itesc.com.br Open in urlscan Pro
201.76.0.44 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://itesc.com.br/corretora/css/domain/index.php?userid=redacted_email
Effective URL:
http://itesc.com.br/corretora/css/domain/yt/login.php?l=_JeHFUq_VJOXK0QWHtoGYDw_Product-UserID&userid=redacted_email
Submission: On April 26 via manual (April 26th 2018, 12:57:27 pm UTC) from IE

Summary HTTP 16 Redirects Links 1 Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 16 HTTP transactions. The main IP is 201.76.0.44, located in Ararangua, Brazil and belongs to Contato Internet EIRELI, BR. The main domain is itesc.com.br.

This is the only time itesc.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 2	201.76.0.44 201.76.0.44		28642 (Contato I...) (Contato Internet EIRELI)
7	93.157.63.185 93.157.63.185		43350 (NFORCE) (NFORCE)
16	3

2 201.76.0.44 (Ararangua, Brazil) 1 redirects

ASN28642 (Contato Internet EIRELI, BR)
PTR: server.sispace.com.br

itesc.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 93.157.63.185 (Moscow, Russian Federation)

ASN43350 (NFORCE, NL)
PTR: server.dnsfreedom.net

server.dnsfreedom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	dnsfreedom.net server.dnsfreedom.net	28 KB
2	itesc.com.br 1 redirects itesc.com.br	6 KB
16	2

	Domain	Requested by
7	server.dnsfreedom.net	itesc.com.br
2	itesc.com.br	1 redirects
16	2

This site contains links to these domains. Also see Links.

Domain
server.dnsfreedom.net

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://itesc.com.br/corretora/css/domain/yt/login.php?l=_JeHFUq_VJOXK0QWHtoGYDw_Product-UserID&userid=redacted_email
Frame ID: 775F6FD9CE32089D9B1A5645505A6DB0
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://itesc.com.br/corretora/css/domain/index.php?userid=redacted_email HTTP 302
http://itesc.com.br/corretora/css/domain/yt/login.php?l=_JeHFUq_VJOXK0QWHtoGYDw_Product-UserID&u... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

UNIX (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Unix/i

OpenSSL (Web Server Extensions) Expand

Overall confidence: 100%
Detected patterns

headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i

mod_ssl (Web Server Extensions) Expand

Overall confidence: 100%
Detected patterns

headers server /mod_ssl(?:\/([\d.]+))?/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
headers server /mod_ssl(?:\/([\d.]+))?/i

Page Statistics

16
Requests

0 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

33 kB
Transfer

121 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://server.dnsfreedom.net:2096/openid_connect/cpanelid?goto_app=&goto_uri=%2f&parameterized_form=&theme=&user=
Title: Log in via cPanelID

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://itesc.com.br/corretora/css/domain/index.php?userid=redacted_email HTTP 302
http://itesc.com.br/corretora/css/domain/yt/login.php?l=_JeHFUq_VJOXK0QWHtoGYDw_Product-UserID&userid=redacted_email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request login.php Show response itesc.com.br/corretora/css/domain/yt/ Redirect Chain http://itesc.com.br/corretora/css/domain/index.php?userid=redacted_email http://itesc.com.br/corretora/css/domain/yt/login.php?l=_JeHFUq_VJOXK0QWHtoGYDw_Product-UserID&userid=redacted_email	20 KB 6 KB	279ms 278ms	Document text/html	201.76.0.44 Contato Internet ...
General Check archive.org Show headers Download Go to Full URL http://itesc.com.br/corretora/css/domain/yt/login.php?l=_JeHFUq_VJOXK0QWHtoGYDw_Product-UserID&userid=redacted_email Protocol HTTP/1.1 Server 201.76.0.44 Ararangua, Brazil, ASN28642 (Contato Internet EIRELI, BR), Reverse DNS server.sispace.com.br Software Apache/2.2.34 (Unix) mod_ssl/2.2.34 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 / PHP/5.5.38 Resource Hash `dffda4745b9dbaa614209027f3c99b761545d1094b8d3017ea1717c702f0e5ad` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host itesc.com.br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Cache-Control no-cache Connection keep-alive User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36 Response headers Date Thu, 26 Apr 2018 12:57:14 GMT Content-Encoding gzip Server Apache/2.2.34 (Unix) mod_ssl/2.2.34 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 X-Powered-By PHP/5.5.38 Vary Accept-Encoding Content-Type text/html Connection Keep-Alive Keep-Alive timeout=5, max=99 Content-Length 5454 Redirect headers Date Thu, 26 Apr 2018 12:57:14 GMT Content-Encoding gzip Server Apache/2.2.34 (Unix) mod_ssl/2.2.34 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 X-Powered-By PHP/5.5.38 Vary Accept-Encoding Content-Type text/html Location yt/login.php?l=_JeHFUq_VJOXK0QWHtoGYDw_Product-UserID&userid=redacted_email Connection Keep-Alive Keep-Alive timeout=5, max=100 Content-Length 20
GET H/1.1	200 OK	open_sans.min.css server.dnsfreedom.net/cPanel_magic_revision_1386192030/unprotected/cpanel/fonts/open_sans/	6 KB 787 B	275ms 16ms	Stylesheet text/css	93.157.63.185 NFORCE
General Check archive.org Show headers Download Go to Full URL https://server.dnsfreedom.net:2096/cPanel_magic_revision_1386192030/unprotected/cpanel/fonts/open_sans/open_sans.min.css Requested by Host: itesc.com.br URL: http://itesc.com.br/corretora/css/domain/yt/login.php?l=_JeHFUq_VJOXK0QWHtoGYDw_Product-UserID&userid=redacted_email Protocol HTTP/1.1 Server 93.157.63.185 Moscow, Russian Federation, ASN43350 (NFORCE, NL), Reverse DNS server.dnsfreedom.net Software / Resource Hash `919e3b6b5b80ecdfb3c87b5e3aa55f174c21a79ed75c63de2dab20394ff7a676` Request headers Referer http://itesc.com.br/corretora/css/domain/yt/login.php?l=_JeHFUq_VJOXK0QWHtoGYDw_Product-UserID&userid=redacted_email User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36 Response headers Date Thu, 26 Apr 2018 12:57:17 GMT Cache-Control max-age=5184000, public Content-Type text/css Last-Modified Wed, 04 Dec 2013 21:20:30 GMT Content-Encoding gzip Content-Length 536 Expires Mon, 25 Jun 2018 12:57:17 GMT
GET H/1.1	200 OK	style_v2_optimized.css server.dnsfreedom.net/cPanel_magic_revision_1462238720/unprotected/cpanel/	84 KB 21 KB	289ms 30ms	Stylesheet text/css	93.157.63.185 NFORCE
General Check archive.org Show headers Download Go to Full URL https://server.dnsfreedom.net:2096/cPanel_magic_revision_1462238720/unprotected/cpanel/style_v2_optimized.css Requested by Host: itesc.com.br URL: http://itesc.com.br/corretora/css/domain/yt/login.php?l=_JeHFUq_VJOXK0QWHtoGYDw_Product-UserID&userid=redacted_email Protocol HTTP/1.1 Server 93.157.63.185 Moscow, Russian Federation, ASN43350 (NFORCE, NL), Reverse DNS server.dnsfreedom.net Software / Resource Hash `a44e2788785c1a3862187f591aff7b6b644d5e6d29a9fde3f9acf3a6d5914b2e` Request headers Referer http://itesc.com.br/corretora/css/domain/yt/login.php?l=_JeHFUq_VJOXK0QWHtoGYDw_Product-UserID&userid=redacted_email User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36 Response headers Date Thu, 26 Apr 2018 12:57:17 GMT Cache-Control max-age=5184000, public Content-Type text/css Last-Modified Thu, 08 Feb 2018 15:19:17 GMT Content-Encoding gzip Content-Length 21750 Expires Mon, 25 Jun 2018 12:57:17 GMT
GET H/1.1	200 OK	webmail-logo.svg server.dnsfreedom.net/cPanel_magic_revision_1454017880/unprotected/cpanel/images/	5 KB 3 KB	14ms 13ms	Image image/svg+xml	93.157.63.185 NFORCE
General Check archive.org Show headers Download Go to Show image Full URL https://server.dnsfreedom.net:2096/cPanel_magic_revision_1454017880/unprotected/cpanel/images/webmail-logo.svg Requested by Host: itesc.com.br URL: http://itesc.com.br/corretora/css/domain/yt/login.php?l=_JeHFUq_VJOXK0QWHtoGYDw_Product-UserID&userid=redacted_email Protocol HTTP/1.1 Server 93.157.63.185 Moscow, Russian Federation, ASN43350 (NFORCE, NL), Reverse DNS server.dnsfreedom.net Software / Resource Hash `998cd48cdc0414f694d0a3a299dd2beb1134769d5666c7e5567e7d20b4174ef8` Request headers Referer http://itesc.com.br/corretora/css/domain/yt/login.php?l=_JeHFUq_VJOXK0QWHtoGYDw_Product-UserID&userid=redacted_email User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36 Response headers Date Thu, 26 Apr 2018 12:57:17 GMT Cache-Control max-age=5184000, public Content-Type image/svg+xml Last-Modified Thu, 08 Feb 2018 15:19:18 GMT Content-Encoding gzip Content-Length 2399 Expires Mon, 25 Jun 2018 12:57:17 GMT
GET DATA	200 OK	truncated /	2 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `70667a94ef79118b93b13b1cb41fcb11b09e8fd3ce0c9c82680ed5f991ba9a32` Request headers Response headers Access-Control-Allow-Origin * Content-Type image/svg+xml
GET DATA	200 OK	truncated /	2 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `fe4c02d75150ac018368a8d8e84afcee20e35a465063f97199d59cb5d6587695` Request headers Response headers Access-Control-Allow-Origin * Content-Type image/svg+xml
GET H/1.1	200 OK	or-separator-line.png server.dnsfreedom.net/cPanel_magic_revision_1518103157/unprotected/cpanel/images/	205 B 433 B	14ms 13ms	Image image/png	93.157.63.185 NFORCE
General Check archive.org Show headers Download Go to Show image Full URL https://server.dnsfreedom.net:2096/cPanel_magic_revision_1518103157/unprotected/cpanel/images/or-separator-line.png Requested by Host: itesc.com.br URL: http://itesc.com.br/corretora/css/domain/yt/login.php?l=_JeHFUq_VJOXK0QWHtoGYDw_Product-UserID&userid=redacted_email Protocol HTTP/1.1 Server 93.157.63.185 Moscow, Russian Federation, ASN43350 (NFORCE, NL), Reverse DNS server.dnsfreedom.net Software / Resource Hash `12b2ce87d28ac817f630e9e51b80cf90716eb848c5ff94a3b3f8a22cb4c8b6a6` Request headers Referer https://server.dnsfreedom.net:2096/cPanel_magic_revision_1462238720/unprotected/cpanel/style_v2_optimized.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36 Response headers Date Thu, 26 Apr 2018 12:57:17 GMT Cache-Control max-age=5184000, public Last-Modified Thu, 08 Feb 2018 15:19:17 GMT Content-Type image/png Content-Length 205 Expires Mon, 25 Jun 2018 12:57:17 GMT
GET H/1.1	200 OK	icon-password.png server.dnsfreedom.net/cPanel_magic_revision_1518103157/unprotected/cpanel/images/	450 B 678 B	14ms 13ms	Image image/png	93.157.63.185 NFORCE
General Check archive.org Show headers Download Go to Show image Full URL https://server.dnsfreedom.net:2096/cPanel_magic_revision_1518103157/unprotected/cpanel/images/icon-password.png Requested by Host: itesc.com.br URL: http://itesc.com.br/corretora/css/domain/yt/login.php?l=_JeHFUq_VJOXK0QWHtoGYDw_Product-UserID&userid=redacted_email Protocol HTTP/1.1 Server 93.157.63.185 Moscow, Russian Federation, ASN43350 (NFORCE, NL), Reverse DNS server.dnsfreedom.net Software / Resource Hash `a02998df88a6efb0baa526796b2b682ce9fdd6471ceb19170b326320f22f7053` Request headers Referer https://server.dnsfreedom.net:2096/cPanel_magic_revision_1462238720/unprotected/cpanel/style_v2_optimized.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36 Response headers Date Thu, 26 Apr 2018 12:57:17 GMT Cache-Control max-age=5184000, public Last-Modified Thu, 08 Feb 2018 15:19:17 GMT Content-Type image/png Content-Length 450 Expires Mon, 25 Jun 2018 12:57:17 GMT
GET H/1.1	200 OK	icon-username.png server.dnsfreedom.net/cPanel_magic_revision_1518103157/unprotected/cpanel/images/	320 B 548 B	25ms 12ms	Image image/png	93.157.63.185 NFORCE
General Check archive.org Show headers Download Go to Show image Full URL https://server.dnsfreedom.net:2096/cPanel_magic_revision_1518103157/unprotected/cpanel/images/icon-username.png Requested by Host: itesc.com.br URL: http://itesc.com.br/corretora/css/domain/yt/login.php?l=_JeHFUq_VJOXK0QWHtoGYDw_Product-UserID&userid=redacted_email Protocol HTTP/1.1 Server 93.157.63.185 Moscow, Russian Federation, ASN43350 (NFORCE, NL), Reverse DNS server.dnsfreedom.net Software / Resource Hash `05ce0f813e6236158fa1d115faba62cd2041aab1878cac0960a0f45575cece1e` Request headers Referer https://server.dnsfreedom.net:2096/cPanel_magic_revision_1462238720/unprotected/cpanel/style_v2_optimized.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36 Response headers Date Thu, 26 Apr 2018 12:57:17 GMT Cache-Control max-age=5184000, public Last-Modified Thu, 08 Feb 2018 15:19:17 GMT Content-Type image/png Content-Length 320 Expires Mon, 25 Jun 2018 12:57:17 GMT
GET H/1.1	200 OK	notice-error.png server.dnsfreedom.net/cPanel_magic_revision_1518103157/unprotected/cpanel/images/	1 KB 1 KB	27ms 14ms	Image image/png	93.157.63.185 NFORCE
General Check archive.org Show headers Download Go to Show image Full URL https://server.dnsfreedom.net:2096/cPanel_magic_revision_1518103157/unprotected/cpanel/images/notice-error.png Requested by Host: itesc.com.br URL: http://itesc.com.br/corretora/css/domain/yt/login.php?l=_JeHFUq_VJOXK0QWHtoGYDw_Product-UserID&userid=redacted_email Protocol HTTP/1.1 Server 93.157.63.185 Moscow, Russian Federation, ASN43350 (NFORCE, NL), Reverse DNS server.dnsfreedom.net Software / Resource Hash `bcaf01928e5c7246ab0bb7e83f609b485a67a5e442d3dd94539a883c11fb70cd` Request headers Referer https://server.dnsfreedom.net:2096/cPanel_magic_revision_1462238720/unprotected/cpanel/style_v2_optimized.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36 Response headers Date Thu, 26 Apr 2018 12:57:17 GMT Cache-Control max-age=5184000, public Last-Modified Thu, 08 Feb 2018 15:19:17 GMT Content-Type image/png Content-Length 1026 Expires Mon, 25 Jun 2018 12:57:17 GMT
GET		OpenSans-Regular-webfont.woff server.dnsfreedom.net/cPanel_magic_revision_1386192033/unprotected/cpanel/fonts/open_sans/	0 0

GET		OpenSans-Semibold-webfont.woff server.dnsfreedom.net/cPanel_magic_revision_1386192033/unprotected/cpanel/fonts/open_sans/	0 0

GET		OpenSans-Bold-webfont.woff server.dnsfreedom.net/cPanel_magic_revision_1386192031/unprotected/cpanel/fonts/open_sans/	0 0

GET		OpenSans-SemiboldItalic-webfont.woff server.dnsfreedom.net/cPanel_magic_revision_1386192033/unprotected/cpanel/fonts/open_sans/	0 0

GET		OpenSans-Regular-webfont.ttf server.dnsfreedom.net/cPanel_magic_revision_1386192033/unprotected/cpanel/fonts/open_sans/	0 0

GET		OpenSans-Semibold-webfont.ttf server.dnsfreedom.net/cPanel_magic_revision_1386192033/unprotected/cpanel/fonts/open_sans/	0 0

GET		OpenSans-Bold-webfont.ttf server.dnsfreedom.net/cPanel_magic_revision_1386192031/unprotected/cpanel/fonts/open_sans/	0 0

GET		OpenSans-SemiboldItalic-webfont.ttf server.dnsfreedom.net/cPanel_magic_revision_1386192033/unprotected/cpanel/fonts/open_sans/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: server.dnsfreedom.net
URL: https://server.dnsfreedom.net:2096/cPanel_magic_revision_1386192033/unprotected/cpanel/fonts/open_sans/OpenSans-Regular-webfont.woff

Domain: server.dnsfreedom.net
URL: https://server.dnsfreedom.net:2096/cPanel_magic_revision_1386192033/unprotected/cpanel/fonts/open_sans/OpenSans-Semibold-webfont.woff

Domain: server.dnsfreedom.net
URL: https://server.dnsfreedom.net:2096/cPanel_magic_revision_1386192031/unprotected/cpanel/fonts/open_sans/OpenSans-Bold-webfont.woff

Domain: server.dnsfreedom.net
URL: https://server.dnsfreedom.net:2096/cPanel_magic_revision_1386192033/unprotected/cpanel/fonts/open_sans/OpenSans-SemiboldItalic-webfont.woff

Domain: server.dnsfreedom.net
URL: https://server.dnsfreedom.net:2096/cPanel_magic_revision_1386192033/unprotected/cpanel/fonts/open_sans/OpenSans-Regular-webfont.ttf

Domain: server.dnsfreedom.net
URL: https://server.dnsfreedom.net:2096/cPanel_magic_revision_1386192033/unprotected/cpanel/fonts/open_sans/OpenSans-Semibold-webfont.ttf

Domain: server.dnsfreedom.net
URL: https://server.dnsfreedom.net:2096/cPanel_magic_revision_1386192031/unprotected/cpanel/fonts/open_sans/OpenSans-Bold-webfont.ttf

Domain: server.dnsfreedom.net
URL: https://server.dnsfreedom.net:2096/cPanel_magic_revision_1386192033/unprotected/cpanel/fonts/open_sans/OpenSans-SemiboldItalic-webfont.ttf

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| DOM

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

itesc.com.br
server.dnsfreedom.net
server.dnsfreedom.net
201.76.0.44
93.157.63.185
05ce0f813e6236158fa1d115faba62cd2041aab1878cac0960a0f45575cece1e
12b2ce87d28ac817f630e9e51b80cf90716eb848c5ff94a3b3f8a22cb4c8b6a6
70667a94ef79118b93b13b1cb41fcb11b09e8fd3ce0c9c82680ed5f991ba9a32
919e3b6b5b80ecdfb3c87b5e3aa55f174c21a79ed75c63de2dab20394ff7a676
998cd48cdc0414f694d0a3a299dd2beb1134769d5666c7e5567e7d20b4174ef8
a02998df88a6efb0baa526796b2b682ce9fdd6471ceb19170b326320f22f7053
a44e2788785c1a3862187f591aff7b6b644d5e6d29a9fde3f9acf3a6d5914b2e
bcaf01928e5c7246ab0bb7e83f609b485a67a5e442d3dd94539a883c11fb70cd
dffda4745b9dbaa614209027f3c99b761545d1094b8d3017ea1717c702f0e5ad
fe4c02d75150ac018368a8d8e84afcee20e35a465063f97199d59cb5d6587695