a1adfs1.online15.net
Open in
urlscan Pro
40.84.59.115
Public Scan
Effective URL: https://a1adfs1.online15.net/adfs/ls?version=1.0&action=signin&realm=urn%3AAppProxy%3Acom&appRealm=6dbadca2-8951-e511-80c4-00...
Submission: On March 18 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by RapidSSL RSA CA 2018 on February 25th 2020. Valid for: 2 years.
This is the only time a1adfs1.online15.net was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 9 | 40.84.59.115 40.84.59.115 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
2 | 137.117.101.188 137.117.101.188 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
9 | 3 |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sharepoint.prep-evalta.com | |
a1adfs1.online15.net |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a1adm1.a1.projecthosts.com
portala1.online11.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
online15.net
1 redirects
a1adfs1.online15.net |
449 KB |
2 |
online11.net
portala1.online11.net |
798 B |
1 |
prep-evalta.com
1 redirects
sharepoint.prep-evalta.com |
378 B |
9 | 3 |
Domain | Requested by | |
---|---|---|
8 | a1adfs1.online15.net |
1 redirects
a1adfs1.online15.net
|
2 | portala1.online11.net |
a1adfs1.online15.net
|
1 | sharepoint.prep-evalta.com | 1 redirects |
9 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
secure.msepmonline.com |
www.projecthosts.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.online15.net RapidSSL RSA CA 2018 |
2020-02-25 - 2022-03-26 |
2 years | crt.sh |
*.online11.net RapidSSL RSA CA 2018 |
2020-02-10 - 2022-04-10 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://a1adfs1.online15.net/adfs/ls?version=1.0&action=signin&realm=urn%3AAppProxy%3Acom&appRealm=6dbadca2-8951-e511-80c4-00155d435586&returnUrl=https%3A%2F%2Fsharepoint.prep-evalta.com%2F&client-request-id=847305D9-AF46-0000-7AB9-BB8006CFD501&RedirectToIdentityProvider=http%3a%2f%2fa1adfs1.online15.net%2fadfs%2fservices%2ftrust
Frame ID: 2ECE39F1E01273124C029354B73E8C4C
Requests: 10 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://sharepoint.prep-evalta.com/
HTTP 307
https://a1adfs1.online15.net/adfs/ls?version=1.0&action=signin&realm=urn%3AAppProxy%3Acom&appRealm=6dbadc... Page URL
-
https://a1adfs1.online15.net/adfs/ls?version=1.0&action=signin&realm=urn%3AAppProxy%3Acom&appRealm=6dbadc...
HTTP 302
https://a1adfs1.online15.net/adfs/ls?version=1.0&action=signin&realm=urn%3AAppProxy%3Acom&appRealm=6dbadc... Page URL
Detected technologies
Microsoft HTTPAPI (Web Servers) ExpandDetected patterns
- headers server /Microsoft-HTTPAPI(?:\/([\d.]+))?/i
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Can't access your account?
Search URL Search Domain Scan URL
Title: Project Hosts
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://sharepoint.prep-evalta.com/
HTTP 307
https://a1adfs1.online15.net/adfs/ls?version=1.0&action=signin&realm=urn%3AAppProxy%3Acom&appRealm=6dbadca2-8951-e511-80c4-00155d435586&returnUrl=https%3A%2F%2Fsharepoint.prep-evalta.com%2F&client-request-id=847305D9-AF46-0000-7AB9-BB8006CFD501 Page URL
-
https://a1adfs1.online15.net/adfs/ls?version=1.0&action=signin&realm=urn%3AAppProxy%3Acom&appRealm=6dbadca2-8951-e511-80c4-00155d435586&returnUrl=https%3A%2F%2Fsharepoint.prep-evalta.com%2F&client-request-id=847305D9-AF46-0000-7AB9-BB8006CFD501
HTTP 302
https://a1adfs1.online15.net/adfs/ls?version=1.0&action=signin&realm=urn%3AAppProxy%3Acom&appRealm=6dbadca2-8951-e511-80c4-00155d435586&returnUrl=https%3A%2F%2Fsharepoint.prep-evalta.com%2F&client-request-id=847305D9-AF46-0000-7AB9-BB8006CFD501&RedirectToIdentityProvider=http%3a%2f%2fa1adfs1.online15.net%2fadfs%2fservices%2ftrust Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://sharepoint.prep-evalta.com/ HTTP 307
- https://a1adfs1.online15.net/adfs/ls?version=1.0&action=signin&realm=urn%3AAppProxy%3Acom&appRealm=6dbadca2-8951-e511-80c4-00155d435586&returnUrl=https%3A%2F%2Fsharepoint.prep-evalta.com%2F&client-request-id=847305D9-AF46-0000-7AB9-BB8006CFD501
9 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
ls
a1adfs1.online15.net/adfs/ Redirect Chain
|
29 KB 29 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
a1adfs1.online15.net/adfs/portal/css/ |
8 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
localsts.png
a1adfs1.online15.net/adfs/portal/images/idp/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
idp.png
a1adfs1.online15.net/adfs/portal/images/idp/ |
931 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clientip.asp
portala1.online11.net/ |
81 B 399 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
ls
a1adfs1.online15.net/adfs/ Redirect Chain
|
23 KB 23 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
a1adfs1.online15.net/adfs/portal/css/ |
8 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clientip.asp
portala1.online11.net/ |
81 B 399 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
MPRcloud.jpg
a1adfs1.online15.net/adfs/portal/illustration/ |
377 KB 377 KB |
Image
image/jpg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
32 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| LoginErrors number| maxPasswordLength function| InputUtil function| SelectOption function| Login string| clientip string| xforwardedfor function| getQueryVariable object| bySelection string| query object| header object| loginMessage object| branding object| userNameInput object| introduction object| footerPlaceholder object| footerLinks object| hrdSelection string| whr string| SSOURL string| MPR string| dURL string| FQDN object| parts string| innerHTMLstr undefined| emails undefined| msViewportStyle undefined| viewport function| getStyle function| computeLoadIllustration0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Frame-Options | DENY |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
a1adfs1.online15.net
portala1.online11.net
sharepoint.prep-evalta.com
137.117.101.188
40.84.59.115
3b194f1192f038fff32bf9c4aff16aa1859ec1d2462fb845bc9813c490a994bb
42809d64615f862e877253684df16570a175abbd7dbab9ffbf49a48afddda065
44c09a1300a946429d86582c5416de91810a9fe3cf55b31f852510fd0fe01a53
9effdddca61ae7a7225586483fbe4f348e2040d619692300060c0f6e8a1522a7
d29e7325c0db2c8c6de5b6632374c52a6975b90ca5fcb6f05f801496191334af
d74d4d6943f32ae6f7f11d14d601dbb0e1a58919176ee512150366b6279aaf99
e5150874937df3e93b773f72b6c7fc1bd9a8884f65ab75397530616a78dbb4e5
f84ef9c40d4dcefd8d3416e671d4807428e3916c27340f936648fb2099aec193