urlscan.io logo urlscan.io
SecurityTrails logo

ptlogin.primetherapeutics.com Open in urlscan Pro
208.90.130.22  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://credentialing.primetherapeutics.com/
Effective URL: https://ptlogin.primetherapeutics.com/provcredprodext/sps/ProvCredProdExt/saml20/login
Submission: On March 11 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 3 HTTP transactions. The main IP is 208.90.130.22, located in Lakeville, United States and belongs to PRIMET-INET-AS, US. The main domain is ptlogin.primetherapeutics.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on June 27th 2023. Valid for: a year.
This is the only time ptlogin.primetherapeutics.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 5 208.90.130.192 27020 (PRIMET-IN...)
1 208.90.130.22 27020 (PRIMET-IN...)
3 2
Apex Domain
Subdomains		 Transfer
6 primetherapeutics.com
credentialing.primetherapeutics.com
ptlogin.primetherapeutics.com
11 KB
3 1
Domain Requested by
5 credentialing.primetherapeutics.com 3 redirects credentialing.primetherapeutics.com
1 ptlogin.primetherapeutics.com
3 2

This site contains no links.

Subject Issuer Validity Valid
credentialing.primetherapeutics.com
Entrust Certification Authority - L1K		 2024-03-11 -
2025-03-21		 a year crt.sh
ptlogin.primetherapeutics.com
Entrust Certification Authority - L1K		 2023-06-27 -
2024-06-27		 a year crt.sh

This page contains 1 frames:

Primary Page: https://ptlogin.primetherapeutics.com/provcredprodext/sps/ProvCredProdExt/saml20/login
Frame ID: F5605016EDDC91593F450F3D00C85C52
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Access Manager for Web - Anmeldung

Page URL History Show full URLs

  1. https://credentialing.primetherapeutics.com/ HTTP 302
    https://credentialing.primetherapeutics.com/indexexternal.html Page URL
  2. https://credentialing.primetherapeutics.com/prweb/PRAuth/CREDENTIALINGEXTERNALSAML HTTP 307
    https://credentialing.primetherapeutics.com/prweb/PRAuth/app/default/CREDENTIALINGEXTERNALSAML HTTP 303
    https://credentialing.primetherapeutics.com/prweb/PRAuth/app/default/w7L7FshWF1txykdSL0SLfhJQrFWqhSRr8z_tHiVY6lM*/!STANDARD Page URL
  3. https://ptlogin.primetherapeutics.com/provcredprodext/sps/ProvCredProdExt/saml20/login Page URL

Page Statistics

3
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

2
IPs

1
Countries

7 kB
Transfer

4 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://credentialing.primetherapeutics.com/ HTTP 302
    https://credentialing.primetherapeutics.com/indexexternal.html Page URL
  2. https://credentialing.primetherapeutics.com/prweb/PRAuth/CREDENTIALINGEXTERNALSAML HTTP 307
    https://credentialing.primetherapeutics.com/prweb/PRAuth/app/default/CREDENTIALINGEXTERNALSAML HTTP 303
    https://credentialing.primetherapeutics.com/prweb/PRAuth/app/default/w7L7FshWF1txykdSL0SLfhJQrFWqhSRr8z_tHiVY6lM*/!STANDARD Page URL
  3. https://ptlogin.primetherapeutics.com/provcredprodext/sps/ProvCredProdExt/saml20/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://credentialing.primetherapeutics.com/ HTTP 302
  • https://credentialing.primetherapeutics.com/indexexternal.html
Request Chain 1
  • https://credentialing.primetherapeutics.com/prweb/PRAuth/CREDENTIALINGEXTERNALSAML HTTP 307
  • https://credentialing.primetherapeutics.com/prweb/PRAuth/app/default/CREDENTIALINGEXTERNALSAML HTTP 303
  • https://credentialing.primetherapeutics.com/prweb/PRAuth/app/default/w7L7FshWF1txykdSL0SLfhJQrFWqhSRr8z_tHiVY6lM*/!STANDARD

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
indexexternal.html
credentialing.primetherapeutics.com/
Redirect Chain
  • https://credentialing.primetherapeutics.com/
  • https://credentialing.primetherapeutics.com/indexexternal.html
480 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://credentialing.primetherapeutics.com/indexexternal.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.90.130.192 Lakeville, United States, ASN27020 (PRIMET-INET-AS, US),
Reverse DNS
credentialing.primetherapeutics.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-length
480
content-security-policy
frame-ancestors 'self'
content-type
text/html
date
Mon, 11 Mar 2024 14:28:18 GMT
etag
W/"480-1701878380000"
last-modified
Wed, 06 Dec 2023 15:59:40 GMT
p3p
CP="NON CUR OTPi OUR NOR UNI"
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN

Redirect headers

Connection
Keep-Alive
Content-Length
0
Location
https://credentialing.primetherapeutics.com/indexexternal.html
Server
BigIP
!STANDARD
credentialing.primetherapeutics.com/prweb/PRAuth/app/default/w7L7FshWF1txykdSL0SLfhJQrFWqhSRr8z_tHiVY6lM*/
Redirect Chain
  • https://credentialing.primetherapeutics.com/prweb/PRAuth/CREDENTIALINGEXTERNALSAML
  • https://credentialing.primetherapeutics.com/prweb/PRAuth/app/default/CREDENTIALINGEXTERNALSAML
  • https://credentialing.primetherapeutics.com/prweb/PRAuth/app/default/w7L7FshWF1txykdSL0SLfhJQrFWqhSRr8z_tHiVY6lM*/!STANDARD
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://credentialing.primetherapeutics.com/prweb/PRAuth/app/default/w7L7FshWF1txykdSL0SLfhJQrFWqhSRr8z_tHiVY6lM*/!STANDARD
Requested by
Host: credentialing.primetherapeutics.com
URL: https://credentialing.primetherapeutics.com/indexexternal.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.90.130.192 Lakeville, United States, ASN27020 (PRIMET-INET-AS, US),
Reverse DNS
credentialing.primetherapeutics.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://credentialing.primetherapeutics.com/indexexternal.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Transfer-Encoding
chunked
cache-control
no-cache, no-store, must-revalidate
content-security-policy
frame-ancestors 'self'
content-type
text/html;charset=UTF-8
date
Mon, 11 Mar 2024 14:28:18 GMT
expires
0
p3p
CP="NON CUR OTPi OUR NOR UNI"
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
content-security-policy
frame-ancestors 'self'
content-type
text/html;charset=UTF-8
date
Mon, 11 Mar 2024 14:28:18 GMT
expires
0
location
https://credentialing.primetherapeutics.com/prweb/PRAuth/app/default/w7L7FshWF1txykdSL0SLfhJQrFWqhSRr8z_tHiVY6lM*/!STANDARD
p3p
CP="NON CUR OTPi OUR NOR UNI"
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
Primary Request login
ptlogin.primetherapeutics.com/provcredprodext/sps/ProvCredProdExt/saml20/ 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ptlogin.primetherapeutics.com/provcredprodext/sps/ProvCredProdExt/saml20/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.90.130.22 Lakeville, United States, ASN27020 (PRIMET-INET-AS, US),
Reverse DNS
ptlogin.primetherapeutics.com
Software
/
Resource Hash
2258278cf797141886f56413396dc858e430cd49b90bd78dfd3b8c7d9352bafd
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://credentialing.primetherapeutics.com
Referer
https://credentialing.primetherapeutics.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
content-length
2336
content-security-policy
frame-ancestors 'self'
content-type
text/html
date
Mon, 11 Mar 2024 14:28:20 GMT
p3p
CP="NON CUR OTPi OUR NOR UNI"
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| warningString

11 Cookies

Domain/Path Name / Value
credentialing.primetherapeutics.com/prweb/PRPushServlet/app/default/ Name: TS01ec0994
Value: 0143861e6b6e34be88a2ea60168a7c1c92a0c6ff4c4019687b8801d3f1a92b573c0cb5187a568275c5dabe7fc11ea3f41bd8b69760
credentialing.primetherapeutics.com/prweb/PRPushServlet/app/default/ Name: Pega-RULES
Value: {atn}e3ByfXZhTDM1Zzc5N0lZWUl0S2Nvelg2eHB5cTJtMHltV0ZiS3Bwd1pZQ1FoY3ZPTXYyOWZndXR1aGh4WWN1bGJrbTA0My8wZkpwNTdnbm0KekJPQ1ArMlBGZz09%7Bapp%7D
credentialing.primetherapeutics.com/prweb/PRAuth/app/default/ Name: TS01f224ba
Value: 0143861e6b6e34be88a2ea60168a7c1c92a0c6ff4c4019687b8801d3f1a92b573c0cb5187a568275c5dabe7fc11ea3f41bd8b69760
credentialing.primetherapeutics.com/prweb/PRAuth/app/default/ Name: Pega-RULES
Value: {atn}e3ByfXZhTDM1Zzc5N0lZWUl0S2Nvelg2eHB5cTJtMHltV0ZiS3Bwd1pZQ1FoY3ZPTXYyOWZndXR1aGh4WWN1bGJrbTA0My8wZkpwNTdnbm0KekJPQ1ArMlBGZz09%7Bapp%7D
credentialing.primetherapeutics.com/prweb Name: TS017bde8f
Value: 0143861e6b6e34be88a2ea60168a7c1c92a0c6ff4c4019687b8801d3f1a92b573c0cb5187a568275c5dabe7fc11ea3f41bd8b69760
credentialing.primetherapeutics.com/prweb Name: JSESSIONID
Value: 108FFE59B41569813CA8444809772189
credentialing.primetherapeutics.com/ Name: UNIQUE-PEGA-COOKIE-NAME
Value: a0a7077d77ec7b0b
credentialing.primetherapeutics.com/ Name: Prime_cookie
Value: 990932490.47873.0000
credentialing.primetherapeutics.com/ Name: TS01757975
Value: 0143861e6b6e34be88a2ea60168a7c1c92a0c6ff4c4019687b8801d3f1a92b573c0cb5187a568275c5dabe7fc11ea3f41bd8b69760
credentialing.primetherapeutics.com/ Name: TS684305c1027
Value: 08faa2ca13ab2000eaead5cc9cdd99b1e099bd19b383afd5048c467ec141b2ad17c543a1ffb910d008913f81ba1130001ce908102855e8ce219e83ad025ef958b6848372718e1e03ffd3fe65d8601aea02e444286f0047830fdb321d52f46be5
ptlogin.primetherapeutics.com/ Name: PD-S-SESSION-ID
Value: 1_2_0_esdi29Dr+JDbx7+SwVW-mPmhcTpn6T1M7JZqF9jhoGiaqKzb

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

credentialing.primetherapeutics.com
ptlogin.primetherapeutics.com
208.90.130.192
208.90.130.22
2258278cf797141886f56413396dc858e430cd49b90bd78dfd3b8c7d9352bafd