adfsqual.firmenich.com
Open in
urlscan Pro
153.108.64.215
Public Scan
Effective URL: https://adfsqual.firmenich.com/adfs/ls/?SAMLRequest=jZNdb9sgFIb%2FikWvbT7iKDOyI2WNpkXqtqjxerE7gnGCZIPLgSX998Nu2uamXSUuEHoOPK%2F...
Submission: On December 15 via api from US — Scanned from US
Summary
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on January 11th 2022. Valid for: a year.
This is the only time adfsqual.firmenich.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 3 | 35.204.26.114 35.204.26.114 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
1 4 | 2.19.194.24 2.19.194.24 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 1 | 157.133.170.72 157.133.170.72 | 35039 (SAP_CC) (SAP_CC) | |
4 | 153.108.64.215 153.108.64.215 | 24952 (FIRMENICH-AS) (FIRMENICH-AS) | |
8 | 3 |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 114.26.204.35.bc.googleusercontent.com
origin-firmenichs-stage.plateau.com |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-194-24.deploy.static.akamaitechnologies.com
hcm2preview.sapsf.eu |
ASN24952 (FIRMENICH-AS, CH)
PTR: adfsqual.firmenich.com
adfsqual.firmenich.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
firmenich.com
adfsqual.firmenich.com |
330 KB |
4 |
sapsf.eu
1 redirects
hcm2preview.sapsf.eu — Cisco Umbrella Rank: 505215 |
11 KB |
3 |
plateau.com
2 redirects
origin-firmenichs-stage.plateau.com |
2 KB |
1 |
ondemand.com
1 redirects
a9uxibomb.accounts.ondemand.com |
2 KB |
8 | 4 |
Domain | Requested by | |
---|---|---|
4 | adfsqual.firmenich.com |
adfsqual.firmenich.com
|
4 | hcm2preview.sapsf.eu |
1 redirects
hcm2preview.sapsf.eu
|
3 | origin-firmenichs-stage.plateau.com | 2 redirects |
1 | a9uxibomb.accounts.ondemand.com | 1 redirects |
8 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
plateau.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-06-16 - 2023-06-16 |
a year | crt.sh |
eu-only.sapsf.eu DigiCert TLS RSA SHA256 2020 CA1 |
2022-05-25 - 2023-05-27 |
a year | crt.sh |
adfsqual.firmenich.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-01-11 - 2023-01-11 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://adfsqual.firmenich.com/adfs/ls/?SAMLRequest=jZNdb9sgFIb%2FikWvbT7iKDOyI2WNpkXqtqjxerE7gnGCZIPLgSX998Nu2uamXSUuEHoOPK%2FOoVwFfzT36jEo8MkKQDmvrbm1BkKv3E65v1qq3%2Fd3FTp6PwDHWBThrPe232dCShuMh8yaRvXCNJm0PQbRdwzrZsBCwv9olGyd9Vba7qs2jTaHCgVnuBWggRvRK%2BBe8t3qxx1nGeH7Zwj497repttfuxol62iujRi1rySbFh6D6LJWu14ZLY%2BT23iMO8Ao2awrtCvUFyZysUhJM6dpzmie7tlinhK6oIzMSUNFEVGAoDYGvDC%2BQowwltK45jWdccb4bJGRgv1ByYNyMElEU5Sc%2B87Ax2mGS%2FQLzA2wjwvES3%2FeKvLnzDHy6XTKTrPMugNmhFBMchwhZeTNGz17hyaYFCPdgD7coGUZTfgU2y0%2F2fYSX9WUP6P6Zr21nZZPyTfreuHfT0YzOp3oJm0nlAcDg5K61apBeFnupB1i18dROT%2Fdjm9XiEbLy9gqt1m%2Fao65IEipAFohvXWQqYBfpwBqWuLruhJfbo%2B767%2Bw%2FAc%3D&RelayState=arcd9f8f5&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=d0atzIZr6y2qUvpzwcrjTEIQE71VJK%2Bi8oOW%2BvoGSeSKfdvV4knS5FOFZS9LBi8Yr4dux0QjP0D3g4mLeKxt14anQWnelzlWj8EnDkcBtMDCS9mrsIosSlnxH6NnlH3PhLAwOEWsBGULqr7trCemkm33vgOFKT%2FiLpDogskOEN6%2Fp4uwYP4N2e6HTBmuYVl1tJ5wu7YDV%2BUhQeUIX5JEiHXYjRV1JNaxr1%2FfCZXZ6vemZ73QYPU4xKXQ3nBf%2Fw85%2BRKo4ZiGr2YygM10GmzKX2FJ6ixW44cAORydxdvkTiCjzWOTkyAWKeS5WmnreyoR2T3b5MRraOAP6pDjPiyrmA%3D%3D
Frame ID: F010AEF660D4BE571E4E70B74E932CFE
Requests: 8 HTTP requests in this frame
Screenshot
Page Title
Sign InPage URL History Show full URLs
-
http://origin-firmenichs-stage.plateau.com/
HTTP 302
https://origin-firmenichs-stage.plateau.com/ Page URL
-
https://origin-firmenichs-stage.plateau.com/learning/user/login.jsp
HTTP 302
https://hcm2preview.sapsf.eu/login?company=firmenichsT1 HTTP 302
https://hcm2preview.sapsf.eu/saml2/Login?company=firmenichsT1&RelayState=/login?company=firmenichsT1&_s.c... Page URL
-
https://a9uxibomb.accounts.ondemand.com/saml2/idp/sso/?SAMLRequest=fZLNbtswEIRfheBdpEQ5cUNYDtwaQQz0x2iUHHIpVtSqJiCRC...
HTTP 302
https://adfsqual.firmenich.com/adfs/ls/?SAMLRequest=jZNdb9sgFIb%2FikWvbT7iKDOyI2WNpkXqtqjxerE7gnGCZIPLgSX99... Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://origin-firmenichs-stage.plateau.com/
HTTP 302
https://origin-firmenichs-stage.plateau.com/ Page URL
-
https://origin-firmenichs-stage.plateau.com/learning/user/login.jsp
HTTP 302
https://hcm2preview.sapsf.eu/login?company=firmenichsT1 HTTP 302
https://hcm2preview.sapsf.eu/saml2/Login?company=firmenichsT1&RelayState=/login?company=firmenichsT1&_s.crb=2HZONy6f7k7RAxURNv%252fgZaBDj%252frz3PIMu92sseOQp9Q%253d Page URL
-
https://a9uxibomb.accounts.ondemand.com/saml2/idp/sso/?SAMLRequest=fZLNbtswEIRfheBdpEQ5cUNYDtwaQQz0x2iUHHIpVtSqJiCRCpes07evKjtBemgAnpazO8OPu7p%2BHnr2CwNZ7ypeiJwzdMa31v2s%2BH19k33g1%2BsVwdCrUW9SPLjv%2BJSQIpsaHenTTcVTcNoDWdIOBiQdjb7bfPmslcj1GHz0xvecbadG6yDOZocYR9JSwlV6to0fGgHG%2BOQiCe9aHMC1wvhBzhbStqMk8pKzGx8MzlEq3kFPyNluW%2FEfoBC6NocMFos2W%2BRNnjW5UVmZw0WzKC%2BXBV5NUqKEO0cRXKy4ypXKiulc1EWpldLlpSiXy0fO9ufQH607wXjvhc1JRPq2rvfZ%2FttdzdnDC9RJwM8I9ewe3rJ7fzAQYfiLi69fcB2PR0HJGCTqwEQfSGCSnQ0DOmsOVBcr%2Bdbs9fe%2BTtN3273vrfnNNn3vj58CQsSKx5Bw5jpA%2FH%2BeQhRzxbZZN0t1cjSisZ3Flsv12fbfNVn%2FAQ%3D%3D&RelayState=%2Flogin%3Fcompany%3DfirmenichsT1&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=Pk2tl0Q6SQbTzF%2FgiBi%2FLDe09d28FSnTlO16MNwTzGrCmZNcH%2Fbgvrx8KgXOos3dcRnSmGPg%2BKWD7GJKylkJPxN3SYYz584%2BbgK3C698%2BU1%2B7MBAP1ENvM5GdP9yEvHBd0kHhh2yMGtY%2BvVbKVbz3lsIQs0K6GnvMGIlqLNKdZQ%3D
HTTP 302
https://adfsqual.firmenich.com/adfs/ls/?SAMLRequest=jZNdb9sgFIb%2FikWvbT7iKDOyI2WNpkXqtqjxerE7gnGCZIPLgSX998Nu2uamXSUuEHoOPK%2FOoVwFfzT36jEo8MkKQDmvrbm1BkKv3E65v1qq3%2Fd3FTp6PwDHWBThrPe232dCShuMh8yaRvXCNJm0PQbRdwzrZsBCwv9olGyd9Vba7qs2jTaHCgVnuBWggRvRK%2BBe8t3qxx1nGeH7Zwj497repttfuxol62iujRi1rySbFh6D6LJWu14ZLY%2BT23iMO8Ao2awrtCvUFyZysUhJM6dpzmie7tlinhK6oIzMSUNFEVGAoDYGvDC%2BQowwltK45jWdccb4bJGRgv1ByYNyMElEU5Sc%2B87Ax2mGS%2FQLzA2wjwvES3%2FeKvLnzDHy6XTKTrPMugNmhFBMchwhZeTNGz17hyaYFCPdgD7coGUZTfgU2y0%2F2fYSX9WUP6P6Zr21nZZPyTfreuHfT0YzOp3oJm0nlAcDg5K61apBeFnupB1i18dROT%2Fdjm9XiEbLy9gqt1m%2Fao65IEipAFohvXWQqYBfpwBqWuLruhJfbo%2B767%2Bw%2FAc%3D&RelayState=arcd9f8f5&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=d0atzIZr6y2qUvpzwcrjTEIQE71VJK%2Bi8oOW%2BvoGSeSKfdvV4knS5FOFZS9LBi8Yr4dux0QjP0D3g4mLeKxt14anQWnelzlWj8EnDkcBtMDCS9mrsIosSlnxH6NnlH3PhLAwOEWsBGULqr7trCemkm33vgOFKT%2FiLpDogskOEN6%2Fp4uwYP4N2e6HTBmuYVl1tJ5wu7YDV%2BUhQeUIX5JEiHXYjRV1JNaxr1%2FfCZXZ6vemZ73QYPU4xKXQ3nBf%2Fw85%2BRKo4ZiGr2YygM10GmzKX2FJ6ixW44cAORydxdvkTiCjzWOTkyAWKeS5WmnreyoR2T3b5MRraOAP6pDjPiyrmA%3D%3D Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://origin-firmenichs-stage.plateau.com/ HTTP 302
- https://origin-firmenichs-stage.plateau.com/
- https://origin-firmenichs-stage.plateau.com/learning/user/login.jsp HTTP 302
- https://hcm2preview.sapsf.eu/login?company=firmenichsT1 HTTP 302
- https://hcm2preview.sapsf.eu/saml2/Login?company=firmenichsT1&RelayState=/login?company=firmenichsT1&_s.crb=2HZONy6f7k7RAxURNv%252fgZaBDj%252frz3PIMu92sseOQp9Q%253d
8 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
origin-firmenichs-stage.plateau.com/ Redirect Chain
|
68 B 557 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Login
hcm2preview.sapsf.eu/saml2/ Redirect Chain
|
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
XMLHttpRequest.js
hcm2preview.sapsf.eu/ui/extlib/XMLHttpRequest_1.0.5_sf.18/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
perflog_6afbc835fd7bc8ec51a93324df511558.js
hcm2preview.sapsf.eu/ui/perflog/js/ |
11 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
/
adfsqual.firmenich.com/adfs/ls/ Redirect Chain
|
25 KB 25 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
adfsqual.firmenich.com/adfs/portal/css/ |
8 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.png
adfsqual.firmenich.com/adfs/portal/logo/ |
19 KB 19 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
illustration.jpg
adfsqual.firmenich.com/adfs/portal/illustration/ |
277 KB 278 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
12 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontentvisibilityautostatechange function| LoginErrors number| maxPasswordLength function| InputUtil function| SelectOption function| Login undefined| emails undefined| msViewportStyle undefined| viewport function| getStyle function| computeLoadIllustration function| SetIllustrationImage11 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
origin-firmenichs-stage.plateau.com/learning | Name: JSESSIONID Value: 39135BD9384C3677C47979FC3A610815 |
|
origin-firmenichs-stage.plateau.com/ | Name: BIGipServerorigin-dc57-preview.lms.plateau.com Value: 93731082.20480.0000 |
|
origin-firmenichs-stage.plateau.com/ | Name: BIGipServerP_lms_sapsf_com_80 Value: !5gN0uTSJvRnD1RR8v4KArBS8hpbV4SdMg+UDksn0jL0+JqEmWgQhDWBS0fhVFtSPEoDzC6BEbD4Rjw== |
|
origin-firmenichs-stage.plateau.com/ | Name: route Value: 7e01fae19b9676f940119c029d3bb211f22f62d7 |
|
hcm2preview.sapsf.eu/ | Name: route Value: d1ffb8faa6afbe93b3e105be2e38765e9a0e26fd |
|
hcm2preview.sapsf.eu/ | Name: %2Flogin-markFromServer Value: true |
|
hcm2preview.sapsf.eu/ | Name: bizxCompanyId Value: firmenichsT1 |
|
hcm2preview.sapsf.eu/ | Name: JSESSIONID Value: B852BF0AB5DD6FE1162A9F7FE9C6421A.sc57bcf07 |
|
hcm2preview.sapsf.eu/ | Name: BIGipServerhcm57preview.sapsf.com Value: 110573834.20480.0000 |
|
hcm2preview.sapsf.eu/ | Name: oiosaml-fragment Value: |
|
a9uxibomb.accounts.ondemand.com/ | Name: arcd9f8f5 Value: AAAADFiIi%2BUq2Uhvf8Q8r5GfxebTY707Im%2FuG0BYO%2FG4abGPNf0xb%2BC6nQP%2BjttnK0qb6JSlODAqN6TsTRYBn1JvuzDYV37QCeBBsU1ivQsxLtufCMRUSW7heSG6bzkXBL8AJnfz8tfvzPWS5y049wDAP9ehBiPOUQW3k3j13DTo%2FQJREIBt00tNPlcg%2FTiKhpkXcNAc1symtN63OUBkVUP3vfCpq%2F95PZ1Vb%2FO8IQuZ0aJB2If3RbQ1skfTgJkasmTuIoklFiZAGSZQ3TTSWESxx5yFW8AMZgqf5LQ9AFb0isFNevCZkQsra1yVnji6kA2RoWShU7JKPxRd7MwO8rrPmMCcSrhh%2FnUbHiHwxJAwULX9ftYOjZ7hFKflbPxE%2BD28HTBsKhZ%2BlWXbdxQtf6wTALv5GSnFkdcYKxnGNifUQmVcIIGzyeCm%2BMwL3IvS4eEbC5vzAEdfMegxVqhXLTfM9sdvSIIeXVcmiTI3ojMDCYdekpHBIyNJ17O%2Fvex6qt69YueI26ZmaRoknsL5p3w1RVfxeIpSBB2NjfIpLLUM3L83GU4ZsIPIeEntFtIrWTGD9lmXEu6fz73j5Z2Gj5aFxDSvXRWQPCxhZ5bzaO1%2B%2FYUejE12tcQxRYF4qC%2BcW%2B9zujdNRuh4chFERY8Lu3zVDgMSmuCFPQ%3D%3D |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
a9uxibomb.accounts.ondemand.com
adfsqual.firmenich.com
hcm2preview.sapsf.eu
origin-firmenichs-stage.plateau.com
153.108.64.215
157.133.170.72
2.19.194.24
35.204.26.114
0a13280a86e7dfa6949bd016ea848912fcafc05e88cbedf538ac325b27041205
3e935f2d925fe5ab604a3a24ac7eee5f9269f09dbda0b90de3a71a1e43017289
3f0d8d77646a26a1636569b1426ca391a3bc18730b10de42dc50cf912fd78bd2
547264bcd04c7e61319eec5d74db56212b5e65db14d38d0298f0da7a859743e6
ef47189f4b41ba03d886cec7af1f0672b3f3f3d07e595f95711371c8f3d81810