sso.landolakesinc.com
Open in
urlscan Pro
63.234.30.184
Public Scan
Submitted URL: http://focus.my.salesforce.com/
Effective URL: https://sso.landolakesinc.com/idp/SSO.saml2?SAMLRequest=hZJdc6IwFIb%2FCpN7MFKKK1PsoJQPFUVBW71xEINNCwkmAZVfv7RuZ7p70T2TXJw557zn...
Submission: On July 06 via api from US
Effective URL: https://sso.landolakesinc.com/idp/SSO.saml2?SAMLRequest=hZJdc6IwFIb%2FCpN7MFKKK1PsoJQPFUVBW71xEINNCwkmAZVfv7RuZ7p70T2TXJw557zn...
Submission: On July 06 via api from US
Summary
This website contacted 2 IPs
in 1 countries
across 3 domains to perform 6 HTTP transactions.
The main IP is 63.234.30.184, located in
United States and
belongs to LANDOLAKES, US.
The main domain is sso.landolakesinc.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on September 9th 2020. Valid for: a year.
This is the only time sso.landolakesinc.com was scanned on urlscan.io!
TLS certificate: Issued by Entrust Certification Authority - L1K on September 9th 2020. Valid for: a year.
This is the only time sso.landolakesinc.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 3 3 | 13.110.34.47 13.110.34.47 | 14340 (SALESFORCE) (SALESFORCE) | |
| 5 | 63.234.30.184 63.234.30.184 | 14161 (LANDOLAKES) (LANDOLAKES) | |
| 1 | 2606:4700::68... 2606:4700::6812:bcf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 6 | 2 |
3
13.110.34.47
(United States)
ASN14340 (SALESFORCE, US)
PTR: dcl5-ncg0-iad3.na142-ia2.my.salesforce.com
ASN14340 (SALESFORCE, US)
PTR: dcl5-ncg0-iad3.na142-ia2.my.salesforce.com
| focus.my.salesforce.com |
5
63.234.30.184
(United States)
ASN14161 (LANDOLAKES, US)
PTR: 63-234-30-184.dia.static.qwest.net
ASN14161 (LANDOLAKES, US)
PTR: 63-234-30-184.dia.static.qwest.net
| sso.landolakesinc.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 5 |
landolakesinc.com
sso.landolakesinc.com |
828 KB |
| 3 |
salesforce.com
3 redirects
focus.my.salesforce.com |
3 KB |
| 1 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com |
18 KB |
| 6 | 3 |
| Domain | Requested by | |
|---|---|---|
| 5 | sso.landolakesinc.com |
sso.landolakesinc.com
|
| 3 | focus.my.salesforce.com | 3 redirects |
| 1 | maxcdn.bootstrapcdn.com |
sso.landolakesinc.com
|
| 6 | 3 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| credentials.lolportals.com |
| landolakesinc.force.com |
| www.pingidentity.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| sso.landolakesinc.com Entrust Certification Authority - L1K |
2020-09-09 - 2021-09-09 |
a year | crt.sh |
| sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-03-01 - 2022-02-28 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://sso.landolakesinc.com/idp/SSO.saml2?SAMLRequest=hZJdc6IwFIb%2FCpN7MFKKK1PsoJQPFUVBW71xEINNCwkmAZVfv7RuZ7p70T2TXJw557znneR5eLwUuVQjxjElJugqEEiIpPSAydEEq9iRf4HHwQNPirw0rEq8kiU6VYgLqZ0j3PgsmKBixKAJx9wgSYG4IVIjsoKpoSrQKBkVNKU5kCzOERPtohElvCoQixCrcYpWy6kJXoUoudHpZDStuFJcFZ7kiGeUpUhJafHIqQmh7cJbvC02DEh2awSTRHx6%2FxLgnCp5Qg40T94RxyT9GO%2FgQ9mJornyYVgFkm%2BbYKeOrDZe%2BKxu4DqwrfO%2F96Osj0L%2F3kcv62w184ZPk0WIh5VeOtNJPx0Fjae6TiLEsVmON9VTupBVP6DZOypr25oVpbDQZB80fOFEd9oz26cbylZhz8Pb8dry3Ww3xLM52%2FaycVBqkz70xSmAC6oVDnobervTq%2B9n%2BbVmSfYC9c2WnZ1t7Yl7V7dj3evORuMofh5lbn7s9SarsNHOp36hD5Ecu03XE0cWWrzRlstCaGfhX46bCMrzzCmLbXzx6vsEVzto1xd87S%2Bb%2BHiNYvdA%2FFUo5OmiWzzv0R2d7q32tTivkE%2B4SIgwgQrVrgx7MtRjFRpae1Slq91tgRT%2B%2BeohJjeAfuJif2vihhfHoRzOoxhI6y8Q2wZww874XM6%2B8fazbPIFGRj8B6mHzjf9wS37G%2FLBbw%3D%3D&RelayState=%2F&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=O7cADY9OIslUcCAOiE8OX9GDzjpP5XAfcvs0BLDIUQ73BE5ZVBeIa7Oph1cFgN9b%2FCYLKuSVScBALN7zEGDdUYVFDhTy6YiYWMwoOLdQxMCHQehbjWnbcFSEbxAlXZRgB9Ww0IzmTfmDH7bZlS9QvCjeKZiVrl4b56%2FaNwO%2Fa0F2ZKRe%2FhUdIesZLQmyrL6tdgIJADNXmPNcQ%2FYw7bQBPfxiqQJrBbrxzcDJchjMIHvAajpOJxhSR%2FWOaeuN6uXFQNVrpim4RUDMlf7%2FrizcG4NLEMQktJ1sexqtYt4JxhB5nVk4PqPnWubZri0gbqy5bT2TstXPz%2F2ttmcK7ynm13xGteP6vZR2hvC%2BVdTP4afrGTf6Po4d3YGso8RRG8ZjMdokUn6mLzLCiEvjPXtQruNvf8acpxlElwgBl%2FKXQ3c8Rnv%2B7rIG8%2Fh3dgzJ1rEyqHLPeFoggWlS3L7UKM2fgzLSIghfYHgB%2BRmxQgtGMTJHNT%2BYkVbf2L%2BBX5Ip0Wa2HPAQ%2BH5EeQ%2B%2Ff5OeZKJtRDVyPb6VC0hVLd%2FAt5WgSSfOOIs22QCN3r8obg%2FdqQ1LyAXwq0L4iH0pFZaxtW5G9kCk80uc0wjP8%2F5Zj0W2v88sFfvCtBNFCmssg9QKsc%2Ft%2FMtMMOKirr7sq8vaEJryjJa56WuuLz0UB1NXLuVblaw%3D
Frame ID: 2532BE7C1787E025375B780C02D70B75
Requests: 6 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://focus.my.salesforce.com/
HTTP 302
https://focus.my.salesforce.com/ HTTP 302
https://focus.my.salesforce.com/saml/authn-request.jsp?saml_request_id=_2CAAAAXsNvz0VMDAwMDAwMDAwMDAwMDAwAAA... HTTP 302
https://sso.landolakesinc.com/idp/SSO.saml2?SAMLRequest=hZJdc6IwFIb%2FCpN7MFKKK1PsoJQPFUVBW71xEINNCwkmAZVf... Page URL
Detected technologies
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
URL: https://credentials.lolportals.com/UserAccess/ForgotUsername/
Title: Forgot Username
Title: Forgot Username
Search URL Search Domain Scan URL
URL: https://landolakesinc.force.com/ems/EMSForgotPassword
Title: Forgot Password
Title: Forgot Password
Search URL Search Domain Scan URL
URL: https://landolakesinc.force.com/ems/EMSSelfRegistrationPage
Title: Create an Account
Title: Create an Account
Search URL Search Domain Scan URL
URL: http://www.pingidentity.com/
Title: PingIdentity
Title: PingIdentity
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://focus.my.salesforce.com/
HTTP 302
https://focus.my.salesforce.com/ HTTP 302
https://focus.my.salesforce.com/saml/authn-request.jsp?saml_request_id=_2CAAAAXsNvz0VMDAwMDAwMDAwMDAwMDAwAAAA6CPI5IeXVfUNHBEKQPiBu6pFLK9cCMzH2GFattgzRJYuEcQ-2IMofkepvDANmptAeKbMzsQFS34WrbcYorUP7HiZJVAIGf_BiNOrZ7fJMp4K90ItqM0Qo4mFejBH_qhIIflyvrafX06YZrwFZvHt5G6DT6H1NCJSTWCfGlg77KUPz4wq9m6Be-TGz1HtgrPAsz4RRmt4wtIxgYS0-OfFpmZTxHv5aiu_0Dvxiy9RzTgySTGdnIUPt-LQ1mWbe3oLbA&saml_acs=https%3A%2F%2Ffocus.my.salesforce.com%3Fso%3D00DG0000000jQYr&saml_binding_type=HttpRedirect&Issuer=https%3A%2F%2Ffocus.my.salesforce.com&samlSsoConfig=0LEG0000000KyxJ&RelayState=%2F HTTP 302
https://sso.landolakesinc.com/idp/SSO.saml2?SAMLRequest=hZJdc6IwFIb%2FCpN7MFKKK1PsoJQPFUVBW71xEINNCwkmAZVfv7RuZ7p70T2TXJw557znneR5eLwUuVQjxjElJugqEEiIpPSAydEEq9iRf4HHwQNPirw0rEq8kiU6VYgLqZ0j3PgsmKBixKAJx9wgSYG4IVIjsoKpoSrQKBkVNKU5kCzOERPtohElvCoQixCrcYpWy6kJXoUoudHpZDStuFJcFZ7kiGeUpUhJafHIqQmh7cJbvC02DEh2awSTRHx6%2FxLgnCp5Qg40T94RxyT9GO%2FgQ9mJornyYVgFkm%2BbYKeOrDZe%2BKxu4DqwrfO%2F96Osj0L%2F3kcv62w184ZPk0WIh5VeOtNJPx0Fjae6TiLEsVmON9VTupBVP6DZOypr25oVpbDQZB80fOFEd9oz26cbylZhz8Pb8dry3Ww3xLM52%2FaycVBqkz70xSmAC6oVDnobervTq%2B9n%2BbVmSfYC9c2WnZ1t7Yl7V7dj3evORuMofh5lbn7s9SarsNHOp36hD5Ecu03XE0cWWrzRlstCaGfhX46bCMrzzCmLbXzx6vsEVzto1xd87S%2Bb%2BHiNYvdA%2FFUo5OmiWzzv0R2d7q32tTivkE%2B4SIgwgQrVrgx7MtRjFRpae1Slq91tgRT%2B%2BeohJjeAfuJif2vihhfHoRzOoxhI6y8Q2wZww874XM6%2B8fazbPIFGRj8B6mHzjf9wS37G%2FLBbw%3D%3D&RelayState=%2F&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=O7cADY9OIslUcCAOiE8OX9GDzjpP5XAfcvs0BLDIUQ73BE5ZVBeIa7Oph1cFgN9b%2FCYLKuSVScBALN7zEGDdUYVFDhTy6YiYWMwoOLdQxMCHQehbjWnbcFSEbxAlXZRgB9Ww0IzmTfmDH7bZlS9QvCjeKZiVrl4b56%2FaNwO%2Fa0F2ZKRe%2FhUdIesZLQmyrL6tdgIJADNXmPNcQ%2FYw7bQBPfxiqQJrBbrxzcDJchjMIHvAajpOJxhSR%2FWOaeuN6uXFQNVrpim4RUDMlf7%2FrizcG4NLEMQktJ1sexqtYt4JxhB5nVk4PqPnWubZri0gbqy5bT2TstXPz%2F2ttmcK7ynm13xGteP6vZR2hvC%2BVdTP4afrGTf6Po4d3YGso8RRG8ZjMdokUn6mLzLCiEvjPXtQruNvf8acpxlElwgBl%2FKXQ3c8Rnv%2B7rIG8%2Fh3dgzJ1rEyqHLPeFoggWlS3L7UKM2fgzLSIghfYHgB%2BRmxQgtGMTJHNT%2BYkVbf2L%2BBX5Ip0Wa2HPAQ%2BH5EeQ%2B%2Ff5OeZKJtRDVyPb6VC0hVLd%2FAt5WgSSfOOIs22QCN3r8obg%2FdqQ1LyAXwq0L4iH0pFZaxtW5G9kCk80uc0wjP8%2F5Zj0W2v88sFfvCtBNFCmssg9QKsc%2Ft%2FMtMMOKirr7sq8vaEJryjJa56WuuLz0UB1NXLuVblaw%3D Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
6 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
 Cookie set
SSO.saml2
sso.landolakesinc.com/idp/ Redirect Chain
|
13 KB 14 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/ |
120 KB 18 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Cookie set
newMain.css
sso.landolakesinc.com/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
login-wf-logo.png
sso.landolakesinc.com/winfield/assets/img/ |
16 KB 16 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
login-bg.jpg
sso.landolakesinc.com/assets/img/ |
796 KB 796 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Cookie set
bg.jpg
sso.landolakesinc.com/img/ |
2 KB 2 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
21 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated undefined| getQueryString function| postOk function| postCancel function| postOnReturn function| setFocus function| setMobile function| getScreenWidth undefined| bodyTag undefined| width undefined| remember2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| sso.landolakesinc.com/ | Name: BIGipServerpool_prod_sso-lolinc_https Value: 376708524.47873.0000 |
|
| sso.landolakesinc.com/ | Name: PF Value: gJFWdn9UVbBKG1VHWNOFFJpmptw7betqURdmjoGfJ90I |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
focus.my.salesforce.com
maxcdn.bootstrapcdn.com
sso.landolakesinc.com
13.110.34.47
2606:4700::6812:bcf
63.234.30.184
054a1f50179405b30b1f9f6f58f1db5ec28663bfa07ff215ad47fdca0275d087
061c74c6a5188cdcb57000962ba2268131686ef8c118a052a57fe75c4311efef
31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87
438f95106b6054a69750f6767bd0582a78a79bfce402e417c047114dc05e6df6
eadf281aea954577564b59f2470b36e7edefe6ac448ce1032dbc292653bb40ec