authgateway3.entiam.uhg.com
Open in
urlscan Pro
168.183.44.50
Public Scan
Effective URL: https://authgateway3.entiam.uhg.com/idp/SSO.saml2
Submission: On November 24 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by COMODO RSA Organization Validation Se... on July 11th 2022. Valid for: a year.
This is the only time authgateway3.entiam.uhg.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 161.249.243.146 161.249.243.146 | 10879 (UHC) (UHC) | |
1 | 15.197.253.65 15.197.253.65 | 16509 (AMAZON-02) (AMAZON-02) | |
3 | 13.225.78.81 13.225.78.81 | 16509 (AMAZON-02) (AMAZON-02) | |
7 | 52.20.185.91 52.20.185.91 | 14618 (AMAZON-AES) (AMAZON-AES) | |
4 | 168.183.44.50 168.183.44.50 | () () | |
15 | 4 |
ASN16509 (AMAZON-02, US)
PTR: a904c371d9946c759.awsglobalaccelerator.com
advisory-members.okta.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-81.fra2.r.cloudfront.net
ok4static.oktacdn.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-185-91.compute-1.amazonaws.com
onelogin.advisory.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
advisory.com
1 redirects
onelogin.internal.advisory.com onelogin.advisory.com |
87 KB |
4 |
uhg.com
authgateway3.entiam.uhg.com |
33 KB |
3 |
oktacdn.com
ok4static.oktacdn.com — Cisco Umbrella Rank: 16341 |
105 KB |
1 |
okta.com
advisory-members.okta.com |
7 KB |
15 | 4 |
Domain | Requested by | |
---|---|---|
7 | onelogin.advisory.com |
advisory-members.okta.com
onelogin.advisory.com |
4 | authgateway3.entiam.uhg.com |
authgateway3.entiam.uhg.com
|
3 | ok4static.oktacdn.com |
advisory-members.okta.com
|
1 | advisory-members.okta.com | |
1 | onelogin.internal.advisory.com | 1 redirects |
15 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.okta.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-04-07 - 2023-04-07 |
a year | crt.sh |
*.oktacdn.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-12-22 - 2023-01-22 |
a year | crt.sh |
onelogin.advisory.com COMODO RSA Organization Validation Secure Server CA |
2022-08-08 - 2023-08-08 |
a year | crt.sh |
authgateway3.entiam.uhg.com COMODO RSA Organization Validation Secure Server CA |
2022-07-11 - 2023-07-11 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://authgateway3.entiam.uhg.com/idp/SSO.saml2
Frame ID: E11DD4357588E70417D7279CCA336D59
Requests: 8 HTTP requests in this frame
Frame:
https://onelogin.advisory.com/spinner
Frame ID: 56B1BDB8F0678E603B8F31C931DD6797
Requests: 7 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://onelogin.internal.advisory.com/
HTTP 302
https://advisory-members.okta.com/sso/saml2/0oaa4kx5x9q7huHBs1t7/home/theadvisoryboardplatformprod_uhgmsidauth... Page URL
- https://authgateway3.entiam.uhg.com/idp/SSO.saml2 Page URL
Detected technologies
jQuery (JavaScript Libraries) ExpandDetected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://onelogin.internal.advisory.com/
HTTP 302
https://advisory-members.okta.com/sso/saml2/0oaa4kx5x9q7huHBs1t7/home/theadvisoryboardplatformprod_uhgmsidauthentication_1/0oabie10y1Xbs0FaL1t7/alnbie3bhsfeoUXUd1t7 Page URL
- https://authgateway3.entiam.uhg.com/idp/SSO.saml2 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://onelogin.internal.advisory.com/ HTTP 302
- https://advisory-members.okta.com/sso/saml2/0oaa4kx5x9q7huHBs1t7/home/theadvisoryboardplatformprod_uhgmsidauthentication_1/0oabie10y1Xbs0FaL1t7/alnbie3bhsfeoUXUd1t7
15 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
alnbie3bhsfeoUXUd1t7
advisory-members.okta.com/sso/saml2/0oaa4kx5x9q7huHBs1t7/home/theadvisoryboardplatformprod_uhgmsidauthentication_1/0oabie10y1Xbs0FaL1t7/ Redirect Chain
|
9 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-1.12.4.bba89baa33024062439a2b04aa49fbed.js
ok4static.oktacdn.com/assets/js/ |
288 KB 101 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
interstitial.0853bbe594160e5608c40b3c3e3f680d.css
ok4static.oktacdn.com/assets/css/sections/ |
8 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
interstitial.474dce61acfac4a4d016921943cf2a68.js
ok4static.oktacdn.com/assets/js/app/sso/ |
678 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
spinner
onelogin.advisory.com/ Frame 56B1 |
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.css
onelogin.advisory.com/css/ Frame 56B1 |
38 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
unsupportedBrowser.js
onelogin.advisory.com/js/ Frame 56B1 |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
optumlogo.png
onelogin.advisory.com/img/ Frame 56B1 |
60 KB 61 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loader.gif
onelogin.advisory.com/img/ Frame 56B1 |
4 KB 5 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
navLinks.js
onelogin.advisory.com/js/ Frame 56B1 |
19 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
contactSupportValidations.js
onelogin.advisory.com/js/ Frame 56B1 |
16 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
Primary Request
SSO.saml2
authgateway3.entiam.uhg.com/idp/ |
14 KB 15 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.css
authgateway3.entiam.uhg.com/assets/bootstrap/css/ |
88 KB 0 |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
common.css
authgateway3.entiam.uhg.com/assets/css/ |
10 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
UHG_Header_Logo.png
authgateway3.entiam.uhg.com/assets/images/ |
7 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
advisory-members.okta.com/ | Name: JSESSIONID Value: F85C3F05470E63A64261074F864FFA63 |
|
advisory-members.okta.com/ | Name: t Value: default |
|
advisory-members.okta.com/ | Name: DT Value: DI1zXiMuglFTOqvYeMmglDnlg |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src 'self' advisory-members.okta.com *.oktacdn.com; connect-src 'self' advisory-members.okta.com advisory-members-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com advisory-members.kerberos.okta.com https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' advisory-members.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' advisory-members.okta.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' advisory-members.okta.com advisory-members-admin.okta.com login.okta.com https://onelogin.advisory.com; img-src 'self' advisory-members.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' advisory-members.okta.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self' |
Strict-Transport-Security | max-age=315360000; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 0 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
advisory-members.okta.com
authgateway3.entiam.uhg.com
ok4static.oktacdn.com
onelogin.advisory.com
onelogin.internal.advisory.com
13.225.78.81
15.197.253.65
161.249.243.146
168.183.44.50
52.20.185.91
13ba3ac6ae6380aa2778d9467ecc68e4a6bd1c962d6aca868c9fe0e27ba7b967
18b485a41cd34d42b48932730c71f668984b961260b10648c0607524d46a7a81
208a01c34beb26b6e277c8d67249c9ca1538111b4873334831d70d7c650c61e8
263580b2276cfc8e5500bcaf92f0290689a81928f80669c0892583fbd5938bae
403e9a3b254f9f52138d91b5da1e606d6451618606aaa0bc320e900a82cc72b0
430e9713d285d29b4ca7802dda4d6c1811ef6627a0679e7a5543d62359cb9a34
77b5ff765ff7653b7756896e3951eb246f500edea52c79e0c64a6ef085e4c14e
8a9246ed2eb683577e9d3d964443a6ec965af137c15fa8c542991071ed388a75
9817f96ec050cdb7585a4c22056b47f5fd828b71a16c805308eaa091c620433e
a21651e4dd58e8ae79b2f27e38e6a52e9460c4b907c882623ad8e3c851a7653b
b7812b9477d92799ba1666b4f862fcafebb2d23c99b22ee4898260c63dc9ce16
c289d49bf1de7235f6c5a01aba0ad69fd94c8fd7ee8f10b1e6b2b3bd370c4390
eee51817de93a6779df171e1c04f956d446bab442393637e854592a40102ab6c
fea3b6d87e614f1efb994cc5510b44e497716282b2cb82533e3bd6c68b90cd2b