federationcrt.abbvie.com Open in urlscan Pro
159.180.162.211 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://sso.abbvie.e-invoice.com/
Effective URL:
https://federationcrt.abbvie.com/idp/ysjL7/resumeSAML20/idp/SSO.ping
Submission: On May 24 via automatic, source certstream-suspicious (May 24th 2023, 12:04:31 pm UTC) — Scanned from DE

Summary HTTP 10 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 10 HTTP transactions. The main IP is 159.180.162.211, located in United Kingdom and belongs to ABBVIE, US. The main domain is federationcrt.abbvie.com.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on March 22nd 2023. Valid for: a year.

This is the only time federationcrt.abbvie.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 3	2606:4700:440... 2606:4700:4400::6812:2776	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 6	159.180.162.132 159.180.162.132	200058 (ABBVIE) (ABBVIE)
1	159.180.162.211 159.180.162.211	200058 (ABBVIE) (ABBVIE)
10	3

3 2606:4700:4400::6812:2776 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

sso.abbvie.e-invoice.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 159.180.162.132 (United Kingdom) 1 redirects

ASN200058 (ABBVIE, US)

federation.abbvie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.180.162.211 (United Kingdom)

ASN200058 (ABBVIE, US)

federationcrt.abbvie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	abbvie.com 1 redirects federation.abbvie.com — Cisco Umbrella Rank: 864229 federationcrt.abbvie.com	228 KB
3	e-invoice.com 3 redirects sso.abbvie.e-invoice.com	990 B
10	2

	Domain	Requested by
6	federation.abbvie.com	1 redirects federationcrt.abbvie.com federation.abbvie.com
3	sso.abbvie.e-invoice.com	3 redirects
1	federationcrt.abbvie.com
10	3

This site contains links to these domains. Also see Links.

Domain
federation.abbvie.com

Subject Issuer	Validity	Valid
federation.abbvie.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-22` - `2024-04-21`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://federationcrt.abbvie.com/idp/ysjL7/resumeSAML20/idp/SSO.ping
Frame ID: E9C16E75C88D9AE561BA585B8347F411
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Network Login

Page URL History Show full URLs

https://sso.abbvie.e-invoice.com/ HTTP 302
https://sso.abbvie.e-invoice.com/Passport HTTP 302
https://sso.abbvie.e-invoice.com/Passport/ HTTP 302
https://federation.abbvie.com/idp/SSO.saml2?SAMLRequest=hZLJTsMwFEV%2FJfI%2Bc9LBaiKFdkGlQiMSWLBBGV6IpcQOfk... HTTP 302
https://federationcrt.abbvie.com/idp/ysjL7/resumeSAML20/idp/SSO.ping Page URL

Page Statistics

10
Requests

60 %
HTTPS

33 %
IPv6

2
Domains

3
Subdomains

3
IPs

2
Countries

227 kB
Transfer

357 kB
Size

4
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://federation.abbvie.com/idp/ysjL7/resumeSAML20/idp/SSO.ping?ChangePassword=true
Title: Change Password

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://sso.abbvie.e-invoice.com/ HTTP 302
https://sso.abbvie.e-invoice.com/Passport HTTP 302
https://sso.abbvie.e-invoice.com/Passport/ HTTP 302
https://federation.abbvie.com/idp/SSO.saml2?SAMLRequest=hZLJTsMwFEV%2FJfI%2Bc9LBaiKFdkGlQiMSWLBBGV6IpcQOfk6BvycDhbIpW%2Fv63EHeYNY2HY16VfMHeOsBlfbRNhzpdBGQXnIqMmRIedYCUlXQJLo7UMewaCeFEoVoiBYhglRM8K3g2LcgE5AnVsDjwyEgtVIdUtNEFEaW5ycGBuiMn8QgMArRmknN8lw0oGpj0Jgj3zHjY5ISbTcEYjwb0b%2BgCkqQ09mZN1JY2ZlJcjTG4A7R9ruAvMB6tfbsKi%2Ftcum5Ve6uVoW1WIK7Lhe%2Bv6gGGWIPe44q4yogjuW4uuXrjpfaDrU86vjPRIu%2Fe94wXjL%2Ben2UfBYhvU3TWJ9bPIHEqcEgIOFmTEgnY3kx9nVsdl6YhP%2FuiT97bswLr9m4o%2FcDfL%2BLRcOKTy1qGvG%2BlZApCIhNzHB%2B8vdLhF8%3D&RelayState=ss%3Amem%3A4d4ed26a27b6bb5ec109eb6a40a711df9311957d8113a5a595f30f64c4c37fa1 HTTP 302
https://federationcrt.abbvie.com/idp/ysjL7/resumeSAML20/idp/SSO.ping Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request SSO.ping Show response federationcrt.abbvie.com/idp/ysjL7/resumeSAML20/idp/ Redirect Chain https://sso.abbvie.e-invoice.com/ https://sso.abbvie.e-invoice.com/Passport https://sso.abbvie.e-invoice.com/Passport/ https://federation.abbvie.com/idp/SSO.saml2?SAMLRequest=hZLJTsMwFEV%2FJfI%2Bc9LBaiKFdkGlQiMSWLBBGV6IpcQOfk6BvycDhbIpW%2Fv63EHeYNY2HY16VfMHeOsBlfbRNhzpdBGQXnIqMmRIedYCUlXQJLo7UMewaCeFEoVoiBYhglRM8K3... https://federationcrt.abbvie.com/idp/ysjL7/resumeSAML20/idp/SSO.ping	15 KB 16 KB	643ms 310ms	Document text/html	159.180.162.211 ABBVIE
General Check archive.org Show headers Download Go to Full URL https://federationcrt.abbvie.com/idp/ysjL7/resumeSAML20/idp/SSO.ping Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 159.180.162.211 , United Kingdom, ASN200058 (ABBVIE, US), Reverse DNS Software / Resource Hash `5c0be918fe23aefeca111d83957232c412e7db6ef437f6198fb0693b972fa4f8` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control no-cache, no-store Content-Length 15189 Content-Type text/html;charset=utf-8 Date Wed, 24 May 2023 12:04:25 GMT Expires Thu, 01 Jan 1970 00:00:00 GMT Pragma no-cache Server-Timing dtRpid;desc="776608668", dtSInfo;desc="0" X-OneAgent-JS-Injection true Redirect headers Cache-Control no-cache, no-store Content-Length 0 Content-Type text/html;charset=utf-8 Date Wed, 24 May 2023 12:04:25 GMT Expires Thu, 01 Jan 1970 00:00:00 GMT Location https://federationcrt.abbvie.com/idp/ysjL7/resumeSAML20/idp/SSO.ping Pragma no-cache Server-Timing dtRpid;desc="2053985907", dtSInfo;desc="0" X-OneAgent-JS-Injection true
GET H/1.1	200 OK	ruxitagentjs_ICA2NVfgqru_10263230321103025.js Show response federation.abbvie.com/	215 KB 83 KB	80ms 80ms	Script text/javascript	159.180.162.132 ABBVIE
General Check archive.org Show headers Download Go to Full URL https://federation.abbvie.com/ruxitagentjs_ICA2NVfgqru_10263230321103025.js Requested by Host: federationcrt.abbvie.com URL: https://federationcrt.abbvie.com/idp/ysjL7/resumeSAML20/idp/SSO.ping Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 159.180.162.132 , United Kingdom, ASN200058 (ABBVIE, US), Reverse DNS Software / Resource Hash `1318f3c9a982ec9650e7f8dddd34823bb258074bad99e3260e653ba9f66ba728` Request headers accept-language de-DE,de;q=0.9 Referer https://federationcrt.abbvie.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers Date Wed, 24 May 2023 12:04:26 GMT Content-Encoding gzip Last-Modified Wed, 03 Mar 2010 07:01:40 GMT Vary Accept-Encoding Content-Type text/javascript; charset=utf-8 Cache-Control public, max-age=31536000, immutable Content-Length 84494 Expires Thu, 23 May 2024 12:04:26 GMT
GET H/1.1	200 OK	main.css federation.abbvie.com/assets/css/	119 KB 119 KB	191ms 124ms	Stylesheet text/css	159.180.162.132 ABBVIE
General Check archive.org Show headers Download Go to Full URL https://federation.abbvie.com/assets/css/main.css Requested by Host: federationcrt.abbvie.com URL: https://federationcrt.abbvie.com/idp/ysjL7/resumeSAML20/idp/SSO.ping Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 159.180.162.132 , United Kingdom, ASN200058 (ABBVIE, US), Reverse DNS Software / Resource Hash `aa3ff752cbd3ca54ccf845ff1c79d07dc95662c86953b0a01073b996dc6ab9af` Request headers accept-language de-DE,de;q=0.9 Referer https://federationcrt.abbvie.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers X-OneAgent-JS-Injection true Date Wed, 24 May 2023 12:04:26 GMT Cache-Control max-age=0, must-revalidate Last-Modified Sat, 12 Dec 2020 16:51:46 GMT Server-Timing dtRpid;desc="-232146323", dtSInfo;desc="0" Content-Length 122014 Content-Type text/css
GET H/1.1	200 OK	user.png federation.abbvie.com/assets/images/	1 KB 1 KB	40ms 40ms	Image image/png	159.180.162.132 ABBVIE
General Check archive.org Show headers Download Go to Show image Full URL https://federation.abbvie.com/assets/images/user.png Requested by Host: federationcrt.abbvie.com URL: https://federationcrt.abbvie.com/idp/ysjL7/resumeSAML20/idp/SSO.ping Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 159.180.162.132 , United Kingdom, ASN200058 (ABBVIE, US), Reverse DNS Software / Resource Hash `7805858a4f0d52f33754c0968c9d226f880ef0426ebd536ce43f42265d5a0895` Request headers accept-language de-DE,de;q=0.9 Referer https://federationcrt.abbvie.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers X-OneAgent-JS-Injection true Date Wed, 24 May 2023 12:04:26 GMT Cache-Control max-age=0, must-revalidate Last-Modified Mon, 10 Feb 2020 22:32:14 GMT Server-Timing dtRpid;desc="-481568203", dtSInfo;desc="0" Content-Length 1209 Content-Type image/png
GET H/1.1	200 OK	lock.png federation.abbvie.com/assets/images/	3 KB 3 KB	42ms 40ms	Image image/png	159.180.162.132 ABBVIE
General Check archive.org Show headers Download Go to Show image Full URL https://federation.abbvie.com/assets/images/lock.png Requested by Host: federationcrt.abbvie.com URL: https://federationcrt.abbvie.com/idp/ysjL7/resumeSAML20/idp/SSO.ping Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 159.180.162.132 , United Kingdom, ASN200058 (ABBVIE, US), Reverse DNS Software / Resource Hash `31d31805a43dbaa1afe41fdb38f3251df1dc31f440136977c0f96895f5ba71e2` Request headers accept-language de-DE,de;q=0.9 Referer https://federationcrt.abbvie.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers X-OneAgent-JS-Injection true Date Wed, 24 May 2023 12:04:26 GMT Cache-Control max-age=0, must-revalidate Last-Modified Mon, 10 Feb 2020 22:32:18 GMT Server-Timing dtRpid;desc="-2072317235", dtSInfo;desc="0" Content-Length 3258 Content-Type image/png
GET H/1.1	200 OK	AbbVieLogo.png federation.abbvie.com/assets/images/	4 KB 4 KB	82ms 40ms	Image image/png	159.180.162.132 ABBVIE
General Check archive.org Show headers Download Go to Show image Full URL https://federation.abbvie.com/assets/images/AbbVieLogo.png Requested by Host: federationcrt.abbvie.com URL: https://federationcrt.abbvie.com/idp/ysjL7/resumeSAML20/idp/SSO.ping Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 159.180.162.132 , United Kingdom, ASN200058 (ABBVIE, US), Reverse DNS Software / Resource Hash `9a2084af35ad433e6b91fd37e6d83f4e0e18286f1a560eea93481247076660b9` Request headers accept-language de-DE,de;q=0.9 Referer https://federationcrt.abbvie.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers X-OneAgent-JS-Injection true Date Wed, 24 May 2023 12:04:26 GMT Cache-Control max-age=0, must-revalidate Last-Modified Mon, 21 May 2018 18:23:18 GMT Server-Timing dtRpid;desc="1647843639", dtSInfo;desc="0" Content-Length 4305 Content-Type image/png
GET		ProximaNova-Light.otf federation.abbvie.com/assets/fonts/proxima-nova/	0 0

GET		ProximaNova-Regular.otf federation.abbvie.com/assets/fonts/proxima-nova/	0 0

GET		iconfont.ttf federation.abbvie.com/assets/fonts/icons/	0 0

GET		iconfont.woff federation.abbvie.com/assets/fonts/icons/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: federation.abbvie.com
URL: https://federation.abbvie.com/assets/fonts/proxima-nova/ProximaNova-Light.otf

Domain: federation.abbvie.com
URL: https://federation.abbvie.com/assets/fonts/proxima-nova/ProximaNova-Regular.otf

Domain: federation.abbvie.com
URL: https://federation.abbvie.com/assets/fonts/icons/iconfont.ttf?-sa9xtz

Domain: federation.abbvie.com
URL: https://federation.abbvie.com/assets/fonts/icons/iconfont.woff?-sa9xtz

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.abbvie.com/	1970-01-20 12:12:14	Name: PF Value: 20XkBhY9mbtUVdP8ru3xyb
federation.abbvie.com/	1969-12-31 23:59:59	Name: TS01d40e3c Value: 01cc79cf7b40d938d9936dd77795751c0949a2aa6a2e607e5e91ecc5cc8e849956b842aa698f2946ea6c03087807e2be368dd3c92b
.abbvie.com/	1969-12-31 23:59:59	Name: TS018d133e Value: 01cc79cf7b40d938d9936dd77795751c0949a2aa6a2e607e5e91ecc5cc8e849956b842aa698f2946ea6c03087807e2be368dd3c92b
.abbvie.com/	1969-12-31 23:59:59	Name: dtCookie Value: v_4_srv_8_sn_D97F6389575226F763FFBFEB6F4EB05D_perc_100000_ol_0_mul_1_app-3Af5c9f7b7a9062d7e_0_app-3A152de154451dd3c6_0

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://federationcrt.abbvie.com/idp/ysjL7/resumeSAML20/idp/SSO.ping Message: Access to font at 'https://federation.abbvie.com/assets/fonts/proxima-nova/ProximaNova-Regular.otf' from origin 'https://federationcrt.abbvie.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://federation.abbvie.com/assets/fonts/proxima-nova/ProximaNova-Regular.otf Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://federationcrt.abbvie.com/idp/ysjL7/resumeSAML20/idp/SSO.ping Message: Access to font at 'https://federation.abbvie.com/assets/fonts/proxima-nova/ProximaNova-Light.otf' from origin 'https://federationcrt.abbvie.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://federation.abbvie.com/assets/fonts/proxima-nova/ProximaNova-Light.otf Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://federationcrt.abbvie.com/idp/ysjL7/resumeSAML20/idp/SSO.ping Message: Access to font at 'https://federation.abbvie.com/assets/fonts/icons/iconfont.ttf?-sa9xtz' from origin 'https://federationcrt.abbvie.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://federation.abbvie.com/assets/fonts/icons/iconfont.ttf?-sa9xtz Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://federationcrt.abbvie.com/idp/ysjL7/resumeSAML20/idp/SSO.ping Message: Access to font at 'https://federation.abbvie.com/assets/fonts/icons/iconfont.woff?-sa9xtz' from origin 'https://federationcrt.abbvie.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://federation.abbvie.com/assets/fonts/icons/iconfont.woff?-sa9xtz Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

federation.abbvie.com
federationcrt.abbvie.com
sso.abbvie.e-invoice.com
federation.abbvie.com
159.180.162.132
159.180.162.211
2606:4700:4400::6812:2776
1318f3c9a982ec9650e7f8dddd34823bb258074bad99e3260e653ba9f66ba728
31d31805a43dbaa1afe41fdb38f3251df1dc31f440136977c0f96895f5ba71e2
5c0be918fe23aefeca111d83957232c412e7db6ef437f6198fb0693b972fa4f8
7805858a4f0d52f33754c0968c9d226f880ef0426ebd536ce43f42265d5a0895
9a2084af35ad433e6b91fd37e6d83f4e0e18286f1a560eea93481247076660b9
aa3ff752cbd3ca54ccf845ff1c79d07dc95662c86953b0a01073b996dc6ab9af

federationcrt.abbvie.com Open in urlscan Pro 159.180.162.211 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

10 Requests

60 %HTTPS

33 %IPv6

2 Domains

3 Subdomains

3 IPs

2 Countries

227 kBTransfer

357 kBSize

4 Cookies

1 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

4 Cookies

8 Console Messages

Indicators

federationcrt.abbvie.com Open in urlscan Pro
159.180.162.211 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

60 %
HTTPS

33 %
IPv6

2
Domains

3
Subdomains

3
IPs

2
Countries

227 kB
Transfer

357 kB
Size

4
Cookies

10 HTTP transactions
0 data transactions