urlscan.io logo urlscan.io
SecurityTrails logo

adfs.luxair.lu Open in urlscan Pro
213.166.32.71  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://luxair.csod.com/
Effective URL: https://adfs.luxair.lu/adfs/ls/idpinitiatedsignon.aspx
Submission: On March 06 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 4 HTTP transactions. The main IP is 213.166.32.71, located in Luxembourg and belongs to EPT-LU Entreprise des P. et T. Luxembourg, LU. The main domain is adfs.luxair.lu.
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on March 16th 2023. Valid for: a year.
This is the only time adfs.luxair.lu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 3 65.9.66.111 16509 (AMAZON-02)
3 213.166.32.71 6661 (EPT-LU En...)
4 2
Apex Domain
Subdomains		 Transfer
3 luxair.lu
adfs.luxair.lu
61 KB
3 csod.com
luxair.csod.com
4 KB
4 2
Domain Requested by
3 adfs.luxair.lu adfs.luxair.lu
3 luxair.csod.com 2 redirects
4 2

This site contains no links.

Subject Issuer Validity Valid
*.csod.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-08 -
2025-03-10		 a year crt.sh
*.luxair.lu
GlobalSign RSA OV SSL CA 2018		 2023-03-16 -
2024-04-16		 a year crt.sh

This page contains 1 frames:

Primary Page: https://adfs.luxair.lu/adfs/ls/idpinitiatedsignon.aspx
Frame ID: D195E8336B739064B5C4D7E646AABE4A
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Anmelden

Page URL History Show full URLs

  1. http://luxair.csod.com/ HTTP 301
    https://luxair.csod.com/ HTTP 302
    https://luxair.csod.com/samldefault.aspx?ouid=2 Page URL
  2. https://adfs.luxair.lu/adfs/ls/idpinitiatedsignon.aspx Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)

Page Statistics

4
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

64 kB
Transfer

60 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://luxair.csod.com/ HTTP 301
    https://luxair.csod.com/ HTTP 302
    https://luxair.csod.com/samldefault.aspx?ouid=2 Page URL
  2. https://adfs.luxair.lu/adfs/ls/idpinitiatedsignon.aspx Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://luxair.csod.com/ HTTP 301
  • https://luxair.csod.com/ HTTP 302
  • https://luxair.csod.com/samldefault.aspx?ouid=2

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
samldefault.aspx
luxair.csod.com/
Redirect Chain
  • http://luxair.csod.com/
  • https://luxair.csod.com/
  • https://luxair.csod.com/samldefault.aspx?ouid=2
3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://luxair.csod.com/samldefault.aspx?ouid=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-111.fra56.r.cloudfront.net
Software
edge-ls /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=156768000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-encoding
gzip
content-type
text/html; charset=utf-8
correlation_id
4ee38cc4-b26e-4c4c-b040-f6af765587eb
date
Wed, 06 Mar 2024 15:17:55 GMT
expires
-1
p3p
CP="DSP NON CUR ADM HIS OTP OUR DEL NOR IND DEM UNI TAI STA NAV COM SAM PUR DEV PSA PSD"
permissions-policy
geolocation=()
pics-label
(pics-1.1 "http://www.icra.org/ratingsv02.html" comment "ICRAonline EN v2.0" l r (nz 1 vz 1 lz 1 oz 1 cz 1) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
pragma
no-cache
s-n
1D5U
server
edge-ls
strict-transport-security
max-age=156768000; includeSubdomains
true_route
/samldefault.aspx
true_status
Ok
vary
Accept-Encoding
via
1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
x-amz-cf-id
1FwKXVxwlDxxE3oEXzFx5tuuC4ja1jw27pelrnyVcJFb7cE6tcxVsQ==
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-kong-proxy-latency
0
x-kong-upstream-latency
28
x-kong-upstream-status
200
x-robots-tag
noindex
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
164
content-type
text/html; charset=utf-8
correlation_id
faa89a67-4f92-40d1-8b54-7a55cf00e129
date
Wed, 06 Mar 2024 15:17:55 GMT
expires
-1
location
https://luxair.csod.com/samldefault.aspx?ouid=2
p3p
CP="DSP NON CUR ADM HIS OTP OUR DEL NOR IND DEM UNI TAI STA NAV COM SAM PUR DEV PSA PSD"
permissions-policy
geolocation=()
pics-label
(pics-1.1 "http://www.icra.org/ratingsv02.html" comment "ICRAonline EN v2.0" l r (nz 1 vz 1 lz 1 oz 1 cz 1) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
pragma
no-cache
s-n
1AF4
server
edge-ls
strict-transport-security
max-age=156768000; includeSubdomains
true_route
/default.aspx
true_status
Ok
via
1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
x-amz-cf-id
Pug_xMMQ3VwBMIxuqSyoek6OlQD5YQvyVCXcczBZDiprCBuLESnGlA==
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-kong-proxy-latency
1
x-kong-upstream-latency
8
x-kong-upstream-status
302
x-robots-tag
noindex
x-xss-protection
1; mode=block
Primary Request idpinitiatedsignon.aspx
adfs.luxair.lu/adfs/ls/ 		16 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adfs.luxair.lu/adfs/ls/idpinitiatedsignon.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
213.166.32.71 , Luxembourg, ASN6661 (EPT-LU Entreprise des P. et T. Luxembourg, LU),
Reverse DNS
adfs.luxair.lu
Software
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
2af402dd7117cef881279e20ff179496a3e76927127bb728f2e16bddf24479a6
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://luxair.csod.com
Referer
https://luxair.csod.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache,no-store
Content-Length
16720
Content-Type
text/html; charset=utf-8
Date
Wed, 06 Mar 2024 15:17:55 GMT
Expires
-1
P3P
CP="ADFS doesn't have P3P policy, please contact your site's admin for more details."
Pragma
no-cache
Server
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
x-frame-options
DENY
style.css
adfs.luxair.lu/adfs/portal/css/ 		8 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://adfs.luxair.lu/adfs/portal/css/style.css?id=D74D4D6943F32AE6F7F11D14D601DBB0E1A58919176EE512150366B6279AAF99
Requested by
Host: adfs.luxair.lu
URL: https://adfs.luxair.lu/adfs/ls/idpinitiatedsignon.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
213.166.32.71 , Luxembourg, ASN6661 (EPT-LU Entreprise des P. et T. Luxembourg, LU),
Reverse DNS
adfs.luxair.lu
Software
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d74d4d6943f32ae6f7f11d14d601dbb0e1a58919176ee512150366b6279aaf99

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adfs.luxair.lu/adfs/ls/idpinitiatedsignon.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Expires
Fri, 05 Apr 2024 14:17:55 GMT
Date
Wed, 06 Mar 2024 15:17:55 GMT
Server
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
ETag
D74D4D6943F32AE6F7F11D14D601DBB0E1A58919176EE512150366B6279AAF99
Content-Length
7812
Content-Type
text/css
illustration.png
adfs.luxair.lu/adfs/portal/illustration/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adfs.luxair.lu/adfs/portal/illustration/illustration.png?id=402F034EE58209C4CAE21BDE71ADCD6C66FDC189D6EAF8DE5D85BD2669665EC8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
213.166.32.71 , Luxembourg, ASN6661 (EPT-LU Entreprise des P. et T. Luxembourg, LU),
Reverse DNS
adfs.luxair.lu
Software
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
402f034ee58209c4cae21bde71adcd6c66fdc189d6eaf8de5d85bd2669665ec8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adfs.luxair.lu/adfs/ls/idpinitiatedsignon.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Expires
Fri, 05 Apr 2024 14:17:55 GMT
Date
Wed, 06 Mar 2024 15:17:55 GMT
Server
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
ETag
402F034EE58209C4CAE21BDE71ADCD6C66FDC189D6EAF8DE5D85BD2669665EC8
Content-Length
33381
Content-Type
image/png

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| LoginErrors number| maxPasswordLength function| InputUtil function| SelectOption function| Login undefined| emails undefined| msViewportStyle undefined| viewport function| getStyle function| computeLoadIllustration object| loginMessage function| runScript function| AppendUPN

3 Cookies

Domain/Path Name / Value
adfs.luxair.lu/adfs Name: MSISSamlRequest
Value: QmFzZVVybD1odHRwcyUzYSUyZiUyZmFkZnMubHV4YWlyLmx1JTNhNDQzJTJmYWRmcyUyZmxzJTJmaWRwaW5pdGlhdGVkc2lnbm9uLmFzcHhcU0FNTFJlcXVlc3Q9UEQ5NGJXd2dkbVZ5YzJsdmJqMGlNUzR3SWlCbGJtTnZaR2x1WnowaWRYUm1MVGdpUHo0OFFYVjBhRzVTWlhGMVpYTjBJSGh0Ykc1ek9uaHpaRDBpYUhSMGNEb3ZMM2QzZHk1M015NXZjbWN2TWpBd01TOVlUVXhUWTJobGJXRWlJSGh0Ykc1ek9uaHphVDBpYUhSMGNEb3ZMM2QzZHk1M015NXZjbWN2TWpBd01TOVlUVXhUWTJobGJXRXRhVzV6ZEdGdVkyVWlJRWxFUFNKZk5UQmtNemd4WVdZdE9UazNNeTAwT1dZNUxUZzJaREF0T0RSbU9EY3dZMk5rT1RJNElpQldaWEp6YVc5dVBTSXlMakFpSUVsemMzVmxTVzV6ZEdGdWREMGlNakF5TkMwd015MHdObFF4TlRveE56bzFOUzQxTlRnd05qTTRXaUlnUkdWemRHbHVZWFJwYjI0OUltaDBkSEJ6T2k4dllXUm1jeTVzZFhoaGFYSXViSFV2WVdSbWN5OXNjeTlwWkhCcGJtbDBhV0YwWldSemFXZHViMjR1WVhOd2VDSWdVSEp2ZEc5amIyeENhVzVrYVc1blBTSjFjbTQ2YjJGemFYTTZibUZ0WlhNNmRHTTZVMEZOVERveUxqQTZZbWx1WkdsdVozTTZTRlJVVUMxUVQxTlVJaUJCYzNObGNuUnBiMjVEYjI1emRXMWxjbE5sY25acFkyVlZVa3c5SW1oMGRIQnpPaTh2YkhWNFlXbHlMbU56YjJRdVkyOXRMM05oYld4a1pXWmhkV3gwTG1GemNIZyUyZmIzVnBaRDB5SWlCNGJXeHVjejBpZFhKdU9tOWhjMmx6T201aGJXVnpPblJqT2xOQlRVdzZNaTR3T25CeWIzUnZZMjlzSWo0OFNYTnpkV1Z5SUhodGJHNXpQU0oxY200NmIyRnphWE02Ym1GdFpYTTZkR002VTBGTlREb3lMakE2WVhOelpYSjBhVzl1SWo1b2RIUndjem92TDJ4MWVHRnBjaTVqYzI5a0xtTnZiVHd2U1hOemRXVnlQanhUYVdkdVlYUjFjbVVnZUcxc2JuTTlJbWgwZEhBNkx5OTNkM2N1ZHpNdWIzSm5Mekl3TURBdk1Ea3ZlRzFzWkhOcFp5TWlQanhUYVdkdVpXUkpibVp2UGp4RFlXNXZibWxqWVd4cGVtRjBhVzl1VFdWMGFHOWtJRUZzWjI5eWFYUm9iVDBpYUhSMGNEb3ZMM2QzZHk1M015NXZjbWN2TWpBd01TOHhNQzk0Yld3dFpYaGpMV014Tkc0aklpQXZQanhUYVdkdVlYUjFjbVZOWlhSb2IyUWdRV3huYjNKcGRHaHRQU0pvZEhSd09pOHZkM2QzTG5jekxtOXlaeTh5TURBeEx6QTBMM2h0YkdSemFXY3RiVzl5WlNOeWMyRXRjMmhoTWpVMklpQXZQanhTWldabGNtVnVZMlVnVlZKSlBTSWpYelV3WkRNNE1XRm1MVGs1TnpNdE5EbG1PUzA0Tm1Rd0xUZzBaamczTUdOalpEa3lPQ0klMmJQRlJ5WVc1elptOXliWE0lMmJQRlJ5WVc1elptOXliU0JCYkdkdmNtbDBhRzA5SW1oMGRIQTZMeTkzZDNjdWR6TXViM0puTHpJd01EQXZNRGt2ZUcxc1pITnBaeU5sYm5abGJHOXdaV1F0YzJsbmJtRjBkWEpsSWlBdlBqeFVjbUZ1YzJadmNtMGdRV3huYjNKcGRHaHRQU0pvZEhSd09pOHZkM2QzTG5jekxtOXlaeTh5TURBeEx6RXdMM2h0YkMxbGVHTXRZekUwYmlNaUlDOCUyYlBDOVVjbUZ1YzJadmNtMXpQanhFYVdk
adfs.luxair.lu/adfs Name: MSISSamlRequest1
Value: bGMzUk5aWFJvYjJRZ1FXeG5iM0pwZEdodFBTSm9kSFJ3T2k4dmQzZDNMbmN6TG05eVp5OHlNREF4THpBMEwzaHRiR1Z1WXlOemFHRXlOVFlpSUM4JTJiUEVScFoyVnpkRlpoYkhWbFBteEJhWGxqZDJvNVNIRlFVVGxtWkRaSFpXdzJOVkJPVWxSR1NXTnZVekZaZEZab01HWXZNelZoTDBrOVBDOUVhV2RsYzNSV1lXeDFaVDQ4TDFKbFptVnlaVzVqWlQ0OEwxTnBaMjVsWkVsdVptOCUyYlBGTnBaMjVoZEhWeVpWWmhiSFZsUG1aWWMyRlRjME5ZVUM4dk1rUkxObmdyZEhvNU9XbFllRzVDUjFGNVpsUlRRakJpZDFKWmRrSm1RbUZMZEVVM2JGRmhPWEpPTmlzck5VNWthMDFKUm1FeVoxRTRWVGxuU0NzNWVqaG5kV1l6TW1aaWRVZE1ZaXRaY2xsVmIwaExTMFJ5Y1ZKaGNWWnlUbGR6Ym5Ob2RFUjZWblE0UlVWb1REUkdiVFYzT1hkalVXUnRZMkl5UkZaSVZUWndkMHBPZW10TE5UaFNjVUZOUWxkSmJXWkZNak5HVjBKdFIwUmxMMGRaYkRaWFRtUm5TVE00TVRGQ1lrUktXR2hUTlRSQmFHUmllR3RJV2xsck1taHBiRk5sT1c1aVprdEZNa00wUzI1R2VGRnJlbEppVEV4NE5tOTZlWGN4TWl0Q2QydG9ieTlEUWpKeGQyMVBiRzFxUjNkTmNtMUxNSGcyUlRZMGFXOVVTbEpoUlhsQksxWlFXbmw2Y1RKV1pIaDVaVGxHY3pSQ2Qza3dPV05qVDNwaFdtRmpNMnh6UlZkRWVuRmtWR2NyYUhoT1RXSlJkWEZvZVVsbGRURnlRakJUUldWbmEzZFFiVVF6VFRSNlpYUkxRMjl6SzBSb1J5OUpSbVZvVEZSSVIxcEdTVEJFYUVKcFVERTJNaXQ1YlVweVZFazNWbmN4U3pCU01YZERZVzluVG1FMGVYaE1WbTQxUjAxbFlrMXdMekJVTVhwTU1EUkxNazFrZEROd2FVd3pVVEJGVERSWGFqWllaeTh6WjI4dmVqbGFWM1JLZFRKUVZWbHFlWEE0TXpSWWMxQnplVXg0WjFaQk1DODVaV1ZpYkU5UE5XVXphV3MzTWpoWlYzWndWVlJMVERaeFIwWnJTVkZ3VTIwd2JXOXdVVWxNYjFGRFlraFZSVXBWU0RaeVpFZExheXNyVDB0eGNraElORkZzZVZsdFNXRXZaa3BHVDNaeVdGSnNRWHBzWTJoVWVXVXZXVmhhV1VkRVlqWkJSVkJCUW1kalJVVnBVbXg2VDJ4MWVtTmhkV3BYV1ZSVk5XWXZhME5wT0VFdlozazNSVk5vVjFka1ZVbGxTMGs0VUV0RVJteENWVzlQVUZGYWNYaDNNakZ4VVdKaWRGVm9NVWx6YWxGMVNGRkJha0ZUT0ZOQlNGUk5Vbk5JVWtodWIwczVhSFpwUWtGYVRtTjRjSEEwUFR3dlUybG5ibUYwZFhKbFZtRnNkV1UlMmJQQzlUYVdkdVlYUjFjbVUlMmJQRTVoYldWSlJGQnZiR2xqZVNCR2IzSnRZWFE5SW5WeWJqcHZZWE5wY3pwdVlXMWxjenAwWXpwVFFVMU1PakV1TVRwdVlXMWxhV1F0Wm05eWJXRjBPblZ1YzNCbFkybG1hV1ZrSWlBdlBqd3ZRWFYwYUc1U1pYRjFaWE4wUGclM2QlM2RcUHJvdG9jb2xCaW5kaW5nPXVybiUzYW9hc2lzJTNhbmFtZXMlM2F0YyUzYVNBTUwlM2EyLjAlM2FiaW5kaW5ncyUzYUhUVFAtUE9TVA==
luxair.csod.com/ Name: ASP.NET_SessionId
Value: brbll0ra4a5vmrrfqlydw42y

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=156768000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adfs.luxair.lu
luxair.csod.com
213.166.32.71
65.9.66.111
2af402dd7117cef881279e20ff179496a3e76927127bb728f2e16bddf24479a6
402f034ee58209c4cae21bde71adcd6c66fdc189d6eaf8de5d85bd2669665ec8
d74d4d6943f32ae6f7f11d14d601dbb0e1a58919176ee512150366b6279aaf99