![](/screenshots/fcc44950-209f-4ff6-ad81-e9dfd8f555d4.png)
sso.tevapharm.com
Open in
urlscan Pro
192.115.249.100
Public Scan
Effective URL: https://sso.tevapharm.com/adfs/ls/?client-request-id=5a42d990-52c7-4417-96cd-16cef1bf60b1&username=&wa=wsignin1.0&wtrealm=...
Submission Tags: falconsandbox
Submission: On July 14 via api from US — Scanned from DE
Summary
TLS certificate: Issued by Entrust Certification Authority - L1K on July 12th 2023. Valid for: a year.
This is the only time sso.tevapharm.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 2 | 2.19.224.196 2.19.224.196 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
1 3 | 2.23.209.6 2.23.209.6 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 1 | 130.214.144.214 130.214.144.214 | 35039 (SAP_CC) (SAP_CC) | |
1 1 | 18.159.128.168 18.159.128.168 | 16509 (AMAZON-02) (AMAZON-02) | |
1 2 | 2603:1026:300... 2603:1026:3000:c8::9 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 2620:1ec:bdf::45 2620:1ec:bdf::45 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
5 | 192.115.249.100 192.115.249.100 | () () | |
11 | 6 |
ASN16625 (AKAMAI-AS, US)
PTR: a2-19-224-196.deploy.static.akamaitechnologies.com
tevapharm-sandbox.plateau.com |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-23-209-6.deploy.static.akamaitechnologies.com
performancemanager.successfactors.eu |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-128-168.eu-central-1.compute.amazonaws.com
access.access-eu1.mobileiron.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
tevapharm.com
sso.tevapharm.com |
47 KB |
3 |
successfactors.eu
1 redirects
performancemanager.successfactors.eu — Cisco Umbrella Rank: 38496 |
13 KB |
2 |
microsoftonline.com
1 redirects
login.microsoftonline.com — Cisco Umbrella Rank: 23 |
13 KB |
2 |
plateau.com
1 redirects
tevapharm-sandbox.plateau.com |
3 KB |
1 |
msauth.net
aadcdn.msauth.net — Cisco Umbrella Rank: 1163 |
48 KB |
1 |
mobileiron.com
1 redirects
access.access-eu1.mobileiron.com — Cisco Umbrella Rank: 789816 |
1 KB |
1 |
ondemand.com
1 redirects
aeilxynvv.accounts.ondemand.com |
2 KB |
11 | 7 |
Domain | Requested by | |
---|---|---|
5 | sso.tevapharm.com |
aadcdn.msauth.net
sso.tevapharm.com |
3 | performancemanager.successfactors.eu |
1 redirects
performancemanager.successfactors.eu
|
2 | login.microsoftonline.com | 1 redirects |
2 | tevapharm-sandbox.plateau.com | 1 redirects |
1 | aadcdn.msauth.net |
login.microsoftonline.com
|
1 | access.access-eu1.mobileiron.com | 1 redirects |
1 | aeilxynvv.accounts.ondemand.com | 1 redirects |
11 | 7 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.plateau.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-03-03 - 2024-03-03 |
a year | crt.sh |
eu-only.successfactors.eu DigiCert TLS RSA SHA256 2020 CA1 |
2023-02-14 - 2024-02-14 |
a year | crt.sh |
stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA |
2023-06-01 - 2024-06-01 |
a year | crt.sh |
aadcdn.msauth.net DigiCert SHA2 Secure Server CA |
2023-04-28 - 2024-04-28 |
a year | crt.sh |
sso.tevapharm.com Entrust Certification Authority - L1K |
2023-07-12 - 2024-08-10 |
a year | crt.sh |
This page contains 1 frames:
Frame:
https://sso.tevapharm.com/adfs/ls/?client-request-id=5a42d990-52c7-4417-96cd-16cef1bf60b1&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAA42Kwis8oKSkottLXT0xOTi0u1oNQuqmlhnq5-UmZOamZRfl5esn5ufq-YK4nkAtSq29oZmhmkpZkqWueZJqoa2KcaKqblJhkpJtinpiSbJJklJKSZKRfXFAkxCUw4aZT1PEgcZdpZ8XOfdyfsHEWI1dJalki0FS9zJxVjLR2wiFG1WBDk-Q0c-NUE10TEwNzIGGRqpuUkmqqa2iZmpZmZpKYZJxqeoGR8QUj4y0m1uDE3ByjX0ympUV5VvmJxZnFVnmJuanFViXJVsGOvj5WhnqGYJHMFN20_KLcxBKr0rzigtTkzLTM1JRZzJyJRclpySYpSUmbmFWM0ywtDRPNk3RTEy2NdU0MzSx1k4wsknWTjc3S0oCWJhmkGF5g4XnFwmPAbMXBwSXAIMGgwPCDhXERKzDk9hnK1Lspz3PvKTSJ2rk9nuEUq362t1-puXaev5mpT1VBVFJWfoR-ubtXcKVfeKl_iWlGqaFfsVl6hXlesaGFraGV4QQ23lNsDB_YGDvYGWaxM-zipHVoH-Bl-MF3cV7L_MM9D996vOLXKc9ycfN0KQuxLE8y9QgIMTP2q7Q0jvCLCM_3SC4ziEhN8w2ucPNOC8r1LbYFAA2&RedirectToIdentityProvider=AD+AUTHORITY
Frame ID: 5405505485A9B950CF3729754943A23A
Requests: 12 HTTP requests in this frame
Screenshot
![](/screenshots/fcc44950-209f-4ff6-ad81-e9dfd8f555d4.png)
Page Title
StartbereichsermittlungPage URL History Show full URLs
- https://tevapharm-sandbox.plateau.com/ Page URL
-
https://tevapharm-sandbox.plateau.com/learning/user/login.jsp
HTTP 302
https://performancemanager.successfactors.eu/login?company=1080030T1 HTTP 302
https://performancemanager.successfactors.eu/saml2/Login?company=1080030T1&RelayState=%2Flogin%3Fcompany%3D1080030T1&_s.c... Page URL
-
https://aeilxynvv.accounts.ondemand.com/saml2/idp/sso/aeilxynvv.accounts.ondemand.com?SAMLRequest=hZJNb9wgEIb%2FCuIO...
HTTP 302
https://access.access-eu1.mobileiron.com/MobileIron/acc/16164fb9-7b5a-43a5-bab2-d7adc4b2ddb2/idp?SAMLRequest=hZLBbuMg... HTTP 302
https://login.microsoftonline.com/3f991a7b-ea93-4169-b28c-c36ff3e5b0d1/saml2?SAMLRequest=tZPPb9sgHMXv%2Byssesb... Page URL
-
https://login.microsoftonline.com/3f991a7b-ea93-4169-b28c-c36ff3e5b0d1/saml2?SAMLRequest=tZPPb9sgHMXv%2Byssesb...
HTTP 302
https://sso.tevapharm.com/adfs/ls/?client-request-id=5a42d990-52c7-4417-96cd-16cef1bf60b1&username=&wa... Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://tevapharm-sandbox.plateau.com/ Page URL
-
https://tevapharm-sandbox.plateau.com/learning/user/login.jsp
HTTP 302
https://performancemanager.successfactors.eu/login?company=1080030T1 HTTP 302
https://performancemanager.successfactors.eu/saml2/Login?company=1080030T1&RelayState=%2Flogin%3Fcompany%3D1080030T1&_s.crb=pEvgs8xl8XNTpkASVX8c664uBmED0GVmRPt9%252f%252bUpR28%253d Page URL
-
https://aeilxynvv.accounts.ondemand.com/saml2/idp/sso/aeilxynvv.accounts.ondemand.com?SAMLRequest=hZJNb9wgEIb%2FCuIOBtvK2mi90barqCv1Y9U4OfRSETxukGxwGdhN%2Fn1d76ZKD02v8M48Mw%2Bsr5%2FGgRwhoPWuoZILSsAZ31n3o6F37Q2r6PVmjXoc8kltU3x0X%2BFnAoxkLnSozjcNTcEpr9GicnoEVNGo2%2B2njyrnQk3BR2%2F8QMluLrROxwX2GOOEKss02OHp2R2PXBvjk4vIvetg1K7jxo%2FZgshsN2WI%2Fn9pSm58MLBM2tBeDwiU7HcN%2Ff5QFlVVm4pBB5qVZV2w%2Birv2WoFKyHqsi%2BkmaOICfYOo3axobnICyZWTJatzJW8UmXNa1l9o%2BRw2emddWdXbwl4OIdQfWjbAzt8uW0puX9xPgfoxbBa6OG12rcba0QIv23SzYvN0%2BnEMRkDiL020QfkkDIpKiEK0cp19pr052U%2Fz633u4MfrHkm22Hwp%2FcBdISGxpBgkTrq%2BO9hJJfLie1Yv0RVcjiBsb2FjmabC%2FbvL7T5BQ%3D%3D&RelayState=%2Flogin%3Fcompany%3D1080030T1&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=JHHbBYu9xBGKeITF%2FbGZY8xAGVvql9tw%2BzulASD5hX4vO6L1h3B0%2FtSldoIKtee2NOqlajFEJBlICpOpnF%2FRxjMYq5EWouDBlaiRYxqbC2QmuS%2FnH2iUZqpI0IGONk%2FEU4gwBZeYRPQOfjJfwt8XObPV%2F2CAunAPV3cFPFsNGis%3D
HTTP 302
https://access.access-eu1.mobileiron.com/MobileIron/acc/16164fb9-7b5a-43a5-bab2-d7adc4b2ddb2/idp?SAMLRequest=hZLBbuMgEIZfxaJnDNg42SAnUrrRaiO1u1GT3UNvGMYpkg1ZD07at1%2FHadVc2l5Ag76Rvn%2BGctnHJ%2F8A%2F3rAmCwRoYsu%2BO%2FBY99Ct4Xu6Az8ebibk6cYD6gY0%2BCa5xd%2FPKbamND7iGnwFlrtbWpCy1C3TcacPTBt8CuaJJsuxGBCc%2Bu8dX4%2FJ33nVdDoUHndAqpo1HZ5f6eylKvqAqH6udtt6Ob3dkeS1WDuvD5rX0kaA4jp5aLQi7QNlWvAdcGPlvdjuR7KM8vERExkXc3otCo0lbkuaKWrjNqptkZWmbXVmIkk69WcbIU09TQHSaXk0%2BH4BrSyUFAxg7qeSF3lUAwoYg9rj1H7OCcZz3I60ELuRKbERBU8FXzySJK%2F0OFoP0QkyXPbePx8DIfXmb3CymP2eYN%2BW%2Bx7h7wMa5jV6XRKT3kauj3LOBeMSzZA4M3NO51%2FQHPGZ2faotvfkEU5mKgxdrf4YvMlu2LLX4PyerUJjTMvyY%2FQtTp%2BnEikYnxxltYjqnqPBzCudmAJW5Ts%2Blcv%2FgM%3D&RelayState=arcfc4dbb&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=JF30y9VUQ5uS6oqJWW%2FcBCbIdXWb7diZCnEp%2BpEzCwC%2BfprRv9DSP7FwX%2Bvk9biWfL%2Bn9HEUUf1PzgBy%2F0lcEigA%2F6CxSjQM5Q33pbIdgawnfOI8cqZwkcHwFrSIVkyD%2FDMP7cpPOD6YSGQk8lkXOvzwIFZ%2FDUAs9r6pzSOR%2BWpYnSko20Tee00INcQXyw4csIuq5pFNv2etYiAr2bQe7wB%2BFBjk5yO979154kgTQuJwiRGKPSRbpvE9Rjb6gb8yzr%2BkbKwd944g0TsaAyn5hNfxlBsimyTOxw1yuBXPVH%2Flh1x%2BEgYHcEgR1FGvYxNUZJTbGSK8wOPyss0u483ing%3D%3D HTTP 302
https://login.microsoftonline.com/3f991a7b-ea93-4169-b28c-c36ff3e5b0d1/saml2?SAMLRequest=tZPPb9sgHMXv%2Byssesb8MHFi5LjKFlWL1G5Rk%2FawG2CcItmQGdxs%2F32Jk6i9tNoOvRiBPs%2Ffp%2FegvP7Ttcmz7r1xdg5IikGirXK1sbs5eNjewBm4rr6UiyE82Xv9e9A%2BJAvvdR%2Bi4Juzfuh0v9H9s1H64f52Dp5C2HuOkFBKe5%2BeFqgHknZOmlab3tlUuQ7djdtV3B5ZRHKSs0YWcConArJMTKAUksJ6KmrFJK1rSZHfg2QZLRgrwmj4Mq11O2PTzqjeedcEZ1tj9Tgma4qCiKmEWhQZZCQvoKQzBVWWN02mJxLXBHnRtRQkq%2BUcbAhTzTTTDDKGp%2FEz01DWegJJoZsmZ0JGUUS9H%2FTK%2BiBsmAOKaQYjTdiWUE5yPsEpwfkvkKx7F5xy7VdjT5kOveVOeOO5FZ32PCi%2BWdzdcppiLk%2BQ59%2B32zVc%2F9xsQfJ46YYeu4ltWf%2FxT%2FbniWeYW08%2FFohLna%2BK7JRsDPZwOKSHLHX9DlGMMcIFilDtze7qFWfv4ARhdsTjjboCVTmmzMfk%2BrN2PPpXe9Un360SvXVYlT%2Bil9Vy7Vqj%2FiY3ru9EeN8qScl4YmrYjCgfrN9rZRqj6%2F8rDlUlevvgqhc%3D&RelayState=arcfc4dbb&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=iAnwnJzCj3BuITZIPOKQ6n7MA7T1qozpgiTCGZHqulMpS0silnw8DULoH%2FWU9w8ayFNVbVkYO9LahVsxdH6uu4dWuamqJnqAI6edjgxVRd8exsqIT01fxrVKVPA8OYN0b1uUUAeNqCJURpb4CSK3jw8gC9%2BTMHJarYGMj0NkNKIS0Sh0U%2BO4SMvesaoj6dWhQcw0WlpI5y%2FO0jwtCGQ3bZaaEYwK8ffk2%2FcBXyBCfbpxmbZUeRAzCTOGK6NGEg%2Fjw7qrViCOsGQWNsOTCJExqAJFGFcMS%2Byc1rnMl7%2BQTjhBCERUFbS0p3WVir5HrIfgFhzCUXIcHvKHOP1Qfxrz2Q%3D%3D Page URL
-
https://login.microsoftonline.com/3f991a7b-ea93-4169-b28c-c36ff3e5b0d1/saml2?SAMLRequest=tZPPb9sgHMXv%2Byssesb8MHFi5LjKFlWL1G5Rk%2FawG2CcItmQGdxs%2F32Jk6i9tNoOvRiBPs%2Ffp%2FegvP7Ttcmz7r1xdg5IikGirXK1sbs5eNjewBm4rr6UiyE82Xv9e9A%2BJAvvdR%2Bi4Juzfuh0v9H9s1H64f52Dp5C2HuOkFBKe5%2BeFqgHknZOmlab3tlUuQ7djdtV3B5ZRHKSs0YWcConArJMTKAUksJ6KmrFJK1rSZHfg2QZLRgrwmj4Mq11O2PTzqjeedcEZ1tj9Tgma4qCiKmEWhQZZCQvoKQzBVWWN02mJxLXBHnRtRQkq%2BUcbAhTzTTTDDKGp%2FEz01DWegJJoZsmZ0JGUUS9H%2FTK%2BiBsmAOKaQYjTdiWUE5yPsEpwfkvkKx7F5xy7VdjT5kOveVOeOO5FZ32PCi%2BWdzdcppiLk%2BQ59%2B32zVc%2F9xsQfJ46YYeu4ltWf%2FxT%2FbniWeYW08%2FFohLna%2BK7JRsDPZwOKSHLHX9DlGMMcIFilDtze7qFWfv4ARhdsTjjboCVTmmzMfk%2BrN2PPpXe9Un360SvXVYlT%2Bil9Vy7Vqj%2FiY3ru9EeN8qScl4YmrYjCgfrN9rZRqj6%2F8rDlUlevvgqhc%3D&RelayState=arcfc4dbb&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=iAnwnJzCj3BuITZIPOKQ6n7MA7T1qozpgiTCGZHqulMpS0silnw8DULoH%2FWU9w8ayFNVbVkYO9LahVsxdH6uu4dWuamqJnqAI6edjgxVRd8exsqIT01fxrVKVPA8OYN0b1uUUAeNqCJURpb4CSK3jw8gC9%2BTMHJarYGMj0NkNKIS0Sh0U%2BO4SMvesaoj6dWhQcw0WlpI5y%2FO0jwtCGQ3bZaaEYwK8ffk2%2FcBXyBCfbpxmbZUeRAzCTOGK6NGEg%2Fjw7qrViCOsGQWNsOTCJExqAJFGFcMS%2Byc1rnMl7%2BQTjhBCERUFbS0p3WVir5HrIfgFhzCUXIcHvKHOP1Qfxrz2Q%3D%3D&sso_reload=true
HTTP 302
https://sso.tevapharm.com/adfs/ls/?client-request-id=5a42d990-52c7-4417-96cd-16cef1bf60b1&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAA42Kwis8oKSkottLXT0xOTi0u1oNQuqmlhnq5-UmZOamZRfl5esn5ufq-YK4nkAtSq29oZmhmkpZkqWueZJqoa2KcaKqblJhkpJtinpiSbJJklJKSZKRfXFAkxCUw4aZT1PEgcZdpZ8XOfdyfsHEWI1dJalki0FS9zJxVjLR2wiFG1WBDk-Q0c-NUE10TEwNzIGGRqpuUkmqqa2iZmpZmZpKYZJxqeoGR8QUj4y0m1uDE3ByjX0ympUV5VvmJxZnFVnmJuanFViXJVsGOvj5WhnqGYJHMFN20_KLcxBKr0rzigtTkzLTM1JRZzJyJRclpySYpSUmbmFWM0ywtDRPNk3RTEy2NdU0MzSx1k4wsknWTjc3S0oCWJhmkGF5g4XnFwmPAbMXBwSXAIMGgwPCDhXERKzDk9hnK1Lspz3PvKTSJ2rk9nuEUq362t1-puXaev5mpT1VBVFJWfoR-ubtXcKVfeKl_iWlGqaFfsVl6hXlesaGFraGV4QQ23lNsDB_YGDvYGWaxM-zipHVoH-Bl-MF3cV7L_MM9D996vOLXKc9ycfN0KQuxLE8y9QgIMTP2q7Q0jvCLCM_3SC4ziEhN8w2ucPNOC8r1LbYFAA2 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 1- https://tevapharm-sandbox.plateau.com/learning/user/login.jsp HTTP 302
- https://performancemanager.successfactors.eu/login?company=1080030T1 HTTP 302
- https://performancemanager.successfactors.eu/saml2/Login?company=1080030T1&RelayState=%2Flogin%3Fcompany%3D1080030T1&_s.crb=pEvgs8xl8XNTpkASVX8c664uBmED0GVmRPt9%252f%252bUpR28%253d
- https://aeilxynvv.accounts.ondemand.com/saml2/idp/sso/aeilxynvv.accounts.ondemand.com?SAMLRequest=hZJNb9wgEIb%2FCuIOBtvK2mi90barqCv1Y9U4OfRSETxukGxwGdhN%2Fn1d76ZKD02v8M48Mw%2Bsr5%2FGgRwhoPWuoZILSsAZ31n3o6F37Q2r6PVmjXoc8kltU3x0X%2BFnAoxkLnSozjcNTcEpr9GicnoEVNGo2%2B2njyrnQk3BR2%2F8QMluLrROxwX2GOOEKss02OHp2R2PXBvjk4vIvetg1K7jxo%2FZgshsN2WI%2Fn9pSm58MLBM2tBeDwiU7HcN%2Ff5QFlVVm4pBB5qVZV2w%2Birv2WoFKyHqsi%2BkmaOICfYOo3axobnICyZWTJatzJW8UmXNa1l9o%2BRw2emddWdXbwl4OIdQfWjbAzt8uW0puX9xPgfoxbBa6OG12rcba0QIv23SzYvN0%2BnEMRkDiL020QfkkDIpKiEK0cp19pr052U%2Fz633u4MfrHkm22Hwp%2FcBdISGxpBgkTrq%2BO9hJJfLie1Yv0RVcjiBsb2FjmabC%2FbvL7T5BQ%3D%3D&RelayState=%2Flogin%3Fcompany%3D1080030T1&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=JHHbBYu9xBGKeITF%2FbGZY8xAGVvql9tw%2BzulASD5hX4vO6L1h3B0%2FtSldoIKtee2NOqlajFEJBlICpOpnF%2FRxjMYq5EWouDBlaiRYxqbC2QmuS%2FnH2iUZqpI0IGONk%2FEU4gwBZeYRPQOfjJfwt8XObPV%2F2CAunAPV3cFPFsNGis%3D HTTP 302
- https://access.access-eu1.mobileiron.com/MobileIron/acc/16164fb9-7b5a-43a5-bab2-d7adc4b2ddb2/idp?SAMLRequest=hZLBbuMgEIZfxaJnDNg42SAnUrrRaiO1u1GT3UNvGMYpkg1ZD07at1%2FHadVc2l5Ag76Rvn%2BGctnHJ%2F8A%2F3rAmCwRoYsu%2BO%2FBY99Ct4Xu6Az8ebibk6cYD6gY0%2BCa5xd%2FPKbamND7iGnwFlrtbWpCy1C3TcacPTBt8CuaJJsuxGBCc%2Bu8dX4%2FJ33nVdDoUHndAqpo1HZ5f6eylKvqAqH6udtt6Ob3dkeS1WDuvD5rX0kaA4jp5aLQi7QNlWvAdcGPlvdjuR7KM8vERExkXc3otCo0lbkuaKWrjNqptkZWmbXVmIkk69WcbIU09TQHSaXk0%2BH4BrSyUFAxg7qeSF3lUAwoYg9rj1H7OCcZz3I60ELuRKbERBU8FXzySJK%2F0OFoP0QkyXPbePx8DIfXmb3CymP2eYN%2BW%2Bx7h7wMa5jV6XRKT3kauj3LOBeMSzZA4M3NO51%2FQHPGZ2faotvfkEU5mKgxdrf4YvMlu2LLX4PyerUJjTMvyY%2FQtTp%2BnEikYnxxltYjqnqPBzCudmAJW5Ts%2Blcv%2FgM%3D&RelayState=arcfc4dbb&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=JF30y9VUQ5uS6oqJWW%2FcBCbIdXWb7diZCnEp%2BpEzCwC%2BfprRv9DSP7FwX%2Bvk9biWfL%2Bn9HEUUf1PzgBy%2F0lcEigA%2F6CxSjQM5Q33pbIdgawnfOI8cqZwkcHwFrSIVkyD%2FDMP7cpPOD6YSGQk8lkXOvzwIFZ%2FDUAs9r6pzSOR%2BWpYnSko20Tee00INcQXyw4csIuq5pFNv2etYiAr2bQe7wB%2BFBjk5yO979154kgTQuJwiRGKPSRbpvE9Rjb6gb8yzr%2BkbKwd944g0TsaAyn5hNfxlBsimyTOxw1yuBXPVH%2Flh1x%2BEgYHcEgR1FGvYxNUZJTbGSK8wOPyss0u483ing%3D%3D HTTP 302
- https://login.microsoftonline.com/3f991a7b-ea93-4169-b28c-c36ff3e5b0d1/saml2?SAMLRequest=tZPPb9sgHMXv%2Byssesb8MHFi5LjKFlWL1G5Rk%2FawG2CcItmQGdxs%2F32Jk6i9tNoOvRiBPs%2Ffp%2FegvP7Ttcmz7r1xdg5IikGirXK1sbs5eNjewBm4rr6UiyE82Xv9e9A%2BJAvvdR%2Bi4Juzfuh0v9H9s1H64f52Dp5C2HuOkFBKe5%2BeFqgHknZOmlab3tlUuQ7djdtV3B5ZRHKSs0YWcConArJMTKAUksJ6KmrFJK1rSZHfg2QZLRgrwmj4Mq11O2PTzqjeedcEZ1tj9Tgma4qCiKmEWhQZZCQvoKQzBVWWN02mJxLXBHnRtRQkq%2BUcbAhTzTTTDDKGp%2FEz01DWegJJoZsmZ0JGUUS9H%2FTK%2BiBsmAOKaQYjTdiWUE5yPsEpwfkvkKx7F5xy7VdjT5kOveVOeOO5FZ32PCi%2BWdzdcppiLk%2BQ59%2B32zVc%2F9xsQfJ46YYeu4ltWf%2FxT%2FbniWeYW08%2FFohLna%2BK7JRsDPZwOKSHLHX9DlGMMcIFilDtze7qFWfv4ARhdsTjjboCVTmmzMfk%2BrN2PPpXe9Un360SvXVYlT%2Bil9Vy7Vqj%2FiY3ru9EeN8qScl4YmrYjCgfrN9rZRqj6%2F8rDlUlevvgqhc%3D&RelayState=arcfc4dbb&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=iAnwnJzCj3BuITZIPOKQ6n7MA7T1qozpgiTCGZHqulMpS0silnw8DULoH%2FWU9w8ayFNVbVkYO9LahVsxdH6uu4dWuamqJnqAI6edjgxVRd8exsqIT01fxrVKVPA8OYN0b1uUUAeNqCJURpb4CSK3jw8gC9%2BTMHJarYGMj0NkNKIS0Sh0U%2BO4SMvesaoj6dWhQcw0WlpI5y%2FO0jwtCGQ3bZaaEYwK8ffk2%2FcBXyBCfbpxmbZUeRAzCTOGK6NGEg%2Fjw7qrViCOsGQWNsOTCJExqAJFGFcMS%2Byc1rnMl7%2BQTjhBCERUFbS0p3WVir5HrIfgFhzCUXIcHvKHOP1Qfxrz2Q%3D%3D
- https://sso.tevapharm.com/adfs/ls/?client-request-id=5a42d990-52c7-4417-96cd-16cef1bf60b1&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAA42Kwis8oKSkottLXT0xOTi0u1oNQuqmlhnq5-UmZOamZRfl5esn5ufq-YK4nkAtSq29oZmhmkpZkqWueZJqoa2KcaKqblJhkpJtinpiSbJJklJKSZKRfXFAkxCUw4aZT1PEgcZdpZ8XOfdyfsHEWI1dJalki0FS9zJxVjLR2wiFG1WBDk-Q0c-NUE10TEwNzIGGRqpuUkmqqa2iZmpZmZpKYZJxqeoGR8QUj4y0m1uDE3ByjX0ympUV5VvmJxZnFVnmJuanFViXJVsGOvj5WhnqGYJHMFN20_KLcxBKr0rzigtTkzLTM1JRZzJyJRclpySYpSUmbmFWM0ywtDRPNk3RTEy2NdU0MzSx1k4wsknWTjc3S0oCWJhmkGF5g4XnFwmPAbMXBwSXAIMGgwPCDhXERKzDk9hnK1Lspz3PvKTSJ2rk9nuEUq362t1-puXaev5mpT1VBVFJWfoR-ubtXcKVfeKl_iWlGqaFfsVl6hXlesaGFraGV4QQ23lNsDB_YGDvYGWaxM-zipHVoH-Bl-MF3cV7L_MM9D996vOLXKc9ycfN0KQuxLE8y9QgIMTP2q7Q0jvCLCM_3SC4ziEhN8w2ucPNOC8r1LbYFAA2 HTTP 302
- https://sso.tevapharm.com/adfs/ls/?client-request-id=5a42d990-52c7-4417-96cd-16cef1bf60b1&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAA42Kwis8oKSkottLXT0xOTi0u1oNQuqmlhnq5-UmZOamZRfl5esn5ufq-YK4nkAtSq29oZmhmkpZkqWueZJqoa2KcaKqblJhkpJtinpiSbJJklJKSZKRfXFAkxCUw4aZT1PEgcZdpZ8XOfdyfsHEWI1dJalki0FS9zJxVjLR2wiFG1WBDk-Q0c-NUE10TEwNzIGGRqpuUkmqqa2iZmpZmZpKYZJxqeoGR8QUj4y0m1uDE3ByjX0ympUV5VvmJxZnFVnmJuanFViXJVsGOvj5WhnqGYJHMFN20_KLcxBKr0rzigtTkzLTM1JRZzJyJRclpySYpSUmbmFWM0ywtDRPNk3RTEy2NdU0MzSx1k4wsknWTjc3S0oCWJhmkGF5g4XnFwmPAbMXBwSXAIMGgwPCDhXERKzDk9hnK1Lspz3PvKTSJ2rk9nuEUq362t1-puXaev5mpT1VBVFJWfoR-ubtXcKVfeKl_iWlGqaFfsVl6hXlesaGFraGV4QQ23lNsDB_YGDvYGWaxM-zipHVoH-Bl-MF3cV7L_MM9D996vOLXKc9ycfN0KQuxLE8y9QgIMTP2q7Q0jvCLCM_3SC4ziEhN8w2ucPNOC8r1LbYFAA2&RedirectToIdentityProvider=AD+AUTHORITY
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
tevapharm-sandbox.plateau.com/ |
68 B 577 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Login
performancemanager.successfactors.eu/saml2/ Redirect Chain
|
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
perflog-lib.min.js
performancemanager.successfactors.eu/verp/vmod_v1/ui/perflog-lib/resources_1.0.18/ |
37 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
saml2
login.microsoftonline.com/3f991a7b-ea93-4169-b28c-c36ff3e5b0d1/ Redirect Chain
|
20 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BssoInterrupt_Core_Idq2Hj-dVynnBd7zEp44UQ2.js
aadcdn.msauth.net/shared/1.0/content/js/ |
135 KB 48 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
/
sso.tevapharm.com/adfs/ls/ Redirect Chain
|
23 KB 24 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
sso.tevapharm.com/adfs/portal/css/ |
10 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.jpg
sso.tevapharm.com/adfs/portal/logo/ |
8 KB 9 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
idp.png
sso.tevapharm.com/adfs/portal/images/idp/ |
931 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
localsts.png
sso.tevapharm.com/adfs/portal/images/idp/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
sso.tevapharm.com/adfs/ls/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- sso.tevapharm.com
- URL
- https://sso.tevapharm.com/adfs/ls/?client-request-id=5a42d990-52c7-4417-96cd-16cef1bf60b1&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAA42Kwis8oKSkottLXT0xOTi0u1oNQuqmlhnq5-UmZOamZRfl5esn5ufq-YK4nkAtSq29oZmhmkpZkqWueZJqoa2KcaKqblJhkpJtinpiSbJJklJKSZKRfXFAkxCUw4aZT1PEgcZdpZ8XOfdyfsHEWI1dJalki0FS9zJxVjLR2wiFG1WBDk-Q0c-NUE10TEwNzIGGRqpuUkmqqa2iZmpZmZpKYZJxqeoGR8QUj4y0m1uDE3ByjX0ympUV5VvmJxZnFVnmJuanFViXJVsGOvj5WhnqGYJHMFN20_KLcxBKr0rzigtTkzLTM1JRZzJyJRclpySYpSUmbmFWM0ywtDRPNk3RTEy2NdU0MzSx1k4wsknWTjc3S0oCWJhmkGF5g4XnFwmPAbMXBwSXAIMGgwPCDhXERKzDk9hnK1Lspz3PvKTSJ2rk9nuEUq362t1-puXaev5mpT1VBVFJWfoR-ubtXcKVfeKl_iWlGqaFfsVl6hXlesaGFraGV4QQ23lNsDB_YGDvYGWaxM-zipHVoH-Bl-MF3cV7L_MM9D996vOLXKc9ycfN0KQuxLE8y9QgIMTP2q7Q0jvCLCM_3SC4ziEhN8w2ucPNOC8r1LbYFAA2&RedirectToIdentityProvider=AD+AUTHORITY
Verdicts & Comments Add Verdict or Comment
5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| onbeforetoggle object| onscrollend function| HRDErrors function| InputUtil19 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
tevapharm-sandbox.plateau.com/learning | Name: JSESSIONID Value: 0717732901795DEE64E137F5BCCB027C |
|
tevapharm-sandbox.plateau.com/ | Name: BIGipServerorigin-dc57-preview.lms.plateau.com Value: 60176650.20480.0000 |
|
tevapharm-sandbox.plateau.com/ | Name: BIGipServerP_lms_sapsf_com_80 Value: !c5rvvPsMTQebvLdy8EfjK/c0EpRQOGegdGz4OSa8bYhUsRrR03KKo3f0exUcUIrlEaybERq0eG4x2A== |
|
tevapharm-sandbox.plateau.com/ | Name: route Value: 647ccc52d771ea2e5eedc835d817a73b20da556f |
|
tevapharm-sandbox.plateau.com/ | Name: JSESSIONID Value: 0717732901795DEE64E137F5BCCB027C |
|
performancemanager.successfactors.eu/ | Name: route Value: f50f68ba623b53a23a2983b06c4581ad2ecf0ca4 |
|
performancemanager.successfactors.eu/ | Name: bizxCompanyId Value: 1080030T1 |
|
performancemanager.successfactors.eu/ | Name: JSESSIONID Value: 7F9204061D4EA19FC60D27AE8E8EC09A.pc57bcf39 |
|
performancemanager.successfactors.eu/ | Name: BIGipServerhcm57.sapsf.com Value: 210254090.20480.0000 |
|
performancemanager.successfactors.eu/ | Name: oiosaml-fragment Value: |
|
aeilxynvv.accounts.ondemand.com/ | Name: arcfc4dbb Value: AAAADB1eNlmWoqkRy%2FfqmIECOOa3cEyZVCSR3xUiRmZjGZQ1NmHuHxyt8u47eVIYPRN1Diz2anY%2Bpjr50Sr2Yd3Rwu4FI67jPWXTBPSbN1lQ%2BXsepJbwxwW8aDvpZev3dESLRs9tTF8jfKbyeie%2FwbO2YLmjdE03IC6vhjgDRH98nc%2BdFFFCvJjpTgmDUD9SJJTw1fH9x%2BR2w8iVgnEcfFz1FHOrg7H%2FBf4EY6yljAzgbBJaDZ7WxsQPI20chrLVqlV5kkE8QeFIesJTn5TusbBQZ22NMHIIIwXvYemeEtttPTpZYVI%2BtoTMPldDl%2BiJ3SMzd3kvCAQfN67aoCgvjaXI1lZ25Wp7IGXB9OE9%2BjomWMmvHRRIrqB98VZd5x0s1YXP%2B6T9NGU6glblJ%2FSfFdB9Xnd33q7kYbMlxvmd4iWIAV0NqGU4zoUsDRS5m6j0%2BWcfUOU0op2o2HEmSF4AZy0y4CkYW3xUuxypM34ZgWib4faIuRKVPsDDxIxtbtWe0dKfZVhVsWDn9Nc16xwiZygEJi%2BtHggiQiclrHpZKccpRzZZVfzkYwoVqvtmWvwrDdHtukYeldf1Scum%2FG%2FaiDZ%2FEvCytQL7Zgn38zcW%2B%2FfPj5qQR6LjMwzZSWhn2QfSIrleVJQYEnXn4xIgi%2B6IeFEEKpi63TRVkaJ8REPeSSo%3D |
|
login.microsoftonline.com/ | Name: x-ms-gateway-slice Value: estsfd |
|
login.microsoftonline.com/ | Name: stsservicecookie Value: estsfd |
|
.login.microsoftonline.com/ | Name: AADSSO Value: NA|NoExtension |
|
login.microsoftonline.com/ | Name: SSOCOOKIEPULLED Value: 1 |
|
login.microsoftonline.com/ | Name: buid Value: 0.AYIAexqZP5PqaUGyjMNv8-Ww0TaukWByaGRCvS8cMxzjbzCCAAA.AQABAAEAAAD--DLA3VO7QrddgJg7Wevr6qHKeYIl-RbxEWQFo_Hdd_Q5x323fGvRVXLjY1moQO6-Q2J3S-G_2-jD2ltA2XlgCJ-PithJscATglVj9Iw7oKfDG5pD4rdBoSVGN7je3-YgAA |
|
.login.microsoftonline.com/ | Name: ESTSWCTXFLOWTOKEN Value: AQABAAEAAAD--DLA3VO7QrddgJg7WevrxzjK87X0cozZEc9Ti0GGu8CRq87XCWuzYMX49DPYA6RUoByRwdZSssLNpXCQ5LdGlAvMNJLZgSe13WCJWfV3PZy-rlMHUBHewNwSdIjswOKZe1wCyqE15022suOJCrANaI0n0_53ulL6GAJg5xyk-kOQYKq8iFkuIwAk8Vp4hO1IQON4NLy4UpXmEzsUPfbNKHib2qXTa-rLJA9Y7-FESic_SNGsnvN-DhRjHzNiybQySBUSRKdPsrKXBI0-boO04quXu5enLFiGGM5S9WzxWGbxFVP5Hs_me8bsFFwlQBdYMdSw4KW1_x_zyHdZqNud9MFFBOoM4Rd5TaLMewYFmI2AR9a3vGhjfZrfRQj4gBScaHeoTBFypzVpj3WMo867PwSs_EA2QHc48k_g5OZ4xB4U2jwSrFpu4eUCvdWwZ6CUqe86CMaiAyx_U243QfAchskfQc-EMJFy4nfQwfaL_RcOHIgUdUNd9oMnkWIe129P0qO7_UW5B5KgFMtKXHwIoN9CIv2iZKckIzAQdUkfX6BLnIVoCJxeuFukp6Yd2Axll03bxO-rPLIyiw1p8u0cq04YeAejlwQNC3LetrEK6doqcqDVgC12wUqffvuXgGI0iiKk_bhi_UVgIU3Js5_Ft3ITyCGre4KRj7oPbscOtCAA |
|
login.microsoftonline.com/ | Name: fpc Value: AteDZNvotNBGs4BFmBUTZhYOfFheAQAAALEzQ9wOAAAA |
|
.login.microsoftonline.com/ | Name: esctx Value: PAQABAAEAAAD--DLA3VO7QrddgJg7WevrTW88JdR4tfhhLKjl9wQUztC8zQQBlWplAif5n2J97eMmS5iNfSvd7ggt80i8wSpGBaeookjnWlZdb_G53ezA5OJlXWzcOnfbasdutM1iswwgvwnRuR79OLcKKL2a5xvIi9mtz8i3Nt2FQj5QQWhuG3EYHkp9nOAQMLobz2o9D7AgAA |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aadcdn.msauth.net
access.access-eu1.mobileiron.com
aeilxynvv.accounts.ondemand.com
login.microsoftonline.com
performancemanager.successfactors.eu
sso.tevapharm.com
tevapharm-sandbox.plateau.com
sso.tevapharm.com
130.214.144.214
18.159.128.168
192.115.249.100
2.19.224.196
2.23.209.6
2603:1026:3000:c8::9
2620:1ec:bdf::45
158bd5a511a99d87a8cd79f9a9f3ba7eacb2167194697537a614c56f1d409bf1