safe.thomson.com
Open in
urlscan Pro
163.231.5.34
Public Scan
Effective URL: https://safe.thomson.com/auth/router?action=Login&ProtectionLevel=SAFE10&TYPE=33554433&REALMOID=06-1964e5a2-362c-45b7-a1d...
Submission: On February 24 via manual from US
Summary
TLS certificate: Issued by COMODO RSA Organization Validation Se... on October 12th 2018. Valid for: 2 years.
This is the only time safe.thomson.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 4 | 121.244.123.7 121.244.123.7 | 4755 (TATACOMM-...) (TATACOMM-AS TATA Communications formerly VSNL is Leading ISP) | |
18 | 163.231.5.34 163.231.5.34 | 4583 (WESTPUB-A) (WESTPUB-A) | |
1 | 2a00:1450:400... 2a00:1450:4001:81c::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:808::2008 | 15169 (GOOGLE) (GOOGLE) | |
22 | 4 |
ASN4755 (TATACOMM-AS TATA Communications formerly VSNL is Leading ISP, IN)
PTR: hrberry.com
fnrindia.hrberry.com | |
www.hrberry.com |
ASN15169 (GOOGLE, US)
ssl.google-analytics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
thomson.com
safe.thomson.com |
106 KB |
4 |
hrberry.com
3 redirects
fnrindia.hrberry.com www.hrberry.com |
25 KB |
2 |
google-analytics.com
ssl.google-analytics.com |
17 KB |
1 |
googleapis.com
ajax.googleapis.com |
32 KB |
22 | 4 |
Domain | Requested by | |
---|---|---|
18 | safe.thomson.com |
www.hrberry.com
safe.thomson.com ajax.googleapis.com |
2 | ssl.google-analytics.com |
safe.thomson.com
|
2 | www.hrberry.com | 1 redirects |
2 | fnrindia.hrberry.com | 2 redirects |
1 | ajax.googleapis.com |
safe.thomson.com
|
22 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.hrberry.com Entrust Certification Authority - L1K |
2019-07-15 - 2021-07-15 |
2 years | crt.sh |
*.thomson.com COMODO RSA Organization Validation Secure Server CA |
2018-10-12 - 2020-10-11 |
2 years | crt.sh |
*.storage.googleapis.com GTS CA 1O1 |
2020-02-12 - 2020-05-06 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-02-12 - 2020-05-06 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://safe.thomson.com/auth/router?action=Login&ProtectionLevel=SAFE10&TYPE=33554433&REALMOID=06-1964e5a2-362c-45b7-a1d5-b886ea1b4ce0&GUID=&SMAUTHREASON=0&METHOD=POST&SMAGENTNAME=$SM$gNW0md%2bsMuvGQzbDDuh6DYs%2bNZBvIyDUm03q6eXS44rjYkLiEidwAshKyiJ0AjbI&TARGET=$SM$https%3a%2f%2fsafe%2ethomson%2ecom%2fSAML2%2fssoHigh%2fSAML2Service
Frame ID: D1A720090656A471BC0387A1C5316C5D
Requests: 22 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://fnrindia.hrberry.com/
HTTP 301
https://fnrindia.hrberry.com/ HTTP 302
https://www.hrberry.com/powerhr/index.php/fnrindia HTTP 302
https://www.hrberry.com/powerhr/index.php?q=cms&m=saml_index&client=fnrindia Page URL
- https://safe.thomson.com/SAML2/ssoHigh/SAML2Service Page URL
- https://safe.thomson.com/auth/router?action=Login&ProtectionLevel=SAFE10&TYPE=33554433&REALMOID=06-19... Page URL
Detected technologies
Google Analytics (Analytics) ExpandDetected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://fnrindia.hrberry.com/
HTTP 301
https://fnrindia.hrberry.com/ HTTP 302
https://www.hrberry.com/powerhr/index.php/fnrindia HTTP 302
https://www.hrberry.com/powerhr/index.php?q=cms&m=saml_index&client=fnrindia Page URL
- https://safe.thomson.com/SAML2/ssoHigh/SAML2Service Page URL
- https://safe.thomson.com/auth/router?action=Login&ProtectionLevel=SAFE10&TYPE=33554433&REALMOID=06-1964e5a2-362c-45b7-a1d5-b886ea1b4ce0&GUID=&SMAUTHREASON=0&METHOD=POST&SMAGENTNAME=$SM$gNW0md%2bsMuvGQzbDDuh6DYs%2bNZBvIyDUm03q6eXS44rjYkLiEidwAshKyiJ0AjbI&TARGET=$SM$https%3a%2f%2fsafe%2ethomson%2ecom%2fSAML2%2fssoHigh%2fSAML2Service Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://fnrindia.hrberry.com/ HTTP 301
- https://fnrindia.hrberry.com/ HTTP 302
- https://www.hrberry.com/powerhr/index.php/fnrindia HTTP 302
- https://www.hrberry.com/powerhr/index.php?q=cms&m=saml_index&client=fnrindia
22 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Cookie set
index.php
www.hrberry.com/powerhr/ Redirect Chain
|
2 KB 24 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
Cookie set
SAML2Service
safe.thomson.com/SAML2/ssoHigh/ |
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
Primary Request
Cookie set
router
safe.thomson.com/auth/ |
27 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style_min.css
safe.thomson.com/safe-ui/css/ |
19 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
respond.min.js
safe.thomson.com/safe-ui/js/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
DwrMethodController.js
safe.thomson.com/auth/dwr/interface/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
engine.js
safe.thomson.com/auth/dwr/ |
77 KB 25 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
util.js
safe.thomson.com/auth/dwr/ |
47 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
captcha
safe.thomson.com/auth/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.6.1/ |
89 KB 32 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
__System.pageLoaded.dwr
safe.thomson.com/auth/dwr/call/plaincall/ |
200 B 796 B |
XHR
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wrap-bg.png
safe.thomson.com/safe-ui/img/ |
952 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sprite.gif
safe.thomson.com/safe-ui/img/ |
10 KB 10 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
thomsonreuters_transparent_plus.gif
safe.thomson.com/safe-ui/img/ |
5 KB 5 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
header-bg.gif
safe.thomson.com/safe-ui/img/ |
842 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon-lock.png
safe.thomson.com/safe-ui/img/ |
543 B 804 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
input-bg.png
safe.thomson.com/safe-ui/img/ |
119 B 380 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga.js
ssl.google-analytics.com/ |
45 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
script.min.js
safe.thomson.com/safe-ui/js/ |
7 KB 3 KB |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
captcha
safe.thomson.com/auth/ |
7 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
__utm.gif
ssl.google-analytics.com/r/ |
35 B 199 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
plugins.min.js
safe.thomson.com/safe-ui/js/ |
24 KB 8 KB |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
42 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| getQueryVariable object| respond string| jsSafeEnvironment string| envSuffix string| jsRoot string| cssRoot string| imageRoot string| docRoot string| dwrRoot string| dwrRoot2 undefined| SAFELogo object| dwr object| DwrMethodController string| httpMethod function| $ function| jQuery object| _gaq function| getCaptchaResults function| createSpan function| getCaptchaButtonText object| isMobile function| buildHTML object| jQuery161048382400809091775 object| _gat object| gaGlobal object| entityToCode object| charToEntity string| entityName function| UnescapeEntities function| EscapeEntities boolean| bInvalid string| completeHREF string| baseurl function| fireClickEvent function| getBaseUrl function| isDefined function| createMessageSpan function| invalidFrmInputs string| paramString function| log8 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
safe.thomson.com/ | Name: BIGipServerSAFE-443 Value: 1096345507.47873.0000 |
|
.safe.thomson.com/ | Name: __utmb Value: 232658333.1.10.1582559452 |
|
.safe.thomson.com/ | Name: __utmz Value: 232658333.1582559452.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none) |
|
.safe.thomson.com/ | Name: __utmt Value: 1 |
|
.safe.thomson.com/ | Name: __utmc Value: 232658333 |
|
.safe.thomson.com/ | Name: __utma Value: 232658333.2109127846.1582559452.1582559452.1582559452.1 |
|
safe.thomson.com/ | Name: JSESSIONID Value: 0000_ggkkwsLKM3J65g__p2Bt-w:-1 |
|
safe.thomson.com/auth | Name: safe2.target Value: https://safe.thomson.com/SAML2/ssoHigh/SAML2Service |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; includeSubDomains |
X-Frame-Options | DENY |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
fnrindia.hrberry.com
safe.thomson.com
ssl.google-analytics.com
www.hrberry.com
121.244.123.7
163.231.5.34
2a00:1450:4001:808::2008
2a00:1450:4001:81c::200a
02cf1424531a5cd6441fa74fb2cf625e2363c3df8e25aeccb77cb847769bf33a
0b077275b97f382827dd8c70f4ee8d7eccd1be9b9fab33a0800de5fdea82e79a
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1628d9552e67d29d36791070b49c58c24462a8fb1e4386ad35c84ca529569c01
3d55f11a265e107bdbe4945dddaf4197a29d0bf050dce3ba5355cc2de2e2fc8c
5f270b4dada904a5b43cbb16e3b1bf8201e60f4dccf96e158b62d15dd3baf58e
712bd07564cb32b21c51129e5b9fcaee8c79182473e16cdaacfe6ffadbd7a5eb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
9c5ff1dc84bd61696438196757d2723001748f36ddd50cd74f8c3b36bfc646d1
9d6b80760df382b66b7e8a876e8fa57d279d39c8dddb12e841f785dc44c68c93
c531168567600088d6bc7f6663ba22c4d16883069b3a61f3c6a1bc539cf7ea90
c672428202c4d4938664c496a75a8ab36902021ac20ff102d4e84626a91c2ff6
c784376960f3163dc760bc019e72e5fed78203745a5510c69992a39d1d8fe776
c9b87a12835f4faa9901181d23a83eccd52804829f46c4551df0fa1a7385a238
d3f1c02cda72c02f23c27dbbb6604c3887d053c8e74203ea2ecd7df721f8e080
d407d69bd83898e45f38abe172695de9fdd5d045ec1ca6fffa7b583858efabb2
da6761796b7057bbf3f575f93f3af45fd4a0239a468169c20426b9a4c174840e
e54dc140bf29aa03bccecdd6ffc6c4c0b9c6320fcbf86c614b0b9cc7e9f4595c
f501743a7f1d0845ece4f5df614f076effc7fa98c31d09a7f944878b0774225e
f63903515e837208b0de93a9725b15ae86427d969574301b7d01e9d900e99872