![](/screenshots/a7ca473b-e7dc-4bdd-99fe-98b607842f3a.png)
adfs4.sts.altareturn.com
Open in
urlscan Pro
13.68.75.207
Public Scan
Effective URL: https://adfs4.sts.altareturn.com/adfs/ls?wa=wsignin1.0&wtrealm=urn%3aportal%3awilshire%3a4443&wctx=https%3a%2f%2fwilshire.altaret...
Submission: On August 28 via manual from AU — Scanned from AU
Summary
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on March 9th 2022. Valid for: a year.
This is the only time adfs4.sts.altareturn.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
4 10 | 52.167.224.250 52.167.224.250 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
2 | 13.68.75.207 13.68.75.207 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
4 | 20.38.101.132 20.38.101.132 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
12 | 3 |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
wilshire.altareturn.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
adfs4.sts.altareturn.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
usadfspublic.blob.core.windows.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
altareturn.com
4 redirects
wilshire.altareturn.com adfs4.sts.altareturn.com — Cisco Umbrella Rank: 223930 |
115 KB |
4 |
windows.net
usadfspublic.blob.core.windows.net — Cisco Umbrella Rank: 325499 |
4 KB |
12 | 2 |
Domain | Requested by | |
---|---|---|
10 | wilshire.altareturn.com |
4 redirects
adfs4.sts.altareturn.com
wilshire.altareturn.com |
4 | usadfspublic.blob.core.windows.net |
adfs4.sts.altareturn.com
|
2 | adfs4.sts.altareturn.com |
adfs4.sts.altareturn.com
|
12 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
pwrecover.altareturn.com |
www.allvuesystems.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.sts.altareturn.com Go Daddy Secure Certificate Authority - G2 |
2022-03-09 - 2023-04-09 |
a year | crt.sh |
*.altareturn.com Go Daddy Secure Certificate Authority - G2 |
2022-03-15 - 2023-04-16 |
a year | crt.sh |
*.blob.core.windows.net Microsoft Azure TLS Issuing CA 02 |
2022-08-18 - 2023-08-13 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://adfs4.sts.altareturn.com/adfs/ls?wa=wsignin1.0&wtrealm=urn%3aportal%3awilshire%3a4443&wctx=https%3a%2f%2fwilshire.altareturn.com%3a4443%2f_layouts%2fAuthenticate.aspx%3fSource%3d%252F
Frame ID: 4D5E1583F13BF390F5BBBB1237CCA959
Requests: 8 HTTP requests in this frame
Frame:
https://wilshire.altareturn.com/_layouts/CRMPortalInteraction/Pages/XDomain.html
Frame ID: 8D485F8FEB9623893F242D715BD1BD49
Requests: 4 HTTP requests in this frame
Screenshot
![](/screenshots/a7ca473b-e7dc-4bdd-99fe-98b607842f3a.png)
Page Title
Sign InPage URL History Show full URLs
-
https://wilshire.altareturn.com/
HTTP 302
https://wilshire.altareturn.com/_layouts/Authenticate.aspx?Source=%2F HTTP 302
https://wilshire.altareturn.com/_login/default.aspx?ReturnUrl=%2f_layouts%2fAuthenticate.aspx%3fSource%3d%25... HTTP 302
https://wilshire.altareturn.com/_trust/default.aspx?trust=SAML&ReturnUrl=%2f_layouts%2fAuthenticate.aspx%3fS... HTTP 302
https://adfs4.sts.altareturn.com/adfs/ls?wa=wsignin1.0&wtrealm=urn%3aportal%3awilshire%3a4443&wctx=https%3a%2... Page URL
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Forgot your password?
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://wilshire.altareturn.com/
HTTP 302
https://wilshire.altareturn.com/_layouts/Authenticate.aspx?Source=%2F HTTP 302
https://wilshire.altareturn.com/_login/default.aspx?ReturnUrl=%2f_layouts%2fAuthenticate.aspx%3fSource%3d%252F&Source=%2F HTTP 302
https://wilshire.altareturn.com/_trust/default.aspx?trust=SAML&ReturnUrl=%2f_layouts%2fAuthenticate.aspx%3fSource%3d%252F&Source=%2F HTTP 302
https://adfs4.sts.altareturn.com/adfs/ls?wa=wsignin1.0&wtrealm=urn%3aportal%3awilshire%3a4443&wctx=https%3a%2f%2fwilshire.altareturn.com%3a4443%2f_layouts%2fAuthenticate.aspx%3fSource%3d%252F Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
12 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
ls
adfs4.sts.altareturn.com/adfs/ Redirect Chain
|
35 KB 35 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
adfs4.sts.altareturn.com/adfs/portal/css/ |
8 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
xdomain.js
wilshire.altareturn.com/_layouts/CrmPortalInteraction/Scripts/ |
29 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wilshire.css
usadfspublic.blob.core.windows.net/adfs4loginpageresource/ |
0 0 |
Stylesheet
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wilshire.js
usadfspublic.blob.core.windows.net/adfs4loginpageresource/ |
0 0 |
Script
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
allvue_logo_big.png
usadfspublic.blob.core.windows.net/adfs4loginpageresource/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
allvue_logo_small_black.png
usadfspublic.blob.core.windows.net/adfs4loginpageresource/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
XDomain.html
wilshire.altareturn.com/_layouts/CRMPortalInteraction/Pages/ Frame 8D48 |
464 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
xdomain.js
wilshire.altareturn.com/_layouts/CrmPortalInteraction/Scripts/ Frame 8D48 |
29 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
GetLoginRecords
wilshire.altareturn.com/_layouts/CBALogin/LoginIP_enus.aspx/ Frame 8D48 |
450 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
loginPageSettings.txt
wilshire.altareturn.com/Style%20Library/Images/ Frame 8D48 |
13 B 928 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Wilshire_Logo.png
wilshire.altareturn.com/Style%20Library/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
43 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| LoginErrors number| maxPasswordLength function| InputUtil function| SelectOption function| Login string| domain string| blobPath string| LoginFirstTimeUser string| LoginResetPasswordUrl undefined| emails undefined| msViewportStyle undefined| viewport function| getStyle function| computeLoadIllustration function| $ function| ifElementExists function| getQueryVariable string| portalHostName string| portalHost object| img object| btnSignInDisabled function| checkForValidInputs object| a object| linkText object| span object| loadingDiv number| count number| countMaximum number| xdomain_interval undefined| firsttime_link undefined| forgot_link function| toggleFormVisibility object| xhook function| xdomain2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
wilshire.altareturn.com/ | Name: BIGipServerSP_PROD_ADFS.app~SP_PROD_ADFS_pool Value: 236103872.23313.0000 |
|
wilshire.altareturn.com/ | Name: TS012b7d17 Value: 01ad11bbd40775b55a2868e0f5462df2ea69c189291f448f348c491806cf963e97f957c8bdbbbd97ad55186014d60a1508629291eb |
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | frame-ancestors *.altareturn.com *.allvuecloud.com *.allvuesystems.com |
X-Frame-Options | DENY |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
adfs4.sts.altareturn.com
usadfspublic.blob.core.windows.net
wilshire.altareturn.com
13.68.75.207
20.38.101.132
52.167.224.250
118b378233ea9ff0233efbf2fca449b11d9a49718c482e47b057106fe0f4566f
2293f3fbe5254187cc5e8db258cf3d1ed06c03af9c7a7d0db1538ca30aefe048
343ec86626daf26791b7dc90a2031bb93daae8f0dae1cd45b7345736ddf48752
4876ef4a46c6f4be5da71d04ca1cee609ba9c30397ac52eb856db6a0bddb7686
49c961f4ea1f709f94bf0f39370e61cbdd1e094a3cfca4d3e5996caf40409b59
8a20ff658bc86f795ec9893ef909c271ff66de406a4b9674a7b64b1b5a847cbb
9cbf21600c34e2ebd489f303e3f346baf80a35e97350b5a312bfcf13cc18d0d8
dc97de0973bb5e64b69b52bfc88d1a3efbee7efa621fde292927632e068e82d5
e87361c475c7942c0d36417debcebbcbd9c9d203f68c052f3e1dd070a68e01a5