urlscan.io logo urlscan.io
SecurityTrails logo

ssoauth.qc.alight.com Open in urlscan Pro
204.152.235.110  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://clientconnect.qc.alight.com/
Effective URL: https://ssoauth.qc.alight.com/idp/prp.wsf?wa=wsignin1.0&wtrealm=urn%3accqc%3asp2016&wctx=https%3a%2f%2fclientconnect.qc.alight...
Submission: On March 09 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 6 HTTP transactions. The main IP is 204.152.235.110, located in Charlotte, United States and belongs to HEWITT-ASSOCIATES, US. The main domain is ssoauth.qc.alight.com.
TLS certificate: Issued by DigiCert Global CA G2 on July 22nd 2019. Valid for: a year.
This is the only time ssoauth.qc.alight.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 4 204.152.234.132 13716 (HEWITT-AS...)
6 204.152.235.110 13716 (HEWITT-AS...)
6 1
Apex Domain
Subdomains		 Transfer
10 alight.com
clientconnect.qc.alight.com
ssoauth.qc.alight.com
319 KB
6 1
Domain Requested by
6 ssoauth.qc.alight.com ssoauth.qc.alight.com
4 clientconnect.qc.alight.com 4 redirects
6 2

This site contains no links.

Subject Issuer Validity Valid
ssoauth.qc.alight.com
DigiCert Global CA G2		 2019-07-22 -
2020-10-02		 a year crt.sh

This page contains 1 frames:

Primary Page: https://ssoauth.qc.alight.com/idp/prp.wsf?wa=wsignin1.0&wtrealm=urn%3accqc%3asp2016&wctx=https%3a%2f%2fclientconnect.qc.alight.com%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252F
Frame ID: C7970645F38C79123F7D4AFC7E77C30E
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://clientconnect.qc.alight.com/ HTTP 302
    https://clientconnect.qc.alight.com/_layouts/15/Authenticate.aspx?Source=%2F HTTP 302
    https://clientconnect.qc.alight.com/_login/default.aspx?ReturnUrl=%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%... HTTP 302
    https://clientconnect.qc.alight.com/_trust/default.aspx?trust=PingFederate&ReturnUrl=%2f_layouts%2f15%2fAuthenti... HTTP 302
    https://ssoauth.qc.alight.com/idp/prp.wsf?wa=wsignin1.0&wtrealm=urn%3accqc%3asp2016&wctx=https%3a%2f%2fcli... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Page Statistics

6
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

1
IPs

1
Countries

316 kB
Transfer

314 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://clientconnect.qc.alight.com/ HTTP 302
    https://clientconnect.qc.alight.com/_layouts/15/Authenticate.aspx?Source=%2F HTTP 302
    https://clientconnect.qc.alight.com/_login/default.aspx?ReturnUrl=%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252F&Source=%2F HTTP 302
    https://clientconnect.qc.alight.com/_trust/default.aspx?trust=PingFederate&ReturnUrl=%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252F&Source=%2F HTTP 302
    https://ssoauth.qc.alight.com/idp/prp.wsf?wa=wsignin1.0&wtrealm=urn%3accqc%3asp2016&wctx=https%3a%2f%2fclientconnect.qc.alight.com%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set prp.wsf
ssoauth.qc.alight.com/idp/
Redirect Chain
  • https://clientconnect.qc.alight.com/
  • https://clientconnect.qc.alight.com/_layouts/15/Authenticate.aspx?Source=%2F
  • https://clientconnect.qc.alight.com/_login/default.aspx?ReturnUrl=%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252F&Source=%2F
  • https://clientconnect.qc.alight.com/_trust/default.aspx?trust=PingFederate&ReturnUrl=%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252F&Source=%2F
  • https://ssoauth.qc.alight.com/idp/prp.wsf?wa=wsignin1.0&wtrealm=urn%3accqc%3asp2016&wctx=https%3a%2f%2fclientconnect.qc.alight.com%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252F
12 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssoauth.qc.alight.com/idp/prp.wsf?wa=wsignin1.0&wtrealm=urn%3accqc%3asp2016&wctx=https%3a%2f%2fclientconnect.qc.alight.com%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.152.235.110 Charlotte, United States, ASN13716 (HEWITT-ASSOCIATES, US),
Reverse DNS
Software
Apache /
Resource Hash
20fad739785d136e6e3b7144da122258dc40005b2c88e720b1873f578981947e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

Host
ssoauth.qc.alight.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

Date
Mon, 09 Mar 2020 00:26:58 GMT
Server
Apache
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Referrer-Policy
origin
Cache-Control
no-cache, no-store
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Type
text/html;charset=utf-8
Content-Length
11807
Set-Cookie
PF=fbmm9QfbGkgHgFlvhhn557;Path=/;Secure;HttpOnly;Secure;HttpOnly
Keep-Alive
timeout=5, max=1000
Connection
Keep-Alive

Redirect headers

Cache-Control
private, no-store
Content-Type
text/html; charset=utf-8
Location
https://ssoauth.qc.alight.com/idp/prp.wsf?wa=wsignin1.0&wtrealm=urn%3accqc%3asp2016&wctx=https%3a%2f%2fclientconnect.qc.alight.com%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252F
Server
Microsoft-IIS/10.0
X-SharePointHealthScore
0
X-AspNet-Version
4.0.30319
SPRequestGuid
cded3c9f-4af3-b09b-31b4-90df2b4b8798
request-id
cded3c9f-4af3-b09b-31b4-90df2b4b8798
X-FRAME-OPTIONS
SAMEORIGIN
SPRequestDuration
12
SPIisLatency
0
X-Powered-By
ASP.NET
MicrosoftSharePointTeamServices
16.0.0.4966
X-Content-Type-Options
nosniff
X-MS-InvokeApp
1; RequireReadOnly
Date
Mon, 09 Mar 2020 00:26:57 GMT
Content-Length
308
main.css
ssoauth.qc.alight.com/assets/css/ 		168 KB
168 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ssoauth.qc.alight.com/assets/css/main.css
Requested by
Host: ssoauth.qc.alight.com
URL: https://ssoauth.qc.alight.com/idp/prp.wsf?wa=wsignin1.0&wtrealm=urn%3accqc%3asp2016&wctx=https%3a%2f%2fclientconnect.qc.alight.com%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.152.235.110 Charlotte, United States, ASN13716 (HEWITT-ASSOCIATES, US),
Reverse DNS
Software
Apache /
Resource Hash
cafa858f42ce2dbd2affed3e62b55220833b5541dc03953437ee8461147d57fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://ssoauth.qc.alight.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Mon, 09 Mar 2020 00:26:58 GMT
Referrer-Policy
origin
Last-Modified
Thu, 01 Nov 2018 21:26:44 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Connection
Keep-Alive
Content-Type
text/css
Cache-Control
max-age=0, must-revalidate
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Keep-Alive
timeout=5, max=999
Content-Length
171523
logo.png
ssoauth.qc.alight.com/assets/clientConnect/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssoauth.qc.alight.com/assets/clientConnect/images/logo.png
Requested by
Host: ssoauth.qc.alight.com
URL: https://ssoauth.qc.alight.com/idp/prp.wsf?wa=wsignin1.0&wtrealm=urn%3accqc%3asp2016&wctx=https%3a%2f%2fclientconnect.qc.alight.com%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.152.235.110 Charlotte, United States, ASN13716 (HEWITT-ASSOCIATES, US),
Reverse DNS
Software
Apache /
Resource Hash
ba3ced8d1a4f2b7d046fd64455b4aebf5fe6b7251ef3d44c2217eacd3222af35
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://ssoauth.qc.alight.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Mon, 09 Mar 2020 00:26:58 GMT
Referrer-Policy
origin
Last-Modified
Tue, 27 Aug 2019 08:20:32 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Connection
Keep-Alive
Content-Type
image/png
Cache-Control
max-age=0, must-revalidate
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Keep-Alive
timeout=5, max=1000
Content-Length
5688
FSThriveElliotWeb-Heavy.woff
ssoauth.qc.alight.com/assets/clientConnect/fonts/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ssoauth.qc.alight.com/assets/clientConnect/fonts/FSThriveElliotWeb-Heavy.woff
Requested by
Host: ssoauth.qc.alight.com
URL: https://ssoauth.qc.alight.com/idp/prp.wsf?wa=wsignin1.0&wtrealm=urn%3accqc%3asp2016&wctx=https%3a%2f%2fclientconnect.qc.alight.com%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.152.235.110 Charlotte, United States, ASN13716 (HEWITT-ASSOCIATES, US),
Reverse DNS
Software
Apache /
Resource Hash
8594513ed6754cae58a48bdcc017a783e2f45cd9114cabdfbc6aa4c02e330e19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://ssoauth.qc.alight.com/
Origin
https://ssoauth.qc.alight.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 09 Mar 2020 00:26:58 GMT
Referrer-Policy
origin
Last-Modified
Thu, 01 Nov 2018 11:35:32 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Connection
Keep-Alive
Content-Type
application/x-font-woff
Cache-Control
max-age=0, must-revalidate
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Keep-Alive
timeout=5, max=998
Content-Length
35448
ProximaNova-Regular.otf
ssoauth.qc.alight.com/assets/fonts/proxima-nova/ 		61 KB
62 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ssoauth.qc.alight.com/assets/fonts/proxima-nova/ProximaNova-Regular.otf
Requested by
Host: ssoauth.qc.alight.com
URL: https://ssoauth.qc.alight.com/idp/prp.wsf?wa=wsignin1.0&wtrealm=urn%3accqc%3asp2016&wctx=https%3a%2f%2fclientconnect.qc.alight.com%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.152.235.110 Charlotte, United States, ASN13716 (HEWITT-ASSOCIATES, US),
Reverse DNS
Software
Apache /
Resource Hash
2b80fbe521e07e4e84eb52e707b364c3e6c05c57e483276dc4b3be93a9794ba9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://ssoauth.qc.alight.com/
Origin
https://ssoauth.qc.alight.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 09 Mar 2020 00:26:58 GMT
Referrer-Policy
origin
Last-Modified
Mon, 15 Oct 2018 19:20:55 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Connection
Keep-Alive
Content-Type
application/vnd.oasis.opendocument.formula-template
Cache-Control
max-age=0, must-revalidate
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Keep-Alive
timeout=5, max=999
Content-Length
62892
FSThriveElliotWeb-Regular.woff
ssoauth.qc.alight.com/assets/clientConnect/fonts/ 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ssoauth.qc.alight.com/assets/clientConnect/fonts/FSThriveElliotWeb-Regular.woff
Requested by
Host: ssoauth.qc.alight.com
URL: https://ssoauth.qc.alight.com/idp/prp.wsf?wa=wsignin1.0&wtrealm=urn%3accqc%3asp2016&wctx=https%3a%2f%2fclientconnect.qc.alight.com%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.152.235.110 Charlotte, United States, ASN13716 (HEWITT-ASSOCIATES, US),
Reverse DNS
Software
Apache /
Resource Hash
0f3d907f9548f2d94f625dd53d2887fcba95d5627e0b79c38254dcab68dbf8f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://ssoauth.qc.alight.com/
Origin
https://ssoauth.qc.alight.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 09 Mar 2020 00:26:59 GMT
Referrer-Policy
origin
Last-Modified
Thu, 01 Nov 2018 11:35:32 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Connection
Keep-Alive
Content-Type
application/x-font-woff
Cache-Control
max-age=0, must-revalidate
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Keep-Alive
timeout=5, max=997
Content-Length
34196

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| postForgotPassword function| postRecoverUsername function| postAlternateAuthnSystem function| postRegistration function| postOk function| submitForm function| postCancel function| postOnReturn function| setFocus function| setMobile function| getScreenWidth object| bodyTag number| width boolean| remember

1 Cookies

Domain/Path Name / Value
ssoauth.qc.alight.com/ Name: PF
Value: fbmm9QfbGkgHgFlvhhn557

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubdomains;