secureauthcert.gaig.com Open in urlscan Pro
208.65.198.49 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://claimcentercert.gaig.com/
Effective URL:
https://secureauthcert.gaig.com/siteminderagent/forms/login-gaig/logincert.fcc?TYPE=33619969&REALMOID=06-1292012c-7216-452b-8abe...
Submission: On July 19 via automatic, source certstream-suspicious (July 19th 2022, 8:11:18 pm UTC) — Scanned from DE

Summary HTTP 14 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 3 domains to perform 14 HTTP transactions. The main IP is 208.65.198.49, located in Falmouth, United States and belongs to AFGINC-1, US. The main domain is secureauthcert.gaig.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on March 18th 2022. Valid for: a year.

This is the only time secureauthcert.gaig.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 3	45.60.87.67 45.60.87.67	19551 (INCAPSULA) (INCAPSULA)
5	208.65.198.49 208.65.198.49	17163 (AFGINC-1) (AFGINC-1)
3	18.66.139.45 18.66.139.45	16509 (AMAZON-02) (AMAZON-02)
3	2a02:26f0:350... 2a02:26f0:3500:16::215:148f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:1495	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	13.248.244.122 13.248.244.122	16509 (AMAZON-02) (AMAZON-02)
14	5

3 45.60.87.67 (United States) 3 redirects

ASN19551 (INCAPSULA, US)

claimcentercert.gaig.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 208.65.198.49 (Falmouth, United States)

ASN17163 (AFGINC-1, US)

secureauthcert.gaig.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.139.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-45.fra60.r.cloudfront.net

global.oktacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:3500:16::215:148f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:1495 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.244.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: a556120ce37110a35.awsglobalaccelerator.com

logincert.gaig.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	gaig.com 3 redirects claimcentercert.gaig.com secureauthcert.gaig.com logincert.gaig.com	230 KB
4	typekit.net use.typekit.net — Cisco Umbrella Rank: 666 p.typekit.net — Cisco Umbrella Rank: 786	68 KB
3	oktacdn.com global.oktacdn.com — Cisco Umbrella Rank: 15779	439 KB
14	3

	Domain	Requested by
5	secureauthcert.gaig.com	secureauthcert.gaig.com
3	use.typekit.net	secureauthcert.gaig.com use.typekit.net
3	global.oktacdn.com	secureauthcert.gaig.com global.oktacdn.com
3	claimcentercert.gaig.com	3 redirects
2	logincert.gaig.com	global.oktacdn.com
1	p.typekit.net	use.typekit.net
14	6

This site contains links to these domains. Also see Links.

Domain
ims-cert.td.afg
www.greatamericaninsurancegroup.com

Subject Issuer	Validity	Valid
*.gaig.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-18` - `2023-03-21`	a year	crt.sh
*.oktacdn.com DigiCert TLS RSA SHA256 2020 CA1	`2021-12-22` - `2023-01-22`	a year	crt.sh
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2022-03-07` - `2023-04-07`	a year	crt.sh
logincert.gaig.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-14` - `2023-03-10`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://secureauthcert.gaig.com/siteminderagent/forms/login-gaig/logincert.fcc?TYPE=33619969&REALMOID=06-1292012c-7216-452b-8abe-325ea8063200&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-TSrJdBredVbrnypFWqFZLRVEQzN2oeXW8n97uusHAHUB17onwTfQ0b2KQwBJicD06T9oz8pco%2f209EnCLWZmCoAplIkk085s&TARGET=-SM-https%3a%2f%2fclaimcentercert%2egaig%2ecom%2fcc
Frame ID: C176A2D3E0436AA4C92999C98E639ACE
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

CERT - GAIG - Sign In

Page URL History Show full URLs

https://claimcentercert.gaig.com/ HTTP 302
http://claimcentercert.gaig.com/cc HTTP 302
https://claimcentercert.gaig.com/cc HTTP 302
https://secureauthcert.gaig.com/siteminderagent/forms/login-gaig/logincert.fcc?TYPE=33619969&REALMOID=06-129... Page URL

Detected technologies

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

Page Statistics

14
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

6
Subdomains

5
IPs

2
Countries

736 kB
Transfer

1951 kB
Size

6
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://ims-cert.td.afg/sspr/public/ForgottenUsername
Title: Forgot username?

Search URL Search Domain Scan URL

URL: https://www.greatamericaninsurancegroup.com/contact
Title: Help

Search URL Search Domain Scan URL

URL: https://www.greatamericaninsurancegroup.com/contact/legal-disclosures
Title: Legal Disclosures/Terms and Conditions

Search URL Search Domain Scan URL

URL: https://www.greatamericaninsurancegroup.com/contact/privacy
Title: Privacy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://claimcentercert.gaig.com/ HTTP 302
http://claimcentercert.gaig.com/cc HTTP 302
https://claimcentercert.gaig.com/cc HTTP 302
https://secureauthcert.gaig.com/siteminderagent/forms/login-gaig/logincert.fcc?TYPE=33619969&REALMOID=06-1292012c-7216-452b-8abe-325ea8063200&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-TSrJdBredVbrnypFWqFZLRVEQzN2oeXW8n97uusHAHUB17onwTfQ0b2KQwBJicD06T9oz8pco%2f209EnCLWZmCoAplIkk085s&TARGET=-SM-https%3a%2f%2fclaimcentercert%2egaig%2ecom%2fcc Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request logincert.fcc Show response
secureauthcert.gaig.com/siteminderagent/forms/login-gaig/
Redirect Chain

https://claimcentercert.gaig.com/
http://claimcentercert.gaig.com/cc
https://claimcentercert.gaig.com/cc
https://secureauthcert.gaig.com/siteminderagent/forms/login-gaig/logincert.fcc?TYPE=33619969&REALMOID=06-1292012c-7216-452b-8abe-325ea8063200&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-TSrJdBr...

3 KB
2 KB

1139ms
135ms

Document
text/html

208.65.198.49
AFGINC-1

General

Check archive.org

Show headers Download Go to

Full URL: https://secureauthcert.gaig.com/siteminderagent/forms/login-gaig/logincert.fcc?TYPE=33619969&REALMOID=06-1292012c-7216-452b-8abe-325ea8063200&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-TSrJdBredVbrnypFWqFZLRVEQzN2oeXW8n97uusHAHUB17onwTfQ0b2KQwBJicD06T9oz8pco%2f209EnCLWZmCoAplIkk085s&TARGET=-SM-https%3a%2f%2fclaimcentercert%2egaig%2ecom%2fcc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.65.198.49 Falmouth, United States, ASN17163 (AFGINC-1, US),
Reverse DNS
Software: Apache /
Resource Hash: ed045c55ef6e80e21f5edbbff3f413f5736c90674860da4b976b42341656eec2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store
Connection: Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Tue, 19 Jul 2022 20:11:03 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
Transfer-Encoding: chunked
Vary: Accept-Encoding,User-Agent

Redirect headers

cache-control: no-store
content-length: 555
content-type: text/html; charset=iso-8859-1
date: Tue, 19 Jul 2022 20:11:02 GMT
location: https://secureauthcert.gaig.com/siteminderagent/forms/login-gaig/logincert.fcc?TYPE=33619969&REALMOID=06-1292012c-7216-452b-8abe-325ea8063200&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-TSrJdBredVbrnypFWqFZLRVEQzN2oeXW8n97uusHAHUB17onwTfQ0b2KQwBJicD06T9oz8pco%2f209EnCLWZmCoAplIkk085s&TARGET=-SM-https%3a%2f%2fclaimcentercert%2egaig%2ecom%2fcc
server: Apache
server-timing: dtSInfo;desc="0", dtRpid;desc="-1952682850"
x-cdn: Imperva
x-iinfo: 14-87878983-87878990 PNNN RT(1658261461354 785) q(0 0 0 -1) r(1 1) U11

GET
H2 200 okta-sign-in.min.js Show response
global.oktacdn.com/okta-signin-widget/5.4.4/js/ 1 MB
388 KB 94ms
27ms Script
application/x-javascript 18.66.139.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://global.oktacdn.com/okta-signin-widget/5.4.4/js/okta-sign-in.min.js

Requested by

Host: secureauthcert.gaig.com
URL: https://secureauthcert.gaig.com/siteminderagent/forms/login-gaig/logincert.fcc?TYPE=33619969&REALMOID=06-1292012c-7216-452b-8abe-325ea8063200&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-TSrJdBredVbrnypFWqFZLRVEQzN2oeXW8n97uusHAHUB17onwTfQ0b2KQwBJicD06T9oz8pco%2f209EnCLWZmCoAplIkk085s&TARGET=-SM-https%3a%2f%2fclaimcentercert%2egaig%2ecom%2fcc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.45 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-45.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

4839dce79a544a2a5a0552a9739b043a92bd79e5746f665d16d2eaf8a23eb6e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secureauthcert.gaig.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: vJBQedM8mYXvelJEjEnp9UMgV_kpuAMg
content-encoding: gzip
x-content-type-options: nosniff
age: 57170
x-cache: Hit from cloudfront
date: Tue, 19 Jul 2022 04:18:15 GMT
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=315360000
via: 1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
last-modified: Fri, 19 Mar 2021 00:21:50 GMT
server: AmazonS3
etag: W/"ae4859671d475a602643c884627e2d07"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,s-maxage=1814400
x-amz-cf-pop: FRA60-P4
x-amz-cf-id: bf-c700PXtf6Bgme_XGXZGk5kP8SXbB8u4mpynNcO6j8r7zR5Q3lUA==

GET
H2 200 okta-sign-in.min.css
global.oktacdn.com/okta-signin-widget/5.4.4/css/ 199 KB
29 KB 93ms
27ms Stylesheet
text/css 18.66.139.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://global.oktacdn.com/okta-signin-widget/5.4.4/css/okta-sign-in.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.45 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-45.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

5d70a5d7d124e0733abf9ff6578057f370639d3207f7b36d7413bdaeab146e1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secureauthcert.gaig.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: DClubqSVSW364_dWikPJ4aCeqk8F1BID
content-encoding: gzip
x-content-type-options: nosniff
age: 1941
x-cache: Hit from cloudfront
date: Tue, 19 Jul 2022 19:43:55 GMT
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=315360000
via: 1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
last-modified: Fri, 19 Mar 2021 00:21:48 GMT
server: AmazonS3
etag: W/"1be87fdaf98259cabf4c2d161fa60367"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public,max-age=31536000,s-maxage=1814400
x-amz-cf-pop: FRA60-P4
x-amz-cf-id: qCZzT4HH5nnzmT1IWjn7_VJ-iVXyp1bACdKDRstFUXpC74kkCWGJpw==

GET
H2 200 bbt2smq.css
use.typekit.net/ 5 KB
1 KB 214ms
143ms Stylesheet
text/css 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/bbt2smq.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

c0e516a9c7fbba504a1730642f26f40a6973c3713844406d3c7cbce0a4d240fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secureauthcert.gaig.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Tue, 19 Jul 2022 20:11:04 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 832

GET
H/1.1 200
OK oktagaig-styles.css
secureauthcert.gaig.com/siteminderagent/forms/login-gaig/ 2 KB
1 KB 133ms
132ms Stylesheet
text/css 208.65.198.49
AFGINC-1

General

Check archive.org

Show headers Download Go to

Full URL: https://secureauthcert.gaig.com/siteminderagent/forms/login-gaig/oktagaig-styles.css
Requested by: Host: secureauthcert.gaig.com
URL: https://secureauthcert.gaig.com/siteminderagent/forms/login-gaig/logincert.fcc?TYPE=33619969&REALMOID=06-1292012c-7216-452b-8abe-325ea8063200&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-TSrJdBredVbrnypFWqFZLRVEQzN2oeXW8n97uusHAHUB17onwTfQ0b2KQwBJicD06T9oz8pco%2f209EnCLWZmCoAplIkk085s&TARGET=-SM-https%3a%2f%2fclaimcentercert%2egaig%2ecom%2fcc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.65.198.49 Falmouth, United States, ASN17163 (AFGINC-1, US),
Reverse DNS
Software: Apache /
Resource Hash: ef38861f432fc8ce8ac62918ea16cca344a31b257aef010fe56fa1cdc44fb1bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secureauthcert.gaig.com/siteminderagent/forms/login-gaig/logincert.fcc?TYPE=33619969&REALMOID=06-1292012c-7216-452b-8abe-325ea8063200&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-TSrJdBredVbrnypFWqFZLRVEQzN2oeXW8n97uusHAHUB17onwTfQ0b2KQwBJicD06T9oz8pco%2f209EnCLWZmCoAplIkk085s&TARGET=-SM-https%3a%2f%2fclaimcentercert%2egaig%2ecom%2fcc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 19 Jul 2022 20:11:04 GMT
Content-Encoding: gzip
Last-Modified: Tue, 20 Apr 2021 20:58:35 GMT
Server: Apache
ETag: "723-5c06db5a5e824-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Cache-Control: max-age=43200, proxy-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 712
Expires: Wed, 20 Jul 2022 08:11:04 GMT

GET
H/1.1 200
OK logincert.js Show response
secureauthcert.gaig.com/siteminderagent/forms/login-gaig/ 3 KB
2 KB 268ms
134ms Script
application/javascript 208.65.198.49
AFGINC-1

General

Check archive.org

Show headers Download Go to

Full URL: https://secureauthcert.gaig.com/siteminderagent/forms/login-gaig/logincert.js
Requested by: Host: secureauthcert.gaig.com
URL: https://secureauthcert.gaig.com/siteminderagent/forms/login-gaig/logincert.fcc?TYPE=33619969&REALMOID=06-1292012c-7216-452b-8abe-325ea8063200&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-TSrJdBredVbrnypFWqFZLRVEQzN2oeXW8n97uusHAHUB17onwTfQ0b2KQwBJicD06T9oz8pco%2f209EnCLWZmCoAplIkk085s&TARGET=-SM-https%3a%2f%2fclaimcentercert%2egaig%2ecom%2fcc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.65.198.49 Falmouth, United States, ASN17163 (AFGINC-1, US),
Reverse DNS
Software: Apache /
Resource Hash: 30dcbbbc7bcc6064c6a90503e1147a8b72a0d8fd6c7c8f4773b9c3c9cadd7057

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secureauthcert.gaig.com/siteminderagent/forms/login-gaig/logincert.fcc?TYPE=33619969&REALMOID=06-1292012c-7216-452b-8abe-325ea8063200&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-TSrJdBredVbrnypFWqFZLRVEQzN2oeXW8n97uusHAHUB17onwTfQ0b2KQwBJicD06T9oz8pco%2f209EnCLWZmCoAplIkk085s&TARGET=-SM-https%3a%2f%2fclaimcentercert%2egaig%2ecom%2fcc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 19 Jul 2022 20:11:04 GMT
Content-Encoding: gzip
Last-Modified: Wed, 22 Sep 2021 13:37:19 GMT
Server: Apache
ETag: "d12-5cc959d001dff-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Cache-Control: max-age=43200, proxy-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1427
Expires: Wed, 20 Jul 2022 08:11:04 GMT

GET
H2 200 p.css
p.typekit.net/ 5 B
181 B 97ms
20ms Stylesheet
text/css 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=bbt2smq&ht=tk&f=139.140.175.176.39636.39642&a=439779&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/bbt2smq.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 20:11:04 GMT
last-modified: Sat, 16 Oct 2021 08:18:43 GMT
server: nginx
etag: "616a8ae3-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H/1.1 404
Not Found me Show response
logincert.gaig.com/api/v1/sessions/ 168 B
1 KB 483ms
183ms Fetch
application/json 13.248.244.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://logincert.gaig.com/api/v1/sessions/me

Requested by

Host: global.oktacdn.com
URL: https://global.oktacdn.com/okta-signin-widget/5.4.4/js/okta-sign-in.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.244.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a556120ce37110a35.awsglobalaccelerator.com

Software

nginx /

Resource Hash

806a3a811f9bcdfdfc75196a3e8c33500dc347c08752142c22cb99ae406c785c

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://secureauthcert.gaig.com/
X-Okta-User-Agent-Extended: okta-signin-widget-5.4.4
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

x-okta-request-id: YtcP2TMYUPYFOjIaOvLj3AAADE0
Date: Tue, 19 Jul 2022 20:11:05 GMT
Content-Encoding: gzip
x-rate-limit-limit: 750
x-rate-limit-remaining: 749
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://okta.report-uri.com/r/d/csp/reportOnly; report-to csp
p3p: CP="HONK"
Connection: Keep-Alive
Vary: Accept-Encoding,Origin
x-xss-protection: 0
pragma: no-cache
access-control-allow-headers: Content-Type
Server: nginx
expect-ct: report-uri="https://oktaexpectct.report-uri.com/r/t/ct/reportOnly", max-age=0
Strict-Transport-Security: max-age=315360000; includeSubDomains
Content-Type: application/json
access-control-allow-origin: https://secureauthcert.gaig.com
cache-control: no-cache, no-store
Transfer-Encoding: chunked
x-rate-limit-reset: 1658261525
access-control-allow-credentials: true
Keep-Alive: timeout=5, max=100
x-content-type-options: nosniff
expires: 0

OPTIONS
H/1.1 200
OK me
logincert.gaig.com/api/v1/sessions/ 0
0 880ms
178ms Preflight 13.248.244.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://logincert.gaig.com/api/v1/sessions/me

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.244.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a556120ce37110a35.awsglobalaccelerator.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-okta-user-agent-extended
Access-Control-Request-Method: GET
Origin: https://secureauthcert.gaig.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Connection: Keep-Alive
Content-Length: 0
Date: Tue, 19 Jul 2022 20:11:05 GMT
Keep-Alive: timeout=5, max=100
Server: nginx
Strict-Transport-Security: max-age=315360000; includeSubDomains
access-control-allow-credentials: true
access-control-allow-headers: content-type,x-okta-user-agent-extended,Content-Type
access-control-allow-methods: DELETE, GET, OPTIONS
access-control-allow-origin: https://secureauthcert.gaig.com
access-control-max-age: 3600
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
cache-control: no-cache, no-store
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://okta.report-uri.com/r/d/csp/reportOnly; report-to csp
expect-ct: report-uri="https://oktaexpectct.report-uri.com/r/t/ct/reportOnly", max-age=0
expires: 0
p3p: CP="HONK"
pragma: no-cache
report-to: {"group":"csp","max_age":31536000,"endpoints":[{"url":"https://okta.report-uri.com/a/d/g"}],"include_subdomains":true}
vary: Origin
x-okta-request-id: YtcP2T7jf-7cGFnjy_WXMwAABIM
x-rate-limit-limit: 10000
x-rate-limit-remaining: 9999
x-rate-limit-reset: 1658261525
x-xss-protection: 0

GET
H/1.1 200
OK 5635-PCG-D.jpg
secureauthcert.gaig.com/siteminderagent/forms/login-gaig/ 208 KB
208 KB 133ms
133ms Image
image/jpeg 208.65.198.49
AFGINC-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secureauthcert.gaig.com/siteminderagent/forms/login-gaig/5635-PCG-D.jpg
Requested by: Host: secureauthcert.gaig.com
URL: https://secureauthcert.gaig.com/siteminderagent/forms/login-gaig/oktagaig-styles.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.65.198.49 Falmouth, United States, ASN17163 (AFGINC-1, US),
Reverse DNS
Software: Apache /
Resource Hash: 6740dcb58abd9a45478e8e6b043e1d53159e024f9a40ee597ceea793d73e164f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secureauthcert.gaig.com/siteminderagent/forms/login-gaig/oktagaig-styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 19 Jul 2022 20:11:04 GMT
Last-Modified: Tue, 20 Apr 2021 20:58:35 GMT
Server: Apache
ETag: "33f8f-5c06db5a5e824"
Content-Type: image/jpeg
Cache-Control: max-age=43200, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 212879
Expires: Wed, 20 Jul 2022 08:11:04 GMT

GET
H2 200 l
use.typekit.net/af/705e94/00000000000000003b9b3062/27/ 33 KB
33 KB 87ms
22ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/705e94/00000000000000003b9b3062/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/bbt2smq.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 31685af3bbf1ff809935f70512ea48729eac2add3a47f604db26c43f2a253541

Request headers

Referer: https://use.typekit.net/bbt2smq.css
Origin: https://secureauthcert.gaig.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 20:11:04 GMT
server: nginx
etag: "79fea02668402fc378c129193093131a2db2577c"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 33576

GET
H2 200 l
use.typekit.net/af/949f99/00000000000000003b9b3068/27/ 34 KB
34 KB 91ms
27ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/949f99/00000000000000003b9b3068/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/bbt2smq.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 60fe579c50202903eec3a1898b8eafc6df528307b7e40052c0f800e718a7129f

Request headers

Referer: https://use.typekit.net/bbt2smq.css
Origin: https://secureauthcert.gaig.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 20:11:04 GMT
server: nginx
etag: "b5fef031a96fc670f9c3b1b64dd52243a29d7531"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 34336

GET
H/1.1 200
OK mGAIG-Logo.png
secureauthcert.gaig.com/siteminderagent/forms/login-gaig/ 14 KB
14 KB 136ms
135ms Image
image/png 208.65.198.49
AFGINC-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secureauthcert.gaig.com/siteminderagent/forms/login-gaig/mGAIG-Logo.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.65.198.49 Falmouth, United States, ASN17163 (AFGINC-1, US),
Reverse DNS
Software: Apache /
Resource Hash: 5da01feb7505d0387a593b9d748da8d0849213be3f03d4e92be912a2484bbee1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secureauthcert.gaig.com/siteminderagent/forms/login-gaig/logincert.fcc?TYPE=33619969&REALMOID=06-1292012c-7216-452b-8abe-325ea8063200&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-TSrJdBredVbrnypFWqFZLRVEQzN2oeXW8n97uusHAHUB17onwTfQ0b2KQwBJicD06T9oz8pco%2f209EnCLWZmCoAplIkk085s&TARGET=-SM-https%3a%2f%2fclaimcentercert%2egaig%2ecom%2fcc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 19 Jul 2022 20:11:05 GMT
Last-Modified: Tue, 20 Apr 2021 20:58:35 GMT
Server: Apache
ETag: "36aa-5c06db5a5e824"
Content-Type: image/png
Cache-Control: max-age=43200, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 13994
Expires: Wed, 20 Jul 2022 08:11:05 GMT

GET
H2 200 montserrat-light-webfont.woff
global.oktacdn.com/okta-signin-widget/5.4.4/font/ 22 KB
22 KB 75ms
26ms Font
application/octet-stream 18.66.139.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://global.oktacdn.com/okta-signin-widget/5.4.4/font/montserrat-light-webfont.woff

Requested by

Host: global.oktacdn.com
URL: https://global.oktacdn.com/okta-signin-widget/5.4.4/css/okta-sign-in.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.45 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-45.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

feb177fb563f478cb8ecade71caea5df5ad318ca161c71875114e504ce304ace

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000
X-Content-Type-Options	nosniff

Request headers

Referer: https://global.oktacdn.com/okta-signin-widget/5.4.4/css/okta-sign-in.min.css
Origin: https://secureauthcert.gaig.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: fPkVHZ0BreXwJtdNlA9JDPCbpRWBJBp2
via: 1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 66922
x-cache: Hit from cloudfront
date: Tue, 19 Jul 2022 01:35:44 GMT
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=315360000
content-length: 22112
last-modified: Fri, 19 Mar 2021 00:21:48 GMT
server: AmazonS3
etag: "6225f3ca44b83090833064727a09cc95"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public,max-age=31536000,s-maxage=1814400
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
x-amz-cf-id: 8WvenDoiVLhGEAqPG8DZNrgFi2hv4yE2zB7ACEAui2VP0br64V9o_g==

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.gaig.com/	1969-12-31 23:59:59	Name: dtCookie Value: v_4_srv_4_sn_994E4C841A1883982FAE7E7C995E311A_perc_100000_ol_0_mul_1_app-3Ae4523000d02c586b_1_rcs-3Acss_0
claimcentercert.gaig.com/	1969-12-31 23:59:59	Name: cookiemonster Value: !qO6XBNcmMbKAzNVaaKUtehkCAO8G+evVVEEiLITT11dGKRKoiGjvDabfgPEfZVZQNrTUtOV2/KZ5tlfB3XdHNOt3R10YkorbpcNhmK374i7plDQyEBFhqAXg5v0nvywaBYbjDmJHNEDsNl2QcXCvSzVff9m9n6g=
.gaig.com/	1970-01-20 13:21:59	Name: visid_incap_2362076 Value: jkblGPncSiGYlX+VmvqLOdUP12IAAAAAQUIPAAAAAABYjhA9iBdUQ4f0G2Y380tf
.gaig.com/	1969-12-31 23:59:59	Name: incap_ses_273_2362076 Value: eEeSHsNXQVu18TNhvOTJA9UP12IAAAAABDHrvuYHFMnEc4l6ob5Big==
secureauthcert.gaig.com/	1969-12-31 23:59:59	Name: cookiemonster Value: !iTh8tm7AwuoKfFxaaKUtehkCAO8G+d30g8PS5205zHi0OuY/Yz3DOpZFiUiyaPistz+jBTHF301IYvfuqz58fHNMuLH0ArQ7+3brUgsdYOw2X3yv0LBCbxIyrkju17dReP+gfrRavcUlaOrlf7dmydKc48jOSX4=
logincert.gaig.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: A6748656E6D08E124F322F77B1466ABC

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://logincert.gaig.com/api/v1/sessions/me Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

claimcentercert.gaig.com
global.oktacdn.com
logincert.gaig.com
p.typekit.net
secureauthcert.gaig.com
use.typekit.net
13.248.244.122
18.66.139.45
208.65.198.49
2a02:26f0:3500:16::215:148f
2a02:26f0:3500:16::215:1495
45.60.87.67
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
30dcbbbc7bcc6064c6a90503e1147a8b72a0d8fd6c7c8f4773b9c3c9cadd7057
31685af3bbf1ff809935f70512ea48729eac2add3a47f604db26c43f2a253541
4839dce79a544a2a5a0552a9739b043a92bd79e5746f665d16d2eaf8a23eb6e4
5d70a5d7d124e0733abf9ff6578057f370639d3207f7b36d7413bdaeab146e1c
5da01feb7505d0387a593b9d748da8d0849213be3f03d4e92be912a2484bbee1
60fe579c50202903eec3a1898b8eafc6df528307b7e40052c0f800e718a7129f
6740dcb58abd9a45478e8e6b043e1d53159e024f9a40ee597ceea793d73e164f
806a3a811f9bcdfdfc75196a3e8c33500dc347c08752142c22cb99ae406c785c
c0e516a9c7fbba504a1730642f26f40a6973c3713844406d3c7cbce0a4d240fa
ed045c55ef6e80e21f5edbbff3f413f5736c90674860da4b976b42341656eec2
ef38861f432fc8ce8ac62918ea16cca344a31b257aef010fe56fa1cdc44fb1bb
feb177fb563f478cb8ecade71caea5df5ad318ca161c71875114e504ce304ace

secureauthcert.gaig.com Open in urlscan Pro 208.65.198.49 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

14 Requests

100 %HTTPS

33 %IPv6

3 Domains

6 Subdomains

5 IPs

2 Countries

736 kBTransfer

1951 kBSize

6 Cookies

4 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

6 Cookies

1 Console Messages

Indicators

secureauthcert.gaig.com Open in urlscan Pro
208.65.198.49 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

6
Subdomains

5
IPs

2
Countries

736 kB
Transfer

1951 kB
Size

6
Cookies

14 HTTP transactions
0 data transactions