urlscan.io logo urlscan.io
SecurityTrails logo

cascade-gateway.lifeadvantages.net Open in urlscan Pro
18.188.177.201  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://my.canopywell.com/
Effective URL: https://cascade-gateway.lifeadvantages.net/module.php/core/loginuserpass.php?AuthState=_6020bfe60802369f6f590f30e59bc09a43cedf9818%3Ahttps%...
Submission: On December 21 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 7 HTTP transactions. The main IP is 18.188.177.201, located in Columbus, United States and belongs to AMAZON-02, US. The main domain is cascade-gateway.lifeadvantages.net.
TLS certificate: Issued by Amazon on October 23rd 2022. Valid for: a year.
This is the only time cascade-gateway.lifeadvantages.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 3 40.71.11.140 8075 (MICROSOFT...)
2 4 18.188.177.201 16509 (AMAZON-02)
7 3
Apex Domain
Subdomains		 Transfer
4 lifeadvantages.net
cascade-gateway.lifeadvantages.net
8 KB
3 canopywell.com
my.canopywell.com
3 KB
7 2
Domain Requested by
4 cascade-gateway.lifeadvantages.net 2 redirects cascade-gateway.lifeadvantages.net
3 my.canopywell.com 2 redirects cascade-gateway.lifeadvantages.net
7 2

This site contains no links.

Subject Issuer Validity Valid
my.canopywell.com
Network Solutions DV Server CA 2		 2022-01-06 -
2023-01-06		 a year crt.sh
*.lifeadvantages.net
Amazon		 2022-10-23 -
2023-11-20		 a year crt.sh

This page contains 1 frames:

Primary Page: https://cascade-gateway.lifeadvantages.net/module.php/core/loginuserpass.php?AuthState=_6020bfe60802369f6f590f30e59bc09a43cedf9818%3Ahttps%3A%2F%2Fcascade-gateway.lifeadvantages.net%2Fsaml2%2Fidp%2FSSOService.php%3Fspentityid%3Dhttps%253A%252F%252Fmy.canopywell.com%252Fsaml-sp.xml%26cookieTime%3D1671625894
Frame ID: ADE9564918275001378F971FE226A164
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://my.canopywell.com/ HTTP 301
    https://my.canopywell.com/ HTTP 302
    https://my.canopywell.com/auth/resolver/saml2 Page URL
  2. https://cascade-gateway.lifeadvantages.net/saml2/idp/SSOService.php HTTP 303
    https://cascade-gateway.lifeadvantages.net/module.php/multiauth/selectsource.php?AuthState=_6020bfe60802369f6f590f30e59... HTTP 302
    https://cascade-gateway.lifeadvantages.net/module.php/core/loginuserpass.php?AuthState=_6020bfe60802369f6f590f30e59bc09... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Page Statistics

7
Requests

43 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

9 kB
Transfer

10 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://my.canopywell.com/ HTTP 301
    https://my.canopywell.com/ HTTP 302
    https://my.canopywell.com/auth/resolver/saml2 Page URL
  2. https://cascade-gateway.lifeadvantages.net/saml2/idp/SSOService.php HTTP 303
    https://cascade-gateway.lifeadvantages.net/module.php/multiauth/selectsource.php?AuthState=_6020bfe60802369f6f590f30e59bc09a43cedf9818%3Ahttps%3A%2F%2Fcascade-gateway.lifeadvantages.net%2Fsaml2%2Fidp%2FSSOService.php%3Fspentityid%3Dhttps%253A%252F%252Fmy.canopywell.com%252Fsaml-sp.xml%26cookieTime%3D1671625894&source=LifeAdvantages-Authentication HTTP 302
    https://cascade-gateway.lifeadvantages.net/module.php/core/loginuserpass.php?AuthState=_6020bfe60802369f6f590f30e59bc09a43cedf9818%3Ahttps%3A%2F%2Fcascade-gateway.lifeadvantages.net%2Fsaml2%2Fidp%2FSSOService.php%3Fspentityid%3Dhttps%253A%252F%252Fmy.canopywell.com%252Fsaml-sp.xml%26cookieTime%3D1671625894 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://my.canopywell.com/ HTTP 301
  • https://my.canopywell.com/ HTTP 302
  • https://my.canopywell.com/auth/resolver/saml2

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
saml2
my.canopywell.com/auth/resolver/
Redirect Chain
  • http://my.canopywell.com/
  • https://my.canopywell.com/
  • https://my.canopywell.com/auth/resolver/saml2
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://my.canopywell.com/auth/resolver/saml2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.71.11.140 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7e0e53f73c120a5cbcd37326f170d15dfc6ccd30d4957d810489e32074c6358a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, no-store
Content-Encoding
gzip
Content-Type
text/html
Date
Wed, 21 Dec 2022 12:31:32 GMT
Pragma
no-cache
Request-Context
appId=662bf012-b8c5-49f9-88e2-a037383d2e99
Transfer-Encoding
chunked
Vary
accept-encoding

Redirect headers

Cache-Control
private
Content-Length
0
Date
Wed, 21 Dec 2022 12:31:32 GMT
Location
/auth/resolver/saml2
Request-Context
appId=662bf012-b8c5-49f9-88e2-a037383d2e99
Primary Request loginuserpass.php
cascade-gateway.lifeadvantages.net/module.php/core/
Redirect Chain
  • https://cascade-gateway.lifeadvantages.net/saml2/idp/SSOService.php
  • https://cascade-gateway.lifeadvantages.net/module.php/multiauth/selectsource.php?AuthState=_6020bfe60802369f6f590f30e59bc09a43cedf9818%3Ahttps%3A%2F%2Fcascade-gateway.lifeadvantages.net%2Fsaml2%2Fi...
  • https://cascade-gateway.lifeadvantages.net/module.php/core/loginuserpass.php?AuthState=_6020bfe60802369f6f590f30e59bc09a43cedf9818%3Ahttps%3A%2F%2Fcascade-gateway.lifeadvantages.net%2Fsaml2%2Fidp%2...
5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cascade-gateway.lifeadvantages.net/module.php/core/loginuserpass.php?AuthState=_6020bfe60802369f6f590f30e59bc09a43cedf9818%3Ahttps%3A%2F%2Fcascade-gateway.lifeadvantages.net%2Fsaml2%2Fidp%2FSSOService.php%3Fspentityid%3Dhttps%253A%252F%252Fmy.canopywell.com%252Fsaml-sp.xml%26cookieTime%3D1671625894
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.188.177.201 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-188-177-201.us-east-2.compute.amazonaws.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips / PHP/5.6.40
Resource Hash
675850d4177eca154d336dbcfc60fa226efb48e74cd14074a6c37935b7b9cf37

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://my.canopywell.com
Referer
https://my.canopywell.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
text/html; charset=UTF-8
date
Wed, 21 Dec 2022 12:31:36 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips
x-powered-by
PHP/5.6.40

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
date
Wed, 21 Dec 2022 12:31:35 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://cascade-gateway.lifeadvantages.net/module.php/core/loginuserpass.php?AuthState=_6020bfe60802369f6f590f30e59bc09a43cedf9818%3Ahttps%3A%2F%2Fcascade-gateway.lifeadvantages.net%2Fsaml2%2Fidp%2FSSOService.php%3Fspentityid%3Dhttps%253A%252F%252Fmy.canopywell.com%252Fsaml-sp.xml%26cookieTime%3D1671625894
pragma
no-cache
server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips
x-powered-by
PHP/5.6.40
WelcomePage.css
my.canopywell.com/utility/themes/10724747/css/ 		0
0
custom.css
cascade-gateway.lifeadvantages.net/css/ 		1 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cascade-gateway.lifeadvantages.net/css/custom.css
Requested by
Host: cascade-gateway.lifeadvantages.net
URL: https://cascade-gateway.lifeadvantages.net/module.php/core/loginuserpass.php?AuthState=_6020bfe60802369f6f590f30e59bc09a43cedf9818%3Ahttps%3A%2F%2Fcascade-gateway.lifeadvantages.net%2Fsaml2%2Fidp%2FSSOService.php%3Fspentityid%3Dhttps%253A%252F%252Fmy.canopywell.com%252Fsaml-sp.xml%26cookieTime%3D1671625894
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.188.177.201 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-188-177-201.us-east-2.compute.amazonaws.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips /
Resource Hash
7c6574086d6d9d097fa90da883e447ae464f494848f9330a9941073cf8cd34b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cascade-gateway.lifeadvantages.net/module.php/core/loginuserpass.php?AuthState=_6020bfe60802369f6f590f30e59bc09a43cedf9818%3Ahttps%3A%2F%2Fcascade-gateway.lifeadvantages.net%2Fsaml2%2Fidp%2FSSOService.php%3Fspentityid%3Dhttps%253A%252F%252Fmy.canopywell.com%252Fsaml-sp.xml%26cookieTime%3D1671625894
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 12:31:37 GMT
last-modified
Tue, 22 Nov 2022 18:31:11 GMT
server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips
accept-ranges
bytes
etag
"5b4-5ee136055a480"
content-length
1460
content-type
text/css
jquery.min.js
my.canopywell.com/utility/scripts/ 		0
0
CA.js
my.canopywell.com/utility/scripts/ 		0
0
NewSite.js
my.canopywell.com/clients/10724747/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
my.canopywell.com
URL
https://my.canopywell.com/utility/themes/10724747/css/WelcomePage.css
Domain
my.canopywell.com
URL
https://my.canopywell.com/utility/scripts/jquery.min.js
Domain
my.canopywell.com
URL
https://my.canopywell.com/utility/scripts/CA.js
Domain
my.canopywell.com
URL
https://my.canopywell.com/clients/10724747/NewSite.js

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange

5 Cookies

Domain/Path Name / Value
my.canopywell.com/ Name: session
Value: BA5E602BE7AD56DFB90362941930DA81
.my.canopywell.com/ Name: ARRAffinity
Value: f7346eb7f858da6fcd7c812185c78354cd9c373cd01aac1f84617587dc510a4d
.my.canopywell.com/ Name: ARRAffinitySameSite
Value: f7346eb7f858da6fcd7c812185c78354cd9c373cd01aac1f84617587dc510a4d
cascade-gateway.lifeadvantages.net/ Name: SimpleSAML
Value: 074c1b0aba1774fa57c2e6e56f8cd127
cascade-gateway.lifeadvantages.net/ Name: multiauth_source_gateway-multi-auth
Value: LifeAdvantages-Authentication