login.kekad.com Open in urlscan Pro
20.192.98.160 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://billing.kekad.com/
Effective URL:
https://login.kekad.com/Account/Login?ReturnUrl=%2Fhome%2Ferror%3FerrorId%3DCfDJ8EccieC2aKFFmRM2tIpI1PtB6w00RlIgXR_oFl1k...
Submission: On August 03 via automatic, source certstream-suspicious (August 3rd 2023, 11:35:07 am UTC) — Scanned from DE

Summary HTTP 57 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 9 domains to perform 57 HTTP transactions. The main IP is 20.192.98.160, located in Pune, India and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.kekad.com.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on July 13th 2022. Valid for: a year.

This is the only time login.kekad.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	52.140.106.224 52.140.106.224	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
9	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
1 11	108.138.7.65 108.138.7.65	16509 (AMAZON-02) (AMAZON-02)
1	3.7.226.205 3.7.226.205	16509 (AMAZON-02) (AMAZON-02)
1 2	13.232.80.180 13.232.80.180	16509 (AMAZON-02) (AMAZON-02)
1	151.101.192.176 151.101.192.176	54113 (FASTLY) (FASTLY)
2 5	20.192.98.160 20.192.98.160	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
3	13.224.189.24 13.224.189.24	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:600... 2a04:4e42:600::729	54113 (FASTLY) (FASTLY)
1	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
13	52.239.202.68 52.239.202.68	() ()
57	12

12 52.140.106.224 (Pune, India)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

billing.kekad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

cdn.kekastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 108.138.7.65 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-65.fra56.r.cloudfront.net

ind-widget.freshworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.7.226.205 (Mumbai, India)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-7-226-205.ap-south-1.compute.amazonaws.com

checkout.razorpay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.232.80.180 (Mumbai, India) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-232-80-180.ap-south-1.compute.amazonaws.com

api.razorpay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.192.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 20.192.98.160 (Pune, India) 2 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.kekad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.189.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-24.fra2.r.cloudfront.net

checkout-static-next.razorpay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::729 (United States)

ASN54113 (FASTLY, US)

browser.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o515678.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 52.239.202.68 (None, )

ASN- ()

stkekastaticdev.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	kekad.com 2 redirects billing.kekad.com login.kekad.com	1 MB
13	windows.net stkekastaticdev.blob.core.windows.net	858 KB
11	freshworks.com 1 redirects ind-widget.freshworks.com — Cisco Umbrella Rank: 387833	147 KB
9	kekastatic.net cdn.kekastatic.net — Cisco Umbrella Rank: 757954	313 KB
6	razorpay.com 1 redirects checkout.razorpay.com — Cisco Umbrella Rank: 116880 api.razorpay.com — Cisco Umbrella Rank: 114437 checkout-static-next.razorpay.com — Cisco Umbrella Rank: 142412	730 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 77	2 KB
1	sentry.io o515678.ingest.sentry.io — Cisco Umbrella Rank: 132900	301 B
1	sentry-cdn.com browser.sentry-cdn.com — Cisco Umbrella Rank: 4840	19 KB
1	stripe.com js.stripe.com — Cisco Umbrella Rank: 1773	144 KB
57	9

	Domain	Requested by
13	stkekastaticdev.blob.core.windows.net	login.kekad.com
12	billing.kekad.com	billing.kekad.com
11	ind-widget.freshworks.com	1 redirects billing.kekad.com ind-widget.freshworks.com
9	cdn.kekastatic.net	billing.kekad.com cdn.kekastatic.net login.kekad.com
5	login.kekad.com	2 redirects billing.kekad.com
3	checkout-static-next.razorpay.com	api.razorpay.com
2	fonts.googleapis.com	api.razorpay.com stkekastaticdev.blob.core.windows.net
2	api.razorpay.com	1 redirects checkout.razorpay.com
1	o515678.ingest.sentry.io	browser.sentry-cdn.com
1	browser.sentry-cdn.com	checkout-static-next.razorpay.com
1	js.stripe.com	billing.kekad.com
1	checkout.razorpay.com	billing.kekad.com
57	12

This site contains links to these domains. Also see Links.

Domain
itunes.apple.com
play.google.com
www.keka.com

Subject Issuer	Validity	Valid
billing.kekad.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-08-03` - `2024-02-03`	6 months	crt.sh
sni2860fgl.wpc.edgecastcdn.net DigiCert TLS RSA SHA256 2020 CA1	`2023-01-07` - `2024-02-07`	a year	crt.sh
*.razorpay.com Amazon RSA 2048 M02	`2023-02-08` - `2024-02-09`	a year	crt.sh
*.freshworks.com Amazon RSA 2048 M01	`2023-07-11` - `2024-08-08`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-07-31` - `2023-11-30`	4 months	crt.sh
*.kekad.com AlphaSSL CA - SHA256 - G2	`2022-07-13` - `2023-08-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.sentry-cdn.com GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-08-01` - `2024-09-01`	a year	crt.sh
ingest.sentry.io DigiCert TLS RSA SHA256 2020 CA1	`2022-07-28` - `2023-08-28`	a year	crt.sh
*.blob.core.windows.net Microsoft RSA TLS CA 01	`2023-03-23` - `2024-03-23`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://login.kekad.com/Account/Login?ReturnUrl=%2Fhome%2Ferror%3FerrorId%3DCfDJ8EccieC2aKFFmRM2tIpI1PtB6w00RlIgXR_oFl1kJ_aKUSNOPhYhwB4XjbyzBwy6n0CSCfCtFlo8C2n6Wy26JfZXMJaQXnpDxLP9d9XDxaIQpWr90hkTQMfjNsuLwKnGAW3aHzO5bDX6mw464j8YYAN5h7iuT5zCL_aiHnoa_j0JuzQjoXZrAa5g9JlJmm2VJMR7wiLkjvi71YocBlNZ5i-y8R_8K2myhTNXDg1H0EFpZT4QaB0fuiVeU0nYVxMPChsPzcNlbnKL6pJPTrKbK_kQ2TWZ7hbIqGjjOGPpk2QeWicvnF723EATXT6JKP7Gm1Gfvz2k4piX3DB3qkBDm5KHw3uStYgALthsc1CqhMY7dywEAhgJ2MibTTDOjLpsly74yuCRFrYz6Y0TeTKRX8dK23eT0MCDQmytMy7vZRAdl7UWvaH_71pGL7nkZYNgN8dII__1zwTlD40whxgoQ354P1fGLmTi3vq7CUk6WY9LZdssrjzrQxxzNmXZBNjftOp8_DlVp0YqF-i4pzjaWDRjC7SlybLm166DGB0tPjmYDvmgwwoZW9Hdtxn4dkRzirBE9S7xb0r2W1kmCpRq_Lnxa3LL__lQ2AQmbG-kKXQgLmBTMNIqNB5HGM_MZtAmOvVpLOU4H9KMjVBM7Mr6NtRuRnV4HpBneMTaqmM1dY0mJ7moFwTa659iUzAAl_QM3p1ebRmrWUyIKbmv9Tq8nm4
Frame ID: 5FF4671EE5A68FC81346C09F07E69900
Requests: 43 HTTP requests in this frame

Frame: https://ind-widget.freshworks.com/widgetBase/widget.js
Frame ID: 86C65C4CCB6F5324BE2274228289CE23
Requests: 7 HTTP requests in this frame

Frame: https://api.razorpay.com/v1/checkout/public?traffic_env=production&build=28526ce45d8f2d3441a1950f05d699343f14c31b&modern=1&unified_lite=1&session_token=699F5AA3CAC1BFDB405D6A07B1EF4B556869EE99D4EB7CB7D81F081FF980DF8F6FFE26EFA278D199E0C58B3E13DF78425AD486C2E8879A3338FA7D1E8817F5960EDC18BA86822D46BD758C172C05C2EC0B7562EC9662D6A016FD5A6131A59216F4AF79CC5733719AC60CA965377F75569C8C20CB1A398423A5BC9A014FB181CE788D43BA204A5FCEEC2FBA184B9C61D9D489A6
Frame ID: 58C8B47D3D253957DEAA1D910034CE87
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Keka Login

Page URL History Show full URLs

https://billing.kekad.com/ Page URL
https://login.kekad.com/connect/authorize?response_type=code&client_id=3c0bc41e-6b32-40f8-9068-8f866... HTTP 302
https://login.kekad.com/home/error?errorId=CfDJ8EccieC2aKFFmRM2tIpI1PtB6w00RlIgXR_oFl1kJ_aKUSNOPhYhw... HTTP 302
https://login.kekad.com/Account/Login?ReturnUrl=%2Fhome%2Ferror%3FerrorId%3DCfDJ8EccieC2aKFFmRM2tIpI... Page URL

Detected technologies

Sentry (Issue Trackers) Expand

Overall confidence: 100%
Detected patterns

browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

57
Requests

98 %
HTTPS

25 %
IPv6

9
Domains

12
Subdomains

12
IPs

3
Countries

3333 kB
Transfer

10087 kB
Size

3
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://itunes.apple.com/in/app/keka-hr/id1448024119?mt=8

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.keka.xhr&hl=en_IN

Search URL Search Domain Scan URL

URL: https://www.keka.com/services-agreement
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.keka.com/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://billing.kekad.com/ Page URL
https://login.kekad.com/connect/authorize?response_type=code&client_id=3c0bc41e-6b32-40f8-9068-8f86606cc4f3&state=eUZWVmxJY0Jpcy5RakcyVGpKU1BRNXBNSXhSa0RaTkx3aEJ0cW5nNDY0VFBj&redirect_uri=https%3A%2F%2Fbilling.kekad.com&scope=openid%20offline_access%20kekahr.api&code_challenge=DjJ5GNXhB0uzSX14RqqsnnVS-5KZxd_JJ9EBTHUmxK0&code_challenge_method=S256&nonce=eUZWVmxJY0Jpcy5RakcyVGpKU1BRNXBNSXhSa0RaTkx3aEJ0cW5nNDY0VFBj HTTP 302
https://login.kekad.com/home/error?errorId=CfDJ8EccieC2aKFFmRM2tIpI1PtB6w00RlIgXR_oFl1kJ_aKUSNOPhYhwB4XjbyzBwy6n0CSCfCtFlo8C2n6Wy26JfZXMJaQXnpDxLP9d9XDxaIQpWr90hkTQMfjNsuLwKnGAW3aHzO5bDX6mw464j8YYAN5h7iuT5zCL_aiHnoa_j0JuzQjoXZrAa5g9JlJmm2VJMR7wiLkjvi71YocBlNZ5i-y8R_8K2myhTNXDg1H0EFpZT4QaB0fuiVeU0nYVxMPChsPzcNlbnKL6pJPTrKbK_kQ2TWZ7hbIqGjjOGPpk2QeWicvnF723EATXT6JKP7Gm1Gfvz2k4piX3DB3qkBDm5KHw3uStYgALthsc1CqhMY7dywEAhgJ2MibTTDOjLpsly74yuCRFrYz6Y0TeTKRX8dK23eT0MCDQmytMy7vZRAdl7UWvaH_71pGL7nkZYNgN8dII__1zwTlD40whxgoQ354P1fGLmTi3vq7CUk6WY9LZdssrjzrQxxzNmXZBNjftOp8_DlVp0YqF-i4pzjaWDRjC7SlybLm166DGB0tPjmYDvmgwwoZW9Hdtxn4dkRzirBE9S7xb0r2W1kmCpRq_Lnxa3LL__lQ2AQmbG-kKXQgLmBTMNIqNB5HGM_MZtAmOvVpLOU4H9KMjVBM7Mr6NtRuRnV4HpBneMTaqmM1dY0mJ7moFwTa659iUzAAl_QM3p1ebRmrWUyIKbmv9Tq8nm4 HTTP 302
https://login.kekad.com/Account/Login?ReturnUrl=%2Fhome%2Ferror%3FerrorId%3DCfDJ8EccieC2aKFFmRM2tIpI1PtB6w00RlIgXR_oFl1kJ_aKUSNOPhYhwB4XjbyzBwy6n0CSCfCtFlo8C2n6Wy26JfZXMJaQXnpDxLP9d9XDxaIQpWr90hkTQMfjNsuLwKnGAW3aHzO5bDX6mw464j8YYAN5h7iuT5zCL_aiHnoa_j0JuzQjoXZrAa5g9JlJmm2VJMR7wiLkjvi71YocBlNZ5i-y8R_8K2myhTNXDg1H0EFpZT4QaB0fuiVeU0nYVxMPChsPzcNlbnKL6pJPTrKbK_kQ2TWZ7hbIqGjjOGPpk2QeWicvnF723EATXT6JKP7Gm1Gfvz2k4piX3DB3qkBDm5KHw3uStYgALthsc1CqhMY7dywEAhgJ2MibTTDOjLpsly74yuCRFrYz6Y0TeTKRX8dK23eT0MCDQmytMy7vZRAdl7UWvaH_71pGL7nkZYNgN8dII__1zwTlD40whxgoQ354P1fGLmTi3vq7CUk6WY9LZdssrjzrQxxzNmXZBNjftOp8_DlVp0YqF-i4pzjaWDRjC7SlybLm166DGB0tPjmYDvmgwwoZW9Hdtxn4dkRzirBE9S7xb0r2W1kmCpRq_Lnxa3LL__lQ2AQmbG-kKXQgLmBTMNIqNB5HGM_MZtAmOvVpLOU4H9KMjVBM7Mr6NtRuRnV4HpBneMTaqmM1dY0mJ7moFwTa659iUzAAl_QM3p1ebRmrWUyIKbmv9Tq8nm4 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://ind-widget.freshworks.com/widgets/84000002034.js HTTP 301
https://ind-widget.freshworks.com/widgetBase/bootstrap.js

Request Chain 25

https://api.razorpay.com/v1/checkout/public?traffic_env=production&build=28526ce45d8f2d3441a1950f05d699343f14c31b&modern=1&unified_lite=1 HTTP 302
https://api.razorpay.com/v1/checkout/public?traffic_env=production&build=28526ce45d8f2d3441a1950f05d699343f14c31b&modern=1&unified_lite=1&session_token=699F5AA3CAC1BFDB405D6A07B1EF4B556869EE99D4EB7CB7D81F081FF980DF8F6FFE26EFA278D199E0C58B3E13DF78425AD486C2E8879A3338FA7D1E8817F5960EDC18BA86822D46BD758C172C05C2EC0B7562EC9662D6A016FD5A6131A59216F4AF79CC5733719AC60CA965377F75569C8C20CB1A398423A5BC9A014FB181CE788D43BA204A5FCEEC2FBA184B9C61D9D489A6

57 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
billing.kekad.com/ 5 KB
2 KB 803ms
226ms Document
text/html 52.140.106.224
MICROSOFT-CORP-MS...

General

Domain/Path	Expires	Name / Value
.kekad.com/	1970-01-20 22:29:58	Name: Subdomain Value: billing.kekad.com
login.kekad.com/	1969-12-31 23:59:59	Name: .AspNetCore.Antiforgery.cdV5uW_Ejgc Value: CfDJ8EccieC2aKFFmRM2tIpI1PuvOF6vAJ3QxCSvB5aLKi2tU02wJqEDiTQ1vLMRI5m1ATOf525fNAv7IjsLPJkREHQyPVF_KififlcCZnTopZlw_DHy0j4nqw0oysG5DQBwiUUTxhS3oHXQoZp6V0Mdm4k
login.kekad.com/	1969-12-31 23:59:59	Name: .AspNetCore.Mvc.CookieTempDataProvider Value: CfDJ8EccieC2aKFFmRM2tIpI1PtZ09Vhe7wWe465rgXU2xCgx5B7KS2o8ORz4bBRfZmLES0jd7Xuv999zT195F0biznc9NkKpFZcaguO_2r4SKavoG7_VHXw7AmqOCOknaE3Dw

login.kekad.com Open in urlscan Pro 20.192.98.160 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

57 Requests

98 %HTTPS

25 %IPv6

9 Domains

12 Subdomains

12 IPs

3 Countries

3333 kBTransfer

10087 kBSize

3 Cookies

4 Outgoing links

Page URL History

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

login.kekad.com Open in urlscan Pro
20.192.98.160 Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

98 %
HTTPS

25 %
IPv6

9
Domains

12
Subdomains

12
IPs

3
Countries

3333 kB
Transfer

10087 kB
Size

3
Cookies

57 HTTP transactions
0 data transactions