federations-sso.intactfc.com Open in urlscan Pro
199.243.65.105 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://e35d6127-262a-4995-b12c-2ce48400e089.ct0.app/r/akge9gfnn9m5b4h1zkj5ddkp69c4
Effective URL:
https://federations-sso.intactfc.com/FIM/sps/BENSAML20/saml20/login
Submission: On July 02 via manual (July 2nd 2024, 3:49:16 pm UTC) from CA — Scanned from CA

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 6 domains to perform 13 HTTP transactions. The main IP is 199.243.65.105, located in Montreal, Canada and belongs to INTACT-FINANCIAL-CORPORATION, CA. The main domain is federations-sso.intactfc.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on October 10th 2023. Valid for: a year.

This is the only time federations-sso.intactfc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.85.151.35 52.85.151.35	16509 (AMAZON-02) (AMAZON-02)
3 3	3.217.210.2 3.217.210.2	14618 (AMAZON-AES) (AMAZON-AES)
2	3.132.251.121 3.132.251.121	16509 (AMAZON-02) (AMAZON-02)
1 8	199.243.65.105 199.243.65.105	32564 (INTACT-FI...) (INTACT-FINANCIAL-CORPORATION)
1	172.253.122.95 172.253.122.95	15169 (GOOGLE) (GOOGLE)
3	173.194.68.94 173.194.68.94	15169 (GOOGLE) (GOOGLE)
13	4

1 52.85.151.35 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-52-85-151-35.iad89.r.cloudfront.net

e35d6127-262a-4995-b12c-2ce48400e089.ct0.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.217.210.2 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-217-210-2.compute-1.amazonaws.com

intact.benevity.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.132.251.121 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-132-251-121.us-east-2.compute.amazonaws.com

sso.connect.pingidentity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 199.243.65.105 (Montreal, Canada) 1 redirects

ASN32564 (INTACT-FINANCIAL-CORPORATION, CA)
PTR: federations-sso.intactfc.com

federations-sso.intactfc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.122.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 173.194.68.94 (United States)

ASN15169 (GOOGLE, US)
PTR: qr-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	intactfc.com 1 redirects federations-sso.intactfc.com	224 KB
3	gstatic.com fonts.gstatic.com	47 KB
3	benevity.org 3 redirects intact.benevity.org	2 KB
2	pingidentity.com sso.connect.pingidentity.com — Cisco Umbrella Rank: 26163	23 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 83	1 KB
1	ct0.app 1 redirects e35d6127-262a-4995-b12c-2ce48400e089.ct0.app — Cisco Umbrella Rank: 811383	479 B
13	6

	Domain	Requested by
8	federations-sso.intactfc.com	1 redirects federations-sso.intactfc.com
3	fonts.gstatic.com	fonts.googleapis.com
3	intact.benevity.org	3 redirects
2	sso.connect.pingidentity.com
1	fonts.googleapis.com	federations-sso.intactfc.com
1	e35d6127-262a-4995-b12c-2ce48400e089.ct0.app	1 redirects
13	6

This site contains no links.

Subject Issuer	Validity	Valid
sso.connect.pingidentity.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-22` - `2024-12-18`	a year	crt.sh
federations.intactfc.com Entrust Certification Authority - L1K	`2023-10-10` - `2024-10-10`	a year	crt.sh
upload.video.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.gstatic.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://federations-sso.intactfc.com/FIM/sps/BENSAML20/saml20/login
Frame ID: A336E613740BDB203B6C6E2100286932
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login

Page URL History Show full URLs

https://e35d6127-262a-4995-b12c-2ce48400e089.ct0.app/r/akge9gfnn9m5b4h1zkj5ddkp69c4 HTTP 302
https://intact.benevity.org/dashboard?utm_source=get_started_good&utm_medium=email&utm_campaign=account_... HTTP 302
https://intact.benevity.org/sso/pingone/custom HTTP 302
https://intact.benevity.org/pingone/redir HTTP 302
https://sso.connect.pingidentity.com/sso/sp/initsso?saasid=b21f822a-79cf-4305-aa04-54292c6987bc&idpid=a0cad702-24... Page URL
https://federations-sso.intactfc.com/FIM/sps/BENSAML20/saml20/login Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Laravel (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

13
Requests

92 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

4
IPs

2
Countries

295 kB
Transfer

299 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://e35d6127-262a-4995-b12c-2ce48400e089.ct0.app/r/akge9gfnn9m5b4h1zkj5ddkp69c4 HTTP 302
https://intact.benevity.org/dashboard?utm_source=get_started_good&utm_medium=email&utm_campaign=account_reminder HTTP 302
https://intact.benevity.org/sso/pingone/custom HTTP 302
https://intact.benevity.org/pingone/redir HTTP 302
https://sso.connect.pingidentity.com/sso/sp/initsso?saasid=b21f822a-79cf-4305-aa04-54292c6987bc&idpid=a0cad702-2448-4982-93d1-3bdfd938a98f&appurl=https%3A%2F%2Fintact.benevity.org%2Fpingone%2Ftoken%3Fdestination%3D%252Fdashboard%253Futm_campaign%253Daccount_reminder%2526utm_medium%253Demail%2526utm_source%253Dget_started_good&errorurl=https%3A%2F%2Fintact.benevity.org%2Fpingone%2Ffail Page URL
https://federations-sso.intactfc.com/FIM/sps/BENSAML20/saml20/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://e35d6127-262a-4995-b12c-2ce48400e089.ct0.app/r/akge9gfnn9m5b4h1zkj5ddkp69c4 HTTP 302
https://intact.benevity.org/dashboard?utm_source=get_started_good&utm_medium=email&utm_campaign=account_reminder HTTP 302
https://intact.benevity.org/sso/pingone/custom HTTP 302
https://intact.benevity.org/pingone/redir HTTP 302
https://sso.connect.pingidentity.com/sso/sp/initsso?saasid=b21f822a-79cf-4305-aa04-54292c6987bc&idpid=a0cad702-2448-4982-93d1-3bdfd938a98f&appurl=https%3A%2F%2Fintact.benevity.org%2Fpingone%2Ftoken%3Fdestination%3D%252Fdashboard%253Futm_campaign%253Daccount_reminder%2526utm_medium%253Demail%2526utm_source%253Dget_started_good&errorurl=https%3A%2F%2Fintact.benevity.org%2Fpingone%2Ffail

Request Chain 11

https://federations-sso.intactfc.com/favicon.ico HTTP 301
https://federations-sso.intactfc.com/favicon.ico/

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

initsso Show response
sso.connect.pingidentity.com/sso/sp/
Redirect Chain

https://e35d6127-262a-4995-b12c-2ce48400e089.ct0.app/r/akge9gfnn9m5b4h1zkj5ddkp69c4
https://intact.benevity.org/dashboard?utm_source=get_started_good&utm_medium=email&utm_campaign=account_reminder
https://intact.benevity.org/sso/pingone/custom
https://intact.benevity.org/pingone/redir
https://sso.connect.pingidentity.com/sso/sp/initsso?saasid=b21f822a-79cf-4305-aa04-54292c6987bc&idpid=a0cad702-2448-4982-93d1-3bdfd938a98f&appurl=https%3A%2F%2Fintact.benevity.org%2Fpingone%2Ftoken...

2 KB
2 KB

325ms
147ms

Document
text/html

3.132.251.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.connect.pingidentity.com/sso/sp/initsso?saasid=b21f822a-79cf-4305-aa04-54292c6987bc&idpid=a0cad702-2448-4982-93d1-3bdfd938a98f&appurl=https%3A%2F%2Fintact.benevity.org%2Fpingone%2Ftoken%3Fdestination%3D%252Fdashboard%253Futm_campaign%253Daccount_reminder%2526utm_medium%253Demail%2526utm_source%253Dget_started_good&errorurl=https%3A%2F%2Fintact.benevity.org%2Fpingone%2Ffail

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

3.132.251.121 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-132-251-121.us-east-2.compute.amazonaws.com

Software

Resource Hash

05bf81ede859da77fd817482880a5ee0ed81fe0258dbbd5f6d1184b0d05a4b82

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: no-cache, no-store
content-encoding: gzip
content-type: text/html;charset=utf-8
date: Tue, 02 Jul 2024 15:49:11 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
max-age: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
server
strict-transport-security: max-age=63072000; includeSubDomains; preload;
vary: Accept-Encoding
x-content-type-options: nosniff
x-robots-tag: noindex, nofollow

Redirect headers

access-control-allow-origin: https://intact.benevity.org
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
content-type: text/html; charset=utf-8
date: Tue, 02 Jul 2024 15:49:10 GMT
expires: Sun, 19 Nov 1978 05:00:00 GMT
last-modified: Tue, 02 Jul 2024 15:49:10 GMT
location: https://sso.connect.pingidentity.com/sso/sp/initsso?saasid=b21f822a-79cf-4305-aa04-54292c6987bc&idpid=a0cad702-2448-4982-93d1-3bdfd938a98f&appurl=https%3A%2F%2Fintact.benevity.org%2Fpingone%2Ftoken%3Fdestination%3D%252Fdashboard%253Futm_campaign%253Daccount_reminder%2526utm_medium%253Demail%2526utm_source%253Dget_started_good&errorurl=https%3A%2F%2Fintact.benevity.org%2Fpingone%2Ffail
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-robots-tag: noindex, nofollow
x-xss-protection: 1; mode=block

POST
H/1.1 200
OK Primary Request login Show response
federations-sso.intactfc.com/FIM/sps/BENSAML20/saml20/ 10 KB
11 KB 228ms
47ms Document
text/html 199.243.65.105
INTACT-FINANCIAL-...

General

Check archive.org

Show headers Download Go to

Full URL

https://federations-sso.intactfc.com/FIM/sps/BENSAML20/saml20/login

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.243.65.105 Montreal, Canada, ASN32564 (INTACT-FINANCIAL-CORPORATION, CA),

Reverse DNS

federations-sso.intactfc.com

Software

Resource Hash

8d61e5f3c6dbedf1f50205f24a699055eee2b087d437f2eeb400f40499ef694e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN DENY
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Content-Type: application/x-www-form-urlencoded
Origin: https://sso.connect.pingidentity.com
Referer: https://sso.connect.pingidentity.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Cache-Control: no-cache, no-store, must-revalidate,private
Strict-Transport-Security: max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains
X-Frame-Options: SAMEORIGIN DENY
cache-control: no-store
content-length: 10546
content-security-policy: frame-ancestors 'self'
content-type: text/html
date: Tue, 02 Jul 2024 15:49:11 GMT
isam-op: login
isam-session-timeouts: 600
p3p: CP="NON CUR OTPi OUR NOR UNI"
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN

GET
H2 200 favicon.ico
sso.connect.pingidentity.com/sso/assets/images/ 22 KB
22 KB 61ms
61ms Other
image/x-icon 3.132.251.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.connect.pingidentity.com/sso/assets/images/favicon.ico

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

3.132.251.121 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-132-251-121.us-east-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://sso.connect.pingidentity.com/sso/sp/initsso?saasid=b21f822a-79cf-4305-aa04-54292c6987bc&idpid=a0cad702-2448-4982-93d1-3bdfd938a98f&appurl=https%3A%2F%2Fintact.benevity.org%2Fpingone%2Ftoken%3Fdestination%3D%252Fdashboard%253Futm_campaign%253Daccount_reminder%2526utm_medium%253Demail%2526utm_source%253Dget_started_good&errorurl=https%3A%2F%2Fintact.benevity.org%2Fpingone%2Ffail
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:49:11 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload;
x-content-type-options: nosniff
last-modified: Thu, 02 May 2024 09:16:36 GMT
server
etag: W/"22134-1714641396000"
content-type: image/x-icon
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 22134

GET
H/1.1 200
OK normalize.css
federations-sso.intactfc.com/static/css/ 6 KB
6 KB 57ms
37ms Stylesheet
text/css 199.243.65.105
INTACT-FINANCIAL-...

General

Check archive.org

Show headers Download Go to

Full URL

https://federations-sso.intactfc.com/static/css/normalize.css

Requested by

Host: federations-sso.intactfc.com
URL: https://federations-sso.intactfc.com/FIM/sps/BENSAML20/saml20/login

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.243.65.105 Montreal, Canada, ASN32564 (INTACT-FINANCIAL-CORPORATION, CA),

Reverse DNS

federations-sso.intactfc.com

Software

Resource Hash

ec602d0d0efdc1310e8e104a7fbd2e0501bb039cb26fef2b8a0bb4edab575836

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, SAMEORIGIN, DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://federations-sso.intactfc.com/FIM/sps/BENSAML20/saml20/login
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:49:11 GMT
content-security-policy: frame-ancestors 'self'
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
last-modified: Thu, 09 May 2019 18:32:40 GMT
x-frame-options: SAMEORIGIN, SAMEORIGIN, DENY
isam-session-timeouts: 600
p3p: CP="NON CUR OTPi OUR NOR UNI"
content-type: text/css
Cache-Control: no-cache, no-store, must-revalidate,private
content-length: 6052

GET
H/1.1 200
OK bootstrap-ifc.min.css
federations-sso.intactfc.com/static/css/ 182 KB
183 KB 94ms
36ms Stylesheet
text/css 199.243.65.105
INTACT-FINANCIAL-...

General

Check archive.org

Show headers Download Go to

Full URL

https://federations-sso.intactfc.com/static/css/bootstrap-ifc.min.css

Requested by

Host: federations-sso.intactfc.com
URL: https://federations-sso.intactfc.com/FIM/sps/BENSAML20/saml20/login

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.243.65.105 Montreal, Canada, ASN32564 (INTACT-FINANCIAL-CORPORATION, CA),

Reverse DNS

federations-sso.intactfc.com

Software

Resource Hash

39c01df8626351aef33f3315014b67e4f06865abbc9cadc997413373ad5b293a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, SAMEORIGIN, DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://federations-sso.intactfc.com/FIM/sps/BENSAML20/saml20/login
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:49:11 GMT
content-security-policy: frame-ancestors 'self'
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
last-modified: Thu, 09 May 2019 18:32:40 GMT
x-frame-options: SAMEORIGIN, SAMEORIGIN, DENY
isam-session-timeouts: 600
p3p: CP="NON CUR OTPi OUR NOR UNI"
content-type: text/css
Cache-Control: no-cache, no-store, must-revalidate,private
content-length: 186371

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 147ms
57ms Stylesheet
text/css 172.253.122.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,400i,500,700,700i

Requested by

Host: federations-sso.intactfc.com
URL: https://federations-sso.intactfc.com/FIM/sps/BENSAML20/saml20/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f95.1e100.net

Software

ESF /

Resource Hash

4cdd451e1d203029095bc57864a19c70cd1be9136d13fc6884ba968c668b3dcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://federations-sso.intactfc.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Tue, 02 Jul 2024 15:49:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 02 Jul 2024 15:28:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 02 Jul 2024 15:49:11 GMT

GET
H/1.1 200
OK intact-fc-signature-after-163x43.png
federations-sso.intactfc.com/static/pics/ 18 KB
19 KB 149ms
43ms Image
image/png 199.243.65.105
INTACT-FINANCIAL-...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://federations-sso.intactfc.com/static/pics/intact-fc-signature-after-163x43.png

Requested by

Host: federations-sso.intactfc.com
URL: https://federations-sso.intactfc.com/FIM/sps/BENSAML20/saml20/login

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.243.65.105 Montreal, Canada, ASN32564 (INTACT-FINANCIAL-CORPORATION, CA),

Reverse DNS

federations-sso.intactfc.com

Software

Resource Hash

d56252ca27ddfbf787c907d2e014f312fe9eb6789ca586fed8234491eda4ad72

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, SAMEORIGIN, DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://federations-sso.intactfc.com/FIM/sps/BENSAML20/saml20/login
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:49:11 GMT
content-security-policy: frame-ancestors 'self'
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
last-modified: Thu, 09 May 2019 18:32:40 GMT
x-frame-options: SAMEORIGIN, SAMEORIGIN, DENY
isam-session-timeouts: 600
p3p: CP="NON CUR OTPi OUR NOR UNI"
content-type: text/plain
Cache-Control: no-cache, no-store, must-revalidate,private
content-length: 18529

GET
H/1.1 200
OK ui-visible-dt.svg
federations-sso.intactfc.com/static/pics/ 593 B
1 KB 126ms
42ms Image
image/svg+xml 199.243.65.105
INTACT-FINANCIAL-...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://federations-sso.intactfc.com/static/pics/ui-visible-dt.svg

Requested by

Host: federations-sso.intactfc.com
URL: https://federations-sso.intactfc.com/FIM/sps/BENSAML20/saml20/login

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.243.65.105 Montreal, Canada, ASN32564 (INTACT-FINANCIAL-CORPORATION, CA),

Reverse DNS

federations-sso.intactfc.com

Software

Resource Hash

85d7af553ed1bec2f22c08d56a5d2453167f741dd6ccdb5f8365e7fa3c8ebe8c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, SAMEORIGIN, DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://federations-sso.intactfc.com/FIM/sps/BENSAML20/saml20/login
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:49:11 GMT
content-security-policy: frame-ancestors 'self'
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
last-modified: Thu, 09 May 2019 18:32:40 GMT
x-frame-options: SAMEORIGIN, SAMEORIGIN, DENY
isam-session-timeouts: 600
p3p: CP="NON CUR OTPi OUR NOR UNI"
content-type: image/svg+xml
Cache-Control: no-cache, no-store, must-revalidate,private
content-length: 593

GET
H/1.1 200
OK ui-invisible-dt.svg
federations-sso.intactfc.com/static/pics/ 826 B
1 KB 37ms
37ms Image
image/svg+xml 199.243.65.105
INTACT-FINANCIAL-...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://federations-sso.intactfc.com/static/pics/ui-invisible-dt.svg

Requested by

Host: federations-sso.intactfc.com
URL: https://federations-sso.intactfc.com/FIM/sps/BENSAML20/saml20/login

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.243.65.105 Montreal, Canada, ASN32564 (INTACT-FINANCIAL-CORPORATION, CA),

Reverse DNS

federations-sso.intactfc.com

Software

Resource Hash

c8ff1194a16e68be3de26414f58562ba5c77024a8ed9a7a16c8d77c979d640f0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, SAMEORIGIN, DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://federations-sso.intactfc.com/FIM/sps/BENSAML20/saml20/login
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:49:11 GMT
content-security-policy: frame-ancestors 'self'
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
last-modified: Thu, 09 May 2019 18:32:40 GMT
x-frame-options: SAMEORIGIN, SAMEORIGIN, DENY
isam-session-timeouts: 600
p3p: CP="NON CUR OTPi OUR NOR UNI"
content-type: image/svg+xml
Cache-Control: no-cache, no-store, must-revalidate,private
content-length: 826

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 219ms
114ms Font
font/woff2 173.194.68.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,500,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.68.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qr-in-f94.1e100.net

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://federations-sso.intactfc.com
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 15:10:01 GMT
x-content-type-options: nosniff
age: 88750
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 01 Jul 2025 15:10:01 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 156ms
51ms Font
font/woff2 173.194.68.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,500,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.68.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qr-in-f94.1e100.net

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://federations-sso.intactfc.com
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 15:06:04 GMT
x-content-type-options: nosniff
age: 88987
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 01 Jul 2025 15:06:04 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 217ms
112ms Font
font/woff2 173.194.68.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,500,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.68.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qr-in-f94.1e100.net

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://federations-sso.intactfc.com
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 05:23:17 GMT
x-content-type-options: nosniff
age: 37554
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Jul 2025 05:23:17 GMT

GET
H/1.1

200
OK

/
federations-sso.intactfc.com/favicon.ico/
Redirect Chain

https://federations-sso.intactfc.com/favicon.ico
https://federations-sso.intactfc.com/favicon.ico/

841 B
1 KB

37ms
36ms

Other
text/html

199.243.65.105
INTACT-FINANCIAL-...

General

Check archive.org

Show headers Download Go to

Full URL

https://federations-sso.intactfc.com/favicon.ico/

Protocol

HTTP/1.1

Server

199.243.65.105 Montreal, Canada, ASN32564 (INTACT-FINANCIAL-CORPORATION, CA),

Reverse DNS

federations-sso.intactfc.com

Software

Resource Hash

e450c314a6edd8ddd5c14e4ac27d654b8f6248329b78092fb11b499dc9d26232

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, SAMEORIGIN, DENY

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://federations-sso.intactfc.com/FIM/sps/BENSAML20/saml20/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 02 Jul 2024 15:49:12 GMT
content-security-policy: frame-ancestors 'self'
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
last-modified: Thu, 09 May 2019 18:32:40 GMT
x-frame-options: SAMEORIGIN, SAMEORIGIN, DENY
isam-session-timeouts: 599
p3p: CP="NON CUR OTPi OUR NOR UNI"
content-type: text/html
Cache-Control: no-cache, no-store, must-revalidate,private
content-length: 841

Redirect headers

date: Tue, 02 Jul 2024 15:49:12 GMT
content-security-policy: frame-ancestors 'self'
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN, SAMEORIGIN, DENY
isam-session-timeouts: 599
content-type: text/html
location: https://federations-sso.intactfc.com/favicon.ico/
p3p: CP="NON CUR OTPi OUR NOR UNI"
Cache-Control: no-cache, no-store, must-revalidate,private
Transfer-Encoding: chunked

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
intact.benevity.org/	1970-01-20 21:48:55	Name: XSRF-TOKEN Value: eyJpdiI6IlAzVXIrdlNoeTk5NW9MU2lVNGlqcFE9PSIsInZhbHVlIjoid2hwaCsxQkZaUXlsbi8xTjBNZTcwY3JhZmdHcHpRK1Rma1l0RXp3YnpZNld0cTJ4WWViSnFuZC90RVM1NnpaaStzT2dKUHJsOXhiWDkrTUljbENiWXljWkUwYlZ5WWV2V1RkaVlqV2xycW9ZZ1p5VXdiRFRZOGFJV0k5MmcrVjYiLCJtYWMiOiIyZjA5ODlkODMyMTA3ZjcyYjBlMDc1Y2EzZmVhYTFhZGIzOGY1OThhMGE5YmJjODVlYmQ5Y2UzNGNkZDM0ODFlIiwidGFnIjoiIn0%3D
intact.benevity.org/	1969-12-31 23:59:59	Name: laravel_session Value: eyJpdiI6Ikgzenhua1JhSUpoNVVqMlRldENsUXc9PSIsInZhbHVlIjoiS1FPb2gxclc3b3Q1b3BiRFVpQ3crMkl2UWlRUmppMWtLbWUwSllGNUpCbUM5VWlSQjdNTzJuOGMxUU1RN3NYZHcyZWpQblNERHo2L1E5YkFOU0xxU1NSbHlZb05Qb1pWbytlRzRwQ1JZbjBJOEdsRlR1cjBZempDWXVrTk52RCsiLCJtYWMiOiI0OWYyYWE2Y2YyNmE2MmE0NWUwZmFiOGNkNThiYTRkN2U1ODJlNWRkZjRmNzM4YTk1MmFiOWYwMzVjNzg4ZTkwIiwidGFnIjoiIn0%3D
sso.connect.pingidentity.com/	1970-01-21 06:31:11	Name: agentid Value: dd84de96
sso.connect.pingidentity.com/	1969-12-31 23:59:59	Name: csrfToken Value: 007b455afabd14c2ac9cb27747b7cc85
sso.connect.pingidentity.com/	1969-12-31 23:59:59	Name: haid Value: 06f23f85
federations-sso.intactfc.com/	1969-12-31 23:59:59	Name: BNI_federations-kerberos-persistence Value: VD6EIyQsh6-lZIJ743QT-fLC49KcRZAa7HfjEX48ZIheJmD8SAFaT_WuqHHCu9dHxZPDYaijbrYb9ScIz3ifBw==
federations-sso.intactfc.com/	1969-12-31 23:59:59	Name: PD-S-SESSION-ID Value: 1_2_0_U53cxKYm45xuRiGBcptyuBdXcUR9ExklLeuSma11q42g6QIU

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

e35d6127-262a-4995-b12c-2ce48400e089.ct0.app
federations-sso.intactfc.com
fonts.googleapis.com
fonts.gstatic.com
intact.benevity.org
sso.connect.pingidentity.com
172.253.122.95
173.194.68.94
199.243.65.105
3.132.251.121
3.217.210.2
52.85.151.35
05bf81ede859da77fd817482880a5ee0ed81fe0258dbbd5f6d1184b0d05a4b82
39c01df8626351aef33f3315014b67e4f06865abbc9cadc997413373ad5b293a
4cdd451e1d203029095bc57864a19c70cd1be9136d13fc6884ba968c668b3dcb
85d7af553ed1bec2f22c08d56a5d2453167f741dd6ccdb5f8365e7fa3c8ebe8c
8d61e5f3c6dbedf1f50205f24a699055eee2b087d437f2eeb400f40499ef694e
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
c8ff1194a16e68be3de26414f58562ba5c77024a8ed9a7a16c8d77c979d640f0
d56252ca27ddfbf787c907d2e014f312fe9eb6789ca586fed8234491eda4ad72
e450c314a6edd8ddd5c14e4ac27d654b8f6248329b78092fb11b499dc9d26232
ec602d0d0efdc1310e8e104a7fbd2e0501bb039cb26fef2b8a0bb4edab575836
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

federations-sso.intactfc.com Open in urlscan Pro 199.243.65.105 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

13 Requests

92 %HTTPS

0 %IPv6

6 Domains

6 Subdomains

4 IPs

2 Countries

295 kBTransfer

299 kBSize

7 Cookies

0 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

7 Cookies

Security Headers

Indicators

federations-sso.intactfc.com Open in urlscan Pro
199.243.65.105 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

92 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

4
IPs

2
Countries

295 kB
Transfer

299 kB
Size

7
Cookies

13 HTTP transactions
0 data transactions