sso.rhisac.org
Open in
urlscan Pro
85.222.140.11
Public Scan
Effective URL: https://sso.rhisac.org/s/login/?ec=302&inst=5a&startURL=%2Fidp%2Flogin%3Fapp%3D0sp2L0000000AJV%26RelayState%3Da2f4bf7f-...
Submission: On October 16 via manual from IN — Scanned from DE
Summary
TLS certificate: Issued by Starfield Secure Certificate Authorit... on January 31st 2023. Valid for: a year.
This is the only time sso.rhisac.org was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 2 | 34.225.242.50 34.225.242.50 | 14618 (AMAZON-AES) (AMAZON-AES) | |
2 10 | 85.222.140.11 85.222.140.11 | 14340 (SALESFORCE) (SALESFORCE) | |
3 | 2a00:1450:400... 2a00:1450:4001:813::2008 | () () | |
16 | 4 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-242-50.compute-1.amazonaws.com
community.rhisac.org |
ASN14340 (SALESFORCE, US)
PTR: sledge3-fra.slb.sfdcsvc.net
sso.rhisac.org |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
rhisac.org
3 redirects
community.rhisac.org sso.rhisac.org |
465 KB |
3 |
googletagmanager.com
www.googletagmanager.com |
240 KB |
0 |
doubleclick.net
Failed
googleads.g.doubleclick.net Failed |
|
0 |
feathr.co
Failed
cdn.feathr.co Failed |
|
0 |
facebook.net
Failed
connect.facebook.net Failed |
|
0 |
licdn.com
Failed
snap.licdn.com Failed |
|
16 | 6 |
Domain | Requested by | |
---|---|---|
10 | sso.rhisac.org |
2 redirects
sso.rhisac.org
|
3 | www.googletagmanager.com |
sso.rhisac.org
www.googletagmanager.com |
2 | community.rhisac.org | 1 redirects |
0 | googleads.g.doubleclick.net Failed |
www.googletagmanager.com
|
0 | cdn.feathr.co Failed |
community.rhisac.org
|
0 | connect.facebook.net Failed |
community.rhisac.org
|
0 | snap.licdn.com Failed |
www.googletagmanager.com
|
16 | 7 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
community.rhisac.org R3 |
2023-09-15 - 2023-12-14 |
3 months | crt.sh |
sso.rhisac.org Starfield Secure Certificate Authority - G2 |
2023-01-31 - 2024-01-24 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-09-18 - 2023-12-11 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://sso.rhisac.org/s/login/?ec=302&inst=5a&startURL=%2Fidp%2Flogin%3Fapp%3D0sp2L0000000AJV%26RelayState%3Da2f4bf7f-043c-4f3a-8e4c-686a91a512b6%26binding%3DHttpPost%26inresponseto%3D_8718785a-92c3-4f1e-b4ef-d4548f212ddf
Frame ID: 97D7C003350C5F49A855156A879B71F9
Requests: 16 HTTP requests in this frame
Screenshot
Page Title
Login Template TitlePage URL History Show full URLs
-
https://community.rhisac.org/discussion/misp-configuration
HTTP 302
https://community.rhisac.org/HigherLogic/Security/SAML/localSAMLLoginService.aspx?ReturnUrl=https%3a%2f%2... Page URL
-
https://sso.rhisac.org/idp/endpoint/HttpPost?saml=2&url=https%3a%2f%2fcommunity.rhisac.org%2fhigher...
HTTP 302
https://sso.rhisac.org/idp/login?app=0sp2L0000000AJV&RelayState=a2f4bf7f-043c-4f3a-8e4c-686a91a512b... Page URL
-
https://sso.rhisac.org/s/login?ec=302&inst=5a&startURL=%2Fidp%2Flogin%3Fapp%3D0sp2L0000000AJV%26Rel...
HTTP 302
https://sso.rhisac.org/s/login/?ec=302&inst=5a&startURL=%2Fidp%2Flogin%3Fapp%3D0sp2L0000000AJV%26Re... Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- <!-- (?:End )?Google Tag Manager -->
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://community.rhisac.org/discussion/misp-configuration
HTTP 302
https://community.rhisac.org/HigherLogic/Security/SAML/localSAMLLoginService.aspx?ReturnUrl=https%3a%2f%2fcommunity.rhisac.org%2fdiscussion%2fmisp-configuration Page URL
-
https://sso.rhisac.org/idp/endpoint/HttpPost?saml=2&url=https%3a%2f%2fcommunity.rhisac.org%2fhigherlogic%2fsecurity%2fsaml%2flocalassertionconsumerservice.aspx&relaystate=a2f4bf7f-043c-4f3a-8e4c-686a91a512b6&binding=urn%3aoasis%3anames%3atc%3aSAML%3a2.0%3abindings%3aHTTP-POST
HTTP 302
https://sso.rhisac.org/idp/login?app=0sp2L0000000AJV&RelayState=a2f4bf7f-043c-4f3a-8e4c-686a91a512b6&binding=HttpPost&inresponseto=_8718785a-92c3-4f1e-b4ef-d4548f212ddf Page URL
-
https://sso.rhisac.org/s/login?ec=302&inst=5a&startURL=%2Fidp%2Flogin%3Fapp%3D0sp2L0000000AJV%26RelayState%3Da2f4bf7f-043c-4f3a-8e4c-686a91a512b6%26binding%3DHttpPost%26inresponseto%3D_8718785a-92c3-4f1e-b4ef-d4548f212ddf
HTTP 302
https://sso.rhisac.org/s/login/?ec=302&inst=5a&startURL=%2Fidp%2Flogin%3Fapp%3D0sp2L0000000AJV%26RelayState%3Da2f4bf7f-043c-4f3a-8e4c-686a91a512b6%26binding%3DHttpPost%26inresponseto%3D_8718785a-92c3-4f1e-b4ef-d4548f212ddf Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://community.rhisac.org/discussion/misp-configuration HTTP 302
- https://community.rhisac.org/HigherLogic/Security/SAML/localSAMLLoginService.aspx?ReturnUrl=https%3a%2f%2fcommunity.rhisac.org%2fdiscussion%2fmisp-configuration
- https://sso.rhisac.org/idp/endpoint/HttpPost?saml=2&url=https%3a%2f%2fcommunity.rhisac.org%2fhigherlogic%2fsecurity%2fsaml%2flocalassertionconsumerservice.aspx&relaystate=a2f4bf7f-043c-4f3a-8e4c-686a91a512b6&binding=urn%3aoasis%3anames%3atc%3aSAML%3a2.0%3abindings%3aHTTP-POST HTTP 302
- https://sso.rhisac.org/idp/login?app=0sp2L0000000AJV&RelayState=a2f4bf7f-043c-4f3a-8e4c-686a91a512b6&binding=HttpPost&inresponseto=_8718785a-92c3-4f1e-b4ef-d4548f212ddf
16 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
localSAMLLoginService.aspx
community.rhisac.org/HigherLogic/Security/SAML/ Redirect Chain
|
2 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login
sso.rhisac.org/idp/ Redirect Chain
|
734 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
sso.rhisac.org/s/login/ Redirect Chain
|
156 KB 37 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aura_prod.js
sso.rhisac.org/s/sfsites/auraFW/javascript/LU1oNENmckdVUXNqVGtLeG5odmktZ2Rkdk8xRWxIam5GeGw0LU1mRHRYQ3cyNDYuMTUuMS0zLjAuNA/ |
838 KB 262 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.js
sso.rhisac.org/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22serializationVersion%22%3A%221-246.15.1-3.0.4-b%22%2C%22parts%22%3A%22f%22%2C%22loaded%22%3A%7B%... |
2 MB 0 |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
229 KB 81 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fonts.css
sso.rhisac.org/s/sfsites/runtimedownload/ |
183 KB 135 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
resources.js
sso.rhisac.org/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22fwuid%22%3A%22LU1oNENmckdVUXNqVGtLeG5odmktZ2Rkdk8xRWxIam5GeGw0LU1mRHRYQ3cyNDYuMTUuMS0zLjAuNA%22%... |
5 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.js
sso.rhisac.org/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22fwuid%22%3A%22LU1oNENmckdVUXNqVGtLeG5odmktZ2Rkdk8xRWxIam5GeGw0LU1mRHRYQ3cyNDYuMTUuMS0zLjAuNA%22%... |
51 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
insight.min.js
snap.licdn.com/li.lms-analytics/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
fbevents.js
connect.facebook.net/en_US/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
boomerang.min.js
cdn.feathr.co/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
203 KB 73 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
254 KB 86 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/10794113588/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.css
sso.rhisac.org/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AloginApp2%22%3A%22bfwKHtiP7wknjzJIgmX... |
953 KB 0 |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- snap.licdn.com
- URL
- https://snap.licdn.com/li.lms-analytics/insight.min.js
- Domain
- connect.facebook.net
- URL
- https://connect.facebook.net/en_US/fbevents.js
- Domain
- cdn.feathr.co
- URL
- https://cdn.feathr.co/js/boomerang.min.js
- Domain
- googleads.g.doubleclick.net
- URL
- https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10794113588/?random=1697486041810&cv=11&fst=1697486041810&bg=ffffff&guid=ON&async=1>m=45be3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsso.rhisac.org%2Fs%2Flogin%2F%3Fec%3D302%26inst%3D5a%26startURL%3D%252Fidp%252Flogin%253Fapp%253D0sp2L0000000AJV%2526RelayState%253Da2f4bf7f-043c-4f3a-8e4c-686a91a512b6%2526binding%253DHttpPost%2526inresponseto%253D_8718785a-92c3-4f1e-b4ef-d4548f212ddf&ref=https%3A%2F%2Fsso.rhisac.org%2Fidp%2Flogin%3Fapp%3D0sp2L0000000AJV%26RelayState%3Da2f4bf7f-043c-4f3a-8e4c-686a91a512b6%26binding%3DHttpPost%26inresponseto%3D_8718785a-92c3-4f1e-b4ef-d4548f212ddf&hn=www.googleadservices.com&frm=0&tiba=Login%20Template%20Title&auid=1920854120.1697486042&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Verdicts & Comments Add Verdict or Comment
1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| dataLayer6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
sso.rhisac.org/s | Name: renderCtx Value: %7B%22pageId%22%3A%22d35d627b-e4c4-4a01-b75c-3b739e9e55aa%22%2C%22schema%22%3A%22Published%22%2C%22viewType%22%3A%22Published%22%2C%22brandingSetId%22%3A%22ece2a3c8-28da-4fd6-8aee-b714bc7852de%22%2C%22audienceIds%22%3A%22%22%7D |
|
community.rhisac.org/ | Name: ASP.NET_SessionId Value: r1kk0or4fmzhx0gwdehdpovx |
|
community.rhisac.org/ | Name: SSORedirectCount Value: 0 |
|
community.rhisac.org/ | Name: AWSALB Value: YeMoY10/NMfJPG0PRdG3Sux4JV2PXqK//23BmP/LMgBnAHcENxHwKRTDKQOhDQFA+eK0jQJx9LYaAbB5FOzEcHnb8DhBc8lUIzW6RUw0srwcv0WMbCT0OVoDjw63 |
|
sso.rhisac.org/ | Name: CookieConsentPolicy Value: 0:1 |
|
sso.rhisac.org/ | Name: LSKey-c$CookieConsentPolicy Value: 0:1 |
6 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.feathr.co
community.rhisac.org
connect.facebook.net
googleads.g.doubleclick.net
snap.licdn.com
sso.rhisac.org
www.googletagmanager.com
cdn.feathr.co
connect.facebook.net
googleads.g.doubleclick.net
snap.licdn.com
2a00:1450:4001:813::2008
34.225.242.50
85.222.140.11
1a0d6cd236c9a624ecd3693bbb53cbcd1df371deb906cdfd3b33ce89456f6d57
2e40b2f445f529cfce7eb18d95c70266061b562ea52f426761b505dc8a2736a4
2fa43fda760fbfb48eeb5502920472a982f49521225444c527409f4a134f9df2
372b0d5beb94e08cb5884cd2996de56fd86c890b4646d15b0261592d117f6cc8
4fe26bcac24a3fb3f8139e43d4c2a2dd45e6c9fbff40d93f771e8b462b06cc8f
5b7f9e8e8437a1b6d4a505d4701308820c216662182ad10705e1399138e28f11
9e37cbfbc9169e9a6851df1a3cd149a3c3cd68d1a1c29202eaa9a2c9bbae99c5
d0bf1f063c2ce31484b33a604f0a0138a4476762cbe760cf286a414eef950147
fcbcb07ad289c5d5cecf00abb024599890c3d8eb01432eaea5dfbc63376964cd