empauthn.usaa.com
Open in
urlscan Pro
184.28.113.182
Public Scan
Effective URL: https://empauthn.usaa.com/oamfed/idp/samlv20
Submission: On July 10 via manual from US
Summary
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on March 4th 2020. Valid for: 8 months.
This is the only time empauthn.usaa.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 167.89.123.16 167.89.123.16 | 11377 (SENDGRID) (SENDGRID) | |
1 | 35.226.215.99 35.226.215.99 | 15169 (GOOGLE) (GOOGLE) | |
1 | 18.209.113.151 18.209.113.151 | 14618 (AMAZON-AES) (AMAZON-AES) | |
6 | 13.224.193.50 13.224.193.50 | 16509 (AMAZON-02) (AMAZON-02) | |
11 | 184.28.113.182 184.28.113.182 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
19 | 4 |
ASN15169 (GOOGLE, US)
PTR: 99.215.226.35.bc.googleusercontent.com
sso.rallydev.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-18-209-113-151.compute-1.amazonaws.com
usaa.okta.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-50.fra2.r.cloudfront.net
ok2static.oktacdn.com |
ASN20940 (AKAMAI-ASN1, EU)
PTR: a184-28-113-182.deploy.static.akamaitechnologies.com
empauthn.usaa.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
usaa.com
empauthn.usaa.com |
165 KB |
6 |
oktacdn.com
ok2static.oktacdn.com |
469 KB |
1 |
okta.com
usaa.okta.com |
7 KB |
1 |
rallydev.com
sso.rallydev.com |
2 KB |
1 |
sendgrid.net
1 redirects
u14184431.ct.sendgrid.net |
299 B |
19 | 5 |
Domain | Requested by | |
---|---|---|
11 | empauthn.usaa.com |
ok2static.oktacdn.com
empauthn.usaa.com |
6 | ok2static.oktacdn.com |
usaa.okta.com
|
1 | usaa.okta.com |
sso.rallydev.com
|
1 | sso.rallydev.com | |
1 | u14184431.ct.sendgrid.net | 1 redirects |
19 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.rallydev.com DigiCert SHA2 Secure Server CA |
2019-10-22 - 2021-10-22 |
2 years | crt.sh |
*.okta.com DigiCert SHA2 High Assurance Server CA |
2019-05-28 - 2021-05-28 |
2 years | crt.sh |
*.oktacdn.com DigiCert SHA2 High Assurance Server CA |
2017-11-01 - 2021-01-06 |
3 years | crt.sh |
wsb2b.usaa.com DigiCert SHA2 Extended Validation Server CA |
2020-03-04 - 2020-10-23 |
8 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://empauthn.usaa.com/oamfed/idp/samlv20
Frame ID: B031857A908F8D2D4D63038198EDE409
Requests: 19 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://u14184431.ct.sendgrid.net/ls/click?upn=KThGdr5L4UrgqaP2ZjK6iOuu6pRhZ2-2FDRBIKw29eQCAI23Y8hpJ3aOiHTqHKl...
HTTP 302
https://sso.rallydev.com/sp/startSSO.ping?PartnerIdpId=http://www.okta.com/exkimmiys9LbjOLYB0x7 Page URL
- https://usaa.okta.com/app/rally/exkimmiys9LbjOLYB0x7/sso/saml Page URL
- https://empauthn.usaa.com/oamfed/idp/samlv20 Page URL
Detected technologies
CentOS (Operating Systems) ExpandDetected patterns
- headers server /CentOS/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://u14184431.ct.sendgrid.net/ls/click?upn=KThGdr5L4UrgqaP2ZjK6iOuu6pRhZ2-2FDRBIKw29eQCAI23Y8hpJ3aOiHTqHKldPslbhZD5BmPtJ63VFjVBUvNTcz84I9j6tjyRmTCmQjPqY-2BABCf3IYdAZSemHk2DUbhTWLp2K3PsOAyVpQzljeT9Q-3D-3D8fn0_GTGKSl8AOdp-2BNl9fS5pummY00XCjd6I2Q1ajj3Ozecc0m6jnkWuhis2-2BEstZrpvA4plSvutsnG1V-2F9tURTE8IYb3v5vTgDen-2BHUAPgfAq-2BQR2x8R5LMkanW8qQ1qAj8AvwzD7eSRDR-2BuLC3ycOUAmRGIhniXAgIh0Yswqj2qM7UNVQXSF3kn7aDB6BtkDNMw8rZqdHzJ2BLhLQ8eNN4C5rSGBZvbfq3F0udH38QmEC0-3D
HTTP 302
https://sso.rallydev.com/sp/startSSO.ping?PartnerIdpId=http://www.okta.com/exkimmiys9LbjOLYB0x7 Page URL
- https://usaa.okta.com/app/rally/exkimmiys9LbjOLYB0x7/sso/saml Page URL
- https://empauthn.usaa.com/oamfed/idp/samlv20 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://u14184431.ct.sendgrid.net/ls/click?upn=KThGdr5L4UrgqaP2ZjK6iOuu6pRhZ2-2FDRBIKw29eQCAI23Y8hpJ3aOiHTqHKldPslbhZD5BmPtJ63VFjVBUvNTcz84I9j6tjyRmTCmQjPqY-2BABCf3IYdAZSemHk2DUbhTWLp2K3PsOAyVpQzljeT9Q-3D-3D8fn0_GTGKSl8AOdp-2BNl9fS5pummY00XCjd6I2Q1ajj3Ozecc0m6jnkWuhis2-2BEstZrpvA4plSvutsnG1V-2F9tURTE8IYb3v5vTgDen-2BHUAPgfAq-2BQR2x8R5LMkanW8qQ1qAj8AvwzD7eSRDR-2BuLC3ycOUAmRGIhniXAgIh0Yswqj2qM7UNVQXSF3kn7aDB6BtkDNMw8rZqdHzJ2BLhLQ8eNN4C5rSGBZvbfq3F0udH38QmEC0-3D HTTP 302
- https://sso.rallydev.com/sp/startSSO.ping?PartnerIdpId=http://www.okta.com/exkimmiys9LbjOLYB0x7
19 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Cookie set
startSSO.ping
sso.rallydev.com/sp/ Redirect Chain
|
1 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
saml
usaa.okta.com/app/rally/exkimmiys9LbjOLYB0x7/sso/ |
14 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-1.12.4.cde246884d9601b57ecdf303e95e31d8.js
ok2static.oktacdn.com/assets/js/ |
287 KB 101 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
interstitial.a54a1edc95056b8486c088d765565d49.css
ok2static.oktacdn.com/assets/css/sections/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
new_interstitial_static.9481d4731547cec09b26be142dbeec61.png
ok2static.oktacdn.com/assets/img/ui/indicators/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
new_interstitial.c41c3b6f3a84458aca9a5919f238fbe3.gif
ok2static.oktacdn.com/assets/img/ui/indicators/ |
354 KB 355 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
okta_watermark.4a7f2ccf7d0a787cff6f59fb67f72843.png
ok2static.oktacdn.com/assets/img/logos/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
interstitial.474dce61acfac4a4d016921943cf2a68.js
ok2static.oktacdn.com/assets/js/app/sso/ |
678 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
Primary Request
samlv20
empauthn.usaa.com/oamfed/idp/ |
2 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mainLayoutTemplate.css
empauthn.usaa.com/static/css/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
usaaEmployeeLogin.css
empauthn.usaa.com/static/css/ |
21 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
usaa_logo.png
empauthn.usaa.com/static/images/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
HR.png
empauthn.usaa.com/static/images/ |
127 B 543 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
submitUtils.js
empauthn.usaa.com/static/js/ |
1012 B 706 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mainLayoutTemplateMobile.css
empauthn.usaa.com/static/css/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
usaaEmployeeLoginMobile.css
empauthn.usaa.com/static/css/ |
23 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
GothamNarrow-Medium.woff
empauthn.usaa.com/static/fonts/ |
81 KB 54 KB |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Gotham-Bold.woff
empauthn.usaa.com/static/fonts/ |
18 KB 19 KB |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Gotham-Book.woff
empauthn.usaa.com/static/fonts/ |
73 KB 69 KB |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
string| requestId function| addRequestId function| addRequestIdRIMFA0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
empauthn.usaa.com
ok2static.oktacdn.com
sso.rallydev.com
u14184431.ct.sendgrid.net
usaa.okta.com
13.224.193.50
167.89.123.16
18.209.113.151
184.28.113.182
35.226.215.99
20a3283e9c00f6e8e6e7c03dc71a3ccfd7ec498ce98da60193202b6b3a09bb38
215e1b6b976fa3e4b7bbe2f49b18c3ecd017f6f25a30affc7e0798f0845fc93b
31e3052c953887e9f941988db4f10d3852dcd2c1d2ad60a8626f5801d7568598
35eadd46b39668ff3265c46f31b1e0074ca341c8f0d77dc1c7a2878d4fbd30ff
44e717c69783db3a3d1d13a8655b5ead93f3e54bb04b14118d0fae3470059df7
4a4a9875283ce14328c0269b2e4ac32e2bfb58fbe004638b0600da943c568c28
4b8e056c669cce55f036937f5d779a28ab386939daa056265e9d6221c0d882f2
4d2b381a33b5787eb4f5be7c3b78f77e06bbb1436984b290f7e8e4f945fed5ae
6263a118b28dafda40e404b3fc7ffe7de5b2cc069d8ab26855c441c72e3b65d1
77b5ff765ff7653b7756896e3951eb246f500edea52c79e0c64a6ef085e4c14e
a2a8e579f12a13aea4ee9521e8f7d9b8592156204bb7357f2e139959dc60fc7a
a5d958be76e970124b20b9d17b84962fae1ad78a436652cf10194ac5fb3ab27f
a71a0ca28096e63356f346e496ceb06baaa0f6f0f4f257c04c5116376bb2693b
b03ab66644aac3f5586848ac6289288a8bf2d4c84a0ab66f3bbf6765775b055f
f77253e43188ebc0fbdb32eab2c4caa603fc2a474b7ec5162d51d6747124cbc0