![](/screenshots/3f9ed62c-abfd-408b-bd09-c8e9c963fa29.png)
idp.finologee.com
Open in
urlscan Pro
185.69.226.67
Public Scan
Effective URL: https://idp.finologee.com/auth/realms/services/protocol/saml?RelayState=https%3A%2F%2Ftestbank123.zendesk.com&brand_id=360...
Submission: On December 07 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 5th 2020. Valid for: 2 years.
This is the only time idp.finologee.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 2 | 52.214.140.202 52.214.140.202 | 16509 (AMAZON-02) (AMAZON-02) | |
8 | 185.69.226.67 185.69.226.67 | 198095 (EBRC) (EBRC) | |
1 | 2a00:1450:400... 2a00:1450:4001:810::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:830::2003 | 15169 (GOOGLE) (GOOGLE) | |
10 | 3 |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-140-202.eu-west-1.compute.amazonaws.com
testbank123.zendesk.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
finologee.com
idp.finologee.com |
453 KB |
2 |
zendesk.com
2 redirects
testbank123.zendesk.com |
3 KB |
1 |
gstatic.com
fonts.gstatic.com |
17 KB |
1 |
googleapis.com
fonts.googleapis.com |
1 KB |
10 | 4 |
Domain | Requested by | |
---|---|---|
8 | idp.finologee.com |
idp.finologee.com
|
2 | testbank123.zendesk.com | 2 redirects |
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | fonts.googleapis.com |
idp.finologee.com
|
10 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.finologee.com Sectigo RSA Domain Validation Secure Server CA |
2020-06-05 - 2022-06-05 |
2 years | crt.sh |
upload.video.google.com GTS CA 1C3 |
2021-11-01 - 2022-01-24 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2021-11-01 - 2022-01-24 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://idp.finologee.com/auth/realms/services/protocol/saml?RelayState=https%3A%2F%2Ftestbank123.zendesk.com&brand_id=360005097677&SAMLRequest=fZFLb8IwEITv%2FArL9zwcxKMWCYpAlZBoVQHtoTfH2RSrjk29Dn38%2Bpq0SPRQ%0ArrvfaGZnZ%2FOPVpMjOFTW5JTFKZ0XgxmKVh942fm92cBbB%2BhJ4AzyfpHTzhlu%0ABSrkRrSA3Eu%2BLe%2FWPItTfnDWW2k1vZBcVwhEcD4EoGS1zOlJ4KJ0Wo1FI0Q0%0AmoxYxBjIaDrJmmg8HkLVQFXJug48Ygcrg14Yn9MszQKaRelkxxgfpjy9eabk%0A6Xxd8KKkPJstrMGuBbcFd1QSHjfrnO69PyBPkkYZq%2B0LQPwFpgZ8jaVtEyEl%0AICanfLToO%2BK9vyuu6mbJJfrb7X1oYbV8sFrJT1Jqbd8XDoSHnHrXASW31rXC%0A%2F98bi1k%2FUXXU9CiHVihd1rULGWlS%2FLj%2BfWIx%2BAY%3D%0A
Frame ID: 554AD3261CCC9A4DB463DE07D9E380BF
Requests: 10 HTTP requests in this frame
Screenshot
![](/screenshots/3f9ed62c-abfd-408b-bd09-c8e9c963fa29.png)
Page Title
Log in to servicesPage URL History Show full URLs
-
https://testbank123.zendesk.com/
HTTP 301
https://testbank123.zendesk.com/access HTTP 302
https://idp.finologee.com/auth/realms/services/protocol/saml?RelayState=https%3A%2F%2Ftestbank123.zend... Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://testbank123.zendesk.com/
HTTP 301
https://testbank123.zendesk.com/access HTTP 302
https://idp.finologee.com/auth/realms/services/protocol/saml?RelayState=https%3A%2F%2Ftestbank123.zendesk.com&brand_id=360005097677&SAMLRequest=fZFLb8IwEITv%2FArL9zwcxKMWCYpAlZBoVQHtoTfH2RSrjk29Dn38%2Bpq0SPRQ%0ArrvfaGZnZ%2FOPVpMjOFTW5JTFKZ0XgxmKVh942fm92cBbB%2BhJ4AzyfpHTzhlu%0ABSrkRrSA3Eu%2BLe%2FWPItTfnDWW2k1vZBcVwhEcD4EoGS1zOlJ4KJ0Wo1FI0Q0%0AmoxYxBjIaDrJmmg8HkLVQFXJug48Ygcrg14Yn9MszQKaRelkxxgfpjy9eabk%0A6Xxd8KKkPJstrMGuBbcFd1QSHjfrnO69PyBPkkYZq%2B0LQPwFpgZ8jaVtEyEl%0AICanfLToO%2BK9vyuu6mbJJfrb7X1oYbV8sFrJT1Jqbd8XDoSHnHrXASW31rXC%0A%2F98bi1k%2FUXXU9CiHVihd1rULGWlS%2FLj%2BfWIx%2BAY%3D%0A Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
10 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
saml
idp.finologee.com/auth/realms/services/protocol/ Redirect Chain
|
13 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
patternfly.css
idp.finologee.com/auth/resources/0qh7a/login/finologee/node_modules/patternfly/dist/css/ |
217 KB 34 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
patternfly-additions.css
idp.finologee.com/auth/resources/0qh7a/login/finologee/node_modules/patternfly/dist/css/ |
257 KB 34 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
zocial.css
idp.finologee.com/auth/resources/0qh7a/login/finologee/lib/zocial/ |
43 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login.css
idp.finologee.com/auth/resources/0qh7a/login/finologee/css/ |
4 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
finologee-login.js
idp.finologee.com/auth/resources/0qh7a/login/finologee/js/ |
6 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
background.png
idp.finologee.com/auth/resources/0qh7a/login/finologee/img/ |
289 KB 290 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
OpenSans-Light-webfont.woff2
idp.finologee.com/auth/resources/0qh7a/login/finologee/node_modules/patternfly/dist/fonts/ |
62 KB 61 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v27/ |
16 KB 17 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
14 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| goToLoginForm function| reloadLoginForm function| addIframeMessageEventListener function| submitSAMLResponseForm function| getQueryStringValue function| addLuxtrustIframe function| initLoginPage function| checkUserActivity function| toggleView string| luxtrustLoginUrl8 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
idp.finologee.com/auth/realms/services/ | Name: AUTH_SESSION_ID Value: 3abd3628-f3c8-49b6-981d-401e5da1ce39.idp-service-0 |
|
idp.finologee.com/auth/realms/services/ | Name: AUTH_SESSION_ID_LEGACY Value: 3abd3628-f3c8-49b6-981d-401e5da1ce39.idp-service-0 |
|
idp.finologee.com/auth/realms/services/ | Name: KC_RESTART Value: eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICI5MmRiYTA2NS03ZmI0LTQ5ODUtOGIwZC05MDZmMzBiNDU4YjUifQ.eyJjaWQiOiJodHRwczovL2Zpbm9sb2dlZS56ZW5kZXNrLmNvbSIsInB0eSI6InNhbWwiLCJydXJpIjoiaHR0cHM6Ly9maW5vbG9nZWUuemVuZGVzay5jb20vYWNjZXNzL3NhbWwiLCJhY3QiOiJBVVRIRU5USUNBVEUiLCJub3RlcyI6eyJOQU1FSURfRk9STUFUIjoidXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6MS4xOm5hbWVpZC1mb3JtYXQ6ZW1haWxBZGRyZXNzIiwiUmVsYXlTdGF0ZSI6Imh0dHBzOi8vdGVzdGJhbmsxMjMuemVuZGVzay5jb20iLCJTQU1MX1JFUVVFU1RfSUQiOiJzYW1sci0wOGI2YWZhYS01NzUxLTExZWMtODcyZi02NjNlYmZlYmJjZGQiLCJzYW1sX2JpbmRpbmciOiJwb3N0In19.hW23jsXn8E5rgLnfeT8obzfI2mp6fHd2u9eiTOPCpBM |
|
idp.finologee.com/auth/realms/services/ | Name: TS012aab99 Value: 016557b671e3a21c5db5ecf06d93a7593afc7a699c6b5f4b8dfe75e2409a5d6019fbc02012f6d69d3130cb156e9bb26994f4141ae5a393c8517a41f0f8d65f6108afc0990746812c0f3bc9c537b28e34b5ba3c261c974a4b781a7d79e5d4c1b9cccaf3bd61 |
|
testbank123.zendesk.com/ | Name: _zendesk_shared_session Value: -OTcxTkxRWXA3aWJsQ3ZsRFQ1Q2VlOWlsTGpRTUkrc0NHeUNwSGhWak5GcmJSZG9MeGxKMEFERVNNMGVDdmVzVnQ1bDcyemNMd2ZJcTZGcVdRZytjRFFLYmg1NlAwQ1JRZGx5YmFhU2JINXpzMkdBL2xGZ2l4TENwMkJ5N08wS3VpSnpaUHkrRmtkTEd1a2Z2NnVKb2pBPT0tLUVFVE9qRUpUUE1kU1NQV0tpd2dLbmc9PQ%3D%3D--3e66d0cfc5ffa49176df8e5b79ca831f31f2abd2 |
|
testbank123.zendesk.com/ | Name: _zendesk_session Value: BAh7C0kiD3Nlc3Npb25faWQGOgZFVEkiJTNhN2ZmMDRiMTEwYzVlNDdmOGM2MWQ5NGMzZmEzOGFiBjsAVEkiDGFjY291bnQGOwBGaQNPgKBJIgpyb3V0ZQY7AEZpAyLOVkkiDmlzX21vYmlsZQY7AFRGSSITd2FyZGVuLm1lc3NhZ2UGOwBUewBJIg5yZXR1cm5fdG8GOwBGSSIkaHR0cHM6Ly90ZXN0YmFuazEyMy56ZW5kZXNrLmNvbQY7AFQ%3D--09e22af35c97ed5e65451ebd806cbaebd502dc31 |
|
idp.finologee.com/ | Name: TS015f7400 Value: 016557b671f5ea723aecb5bdadf4d7a55d621b6abd6b5f4b8dfe75e2409a5d6019fbc02012e14a92e8e268a2df32c2b1dad7b27fb5 |
|
idp.finologee.com/ | Name: TS8d5e9e06027 Value: 08e7f5ff0dab20008d2f7b45dd501318477ae30f4b999df05537b34377eba5b0e3af21ffe8d75a970847b0aa05113000dea420aaac6e0741cdfe50e73a5ee705d3ba354b1701bf67cc7a5046aedd002942e0d8d61bc0c1b7b08a7df089b24a6d |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | frame-src 'self' https://orely.luxtrust.com ; frame-ancestors 'self' ; object-src 'none'; |
Strict-Transport-Security | max-age=31536000; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fonts.googleapis.com
fonts.gstatic.com
idp.finologee.com
testbank123.zendesk.com
185.69.226.67
2a00:1450:4001:810::200a
2a00:1450:4001:830::2003
52.214.140.202
08f290bd9a94b650a950809578011585d0a0736e2cd357088c50a1ef9883a000
19edd2b018063320559188548b225aa63914bbc90fb756bc26872db1669e89f0
2d1a385e98a7ed423b016472290eed31aca521035a10452de872d5de51841559
4494912614132425f1fae63e9cd6a8de368c6c83b8588fb6468ba403a2faaac4
6274e97588ea24e54010c6657bf49ef9f1b40858bcde5e2338afb79a7546e667
8ff336da2d820a2d283ab64bb2e7c3ea47974b9ebb032d46f2421df7f5b8323c
a1656775db340204fd1cde53039d3ef31db76d4b2c23de8719b0e3eab1bd7a54
a73461ad2eb2853c2e1a93781e56d513275a44a7e6e4c9a3cda7a6fda0bdc3a7
bae41ff593e0cfd5d25ce72edf6731524c8eb91c21e4757ce725e01dafceddb5
cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0