urlscan.io logo urlscan.io
SecurityTrails logo

login.hyundaigroup.com Open in urlscan Pro
203.242.40.101  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://login.hdel-install.com/
Effective URL: http://login.hyundaigroup.com/sso/ssoService.do?returnURL=http%3A%2F%2Flogin.hdel-install.com%2Flogin%2F%3Forgssosite%3D%26ret...
Submission: On February 19 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 3 domains to perform 5 HTTP transactions. The main IP is 203.242.40.101, located in Korea, Republic Of and belongs to HMM-AS-KR Hyundai Movex, KR. The main domain is login.hyundaigroup.com.
This is the only time login.hyundaigroup.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 5 203.242.40.101 10189 (HMM-AS-KR...)
5 2
Apex Domain
Subdomains		 Transfer
3 hdel-install.com
login.hdel-install.com
1 KB
2 hyundaigroup.com
login.hyundaigroup.com
15 KB
0 Failed
function sub() { [native code] }. Failed
5 3
Domain Requested by
3 login.hdel-install.com 2 redirects
2 login.hyundaigroup.com login.hdel-install.com
login.hyundaigroup.com
0 127.0.0.1 Failed login.hyundaigroup.com
5 3

This site contains no links.

Subject Issuer Validity Valid

This page contains 1 frames:

Primary Page: http://login.hyundaigroup.com/sso/ssoService.do?returnURL=http%3A%2F%2Flogin.hdel-install.com%2Flogin%2F%3Forgssosite%3D%26returnURL%3Dhttp%253A%252F%252Flogin.hdel-install.com%252Flogin%252F&ssosite=bf36244b-719f-470d-a33a-18d54e0fed07::SSOLOGIN
Frame ID: CAA29E0814A680459A3441EDEC89F930
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://login.hdel-install.com/ Page URL
  2. http://login.hdel-install.com/login HTTP 302
    http://login.hdel-install.com/login/ HTTP 302
    http://login.hyundaigroup.com/sso/ssoService.do?returnURL=http%3A%2F%2Flogin.hdel-install.com%2Flogin%2F%3... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

5
Requests

0 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

1
Countries

15 kB
Transfer

50 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://login.hdel-install.com/ Page URL
  2. http://login.hdel-install.com/login HTTP 302
    http://login.hdel-install.com/login/ HTTP 302
    http://login.hyundaigroup.com/sso/ssoService.do?returnURL=http%3A%2F%2Flogin.hdel-install.com%2Flogin%2F%3Forgssosite%3D%26returnURL%3Dhttp%253A%252F%252Flogin.hdel-install.com%252Flogin%252F&ssosite=bf36244b-719f-470d-a33a-18d54e0fed07::SSOLOGIN Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
login.hdel-install.com/ 		171 B
500 B 		Document
General
Check archive.org
Download Go to
Full URL
http://login.hdel-install.com/
Protocol
HTTP/1.1
Server
203.242.40.101 , Korea, Republic Of, ASN10189 (HMM-AS-KR Hyundai Movex, KR),
Reverse DNS
outlook2.hyundaiglobal.com
Software
Microsoft-IIS/10.0 / ARR/3.0 ASP.NET
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8
Date
Sun, 19 Feb 2023 07:25:30 GMT
Server
Microsoft-IIS/10.0
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Powered-By
ARR/3.0 ASP.NET
Primary Request ssoService.do
login.hyundaigroup.com/sso/
Redirect Chain
  • http://login.hdel-install.com/login
  • http://login.hdel-install.com/login/
  • http://login.hyundaigroup.com/sso/ssoService.do?returnURL=http%3A%2F%2Flogin.hdel-install.com%2Flogin%2F%3Forgssosite%3D%26returnURL%3Dhttp%253A%252F%252Flogin.hdel-install.com%252Flogin%252F&ssosi...
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://login.hyundaigroup.com/sso/ssoService.do?returnURL=http%3A%2F%2Flogin.hdel-install.com%2Flogin%2F%3Forgssosite%3D%26returnURL%3Dhttp%253A%252F%252Flogin.hdel-install.com%252Flogin%252F&ssosite=bf36244b-719f-470d-a33a-18d54e0fed07::SSOLOGIN
Requested by
Host: login.hdel-install.com
URL: http://login.hdel-install.com/
Protocol
HTTP/1.1
Server
203.242.40.101 , Korea, Republic Of, ASN10189 (HMM-AS-KR Hyundai Movex, KR),
Reverse DNS
outlook2.hyundaiglobal.com
Software
Microsoft-IIS/10.0 / ARR/3.0 ASP.NET
Resource Hash
40b9cc5e08b7add32b7633fe11f1cf5e30e29b2b0c75a9156fc2c5cc5116181f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://login.hdel-install.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-CH
UA, UA-Platform, UA-Arch, UA-Model, UA-Mobile, UA-Full-Version
Accept-CH-Lifetime
86400
Cache-Control
no-cache, no-store, must-revalidate
Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8
Date
Sun, 19 Feb 2023 07:25:31 GMT
Server
Microsoft-IIS/10.0
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Powered-By
ARR/3.0 ASP.NET
X-XSS-Protection
1; mode=block

Redirect headers

Accept-CH
UA, UA-Platform, UA-Arch, UA-Model, UA-Mobile, UA-Full-Version
Accept-CH-Lifetime
86400
Cache-Control
no-cache="Set-Cookie"
Content-Length
0
Date
Sun, 19 Feb 2023 07:25:31 GMT
Location
http://login.hyundaigroup.com/sso/ssoService.do?returnURL=http%3A%2F%2Flogin.hdel-install.com%2Flogin%2F%3Forgssosite%3D%26returnURL%3Dhttp%253A%252F%252Flogin.hdel-install.com%252Flogin%252F&ssosite=bf36244b-719f-470d-a33a-18d54e0fed07::SSOLOGIN
Server
Microsoft-IIS/10.0
X-Powered-By
ARR/3.0 ASP.NET
all.min.css
login.hyundaigroup.com/sso/assets/plugins/font-awesome/5.3/css/ 		48 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://login.hyundaigroup.com/sso/assets/plugins/font-awesome/5.3/css/all.min.css
Requested by
Host: login.hyundaigroup.com
URL: http://login.hyundaigroup.com/sso/ssoService.do?returnURL=http%3A%2F%2Flogin.hdel-install.com%2Flogin%2F%3Forgssosite%3D%26returnURL%3Dhttp%253A%252F%252Flogin.hdel-install.com%252Flogin%252F&ssosite=bf36244b-719f-470d-a33a-18d54e0fed07::SSOLOGIN
Protocol
HTTP/1.1
Server
203.242.40.101 , Korea, Republic Of, ASN10189 (HMM-AS-KR Hyundai Movex, KR),
Reverse DNS
outlook2.hyundaiglobal.com
Software
Microsoft-IIS/10.0 / ARR/3.0, ASP.NET
Resource Hash
604dcf1f11698655f75046bb92f98aaa9477e1c16b01c5fc415e78794393ffb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
http://login.hyundaigroup.com/sso/ssoService.do?returnURL=http%3A%2F%2Flogin.hdel-install.com%2Flogin%2F%3Forgssosite%3D%26returnURL%3Dhttp%253A%252F%252Flogin.hdel-install.com%252Flogin%252F&ssosite=bf36244b-719f-470d-a33a-18d54e0fed07::SSOLOGIN
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Sun, 19 Feb 2023 07:25:31 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 20 Aug 2020 22:30:32 GMT
Server
Microsoft-IIS/10.0
ETag
W/"48649-1597962632000"
X-Powered-By
ARR/3.0, ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css;charset=UTF-8
X-Frame-Options
SAMEORIGIN
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
ESSOStatus
127.0.0.1/ 		0
0
SyncDeviceID
127.0.0.1/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
127.0.0.1
URL
http://127.0.0.1:9999/ESSOStatus?time=20230219072532
Domain
127.0.0.1
URL
http://127.0.0.1:9999/SyncDeviceID?time=20230219072532

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| oncontentvisibilityautostatechange boolean| supportESSO boolean| supportLive boolean| synced

2 Cookies

Domain/Path Name / Value
.login.hyundaigroup.com/ Name: UAKEY
Value: d977dc1a288e4f3e9aed0e90e800556f
.login.hyundaigroup.com/ Name: ctTC
Value: 231^1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

127.0.0.1
login.hdel-install.com
login.hyundaigroup.com
127.0.0.1
203.242.40.101
40b9cc5e08b7add32b7633fe11f1cf5e30e29b2b0c75a9156fc2c5cc5116181f
604dcf1f11698655f75046bb92f98aaa9477e1c16b01c5fc415e78794393ffb9