urlscan.io logo urlscan.io
SecurityTrails logo

adfs4.sts.altareturn.com Open in urlscan Pro
13.68.75.207  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://wilshire.altareturn.com/
Effective URL: https://adfs4.sts.altareturn.com/adfs/ls?wa=wsignin1.0&wtrealm=urn%3aportal%3awilshire%3a4443&wctx=https%3a%2f%2fwilshire.altaret...
Submission: On August 28 via manual from AU — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 12 HTTP transactions. The main IP is 13.68.75.207, located in Boydton, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is adfs4.sts.altareturn.com. The Cisco Umbrella rank of the primary domain is 223930.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on March 9th 2022. Valid for: a year.
This is the only time adfs4.sts.altareturn.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 10 52.167.224.250 8075 (MICROSOFT...)
2 13.68.75.207 8075 (MICROSOFT...)
4 20.38.101.132 8075 (MICROSOFT...)
12 3
Apex Domain
Subdomains		 Transfer
12 altareturn.com
wilshire.altareturn.com
adfs4.sts.altareturn.com — Cisco Umbrella Rank: 223930
115 KB
4 windows.net
usadfspublic.blob.core.windows.net — Cisco Umbrella Rank: 325499
4 KB
12 2
Domain Requested by
10 wilshire.altareturn.com 4 redirects adfs4.sts.altareturn.com
wilshire.altareturn.com
4 usadfspublic.blob.core.windows.net adfs4.sts.altareturn.com
2 adfs4.sts.altareturn.com adfs4.sts.altareturn.com
12 3

This site contains links to these domains. Also see Links.

Domain
pwrecover.altareturn.com
www.allvuesystems.com
Subject Issuer Validity Valid
*.sts.altareturn.com
Go Daddy Secure Certificate Authority - G2		 2022-03-09 -
2023-04-09		 a year crt.sh
*.altareturn.com
Go Daddy Secure Certificate Authority - G2		 2022-03-15 -
2023-04-16		 a year crt.sh
*.blob.core.windows.net
Microsoft Azure TLS Issuing CA 02		 2022-08-18 -
2023-08-13		 a year crt.sh

This page contains 2 frames:

Primary Page: https://adfs4.sts.altareturn.com/adfs/ls?wa=wsignin1.0&wtrealm=urn%3aportal%3awilshire%3a4443&wctx=https%3a%2f%2fwilshire.altareturn.com%3a4443%2f_layouts%2fAuthenticate.aspx%3fSource%3d%252F
Frame ID: 4D5E1583F13BF390F5BBBB1237CCA959
Requests: 8 HTTP requests in this frame

Frame: https://wilshire.altareturn.com/_layouts/CRMPortalInteraction/Pages/XDomain.html
Frame ID: 8D485F8FEB9623893F242D715BD1BD49
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign In

Page URL History Show full URLs

  1. https://wilshire.altareturn.com/ HTTP 302
    https://wilshire.altareturn.com/_layouts/Authenticate.aspx?Source=%2F HTTP 302
    https://wilshire.altareturn.com/_login/default.aspx?ReturnUrl=%2f_layouts%2fAuthenticate.aspx%3fSource%3d%25... HTTP 302
    https://wilshire.altareturn.com/_trust/default.aspx?trust=SAML&ReturnUrl=%2f_layouts%2fAuthenticate.aspx%3fS... HTTP 302
    https://adfs4.sts.altareturn.com/adfs/ls?wa=wsignin1.0&wtrealm=urn%3aportal%3awilshire%3a4443&wctx=https%3a%2... Page URL

Page Statistics

12
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

3
IPs

1
Countries

115 kB
Transfer

108 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://wilshire.altareturn.com/ HTTP 302
    https://wilshire.altareturn.com/_layouts/Authenticate.aspx?Source=%2F HTTP 302
    https://wilshire.altareturn.com/_login/default.aspx?ReturnUrl=%2f_layouts%2fAuthenticate.aspx%3fSource%3d%252F&Source=%2F HTTP 302
    https://wilshire.altareturn.com/_trust/default.aspx?trust=SAML&ReturnUrl=%2f_layouts%2fAuthenticate.aspx%3fSource%3d%252F&Source=%2F HTTP 302
    https://adfs4.sts.altareturn.com/adfs/ls?wa=wsignin1.0&wtrealm=urn%3aportal%3awilshire%3a4443&wctx=https%3a%2f%2fwilshire.altareturn.com%3a4443%2f_layouts%2fAuthenticate.aspx%3fSource%3d%252F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ls
adfs4.sts.altareturn.com/adfs/
Redirect Chain
  • https://wilshire.altareturn.com/
  • https://wilshire.altareturn.com/_layouts/Authenticate.aspx?Source=%2F
  • https://wilshire.altareturn.com/_login/default.aspx?ReturnUrl=%2f_layouts%2fAuthenticate.aspx%3fSource%3d%252F&Source=%2F
  • https://wilshire.altareturn.com/_trust/default.aspx?trust=SAML&ReturnUrl=%2f_layouts%2fAuthenticate.aspx%3fSource%3d%252F&Source=%2F
  • https://adfs4.sts.altareturn.com/adfs/ls?wa=wsignin1.0&wtrealm=urn%3aportal%3awilshire%3a4443&wctx=https%3a%2f%2fwilshire.altareturn.com%3a4443%2f_layouts%2fAuthenticate.aspx%3fSource%3d%252F
35 KB
35 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adfs4.sts.altareturn.com/adfs/ls?wa=wsignin1.0&wtrealm=urn%3aportal%3awilshire%3a4443&wctx=https%3a%2f%2fwilshire.altareturn.com%3a4443%2f_layouts%2fAuthenticate.aspx%3fSource%3d%252F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.68.75.207 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
49c961f4ea1f709f94bf0f39370e61cbdd1e094a3cfca4d3e5996caf40409b59
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.altareturn.com *.allvuecloud.com *.allvuesystems.com
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-cache,no-store
Content-Length
35472
Content-Security-Policy
frame-ancestors *.altareturn.com *.allvuecloud.com *.allvuesystems.com
Content-Type
text/html; charset=utf-8
Date
Sun, 28 Aug 2022 23:50:08 GMT
Expires
-1
Pragma
no-cache
Server
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
X-Frame-Options
DENY

Redirect headers

Access-Control-Expose-Headers
Request-Context
Cache-Control
private, no-store
Content-Security-Policy
frame-ancestors *.altareturn.com
Content-Type
text/html; charset=utf-8
Location
https://adfs4.sts.altareturn.com/adfs/ls?wa=wsignin1.0&wtrealm=urn%3aportal%3awilshire%3a4443&wctx=https%3a%2f%2fwilshire.altareturn.com%3a4443%2f_layouts%2fAuthenticate.aspx%3fSource%3d%252F
Public-Key-Pins
pin-sha256="1N2pB9wvFFAHy34GGRtzXQNFPw1k1GT8wJYez6T7wx8=" max-age=15552000; includeSubDomains
Referrer-Policy
origin
Request-Context
appId=cid-v1:375a93ef-0385-404b-8da7-4b9e00f44921
SPIisLatency
0
SPRequestDuration
69
SPRequestGuid
9a905fa0-cc83-20fd-4c38-5efddae4f5b3
Strict-Transport-Security
max-age=15552000; includeSubDomains
Transfer-Encoding
chunked
X-Content-Security-Policy
default-src self
X-Content-Type-Options
nosniff nosniff
X-MS-InvokeApp
1; RequireReadOnly
X-SharePointHealthScore
0
X-XSS-Protection
1; mode=block
request-id
9a905fa0-cc83-20fd-4c38-5efddae4f5b3
style.css
adfs4.sts.altareturn.com/adfs/portal/css/ 		8 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://adfs4.sts.altareturn.com/adfs/portal/css/style.css?id=5434639A18521F0ED6F60F819AB424AA1F086F8DE08D9CB4EE38FA3A33BB9801
Requested by
Host: adfs4.sts.altareturn.com
URL: https://adfs4.sts.altareturn.com/adfs/ls?wa=wsignin1.0&wtrealm=urn%3aportal%3awilshire%3a4443&wctx=https%3a%2f%2fwilshire.altareturn.com%3a4443%2f_layouts%2fAuthenticate.aspx%3fSource%3d%252F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.68.75.207 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
4876ef4a46c6f4be5da71d04ca1cee609ba9c30397ac52eb856db6a0bddb7686
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.altareturn.com *.allvuecloud.com *.allvuesystems.com

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adfs4.sts.altareturn.com/adfs/ls?wa=wsignin1.0&wtrealm=urn%3aportal%3awilshire%3a4443&wctx=https%3a%2f%2fwilshire.altareturn.com%3a4443%2f_layouts%2fAuthenticate.aspx%3fSource%3d%252F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors *.altareturn.com *.allvuecloud.com *.allvuesystems.com
Server
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
ETag
5434639A18521F0ED6F60F819AB424AA1F086F8DE08D9CB4EE38FA3A33BB9801
Content-Type
text/css
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Access-Control-Allow-Credentials
true
Content-Length
8494
Date
Sun, 28 Aug 2022 23:50:08 GMT
Expires
Tue, 27 Sep 2022 23:50:08 GMT
xdomain.js
wilshire.altareturn.com/_layouts/CrmPortalInteraction/Scripts/ 		29 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wilshire.altareturn.com/_layouts/CrmPortalInteraction/Scripts/xdomain.js
Requested by
Host: adfs4.sts.altareturn.com
URL: https://adfs4.sts.altareturn.com/adfs/ls?wa=wsignin1.0&wtrealm=urn%3aportal%3awilshire%3a4443&wctx=https%3a%2f%2fwilshire.altareturn.com%3a4443%2f_layouts%2fAuthenticate.aspx%3fSource%3d%252F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.167.224.250 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9cbf21600c34e2ebd489f303e3f346baf80a35e97350b5a312bfcf13cc18d0d8
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.altareturn.com
Public-Key-Pins pin-sha256="1N2pB9wvFFAHy34GGRtzXQNFPw1k1GT8wJYez6T7wx8=" max-age=15552000; includeSubDomains
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src self
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adfs4.sts.altareturn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors *.altareturn.com
X-Content-Type-Options
nosniff, nosniff
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
Public-Key-Pins
pin-sha256="1N2pB9wvFFAHy34GGRtzXQNFPw1k1GT8wJYez6T7wx8=" max-age=15552000; includeSubDomains
Request-Context
appId=cid-v1:375a93ef-0385-404b-8da7-4b9e00f44921
X-MS-InvokeApp
1; RequireReadOnly
Referrer-Policy
origin
Last-Modified
Thu, 28 Oct 2021 13:07:34 GMT
ETag
"cb3813c6fccbd71:0"
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
application/javascript
Location
Access-Control-Expose-Headers
Request-Context
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Content-Security-Policy
default-src self
wilshire.css
usadfspublic.blob.core.windows.net/adfs4loginpageresource/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://usadfspublic.blob.core.windows.net/adfs4loginpageresource/wilshire.css
Requested by
Host: adfs4.sts.altareturn.com
URL: https://adfs4.sts.altareturn.com/adfs/ls?wa=wsignin1.0&wtrealm=urn%3aportal%3awilshire%3a4443&wctx=https%3a%2f%2fwilshire.altareturn.com%3a4443%2f_layouts%2fAuthenticate.aspx%3fSource%3d%252F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.38.101.132 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adfs4.sts.altareturn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-ms-request-id
d03e6321-001e-0076-4438-bb5646000000
Date
Sun, 28 Aug 2022 23:50:10 GMT
x-ms-version
2009-09-19
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-Length
215
Content-Type
application/xml
wilshire.js
usadfspublic.blob.core.windows.net/adfs4loginpageresource/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://usadfspublic.blob.core.windows.net/adfs4loginpageresource/wilshire.js
Requested by
Host: adfs4.sts.altareturn.com
URL: https://adfs4.sts.altareturn.com/adfs/ls?wa=wsignin1.0&wtrealm=urn%3aportal%3awilshire%3a4443&wctx=https%3a%2f%2fwilshire.altareturn.com%3a4443%2f_layouts%2fAuthenticate.aspx%3fSource%3d%252F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.38.101.132 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Referer
https://adfs4.sts.altareturn.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

x-ms-request-id
5ec05483-c01e-00c1-5f38-bb5943000000
Date
Sun, 28 Aug 2022 23:50:09 GMT
x-ms-version
2009-09-19
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-Length
215
Content-Type
application/xml
allvue_logo_big.png
usadfspublic.blob.core.windows.net/adfs4loginpageresource/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usadfspublic.blob.core.windows.net/adfs4loginpageresource/allvue_logo_big.png
Requested by
Host: adfs4.sts.altareturn.com
URL: https://adfs4.sts.altareturn.com/adfs/ls?wa=wsignin1.0&wtrealm=urn%3aportal%3awilshire%3a4443&wctx=https%3a%2f%2fwilshire.altareturn.com%3a4443%2f_layouts%2fAuthenticate.aspx%3fSource%3d%252F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.38.101.132 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
118b378233ea9ff0233efbf2fca449b11d9a49718c482e47b057106fe0f4566f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adfs4.sts.altareturn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sun, 28 Aug 2022 23:50:10 GMT
Last-Modified
Wed, 04 Mar 2020 15:11:17 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
0x8D7C04E49FA857E
Content-Type
image/png
x-ms-request-id
15cd3727-701e-0014-4638-bb119e000000
x-ms-version
2009-09-19
Content-Length
2123
allvue_logo_small_black.png
usadfspublic.blob.core.windows.net/adfs4loginpageresource/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usadfspublic.blob.core.windows.net/adfs4loginpageresource/allvue_logo_small_black.png
Requested by
Host: adfs4.sts.altareturn.com
URL: https://adfs4.sts.altareturn.com/adfs/ls?wa=wsignin1.0&wtrealm=urn%3aportal%3awilshire%3a4443&wctx=https%3a%2f%2fwilshire.altareturn.com%3a4443%2f_layouts%2fAuthenticate.aspx%3fSource%3d%252F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.38.101.132 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
dc97de0973bb5e64b69b52bfc88d1a3efbee7efa621fde292927632e068e82d5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adfs4.sts.altareturn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sun, 28 Aug 2022 23:50:09 GMT
Last-Modified
Mon, 09 Aug 2021 09:21:39 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
QehpeHr3mQasubQPwwSSTw==
ETag
0x8D95B1718220C2B
Content-Type
image/png
x-ms-request-id
d2f95ae9-c01e-000d-1b38-bb3df6000000
x-ms-version
2009-09-19
Content-Length
1364
XDomain.html
wilshire.altareturn.com/_layouts/CRMPortalInteraction/Pages/ Frame 8D48 		464 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wilshire.altareturn.com/_layouts/CRMPortalInteraction/Pages/XDomain.html
Requested by
Host: wilshire.altareturn.com
URL: https://wilshire.altareturn.com/_layouts/CrmPortalInteraction/Scripts/xdomain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.167.224.250 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8a20ff658bc86f795ec9893ef909c271ff66de406a4b9674a7b64b1b5a847cbb
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.altareturn.com
Public-Key-Pins pin-sha256="1N2pB9wvFFAHy34GGRtzXQNFPw1k1GT8wJYez6T7wx8=" max-age=15552000; includeSubDomains
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src self
X-Content-Type-Options nosniff nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://adfs4.sts.altareturn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Expose-Headers
Request-Context
Cache-Control
max-age=31536000
Content-Security-Policy
frame-ancestors *.altareturn.com
Content-Type
text/html
ETag
"f8a4ec6fccbd71:0"
Last-Modified
Thu, 28 Oct 2021 13:07:34 GMT
Location
Public-Key-Pins
pin-sha256="1N2pB9wvFFAHy34GGRtzXQNFPw1k1GT8wJYez6T7wx8=" max-age=15552000; includeSubDomains
Referrer-Policy
origin
Request-Context
appId=cid-v1:375a93ef-0385-404b-8da7-4b9e00f44921
SPIisLatency
0
SPRequestDuration
139
SPRequestGuid
9b905fa0-3c33-20fd-4c38-51db83fce556
Strict-Transport-Security
max-age=15552000; includeSubDomains
Transfer-Encoding
chunked
X-Content-Security-Policy
default-src self
X-Content-Type-Options
nosniff nosniff
X-MS-InvokeApp
1; RequireReadOnly
X-SharePointHealthScore
0
X-XSS-Protection
1; mode=block
request-id
9b905fa0-3c33-20fd-4c38-51db83fce556
xdomain.js
wilshire.altareturn.com/_layouts/CrmPortalInteraction/Scripts/ Frame 8D48 		29 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wilshire.altareturn.com/_layouts/CrmPortalInteraction/Scripts/xdomain.js
Requested by
Host: wilshire.altareturn.com
URL: https://wilshire.altareturn.com/_layouts/CRMPortalInteraction/Pages/XDomain.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.167.224.250 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9cbf21600c34e2ebd489f303e3f346baf80a35e97350b5a312bfcf13cc18d0d8
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.altareturn.com
Public-Key-Pins pin-sha256="1N2pB9wvFFAHy34GGRtzXQNFPw1k1GT8wJYez6T7wx8=" max-age=15552000; includeSubDomains
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src self
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wilshire.altareturn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors *.altareturn.com
X-Content-Type-Options
nosniff, nosniff
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
Public-Key-Pins
pin-sha256="1N2pB9wvFFAHy34GGRtzXQNFPw1k1GT8wJYez6T7wx8=" max-age=15552000; includeSubDomains
Request-Context
appId=cid-v1:375a93ef-0385-404b-8da7-4b9e00f44921
X-MS-InvokeApp
1; RequireReadOnly
Referrer-Policy
origin
Last-Modified
Thu, 28 Oct 2021 13:07:34 GMT
ETag
"cb3813c6fccbd71:0"
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
application/javascript
Location
Access-Control-Expose-Headers
Request-Context
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Content-Security-Policy
default-src self
GetLoginRecords
wilshire.altareturn.com/_layouts/CBALogin/LoginIP_enus.aspx/ Frame 8D48 		450 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wilshire.altareturn.com/_layouts/CBALogin/LoginIP_enus.aspx/GetLoginRecords
Requested by
Host: wilshire.altareturn.com
URL: https://wilshire.altareturn.com/_layouts/CrmPortalInteraction/Scripts/xdomain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.167.224.250 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e87361c475c7942c0d36417debcebbcbd9c9d203f68c052f3e1dd070a68e01a5
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.altareturn.com
Public-Key-Pins pin-sha256="1N2pB9wvFFAHy34GGRtzXQNFPw1k1GT8wJYez6T7wx8=" max-age=15552000; includeSubDomains
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src self
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wilshire.altareturn.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/json

Response headers

Content-Security-Policy
frame-ancestors *.altareturn.com
X-Content-Type-Options
nosniff, nosniff
Transfer-Encoding
chunked
SPRequestDuration
82
X-SharePointHealthScore
0
request-id
9b905fa0-cc65-20fd-4c38-5be2f270303b
X-XSS-Protection
1; mode=block
Public-Key-Pins
pin-sha256="1N2pB9wvFFAHy34GGRtzXQNFPw1k1GT8wJYez6T7wx8=" max-age=15552000; includeSubDomains
Request-Context
appId=cid-v1:375a93ef-0385-404b-8da7-4b9e00f44921
X-MS-InvokeApp
1; RequireReadOnly
Referrer-Policy
origin
SPRequestGuid
9b905fa0-cc65-20fd-4c38-5be2f270303b
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
application/json; charset=utf-8
Location
Access-Control-Expose-Headers
Request-Context
Cache-Control
private, max-age=0
SPIisLatency
0
X-Content-Security-Policy
default-src self
loginPageSettings.txt
wilshire.altareturn.com/Style%20Library/Images/ Frame 8D48 		13 B
928 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wilshire.altareturn.com/Style%20Library/Images/loginPageSettings.txt
Requested by
Host: wilshire.altareturn.com
URL: https://wilshire.altareturn.com/_layouts/CrmPortalInteraction/Scripts/xdomain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.167.224.250 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
343ec86626daf26791b7dc90a2031bb93daae8f0dae1cd45b7345736ddf48752
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.altareturn.com
Public-Key-Pins pin-sha256="1N2pB9wvFFAHy34GGRtzXQNFPw1k1GT8wJYez6T7wx8=" max-age=15552000; includeSubDomains
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src self
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wilshire.altareturn.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/json

Response headers

Content-Security-Policy
frame-ancestors *.altareturn.com
X-Content-Type-Options
nosniff, nosniff
Access-Control-Expose-Headers
Request-Context
SPRequestDuration
164
X-SharePointHealthScore
0
Public-Extension
http://schemas.microsoft.com/repl-2
request-id
9b905fa0-1c66-20fd-4c38-599a3490bfd6
Content-Length
13
X-XSS-Protection
1; mode=block
Public-Key-Pins
pin-sha256="1N2pB9wvFFAHy34GGRtzXQNFPw1k1GT8wJYez6T7wx8=" max-age=15552000; includeSubDomains
Request-Context
appId=cid-v1:375a93ef-0385-404b-8da7-4b9e00f44921
X-MS-InvokeApp
1; RequireReadOnly
Referrer-Policy
origin
SPRequestGuid
9b905fa0-1c66-20fd-4c38-599a3490bfd6
Strict-Transport-Security
max-age=15552000; includeSubDomains
Location
Expires
Sat, 13 Aug 2022 23:50:10 GMT
Cache-Control
private,max-age=0
SPIisLatency
0
X-Content-Security-Policy
default-src self
Wilshire_Logo.png
wilshire.altareturn.com/Style%20Library/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wilshire.altareturn.com/Style%20Library/Wilshire_Logo.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.167.224.250 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2293f3fbe5254187cc5e8db258cf3d1ed06c03af9c7a7d0db1538ca30aefe048
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.altareturn.com
Public-Key-Pins pin-sha256="1N2pB9wvFFAHy34GGRtzXQNFPw1k1GT8wJYez6T7wx8=" max-age=15552000; includeSubDomains
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src self
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adfs4.sts.altareturn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors *.altareturn.com
X-Content-Type-Options
nosniff, nosniff
request-id
9b905fa0-fc7d-20fd-4c38-563eaa2ac525
Transfer-Encoding
chunked
SPRequestDuration
123
X-SharePointHealthScore
0
ResourceTag
rt:7F0C2AC5-6C6B-4C99-B001-7C27C2ECC4D4@00000000013
Public-Extension
http://schemas.microsoft.com/repl-2
X-XSS-Protection
1; mode=block
Public-Key-Pins
pin-sha256="1N2pB9wvFFAHy34GGRtzXQNFPw1k1GT8wJYez6T7wx8=" max-age=15552000; includeSubDomains
Request-Context
appId=cid-v1:375a93ef-0385-404b-8da7-4b9e00f44921
X-MS-InvokeApp
1; RequireReadOnly
Referrer-Policy
origin
Expires
Sat, 13 Aug 2022 23:50:11 GMT
Last-Modified
Mon, 11 Oct 2021 23:45:25 GMT
SPRequestGuid
9b905fa0-fc7d-20fd-4c38-563eaa2ac525
ETag
"{7F0C2AC5-6C6B-4C99-B001-7C27C2ECC4D4},13"
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
image/png
Location
Access-Control-Expose-Headers
Request-Context
Cache-Control
private,max-age=0
SPIisLatency
0
X-Content-Security-Policy
default-src self

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| LoginErrors number| maxPasswordLength function| InputUtil function| SelectOption function| Login string| domain string| blobPath string| LoginFirstTimeUser string| LoginResetPasswordUrl undefined| emails undefined| msViewportStyle undefined| viewport function| getStyle function| computeLoadIllustration function| $ function| ifElementExists function| getQueryVariable string| portalHostName string| portalHost object| img object| btnSignInDisabled function| checkForValidInputs object| a object| linkText object| span object| loadingDiv number| count number| countMaximum number| xdomain_interval undefined| firsttime_link undefined| forgot_link function| toggleFormVisibility object| xhook function| xdomain

2 Cookies

Domain/Path Name / Value
wilshire.altareturn.com/ Name: BIGipServerSP_PROD_ADFS.app~SP_PROD_ADFS_pool
Value: 236103872.23313.0000
wilshire.altareturn.com/ Name: TS012b7d17
Value: 01ad11bbd40775b55a2868e0f5462df2ea69c189291f448f348c491806cf963e97f957c8bdbbbd97ad55186014d60a1508629291eb

4 Console Messages

Source Level URL
Text
javascript warning URL: https://adfs4.sts.altareturn.com/adfs/ls?wa=wsignin1.0&wtrealm=urn%3aportal%3awilshire%3a4443&wctx=https%3a%2f%2fwilshire.altareturn.com%3a4443%2f_layouts%2fAuthenticate.aspx%3fSource%3d%252F(Line 894)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://usadfspublic.blob.core.windows.net/adfs4loginpageresource/wilshire.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://usadfspublic.blob.core.windows.net/adfs4loginpageresource/wilshire.css
Message:
Failed to load resource: the server responded with a status of 404 (The specified blob does not exist.)
network error URL: https://usadfspublic.blob.core.windows.net/adfs4loginpageresource/wilshire.js
Message:
Failed to load resource: the server responded with a status of 404 (The specified blob does not exist.)
network error URL: https://wilshire.altareturn.com/Style%20Library/Images/loginPageSettings.txt
Message:
Failed to load resource: the server responded with a status of 404 (NOT FOUND)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors *.altareturn.com *.allvuecloud.com *.allvuesystems.com
X-Frame-Options DENY