urlscan.io logo urlscan.io
SecurityTrails logo

securefed.antheminc.com Open in urlscan Pro
95.101.22.154  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://link.zixcentral.com/u/43b27d78/qv0D1Ibi7BGkEGvQ8I9C_g?u=https%3A%2F%2Fanthedd.exterro.net%2Fcryo%2Fsignin.exterro%3F...
Effective URL: https://securefed.antheminc.com/idp/SSO.saml2?SAMLRequest=fZBBa4QwEIXv%2Bysk9zUxtbshqCB4EVq61NJDL5KN4xrQxGYi9Oc3aw%2FtqXOYw%2FDm...
Submission: On June 02 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 11 HTTP transactions. The main IP is 95.101.22.154, located in and belongs to . The main domain is securefed.antheminc.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on April 6th 2022. Valid for: a year.
This is the only time securefed.antheminc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 199.30.234.131 13380 (ASN-CUST)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2001:4de0:ac1... 20446 (STACKPATH...)
1 2 2600:9000:215... 16509 (AMAZON-02)
4 4 162.95.221.235 ()
1 95.101.22.154 ()
11 6
4    199.30.234.131 (United States)

ASN13380 (ASN-CUST, US)
link.zixcentral.com
2    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
2    2600:9000:2156:2400:11:c0ce:ab40:93a1 (United States)

ASN16509 (AMAZON-02, US)
anthedd.exterro.net
4    162.95.221.235 (None, )

ASN- ()
secure-gateway.antheminc.com
1    95.101.22.154 (None, )

ASN- ()
securefed.antheminc.com
Apex Domain
Subdomains		 Transfer
5 antheminc.com
secure-gateway.antheminc.com
securefed.antheminc.com
5 KB
4 zixcentral.com
link.zixcentral.com — Cisco Umbrella Rank: 64462
8 KB
2 exterro.net
anthedd.exterro.net
8 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 671
31 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 624
30 KB
11 5
Domain Requested by
4 secure-gateway.antheminc.com 4 redirects
4 link.zixcentral.com 1 redirects link.zixcentral.com
2 anthedd.exterro.net 1 redirects
2 maxcdn.bootstrapcdn.com link.zixcentral.com
1 securefed.antheminc.com securefed.antheminc.com
1 code.jquery.com link.zixcentral.com
11 6

This site contains no links.

Subject Issuer Validity Valid
*.zixcentral.com
Entrust Certification Authority - L1K		 2022-02-02 -
2023-03-01		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-01-29 -
2023-01-29		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
*.exterro.net
Amazon		 2021-10-31 -
2022-11-28		 a year crt.sh
securefed-ak.anthem.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-06 -
2023-04-06		 a year crt.sh

This page contains 1 frames:

Primary Page: https://securefed.antheminc.com/idp/SSO.saml2?SAMLRequest=fZBBa4QwEIXv%2Bysk9zUxtbshqCB4EVq61NJDL5KN4xrQxGYi9Oc3aw%2FtqXOYw%2FDmzfumqLcw2Vf43ABD0sRmrArG2ZJMIawoKUXQm4cRhlTZMMFirE61W6gZVtp1LymqZeYkaZuS9LkYsod8ZEpkehw1iJwJlj3mw%2Fk6Cg5aXNldirhBazFEw5JwxvmRnY6Mv2UnyZjk5w%2BSvIPHPQZPGUm%2BltliSTZvpVNoUFq1AMqgZVc%2FP8mokat3wWk3k%2BqQxCosZnI%2F5H%2B2ZRz876AQwd%2FZSXUx9tY2l74z4Q48gI%2Bkfb3zt1YX9Ne9OhT07xOrbw%3D%3D&RelayState=61d4155c5dc6acc4f323e1f56ff16ea3dd3c935b
Frame ID: 6CF8B153D495B98F2CAABF85BF452689
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://link.zixcentral.com/u/43b27d78/qv0D1Ibi7BGkEGvQ8I9C_g?u=https%3A%2F%2Fanthedd.exterro.net%2Fcryo... Page URL
  2. https://link.zixcentral.com/filter HTTP 302
    https://anthedd.exterro.net/cryo/signin.exterro?sectionName=nyTZ2ho4sX8ALGhWT8A77Q==&custodianKey=eTKsAc... HTTP 302
    https://anthedd.exterro.net/exterrosso/saml/login?8Ozvola2vHEamWiq73btAw=FdJCCa-SWVyOMrsKTTZLxyUnIEnOpse... Page URL
  3. https://secure-gateway.antheminc.com/affwebservices/public/saml2sso HTTP 302
    https://secure-gateway.antheminc.com/siteminderagent/redirectjsp/redirect.jsp?AS=Kerberos&SMPORTALURL=https%3A%2F... HTTP 302
    https://secure-gateway.antheminc.com/login/PingIDP_AnthemInc_SSO.jsp?TYPE=33554433&REALMOID=06-000d0f5a-e9f5-1b92... HTTP 302
    https://secure-gateway.antheminc.com/affwebservices/public/saml2authnrequest?ProviderID=AnthemInc&RelayState=HTTP... HTTP 302
    https://securefed.antheminc.com/idp/SSO.saml2?SAMLRequest=fZBBa4QwEIXv%2Bysk9zUxtbshqCB4EVq61NJDL5KN4xrQxGYi... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

11
Requests

73 %
HTTPS

50 %
IPv6

5
Domains

6
Subdomains

6
IPs

2
Countries

74 kB
Transfer

265 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://link.zixcentral.com/u/43b27d78/qv0D1Ibi7BGkEGvQ8I9C_g?u=https%3A%2F%2Fanthedd.exterro.net%2Fcryo%2Fsignin.exterro%3FsectionName%3DnyTZ2ho4sX8ALGhWT8A77Q%3D%3D%26custodianKey%3DeTKsAcjjhBsxdS2i5pdm3Aobc5lRt556npXF4SNSOfA%3D%26complianceNoticeWebId%3DucZjvTbgnTCxxBa91LLFYLRqF8A%3D%26tin%3DYW50aGVkZA Page URL
  2. https://link.zixcentral.com/filter HTTP 302
    https://anthedd.exterro.net/cryo/signin.exterro?sectionName=nyTZ2ho4sX8ALGhWT8A77Q==&custodianKey=eTKsAcjjhBsxdS2i5pdm3Aobc5lRt556npXF4SNSOfA=&complianceNoticeWebId=ucZjvTbgnTCxxBa91LLFYLRqF8A=&tin=YW50aGVkZA HTTP 302
    https://anthedd.exterro.net/exterrosso/saml/login?8Ozvola2vHEamWiq73btAw=FdJCCa-SWVyOMrsKTTZLxyUnIEnOpseKr_fkVOstfSrwKAdBmA-o-Hc29_Zk0gjkA7AoN3Pt0dPxLyeIkaMfksbdRgDReaB6x19tIEeYEsK7GOUM2BbSpP2uCs--RU_GZlcqJeVUZb3yfJvL6B0Z5ThtCT8fxogpQbolgbIWjN_NyBUouNjIKbCnUjx0_t5X6jjekilqCCANTwLdu9HLuSqX4kQI3VgpvUvuWa-vTplEcSSYVj1bqg7C64dnz_QMsHEw--p1eXdvJpUqWkHjJAZyTm-FxJh1mp1sNT-xJOI&idp=saml.anthem.com%3Aexterro&_y5lKDEfdYXdGmnMzf4VtA=rTR1dRS8OiZwkrEhN_iSjQ&VTDaf30ajOSP0K9y17kcWg=anthedd Page URL
  3. https://secure-gateway.antheminc.com/affwebservices/public/saml2sso HTTP 302
    https://secure-gateway.antheminc.com/siteminderagent/redirectjsp/redirect.jsp?AS=Kerberos&SMPORTALURL=https%3A%2F%2Fsecure-gateway.antheminc.com%2Faffwebservices%2Fpublic%2Fsaml2sso&SAMLTRANSACTIONID=2da02a62-43385804-a793f9e9-071b8251-81493c5f-a6 HTTP 302
    https://secure-gateway.antheminc.com/login/PingIDP_AnthemInc_SSO.jsp?TYPE=33554433&REALMOID=06-000d0f5a-e9f5-1b92-b255-180b1ee60000&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-t64kPwqhr4EIRX7%2bG7yxK0b2iMawKmUW0GqGV%2fbAqCRu48mDg%2bJJc8KlrtKF6HiA&TARGET=-SM-HTTPS%3a%2f%2fsecure--gateway%2eantheminc%2ecom%2fsiteminderagent%2fredirectjsp%2fredirect%2ejsp%3fAS%3dKerberos%26SMPORTALURL%3dhttps-%3A-%2F-%2Fsecure--gateway%2eantheminc%2ecom-%2Faffwebservices-%2Fpublic-%2Fsaml2sso%26SAMLTRANSACTIONID%3d2da02a62--43385804--a793f9e9--071b8251--81493c5f--a6 HTTP 302
    https://secure-gateway.antheminc.com/affwebservices/public/saml2authnrequest?ProviderID=AnthemInc&RelayState=HTTPS%3A%2F%2Fsecure-gateway.antheminc.com%2Fsiteminderagent%2Fredirectjsp%2Fredirect.jsp%3FAS%3DKerberos%26SMPORTALURL%3Dhttps%253A%252F%252Fsecure-gateway.antheminc.com%252Faffwebservices%252Fpublic%252Fsaml2sso%26SAMLTRANSACTIONID%3D2da02a62-43385804-a793f9e9-071b8251-81493c5f-a6 HTTP 302
    https://securefed.antheminc.com/idp/SSO.saml2?SAMLRequest=fZBBa4QwEIXv%2Bysk9zUxtbshqCB4EVq61NJDL5KN4xrQxGYi9Oc3aw%2FtqXOYw%2FDmzfumqLcw2Vf43ABD0sRmrArG2ZJMIawoKUXQm4cRhlTZMMFirE61W6gZVtp1LymqZeYkaZuS9LkYsod8ZEpkehw1iJwJlj3mw%2Fk6Cg5aXNldirhBazFEw5JwxvmRnY6Mv2UnyZjk5w%2BSvIPHPQZPGUm%2BltliSTZvpVNoUFq1AMqgZVc%2FP8mokat3wWk3k%2BqQxCosZnI%2F5H%2B2ZRz876AQwd%2FZSXUx9tY2l74z4Q48gI%2Bkfb3zt1YX9Ne9OhT07xOrbw%3D%3D&RelayState=61d4155c5dc6acc4f323e1f56ff16ea3dd3c935b Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://link.zixcentral.com/filter HTTP 302
  • https://anthedd.exterro.net/cryo/signin.exterro?sectionName=nyTZ2ho4sX8ALGhWT8A77Q==&custodianKey=eTKsAcjjhBsxdS2i5pdm3Aobc5lRt556npXF4SNSOfA=&complianceNoticeWebId=ucZjvTbgnTCxxBa91LLFYLRqF8A=&tin=YW50aGVkZA HTTP 302
  • https://anthedd.exterro.net/exterrosso/saml/login?8Ozvola2vHEamWiq73btAw=FdJCCa-SWVyOMrsKTTZLxyUnIEnOpseKr_fkVOstfSrwKAdBmA-o-Hc29_Zk0gjkA7AoN3Pt0dPxLyeIkaMfksbdRgDReaB6x19tIEeYEsK7GOUM2BbSpP2uCs--RU_GZlcqJeVUZb3yfJvL6B0Z5ThtCT8fxogpQbolgbIWjN_NyBUouNjIKbCnUjx0_t5X6jjekilqCCANTwLdu9HLuSqX4kQI3VgpvUvuWa-vTplEcSSYVj1bqg7C64dnz_QMsHEw--p1eXdvJpUqWkHjJAZyTm-FxJh1mp1sNT-xJOI&idp=saml.anthem.com%3Aexterro&_y5lKDEfdYXdGmnMzf4VtA=rTR1dRS8OiZwkrEhN_iSjQ&VTDaf30ajOSP0K9y17kcWg=anthedd

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
qv0D1Ibi7BGkEGvQ8I9C_g
link.zixcentral.com/u/43b27d78/ 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://link.zixcentral.com/u/43b27d78/qv0D1Ibi7BGkEGvQ8I9C_g?u=https%3A%2F%2Fanthedd.exterro.net%2Fcryo%2Fsignin.exterro%3FsectionName%3DnyTZ2ho4sX8ALGhWT8A77Q%3D%3D%26custodianKey%3DeTKsAcjjhBsxdS2i5pdm3Aobc5lRt556npXF4SNSOfA%3D%26complianceNoticeWebId%3DucZjvTbgnTCxxBa91LLFYLRqF8A%3D%26tin%3DYW50aGVkZA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.30.234.131 , United States, ASN13380 (ASN-CUST, US),
Reverse DNS
Software
nginx /
Resource Hash
85426d6b37f755a882ad3792a39ed9d5207d6091ad17e31ab980f878060e23c8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Length
2899
Content-Type
text/html; charset=utf-8
Date
Thu, 02 Jun 2022 16:00:23 GMT
Server
nginx
app.css
link.zixcentral.com/css/ 		819 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://link.zixcentral.com/css/app.css?v=1
Requested by
Host: link.zixcentral.com
URL: https://link.zixcentral.com/u/43b27d78/qv0D1Ibi7BGkEGvQ8I9C_g?u=https%3A%2F%2Fanthedd.exterro.net%2Fcryo%2Fsignin.exterro%3FsectionName%3DnyTZ2ho4sX8ALGhWT8A77Q%3D%3D%26custodianKey%3DeTKsAcjjhBsxdS2i5pdm3Aobc5lRt556npXF4SNSOfA%3D%26complianceNoticeWebId%3DucZjvTbgnTCxxBa91LLFYLRqF8A%3D%26tin%3DYW50aGVkZA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.30.234.131 , United States, ASN13380 (ASN-CUST, US),
Reverse DNS
Software
nginx /
Resource Hash
8c52987fbc48500c2a81bd52f81d44324e31e7ecadbebd111a02f912be232cfd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://link.zixcentral.com/u/43b27d78/qv0D1Ibi7BGkEGvQ8I9C_g?u=https%3A%2F%2Fanthedd.exterro.net%2Fcryo%2Fsignin.exterro%3FsectionName%3DnyTZ2ho4sX8ALGhWT8A77Q%3D%3D%26custodianKey%3DeTKsAcjjhBsxdS2i5pdm3Aobc5lRt556npXF4SNSOfA%3D%26complianceNoticeWebId%3DucZjvTbgnTCxxBa91LLFYLRqF8A%3D%26tin%3DYW50aGVkZA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Thu, 02 Jun 2022 16:00:23 GMT
Last-Modified
Thu, 11 Jun 2020 18:56:49 GMT
Server
nginx
ETag
"5ee27e71-333"
Content-Type
text/css
Cache-Control
max-age
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
819
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: link.zixcentral.com
URL: https://link.zixcentral.com/u/43b27d78/qv0D1Ibi7BGkEGvQ8I9C_g?u=https%3A%2F%2Fanthedd.exterro.net%2Fcryo%2Fsignin.exterro%3FsectionName%3DnyTZ2ho4sX8ALGhWT8A77Q%3D%3D%26custodianKey%3DeTKsAcjjhBsxdS2i5pdm3Aobc5lRt556npXF4SNSOfA%3D%26complianceNoticeWebId%3DucZjvTbgnTCxxBa91LLFYLRqF8A%3D%26tin%3DYW50aGVkZA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://link.zixcentral.com/
Origin
https://link.zixcentral.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 16:00:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
632, 617, 617, 617
age
555714
cdn-cachedat
2021-06-08 21:21:23
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
35936fa0ea604514eb6c6d61a03a76fe
cf-ray
715166d13dfc9bac-FRA
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
jquery-3.2.1.min.js
code.jquery.com/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.2.1.min.js
Requested by
Host: link.zixcentral.com
URL: https://link.zixcentral.com/u/43b27d78/qv0D1Ibi7BGkEGvQ8I9C_g?u=https%3A%2F%2Fanthedd.exterro.net%2Fcryo%2Fsignin.exterro%3FsectionName%3DnyTZ2ho4sX8ALGhWT8A77Q%3D%3D%26custodianKey%3DeTKsAcjjhBsxdS2i5pdm3Aobc5lRt556npXF4SNSOfA%3D%26complianceNoticeWebId%3DucZjvTbgnTCxxBa91LLFYLRqF8A%3D%26tin%3DYW50aGVkZA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

Referer
https://link.zixcentral.com/
Origin
https://link.zixcentral.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 16:00:23 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-15283"
vary
Accept-Encoding
x-hw
1654185623.dop232.fr8.t,1654185623.cds108.fr8.hn,1654185623.cds133.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30125
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
Requested by
Host: link.zixcentral.com
URL: https://link.zixcentral.com/u/43b27d78/qv0D1Ibi7BGkEGvQ8I9C_g?u=https%3A%2F%2Fanthedd.exterro.net%2Fcryo%2Fsignin.exterro%3FsectionName%3DnyTZ2ho4sX8ALGhWT8A77Q%3D%3D%26custodianKey%3DeTKsAcjjhBsxdS2i5pdm3Aobc5lRt556npXF4SNSOfA%3D%26complianceNoticeWebId%3DucZjvTbgnTCxxBa91LLFYLRqF8A%3D%26tin%3DYW50aGVkZA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://link.zixcentral.com/
Origin
https://link.zixcentral.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 16:00:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
755
age
8110456
cdn-cachedat
12/13/2021 20:18:53
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver
1.02
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:00 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
6163d86e684c8de121b05ad0df39429f
cf-ray
715166d13dfe9bac-FRA
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
logo.png
link.zixcentral.com/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://link.zixcentral.com/logo.png
Requested by
Host: link.zixcentral.com
URL: https://link.zixcentral.com/u/43b27d78/qv0D1Ibi7BGkEGvQ8I9C_g?u=https%3A%2F%2Fanthedd.exterro.net%2Fcryo%2Fsignin.exterro%3FsectionName%3DnyTZ2ho4sX8ALGhWT8A77Q%3D%3D%26custodianKey%3DeTKsAcjjhBsxdS2i5pdm3Aobc5lRt556npXF4SNSOfA%3D%26complianceNoticeWebId%3DucZjvTbgnTCxxBa91LLFYLRqF8A%3D%26tin%3DYW50aGVkZA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.30.234.131 , United States, ASN13380 (ASN-CUST, US),
Reverse DNS
Software
nginx /
Resource Hash
0168c4dfc58a529baa6f03a90b9f42c7324ddece9bc9c58cd5e75c37e9568ce3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://link.zixcentral.com/u/43b27d78/qv0D1Ibi7BGkEGvQ8I9C_g?u=https%3A%2F%2Fanthedd.exterro.net%2Fcryo%2Fsignin.exterro%3FsectionName%3DnyTZ2ho4sX8ALGhWT8A77Q%3D%3D%26custodianKey%3DeTKsAcjjhBsxdS2i5pdm3Aobc5lRt556npXF4SNSOfA%3D%26complianceNoticeWebId%3DucZjvTbgnTCxxBa91LLFYLRqF8A%3D%26tin%3DYW50aGVkZA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Thu, 02 Jun 2022 16:00:23 GMT
Cache-Control
no-cache
Server
nginx
Connection
keep-alive
Content-Length
2916
Content-Type
image/png
login
anthedd.exterro.net/exterrosso/saml/
Redirect Chain
  • https://link.zixcentral.com/filter
  • https://anthedd.exterro.net/cryo/signin.exterro?sectionName=nyTZ2ho4sX8ALGhWT8A77Q==&custodianKey=eTKsAcjjhBsxdS2i5pdm3Aobc5lRt556npXF4SNSOfA=&complianceNoticeWebId=ucZjvTbgnTCxxBa91LLFYLRqF8A=&tin...
  • https://anthedd.exterro.net/exterrosso/saml/login?8Ozvola2vHEamWiq73btAw=FdJCCa-SWVyOMrsKTTZLxyUnIEnOpseKr_fkVOstfSrwKAdBmA-o-Hc29_Zk0gjkA7AoN3Pt0dPxLyeIkaMfksbdRgDReaB6x19tIEeYEsK7GOUM2BbSpP2uCs--...
6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://anthedd.exterro.net/exterrosso/saml/login?8Ozvola2vHEamWiq73btAw=FdJCCa-SWVyOMrsKTTZLxyUnIEnOpseKr_fkVOstfSrwKAdBmA-o-Hc29_Zk0gjkA7AoN3Pt0dPxLyeIkaMfksbdRgDReaB6x19tIEeYEsK7GOUM2BbSpP2uCs--RU_GZlcqJeVUZb3yfJvL6B0Z5ThtCT8fxogpQbolgbIWjN_NyBUouNjIKbCnUjx0_t5X6jjekilqCCANTwLdu9HLuSqX4kQI3VgpvUvuWa-vTplEcSSYVj1bqg7C64dnz_QMsHEw--p1eXdvJpUqWkHjJAZyTm-FxJh1mp1sNT-xJOI&idp=saml.anthem.com%3Aexterro&_y5lKDEfdYXdGmnMzf4VtA=rTR1dRS8OiZwkrEhN_iSjQ&VTDaf30ajOSP0K9y17kcWg=anthedd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:2400:11:c0ce:ab40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://link.zixcentral.com
Referer
https://link.zixcentral.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store
content-type
text/html;charset=UTF-8
date
Thu, 02 Jun 2022 16:00:25 GMT
expires
0
pragma
no-cache
strict-transport-security
max-age=31536000 ; includeSubDomains
via
1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
x-amz-cf-id
-VVwdDJDk5ZurNJF3Wmn9FDboy7rC8YqFNQJYYhKwzmYSbL1rWzX0g==
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block

Redirect headers

access-control-allow-origin
https://link.zixcentral.com/
cache-control
no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src 'self' blob:; object-src 'self' blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.newrelic.com *.nr-data.net blob:; connect-src 'self' *.nr-data.net blob:; img-src 'self' data: blob:; style-src 'self' 'unsafe-inline' 'unsafe-eval' ; child-src 'self' ; worker-src 'self' blob:; font-src 'self' data:
date
Thu, 02 Jun 2022 16:00:25 GMT
location
https://anthedd.exterro.net/exterrosso/saml/login?8Ozvola2vHEamWiq73btAw=FdJCCa-SWVyOMrsKTTZLxyUnIEnOpseKr_fkVOstfSrwKAdBmA-o-Hc29_Zk0gjkA7AoN3Pt0dPxLyeIkaMfksbdRgDReaB6x19tIEeYEsK7GOUM2BbSpP2uCs--RU_GZlcqJeVUZb3yfJvL6B0Z5ThtCT8fxogpQbolgbIWjN_NyBUouNjIKbCnUjx0_t5X6jjekilqCCANTwLdu9HLuSqX4kQI3VgpvUvuWa-vTplEcSSYVj1bqg7C64dnz_QMsHEw--p1eXdvJpUqWkHjJAZyTm-FxJh1mp1sNT-xJOI&idp=saml.anthem.com%3Aexterro&_y5lKDEfdYXdGmnMzf4VtA=rTR1dRS8OiZwkrEhN_iSjQ&VTDaf30ajOSP0K9y17kcWg=anthedd
pragma
no-catch
server
Exterro Fusion
strict-transport-security
max-age=63072000; includeSubdomains;
via
1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
x-amz-cf-id
ARyVvBh3-TWnP0_2FfN5SbQEPSpE8H7nZ-QbyW-LZ1eLxoVT6X07dQ==
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
Primary Request SSO.saml2
securefed.antheminc.com/idp/
Redirect Chain
  • https://secure-gateway.antheminc.com/affwebservices/public/saml2sso
  • https://secure-gateway.antheminc.com/siteminderagent/redirectjsp/redirect.jsp?AS=Kerberos&SMPORTALURL=https%3A%2F%2Fsecure-gateway.antheminc.com%2Faffwebservices%2Fpublic%2Fsaml2sso&SAMLTRANSACTION...
  • https://secure-gateway.antheminc.com/login/PingIDP_AnthemInc_SSO.jsp?TYPE=33554433&REALMOID=06-000d0f5a-e9f5-1b92-b255-180b1ee60000&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-t64kPwqhr4EIRX7%2...
  • https://secure-gateway.antheminc.com/affwebservices/public/saml2authnrequest?ProviderID=AnthemInc&RelayState=HTTPS%3A%2F%2Fsecure-gateway.antheminc.com%2Fsiteminderagent%2Fredirectjsp%2Fredirect.js...
  • https://securefed.antheminc.com/idp/SSO.saml2?SAMLRequest=fZBBa4QwEIXv%2Bysk9zUxtbshqCB4EVq61NJDL5KN4xrQxGYi9Oc3aw%2FtqXOYw%2FDmzfumqLcw2Vf43ABD0sRmrArG2ZJMIawoKUXQm4cRhlTZMMFirE61W6gZVtp1LymqZeYka...
13 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://securefed.antheminc.com/idp/SSO.saml2?SAMLRequest=fZBBa4QwEIXv%2Bysk9zUxtbshqCB4EVq61NJDL5KN4xrQxGYi9Oc3aw%2FtqXOYw%2FDmzfumqLcw2Vf43ABD0sRmrArG2ZJMIawoKUXQm4cRhlTZMMFirE61W6gZVtp1LymqZeYkaZuS9LkYsod8ZEpkehw1iJwJlj3mw%2Fk6Cg5aXNldirhBazFEw5JwxvmRnY6Mv2UnyZjk5w%2BSvIPHPQZPGUm%2BltliSTZvpVNoUFq1AMqgZVc%2FP8mokat3wWk3k%2BqQxCosZnI%2F5H%2B2ZRz876AQwd%2FZSXUx9tY2l74z4Q48gI%2Bkfb3zt1YX9Ne9OhT07xOrbw%3D%3D&RelayState=61d4155c5dc6acc4f323e1f56ff16ea3dd3c935b
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.22.154 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://anthedd.exterro.net
Referer
https://anthedd.exterro.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store
content-encoding
gzip
content-length
3684
content-type
text/html;charset=utf-8
date
Thu, 02 Jun 2022 16:00:27 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
referrer-policy
origin
strict-transport-security
max-age=31536000 ; includeSubDomains
vary
Accept-Encoding
x-akamai-transformed
9 11869 0 pmb=mTOE,2mRUM,1

Redirect headers

Access-Control-Allow-Headers
x-requested-with, Content-Type, origin, authorization, accept, SMCHALLENGE, meta-flow, meta-brandcd
Access-Control-Allow-Method
POST, GET, OPTIONS, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Max-Age
1000
Connection
Keep-Alive
Date
Thu, 02 Jun 2022 16:00:23 GMT
Keep-Alive
timeout=5, max=97
Location
https://securefed.antheminc.com/idp/SSO.saml2?SAMLRequest=fZBBa4QwEIXv%2Bysk9zUxtbshqCB4EVq61NJDL5KN4xrQxGYi9Oc3aw%2FtqXOYw%2FDmzfumqLcw2Vf43ABD0sRmrArG2ZJMIawoKUXQm4cRhlTZMMFirE61W6gZVtp1LymqZeYkaZuS9LkYsod8ZEpkehw1iJwJlj3mw%2Fk6Cg5aXNldirhBazFEw5JwxvmRnY6Mv2UnyZjk5w%2BSvIPHPQZPGUm%2BltliSTZvpVNoUFq1AMqgZVc%2FP8mokat3wWk3k%2BqQxCosZnI%2F5H%2B2ZRz876AQwd%2FZSXUx9tY2l74z4Q48gI%2Bkfb3zt1YX9Ne9OhT07xOrbw%3D%3D&RelayState=61d4155c5dc6acc4f323e1f56ff16ea3dd3c935b
Server
Apache/2.4.53 (Unix) OpenSSL/1.0.2za-fips mod_jk/1.2.48
Strict-Transport-Security
max-age=63072000; includeSubDomains
Transfer-Encoding
chunked
mfa-main.css
securefed.antheminc.com/assets/css/ 		0
0
anthem-icon.jpg
securefed.antheminc.com/assets/images/ 		0
0
7d341610
securefed.antheminc.com/akam/13/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
securefed.antheminc.com
URL
https://securefed.antheminc.com/assets/css/mfa-main.css
Domain
securefed.antheminc.com
URL
https://securefed.antheminc.com/assets/images/anthem-icon.jpg
Domain
securefed.antheminc.com
URL
https://securefed.antheminc.com/akam/13/7d341610

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation

4 Cookies

Domain/Path Name / Value
anthedd.exterro.net/exterrosso/ Name: SESSION
Value: 92d1f049-dde3-4991-8d7e-c3a34e47c640
anthedd.exterro.net/exterrosso Name: JSESSIONID
Value: C82B47A6ED6BA8615F4E34E4B66C5203
link.zixcentral.com/ Name: BIGipServer~ETP~link
Value: !KUS+Ss0xpt0FEeZ9SUdMxUUdjcUbe+k+TBI6Enrv7b2O2qjfw7PTXpBxVy9MAMCNnUcahfJ4wuoItw8=
anthedd.exterro.net/ Name: JSESSIONID
Value: 1E7E8A4FA4D5F900F77BB0D9E4A2F480