secureauth.gaig.com Open in urlscan Pro
208.65.194.15 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://contactmanager.gaig.com/
Effective URL:
https://secureauth.gaig.com/siteminderagent/forms/login-gaig/login.fcc?TYPE=33619969&REALMOID=06-000b0d51-fadf-1a3b-9af6-503...
Submission: On July 19 via automatic, source certstream-suspicious (July 19th 2022, 8:18:22 pm UTC) — Scanned from DE

Summary HTTP 14 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 3 domains to perform 14 HTTP transactions. The main IP is 208.65.194.15, located in Falmouth, United States and belongs to AFGINC-1, US. The main domain is secureauth.gaig.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on March 18th 2022. Valid for: a year.

This is the only time secureauth.gaig.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	45.60.87.67 45.60.87.67	19551 (INCAPSULA) (INCAPSULA)
5	208.65.194.15 208.65.194.15	17163 (AFGINC-1) (AFGINC-1)
3	18.66.139.45 18.66.139.45	16509 (AMAZON-02) (AMAZON-02)
3	2a02:26f0:350... 2a02:26f0:3500:16::215:148f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:1495	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	3.33.189.110 3.33.189.110	16509 (AMAZON-02) (AMAZON-02)
14	5

2 45.60.87.67 (United States) 2 redirects

ASN19551 (INCAPSULA, US)

contactmanager.gaig.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 208.65.194.15 (Falmouth, United States)

ASN17163 (AFGINC-1, US)

secureauth.gaig.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.139.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-45.fra60.r.cloudfront.net

global.oktacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:3500:16::215:148f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:1495 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.189.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: af77c9e516730cc51.awsglobalaccelerator.com

login.gaig.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	gaig.com 2 redirects contactmanager.gaig.com secureauth.gaig.com login.gaig.com	229 KB
4	typekit.net use.typekit.net — Cisco Umbrella Rank: 666 p.typekit.net — Cisco Umbrella Rank: 786	68 KB
3	oktacdn.com global.oktacdn.com — Cisco Umbrella Rank: 15779	439 KB
14	3

	Domain	Requested by
5	secureauth.gaig.com	secureauth.gaig.com
3	use.typekit.net	secureauth.gaig.com use.typekit.net
3	global.oktacdn.com	secureauth.gaig.com global.oktacdn.com
2	login.gaig.com	global.oktacdn.com
2	contactmanager.gaig.com	2 redirects
1	p.typekit.net	use.typekit.net
14	6

This site contains links to these domains. Also see Links.

Domain
ims.afglink.com
www.greatamericaninsurancegroup.com

Subject Issuer	Validity	Valid
*.gaig.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-18` - `2023-03-21`	a year	crt.sh
*.oktacdn.com DigiCert TLS RSA SHA256 2020 CA1	`2021-12-22` - `2023-01-22`	a year	crt.sh
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2022-03-07` - `2023-04-07`	a year	crt.sh
login.gaig.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-14` - `2023-03-10`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://secureauth.gaig.com/siteminderagent/forms/login-gaig/login.fcc?TYPE=33619969&REALMOID=06-000b0d51-fadf-1a3b-9af6-503d0a324007&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-9eDOMCz%2b1PdMLcHj9voEv7LiPdv0u1vUohikaBd6i3wGy7O4Oi0FJ%2fnt5%2bkXrxa9m6Dp4UHXx26unSyJPAg64zryzmSvBWbV&TARGET=-SM-https%3a%2f%2fcontactmanager%2egaig%2ecom%2fab
Frame ID: 761009238BB3C773F16FFFD80D762EC5
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Great American Insurance Group - Sign In

Page URL History Show full URLs

https://contactmanager.gaig.com/ HTTP 302
https://contactmanager.gaig.com/ab HTTP 302
https://secureauth.gaig.com/siteminderagent/forms/login-gaig/login.fcc?TYPE=33619969&REALMOID=06-000b0d5... Page URL

Detected technologies

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

Page Statistics

14
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

6
Subdomains

5
IPs

2
Countries

735 kB
Transfer

1951 kB
Size

6
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://ims.afglink.com/sspr/public/ForgottenUsername
Title: Forgot username?

Search URL Search Domain Scan URL

URL: https://www.greatamericaninsurancegroup.com/contact
Title: Help

Search URL Search Domain Scan URL

URL: https://www.greatamericaninsurancegroup.com/contact/legal-disclosures
Title: Legal Disclosures/Terms and Conditions

Search URL Search Domain Scan URL

URL: https://www.greatamericaninsurancegroup.com/contact/privacy
Title: Privacy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://contactmanager.gaig.com/ HTTP 302
https://contactmanager.gaig.com/ab HTTP 302
https://secureauth.gaig.com/siteminderagent/forms/login-gaig/login.fcc?TYPE=33619969&REALMOID=06-000b0d51-fadf-1a3b-9af6-503d0a324007&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-9eDOMCz%2b1PdMLcHj9voEv7LiPdv0u1vUohikaBd6i3wGy7O4Oi0FJ%2fnt5%2bkXrxa9m6Dp4UHXx26unSyJPAg64zryzmSvBWbV&TARGET=-SM-https%3a%2f%2fcontactmanager%2egaig%2ecom%2fab Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request login.fcc Show response
secureauth.gaig.com/siteminderagent/forms/login-gaig/
Redirect Chain

https://contactmanager.gaig.com/
https://contactmanager.gaig.com/ab
https://secureauth.gaig.com/siteminderagent/forms/login-gaig/login.fcc?TYPE=33619969&REALMOID=06-000b0d51-fadf-1a3b-9af6-503d0a324007&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-9eDOMCz%2b1PdML...

3 KB
2 KB

649ms
143ms

Document
text/html

208.65.194.15
AFGINC-1

General

Check archive.org

Show headers Download Go to

Full URL: https://secureauth.gaig.com/siteminderagent/forms/login-gaig/login.fcc?TYPE=33619969&REALMOID=06-000b0d51-fadf-1a3b-9af6-503d0a324007&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-9eDOMCz%2b1PdMLcHj9voEv7LiPdv0u1vUohikaBd6i3wGy7O4Oi0FJ%2fnt5%2bkXrxa9m6Dp4UHXx26unSyJPAg64zryzmSvBWbV&TARGET=-SM-https%3a%2f%2fcontactmanager%2egaig%2ecom%2fab
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 208.65.194.15 Falmouth, United States, ASN17163 (AFGINC-1, US),
Reverse DNS
Software: Apache /
Resource Hash: f08335c21fe70e42e62ce352c1b6ec7352186f108b15283c887ecc930a49416b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store
Connection: Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Tue, 19 Jul 2022 20:18:08 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
Transfer-Encoding: chunked
Vary: Accept-Encoding,User-Agent

Redirect headers

cache-control: no-store
content-length: 550
content-type: text/html; charset=iso-8859-1
date: Tue, 19 Jul 2022 20:18:08 GMT
location: https://secureauth.gaig.com/siteminderagent/forms/login-gaig/login.fcc?TYPE=33619969&REALMOID=06-000b0d51-fadf-1a3b-9af6-503d0a324007&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-9eDOMCz%2b1PdMLcHj9voEv7LiPdv0u1vUohikaBd6i3wGy7O4Oi0FJ%2fnt5%2bkXrxa9m6Dp4UHXx26unSyJPAg64zryzmSvBWbV&TARGET=-SM-https%3a%2f%2fcontactmanager%2egaig%2ecom%2fab
server: Apache
server-timing: dtSInfo;desc="0", dtRpid;desc="1737037998"
x-cdn: Imperva
x-iinfo: 11-9952008-9952026 PNNN RT(1658261887216 533) q(0 0 0 -1) r(1 1) U11

GET
H2 200 okta-sign-in.min.js Show response
global.oktacdn.com/okta-signin-widget/5.4.4/js/ 1 MB
388 KB 86ms
22ms Script
application/x-javascript 18.66.139.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://global.oktacdn.com/okta-signin-widget/5.4.4/js/okta-sign-in.min.js

Requested by

Host: secureauth.gaig.com
URL: https://secureauth.gaig.com/siteminderagent/forms/login-gaig/login.fcc?TYPE=33619969&REALMOID=06-000b0d51-fadf-1a3b-9af6-503d0a324007&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-9eDOMCz%2b1PdMLcHj9voEv7LiPdv0u1vUohikaBd6i3wGy7O4Oi0FJ%2fnt5%2bkXrxa9m6Dp4UHXx26unSyJPAg64zryzmSvBWbV&TARGET=-SM-https%3a%2f%2fcontactmanager%2egaig%2ecom%2fab

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.45 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-45.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

4839dce79a544a2a5a0552a9739b043a92bd79e5746f665d16d2eaf8a23eb6e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secureauth.gaig.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: vJBQedM8mYXvelJEjEnp9UMgV_kpuAMg
content-encoding: gzip
x-content-type-options: nosniff
age: 57594
x-cache: Hit from cloudfront
date: Tue, 19 Jul 2022 04:18:15 GMT
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=315360000
via: 1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
last-modified: Fri, 19 Mar 2021 00:21:50 GMT
server: AmazonS3
etag: W/"ae4859671d475a602643c884627e2d07"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,s-maxage=1814400
x-amz-cf-pop: FRA60-P4
x-amz-cf-id: RlkdE2ydIKxRsRG4NXDUCk61vKR6ehrtavgHIn7et6E_kG7K3UI1Iw==

GET
H2 200 okta-sign-in.min.css
global.oktacdn.com/okta-signin-widget/5.4.4/css/ 199 KB
29 KB 98ms
35ms Stylesheet
text/css 18.66.139.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://global.oktacdn.com/okta-signin-widget/5.4.4/css/okta-sign-in.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.45 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-45.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

5d70a5d7d124e0733abf9ff6578057f370639d3207f7b36d7413bdaeab146e1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secureauth.gaig.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: DClubqSVSW364_dWikPJ4aCeqk8F1BID
content-encoding: gzip
x-content-type-options: nosniff
age: 2365
x-cache: Hit from cloudfront
date: Tue, 19 Jul 2022 19:43:55 GMT
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=315360000
via: 1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
last-modified: Fri, 19 Mar 2021 00:21:48 GMT
server: AmazonS3
etag: W/"1be87fdaf98259cabf4c2d161fa60367"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public,max-age=31536000,s-maxage=1814400
x-amz-cf-pop: FRA60-P4
x-amz-cf-id: 36gNCfIylWvWSFI351Q-RqhCNfYswN9mwVfd_8y3XAHGfgZfSdhCPg==

GET
H2 200 bbt2smq.css
use.typekit.net/ 5 KB
1 KB 85ms
19ms Stylesheet
text/css 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/bbt2smq.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

c0e516a9c7fbba504a1730642f26f40a6973c3713844406d3c7cbce0a4d240fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secureauth.gaig.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Tue, 19 Jul 2022 20:18:08 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 832

GET
H/1.1 200
OK oktagaig-styles.css
secureauth.gaig.com/siteminderagent/forms/login-gaig/ 2 KB
1 KB 132ms
130ms Stylesheet
text/css 208.65.194.15
AFGINC-1

General

Check archive.org

Show headers Download Go to

Full URL: https://secureauth.gaig.com/siteminderagent/forms/login-gaig/oktagaig-styles.css
Requested by: Host: secureauth.gaig.com
URL: https://secureauth.gaig.com/siteminderagent/forms/login-gaig/login.fcc?TYPE=33619969&REALMOID=06-000b0d51-fadf-1a3b-9af6-503d0a324007&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-9eDOMCz%2b1PdMLcHj9voEv7LiPdv0u1vUohikaBd6i3wGy7O4Oi0FJ%2fnt5%2bkXrxa9m6Dp4UHXx26unSyJPAg64zryzmSvBWbV&TARGET=-SM-https%3a%2f%2fcontactmanager%2egaig%2ecom%2fab
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 208.65.194.15 Falmouth, United States, ASN17163 (AFGINC-1, US),
Reverse DNS
Software: Apache /
Resource Hash: ef38861f432fc8ce8ac62918ea16cca344a31b257aef010fe56fa1cdc44fb1bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secureauth.gaig.com/siteminderagent/forms/login-gaig/login.fcc?TYPE=33619969&REALMOID=06-000b0d51-fadf-1a3b-9af6-503d0a324007&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-9eDOMCz%2b1PdMLcHj9voEv7LiPdv0u1vUohikaBd6i3wGy7O4Oi0FJ%2fnt5%2bkXrxa9m6Dp4UHXx26unSyJPAg64zryzmSvBWbV&TARGET=-SM-https%3a%2f%2fcontactmanager%2egaig%2ecom%2fab
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 19 Jul 2022 20:18:08 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 15:30:10 GMT
Server: Apache
ETag: "723-5c10a0de332b0-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Cache-Control: max-age=43200, proxy-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 712
Expires: Wed, 20 Jul 2022 08:18:08 GMT

GET
H/1.1 200
OK login.js Show response
secureauth.gaig.com/siteminderagent/forms/login-gaig/ 3 KB
2 KB 265ms
131ms Script
application/javascript 208.65.194.15
AFGINC-1

General

Check archive.org

Show headers Download Go to

Full URL: https://secureauth.gaig.com/siteminderagent/forms/login-gaig/login.js
Requested by: Host: secureauth.gaig.com
URL: https://secureauth.gaig.com/siteminderagent/forms/login-gaig/login.fcc?TYPE=33619969&REALMOID=06-000b0d51-fadf-1a3b-9af6-503d0a324007&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-9eDOMCz%2b1PdMLcHj9voEv7LiPdv0u1vUohikaBd6i3wGy7O4Oi0FJ%2fnt5%2bkXrxa9m6Dp4UHXx26unSyJPAg64zryzmSvBWbV&TARGET=-SM-https%3a%2f%2fcontactmanager%2egaig%2ecom%2fab
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 208.65.194.15 Falmouth, United States, ASN17163 (AFGINC-1, US),
Reverse DNS
Software: Apache /
Resource Hash: 96e65aac2dc25dac5e95b1eac4773b0a15e0eef8188d2ccafb5269104db9ecd2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secureauth.gaig.com/siteminderagent/forms/login-gaig/login.fcc?TYPE=33619969&REALMOID=06-000b0d51-fadf-1a3b-9af6-503d0a324007&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-9eDOMCz%2b1PdMLcHj9voEv7LiPdv0u1vUohikaBd6i3wGy7O4Oi0FJ%2fnt5%2bkXrxa9m6Dp4UHXx26unSyJPAg64zryzmSvBWbV&TARGET=-SM-https%3a%2f%2fcontactmanager%2egaig%2ecom%2fab
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 19 Jul 2022 20:18:08 GMT
Content-Encoding: gzip
Last-Modified: Fri, 25 Mar 2022 01:34:15 GMT
Server: Apache
ETag: "cf2-5db00f5e47255-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Cache-Control: max-age=43200, proxy-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1411
Expires: Wed, 20 Jul 2022 08:18:08 GMT

GET
H2 200 p.css
p.typekit.net/ 5 B
181 B 85ms
19ms Stylesheet
text/css 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=bbt2smq&ht=tk&f=139.140.175.176.39636.39642&a=439779&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/bbt2smq.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 20:18:09 GMT
last-modified: Sat, 16 Oct 2021 08:18:43 GMT
server: nginx
etag: "616a8ae3-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H/1.1 404
Not Found me Show response
login.gaig.com/api/v1/sessions/ 168 B
1 KB 366ms
139ms Fetch
application/json 3.33.189.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login.gaig.com/api/v1/sessions/me

Requested by

Host: global.oktacdn.com
URL: https://global.oktacdn.com/okta-signin-widget/5.4.4/js/okta-sign-in.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.33.189.110 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

af77c9e516730cc51.awsglobalaccelerator.com

Software

nginx /

Resource Hash

e7d137466cc7b97e57868693f3c783b201de3822d4cb807bd9148d4f7f9132d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://secureauth.gaig.com/
X-Okta-User-Agent-Extended: okta-signin-widget-5.4.4
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

x-okta-request-id: YtcRgpPsDcSn5S-vuQFxGgAAB_s
Date: Tue, 19 Jul 2022 20:18:10 GMT
Content-Encoding: gzip
x-rate-limit-limit: 750
x-rate-limit-remaining: 743
content-security-policy-report-only: frame-ancestors 'self'
p3p: CP="HONK"
Connection: Keep-Alive
Vary: Accept-Encoding,Origin
x-xss-protection: 0
pragma: no-cache
access-control-allow-headers: Content-Type
Server: nginx
expect-ct: report-uri="https://oktaexpectct.report-uri.com/r/t/ct/reportOnly", max-age=0
Strict-Transport-Security: max-age=315360000; includeSubDomains
Content-Type: application/json
access-control-allow-origin: https://secureauth.gaig.com
cache-control: no-cache, no-store
Transfer-Encoding: chunked
x-rate-limit-reset: 1658261934
access-control-allow-credentials: true
Keep-Alive: timeout=5, max=100
x-content-type-options: nosniff
expires: 0

OPTIONS
H/1.1 200
OK me
login.gaig.com/api/v1/sessions/ 0
0 741ms
136ms Preflight 3.33.189.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login.gaig.com/api/v1/sessions/me

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.33.189.110 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

af77c9e516730cc51.awsglobalaccelerator.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-okta-user-agent-extended
Access-Control-Request-Method: GET
Origin: https://secureauth.gaig.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Connection: Keep-Alive
Content-Length: 0
Date: Tue, 19 Jul 2022 20:18:09 GMT
Keep-Alive: timeout=5, max=100
Server: nginx
Strict-Transport-Security: max-age=315360000; includeSubDomains
access-control-allow-credentials: true
access-control-allow-headers: content-type,x-okta-user-agent-extended,Content-Type
access-control-allow-methods: DELETE, GET, OPTIONS
access-control-allow-origin: https://secureauth.gaig.com
access-control-max-age: 3600
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
cache-control: no-cache, no-store
content-security-policy-report-only: frame-ancestors 'self'
expect-ct: report-uri="https://oktaexpectct.report-uri.com/r/t/ct/reportOnly", max-age=0
expires: 0
p3p: CP="HONK"
pragma: no-cache
vary: Origin
x-okta-request-id: YtcRgfyrTp1AB_8m1UAQHAAAAEs
x-rate-limit-limit: 10000
x-rate-limit-remaining: 9976
x-rate-limit-reset: 1658261918
x-xss-protection: 0

GET
H/1.1 200
OK 5635-PCG-D.jpg
secureauth.gaig.com/siteminderagent/forms/login-gaig/ 208 KB
208 KB 260ms
260ms Image
image/jpeg 208.65.194.15
AFGINC-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secureauth.gaig.com/siteminderagent/forms/login-gaig/5635-PCG-D.jpg
Requested by: Host: secureauth.gaig.com
URL: https://secureauth.gaig.com/siteminderagent/forms/login-gaig/oktagaig-styles.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 208.65.194.15 Falmouth, United States, ASN17163 (AFGINC-1, US),
Reverse DNS
Software: Apache /
Resource Hash: 6740dcb58abd9a45478e8e6b043e1d53159e024f9a40ee597ceea793d73e164f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secureauth.gaig.com/siteminderagent/forms/login-gaig/oktagaig-styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 19 Jul 2022 20:18:09 GMT
Last-Modified: Wed, 28 Apr 2021 15:30:10 GMT
Server: Apache
ETag: "33f8f-5c10a0de332b0"
Content-Type: image/jpeg
Cache-Control: max-age=43200, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 212879
Expires: Wed, 20 Jul 2022 08:18:09 GMT

GET
H2 200 l
use.typekit.net/af/705e94/00000000000000003b9b3062/27/ 33 KB
33 KB 77ms
20ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/705e94/00000000000000003b9b3062/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/bbt2smq.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 31685af3bbf1ff809935f70512ea48729eac2add3a47f604db26c43f2a253541

Request headers

Referer: https://use.typekit.net/bbt2smq.css
Origin: https://secureauth.gaig.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 20:18:09 GMT
server: nginx
etag: "79fea02668402fc378c129193093131a2db2577c"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 33576

GET
H2 200 l
use.typekit.net/af/949f99/00000000000000003b9b3068/27/ 34 KB
34 KB 82ms
24ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/949f99/00000000000000003b9b3068/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/bbt2smq.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 60fe579c50202903eec3a1898b8eafc6df528307b7e40052c0f800e718a7129f

Request headers

Referer: https://use.typekit.net/bbt2smq.css
Origin: https://secureauth.gaig.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 20:18:09 GMT
server: nginx
etag: "b5fef031a96fc670f9c3b1b64dd52243a29d7531"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 34336

GET
H/1.1 200
OK mGAIG-Logo.png
secureauth.gaig.com/siteminderagent/forms/login-gaig/ 14 KB
14 KB 131ms
131ms Image
image/png 208.65.194.15
AFGINC-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secureauth.gaig.com/siteminderagent/forms/login-gaig/mGAIG-Logo.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 208.65.194.15 Falmouth, United States, ASN17163 (AFGINC-1, US),
Reverse DNS
Software: Apache /
Resource Hash: 5da01feb7505d0387a593b9d748da8d0849213be3f03d4e92be912a2484bbee1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secureauth.gaig.com/siteminderagent/forms/login-gaig/login.fcc?TYPE=33619969&REALMOID=06-000b0d51-fadf-1a3b-9af6-503d0a324007&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-9eDOMCz%2b1PdMLcHj9voEv7LiPdv0u1vUohikaBd6i3wGy7O4Oi0FJ%2fnt5%2bkXrxa9m6Dp4UHXx26unSyJPAg64zryzmSvBWbV&TARGET=-SM-https%3a%2f%2fcontactmanager%2egaig%2ecom%2fab
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 19 Jul 2022 20:18:10 GMT
Last-Modified: Wed, 28 Apr 2021 15:30:10 GMT
Server: Apache
ETag: "36aa-5c10a0de332b0"
Content-Type: image/png
Cache-Control: max-age=43200, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 13994
Expires: Wed, 20 Jul 2022 08:18:10 GMT

GET
H2 200 montserrat-light-webfont.woff
global.oktacdn.com/okta-signin-widget/5.4.4/font/ 22 KB
22 KB 62ms
23ms Font
application/octet-stream 18.66.139.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://global.oktacdn.com/okta-signin-widget/5.4.4/font/montserrat-light-webfont.woff

Requested by

Host: global.oktacdn.com
URL: https://global.oktacdn.com/okta-signin-widget/5.4.4/css/okta-sign-in.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.45 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-45.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

feb177fb563f478cb8ecade71caea5df5ad318ca161c71875114e504ce304ace

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000
X-Content-Type-Options	nosniff

Request headers

Referer: https://global.oktacdn.com/okta-signin-widget/5.4.4/css/okta-sign-in.min.css
Origin: https://secureauth.gaig.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: fPkVHZ0BreXwJtdNlA9JDPCbpRWBJBp2
via: 1.1 32db37931b5639dc27ebaba3ad4f3d2c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 67347
x-cache: Hit from cloudfront
date: Tue, 19 Jul 2022 01:35:44 GMT
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=315360000
content-length: 22112
last-modified: Fri, 19 Mar 2021 00:21:48 GMT
server: AmazonS3
etag: "6225f3ca44b83090833064727a09cc95"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public,max-age=31536000,s-maxage=1814400
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
x-amz-cf-id: hP7AiccywQnA1rTT4qEFQ5COCCmabKg1RcEOoGbDsvuEKX39vPihVA==

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.gaig.com/	1969-12-31 23:59:59	Name: dtCookie Value: v_4_srv_3_sn_55CFE820E6911489C6B43A1AD12B1E8F_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1_rcs-3Acss_0
contactmanager.gaig.com/	1969-12-31 23:59:59	Name: cookiemonster Value: !ckoEgd0gr/+Dhb/HUc9igu3VeTl+5atQDjbFAUD4v5S3vx1UiP08cKZsKaQy4D2odd0jSt8VXePf3E2Z+Puf4wkX9aJ89bgNXDHn2at/VL98PrZIwqu3pMmAg/8CFKOs6dqCSidCqNIwyGTdl+jzM4ultf6tszg=
.gaig.com/	1970-01-20 13:22:03	Name: visid_incap_2366966 Value: jfiNk3bIQ+q4yfCCOVbSd38R12IAAAAAQUIPAAAAAABhvJx/DGMY6QzTb5Z+YyFR
.gaig.com/	1969-12-31 23:59:59	Name: incap_ses_729_2366966 Value: l0tBQ4sM7nfpOjMuVO4dCn8R12IAAAAAEMfcwrIuHwbgEQCQUZUwZA==
secureauth.gaig.com/	1969-12-31 23:59:59	Name: cookiemonster Value: !da5ZfmNwnhFRfHbHUc9igu3VeTl+5RYZgOigBNGQqHrpnJBa89eIjPZ51jRVuLBMvRJWFUDbskpX6AZWhLHM91h7HcKK6JEd0kngivXbb/EpO97dahzrCK/dytEX648CJ4+P71ReybaYmal+yvO/C/FksMRkB8E=
login.gaig.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: 75863FD1C6A2BD79E25E579675639488

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://login.gaig.com/api/v1/sessions/me Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

contactmanager.gaig.com
global.oktacdn.com
login.gaig.com
p.typekit.net
secureauth.gaig.com
use.typekit.net
18.66.139.45
208.65.194.15
2a02:26f0:3500:16::215:148f
2a02:26f0:3500:16::215:1495
3.33.189.110
45.60.87.67
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
31685af3bbf1ff809935f70512ea48729eac2add3a47f604db26c43f2a253541
4839dce79a544a2a5a0552a9739b043a92bd79e5746f665d16d2eaf8a23eb6e4
5d70a5d7d124e0733abf9ff6578057f370639d3207f7b36d7413bdaeab146e1c
5da01feb7505d0387a593b9d748da8d0849213be3f03d4e92be912a2484bbee1
60fe579c50202903eec3a1898b8eafc6df528307b7e40052c0f800e718a7129f
6740dcb58abd9a45478e8e6b043e1d53159e024f9a40ee597ceea793d73e164f
96e65aac2dc25dac5e95b1eac4773b0a15e0eef8188d2ccafb5269104db9ecd2
c0e516a9c7fbba504a1730642f26f40a6973c3713844406d3c7cbce0a4d240fa
e7d137466cc7b97e57868693f3c783b201de3822d4cb807bd9148d4f7f9132d5
ef38861f432fc8ce8ac62918ea16cca344a31b257aef010fe56fa1cdc44fb1bb
f08335c21fe70e42e62ce352c1b6ec7352186f108b15283c887ecc930a49416b
feb177fb563f478cb8ecade71caea5df5ad318ca161c71875114e504ce304ace

secureauth.gaig.com Open in urlscan Pro 208.65.194.15 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

14 Requests

100 %HTTPS

33 %IPv6

3 Domains

6 Subdomains

5 IPs

2 Countries

735 kBTransfer

1951 kBSize

6 Cookies

4 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

6 Cookies

1 Console Messages

Indicators

secureauth.gaig.com Open in urlscan Pro
208.65.194.15 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

6
Subdomains

5
IPs

2
Countries

735 kB
Transfer

1951 kB
Size

6
Cookies

14 HTTP transactions
0 data transactions