urlscan.io logo urlscan.io
SecurityTrails logo

apptlpserv.dt.r.appspot.com Open in urlscan Pro
2404:6800:4004:810::2014  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://letronc-m.com/redirector?url=http%3A%2F%2F553.ponntel.com.%23.217319%2FZWQubWFseXN6QHZlcml0YXMuY29tDQ%3D%3D%2F...
Effective URL: https://apptlpserv.dt.r.appspot.com/
Submission Tags: falconsandbox
Submission: On November 22 via api from US — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 4 domains to perform 3 HTTP transactions. The main IP is 2404:6800:4004:810::2014, located in Australia and belongs to GOOGLE, US. The main domain is apptlpserv.dt.r.appspot.com.
TLS certificate: Issued by GTS CA 1C3 on November 2nd 2022. Valid for: 3 months.
This is the only time apptlpserv.dt.r.appspot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 18.177.15.16 16509 (AMAZON-02)
1 34.125.19.121 396982 (GOOGLE-CL...)
1 2404:6800:400... 15169 (GOOGLE)
3 4 52.73.12.205 14618 (AMAZON-AES)
3 3
1    18.177.15.16 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-177-15-16.ap-northeast-1.compute.amazonaws.com
letronc-m.com
1    34.125.19.121 (Las Vegas, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 121.19.125.34.bc.googleusercontent.com
553.ponntel.com.
1    2404:6800:4004:810::2014 (Australia)

ASN15169 (GOOGLE, US)
apptlpserv.dt.r.appspot.com
4    52.73.12.205 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-12-205.compute-1.amazonaws.com
l0g1n-micro.softorline.com
log1n-micro.softorline.com
Domain Requested by
3 l0g1n-micro.softorline.com 3 redirects
1 log1n-micro.softorline.com apptlpserv.dt.r.appspot.com
1 apptlpserv.dt.r.appspot.com 553.ponntel.com.
1 553.ponntel.com.
1 letronc-m.com 1 redirects
3 5

This site contains no links.

Subject Issuer Validity Valid
*.appspot.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.softorline.com
R3		 2022-10-11 -
2023-01-09		 3 months crt.sh

This page contains 1 frames:

Frame: https://log1n-micro.softorline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=4819b2a6-9311-f29c-3501-73efb2fb6e08&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638047105167724200.bd9b7e41-d3db-43fc-9be6-9c3e0bdeaa60&state=DctBFoAgCABRrddxSBSSPI4IbVt2_Vj82U1OKe1hCxkjSTrdyFLxql2kcUM81YaKcwUjU2B6Fgz1DmORo5rP2THHe5T3m-UH
Frame ID: 42438C51026BC06EC73CFE8B6583F755
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://letronc-m.com/redirector?url=http%3A%2F%2F553.ponntel.com.%23.217319%2FZWQubWFseXN6QHZlcml... HTTP 301
    http://553.ponntel.com./ Page URL
  2. https://apptlpserv.dt.r.appspot.com/ Page URL

Page Statistics

3
Requests

67 %
HTTPS

25 %
IPv6

4
Domains

5
Subdomains

3
IPs

3
Countries

3 kB
Transfer

8 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://letronc-m.com/redirector?url=http%3A%2F%2F553.ponntel.com.%23.217319%2FZWQubWFseXN6QHZlcml0YXMuY29tDQ%3D%3D%2F9569%2FaHR0cHM6Ly9hcHB0bHBzZXJ2LmR0LnIuYXBwc3BvdC5jb20vI2VkLm1hbHlzekB2ZXJpdGFzLmNvbQ0%3D%2F553&data=05%7C01%7Ced.malysz%40veritas.com%7C8f9b19bc165743715f9308dacbd61512%7Cfc8e13c0422c4c55b3eaca318e6cac32%7C0%7C0%7C638046418209289834%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000%7C%7C%7C&sdata=z865DAVZCnL2fPrmyuvwFxak6kRq0a2joE9sMpcDztU%3D&reserved=0 HTTP 301
    http://553.ponntel.com./ Page URL
  2. https://apptlpserv.dt.r.appspot.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://letronc-m.com/redirector?url=http%3A%2F%2F553.ponntel.com.%23.217319%2FZWQubWFseXN6QHZlcml0YXMuY29tDQ%3D%3D%2F9569%2FaHR0cHM6Ly9hcHB0bHBzZXJ2LmR0LnIuYXBwc3BvdC5jb20vI2VkLm1hbHlzekB2ZXJpdGFzLmNvbQ0%3D%2F553&data=05%7C01%7Ced.malysz%40veritas.com%7C8f9b19bc165743715f9308dacbd61512%7Cfc8e13c0422c4c55b3eaca318e6cac32%7C0%7C0%7C638046418209289834%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000%7C%7C%7C&sdata=z865DAVZCnL2fPrmyuvwFxak6kRq0a2joE9sMpcDztU%3D&reserved=0 HTTP 301
  • http://553.ponntel.com./
Request Chain 1
  • https://l0g1n-micro.softorline.com/adf0q HTTP 302
  • https://l0g1n-micro.softorline.com/ HTTP 302
  • https://l0g1n-micro.softorline.com/owa/ HTTP 302
  • https://log1n-micro.softorline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=4819b2a6-9311-f29c-3501-73efb2fb6e08&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638047105167724200.bd9b7e41-d3db-43fc-9be6-9c3e0bdeaa60&state=DctBFoAgCABRrddxSBSSPI4IbVt2_Vj82U1OKe1hCxkjSTrdyFLxql2kcUM81YaKcwUjU2B6Fgz1DmORo5rP2THHe5T3m-UH

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
553.ponntel.com./
Redirect Chain
  • https://letronc-m.com/redirector?url=http%3A%2F%2F553.ponntel.com.%23.217319%2FZWQubWFseXN6QHZlcml0YXMuY29tDQ%3D%3D%2F9569%2FaHR0cHM6Ly9hcHB0bHBzZXJ2LmR0LnIuYXBwc3BvdC5jb20vI2VkLm1hbHlzekB2ZXJpdGFz...
  • http://553.ponntel.com./
7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://553.ponntel.com./
Protocol
HTTP/1.1
Server
34.125.19.121 Las Vegas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
121.19.125.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
93ddbb353d4ebc083e1f2bd0b02c9dd8c8f929c1ed126ac27b242475ba20776a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Tue, 22 Nov 2022 10:41:54 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding

Redirect headers

content-length
185
content-type
text/html
date
Tue, 22 Nov 2022 10:41:52 GMT
location
http://553.ponntel.com.#.217319/ZWQubWFseXN6QHZlcml0YXMuY29tDQ==/9569/aHR0cHM6Ly9hcHB0bHBzZXJ2LmR0LnIuYXBwc3BvdC5jb20vI2VkLm1hbHlzekB2ZXJpdGFzLmNvbQ0=/553
server
nginx/1.10.2
Primary Request /
apptlpserv.dt.r.appspot.com/ 		1 KB
1020 B 		Document
General
Check archive.org
Download Go to
Full URL
https://apptlpserv.dt.r.appspot.com/
Requested by
Host: 553.ponntel.com.
URL: http://553.ponntel.com./
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:810::2014 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
c4dc52048bf5537e54faa68b79dbc766e6294ae8e6127dee9f816ad868f53ad0

Request headers

Referer
http://553.ponntel.com./
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
721
content-type
text/html; charset=UTF-8
date
Tue, 22 Nov 2022 10:41:54 GMT
server
Google Frontend
vary
Accept-Encoding
x-cloud-trace-context
83af68c5679a0c1db4c262309826814a;o=1
authorize
log1n-micro.softorline.com/common/oauth2/
Redirect Chain
  • https://l0g1n-micro.softorline.com/adf0q
  • https://l0g1n-micro.softorline.com/
  • https://l0g1n-micro.softorline.com/owa/
  • https://log1n-micro.softorline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://log1n-micro.softorline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=4819b2a6-9311-f29c-3501-73efb2fb6e08&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638047105167724200.bd9b7e41-d3db-43fc-9be6-9c3e0bdeaa60&state=DctBFoAgCABRrddxSBSSPI4IbVt2_Vj82U1OKe1hCxkjSTrdyFLxql2kcUM81YaKcwUjU2B6Fgz1DmORo5rP2THHe5T3m-UH
Requested by
Host: apptlpserv.dt.r.appspot.com
URL: https://apptlpserv.dt.r.appspot.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.73.12.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-12-205.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://apptlpserv.dt.r.appspot.com/#ed.malysz@veritas.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
no-store, no-cache
Connection
close
Content-Type
text/html; charset=utf-8
Date
Tue, 22 Nov 2022 10:41:57 GMT
Expires
-1
Nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
P3p
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Report-To
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+wst"}]}
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Ms-Ests-Server
2.1.14059.16 - SCUS ProdSlices
X-Ms-Request-Id
c7313be8-027e-41b6-a36a-d4fad5d8bb00

Redirect headers

Alt-Svc
h3=":443",h3-29=":443"
Connection
close
Content-Type
text/html; charset=utf-8
Date
Tue, 22 Nov 2022 10:41:55 GMT
Location
https://log1n-micro.softorline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=4819b2a6-9311-f29c-3501-73efb2fb6e08&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638047105167724200.bd9b7e41-d3db-43fc-9be6-9c3e0bdeaa60&state=DctBFoAgCABRrddxSBSSPI4IbVt2_Vj82U1OKe1hCxkjSTrdyFLxql2kcUM81YaKcwUjU2B6Fgz1DmORo5rP2THHe5T3m-UH
Nel
{"report_to":"NelOfficeUpload1","max_age":7200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
P3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Report-To
{"group":"NelOfficeUpload1","max_age":7200,"endpoints":[{"url":"https://exo.nel.measure.office.net/api/report?TenantId=&FrontEnd=Cafe&DestinationEndpoint=MNZ"}],"include_subdomains":true}
Request-Id
4819b2a6-9311-f29c-3501-73efb2fb6e08
Server
Microsoft-IIS/10.0
Transfer-Encoding
chunked
X-Backend-Begin
2022-11-22T10:41:56.772
X-Backend-End
2022-11-22T10:41:56.772
X-Backendhttpstatus
302 302
X-Beserver
BN6PR0101MB3075
X-Besku
WCS5
X-Calculatedbetarget
BN6PR0101MB3075.prod.exchangelabs.com
X-Calculatedfetarget
BN1PR12CU001.internal.outlook.com
X-Diaginfo
BN6PR0101MB3075
X-Feefzinfo
MNZ
X-Feproxyinfo
BL0PR0102CA0038.PROD.EXCHANGELABS.COM
X-Feserver
BN1PR12CA0020 BL0PR0102CA0038
X-Firsthopcafeefz
MNZ
X-Iids
0
X-Owa-Diagnosticsinfo
1;0;0
X-Proxy-Backendserverstatus
302
X-Proxy-Routingcorrectness
1
X-Rum-Notupdatequeriedpath
1
X-Rum-Validated
1
X-Ua-Compatible
IE=EmulateIE7

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Domain/Path Name / Value
.softorline.com/ Name: gzdo
Value: 03f85769db5ae78f887591e4400146b0406e143c882843ac58d1c656e09fd29c
l0g1n-micro.softorline.com/ Name: ClientId
Value: C4CD576965C546328EFB68C73EDBB918
l0g1n-micro.softorline.com/ Name: OIDC
Value: 1
l0g1n-micro.softorline.com/ Name: OpenIdConnect.nonce.v3.p7fF9HZu8f00m2sfiuxFgxYFc5m_RGFrsDvFbHTg_To
Value: 638047105167724200.bd9b7e41-d3db-43fc-9be6-9c3e0bdeaa60
l0g1n-micro.softorline.com/ Name: X-OWA-RedirectHistory
Value: ArLym14BqA59LXbM2gg