dimfa.elcompanies.com

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 7 HTTP transactions. The main IP is 2600:9000:2003:6e00:4:9c04:9300:93a1, located in United States and belongs to AMAZON-02, US. The main domain is dimfa.elcompanies.com. The Cisco Umbrella rank of the primary domain is 874333.
TLS certificate: Issued by Amazon RSA 2048 M02 on August 24th 2023. Valid for: a year.

This is the only time dimfa.elcompanies.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 4	161.71.144.16 161.71.144.16	14340 (SALESFORCE) (SALESFORCE)
1 6	2600:9000:200... 2600:9000:2003:6e00:4:9c04:9300:93a1	16509 (AMAZON-02) (AMAZON-02)
7	2

4 161.71.144.16 (United States) 2 redirects

ASN14340 (SALESFORCE, US)
PTR: sledge1-hnd.slb.sfdcsvc.net

myonesource.elcompanies.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2003:6e00:4:9c04:9300:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

dimfa.elcompanies.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	elcompanies.com 3 redirects myonesource.elcompanies.com dimfa.elcompanies.com — Cisco Umbrella Rank: 874333	39 KB
7	1

	Domain	Requested by
6	dimfa.elcompanies.com	1 redirects dimfa.elcompanies.com
4	myonesource.elcompanies.com	2 redirects myonesource.elcompanies.com
7	2

This site contains no links.

Subject Issuer	Validity	Valid
myonesource.elcompanies.com Sectigo RSA Organization Validation Secure Server CA	`2023-01-17` - `2024-01-17`	a year	crt.sh
dimfa.elcompanies.com Amazon RSA 2048 M02	`2023-08-24` - `2024-09-22`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://dimfa.elcompanies.com/openam/XUI/?realm=/prod&spEntityID=https://estee.my.salesforce.com&service=MFAOTPLogin&goto=https://dimfa.elcompanies.com:443/openam/saml2/continue/metaAlias/prod/elc:mfa:onesource?secondVisitUrl%3D/openam/SSOPOST/metaAlias/prod/elc:mfa:onesource?ReqID%253D_2CAAAAYy2zfDaMDAwMDAwMDAwMDAwMDAwAAAA9s7CQiSHeti4sGRG_VmIdeH0XUaIKdqcU7Za4t1fL5mGjQAMoNXsuy5-OTYQzGi900rhNqK0oZa1KBqPVB8R8cVATLsaxSAtmn3q3ojAvYcLTvoOx2v-0RmyrTJSrxiPI4fjKrxDVAsWVRbjYLRa_Rbr0I-cQ0p9BqOSv2YOAqNjPvgWd6CtsJheOQo1cGgLg0oopkr08PLcj7AzrwM6SuPwzI4hzWdusOZTYw8VzigFfdWowo0A9giY1N9-6jlHiQ&AMAuthCookie=
Frame ID: 93264D3B4E22F1522DD324B4ECE4DE19
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ELC Authentication

Page URL History Show full URLs

http://myonesource.elcompanies.com/ HTTP 301
https://myonesource.elcompanies.com/ Page URL
https://myonesource.elcompanies.com/login?startURL=%2FELC_OS_Portal_Dashboard HTTP 302
https://myonesource.elcompanies.com/saml/authn-request.jsp?saml_request_id=_2CAAAAYy2zfDaMDAwMDAwMDAwMDAwMDAwAAA... Page URL
https://dimfa.elcompanies.com/openam/SSOPOST/metaAlias/prod/elc:mfa:onesource Page URL
https://dimfa.elcompanies.com/openam/UI/Login?realm=/prod&spEntityID=https://estee.my.salesforce.com&servi... HTTP 302
https://dimfa.elcompanies.com/openam/XUI/?realm=/prod&spEntityID=https://estee.my.salesforce.com&service=M... Page URL

Page Statistics

7
Requests

100 %
HTTPS

50 %
IPv6

1
Domains

2
Subdomains

2
IPs

1
Countries

37 kB
Transfer

68 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://myonesource.elcompanies.com/ HTTP 301
https://myonesource.elcompanies.com/ Page URL
https://myonesource.elcompanies.com/login?startURL=%2FELC_OS_Portal_Dashboard HTTP 302
https://myonesource.elcompanies.com/saml/authn-request.jsp?saml_request_id=_2CAAAAYy2zfDaMDAwMDAwMDAwMDAwMDAwAAAA9s7CQiSHeti4sGRG_VmIdeH0XUaIKdqcU7Za4t1fL5mGjQAMoNXsuy5-OTYQzGi900rhNqK0oZa1KBqPVB8R8cVATLsaxSAtmn3q3ojAvYcLTvoOx2v-0RmyrTJSrxiPI4fjKrxDVAsWVRbjYLRa_Rbr0I-cQ0p9BqOSv2YOAqNjPvgWd6CtsJheOQo1cGgLg0oopkr08PLcj7AzrwM6SuPwzI4hzWdusOZTYw8VzigFfdWowo0A9giY1N9-6jlHiQ&saml_acs=https%3A%2F%2Fmyonesource.elcompanies.com%2Flogin%3Fso%3D00Df40000002Q9H&saml_binding_type=HttpPost&Issuer=https%3A%2F%2Festee.my.salesforce.com&samlSsoConfig=0LE8X000000014a&RelayState=%2FELC_OS_Portal_Dashboard Page URL
https://dimfa.elcompanies.com/openam/SSOPOST/metaAlias/prod/elc:mfa:onesource Page URL
https://dimfa.elcompanies.com/openam/UI/Login?realm=/prod&spEntityID=https://estee.my.salesforce.com&service=MFAOTPLogin&goto=https://dimfa.elcompanies.com:443/openam/saml2/continue/metaAlias/prod/elc:mfa:onesource?secondVisitUrl%3D/openam/SSOPOST/metaAlias/prod/elc:mfa:onesource?ReqID%253D_2CAAAAYy2zfDaMDAwMDAwMDAwMDAwMDAwAAAA9s7CQiSHeti4sGRG_VmIdeH0XUaIKdqcU7Za4t1fL5mGjQAMoNXsuy5-OTYQzGi900rhNqK0oZa1KBqPVB8R8cVATLsaxSAtmn3q3ojAvYcLTvoOx2v-0RmyrTJSrxiPI4fjKrxDVAsWVRbjYLRa_Rbr0I-cQ0p9BqOSv2YOAqNjPvgWd6CtsJheOQo1cGgLg0oopkr08PLcj7AzrwM6SuPwzI4hzWdusOZTYw8VzigFfdWowo0A9giY1N9-6jlHiQ&AMAuthCookie= HTTP 302
https://dimfa.elcompanies.com/openam/XUI/?realm=/prod&spEntityID=https://estee.my.salesforce.com&service=MFAOTPLogin&goto=https://dimfa.elcompanies.com:443/openam/saml2/continue/metaAlias/prod/elc:mfa:onesource?secondVisitUrl%3D/openam/SSOPOST/metaAlias/prod/elc:mfa:onesource?ReqID%253D_2CAAAAYy2zfDaMDAwMDAwMDAwMDAwMDAwAAAA9s7CQiSHeti4sGRG_VmIdeH0XUaIKdqcU7Za4t1fL5mGjQAMoNXsuy5-OTYQzGi900rhNqK0oZa1KBqPVB8R8cVATLsaxSAtmn3q3ojAvYcLTvoOx2v-0RmyrTJSrxiPI4fjKrxDVAsWVRbjYLRa_Rbr0I-cQ0p9BqOSv2YOAqNjPvgWd6CtsJheOQo1cGgLg0oopkr08PLcj7AzrwM6SuPwzI4hzWdusOZTYw8VzigFfdWowo0A9giY1N9-6jlHiQ&AMAuthCookie= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://myonesource.elcompanies.com/ HTTP 301
https://myonesource.elcompanies.com/

Request Chain 1

https://myonesource.elcompanies.com/login?startURL=%2FELC_OS_Portal_Dashboard HTTP 302
https://myonesource.elcompanies.com/saml/authn-request.jsp?saml_request_id=_2CAAAAYy2zfDaMDAwMDAwMDAwMDAwMDAwAAAA9s7CQiSHeti4sGRG_VmIdeH0XUaIKdqcU7Za4t1fL5mGjQAMoNXsuy5-OTYQzGi900rhNqK0oZa1KBqPVB8R8cVATLsaxSAtmn3q3ojAvYcLTvoOx2v-0RmyrTJSrxiPI4fjKrxDVAsWVRbjYLRa_Rbr0I-cQ0p9BqOSv2YOAqNjPvgWd6CtsJheOQo1cGgLg0oopkr08PLcj7AzrwM6SuPwzI4hzWdusOZTYw8VzigFfdWowo0A9giY1N9-6jlHiQ&saml_acs=https%3A%2F%2Fmyonesource.elcompanies.com%2Flogin%3Fso%3D00Df40000002Q9H&saml_binding_type=HttpPost&Issuer=https%3A%2F%2Festee.my.salesforce.com&samlSsoConfig=0LE8X000000014a&RelayState=%2FELC_OS_Portal_Dashboard

7 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/
myonesource.elcompanies.com/
Redirect Chain

http://myonesource.elcompanies.com/
https://myonesource.elcompanies.com/

704 B
794 B

1376ms
910ms

Document
text/html

161.71.144.16
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://myonesource.elcompanies.com/

Protocol

H2

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.144.16 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

sledge1-hnd.slb.sfdcsvc.net

Software

sfdcedge / Salesforce.com ApexPages

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

cache-control: no-cache,must-revalidate,max-age=0,no-store,private
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
content-type: text/html;charset=UTF-8
date: Fri, 01 Dec 2023 18:19:58 GMT
p3p: CP="CUR OTR STA"
referrer-policy: origin-when-cross-origin
server: sfdcedge
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-powered-by: Salesforce.com ApexPages
x-sfdc-request-id: 3583e96bdde9544642bb3346aa36cb5e
x-xss-protection: 1; mode=block

Redirect headers

Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Connection: keep-alive
Content-Security-Policy: upgrade-insecure-requests
Date: Fri, 01 Dec 2023 18:19:56 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://myonesource.elcompanies.com/
Referrer-Policy: origin-when-cross-origin
Server: sfdcedge
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-SFDC-Request-Id: 888024e0424b2785c6a242b798020bc5
X-XSS-Protection: 1; mode=block

GET
H2

200

authn-request.jsp Show response
myonesource.elcompanies.com/saml/
Redirect Chain

https://myonesource.elcompanies.com/login?startURL=%2FELC_OS_Portal_Dashboard
https://myonesource.elcompanies.com/saml/authn-request.jsp?saml_request_id=_2CAAAAYy2zfDaMDAwMDAwMDAwMDAwMDAwAAAA9s7CQiSHeti4sGRG_VmIdeH0XUaIKdqcU7Za4t1fL5mGjQAMoNXsuy5-OTYQzGi900rhNqK0oZa1KBqPVB8R...

7 KB
5 KB

400ms
400ms

Document
text/html

161.71.144.16
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://myonesource.elcompanies.com/saml/authn-request.jsp?saml_request_id=_2CAAAAYy2zfDaMDAwMDAwMDAwMDAwMDAwAAAA9s7CQiSHeti4sGRG_VmIdeH0XUaIKdqcU7Za4t1fL5mGjQAMoNXsuy5-OTYQzGi900rhNqK0oZa1KBqPVB8R8cVATLsaxSAtmn3q3ojAvYcLTvoOx2v-0RmyrTJSrxiPI4fjKrxDVAsWVRbjYLRa_Rbr0I-cQ0p9BqOSv2YOAqNjPvgWd6CtsJheOQo1cGgLg0oopkr08PLcj7AzrwM6SuPwzI4hzWdusOZTYw8VzigFfdWowo0A9giY1N9-6jlHiQ&saml_acs=https%3A%2F%2Fmyonesource.elcompanies.com%2Flogin%3Fso%3D00Df40000002Q9H&saml_binding_type=HttpPost&Issuer=https%3A%2F%2Festee.my.salesforce.com&samlSsoConfig=0LE8X000000014a&RelayState=%2FELC_OS_Portal_Dashboard

Requested by

Host: myonesource.elcompanies.com
URL: https://myonesource.elcompanies.com/

Protocol

H2

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.144.16 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

sledge1-hnd.slb.sfdcsvc.net

Software

sfdcedge /

Resource Hash

e1802e58c56aef1bcc9dc366e2bef303cd98ec68f571079a8fb2da844cb0d6e8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://myonesource.elcompanies.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

cache-control: no-cache,must-revalidate,max-age=0,no-store,private
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
content-type: text/html;charset=UTF-8
date: Fri, 01 Dec 2023 18:19:59 GMT
pragma: no-cache
referrer-policy: origin-when-cross-origin
server: sfdcedge
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-sfdc-request-id: f71364487bd3f1cfb4d5d45f27db877b
x-xss-protection: 1; mode=block

Redirect headers

cache-control: no-cache,must-revalidate,max-age=0,no-store,private
content-length: 0
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Fri, 01 Dec 2023 18:19:59 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://myonesource.elcompanies.com/saml/authn-request.jsp?saml_request_id=_2CAAAAYy2zfDaMDAwMDAwMDAwMDAwMDAwAAAA9s7CQiSHeti4sGRG_VmIdeH0XUaIKdqcU7Za4t1fL5mGjQAMoNXsuy5-OTYQzGi900rhNqK0oZa1KBqPVB8R8cVATLsaxSAtmn3q3ojAvYcLTvoOx2v-0RmyrTJSrxiPI4fjKrxDVAsWVRbjYLRa_Rbr0I-cQ0p9BqOSv2YOAqNjPvgWd6CtsJheOQo1cGgLg0oopkr08PLcj7AzrwM6SuPwzI4hzWdusOZTYw8VzigFfdWowo0A9giY1N9-6jlHiQ&saml_acs=https%3A%2F%2Fmyonesource.elcompanies.com%2Flogin%3Fso%3D00Df40000002Q9H&saml_binding_type=HttpPost&Issuer=https%3A%2F%2Festee.my.salesforce.com&samlSsoConfig=0LE8X000000014a&RelayState=%2FELC_OS_Portal_Dashboard
referrer-policy: origin-when-cross-origin
server: sfdcedge
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
x-sfdc-request-id: 2c6d8bdc1182dcf396bab23d55fb9818
x-xss-protection: 1; mode=block

POST
H2 200 elc:mfa:onesource Show response
dimfa.elcompanies.com/openam/SSOPOST/metaAlias/prod/ 6 KB
7 KB 1261ms
558ms Document
text/html 2600:9000:2003:6e00:4:9c04:9300:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dimfa.elcompanies.com/openam/SSOPOST/metaAlias/prod/elc:mfa:onesource

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2003:6e00:4:9c04:9300:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/

Resource Hash

1107c6a503c151b86faa5cdab1f6949940a28378186cc6c2f5e44a995f8df77c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://myonesource.elcompanies.com
Referer: https://myonesource.elcompanies.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

content-length: 6246
content-type: text/html;charset=UTF-8
date: Fri, 01 Dec 2023 18:20:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 41fd6d5d31b98dbe4a4504a337ab4b96.cloudfront.net (CloudFront)
x-amz-cf-id: vx3bUUV4yXCqnjGiHlUuA4r-GIqYaKZe3-C96hMcr3bj8ACG5FqJIg==
x-amz-cf-pop: SIN2-C1
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

GET
H2 200 purify.min.js Show response
dimfa.elcompanies.com/openam/js/DomPurify/ 21 KB
21 KB 788ms
788ms Script
text/javascript 2600:9000:2003:6e00:4:9c04:9300:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dimfa.elcompanies.com/openam/js/DomPurify/purify.min.js

Requested by

Host: dimfa.elcompanies.com
URL: https://dimfa.elcompanies.com/openam/SSOPOST/metaAlias/prod/elc:mfa:onesource

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2003:6e00:4:9c04:9300:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/

Resource Hash

d48e3c32ba5c79567f39903147035e803da5fc50ff01c7dab7bde9fcbb9919d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://dimfa.elcompanies.com/openam/SSOPOST/metaAlias/prod/elc:mfa:onesource
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 01 Dec 2023 18:20:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Fri, 29 Jul 2022 14:48:10 GMT
via: 1.1 41fd6d5d31b98dbe4a4504a337ab4b96.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-C1
etag: W/"21208-1659106090000"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: text/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 21208
x-amz-cf-id: KK49quqFdKV-pu6wjeNN0ifebWpNzFjY_GwQ3OcDFw_QJTnzO5c3dw==

GET
H2 200 saml2-write.js Show response
dimfa.elcompanies.com/openam/js/ 864 B
1 KB 518ms
517ms Script
text/javascript 2600:9000:2003:6e00:4:9c04:9300:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dimfa.elcompanies.com/openam/js/saml2-write.js

Requested by

Host: dimfa.elcompanies.com
URL: https://dimfa.elcompanies.com/openam/SSOPOST/metaAlias/prod/elc:mfa:onesource

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2003:6e00:4:9c04:9300:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/

Resource Hash

601b7a3c0e333b3b532f26b7d146bde51402953de0a50377d901409c305d81fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://dimfa.elcompanies.com/openam/SSOPOST/metaAlias/prod/elc:mfa:onesource
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 01 Dec 2023 18:20:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Fri, 29 Jul 2022 14:48:10 GMT
via: 1.1 41fd6d5d31b98dbe4a4504a337ab4b96.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-C1
etag: W/"864-1659106090000"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: text/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 864
x-amz-cf-id: XQsLkkpUhGq-1P41BuPZZxCtuoMBMKv5dFdBE2YxZFKiqkl-wmCZ4w==

GET
H2

200

Primary Request / Show response
dimfa.elcompanies.com/openam/XUI/
Redirect Chain

https://dimfa.elcompanies.com/openam/UI/Login?realm=/prod&spEntityID=https://estee.my.salesforce.com&service=MFAOTPLogin&goto=https://dimfa.elcompanies.com:443/openam/saml2/continue/metaAlias/prod/...
https://dimfa.elcompanies.com/openam/XUI/?realm=/prod&spEntityID=https://estee.my.salesforce.com&service=MFAOTPLogin&goto=https://dimfa.elcompanies.com:443/openam/saml2/continue/metaAlias/prod/elc:...

1 KB
2 KB

499ms
499ms

Document
text/html

2600:9000:2003:6e00:4:9c04:9300:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dimfa.elcompanies.com/openam/XUI/?realm=/prod&spEntityID=https://estee.my.salesforce.com&service=MFAOTPLogin&goto=https://dimfa.elcompanies.com:443/openam/saml2/continue/metaAlias/prod/elc:mfa:onesource?secondVisitUrl%3D/openam/SSOPOST/metaAlias/prod/elc:mfa:onesource?ReqID%253D_2CAAAAYy2zfDaMDAwMDAwMDAwMDAwMDAwAAAA9s7CQiSHeti4sGRG_VmIdeH0XUaIKdqcU7Za4t1fL5mGjQAMoNXsuy5-OTYQzGi900rhNqK0oZa1KBqPVB8R8cVATLsaxSAtmn3q3ojAvYcLTvoOx2v-0RmyrTJSrxiPI4fjKrxDVAsWVRbjYLRa_Rbr0I-cQ0p9BqOSv2YOAqNjPvgWd6CtsJheOQo1cGgLg0oopkr08PLcj7AzrwM6SuPwzI4hzWdusOZTYw8VzigFfdWowo0A9giY1N9-6jlHiQ&AMAuthCookie=

Requested by

Host: dimfa.elcompanies.com
URL: https://dimfa.elcompanies.com/openam/js/saml2-write.js

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2003:6e00:4:9c04:9300:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/

Resource Hash

5542d7bfa254c7f1c1fa38130ac923b75fd683b8f93840434221b6bc3082da6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://dimfa.elcompanies.com/openam/SSOPOST/metaAlias/prod/elc:mfa:onesource
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: public, max-age=300
content-length: 1518
content-type: text/html
date: Fri, 01 Dec 2023 18:20:02 GMT
etag: W/"1518-1700114622000"
last-modified: Thu, 16 Nov 2023 06:03:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 41fd6d5d31b98dbe4a4504a337ab4b96.cloudfront.net (CloudFront)
x-amz-cf-id: UPDfQhfAfOB-UNYOuL9I7IUXqEmvb5DXsUPoSHBhFHJgg3OXBiJpfw==
x-amz-cf-pop: SIN2-C1
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

Redirect headers

content-length: 0
date: Fri, 01 Dec 2023 18:20:02 GMT
location: /openam/XUI/?realm=/prod&spEntityID=https://estee.my.salesforce.com&service=MFAOTPLogin&goto=https://dimfa.elcompanies.com:443/openam/saml2/continue/metaAlias/prod/elc:mfa:onesource?secondVisitUrl%3D/openam/SSOPOST/metaAlias/prod/elc:mfa:onesource?ReqID%253D_2CAAAAYy2zfDaMDAwMDAwMDAwMDAwMDAwAAAA9s7CQiSHeti4sGRG_VmIdeH0XUaIKdqcU7Za4t1fL5mGjQAMoNXsuy5-OTYQzGi900rhNqK0oZa1KBqPVB8R8cVATLsaxSAtmn3q3ojAvYcLTvoOx2v-0RmyrTJSrxiPI4fjKrxDVAsWVRbjYLRa_Rbr0I-cQ0p9BqOSv2YOAqNjPvgWd6CtsJheOQo1cGgLg0oopkr08PLcj7AzrwM6SuPwzI4hzWdusOZTYw8VzigFfdWowo0A9giY1N9-6jlHiQ&AMAuthCookie=#login/
via: 1.1 41fd6d5d31b98dbe4a4504a337ab4b96.cloudfront.net (CloudFront)
x-amz-cf-id: zhIxRW35hGlaeMDaTF6aIHmUFzJSYUVxN4sHagi2KEVMzwBr4QebRw==
x-amz-cf-pop: SIN2-C1
x-cache: Miss from cloudfront

GET
H2 200 main.3ff904f627.js
dimfa.elcompanies.com/openam/XUI/ 32 KB
0 895ms
893ms Script
text/javascript 2600:9000:2003:6e00:4:9c04:9300:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dimfa.elcompanies.com/openam/XUI/main.3ff904f627.js

Requested by

Host: dimfa.elcompanies.com
URL: https://dimfa.elcompanies.com/openam/XUI/?realm=/prod&spEntityID=https://estee.my.salesforce.com&service=MFAOTPLogin&goto=https://dimfa.elcompanies.com:443/openam/saml2/continue/metaAlias/prod/elc:mfa:onesource?secondVisitUrl%3D/openam/SSOPOST/metaAlias/prod/elc:mfa:onesource?ReqID%253D_2CAAAAYy2zfDaMDAwMDAwMDAwMDAwMDAwAAAA9s7CQiSHeti4sGRG_VmIdeH0XUaIKdqcU7Za4t1fL5mGjQAMoNXsuy5-OTYQzGi900rhNqK0oZa1KBqPVB8R8cVATLsaxSAtmn3q3ojAvYcLTvoOx2v-0RmyrTJSrxiPI4fjKrxDVAsWVRbjYLRa_Rbr0I-cQ0p9BqOSv2YOAqNjPvgWd6CtsJheOQo1cGgLg0oopkr08PLcj7AzrwM6SuPwzI4hzWdusOZTYw8VzigFfdWowo0A9giY1N9-6jlHiQ&AMAuthCookie=

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2003:6e00:4:9c04:9300:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://dimfa.elcompanies.com/openam/XUI/?realm=/prod&spEntityID=https://estee.my.salesforce.com&service=MFAOTPLogin&goto=https://dimfa.elcompanies.com:443/openam/saml2/continue/metaAlias/prod/elc:mfa:onesource?secondVisitUrl%3D/openam/SSOPOST/metaAlias/prod/elc:mfa:onesource?ReqID%253D_2CAAAAYy2zfDaMDAwMDAwMDAwMDAwMDAwAAAA9s7CQiSHeti4sGRG_VmIdeH0XUaIKdqcU7Za4t1fL5mGjQAMoNXsuy5-OTYQzGi900rhNqK0oZa1KBqPVB8R8cVATLsaxSAtmn3q3ojAvYcLTvoOx2v-0RmyrTJSrxiPI4fjKrxDVAsWVRbjYLRa_Rbr0I-cQ0p9BqOSv2YOAqNjPvgWd6CtsJheOQo1cGgLg0oopkr08PLcj7AzrwM6SuPwzI4hzWdusOZTYw8VzigFfdWowo0A9giY1N9-6jlHiQ&AMAuthCookie=
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 01 Dec 2023 18:20:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 16 Nov 2023 06:03:42 GMT
via: 1.1 41fd6d5d31b98dbe4a4504a337ab4b96.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-C1
etag: W/"2201804-1700114622000"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: text/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 2201804
x-amz-cf-id: -EfVAhseEb8mNrx4dCGa5POspsoRK4bpVinwjiBkTKCfCXVU__pFSQ==

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
dimfa.elcompanies.com/openam	1969-12-31 23:59:59	Name: JSESSIONID Value: EE4A40CC4A28B27E2836FFEBA299C4E1
myonesource.elcompanies.com/	1970-01-21 01:23:10	Name: CookieConsentPolicy Value: 0:1
myonesource.elcompanies.com/	1970-01-21 01:23:10	Name: LSKey-c$CookieConsentPolicy Value: 0:1
.elcompanies.com/	1969-12-31 23:59:59	Name: amlbcookie Value: 01
.dimfa.elcompanies.com/	1969-12-31 23:59:59	Name: amlbcookie Value: 01

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dimfa.elcompanies.com
myonesource.elcompanies.com
161.71.144.16
2600:9000:2003:6e00:4:9c04:9300:93a1
1107c6a503c151b86faa5cdab1f6949940a28378186cc6c2f5e44a995f8df77c
5542d7bfa254c7f1c1fa38130ac923b75fd683b8f93840434221b6bc3082da6d
601b7a3c0e333b3b532f26b7d146bde51402953de0a50377d901409c305d81fa
d48e3c32ba5c79567f39903147035e803da5fc50ff01c7dab7bde9fcbb9919d1
e1802e58c56aef1bcc9dc366e2bef303cd98ec68f571079a8fb2da844cb0d6e8

dimfa.elcompanies.com Open in urlscan Pro 2600:9000:2003:6e00:4:9c04:9300:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

7 Requests

100 %HTTPS

50 %IPv6

1 Domains

2 Subdomains

2 IPs

1 Countries

37 kBTransfer

68 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

5 Cookies

Security Headers

Indicators

dimfa.elcompanies.com Open in urlscan Pro
2600:9000:2003:6e00:4:9c04:9300:93a1 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

100 %
HTTPS

50 %
IPv6

1
Domains

2
Subdomains

2
IPs

1
Countries

37 kB
Transfer

68 kB
Size

5
Cookies

7 HTTP transactions
0 data transactions