![](/screenshots/3d720851-1f8b-4146-ada5-320d6c4aeb1e.png)
ssoauth.alight.com
Open in
urlscan Pro
204.152.234.108
Public Scan
Effective URL: https://ssoauth.alight.com/idp/SSO.saml2?SAMLRequest=fZLJTsMwEIbvPEXku7M3pFYTVLFIRSxSFw5cKuO4raXEDp5xBTw9bloQXHq09S%2Bjb2Zy...
Submission: On August 17 via manual from IN — Scanned from DE
Summary
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on August 11th 2023. Valid for: a year.
This is the only time ssoauth.alight.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 54.175.53.90 54.175.53.90 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 1 | 34.227.126.115 34.227.126.115 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 1 | 2600:1f18:257... 2600:1f18:257:8001:8708:56aa:97cf:171b | 14618 (AMAZON-AES) (AMAZON-AES) | |
7 | 204.152.234.108 204.152.234.108 | 13716 (ALIGHT-SO...) (ALIGHT-SOLUTIONS-LLC) | |
7 | 1 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-53-90.compute-1.amazonaws.com
alight.go.scoutrfp.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-227-126-115.compute-1.amazonaws.com
alight.auth.workdayspend.com |
ASN14618 (AMAZON-AES, US)
scoutrfp-production.auth.us-east-1.amazoncognito.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
alight.com
ssoauth.alight.com — Cisco Umbrella Rank: 238151 |
279 KB |
1 |
amazoncognito.com
1 redirects
scoutrfp-production.auth.us-east-1.amazoncognito.com |
2 KB |
1 |
workdayspend.com
1 redirects
alight.auth.workdayspend.com |
1 KB |
1 |
scoutrfp.com
1 redirects
alight.go.scoutrfp.com |
229 B |
7 | 4 |
Domain | Requested by | |
---|---|---|
7 | ssoauth.alight.com |
ssoauth.alight.com
|
1 | scoutrfp-production.auth.us-east-1.amazoncognito.com | 1 redirects |
1 | alight.auth.workdayspend.com | 1 redirects |
1 | alight.go.scoutrfp.com | 1 redirects |
7 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
ssoauth.alight.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-08-11 - 2024-09-04 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://ssoauth.alight.com/idp/SSO.saml2?SAMLRequest=fZLJTsMwEIbvPEXku7M3pFYTVLFIRSxSFw5cKuO4raXEDp5xBTw9bloQXHq09S%2Bjb2Zy9dG1wV5aUEZXJAljEkgtTKP0tiKr5R0tyVV9MQHetWnPpg53ei7fnQQMpgDSovddGw2uk3Yh7V4JuZo%2FVGSH2AOLIhDGod30tLemceIgD7lPCR1QyQFpEvKOfxnfudUKTShMFw1tkWp6K6H34ZIEN75RaY7DmL%2FhYIYs3qrtDgerN0WLxXM4RJBgdlORdZOME5FtRrQoypLmxduGjt%2ByhOYyyUSRl002KrwUwMmZBuQaK5LGaUbjkiaXy7hkacziIhyP4lcSvPzASg%2BwPD4N7IinIs5qZjgoYJp3EhgKtpg%2BPjAvZR4AGmFaUh9psqHQBnfGdhzPew8%2FqqGbQcqkRoWf%2F7rP2%2FnPpkh9kB2BsxNxBj37XcY6v39q%2B9vcPU2iv1PWp%2Bf%2FE6i%2FAQ%3D%3D&RelayState=H4sIAAAAAAAAAH1R2W7bMBD8Fz6bsg6KlgwUhVPb8RU7ceIaaVEIFElJtA4qlBRFLvrv3QZt0ac-7YA7nJ3d-Y4YmqKuwZI1LXYistkX9YJ0ezRCMXRYodKsJbg2WnS8VbqCBocGyV4Uq_O2U5dL1gijO-YleegTBgQBhKxt62Y6HrOuzaxem1ywoallJSyuy_fXMddppVqNlajHnBVFzHj-kRdKVm2kxIf_jpAwgmshASYAH2d3O4Apmn5FrG-s39JWo6BWVtdIYzFRql_2ZclUAVWDGyUAwHKJKiT6NkI5aO3FjD17p7tbPNip6u-Wz59X-rD385thyZ3j4JKXbRVk60_3SdD799f-0CVhUfv5JLqZ0wc7PZVmNrkejma9ya51X9N1ujkNcVAuW7FweRSdX5_m5iL8xUO6os7l9cvb8bij6_XmMcvxZutvTWCMG58NybI3fZyHYGG3C82hXvka-_ZqMsyfTrfnNZgvwHHDddeapP4nJuv97n-DtVjJrrr6cxaIAL6WaOrQ0HWpTWwKZ0DThBWNHCEDmqGUdhxIgSUXHiYTynDsuTYOEzcWxLFj5vmg0QI1Ek7ocC_xMaVBgAmNExzGnoOJdDxOSSA8n6IfPwHnu47ObAIAAA.H4sIAAAAAAAAAAEgAN__yFS4ChfoBDQcsd11zL4rpulCyCA4vuNzbgoAI_Lj3UsuWMsFIAAAAA.4
Frame ID: A697DDD0B597EDDF5DE674EA2B9A4149
Requests: 7 HTTP requests in this frame
Screenshot
![](/screenshots/3d720851-1f8b-4146-ada5-320d6c4aeb1e.png)
Page Title
Sign OnPage URL History Show full URLs
-
https://alight.go.scoutrfp.com/planner/projects/2740590
HTTP 301
https://alight.auth.workdayspend.com/planner/projects/2740590 HTTP 302
https://scoutrfp-production.auth.us-east-1.amazoncognito.com/oauth2/authorize?client_id=4hqiapktuijjhsdroua3fk954a&redirect_uri=https%3A%... HTTP 302
https://ssoauth.alight.com/idp/SSO.saml2?SAMLRequest=fZLJTsMwEIbvPEXku7M3pFYTVLFIRSxSFw5cKuO4raXEDp5xBT... Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://alight.go.scoutrfp.com/planner/projects/2740590
HTTP 301
https://alight.auth.workdayspend.com/planner/projects/2740590 HTTP 302
https://scoutrfp-production.auth.us-east-1.amazoncognito.com/oauth2/authorize?client_id=4hqiapktuijjhsdroua3fk954a&redirect_uri=https%3A%2F%2Fauth.workdayspend.com%2Fauth%2Fcognito-idp%2Fcallback%3Fclient_id%3D4hqiapktuijjhsdroua3fk954a&response_type=code HTTP 302
https://ssoauth.alight.com/idp/SSO.saml2?SAMLRequest=fZLJTsMwEIbvPEXku7M3pFYTVLFIRSxSFw5cKuO4raXEDp5xBTw9bloQXHq09S%2Bjb2Zy9dG1wV5aUEZXJAljEkgtTKP0tiKr5R0tyVV9MQHetWnPpg53ei7fnQQMpgDSovddGw2uk3Yh7V4JuZo%2FVGSH2AOLIhDGod30tLemceIgD7lPCR1QyQFpEvKOfxnfudUKTShMFw1tkWp6K6H34ZIEN75RaY7DmL%2FhYIYs3qrtDgerN0WLxXM4RJBgdlORdZOME5FtRrQoypLmxduGjt%2ByhOYyyUSRl002KrwUwMmZBuQaK5LGaUbjkiaXy7hkacziIhyP4lcSvPzASg%2BwPD4N7IinIs5qZjgoYJp3EhgKtpg%2BPjAvZR4AGmFaUh9psqHQBnfGdhzPew8%2FqqGbQcqkRoWf%2F7rP2%2FnPpkh9kB2BsxNxBj37XcY6v39q%2B9vcPU2iv1PWp%2Bf%2FE6i%2FAQ%3D%3D&RelayState=H4sIAAAAAAAAAH1R2W7bMBD8Fz6bsg6KlgwUhVPb8RU7ceIaaVEIFElJtA4qlBRFLvrv3QZt0ac-7YA7nJ3d-Y4YmqKuwZI1LXYistkX9YJ0ezRCMXRYodKsJbg2WnS8VbqCBocGyV4Uq_O2U5dL1gijO-YleegTBgQBhKxt62Y6HrOuzaxem1ywoallJSyuy_fXMddppVqNlajHnBVFzHj-kRdKVm2kxIf_jpAwgmshASYAH2d3O4Apmn5FrG-s39JWo6BWVtdIYzFRql_2ZclUAVWDGyUAwHKJKiT6NkI5aO3FjD17p7tbPNip6u-Wz59X-rD385thyZ3j4JKXbRVk60_3SdD799f-0CVhUfv5JLqZ0wc7PZVmNrkejma9ya51X9N1ujkNcVAuW7FweRSdX5_m5iL8xUO6os7l9cvb8bij6_XmMcvxZutvTWCMG58NybI3fZyHYGG3C82hXvka-_ZqMsyfTrfnNZgvwHHDddeapP4nJuv97n-DtVjJrrr6cxaIAL6WaOrQ0HWpTWwKZ0DThBWNHCEDmqGUdhxIgSUXHiYTynDsuTYOEzcWxLFj5vmg0QI1Ek7ocC_xMaVBgAmNExzGnoOJdDxOSSA8n6IfPwHnu47ObAIAAA.H4sIAAAAAAAAAAEgAN__yFS4ChfoBDQcsd11zL4rpulCyCA4vuNzbgoAI_Lj3UsuWMsFIAAAAA.4 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
7 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
SSO.saml2
ssoauth.alight.com/idp/ Redirect Chain
|
9 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.css
ssoauth.alight.com/assets/css/ |
170 KB 171 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
teamspace.css
ssoauth.alight.com/assets/css/ |
2 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
teamspace.logo.png
ssoauth.alight.com/assets/images/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
FSThriveElliotWeb-Heavy.woff
ssoauth.alight.com/assets/fonts/ |
35 KB 35 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
FSThriveElliotWeb-Regular.woff
ssoauth.alight.com/assets/fonts/ |
33 KB 34 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
iconfont.ttf
ssoauth.alight.com/assets/fonts/icons/ |
21 KB 21 KB |
Font
application/x-font-ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
16 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture function| postForgotPassword function| postRecoverUsername function| postAlternateAuthnSystem function| postRegistration function| postOk function| submitForm function| postCancel function| postOnReturn function| setFocus function| setMobile function| getScreenWidth object| bodyTag number| width boolean| remember object| checkbox7 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.auth.workdayspend.com/ | Name: sso_user_original_path Value: xL%2FYchyeu3DCzjsNJUyl5sHL9tZRUTuX%2Bs6YCPSEaCGYPzrkn4kHxzVF9FqnTAO2dse0o367AROJXTmcQNXoK5e2Ogx8QICunQkhSrgQvLa%2B2eLwh%2F%2FtppMVKROMP9d1YdupjzWqEWbq1MedvCTjGaIzgNpuj6Z5u1pqhxnhJ4fPMRcvh7L0u64FN45BkA40--tfORztxaHYb2T2fG--DGGwdp4kEfKCrTlmEookDg%3D%3D |
|
alight.auth.workdayspend.com/ | Name: _doormate_xsrf Value: Rxi5ZPh1LIJLijyHf4ukJ98DAkHhhmlcvLz4t4MpUX9kLBXyDJ5Thd-6adHJHuCFbVlG0E2zvcgGNiOsGt62nw |
|
alight.auth.workdayspend.com/ | Name: _doormate_session Value: 906d41a9b14e4ca34a2cbe6516cf12e5 |
|
scoutrfp-production.auth.us-east-1.amazoncognito.com/ | Name: XSRF-TOKEN Value: 7fbbf4b3-b5c8-4f8d-a319-9f8599c279f9 |
|
scoutrfp-production.auth.us-east-1.amazoncognito.com/ | Name: csrf-state Value: NdAaY3UMG-y0giwMFYVHoON5kByFc1Ry24qKn8hICPf8w5PzwOuf9lp5k7_BD6Q0gUmrA7zORrIJhzpwp6IgJUyb8mFtdE2c__WvTDrjd5EQgH61jvZxRRL6IIJShk-JK5Kr8rr2bWr4hhxoRD9FYVLL9rOpH5o-50H7yDTUGWI |
|
scoutrfp-production.auth.us-east-1.amazoncognito.com/ | Name: csrf-state-legacy Value: NdAaY3UMG-y0giwMFYVHoON5kByFc1Ry24qKn8hICPf8w5PzwOuf9lp5k7_BD6Q0gUmrA7zORrIJhzpwp6IgJUyb8mFtdE2c__WvTDrjd5EQgH61jvZxRRL6IIJShk-JK5Kr8rr2bWr4hhxoRD9FYVLL9rOpH5o-50H7yDTUGWI |
|
ssoauth.alight.com/ | Name: PF Value: jwxCML09eGHOEg2QdNjAdfPbBwHUOIboJ68SE3WXlzCJ |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; includeSubdomains; |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
alight.auth.workdayspend.com
alight.go.scoutrfp.com
scoutrfp-production.auth.us-east-1.amazoncognito.com
ssoauth.alight.com
204.152.234.108
2600:1f18:257:8001:8708:56aa:97cf:171b
34.227.126.115
54.175.53.90
0f3d907f9548f2d94f625dd53d2887fcba95d5627e0b79c38254dcab68dbf8f5
2a1e9b5a465c6914ab07ee92191bf992e08da45173602d4be6afde2915fcf235
4145ce74fc41b03a24a6dc0dd1b31a3472f0aa770a9d10a847bea196f6bc3252
49fd6f989698d5fad31a3d21366baa9f469a1a35894ed35f82ad35742ecc4a07
8594513ed6754cae58a48bdcc017a783e2f45cd9114cabdfbc6aa4c02e330e19
a70cb484740dd0056335440ec7b1f85070a5fce3015e55aacd5bd2d806361981
ba3ced8d1a4f2b7d046fd64455b4aebf5fe6b7251ef3d44c2217eacd3222af35