urlscan.io logo urlscan.io
SecurityTrails logo

login-microsoftonline.gsokoauyilpoi.com Open in urlscan Pro
198.12.88.149  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://updates.swiggy.in/re?l=D0I22f6sq5I81pepn8I2ITl3jvfltp&s=NCJJFJJEMMBDEGIA&req=af_dp%3Dswiggy%253A%252F%252Fmenu%253...
Effective URL: https://login-microsoftonline.gsokoauyilpoi.com/?username=antony.prakash@npci.org.in
Submission Tags: falconsandbox
Submission: On July 22 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 4 domains to perform 3 HTTP transactions. The main IP is 198.12.88.149, located in Alexandria, United States and belongs to AS-COLOCROSSING, US. The main domain is login-microsoftonline.gsokoauyilpoi.com.
TLS certificate: Issued by R3 on July 22nd 2022. Valid for: 3 months.
This is the only time login-microsoftonline.gsokoauyilpoi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 195.140.186.100 15960 (GLOBALACCESS)
1 1 18.66.97.88 16509 (AMAZON-02)
1 162.214.69.46 46606 (UNIFIEDLA...)
2 198.12.88.149 36352 (AS-COLOCR...)
3 2
Domain Requested by
2 login-microsoftonline.gsokoauyilpoi.com rnk7ru.instaladordeportaembauru.com.br
login-microsoftonline.gsokoauyilpoi.com
1 rnk7ru.instaladordeportaembauru.com.br
1 swiggy.onelink.me 1 redirects
1 updates.swiggy.in 1 redirects
3 4

This site contains no links.

Subject Issuer Validity Valid
*.instaladordeportaembauru.com.br
R3		 2022-07-22 -
2022-10-20		 3 months crt.sh
gsokoauyilpoi.com
R3		 2022-07-22 -
2022-10-20		 3 months crt.sh

This page contains 1 frames:

Frame: https://login-microsoftonline.gsokoauyilpoi.com/?username=antony.prakash@npci.org.in
Frame ID: 2FFFF1DC01BF4DFFAF7E1D62C376B6B7
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://updates.swiggy.in/re?l=D0I22f6sq5I81pepn8I2ITl3jvfltp&s=NCJJFJJEMMBDEGIA&req=af_dp%3Dswiggy%25... HTTP 302
    https://swiggy.onelink.me/eraU?pid=email&c=ryl_email&af_force_deeplink=true&is_retargeting=true&af_dp=... HTTP 302
    https://rnk7ru.instaladordeportaembauru.com.br/?=antony.prakash@npci.org.in&is_retargeting=true&utm_campaign=toprestaurants... Page URL
  2. https://login-microsoftonline.gsokoauyilpoi.com/?username=antony.prakash@npci.org.in Page URL

Page Statistics

3
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

2
IPs

2
Countries

33 kB
Transfer

80 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://updates.swiggy.in/re?l=D0I22f6sq5I81pepn8I2ITl3jvfltp&s=NCJJFJJEMMBDEGIA&req=af_dp%3Dswiggy%253A%252F%252Fmenu%253Frestaurant_id%253D526261%26af_web_dp%3Dhttps%253A%252F%252FRNK7rU.instaladordeportaembauru.com.br%2F%3F%3Dantony.prakash%40npci.org.in HTTP 302
    https://swiggy.onelink.me/eraU?pid=email&c=ryl_email&af_force_deeplink=true&is_retargeting=true&af_dp=swiggy%3A%2F%2Fmenu%3Frestaurant_id%3D526261&af_web_dp=https%3A%2F%2FRNK7rU.instaladordeportaembauru.com.br/?=antony.prakash@npci.org.in&utm_medium=email&utm_campaign=toprestaurants24may HTTP 302
    https://rnk7ru.instaladordeportaembauru.com.br/?=antony.prakash@npci.org.in&is_retargeting=true&utm_campaign=toprestaurants24may&utm_medium=email&c=ryl_email&pid=email&af_force_deeplink=true Page URL
  2. https://login-microsoftonline.gsokoauyilpoi.com/?username=antony.prakash@npci.org.in Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://updates.swiggy.in/re?l=D0I22f6sq5I81pepn8I2ITl3jvfltp&s=NCJJFJJEMMBDEGIA&req=af_dp%3Dswiggy%253A%252F%252Fmenu%253Frestaurant_id%253D526261%26af_web_dp%3Dhttps%253A%252F%252FRNK7rU.instaladordeportaembauru.com.br%2F%3F%3Dantony.prakash%40npci.org.in HTTP 302
  • https://swiggy.onelink.me/eraU?pid=email&c=ryl_email&af_force_deeplink=true&is_retargeting=true&af_dp=swiggy%3A%2F%2Fmenu%3Frestaurant_id%3D526261&af_web_dp=https%3A%2F%2FRNK7rU.instaladordeportaembauru.com.br/?=antony.prakash@npci.org.in&utm_medium=email&utm_campaign=toprestaurants24may HTTP 302
  • https://rnk7ru.instaladordeportaembauru.com.br/?=antony.prakash@npci.org.in&is_retargeting=true&utm_campaign=toprestaurants24may&utm_medium=email&c=ryl_email&pid=email&af_force_deeplink=true

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
rnk7ru.instaladordeportaembauru.com.br/
Redirect Chain
  • https://updates.swiggy.in/re?l=D0I22f6sq5I81pepn8I2ITl3jvfltp&s=NCJJFJJEMMBDEGIA&req=af_dp%3Dswiggy%253A%252F%252Fmenu%253Frestaurant_id%253D526261%26af_web_dp%3Dhttps%253A%252F%252FRNK7rU.instalad...
  • https://swiggy.onelink.me/eraU?pid=email&c=ryl_email&af_force_deeplink=true&is_retargeting=true&af_dp=swiggy%3A%2F%2Fmenu%3Frestaurant_id%3D526261&af_web_dp=https%3A%2F%2FRNK7rU.instaladordeportaem...
  • https://rnk7ru.instaladordeportaembauru.com.br/?=antony.prakash@npci.org.in&is_retargeting=true&utm_campaign=toprestaurants24may&utm_medium=email&c=ryl_email&pid=email&af_force_deeplink=true
7 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rnk7ru.instaladordeportaembauru.com.br/?=antony.prakash@npci.org.in&is_retargeting=true&utm_campaign=toprestaurants24may&utm_medium=email&c=ryl_email&pid=email&af_force_deeplink=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.214.69.46 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
dedi-4652165.projetosmpi.com.br
Software
Apache /
Resource Hash
92425d2c9427b8b7785cf51608e05d4b74ee815da7a08c84121c0c5a64ac15a2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Content-Length
7373
Content-Type
text/html; charset=UTF-8
Date
Fri, 22 Jul 2022 21:16:27 GMT
Keep-Alive
timeout=5, max=100
Server
Apache

Redirect headers

content-length
0
content-type
application/octet-stream
date
Fri, 22 Jul 2022 21:16:28 GMT
location
https://RNK7rU.instaladordeportaembauru.com.br/?=antony.prakash@npci.org.in&is_retargeting=true&utm_campaign=toprestaurants24may&utm_medium=email&c=ryl_email&pid=email&af_force_deeplink=true
server
http-kit
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront)
x-amz-cf-id
hJhER3zNHcrRW9bLbshPWMlYaE_sZ_pH1k5vaeNT0YnHSnLuE2A0SQ==
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
Primary Request /
login-microsoftonline.gsokoauyilpoi.com/ 		72 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login-microsoftonline.gsokoauyilpoi.com/?username=antony.prakash@npci.org.in
Requested by
Host: rnk7ru.instaladordeportaembauru.com.br
URL: https://rnk7ru.instaladordeportaembauru.com.br/?=antony.prakash@npci.org.in&is_retargeting=true&utm_campaign=toprestaurants24may&utm_medium=email&c=ryl_email&pid=email&af_force_deeplink=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.12.88.149 Alexandria, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
198-12-88-149-host.colocrossing.com
Software
nginx/1.21.6 /
Resource Hash
24d4b5f737fb3bef31dbf0965b077e3fa2772fa43b8d6e17b9bad5c1fd3c3525

Request headers

Referer
https://rnk7ru.instaladordeportaembauru.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
*
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 22 Jul 2022 21:16:29 GMT
server
nginx/1.21.6
vary
Accept-Encoding
/
login-microsoftonline.gsokoauyilpoi.com/ 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://login-microsoftonline.gsokoauyilpoi.com/?username=antony.prakash@npci.org.in
Requested by
Host: login-microsoftonline.gsokoauyilpoi.com
URL: https://login-microsoftonline.gsokoauyilpoi.com/?username=antony.prakash@npci.org.in
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.12.88.149 Alexandria, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
198-12-88-149-host.colocrossing.com
Software
nginx/1.21.6 /
Resource Hash

Request headers

Referer
https://login-microsoftonline.gsokoauyilpoi.com/?username=antony.prakash@npci.org.in
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
*
access-control-allow-origin
*
cache-control
no-store, no-cache
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 22 Jul 2022 21:16:33 GMT
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
p3p
CP="DSP CUR OTPi IND OTRi ONL FIN"
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity-nel-measure-office-7e82b42a.gsokoauyilpoi.com/api/report?catId=GW+estsfd+dub2"}]}
server
nginx/1.21.6
vary
Accept-Encoding Accept-Encoding
x-ms-ests-server
2.1.13315.8 - NEULR1 ProdSlices
x-ms-request-id
fe98da9a-d671-4c2a-b008-2b7f167c0400

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation

1 Cookies

Domain/Path Name / Value
.gsokoauyilpoi.com/ Name: __Bp7h
Value: N2U4MmI0MmEtODRjNC00NGU4LTkxZWYtMjhiMzQ4MDFmM2M5OmYzMDJiMDJkLTU4ZTUtNDI3NS1iZGRjLWM2ZDE4ZGUxZTllNQ==