adfs.vistex.com Open in urlscan Pro
198.233.124.112 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://vistex.saasit.com/Default.aspx#1669884082486
Effective URL:
https://adfs.vistex.com/adfs/ls
Submission: On December 01 via manual (December 1st 2022, 8:41:54 am UTC) from US — Scanned from DE

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 9 HTTP transactions. The main IP is 198.233.124.112, located in United States and belongs to VISTEX, US. The main domain is adfs.vistex.com.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on July 28th 2022. Valid for: a year.

This is the only time adfs.vistex.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 7	20.252.79.45 20.252.79.45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	198.233.124.112 198.233.124.112	63217 (VISTEX) (VISTEX)
9	2

7 20.252.79.45 (United States) 2 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

vistex.saasit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 198.233.124.112 (United States)

ASN63217 (VISTEX, US)

adfs.vistex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	saasit.com 2 redirects vistex.saasit.com — Cisco Umbrella Rank: 589396	74 KB
4	vistex.com adfs.vistex.com	69 KB
9	2

	Domain	Requested by
7	vistex.saasit.com	2 redirects vistex.saasit.com
4	adfs.vistex.com	adfs.vistex.com
9	2

This site contains no links.

Subject Issuer	Validity	Valid
*.saasit.com Sectigo RSA Organization Validation Secure Server CA	`2022-01-06` - `2023-02-06`	a year	crt.sh
adfs.vistex.com Sectigo RSA Organization Validation Secure Server CA	`2022-07-28` - `2023-07-28`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://adfs.vistex.com/adfs/ls
Frame ID: AB23C6BDFCE6E204AE6923D578489DBE
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Anmelden

Page URL History Show full URLs

https://vistex.saasit.com/Default.aspx HTTP 302
https://vistex.saasit.com/ Page URL
https://vistex.saasit.com/Account/SsoLogin?provider=VistexADFS&timezoneOffset=0&timezone=Etc%2FUnknown HTTP 302
https://vistex.saasit.com/handlers/sso/SsoLoginHandler.ashx?SaaSAppId=vistex.saasit.com&SaaSTimezoneOf... Page URL
https://adfs.vistex.com/adfs/ls Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

9
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

142 kB
Transfer

223 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://vistex.saasit.com/Default.aspx HTTP 302
https://vistex.saasit.com/ Page URL
https://vistex.saasit.com/Account/SsoLogin?provider=VistexADFS&timezoneOffset=0&timezone=Etc%2FUnknown HTTP 302
https://vistex.saasit.com/handlers/sso/SsoLoginHandler.ashx?SaaSAppId=vistex.saasit.com&SaaSTimezoneOffset=0&SaaSTimezoneName=Etc%2fUnknown&SaaSAppPath=%2f&SaaSExternalLogin=&SaaSAuthProviderName=VistexADFS&SaaSUserName=&SaaSResourceURL=https%253A%252F%252Fvistex.saasit.com%252F%253FNoDefaultProvider%253DTrue&SaaSIdpInitiatedLogin=True&SaaSRole=&SaaSRenewalMode=False&SaaSDebugMode=False Page URL
https://adfs.vistex.com/adfs/ls Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://vistex.saasit.com/Default.aspx HTTP 302
https://vistex.saasit.com/

Request Chain 4

https://vistex.saasit.com/Account/SsoLogin?provider=VistexADFS&timezoneOffset=0&timezone=Etc%2FUnknown HTTP 302
https://vistex.saasit.com/handlers/sso/SsoLoginHandler.ashx?SaaSAppId=vistex.saasit.com&SaaSTimezoneOffset=0&SaaSTimezoneName=Etc%2fUnknown&SaaSAppPath=%2f&SaaSExternalLogin=&SaaSAuthProviderName=VistexADFS&SaaSUserName=&SaaSResourceURL=https%253A%252F%252Fvistex.saasit.com%252F%253FNoDefaultProvider%253DTrue&SaaSIdpInitiatedLogin=True&SaaSRole=&SaaSRenewalMode=False&SaaSDebugMode=False

9 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
vistex.saasit.com/
Redirect Chain

https://vistex.saasit.com/Default.aspx
https://vistex.saasit.com/

1 KB
2 KB

183ms
183ms

Document
text/html

20.252.79.45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://vistex.saasit.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.252.79.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Appserver / Ivanti Service Manager

Resource Hash

94b7c105dd0b798aa05b8b1caa30d6454fac010241901fd730a1cf9d2c4c1f60

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https://az416426.vo.msecnd.net https://cdvfile/localhost/ https://sfsign-dev.ivanticloud.com/ISM/script https://na3.docusign.net https://docucdn-a.akamaihd.net
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 815
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://az416426.vo.msecnd.net https://cdvfile/localhost/ https://sfsign-dev.ivanticloud.com/ISM/script https://na3.docusign.net https://docucdn-a.akamaihd.net
content-type: text/html; charset=utf-8
date: Thu, 01 Dec 2022 08:41:48 GMT
expires: -1
feature-policy: payment 'none'; microphone 'none'; geolocation 'none'; camera 'none'; sync-xhr 'self'
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma: no-cache
referrer-policy: no-referrer
server: Appserver
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN SAMEORIGIN
x-powered-by: Ivanti Service Manager
x-ua-compatible: IE=9, IE=edge
x-xss-protection: 1; mode=block

Redirect headers

cache-control: no-cache, no-store, must-revalidate
content-length: 143
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://az416426.vo.msecnd.net https://cdvfile/localhost/ https://sfsign-dev.ivanticloud.com/ISM/script https://na3.docusign.net https://docucdn-a.akamaihd.net
content-type: text/html; charset=utf-8
date: Thu, 01 Dec 2022 08:41:48 GMT
expires: -1
feature-policy: payment 'none'; microphone 'none'; geolocation 'none'; camera 'none'; sync-xhr 'self'
location: https://vistex.saasit.com/
pragma: no-cache
referrer-policy: no-referrer
server: Appserver
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN SAMEORIGIN
x-powered-by: Ivanti Service Manager
x-ua-compatible: IE=9, IE=edge
x-xss-protection: 1; mode=block

GET
H2 200 jquery
vistex.saasit.com/bundles/ 109 KB
48 KB 330ms
329ms Script
text/javascript 20.252.79.45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://vistex.saasit.com/bundles/jquery?v=JmcMa1Mc9WHC3Bw-UmilWve6RkNYjLIQya-8QksYE0A1

Requested by

Host: vistex.saasit.com
URL: https://vistex.saasit.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.252.79.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Appserver / Ivanti Service Manager

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https://az416426.vo.msecnd.net https://cdvfile/localhost/ https://sfsign-dev.ivanticloud.com/ISM/script https://na3.docusign.net https://docucdn-a.akamaihd.net
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 08:41:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://az416426.vo.msecnd.net https://cdvfile/localhost/ https://sfsign-dev.ivanticloud.com/ISM/script https://na3.docusign.net https://docucdn-a.akamaihd.net
x-powered-by: Ivanti Service Manager
content-length: 48835
x-xss-protection: 1; mode=block
x-ua-compatible: IE=9, IE=edge
referrer-policy: no-referrer
last-modified: Thu, 01 Dec 2022 08:41:48 GMT
server: Appserver
vary: User-Agent
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: public
feature-policy: payment 'none'; microphone 'none'; geolocation 'none'; camera 'none'; sync-xhr 'self'
expires: Fri, 01 Dec 2023 08:41:48 GMT

GET
H2 200 jstz.min.js Show response
vistex.saasit.com/lib/ 12 KB
6 KB 168ms
167ms Script
application/javascript 20.252.79.45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://vistex.saasit.com/lib/jstz.min.js

Requested by

Host: vistex.saasit.com
URL: https://vistex.saasit.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.252.79.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Appserver / Ivanti Service Manager

Resource Hash

7b237b7d29bcd9e6a8f9f0cc15d853c8b985b7297fd43f713195b1e255a2ba40

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https://az416426.vo.msecnd.net https://cdvfile/localhost/ https://sfsign-dev.ivanticloud.com/ISM/script https://na3.docusign.net https://docucdn-a.akamaihd.net
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 08:41:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://az416426.vo.msecnd.net https://cdvfile/localhost/ https://sfsign-dev.ivanticloud.com/ISM/script https://na3.docusign.net https://docucdn-a.akamaihd.net
x-powered-by: Ivanti Service Manager
content-length: 5087
x-xss-protection: 1; mode=block
x-ua-compatible: IE=9, IE=edge
referrer-policy: no-referrer
server: Appserver
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: no-cache
feature-policy: payment 'none'; microphone 'none'; geolocation 'none'; camera 'none'; sync-xhr 'self'
accept-ranges: bytes

GET
H2 200 LoginMask.js Show response
vistex.saasit.com/scripts/account/ 3 KB
2 KB 170ms
169ms Script
application/javascript 20.252.79.45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://vistex.saasit.com/scripts/account/LoginMask.js

Requested by

Host: vistex.saasit.com
URL: https://vistex.saasit.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.252.79.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Appserver / Ivanti Service Manager

Resource Hash

7407aed2f30936db3ed01ffffbd53d67226766c3b1b5788a741a01e57b447099

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https://az416426.vo.msecnd.net https://cdvfile/localhost/ https://sfsign-dev.ivanticloud.com/ISM/script https://na3.docusign.net https://docucdn-a.akamaihd.net
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 08:41:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://az416426.vo.msecnd.net https://cdvfile/localhost/ https://sfsign-dev.ivanticloud.com/ISM/script https://na3.docusign.net https://docucdn-a.akamaihd.net
x-powered-by: Ivanti Service Manager
content-length: 1284
x-xss-protection: 1; mode=block
x-ua-compatible: IE=9, IE=edge
referrer-policy: no-referrer
last-modified: Wed, 14 Sep 2022 21:48:58 GMT
server: Appserver
etag: "1D8C883CB080100"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public
feature-policy: payment 'none'; microphone 'none'; geolocation 'none'; camera 'none'; sync-xhr 'self'
accept-ranges: bytes
expires: Fri, 02 Dec 2022 08:41:48 GMT

GET
H2

200

SsoLoginHandler.ashx
vistex.saasit.com/handlers/sso/
Redirect Chain

https://vistex.saasit.com/Account/SsoLogin?provider=VistexADFS&timezoneOffset=0&timezone=Etc%2FUnknown
https://vistex.saasit.com/handlers/sso/SsoLoginHandler.ashx?SaaSAppId=vistex.saasit.com&SaaSTimezoneOffset=0&SaaSTimezoneName=Etc%2fUnknown&SaaSAppPath=%2f&SaaSExternalLogin=&SaaSAuthProviderName=V...

34 KB
15 KB

207ms
207ms

Document
text/html

20.252.79.45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://vistex.saasit.com/handlers/sso/SsoLoginHandler.ashx?SaaSAppId=vistex.saasit.com&SaaSTimezoneOffset=0&SaaSTimezoneName=Etc%2fUnknown&SaaSAppPath=%2f&SaaSExternalLogin=&SaaSAuthProviderName=VistexADFS&SaaSUserName=&SaaSResourceURL=https%253A%252F%252Fvistex.saasit.com%252F%253FNoDefaultProvider%253DTrue&SaaSIdpInitiatedLogin=True&SaaSRole=&SaaSRenewalMode=False&SaaSDebugMode=False

Requested by

Host: vistex.saasit.com
URL: https://vistex.saasit.com/scripts/account/LoginMask.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.252.79.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Appserver / Ivanti Service Manager

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https://az416426.vo.msecnd.net https://cdvfile/localhost/ https://sfsign-dev.ivanticloud.com/ISM/script https://na3.docusign.net https://docucdn-a.akamaihd.net
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private
content-encoding: gzip
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://az416426.vo.msecnd.net https://cdvfile/localhost/ https://sfsign-dev.ivanticloud.com/ISM/script https://na3.docusign.net https://docucdn-a.akamaihd.net
content-type: text/html; charset=utf-8
date: Thu, 01 Dec 2022 08:41:49 GMT
feature-policy: payment 'none'; microphone 'none'; geolocation 'none'; camera 'none'; sync-xhr 'self'
referrer-policy: no-referrer
server: Appserver
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: Ivanti Service Manager
x-ua-compatible: IE=9, IE=edge
x-xss-protection: 1; mode=block

Redirect headers

cache-control: no-cache, no-store, must-revalidate
content-length: 550
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://az416426.vo.msecnd.net https://cdvfile/localhost/ https://sfsign-dev.ivanticloud.com/ISM/script https://na3.docusign.net https://docucdn-a.akamaihd.net
content-type: text/html; charset=utf-8
date: Thu, 01 Dec 2022 08:41:49 GMT
expires: -1
feature-policy: payment 'none'; microphone 'none'; geolocation 'none'; camera 'none'; sync-xhr 'self'
location: https://vistex.saasit.com/handlers/sso/SsoLoginHandler.ashx?SaaSAppId=vistex.saasit.com&SaaSTimezoneOffset=0&SaaSTimezoneName=Etc%2fUnknown&SaaSAppPath=%2f&SaaSExternalLogin=&SaaSAuthProviderName=VistexADFS&SaaSUserName=&SaaSResourceURL=https%253A%252F%252Fvistex.saasit.com%252F%253FNoDefaultProvider%253DTrue&SaaSIdpInitiatedLogin=True&SaaSRole=&SaaSRenewalMode=False&SaaSDebugMode=False
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma: no-cache
referrer-policy: no-referrer
server: Appserver
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: Ivanti Service Manager
x-ua-compatible: IE=9, IE=edge
x-xss-protection: 1; mode=block

POST
H/1.1 200
OK Primary Request ls Show response
adfs.vistex.com/adfs/ 17 KB
21 KB 482ms
128ms Document
text/html 198.233.124.112
VISTEX

General

Check archive.org

Show headers Download Go to

Full URL

https://adfs.vistex.com/adfs/ls

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.233.124.112 , United States, ASN63217 (VISTEX, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

f766b1a040363cc08c4c8b25508c409d9c686e77922cbdf1a6cfbda9234e202c

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: null
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache,no-store
Content-Length: 17114
Content-Type: text/html; charset=utf-8
Date: Thu, 01 Dec 2022 08:41:49 GMT
Expires: -1
P3P: ADFS doesn't have P3P policy, please contact your site's admin for more details
Pragma: no-cache
Server: Microsoft-HTTPAPI/2.0
X-Frame-Options: DENY

GET
H/1.1 200
OK style.css
adfs.vistex.com/adfs/portal/css/ 8 KB
8 KB 219ms
112ms Stylesheet
text/css 198.233.124.112
VISTEX

General

Check archive.org

Show headers Download Go to

Full URL: https://adfs.vistex.com/adfs/portal/css/style.css?id=0A13280A86E7DFA6949BD016EA848912FCAFC05E88CBEDF538AC325B27041205
Requested by: Host: adfs.vistex.com
URL: https://adfs.vistex.com/adfs/ls
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 198.233.124.112 , United States, ASN63217 (VISTEX, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: 0a13280a86e7dfa6949bd016ea848912fcafc05e88cbedf538ac325b27041205

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adfs.vistex.com/adfs/ls
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Expires: Sat, 31 Dec 2022 08:41:50 GMT
Date: Thu, 01 Dec 2022 08:41:49 GMT
Server: Microsoft-HTTPAPI/2.0
ETag: 0A13280A86E7DFA6949BD016EA848912FCAFC05E88CBEDF538AC325B27041205
Content-Length: 8144
Content-Type: text/css

GET
H/1.1 200
OK logo.png
adfs.vistex.com/adfs/portal/logo/ 16 KB
16 KB 435ms
218ms Image
image/png 198.233.124.112
VISTEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adfs.vistex.com/adfs/portal/logo/logo.png?id=2AED6440082D73575CA4ABFC4B417EE285CB3481F4566E1E9F45E4E4F32390EE
Requested by: Host: adfs.vistex.com
URL: https://adfs.vistex.com/adfs/ls
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 198.233.124.112 , United States, ASN63217 (VISTEX, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: 2aed6440082d73575ca4abfc4b417ee285cb3481f4566e1e9f45e4e4f32390ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adfs.vistex.com/adfs/ls
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Expires: Sat, 31 Dec 2022 08:41:50 GMT
Date: Thu, 01 Dec 2022 08:41:49 GMT
Server: Microsoft-HTTPAPI/2.0
ETag: 2AED6440082D73575CA4ABFC4B417EE285CB3481F4566E1E9F45E4E4F32390EE
Content-Length: 15887
Content-Type: image/png

GET
H/1.1 200
OK illustration.jpg
adfs.vistex.com/adfs/portal/illustration/ 24 KB
24 KB 110ms
109ms Image
image/jpg 198.233.124.112
VISTEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adfs.vistex.com/adfs/portal/illustration/illustration.jpg?id=9CFE248A9351B649C7034D09F24C467132501D1B8AB0E6E0FC6E02753223F185
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 198.233.124.112 , United States, ASN63217 (VISTEX, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: 9cfe248a9351b649c7034d09f24c467132501d1b8ab0e6e0fc6e02753223f185

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adfs.vistex.com/adfs/ls
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Expires: Sat, 31 Dec 2022 08:41:50 GMT
Date: Thu, 01 Dec 2022 08:41:49 GMT
Server: Microsoft-HTTPAPI/2.0
ETag: 9CFE248A9351B649C7034D09F24C467132501D1B8AB0E6E0FC6E02753223F185
Content-Length: 24838
Content-Type: image/jpg

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
adfs.vistex.com/adfs	1969-12-31 23:59:59	Name: MSISSamlRequest Value: QmFzZVVybD1odHRwcyUzYSUyZiUyZmFkZnMudmlzdGV4LmNvbSUzYTQ0MyUyZmFkZnMlMmZsc1xTQU1MUmVxdWVzdD1QSE5oYld4d09rRjFkR2h1VW1WeGRXVnpkQ0JKUkQwaVh6aG1OalUxT1dNMExXVmxNelV0TkRZeFpDMWlPR1EyTFRVd1pqRTNZMkUzTURkalpDSWdWbVZ5YzJsdmJqMGlNaTR3SWlCSmMzTjFaVWx1YzNSaGJuUTlJakl3TWpJdE1USXRNREZVTURnNk5ERTZORGt1TWpjeVdpSWdSR1Z6ZEdsdVlYUnBiMjQ5SW1oMGRIQnpPaTh2WVdSbWN5NTJhWE4wWlhndVkyOXRMMkZrWm5NdmJITWlJRVp2Y21ObFFYVjBhRzQ5SW1aaGJITmxJaUJKYzFCaGMzTnBkbVU5SW1aaGJITmxJaUJRY205MGIyTnZiRUpwYm1ScGJtYzlJblZ5YmpwdllYTnBjenB1WVcxbGN6cDBZenBUUVUxTU9qSXVNRHBpYVc1a2FXNW5jenBJVkZSUUxWQlBVMVFpSUVGemMyVnlkR2x2YmtOdmJuTjFiV1Z5VTJWeWRtbGpaVlZTVEQwaWFIUjBjSE02THk5MmFYTjBaWGd1YzJGaGMybDBMbU52YlM5b1lXNWtiR1Z5Y3k5emMyOHZVMkZ0YkVGemMyVnlkR2x2YmtOdmJuTjFiV1Z5U0dGdVpHeGxjaTVoYzJoNElpQjRiV3h1Y3pwellXMXNjRDBpZFhKdU9tOWhjMmx6T201aGJXVnpPblJqT2xOQlRVdzZNaTR3T25CeWIzUnZZMjlzSWo0OGMyRnRiRHBKYzNOMVpYSWdlRzFzYm5NNmMyRnRiRDBpZFhKdU9tOWhjMmx6T201aGJXVnpPblJqT2xOQlRVdzZNaTR3T21GemMyVnlkR2x2YmlJJTJiYUhSMGNITTZMeTkyYVhOMFpYZ3VjMkZoYzJsMExtTnZiUzg4TDNOaGJXdzZTWE56ZFdWeVBqeFRhV2R1WVhSMWNtVWdlRzFzYm5NOUltaDBkSEE2THk5M2QzY3Vkek11YjNKbkx6SXdNREF2TURrdmVHMXNaSE5wWnlNaVBqeFRhV2R1WldSSmJtWnZQanhEWVc1dmJtbGpZV3hwZW1GMGFXOXVUV1YwYUc5a0lFRnNaMjl5YVhSb2JUMGlhSFIwY0RvdkwzZDNkeTUzTXk1dmNtY3ZNakF3TVM4eE1DOTRiV3d0WlhoakxXTXhORzRqSWlBdlBqeFRhV2R1WVhSMWNtVk5aWFJvYjJRZ1FXeG5iM0pwZEdodFBTSm9kSFJ3T2k4dmQzZDNMbmN6TG05eVp5OHlNREF4THpBMEwzaHRiR1J6YVdjdGJXOXlaU055YzJFdGMyaGhNalUySWlBdlBqeFNaV1psY21WdVkyVWdWVkpKUFNJalh6aG1OalUxT1dNMExXVmxNelV0TkRZeFpDMWlPR1EyTFRVd1pqRTNZMkUzTURkalpDSSUyYlBGUnlZVzV6Wm05eWJYTSUyYlBGUnlZVzV6Wm05eWJTQkJiR2R2Y21sMGFHMDlJbWgwZEhBNkx5OTNkM2N1ZHpNdWIzSm5Mekl3TURBdk1Ea3ZlRzFzWkhOcFp5TmxiblpsYkc5d1pXUXRjMmxuYm1GMGRYSmxJaUF2UGp4VWNtRnVjMlp2Y20wZ1FXeG5iM0pwZEdodFBTSm9kSFJ3T2k4dmQzZDNMbmN6TG05eVp5OHlNREF4THpFd0wzaHRiQzFsZUdNdFl6RTBiaU1pSUM4JTJiUEM5VWNtRnVjMlp2Y20xelBqeEVhV2RsYzNSTlpYUm9iMlFnUVd4bmIzSnBkR2h0UFNKb2RIUndPaTh2ZDNkM0xuY3pMbTl5Wnk4eU1EQXdMekE1TDNodGJHUnphV2NqYzJoaE1TSWdMejQ4UkdsblpYTjBWbUZzZFdVJTJiV1dGVU1WZ3ZUbThyY1hnM01X
adfs.vistex.com/adfs	1969-12-31 23:59:59	Name: MSISSamlRequest1 Value: cFRORlJQYVhwMVMwNVhNbEF3UFR3dlJHbG5aWE4wVm1Gc2RXVSUyYlBDOVNaV1psY21WdVkyVSUyYlBDOVRhV2R1WldSSmJtWnZQanhUYVdkdVlYUjFjbVZXWVd4MVpUNXBZVzU0VldFM01URkZNbUpCTkhkWmJtb3ZhV1J5WWl0aVYyb3hZVXBPU3pkVVRsaEhaRUUxUVRKRlMxUm5OVGxTZEVkME1ETldlbTFtVUU5NVNYZFlaamcyYmxZeWNsazBhMDlxTm5adE1VaFBZVk53WkRCNFRHaERjV0U0VDB4NFNrRnhZVXBLWkRrNVRVMDRkbFprVjBaVFMySXpSa0Y0T1dkaVNrazJiRW96U0N0UE5TOXRNM1ZuZG1sU2RWaHROelJ0UlhkNmFpdFdkVk0zYVU1SVZqTTNabXQwWTFSeVlsYzVTMnBPUXpjMVJIUkNTR05DUW14TVRrOU5NVXRvWVZWMFZYTkhVa0UxVVhaMmIwTkhjMVZQZEdKSE9FWmpRV3hXUTNBclVDOW1MeXRFZFdwWlRGWnNjR1l5WVRVeVlUbHlPVGhqWkhkbFYxRjFkREpTYkVFMWIzUnpUMncxYmpaSGJXczFLME53U1ZSUVJFWkxjSEpWYmtKUlVrbDFTRTVIUTA4elZGTk9aVUpIYkd0VVpHRlNla1F6Y1haSFZFMTJjVXN2ZGk4clVIWXJlbUpXV0hwMVUyeGpVRGh2VTJGMkswRTlQVHd2VTJsbmJtRjBkWEpsVm1Gc2RXVSUyYlBFdGxlVWx1Wm04JTJiUEV0bGVWWmhiSFZsUGp4U1UwRkxaWGxXWVd4MVpUNDhUVzlrZFd4MWN6NXdVa3MwUlRoTmVFWm1SakZ3VUZabllWVjVia2huTml0VUwzSXJjak51T0ZOemFXSmtVVE5qTm5SSWJsVkdOVkZoYVhkYVMwWlphVkpMUW01dmEwOTNkR3RrTUV0TmNYbHlRV2RNYVZGSGEycHJTblVyZWpVMVJIRm5NSFpVUjBwd1ZHaExNVmswWmpWSmRFVmhOMWMzWTIwMVJXWXdXbmR4ZVd0MVQwVktLMUl2ZEhseE5VMXJkVEJQWkhnMmFIVTRaVzF4UW5SbU4yeHNNU3RwVEdzMk1XaFNXbWRWYkRCTGVXWXZNR3BaVTBSaVdYQjVlSGxTWm5SdE5qUlBZMVozUjAwMWRtNVplR05zWjBGNlVGcERhM0ZNWVhWUFRFMVRZVVpSYVZSa1FsQmtNblJNVmxKaWQxUTFTSHBFWldOdlZVTnRVME4xSzBaSU1HdENPVlpZY25SU1RIRTJXRlZsWmtOTk16ZDNNMU16U0VSTE5rZEVORzlTVWtwa2FFSXhURkE1YkZWSWNEQlNRVGd3V2tGd2EzbFlVRWRSVFdsR2NERTFZbEp3T0ZJNFRuRXpMMnR2WkV0eWRXZ3hSVzF5V0VWT1dGRTlQVHd2VFc5a2RXeDFjejQ4Ulhod2IyNWxiblElMmJRVkZCUWp3dlJYaHdiMjVsYm5RJTJiUEM5U1UwRkxaWGxXWVd4MVpUNDhMMHRsZVZaaGJIVmxQand2UzJWNVNXNW1iejQ4TDFOcFoyNWhkSFZ5WlQ0OGMyRnRiSEE2VG1GdFpVbEVVRzlzYVdONUlFRnNiRzkzUTNKbFlYUmxQU0owY25WbElpQXZQand2YzJGdGJIQTZRWFYwYUc1U1pYRjFaWE4wUGclM2QlM2RcUHJvdG9jb2xCaW5kaW5nPXVybiUzYW9hc2lzJTNhbmFtZXMlM2F0YyUzYVNBTUwlM2EyLjAlM2FiaW5kaW5ncyUzYUhUVFAtUE9TVFxSZWxheVN0YXRlPU56ZGhaVE0xWXpNdFpEazVaQzAwTkRobUxXRTBNR1F0T0RBeVlUazRZMlZtTURrMg==
vistex.saasit.com/	1969-12-31 23:59:59	Name: SID Value:
vistex.saasit.com/	1970-01-20 07:52:10	Name: SSOR Value: 77ae35c3-d99d-448f-a40d-802a98cef096%0ASaaSAppId%3Dvistex.saasit.com%26SaaSTimezoneOffset%3D0%26SaaSTimezoneName%3DEtc%252fUnknown%26SaaSAppPath%3D%252f%26SaaSExternalLogin%3D%26SaaSAuthProviderName%3DVistexADFS%26SaaSUserName%3D%26SaaSResourceURL%3D%25252F%25253FNoDefaultProvider%25253DTrue%26SaaSIdpInitiatedLogin%3DTrue%26SaaSRole%3D%26SaaSRenewalMode%3DFalse%26SaaSDebugMode%3DFalse

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https://az416426.vo.msecnd.net https://cdvfile/localhost/ https://sfsign-dev.ivanticloud.com/ISM/script https://na3.docusign.net https://docucdn-a.akamaihd.net
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adfs.vistex.com
vistex.saasit.com
198.233.124.112
20.252.79.45
0a13280a86e7dfa6949bd016ea848912fcafc05e88cbedf538ac325b27041205
2aed6440082d73575ca4abfc4b417ee285cb3481f4566e1e9f45e4e4f32390ee
7407aed2f30936db3ed01ffffbd53d67226766c3b1b5788a741a01e57b447099
7b237b7d29bcd9e6a8f9f0cc15d853c8b985b7297fd43f713195b1e255a2ba40
94b7c105dd0b798aa05b8b1caa30d6454fac010241901fd730a1cf9d2c4c1f60
9cfe248a9351b649c7034d09f24c467132501d1b8ab0e6e0fc6e02753223f185
f766b1a040363cc08c4c8b25508c409d9c686e77922cbdf1a6cfbda9234e202c

adfs.vistex.com Open in urlscan Pro 198.233.124.112 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

9 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

142 kBTransfer

223 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

4 Cookies

Security Headers

Indicators

adfs.vistex.com Open in urlscan Pro
198.233.124.112 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

142 kB
Transfer

223 kB
Size

4
Cookies

9 HTTP transactions
0 data transactions