urlscan.io logo urlscan.io
SecurityTrails logo

mysutterconnection.force.com Open in urlscan Pro
136.147.109.188  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://mysutterconnection.force.com/SH_VFP08_Adhoc_Report
Effective URL: https://mysutterconnection.force.com/saml/authn-request.jsp?saml_request_id=_2CAAAAWz4Aa-SME8wMGYwMDAwMDA4T0k4AAAA3AMco6QzTHvmCBnlVsO...
Submission: On August 06 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 3 HTTP transactions. The main IP is 136.147.109.188, located in United States and belongs to SALESFORCE - Salesforce.com, Inc., US. The main domain is mysutterconnection.force.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on July 5th 2018. Valid for: a year.
This is the only time mysutterconnection.force.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 136.147.109.188 14340 (SALESFORCE)
3 2
Apex Domain
Subdomains		 Transfer
3 force.com
mysutterconnection.force.com
6 KB
0 microsoftonline.com Failed
login.microsoftonline.com Failed
3 2
Domain Requested by
3 mysutterconnection.force.com 1 redirects mysutterconnection.force.com
0 login.microsoftonline.com Failed mysutterconnection.force.com
3 2

This site contains no links.

Subject Issuer Validity Valid
*.na63.force.com
DigiCert SHA2 Secure Server CA		 2018-07-05 -
2019-12-14		 a year crt.sh

This page contains 1 frames:

Frame: https://login.microsoftonline.com/aef453ea-daa2-43e0-be62-818066e9ff63/saml2
Frame ID: DD2DA9371E2C3FFF95D0F3FDE0CA5414
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://mysutterconnection.force.com/SH_VFP08_Adhoc_Report Page URL
  2. https://mysutterconnection.force.com/login?ec=302&inst=0f&startURL=%2FSH_VFP08_Adhoc_Report HTTP 302
    https://mysutterconnection.force.com/saml/authn-request.jsp?saml_request_id=_2CAAAAWz4Aa-SME8wMGYwMDAwMDA4T0k4AAA... Page URL

Page Statistics

3
Requests

67 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

5 kB
Transfer

7 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://mysutterconnection.force.com/SH_VFP08_Adhoc_Report Page URL
  2. https://mysutterconnection.force.com/login?ec=302&inst=0f&startURL=%2FSH_VFP08_Adhoc_Report HTTP 302
    https://mysutterconnection.force.com/saml/authn-request.jsp?saml_request_id=_2CAAAAWz4Aa-SME8wMGYwMDAwMDA4T0k4AAAA3AMco6QzTHvmCBnlVsOVfoYhwn1ovbk5Jtfeh-dqLvzVuWAYb5TgarcOHfmJ8ATI1pNYmep9CaosssBKoFmw8lFYSGupIqUBS52GwaPhsqolxmWO5x4Em_Or1twlH4Qo9WQEoGaN3AJuQy1bu5ejrYiB4ClQR_MtKexExZ6ZeJBcVustITi0mSAGdzV2VTtOaN5J9fJtdUACQNX41PGqpVc2AbVJ-SeOkUW7p84DUYG6kfn-T5FPlZANKIbWI96s4Q&saml_acs=https%3A%2F%2Fmysutterconnection.force.com%2Flogin%3Fso%3D00DG0000000C4SY%26sc%3D0LE0f000000Kz9o&saml_binding_type=HttpPost&Issuer=https%3A%2F%2Fmysutterconnection.force.com&samlSsoConfig=0LE0f000000Kz9o&RelayState=%2FSH_VFP08_Adhoc_Report Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set SH_VFP08_Adhoc_Report
mysutterconnection.force.com/ 		604 B
1008 B 		Document
General
Check archive.org
Download Go to
Full URL
https://mysutterconnection.force.com/SH_VFP08_Adhoc_Report
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.147.109.188 , United States, ASN14340 (SALESFORCE - Salesforce.com, Inc., US),
Reverse DNS
dcl4-dfw.na63-dfw.force.com
Software
/ Salesforce.com ApexPages
Resource Hash
a2b76f5526841419617ce9781a4d6a6a2a067df619c1651450dc08004482a515

Request headers

Host
mysutterconnection.force.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
none
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1

Response headers

Set-Cookie
BrowserId=OiCqOTctTQ6KrcaEwHiMOw;Path=/;Domain=.force.com;Expires=Sat, 05-Oct-2019 16:42:35 GMT;Max-Age=5184000
Cache-Control
no-cache,must-revalidate,max-age=0,no-store,private
Content-Type
text/html;charset=UTF-8
Expires
Thu, 01 Jan 1970 00:00:00 GMT
X-Powered-By
Salesforce.com ApexPages
P3P
CP="CUR OTR STA"
Transfer-Encoding
chunked
Primary Request authn-request.jsp
mysutterconnection.force.com/saml/
Redirect Chain
  • https://mysutterconnection.force.com/login?ec=302&inst=0f&startURL=%2FSH_VFP08_Adhoc_Report
  • https://mysutterconnection.force.com/saml/authn-request.jsp?saml_request_id=_2CAAAAWz4Aa-SME8wMGYwMDAwMDA4T0k4AAAA3AMco6QzTHvmCBnlVsOVfoYhwn1ovbk5Jtfeh-dqLvzVuWAYb5TgarcOHfmJ8ATI1pNYmep9CaosssBKoFm...
6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mysutterconnection.force.com/saml/authn-request.jsp?saml_request_id=_2CAAAAWz4Aa-SME8wMGYwMDAwMDA4T0k4AAAA3AMco6QzTHvmCBnlVsOVfoYhwn1ovbk5Jtfeh-dqLvzVuWAYb5TgarcOHfmJ8ATI1pNYmep9CaosssBKoFmw8lFYSGupIqUBS52GwaPhsqolxmWO5x4Em_Or1twlH4Qo9WQEoGaN3AJuQy1bu5ejrYiB4ClQR_MtKexExZ6ZeJBcVustITi0mSAGdzV2VTtOaN5J9fJtdUACQNX41PGqpVc2AbVJ-SeOkUW7p84DUYG6kfn-T5FPlZANKIbWI96s4Q&saml_acs=https%3A%2F%2Fmysutterconnection.force.com%2Flogin%3Fso%3D00DG0000000C4SY%26sc%3D0LE0f000000Kz9o&saml_binding_type=HttpPost&Issuer=https%3A%2F%2Fmysutterconnection.force.com&samlSsoConfig=0LE0f000000Kz9o&RelayState=%2FSH_VFP08_Adhoc_Report
Requested by
Host: mysutterconnection.force.com
URL: https://mysutterconnection.force.com/SH_VFP08_Adhoc_Report
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.147.109.188 , United States, ASN14340 (SALESFORCE - Salesforce.com, Inc., US),
Reverse DNS
dcl4-dfw.na63-dfw.force.com
Software
/
Resource Hash
60ea6de780a2ace90d3c6b594e8bbe72e3bac8797798b309b8799df19afebae9

Request headers

Host
mysutterconnection.force.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
same-origin
Referer
https://mysutterconnection.force.com/SH_VFP08_Adhoc_Report
Accept-Encoding
gzip, deflate, br
Cookie
BrowserId=OiCqOTctTQ6KrcaEwHiMOw; QCQQ=msQH7mQeye1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Referer
https://mysutterconnection.force.com/SH_VFP08_Adhoc_Report

Response headers

Date
Tue, 06 Aug 2019 16:42:36 GMT
Cache-Control
no-cache,must-revalidate,max-age=0,no-store,private
Content-Type
text/html;charset=UTF-8
Pragma
no-cache
Vary
Accept-Encoding
Content-Encoding
gzip
Transfer-Encoding
chunked

Redirect headers

Date
Tue, 06 Aug 2019 16:42:35 GMT
Cache-Control
no-cache,must-revalidate,max-age=0,no-store,private
Content-Type
text/html; charset=UTF-8
Set-Cookie
QCQQ=msQH7mQeye1;Path=/;Domain=mysutterconnection.force.com
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://mysutterconnection.force.com/saml/authn-request.jsp?saml_request_id=_2CAAAAWz4Aa-SME8wMGYwMDAwMDA4T0k4AAAA3AMco6QzTHvmCBnlVsOVfoYhwn1ovbk5Jtfeh-dqLvzVuWAYb5TgarcOHfmJ8ATI1pNYmep9CaosssBKoFmw8lFYSGupIqUBS52GwaPhsqolxmWO5x4Em_Or1twlH4Qo9WQEoGaN3AJuQy1bu5ejrYiB4ClQR_MtKexExZ6ZeJBcVustITi0mSAGdzV2VTtOaN5J9fJtdUACQNX41PGqpVc2AbVJ-SeOkUW7p84DUYG6kfn-T5FPlZANKIbWI96s4Q&saml_acs=https%3A%2F%2Fmysutterconnection.force.com%2Flogin%3Fso%3D00DG0000000C4SY%26sc%3D0LE0f000000Kz9o&saml_binding_type=HttpPost&Issuer=https%3A%2F%2Fmysutterconnection.force.com&samlSsoConfig=0LE0f000000Kz9o&RelayState=%2FSH_VFP08_Adhoc_Report
Content-Length
0
saml2
login.microsoftonline.com/aef453ea-daa2-43e0-be62-818066e9ff63/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
login.microsoftonline.com
URL
https://login.microsoftonline.com/aef453ea-daa2-43e0-be62-818066e9ff63/saml2

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Domain/Path Name / Value
.mysutterconnection.force.com/ Name: QCQQ
Value: msQH7mQeye1
.force.com/ Name: BrowserId
Value: OiCqOTctTQ6KrcaEwHiMOw

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

login.microsoftonline.com
mysutterconnection.force.com
login.microsoftonline.com
136.147.109.188
60ea6de780a2ace90d3c6b594e8bbe72e3bac8797798b309b8799df19afebae9
a2b76f5526841419617ce9781a4d6a6a2a067df619c1651450dc08004482a515