id1.westernasset.com

Summary

This website contacted 2 IPs in 1 countries across 3 domains to perform 7 HTTP transactions. The main IP is 199.192.133.205, located in Pasadena, United States and belongs to CENTURYLINK-LEGACY-LVLT-203, US. The main domain is id1.westernasset.com.
TLS certificate: Issued by DigiCert Global G3 TLS ECC SHA384 202... on February 26th 2024. Valid for: a year.

This is the only time id1.westernasset.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	2606:4700::68... 2606:4700::6812:6b24	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	3.214.9.175 3.214.9.175	14618 (AMAZON-AES) (AMAZON-AES)
5	199.192.133.205 199.192.133.205	203 (CENTURYLI...) (CENTURYLINK-LEGACY-LVLT-203)
7	2

2 2606:4700::6812:6b24 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

wam.identitynow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.214.9.175 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-214-9-175.compute-1.amazonaws.com

wam.login.sailpoint.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 199.192.133.205 (Pasadena, United States)

ASN203 (CENTURYLINK-LEGACY-LVLT-203, US)
PTR: id1.westernasset.com

id1.westernasset.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	westernasset.com id1.westernasset.com	201 KB
3	sailpoint.com 1 redirects wam.login.sailpoint.com	3 KB
2	identitynow.com 2 redirects wam.identitynow.com	1 KB
7	3

	Domain	Requested by
5	id1.westernasset.com	id1.westernasset.com
3	wam.login.sailpoint.com	1 redirects
2	wam.identitynow.com	2 redirects
7	3

This site contains no links.

Subject Issuer	Validity	Valid
*.login.sailpoint.com Amazon RSA 2048 M02	`2024-04-09` - `2025-05-07`	a year	crt.sh
id1.westernasset.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-02-26` - `2025-03-25`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://id1.westernasset.com/idp/SSO.saml2
Frame ID: E2F25AB77D99B5D117E886C9857EA93A
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign On

Page URL History Show full URLs

https://wam.identitynow.com/ui/d/approvals HTTP 302
https://wam.identitynow.com/oauth/authorize/wam?brand=default HTTP 302
https://wam.login.sailpoint.com/oauth/authorize?brand=default&response_type=code&redirect_uri=https%3A%2F%2F... HTTP 302
https://wam.login.sailpoint.com/saml/login/alias/wam-sp?idp=urn:westernasset:saml2&relaystate=813423d0-3492-... Page URL
https://id1.westernasset.com/idp/SSO.saml2 Page URL

Page Statistics

7
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

2
IPs

1
Countries

203 kB
Transfer

201 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://wam.identitynow.com/ui/d/approvals HTTP 302
https://wam.identitynow.com/oauth/authorize/wam?brand=default HTTP 302
https://wam.login.sailpoint.com/oauth/authorize?brand=default&response_type=code&redirect_uri=https%3A%2F%2Fwam.identitynow.com%2Foauth%2Fcallback&scope=sp%3Ascopes%3Aall&state=nNLTAk3y_mt8LPxQlyvowLHTjaa83B9V&client_id=sp-renderer HTTP 302
https://wam.login.sailpoint.com/saml/login/alias/wam-sp?idp=urn:westernasset:saml2&relaystate=813423d0-3492-4f72-8bf6-70eb9378ecd2 Page URL
https://id1.westernasset.com/idp/SSO.saml2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://wam.identitynow.com/ui/d/approvals HTTP 302
https://wam.identitynow.com/oauth/authorize/wam?brand=default HTTP 302
https://wam.login.sailpoint.com/oauth/authorize?brand=default&response_type=code&redirect_uri=https%3A%2F%2Fwam.identitynow.com%2Foauth%2Fcallback&scope=sp%3Ascopes%3Aall&state=nNLTAk3y_mt8LPxQlyvowLHTjaa83B9V&client_id=sp-renderer HTTP 302
https://wam.login.sailpoint.com/saml/login/alias/wam-sp?idp=urn:westernasset:saml2&relaystate=813423d0-3492-4f72-8bf6-70eb9378ecd2

7 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

wam-sp Show response
wam.login.sailpoint.com/saml/login/alias/
Redirect Chain

https://wam.identitynow.com/ui/d/approvals
https://wam.identitynow.com/oauth/authorize/wam?brand=default
https://wam.login.sailpoint.com/oauth/authorize?brand=default&response_type=code&redirect_uri=https%3A%2F%2Fwam.identitynow.com%2Foauth%2Fcallback&scope=sp%3Ascopes%3Aall&state=nNLTAk3y_mt8LPxQlyvo...
https://wam.login.sailpoint.com/saml/login/alias/wam-sp?idp=urn:westernasset:saml2&relaystate=813423d0-3492-4f72-8bf6-70eb9378ecd2

2 KB
2 KB

143ms
143ms

Document
text/html

3.214.9.175
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wam.login.sailpoint.com/saml/login/alias/wam-sp?idp=urn:westernasset:saml2&relaystate=813423d0-3492-4f72-8bf6-70eb9378ecd2

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

3.214.9.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-214-9-175.compute-1.amazonaws.com

Software

nginx /

Resource Hash

d1998c5dde36ea31b6d5025b74ccb2f370f03ab444e517d5e42e4c8a1320a38c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-expose-headers: X-Content-Type-Options,Connection,Pragma,Date,X-Zuul-ServiceId,X-Frame-Options,Strict-Transport-Security,Cache-Control,Retry-After,Expires,SLPT-Request-ID,X-XSS-Protection,Content-Length,Content-Type
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Wed, 20 Nov 2024 15:10:01 GMT
server: nginx
slpt-request-id: 3747fcd4f7b14a14a48b070dc49fe82b
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding Origin Access-Control-Request-Method Access-Control-Request-Headers
x-robots-tag: none noindex

Redirect headers

access-control-expose-headers: X-Content-Type-Options,Connection,Pragma,Date,X-Zuul-ServiceId,X-Frame-Options,Strict-Transport-Security,Cache-Control,Retry-After,Set-Cookie,Expires,SLPT-Request-ID,X-XSS-Protection,Content-Length,Location
cache-control: no-cache, no-store, max-age=0, must-revalidate
date: Wed, 20 Nov 2024 15:10:01 GMT
location: https://wam.login.sailpoint.com/saml/login/alias/wam-sp?idp=urn:westernasset:saml2&relaystate=813423d0-3492-4f72-8bf6-70eb9378ecd2
server: nginx
slpt-request-id: f72d4bd65a0e4bb6acfee3916922ba5c
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-robots-tag: none noindex

POST
H/1.1 200
OK Primary Request SSO.saml2 Show response
id1.westernasset.com/idp/ 10 KB
11 KB 1272ms
207ms Document
text/html 199.192.133.205
CENTURYLINK-LEGAC...

General

Check archive.org

Show headers Download Go to

Full URL

https://id1.westernasset.com/idp/SSO.saml2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.192.133.205 Pasadena, United States, ASN203 (CENTURYLINK-LEGACY-LVLT-203, US),

Reverse DNS

id1.westernasset.com

Software

/

Resource Hash

3fc3326a756147740e01c6d5555d46769c4e21d6e8dd7bf5c9e04489a0d03546

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://wam.login.sailpoint.com
Referer: https://wam.login.sailpoint.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Cache-Control: no-cache, no-store
Content-Length: 10388
Content-Type: text/html;charset=utf-8
Date: Wed, 20 Nov 2024 15:10:02 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Referrer-Policy: origin
X-Frame-Options: SAMEORIGIN

GET
H2 404 favicon.ico
wam.login.sailpoint.com/ 32 B
448 B 283ms
283ms Other
application/json 3.214.9.175
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wam.login.sailpoint.com/favicon.ico

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

3.214.9.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-214-9-175.compute-1.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wam.login.sailpoint.com/saml/login/alias/wam-sp?idp=urn:westernasset:saml2&relaystate=813423d0-3492-4f72-8bf6-70eb9378ecd2

Response headers

x-robots-tag: noindex
access-control-expose-headers: SLPT-Request-ID, Content-Type
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
x-content-type-options: nosniff
expires: 0
content-length: 32
date: Wed, 20 Nov 2024 15:10:01 GMT
x-xss-protection: 1; mode=block
content-type: application/json;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server: nginx
slpt-request-id: 622417b1e7b343e698b58289b849a016
x-frame-options: DENY

GET
H/1.1 200
OK main.css
id1.westernasset.com/assets/css/ 170 KB
170 KB 185ms
184ms Stylesheet
text/css 199.192.133.205
CENTURYLINK-LEGAC...

General

Check archive.org

Show headers Download Go to

Full URL

https://id1.westernasset.com/assets/css/main.css

Requested by

Host: id1.westernasset.com
URL: https://id1.westernasset.com/idp/SSO.saml2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.192.133.205 Pasadena, United States, ASN203 (CENTURYLINK-LEGACY-LVLT-203, US),

Reverse DNS

id1.westernasset.com

Software

/

Resource Hash

456538bd902f65cc519b98351657ece5d3680a855afd771598e7ec38eae7b7c6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://id1.westernasset.com/

Response headers

X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=0, must-revalidate
Content-Length: 174257
Date: Wed, 20 Nov 2024 15:10:03 GMT
Last-Modified: Sun, 16 Apr 2023 16:09:20 GMT
Content-Type: text/css
Referrer-Policy: origin

GET
H/1.1 200
OK wam.png
id1.westernasset.com/assets/images/ 8 KB
8 KB 1578ms
1578ms Image
image/png 199.192.133.205
CENTURYLINK-LEGAC...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id1.westernasset.com/assets/images/wam.png

Requested by

Host: id1.westernasset.com
URL: https://id1.westernasset.com/assets/css/main.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.192.133.205 Pasadena, United States, ASN203 (CENTURYLINK-LEGACY-LVLT-203, US),

Reverse DNS

id1.westernasset.com

Software

/

Resource Hash

174199ec83a37f4fb53f3af85e14a2e1d0c2031e294db005c0e9fc9026fbb3bb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://id1.westernasset.com/

Response headers

X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=0, must-revalidate
Content-Length: 7942
Date: Wed, 20 Nov 2024 15:10:09 GMT
Last-Modified: Wed, 30 Aug 2017 21:35:02 GMT
Content-Type: image/png
Referrer-Policy: origin

GET
H/1.1 200
OK ping-horizontal-logo.svg
id1.westernasset.com/assets/images/ 4 KB
4 KB 1852ms
185ms Image
image/svg+xml 199.192.133.205
CENTURYLINK-LEGAC...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id1.westernasset.com/assets/images/ping-horizontal-logo.svg

Requested by

Host: id1.westernasset.com
URL: https://id1.westernasset.com/assets/css/main.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.192.133.205 Pasadena, United States, ASN203 (CENTURYLINK-LEGACY-LVLT-203, US),

Reverse DNS

id1.westernasset.com

Software

/

Resource Hash

e85fa95966d2ce21af29a616c2e779c85a2b983a365ca1187dd36f2bcda16b96

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://id1.westernasset.com/

Response headers

X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=0, must-revalidate
Content-Length: 3992
Date: Wed, 20 Nov 2024 15:10:10 GMT
Last-Modified: Wed, 29 Mar 2023 00:44:28 GMT
Content-Type: image/svg+xml
Referrer-Policy: origin

GET
H/1.1 200
OK favicon.ico
id1.westernasset.com/ 7 KB
7 KB 188ms
186ms Other
image/x-icon 199.192.133.205
CENTURYLINK-LEGAC...

General

Check archive.org

Show headers Download Go to

Full URL

https://id1.westernasset.com/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.192.133.205 Pasadena, United States, ASN203 (CENTURYLINK-LEGACY-LVLT-203, US),

Reverse DNS

id1.westernasset.com

Software

/

Resource Hash

13cdabd902393eb932efe980f89b78fad664cacc755f2b8cdaf8b908fe72991b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://id1.westernasset.com/

Response headers

Referrer-Policy: origin
Content-Length: 7406
Date: Wed, 20 Nov 2024 15:10:11 GMT
Content-Type: image/x-icon
Last-Modified: Wed, 29 Mar 2023 00:44:28 GMT
X-Frame-Options: SAMEORIGIN

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
wam.identitynow.com/	1970-01-21 01:18:40	Name: sp.nonce Value: nNLTAk3y_mt8LPxQlyvowLHTjaa83B9V
.identitynow.com/	1970-01-21 01:08:37	Name: __cf_bm Value: JRg4nfKS9IzTDqGgRX7RNCwaNMKzw3Ux71RvmX6hacM-1732115400-1.0.1.1-20qARJSgVYZb8QRbcMpmdgoHRlGIMwFFFhRJVdwclYoPvln3s1cgJQJY1oc7pqCgw3pcPLYv2rS_Cnp3bMcQmw
wam.login.sailpoint.com/	1969-12-31 23:59:59	Name: XSRF-TOKEN Value: 16154c54-9758-435f-96c4-390968121402
wam.login.sailpoint.com/	1969-12-31 23:59:59	Name: SLPTLS Value: MDQzZjVhNTAtZTQ1Ny00Y2U1LTgxNWUtZWZkOWEwYTE4NTY4
id1.westernasset.com/	1969-12-31 23:59:59	Name: PF Value: Izedd92RAyVLGXIQTthk1L
id1.westernasset.com/	1969-12-31 23:59:59	Name: TS0187585c Value: 01fea5cffab8ff818fb37260202acc4c9b34713f32792ee2868aff35e09fa661e88e416deb8bd77a76c13f9a7f7e48377d926ab3d0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://wam.login.sailpoint.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()
recommendation	verbose	URL: https://id1.westernasset.com/idp/SSO.saml2 Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

id1.westernasset.com
wam.identitynow.com
wam.login.sailpoint.com
199.192.133.205
2606:4700::6812:6b24
3.214.9.175
13cdabd902393eb932efe980f89b78fad664cacc755f2b8cdaf8b908fe72991b
174199ec83a37f4fb53f3af85e14a2e1d0c2031e294db005c0e9fc9026fbb3bb
3fc3326a756147740e01c6d5555d46769c4e21d6e8dd7bf5c9e04489a0d03546
456538bd902f65cc519b98351657ece5d3680a855afd771598e7ec38eae7b7c6
d1998c5dde36ea31b6d5025b74ccb2f370f03ab444e517d5e42e4c8a1320a38c
e85fa95966d2ce21af29a616c2e779c85a2b983a365ca1187dd36f2bcda16b96

id1.westernasset.com Open in urlscan Pro 199.192.133.205 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

7 Requests

100 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

2 IPs

1 Countries

203 kBTransfer

201 kBSize

6 Cookies

0 Outgoing links

Page URL History

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

6 Cookies

2 Console Messages

Security Headers

Indicators

id1.westernasset.com Open in urlscan Pro
199.192.133.205 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

2
IPs

1
Countries

203 kB
Transfer

201 kB
Size

6
Cookies

7 HTTP transactions
0 data transactions