Submitted URL: http://107.150.165.29/
Effective URL: https://socar.accounts.ondemand.com/saml2/idp/sso/socar.accounts.ondemand.com
Submission: On August 08 via manual from TR — Scanned from DE

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 7 HTTP transactions. The main IP is 157.133.170.72, located in United States and belongs to SAP_CC, DE. The main domain is socar.accounts.ondemand.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on November 21st 2022. Valid for: a year.
This is the only time socar.accounts.ondemand.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 3 107.150.165.29 212684 (SOCAR)
6 157.133.170.72 35039 (SAP_CC)
7 3
Apex Domain
Subdomains
Transfer
6 ondemand.com
socar.accounts.ondemand.com
777 KB
1 socar.com.tr
cportal.socar.com.tr
5 KB
7 2
Domain Requested by
6 socar.accounts.ondemand.com socar.accounts.ondemand.com
1 cportal.socar.com.tr
7 2

This site contains no links.

Subject Issuer Validity Valid
*.socar.com.tr
GlobalSign RSA OV SSL CA 2018
2022-11-01 -
2023-12-03
a year crt.sh
*.accounts.ondemand.com
DigiCert TLS RSA SHA256 2020 CA1
2022-11-21 -
2023-12-21
a year crt.sh

This page contains 1 frames:

Primary Page: https://socar.accounts.ondemand.com/saml2/idp/sso/socar.accounts.ondemand.com
Frame ID: C4D306068379624138907B8F809CCAA3
Requests: 10 HTTP requests in this frame

Screenshot

Page Title

Customer Portal: Anmelden

Page URL History Show full URLs

  1. http://107.150.165.29/ HTTP 302
    https://107.150.165.29/ HTTP 302
    https://cportal.socar.com.tr/sap/bc/ui5_ui5/ui2/ushell/shells/abap/FioriLaunchpad.html?saml2idp=socar.acc... Page URL
  2. https://socar.accounts.ondemand.com/saml2/idp/sso/socar.accounts.ondemand.com Page URL

Page Statistics

7
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

915 kB
Transfer

2042 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://107.150.165.29/ HTTP 302
    https://107.150.165.29/ HTTP 302
    https://cportal.socar.com.tr/sap/bc/ui5_ui5/ui2/ushell/shells/abap/FioriLaunchpad.html?saml2idp=socar.accounts.ondemand.com Page URL
  2. https://socar.accounts.ondemand.com/saml2/idp/sso/socar.accounts.ondemand.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://107.150.165.29/ HTTP 302
  • https://107.150.165.29/ HTTP 302
  • https://cportal.socar.com.tr/sap/bc/ui5_ui5/ui2/ushell/shells/abap/FioriLaunchpad.html?saml2idp=socar.accounts.ondemand.com

7 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
FioriLaunchpad.html
cportal.socar.com.tr/sap/bc/ui5_ui5/ui2/ushell/shells/abap/
Redirect Chain
  • http://107.150.165.29/
  • https://107.150.165.29/
  • https://cportal.socar.com.tr/sap/bc/ui5_ui5/ui2/ushell/shells/abap/FioriLaunchpad.html?saml2idp=socar.accounts.ondemand.com
3 KB
5 KB
Document
General
Full URL
https://cportal.socar.com.tr/sap/bc/ui5_ui5/ui2/ushell/shells/abap/FioriLaunchpad.html?saml2idp=socar.accounts.ondemand.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.150.165.29 , Turkey, ASN212684 (SOCAR, TR),
Reverse DNS
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

X-Cnection
close
cache-control
no-cache, no-store, must-revalidate, private
content-length
3098
content-type
text/html; charset=utf-8
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
sap-perf-fesrec
13736.000000
sap-server
true

Redirect headers

Connection
Keep-Alive
Content-Length
0
Location
https://cportal.socar.com.tr/sap/bc/ui5_ui5/ui2/ushell/shells/abap/FioriLaunchpad.html?saml2idp=socar.accounts.ondemand.com#Shell-home
Server
BigIP
Primary Request socar.accounts.ondemand.com
socar.accounts.ondemand.com/saml2/idp/sso/
12 KB
6 KB
Document
General
Full URL
https://socar.accounts.ondemand.com/saml2/idp/sso/socar.accounts.ondemand.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.133.170.72 , United States, ASN35039 (SAP_CC, DE),
Reverse DNS
Software
SAP /
Resource Hash
0e550795e8923d52bb7a4fc5d96809665d77eda35422f24ae0be70d407fdce14
Security Headers
Name Value
Content-Security-Policy script-src 'self' consent.trustarc.com 'nonce-CkhBGDqnUlLOJ9fWkTizUsco8pS1kcn0YsF3gVaaksc='
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://cportal.socar.com.tr
Referer
https://cportal.socar.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private,no-cache,no-store
Connection
Keep-Alive
Content-Encoding
gzip
Content-Language
de-DE
Content-Security-Policy
script-src 'self' consent.trustarc.com 'nonce-CkhBGDqnUlLOJ9fWkTizUsco8pS1kcn0YsF3gVaaksc='
Content-Type
text/html;charset=utf-8
Date
Tue, 08 Aug 2023 10:25:04 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=5, max=100
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Pragma
no-cache
Referrer-Policy
origin
Server
SAP
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-IDS-ID
E76024A7-4F29-4513-8BFF-45B3A0E547F0
X-IDS-Landscape
eu-nl-1
X-IDS-Node
idp04
X-IDS-Pool
blue
X-IDS-Project
prod
X-Robots-Tag
none
vary
accept-encoding,X-CSP-STRIP
x-xss-protection
1; mode=block
ids-fc2dae44d4617819d75f2a433ae989e8865cce116f675b906a274d168416832f.css
socar.accounts.ondemand.com/universalui/assets/
136 KB
25 KB
Stylesheet
General
Full URL
https://socar.accounts.ondemand.com/universalui/assets/ids-fc2dae44d4617819d75f2a433ae989e8865cce116f675b906a274d168416832f.css
Requested by
Host: socar.accounts.ondemand.com
URL: https://socar.accounts.ondemand.com/saml2/idp/sso/socar.accounts.ondemand.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.133.170.72 , United States, ASN35039 (SAP_CC, DE),
Reverse DNS
Software
Apache /
Resource Hash
fc2dae44d4617819d75f2a433ae989e8865cce116f675b906a274d168416832f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://socar.accounts.ondemand.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Tue, 08 Aug 2023 10:25:04 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-IDS-Project
prod
Connection
Keep-Alive
X-IDS-Pool
blue
Content-Length
25317
Referrer-Policy
origin
Last-Modified
Thu, 27 Jul 2023 08:32:25 GMT
Server
Apache
Vary
User-Agent,Accept-Encoding,X-CSP-STRIP
X-IDS-Landscape
eu-nl-1
Content-Type
text/css
Cache-Control
max-age=31536000, public
Accept-Ranges
bytes
X-IDS-Node
idp04
X-Robots-Tag
none
Keep-Alive
timeout=5, max=99
RESOURCE_STYLESHEET
socar.accounts.ondemand.com/ui/public/cached/SocarCPortal/v/1/
968 KB
675 KB
Stylesheet
General
Full URL
https://socar.accounts.ondemand.com/ui/public/cached/SocarCPortal/v/1/RESOURCE_STYLESHEET
Requested by
Host: socar.accounts.ondemand.com
URL: https://socar.accounts.ondemand.com/saml2/idp/sso/socar.accounts.ondemand.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.133.170.72 , United States, ASN35039 (SAP_CC, DE),
Reverse DNS
Software
SAP /
Resource Hash
9e7f6582abd4e277bc6c06306ebd32a10af1892709d9c5b7a5c69299e152ad1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://socar.accounts.ondemand.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Tue, 08 Aug 2023 10:25:04 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-IDS-Project
prod
Transfer-Encoding
chunked
X-IDS-ID
F5EF41BA-19FA-44C0-B5F1-C2A6BE490869
Connection
Keep-Alive
X-IDS-Pool
blue
Referrer-Policy
origin
Server
SAP
vary
accept-encoding,X-CSP-STRIP
Content-Type
text/css;charset=UTF-8
X-IDS-Landscape
eu-nl-1
Cache-Control
max-age=31536000
X-IDS-Node
idp04
X-Robots-Tag
none
Keep-Alive
timeout=5, max=98
Expires
Wed, 07 Aug 2024 10:25:05 GMT
logo
socar.accounts.ondemand.com/ui/public/cached/607e964c3b526d6a5130e78b/v/3/
3 KB
3 KB
Image
General
Full URL
https://socar.accounts.ondemand.com/ui/public/cached/607e964c3b526d6a5130e78b/v/3/logo
Requested by
Host: socar.accounts.ondemand.com
URL: https://socar.accounts.ondemand.com/saml2/idp/sso/socar.accounts.ondemand.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.133.170.72 , United States, ASN35039 (SAP_CC, DE),
Reverse DNS
Software
SAP /
Resource Hash
94798aa0954c5f4a8116b6283cb00d9277b10013dbf79e2850dbbb45122d60f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://socar.accounts.ondemand.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Tue, 08 Aug 2023 10:25:04 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
X-IDS-Project
prod
X-IDS-ID
FA4F0E1F-86AB-4088-896D-A00AFC78A3FE
Connection
Keep-Alive
X-IDS-Pool
blue
Content-Length
2719
Referrer-Policy
origin
Server
SAP
Vary
X-CSP-STRIP
Content-Type
image/png;charset=UTF-8
X-IDS-Landscape
eu-nl-1
Cache-Control
max-age=31536000
X-IDS-Node
idp10
X-Robots-Tag
none
Keep-Alive
timeout=5, max=100
Expires
Wed, 07 Aug 2024 10:25:05 GMT
sap-ias-logo-powered-by-1371dbe016cf3ff1e9f04af5c4a34c065e40bb7a37792210788899d3309170fc.svg
socar.accounts.ondemand.com/universalui/assets/
3 KB
4 KB
Image
General
Full URL
https://socar.accounts.ondemand.com/universalui/assets/sap-ias-logo-powered-by-1371dbe016cf3ff1e9f04af5c4a34c065e40bb7a37792210788899d3309170fc.svg
Requested by
Host: socar.accounts.ondemand.com
URL: https://socar.accounts.ondemand.com/saml2/idp/sso/socar.accounts.ondemand.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.133.170.72 , United States, ASN35039 (SAP_CC, DE),
Reverse DNS
Software
Apache /
Resource Hash
1371dbe016cf3ff1e9f04af5c4a34c065e40bb7a37792210788899d3309170fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://socar.accounts.ondemand.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Tue, 08 Aug 2023 10:25:05 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
X-IDS-Project
prod
Connection
Keep-Alive
X-IDS-Pool
blue
Content-Length
3264
Referrer-Policy
origin
Last-Modified
Thu, 27 Jul 2023 08:31:08 GMT
Server
Apache
Vary
User-Agent,X-CSP-STRIP
X-IDS-Landscape
eu-nl-1
Content-Type
image/svg+xml
Cache-Control
max-age=31536000, public
Accept-Ranges
bytes
X-IDS-Node
idp12
X-Robots-Tag
none
Keep-Alive
timeout=5, max=100
application-7d4853c26492fba7f72bbe4378978d93aef4eab7b2fd2a817db4ea2814c211f9.js
socar.accounts.ondemand.com/universalui/assets/
193 KB
64 KB
Script
General
Full URL
https://socar.accounts.ondemand.com/universalui/assets/application-7d4853c26492fba7f72bbe4378978d93aef4eab7b2fd2a817db4ea2814c211f9.js
Requested by
Host: socar.accounts.ondemand.com
URL: https://socar.accounts.ondemand.com/saml2/idp/sso/socar.accounts.ondemand.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.133.170.72 , United States, ASN35039 (SAP_CC, DE),
Reverse DNS
Software
Apache /
Resource Hash
7d4853c26492fba7f72bbe4378978d93aef4eab7b2fd2a817db4ea2814c211f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://socar.accounts.ondemand.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Tue, 08 Aug 2023 10:25:05 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-IDS-Project
prod
Transfer-Encoding
chunked
Connection
Keep-Alive
X-IDS-Pool
blue
Referrer-Policy
origin
Last-Modified
Thu, 27 Jul 2023 08:32:42 GMT
Server
Apache
Vary
User-Agent,Accept-Encoding,X-CSP-STRIP
X-IDS-Landscape
eu-nl-1
Content-Type
application/javascript
Cache-Control
max-age=31536000, public
Accept-Ranges
bytes
X-IDS-Node
idp14
Keep-Alive
timeout=5, max=100
X-Robots-Tag
none
truncated
/
589 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ca69905990714cf74734bf7f03faefe7fa9f020ead63aa7dcbfa2d5be8ead50b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://socar.accounts.ondemand.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/jpg
truncated
/
133 KB
133 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f13f6f2cdd4858dcb84a7f7144263674deb8a156c1144d14f05071376027654c

Request headers

Referer
https://socar.accounts.ondemand.com/
Origin
https://socar.accounts.ondemand.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
font/ttf
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
04f26483b1d98496c664d2e937cf2688b1552dd7adc3eafd0a8cf7a27c799867

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://socar.accounts.ondemand.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| idsClose function| idsShowHelp function| idsInputReveal function| idsShowInputHint function| idsExpand function| idsInputClear function| idsDetectWebAuthnSupport function| idsBufferEncode function| idsStringEncode function| idsConstructUserCredentials function| idsBuildFlashMessage function| idsWebAuthnRegister function| idsWebAuthnLogin function| $ function| jQuery object| html5 object| Modernizr function| _ object| Backbone function| FlashMessage function| EditableLinks function| HintPasswordValidate function| setPasswordRepeatValidator function| resize_overlay function| InputHintPageUpdater function| EventEmitter object| eventie function| imagesLoaded boolean| wro_flag

6 Cookies

Domain/Path Name / Value
cportal.socar.com.tr/ Name: oucqqvqvwyboyrxsoreeeoydbaobayrayrfdcqv
Value: GET%23MIICQQYJKoZIhvcNAQcDoIICMjCCAi4CAQAxggGYMIIBlAIBADB8MHAxCzAJBgNVBAYTAkRFMRwwGgYDVQQKExNTQVAgVHJ1c3QgQ29tbXVuaXR5MRMwEQYDVQQLEwpTQVAgV2ViIEFTMRQwEgYDVQQLEwtJMDAyMDc5Mzc5OTEYMBYGA1UEAwwPQ1BQX1NTRkFfUzJTVlBFAggKICEEGQg0ATANBgkqhkiG9w0BAQEFAASCAQBKsrPJaibKcIcmzzIttWZp9l5rKS%252BP97PTahA7KQ%252BM5KRtW%252BgMSM8wifWDIxXt%252Bc2%252FBYQ4u2QVkmuUwLGAPIsrLQn%252Fe6V1ta2oqcm2y%252BZbi21viwNs4Kx31OCOzHFnOtRSOW4vGQ8cAM8XWwMEVjzAxW96etUD8KXkDd1mUUg0s9JH9S7mX1GgcFXf90ZeuBTOO4ifPUqpD9TXXOFHR%252B7QINY%252BEd7iQUJzPOU13YQM%252BZL2S5l1rDbiOvVxSFlqw72G6Pi%252BBnHUL5invSj4XU9N2UdQMdj0omvo4RjmO47zFCoV3iusM5q2pW1XsWOBDlP%252Bqz76eaMhtw8KLcsqtqZpMIGMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAECBBAzUVlP2svWTxh4o4vCFlf1gGAAZq3fZvkriAtWA7ktnqoCpe3UR9kjEGJSxpZygk6IDobTW8%252BWIIJQhEuf%252Fldld5mclyeFGNVMaSDmBkSjvt3bH7J615mQ%252BblnNIhT1DdDTm49JhdFwtD%252BRwRH5RQBNoI%253D
cportal.socar.com.tr/ Name: sap-usercontext
Value: sap-client=100
.cportal.socar.com.tr/ Name: TS01b8bbbc
Value: 0170acf5a872abeaa8d7cf8127d3a4f4ada6f71e0533bd8acf047faf149d7c2291ee00389fd296a55fb5b26ea5f7a0b7b691c2374124c961bb4fb94adca30db1a686db3af55bda66d25008496ed6eb1c0a0614c5ea
cportal.socar.com.tr/ Name: oucqqvqvwyboyrxsoreeeoydbaobayrayrfdcqv_anchor
Value: %23Shell-home
socar.accounts.ondemand.com/ Name: XSRF_COOKIE
Value: "77+9Ne+/ve+/vS/vv70uMGzSsu+/vRdB77+9O2Z0Ce+/vc+nYTkJMu+/vS/vv70n77+9OjE2OTE0OTAzMDQ1OTI="
socar.accounts.ondemand.com/ Name: JSESSIONID
Value: 7426C8D6EE604F72412DC1E2FFB1786A