urlscan.io logo urlscan.io
SecurityTrails logo

id1.westernasset.com Open in urlscan Pro
199.192.133.205  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://wam.identitynow.com/ui/d/approvals
Effective URL: https://id1.westernasset.com/idp/SSO.saml2
Submission: On November 20 via manual from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 7 HTTP transactions. The main IP is 199.192.133.205, located in Pasadena, United States and belongs to CENTURYLINK-LEGACY-LVLT-203, US. The main domain is id1.westernasset.com.
TLS certificate: Issued by DigiCert Global G3 TLS ECC SHA384 202... on February 26th 2024. Valid for: a year.
This is the only time id1.westernasset.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 104.18.107.36 13335 (CLOUDFLAR...)
1 3 3.214.9.175 14618 (AMAZON-AES)
5 199.192.133.205 203 (CENTURYLI...)
7 2
Apex Domain
Subdomains		 Transfer
5 westernasset.com
id1.westernasset.com
201 KB
3 sailpoint.com
wam.login.sailpoint.com
3 KB
2 identitynow.com
wam.identitynow.com
1 KB
7 3
Domain Requested by
5 id1.westernasset.com id1.westernasset.com
3 wam.login.sailpoint.com 1 redirects
2 wam.identitynow.com 2 redirects
7 3

This site contains no links.

Subject Issuer Validity Valid
*.login.sailpoint.com
Amazon RSA 2048 M02		 2024-04-09 -
2025-05-07		 a year crt.sh
id1.westernasset.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2024-02-26 -
2025-03-25		 a year crt.sh

This page contains 1 frames:

Primary Page: https://id1.westernasset.com/idp/SSO.saml2
Frame ID: 87B81AFDC86146CEDE0B7992925250A2
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign On

Page URL History Show full URLs

  1. https://wam.identitynow.com/ui/d/approvals HTTP 302
    https://wam.identitynow.com/oauth/authorize/wam?brand=default HTTP 302
    https://wam.login.sailpoint.com/oauth/authorize?brand=default&response_type=code&redirect_uri=https%3A%2F%2F... HTTP 302
    https://wam.login.sailpoint.com/saml/login/alias/wam-sp?idp=urn:westernasset:saml2&relaystate=7feb3af7-6a6a-... Page URL
  2. https://id1.westernasset.com/idp/SSO.saml2 Page URL

Page Statistics

7
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

203 kB
Transfer

201 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://wam.identitynow.com/ui/d/approvals HTTP 302
    https://wam.identitynow.com/oauth/authorize/wam?brand=default HTTP 302
    https://wam.login.sailpoint.com/oauth/authorize?brand=default&response_type=code&redirect_uri=https%3A%2F%2Fwam.identitynow.com%2Foauth%2Fcallback&scope=sp%3Ascopes%3Aall&state=ItAZMkwcU14sZjDyDsJUzDo-kTVDmz56&client_id=sp-renderer HTTP 302
    https://wam.login.sailpoint.com/saml/login/alias/wam-sp?idp=urn:westernasset:saml2&relaystate=7feb3af7-6a6a-4bbf-8931-9dbcd7899443 Page URL
  2. https://id1.westernasset.com/idp/SSO.saml2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://wam.identitynow.com/ui/d/approvals HTTP 302
  • https://wam.identitynow.com/oauth/authorize/wam?brand=default HTTP 302
  • https://wam.login.sailpoint.com/oauth/authorize?brand=default&response_type=code&redirect_uri=https%3A%2F%2Fwam.identitynow.com%2Foauth%2Fcallback&scope=sp%3Ascopes%3Aall&state=ItAZMkwcU14sZjDyDsJUzDo-kTVDmz56&client_id=sp-renderer HTTP 302
  • https://wam.login.sailpoint.com/saml/login/alias/wam-sp?idp=urn:westernasset:saml2&relaystate=7feb3af7-6a6a-4bbf-8931-9dbcd7899443

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
wam-sp
wam.login.sailpoint.com/saml/login/alias/
Redirect Chain
  • https://wam.identitynow.com/ui/d/approvals
  • https://wam.identitynow.com/oauth/authorize/wam?brand=default
  • https://wam.login.sailpoint.com/oauth/authorize?brand=default&response_type=code&redirect_uri=https%3A%2F%2Fwam.identitynow.com%2Foauth%2Fcallback&scope=sp%3Ascopes%3Aall&state=ItAZMkwcU14sZjDyDsJU...
  • https://wam.login.sailpoint.com/saml/login/alias/wam-sp?idp=urn:westernasset:saml2&relaystate=7feb3af7-6a6a-4bbf-8931-9dbcd7899443
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wam.login.sailpoint.com/saml/login/alias/wam-sp?idp=urn:westernasset:saml2&relaystate=7feb3af7-6a6a-4bbf-8931-9dbcd7899443
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.214.9.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-9-175.compute-1.amazonaws.com
Software
nginx /
Resource Hash
5bea007e6fdff4c0883f24bb73f24e24b718f959684af26b81c9b8d2abe9c311
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-expose-headers
X-Content-Type-Options,Connection,Pragma,Date,X-Zuul-ServiceId,X-Frame-Options,Strict-Transport-Security,Cache-Control,Retry-After,Expires,SLPT-Request-ID,X-XSS-Protection,Content-Length,Content-Type
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Wed, 20 Nov 2024 15:05:47 GMT
server
nginx
slpt-request-id
16020d40ed954356867578fe4daa269a
strict-transport-security
max-age=31536000 ; includeSubDomains
vary
Accept-Encoding Origin Access-Control-Request-Method Access-Control-Request-Headers
x-robots-tag
none noindex

Redirect headers

access-control-expose-headers
X-Content-Type-Options,Connection,Pragma,Date,X-Zuul-ServiceId,X-Frame-Options,Strict-Transport-Security,Cache-Control,Retry-After,Set-Cookie,Expires,SLPT-Request-ID,X-XSS-Protection,Content-Length,Location
cache-control
no-cache, no-store, max-age=0, must-revalidate
date
Wed, 20 Nov 2024 15:05:47 GMT
location
https://wam.login.sailpoint.com/saml/login/alias/wam-sp?idp=urn:westernasset:saml2&relaystate=7feb3af7-6a6a-4bbf-8931-9dbcd7899443
server
nginx
slpt-request-id
ee182d64669840258196c7457dc7599d
strict-transport-security
max-age=31536000 ; includeSubDomains
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-robots-tag
none noindex
Primary Request SSO.saml2
id1.westernasset.com/idp/ 		10 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://id1.westernasset.com/idp/SSO.saml2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.192.133.205 Pasadena, United States, ASN203 (CENTURYLINK-LEGACY-LVLT-203, US),
Reverse DNS
id1.westernasset.com
Software
/
Resource Hash
7bc1e1219a9d7d5723d96fa7cd967794a20eb6ea7211bda34967870179365573
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://wam.login.sailpoint.com
Referer
https://wam.login.sailpoint.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Cache-Control
no-cache, no-store
Content-Length
10388
Content-Type
text/html;charset=utf-8
Date
Wed, 20 Nov 2024 15:05:48 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Referrer-Policy
origin
X-Frame-Options
SAMEORIGIN
favicon.ico
wam.login.sailpoint.com/ 		32 B
448 B 		Other
General
Check archive.org
Download Go to
Full URL
https://wam.login.sailpoint.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.214.9.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-9-175.compute-1.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://wam.login.sailpoint.com/saml/login/alias/wam-sp?idp=urn:westernasset:saml2&relaystate=7feb3af7-6a6a-4bbf-8931-9dbcd7899443

Response headers

x-robots-tag
noindex
access-control-expose-headers
SLPT-Request-ID, Content-Type
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
x-content-type-options
nosniff
expires
0
content-length
32
date
Wed, 20 Nov 2024 15:05:47 GMT
x-xss-protection
1; mode=block
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server
nginx
slpt-request-id
111d4dffd28a44ac8f2e2561e80f84af
x-frame-options
DENY
main.css
id1.westernasset.com/assets/css/ 		170 KB
170 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://id1.westernasset.com/assets/css/main.css
Requested by
Host: id1.westernasset.com
URL: https://id1.westernasset.com/idp/SSO.saml2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.192.133.205 Pasadena, United States, ASN203 (CENTURYLINK-LEGACY-LVLT-203, US),
Reverse DNS
id1.westernasset.com
Software
/
Resource Hash
456538bd902f65cc519b98351657ece5d3680a855afd771598e7ec38eae7b7c6
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://id1.westernasset.com/

Response headers

X-Frame-Options
SAMEORIGIN
Cache-Control
max-age=0, must-revalidate
Content-Length
174257
Date
Wed, 20 Nov 2024 15:05:48 GMT
Last-Modified
Sun, 16 Apr 2023 16:09:20 GMT
Content-Type
text/css
Referrer-Policy
origin
wam.png
id1.westernasset.com/assets/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id1.westernasset.com/assets/images/wam.png
Requested by
Host: id1.westernasset.com
URL: https://id1.westernasset.com/assets/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.192.133.205 Pasadena, United States, ASN203 (CENTURYLINK-LEGACY-LVLT-203, US),
Reverse DNS
id1.westernasset.com
Software
/
Resource Hash
174199ec83a37f4fb53f3af85e14a2e1d0c2031e294db005c0e9fc9026fbb3bb
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://id1.westernasset.com/

Response headers

X-Frame-Options
SAMEORIGIN
Cache-Control
max-age=0, must-revalidate
Content-Length
7942
Date
Wed, 20 Nov 2024 15:05:49 GMT
Last-Modified
Wed, 30 Aug 2017 21:35:02 GMT
Content-Type
image/png
Referrer-Policy
origin
ping-horizontal-logo.svg
id1.westernasset.com/assets/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id1.westernasset.com/assets/images/ping-horizontal-logo.svg
Requested by
Host: id1.westernasset.com
URL: https://id1.westernasset.com/assets/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.192.133.205 Pasadena, United States, ASN203 (CENTURYLINK-LEGACY-LVLT-203, US),
Reverse DNS
id1.westernasset.com
Software
/
Resource Hash
e85fa95966d2ce21af29a616c2e779c85a2b983a365ca1187dd36f2bcda16b96
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://id1.westernasset.com/

Response headers

X-Frame-Options
SAMEORIGIN
Cache-Control
max-age=0, must-revalidate
Content-Length
3992
Date
Wed, 20 Nov 2024 15:05:49 GMT
Last-Modified
Wed, 29 Mar 2023 00:44:28 GMT
Content-Type
image/svg+xml
Referrer-Policy
origin
favicon.ico
id1.westernasset.com/ 		7 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://id1.westernasset.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.192.133.205 Pasadena, United States, ASN203 (CENTURYLINK-LEGACY-LVLT-203, US),
Reverse DNS
id1.westernasset.com
Software
/
Resource Hash
13cdabd902393eb932efe980f89b78fad664cacc755f2b8cdaf8b908fe72991b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://id1.westernasset.com/

Response headers

Referrer-Policy
origin
Content-Length
7406
Date
Wed, 20 Nov 2024 15:05:50 GMT
Content-Type
image/x-icon
Last-Modified
Wed, 29 Mar 2023 00:44:28 GMT
X-Frame-Options
SAMEORIGIN

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| postForgotPassword function| postRecoverUsername function| postAlternateAuthnSystem function| postRegistration function| postOk function| submitForm function| postCancel function| postOnReturn function| setFocus function| setMobile function| getScreenWidth object| bodyTag number| width function| IsWebAuthnSupported function| isWebAuthnPlatformAuthenticatorAvailable

6 Cookies

Domain/Path Name / Value
wam.identitynow.com/ Name: sp.nonce
Value: ItAZMkwcU14sZjDyDsJUzDo-kTVDmz56
.identitynow.com/ Name: __cf_bm
Value: Td35BQT1gBb4coIyuwyl88N_GkFR5YPn1kFyUtuq_5Q-1732115146-1.0.1.1-vbnyDLk7E0MH1hmqZdWrisQD7o1hQ_KVIRzLrYpFTBB5F0DACHxJhxr_JiOIBlhqdK4_fQhefeiEWQyOkJjudw
wam.login.sailpoint.com/ Name: XSRF-TOKEN
Value: 18711052-bc71-47f8-bba3-ad22205c22c2
wam.login.sailpoint.com/ Name: SLPTLS
Value: ODkzOWUxMjMtMzdmNC00NGVkLWFmNDUtODY3OWVkOTQ3NmU2
id1.westernasset.com/ Name: PF
Value: J2f8GKWxjJ6l2UgjZglovu
id1.westernasset.com/ Name: TS0187585c
Value: 01fea5cffa3d4ed3567d87b609a285d4ecf74e65f66f18953ab3b4811d926da9459c62a8d9b6345be41f949d3ffda2657f3ca3e201

2 Console Messages

Source Level URL
Text
network error URL: https://wam.login.sailpoint.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
recommendation verbose URL: https://id1.westernasset.com/idp/SSO.saml2
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains