sign0n-micros.oftonlineapi.com Open in urlscan Pro
2606:4700:20::681a:459 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://telecom.economictimes.indiatimes.com/etl.php?url=https://ny.solacescapehaven.com
Effective URL:
https://sign0n-micros.oftonlineapi.com/LZbuxdai
Submission: On November 28 via manual (November 28th 2023, 12:39:47 am UTC) from US — Scanned from DE

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 15 HTTP transactions. The main IP is 2606:4700:20::681a:459, located in United States and belongs to CLOUDFLARENET, US. The main domain is sign0n-micros.oftonlineapi.com.
TLS certificate: Issued by GTS CA 1P5 on November 27th 2023. Valid for: 3 months.

This is the only time sign0n-micros.oftonlineapi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	2a02:26f0:310... 2a02:26f0:3100:58f::3126	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	20.13.162.148 20.13.162.148	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
8	2606:4700:20:... 2606:4700:20::681a:459	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6811:2b8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	4

2 2a02:26f0:3100:58f::3126 (Frankfurt am Main, Germany) 2 redirects

ASN20940 (AKAMAI-ASN1, NL)

telecom.economictimes.indiatimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.13.162.148 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

ny.solacescapehaven.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:20::681a:459 (United States)

ASN13335 (CLOUDFLARENET, US)

sign0n-micros.oftonlineapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:2b8 (United States)

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	oftonlineapi.com sign0n-micros.oftonlineapi.com	151 KB
4	cloudflare.com challenges.cloudflare.com — Cisco Umbrella Rank: 6439	23 KB
2	indiatimes.com 2 redirects telecom.economictimes.indiatimes.com	1 KB
1	solacescapehaven.com ny.solacescapehaven.com	909 B
15	4

	Domain	Requested by
8	sign0n-micros.oftonlineapi.com	ny.solacescapehaven.com sign0n-micros.oftonlineapi.com
4	challenges.cloudflare.com	sign0n-micros.oftonlineapi.com challenges.cloudflare.com
2	telecom.economictimes.indiatimes.com	2 redirects
1	ny.solacescapehaven.com
15	4

This site contains no links.

Subject Issuer	Validity	Valid
ny.solacescapehaven.com R3	`2023-11-27` - `2024-02-25`	3 months	crt.sh
oftonlineapi.com GTS CA 1P5	`2023-11-27` - `2024-02-25`	3 months	crt.sh
challenges.cloudflare.com Cloudflare Inc ECC CA-3	`2023-08-18` - `2024-08-17`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://sign0n-micros.oftonlineapi.com/LZbuxdai
Frame ID: 930BEF746D4FD13F0A1BFD47A1B85097
Requests: 13 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/5xh8v/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Frame ID: E964D1DB55CA29635B3E20252AB99A9A
Requests: 1 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/mbxy1/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Frame ID: 57A88D1AF83D04FDE5A41E0EB3112E95
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

reCAPTCHA

Page URL History Show full URLs

https://telecom.economictimes.indiatimes.com/etl.php?url=https://ny.solacescapehaven.com HTTP 302
https://telecom.economictimes.indiatimes.com/etlr.php?url=https://ny.solacescapehaven.com HTTP 302
https://ny.solacescapehaven.com/?utm_source=promotions&utm_medium=email&utm_campaign= Page URL
https://sign0n-micros.oftonlineapi.com/LZbuxdai Page URL
https://sign0n-micros.oftonlineapi.com/LZbuxdai Page URL

Page Statistics

15
Requests

87 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

174 kB
Transfer

456 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://telecom.economictimes.indiatimes.com/etl.php?url=https://ny.solacescapehaven.com HTTP 302
https://telecom.economictimes.indiatimes.com/etlr.php?url=https://ny.solacescapehaven.com HTTP 302
https://ny.solacescapehaven.com/?utm_source=promotions&utm_medium=email&utm_campaign= Page URL
https://sign0n-micros.oftonlineapi.com/LZbuxdai Page URL
https://sign0n-micros.oftonlineapi.com/LZbuxdai Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://telecom.economictimes.indiatimes.com/etl.php?url=https://ny.solacescapehaven.com HTTP 302
https://telecom.economictimes.indiatimes.com/etlr.php?url=https://ny.solacescapehaven.com HTTP 302
https://ny.solacescapehaven.com/?utm_source=promotions&utm_medium=email&utm_campaign=

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
ny.solacescapehaven.com/
Redirect Chain

https://telecom.economictimes.indiatimes.com/etl.php?url=https://ny.solacescapehaven.com
https://telecom.economictimes.indiatimes.com/etlr.php?url=https://ny.solacescapehaven.com
https://ny.solacescapehaven.com/?utm_source=promotions&utm_medium=email&utm_campaign=

1 KB
909 B

750ms
639ms

Document
text/html

20.13.162.148
MICROSOFT-CORP-MS...

General

Domain/Path	Expires	Name / Value
telecom.economictimes.indiatimes.com/	1970-01-20 16:42:16	Name: PHPSESSID Value: 0829c9bd9d54a95b243c56118876acf8
telecom.economictimes.indiatimes.com/	1970-01-21 01:17:51	Name: pmUsr Value: 1701131981
telecom.economictimes.indiatimes.com/	1970-01-20 16:42:16	Name: telecom_subscription_source Value: email
sign0n-micros.oftonlineapi.com/	1970-01-20 16:32:15	Name: cf_chl_rc_i Value: 1

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'browsing-topics'.
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://sign0n-micros.oftonlineapi.com/LZbuxdai# Message: Failed to load resource: the server responded with a status of 403 ()
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'browsing-topics'.
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://sign0n-micros.oftonlineapi.com/LZbuxdai# Message: Failed to load resource: the server responded with a status of 403 ()

sign0n-micros.oftonlineapi.com Open in urlscan Pro 2606:4700:20::681a:459 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

15 Requests

87 %HTTPS

75 %IPv6

4 Domains

4 Subdomains

4 IPs

3 Countries

174 kBTransfer

456 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

4 Cookies

6 Console Messages

Security Headers

Indicators

sign0n-micros.oftonlineapi.com Open in urlscan Pro
2606:4700:20::681a:459 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

87 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

174 kB
Transfer

456 kB
Size

4
Cookies

15 HTTP transactions
0 data transactions