logsitemas.online Open in urlscan Pro
172.67.160.10 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://logsitemas.online/
Effective URL:
https://logsitemas.online/auth/realms/internet/protocol/openid-connect/loginaspx.php
Submission: On April 04 via manual (April 4th 2024, 5:52:56 am UTC) from FR — Scanned from FR

Summary HTTP 9 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 9 HTTP transactions. The main IP is 172.67.160.10, located in United States and belongs to CLOUDFLARENET, US. The main domain is logsitemas.online.
TLS certificate: Issued by GTS CA 1P5 on April 3rd 2024. Valid for: 3 months.

This is the only time logsitemas.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	2606:4700:303... 2606:4700:3033::ac43:a00a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	172.67.160.10 172.67.160.10	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	193.108.153.12 193.108.153.12	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	142.250.186.100 142.250.186.100	15169 (GOOGLE) (GOOGLE)
1	2602:816:5001... 2602:816:5001::39	54113 (FASTLY) (FASTLY)
1	162.247.243.30 162.247.243.30	54113 (FASTLY) (FASTLY)
9	5

2 2606:4700:3033::ac43:a00a (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

logsitemas.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.67.160.10 (United States)

ASN13335 (CLOUDFLARENET, US)

logsitemas.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.108.153.12 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a193-108-153-12.deploy.static.akamaitechnologies.com

http2.mlstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:816:5001::39 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.243.30 (United States)

ASN54113 (FASTLY, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	logsitemas.online 2 redirects logsitemas.online	32 KB
2	mlstatic.com http2.mlstatic.com — Cisco Umbrella Rank: 25455	29 KB
1	nr-data.net bam-cell.nr-data.net — Cisco Umbrella Rank: 3325
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 655	12 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	907 B
9	5

	Domain	Requested by
6	logsitemas.online	2 redirects logsitemas.online
2	http2.mlstatic.com	logsitemas.online
1	bam-cell.nr-data.net	js-agent.newrelic.com
1	js-agent.newrelic.com	logsitemas.online
1	www.google.com	logsitemas.online
9	5

This site contains links to these domains. Also see Links.

Domain
fbs.com

Subject Issuer	Validity	Valid
logsitemas.online GTS CA 1P5	`2024-04-03` - `2024-07-02`	3 months	crt.sh
*.mlstatic.com DigiCert TLS RSA SHA256 2020 CA1	`2024-02-11` - `2025-02-11`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-03-21` - `2025-04-22`	a year	crt.sh
*.nr-data.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2024-10-01`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://logsitemas.online/auth/realms/internet/protocol/openid-connect/loginaspx.php
Frame ID: 1EEE0533DDA93D36B134D9B05C9B291A
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Entrar em Login Caixa

Page URL History Show full URLs

https://logsitemas.online/ HTTP 302
https://logsitemas.online/auth/realms/internet/protocol/openid-connect/ HTTP 302
https://logsitemas.online/auth/realms/internet/protocol/openid-connect/loginaspx.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

9
Requests

100 %
HTTPS

33 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

74 kB
Transfer

161 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://fbs.com/cabinet/recovery

Search URL Search Domain Scan URL

URL: https://fbs.com/cabinet/registration/trader

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://logsitemas.online/ HTTP 302
https://logsitemas.online/auth/realms/internet/protocol/openid-connect/ HTTP 302
https://logsitemas.online/auth/realms/internet/protocol/openid-connect/loginaspx.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request loginaspx.php Show response
logsitemas.online/auth/realms/internet/protocol/openid-connect/
Redirect Chain

https://logsitemas.online/
https://logsitemas.online/auth/realms/internet/protocol/openid-connect/
https://logsitemas.online/auth/realms/internet/protocol/openid-connect/loginaspx.php

93 KB
21 KB

210ms
209ms

Document
text/html

172.67.160.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://logsitemas.online/auth/realms/internet/protocol/openid-connect/loginaspx.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.160.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c103cd5c5c74838569a01bedc527dbc64ddbe36728397c22a395f35fbead904

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: fr-FR,fr;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 86ef08e4ef8b008a-CDG
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 04 Apr 2024 05:52:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Kogcs9XLpgI7bnRA8OiMw7QNYmr8YOc9G0FwWQNuKF8mAP7GSQyWRL1mBrWaIlShWd%2BPTL8LK32ONCmcTmyDbECIaoDc65Ek4q9%2Bsjrmwp2VKJ28xfiAGaZ8iGAR8Qkb%2Fkqzyw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 86ef08e44d149e6d-CDG
content-type: text/html; charset=UTF-8
date: Thu, 04 Apr 2024 05:52:51 GMT
location: loginaspx.php
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ga2GaqfnSFqcjSxL8EkC4T9orvwPQBCdChB44vLA1%2BZ9%2Bx2yuIYQHSQiVdM93UmJFXXBcAFbL%2FVobgcL7pBsfRhs4RAtoTMo4tkQB2OKldgupIi%2FLMbkwMF9G2utj1DmwatRgwXSczyjFkhAb5EmUA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 proximanova-regular.woff2
http2.mlstatic.com/ui/webfonts/v3.0.0/proxima-nova/ 14 KB
14 KB 207ms
92ms Font
font/woff2 193.108.153.12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://http2.mlstatic.com/ui/webfonts/v3.0.0/proxima-nova/proximanova-regular.woff2

Requested by

Host: logsitemas.online
URL: https://logsitemas.online/auth/realms/internet/protocol/openid-connect/loginaspx.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.108.153.12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a193-108-153-12.deploy.static.akamaitechnologies.com

Software

Tengine /

Resource Hash

9411ab12b8dd65ce03ea7e1c62557fc2d1eaa1d5d1493609a14a2e29b8342918

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://logsitemas.online/
Origin: https://logsitemas.online
accept-language: fr-FR,fr;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: MocYTiXX0FcyQ3NLXQ4zZuxDhFDOReik
content-encoding: gzip
x-content-type-options: nosniff
x-d2id: b44e598bea18796c02d08dd00d558c24
x-cdn: a
date: Thu, 04 Apr 2024 05:52:52 GMT
x-amz-request-id: KJ1NYCFFFQFRQPDY
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
content-length: 14099
x-xss-protection: 1; mode=block
x-amz-id-2: VpXSCNZYvkC3tAsUxiQaVHt5GvEnIKQA8w+mj0qko6UZzgjpxbtBYmvFOAz0Xk1JrRwG3fOWlSg=
x-request-id: b44e598bea18796c02d08dd00d558c24
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 07 Jun 2022 03:26:49 GMT
server: Tengine
etag: "67ff311675dbd02ddb898f02af6fddaf"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
x-request-device-id: b44e598bea18796c02d08dd00d558c24

GET
H3 200 enterprise.js Show response
www.google.com/recaptcha/ 1 KB
907 B 124ms
44ms Script
text/javascript 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?onload=onloadCallback&render=6LelVV4UAAAAADm4qkzt85y1Qh_n-JeoqwYIfX9u&hl=pt-BR

Requested by

Host: logsitemas.online
URL: https://logsitemas.online/auth/realms/internet/protocol/openid-connect/loginaspx.php

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f4.1e100.net

Software

GSE /

Resource Hash

23c66062700d23c3e8fb75864187461ea422d77914f0f137f32025bd430b507d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://logsitemas.online/
accept-language: fr-FR,fr;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 05:52:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 04 Apr 2024 05:52:52 GMT

GET
H3 200 logo-caixa.png
logsitemas.online/auth/realms/internet/protocol/openid-connect/img/caixa/ 4 KB
5 KB 29ms
28ms Image
image/png 172.67.160.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://logsitemas.online/auth/realms/internet/protocol/openid-connect/img/caixa/logo-caixa.png?v=1
Requested by: Host: logsitemas.online
URL: https://logsitemas.online/auth/realms/internet/protocol/openid-connect/loginaspx.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.160.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a10b2226b24cb524fc090fc6b617601ddfa9c6bfc32b95c415b8057f0b32b340

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://logsitemas.online/auth/realms/internet/protocol/openid-connect/loginaspx.php
accept-language: fr-FR,fr;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 05:52:52 GMT
cf-cache-status: HIT
last-modified: Thu, 18 Jan 2024 11:36:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3073
etag: "1083-60f36c6400940"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BmYiMsqvnym867TkiWrWparTcA8GwkJbzVlURqaC5gCaZbkXSkEmM6Zg5yG2DTbaCsfqn2D%2BTVkKSjQBjI57a12%2FHiXTrAErs2ZMf49PXHKviKrpLz7mP5QdZZONYFo%2Bww7BRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 86ef08e6c91f008a-CDG
alt-svc: h3=":443"; ma=86400
content-length: 4227

GET
H3 200 user.jpeg
logsitemas.online/auth/realms/internet/protocol/openid-connect/img/caixa/ 5 KB
5 KB 218ms
217ms Image
image/jpeg 172.67.160.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://logsitemas.online/auth/realms/internet/protocol/openid-connect/img/caixa/user.jpeg
Requested by: Host: logsitemas.online
URL: https://logsitemas.online/auth/realms/internet/protocol/openid-connect/loginaspx.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.160.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31484e18097bebb9ccc733cf768ea73869951899c7ed5c8b488e54404a12b3d8

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://logsitemas.online/auth/realms/internet/protocol/openid-connect/loginaspx.php
accept-language: fr-FR,fr;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 05:52:52 GMT
cf-cache-status: MISS
last-modified: Thu, 18 Jan 2024 16:02:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "12c7-60f3a7f5412c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qNPGGJyjSSP1UvApog9aAeXeaX0X8PHZSSYCf8q83VIO%2BjB3RRIcawrPSA%2FZP5PF0TLprmnHUuUyxZ87YLRMMUh6p0IzCeTRQnXXorBFU8OOXb6Lv3vno%2Ffyy3kZw21pxyUArw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 86ef08e6c921008a-CDG
alt-svc: h3=":443"; ma=86400
content-length: 4807

GET
H2 200 proximanova-light.woff2
http2.mlstatic.com/ui/webfonts/v3.0.0/proxima-nova/ 14 KB
14 KB 116ms
90ms Font
font/woff2 193.108.153.12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://http2.mlstatic.com/ui/webfonts/v3.0.0/proxima-nova/proximanova-light.woff2

Requested by

Host: logsitemas.online
URL: https://logsitemas.online/auth/realms/internet/protocol/openid-connect/loginaspx.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.108.153.12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a193-108-153-12.deploy.static.akamaitechnologies.com

Software

Tengine /

Resource Hash

9bb769c5a9f25f8d52e9ba56881641ec0ca019da478cf2910457fdbea01fcd14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://logsitemas.online/
Origin: https://logsitemas.online
accept-language: fr-FR,fr;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: C4CTuYdIvDB_0NcYDhbmfHFUFBfVxB.Q
content-encoding: gzip
x-content-type-options: nosniff
x-d2id: ec44e194753c6b55093930aa6d24190e
x-cdn: a
date: Thu, 04 Apr 2024 05:52:52 GMT
x-amz-request-id: KJ1HBNDPTE3GX44K
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 14099
x-xss-protection: 1; mode=block
x-amz-id-2: LP/Arcj/+DNXbb7qRDdVPy+69ovqtQkh2xQ3ifX5bEPKQ/fToOHpuHvT3gJu+EgLKSGsjRTon9Y=
x-request-id: ec44e194753c6b55093930aa6d24190e
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 07 Jun 2022 03:26:46 GMT
server: Tengine
etag: "0de1fd16bf20e0b68646e390d439ab42"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
x-request-device-id: ec44e194753c6b55093930aa6d24190e

GET
H2 200 nr-1209.min.js Show response
js-agent.newrelic.com/ 31 KB
12 KB 62ms
18ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-1209.min.js

Requested by

Host: logsitemas.online
URL: https://logsitemas.online/auth/realms/internet/protocol/openid-connect/loginaspx.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1676a8158867ca736ff0a960b9300b8e0e8c016faa2b3211d54d1317213be669

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://logsitemas.online/
accept-language: fr-FR,fr;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: xILSfPkmeziQDRxsiDQp0q4pEOvzo4Ir
content-encoding: br
via: 1.1 varnish
date: Thu, 04 Apr 2024 05:52:52 GMT
strict-transport-security: max-age=300
x-amz-request-id: B0AJYQ1R3PVJYGSP
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 12300
x-amz-id-2: pMXarEgjvoy5xT6wa39xlSPWe2K/x2lMqaCF78JdZLLhQKSaknKaWQWeUmnydQskJc+4xkgtnGI=
x-served-by: cache-lcy-eglc8600045-LCY
last-modified: Wed, 18 Oct 2023 20:59:32 GMT
server: AmazonS3
etag: "ceffb14d16467e17c5360bf7880099fa"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 1

GET
H3 200 caixa.ico
logsitemas.online/auth/realms/internet/protocol/openid-connect/img/caixa/ 270 B
747 B 198ms
198ms Other
image/vnd.microsoft.icon 172.67.160.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://logsitemas.online/auth/realms/internet/protocol/openid-connect/img/caixa/caixa.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.160.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2839fa2f57c7a61a61343acdba026948ef4ab7fbe2b9f85e60e88fa9878a41cb

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://logsitemas.online/auth/realms/internet/protocol/openid-connect/loginaspx.php
accept-language: fr-FR,fr;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 05:52:52 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 18 Jan 2024 17:47:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"10e-60f3bf4ee29c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J5zExQyBtDR80eHLdXJZ%2FLkZn6j%2BTmUezIHdhM7Z9dGTaQekndxn9vzrVrXry14mbWNQ6p3ja71%2B8q1VoTK68Dh4RkljjDdhGhl7oG%2FJJJNjVca1QzruR7kQmbb4oB0RFxeuHg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/vnd.microsoft.icon
cache-control: max-age=14400
cf-ray: 86ef08e83a42008a-CDG
alt-svc: h3=":443"; ma=86400

GET
H/1.1 403 3009922991
bam-cell.nr-data.net/1/ 0
0 244ms
114ms Script
application/json 162.247.243.30
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/3009922991?a=42549344&v=1209.f04e2b9&to=bgRaYENYWBdWABdfXVdOe0FCTVkJGBUKU0UWFEtRQw%3D%3D&rst=975&ck=1&ref=https://logsitemas.online/auth/realms/internet/protocol/openid-connect/loginaspx.php&ap=86.551288&be=605&fe=891&dc=672&tt=168425ff0f348e&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1712209971609,%22n%22:0,%22r%22:0,%22re%22:372,%22f%22:372,%22dn%22:373,%22dne%22:373,%22c%22:373,%22s%22:373,%22ce%22:373,%22rq%22:373,%22rp%22:582,%22rpe%22:666,%22dl%22:585,%22di%22:672,%22ds%22:672,%22de%22:672,%22dc%22:890,%22l%22:890,%22le%22:892%7D,%22navigation%22:%7B%22rc%22:2%7D%7D&fp=780&fcp=780&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1209.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.30 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://logsitemas.online/
accept-language: fr-FR,fr;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-lcy-eglc8600064-LCY
date: Thu, 04 Apr 2024 05:52:52 GMT
Connection: keep-alive
Content-Length: 2
content-type: application/json; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| NREUM object| newrelic function| __nr_require function| valida_form

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://bam-cell.nr-data.net/1/3009922991?a=42549344&v=1209.f04e2b9&to=bgRaYENYWBdWABdfXVdOe0FCTVkJGBUKU0UWFEtRQw%3D%3D&rst=975&ck=1&ref=https://logsitemas.online/auth/realms/internet/protocol/openid-connect/loginaspx.php&ap=86.551288&be=605&fe=891&dc=672&tt=168425ff0f348e&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1712209971609,%22n%22:0,%22r%22:0,%22re%22:372,%22f%22:372,%22dn%22:373,%22dne%22:373,%22c%22:373,%22s%22:373,%22ce%22:373,%22rq%22:373,%22rp%22:582,%22rpe%22:666,%22dl%22:585,%22di%22:672,%22ds%22:672,%22de%22:672,%22dc%22:890,%22l%22:890,%22le%22:892%7D,%22navigation%22:%7B%22rc%22:2%7D%7D&fp=780&fcp=780&jsonp=NREUM.setToken Message: Failed to load resource: the server responded with a status of 403 ()
javascript	warning	URL: https://logsitemas.online/auth/realms/internet/protocol/openid-connect/loginaspx.php Message: The resource https://www.google.com/recaptcha/enterprise.js?onload=onloadCallback&render=6LelVV4UAAAAADm4qkzt85y1Qh_n-JeoqwYIfX9u&hl=pt-BR was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam-cell.nr-data.net
http2.mlstatic.com
js-agent.newrelic.com
logsitemas.online
www.google.com
142.250.186.100
162.247.243.30
172.67.160.10
193.108.153.12
2602:816:5001::39
2606:4700:3033::ac43:a00a
0c103cd5c5c74838569a01bedc527dbc64ddbe36728397c22a395f35fbead904
1676a8158867ca736ff0a960b9300b8e0e8c016faa2b3211d54d1317213be669
23c66062700d23c3e8fb75864187461ea422d77914f0f137f32025bd430b507d
2839fa2f57c7a61a61343acdba026948ef4ab7fbe2b9f85e60e88fa9878a41cb
31484e18097bebb9ccc733cf768ea73869951899c7ed5c8b488e54404a12b3d8
9411ab12b8dd65ce03ea7e1c62557fc2d1eaa1d5d1493609a14a2e29b8342918
9bb769c5a9f25f8d52e9ba56881641ec0ca019da478cf2910457fdbea01fcd14
a10b2226b24cb524fc090fc6b617601ddfa9c6bfc32b95c415b8057f0b32b340

logsitemas.online Open in urlscan Pro 172.67.160.10 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

9 Requests

100 %HTTPS

33 %IPv6

5 Domains

5 Subdomains

5 IPs

2 Countries

74 kBTransfer

161 kBSize

0 Cookies

2 Outgoing links

Page URL History

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

0 Cookies

2 Console Messages

Indicators

logsitemas.online Open in urlscan Pro
172.67.160.10 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

100 %
HTTPS

33 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

74 kB
Transfer

161 kB
Size

0
Cookies

9 HTTP transactions
0 data transactions