![](/screenshots/7ce70a6d-ba5f-4970-a949-8ad2a29315a7.png)
cascade-gateway.lifeadvantages.net
Open in
urlscan Pro
18.188.177.201
Public Scan
Effective URL: https://cascade-gateway.lifeadvantages.net/module.php/core/loginuserpass.php?AuthState=_6020bfe60802369f6f590f30e59bc09a43cedf9818%3Ahttps%...
Submission: On December 21 via api from US — Scanned from DE
Summary
TLS certificate: Issued by Amazon on October 23rd 2022. Valid for: a year.
This is the only time cascade-gateway.lifeadvantages.net was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 3 | 40.71.11.140 40.71.11.140 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
2 4 | 18.188.177.201 18.188.177.201 | 16509 (AMAZON-02) (AMAZON-02) | |
7 | 3 |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
my.canopywell.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-188-177-201.us-east-2.compute.amazonaws.com
cascade-gateway.lifeadvantages.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
lifeadvantages.net
2 redirects
cascade-gateway.lifeadvantages.net |
8 KB |
3 |
canopywell.com
2 redirects
my.canopywell.com |
3 KB |
7 | 2 |
Domain | Requested by | |
---|---|---|
4 | cascade-gateway.lifeadvantages.net |
2 redirects
cascade-gateway.lifeadvantages.net
|
3 | my.canopywell.com |
2 redirects
cascade-gateway.lifeadvantages.net
|
7 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
my.canopywell.com Network Solutions DV Server CA 2 |
2022-01-06 - 2023-01-06 |
a year | crt.sh |
*.lifeadvantages.net Amazon |
2022-10-23 - 2023-11-20 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://cascade-gateway.lifeadvantages.net/module.php/core/loginuserpass.php?AuthState=_6020bfe60802369f6f590f30e59bc09a43cedf9818%3Ahttps%3A%2F%2Fcascade-gateway.lifeadvantages.net%2Fsaml2%2Fidp%2FSSOService.php%3Fspentityid%3Dhttps%253A%252F%252Fmy.canopywell.com%252Fsaml-sp.xml%26cookieTime%3D1671625894
Frame ID: ADE9564918275001378F971FE226A164
Requests: 7 HTTP requests in this frame
Screenshot
![](/screenshots/7ce70a6d-ba5f-4970-a949-8ad2a29315a7.png)
Page URL History Show full URLs
-
http://my.canopywell.com/
HTTP 301
https://my.canopywell.com/ HTTP 302
https://my.canopywell.com/auth/resolver/saml2 Page URL
-
https://cascade-gateway.lifeadvantages.net/saml2/idp/SSOService.php
HTTP 303
https://cascade-gateway.lifeadvantages.net/module.php/multiauth/selectsource.php?AuthState=_6020bfe60802369f6f590f30e59... HTTP 302
https://cascade-gateway.lifeadvantages.net/module.php/core/loginuserpass.php?AuthState=_6020bfe60802369f6f590f30e59bc09... Page URL
Detected technologies
Detected patterns
- \.php(?:$|\?)
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://my.canopywell.com/
HTTP 301
https://my.canopywell.com/ HTTP 302
https://my.canopywell.com/auth/resolver/saml2 Page URL
-
https://cascade-gateway.lifeadvantages.net/saml2/idp/SSOService.php
HTTP 303
https://cascade-gateway.lifeadvantages.net/module.php/multiauth/selectsource.php?AuthState=_6020bfe60802369f6f590f30e59bc09a43cedf9818%3Ahttps%3A%2F%2Fcascade-gateway.lifeadvantages.net%2Fsaml2%2Fidp%2FSSOService.php%3Fspentityid%3Dhttps%253A%252F%252Fmy.canopywell.com%252Fsaml-sp.xml%26cookieTime%3D1671625894&source=LifeAdvantages-Authentication HTTP 302
https://cascade-gateway.lifeadvantages.net/module.php/core/loginuserpass.php?AuthState=_6020bfe60802369f6f590f30e59bc09a43cedf9818%3Ahttps%3A%2F%2Fcascade-gateway.lifeadvantages.net%2Fsaml2%2Fidp%2FSSOService.php%3Fspentityid%3Dhttps%253A%252F%252Fmy.canopywell.com%252Fsaml-sp.xml%26cookieTime%3D1671625894 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://my.canopywell.com/ HTTP 301
- https://my.canopywell.com/ HTTP 302
- https://my.canopywell.com/auth/resolver/saml2
7 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
saml2
my.canopywell.com/auth/resolver/ Redirect Chain
|
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
loginuserpass.php
cascade-gateway.lifeadvantages.net/module.php/core/ Redirect Chain
|
5 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
WelcomePage.css
my.canopywell.com/utility/themes/10724747/css/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
custom.css
cascade-gateway.lifeadvantages.net/css/ |
1 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
jquery.min.js
my.canopywell.com/utility/scripts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
CA.js
my.canopywell.com/utility/scripts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
NewSite.js
my.canopywell.com/clients/10724747/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- my.canopywell.com
- URL
- https://my.canopywell.com/utility/themes/10724747/css/WelcomePage.css
- Domain
- my.canopywell.com
- URL
- https://my.canopywell.com/utility/scripts/jquery.min.js
- Domain
- my.canopywell.com
- URL
- https://my.canopywell.com/utility/scripts/CA.js
- Domain
- my.canopywell.com
- URL
- https://my.canopywell.com/clients/10724747/NewSite.js
Verdicts & Comments Add Verdict or Comment
1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontentvisibilityautostatechange5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
my.canopywell.com/ | Name: session Value: BA5E602BE7AD56DFB90362941930DA81 |
|
.my.canopywell.com/ | Name: ARRAffinity Value: f7346eb7f858da6fcd7c812185c78354cd9c373cd01aac1f84617587dc510a4d |
|
.my.canopywell.com/ | Name: ARRAffinitySameSite Value: f7346eb7f858da6fcd7c812185c78354cd9c373cd01aac1f84617587dc510a4d |
|
cascade-gateway.lifeadvantages.net/ | Name: SimpleSAML Value: 074c1b0aba1774fa57c2e6e56f8cd127 |
|
cascade-gateway.lifeadvantages.net/ | Name: multiauth_source_gateway-multi-auth Value: LifeAdvantages-Authentication |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cascade-gateway.lifeadvantages.net
my.canopywell.com
my.canopywell.com
18.188.177.201
40.71.11.140
675850d4177eca154d336dbcfc60fa226efb48e74cd14074a6c37935b7b9cf37
7c6574086d6d9d097fa90da883e447ae464f494848f9330a9941073cf8cd34b6
7e0e53f73c120a5cbcd37326f170d15dfc6ccd30d4957d810489e32074c6358a