applogin.jll.com
Open in
urlscan Pro
34.203.255.192
Public Scan
Effective URL: https://applogin.jll.com/login/login.htm?fromURI=%2Fapp%2Ftemplate_wsfed%2Fexk1kedprrqzipVk10h8%2Fsso%2Fwsfed%2Fpassive%3...
Submission: On January 11 via manual from IN — Scanned from DE
Summary
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on July 31st 2020. Valid for: 2 years.
This is the only time applogin.jll.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 2 | 205.144.64.51 205.144.64.51 | 29954 (JLL-AM-CHI) (JLL-AM-CHI) | |
1 2 | 34.203.255.192 34.203.255.192 | 14618 (AMAZON-AES) (AMAZON-AES) | |
3 | 143.204.98.5 143.204.98.5 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 95.100.153.80 95.100.153.80 | () () | |
8 | 4 |
ASN29954 (JLL-AM-CHI, US)
PTR: cmoglobal.jll.com
cmoglobal.jll.com |
ASN14618 (AMAZON-AES, US)
PTR: hbo-crtrs.okta.com
applogin.jll.com |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-5.fra50.r.cloudfront.net
ok1static.oktacdn.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
jll.com
3 redirects
cmoglobal.jll.com applogin.jll.com — Cisco Umbrella Rank: 798314 authn.jll.com |
10 KB |
3 |
oktacdn.com
ok1static.oktacdn.com — Cisco Umbrella Rank: 18020 |
104 KB |
0 |
go-mpulse.net
Failed
s.go-mpulse.net Failed |
|
8 | 3 |
Domain | Requested by | |
---|---|---|
3 | ok1static.oktacdn.com |
applogin.jll.com
|
2 | applogin.jll.com | 1 redirects |
2 | cmoglobal.jll.com | 2 redirects |
1 | authn.jll.com |
applogin.jll.com
|
0 | s.go-mpulse.net Failed |
authn.jll.com
|
8 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
applogin.jll.com DigiCert SHA2 High Assurance Server CA |
2020-07-31 - 2022-08-05 |
2 years | crt.sh |
*.oktacdn.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-12-22 - 2023-01-22 |
a year | crt.sh |
authn.jll.com DigiCert SHA2 Extended Validation Server CA |
2021-08-03 - 2022-08-03 |
a year | crt.sh |
This page contains 3 frames:
Frame:
https://authn.jll.com/
Frame ID: AE6C5D632EF59D0C58BFE90039BFD090
Requests: 6 HTTP requests in this frame
Frame:
https://authn.jll.com/loading.html
Frame ID: DAAEF96F5E54329EBCFA4B6AB1C55633
Requests: 1 HTTP requests in this frame
Frame:
https://s.go-mpulse.net/boomerang/2GTDK-EZKWJ-JTP6S-TUQBT-H6SFJ
Frame ID: 53EB0144BDF2500478288C4B32FB3943
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
JLL - Wird angemeldet…Page URL History Show full URLs
-
https://cmoglobal.jll.com/Handlers/TicketLogin.ashx?key=bbe576b319324add820d1c8e6247009ba785346a2de744...
HTTP 302
https://cmoglobal.jll.com/Handlers/ChangeEnvironment.ashx?UserID=90283&DestinationUrl=%2fDocument%2fDo... HTTP 302
https://applogin.jll.com/app/template_wsfed/exk1kedprrqzipVk10h8/sso/wsfed/passive?wa=wsignin1.0&wtre... HTTP 302
https://applogin.jll.com/login/login.htm?fromURI=%2Fapp%2Ftemplate_wsfed%2Fexk1kedprrqzipVk10h8%2Fsso... Page URL
Detected technologies
jQuery (JavaScript Libraries) ExpandDetected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://cmoglobal.jll.com/Handlers/TicketLogin.ashx?key=bbe576b319324add820d1c8e6247009ba785346a2de7444e8ce34eccb2a82dc47732dc9e562e4045b950f97ae3e501ca
HTTP 302
https://cmoglobal.jll.com/Handlers/ChangeEnvironment.ashx?UserID=90283&DestinationUrl=%2fDocument%2fDocumentView.aspx%3fID%3d614161 HTTP 302
https://applogin.jll.com/app/template_wsfed/exk1kedprrqzipVk10h8/sso/wsfed/passive?wa=wsignin1.0&wtrealm=https%3a%2f%2fcmoglobal.jll.com&wctx=rm%3d0%26id%3dpassive%26ru%3d%252fHandlers%252fChangeEnvironment.ashx%253fUserID%253d90283%2526DestinationUrl%253d%25252fDocument%25252fDocumentView.aspx%25253fID%25253d614161&wct=2022-01-11T12%3a54%3a23Z HTTP 302
https://applogin.jll.com/login/login.htm?fromURI=%2Fapp%2Ftemplate_wsfed%2Fexk1kedprrqzipVk10h8%2Fsso%2Fwsfed%2Fpassive%3Fwa%3Dwsignin1.0%26wtrealm%3Dhttps%253a%252f%252fcmoglobal.jll.com%26wctx%3Drm%253d0%2526id%253dpassive%2526ru%253d%25252fHandlers%25252fChangeEnvironment.ashx%25253fUserID%25253d90283%252526DestinationUrl%25253d%2525252fDocument%2525252fDocumentView.aspx%2525253fID%2525253d614161%26wct%3D2022-01-11T12%253a54%253a23Z Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
8 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
login.htm
applogin.jll.com/login/ Redirect Chain
|
8 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-1.12.4.05ced5937a65bd185b03749fdd833c98.js
ok1static.oktacdn.com/assets/js/ |
287 KB 101 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
interstitial.c945088417aad49efdd215eaef52f687.css
ok1static.oktacdn.com/assets/css/sections/ |
7 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
interstitial.474dce61acfac4a4d016921943cf2a68.js
ok1static.oktacdn.com/assets/js/app/sso/ |
678 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loading.html
authn.jll.com/ Frame DAAE |
3 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
/
authn.jll.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
2GTDK-EZKWJ-JTP6S-TUQBT-H6SFJ
s.go-mpulse.net/boomerang/ Frame 53EB |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
/
authn.jll.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- authn.jll.com
- URL
- https://authn.jll.com/
- Domain
- s.go-mpulse.net
- URL
- https://s.go-mpulse.net/boomerang/2GTDK-EZKWJ-JTP6S-TUQBT-H6SFJ
- Domain
- authn.jll.com
- URL
- https://authn.jll.com/
Verdicts & Comments Add Verdict or Comment
7 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| onsecuritypolicyviolation object| onslotchange object| okta function| $ function| jQuery number| interstitialMinWaitTime4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
cmoglobal.jll.com/ | Name: BIGipServercmoglobal_pool Value: !xc3oDTgJtWKrqO5nqkQSIDK7iamL/I0C0qKZcGjlvBzzhqixRo29oc+/3qC87k1mhi72OGXMik1Bkg== |
|
applogin.jll.com/ | Name: JSESSIONID Value: 2BDF81899CF646A29B51DED347D2ED11 |
|
applogin.jll.com/ | Name: t Value: default |
|
applogin.jll.com/ | Name: DT Value: DI0cmvGT4wrTGSzZLhrFAAgsQ |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=315360000; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Xss-Protection | 0 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
applogin.jll.com
authn.jll.com
cmoglobal.jll.com
ok1static.oktacdn.com
s.go-mpulse.net
authn.jll.com
s.go-mpulse.net
143.204.98.5
205.144.64.51
34.203.255.192
95.100.153.80
4a92592a10ee14828698950e3f4ce5d0b011fca631839c64d45f25637c7e2d1a
6396727ee9ab2c53da5804488cab3abcccb98f34e9171261b30bc7fe68951577
77b5ff765ff7653b7756896e3951eb246f500edea52c79e0c64a6ef085e4c14e
98e44c376d8c137cb3df004598e1e8c6062f9ccf8c94fd975d3aad62d87b8b09