securelogin.aelporta.site

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 4 HTTP transactions. The main IP is 168.100.11.163, located in Amsterdam, Netherlands and belongs to BLNWX, US. The main domain is securelogin.aelporta.site.
TLS certificate: Issued by R3 on May 26th 2023. Valid for: 3 months.

This is the only time securelogin.aelporta.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.72.251.57 52.72.251.57	14618 (AMAZON-AES) (AMAZON-AES)
1	192.185.215.241 192.185.215.241	19871 (NETWORK-S...) (NETWORK-SOLUTIONS-HOSTING)
3	168.100.11.163 168.100.11.163	399629 (BLNWX) (BLNWX)
4	2

1 52.72.251.57 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-251-57.compute-1.amazonaws.com

tr.cloudmagic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.185.215.241 (United States)

ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: srv20-ip24.prodns.com.br

cfjtransportes.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 168.100.11.163 (Amsterdam, Netherlands)

ASN399629 (BLNWX, US)

securelogin.aelporta.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	aelporta.site securelogin.aelporta.site	121 KB
1	cfjtransportes.com.br cfjtransportes.com.br	127 B
1	cloudmagic.com 1 redirects tr.cloudmagic.com — Cisco Umbrella Rank: 814363	632 B
4	3

	Domain	Requested by
3	securelogin.aelporta.site	securelogin.aelporta.site
1	cfjtransportes.com.br
1	tr.cloudmagic.com	1 redirects
4	3

This site contains no links.

Subject Issuer	Validity	Valid
*.cfjtransportes.com.br R3	`2023-04-02` - `2023-07-01`	3 months	crt.sh
aelporta.site R3	`2023-05-26` - `2023-08-24`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://securelogin.aelporta.site/?username=supplypetroleum@woodside.com
Frame ID: 7ED038975683264FA2692AF557AF76A8
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://securelogin.aelporta.site/?username=supplypetroleum@woodside.com Page URL
https://securelogin.aelporta.site/?username=supplypetroleum@woodside.com Page URL

Page Statistics

4
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

121 kB
Transfer

458 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://securelogin.aelporta.site/?username=supplypetroleum@woodside.com Page URL
https://securelogin.aelporta.site/?username=supplypetroleum@woodside.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://tr.cloudmagic.com/h/v6/link-track/1.0/1653586175111584-e5449996-ded2-d04e-76e6-83302b700c39/1653586158/25a6df233274f31d935e851802d6946d/fa6e8cf070e2759f5f1587cf217f3cfe/ce5f7a01e55be7e4e4aad4df40697507?redirect_uri=https%3A%2F%2Fcfjtransportes.com.br%2Fmagic%2Fcity%2Fsf_rand_string_lowercase6%2F%2F%2F%2Fc3VwcGx5cGV0cm9sZXVtQHdvb2RzaWRlLmNvbQ== HTTP 302
https://cfjtransportes.com.br/magic/city/sf_rand_string_lowercase6////c3VwcGx5cGV0cm9sZXVtQHdvb2RzaWRlLmNvbQ==

4 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

c3VwcGx5cGV0cm9sZXVtQHdvb2RzaWRlLmNvbQ== Show response
cfjtransportes.com.br/magic/city/sf_rand_string_lowercase6////
Redirect Chain

https://tr.cloudmagic.com/h/v6/link-track/1.0/1653586175111584-e5449996-ded2-d04e-76e6-83302b700c39/1653586158/25a6df233274f31d935e851802d6946d/fa6e8cf070e2759f5f1587cf217f3cfe/ce5f7a01e55be7e4e4aa...
https://cfjtransportes.com.br/magic/city/sf_rand_string_lowercase6////c3VwcGx5cGV0cm9sZXVtQHdvb2RzaWRlLmNvbQ==

0
127 B

1959ms
120ms

Document
text/html

192.185.215.241
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://cfjtransportes.com.br/magic/city/sf_rand_string_lowercase6////c3VwcGx5cGV0cm9sZXVtQHdvb2RzaWRlLmNvbQ==
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.241 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: srv20-ip24.prodns.com.br
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 26 May 2023 15:22:25 GMT
refresh: 0;url=https://securelogin.aelporta.site/?username=supplypetroleum@woodside.com
server: Apache

Redirect headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,cm-user-identifier,x-cmreqid,x-cmsid,x-cmsession
Access-Control-Allow-Methods: PUT, GET, POST, OPTIONS
Access-Control-Allow-Origin: https://calendar.newtonhq.com
Connection: keep-alive
Content-Length: 264
Content-Type: text/html; charset=utf-8
Date: Fri, 26 May 2023 15:22:23 GMT
Location: https://cfjtransportes.com.br/magic/city/sf_rand_string_lowercase6////c3VwcGx5cGV0cm9sZXVtQHdvb2RzaWRlLmNvbQ==
Vary: Accept

GET
H2 200 / Show response
securelogin.aelporta.site/ 358 KB
121 KB 798ms
738ms Document
text/html 168.100.11.163
BLNWX

General

Check archive.org

Show headers Download Go to

Full URL

https://securelogin.aelporta.site/?username=supplypetroleum@woodside.com

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

168.100.11.163 Amsterdam, Netherlands, ASN399629 (BLNWX, US),

Reverse DNS

Software

nginx /

Resource Hash

ae977f8861817b54d9cd3837ab09ccc67cb0cec4344de60f26baf720b626b7ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://cfjtransportes.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 26 May 2023 15:22:25 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

POST
H2 200 / Show response
securelogin.aelporta.site/ 200 B
343 B 720ms
720ms Fetch
application/json 168.100.11.163
BLNWX

General

Check archive.org

Show headers Download Go to

Full URL

https://securelogin.aelporta.site/?username=supplypetroleum@woodside.com

Requested by

Host: securelogin.aelporta.site
URL: https://securelogin.aelporta.site/?username=supplypetroleum@woodside.com

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

168.100.11.163 Amsterdam, Netherlands, ASN399629 (BLNWX, US),

Reverse DNS

Software

nginx /

Resource Hash

804cb5f0fb577ae9c4d3009942b4405779fa5500199dee1568da1b73526b4eb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 26 May 2023 15:22:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: application/json

GET
H2 200 Primary Request /
securelogin.aelporta.site/ 100 KB
0 3208ms
3207ms Document
text/html 168.100.11.163
BLNWX

General

Check archive.org

Show headers Download Go to

Full URL

https://securelogin.aelporta.site/?username=supplypetroleum@woodside.com

Requested by

Host: securelogin.aelporta.site
URL: https://securelogin.aelporta.site/?username=supplypetroleum@woodside.com

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

168.100.11.163 Amsterdam, Netherlands, ASN399629 (BLNWX, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://securelogin.aelporta.site/?username=supplypetroleum@woodside.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: *
access-control-allow-origin: *
cache-control: no-store, no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 26 May 2023 15:22:30 GMT
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
p3p: CP="DSP CUR OTPi IND OTRi ONL FIN"
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://f6808a20-cbfff0e0.aelporta.site/api/report?catId=GW+estsfd+dub2"}]}
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding Accept-Encoding
x-ms-ests-server: 2.1.15427.11 - WEULR2 ProdSlices
x-ms-request-id: 82ff1b1d-1aad-4244-ac7e-7ac0c1045b00

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.aelporta.site/	1970-01-20 12:26:50	Name: z1KlNh Value: Y2JmZmYwZTAtMWUyOS00NmZjLTliYzEtMTgzNGFkNjNiZTEyOmM1OGViNWZmLWUwODAtNDZlMy05YWFkLTllNWVhZjkxNGJmMA==

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cfjtransportes.com.br
securelogin.aelporta.site
tr.cloudmagic.com
168.100.11.163
192.185.215.241
52.72.251.57
804cb5f0fb577ae9c4d3009942b4405779fa5500199dee1568da1b73526b4eb2
ae977f8861817b54d9cd3837ab09ccc67cb0cec4344de60f26baf720b626b7ee
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

securelogin.aelporta.site Open in urlscan Pro 168.100.11.163 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

4 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

2 IPs

2 Countries

121 kBTransfer

458 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

4 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

1 Cookies

Indicators

securelogin.aelporta.site Open in urlscan Pro
168.100.11.163 Public Scan

Screenshot
Live screenshot

Full Image

4
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

121 kB
Transfer

458 kB
Size

1
Cookies

4 HTTP transactions
0 data transactions