sso.kroger.com
Open in
urlscan Pro
158.48.152.30
Public Scan
Effective URL: https://sso.kroger.com/affwebservices/public/login/?TYPE=33554433&REALMOID=06-d291ec4f-b96e-40ed-80a3-ca8fedb41a98&GUID...
Submission: On January 04 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by Sectigo RSA Organization Validation S... on November 29th 2023. Valid for: a year.
This is the only time sso.kroger.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 158.48.152.100 158.48.152.100 | 32577 (KROGER) (KROGER) | |
3 3 | 158.48.132.50 158.48.132.50 | 32577 (KROGER) (KROGER) | |
2 | 2603:1026:300... 2603:1026:3000:148::e | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 2620:1ec:46::63 2620:1ec:46::63 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
2 7 | 158.48.152.30 158.48.152.30 | 32577 (KROGER) (KROGER) | |
8 | 3 |
ASN32577 (KROGER, US)
PTR: vpnt-hdc.kroger.com
vpn-hdc-onprem.kroger.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com |
ASN32577 (KROGER, US)
PTR: sso.kroger.com
sso.kroger.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
kroger.com
6 redirects
vpn.kroger.com — Cisco Umbrella Rank: 634359 vpn-hdc-onprem.kroger.com sso.kroger.com — Cisco Umbrella Rank: 870120 |
155 KB |
2 |
microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 24 |
12 KB |
1 |
msauth.net
aadcdn.msauth.net — Cisco Umbrella Rank: 2554 |
48 KB |
8 | 3 |
Domain | Requested by | |
---|---|---|
7 | sso.kroger.com |
2 redirects
sso.kroger.com
|
3 | vpn-hdc-onprem.kroger.com | 3 redirects |
2 | login.microsoftonline.com |
aadcdn.msauth.net
|
1 | aadcdn.msauth.net |
login.microsoftonline.com
|
1 | vpn.kroger.com | 1 redirects |
8 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
iam.kroger.com |
bweb.kroger.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA |
2023-11-23 - 2024-11-23 |
a year | crt.sh |
aadcdn.msauth.net DigiCert SHA2 Secure Server CA |
2023-10-29 - 2024-10-29 |
a year | crt.sh |
*.kroger.com Sectigo RSA Organization Validation Secure Server CA |
2023-11-29 - 2024-11-28 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://sso.kroger.com/affwebservices/public/login/?TYPE=33554433&REALMOID=06-d291ec4f-b96e-40ed-80a3-ca8fedb41a98&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-CiTHD7TYnLrlehRDEVhsLFZvSvDdpFIXHjj0QxUX8kCmBwx%2f0eqLeRS0OQfqnK%2b0&TARGET=-SM-HTTPS%3a%2f%2fsso%2ekroger%2ecom%2faffwebservices%2fredirectjsp%2fredirectsecurewebadn%2ejsp%3fSMPORTALURL%3dhttps-%3A-%2F-%2Fsso%2ekroger%2ecom-%2Faffwebservices-%2Fpublic-%2Fsaml2sso
Frame ID: 0322849BF6AC7F8C84722746827F0A74
Requests: 8 HTTP requests in this frame
Screenshot
Page Title
SecureWEB LoginPage URL History Show full URLs
-
https://vpn.kroger.com/2fmfa
HTTP 302
https://vpn-hdc-onprem.kroger.com/2fmfa HTTP 302
https://vpn-hdc-onprem.kroger.com/dana-na/auth/url_ZDm26reouv5IgtwW/welcome.cgi HTTP 302
https://vpn-hdc-onprem.kroger.com/dana-na/auth/url_ZDm26reouv5IgtwW/login.cgi?realm=TwoFactor-MFA HTTP 302
https://login.microsoftonline.com/8331e14a-9134-4288-bf5a-5e2c8412f074/saml2?whr=krmaverics.com&SAMLRequest=rZ... Page URL
- https://login.microsoftonline.com/8331e14a-9134-4288-bf5a-5e2c8412f074/saml2?whr=krmaverics.com&SAMLRequest=rZ... Page URL
-
https://sso.kroger.com/affwebservices/public/saml2sso
HTTP 302
https://sso.kroger.com/affwebservices/redirectjsp/redirectsecurewebadn.jsp?SMPORTALURL=https%3A%2F%... HTTP 302
https://sso.kroger.com/affwebservices/public/login/?TYPE=33554433&REALMOID=06-d291ec4f-b96e-40ed-80... Page URL
Detected technologies
jQuery (JavaScript Libraries) ExpandDetected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: IAM web site
Search URL Search Domain Scan URL
Title: Corporate Information Security web site
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://vpn.kroger.com/2fmfa
HTTP 302
https://vpn-hdc-onprem.kroger.com/2fmfa HTTP 302
https://vpn-hdc-onprem.kroger.com/dana-na/auth/url_ZDm26reouv5IgtwW/welcome.cgi HTTP 302
https://vpn-hdc-onprem.kroger.com/dana-na/auth/url_ZDm26reouv5IgtwW/login.cgi?realm=TwoFactor-MFA HTTP 302
https://login.microsoftonline.com/8331e14a-9134-4288-bf5a-5e2c8412f074/saml2?whr=krmaverics.com&SAMLRequest=rZNNj9owEIb%2FSuS7iW0CBIuwoqCqSP2IdlEPe6mMPQFrEzu1zUf%2FfZ3Abjl0%0AOVQ9WfK8M%2FM%2BM%2FbMi6Zu%2BeIQ9uYRfh7Ah%2BTc1MbzPlCggzPcCq89N6IBz4Pk%0AT4svnzkbEN46G6y0NUpWMU8bEbQ1BdqH0HqeprXdaTNotHTW2ypYU2sDA2mb%0ANB8OKdBM4CkdZjhjeY631UjgETCZZ5RVZJKlnQH2cNq74sU14ghOS99lo%2BSj%0AdRJ6ywUiKFmvCvRDDcdKsQlsJ6OcjomkVFbTraICyHQ8IizKvD%2FA2vggTCgQ%0AIyzDhGKSbRjjGeGUPKOkvBJ90EZps7uPv72IPP%2B02ZS4%2FPa06QsctQL3Nar%2F%0ATOLYGrxXEjtBBy%2FO7sD1Y1DCCGxEKiJKj4vBqNZqEwZypx%2FawrfR93dwvp9r%0A7Inms07HexZ3s6n7ToX34LrloPl%2FsDRLbzxcDLW8A16vSltr%2BStZ1LU9LR2I%0AEIdAUfoqur4wUP3yltYEOIdkaZtWOO07RjgLGV4pb1XLOkI8QvUvzHdlksuu%0AdLwu43GyTl35%2FtZ9fom9Q%2FIWvf1O898%3D%0A&RelayState=https%3A%2F%2Fvpn-hdc-onprem.kroger.com%2F2FMFA Page URL
- https://login.microsoftonline.com/8331e14a-9134-4288-bf5a-5e2c8412f074/saml2?whr=krmaverics.com&SAMLRequest=rZNNj9owEIb%2FSuS7iW0CBIuwoqCqSP2IdlEPe6mMPQFrEzu1zUf%2FfZ3Abjl0%0AOVQ9WfK8M%2FM%2BM%2FbMi6Zu%2BeIQ9uYRfh7Ah%2BTc1MbzPlCggzPcCq89N6IBz4Pk%0AT4svnzkbEN46G6y0NUpWMU8bEbQ1BdqH0HqeprXdaTNotHTW2ypYU2sDA2mb%0ANB8OKdBM4CkdZjhjeY631UjgETCZZ5RVZJKlnQH2cNq74sU14ghOS99lo%2BSj%0AdRJ6ywUiKFmvCvRDDcdKsQlsJ6OcjomkVFbTraICyHQ8IizKvD%2FA2vggTCgQ%0AIyzDhGKSbRjjGeGUPKOkvBJ90EZps7uPv72IPP%2B02ZS4%2FPa06QsctQL3Nar%2F%0ATOLYGrxXEjtBBy%2FO7sD1Y1DCCGxEKiJKj4vBqNZqEwZypx%2FawrfR93dwvp9r%0A7Inms07HexZ3s6n7ToX34LrloPl%2FsDRLbzxcDLW8A16vSltr%2BStZ1LU9LR2I%0AEIdAUfoqur4wUP3yltYEOIdkaZtWOO07RjgLGV4pb1XLOkI8QvUvzHdlksuu%0AdLwu43GyTl35%2FtZ9fom9Q%2FIWvf1O898%3D%0A&RelayState=https%3A%2F%2Fvpn-hdc-onprem.kroger.com%2F2FMFA&sso_reload=true Page URL
-
https://sso.kroger.com/affwebservices/public/saml2sso
HTTP 302
https://sso.kroger.com/affwebservices/redirectjsp/redirectsecurewebadn.jsp?SMPORTALURL=https%3A%2F%2Fsso.kroger.com%2Faffwebservices%2Fpublic%2Fsaml2sso HTTP 302
https://sso.kroger.com/affwebservices/public/login/?TYPE=33554433&REALMOID=06-d291ec4f-b96e-40ed-80a3-ca8fedb41a98&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-CiTHD7TYnLrlehRDEVhsLFZvSvDdpFIXHjj0QxUX8kCmBwx%2f0eqLeRS0OQfqnK%2b0&TARGET=-SM-HTTPS%3a%2f%2fsso%2ekroger%2ecom%2faffwebservices%2fredirectjsp%2fredirectsecurewebadn%2ejsp%3fSMPORTALURL%3dhttps-%3A-%2F-%2Fsso%2ekroger%2ecom-%2Faffwebservices-%2Fpublic-%2Fsaml2sso Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://vpn.kroger.com/2fmfa HTTP 302
- https://vpn-hdc-onprem.kroger.com/2fmfa HTTP 302
- https://vpn-hdc-onprem.kroger.com/dana-na/auth/url_ZDm26reouv5IgtwW/welcome.cgi HTTP 302
- https://vpn-hdc-onprem.kroger.com/dana-na/auth/url_ZDm26reouv5IgtwW/login.cgi?realm=TwoFactor-MFA HTTP 302
- https://login.microsoftonline.com/8331e14a-9134-4288-bf5a-5e2c8412f074/saml2?whr=krmaverics.com&SAMLRequest=rZNNj9owEIb%2FSuS7iW0CBIuwoqCqSP2IdlEPe6mMPQFrEzu1zUf%2FfZ3Abjl0%0AOVQ9WfK8M%2FM%2BM%2FbMi6Zu%2BeIQ9uYRfh7Ah%2BTc1MbzPlCggzPcCq89N6IBz4Pk%0AT4svnzkbEN46G6y0NUpWMU8bEbQ1BdqH0HqeprXdaTNotHTW2ypYU2sDA2mb%0ANB8OKdBM4CkdZjhjeY631UjgETCZZ5RVZJKlnQH2cNq74sU14ghOS99lo%2BSj%0AdRJ6ywUiKFmvCvRDDcdKsQlsJ6OcjomkVFbTraICyHQ8IizKvD%2FA2vggTCgQ%0AIyzDhGKSbRjjGeGUPKOkvBJ90EZps7uPv72IPP%2B02ZS4%2FPa06QsctQL3Nar%2F%0ATOLYGrxXEjtBBy%2FO7sD1Y1DCCGxEKiJKj4vBqNZqEwZypx%2FawrfR93dwvp9r%0A7Inms07HexZ3s6n7ToX34LrloPl%2FsDRLbzxcDLW8A16vSltr%2BStZ1LU9LR2I%0AEIdAUfoqur4wUP3yltYEOIdkaZtWOO07RjgLGV4pb1XLOkI8QvUvzHdlksuu%0AdLwu43GyTl35%2FtZ9fom9Q%2FIWvf1O898%3D%0A&RelayState=https%3A%2F%2Fvpn-hdc-onprem.kroger.com%2F2FMFA
8 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
saml2
login.microsoftonline.com/8331e14a-9134-4288-bf5a-5e2c8412f074/ Redirect Chain
|
20 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BssoInterrupt_Core_vh-Mo3E5zaJqWI-ycPlvOw2.js
aadcdn.msauth.net/shared/1.0/content/js/ |
136 KB 48 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
saml2
login.microsoftonline.com/8331e14a-9134-4288-bf5a-5e2c8412f074/ |
1 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
/
sso.kroger.com/affwebservices/public/login/ Redirect Chain
|
19 KB 19 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
layout.css
sso.kroger.com/affwebservices/public/styles/ |
12 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-3.6.0.min.js
sso.kroger.com/affwebservices/public/scripts/ |
87 KB 88 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_secure_web.jpg
sso.kroger.com/affwebservices/public/images/ |
11 KB 11 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_garden.jpg
sso.kroger.com/affwebservices/public/images/ |
20 KB 21 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
13 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture function| $ function| jQuery function| checkOnload function| checkTheForm function| sidebar function| PopUpSpanish function| passport boolean| helpOpen function| signInHelp boolean| secureOpen function| secureWEB string| pplurl12 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
sso.kroger.com/affwebservices | Name: JSESSIONID Value: 1AB9DAE008DDF1461445D16DB34D782B |
|
vpn-hdc-onprem.kroger.com/dana-na/ | Name: DSSIGNIN Value: url_ZDm26reouv5IgtwW |
|
vpn-hdc-onprem.kroger.com/ | Name: DSSignInURL Value: /2fmfa |
|
login.microsoftonline.com/ | Name: x-ms-gateway-slice Value: estsfd |
|
login.microsoftonline.com/ | Name: stsservicecookie Value: estsfd |
|
.login.microsoftonline.com/ | Name: AADSSO Value: NA|NoExtension |
|
login.microsoftonline.com/ | Name: SSOCOOKIEPULLED Value: 1 |
|
login.microsoftonline.com/ | Name: buid Value: 0.ARcASuExgzSRiEK_Wl4shBLwdM4vQAfjYxJLgpAD7leQEkUXAAA.AQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-s45Pp1wpSsO2ZoOKc-ezNM3ASO9cNHGgtwPOflb71a_rR8Ro-l2Zguh2PtfjzBIaXBsX_CIgto8ExxNZSJ31Az34Bxww5W01PYDq7Y4P4p0gAA |
|
login.microsoftonline.com/ | Name: fpc Value: AlHiMOvXjGxDpu2HjM2L77MlLDiIAQAAAMsqKd0OAAAA |
|
.login.microsoftonline.com/ | Name: esctx Value: PAQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-XQoV7zLMkKogeDCR-fkps3smqzda1id2bUz-GNQTSNAJdY0CcTCg7gxHXJNoWu73xsTeeLfxJx1JqxmcyNASZSHS8f5Fkn7pybyoarASky5kTU9OkvLxNI-j4TVOTfDWIGbC3sq5eiH33rJGlBpfY-DtlDdfIILybiJaxYC3WTcgAA |
|
.kroger.com/ | Name: GUID Value: "1:2ecc6953-d6e9e539-ac67b214-1dfc312f-71f11277-5a" |
|
.kroger.com/ | Name: dtCookie Value: v_4_srv_36_sn_6E6E0958F5311A63AA7D636AF8869616_perc_100000_ol_0_mul_1_app-3Ad37a6c80396b0e95_1_rcs-3Acss_0 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Xss-Protection | 0 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aadcdn.msauth.net
login.microsoftonline.com
sso.kroger.com
vpn-hdc-onprem.kroger.com
vpn.kroger.com
158.48.132.50
158.48.152.100
158.48.152.30
2603:1026:3000:148::e
2620:1ec:46::63
078cd8bf0291feeba7b2658915ec36f3ea45fb15406184cc5f441b104ce9b4b1
2af55ea8e0ccca30445f3bdfa03614cfd8ff6aa1a7b49a6bea423f2b6573bd26
37cece7a38c62978d3e76dbd380895437ae395eb752fdcbbf8a6a7927a2b570e
8115a28a7f1ca9429d9206f236a6d8877da8066a79a8e3c344212a1f03e42fac
c6dd53573727cea8396b3279bc5d6e5d59ce8f12fc7a6bc4bf9df563e1a445d0
ee162725a2b002e2a1c9fabcff705fd341a37b9e3d5613d2879ea89b4fa7877f
fc5452d1ab8ed5f72e44043cd02b351c6855046ae2558e015f0dede9e8011d78
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e