adfs.andersencorp.com
Open in
urlscan Pro
158.107.48.160
Public Scan
Submission Tags: @phishunt_io
Submission: On October 22 via api from ES
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on April 26th 2019. Valid for: 2 years.
This is the only time adfs.andersencorp.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
4 | 158.107.48.160 158.107.48.160 | 7018 (ATT-INTER...) (ATT-INTERNET4) | |
4 | 1 |
ASN7018 (ATT-INTERNET4, US)
PTR: intranet.andersencorp.com
adfs.andersencorp.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
andersencorp.com
adfs.andersencorp.com |
1 MB |
4 | 1 |
Domain | Requested by | |
---|---|---|
4 | adfs.andersencorp.com |
adfs.andersencorp.com
|
4 | 1 |
This site contains links to these domains. Also see Links.
Domain |
---|
dms.andersenwindows.com |
www.andersencorporation.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.andersencorp.com Sectigo RSA Domain Validation Secure Server CA |
2019-04-26 - 2021-06-02 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://adfs.andersencorp.com/adfs/oauth2/authorize?response_type=code&client_id=839f015c-56f4-4346-9d4c-657cd915c9e8&redirect_uri=https://azprodcd1-coe.andersenwindows.com/Auth/ADFS.aspx&resource=https://azprodcd1-coe.andersenwindows.com
Frame ID: 8DBAED6184F0DE553C2592927308CB70
Requests: 4 HTTP requests in this frame
Screenshot
Detected technologies
Microsoft HTTPAPI (Web Servers) ExpandDetected patterns
- headers server /Microsoft-HTTPAPI(?:\/([\d.]+))?/i
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
Title: Forgot your Password?
Search URL Search Domain Scan URL
Title: Corporate
Search URL Search Domain Scan URL
Title: Privacy
Search URL Search Domain Scan URL
Title: Terms & Conditions
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
4 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
authorize
adfs.andersencorp.com/adfs/oauth2/ |
45 KB 46 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
adfs.andersencorp.com/adfs/portal/css/ |
8 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.png
adfs.andersencorp.com/adfs/portal/logo/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
illustration.jpg
adfs.andersencorp.com/adfs/portal/illustration/ |
1012 KB 1012 KB |
Image
image/jpg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
80 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes function| LoginErrors number| maxPasswordLength function| InputUtil function| SelectOption function| Login undefined| emails undefined| msViewportStyle object| errors undefined| errordetails undefined| url undefined| errormessage undefined| viewport function| getStyle object| signOutArea undefined| RETURN_TO function| getUrlParameter object| IDM_IDENTIFIERS object| SILVERLINE_IDENTIFIERS object| CORNERSTONE_IDENTIFIERS object| CONCUR_IDENTIFIERS object| COE_IDENTIFIERS object| ARAS_IDENTIFIERS object| ANDERSEN_ACCESS_IDENTIFIERS object| ANDERSEN_IQ_IDENTIFIERS object| THD_IDENTIFIERS object| RBA_IDENTIFIERS object| MYTRADE_IDENTIFIER object| WINDOWCARE_IDENTIFIERS object| SALESFORCE_IDENTIFIERS object| TRADE_IDENTIFIERS string| DEFAULT_AUTHENTICATION_ERROR_PREFIX string| SIGN_OUT_TEXT string| requestedURL string| referrerUrl string| relayState object| COMMON_CONFIGURATION object| CUSTOM_CONFIGURATION object| ENVIRONMENT_CONFIGURATION object| DEV_CONFIGURATION object| STAGE_CONFIGURATION object| PROD_CONFIGURATION object| appliedConfiguration function| getEnvironmentConfigurationFor function| isDestinedForURL function| isDestinedForCornerstone function| isDestinedForTrade function| isDestinedForConcur function| isDestinedForCOE function| isDestinedForTHD function| isDestinedForAndersenAccess function| isDestinedForSalesforce function| isDestinedForWindowcare function| isDestinedForMyTrade function| isDestinedForAndersenIQ function| isDestinedForIDM function| isDestinedForARAS function| isDestinedForSilverline function| isDestinedForRBA function| isPageCustomized object| corporateLogo undefined| customLogo undefined| customLogoAltText object| backgroundImage undefined| customBackground function| computeLoadIllustration object| signoutArea undefined| instruction object| loginMessage string| newMessage object| introductionText string| originalIntroductionText string| newIntroduction string| REGISTER_URL string| REGISTER_TEXT object| userIdInputField object| footerText0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Frame-Options | DENY |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
adfs.andersencorp.com
158.107.48.160
4bb6af86cce06630c852cb827275410e8409b334492b2c2c532f3f2e6afee16a
59a862b99d96309d64a845acfd51601e3975e6bea33e3e61f3f8a842dd097118
aed7518ff3aadfe883b4cd16ca4e0a9c515ac0e2f2d9d010c8d5f50a6a98b846
ba765c73160d544cdda5489b3a98ddbbab2822206de0bcce814e21a6e8e9eea0