urlscan.io logo urlscan.io
SecurityTrails logo

sso.cotiviti.com Open in urlscan Pro
3.15.167.135  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://cotivitiindia.greythr.com/
Effective URL: https://sso.cotiviti.com/app/cotiviti_greyhr_1/exkcvybwn5mdmdPMJ4h6/sso/saml
Submission: On September 02 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 7 domains to perform 22 HTTP transactions. The main IP is 3.15.167.135, located in Columbus, United States and belongs to AMAZON-02, US. The main domain is sso.cotiviti.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on April 17th 2024. Valid for: a year.
This is the only time sso.cotiviti.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 13.127.177.190 16509 (AMAZON-02)
1 2600:9000:251... 16509 (AMAZON-02)
3 3.15.167.135 16509 (AMAZON-02)
1 2a04:4e42::485 54113 (FASTLY)
5 108.139.47.95 16509 (AMAZON-02)
2 199.60.103.225 209242 (CLOUDFLAR...)
2 13.35.93.59 16509 (AMAZON-02)
4 2607:f8b0:400... 15169 (GOOGLE)
1 18.173.219.112 16509 (AMAZON-02)
22 9
4    13.127.177.190 (Mumbai, India)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-127-177-190.ap-south-1.compute.amazonaws.com
cotivitiindia.greythr.com
1    2600:9000:2514:d600:2:8ca1:f400:93a1 (United States)

ASN16509 (AMAZON-02, US)
gt-cougar-tp.cdn.greytip.com
3    3.15.167.135 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-15-167-135.us-east-2.compute.amazonaws.com
sso.cotiviti.com
1    2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
5    108.139.47.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-47-95.jfk50.r.cloudfront.net
global.oktacdn.com
2    199.60.103.225 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
www.cotiviti.com
2    13.35.93.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-93-59.jfk50.r.cloudfront.net
ok10static.oktacdn.com
4    2607:f8b0:4006:821::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    18.173.219.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-219-112.jfk52.r.cloudfront.net
login.okta.com
Apex Domain
Subdomains		 Transfer
7 oktacdn.com
global.oktacdn.com — Cisco Umbrella Rank: 27260
ok10static.oktacdn.com — Cisco Umbrella Rank: 57212
556 KB
5 cotiviti.com
sso.cotiviti.com
www.cotiviti.com
382 KB
4 gstatic.com
fonts.gstatic.com
96 KB
4 greythr.com
cotivitiindia.greythr.com
15 KB
1 okta.com
login.okta.com — Cisco Umbrella Rank: 7359
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 410
21 KB
1 greytip.com
gt-cougar-tp.cdn.greytip.com
41 KB
22 7
Domain Requested by
5 global.oktacdn.com sso.cotiviti.com
global.oktacdn.com
4 fonts.gstatic.com sso.cotiviti.com
4 cotivitiindia.greythr.com 1 redirects
3 sso.cotiviti.com global.oktacdn.com
2 ok10static.oktacdn.com sso.cotiviti.com
2 www.cotiviti.com sso.cotiviti.com
1 login.okta.com ok10static.oktacdn.com
1 cdn.jsdelivr.net sso.cotiviti.com
1 gt-cougar-tp.cdn.greytip.com cotivitiindia.greythr.com
22 9

This site contains links to these domains. Also see Links.

Domain
www.cotiviti.com
Subject Issuer Validity Valid
*.greythr.com
Sectigo RSA Domain Validation Secure Server CA		 2024-05-08 -
2025-06-08		 a year crt.sh
*.cdn.greytip.com
Amazon RSA 2048 M02		 2023-12-21 -
2025-01-17		 a year crt.sh
*.cotiviti.com
Entrust Certification Authority - L1K		 2024-04-17 -
2025-04-17		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3		 2024-07-30 -
2025-08-31		 a year crt.sh
*.oktacdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-15 -
2025-01-02		 a year crt.sh
www.cotiviti.com
WE1		 2024-07-08 -
2024-10-06		 3 months crt.sh
*.gstatic.com
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh
accounts.okta.com
Amazon RSA 2048 M02		 2024-07-17 -
2025-08-15		 a year crt.sh

This page contains 2 frames:

Primary Page: https://sso.cotiviti.com/app/cotiviti_greyhr_1/exkcvybwn5mdmdPMJ4h6/sso/saml
Frame ID: 42C157780686FFD9A1B81623E45FF873
Requests: 21 HTTP requests in this frame

Frame: https://login.okta.com/discovery/iframe.html
Frame ID: A2630A5E759EA7174E1ADD8DA0753D45
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://cotivitiindia.greythr.com/ HTTP 307
    https://cotivitiindia.greythr.com/ Page URL
  2. https://cotivitiindia.greythr.com/home.do HTTP 302
    https://cotivitiindia.greythr.com/uas/saml/sp/login Page URL
  3. https://sso.cotiviti.com/app/cotiviti_greyhr_1/exkcvybwn5mdmdPMJ4h6/sso/saml Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

22
Requests

100 %
HTTPS

33 %
IPv6

7
Domains

9
Subdomains

9
IPs

2
Countries

1111 kB
Transfer

2928 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://cotivitiindia.greythr.com/ HTTP 307
    https://cotivitiindia.greythr.com/ Page URL
  2. https://cotivitiindia.greythr.com/home.do HTTP 302
    https://cotivitiindia.greythr.com/uas/saml/sp/login Page URL
  3. https://sso.cotiviti.com/app/cotiviti_greyhr_1/exkcvybwn5mdmdPMJ4h6/sso/saml Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://cotivitiindia.greythr.com/ HTTP 307
  • https://cotivitiindia.greythr.com/
Request Chain 2
  • https://cotivitiindia.greythr.com/home.do HTTP 302
  • https://cotivitiindia.greythr.com/uas/saml/sp/login

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
cotivitiindia.greythr.com/
Redirect Chain
  • http://cotivitiindia.greythr.com/
  • https://cotivitiindia.greythr.com/
949 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cotivitiindia.greythr.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.127.177.190 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-127-177-190.ap-south-1.compute.amazonaws.com
Software
greytHR /
Resource Hash
3ef3ac2559b34bc5679690559cdc85a684d78f4445fab756e36b4e9cc2f284b5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-length
949
content-type
text/html
date
Mon, 02 Sep 2024 04:41:22 GMT
etag
W/"949-1724847216000"
last-modified
Wed, 28 Aug 2024 12:13:36 GMT
server
greytHR
tc-host
cougar-77dd6cbbc4-nzglx
traceid
7c34e49388d05cbf
x-content-type-options
nosniff

Redirect headers

Location
https://cotivitiindia.greythr.com/
Non-Authoritative-Reason
HttpsUpgrades
app-loading.gif
gt-cougar-tp.cdn.greytip.com/static-images/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gt-cougar-tp.cdn.greytip.com/static-images/app-loading.gif
Requested by
Host: cotivitiindia.greythr.com
URL: https://cotivitiindia.greythr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2514:d600:2:8ca1:f400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aa29ab65d5dc5ed8fdb08acc0d07d8856641bf69da4c122ddda33bf914b3f5db

Request headers

Referer
https://cotivitiindia.greythr.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 20:37:42 GMT
via
1.1 39947baba82573c8d139cba81c505476.cloudfront.net (CloudFront)
last-modified
Thu, 20 Jun 2024 09:29:40 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P8
age
29021
x-amz-server-side-encryption
AES256
etag
"94554ac9bab2a69f5137243708898149"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
41863
x-amz-cf-id
m5YuPjIXjzmjIn9f4dNqgioXmjTV_HVhYR5ajAYmY98RuXBcIb_9Vg==
login
cotivitiindia.greythr.com/uas/saml/sp/
Redirect Chain
  • https://cotivitiindia.greythr.com/home.do
  • https://cotivitiindia.greythr.com/uas/saml/sp/login
6 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cotivitiindia.greythr.com/uas/saml/sp/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.127.177.190 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-127-177-190.ap-south-1.compute.amazonaws.com
Software
/
Resource Hash
5d30a004de92975d16170013120135d325f0d0e45a060ed2600c15778abb4a2d
Security Headers
Name Value
Content-Security-Policy img-src 'self' data: https://gt-uas-ui.cdn.greythr.com; style-src 'self' https://gt-uas-ui.cdn.greythr.com 'unsafe-inline'; script-src 'self' https://gt-uas-ui.cdn.greythr.com 'unsafe-eval' 'unsafe-inline'; font-src 'self' https://gt-uas-ui.cdn.greythr.com;
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://cotivitiindia.greythr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store
content-security-policy
img-src 'self' data: https://gt-uas-ui.cdn.greythr.com; style-src 'self' https://gt-uas-ui.cdn.greythr.com 'unsafe-inline'; script-src 'self' https://gt-uas-ui.cdn.greythr.com 'unsafe-eval' 'unsafe-inline'; font-src 'self' https://gt-uas-ui.cdn.greythr.com;
content-type
text/html;charset=UTF-8
date
Mon, 02 Sep 2024 04:41:23 GMT
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=31536000 ; includeSubDomains
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
0

Redirect headers

cache-control
no-cache, no-store
content-length
0
date
Mon, 02 Sep 2024 04:41:22 GMT
location
https://cotivitiindia.greythr.com/uas/saml/sp/login
server
greytHR
tc-host
cougar-77dd6cbbc4-jx25n
traceid
63a96d31c22365f4
x-content-type-options
nosniff
x-frame-options
sameorigin
favicon.ico
cotivitiindia.greythr.com/ 		7 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cotivitiindia.greythr.com/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.127.177.190 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-127-177-190.ap-south-1.compute.amazonaws.com
Software
greytHR /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://cotivitiindia.greythr.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 02 Sep 2024 04:41:22 GMT
x-content-type-options
nosniff
server
greytHR
content-language
en-US
traceid
daadb15275302159
content-type
text/html;charset=UTF-8
tc-host
cougar-77dd6cbbc4-gxxgd
content-length
7066
Primary Request saml
sso.cotiviti.com/app/cotiviti_greyhr_1/exkcvybwn5mdmdPMJ4h6/sso/ 		49 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sso.cotiviti.com/app/cotiviti_greyhr_1/exkcvybwn5mdmdPMJ4h6/sso/saml
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.15.167.135 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-15-167-135.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
10a50b2d4ea5593dbf8f62ef3127969bc4c651120a1883e32118f878eaf199f9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://cotivitiindia.greythr.com
Referer
https://cotivitiindia.greythr.com/uas/saml/sp/login
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Type
text/html;charset=utf-8
Date
Mon, 02 Sep 2024 04:41:23 GMT
Keep-Alive
timeout=5, max=100
Server
nginx
Strict-Transport-Security
max-age=315360000; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Robots-Tag
noindex,nofollow
accept-ch
Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store
content-language
en
content-security-policy
frame-ancestors 'self'
content-security-policy-report-only
default-src 'self' cotiviti.okta.com sso.cotiviti.com *.oktacdn.com; connect-src 'self' cotiviti.okta.com cotiviti-admin.okta.com sso.cotiviti.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta.com cotiviti.kerberos.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' cotiviti.okta.com sso.cotiviti.com *.oktacdn.com; style-src 'unsafe-inline' 'self' cotiviti.okta.com sso.cotiviti.com *.oktacdn.com; frame-src 'self' cotiviti.okta.com cotiviti-admin.okta.com sso.cotiviti.com login.okta.com com-okta-authenticator:; img-src 'self' cotiviti.okta.com sso.cotiviti.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' cotiviti.okta.com sso.cotiviti.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
expires
0
p3p
CP="HONK"
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-okta-request-id
ZtVB8wMQci6kclAFw2yvEgAAAlU
x-rate-limit-limit
750
x-rate-limit-remaining
733
x-rate-limit-reset
1725252084
x-ua-compatible
IE=edge
x-xss-protection
0
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/css/ 		158 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/css/bootstrap.min.css
Requested by
Host: sso.cotiviti.com
URL: https://sso.cotiviti.com/app/cotiviti_greyhr_1/exkcvybwn5mdmdPMJ4h6/sso/saml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f886516f3d41e9e7bd994c7f7a39a89cafae9483f90396cb0ddeafe8d1ea5e72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sso.cotiviti.com/
Origin
https://sso.cotiviti.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 02 Sep 2024 04:41:23 GMT
x-content-type-options
nosniff
content-encoding
br
age
1561119
x-jsd-version
4.6.2
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
21146
x-served-by
cache-fra-eddf8230063-FRA, cache-yul1970025-YUL
x-jsd-version-type
version
etag
W/"279d8-G+N7YjBsjAxndbtMk8XkxOE9l3U"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
okta-sign-in.min.js
global.oktacdn.com/okta-signin-widget/7.4.0/js/ 		2 MB
396 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://global.oktacdn.com/okta-signin-widget/7.4.0/js/okta-sign-in.min.js
Requested by
Host: sso.cotiviti.com
URL: https://sso.cotiviti.com/app/cotiviti_greyhr_1/exkcvybwn5mdmdPMJ4h6/sso/saml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-95.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
57fb576de489f52ba42b992afa6884d59b3d22bbc397d73c1ec3f7ad18d469ae
Security Headers
Name Value
Strict-Transport-Security max-age=315360000
X-Content-Type-Options nosniff

Request headers

Referer
https://sso.cotiviti.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
kkiCnLttRhhHyCPMBs3Xei_mqXRuRXyH
strict-transport-security
max-age=315360000
x-content-type-options
nosniff
date
Sun, 01 Sep 2024 06:43:09 GMT
content-encoding
gzip
via
1.1 f577ca8c3771798c088df2efc06d2bc4.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P1
x-amz-server-side-encryption
AES256
age
79095
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 02 Mar 2023 17:17:31 GMT
server
AmazonS3
etag
W/"eed848d9436db2c0255bc5c675d860ce"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,s-maxage=1814400
x-amz-cf-id
tsOIdzPm1gli-XeHhKoguDqtJKW6gI_bJYpJgdnhmF_xlDKqHxfJRQ==
okta-sign-in.min.css
global.oktacdn.com/okta-signin-widget/7.4.0/css/ 		215 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://global.oktacdn.com/okta-signin-widget/7.4.0/css/okta-sign-in.min.css
Requested by
Host: sso.cotiviti.com
URL: https://sso.cotiviti.com/app/cotiviti_greyhr_1/exkcvybwn5mdmdPMJ4h6/sso/saml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-95.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7406e3ac0309dd8012d6ecedc9ae88d6c89240f53e9ef932024aac9e410db068
Security Headers
Name Value
Strict-Transport-Security max-age=315360000
X-Content-Type-Options nosniff

Request headers

Referer
https://sso.cotiviti.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
N3Y9o0i_xQbFmc.iyFMGETqlHb.wVxte
strict-transport-security
max-age=315360000
x-content-type-options
nosniff
date
Sun, 01 Sep 2024 09:04:45 GMT
content-encoding
gzip
via
1.1 f577ca8c3771798c088df2efc06d2bc4.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P1
x-amz-server-side-encryption
AES256
age
70599
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 02 Mar 2023 17:17:15 GMT
server
AmazonS3
etag
W/"12753402d34a780c99d4d55fca3215ae"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public,max-age=31536000,s-maxage=1814400
x-amz-cf-id
B59Y-qiYZnxws17-tJhncFPBwc_BOX_G_xcnccrULNxRpMfvRYMfeQ==
cotiviti-logo.png
www.cotiviti.com/hs-fs/hubfs/Cotiviti_Theme/img/ 		5 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cotiviti.com/hs-fs/hubfs/Cotiviti_Theme/img/cotiviti-logo.png
Requested by
Host: sso.cotiviti.com
URL: https://sso.cotiviti.com/app/cotiviti_greyhr_1/exkcvybwn5mdmdPMJ4h6/sso/saml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
199.60.103.225 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
823f1dfd553d7fea69b1bb1aefea54643ed164c4f4a70d80136fbadd77c46a3b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://sso.cotiviti.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
x-evy-trace-route-service-name
envoyset-translator
edge-cache-tag
F-6528912433,FD-6529066492,P-394315,FLS-ALL
x-hs-cf-lambda
us-east-1.EnforceAclForReads 3
x-evy-trace-listener
listener_https
cf-bgj
imgq:85,h2pri
etag
"f3f02f17567f9d2d28a98ed46bc2ac3f"
vary
origin, Accept-Encoding
content-type
image/png
x-evy-trace-virtual-host
all
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 3
date
Mon, 02 Sep 2024 04:41:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 7c4bbd97f5be908e33f403c3794f629a.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD89-C1
x-hubspot-correlation-id
2b026c84-c0e0-47eb-98af-d08a4ff89c26
cf-polished
origSize=5659, status=vary_header_present
x-cache
RefreshHit from cloudfront
cache-tag
F-6528912433,FD-6529066492,P-394315,FLS-ALL
x-envoy-upstream-service-time
260
alt-svc
h3=":443"; ma=86400
content-length
5577
x-evy-trace-route-configuration
listener_https/all
x-request-id
2b026c84-c0e0-47eb-98af-d08a4ff89c26
last-modified
Thu, 15 Nov 2018 15:00:34 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uL7DD3xyf1uDWcYmCz2fYL43BHYUGdtndUHWP6tpizcuIXDKKPXXIeFWS%2F%2BZerwcYr8npSRTFtuM9rDzv2NBfOQPdGz422HojXfodUn3ZwF16N0R9KzMB4RX85wUGsHASxc%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/cms-hubfs-td/envoy-proxy-7849459c5c-xzd77
access-control-allow-credentials
false
accept-ranges
bytes
cf-ray
8bcad3d3eaf2aac2-YYZ
timing-allow-origin
www.cotiviti.com
x-amz-cf-id
jqwt8OFp8hjDST7SGCaoS0keoVcIGz5R-kpv2KAmX4Tp8Vfaha1D6Q==
SSO-Log-In-Okta-Image.png
www.cotiviti.com/hubfs/OKTA/ 		290 KB
292 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cotiviti.com/hubfs/OKTA/SSO-Log-In-Okta-Image.png
Requested by
Host: sso.cotiviti.com
URL: https://sso.cotiviti.com/app/cotiviti_greyhr_1/exkcvybwn5mdmdPMJ4h6/sso/saml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
199.60.103.225 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd50a0b14ee909b30b45afccc31e21cc7c7ea43611d98b1a91f701e1b5602010
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://sso.cotiviti.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
x-amz-meta-cache-tag
F-28997537706,FD-28997537699,P-394315,FLS-ALL
age
34121
x-amz-request-id
BJDH5EPKPH6NY8RZ
x-amz-server-side-encryption
AES256
edge-cache-tag
F-28997537706,FD-28997537699,P-394315,FLS-ALL
content-disposition
inline; filename="SSO-Log-In-Okta-Image.webp"
x-hs-cf-lambda
us-east-1.EnforceAclForReads 3
cf-bgj
imgq:85,h2pri
etag
"b5fb549a21d2999883ca19e96e77c4a6"
vary
Accept, Accept-Encoding
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 3
date
Mon, 02 Sep 2024 04:41:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 fe7bdd441a6be29f25cf73b102efdd00.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
YuraAo2beN5ctesTsCDN1T0.cYzdjAwL
x-amz-cf-pop
ORD58-P2
cf-polished
origFmt=png, origSize=397367
x-cache
RefreshHit from cloudfront
cache-tag
F-28997537706,FD-28997537699,P-394315,FLS-ALL
alt-svc
h3=":443"; ma=86400
content-length
296946
x-amz-id-2
kZTYG+G2OJVl4SJv5iP76Zrr4oBYh24M+fDLbOUqypJoz/BDk+bg4hJLd8zDNqQUrxr33gIWtuf5FqT1TDNCBUXbDc45qAzI
last-modified
Fri, 01 May 2020 21:04:13 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O1IN75zZ%2F9SEWdYmddb2Mr7lF%2Fvgo%2BcSJ6fGB4MqaMWc%2B7KsoxnKrucMwGXYZI%2BJxizWRKpQj%2BOH6cy9nSPFXZMqHils9TE9xDBvNKhL2mjNf6Ke4K4RxrGDAYAiU8ShI2Q%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
8bcad3d3eaf1aac2-YYZ
timing-allow-origin
d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id
6NN60vFV8xwuUKLCS3DdMkNypbbNdOa1FD1oS6gEkZ7aX1IowaqxsQ==
fs04kp9g6dBzK875y4h7
ok10static.oktacdn.com/fs/bco/1/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ok10static.oktacdn.com/fs/bco/1/fs04kp9g6dBzK875y4h7
Requested by
Host: sso.cotiviti.com
URL: https://sso.cotiviti.com/app/cotiviti_greyhr_1/exkcvybwn5mdmdPMJ4h6/sso/saml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-59.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
d31555e92da0893b722eb42b222dd2de3559607d0e0cd4ddd01b1e28b7e38846
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

Referer
https://sso.cotiviti.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 06:56:10 GMT
strict-transport-security
max-age=315360000; includeSubDomains
via
1.1 d9904d2a7eb0a13ec208dbdb43366b78.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P8
age
1633513
x-cache
Hit from cloudfront
content-length
5997
last-modified
Wed, 21 Jun 2023 20:56:36 GMT
server
nginx
etag
"fb4a2ed09737892dd157a9a0db546383"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
rR0l-ts7uNiAwlU8Ywm95qXpnxXE6zaxAPwS9siTcqLvmIvAA5qF9Q==
expires
Thu, 14 Aug 2025 06:56:10 GMT
initLoginPage.pack.58de3be0c9b511a0fdfd7ea4f69b56fc.js
ok10static.oktacdn.com/assets/js/mvc/loginpage/ 		204 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ok10static.oktacdn.com/assets/js/mvc/loginpage/initLoginPage.pack.58de3be0c9b511a0fdfd7ea4f69b56fc.js
Requested by
Host:
URL: OktaUtil.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-59.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
6a6c595fcf3a6c74bf3509f160ba34b78a8a3eb92ecaf290412c46679576d3ed
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

Referer
https://sso.cotiviti.com/
Origin
https://sso.cotiviti.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-meta-sha1sum
91eca02abf11239ec4af7a30b1da6e2610f1b9a6
strict-transport-security
max-age=315360000; includeSubDomains
content-encoding
gzip
date
Sun, 18 Aug 2024 10:13:15 GMT
via
1.1 dee3e3075e44bf98642bfe89cb38088a.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P8
age
1276090
x-cache
Hit from cloudfront
last-modified
Tue, 07 Nov 2023 18:57:13 GMT
server
nginx
etag
W/"58de3be0c9b511a0fdfd7ea4f69b56fc"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id
50tmbDg2m3CSztM69fkRHFhPi_RwS2hemzU5jKwa5uz8lmaCYvyHnw==
expires
Mon, 18 Aug 2025 10:13:14 GMT
JTUSjIg1_i6t8kCHKm459Wlhzg.ttf
fonts.gstatic.com/s/montserrat/v14/ 		45 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v14/JTUSjIg1_i6t8kCHKm459Wlhzg.ttf
Requested by
Host: sso.cotiviti.com
URL: https://sso.cotiviti.com/app/cotiviti_greyhr_1/exkcvybwn5mdmdPMJ4h6/sso/saml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
07ae7cf9c7f3bfc4bc63842bb07e5846837c0071f8d96042de9d0f4a3cc997b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sso.cotiviti.com/
Origin
https://sso.cotiviti.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 01:05:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
185751
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24251
x-xss-protection
0
last-modified
Tue, 23 Jul 2019 03:46:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 31 Aug 2025 01:05:33 GMT
introspect
sso.cotiviti.com/idp/idx/ 		56 KB
59 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sso.cotiviti.com/idp/idx/introspect
Requested by
Host: global.oktacdn.com
URL: https://global.oktacdn.com/okta-signin-widget/7.4.0/js/okta-sign-in.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.15.167.135 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-15-167-135.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
8910ea981f93f9cc2306fc5880687e81abecfb57569c72d69bbadf4e4297e022
Security Headers
Name Value
Content-Security-Policy default-src 'self' cotiviti.okta.com sso.cotiviti.com *.oktacdn.com; connect-src 'self' cotiviti.okta.com cotiviti-admin.okta.com sso.cotiviti.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta.com cotiviti.kerberos.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' cotiviti.okta.com sso.cotiviti.com *.oktacdn.com; style-src 'unsafe-inline' 'self' cotiviti.okta.com sso.cotiviti.com *.oktacdn.com; frame-src 'self' cotiviti.okta.com cotiviti-admin.okta.com sso.cotiviti.com login.okta.com com-okta-authenticator:; img-src 'self' cotiviti.okta.com sso.cotiviti.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' cotiviti.okta.com sso.cotiviti.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/ion+json; okta-version=1.0.0
Referer
https://sso.cotiviti.com/app/cotiviti_greyhr_1/exkcvybwn5mdmdPMJ4h6/sso/saml
X-Okta-User-Agent-Extended
okta-auth-js/7.0.1 okta-signin-widget-7.4.0
Accept-Language
en
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/ion+json; okta-version=1.0.0

Response headers

x-okta-request-id
ZtVB9AMQci6kclAFw2yvFAAAAlU
Date
Mon, 02 Sep 2024 04:41:24 GMT
content-security-policy
default-src 'self' cotiviti.okta.com sso.cotiviti.com *.oktacdn.com; connect-src 'self' cotiviti.okta.com cotiviti-admin.okta.com sso.cotiviti.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta.com cotiviti.kerberos.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' cotiviti.okta.com sso.cotiviti.com *.oktacdn.com; style-src 'unsafe-inline' 'self' cotiviti.okta.com sso.cotiviti.com *.oktacdn.com; frame-src 'self' cotiviti.okta.com cotiviti-admin.okta.com sso.cotiviti.com login.okta.com com-okta-authenticator:; img-src 'self' cotiviti.okta.com sso.cotiviti.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' cotiviti.okta.com sso.cotiviti.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
x-rate-limit-limit
2000
x-content-type-options
nosniff
x-rate-limit-remaining
1990
Strict-Transport-Security
max-age=315360000; includeSubDomains
Transfer-Encoding
chunked
p3p
CP="HONK"
Connection
Keep-Alive
x-xss-protection
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
Server
nginx
accept-ch
Sec-CH-UA-Platform-Version
vary
Origin
Content-Type
application/ion+json;okta-version=1.0.0
access-control-allow-origin
https://sso.cotiviti.com
x-rate-limit-reset
1725252109
access-control-allow-credentials
true
cache-control
no-cache, no-store
X-Robots-Tag
noindex,nofollow
Keep-Alive
timeout=5, max=99
expires
0
iframe.html
login.okta.com/discovery/ Frame A263 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://login.okta.com/discovery/iframe.html
Requested by
Host: ok10static.oktacdn.com
URL: https://ok10static.oktacdn.com/assets/js/mvc/loginpage/initLoginPage.pack.58de3be0c9b511a0fdfd7ea4f69b56fc.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-112.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://sso.cotiviti.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Age
70884
Connection
keep-alive
Content-Length
451
Content-Type
text/html
Date
Sun, 01 Sep 2024 09:00:01 GMT
ETag
"090e4f7730dbde0bff2ffa4dc330a6a3"
Last-Modified
Thu, 29 Aug 2024 22:15:28 GMT
Server
AmazonS3
Strict-Transport-Security
max-age=31536000; includeSubDomains
Via
1.1 c06dccfbc9bb974276058f2bb42421ea.cloudfront.net (CloudFront)
X-Amz-Cf-Id
NLo5V_5_GHIEjy_wDufVhw3c1eEG3CgLpJOseaV_Id0fPTN10EJREw==
X-Amz-Cf-Pop
JFK52-P1
X-Cache
Hit from cloudfront
checkbox-sign-in-widget.png
global.oktacdn.com/okta-signin-widget/7.4.0/img/ui/forms/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://global.oktacdn.com/okta-signin-widget/7.4.0/img/ui/forms/checkbox-sign-in-widget.png
Requested by
Host: global.oktacdn.com
URL: https://global.oktacdn.com/okta-signin-widget/7.4.0/css/okta-sign-in.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-95.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
40810b0318131f9ba52c83a17e633a0ac476ade66ea8a914d6c4980571397665
Security Headers
Name Value
Strict-Transport-Security max-age=315360000
X-Content-Type-Options nosniff

Request headers

Referer
https://global.oktacdn.com/okta-signin-widget/7.4.0/css/okta-sign-in.min.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
QIw1rsUphAM1stS1Bu6ue4cJtX4qjxKp
strict-transport-security
max-age=315360000
x-content-type-options
nosniff
date
Sun, 01 Sep 2024 09:25:00 GMT
via
1.1 f577ca8c3771798c088df2efc06d2bc4.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P1
age
69385
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
3141
last-modified
Thu, 02 Mar 2023 17:17:16 GMT
server
AmazonS3
etag
"7846b2f8c6d0a7ca69fdd3d3c294e92d"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
HRBxwfKUSOmTMqllwTn6E6D638u3fJu3KiAY57VfXAStCIRSLkLirA==
JTURjIg1_i6t8kCHKm45_dJE3gnD-w.ttf
fonts.gstatic.com/s/montserrat/v14/ 		46 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_dJE3gnD-w.ttf
Requested by
Host: sso.cotiviti.com
URL: https://sso.cotiviti.com/app/cotiviti_greyhr_1/exkcvybwn5mdmdPMJ4h6/sso/saml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c74524e43bc128189a21c18426661e913476b73fce6547029ab412605bb58e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sso.cotiviti.com/
Origin
https://sso.cotiviti.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 06:25:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
252935
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24632
x-xss-protection
0
last-modified
Tue, 23 Jul 2019 03:47:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Aug 2025 06:25:49 GMT
JTURjIg1_i6t8kCHKm45_bZF3gnD-w.ttf
fonts.gstatic.com/s/montserrat/v14/ 		46 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_bZF3gnD-w.ttf
Requested by
Host: sso.cotiviti.com
URL: https://sso.cotiviti.com/app/cotiviti_greyhr_1/exkcvybwn5mdmdPMJ4h6/sso/saml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
56205168d373cb37b1870db837e74e2675593b7f930d00b2ff85c83bf886b484
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sso.cotiviti.com/
Origin
https://sso.cotiviti.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 22:43:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
280686
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24405
x-xss-protection
0
last-modified
Tue, 23 Jul 2019 03:46:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Aug 2025 22:43:18 GMT
okticon.woff
global.oktacdn.com/okta-signin-widget/7.4.0/font/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://global.oktacdn.com/okta-signin-widget/7.4.0/font/okticon.woff
Requested by
Host: global.oktacdn.com
URL: https://global.oktacdn.com/okta-signin-widget/7.4.0/css/okta-sign-in.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-95.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7eccbb3b4b68f9f24a3b826f2eea4a1bbb48196cb734afc1b62c3d045cb680e1
Security Headers
Name Value
Strict-Transport-Security max-age=315360000
X-Content-Type-Options nosniff

Request headers

Referer
https://global.oktacdn.com/okta-signin-widget/7.4.0/css/okta-sign-in.min.css
Origin
https://sso.cotiviti.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
XjnuITKwMTzaE9Zq4w2fV9vLWPg1t.nr
strict-transport-security
max-age=315360000
x-content-type-options
nosniff
date
Sun, 01 Sep 2024 11:43:38 GMT
via
1.1 e82b8f8953c90f58ae3b2feee6b64b70.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P1
age
61067
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
20600
last-modified
Thu, 02 Mar 2023 17:17:16 GMT
server
AmazonS3
etag
"db28723126138387cdf40680e6e0fa5d"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
odqxDIrXt8BKz2mS_2XvZXHn5fOeiEejkS_sV5PAGpwHyKme6VEBdw==
JTURjIg1_i6t8kCHKm45_ZpC3gnD-w.ttf
fonts.gstatic.com/s/montserrat/v14/ 		45 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_ZpC3gnD-w.ttf
Requested by
Host: sso.cotiviti.com
URL: https://sso.cotiviti.com/app/cotiviti_greyhr_1/exkcvybwn5mdmdPMJ4h6/sso/saml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a4b0943e5312a5e2b4204d46f33b6f227a7fec6bb36c3ea712f1d99c05c999c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sso.cotiviti.com/
Origin
https://sso.cotiviti.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 09:09:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
243142
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24295
x-xss-protection
0
last-modified
Tue, 23 Jul 2019 03:46:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Aug 2025 09:09:02 GMT
montserrat-okta-light-webfont.woff
global.oktacdn.com/okta-signin-widget/7.4.0/font/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://global.oktacdn.com/okta-signin-widget/7.4.0/font/montserrat-okta-light-webfont.woff
Requested by
Host: global.oktacdn.com
URL: https://global.oktacdn.com/okta-signin-widget/7.4.0/css/okta-sign-in.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-95.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
feb177fb563f478cb8ecade71caea5df5ad318ca161c71875114e504ce304ace
Security Headers
Name Value
Strict-Transport-Security max-age=315360000
X-Content-Type-Options nosniff

Request headers

Referer
https://global.oktacdn.com/okta-signin-widget/7.4.0/css/okta-sign-in.min.css
Origin
https://sso.cotiviti.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 06:37:04 GMT
x-amz-version-id
FGASkjNKwTUkH9DdvEN2LEjzwoQpdZ72
x-content-type-options
nosniff
strict-transport-security
max-age=315360000
via
1.1 e82b8f8953c90f58ae3b2feee6b64b70.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P1
age
79461
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
22112
last-modified
Thu, 02 Mar 2023 17:17:15 GMT
server
AmazonS3
etag
"6225f3ca44b83090833064727a09cc95"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
AjN0LoznfxoY9p6cIilqJhLtZrTdSYXAQW4HnbiSn624aTNwP0mdEw==
favicon.ico
sso.cotiviti.com/ 		5 KB
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://sso.cotiviti.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.15.167.135 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-15-167-135.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
f9e86fb363a05f75ab3b525439d46bf4911d4cd4ae94c656c0198206374002aa
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://sso.cotiviti.com/app/cotiviti_greyhr_1/exkcvybwn5mdmdPMJ4h6/sso/saml
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Mon, 02 Sep 2024 04:41:24 GMT
Strict-Transport-Security
max-age=315360000; includeSubDomains
x-content-type-options
nosniff
last-modified
Tue, 20 Aug 2024 18:47:04 GMT
Server
nginx
etag
W/"5430-1724179624000"
Content-Type
image/x-icon
Connection
Keep-Alive
accept-ranges
bytes
X-Robots-Tag
noindex,nofollow
Keep-Alive
timeout=5, max=98
Content-Length
5430

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| regeneratorRuntime function| jQueryCourage object| u2f function| OktaSignIn function| signInSuccessCallBackFunction object| oktaData function| runLoginPage object| OktaUtil object| config object| signIn object| OktaLogin object| jQBrowser

7 Cookies

Domain/Path Name / Value
cotivitiindia.greythr.com/ Name: JSESSIONID
Value: 64D73377777AE04ACC5130E73F31A1AD-n5
cotivitiindia.greythr.com/ Name: saml-sp-configuration
Value: 3
sso.cotiviti.com/ Name: t
Value: purple
sso.cotiviti.com/ Name: DT
Value: DI1SIcaqoOHQCOGcy9EBstfNA
.www.cotiviti.com/ Name: __cfruid
Value: cd08575da09504249408b3adcf1ba3604231e767-1725252083
.www.cotiviti.com/ Name: __cf_bm
Value: plDZXw6p0CwcSoH1enrofj.WZOtw4TNN7Lb3yRe6HxY-1725252083-1.0.1.1-0GmaekfLgVuJ2CHVD2TW5yEIAU5UViyRfUOxTJ5ASwIo3EWDtghZfa7HsPTmK0SYLnUGTOOPsjESc7FTSuMVvw
sso.cotiviti.com/ Name: JSESSIONID
Value: 54B7F6397CA25726B5AF9C64CBFD6A95

6 Console Messages

Source Level URL
Text
network error URL: https://cotivitiindia.greythr.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://sso.cotiviti.com/app/cotiviti_greyhr_1/exkcvybwn5mdmdPMJ4h6/sso/saml(Line 12)
Message:
[Report Only] Refused to load the stylesheet 'https://cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/css/bootstrap.min.css' because it violates the following Content Security Policy directive: "style-src 'unsafe-inline' 'self' cotiviti.okta.com sso.cotiviti.com *.oktacdn.com". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.
security error URL: https://sso.cotiviti.com/app/cotiviti_greyhr_1/exkcvybwn5mdmdPMJ4h6/sso/saml(Line 14)
Message:
[Report Only] Refused to load the image 'https://www.cotiviti.com/hubfs/favicon-32x32-6.png' because it violates the following Content Security Policy directive: "img-src 'self' cotiviti.okta.com sso.cotiviti.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:".
security error URL: https://sso.cotiviti.com/app/cotiviti_greyhr_1/exkcvybwn5mdmdPMJ4h6/sso/saml(Line 353)
Message:
[Report Only] Refused to load the image 'https://www.cotiviti.com/hs-fs/hubfs/Cotiviti_Theme/img/cotiviti-logo.png' because it violates the following Content Security Policy directive: "img-src 'self' cotiviti.okta.com sso.cotiviti.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:".
security error URL: https://sso.cotiviti.com/app/cotiviti_greyhr_1/exkcvybwn5mdmdPMJ4h6/sso/saml(Line 367)
Message:
[Report Only] Refused to load the image 'https://www.cotiviti.com/hubfs/OKTA/SSO-Log-In-Okta-Image.png' because it violates the following Content Security Policy directive: "img-src 'self' cotiviti.okta.com sso.cotiviti.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:".
security error URL: https://sso.cotiviti.com/app/cotiviti_greyhr_1/exkcvybwn5mdmdPMJ4h6/sso/saml(Line 389)
Message:
[Report Only] Refused to load the image 'https://www.cotiviti.com/hs-fs/hubfs/Cotiviti_Theme/img/cotiviti-logo.png' because it violates the following Content Security Policy directive: "img-src 'self' cotiviti.okta.com sso.cotiviti.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cotivitiindia.greythr.com
fonts.gstatic.com
global.oktacdn.com
gt-cougar-tp.cdn.greytip.com
login.okta.com
ok10static.oktacdn.com
sso.cotiviti.com
www.cotiviti.com
108.139.47.95
13.127.177.190
13.35.93.59
18.173.219.112
199.60.103.225
2600:9000:2514:d600:2:8ca1:f400:93a1
2607:f8b0:4006:821::2003
2a04:4e42::485
3.15.167.135
07ae7cf9c7f3bfc4bc63842bb07e5846837c0071f8d96042de9d0f4a3cc997b6
10a50b2d4ea5593dbf8f62ef3127969bc4c651120a1883e32118f878eaf199f9
3ef3ac2559b34bc5679690559cdc85a684d78f4445fab756e36b4e9cc2f284b5
40810b0318131f9ba52c83a17e633a0ac476ade66ea8a914d6c4980571397665
56205168d373cb37b1870db837e74e2675593b7f930d00b2ff85c83bf886b484
57fb576de489f52ba42b992afa6884d59b3d22bbc397d73c1ec3f7ad18d469ae
5d30a004de92975d16170013120135d325f0d0e45a060ed2600c15778abb4a2d
6a6c595fcf3a6c74bf3509f160ba34b78a8a3eb92ecaf290412c46679576d3ed
7406e3ac0309dd8012d6ecedc9ae88d6c89240f53e9ef932024aac9e410db068
7c74524e43bc128189a21c18426661e913476b73fce6547029ab412605bb58e7
7eccbb3b4b68f9f24a3b826f2eea4a1bbb48196cb734afc1b62c3d045cb680e1
823f1dfd553d7fea69b1bb1aefea54643ed164c4f4a70d80136fbadd77c46a3b
8910ea981f93f9cc2306fc5880687e81abecfb57569c72d69bbadf4e4297e022
a4b0943e5312a5e2b4204d46f33b6f227a7fec6bb36c3ea712f1d99c05c999c2
aa29ab65d5dc5ed8fdb08acc0d07d8856641bf69da4c122ddda33bf914b3f5db
d31555e92da0893b722eb42b222dd2de3559607d0e0cd4ddd01b1e28b7e38846
dd50a0b14ee909b30b45afccc31e21cc7c7ea43611d98b1a91f701e1b5602010
f886516f3d41e9e7bd994c7f7a39a89cafae9483f90396cb0ddeafe8d1ea5e72
f9e86fb363a05f75ab3b525439d46bf4911d4cd4ae94c656c0198206374002aa
feb177fb563f478cb8ecade71caea5df5ad318ca161c71875114e504ce304ace