ndcsso.asurion.com
Open in
urlscan Pro
96.63.68.171
Public Scan
Effective URL: https://ndcsso.asurion.com:9031/idp/SSO.saml2?SAMLRequest=fZLPT4MwFMfv%2FhWk9wJlDujLYJkaExONyTY8eDEV6tY4Wuwri%2FrXW9hm3MVjm%2B%2...
Submission: On September 08 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by Entrust Certification Authority - L1K on September 27th 2022. Valid for: a year.
This is the only time ndcsso.asurion.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 13.226.175.98 13.226.175.98 | 16509 (AMAZON-02) (AMAZON-02) | |
1 1 | 2600:1f18:257... 2600:1f18:257:8001:f7f9:3b8c:bfcc:e335 | 14618 (AMAZON-AES) (AMAZON-AES) | |
7 | 96.63.68.171 96.63.68.171 | 32110 (ASURION-I...) (ASURION-INSURANCE-CORPORATION) | |
2 | 2600:9000:205... 2600:9000:2057:bc00:d:6dc6:8fc0:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
9 | 2 |
ASN16509 (AMAZON-02, US)
PTR: server-13-226-175-98.mxp64.r.cloudfront.net
aui-1808-update-template.npr.ui.asurion.com |
ASN14618 (AMAZON-AES, US)
asurion-ui-nonprod.auth.us-east-1.amazoncognito.com |
ASN32110 (ASURION-INSURANCE-CORPORATION, US)
PTR: ndcsso.asurion.com
ndcsso.asurion.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
asurion.com
1 redirects
aui-1808-update-template.npr.ui.asurion.com ndcsso.asurion.com — Cisco Umbrella Rank: 837437 |
493 KB |
2 |
pingone.com
apps.pingone.com — Cisco Umbrella Rank: 177618 |
3 KB |
1 |
amazoncognito.com
1 redirects
asurion-ui-nonprod.auth.us-east-1.amazoncognito.com |
2 KB |
9 | 3 |
Domain | Requested by | |
---|---|---|
7 | ndcsso.asurion.com |
ndcsso.asurion.com
|
2 | apps.pingone.com |
ndcsso.asurion.com
|
1 | asurion-ui-nonprod.auth.us-east-1.amazoncognito.com | 1 redirects |
1 | aui-1808-update-template.npr.ui.asurion.com | 1 redirects |
9 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
ndcsso.asurion.com Entrust Certification Authority - L1K |
2022-09-27 - 2023-10-07 |
a year | crt.sh |
*.pingone.com Amazon RSA 2048 M02 |
2023-04-05 - 2024-05-03 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://ndcsso.asurion.com:9031/idp/SSO.saml2?SAMLRequest=fZLPT4MwFMfv%2FhWk9wJlDujLYJkaExONyTY8eDEV6tY4Wuwri%2FrXW9hm3MVjm%2B%2BP18%2FrbP7Z7oK9tKiMLggLYxJIXZtG6U1BqvUtzcm8vJihaHdJB4vebfVSfvQSXbBAlNZ537XR2LfSrqTdq1pWy%2FuCbJ3rEKJIYG%2B9hPaKaqM7a5pQ%2BJCwRyoFOspC0Ypv4ys3WjkT1qaNxrJINZ2V2PlsSYIbX6i0cOOUp2zd1IgmPFYMVuDxhA3OaLV6DMccEtzdFOSFy7Rp8jSjubjk9DKecJon01eaZjybTFPGMsm9FLGXdxqd0K4gSZxMaMxpnK8ZhyQBxkI%2BZc8keDoBSwZgHqFGOCAqSG81GIEKQYtWIrgaVouHe%2FBS8O93pjY7Uh6Iwlhog1tjW%2BH%2B9w43qqFvoxSkdsp9nXX%2FbxenbZFykB2owxE7YAe%2FG3nZvFd4XVXV1Sz6O2V5PJ5%2Fg%2FIH&RelayState=H4sIAAAAAAAAAD1S2ZaiMBT8F547NGHHN5G2G0ewXRBkzhxPgChhCchiq3Pm3-d6Znm6dW8qlUoqPwUiTISxR5T0A8LHcxn0syAIbOFFSGBl2o8dazh0KXRa3vWtbLH2LCeYn_JOM62TUZ2rHggZEPJhaPvJ6ysZGcKmZKKxzchA0UDrtgIg8rYTRyaSP7Ji2tTAHfLXlFRVQtISdCjopE1GAZ4AbqfeEuBZmHwX2rzhzzmtCaugtl1zYtVz0rSUswwA-epB9czZ0Ig9g8rFsaedSLKaceHHi5CDJr0vxkTWinjr6m7xJq9267vnTDXvMQ-gPnxnUfi7Te29uzcvXEuH0Ge-syn8elPERYnj4k3xnQNbzhb3OJrjOPKlONzs07pkK-ZeXS6BFQYn1dduqc-iYU-GrbMsIrfc6rtzHW4vrZy185B9flNvuT-s0PMJi-d9ZU0HWAJ0Il0K7l5Dg9xb6Yep_m6W0tV-zPZLLWez--YWF0PlDcqwb7HtB7PdQlJp8w0VUy6plykujEAPAzWLLrJ6qJjZuGO_fC-uJd8phGlNZrOrY3zcvvZUqz7Xa3NVuSE-bP3IWKXJ-kaZ4RqHOB-_jlG4psrcjolN3jbI7OxLvOHHrYznnH3IB3BcgeO_uSKInzeQdZOJz3jF_x9MJDV5NPxfQpA_7KyFCdYtVZYkS8GQqjA5kaqnL0IHkliSjFRNJJRhTJFKkhSZmYGRomRyamp6ctIM0BiAerSonmWmbiCTqBZSJcVCpqwlSDcsQ9F0jA1qCb9-A2iH1-_0AgAA.H4sIAAAAAAAAAAEgAN__1P8oCeyrrKxsszwC2y-kTKvvNSx8JAuoBJrgb_2cP8wnjcl7IAAAAA.4
Frame ID: E28D9B414C2F342C10FE683F62E51B71
Requests: 8 HTTP requests in this frame
Frame:
https://apps.pingone.com/signals/web-sdk/hub-1.0.1/hub.html
Frame ID: B677FFB7AEFDBFC8EC105C6A9C5D78D9
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Sign OnPage URL History Show full URLs
-
https://aui-1808-update-template.npr.ui.asurion.com/
HTTP 307
https://asurion-ui-nonprod.auth.us-east-1.amazoncognito.com/oauth2/authorize?redirect_uri=https%3A%2F%2Faui-1808-update-template.npr.ui.... HTTP 302
https://ndcsso.asurion.com:9031/idp/SSO.saml2?SAMLRequest=fZLPT4MwFMfv%2FhWk9wJlDujLYJkaExONyTY8eDEV6tY4Wuwr... Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://aui-1808-update-template.npr.ui.asurion.com/
HTTP 307
https://asurion-ui-nonprod.auth.us-east-1.amazoncognito.com/oauth2/authorize?redirect_uri=https%3A%2F%2Faui-1808-update-template.npr.ui.asurion.com%2Fauth%2Fcallback&response_type=code&client_id=5hrsp29ipg2b1nfhr589f7lgls&state=eyJub25jZSI6IjE2OTQyMDA5MzFUMDAzNDJjNTRmMGIxMWQ0YWNiNDRjNmRjZjk1ZjE3NDYiLCJyZXF1ZXN0ZWRVcmkiOiIvIn0&scope=phone+email+profile+openid+aws.cognito.signin.user.admin&code_challenge_method=S256&code_challenge=mvrL6CXtVatSDLjXIkS6TgmWSqp2dpFWiPK4xhNtO-s HTTP 302
https://ndcsso.asurion.com:9031/idp/SSO.saml2?SAMLRequest=fZLPT4MwFMfv%2FhWk9wJlDujLYJkaExONyTY8eDEV6tY4Wuwri%2FrXW9hm3MVjm%2B%2BP18%2FrbP7Z7oK9tKiMLggLYxJIXZtG6U1BqvUtzcm8vJihaHdJB4vebfVSfvQSXbBAlNZ537XR2LfSrqTdq1pWy%2FuCbJ3rEKJIYG%2B9hPaKaqM7a5pQ%2BJCwRyoFOspC0Ypv4ys3WjkT1qaNxrJINZ2V2PlsSYIbX6i0cOOUp2zd1IgmPFYMVuDxhA3OaLV6DMccEtzdFOSFy7Rp8jSjubjk9DKecJon01eaZjybTFPGMsm9FLGXdxqd0K4gSZxMaMxpnK8ZhyQBxkI%2BZc8keDoBSwZgHqFGOCAqSG81GIEKQYtWIrgaVouHe%2FBS8O93pjY7Uh6Iwlhog1tjW%2BH%2B9w43qqFvoxSkdsp9nXX%2FbxenbZFykB2owxE7YAe%2FG3nZvFd4XVXV1Sz6O2V5PJ5%2Fg%2FIH&RelayState=H4sIAAAAAAAAAD1S2ZaiMBT8F547NGHHN5G2G0ewXRBkzhxPgChhCchiq3Pm3-d6Znm6dW8qlUoqPwUiTISxR5T0A8LHcxn0syAIbOFFSGBl2o8dazh0KXRa3vWtbLH2LCeYn_JOM62TUZ2rHggZEPJhaPvJ6ysZGcKmZKKxzchA0UDrtgIg8rYTRyaSP7Ji2tTAHfLXlFRVQtISdCjopE1GAZ4AbqfeEuBZmHwX2rzhzzmtCaugtl1zYtVz0rSUswwA-epB9czZ0Ig9g8rFsaedSLKaceHHi5CDJr0vxkTWinjr6m7xJq9267vnTDXvMQ-gPnxnUfi7Te29uzcvXEuH0Ge-syn8elPERYnj4k3xnQNbzhb3OJrjOPKlONzs07pkK-ZeXS6BFQYn1dduqc-iYU-GrbMsIrfc6rtzHW4vrZy185B9flNvuT-s0PMJi-d9ZU0HWAJ0Il0K7l5Dg9xb6Yep_m6W0tV-zPZLLWez--YWF0PlDcqwb7HtB7PdQlJp8w0VUy6plykujEAPAzWLLrJ6qJjZuGO_fC-uJd8phGlNZrOrY3zcvvZUqz7Xa3NVuSE-bP3IWKXJ-kaZ4RqHOB-_jlG4psrcjolN3jbI7OxLvOHHrYznnH3IB3BcgeO_uSKInzeQdZOJz3jF_x9MJDV5NPxfQpA_7KyFCdYtVZYkS8GQqjA5kaqnL0IHkliSjFRNJJRhTJFKkhSZmYGRomRyamp6ctIM0BiAerSonmWmbiCTqBZSJcVCpqwlSDcsQ9F0jA1qCb9-A2iH1-_0AgAA.H4sIAAAAAAAAAAEgAN__1P8oCeyrrKxsszwC2y-kTKvvNSx8JAuoBJrgb_2cP8wnjcl7IAAAAA.4 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
9 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
SSO.saml2
ndcsso.asurion.com/idp/ Redirect Chain
|
12 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.css
ndcsso.asurion.com/assets/css/ |
171 KB 172 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
signals-sdk-5.2.7.js
ndcsso.asurion.com/assets/scripts/ |
271 KB 272 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pingone-protect-device-profiling.js
ndcsso.asurion.com/assets/scripts/ |
2 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
signals.js
ndcsso.asurion.com/assets/scripts/captcha/ |
2 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pong.css
apps.pingone.com/signals/sdk/ |
1 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ping-horizontal-logo.svg
ndcsso.asurion.com/assets/images/ |
4 KB 5 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
iconfont.ttf
ndcsso.asurion.com/assets/fonts/icons/ |
21 KB 22 KB |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hub.html
apps.pingone.com/signals/web-sdk/hub-1.0.1/ Frame B677 |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
33 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| documentPictureInPicture object| _POSignalsEntities function| __assign function| __awaiter function| __generator function| __extends function| _pingOneSignals function| onDomReady string| _pingOneSignalsToken function| profileDevice function| onPingOneSignalsReady function| getDeviceProfileData function| setCookie boolean| formSubmitted function| onLoad function| removeIdentifier function| showIdentifierInputBox function| selectIdentifier function| updateIdentifierDisplayWithDomainName function| updateIdentifierInputWithDomain function| postOk function| postCancel function| submitForm function| postOnReturn function| setFocus function| setMobile function| getScreenWidth object| bodyTag number| width undefined| r undefined| m boolean| _pingOneSignalsReady16 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
ndcsso.asurion.com/assets/scripts/captcha | Name: f5avraaaaaaaaaaaaaaaa_session_ Value: FGMAECIFIGFPAFHJDNPIGGBILEEFDJLLONLGMGCENBHFNOHHCMENGJJGFNMGJCHALLDDBDMKKECOGFICOKAABKBMBHNHGJCENOMJEONCPEHMCOAKKBPBLIHBFEHPHOAF |
|
ndcsso.asurion.com/assets/fonts/icons | Name: f5avraaaaaaaaaaaaaaaa_session_ Value: HDDILEMKHEEIPPKKEKODNNNPJAPGBHCOBFCJIPDFFNNBEMEKBDEBPPGJKEFAIGGMHGHDGCENLENCKFLOPGLADKMMBHMKKBECFDDNCGCHDPIHLMMGJPGIPMCJBHJJOPJA |
|
ndcsso.asurion.com/assets/scripts | Name: f5avraaaaaaaaaaaaaaaa_session_ Value: JACGEFPAEBKAOPEJEJOPPAGHJOHBIAJOLGGKLNPHHOGKCKENKCADPHHPAMJOKIGAPAHDBOFFKEOJOMNOIJJAJGFCBHMLELDOANELKECCCIMECAHFPMMOEEOFBHDLAKFL |
|
ndcsso.asurion.com/assets/images | Name: f5avraaaaaaaaaaaaaaaa_session_ Value: IMNJOPMBFBHCKOKLNPOMGNDLEKIABJELGGMDKJKNALANECPDPPPIDLFMNFLBBNHCPLADGMOLLEGDGNIPDIBAGGGKBHFEAIBOOPOJJIGJEGGIIFHMONACJGPGMKINHAAI |
|
ndcsso.asurion.com/assets/css | Name: f5avraaaaaaaaaaaaaaaa_session_ Value: DKKKLEFCNCEHKADKLMMOAPFGCDKJOEEGKIIEPAAPDGHNJDNKFFBPCKEGPMJFECHOONEDOODLKEJOJAPGJHIAGGOJBHMOFAAEOMHNNHMANENHHKKJMABPKFGKBAPGCHEB |
|
ndcsso.asurion.com/idp | Name: f5avraaaaaaaaaaaaaaaa_session_ Value: KMPNIPJHELJBKHGIKJDIJOEJDKGHMEHHFFFNILGPHLHBCGABFJLNOCDJKLLBGFHJLIMDEELIJECNLFKEFGBAFGEIBHALGAKDFGNNBEMIPDJBJJKAAACODGINBEOIJFEI |
|
ndcsso.asurion.com/idp | Name: f5_cspm Value: 1234 |
|
aui-1808-update-template.npr.ui.asurion.com/ | Name: spa-auth-edge-nonce Value: 1694200931T00342c54f0b11d4acb44c6dcf95f1746 |
|
aui-1808-update-template.npr.ui.asurion.com/ | Name: spa-auth-edge-nonce-hmac Value: 4aee977131642bcdb3c59edc45e061be6b3294b89effd8d0602869a2eba471f2 |
|
aui-1808-update-template.npr.ui.asurion.com/ | Name: spa-auth-edge-pkce Value: 9ded3910696f4e3a4cc590f1fbca86a21e72210281024ca6a13f |
|
asurion-ui-nonprod.auth.us-east-1.amazoncognito.com/ | Name: XSRF-TOKEN Value: d38ee354-8b10-401a-983a-4a1d5ba84434 |
|
asurion-ui-nonprod.auth.us-east-1.amazoncognito.com/ | Name: csrf-state Value: DX60UyMoeUhMO6YA6G8k0vBzCVL5hiCyRxZjtlMt3tVp1BNUCTJ04eoK-jAn04qA1j7U6WU4dXq24Yli8oIusLGjvknT3ai5odBivD7HxwVe5lPQQ8OlIW1YSNX7OcbQxei7I7YZhuw_XWQe3FBZaBaER-8rBqZRn_S21FniH2Y |
|
asurion-ui-nonprod.auth.us-east-1.amazoncognito.com/ | Name: csrf-state-legacy Value: DX60UyMoeUhMO6YA6G8k0vBzCVL5hiCyRxZjtlMt3tVp1BNUCTJ04eoK-jAn04qA1j7U6WU4dXq24Yli8oIusLGjvknT3ai5odBivD7HxwVe5lPQQ8OlIW1YSNX7OcbQxei7I7YZhuw_XWQe3FBZaBaER-8rBqZRn_S21FniH2Y |
|
ndcsso.asurion.com/ | Name: PF Value: zW2hxdkJAF5SRRr1u1Y8j2 |
|
ndcsso.asurion.com/ | Name: f5avr1631339078aaaaaaaaaaaaaaaa_cspm_ Value: DJILFLJGKEJJCPGIGDPGEOGJBJCEAPEHLJABGDHPGLHBCGABFGKNKKDJKLNAGFHJLIMCEELIMLJJLABAFGBAHGEIAPPNPHFFBJGGMNHJPDJBJJDBDOMPFLINBEOIJFHK |
|
ndcsso.asurion.com/ | Name: pingone.protect.device.profile Value: signals |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: 1a09e9938761.o3n.io; frame-ancestors 'self' https://*.asurion.com https://*.asurion.net https://*.nonprod-asurion53.com https://*.asurion53.com https://asurionapplianceplus.my.salesforce.com https://asurionapplianceplus.lightning.force.com https://asurionapplianceplus--full.lightning.force.com https://asurionapplianceplus--full.my.salesforce.com; frame-src 'self' https://p1f-hub.pingone.com https://apps.pingone.com; style-src 'self' 'unsafe-inline' https://apps.pingone.com; object-src 'none'; report-uri https://ndcssodev.asurion.com:9031/csp; report-to sso-csp-endpoint; |
Strict-Transport-Security | max-age=31536000; includeSubDomains |
X-Content-Type-Options | nosniff |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
apps.pingone.com
asurion-ui-nonprod.auth.us-east-1.amazoncognito.com
aui-1808-update-template.npr.ui.asurion.com
ndcsso.asurion.com
13.226.175.98
2600:1f18:257:8001:f7f9:3b8c:bfcc:e335
2600:9000:2057:bc00:d:6dc6:8fc0:93a1
96.63.68.171
0ad68f4aad9d4eb148da5bf3b966b96795c53de1ef996bdaa5ff5c884b3eabbd
3b475249c2ac350d1716ebf8de6bed7bc7c86221f4af719bd18f93adbadd3794
59a3655cb99409eaa5bc3e6fab145ee1fee82cf7e0ef09cd81214aba15b1eeff
70445f28dbfc83f6c7830047d6ab26f54f39e8a930c0d313cb24ccdf379b9699
aae4afd5f7f191da0414bcf712276e11b97068014d8df730e7a4bdac56a5fd4c
ce7bdfddd1d0ccb2745e5bb6a92131d09afaac87a0f7d94c0be4a72720dd25d3
d686f5c5a4116a07e2d5d1ffebdeb30c8be8e0d4829e181c10825654ad804674
e5fb7bf7c31465976a647e4852d85b5b0ab8fdf4da65a93dca8f375dd8731aa9
e85fa95966d2ce21af29a616c2e779c85a2b983a365ca1187dd36f2bcda16b96