urlscan.io logo urlscan.io
SecurityTrails logo

tfs.inconto.com Open in urlscan Pro
82.94.168.139  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://tfs.inconto.com/
Effective URL: https://tfs.inconto.com/signin?to=%252fdashboard
Submission: On September 28 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 3 HTTP transactions. The main IP is 82.94.168.139, located in Lekkerkerk, Netherlands and belongs to XS4ALL-NL Amsterdam, NL. The main domain is tfs.inconto.com.
TLS certificate: Issued by R3 on September 28th 2021. Valid for: 3 months.
This is the only time tfs.inconto.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 5 82.94.168.139 3265 (XS4ALL-NL...)
3 1
Apex Domain
Subdomains		 Transfer
5 inconto.com
tfs.inconto.com
284 KB
3 1
Domain Requested by
5 tfs.inconto.com 2 redirects tfs.inconto.com
3 1

This site contains links to these domains. Also see Links.

Domain
hglabhq.com
support.hglabhq.com
Subject Issuer Validity Valid
tfs.inconto.com
R3		 2021-09-28 -
2021-12-27		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://tfs.inconto.com/signin?to=%252fdashboard
Frame ID: B7C806E26AA05FB276F796BB845B34CB
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Emeritor

Page URL History Show full URLs

  1. https://tfs.inconto.com/ HTTP 301
    https://tfs.inconto.com/dashboard HTTP 302
    https://tfs.inconto.com/signin?to=%252fdashboard Page URL

Page Statistics

3
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

284 kB
Transfer

814 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://tfs.inconto.com/ HTTP 301
    https://tfs.inconto.com/dashboard HTTP 302
    https://tfs.inconto.com/signin?to=%252fdashboard Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request signin
tfs.inconto.com/
Redirect Chain
  • https://tfs.inconto.com/
  • https://tfs.inconto.com/dashboard
  • https://tfs.inconto.com/signin?to=%252fdashboard
5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tfs.inconto.com/signin?to=%252fdashboard
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
82.94.168.139 Lekkerkerk, Netherlands, ASN3265 (XS4ALL-NL Amsterdam, NL),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
b9843440370e85c94a19fc49a54e2a8d27f7699b2a9f1582f1f98648cda62a51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Host
tfs.inconto.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/8.5
X-Frame-Options
DENY
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
Date
Tue, 28 Sep 2021 08:18:03 GMT
Content-Length
2093

Redirect headers

Cache-Control
private
Location
/signin?to=%252fdashboard
Server
Microsoft-IIS/8.5
X-Frame-Options
DENY
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
Date
Tue, 28 Sep 2021 08:18:03 GMT
Content-Length
0
0fc2ce6815af7e09c7876ece3deae17343475305
tfs.inconto.com/public/bundles/css/layout/ 		153 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tfs.inconto.com/public/bundles/css/layout/0fc2ce6815af7e09c7876ece3deae17343475305?v=aHJQSY2vx2WqaM7QhkMQQTWBMjDZBDavsJv19k0K25U1
Requested by
Host: tfs.inconto.com
URL: https://tfs.inconto.com/signin?to=%252fdashboard
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
82.94.168.139 Lekkerkerk, Netherlands, ASN3265 (XS4ALL-NL Amsterdam, NL),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
0d4ee4e93682395c7479b8f7de133927e411d73e320ad20ece4b5747387e8d10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
tfs.inconto.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://tfs.inconto.com/signin?to=%252fdashboard
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://tfs.inconto.com/signin?to=%252fdashboard
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 28 Sep 2021 08:18:03 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 28 Sep 2021 08:18:03 GMT
Server
Microsoft-IIS/8.5
X-Frame-Options
DENY
Vary
User-Agent
Content-Type
text/css; charset=utf-8
Cache-Control
public
Content-Length
37953
X-XSS-Protection
1; mode=block
Expires
Wed, 28 Sep 2022 08:18:03 GMT
8398dd5f0c06d96300d280035d20616fb6421c14
tfs.inconto.com/public/bundles/js/layout/ 		656 KB
244 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tfs.inconto.com/public/bundles/js/layout/8398dd5f0c06d96300d280035d20616fb6421c14?v=stgdv-pbaRgiU7qAKPhd-smdPmJqHckLm6A27OpDCgc1
Requested by
Host: tfs.inconto.com
URL: https://tfs.inconto.com/signin?to=%252fdashboard
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
82.94.168.139 Lekkerkerk, Netherlands, ASN3265 (XS4ALL-NL Amsterdam, NL),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
a68bb68c44e556307f548c17b6a941c1fd658dc4a83b796dd33d9a03c7b6ae04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
tfs.inconto.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://tfs.inconto.com/signin?to=%252fdashboard
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://tfs.inconto.com/signin?to=%252fdashboard
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 28 Sep 2021 08:18:03 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 28 Sep 2021 08:18:03 GMT
Server
Microsoft-IIS/8.5
X-Frame-Options
DENY
Vary
User-Agent
Content-Type
text/javascript; charset=utf-8
Cache-Control
public
Content-Length
249616
X-XSS-Protection
1; mode=block
Expires
Wed, 28 Sep 2022 08:18:03 GMT

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster function| execute object| q undefined| callback undefined| initcallback object| bootbox function| $ function| jQuery function| DP_jQuery_1632817093491 object| jQuery17108225908900830208 boolean| PR_SHOULD_USE_CONTINUATION function| prettyPrintOne function| prettyPrint object| PR object| d3 object| nv

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

tfs.inconto.com
82.94.168.139
0d4ee4e93682395c7479b8f7de133927e411d73e320ad20ece4b5747387e8d10
a68bb68c44e556307f548c17b6a941c1fd658dc4a83b796dd33d9a03c7b6ae04
b9843440370e85c94a19fc49a54e2a8d27f7699b2a9f1582f1f98648cda62a51