webauth.southernco.com
Open in
urlscan Pro
146.126.91.240
Public Scan
Effective URL: https://webauth.southernco.com/login.aspx?WL_Type=E&WL_AppId=https://southernco.stratustms.com/ERGInsights&WL_ReturnMethod=FV&W...
Submission: On September 21 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on November 23rd 2022. Valid for: a year.
This is the only time webauth.southernco.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 2 | 20.25.234.29 20.25.234.29 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
3 3 | 146.126.88.39 146.126.88.39 | 6501 (SOUTHERNET) (SOUTHERNET) | |
12 | 146.126.91.240 146.126.91.240 | 6501 (SOUTHERNET) (SOUTHERNET) | |
12 | 1 |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
southernco.stratustms.com |
ASN6501 (SOUTHERNET, US)
PTR: webauth.external.southernco.com
webauth.southernco.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
southernco.com
webauth.southernco.com — Cisco Umbrella Rank: 842830 |
82 KB |
3 |
southerncompany.com
3 redirects
webauthentication.southerncompany.com |
2 KB |
2 |
stratustms.com
2 redirects
southernco.stratustms.com |
896 B |
12 | 3 |
Domain | Requested by | |
---|---|---|
12 | webauth.southernco.com |
webauth.southernco.com
|
3 | webauthentication.southerncompany.com | 3 redirects |
2 | southernco.stratustms.com | 2 redirects |
12 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.southernco.com GlobalSign RSA OV SSL CA 2018 |
2022-11-23 - 2023-12-25 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://webauth.southernco.com/login.aspx?WL_Type=E&WL_AppId=https://southernco.stratustms.com/ERGInsights&WL_ReturnMethod=FV&WL_Expire=1&MFAConfigUnknown=4&WL_ReturnUrl=https%3a%2f%2fwebauthentication.southerncompany.com%2fLogin.aspx%3fReturnUrl%3d%252fHostedRedirect.aspx%253fapp%253dhttps%253a%252f%252fsouthernco.stratustms.com%252fERGInsights%2526authRequest%253d1%26app%3dhttps%3a%2f%2fsouthernco.stratustms.com%2fERGInsights%26authRequest%3d1
Frame ID: 6910D4A9A26D686B3C18FD708DB35926
Requests: 12 HTTP requests in this frame
Screenshot
Page Title
LoginPage URL History Show full URLs
-
https://southernco.stratustms.com/group/groupdetails/31275
HTTP 302
https://southernco.stratustms.com/Account/Login?ReturnUrl=%2Fgroup%2Fgroupdetails%2F31275 HTTP 302
https://webauthentication.southerncompany.com/SamlRequestRedirectReceiver.aspx?SAMLRequest=fJHBTsMwDIZfpcq9bZoVtEZtpUlDaBJ... HTTP 302
https://webauthentication.southerncompany.com/HostedRedirect.aspx?app=https://southernco.stratustms.com/ERGInsights&authRe... HTTP 302
https://webauthentication.southerncompany.com/Login.aspx?ReturnUrl=%2fHostedRedirect.aspx%3fapp%3dhttps%3a%2f%2fsouthernco... HTTP 302
https://webauth.southernco.com/login.aspx?WL_Type=E&WL_AppId=https://southernco.stratustms.com/ERGInsights&... Page URL
Detected technologies
Microsoft ASP.NET (Web Frameworks) ExpandDetected patterns
- \.aspx?(?:$|\?)
- <input[^>]+name="__VIEWSTATE
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://southernco.stratustms.com/group/groupdetails/31275
HTTP 302
https://southernco.stratustms.com/Account/Login?ReturnUrl=%2Fgroup%2Fgroupdetails%2F31275 HTTP 302
https://webauthentication.southerncompany.com/SamlRequestRedirectReceiver.aspx?SAMLRequest=fJHBTsMwDIZfpcq9bZoVtEZtpUlDaBJcOsSBC8oSi0ZqkxK7MN6erAzBLjtZtvX99m%2FXqMZBTHIzU%2B86eJ8BKTmOg0P502nYHJz0Ci1Kp0ZASVruN48PUmRcTsGT135g%2F5nriEKEQNY7luy2DXtVa2NuSlOkwpSQlrzS6aHi67RcF1VZiEpxAyx5hoCRaViUiCDiDDuHpBzFEherlFepKJ4KLsVKlrcZL%2FgLS7bRjXXqNK1hPdGEMs8%2F4aCiW3Bk9dLK0J%2Fy4LQfJ%2BW%2BshjzfXRyvkcHxgbQMWqwHxAyhdORtfViVi67hPZX%2FU8rQwqKZqQRF8W77j6ubN96wjq%2FYM%2Fp5RfabwAAAP%2F%2FAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA&RelayState=returnUrl%3D%252Fgroup%252Fgroupdetails%252F31275 HTTP 302
https://webauthentication.southerncompany.com/HostedRedirect.aspx?app=https://southernco.stratustms.com/ERGInsights&authRequest=1 HTTP 302
https://webauthentication.southerncompany.com/Login.aspx?ReturnUrl=%2fHostedRedirect.aspx%3fapp%3dhttps%3a%2f%2fsouthernco.stratustms.com%2fERGInsights%26authRequest%3d1&app=https://southernco.stratustms.com/ERGInsights&authRequest=1 HTTP 302
https://webauth.southernco.com/login.aspx?WL_Type=E&WL_AppId=https://southernco.stratustms.com/ERGInsights&WL_ReturnMethod=FV&WL_Expire=1&MFAConfigUnknown=4&WL_ReturnUrl=https%3a%2f%2fwebauthentication.southerncompany.com%2fLogin.aspx%3fReturnUrl%3d%252fHostedRedirect.aspx%253fapp%253dhttps%253a%252f%252fsouthernco.stratustms.com%252fERGInsights%2526authRequest%253d1%26app%3dhttps%3a%2f%2fsouthernco.stratustms.com%2fERGInsights%26authRequest%3d1 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
12 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
login.aspx
webauth.southernco.com/ Redirect Chain
|
20 KB 21 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
08ee380112ab2000ce95dcc1aa6e1e04d377d51c0bb56b6df835d7c07a8a24802bb01feda1221fb9
webauth.southernco.com/TSbd/ |
55 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
webAuthMessaging.js
webauth.southernco.com/Scripts/ |
4 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
AppStyle.css
webauth.southernco.com/App_Themes/DEFAULT/ |
7 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
keys.png
webauth.southernco.com/Images/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon_help.gif
webauth.southernco.com/App_Themes/DEFAULT/ |
1 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
btn_r_login.gif
webauth.southernco.com/App_Themes/DEFAULT/ |
477 B 777 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
btn_r_cancel.gif
webauth.southernco.com/App_Themes/DEFAULT/ |
1 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
btn_r_close.gif
webauth.southernco.com/App_Themes/DEFAULT/ |
1 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
btn_r_continue.gif
webauth.southernco.com/App_Themes/DEFAULT/ |
1 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
WebFormsLogin.js
webauth.southernco.com/Scripts/ |
4 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
WebResource.axd
webauth.southernco.com/ |
23 KB 23 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
59 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture object| _tsbp_ undefined| ie9rgb4 boolean| UUG boolean| hYOsoewid10dsjsGHS_2 boolean| 5t0eyimtud object| WebAuthMessaging number| errorPending number| compactDisplay function| CloseWindow function| WL_ShowHelpWindow function| closePopup function| showPopup function| load function| displayPopup function| fnSetMessageDialogLeft object| theForm function| __doPostBack function| showTermsOfService object| WebFormsLogin function| WebForm_PostBackOptions function| WebForm_DoPostBackWithOptions object| __pendingCallbacks number| __synchronousCallBackIndex function| WebForm_DoCallback function| WebForm_CallbackComplete function| WebForm_ExecuteCallback function| WebForm_FillFirstAvailableSlot boolean| __nonMSDOMBrowser string| __theFormPostData object| __theFormPostCollection object| __callbackTextTypes function| WebForm_InitCallback function| WebForm_InitCallbackAddField function| WebForm_EncodeCallback object| __disabledControlArray function| WebForm_ReEnableControls function| WebForm_ReDisableControls function| WebForm_SimulateClick function| WebForm_FireDefaultButton function| WebForm_GetScrollX function| WebForm_GetScrollY function| WebForm_SaveScrollPositionSubmit function| WebForm_SaveScrollPositionOnSubmit function| WebForm_RestoreScrollPosition function| WebForm_TextBoxKeyHandler function| WebForm_TrimString function| WebForm_AppendToClassName function| WebForm_RemoveClassName function| WebForm_GetElementById function| WebForm_GetElementByTagName function| WebForm_GetElementsByTagName function| WebForm_GetElementDir function| WebForm_GetElementPosition function| WebForm_GetParentByTagName function| WebForm_SetElementHeight function| WebForm_SetElementWidth function| WebForm_SetElementX function| WebForm_SetElementY3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
webauthentication.southerncompany.com/ | Name: ASP.NET_SessionId Value: 5tq20qolr3kzwmpkisaqxi1a |
|
webauthentication.southerncompany.com/ | Name: ScSessionId Value: 6246178c6a4947718651453b4c1a0c55 |
|
webauthentication.southerncompany.com/ | Name: TS01c71739 Value: 01c7b4008693dbd3323de28ef0277298d5b3d18c580b0671bd38a200b1f61e0322c8bd6858ba7cc3dd88750ddfedcec451a7b4d904 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=15552000 |
X-Content-Type-Options | nosniff |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
southernco.stratustms.com
webauth.southernco.com
webauthentication.southerncompany.com
146.126.88.39
146.126.91.240
20.25.234.29
00b6b2c5ddc5cce6b96bd74068ed53c8d697bb96decbfe6c398ebc883432a7b8
20c4c6771f978b74c6a4f93be9791e8edb232a25365ce67d8718613c8ce7d75f
2bbc2e46d1c8e385a631ea16c6867e5115dc2522598f0c1c6936a9737b56dfd5
330dff265063cf5005c3ea03ecc14fdfbf742b5ff95c42d33661d598d227b266
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
44b55019a25d30f7e2b7b9e4966ce8d40aef39dd4e6e57048d0af5409506b981
473b5c2ee94bf3d6466679f4ad77677d1f5b3d5c49ed0acbbeccc597a99cc062
614688d34efe233af7c8ee7e72c767dbdb0d3d37bedf337b8779685c80ef9f8b
b82041a430f5dc972df4c643ed2f96b87e5df963b5870c71e25186423c46af57
d00a7f1149ad66baa7f828d157eebaa6153dc2a68723da7873e84975df7cb024
dbf5073c652b30511eea4099767f5bc217b6230c623c2c515da4ca489ceb832d
fd45210632f69c906802eb18d99c86aeea7c90572945b74c1bdc04880cfb7f4e