2u.onelogin.com
Open in
urlscan Pro
52.34.255.254
Public Scan
Effective URL: https://2u.onelogin.com/login2/?return=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1cmkiOiJodHRwczovLzJ1Lm9uZWxvZ2luLmNvbS90...
Submission: On May 13 via api from US — Scanned from DE
Summary
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on March 22nd 2022. Valid for: a year.
This is the only time 2u.onelogin.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 13.110.46.28 13.110.46.28 | 14340 (SALESFORCE) (SALESFORCE) | |
1 1 | 18.216.23.70 18.216.23.70 | 16509 (AMAZON-02) (AMAZON-02) | |
2 6 | 52.34.255.254 52.34.255.254 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 143.204.23.33 143.204.23.33 | 16509 (AMAZON-02) (AMAZON-02) | |
3 | 2600:9000:225... 2600:9000:2251:8200:18:b15c:ee80:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
13 | 5 |
ASN14340 (SALESFORCE, US)
PTR: dcl15-ncg1-c6-iad5.na171-ia5.my.salesforce.com
2u-corp-hub.my.salesforce.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-216-23-70.us-east-2.compute.amazonaws.com
app.onelogin.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-34-255-254.us-west-2.compute.amazonaws.com
2u.onelogin.com |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-23-33.bog50.r.cloudfront.net
cdn.onelogin.com |
ASN16509 (AMAZON-02, US)
web-login-v2-cdn.onelogin.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
onelogin.com
3 redirects
app.onelogin.com — Cisco Umbrella Rank: 111253 2u.onelogin.com cdn.onelogin.com — Cisco Umbrella Rank: 34228 web-login-v2-cdn.onelogin.com — Cisco Umbrella Rank: 30196 |
642 KB |
2 |
salesforce.com
2u-corp-hub.my.salesforce.com |
5 KB |
13 | 2 |
Domain | Requested by | |
---|---|---|
6 | 2u.onelogin.com |
2 redirects
web-login-v2-cdn.onelogin.com
|
3 | web-login-v2-cdn.onelogin.com |
2u.onelogin.com
|
2 | 2u-corp-hub.my.salesforce.com |
2u-corp-hub.my.salesforce.com
|
1 | cdn.onelogin.com |
2u.onelogin.com
|
1 | app.onelogin.com | 1 redirects |
13 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.my.salesforce.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-07-09 - 2022-07-08 |
a year | crt.sh |
*.onelogin.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-03-22 - 2023-04-22 |
a year | crt.sh |
cdn.onelogin.com Amazon |
2022-04-18 - 2023-05-16 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://2u.onelogin.com/login2/?return=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1cmkiOiJodHRwczovLzJ1Lm9uZWxvZ2luLmNvbS90cnVzdC9zYW1sMi9odHRwLXBvc3Qvc3NvLzM3MjE3OT9zYW1sX3JlcXVlc3RfcGFyYW1zX3Rva2VuPWY2Yzk0Y2I3OGYuZDg0ZWMzOWFkZTQ3ZWJlYTYwZTU4ZGU0NmQ0NzI2MDcyOTJlZWE3Mi5wOHljQkxCRWVIVzVTR0FvWWhtVEdNV0t6dldVYWVqdGgzVko3OElfRTBjJTNEIiwiYXBwX2lkIjoiMzcyMTc5IiwiYXVkIjoiQUNDRVNTIiwiaXNzIjoiTU9OT1JBSUwiLCJmZl9tdWx0aXBsZV9icmFuZHMiOnRydWUsImV4cCI6MTY1MjQ4MDc0MCwiYnJhbmRfaWQiOiJtYXN0ZXIiLCJub3RpZmljYXRpb24iOnsiaWNvbiI6ImNvbm5lY3Rpb24iLCJ0ZW1wbGF0ZV9pZCI6ImNvbm5lY3RpbmdfdG9fYXBwIiwibWVzc2FnZSI6IkNvbm5lY3RpbmcgdG8gQXBwbGljYXRpb24iLCJ2YWx1ZXMiOlsiQXBwbGljYXRpb24iXSwidHlwZSI6ImluZm8ifSwicGFyYW1zIjp7fSwibWV0aG9kIjoiZ2V0In0.xmJ-VaAR7U4CRHO35eiqo4IE63sM77tV66riWb1Ffwg
Frame ID: FF64EEB6970D4FFD6F67B986F83CFDB9
Requests: 14 HTTP requests in this frame
Screenshot
Page Title
OneLoginPage URL History Show full URLs
- https://2u-corp-hub.my.salesforce.com/5006f00001lcFnQ. Page URL
- https://2u-corp-hub.my.salesforce.com/saml/authn-request.jsp?saml_request_id=_2CAAAAYFPtlLtMDAwMDAwMDAwMDAwMDAwAAA... Page URL
-
https://app.onelogin.com/trust/saml2/http-post/sso/372179
HTTP 307
https://2u.onelogin.com/trust/saml2/http-post/sso/372179 Page URL
-
https://2u.onelogin.com/trust/saml2/http-post/sso/372179
HTTP 302
https://2u.onelogin.com/login HTTP 302
https://2u.onelogin.com/login2/?return=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1cmkiOiJodHRwczovLzJ1... Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://2u-corp-hub.my.salesforce.com/5006f00001lcFnQ. Page URL
- https://2u-corp-hub.my.salesforce.com/saml/authn-request.jsp?saml_request_id=_2CAAAAYFPtlLtMDAwMDAwMDAwMDAwMDAwAAAA7I-Tbo3zZDrKn5mGbjqvto2mooWkVLEPGAlDhkR6SrA_9sULV4HEHw0Yq4YT8jDYPPm-bC5cORPvQivJvtzpFkVzoC48f4EvA7yYB1HEXJGNhYCw7vLRBgdioUjYGrIDkmDssDL7wAdKhtPifrlK9qrlDBjvGf0ciLDA1Ah4M5ZXVbMVXfX37TlrtHkD94vsg6ERf1nRmH6H9o33mqte3dho5uGH8rizVu16SiMtRfisqZ_3sQ2sZMqM4FmY6Tbpgw&saml_acs=https%3A%2F%2F2u-corp-hub.my.salesforce.com%3Fso%3D00DA0000000BF6z&saml_binding_type=HttpPost&Issuer=https%3A%2F%2Fsaml.salesforce.com&samlSsoConfig=0LEG0000000TNAl&RelayState=%2F5006f00001lcFnQ. Page URL
-
https://app.onelogin.com/trust/saml2/http-post/sso/372179
HTTP 307
https://2u.onelogin.com/trust/saml2/http-post/sso/372179 Page URL
-
https://2u.onelogin.com/trust/saml2/http-post/sso/372179
HTTP 302
https://2u.onelogin.com/login HTTP 302
https://2u.onelogin.com/login2/?return=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1cmkiOiJodHRwczovLzJ1Lm9uZWxvZ2luLmNvbS90cnVzdC9zYW1sMi9odHRwLXBvc3Qvc3NvLzM3MjE3OT9zYW1sX3JlcXVlc3RfcGFyYW1zX3Rva2VuPWY2Yzk0Y2I3OGYuZDg0ZWMzOWFkZTQ3ZWJlYTYwZTU4ZGU0NmQ0NzI2MDcyOTJlZWE3Mi5wOHljQkxCRWVIVzVTR0FvWWhtVEdNV0t6dldVYWVqdGgzVko3OElfRTBjJTNEIiwiYXBwX2lkIjoiMzcyMTc5IiwiYXVkIjoiQUNDRVNTIiwiaXNzIjoiTU9OT1JBSUwiLCJmZl9tdWx0aXBsZV9icmFuZHMiOnRydWUsImV4cCI6MTY1MjQ4MDc0MCwiYnJhbmRfaWQiOiJtYXN0ZXIiLCJub3RpZmljYXRpb24iOnsiaWNvbiI6ImNvbm5lY3Rpb24iLCJ0ZW1wbGF0ZV9pZCI6ImNvbm5lY3RpbmdfdG9fYXBwIiwibWVzc2FnZSI6IkNvbm5lY3RpbmcgdG8gQXBwbGljYXRpb24iLCJ2YWx1ZXMiOlsiQXBwbGljYXRpb24iXSwidHlwZSI6ImluZm8ifSwicGFyYW1zIjp7fSwibWV0aG9kIjoiZ2V0In0.xmJ-VaAR7U4CRHO35eiqo4IE63sM77tV66riWb1Ffwg Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 2- https://app.onelogin.com/trust/saml2/http-post/sso/372179 HTTP 307
- https://2u.onelogin.com/trust/saml2/http-post/sso/372179
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
5006f00001lcFnQ.
2u-corp-hub.my.salesforce.com/ |
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
authn-request.jsp
2u-corp-hub.my.salesforce.com/saml/ |
6 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
372179
2u.onelogin.com/trust/saml2/http-post/sso/ Redirect Chain
|
6 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
/
2u.onelogin.com/login2/ Redirect Chain
|
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
onelogin-vigilance.min.js
cdn.onelogin.com/ |
111 KB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendorb1c5a46ec839c2069f4908bb5676021bc8afb3a8.js
web-login-v2-cdn.onelogin.com/login2/ |
177 KB 56 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
intlb1c5a46ec839c2069f4908bb5676021bc8afb3a8.js
web-login-v2-cdn.onelogin.com/login2/ |
44 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
appb1c5a46ec839c2069f4908bb5676021bc8afb3a8.js
web-login-v2-cdn.onelogin.com/login2/ |
2 MB 560 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
auth
2u.onelogin.com/access/ |
1 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
branding.json
2u.onelogin.com/api/v1/ |
2 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
29f2ff4b173f1daecf432718e5a1168baf906a6b.jpg
cdn.onelogin.com/images/brands/backgrounds/login/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
479970ffb74f2117317f9d24d9e317fe.woff2
web-login-v2-cdn.onelogin.com/login2/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
04089f9068dca9baeaa93d0bf55ada73a75b2d05.png
cdn.onelogin.com/images/brands/logos/login/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- cdn.onelogin.com
- URL
- https://cdn.onelogin.com/images/brands/backgrounds/login/29f2ff4b173f1daecf432718e5a1168baf906a6b.jpg?1636479014
- Domain
- web-login-v2-cdn.onelogin.com
- URL
- https://web-login-v2-cdn.onelogin.com/login2/479970ffb74f2117317f9d24d9e317fe.woff2
- Domain
- cdn.onelogin.com
- URL
- https://cdn.onelogin.com/images/brands/logos/login/04089f9068dca9baeaa93d0bf55ada73a75b2d05.png?1600704566
Verdicts & Comments Add Verdict or Comment
17 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails object| thisdata function| webpackJsonp object| IntlPolyfill object| core object| __core-js_shared__ object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill8 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
2u-corp-hub.my.salesforce.com/ | Name: CookieConsentPolicy Value: 0:1 |
|
2u-corp-hub.my.salesforce.com/ | Name: LSKey-c$CookieConsentPolicy Value: 0:1 |
|
.salesforce.com/ | Name: BrowserId Value: MfVAW9MLEeyIR8FntLB0aQ |
|
.salesforce.com/ | Name: BrowserId_sec Value: MfVAW9MLEeyIR8FntLB0aQ |
|
.onelogin.com/ | Name: ol_custom_domain Value: %7B%22custom_domain%22%3A%22%22%2C%22tenant%22%3A%222u%22%7D |
|
2u.onelogin.com/ | Name: sub_session_onelogin.com Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJjcmVhdGVkX2F0IjoxNjUyNDgwNTYwLCJ2ZXJzaW9uIjoxLCJzZXNzaW9uX2lkIjoiOTYzNDkwMDEtZDVlNS00ODYwLThmYTYtZTRmZjAyNzFjMGMzIn0.cWnDfhm4PJuRMLAKJxal_5IBEdYsfY4BCc7QxgkYfM8%7C%7CBAh7BzoOcmV0dXJuX3RvIgG1aHR0cHM6Ly8ydS5vbmVsb2dpbi5jb20vdHJ1c3Qvc2FtbDIvaHR0cC1wb3N0L3Nzby8zNzIxNzk%2Fc2FtbF9yZXF1ZXN0X3BhcmFtc190b2tlbj1mNmM5NGNiNzhmLmQ4NGVjMzlhZGU0N2ViZWE2MGU1OGRlNDZkNDcyNjA3MjkyZWVhNzIucDh5Y0JMQkVlSFc1U0dBb1lobVRHTVdLenZXVWFlanRoM1ZKNzhJX0UwYyUzRCIfYnJvd3Nlcl92ZXJpZmljYXRpb25fdG9rZW4iRTVkNDJmNWE2MjQwYmI4MzA0MjgxZDNlOWZmNGJmZWFhMmJlZDIwNTk0NzUxNTM5Y2YxYmVmODQ0OWMxZmM5MTQ%3D--a1a4d65a1386c3d4f2252ddde9d34a2ebabad6ba |
|
.onelogin.com/ | Name: ol_web_login_canary_0 Value: false |
|
.onelogin.com/ | Name: ol_web_login_proxy_15 Value: true |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=63072000; includeSubDomains |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
2u-corp-hub.my.salesforce.com
2u.onelogin.com
app.onelogin.com
cdn.onelogin.com
web-login-v2-cdn.onelogin.com
cdn.onelogin.com
web-login-v2-cdn.onelogin.com
13.110.46.28
143.204.23.33
18.216.23.70
2600:9000:2251:8200:18:b15c:ee80:93a1
52.34.255.254
30a985a00e2e71e26c7bbc9218abe0de0494df2a0a83c19bbef09e32e71c8ac3
472421aa150223a49c72b696e89dd63f594629db1891d8e28bd0f1f61a222ea6
903b3628dd40024712750e99346b0527fe8d4f22217b2a0892b7b5c7104b1842
baa23c285f79f63db2c16f51d029bb6979354970dced9b45bca1b6e9ae9069d4
bad80b345e9f86b96cfe6255b41d72c05b31bc25e19d1d6beb281e559e463fc0
ce8bcdb1555cb6b83561e5132960c0b15c399bcc29c2766d62d04841662ced3e
eef376d9ba561b179c4d943f37c824d7453c6dd2d415ef98543234d2fedd3f37
f35b9d064412335be86478bf73eb20afcade9c8c278c204730effafb4457c25b