urlscan.io logo urlscan.io
SecurityTrails logo

aqyktbveq.accounts.ondemand.com Open in urlscan Pro
130.214.144.214  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://one-q.nagarro.com/
Effective URL: https://aqyktbveq.accounts.ondemand.com/saml2/idp/sso/aqyktbveq.accounts.ondemand.com
Submission Tags: @phish_report
Submission: On January 16 via api from FI — Scanned from NZ
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 5 HTTP transactions. The main IP is 130.214.144.214, located in United States and belongs to SAP_CC, DE. The main domain is aqyktbveq.accounts.ondemand.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on November 17th 2023. Valid for: a year.
This is the only time aqyktbveq.accounts.ondemand.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 2606:2c40::c7... 209242 (CLOUDFLAR...)
1 2 130.214.193.237 35039 (SAP_CC)
4 130.214.144.214 35039 (SAP_CC)
5 3
Apex Domain
Subdomains		 Transfer
6 ondemand.com
my304172.s4hana.ondemand.com
aqyktbveq.accounts.ondemand.com
104 KB
2 nagarro.com
one-q.nagarro.com
1 KB
5 2
Domain Requested by
4 aqyktbveq.accounts.ondemand.com aqyktbveq.accounts.ondemand.com
2 my304172.s4hana.ondemand.com 1 redirects
2 one-q.nagarro.com 2 redirects
5 3

This site contains no links.

Subject Issuer Validity Valid
*.s4hana.cloud.sap
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-16 -
2024-05-15		 a year crt.sh
*.accounts.ondemand.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-17 -
2024-12-17		 a year crt.sh

This page contains 1 frames:

Primary Page: https://aqyktbveq.accounts.ondemand.com/saml2/idp/sso/aqyktbveq.accounts.ondemand.com
Frame ID: DC2640172F114BF28A7ACC8EE38E5813
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Nagarro / Test System: Log On

Page URL History Show full URLs

  1. http://one-q.nagarro.com/ HTTP 301
    https://one-q.nagarro.com/ HTTP 301
    https://my304172.s4hana.ondemand.com/ HTTP 302
    https://my304172.s4hana.ondemand.com/ui Page URL
  2. https://aqyktbveq.accounts.ondemand.com/saml2/idp/sso/aqyktbveq.accounts.ondemand.com Page URL

Page Statistics

5
Requests

100 %
HTTPS

33 %
IPv6

2
Domains

3
Subdomains

3
IPs

1
Countries

103 kB
Transfer

349 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://one-q.nagarro.com/ HTTP 301
    https://one-q.nagarro.com/ HTTP 301
    https://my304172.s4hana.ondemand.com/ HTTP 302
    https://my304172.s4hana.ondemand.com/ui Page URL
  2. https://aqyktbveq.accounts.ondemand.com/saml2/idp/sso/aqyktbveq.accounts.ondemand.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://one-q.nagarro.com/ HTTP 301
  • https://one-q.nagarro.com/ HTTP 301
  • https://my304172.s4hana.ondemand.com/ HTTP 302
  • https://my304172.s4hana.ondemand.com/ui

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
ui
my304172.s4hana.ondemand.com/
Redirect Chain
  • http://one-q.nagarro.com/
  • https://one-q.nagarro.com/
  • https://my304172.s4hana.ondemand.com/
  • https://my304172.s4hana.ondemand.com/ui
3 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://my304172.s4hana.ondemand.com/ui
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
130.214.193.237 , United States, ASN35039 (SAP_CC, DE),
Reverse DNS
Software
/
Resource Hash
426383b52642eaddd29a5f3fe9454d422a69cca45a76f2602a0e9f21ab0d2206
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate, private
connection
close
content-length
3204
content-type
text/html; charset=utf-8
expires
Thu, 01 Jan 1970 00:00:00 GMT
origin-agent-cluster
?0
pragma
no-cache
sap-passport-component
none
sap-perf-fesrec
20157.000000
sap-server
true
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

connection
Keep-Alive
content-length
0
date
Tue, 16 Jan 2024 04:30:26 GMT
location
/ui
sap-passport-component
none
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Primary Request aqyktbveq.accounts.ondemand.com
aqyktbveq.accounts.ondemand.com/saml2/idp/sso/ 		12 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aqyktbveq.accounts.ondemand.com/saml2/idp/sso/aqyktbveq.accounts.ondemand.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
130.214.144.214 , United States, ASN35039 (SAP_CC, DE),
Reverse DNS
Software
SAP /
Resource Hash
1f282ae7f62b75ec9caf3df41b54483844f11968c6ddd4027a3c33bc2fa94a38
Security Headers
Name Value
Content-Security-Policy script-src 'self' consent.trustarc.com 'nonce-9WpDk+uRQAtFQMSi7HhZilBOdbY95nkKGLTDgEX4Z3Q='
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://my304172.s4hana.ondemand.com
Referer
https://my304172.s4hana.ondemand.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private,no-cache,no-store
Connection
Keep-Alive
Content-Encoding
gzip
Content-Language
en-NZ
Content-Security-Policy
script-src 'self' consent.trustarc.com 'nonce-9WpDk+uRQAtFQMSi7HhZilBOdbY95nkKGLTDgEX4Z3Q='
Content-Type
text/html;charset=utf-8
Date
Tue, 16 Jan 2024 04:30:29 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=5, max=100
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Pragma
no-cache
Referrer-Policy
origin
Server
SAP
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-IDS-ID
B1393B17-1C49-495D-91C6-A035177BCF67
X-IDS-Landscape
eu-de-2
X-IDS-Node
idp21
X-IDS-Pool
green
X-IDS-Project
prod
X-Robots-Tag
none
vary
accept-encoding,X-CSP-STRIP
x-xss-protection
1; mode=block
ids-fc2dae44d4617819d75f2a433ae989e8865cce116f675b906a274d168416832f.css
aqyktbveq.accounts.ondemand.com/universalui/assets/ 		136 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://aqyktbveq.accounts.ondemand.com/universalui/assets/ids-fc2dae44d4617819d75f2a433ae989e8865cce116f675b906a274d168416832f.css
Requested by
Host: aqyktbveq.accounts.ondemand.com
URL: https://aqyktbveq.accounts.ondemand.com/saml2/idp/sso/aqyktbveq.accounts.ondemand.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
130.214.144.214 , United States, ASN35039 (SAP_CC, DE),
Reverse DNS
Software
Apache /
Resource Hash
fc2dae44d4617819d75f2a433ae989e8865cce116f675b906a274d168416832f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://aqyktbveq.accounts.ondemand.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Date
Tue, 16 Jan 2024 04:30:30 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-IDS-Project
prod
Connection
Keep-Alive
X-IDS-Pool
green
Content-Length
25317
Referrer-Policy
origin
Last-Modified
Wed, 03 Jan 2024 09:47:44 GMT
Server
Apache
Vary
User-Agent,Accept-Encoding,X-CSP-STRIP
X-IDS-Landscape
eu-de-2
Content-Type
text/css
Cache-Control
max-age=31536000, public
Accept-Ranges
bytes
X-IDS-Node
idp21
X-Robots-Tag
none
Keep-Alive
timeout=5, max=99
sap-ias-logo-powered-by-1371dbe016cf3ff1e9f04af5c4a34c065e40bb7a37792210788899d3309170fc.svg
aqyktbveq.accounts.ondemand.com/universalui/assets/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aqyktbveq.accounts.ondemand.com/universalui/assets/sap-ias-logo-powered-by-1371dbe016cf3ff1e9f04af5c4a34c065e40bb7a37792210788899d3309170fc.svg
Requested by
Host: aqyktbveq.accounts.ondemand.com
URL: https://aqyktbveq.accounts.ondemand.com/saml2/idp/sso/aqyktbveq.accounts.ondemand.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
130.214.144.214 , United States, ASN35039 (SAP_CC, DE),
Reverse DNS
Software
Apache /
Resource Hash
1371dbe016cf3ff1e9f04af5c4a34c065e40bb7a37792210788899d3309170fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://aqyktbveq.accounts.ondemand.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Date
Tue, 16 Jan 2024 04:30:30 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
X-IDS-Project
prod
Connection
Keep-Alive
X-IDS-Pool
green
Content-Length
3264
Referrer-Policy
origin
Last-Modified
Wed, 03 Jan 2024 09:46:49 GMT
Server
Apache
Vary
User-Agent,X-CSP-STRIP
X-IDS-Landscape
eu-de-2
Content-Type
image/svg+xml
Cache-Control
max-age=31536000, public
Accept-Ranges
bytes
X-IDS-Node
idp21
X-Robots-Tag
none
Keep-Alive
timeout=5, max=100
application-fc02f3fd462b0b61c4c3f36c6c52f46650de3e544207185c7adeb60dd1e415ff.js
aqyktbveq.accounts.ondemand.com/universalui/assets/ 		193 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aqyktbveq.accounts.ondemand.com/universalui/assets/application-fc02f3fd462b0b61c4c3f36c6c52f46650de3e544207185c7adeb60dd1e415ff.js
Requested by
Host: aqyktbveq.accounts.ondemand.com
URL: https://aqyktbveq.accounts.ondemand.com/saml2/idp/sso/aqyktbveq.accounts.ondemand.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
130.214.144.214 , United States, ASN35039 (SAP_CC, DE),
Reverse DNS
Software
Apache /
Resource Hash
fc02f3fd462b0b61c4c3f36c6c52f46650de3e544207185c7adeb60dd1e415ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://aqyktbveq.accounts.ondemand.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Date
Tue, 16 Jan 2024 04:30:30 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-IDS-Project
prod
Transfer-Encoding
chunked
Connection
Keep-Alive
X-IDS-Pool
green
Referrer-Policy
origin
Last-Modified
Wed, 03 Jan 2024 09:47:55 GMT
Server
Apache
Vary
User-Agent,Accept-Encoding,X-CSP-STRIP
X-IDS-Landscape
eu-de-2
Content-Type
application/javascript
Cache-Control
max-age=31536000, public
Accept-Ranges
bytes
X-IDS-Node
idp21
Keep-Alive
timeout=5, max=99
X-Robots-Tag
none
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
04f26483b1d98496c664d2e937cf2688b1552dd7adc3eafd0a8cf7a27c799867

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://aqyktbveq.accounts.ondemand.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Content-Type
image/svg+xml;charset=utf-8

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| idsClose function| idsShowHelp function| idsInputReveal function| idsShowInputHint function| idsExpand function| idsInputClear function| idsDetectWebAuthnSupport function| idsBufferEncode function| idsStringEncode function| idsConstructUserCredentials function| idsBuildFlashMessage function| idsWebAuthnRegister function| idsWebAuthnLogin function| $ function| jQuery object| html5 object| Modernizr function| _ object| Backbone function| FlashMessage function| EditableLinks function| HintPasswordValidate function| setPasswordRepeatValidator function| resize_overlay function| InputHintPageUpdater function| EventEmitter object| eventie function| imagesLoaded boolean| wro_flag

6 Cookies

Domain/Path Name / Value
.one-q.nagarro.com/ Name: __cfruid
Value: 41be372dfd1a7b625f881c31afb4ae928f89930a-1705379425
.one-q.nagarro.com/ Name: __cf_bm
Value: pm5_HRPGHzFDhMRBjQEeOLO5KdtSmhRyAar8qpjmhdY-1705379425-1-AejNx/zGvCzMInUbrETsMjd9ukEMmroZxZ5FnX533qEngxMyxynWK/LKE9VaB9KjtdLR5liJQ7hkdxx9pO40TB4=
my304172.s4hana.ondemand.com/ Name: oucazerrqbrosfaroreeeoadyuoffsvcufrzfvc
Value: GET%23MIICcAYJKoZIhvcNAQcDoIICYTCCAl0CAQAxggIYMIICFAIBADB8MHAxCzAJBgNVBAYTAkRFMRwwGgYDVQQKExNTQVAgVHJ1c3QgQ29tbXVuaXR5MRMwEQYDVQQLEwpTQVAgV2ViIEFTMRQwEgYDVQQLEwtJMDAyMDg0ODU2NTEYMBYGA1UEAwwPUzVFX1NTRkFfUzJTVlBFAggKIBkJIxM3ATANBgkqhkiG9w0BAQEFAASCAYCokWxiZ86%2bXg9KQvkUBGydIJ8xS99HnUVAhxLqWCLAGmEwWkvcfI401VcCCBlaLE%2fEiuGiK%2bAqSgSkLXEetq1zVmbEZKmPGMOclDFzB%2f4qJcRPmAiLooUmsgWJV%2fudrt7z99su2ODRpIQ8VIgynwFiNGOcgI8ZW%2bIEYheVTXXVh1mIJgOyXUlPv8fsEvzSk5Ph8eH9BAGBZvLBCv7L387CJjf%2behzPPl6UMfC5nQ%2f7TRtm77kL5k5C%2fNdbs4P9CRodPlSTxv1L53c%2b2EPtsQJ09GOLH0GTgudXpUbgmuhfb1Ix%2bAVbNhobNxpjUZFAMMYLGDai977kCccewKyluLniziVWqDrkjpcchv0Bs7DtrD0FkQMqEj60Jzpg3g9nW0RsDKFJHfKLyr2sN9QL0x%2be25VSmim%2faGbyagg%2fsB1kwv1kQ6LSCHT8XGNjT4yQ5vAqtFbw3AMoSYtIkUP%2fCeDxBWD0dJJLbNrkB5cc0QRnMekNwetrR0V3EgGeqefWlnowPAYJKoZIhvcNAQcBMB0GCWCGSAFlAwQBAgQQrSiC6SEVv3PfsZt%2bdoDYaYAQ8c7JJUkkCFJB5PnFwaM4gg%3d%3d
my304172.s4hana.ondemand.com/ Name: sap-usercontext
Value: sap-client=100
aqyktbveq.accounts.ondemand.com/ Name: XSRF_COOKIE
Value: "A++/vcaFcXwV77+9MH3vv714cu+/vQNvJlXvv70077+9ZSvvq75qDyrvv70K77+9OjE3MDUzNzk0MzAxODI="
aqyktbveq.accounts.ondemand.com/ Name: JSESSIONID
Value: 0C47F38ECBBC14E7DA5AB4F2A4CB3AA3

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block