oneokadfs3.oneok.com
Open in
urlscan Pro
172.110.141.90
Public Scan
Effective URL: https://oneokadfs3.oneok.com/adfs/ls/?login_hint=james.akingbola%40oneok.com&client-request-id=daad8a5f-f8f4-4eb3-a2f8-aef736...
Submission: On May 01 via manual from US — Scanned from FI
Summary
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on August 2nd 2023. Valid for: a year.
This is the only time oneokadfs3.oneok.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 135.181.236.6 135.181.236.6 | 24940 (HETZNER-AS) (HETZNER-AS) | |
2 3 | 185.42.14.179 185.42.14.179 | 57271 (BITWEB-AS) (BITWEB-AS) | |
1 2 | 2603:1027:1:d... 2603:1027:1:d8::4 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 2620:1ec:bdf::45 2620:1ec:bdf::45 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 172.110.141.90 172.110.141.90 | () () | |
6 | 5 |
ASN24940 (HETZNER-AS, DE)
PTR: sanluis.solidred.com.mx
agencelavalle.mx |
ASN57271 (BITWEB-AS, RU)
log1n-approval-expense.mepsandistic.org |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
3 |
mepsandistic.org
2 redirects
log1n-approval-expense.mepsandistic.org |
66 KB |
2 |
microsoftonline.com
1 redirects
login.microsoftonline.com — Cisco Umbrella Rank: 10 |
13 KB |
1 |
oneok.com
oneokadfs3.oneok.com |
|
1 |
msauth.net
aadcdn.msauth.net — Cisco Umbrella Rank: 841 |
49 KB |
1 |
agencelavalle.mx
1 redirects
agencelavalle.mx |
248 B |
6 | 5 |
Domain | Requested by | |
---|---|---|
3 | log1n-approval-expense.mepsandistic.org | 2 redirects |
2 | login.microsoftonline.com | 1 redirects |
1 | oneokadfs3.oneok.com |
aadcdn.msauth.net
oneokadfs3.oneok.com |
1 | aadcdn.msauth.net |
login.microsoftonline.com
|
1 | agencelavalle.mx | 1 redirects |
6 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
mepsandistic.org R3 |
2024-04-30 - 2024-07-29 |
3 months | crt.sh |
stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA |
2024-03-07 - 2025-03-07 |
a year | crt.sh |
aadcdn.msauth.net DigiCert SHA2 Secure Server CA |
2024-04-30 - 2025-04-30 |
a year | crt.sh |
oneokadfs3.oneok.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-08-02 - 2024-08-01 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://oneokadfs3.oneok.com/adfs/ls/?login_hint=james.akingbola%40oneok.com&client-request-id=daad8a5f-f8f4-4eb3-a2f8-aef736ba37f5&username=james.akingbola%40oneok.com&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuATiu9be-vJjs9-iH-u-m-0y_7qKUZmwEfoXGBlfMDJOYpLMSsxNLdZLzM7MS0_Kz0l0yM9Lzc8GKbnFJOhflO6ZEl7slpqSWpRYkpmf94gZt_oLLAKvWHgMmK04OLgEGCQYFBh-sDAuYgW60GaB12PDdBaHeX8lVPUPpDKcYtU3KooyLvP0yQpJ9sguNyl3D0stKTAoTPVLTPIPyghND8sxc3bMNC7LNY8ItDW2MpzAJjSBjekUG8MHNsYOdoZZ7AwHOBkP8DL84Pt55e_vP3tnvfPYIMAAAA2
Frame ID: E90BDCC1B97D89AAD85C7D532811805A
Requests: 6 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://agencelavalle.mx/jaBM2Fe5sdy9aki2PngbWO3lax0qWO3nFe5WO3kdy9s3RWO3BM2
HTTP 302
https://log1n-approval-expense.mepsandistic.org/?organisation=oneok.com&dse=amFtZXMuYWtpbmdib2xhQG9uZW9rLmNvbQ== Page URL
-
https://log1n-approval-expense.mepsandistic.org/?organisation=oneok.com&dse=amFtZXMuYWtpbmdib2xhQG9uZW9rLmNvbQ==
HTTP 302
https://log1n-approval-expense.mepsandistic.org/?organisation=oneok.com&dse=amFtZXMuYWtpbmdib2xhQG9uZW9rLmNvbQ== HTTP 302
https://login.microsoftonline.com/?organisation=oneok.com&username=james.akingbola%40oneok.com Page URL
-
https://login.microsoftonline.com/?organisation=oneok.com&username=james.akingbola%40oneok.com&sso_reload=true
HTTP 302
https://oneokadfs3.oneok.com/adfs/ls/?login_hint=james.akingbola%40oneok.com&client-request-id=daad8a5f-f... Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://agencelavalle.mx/jaBM2Fe5sdy9aki2PngbWO3lax0qWO3nFe5WO3kdy9s3RWO3BM2
HTTP 302
https://log1n-approval-expense.mepsandistic.org/?organisation=oneok.com&dse=amFtZXMuYWtpbmdib2xhQG9uZW9rLmNvbQ== Page URL
-
https://log1n-approval-expense.mepsandistic.org/?organisation=oneok.com&dse=amFtZXMuYWtpbmdib2xhQG9uZW9rLmNvbQ==
HTTP 302
https://log1n-approval-expense.mepsandistic.org/?organisation=oneok.com&dse=amFtZXMuYWtpbmdib2xhQG9uZW9rLmNvbQ== HTTP 302
https://login.microsoftonline.com/?organisation=oneok.com&username=james.akingbola%40oneok.com Page URL
-
https://login.microsoftonline.com/?organisation=oneok.com&username=james.akingbola%40oneok.com&sso_reload=true
HTTP 302
https://oneokadfs3.oneok.com/adfs/ls/?login_hint=james.akingbola%40oneok.com&client-request-id=daad8a5f-f8f4-4eb3-a2f8-aef736ba37f5&username=james.akingbola%40oneok.com&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuATiu9be-vJjs9-iH-u-m-0y_7qKUZmwEfoXGBlfMDJOYpLMSsxNLdZLzM7MS0_Kz0l0yM9Lzc8GKbnFJOhflO6ZEl7slpqSWpRYkpmf94gZt_oLLAKvWHgMmK04OLgEGCQYFBh-sDAuYgW60GaB12PDdBaHeX8lVPUPpDKcYtU3KooyLvP0yQpJ9sguNyl3D0stKTAoTPVLTPIPyghND8sxc3bMNC7LNY8ItDW2MpzAJjSBjekUG8MHNsYOdoZZ7AwHOBkP8DL84Pt55e_vP3tnvfPYIMAAAA2 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://agencelavalle.mx/jaBM2Fe5sdy9aki2PngbWO3lax0qWO3nFe5WO3kdy9s3RWO3BM2 HTTP 302
- https://log1n-approval-expense.mepsandistic.org/?organisation=oneok.com&dse=amFtZXMuYWtpbmdib2xhQG9uZW9rLmNvbQ==
- https://log1n-approval-expense.mepsandistic.org/?organisation=oneok.com&dse=amFtZXMuYWtpbmdib2xhQG9uZW9rLmNvbQ== HTTP 302
- https://log1n-approval-expense.mepsandistic.org/?organisation=oneok.com&dse=amFtZXMuYWtpbmdib2xhQG9uZW9rLmNvbQ== HTTP 302
- https://login.microsoftonline.com/?organisation=oneok.com&username=james.akingbola%40oneok.com
6 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
log1n-approval-expense.mepsandistic.org/ Redirect Chain
|
166 KB 66 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
login.microsoftonline.com/ Redirect Chain
|
19 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BssoInterrupt_Core_Ggyc2EJnCaHFrI6xkBPLcg2.js
aadcdn.msauth.net/shared/1.0/content/js/ |
138 KB 49 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
/
oneokadfs3.oneok.com/adfs/ls/ Redirect Chain
|
15 KB 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
style.css
oneokadfs3.oneok.com/adfs/portal/css/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
logo.png
oneokadfs3.oneok.com/adfs/portal/logo/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- oneokadfs3.oneok.com
- URL
- https://oneokadfs3.oneok.com/adfs/portal/css/style.css?id=D74D4D6943F32AE6F7F11D14D601DBB0E1A58919176EE512150366B6279AAF99
- Domain
- oneokadfs3.oneok.com
- URL
- https://oneokadfs3.oneok.com/adfs/portal/logo/logo.png?id=769F499998F1416A01F9633ADCBA76D7B88BD904B4296EDD8AE3A9E1A66194B3
Verdicts & Comments Add Verdict or Comment
0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
8 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.mepsandistic.org/ | Name: O1jw2E Value: "MzkxODgyNTktYjFmZC00MTlhLTgwYzItZGRkNjkyMTYwNjc1OjY4ZmZiOWJiLTYyY2ItNDljOS1hNzRhLThjMzI0ZThjZmQ3Zg==" |
|
.login.microsoftonline.com/ | Name: esctx-pwQSdZIdkE Value: AQABCQEAAADnfolhJpSnRYB1SVj-Hgd83Ad4YzAVqtNqhd5_Sb_chLd78cIPvlytcGQWENq0Aru2kNhSlHr4kGvrRdxfeRlTyID_ZYm8JSoyxQh_Clmu9ZOrtsiOYIHbYtxMZMhOurR4bd2Z29mZk-0C9N72XoknJayFhNcsZ0GAMGX6GeMT8iAA |
|
login.microsoftonline.com/ | Name: fpc Value: Am7oCOy_ectAqFLNnC3R0XE |
|
.login.microsoftonline.com/ | Name: esctx Value: PAQABBwEAAADnfolhJpSnRYB1SVj-Hgd8zOE3hVlt5T01jZSovvhMTAb-6KxzZn_g2__YoWf6myAJKhSGFtm0jxoH9LivsOvgrnHAqmt4LdROSWA0a0PbMT45fdmJM0321rP57h_uZk8MJ0V40Zowij9z-G3IqCDkjiJJm7L5qLVenJgukMlNQhqpioaQUzA4IiZ7VVpl0K8gAA |
|
login.microsoftonline.com/ | Name: x-ms-gateway-slice Value: estsfd |
|
login.microsoftonline.com/ | Name: stsservicecookie Value: estsfd |
|
.login.microsoftonline.com/ | Name: AADSSO Value: NA|NoExtension |
|
login.microsoftonline.com/ | Name: SSOCOOKIEPULLED Value: 1 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aadcdn.msauth.net
agencelavalle.mx
log1n-approval-expense.mepsandistic.org
login.microsoftonline.com
oneokadfs3.oneok.com
oneokadfs3.oneok.com
135.181.236.6
172.110.141.90
185.42.14.179
2603:1027:1:d8::4
2620:1ec:bdf::45
dfc01aad13ceec871fe4d273481414bf0fbee3be65c5cacdae66d0b5156403cb