sso.hwcinfra.com
Open in
urlscan Pro
170.250.252.199
Public Scan
Submitted URL: https://hotwirecommunications.ultipro.com/
Effective URL: https://sso.hwcinfra.com/saml-idp/1o213643ryx2d8ue/login/?idp_init=1
Submission: On May 18 via api from US — Scanned from DE
Effective URL: https://sso.hwcinfra.com/saml-idp/1o213643ryx2d8ue/login/?idp_init=1
Submission: On May 18 via api from US — Scanned from DE
Summary
This website contacted 1 IPs
in 1 countries
across 3 domains to perform 5 HTTP transactions.
The main IP is 170.250.252.199, located in
Miami, United States and
belongs to HOTWIRE-COMMUNICATIONS, US.
The main domain is sso.hwcinfra.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on September 24th 2023. Valid for: a year.
This is the only time sso.hwcinfra.com was scanned on urlscan.io!
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on September 24th 2023. Valid for: a year.
This is the only time sso.hwcinfra.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 2 2 | 208.86.169.159 208.86.169.159 | 32077 (ULTISOFTASN) (ULTISOFTASN) | |
| 2 2 | 208.86.169.62 208.86.169.62 | 32077 (ULTISOFTASN) (ULTISOFTASN) | |
| 1 1 | 208.86.169.66 208.86.169.66 | 32077 (ULTISOFTASN) (ULTISOFTASN) | |
| 1 6 | 170.250.252.199 170.250.252.199 | 23089 (HOTWIRE-C...) (HOTWIRE-COMMUNICATIONS) | |
| 5 | 1 |
2
208.86.169.159
(United States)
ASN32077 (ULTISOFTASN, US)
PTR: romark.ultipro.com
ASN32077 (ULTISOFTASN, US)
PTR: romark.ultipro.com
| hotwirecommunications.ultipro.com |
2
208.86.169.62
(United States)
ASN32077 (ULTISOFTASN, US)
PTR: gateway.ultiproworkplace.com
ASN32077 (ULTISOFTASN, US)
PTR: gateway.ultiproworkplace.com
| gateway.ultiproworkplace.com |
1
208.86.169.66
(United States)
ASN32077 (ULTISOFTASN, US)
PTR: fs.ultiproworkplace.com
ASN32077 (ULTISOFTASN, US)
PTR: fs.ultiproworkplace.com
| fs.ultiproworkplace.com |
6
170.250.252.199
(Miami, United States)
ASN23089 (HOTWIRE-COMMUNICATIONS, US)
PTR: 170.250.252.199.hwccustomers.com
ASN23089 (HOTWIRE-COMMUNICATIONS, US)
PTR: 170.250.252.199.hwccustomers.com
| sso.hwcinfra.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 6 |
hwcinfra.com
1 redirects
sso.hwcinfra.com |
315 KB |
| 3 |
ultiproworkplace.com
3 redirects
gateway.ultiproworkplace.com — Cisco Umbrella Rank: 37575 fs.ultiproworkplace.com — Cisco Umbrella Rank: 38606 |
5 KB |
| 2 |
ultipro.com
2 redirects
hotwirecommunications.ultipro.com |
590 B |
| 5 | 3 |
| Domain | Requested by | |
|---|---|---|
| 6 | sso.hwcinfra.com |
1 redirects
sso.hwcinfra.com
|
| 2 | gateway.ultiproworkplace.com | 2 redirects |
| 2 | hotwirecommunications.ultipro.com | 2 redirects |
| 1 | fs.ultiproworkplace.com | 1 redirects |
| 5 | 4 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.hwcinfra.com Go Daddy Secure Certificate Authority - G2 |
2023-09-24 - 2024-10-25 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://sso.hwcinfra.com/saml-idp/1o213643ryx2d8ue/login/?idp_init=1
Frame ID: 170B5993FD969F156A264BB9BD0F696C
Requests: 5 HTTP requests in this frame
Screenshot
Page Title
HWC Security - Single-Sign-On (SSO)Page URL History Show full URLs
-
https://hotwirecommunications.ultipro.com/
HTTP 302
https://hotwirecommunications.ultipro.com/default.aspx HTTP 302
https://gateway.ultiproworkplace.com/?cpi=http%3a%2f%2fsso.hwcinfra.com%2fsaml-idp%2f1o213643ryx2d8ue%2fmetadata%... HTTP 302
https://gateway.ultiproworkplace.com/Ws-Fed/ProvisionUser.aspx?cpi=http%3a%2f%2fsso.hwcinfra.com%2fsaml-idp%2f1o2... HTTP 302
https://fs.ultiproworkplace.com/adfs/ls/?wa=wsignin1.0&wtrealm=https%3a%2f%2fgateway.ultiproworkplace.com&wc... HTTP 302
https://sso.hwcinfra.com/saml-idp/1o213643ryx2d8ue/login/?SAMLRequest=fZLBasMwEER%2fxehuS5btxBGOISQUD... HTTP 302
https://sso.hwcinfra.com/saml-idp/1o213643ryx2d8ue/login/?idp_init=1 Page URL
Detected technologies
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://hotwirecommunications.ultipro.com/
HTTP 302
https://hotwirecommunications.ultipro.com/default.aspx HTTP 302
https://gateway.ultiproworkplace.com/?cpi=http%3a%2f%2fsso.hwcinfra.com%2fsaml-idp%2f1o213643ryx2d8ue%2fmetadata%2f&targetsite=https%3a%2f%2few46.ultipro.com%2flogin.aspx HTTP 302
https://gateway.ultiproworkplace.com/Ws-Fed/ProvisionUser.aspx?cpi=http%3a%2f%2fsso.hwcinfra.com%2fsaml-idp%2f1o213643ryx2d8ue%2fmetadata%2f&targetsite=https%3a%2f%2few46.ultipro.com%2flogin.aspx HTTP 302
https://fs.ultiproworkplace.com/adfs/ls/?wa=wsignin1.0&wtrealm=https%3a%2f%2fgateway.ultiproworkplace.com&wctx=rm%3d0%26id%3dpassive%26ru%3d%252fWs-Fed%252fProvisionUser.aspx%253fcpi%253dhttp%25253a%25252f%25252fsso.hwcinfra.com%25252fsaml-idp%25252f1o213643ryx2d8ue%25252fmetadata%25252f%2526targetsite%253dhttps%25253a%25252f%25252few46.ultipro.com%25252flogin.aspx&wct=2024-05-18T10%3a29%3a33Z&whr=http%3a%2f%2fsso.hwcinfra.com%2fsaml-idp%2f1o213643ryx2d8ue%2fmetadata%2f HTTP 302
https://sso.hwcinfra.com/saml-idp/1o213643ryx2d8ue/login/?SAMLRequest=fZLBasMwEER%2fxehuS5btxBGOISQUDG0pbemhNyGvG1FZcrVyk%2f59FedUCrkuMzv7mG1QjmYSuzkc7TN8zYAh6Q5bovt0LXnZQ1%2blfJ1DWm5qlm6A1SmrFcsZVFytNiR5A4%2fa2S3hGSNJhzhDZzFIG%2bKI8TJlVZrXrzkTfCOKIuNV%2bU6SQ8zRVobFeQxhQkEposuOJ6Xt4GWm3Egvt6W6n2jueF6sysL%2fnHlfz0CN%2b9CWkmTvLMIlavZWOIkahZUjoAhKvOwe7kW8SqirSMwWJ1B60NCT5Dwai2Khv%2b2evAtOOUPaZqHzV%2bttk0QEf6Ej7YUuwg2YzSbouO3k%2fOdkpIKFUfYD0ij%2b1gqQBj9jaOg1qG2u5TzG9d3hyRmtfpI750d5AzjP8mUSCxwW6V%2fsnTHutPcgA2xJTAOS0Lah%2f7%2bg%2fQU%3d&RelayState=f6ae09a1-37dc-41bb-adb0-8d7704d447c9&Signature=GLLp8%2f8lA2NLExm6DHGdAyGuEPuXisLIW3ryDL%2bFk6uj6vR5BqQaceYlSAg5PyGc%2f5FwyPzwsnQhNHhpcEXUyrjfHQvH7CmSN6AjjurjFRoAI6W9z9%2brirXpAd7aVMejS%2bDR68T2tSBiSqmQ4gFwONiiQEq0%2fh73byNBl6KAEAdDAcDvXCUZKUCqpeOV6vIVmEK9jOQAhyOARjwu%2bL57N%2bpoHrm6oo8FeZ%2bPuDDHtrJ8SotTi5lva94joyHm8bVMUNrevqxjNox6k9FZm9TEPiFNqLP2frD3AnsTZblvF4ygyL9VTOWkbWzkF8Qli2j%2fdW8Ef0ffpg75Ojg0aPncMA%3d%3d&SigAlg=http%3a%2f%2fwww.w3.org%2f2000%2f09%2fxmldsig%23rsa-sha1&client-request-id=faf2f15b-09bf-424d-b409-0080030000f1 HTTP 302
https://sso.hwcinfra.com/saml-idp/1o213643ryx2d8ue/login/?idp_init=1 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
5 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
/
sso.hwcinfra.com/saml-idp/1o213643ryx2d8ue/login/ Redirect Chain
|
196 KB 197 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bootstrap.bundle.min.js
sso.hwcinfra.com/saml-idp/1o213643ryx2d8ue/assets/dist/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.js
sso.hwcinfra.com/site_media/js/jquery/ |
87 KB 87 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
/
sso.hwcinfra.com/customviews/image/hwc_logo2:f584c50d53cf459da3827628e349dc18/ |
13 KB 13 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
favicon.ico
sso.hwcinfra.com/ |
18 KB 19 KB |
Other
image/x-ico |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery object| username_field object| iam_login_link string| iam_login_enabled7 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| fs.ultiproworkplace.com/adfs | Name: MSISIPSelectionSession Value: aHR0cDovL3Nzby5od2NpbmZyYS5jb20vc2FtbC1pZHAvMW8yMTM2NDNyeXgyZDh1ZS9tZXRhZGF0YS87RmFsc2U= |
|
| fs.ultiproworkplace.com/adfs | Name: MSISContextf6ae09a1-37dc-41bb-adb0-8d7704d447c9 Value: UlBVcmw9aHR0cHMlM2ElMmYlMmZnYXRld2F5LnVsdGlwcm93b3JrcGxhY2UuY29tXEJhc2VVcmw9aHR0cCUzYSUyZiUyZmZzLnVsdGlwcm93b3JrcGxhY2UuY29tJTJmYWRmcyUyZnNlcnZpY2VzJTJmdHJ1c3RcUHJvdG9jb2xJRD13c2ZlZFxJZD1pZC03YTI0ZGVkNS0yNzFlLTQ5ODAtOWUwOC0wOGMwMTBlNTJjNjlcd3RyZWFsbT1odHRwcyUzYSUyZiUyZmdhdGV3YXkudWx0aXByb3dvcmtwbGFjZS5jb21cd2N0eD1ybSUzZDAlMjZpZCUzZHBhc3NpdmUlMjZydSUzZCUyNTJmV3MtRmVkJTI1MmZQcm92aXNpb25Vc2VyLmFzcHglMjUzZmNwaSUyNTNkaHR0cCUyNTI1M2ElMjUyNTJmJTI1MjUyZnNzby5od2NpbmZyYS5jb20lMjUyNTJmc2FtbC1pZHAlMjUyNTJmMW8yMTM2NDNyeXgyZDh1ZSUyNTI1MmZtZXRhZGF0YSUyNTI1MmYlMjUyNnRhcmdldHNpdGUlMjUzZGh0dHBzJTI1MjUzYSUyNTI1MmYlMjUyNTJmZXc0Ni51bHRpcHJvLmNvbSUyNTI1MmZsb2dpbi5hc3B4 |
|
| gateway.ultiproworkplace.com/ | Name: ASP.NET_SessionId Value: kyfy02igwcjzorifwkc1kktg |
|
| gateway.ultiproworkplace.com/ | Name: SSOLogoutUrl Value: aHR0cHM6Ly9nYXRld2F5LnVsdGlwcm93b3JrcGxhY2UuY29tL2xvZ29mZi5hc3B4 |
|
| gateway.ultiproworkplace.com/ | Name: ClaimProviderIdentifier Value: aHR0cDovL3Nzby5od2NpbmZyYS5jb20vc2FtbC1pZHAvMW8yMTM2NDNyeXgyZDh1ZS9tZXRhZGF0YS8= |
|
| gateway.ultiproworkplace.com/ | Name: UltiProLogoutUrl Value: aHR0cHM6Ly9ldzQ2LnVsdGlwcm8uY29tL2xvZ2luLmFzcHg/bG9nb3V0PXRydWUmVVNQYXJhbXM9bW9iaWxlPTA= |
|
| sso.hwcinfra.com/ | Name: sessionid Value: 0xivdpim1zlbbcrjfiaxajo5w7tbttvw |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| X-Content-Type-Options | nosniff |
| X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fs.ultiproworkplace.com
gateway.ultiproworkplace.com
hotwirecommunications.ultipro.com
sso.hwcinfra.com
170.250.252.199
208.86.169.159
208.86.169.62
208.86.169.66
257a95cdc16fdeffbfa9daa43b0a358ec6d291ac97df13c1777143ec864820eb
2a5acb328a3e20d736c056ece9ed4d331f4fd9b05da801bc3479f6f76961b59d
2e9c558bd6e4bca20268be93f3f5f75477a64574cb18f9b48ec3699cedd990ee
2ff2a134258453be978f1c423bd8e72e7243c444909c55ec1fc2ac4a36411fff