login.nustarenergy.com
Open in
urlscan Pro
66.194.93.95
Public Scan
Effective URL: https://login.nustarenergy.com/adfs/ls/?client-request-id=f086199f-5012-9000-271c-3bff046f80d3&username=&wa=wsignin1.0&wtrealm=...
Submission: On November 20 via manual from US
Summary
TLS certificate: Issued by DigiCert Global CA G2 on August 13th 2018. Valid for: 2 years.
This is the only time login.nustarenergy.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 3 | 13.107.136.9 13.107.136.9 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation) | |
2 2 | 20.190.129.2 20.190.129.2 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation) | |
3 | 66.194.93.95 66.194.93.95 | 3549 (LVLT-3549) (LVLT-3549 - Level 3 Parent) | |
3 | 1 |
ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
nustarenergy-my.sharepoint.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
login.windows.net | |
login.microsoftonline.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
3 |
nustarenergy.com
login.nustarenergy.com |
7 KB |
3 |
sharepoint.com
3 redirects
nustarenergy-my.sharepoint.com |
3 KB |
1 |
microsoftonline.com
1 redirects
login.microsoftonline.com |
2 KB |
1 |
windows.net
1 redirects
login.windows.net |
1 KB |
3 | 4 |
Domain | Requested by | |
---|---|---|
3 | login.nustarenergy.com |
login.nustarenergy.com
|
3 | nustarenergy-my.sharepoint.com | 3 redirects |
1 | login.microsoftonline.com | 1 redirects |
1 | login.windows.net | 1 redirects |
3 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
login.nustarenergy.com DigiCert Global CA G2 |
2018-08-13 - 2020-08-13 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://login.nustarenergy.com/adfs/ls/?client-request-id=f086199f-5012-9000-271c-3bff046f80d3&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQIIAaVRPWgUQRi9uZ81uYgeMUUEixQBwTC3M7MzszMbLPZn9oJBs6bxpwmbu13vIHe77u5BYiFWIeXVNoJ2V1qJhWCbKpAuvSRYhVR2eotNSsFXPL7He8XjfQ9quI2tVfQXBiwZojjGsBuV1zVki83Wh7uHl4tBZXL_3vrvevLu9D1ojcZ5EWbRKMpeHbS7yXAKrH5RpLml69ctODxo5_2ZSpPBqCiD-k6cZMNc70VxON4r2mGe7n8B4ASACwCm1deECmIwmxHlCSS5zTCllCBGXNNRiivhckPZjmc7PmW-SyBxDWFSX5qEe55yHeEj5WClZiFKhMmRLYRE0qC-8j3XcU1DKCEQk9h2pMnoWfX2lj0u-qSkJBu8ia6q82XHnTTJi2ntn1b6XFuVlHdjGceQdwWClPU4lBJFUMScxuEuZ71QHte0JI1Gg95JHfys30QNa26u2bq1rK1UftXBx8Zs60_LPP_x9qjz7fzO1eH3hcpxQ386eJz6T1509tUa2dgLiLf97BFVkewkQba9WaxtBAbtB1vPUyoemhaeaGCiaRcauNTA0Y3K1_n_-MxZc4kgLCHGkKAVhCyKLWa8_AM1
Frame ID: 6F65BEA3E711CAD879FC5F13E115BAF2
Requests: 3 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://nustarenergy-my.sharepoint.com/personal/ly35m9_nustarenergy_com/Documents/Documents/12062019.docx?web=1
HTTP 302
https://nustarenergy-my.sharepoint.com/personal/ly35m9_nustarenergy_com/_layouts/15/Authenticate.aspx?Source=%2Fper... HTTP 302
https://nustarenergy-my.sharepoint.com/_forms/default.aspx?ReturnUrl=%2fpersonal%2fly35m9_nustarenergy_com%2f_layou... HTTP 302
https://login.windows.net/946cf9ff-6c80-45d6-990e-8f64fab65da9/oauth2/authorize?client%5Fid=00000003%2... HTTP 302
https://login.microsoftonline.com/946cf9ff-6c80-45d6-990e-8f64fab65da9/oauth2/authorize?client_id=00000003-000... HTTP 302
https://login.nustarenergy.com/adfs/ls/?client-request-id=f086199f-5012-9000-271c-3bff046f80d3&username=&wa... Page URL
Detected technologies
Windows Server (Operating Systems) ExpandDetected patterns
- headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
- html /<input[^>]+name="__VIEWSTATE/i
Microsoft ASP.NET (Web Frameworks) Expand
Detected patterns
- html /<input[^>]+name="__VIEWSTATE/i
IIS (Web Servers) Expand
Detected patterns
- headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
- html /<input[^>]+name="__VIEWSTATE/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://nustarenergy-my.sharepoint.com/personal/ly35m9_nustarenergy_com/Documents/Documents/12062019.docx?web=1
HTTP 302
https://nustarenergy-my.sharepoint.com/personal/ly35m9_nustarenergy_com/_layouts/15/Authenticate.aspx?Source=%2Fpersonal%2Fly35m9%5Fnustarenergy%5Fcom%2FDocuments%2FDocuments%2F12062019%2Edocx%3Fweb%3D1 HTTP 302
https://nustarenergy-my.sharepoint.com/_forms/default.aspx?ReturnUrl=%2fpersonal%2fly35m9_nustarenergy_com%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252Fpersonal%252Fly35m9%255Fnustarenergy%255Fcom%252FDocuments%252FDocuments%252F12062019%252Edocx%253Fweb%253D1&Source=cookie HTTP 302
https://login.windows.net/946cf9ff-6c80-45d6-990e-8f64fab65da9/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&protectedtoken=true&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=248235A52ED8096A514442052C7BEE6E8C63EABDABF45FC2%2D2C3874F9726DDECB8F0EB1EEEAB428760A8890934FEFDCBC738E880591AB9754&redirect%5Furi=https%3A%2F%2Fnustarenergy%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&domain%5Fhint=nustarenergy%2Ecom&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=f086199f%2D5012%2D9000%2D271c%2D3bff046f80d3 HTTP 302
https://login.microsoftonline.com/946cf9ff-6c80-45d6-990e-8f64fab65da9/oauth2/authorize?client_id=00000003-0000-0ff1-ce00-000000000000&response_mode=form_post&protectedtoken=true&response_type=code%20id_token&resource=00000003-0000-0ff1-ce00-000000000000&scope=openid&nonce=248235A52ED8096A514442052C7BEE6E8C63EABDABF45FC2-2C3874F9726DDECB8F0EB1EEEAB428760A8890934FEFDCBC738E880591AB9754&redirect_uri=https:%2F%2Fnustarenergy-my.sharepoint.com%2F_forms%2Fdefault.aspx&domain_hint=nustarenergy.com&wsucxt=1&cobrandid=11bd8083-87e0-41b5-bb78-0bc43c8a8e8a&client-request-id=f086199f-5012-9000-271c-3bff046f80d3 HTTP 302
https://login.nustarenergy.com/adfs/ls/?client-request-id=f086199f-5012-9000-271c-3bff046f80d3&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQIIAaVRPWgUQRi9uZ81uYgeMUUEixQBwTC3M7MzszMbLPZn9oJBs6bxpwmbu13vIHe77u5BYiFWIeXVNoJ2V1qJhWCbKpAuvSRYhVR2eotNSsFXPL7He8XjfQ9quI2tVfQXBiwZojjGsBuV1zVki83Wh7uHl4tBZXL_3vrvevLu9D1ojcZ5EWbRKMpeHbS7yXAKrH5RpLml69ctODxo5_2ZSpPBqCiD-k6cZMNc70VxON4r2mGe7n8B4ASACwCm1deECmIwmxHlCSS5zTCllCBGXNNRiivhckPZjmc7PmW-SyBxDWFSX5qEe55yHeEj5WClZiFKhMmRLYRE0qC-8j3XcU1DKCEQk9h2pMnoWfX2lj0u-qSkJBu8ia6q82XHnTTJi2ntn1b6XFuVlHdjGceQdwWClPU4lBJFUMScxuEuZ71QHte0JI1Gg95JHfys30QNa26u2bq1rK1UftXBx8Zs60_LPP_x9qjz7fzO1eH3hcpxQ386eJz6T1509tUa2dgLiLf97BFVkewkQba9WaxtBAbtB1vPUyoemhaeaGCiaRcauNTA0Y3K1_n_-MxZc4kgLCHGkKAVhCyKLWa8_AM1 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
3 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
login.nustarenergy.com/adfs/ls/ Redirect Chain
|
4 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
StyleSheet.css
login.nustarenergy.com/adfs/ls/MasterPages/ |
3 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
header_background.png
login.nustarenergy.com/adfs/ls/App_Themes/Default/ |
641 B 887 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
login.microsoftonline.com
login.nustarenergy.com
login.windows.net
nustarenergy-my.sharepoint.com
13.107.136.9
20.190.129.2
66.194.93.95
1e423fb9380b3f938e6e9b7e9163db597be86039c2fb036a7c65f9dc04810b0c
4ce02b41d4dd56923c88aba510c10a30c5f6a367f421a607a974dd8988c308a7
57694df9004deaf34cd22628a66838db5ac944d585f7deafa9a9f92351738d83