aqyktbveq.accounts.ondemand.com
Open in
urlscan Pro
130.214.144.214
Public Scan
Effective URL: https://aqyktbveq.accounts.ondemand.com/saml2/idp/sso/aqyktbveq.accounts.ondemand.com
Submission Tags: @phish_report
Submission: On January 16 via api from FI — Scanned from NZ
Summary
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on November 17th 2023. Valid for: a year.
This is the only time aqyktbveq.accounts.ondemand.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 2 | 2606:2c40::c7... 2606:2c40::c73c:671f | 209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare) | |
1 2 | 130.214.193.237 130.214.193.237 | 35039 (SAP_CC) (SAP_CC) | |
4 | 130.214.144.214 130.214.144.214 | 35039 (SAP_CC) (SAP_CC) | |
5 | 3 |
ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
one-q.nagarro.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
ondemand.com
1 redirects
my304172.s4hana.ondemand.com aqyktbveq.accounts.ondemand.com |
104 KB |
2 |
nagarro.com
2 redirects
one-q.nagarro.com |
1 KB |
5 | 2 |
Domain | Requested by | |
---|---|---|
4 | aqyktbveq.accounts.ondemand.com |
aqyktbveq.accounts.ondemand.com
|
2 | my304172.s4hana.ondemand.com | 1 redirects |
2 | one-q.nagarro.com | 2 redirects |
5 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.s4hana.cloud.sap DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-05-16 - 2024-05-15 |
a year | crt.sh |
*.accounts.ondemand.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-11-17 - 2024-12-17 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://aqyktbveq.accounts.ondemand.com/saml2/idp/sso/aqyktbveq.accounts.ondemand.com
Frame ID: DC2640172F114BF28A7ACC8EE38E5813
Requests: 6 HTTP requests in this frame
Screenshot
Page Title
Nagarro / Test System: Log OnPage URL History Show full URLs
-
http://one-q.nagarro.com/
HTTP 301
https://one-q.nagarro.com/ HTTP 301
https://my304172.s4hana.ondemand.com/ HTTP 302
https://my304172.s4hana.ondemand.com/ui Page URL
- https://aqyktbveq.accounts.ondemand.com/saml2/idp/sso/aqyktbveq.accounts.ondemand.com Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://one-q.nagarro.com/
HTTP 301
https://one-q.nagarro.com/ HTTP 301
https://my304172.s4hana.ondemand.com/ HTTP 302
https://my304172.s4hana.ondemand.com/ui Page URL
- https://aqyktbveq.accounts.ondemand.com/saml2/idp/sso/aqyktbveq.accounts.ondemand.com Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://one-q.nagarro.com/ HTTP 301
- https://one-q.nagarro.com/ HTTP 301
- https://my304172.s4hana.ondemand.com/ HTTP 302
- https://my304172.s4hana.ondemand.com/ui
5 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
ui
my304172.s4hana.ondemand.com/ Redirect Chain
|
3 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
Primary Request
aqyktbveq.accounts.ondemand.com
aqyktbveq.accounts.ondemand.com/saml2/idp/sso/ |
12 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ids-fc2dae44d4617819d75f2a433ae989e8865cce116f675b906a274d168416832f.css
aqyktbveq.accounts.ondemand.com/universalui/assets/ |
136 KB 25 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sap-ias-logo-powered-by-1371dbe016cf3ff1e9f04af5c4a34c065e40bb7a37792210788899d3309170fc.svg
aqyktbveq.accounts.ondemand.com/universalui/assets/ |
3 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
application-fc02f3fd462b0b61c4c3f36c6c52f46650de3e544207185c7adeb60dd1e415ff.js
aqyktbveq.accounts.ondemand.com/universalui/assets/ |
193 KB 64 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
29 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| idsClose function| idsShowHelp function| idsInputReveal function| idsShowInputHint function| idsExpand function| idsInputClear function| idsDetectWebAuthnSupport function| idsBufferEncode function| idsStringEncode function| idsConstructUserCredentials function| idsBuildFlashMessage function| idsWebAuthnRegister function| idsWebAuthnLogin function| $ function| jQuery object| html5 object| Modernizr function| _ object| Backbone function| FlashMessage function| EditableLinks function| HintPasswordValidate function| setPasswordRepeatValidator function| resize_overlay function| InputHintPageUpdater function| EventEmitter object| eventie function| imagesLoaded boolean| wro_flag6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.one-q.nagarro.com/ | Name: __cfruid Value: 41be372dfd1a7b625f881c31afb4ae928f89930a-1705379425 |
|
.one-q.nagarro.com/ | Name: __cf_bm Value: pm5_HRPGHzFDhMRBjQEeOLO5KdtSmhRyAar8qpjmhdY-1705379425-1-AejNx/zGvCzMInUbrETsMjd9ukEMmroZxZ5FnX533qEngxMyxynWK/LKE9VaB9KjtdLR5liJQ7hkdxx9pO40TB4= |
|
my304172.s4hana.ondemand.com/ | Name: oucazerrqbrosfaroreeeoadyuoffsvcufrzfvc Value: GET%23MIICcAYJKoZIhvcNAQcDoIICYTCCAl0CAQAxggIYMIICFAIBADB8MHAxCzAJBgNVBAYTAkRFMRwwGgYDVQQKExNTQVAgVHJ1c3QgQ29tbXVuaXR5MRMwEQYDVQQLEwpTQVAgV2ViIEFTMRQwEgYDVQQLEwtJMDAyMDg0ODU2NTEYMBYGA1UEAwwPUzVFX1NTRkFfUzJTVlBFAggKIBkJIxM3ATANBgkqhkiG9w0BAQEFAASCAYCokWxiZ86%2bXg9KQvkUBGydIJ8xS99HnUVAhxLqWCLAGmEwWkvcfI401VcCCBlaLE%2fEiuGiK%2bAqSgSkLXEetq1zVmbEZKmPGMOclDFzB%2f4qJcRPmAiLooUmsgWJV%2fudrt7z99su2ODRpIQ8VIgynwFiNGOcgI8ZW%2bIEYheVTXXVh1mIJgOyXUlPv8fsEvzSk5Ph8eH9BAGBZvLBCv7L387CJjf%2behzPPl6UMfC5nQ%2f7TRtm77kL5k5C%2fNdbs4P9CRodPlSTxv1L53c%2b2EPtsQJ09GOLH0GTgudXpUbgmuhfb1Ix%2bAVbNhobNxpjUZFAMMYLGDai977kCccewKyluLniziVWqDrkjpcchv0Bs7DtrD0FkQMqEj60Jzpg3g9nW0RsDKFJHfKLyr2sN9QL0x%2be25VSmim%2faGbyagg%2fsB1kwv1kQ6LSCHT8XGNjT4yQ5vAqtFbw3AMoSYtIkUP%2fCeDxBWD0dJJLbNrkB5cc0QRnMekNwetrR0V3EgGeqefWlnowPAYJKoZIhvcNAQcBMB0GCWCGSAFlAwQBAgQQrSiC6SEVv3PfsZt%2bdoDYaYAQ8c7JJUkkCFJB5PnFwaM4gg%3d%3d |
|
my304172.s4hana.ondemand.com/ | Name: sap-usercontext Value: sap-client=100 |
|
aqyktbveq.accounts.ondemand.com/ | Name: XSRF_COOKIE Value: "A++/vcaFcXwV77+9MH3vv714cu+/vQNvJlXvv70077+9ZSvvq75qDyrvv70K77+9OjE3MDUzNzk0MzAxODI=" |
|
aqyktbveq.accounts.ondemand.com/ | Name: JSESSIONID Value: 0C47F38ECBBC14E7DA5AB4F2A4CB3AA3 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aqyktbveq.accounts.ondemand.com
my304172.s4hana.ondemand.com
one-q.nagarro.com
130.214.144.214
130.214.193.237
2606:2c40::c73c:671f
04f26483b1d98496c664d2e937cf2688b1552dd7adc3eafd0a8cf7a27c799867
1371dbe016cf3ff1e9f04af5c4a34c065e40bb7a37792210788899d3309170fc
1f282ae7f62b75ec9caf3df41b54483844f11968c6ddd4027a3c33bc2fa94a38
426383b52642eaddd29a5f3fe9454d422a69cca45a76f2602a0e9f21ab0d2206
fc02f3fd462b0b61c4c3f36c6c52f46650de3e544207185c7adeb60dd1e415ff
fc2dae44d4617819d75f2a433ae989e8865cce116f675b906a274d168416832f