191.96.81.185 Open in urlscan Pro
191.96.81.185 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.areadocliente.g2telecom.com.br/
Effective URL:
http://191.96.81.185:8080/sac/login/?sys=SAC
Submission: On August 15 via automatic, source certstream-suspicious (August 15th 2024, 11:25:44 pm UTC) — Scanned from DE

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 8 HTTP transactions. The main IP is 191.96.81.185, located in Cotia, Brazil and belongs to BB Host LTDA, BR. The main domain is 191.96.81.185.

This is the only time 191.96.81.185 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2804:b44:1000... 2804:b44:1000::35	262448 (DIALHOST ...) (DIALHOST INTERNET EIRELI)
8	191.96.81.185 191.96.81.185	265919 (BB Host LTDA) (BB Host LTDA)
8	1

1 2804:b44:1000::35 (São Paulo, Brazil) 1 redirects

ASN262448 (DIALHOST INTERNET EIRELI, BR)

www.areadocliente.g2telecom.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 191.96.81.185 (Cotia, Brazil)

ASN265919 (BB Host LTDA, BR)
PTR: server.coldytelecom.pro.br

191.96.81.185	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
1	g2telecom.com.br 1 redirects www.areadocliente.g2telecom.com.br	264 B
8	1

	Domain	Requested by
1	www.areadocliente.g2telecom.com.br	1 redirects
8	1

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://191.96.81.185:8080/sac/login/?sys=SAC
Frame ID: 6AC72C588AAE21D1867E568D66FCB326
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SAC - Login do Assinante

Page URL History Show full URLs

https://www.areadocliente.g2telecom.com.br/ HTTP 301
http://191.96.81.185:8080/sac/login/?sys=SAC HTTP 307
https://191.96.81.185:8080/sac/login/?sys=SAC HTTP 307
http://191.96.81.185:8080/sac/login/?sys=SAC Page URL

Page Statistics

8
Requests

0 %
HTTPS

50 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

1613 kB
Transfer

1613 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.areadocliente.g2telecom.com.br/ HTTP 301
http://191.96.81.185:8080/sac/login/?sys=SAC HTTP 307
https://191.96.81.185:8080/sac/login/?sys=SAC HTTP 307
http://191.96.81.185:8080/sac/login/?sys=SAC Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 200	Primary Request / Show response 191.96.81.185/sac/login/ Redirect Chain https://www.areadocliente.g2telecom.com.br/ http://191.96.81.185:8080/sac/login/?sys=SAC https://191.96.81.185:8080/sac/login/?sys=SAC http://191.96.81.185:8080/sac/login/?sys=SAC	5 KB 5 KB	465ms 234ms	Document text/html	191.96.81.185 BB Host LTDA
General Check archive.org Show headers Download Go to Full URL http://191.96.81.185:8080/sac/login/?sys=SAC Protocol HTTP/1.1 Server 191.96.81.185 Cotia, Brazil, ASN265919 (BB Host LTDA, BR), Reverse DNS server.coldytelecom.pro.br Software Apache / Resource Hash `c8090fd659b30c7f86a6537fe9b345e0aa3444191b3b4a463a7b510a6c1286a4` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Connection Keep-Alive Content-Encoding ISO-8859-1 Content-Length 5087 Content-Type text/html;charset=UTF-8 Date Thu, 15 Aug 2024 23:25:38 GMT Keep-Alive timeout=5, max=100 Server Apache X-Robots-Tag noindex Redirect headers Location http://191.96.81.185:8080/sac/login/?sys=SAC Non-Authoritative-Reason HttpsUpgrades
GET H/1.1	200 200	login.css 191.96.81.185/sac/login/	4 KB 2 KB	233ms 232ms	Stylesheet text/css	191.96.81.185 BB Host LTDA
General Check archive.org Show headers Download Go to Full URL http://191.96.81.185:8080/sac/login/login.css Requested by Host: 191.96.81.185 URL: http://191.96.81.185:8080/sac/login/?sys=SAC Protocol HTTP/1.1 Server 191.96.81.185 Cotia, Brazil, ASN265919 (BB Host LTDA, BR), Reverse DNS server.coldytelecom.pro.br Software Apache / Resource Hash `0d1af3c693eff9bdf88e52681ceac9cc01b4ddc4eec54df51da56d66aa626732` Request headers Referer http://191.96.81.185:8080/sac/login/?sys=SAC User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Pragma cache Date Thu, 15 Aug 2024 23:25:38 GMT Content-Encoding gzip Last-Modified Fri, 08 Jul 2022 13:58:25 GMT Server Apache ETag W/"3633-1657288705000" Content-Type text/css Cache-Control private,max-age=2592000 Proxy-Connection Keep-Alive Connection Keep-Alive, Keep-Alive Accept-Ranges bytes X-Robots-Tag noindex Keep-Alive timeout=5, max=99 Content-Length 1149
GET H/1.1	200 200	favicon.ico 191.96.81.185/sac/login/	3 KB 4 KB	461ms 234ms	Stylesheet image/x-icon	191.96.81.185 BB Host LTDA
General Check archive.org Show headers Download Go to Full URL http://191.96.81.185:8080/sac/login/favicon.ico Requested by Host: 191.96.81.185 URL: http://191.96.81.185:8080/sac/login/?sys=SAC Protocol HTTP/1.1 Server 191.96.81.185 Cotia, Brazil, ASN265919 (BB Host LTDA, BR), Reverse DNS server.coldytelecom.pro.br Software Apache / Resource Hash `d1e303063afb55a2eb0435b89a02b45a1eae7e5afc30664aa342b8377a6efec3` Request headers Referer http://191.96.81.185:8080/sac/login/?sys=SAC User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Date Thu, 15 Aug 2024 23:25:39 GMT Last-Modified Fri, 08 Jul 2022 13:58:25 GMT Server Apache ETag W/"3431-1657288705000" Content-Type image/x-icon Connection Keep-Alive Accept-Ranges bytes X-Robots-Tag noindex Keep-Alive timeout=5, max=100 Content-Length 3431
GET H/1.1	200 200	classes_personalizado.css 191.96.81.185/sac/login/	883 B 701 B	464ms 237ms	Stylesheet text/css	191.96.81.185 BB Host LTDA
General Check archive.org Show headers Download Go to Full URL http://191.96.81.185:8080/sac/login/classes_personalizado.css Requested by Host: 191.96.81.185 URL: http://191.96.81.185:8080/sac/login/?sys=SAC Protocol HTTP/1.1 Server 191.96.81.185 Cotia, Brazil, ASN265919 (BB Host LTDA, BR), Reverse DNS server.coldytelecom.pro.br Software Apache / Resource Hash `3af6e211ed63e0365a87c40051b07d931b2701ad18abf7853210e589a2bf866f` Request headers Referer http://191.96.81.185:8080/sac/login/?sys=SAC User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Pragma cache Date Thu, 15 Aug 2024 23:25:39 GMT Content-Encoding gzip Last-Modified Fri, 05 Jan 2024 13:57:33 GMT Server Apache ETag W/"883-1704463053565" Content-Type text/css Cache-Control private,max-age=2592000 Proxy-Connection Keep-Alive Connection Keep-Alive, Keep-Alive Accept-Ranges bytes X-Robots-Tag noindex Keep-Alive timeout=5, max=100 Content-Length 286
GET H/1.1	200 200	sac_logo.png 191.96.81.185/sac/login/	22 KB 22 KB	460ms 233ms	Image image/png	191.96.81.185 BB Host LTDA
General Check archive.org Show headers Download Go to Show image Full URL http://191.96.81.185:8080/sac/login/sac_logo.png Requested by Host: 191.96.81.185 URL: http://191.96.81.185:8080/sac/login/?sys=SAC Protocol HTTP/1.1 Server 191.96.81.185 Cotia, Brazil, ASN265919 (BB Host LTDA, BR), Reverse DNS server.coldytelecom.pro.br Software Apache / Resource Hash `11300838689226f273266d54dd5f6f7604904fdf4fe243678f81073fea987a39` Request headers Referer http://191.96.81.185:8080/sac/login/?sys=SAC User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Pragma cache, cache Date Thu, 15 Aug 2024 23:25:39 GMT Last-Modified Wed, 03 Jan 2024 15:21:51 GMT Server Apache ETag W/"22144-1704295311000" Content-Type image/png Cache-Control private,max-age=2592000, private,max-age=2592000 Connection Keep-Alive Accept-Ranges bytes X-Robots-Tag noindex Keep-Alive timeout=5, max=100 Content-Length 22144
GET H/1.1	404 404	login_personalizado.css 191.96.81.185/sac/login/	0 0	233ms 233ms	Stylesheet text/html	191.96.81.185 BB Host LTDA
General Check archive.org Show headers Download Go to Full URL http://191.96.81.185:8080/sac/login/login_personalizado.css Requested by Host: 191.96.81.185 URL: http://191.96.81.185:8080/sac/login/login.css Protocol HTTP/1.1 Server 191.96.81.185 Cotia, Brazil, ASN265919 (BB Host LTDA, BR), Reverse DNS server.coldytelecom.pro.br Software Apache / Resource Hash Request headers Referer http://191.96.81.185:8080/sac/login/login.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Pragma cache Date Thu, 15 Aug 2024 23:25:39 GMT Last-Modified Wed, 31 Dec 1969 21:00:00 BRT Server Apache ETag 1532989733 Content-Type text/html;charset=ISO-8859-1 Cache-Control private,max-age=2592000 Proxy-Connection Keep-Alive Connection Keep-Alive, Keep-Alive X-Robots-Tag noindex Keep-Alive timeout=5, max=98 Content-Length 374
GET H/1.1	200 200	sac_fundo.png 191.96.81.185/sac/login/	2 MB 2 MB	232ms 231ms	Image image/png	191.96.81.185 BB Host LTDA
General Check archive.org Show headers Download Go to Show image Full URL http://191.96.81.185:8080/sac/login/sac_fundo.png Requested by Host: 191.96.81.185 URL: http://191.96.81.185:8080/sac/login/login.css Protocol HTTP/1.1 Server 191.96.81.185 Cotia, Brazil, ASN265919 (BB Host LTDA, BR), Reverse DNS server.coldytelecom.pro.br Software Apache / Resource Hash `717345bf1247f17fc7a6e3d63d7e7e015ffd7c4ac657ad6091b5c517de02aab6` Request headers Referer http://191.96.81.185:8080/sac/login/login.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Pragma cache, cache Date Thu, 15 Aug 2024 23:25:39 GMT Last-Modified Fri, 23 Feb 2024 01:09:02 GMT Server Apache ETag W/"1616529-1708650542723" Content-Type image/png Cache-Control private,max-age=2592000, private,max-age=2592000 Connection Keep-Alive Accept-Ranges bytes X-Robots-Tag noindex Keep-Alive timeout=5, max=97 Content-Length 1616529
GET H/1.1	403 Forbidden	favicon.ico 191.96.81.185/	199 B 399 B	230ms 229ms	Other text/html	191.96.81.185 BB Host LTDA
General Check archive.org Show headers Download Go to Full URL http://191.96.81.185:8080/favicon.ico Protocol HTTP/1.1 Server 191.96.81.185 Cotia, Brazil, ASN265919 (BB Host LTDA, BR), Reverse DNS server.coldytelecom.pro.br Software Apache / Resource Hash `5b13fb5957b84ef7bb9d0b6cd509c947ff6a37d67efdac2b896ddd3b908aad10` Request headers Referer http://191.96.81.185:8080/sac/login/?sys=SAC User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Date Thu, 15 Aug 2024 23:25:41 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=96 Content-Length 199 Content-Type text/html; charset=iso-8859-1

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ajax function| enviarEmail function| resultWS function| makerWebFlowRequest

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			191.96.81.185/sac/login	1970-01-21 08:25:24	Name: WebrunSelectedSystem Value: SAC
			191.96.81.185/sac	1969-12-31 23:59:59	Name: JSESSIONID Value: BDE042CFDB4FA582B6E00AF3D9D9394C

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://191.96.81.185:8080/sac/login/login_personalizado.css Message: Failed to load resource: the server responded with a status of 404 (404)
network	error	URL: http://191.96.81.185:8080/favicon.ico Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

www.areadocliente.g2telecom.com.br
191.96.81.185
2804:b44:1000::35
0d1af3c693eff9bdf88e52681ceac9cc01b4ddc4eec54df51da56d66aa626732
11300838689226f273266d54dd5f6f7604904fdf4fe243678f81073fea987a39
3af6e211ed63e0365a87c40051b07d931b2701ad18abf7853210e589a2bf866f
5b13fb5957b84ef7bb9d0b6cd509c947ff6a37d67efdac2b896ddd3b908aad10
717345bf1247f17fc7a6e3d63d7e7e015ffd7c4ac657ad6091b5c517de02aab6
c8090fd659b30c7f86a6537fe9b345e0aa3444191b3b4a463a7b510a6c1286a4
d1e303063afb55a2eb0435b89a02b45a1eae7e5afc30664aa342b8377a6efec3

191.96.81.185 Open in urlscan Pro 191.96.81.185 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

8 Requests

0 %HTTPS

50 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

1613 kBTransfer

1613 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

2 Cookies

2 Console Messages

Indicators

191.96.81.185 Open in urlscan Pro
191.96.81.185 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

0 %
HTTPS

50 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

1613 kB
Transfer

1613 kB
Size

2
Cookies

8 HTTP transactions
0 data transactions