login.himarley.com
Open in
urlscan Pro
3.15.36.196
Public Scan
Effective URL: https://login.himarley.com/oauth2/aus52byplvsODiaPe4x6/v1/authorize?client_id=0oa529f6vpUpN5l1t4x6&code_challenge=KCZ2MFK5O...
Submission Tags: falconsandbox
Submission: On October 03 via api from US — Scanned from DE
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on April 7th 2020. Valid for: 2 years.
This is the only time login.himarley.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 52.206.232.136 52.206.232.136 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 35.201.112.186 35.201.112.186 | 15169 (GOOGLE) (GOOGLE) | |
1 | 13.35.253.126 13.35.253.126 | 16509 (AMAZON-02) (AMAZON-02) | |
3 | 35.186.194.58 35.186.194.58 | 15169 (GOOGLE) (GOOGLE) | |
4 | 3.15.36.196 3.15.36.196 | 16509 (AMAZON-02) (AMAZON-02) | |
9 | 143.204.98.72 143.204.98.72 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 18.66.97.111 18.66.97.111 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 52.216.237.107 52.216.237.107 | 16509 (AMAZON-02) (AMAZON-02) | |
24 | 9 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-232-136.compute-1.amazonaws.com
chat.marley.ai |
ASN15169 (GOOGLE, US)
PTR: 186.112.201.35.bc.googleusercontent.com
edge.fullstory.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-126.fra6.r.cloudfront.net
cdn.pendo.io |
ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com
rs.fullstory.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-15-36-196.us-east-2.compute.amazonaws.com
login.himarley.com |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-72.fra50.r.cloudfront.net
ok11static.oktacdn.com |
ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
marley-okta.s3.amazonaws.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
oktacdn.com
ok11static.oktacdn.com |
586 KB |
4 |
himarley.com
login.himarley.com |
9 KB |
4 |
fullstory.com
edge.fullstory.com rs.fullstory.com |
65 KB |
2 |
okta.com
login.okta.com |
97 KB |
2 |
marley.ai
chat.marley.ai |
4 MB |
1 |
amazonaws.com
marley-okta.s3.amazonaws.com |
12 KB |
1 |
pendo.io
cdn.pendo.io |
133 KB |
24 | 7 |
Domain | Requested by | |
---|---|---|
9 | ok11static.oktacdn.com |
login.himarley.com
ok11static.oktacdn.com |
4 | login.himarley.com |
edge.fullstory.com
chat.marley.ai ok11static.oktacdn.com |
3 | rs.fullstory.com |
edge.fullstory.com
|
2 | login.okta.com |
ok11static.oktacdn.com
login.okta.com |
2 | chat.marley.ai |
chat.marley.ai
|
1 | marley-okta.s3.amazonaws.com | |
1 | cdn.pendo.io |
chat.marley.ai
|
1 | edge.fullstory.com |
chat.marley.ai
|
24 | 8 |
This site contains links to these domains. Also see Links.
Domain |
---|
himarley.zendesk.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.marley.ai Amazon |
2021-09-29 - 2022-10-27 |
a year | crt.sh |
edge.fullstory.com GTS CA 1D4 |
2021-08-22 - 2021-11-20 |
3 months | crt.sh |
cdn.pendo.io Amazon |
2021-08-29 - 2022-09-27 |
a year | crt.sh |
*.fullstory.com R3 |
2021-09-21 - 2021-12-20 |
3 months | crt.sh |
login.himarley.com Sectigo RSA Domain Validation Secure Server CA |
2020-04-07 - 2022-07-10 |
2 years | crt.sh |
*.oktacdn.com DigiCert TLS RSA SHA256 2020 CA1 |
2020-12-15 - 2022-01-15 |
a year | crt.sh |
accounts.okta.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-06-24 - 2022-07-25 |
a year | crt.sh |
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2 |
2021-01-11 - 2022-02-11 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://login.himarley.com/oauth2/aus52byplvsODiaPe4x6/v1/authorize?client_id=0oa529f6vpUpN5l1t4x6&code_challenge=KCZ2MFK5O08HIpEe3_aYJof0dios-4___Ru3HVVbYRE&code_challenge_method=S256&nonce=rWfxTnxifXDvuOr9Mdb2xoCAHM6E3cEZ5ddh23ZMPJzVlTfUccjFAF9EKQRC9hwu&redirect_uri=https%3A%2F%2Fchat.marley.ai%2Flogin%2Fcallback&response_type=code&state=hUU9H2ge1z90jJhp74j3nnvbCjIHXLKGQKzncs1u9wxfkupFZAK6jsaQpCctoKEC&scope=openid%20profile%20email
Frame ID: DF7F9A31315BC80B88E5619A9A8828D8
Requests: 21 HTTP requests in this frame
Frame:
https://login.okta.com/discovery/iframe.html
Frame ID: 16EFA0D1F27C519514FD60FDE95962E7
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
himarley-prod - AnmeldenPage URL History Show full URLs
- https://chat.marley.ai/ Page URL
- https://login.himarley.com/oauth2/aus52byplvsODiaPe4x6/v1/authorize?client_id=0oa529f6vpUpN5l1t4x6&code... Page URL
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Hilfe
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://chat.marley.ai/ Page URL
- https://login.himarley.com/oauth2/aus52byplvsODiaPe4x6/v1/authorize?client_id=0oa529f6vpUpN5l1t4x6&code_challenge=KCZ2MFK5O08HIpEe3_aYJof0dios-4___Ru3HVVbYRE&code_challenge_method=S256&nonce=rWfxTnxifXDvuOr9Mdb2xoCAHM6E3cEZ5ddh23ZMPJzVlTfUccjFAF9EKQRC9hwu&redirect_uri=https%3A%2F%2Fchat.marley.ai%2Flogin%2Fcallback&response_type=code&state=hUU9H2ge1z90jJhp74j3nnvbCjIHXLKGQKzncs1u9wxfkupFZAK6jsaQpCctoKEC&scope=openid%20profile%20email Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
24 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
chat.marley.ai/ |
3 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.5490.js
chat.marley.ai/ |
4 MB 4 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fs.js
edge.fullstory.com/s/ |
210 KB 64 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pendo.js
cdn.pendo.io/agent/static/0b001513-0d2b-42c6-47bd-24eee2514b8e/ |
428 KB 133 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
page
rs.fullstory.com/rec/ |
3 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
bundle
rs.fullstory.com/rec/ |
29 B 91 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrations
rs.fullstory.com/rec/ |
0 64 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
openid-configuration
login.himarley.com/oauth2/aus52byplvsODiaPe4x6/.well-known/ Frame |
0 0 |
Preflight
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
openid-configuration
login.himarley.com/oauth2/aus52byplvsODiaPe4x6/.well-known/ |
2 KB 3 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
authorize
login.himarley.com/oauth2/aus52byplvsODiaPe4x6/v1/ |
9 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
bundle
rs.fullstory.com/rec/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
okta-sign-in.min.js
ok11static.oktacdn.com/assets/js/sdk/okta-signin-widget/3.9.2/js/ |
1 MB 349 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
okta-sign-in.min.css
ok11static.oktacdn.com/assets/js/sdk/okta-signin-widget/3.9.2/css/ |
181 KB 32 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
custom-signin.bb8f4ce4363dd17160adb27f2ab5f478.css
ok11static.oktacdn.com/assets/loginpage/css/ |
1 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
initLoginPage.pack.de2a7ed7dca23249f4ab0af3eb4c9d0a.js
ok11static.oktacdn.com/assets/js/mvc/loginpage/ |
396 KB 107 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
introspect
login.himarley.com/api/v1/authn/ |
948 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
iframe.html
login.okta.com/discovery/ Frame 16EF |
546 B 1019 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
discoveryIframe-b506e7d77d3be273b646.min.js
login.okta.com/lib/ Frame 16EF |
96 KB 96 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login_de.jsonp
ok11static.oktacdn.com/assets/js/sdk/okta-signin-widget/3.9.2/labels/jsonp/ |
42 KB 43 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
country_de.jsonp
ok11static.oktacdn.com/assets/js/sdk/okta-signin-widget/3.9.2/labels/jsonp/ |
5 KB 5 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
marley_logo2.png
marley-okta.s3.amazonaws.com/logos/ |
11 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
checkbox-sign-in-widget.png
ok11static.oktacdn.com/assets/js/sdk/okta-signin-widget/3.9.2/img/ui/forms/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
montserrat-light-webfont.woff
ok11static.oktacdn.com/assets/js/sdk/okta-signin-widget/3.9.2/font/ |
22 KB 22 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
montserrat-regular-webfont.woff
ok11static.oktacdn.com/assets/js/sdk/okta-signin-widget/3.9.2/font/ |
21 KB 22 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- rs.fullstory.com
- URL
- https://rs.fullstory.com/rec/bundle?OrgId=GF6RM&UserId=5047822657363968&SessionId=5900891410505728&PageId=5146528236806144&Seq=2&PageStart=1633290134236&PrevBundleTime=1633290134498&IsNewSession=true&SkipResponseBody=true
Verdicts & Comments Add Verdict or Comment
25 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| onbeforexrselect boolean| originAgentCluster object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| Backbone function| jQueryCourage object| u2f function| OktaSignIn function| signInSuccessCallBackFunction object| oktaData function| runLoginPage object| OktaUtil object| config object| oktaSignIn object| OktaLogin object| jQBrowser11 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
chat.marley.ai/ | Name: AWSALB Value: zK6c4NU91vRlK26LNoj0spbE31XwCtgimFIegLdqiCS25csAKItZPKR44SoMetNrURceoPJuGERcWNDl8+yD2j7hpwSaeC1qU/tZ9ai8IYpJ/c9gbLYnT3jgc0kK |
|
chat.marley.ai/ | Name: AWSALBCORS Value: zK6c4NU91vRlK26LNoj0spbE31XwCtgimFIegLdqiCS25csAKItZPKR44SoMetNrURceoPJuGERcWNDl8+yD2j7hpwSaeC1qU/tZ9ai8IYpJ/c9gbLYnT3jgc0kK |
|
.marley.ai/ | Name: fs_uid Value: rs.fullstory.com#GF6RM#5047822657363968:5900891410505728/1664826134 |
|
chat.marley.ai/ | Name: wasBrowserChecked Value: true |
|
chat.marley.ai/ | Name: okta-oauth-redirect-params Value: {%22responseType%22:%22code%22%2C%22state%22:%22hUU9H2ge1z90jJhp74j3nnvbCjIHXLKGQKzncs1u9wxfkupFZAK6jsaQpCctoKEC%22%2C%22nonce%22:%22rWfxTnxifXDvuOr9Mdb2xoCAHM6E3cEZ5ddh23ZMPJzVlTfUccjFAF9EKQRC9hwu%22%2C%22scopes%22:[%22openid%22%2C%22profile%22%2C%22email%22]%2C%22clientId%22:%220oa529f6vpUpN5l1t4x6%22%2C%22urls%22:{%22issuer%22:%22https://login.himarley.com/oauth2/aus52byplvsODiaPe4x6%22%2C%22authorizeUrl%22:%22https://login.himarley.com/oauth2/aus52byplvsODiaPe4x6/v1/authorize%22%2C%22userinfoUrl%22:%22https://login.himarley.com/oauth2/aus52byplvsODiaPe4x6/v1/userinfo%22%2C%22tokenUrl%22:%22https://login.himarley.com/oauth2/aus52byplvsODiaPe4x6/v1/token%22%2C%22revokeUrl%22:%22https://login.himarley.com/oauth2/aus52byplvsODiaPe4x6/v1/revoke%22%2C%22logoutUrl%22:%22https://login.himarley.com/oauth2/aus52byplvsODiaPe4x6/v1/logout%22}%2C%22ignoreSignature%22:false} |
|
chat.marley.ai/ | Name: okta-oauth-nonce Value: rWfxTnxifXDvuOr9Mdb2xoCAHM6E3cEZ5ddh23ZMPJzVlTfUccjFAF9EKQRC9hwu |
|
chat.marley.ai/ | Name: okta-oauth-state Value: hUU9H2ge1z90jJhp74j3nnvbCjIHXLKGQKzncs1u9wxfkupFZAK6jsaQpCctoKEC |
|
login.himarley.com/ | Name: t Value: default |
|
login.himarley.com/ | Name: DT Value: DI0HLCwfl3zQwmafjpYrU759Q |
|
login.himarley.com/ | Name: JSESSIONID Value: 5E3950D8C424684416EC47DDA1EFB728 |
|
login.himarley.com/ | Name: oktaStateToken Value: 00Z3cHEjJvxzK33lIbz0YXiqWwKSA-BNjqdU0Xsyj1 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.pendo.io
chat.marley.ai
edge.fullstory.com
login.himarley.com
login.okta.com
marley-okta.s3.amazonaws.com
ok11static.oktacdn.com
rs.fullstory.com
rs.fullstory.com
13.35.253.126
143.204.98.72
18.66.97.111
3.15.36.196
35.186.194.58
35.201.112.186
52.206.232.136
52.216.237.107
0f754c694055555ec73c36ba0c4548f0ad4439fe127024f4f39c1ddbd896c8e4
14913ab0a8d16ccf028c451ddc56a12a1a01acd35c357aff58a2afeb0d74cc10
1d5325892ecf2dc3abd0caf2a1ef4eabf2477e2937c9a372760fd2acae8fddf3
28bc2fd7eff289a5d83c38f4b08533bc752b9d368d9efe71185a5368bd9703ba
40810b0318131f9ba52c83a17e633a0ac476ade66ea8a914d6c4980571397665
423d21e324a5edcac80a5781928ee5b867a155517971311afa223fa5a6402f62
4a3a217074773bd70b1a2d7450f1a5f3c504a5bf72b8a6423839935bbec11315
6760998b4915b4bb622218322266adc246fefd8a1b5800613dae5e4a51b236db
6ad0ad11086d50749bb41cf96cf712c1e61f458b4f6844f36f4ba21960417250
74660056c596a5fee205b345b89e2ede92ef0aebbe372104880a09aa2504087c
7e0df065d0c9978769a33396accd42d8751a173cef5261e54802c96475dac4b2
9456718fc26c849fed63242644edd3e100b5eec82089d8eac271efe6614db6c6
a7c6740ed7db349a79aac4d7afad34d2c2bf04cbc55ba9df7398733308b4466e
c77077573d13833fe929c1c1f746b66830fa086b7f8c2679be8e6d8930fe77dd
d4d7e164249fdb04a8701fddb006dbdc27449b9c053d6788f88a238fa9f77362
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4400f261f73c940dbd4bfd51a76bbb230077e0f6580cec1fbf9d25691533f06
ea529b703d4233c8502c032419c0b5238ec604bf77f3f9425db9ae0a8bc17aea
f27daa844f6b3c459fdf04a0bccd7a7d1eb2e22a5211c725ddd21f6f859d7f57
f30c43a2e454543966c277e9aa3e66dc2de1948745b9fb74d0d64ba4f94861fc
f405f88b02e32b440556927a911adbcec2e804361a6f3cc9eecf2784ae91a342
feb177fb563f478cb8ecade71caea5df5ad318ca161c71875114e504ce304ace