urlscan.io logo urlscan.io
SecurityTrails logo

sso.xylem.com Open in urlscan Pro
199.253.101.2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://smart.gep.com/xylem
Effective URL: https://sso.xylem.com/idp/SSO.saml2
Submission: On June 14 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 7 HTTP transactions. The main IP is 199.253.101.2, located in United States and belongs to XYLEMINC-AS, SE. The main domain is sso.xylem.com.
TLS certificate: Issued by HydrantID Server CA O1 on June 7th 2023. Valid for: a year.
This is the only time sso.xylem.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 3 2620:1ec:46::45 8075 (MICROSOFT...)
1 104.18.1.114 13335 (CLOUDFLAR...)
1 3.124.130.24 16509 (AMAZON-02)
5 199.253.101.2 60269 (XYLEMINC-AS)
7 3
Apex Domain
Subdomains		 Transfer
5 xylem.com
sso.xylem.com
346 KB
4 gep.com
smart.gep.com — Cisco Umbrella Rank: 167513
smart-sts.gep.com — Cisco Umbrella Rank: 337313
smart-auth.gep.com — Cisco Umbrella Rank: 296452
8 KB
1 pingidentity.com
sso.connect.pingidentity.com — Cisco Umbrella Rank: 22617
2 KB
7 3
Domain Requested by
5 sso.xylem.com sso.xylem.com
2 smart-sts.gep.com 2 redirects
1 sso.connect.pingidentity.com
1 smart-auth.gep.com
1 smart.gep.com 1 redirects
7 5

This site contains no links.

Subject Issuer Validity Valid
smart-auth.gep.com
R3		 2023-06-03 -
2023-09-01		 3 months crt.sh
sso.connect.pingidentity.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-04 -
2024-01-04		 a year crt.sh
sso.xylem.com
HydrantID Server CA O1		 2023-06-07 -
2024-07-01		 a year crt.sh

This page contains 1 frames:

Primary Page: https://sso.xylem.com/idp/SSO.saml2
Frame ID: 3F707D2EA28B343B7D85BF5F86CF6550
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Xylem Federation services

Page URL History Show full URLs

  1. https://smart.gep.com/xylem HTTP 302
    https://smart-sts.gep.com/?gepoa=OASignIn&wtrealm=https://smart.gep.com/&wctx=rm=0&id=passive&ru=/xyle... HTTP 302
    https://smart-sts.gep.com/login?ReturnUrl=http%3a%2f%2fsmart-sts.gep.com%2f%3fgepoa%3dOASignIn%26wtrea... HTTP 301
    https://smart-auth.gep.com/samlp/AYLKmwM5BaTn3lyCQDvs0W6wP16lZ9K1?connection=xylem&RelayState=https%3a%... Page URL
  2. https://sso.connect.pingidentity.com/sso/idp/SSO.saml2?idpid=fe9a4e1b-711a-4b18-bf9d-57f3fa624894 Page URL
  3. https://sso.xylem.com/idp/SSO.saml2 Page URL

Page Statistics

7
Requests

100 %
HTTPS

25 %
IPv6

3
Domains

5
Subdomains

3
IPs

3
Countries

350 kB
Transfer

347 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://smart.gep.com/xylem HTTP 302
    https://smart-sts.gep.com/?gepoa=OASignIn&wtrealm=https://smart.gep.com/&wctx=rm=0&id=passive&ru=/xylem&wct=6/14/2023%2010:25:58%20AM&wreply=https://smart.gep.com/Default/Index?oloc=101returnUrl=https://smart.gep.com/Default/Index?oloc=101 HTTP 302
    https://smart-sts.gep.com/login?ReturnUrl=http%3a%2f%2fsmart-sts.gep.com%2f%3fgepoa%3dOASignIn%26wtrealm%3dhttps%3a%2f%2fsmart.gep.com%2f%26wctx%3drm%3d0%26id%3dpassive%26ru%3d%2fxylem%26wct%3d6%2f14%2f2023+10%3a25%3a58+AM%26wreply%3dhttps%3a%2f%2fsmart.gep.com%2fDefault%2fIndex%3foloc%3d101returnUrl%3dhttps%3a%2f%2fsmart.gep.com%2fDefault%2fIndex%3foloc%3d101 HTTP 301
    https://smart-auth.gep.com/samlp/AYLKmwM5BaTn3lyCQDvs0W6wP16lZ9K1?connection=xylem&RelayState=https%3a%2f%2fsmart.gep.com%2fDefault%2fIndex%3foloc%3d101returnUrl%3dhttps%3a%2f%2fsmart.gep.com%2fDefault%2fIndex%3foloc%3d101 Page URL
  2. https://sso.connect.pingidentity.com/sso/idp/SSO.saml2?idpid=fe9a4e1b-711a-4b18-bf9d-57f3fa624894 Page URL
  3. https://sso.xylem.com/idp/SSO.saml2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://smart.gep.com/xylem HTTP 302
  • https://smart-sts.gep.com/?gepoa=OASignIn&wtrealm=https://smart.gep.com/&wctx=rm=0&id=passive&ru=/xylem&wct=6/14/2023%2010:25:58%20AM&wreply=https://smart.gep.com/Default/Index?oloc=101returnUrl=https://smart.gep.com/Default/Index?oloc=101 HTTP 302
  • https://smart-sts.gep.com/login?ReturnUrl=http%3a%2f%2fsmart-sts.gep.com%2f%3fgepoa%3dOASignIn%26wtrealm%3dhttps%3a%2f%2fsmart.gep.com%2f%26wctx%3drm%3d0%26id%3dpassive%26ru%3d%2fxylem%26wct%3d6%2f14%2f2023+10%3a25%3a58+AM%26wreply%3dhttps%3a%2f%2fsmart.gep.com%2fDefault%2fIndex%3foloc%3d101returnUrl%3dhttps%3a%2f%2fsmart.gep.com%2fDefault%2fIndex%3foloc%3d101 HTTP 301
  • https://smart-auth.gep.com/samlp/AYLKmwM5BaTn3lyCQDvs0W6wP16lZ9K1?connection=xylem&RelayState=https%3a%2f%2fsmart.gep.com%2fDefault%2fIndex%3foloc%3d101returnUrl%3dhttps%3a%2f%2fsmart.gep.com%2fDefault%2fIndex%3foloc%3d101

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
AYLKmwM5BaTn3lyCQDvs0W6wP16lZ9K1
smart-auth.gep.com/samlp/
Redirect Chain
  • https://smart.gep.com/xylem
  • https://smart-sts.gep.com/?gepoa=OASignIn&wtrealm=https://smart.gep.com/&wctx=rm=0&id=passive&ru=/xylem&wct=6/14/2023%2010:25:58%20AM&wreply=https://smart.gep.com/Default/Index?oloc=101returnUrl=ht...
  • https://smart-sts.gep.com/login?ReturnUrl=http%3a%2f%2fsmart-sts.gep.com%2f%3fgepoa%3dOASignIn%26wtrealm%3dhttps%3a%2f%2fsmart.gep.com%2f%26wctx%3drm%3d0%26id%3dpassive%26ru%3d%2fxylem%26wct%3d6%2f...
  • https://smart-auth.gep.com/samlp/AYLKmwM5BaTn3lyCQDvs0W6wP16lZ9K1?connection=xylem&RelayState=https%3a%2f%2fsmart.gep.com%2fDefault%2fIndex%3foloc%3d101returnUrl%3dhttps%3a%2f%2fsmart.gep.com%2fDef...
1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://smart-auth.gep.com/samlp/AYLKmwM5BaTn3lyCQDvs0W6wP16lZ9K1?connection=xylem&RelayState=https%3a%2f%2fsmart.gep.com%2fDefault%2fIndex%3foloc%3d101returnUrl%3dhttps%3a%2f%2fsmart.gep.com%2fDefault%2fIndex%3foloc%3d101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.1.114 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f933ddf5dd270aea6a556244bb623f3a13859356020586509ebeb5ddb81f67bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, max-age=0, no-transform
cf-cache-status
DYNAMIC
cf-ray
7d71df56cc2c049b-FRA
content-type
text/html; charset=utf-8
date
Wed, 14 Jun 2023 10:25:59 GMT
etag
W/"549-HCc/teXous6szi2QkVddcfhPJCg"
ot-baggage-auth0-request-id
7d71df56cc2c049b
ot-tracer-sampled
true
ot-tracer-spanid
60eeee7070ea6576
ot-tracer-traceid
02325c4d55bb297c
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
traceparent
00-000000000000000002325c4d55bb297c-60eeee7070ea6576-01
tracestate
auth0-request-id=7d71df56cc2c049b,auth0=true
vary
Accept-Encoding
x-auth0-requestid
cd22040206290553f10d
x-content-type-options
nosniff
x-ratelimit-limit
500
x-ratelimit-remaining
499
x-ratelimit-reset
1686738360

Redirect headers

cache-control
no-store,no-cache
content-security-policy
default-src 'self' 'unsafe-inline' data: blob: 'unsafe-eval' smart.gep.com eu.smart.gep.com smartapac.gep.com static-smart.gep.com static-smarteu.gep.com static-smartapac.gep.com nexxe.gep.com static-nexxe.gep.com static-nexxeapac.gep.com static2-nexxeeu.gep.com static2-smarteu.gep.com smart-sts.gep.com smart-idp.gep.com plugin-nexxe.gep.com googleads.g.doubleclick.net jnn-pa.googleapis.com fonts.googleapis.com p.typekit.net use.typekit.net fonts.gstatic.com js-agent.newrelic.com static.doubleclick.net bam.nr-data.net www.gstatic.com www.google.com;
content-type
text/html; charset=utf-8
date
Wed, 14 Jun 2023 10:25:58 GMT
location
https://smart-auth.gep.com/samlp/AYLKmwM5BaTn3lyCQDvs0W6wP16lZ9K1?connection=xylem&RelayState=https%3a%2f%2fsmart.gep.com%2fDefault%2fIndex%3foloc%3d101returnUrl%3dhttps%3a%2f%2fsmart.gep.com%2fDefault%2fIndex%3foloc%3d101
permissions-policy
geolocation=(self "https://*.gep.com")
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-azure-ref
20230614T102558Z-14b7x9npp14yr18916r2me90ng00000000pg0000000281x1
x-cache
CONFIG_NOCACHE
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
SSO.saml2
sso.connect.pingidentity.com/sso/idp/ 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sso.connect.pingidentity.com/sso/idp/SSO.saml2?idpid=fe9a4e1b-711a-4b18-bf9d-57f3fa624894
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.124.130.24 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-130-24.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options nosniff

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://smart-auth.gep.com
Referer
https://smart-auth.gep.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store
content-encoding
gzip
content-type
text/html;charset=utf-8
date
Wed, 14 Jun 2023 10:25:58 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
max-age
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
strict-transport-security
max-age=63072000; includeSubDomains; preload;
vary
Accept-Encoding
x-content-type-options
nosniff
x-robots-tag
noindex, nofollow
Primary Request SSO.saml2
sso.xylem.com/idp/ 		11 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sso.xylem.com/idp/SSO.saml2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.253.101.2 , United States, ASN60269 (XYLEMINC-AS, SE),
Reverse DNS
sso.xylem.com
Software
/
Resource Hash
3c4c29e50a236a1fae6614b8e794ac7daff54842d744d1579040ef0c830803cc
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://sso.connect.pingidentity.com
Referer
https://sso.connect.pingidentity.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, no-store
Content-Length
11359
Content-Type
text/html;charset=utf-8
Date
Wed, 14 Jun 2023 10:25:59 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Referrer-Policy
origin
X-Frame-Options
SAMEORIGIN
main.css
sso.xylem.com/assets/css/ 		170 KB
170 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sso.xylem.com/assets/css/main.css
Requested by
Host: sso.xylem.com
URL: https://sso.xylem.com/idp/SSO.saml2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.253.101.2 , United States, ASN60269 (XYLEMINC-AS, SE),
Reverse DNS
sso.xylem.com
Software
/
Resource Hash
e24e09eecf328a0204326e2a8db591c4579827d2a113f0cfd857a992f0c87760
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sso.xylem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Wed, 14 Jun 2023 10:25:59 GMT
Cache-Control
max-age=0, must-revalidate
Referrer-Policy
origin
Last-Modified
Wed, 26 Jan 2022 23:57:38 GMT
Content-Length
173727
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Xylem_tag_rgb.jpg
sso.xylem.com/assets/images/ 		130 KB
130 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sso.xylem.com/assets/images/Xylem_tag_rgb.jpg
Requested by
Host: sso.xylem.com
URL: https://sso.xylem.com/idp/SSO.saml2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.253.101.2 , United States, ASN60269 (XYLEMINC-AS, SE),
Reverse DNS
sso.xylem.com
Software
/
Resource Hash
15604a865c1e8d9b3eb7185bbf4eeeff5c15f82293b50bdeaada0cd2ae2aa53d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sso.xylem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Wed, 14 Jun 2023 10:25:59 GMT
Cache-Control
max-age=0, must-revalidate
Referrer-Policy
origin
Last-Modified
Thu, 06 Dec 2018 09:47:23 GMT
Content-Length
133100
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
powered-by-ping-identity.svg
sso.xylem.com/assets/images/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sso.xylem.com/assets/images/powered-by-ping-identity.svg
Requested by
Host: sso.xylem.com
URL: https://sso.xylem.com/assets/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.253.101.2 , United States, ASN60269 (XYLEMINC-AS, SE),
Reverse DNS
sso.xylem.com
Software
/
Resource Hash
2f26240300ee305559a12a3b92f36ba1ef6c64dbe62d6f593836e33219bf4b94
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sso.xylem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Wed, 14 Jun 2023 10:26:00 GMT
Cache-Control
max-age=0, must-revalidate
Referrer-Policy
origin
Last-Modified
Wed, 26 Jan 2022 23:55:26 GMT
Content-Length
13110
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
iconfont.ttf
sso.xylem.com/assets/fonts/icons/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sso.xylem.com/assets/fonts/icons/iconfont.ttf?-sa9xtz
Requested by
Host: sso.xylem.com
URL: https://sso.xylem.com/assets/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.253.101.2 , United States, ASN60269 (XYLEMINC-AS, SE),
Reverse DNS
sso.xylem.com
Software
/
Resource Hash
2a1e9b5a465c6914ab07ee92191bf992e08da45173602d4be6afde2915fcf235
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://sso.xylem.com/
Origin
https://sso.xylem.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Wed, 14 Jun 2023 10:26:00 GMT
Cache-Control
max-age=0, must-revalidate
Referrer-Policy
origin
Last-Modified
Wed, 26 Jan 2022 23:55:26 GMT
Content-Length
21676
X-Frame-Options
SAMEORIGIN

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend string| ua number| msie function| postForgotPassword function| postRecoverUsername function| postAlternateAuthnSystem function| postRegistration function| postOk function| submitForm function| postCancel function| postOnReturn function| setFocus function| setMobile function| getScreenWidth object| bodyTag number| width boolean| remember function| IsWebAuthnSupported function| isWebAuthnPlatformAuthenticatorAvailable object| theElement

8 Cookies

Domain/Path Name / Value
smart-auth.gep.com/ Name: did
Value: s%3Av0%3Adaaeb510-0a9d-11ee-a161-0129c9af2741.fUmrSS%2Bt9Hff1zsUJ5zPvW3tB5032mkRcFC3rSdT59s
smart-auth.gep.com/ Name: auth0
Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQC_mBZB-ETJRK-t1ZUcYweZk9DwaTd_9jcL9vLcNjXB0MuEEUGD4xQpMD1n24NmETVHZfRWI8WPb9kmVpHv3tdymY29va2llg6dleHBpcmVz1_8H3ikAZI2KN65vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.N9t03AuxWOG3htDWeJlOLH9OIhDqlNxL4lR4lVBuzVc
smart-auth.gep.com/ Name: did_compat
Value: s%3Av0%3Adaaeb510-0a9d-11ee-a161-0129c9af2741.fUmrSS%2Bt9Hff1zsUJ5zPvW3tB5032mkRcFC3rSdT59s
smart-auth.gep.com/ Name: auth0_compat
Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQC_mBZB-ETJRK-t1ZUcYweZk9DwaTd_9jcL9vLcNjXB0MuEEUGD4xQpMD1n24NmETVHZfRWI8WPb9kmVpHv3tdymY29va2llg6dleHBpcmVz1_8H3ikAZI2KN65vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.N9t03AuxWOG3htDWeJlOLH9OIhDqlNxL4lR4lVBuzVc
sso.connect.pingidentity.com/ Name: agentid
Value: 61492a51
sso.connect.pingidentity.com/ Name: csrfToken
Value: e95c8b5af49de8f177c5ffbc81e99a93
sso.connect.pingidentity.com/ Name: haid
Value: 079acacf
sso.xylem.com/ Name: PF
Value: N7lqHTme0y2Ab3FXiDSYKq

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff