pingsso.taskus.com Open in urlscan Pro
54.185.108.144  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://glowstick.force.com/s/?cncrg__q=Manulife%20FAQs&cncrg__sid=kA04z000000wskGCAQ&cncrg__det=true Page URL
2. https://glowstick.force.com/saml/authn-request.jsp?saml_request_id=_2CAAAAYh26M-3MDAwMDAwMDAwMDAwMDAwAAAA8sg1-r8wDHa1sOZLu1z7BigK9ursvM6o4JU1Gz7TnKkBHLVNC1Jei64JCF1II10yyXRDCvmqfSdCA_808v7g78DPj4X079hdrsTwfuy5ldPPU4h-ALW6leXCVcOsFSnIvafLN2GAdPCm7KDEwPRkxiKAIN6dO4eUkwFwpyPH26DJFDt-W0oWxs5bw1TSTEdnH65vZce4DPPH5ZB9MhOFy9pnnRF6ObpoqT4dTLbernRsr_KJn9fv64T2LZOpSjo9KA&saml_acs=https%3A%2F%2Fglowstick.force.com%2Flogin&saml_binding_type=HttpPost&Issuer=https%3A%2F%2Ftaskusintranet.my.salesforce.com&samlSsoConfig=0LE3h000000HErD&RelayState=%2Fs%2F%3Fcncrg__sid%3DkA04z000000wskGCAQ%26cncrg__q%3DManulife%2BFAQs%26cncrg__det%3Dtrue Page URL
3. https://sso.connect.pingidentity.com/sso/idp/SSO.saml2?idpid=0299560d-efc9-44de-ad92-9e855092a00a Page URL
4. https://pingsso.taskus.com/idp/SSO.saml2 Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ glowstick.force.com/s/	2 KB 1 KB	894ms 135ms	Document text/html	13.110.68.154 SALESFORCE
General Check archive.org Show headers Download Go to Full URL https://glowstick.force.com/s/?cncrg__q=Manulife%20FAQs&cncrg__sid=kA04z000000wskGCAQ&cncrg__det=true Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.110.68.154 , United States, ASN14340 (SALESFORCE, US), Reverse DNS dcl5-ncg1-c6-iad5.na152-ia5.force.com Software / Resource Hash Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=63072000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control must-revalidate,no-cache,no-store Content-Encoding gzip Content-Security-Policy upgrade-insecure-requests Content-Type text/html; charset=UTF-8 Referrer-Policy origin-when-cross-origin Strict-Transport-Security max-age=63072000; includeSubDomains Transfer-Encoding chunked Vary Accept-Encoding X-Content-Type-Options nosniff X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	authn-request.jsp Show response glowstick.force.com/saml/	6 KB 5 KB	133ms 133ms	Document text/html	13.110.68.154 SALESFORCE
General Check archive.org Show headers Download Go to Full URL https://glowstick.force.com/saml/authn-request.jsp?saml_request_id=_2CAAAAYh26M-3MDAwMDAwMDAwMDAwMDAwAAAA8sg1-r8wDHa1sOZLu1z7BigK9ursvM6o4JU1Gz7TnKkBHLVNC1Jei64JCF1II10yyXRDCvmqfSdCA_808v7g78DPj4X079hdrsTwfuy5ldPPU4h-ALW6leXCVcOsFSnIvafLN2GAdPCm7KDEwPRkxiKAIN6dO4eUkwFwpyPH26DJFDt-W0oWxs5bw1TSTEdnH65vZce4DPPH5ZB9MhOFy9pnnRF6ObpoqT4dTLbernRsr_KJn9fv64T2LZOpSjo9KA&saml_acs=https%3A%2F%2Fglowstick.force.com%2Flogin&saml_binding_type=HttpPost&Issuer=https%3A%2F%2Ftaskusintranet.my.salesforce.com&samlSsoConfig=0LE3h000000HErD&RelayState=%2Fs%2F%3Fcncrg__sid%3DkA04z000000wskGCAQ%26cncrg__q%3DManulife%2BFAQs%26cncrg__det%3Dtrue Requested by Host: glowstick.force.com URL: https://glowstick.force.com/s/?cncrg__q=Manulife%20FAQs&cncrg__sid=kA04z000000wskGCAQ&cncrg__det=true Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.110.68.154 , United States, ASN14340 (SALESFORCE, US), Reverse DNS dcl5-ncg1-c6-iad5.na152-ia5.force.com Software / Resource Hash 7622ee68aaa0f12b417da3df00ffa508ad8abe14a94fb2863418fdfbf0732b63 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=63072000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://glowstick.force.com/s/?cncrg__q=Manulife%20FAQs&cncrg__sid=kA04z000000wskGCAQ&cncrg__det=true Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control no-cache,must-revalidate,max-age=0,no-store,private Content-Encoding gzip Content-Security-Policy upgrade-insecure-requests Content-Type text/html;charset=UTF-8 Date Thu, 04 May 2023 12:22:29 GMT Pragma no-cache Referrer-Policy origin-when-cross-origin Strict-Transport-Security max-age=63072000; includeSubDomains Transfer-Encoding chunked Vary Accept-Encoding X-Content-Type-Options nosniff X-XSS-Protection 1; mode=block
POST H2	200	SSO.saml2 Show response sso.connect.pingidentity.com/sso/idp/	1 KB 2 KB	169ms 118ms	Document text/html	35.158.23.251 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sso.connect.pingidentity.com/sso/idp/SSO.saml2?idpid=0299560d-efc9-44de-ad92-9e855092a00a Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.158.23.251 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-158-23-251.eu-central-1.compute.amazonaws.com Software / Resource Hash b510ce535f9d2bab87381fad26144ba89e13e450130f4085802aa39b5b1f9162 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload; X-Content-Type-Options nosniff Request headers Content-Type application/x-www-form-urlencoded Origin https://glowstick.force.com Referer https://glowstick.force.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-cache, no-store content-encoding gzip content-type text/html;charset=utf-8 date Thu, 04 May 2023 12:22:29 GMT expires Thu, 01 Jan 1970 00:00:00 GMT max-age Thu, 01 Jan 1970 00:00:00 GMT pragma no-cache server strict-transport-security max-age=63072000; includeSubDomains; preload; vary Accept-Encoding x-content-type-options nosniff x-robots-tag noindex, nofollow
POST H/1.1	200 OK	Primary Request SSO.saml2 Show response pingsso.taskus.com/idp/	9 KB 9 KB	928ms 355ms	Document text/html	54.185.108.144 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://pingsso.taskus.com/idp/SSO.saml2 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.185.108.144 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-185-108-144.us-west-2.compute.amazonaws.com Software / Resource Hash 823b8f1de60bf0bcaf76a46f08bf0523337b663e6dbfc9bd913911bfaea7239b Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Frame-Options SAMEORIGIN Request headers Content-Type application/x-www-form-urlencoded Origin https://sso.connect.pingidentity.com Referer https://sso.connect.pingidentity.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control no-cache, no-store Content-Length 8941 Content-Type text/html;charset=utf-8 Date Thu, 04 May 2023 12:22:30 GMT Expires Thu, 01 Jan 1970 00:00:00 GMT Pragma no-cache Referrer-Policy origin Strict-Transport-Security max-age=31536000 X-Frame-Options SAMEORIGIN
GET H/1.1	200 OK	main.css pingsso.taskus.com/assets/css/	170 KB 171 KB	177ms 176ms	Stylesheet text/css	54.185.108.144 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://pingsso.taskus.com/assets/css/main.css Requested by Host: pingsso.taskus.com URL: https://pingsso.taskus.com/idp/SSO.saml2 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.185.108.144 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-185-108-144.us-west-2.compute.amazonaws.com Software / Resource Hash 25bdd39359dde2383204cd8b88386f947cbb16f9a012f04558b15a01bc47f4ab Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://pingsso.taskus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers Date Thu, 04 May 2023 12:22:30 GMT Strict-Transport-Security max-age=31536000 Referrer-Policy origin Last-Modified Sun, 26 Mar 2023 13:40:40 GMT X-Frame-Options SAMEORIGIN Content-Type text/css Cache-Control max-age=0, must-revalidate Content-Length 174318
GET H/1.1	200 OK	TU_logo.png pingsso.taskus.com/assets/images/	12 KB 12 KB	700ms 176ms	Image image/png	54.185.108.144 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pingsso.taskus.com/assets/images/TU_logo.png Requested by Host: pingsso.taskus.com URL: https://pingsso.taskus.com/idp/SSO.saml2 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.185.108.144 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-185-108-144.us-west-2.compute.amazonaws.com Software / Resource Hash 52c6f41ab26124a02c79e562da9d58623396565f5244003d876288c39887882a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://pingsso.taskus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers Date Thu, 04 May 2023 12:22:31 GMT Strict-Transport-Security max-age=31536000 Referrer-Policy origin Last-Modified Sun, 28 Mar 2021 13:37:05 GMT X-Frame-Options SAMEORIGIN Content-Type image/png Cache-Control max-age=0, must-revalidate Content-Length 11914
GET H/1.1	200 OK	TUback.png pingsso.taskus.com/assets/images/	446 KB 446 KB	178ms 177ms	Image image/png	54.185.108.144 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pingsso.taskus.com/assets/images/TUback.png Requested by Host: pingsso.taskus.com URL: https://pingsso.taskus.com/assets/css/main.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.185.108.144 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-185-108-144.us-west-2.compute.amazonaws.com Software / Resource Hash c46f40ddf7f942cba3c1fa6e12ed39d339252bb0e7286e6cbdbe79c22e25be73 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://pingsso.taskus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers Date Thu, 04 May 2023 12:22:31 GMT Strict-Transport-Security max-age=31536000 Referrer-Policy origin Last-Modified Sun, 28 Mar 2021 13:55:09 GMT X-Frame-Options SAMEORIGIN Content-Type image/png Cache-Control max-age=0, must-revalidate Content-Length 456202
GET H/1.1	200 OK	ping-horizontal-logo.svg pingsso.taskus.com/assets/images/	4 KB 4 KB	177ms 176ms	Image image/svg+xml	54.185.108.144 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pingsso.taskus.com/assets/images/ping-horizontal-logo.svg Requested by Host: pingsso.taskus.com URL: https://pingsso.taskus.com/assets/css/main.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.185.108.144 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-185-108-144.us-west-2.compute.amazonaws.com Software / Resource Hash e85fa95966d2ce21af29a616c2e779c85a2b983a365ca1187dd36f2bcda16b96 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://pingsso.taskus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers Date Thu, 04 May 2023 12:22:31 GMT Strict-Transport-Security max-age=31536000 Referrer-Policy origin Last-Modified Tue, 21 Feb 2023 20:08:28 GMT X-Frame-Options SAMEORIGIN Content-Type image/svg+xml Cache-Control max-age=0, must-revalidate Content-Length 3992

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| postForgotPassword function| postRecoverUsername function| postAlternateAuthnSystem function| postRegistration function| postOk function| submitForm function| postCancel function| postOnReturn function| setFocus function| setMobile function| getScreenWidth object| bodyTag number| width boolean| remember

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			glowstick.force.com/	1970-01-20 20:18:58	Name: CookieConsentPolicy Value: 0:1
			glowstick.force.com/	1970-01-20 20:18:58	Name: LSKey-c$CookieConsentPolicy Value: 0:1
			.force.com/	1970-01-20 20:18:58	Name: BrowserId Value: VjvmiOp2Ee2oi8mSynHH5A
			.force.com/	1970-01-20 20:18:58	Name: BrowserId_sec Value: VjvmiOp2Ee2oi8mSynHH5A
			sso.connect.pingidentity.com/	1970-01-20 20:18:58	Name: agentid Value: 2b909f11
			sso.connect.pingidentity.com/	1969-12-31 23:59:59	Name: csrfToken Value: b98b3f55cb2eafc2244a6551d48ec210
			sso.connect.pingidentity.com/	1969-12-31 23:59:59	Name: haid Value: 0ee33d03
			pingsso.taskus.com/	1969-12-31 23:59:59	Name: PF Value: fjlpvbSnRP7RShyjTPlamA

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

glowstick.force.com
pingsso.taskus.com
sso.connect.pingidentity.com
13.110.68.154
35.158.23.251
54.185.108.144
25bdd39359dde2383204cd8b88386f947cbb16f9a012f04558b15a01bc47f4ab
52c6f41ab26124a02c79e562da9d58623396565f5244003d876288c39887882a
7622ee68aaa0f12b417da3df00ffa508ad8abe14a94fb2863418fdfbf0732b63
823b8f1de60bf0bcaf76a46f08bf0523337b663e6dbfc9bd913911bfaea7239b
b510ce535f9d2bab87381fad26144ba89e13e450130f4085802aa39b5b1f9162
c46f40ddf7f942cba3c1fa6e12ed39d339252bb0e7286e6cbdbe79c22e25be73
e85fa95966d2ce21af29a616c2e779c85a2b983a365ca1187dd36f2bcda16b96