urlscan.io logo urlscan.io
SecurityTrails logo

adfs.rasan.co Open in urlscan Pro
178.20.145.119  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://mail.rasan.co/
Effective URL: https://adfs.rasan.co/adfs/ls/?wa=wsignin1.0&wtrealm=https%3a%2f%2fmail.rasan.co%2fowa%2f&wctx=rm%3d0%26id%3dpassive%2...
Submission: On November 28 via manual from SA — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 4 HTTP transactions. The main IP is 178.20.145.119, located in Riyadh, Saudi Arabia and belongs to NOURNET-ASN, SA. The main domain is adfs.rasan.co.
TLS certificate: Issued by SSL.com RSA SSL subCA on May 19th 2022. Valid for: a year.
This is the only time adfs.rasan.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 178.20.145.125 29684 (NOURNET-ASN)
4 178.20.145.119 29684 (NOURNET-ASN)
4 1
Apex Domain
Subdomains		 Transfer
6 rasan.co
mail.rasan.co
adfs.rasan.co
179 KB
4 1
Domain Requested by
4 adfs.rasan.co adfs.rasan.co
2 mail.rasan.co 2 redirects
4 2

This site contains no links.

Subject Issuer Validity Valid
adfs.rasan.co
SSL.com RSA SSL subCA		 2022-05-19 -
2023-06-19		 a year crt.sh

This page contains 1 frames:

Primary Page: https://adfs.rasan.co/adfs/ls/?wa=wsignin1.0&wtrealm=https%3a%2f%2fmail.rasan.co%2fowa%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%252fowa%252f&wct=2022-11-28T08%3a07%3a40Z
Frame ID: FE17F297B34001CAE226E421B4715FF1
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Anmelden

Page URL History Show full URLs

  1. https://mail.rasan.co/ HTTP 302
    https://mail.rasan.co/owa/ HTTP 302
    https://adfs.rasan.co/adfs/ls/?wa=wsignin1.0&wtrealm=https%3a%2f%2fmail.rasan.co%2fowa%2f&wctx=rm%... Page URL

Page Statistics

4
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

1
IPs

1
Countries

178 kB
Transfer

175 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://mail.rasan.co/ HTTP 302
    https://mail.rasan.co/owa/ HTTP 302
    https://adfs.rasan.co/adfs/ls/?wa=wsignin1.0&wtrealm=https%3a%2f%2fmail.rasan.co%2fowa%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%252fowa%252f&wct=2022-11-28T08%3a07%3a40Z Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
adfs.rasan.co/adfs/ls/
Redirect Chain
  • https://mail.rasan.co/
  • https://mail.rasan.co/owa/
  • https://adfs.rasan.co/adfs/ls/?wa=wsignin1.0&wtrealm=https%3a%2f%2fmail.rasan.co%2fowa%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%252fowa%252f&wct=2022-11-28T08%3a07%3a40Z
53 KB
54 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adfs.rasan.co/adfs/ls/?wa=wsignin1.0&wtrealm=https%3a%2f%2fmail.rasan.co%2fowa%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%252fowa%252f&wct=2022-11-28T08%3a07%3a40Z
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.20.145.119 Riyadh, Saudi Arabia, ASN29684 (NOURNET-ASN, SA),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
022728d90c1f0e9bb473c2101672624c1fbb16682c35a06e74089b243f2ff7a5
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; frame-src api-31192abb.duosecurity.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache,no-store
Content-Length
54206
Content-Security-Policy
default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; frame-src api-31192abb.duosecurity.com
Content-Type
text/html; charset=utf-8
Date
Mon, 28 Nov 2022 08:07:43 GMT
Expires
-1
Pragma
no-cache
Server
Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-XSS-Protection
1; mode=block
node
01

Redirect headers

Cache-Control
no-cache, max-age=0
Content-Length
290
Content-Type
text/html; charset=utf-8
Date
Mon, 28 Nov 2022 08:07:40 GMT
Location
https://adfs.rasan.co/adfs/ls/?wa=wsignin1.0&wtrealm=https%3a%2f%2fmail.rasan.co%2fowa%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%252fowa%252f&wct=2022-11-28T08%3a07%3a40Z
Server
Microsoft-IIS/10.0
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
X-FEServer
EX02
X-FWB-Acceleration
1.0
X-Frame-Options
DENY
X-OWA-Version
15.2.1118.15
X-Powered-By
ASP.NET
X-XSS-Protection
1; mode=block
request-id
8b08d470-ea9f-4096-9089-661abb349e59
style.css
adfs.rasan.co/adfs/portal/css/ 		22 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://adfs.rasan.co/adfs/portal/css/style.css?id=FEF0F8266641F3113BC268794ADEC4D238C9EBC300D6BCC935ABB6700625F3B0
Requested by
Host: adfs.rasan.co
URL: https://adfs.rasan.co/adfs/ls/?wa=wsignin1.0&wtrealm=https%3a%2f%2fmail.rasan.co%2fowa%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%252fowa%252f&wct=2022-11-28T08%3a07%3a40Z
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.20.145.119 Riyadh, Saudi Arabia, ASN29684 (NOURNET-ASN, SA),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
014fe216c5ac2ef38f30e7fef673f87d7d05ecb2166c33ccdb9a763ea70cb01d
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; frame-src api-31192abb.duosecurity.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adfs.rasan.co/adfs/ls/?wa=wsignin1.0&wtrealm=https%3a%2f%2fmail.rasan.co%2fowa%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%252fowa%252f&wct=2022-11-28T08%3a07%3a40Z
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Security-Policy
default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; frame-src api-31192abb.duosecurity.com
X-Content-Type-Options
nosniff
Date
Mon, 28 Nov 2022 08:07:43 GMT
Server
Microsoft-HTTPAPI/2.0
ETag
FEF0F8266641F3113BC268794ADEC4D238C9EBC300D6BCC935ABB6700625F3B0
node
01
X-Frame-Options
DENY
Content-Type
text/css
Content-Length
22468
X-XSS-Protection
1; mode=block
Expires
Wed, 28 Dec 2022 08:07:43 GMT
logo.png
adfs.rasan.co/adfs/portal/logo/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adfs.rasan.co/adfs/portal/logo/logo.png?id=9CEDDD4EC657001B37B8481F341B191176003CACE1E81D84651097618928B973
Requested by
Host: adfs.rasan.co
URL: https://adfs.rasan.co/adfs/ls/?wa=wsignin1.0&wtrealm=https%3a%2f%2fmail.rasan.co%2fowa%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%252fowa%252f&wct=2022-11-28T08%3a07%3a40Z
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.20.145.119 Riyadh, Saudi Arabia, ASN29684 (NOURNET-ASN, SA),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
9ceddd4ec657001b37b8481f341b191176003cace1e81d84651097618928b973
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; frame-src api-31192abb.duosecurity.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adfs.rasan.co/adfs/ls/?wa=wsignin1.0&wtrealm=https%3a%2f%2fmail.rasan.co%2fowa%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%252fowa%252f&wct=2022-11-28T08%3a07%3a40Z
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Security-Policy
default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; frame-src api-31192abb.duosecurity.com
X-Content-Type-Options
nosniff
Date
Mon, 28 Nov 2022 08:07:43 GMT
Server
Microsoft-HTTPAPI/2.0
ETag
9CEDDD4EC657001B37B8481F341B191176003CACE1E81D84651097618928B973
node
01
X-Frame-Options
DENY
Content-Type
image/png
Content-Length
3009
X-XSS-Protection
1; mode=block
Expires
Wed, 28 Dec 2022 08:07:43 GMT
illustration.png
adfs.rasan.co/adfs/portal/illustration/ 		97 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adfs.rasan.co/adfs/portal/illustration/illustration.png?id=EEC3E8540799A248B009AF52E860ABDE72612013F3DDE4332D5AFD41A54215C3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.20.145.119 Riyadh, Saudi Arabia, ASN29684 (NOURNET-ASN, SA),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
eec3e8540799a248b009af52e860abde72612013f3dde4332d5afd41a54215c3
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; frame-src api-31192abb.duosecurity.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adfs.rasan.co/adfs/ls/?wa=wsignin1.0&wtrealm=https%3a%2f%2fmail.rasan.co%2fowa%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%252fowa%252f&wct=2022-11-28T08%3a07%3a40Z
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Security-Policy
default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; frame-src api-31192abb.duosecurity.com
X-Content-Type-Options
nosniff
Date
Mon, 28 Nov 2022 08:07:43 GMT
Server
Microsoft-HTTPAPI/2.0
ETag
EEC3E8540799A248B009AF52E860ABDE72612013F3DDE4332D5AFD41A54215C3
node
01
X-Frame-Options
DENY
Content-Type
image/png
Content-Length
99812
X-XSS-Protection
1; mode=block
Expires
Wed, 28 Dec 2022 08:07:43 GMT

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| LoginErrors number| maxPasswordLength function| InputUtil function| SelectOption function| Login function| PaginatedNext function| PaginatedBack function| AdjustElementDisplay function| GetLocalizedStringForElement function| ShowUsernamePage function| ShowPasswordPage object| usernameInput object| passwordInput object| username object| passArea object| submitButton object| submissionArea object| errorText object| errorDisplay object| workArea object| loginMessage string| originalLoginMessage boolean| didLoadPasswordPageBefore boolean| didAddListener boolean| errorIsShown function| getStyle function| computeLoadIllustration function| SetIllustrationImage object| tintDiv object| brandingDiv

2 Cookies

Domain/Path Name / Value
mail.rasan.co/ Name: cookiesession1
Value: 678B287A280A306D20DA59A6D55E6994
adfs.rasan.co/ Name: cookiesession1
Value: 678B2879C2FCD4F1D0E004EDBFCB26B2

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; frame-src api-31192abb.duosecurity.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block