urlscan.io logo urlscan.io
SecurityTrails logo

sso2.shl.com Open in urlscan Pro
34.253.180.229  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://shl.file.force.com/
Effective URL: https://sso2.shl.com/idp/SSO.saml2?SAMLRequest=fZBdT8IwFIb%2FytL7bqVMtjWwZAZFEkBlKIYbU0phC107e7qA%2F95t3uCNNyc5yftxzj...
Submission: On February 22 via manual from AE — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 3 countries across 4 domains to perform 4 HTTP transactions. The main IP is 34.253.180.229, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is sso2.shl.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on February 16th 2024. Valid for: a year.
This is the only time sso2.shl.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 52.56.143.234 16509 (AMAZON-02)
2 2 18.134.119.97 16509 (AMAZON-02)
1 1 35.158.23.251 16509 (AMAZON-02)
4 34.253.180.229 16509 (AMAZON-02)
4 1
1    52.56.143.234 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-56-143-234.eu-west-2.compute.amazonaws.com
shl.file.force.com
2    18.134.119.97 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-134-119-97.eu-west-2.compute.amazonaws.com
shl.my.salesforce.com
1    35.158.23.251 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-23-251.eu-central-1.compute.amazonaws.com
sso.connect.pingidentity.com
4    34.253.180.229 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-180-229.eu-west-1.compute.amazonaws.com
sso2.shl.com
Apex Domain
Subdomains		 Transfer
4 shl.com
sso2.shl.com
214 KB
2 salesforce.com
shl.my.salesforce.com
2 KB
1 pingidentity.com
sso.connect.pingidentity.com — Cisco Umbrella Rank: 29514
1 KB
1 force.com
shl.file.force.com
630 B
4 4
Domain Requested by
4 sso2.shl.com sso2.shl.com
2 shl.my.salesforce.com 2 redirects
1 sso.connect.pingidentity.com 1 redirects
1 shl.file.force.com 1 redirects
4 4

This site contains no links.

Subject Issuer Validity Valid
*.shl.com
Amazon RSA 2048 M02		 2024-02-16 -
2025-03-16		 a year crt.sh

This page contains 1 frames:

Primary Page: https://sso2.shl.com/idp/SSO.saml2?SAMLRequest=fZBdT8IwFIb%2FytL7bqVMtjWwZAZFEkBlKIYbU0phC107e7qA%2F95t3uCNNyc5yftxzjMGXqmaZY0r9Fp%2BNRKcN21HqbkrjZ6gwrkaWBAAGOpDoXxhqqA81EGeP%2FudmSLvXVroxdQnyJtPJ2hOPp7xADbLB7vdPhYqupy%2F8SkRs2tyUbvwM8dP9mW3XrxtsoVeuUgINcj0azJb3Rf83GYANHKuwXHt2lhCQ0wopnRD7hhJ2DD2o3C0Q961UhpY%2F8MENVYzw6EEpnklgTnB8my5YO1VrLbGGWEUSsedmvUF9sb%2Fv50DSNsBQWkHpOVRl%2FpktOxxjAQ9kkM0xHtCEhyG8RHvY0Ewj6gcHRK%2BT0Q8Dm5609%2FtL%2Ff0Bw%3D%3D&RelayState=I0XO-1sTMErWWFhl7wky-g9cGx9wlZ4_S-HrPZRLUTALnNt7ccl1AnQ9GNBhak
Frame ID: 7B6CA3E3CFCD590F921B5C01CEA3C050
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign On

Page URL History Show full URLs

  1. http://shl.file.force.com/ HTTP 307
    https://shl.file.force.com/ HTTP 302
    https://shl.my.salesforce.com/ HTTP 302
    https://shl.my.salesforce.com/saml/authn-request.jsp?saml_request_id=_2CAAAAY5fai-rMDAwMDAwMDAwMDAwMDAwAAA... HTTP 302
    https://sso.connect.pingidentity.com/sso/idp/SSO.saml2?idpid=86261667-a618-403b-b67a-5fbcc0d3f676&SAMLRequest=fZN... HTTP 302
    https://sso2.shl.com/idp/SSO.saml2?SAMLRequest=fZBdT8IwFIb%2FytL7bqVMtjWwZAZFEkBlKIYbU0phC107e7qA... Page URL

Page Statistics

4
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

1
IPs

3
Countries

214 kB
Transfer

213 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://shl.file.force.com/ HTTP 307
    https://shl.file.force.com/ HTTP 302
    https://shl.my.salesforce.com/ HTTP 302
    https://shl.my.salesforce.com/saml/authn-request.jsp?saml_request_id=_2CAAAAY5fai-rMDAwMDAwMDAwMDAwMDAwAAAA-LerddnWifOI8nTlomdEeMbnUHRJkVOhLVDYIbMK-Ae8LKYUhFdBhYex3ECX6JxUPeD0LwWaltU4xyjdIcW5CMIiKvUpM-VsmQuo28cL0anwZHR48wVzyCUW0d367ptI29QCGpylmyMgJhb5Qus5eU9fNW9Yaw7UFFV_gTwRdiMaMGgoSO7NagL0hFOCj1JEYgUUqTPx_j_-k8VmY5aaqOaTq2rhUwYsMKfZ85GIBYA_UtUxS7ZA-KUte20hL1CFEg&saml_acs=https%3A%2F%2Fshl.my.salesforce.com%3Fso%3D00D2000000008g1&saml_binding_type=HttpRedirect&Issuer=https%3A%2F%2Fshl.my.salesforce.com&samlSsoConfig=0LED0000000007R&RelayState=%2F HTTP 302
    https://sso.connect.pingidentity.com/sso/idp/SSO.saml2?idpid=86261667-a618-403b-b67a-5fbcc0d3f676&SAMLRequest=fZNdc6IwFIb%2FCpN7MKIgMkWHorYoVKsEF2%2BcAOGjhYAkFt1fv7S1O9296JnJxZn3fLzJPLmbXspCeCMNyytqgL4EgUBoVMU5TQ2AvIWogenkjuGykGvdPPOMbsnpTBgXukbK9E%2FFAOeG6hVmOdMpLgnTeaTvTNfRZQnqdVPxKqoKIJiMkYZ3q6yKsnNJmh1p3vKIoK1jgIzzmum9HssKqbxKDBeEJVUTESmqyimrDAhnMryFlvaBMOt85BTzD%2B9%2F21nVNVBKIi7V3TXymFCe8%2Bv7lHexl8d1b7dbSx%2FWp12Wx4amympfVUciVvuaOISDUAzVERaVJIwiGA8SdaQCwZ4Z4ChbZheBkuBcbNyZ2f5%2F3mXRIU0c032erG2NekVVxnPihhQ9bpev%2Fjpz%2FFlgh%2B5KNInmrAKULeL7LCCXwdz6pS4vaENm0Gn3uOBoeLm%2BxHa0VyzXzldvqHZFn5XP50rWIgdi2h4et0Ot9X9fLbTvrKqjmtvy%2BNl6qK9FeXXTZRYqz2emEDROnvbjALcjtFj4x9Rrt3HuYvchrXbr0RNOHZgt1tZLfzkPUoRO3uZyfDmKr5pfBgrGpzX2TnKToTZg7io5aMqDfR%2BYR8TRZTc6mOIKcSLDzOlbi3navRZjZ2JTxjHlBpChPBShLMqyBxUdjvWBJg374wMQNjc87nP6id1PLIWfRUx%2F9LyNuFnvPCD4X%2Fh2BeAGq%2F6xvflO6c%2BD8ReaYPIjiHe97%2FMnt%2FTfvzH5Aw%3D%3D&RelayState=%2F&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=deF8kUUt2zv1a4L1ZVy4a1zcFUq3APgoRl%2B6EDLfQOi52Uup%2FJC%2BwSk0VFLrIT40ZLvzUjK%2BqFAPRTTpvQLn9yR%2Flcsmw6jMYOubiDtLXJU6MEv2CtmcyHV0w78vp6CLUgPe%2BPQDGecsHRd3wYoo3FtfT78l8oZkQQKrOkCQ90Yx9QajHrMXG%2FViCdnBNWHMwRImCIGk%2ByLpO%2Fo7XYgLlFTZRfhsg3ihbyinrJNbQ%2BwjVUYLv1Ix7YlbNuqKZMXYCykzke3mtmcDngmda%2F1JOPUjJjeScvpp2KgWGRZMRyWYul%2BvWD1GgQZa6D5rjNnZ%2FJKwmUACCvMarKcod4XN5XRgA7t3wPw%2BQT0k2Ee0CVgLL8TlWHa7B%2F1ihRyVXIOUU%2Fepcbs4ikQTmaumOonEw6pIcXfHM8RvnJmVWVOUCDlUe%2BkB6wdjW%2B6uCd4SRiL6%2FY4FdN0VBMvq1iAOEglHFmEFoqPVyXcC%2F5AJ1sN0fbRHAYE5WQaQi5Q9s%2F3ygVbhoPWIGBKHPtwze09uozY2Q9ChTxByCpu4Wm12BJMm8WPUN6p3fP10y77xIgUEjGVOZuaQDD8EDvkH3Trolsng4rZdwBnTSQzfvw08uMEo5odsFJAVho18BWkelzZCrHYPKM0yT5NiAjCOGNH76kds%2B69TUHrAtcKXnNfmMj%2FYiSY%3D HTTP 302
    https://sso2.shl.com/idp/SSO.saml2?SAMLRequest=fZBdT8IwFIb%2FytL7bqVMtjWwZAZFEkBlKIYbU0phC107e7qA%2F95t3uCNNyc5yftxzjMGXqmaZY0r9Fp%2BNRKcN21HqbkrjZ6gwrkaWBAAGOpDoXxhqqA81EGeP%2FudmSLvXVroxdQnyJtPJ2hOPp7xADbLB7vdPhYqupy%2F8SkRs2tyUbvwM8dP9mW3XrxtsoVeuUgINcj0azJb3Rf83GYANHKuwXHt2lhCQ0wopnRD7hhJ2DD2o3C0Q961UhpY%2F8MENVYzw6EEpnklgTnB8my5YO1VrLbGGWEUSsedmvUF9sb%2Fv50DSNsBQWkHpOVRl%2FpktOxxjAQ9kkM0xHtCEhyG8RHvY0Ewj6gcHRK%2BT0Q8Dm5609%2FtL%2Ff0Bw%3D%3D&RelayState=I0XO-1sTMErWWFhl7wky-g9cGx9wlZ4_S-HrPZRLUTALnNt7ccl1AnQ9GNBhak Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request SSO.saml2
sso2.shl.com/idp/
Redirect Chain
  • http://shl.file.force.com/
  • https://shl.file.force.com/
  • https://shl.my.salesforce.com/
  • https://shl.my.salesforce.com/saml/authn-request.jsp?saml_request_id=_2CAAAAY5fai-rMDAwMDAwMDAwMDAwMDAwAAAA-LerddnWifOI8nTlomdEeMbnUHRJkVOhLVDYIbMK-Ae8LKYUhFdBhYex3ECX6JxUPeD0LwWaltU4xyjdIcW5CMIiKv...
  • https://sso.connect.pingidentity.com/sso/idp/SSO.saml2?idpid=86261667-a618-403b-b67a-5fbcc0d3f676&SAMLRequest=fZNdc6IwFIb%2FCpN7MKIgMkWHorYoVKsEF2%2BcAOGjhYAkFt1fv7S1O9296JnJxZn3fLzJPLmbXspCeCMNyyt...
  • https://sso2.shl.com/idp/SSO.saml2?SAMLRequest=fZBdT8IwFIb%2FytL7bqVMtjWwZAZFEkBlKIYbU0phC107e7qA%2F95t3uCNNyc5yftxzjMGXqmaZY0r9Fp%2BNRKcN21HqbkrjZ6gwrkaWBAAGOpDoXxhqqA81EGeP%2FudmSLvXVroxdQnyJtPJ2...
8 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sso2.shl.com/idp/SSO.saml2?SAMLRequest=fZBdT8IwFIb%2FytL7bqVMtjWwZAZFEkBlKIYbU0phC107e7qA%2F95t3uCNNyc5yftxzjMGXqmaZY0r9Fp%2BNRKcN21HqbkrjZ6gwrkaWBAAGOpDoXxhqqA81EGeP%2FudmSLvXVroxdQnyJtPJ2hOPp7xADbLB7vdPhYqupy%2F8SkRs2tyUbvwM8dP9mW3XrxtsoVeuUgINcj0azJb3Rf83GYANHKuwXHt2lhCQ0wopnRD7hhJ2DD2o3C0Q961UhpY%2F8MENVYzw6EEpnklgTnB8my5YO1VrLbGGWEUSsedmvUF9sb%2Fv50DSNsBQWkHpOVRl%2FpktOxxjAQ9kkM0xHtCEhyG8RHvY0Ewj6gcHRK%2BT0Q8Dm5609%2FtL%2Ff0Bw%3D%3D&RelayState=I0XO-1sTMErWWFhl7wky-g9cGx9wlZ4_S-HrPZRLUTALnNt7ccl1AnQ9GNBhak
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.180.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-180-229.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
5703f46fdd1a98e92e927d03c14abee1dcc702996316ad1b704fbd861edb34b9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store
content-length
8634
content-type
text/html;charset=utf-8
date
Thu, 22 Feb 2024 05:09:38 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
referrer-policy
origin
x-frame-options
SAMEORIGIN

Redirect headers

cache-control
no-cache, no-store
content-length
0
content-type
text/html;charset=utf-8
date
Thu, 22 Feb 2024 05:09:38 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://sso2.shl.com/idp/SSO.saml2?SAMLRequest=fZBdT8IwFIb%2FytL7bqVMtjWwZAZFEkBlKIYbU0phC107e7qA%2F95t3uCNNyc5yftxzjMGXqmaZY0r9Fp%2BNRKcN21HqbkrjZ6gwrkaWBAAGOpDoXxhqqA81EGeP%2FudmSLvXVroxdQnyJtPJ2hOPp7xADbLB7vdPhYqupy%2F8SkRs2tyUbvwM8dP9mW3XrxtsoVeuUgINcj0azJb3Rf83GYANHKuwXHt2lhCQ0wopnRD7hhJ2DD2o3C0Q961UhpY%2F8MENVYzw6EEpnklgTnB8my5YO1VrLbGGWEUSsedmvUF9sb%2Fv50DSNsBQWkHpOVRl%2FpktOxxjAQ9kkM0xHtCEhyG8RHvY0Ewj6gcHRK%2BT0Q8Dm5609%2FtL%2Ff0Bw%3D%3D&RelayState=I0XO-1sTMErWWFhl7wky-g9cGx9wlZ4_S-HrPZRLUTALnNt7ccl1AnQ9GNBhak
max-age
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
strict-transport-security
max-age=63072000; includeSubDomains; preload;
x-content-type-options
nosniff
x-robots-tag
noindex, nofollow
main.css
sso2.shl.com/assets/css/ 		170 KB
171 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sso2.shl.com/assets/css/main.css
Requested by
Host: sso2.shl.com
URL: https://sso2.shl.com/idp/SSO.saml2?SAMLRequest=fZBdT8IwFIb%2FytL7bqVMtjWwZAZFEkBlKIYbU0phC107e7qA%2F95t3uCNNyc5yftxzjMGXqmaZY0r9Fp%2BNRKcN21HqbkrjZ6gwrkaWBAAGOpDoXxhqqA81EGeP%2FudmSLvXVroxdQnyJtPJ2hOPp7xADbLB7vdPhYqupy%2F8SkRs2tyUbvwM8dP9mW3XrxtsoVeuUgINcj0azJb3Rf83GYANHKuwXHt2lhCQ0wopnRD7hhJ2DD2o3C0Q961UhpY%2F8MENVYzw6EEpnklgTnB8my5YO1VrLbGGWEUSsedmvUF9sb%2Fv50DSNsBQWkHpOVRl%2FpktOxxjAQ9kkM0xHtCEhyG8RHvY0Ewj6gcHRK%2BT0Q8Dm5609%2FtL%2Ff0Bw%3D%3D&RelayState=I0XO-1sTMErWWFhl7wky-g9cGx9wlZ4_S-HrPZRLUTALnNt7ccl1AnQ9GNBhak
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.180.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-180-229.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2a65f71ed29d712ed3ad8e7f674ab3f32877c269f04215008dc328fda9cd7779
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sso2.shl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 05:09:39 GMT
cache-control
max-age=0, must-revalidate
referrer-policy
origin
last-modified
Mon, 16 May 2022 21:14:08 GMT
content-length
174330
x-frame-options
SAMEORIGIN
content-type
text/css
powered-by-ping-identity.svg
sso2.shl.com/assets/images/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sso2.shl.com/assets/images/powered-by-ping-identity.svg
Requested by
Host: sso2.shl.com
URL: https://sso2.shl.com/assets/css/main.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.180.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-180-229.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2f26240300ee305559a12a3b92f36ba1ef6c64dbe62d6f593836e33219bf4b94
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sso2.shl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 05:09:39 GMT
cache-control
max-age=0, must-revalidate
referrer-policy
origin
last-modified
Mon, 16 May 2022 21:11:52 GMT
content-length
13110
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
iconfont.ttf
sso2.shl.com/assets/fonts/icons/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sso2.shl.com/assets/fonts/icons/iconfont.ttf?-sa9xtz
Requested by
Host: sso2.shl.com
URL: https://sso2.shl.com/assets/css/main.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.180.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-180-229.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2a1e9b5a465c6914ab07ee92191bf992e08da45173602d4be6afde2915fcf235
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://sso2.shl.com/
Origin
https://sso2.shl.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 05:09:39 GMT
cache-control
max-age=0, must-revalidate
referrer-policy
origin
last-modified
Mon, 16 May 2022 21:11:52 GMT
content-length
21676
x-frame-options
SAMEORIGIN

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| postForgotPassword function| postRecoverUsername function| postAlternateAuthnSystem function| postRegistration function| postOk function| submitForm function| postCancel function| postOnReturn function| setFocus function| setMobile function| getScreenWidth object| bodyTag number| width boolean| remember

12 Cookies

Domain/Path Name / Value
shl.file.force.com/ Name: CookieConsentPolicy
Value: 0:1
shl.file.force.com/ Name: LSKey-c$CookieConsentPolicy
Value: 0:1
.force.com/ Name: BrowserId
Value: k7mX99FAEe6tu0m2dCw49A
.force.com/ Name: BrowserId_sec
Value: k7mX99FAEe6tu0m2dCw49A
shl.my.salesforce.com/ Name: CookieConsentPolicy
Value: 0:1
shl.my.salesforce.com/ Name: LSKey-c$CookieConsentPolicy
Value: 0:1
.salesforce.com/ Name: BrowserId
Value: k9TBN9FAEe61Ok9WHlWBsw
.salesforce.com/ Name: BrowserId_sec
Value: k9TBN9FAEe61Ok9WHlWBsw
sso.connect.pingidentity.com/ Name: agentid
Value: fe4000f7
sso.connect.pingidentity.com/ Name: csrfToken
Value: 617e5e77fe624c817628f2a75a646515
sso.connect.pingidentity.com/ Name: haid
Value: 0b79d5ab
sso2.shl.com/ Name: PF
Value: D9E7ZP3o2WF0XYP7rrFy1j

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN