![](/screenshots/8a2f5c47-8845-46db-b2bf-edb8e6c2d73e.png)
securefed.antheminc.com
Open in
urlscan Pro
95.101.22.154
Public Scan
Effective URL: https://securefed.antheminc.com/idp/SSO.saml2?SAMLRequest=fZBBa4QwEIXv%2Bysk9zUxtbshqCB4EVq61NJDL5KN4xrQxGYi9Oc3aw%2FtqXOYw%2FDm...
Submission: On June 02 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on April 6th 2022. Valid for: a year.
This is the only time securefed.antheminc.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 4 | 199.30.234.131 199.30.234.131 | 13380 (ASN-CUST) (ASN-CUST) | |
2 | 2606:4700::68... 2606:4700::6812:acf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2001:4de0:ac1... 2001:4de0:ac18::1:a:1a | 20446 (STACKPATH...) (STACKPATH-CDN) | |
1 2 | 2600:9000:215... 2600:9000:2156:2400:11:c0ce:ab40:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
4 4 | 162.95.221.235 162.95.221.235 | () () | |
1 | 95.101.22.154 95.101.22.154 | () () | |
11 | 6 |
ASN16509 (AMAZON-02, US)
anthedd.exterro.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
antheminc.com
4 redirects
secure-gateway.antheminc.com securefed.antheminc.com |
5 KB |
4 |
zixcentral.com
1 redirects
link.zixcentral.com — Cisco Umbrella Rank: 64462 |
8 KB |
2 |
exterro.net
1 redirects
anthedd.exterro.net |
8 KB |
2 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 671 |
31 KB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 624 |
30 KB |
11 | 5 |
Domain | Requested by | |
---|---|---|
4 | secure-gateway.antheminc.com | 4 redirects |
4 | link.zixcentral.com |
1 redirects
link.zixcentral.com
|
2 | anthedd.exterro.net | 1 redirects |
2 | maxcdn.bootstrapcdn.com |
link.zixcentral.com
|
1 | securefed.antheminc.com |
securefed.antheminc.com
|
1 | code.jquery.com |
link.zixcentral.com
|
11 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.zixcentral.com Entrust Certification Authority - L1K |
2022-02-02 - 2023-03-01 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-01-29 - 2023-01-29 |
a year | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2021-07-14 - 2022-08-14 |
a year | crt.sh |
*.exterro.net Amazon |
2021-10-31 - 2022-11-28 |
a year | crt.sh |
securefed-ak.anthem.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-04-06 - 2023-04-06 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://securefed.antheminc.com/idp/SSO.saml2?SAMLRequest=fZBBa4QwEIXv%2Bysk9zUxtbshqCB4EVq61NJDL5KN4xrQxGYi9Oc3aw%2FtqXOYw%2FDmzfumqLcw2Vf43ABD0sRmrArG2ZJMIawoKUXQm4cRhlTZMMFirE61W6gZVtp1LymqZeYkaZuS9LkYsod8ZEpkehw1iJwJlj3mw%2Fk6Cg5aXNldirhBazFEw5JwxvmRnY6Mv2UnyZjk5w%2BSvIPHPQZPGUm%2BltliSTZvpVNoUFq1AMqgZVc%2FP8mokat3wWk3k%2BqQxCosZnI%2F5H%2B2ZRz876AQwd%2FZSXUx9tY2l74z4Q48gI%2Bkfb3zt1YX9Ne9OhT07xOrbw%3D%3D&RelayState=61d4155c5dc6acc4f323e1f56ff16ea3dd3c935b
Frame ID: 6CF8B153D495B98F2CAABF85BF452689
Requests: 11 HTTP requests in this frame
Screenshot
![](/screenshots/8a2f5c47-8845-46db-b2bf-edb8e6c2d73e.png)
Page URL History Show full URLs
- https://link.zixcentral.com/u/43b27d78/qv0D1Ibi7BGkEGvQ8I9C_g?u=https%3A%2F%2Fanthedd.exterro.net%2Fcryo... Page URL
-
https://link.zixcentral.com/filter
HTTP 302
https://anthedd.exterro.net/cryo/signin.exterro?sectionName=nyTZ2ho4sX8ALGhWT8A77Q==&custodianKey=eTKsAc... HTTP 302
https://anthedd.exterro.net/exterrosso/saml/login?8Ozvola2vHEamWiq73btAw=FdJCCa-SWVyOMrsKTTZLxyUnIEnOpse... Page URL
-
https://secure-gateway.antheminc.com/affwebservices/public/saml2sso
HTTP 302
https://secure-gateway.antheminc.com/siteminderagent/redirectjsp/redirect.jsp?AS=Kerberos&SMPORTALURL=https%3A%2F... HTTP 302
https://secure-gateway.antheminc.com/login/PingIDP_AnthemInc_SSO.jsp?TYPE=33554433&REALMOID=06-000d0f5a-e9f5-1b92... HTTP 302
https://secure-gateway.antheminc.com/affwebservices/public/saml2authnrequest?ProviderID=AnthemInc&RelayState=HTTP... HTTP 302
https://securefed.antheminc.com/idp/SSO.saml2?SAMLRequest=fZBBa4QwEIXv%2Bysk9zUxtbshqCB4EVq61NJDL5KN4xrQxGYi... Page URL
Detected technologies
![](/vendor/wappa/icons/Bootstrap.png)
Detected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://link.zixcentral.com/u/43b27d78/qv0D1Ibi7BGkEGvQ8I9C_g?u=https%3A%2F%2Fanthedd.exterro.net%2Fcryo%2Fsignin.exterro%3FsectionName%3DnyTZ2ho4sX8ALGhWT8A77Q%3D%3D%26custodianKey%3DeTKsAcjjhBsxdS2i5pdm3Aobc5lRt556npXF4SNSOfA%3D%26complianceNoticeWebId%3DucZjvTbgnTCxxBa91LLFYLRqF8A%3D%26tin%3DYW50aGVkZA Page URL
-
https://link.zixcentral.com/filter
HTTP 302
https://anthedd.exterro.net/cryo/signin.exterro?sectionName=nyTZ2ho4sX8ALGhWT8A77Q==&custodianKey=eTKsAcjjhBsxdS2i5pdm3Aobc5lRt556npXF4SNSOfA=&complianceNoticeWebId=ucZjvTbgnTCxxBa91LLFYLRqF8A=&tin=YW50aGVkZA HTTP 302
https://anthedd.exterro.net/exterrosso/saml/login?8Ozvola2vHEamWiq73btAw=FdJCCa-SWVyOMrsKTTZLxyUnIEnOpseKr_fkVOstfSrwKAdBmA-o-Hc29_Zk0gjkA7AoN3Pt0dPxLyeIkaMfksbdRgDReaB6x19tIEeYEsK7GOUM2BbSpP2uCs--RU_GZlcqJeVUZb3yfJvL6B0Z5ThtCT8fxogpQbolgbIWjN_NyBUouNjIKbCnUjx0_t5X6jjekilqCCANTwLdu9HLuSqX4kQI3VgpvUvuWa-vTplEcSSYVj1bqg7C64dnz_QMsHEw--p1eXdvJpUqWkHjJAZyTm-FxJh1mp1sNT-xJOI&idp=saml.anthem.com%3Aexterro&_y5lKDEfdYXdGmnMzf4VtA=rTR1dRS8OiZwkrEhN_iSjQ&VTDaf30ajOSP0K9y17kcWg=anthedd Page URL
-
https://secure-gateway.antheminc.com/affwebservices/public/saml2sso
HTTP 302
https://secure-gateway.antheminc.com/siteminderagent/redirectjsp/redirect.jsp?AS=Kerberos&SMPORTALURL=https%3A%2F%2Fsecure-gateway.antheminc.com%2Faffwebservices%2Fpublic%2Fsaml2sso&SAMLTRANSACTIONID=2da02a62-43385804-a793f9e9-071b8251-81493c5f-a6 HTTP 302
https://secure-gateway.antheminc.com/login/PingIDP_AnthemInc_SSO.jsp?TYPE=33554433&REALMOID=06-000d0f5a-e9f5-1b92-b255-180b1ee60000&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-t64kPwqhr4EIRX7%2bG7yxK0b2iMawKmUW0GqGV%2fbAqCRu48mDg%2bJJc8KlrtKF6HiA&TARGET=-SM-HTTPS%3a%2f%2fsecure--gateway%2eantheminc%2ecom%2fsiteminderagent%2fredirectjsp%2fredirect%2ejsp%3fAS%3dKerberos%26SMPORTALURL%3dhttps-%3A-%2F-%2Fsecure--gateway%2eantheminc%2ecom-%2Faffwebservices-%2Fpublic-%2Fsaml2sso%26SAMLTRANSACTIONID%3d2da02a62--43385804--a793f9e9--071b8251--81493c5f--a6 HTTP 302
https://secure-gateway.antheminc.com/affwebservices/public/saml2authnrequest?ProviderID=AnthemInc&RelayState=HTTPS%3A%2F%2Fsecure-gateway.antheminc.com%2Fsiteminderagent%2Fredirectjsp%2Fredirect.jsp%3FAS%3DKerberos%26SMPORTALURL%3Dhttps%253A%252F%252Fsecure-gateway.antheminc.com%252Faffwebservices%252Fpublic%252Fsaml2sso%26SAMLTRANSACTIONID%3D2da02a62-43385804-a793f9e9-071b8251-81493c5f-a6 HTTP 302
https://securefed.antheminc.com/idp/SSO.saml2?SAMLRequest=fZBBa4QwEIXv%2Bysk9zUxtbshqCB4EVq61NJDL5KN4xrQxGYi9Oc3aw%2FtqXOYw%2FDmzfumqLcw2Vf43ABD0sRmrArG2ZJMIawoKUXQm4cRhlTZMMFirE61W6gZVtp1LymqZeYkaZuS9LkYsod8ZEpkehw1iJwJlj3mw%2Fk6Cg5aXNldirhBazFEw5JwxvmRnY6Mv2UnyZjk5w%2BSvIPHPQZPGUm%2BltliSTZvpVNoUFq1AMqgZVc%2FP8mokat3wWk3k%2BqQxCosZnI%2F5H%2B2ZRz876AQwd%2FZSXUx9tY2l74z4Q48gI%2Bkfb3zt1YX9Ne9OhT07xOrbw%3D%3D&RelayState=61d4155c5dc6acc4f323e1f56ff16ea3dd3c935b Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 6- https://link.zixcentral.com/filter HTTP 302
- https://anthedd.exterro.net/cryo/signin.exterro?sectionName=nyTZ2ho4sX8ALGhWT8A77Q==&custodianKey=eTKsAcjjhBsxdS2i5pdm3Aobc5lRt556npXF4SNSOfA=&complianceNoticeWebId=ucZjvTbgnTCxxBa91LLFYLRqF8A=&tin=YW50aGVkZA HTTP 302
- https://anthedd.exterro.net/exterrosso/saml/login?8Ozvola2vHEamWiq73btAw=FdJCCa-SWVyOMrsKTTZLxyUnIEnOpseKr_fkVOstfSrwKAdBmA-o-Hc29_Zk0gjkA7AoN3Pt0dPxLyeIkaMfksbdRgDReaB6x19tIEeYEsK7GOUM2BbSpP2uCs--RU_GZlcqJeVUZb3yfJvL6B0Z5ThtCT8fxogpQbolgbIWjN_NyBUouNjIKbCnUjx0_t5X6jjekilqCCANTwLdu9HLuSqX4kQI3VgpvUvuWa-vTplEcSSYVj1bqg7C64dnz_QMsHEw--p1eXdvJpUqWkHjJAZyTm-FxJh1mp1sNT-xJOI&idp=saml.anthem.com%3Aexterro&_y5lKDEfdYXdGmnMzf4VtA=rTR1dRS8OiZwkrEhN_iSjQ&VTDaf30ajOSP0K9y17kcWg=anthedd
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
qv0D1Ibi7BGkEGvQ8I9C_g
link.zixcentral.com/u/43b27d78/ |
3 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.css
link.zixcentral.com/css/ |
819 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ |
118 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.2.1.min.js
code.jquery.com/ |
85 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ |
36 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.png
link.zixcentral.com/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login
anthedd.exterro.net/exterrosso/saml/ Redirect Chain
|
6 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
SSO.saml2
securefed.antheminc.com/idp/ Redirect Chain
|
13 KB 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
mfa-main.css
securefed.antheminc.com/assets/css/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
anthem-icon.jpg
securefed.antheminc.com/assets/images/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
7d341610
securefed.antheminc.com/akam/13/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- securefed.antheminc.com
- URL
- https://securefed.antheminc.com/assets/css/mfa-main.css
- Domain
- securefed.antheminc.com
- URL
- https://securefed.antheminc.com/assets/images/anthem-icon.jpg
- Domain
- securefed.antheminc.com
- URL
- https://securefed.antheminc.com/akam/13/7d341610
Verdicts & Comments Add Verdict or Comment
7 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
anthedd.exterro.net/exterrosso/ | Name: SESSION Value: 92d1f049-dde3-4991-8d7e-c3a34e47c640 |
|
anthedd.exterro.net/exterrosso | Name: JSESSIONID Value: C82B47A6ED6BA8615F4E34E4B66C5203 |
|
link.zixcentral.com/ | Name: BIGipServer~ETP~link Value: !KUS+Ss0xpt0FEeZ9SUdMxUUdjcUbe+k+TBI6Enrv7b2O2qjfw7PTXpBxVy9MAMCNnUcahfJ4wuoItw8= |
|
anthedd.exterro.net/ | Name: JSESSIONID Value: 1E7E8A4FA4D5F900F77BB0D9E4A2F480 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
anthedd.exterro.net
code.jquery.com
link.zixcentral.com
maxcdn.bootstrapcdn.com
secure-gateway.antheminc.com
securefed.antheminc.com
securefed.antheminc.com
162.95.221.235
199.30.234.131
2001:4de0:ac18::1:a:1a
2600:9000:2156:2400:11:c0ce:ab40:93a1
2606:4700::6812:acf
95.101.22.154
0168c4dfc58a529baa6f03a90b9f42c7324ddece9bc9c58cd5e75c37e9568ce3
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
85426d6b37f755a882ad3792a39ed9d5207d6091ad17e31ab980f878060e23c8
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8c52987fbc48500c2a81bd52f81d44324e31e7ecadbebd111a02f912be232cfd
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c