyNY8jIY3DQm%2BC4jX0xIwrvhgIxvpWm5CYmC%2FOkFW1Nh0DJblvRb5dKleLcKeagNax08owZqwwziyUs5cOlWAg7RRFH2AXMJuSKKqEUk5Kp80YqrYQuJS%2FF4p6S%2BrTTOx%2BOrl4T8HAMoX7fNDWrP981lHx9dj4F6MmwnunppdrXGxtESE826frZ5uFw4DhaC4itsTkm5DAW10IIKS%2FKM3VRy1Xxkvb3dT9N7XfbOnbe%2FiGbrouH6wQmQ0VzGmEW25v8%2F4Ekl%2FOJd6ydo3oMOID1rQdHi%2FUJ%2B%2B83Wj8C&RelayState=%2Flogin%3Fcompany%3DC0001164326P1&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=Z7b8pUWXJ2CnKXjKEeLK4ghUuvEHN827r2GRMtY9PEK5CQKXqujvliv5psUXQDvfnvHoUHWZJhRgLiwRUMEVhjcPlPtGPMYFMPHmtpNu%2BpVsHC9YOVl3HFf18PcB1B7SZ7x60nYFnDcmo5BCV7sRiJGV6JhkzDJJCj8iDzw6cn4%3D Page URL
- https://federation.client.barclayscorp.com/idp/SSO.saml2 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://origin-barclaysba-stage.plateau.com/ HTTP 302
- https://origin-barclaysba-stage.plateau.com/
- https://origin-barclaysba-stage.plateau.com/learning/user/login.jsp HTTP 302
- https://performancemanager.successfactors.eu/login?company=C0001164326P1 HTTP 302
- https://performancemanager.successfactors.eu/saml2/Login?company=C0001164326P1&RelayState=/login?company=C0001164326P1&_s.crb=aaP%252bI4quH1lLZ4kbK%252fW3Bk%252fthiM7zjr0NwNvgNSSr5g%253d
8 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
origin-barclaysba-stage.plateau.com/ Redirect Chain
|
68 B 557 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Login
performancemanager.successfactors.eu/saml2/ Redirect Chain
|
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
XMLHttpRequest.js
performancemanager.successfactors.eu/ui/extlib/XMLHttpRequest_1.0.5_sf.17/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
perflog_6afbc835fd7bc8ec51a93324df511558.js
performancemanager.successfactors.eu/ui/perflog/js/ |
11 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
afc1hfrok.accounts.ondemand.com
afc1hfrok.accounts.ondemand.com/saml2/idp/sso/ |
7 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
Primary Request
SSO.saml2
federation.client.barclayscorp.com/idp/ |
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.css
federation.client.barclayscorp.com/assets/css/ |
171 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
barclays-small.png
federation.client.barclayscorp.com/assets/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
13 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
origin-barclaysba-stage.plateau.com/learning | Name: JSESSIONID Value: 0C9F9203DB736CDAD0EE2FB998804578 |
|
origin-barclaysba-stage.plateau.com/ | Name: BIGipServerorigin-dc57-preview.lms.plateau.com Value: 60176650.20480.0000 |
|
origin-barclaysba-stage.plateau.com/ | Name: BIGipServerP_lms_sapsf_com_80 Value: !NIbBuIwdomEXO8J8v4KArBS8hpbV4c3Z03Z2m7SFJFlWw9eJ4y7JBHkk6N7Cs5Hxm0AfKcVCy8i++A== |
|
origin-barclaysba-stage.plateau.com/ | Name: route Value: a969c3f0f5e8a020ad1d570cd9493016369fa0ac |
|
performancemanager.successfactors.eu/ | Name: route Value: 73c8f142949ce9c0b5b31befac9961d528758593 |
|
performancemanager.successfactors.eu/ | Name: %2Flogin-markFromServer Value: true |
|
performancemanager.successfactors.eu/ | Name: bizxCompanyId Value: C0001164326P1 |
|
performancemanager.successfactors.eu/ | Name: JSESSIONID Value: FCF3086EE3294E82BE7A94F43A27CBB0.pc57bcf14 |
|
performancemanager.successfactors.eu/ | Name: BIGipServerhcm57.sapsf.com Value: 378026250.20480.0000 |
|
performancemanager.successfactors.eu/ | Name: oiosaml-fragment Value: |
|
afc1hfrok.accounts.ondemand.com/ | Name: arca14e6c Value: AAAADPytHrm1bJHteb5wbDW9K8uoKWELekojFgsA%2FhRQZ9xUF%2FiOZLbdWipCEDpy5enh6WblWWZsYKKmP3dqj6U068tpXyXQ1kyU7DoLF8Wu2Yxi%2FFVrYAlIHiqM5hh3QjJNsi4JltVL3NJ1Sfx9s%2BUD5D9dpu6XlAgW3nTadlkX%2FJpQjJMf95vaSqxFAeYcqJOir%2F5tIyyrYlP%2FfIA97svnx3LNvacVuarDmvhbWFvb4mRsB6IWlpj2ZCY7CfPGdCTumylcfKj2lOhbQkrztobd6pfbiVYHhdiIRpaZv8LIpJTLgAbYCKe1Hl6344kruMe9zdQ9yuzNkCISxLVUskJ1uHf33wB0taahzRfknqJJVjWYurXvnPIdwcsv0QBXm0Lsa1swlw6VjX5xhCpcgovFXQ6u2Yuw%2FPDJFoNfMPCryFbEyXiU5Q2LYzRot5YR0%2F07mo1bC5chJ8J2ZwNNlKCCB8n7mCKUssA4QkKEOyNZleMIAN3HyKDbYo8NqpcABf4gqPITFPw2g6oSYxUvsJCEe81iE7VohoAd9ItcCrUcGQY7e2pq9W%2FRsEgm2FBjPB%2FOy3KlikSTxXhbTcZlNWNjW2GcBEfQ7uhL2Dk9Kxi1kDq%2FcObHANEm9I5JIJ%2Bnl93svYF7%2BKN42iTNDmjbdPOWDyxGCOQOMXGl6M0DUAYusYuyli4EfbRHseA%3D |
|
afc1hfrok.accounts.ondemand.com/ | Name: XSRF_COOKIE Value: "OTfvv71B77+977+977+9zroKfe+/ve+/vVVk77+977+9fzHVve+/vQwHKu+/vSUoa0vvv706MTY2OTM3ODg0MjUxOQ==" |
|
afc1hfrok.accounts.ondemand.com/ | Name: JSESSIONID Value: 51F3A0582CCA2AEAE4A985066A2B73DF |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
afc1hfrok.accounts.ondemand.com
federation.client.barclayscorp.com
origin-barclaysba-stage.plateau.com
performancemanager.successfactors.eu
104.107.217.79
23.34.59.19
3.64.78.167
35.204.26.114
355006de59ba17f841873a812e50ab583b09cff52d7b0bbd7d5b3aafaed8683e
3615326640054eff387c6b09a53a38c2a6ea6498e9564e9ebb6e297888d50128
6e797123a89586582a7a26ee18c3c3efb67261a7f98bb421e7b0d466291695c6