URL: https://prdsso40.coupahost.com/sp/startSSO.ping?PartnerIdpId=pf.sentara.com&TARGET=https://sentara.coupahost.com/sessions/saml_...
Submission: On December 05 via manual from US

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 8 HTTP transactions. The main IP is 23.23.118.223, located in Ashburn, United States and belongs to AMAZON-AES - Amazon.com, Inc., US. The main domain is prdsso40.coupahost.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on May 2nd 2016. Valid for: 3 years.
This is the only time prdsso40.coupahost.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 23.23.118.223 14618 (AMAZON-AES)
3 163.230.254.11 27336 (SENTARA-H...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
8 5
Domain Requested by
3 pf.sentara.com prdsso40.coupahost.com
pf.sentara.com
2 fonts.gstatic.com pf.sentara.com
1 fonts.googleapis.com pf.sentara.com
1 prdsso40.coupahost.com
8 4

This site contains links to these domains. Also see Links.

Domain
cpc.sentara.com
apps.sentara.com
Subject Issuer Validity Valid
*.coupahost.com
Go Daddy Secure Certificate Authority - G2
2016-05-02 -
2019-05-02
3 years crt.sh
*.sentara.com
Entrust Certification Authority - L1K
2015-04-03 -
2018-07-03
3 years crt.sh
*.googleapis.com
Google Internet Authority G2
2017-11-21 -
2018-02-13
3 months crt.sh
*.google.com
Google Internet Authority G2
2017-11-21 -
2018-02-13
3 months crt.sh

This page contains 2 frames:

Frame: https://pf.sentara.com/idp/SSO.saml2
Frame ID: 28787.1
Requests: 2 HTTP requests in this frame

Frame: https://pf.sentara.com/idp/SSO.saml2
Frame ID: 28807.1
Requests: 6 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

8
Requests

88 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

5
IPs

2
Countries

155 kB
Transfer

157 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set startSSO.ping
prdsso40.coupahost.com/sp/
1 KB
1 KB
Document
General
Full URL
https://prdsso40.coupahost.com/sp/startSSO.ping?PartnerIdpId=pf.sentara.com&TARGET=https://sentara.coupahost.com/sessions/saml_post
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.23.118.223 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-23-23-118-223.compute-1.amazonaws.com
Software
/
Resource Hash
90108ecaae85f9c6f9371fa7c41045f030b63818c57375ae41b1344292655ed5

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
prdsso40.coupahost.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Cache-Control
no-cache
Connection
keep-alive
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Pragma
no-cache
max-age
Thu, 01 Jan 1970 00:00:00 GMT
Content-Type
text/html; charset=utf-8
Set-Cookie
PF=xT4n39exKDkkSZy6DFYP4T;Path=/
Cache-Control
no-cache, no-store
Connection
keep-alive
Content-Length
1205
Expires
Thu, 01 Jan 1970 00:00:00 GMT
SSO.saml2
pf.sentara.com/idp/
0
0

Cookie set SSO.saml2
pf.sentara.com/idp/ Frame 2880
4 KB
4 KB
Document
General
Full URL
https://pf.sentara.com/idp/SSO.saml2
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
163.230.254.11 Virginia Beach, United States, ASN27336 (SENTARA-HEALTH-CARE - Sentara Healthcare, US),
Reverse DNS
crewscheduler.sentara.com
Software
/
Resource Hash
19d2110858fffe14a3fb5a908c6512509bcc84d5dc17d1caf3bbc8ac441b3cf4
Security Headers
Name Value
Content-Security-Policy referrer origin
X-Frame-Options SAMEORIGIN

Request headers

Pragma
no-cache
Origin
https://prdsso40.coupahost.com
Accept-Encoding
gzip, deflate
Host
pf.sentara.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Cache-Control
no-cache
Referer
https://prdsso40.coupahost.com/sp/startSSO.ping?PartnerIdpId=pf.sentara.com&TARGET=https://sentara.coupahost.com/sessions/saml_post
Connection
keep-alive
Content-Length
490
Referer
https://prdsso40.coupahost.com/sp/startSSO.ping?PartnerIdpId=pf.sentara.com&TARGET=https://sentara.coupahost.com/sessions/saml_post
Origin
https://prdsso40.coupahost.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Dec 2017 20:12:03 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
text/html;charset=utf-8
Cache-Control
no-cache, no-store
Content-Security-Policy
referrer origin
Set-Cookie
PF=OB6xZN8ZawSkOOoV8XPKHL829ptbm2UWDBJqIufVSlX1;Path=/;Secure;HttpOnly
Content-Length
3973
Expires
Thu, 01 Jan 1970 00:00:00 GMT
css
fonts.googleapis.com/ Frame 2880
3 KB
628 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Merriweather|Merriweather+Sans
Requested by
Host: pf.sentara.com
URL: https://pf.sentara.com/idp/SSO.saml2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:810::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
85dcf8afeda9a58a3dedf1f88b55e84e6699b8193a4d3a61e5b151cec7d4f48d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/css?family=Merriweather|Merriweather+Sans
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
fonts.googleapis.com
referer
https://pf.sentara.com/idp/SSO.saml2
:scheme
https
:method
GET
Referer
https://pf.sentara.com/idp/SSO.saml2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Tue, 05 Dec 2017 20:12:03 GMT
content-encoding
gzip
last-modified
Tue, 05 Dec 2017 20:12:03 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
x-xss-protection
1; mode=block
expires
Tue, 05 Dec 2017 20:12:03 GMT
sentara.css
pf.sentara.com/assets/css/ Frame 2880
108 KB
108 KB
Stylesheet
General
Full URL
https://pf.sentara.com/assets/css/sentara.css
Requested by
Host: pf.sentara.com
URL: https://pf.sentara.com/idp/SSO.saml2
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
163.230.254.11 Virginia Beach, United States, ASN27336 (SENTARA-HEALTH-CARE - Sentara Healthcare, US),
Reverse DNS
crewscheduler.sentara.com
Software
/
Resource Hash
859ca9377617926e54de1a383e35a6986fa0deda3a266a1b68ef1827564ef17b
Security Headers
Name Value
Content-Security-Policy referrer origin
X-Frame-Options SAMEORIGIN

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
pf.sentara.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://pf.sentara.com/idp/SSO.saml2
Cookie
PF=OB6xZN8ZawSkOOoV8XPKHL829ptbm2UWDBJqIufVSlX1
Connection
keep-alive
Cache-Control
no-cache
Referer
https://pf.sentara.com/idp/SSO.saml2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Tue, 05 Dec 2017 20:12:03 GMT
Cache-Control
max-age=0, must-revalidate
Last-Modified
Wed, 01 Feb 2017 18:48:34 GMT
Content-Security-Policy
referrer origin
Content-Length
110815
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
sentara-logo.png
pf.sentara.com/assets/images/ Frame 2880
18 KB
18 KB
Image
General
Full URL
https://pf.sentara.com/assets/images/sentara-logo.png
Requested by
Host: pf.sentara.com
URL: https://pf.sentara.com/idp/SSO.saml2
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
163.230.254.11 Virginia Beach, United States, ASN27336 (SENTARA-HEALTH-CARE - Sentara Healthcare, US),
Reverse DNS
crewscheduler.sentara.com
Software
/
Resource Hash
56c357f463ab39e45f3e3f5005fb77c7434a55b68ed8dec5881463b141aa9c51
Security Headers
Name Value
Content-Security-Policy referrer origin
X-Frame-Options SAMEORIGIN

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
pf.sentara.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://pf.sentara.com/idp/SSO.saml2
Cookie
PF=OB6xZN8ZawSkOOoV8XPKHL829ptbm2UWDBJqIufVSlX1
Connection
keep-alive
Cache-Control
no-cache
Referer
https://pf.sentara.com/idp/SSO.saml2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Tue, 05 Dec 2017 20:12:03 GMT
Cache-Control
max-age=0, must-revalidate
Last-Modified
Mon, 23 Jan 2017 21:04:33 GMT
Content-Security-Policy
referrer origin
Content-Length
18507
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
RFda8w1V0eDZheqfcyQ4EBampu5_7CjHW5spxoeN3Vs.woff2
fonts.gstatic.com/s/merriweather/v19/ Frame 2880
12 KB
12 KB
Font
General
Full URL
https://fonts.gstatic.com/s/merriweather/v19/RFda8w1V0eDZheqfcyQ4EBampu5_7CjHW5spxoeN3Vs.woff2
Requested by
Host: pf.sentara.com
URL: https://pf.sentara.com/idp/SSO.saml2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:80b::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
3b57e3ae748aa80f58eba0a7e74204b011c2b862670ed2ea5c54d6cf8aeb3613
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/s/merriweather/v19/RFda8w1V0eDZheqfcyQ4EBampu5_7CjHW5spxoeN3Vs.woff2
pragma
no-cache
origin
https://pf.sentara.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
fonts.gstatic.com
referer
https://fonts.googleapis.com/css?family=Merriweather|Merriweather+Sans
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Merriweather|Merriweather+Sans
Origin
https://pf.sentara.com

Response headers

date
Fri, 10 Nov 2017 01:04:29 GMT
x-content-type-options
nosniff
last-modified
Tue, 07 Nov 2017 15:20:32 GMT
server
sffe
age
2228854
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
11952
x-xss-protection
1; mode=block
expires
Sat, 10 Nov 2018 01:04:29 GMT
AKu1CjQ4qnV8MUltkAX3sMzpYVnxV7fe3GzmF357o4o.woff2
fonts.gstatic.com/s/merriweathersans/v9/ Frame 2880
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/merriweathersans/v9/AKu1CjQ4qnV8MUltkAX3sMzpYVnxV7fe3GzmF357o4o.woff2
Requested by
Host: pf.sentara.com
URL: https://pf.sentara.com/idp/SSO.saml2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:80b::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
59fbebdbd03d5b4414395101de9747c6290571e5bd702a5de72e7e11c788941c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/s/merriweathersans/v9/AKu1CjQ4qnV8MUltkAX3sMzpYVnxV7fe3GzmF357o4o.woff2
pragma
no-cache
origin
https://pf.sentara.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
fonts.gstatic.com
referer
https://fonts.googleapis.com/css?family=Merriweather|Merriweather+Sans
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Merriweather|Merriweather+Sans
Origin
https://pf.sentara.com

Response headers

date
Fri, 10 Nov 2017 01:15:33 GMT
x-content-type-options
nosniff
last-modified
Tue, 10 Oct 2017 23:07:45 GMT
server
sffe
age
2228190
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
11452
x-xss-protection
1; mode=block
expires
Sat, 10 Nov 2018 01:15:33 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pf.sentara.com
URL
https://pf.sentara.com/idp/SSO.saml2

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| postOk function| postCancel function| postOnReturn

1 Cookies

Domain/Path Name / Value
pf.sentara.com/ Name: PF
Value: OB6xZN8ZawSkOOoV8XPKHL829ptbm2UWDBJqIufVSlX1