![](/screenshots/45928add-39a8-4332-9967-9a518771962c.png)
sita-aero.oktapreview.com
Open in
urlscan Pro
34.236.241.35
Public Scan
Effective URL: https://sita-aero.oktapreview.com/sso/saml2/0oagosaqmSUSnSqfZ0x6
Submission Tags: @phishunt_io
Submission: On October 20 via api from US — Scanned from DE
Summary
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on January 27th 2021. Valid for: a year.
This is the only time sita-aero.oktapreview.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 20.61.116.136 20.61.116.136 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
2 | 34.236.241.35 34.236.241.35 | 14618 (AMAZON-AES) (AMAZON-AES) | |
13 | 143.204.98.116 143.204.98.116 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 195.53.213.225 195.53.213.225 | 25261 (IBERIA) (IBERIA) | |
17 | 4 |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
lab-iberia.es-internet-portal.dw.aticloud.aero |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-241-35.compute-1.amazonaws.com
sita-aero.oktapreview.com |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-116.fra50.r.cloudfront.net
op2static.oktacdn.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
oktacdn.com
op2static.oktacdn.com |
819 KB |
2 |
oktapreview.com
sita-aero.oktapreview.com |
16 KB |
1 |
iberia.es
acceso.pre.iberia.es |
7 KB |
1 |
aticloud.aero
lab-iberia.es-internet-portal.dw.aticloud.aero |
7 KB |
17 | 4 |
Domain | Requested by | |
---|---|---|
13 | op2static.oktacdn.com |
sita-aero.oktapreview.com
op2static.oktacdn.com |
2 | sita-aero.oktapreview.com | |
1 | acceso.pre.iberia.es | |
1 | lab-iberia.es-internet-portal.dw.aticloud.aero | |
17 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
support.okta.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
lab-iberia.es-internet-portal.dw.aticloud.aero Sectigo RSA Organization Validation Secure Server CA |
2020-11-25 - 2021-11-25 |
a year | crt.sh |
*.oktapreview.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-01-27 - 2022-02-27 |
a year | crt.sh |
*.oktacdn.com DigiCert TLS RSA SHA256 2020 CA1 |
2020-12-15 - 2022-01-15 |
a year | crt.sh |
acceso.pre.iberia.es GlobalSign RSA OV SSL CA 2018 |
2021-08-26 - 2022-09-27 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://sita-aero.oktapreview.com/sso/saml2/0oagosaqmSUSnSqfZ0x6
Frame ID: BBDA2DA35BD856C05BECEEE50159BE63
Requests: 17 HTTP requests in this frame
Screenshot
![](/screenshots/45928add-39a8-4332-9967-9a518771962c.png)
Page Title
sita-aero - Anmeldung fehlgeschlagenPage URL History Show full URLs
- https://lab-iberia.es-internet-portal.dw.aticloud.aero/vpn/index.html Page URL
- https://sita-aero.oktapreview.com/app/citrixnetscalergateway_saml/exk15952heVT9fo6a0x7/sso/saml Page URL
- https://acceso.pre.iberia.es/fed/idp/samlv20 Page URL
- https://sita-aero.oktapreview.com/sso/saml2/0oagosaqmSUSnSqfZ0x6 Page URL
Detected technologies
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Reichen Sie einen Fall ein
Search URL Search Domain Scan URL
Title: Support-Website
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://lab-iberia.es-internet-portal.dw.aticloud.aero/vpn/index.html Page URL
- https://sita-aero.oktapreview.com/app/citrixnetscalergateway_saml/exk15952heVT9fo6a0x7/sso/saml Page URL
- https://acceso.pre.iberia.es/fed/idp/samlv20 Page URL
- https://sita-aero.oktapreview.com/sso/saml2/0oagosaqmSUSnSqfZ0x6 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
17 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
![]() lab-iberia.es-internet-portal.dw.aticloud.aero/vpn/ |
6 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
saml
sita-aero.oktapreview.com/app/citrixnetscalergateway_saml/exk15952heVT9fo6a0x7/sso/ |
22 KB 12 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-1.12.4.05ced5937a65bd185b03749fdd833c98.js
op2static.oktacdn.com/assets/js/ |
287 KB 101 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
interstitial.5a6402592cb7434dc29a6d517251d1a1.css
op2static.oktacdn.com/assets/css/sections/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
new_interstitial.c41c3b6f3a84458aca9a5919f238fbe3.gif
op2static.oktacdn.com/assets/img/ui/indicators/ |
354 KB 355 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
interstitial.474dce61acfac4a4d016921943cf2a68.js
op2static.oktacdn.com/assets/js/app/sso/ |
678 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
samlv20
acceso.pre.iberia.es/fed/idp/ |
7 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
Primary Request
0oagosaqmSUSnSqfZ0x6
sita-aero.oktapreview.com/sso/saml2/ |
7 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
saasure-min.44321c5a4c857d530ce2fbd687c53056.css
op2static.oktacdn.com/assets/css/ |
72 KB 18 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
courage.4e83825fe7317393bda6866643295d42.css
op2static.oktacdn.com/assets/css/courage/ |
236 KB 42 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
admin-overrides.b37d62d7b29e36d86f6420831ac04e32.css
op2static.oktacdn.com/assets/css/ |
131 KB 32 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
errors.e0e7df89f5255d53c7e3dcfca7514f4b.css
op2static.oktacdn.com/assets/css/sections/ |
1 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
saasure.jqueryui.min.ab61a3d5a298584284e10dab0d3c54b0.js
op2static.oktacdn.com/assets/js/ |
627 KB 218 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
okta-logo.47066819ac7db5c13f4c431b2687cef6.png
op2static.oktacdn.com/assets/img/logos/ |
982 B 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
http-error-400.eb5f0061069e5c149eddccc91c97eafc.png
op2static.oktacdn.com/assets/img/ui/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
proximanova-light-webfont.3bf194f33d52c87ea38f13e04fd41950.woff2
op2static.oktacdn.com/assets/font/ |
20 KB 20 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
proximanova-reg-webfont.d99a7377dabb55772ca9f986b0a04b57.woff2
op2static.oktacdn.com/assets/font/ |
20 KB 21 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
25 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| onbeforexrselect boolean| originAgentCluster object| okta function| oldval function| OktaWayPoint object| webFontConfig object| AjaxForm object| JobManager object| ModalDialog object| Utils object| Preferences object| OktaMetrics function| $ function| jQuery object| BROWSER object| jQuery1124009489546820873884 function| _ object| webfont object| WebFont object| saasure object| hashChangeHandler object| mixpanel function| trackAdminHelpEvent function| showBadBrowserIfNotSeen3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
sita-aero.oktapreview.com/ | Name: t Value: default |
|
sita-aero.oktapreview.com/ | Name: DT Value: DI0RWV2Fu1DQtua5OZ6No_0xQ |
|
sita-aero.oktapreview.com/ | Name: JSESSIONID Value: AFF3051E1F2F89D167C17AA8979B7928 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=15552000; includeSubDomains; preload |
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
acceso.pre.iberia.es
lab-iberia.es-internet-portal.dw.aticloud.aero
op2static.oktacdn.com
sita-aero.oktapreview.com
143.204.98.116
195.53.213.225
20.61.116.136
34.236.241.35
018930498a4b01e598099a6e45d7316d54c7b1411ce2b741a3b1f1b0ed4e578b
08f69371b08477688a29abfd9ba964ea888d26554b40c45ab3a5667cb19840c1
1c774ebf906cb1d253aaf71183acf4802c59ea851037ceb1e5f98e00bb329f25
28a14867c0b4ee79dff5c37e1e6645ba9cf5ccc359f571ccb22f4edcf679bccf
337ecebcbad130d286256a0a975283ffa5f5cb578e5126eb63677eb9e9040f71
35369ca98e9126dffd892c99d42ded5015bf8ce4c29f09016e497145b177c807
4a92592a10ee14828698950e3f4ce5d0b011fca631839c64d45f25637c7e2d1a
57619640e856dadff09b21ba69894dff46e3e8a73a80ac5b477fe3950309bd12
6848954b34e1a9e8a7e295355e937d90423de315aa43e29b7d95c3a62189670a
7786b977ae6c0310227fa469c7aa66a00f2bdbc0e0963cd637211e04f59c68a1
77b5ff765ff7653b7756896e3951eb246f500edea52c79e0c64a6ef085e4c14e
a07c9b45ccc8343314b70e31995d070ddc591b88970b7f21f95b21c60e462bea
affdba1620552b12a1a8a04467136aeb408c03fa337d20e9c38374d682d4d149
be040a1d98e52d1c680280ac602f6f0e03aba9790569332f28f7e257314abcbe
c1fee6fa7902552e48f0cf67e4840543cd7312b12fedab3dde5713906bd3fb5c