fssocaregiver.intermountain.net
Open in
urlscan Pro
159.212.70.102
Public Scan
Effective URL: https://fssocaregiver.intermountain.net/idp/SSO.saml2
Submission: On October 18 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on January 3rd 2023. Valid for: a year.
This is the only time fssocaregiver.intermountain.net was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 20.14.162.1 20.14.162.1 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
2 3 | 20.96.62.89 20.96.62.89 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
9 | 159.212.70.102 159.212.70.102 | 11052 (IHC-NET) (IHC-NET) | |
10 | 2 |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
mybenefits-intermountain.com |
ASN11052 (IHC-NET, US)
fssocaregiver.intermountain.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
intermountain.net
fssocaregiver.intermountain.net — Cisco Umbrella Rank: 956130 |
459 KB |
3 |
ehr.com
2 redirects
hrportal.ehr.com — Cisco Umbrella Rank: 106174 |
12 KB |
1 |
mybenefits-intermountain.com
1 redirects
mybenefits-intermountain.com |
240 B |
10 | 3 |
Domain | Requested by | |
---|---|---|
9 | fssocaregiver.intermountain.net |
fssocaregiver.intermountain.net
|
3 | hrportal.ehr.com | 2 redirects |
1 | mybenefits-intermountain.com | 1 redirects |
10 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
account.intermountain.net |
Subject Issuer | Validity | Valid | |
---|---|---|---|
hrportal.ehr.com GlobalSign RSA OV SSL CA 2018 |
2023-03-17 - 2024-04-17 |
a year | crt.sh |
fssocaregiver.intermountain.net DigiCert TLS RSA SHA256 2020 CA1 |
2023-01-03 - 2024-02-03 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://fssocaregiver.intermountain.net/idp/SSO.saml2
Frame ID: 3A2D560F6AA4BB2F61201A2731A18354
Requests: 10 HTTP requests in this frame
Screenshot
Page Title
Sign OnPage URL History Show full URLs
-
https://mybenefits-intermountain.com/
HTTP 307
https://hrportal.ehr.com/intermountain HTTP 302
https://hrportal.ehr.com/intermountain/qa3?returnurl=%2fintermountain HTTP 302
https://hrportal.ehr.com/intermountain/desktopmodules/portal/api/saml/sendauthnrequest/?target=Client... Page URL
- https://fssocaregiver.intermountain.net/idp/SSO.saml2 Page URL
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Self Service Support
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://mybenefits-intermountain.com/
HTTP 307
https://hrportal.ehr.com/intermountain HTTP 302
https://hrportal.ehr.com/intermountain/qa3?returnurl=%2fintermountain HTTP 302
https://hrportal.ehr.com/intermountain/desktopmodules/portal/api/saml/sendauthnrequest/?target=Client-SelfServiceExt&relaystate=&rnd=114724112728016 Page URL
- https://fssocaregiver.intermountain.net/idp/SSO.saml2 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://mybenefits-intermountain.com/ HTTP 307
- https://hrportal.ehr.com/intermountain HTTP 302
- https://hrportal.ehr.com/intermountain/qa3?returnurl=%2fintermountain HTTP 302
- https://hrportal.ehr.com/intermountain/desktopmodules/portal/api/saml/sendauthnrequest/?target=Client-SelfServiceExt&relaystate=&rnd=114724112728016
10 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
hrportal.ehr.com/intermountain/desktopmodules/portal/api/saml/sendauthnrequest/ Redirect Chain
|
6 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
Primary Request
SSO.saml2
fssocaregiver.intermountain.net/idp/ |
27 KB 27 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main-ih.css
fssocaregiver.intermountain.net/assets/css/ |
162 KB 162 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ih-color.svg
fssocaregiver.intermountain.net/assets/images/ |
13 KB 14 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sh-logo-w-txt.svg
fssocaregiver.intermountain.net/assets/images/ |
8 KB 8 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon-windowshello.png
fssocaregiver.intermountain.net/assets/images/ |
5 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
supergraphic.svg
fssocaregiver.intermountain.net/assets/images/ |
3 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rectorweb-regular.woff2
fssocaregiver.intermountain.net/assets/fonts/ |
50 KB 50 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ABCSocialVariable.woff2
fssocaregiver.intermountain.net/assets/fonts/ |
165 KB 166 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
iconfont.ttf
fssocaregiver.intermountain.net/assets/fonts/icons/ |
21 KB 22 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
19 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| urlParam function| showLegal function| postForgotPassword function| postRecoverUsername function| postAlternateAuthnSystem function| postRegistration function| postOk function| submitForm function| postCancel function| postOnReturn function| setFocus function| setMobile function| getScreenWidth object| bodyTag number| width boolean| remember object| checkbox function| IsWebAuthnSupported function| isWebAuthnPlatformAuthenticatorAvailable10 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
hrportal.ehr.com/ | Name: ApplicationGatewayAffinityCORS Value: ad0d98c14e5d99d1def36c4766f5dbbd |
|
hrportal.ehr.com/ | Name: ApplicationGatewayAffinity Value: ad0d98c14e5d99d1def36c4766f5dbbd |
|
hrportal.ehr.com/ | Name: dnn_IsMobile Value: False |
|
hrportal.ehr.com/ | Name: language Value: en-US |
|
hrportal.ehr.com/ | Name: .ASPXANONYMOUS Value: wfUjR4VvxhbbEsWgvPWmMhhXPahgh_f-TZTr0LgvwGVfd1ZGQS6oijVWzNP5KMGKvtmv2lRiKMnrrsGjqZKvna65M0SgK5QfzhEyLp8lbc7r2xmJmUz0XPH8qV5W6GbkH1264Vp_1-RmSCftxGFKuA2 |
|
hrportal.ehr.com/ | Name: Analytics_VisitorId Value: 4c533b54-d6b0-41c6-8560-f0a8022f5738 |
|
hrportal.ehr.com/ | Name: Analytics Value: SessionId=c1c791e2-5d99-4b16-a672-b5d2809eb32f&TabId=130018&ContentItemId=-1 |
|
hrportal.ehr.com/ | Name: ASP.NET_SessionId Value: a5x41cdmgrld1lm1e354ny25 |
|
hrportal.ehr.com/ | Name: authentication Value: HRT.Portal.DNNModules.HRPortalAuth |
|
fssocaregiver.intermountain.net/ | Name: PF Value: wQf9i1v6iFM9XLA50eg5xf |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src 'self' https: https://ajax.googleapis.com https://cdn.jsdelivr.net https://dnnapi.com https://cdnjs.cloudflare.com; font-src * data:; connect-src 'self' https: https://wtwdevcbot-bot.azurewebsites.net wss://directline.botframework.com; script-src 'self' https: 'unsafe-inline' 'unsafe-eval' blob:; style-src * 'unsafe-inline' 'unsafe-eval' blob:; media-src 'self' https: 'unsafe-inline' 'unsafe-eval'; img-src 'self' https: 'unsafe-inline' 'unsafe-eval' data: blob: |
Strict-Transport-Security | max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fssocaregiver.intermountain.net
hrportal.ehr.com
mybenefits-intermountain.com
159.212.70.102
20.14.162.1
20.96.62.89
27406c2c4b04cd8d969d78e710a849cce9ca1a1cbf3920b5a0c650ebc4a9b89d
2a1e9b5a465c6914ab07ee92191bf992e08da45173602d4be6afde2915fcf235
561afd7241f41c449d25b09bfe1b46f62002359398f6a006dba6d0fc7d0f09b1
67e3a4103ad08839f43772b2af5a1cbf8fdd8397c41201c5955f0695151ae308
873bd36fcba4ad9873977890548aae74b86056c9aa76890f7b6169f75418f57d
a97668fec44f5164b57fc22e3612cc427f9ebac6e79c0d7705e8feab485a88f7
c73d16c3a140c01110b26bcf34d1b8edade2e906d575b81b5fa39f6de6d0fba3
d8eb83a564b4887c177c189f6d969559b0247edd74a836faf0348b3fbe7da6f4
db08782fb5999a055ec2bb524f4f2dee17b0f8bbb8f25e747735e2510c713787