urlscan.io logo urlscan.io
SecurityTrails logo

dfew0c.16.pgmudas.com.br Open in urlscan Pro
162.214.100.127  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://e-ascott.crmxs.com/?xs_app=tools.tracker&xs_data=42e6b5_2082_11619516_20636470&xs_url=http://dfew0c.16.pgmudas.com....
Effective URL: http://dfew0c.16.pgmudas.com.br/iptb13q1%20?xs_data=42e6b5_2082_11619516_20636470
Submission: On January 30 via manual from LK — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 2 countries across 2 domains to perform 1 HTTP transactions. The main IP is 162.214.100.127, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is dfew0c.16.pgmudas.com.br.
This is the only time dfew0c.16.pgmudas.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 104.215.151.146 8075 (MICROSOFT...)
1 162.214.100.127 46606 (UNIFIEDLA...)
1 1
Apex Domain
Subdomains		 Transfer
1 pgmudas.com.br
dfew0c.16.pgmudas.com.br
745 B
1 crmxs.com
e-ascott.crmxs.com
1 KB
1 2
Domain Requested by
1 dfew0c.16.pgmudas.com.br
1 e-ascott.crmxs.com 1 redirects
1 2

This site contains no links.

Subject Issuer Validity Valid

This page contains 1 frames:

Primary Page: http://dfew0c.16.pgmudas.com.br/iptb13q1%20?xs_data=42e6b5_2082_11619516_20636470
Frame ID: 17E9302E6335F821FE1B2602D04C20AE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://e-ascott.crmxs.com/?xs_app=tools.tracker&xs_data=42e6b5_2082_11619516_20636470&xs_url=http://df... HTTP 302
    http://dfew0c.16.pgmudas.com.br/iptb13q1%20?xs_data=42e6b5_2082_11619516_20636470 Page URL

Page Statistics

1
Requests

0 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

1 kB
Transfer

1 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://e-ascott.crmxs.com/?xs_app=tools.tracker&xs_data=42e6b5_2082_11619516_20636470&xs_url=http://dfew0c.16.pgmudas.com.br/iptb13q1%20 HTTP 302
    http://dfew0c.16.pgmudas.com.br/iptb13q1%20?xs_data=42e6b5_2082_11619516_20636470 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

1 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request iptb13q1%20
dfew0c.16.pgmudas.com.br/
Redirect Chain
  • https://e-ascott.crmxs.com/?xs_app=tools.tracker&xs_data=42e6b5_2082_11619516_20636470&xs_url=http://dfew0c.16.pgmudas.com.br/iptb13q1%20
  • http://dfew0c.16.pgmudas.com.br/iptb13q1%20?xs_data=42e6b5_2082_11619516_20636470
537 B
745 B 		Document
General
Check archive.org
Download Go to
Full URL
http://dfew0c.16.pgmudas.com.br/iptb13q1%20?xs_data=42e6b5_2082_11619516_20636470
Protocol
HTTP/1.1
Server
162.214.100.127 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
dedi-5778679.g9host.com.br
Software
Apache /
Resource Hash
40038f4a80d2cbdd96c15232aa733788130a529a263eaa913935ec92b192ec37

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Mon, 30 Jan 2023 02:23:19 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
Transfer-Encoding
chunked

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Content-Length
0
Content-Security-Policy
frame-ancestors https://*.e-ascott.com/ https://*.crmxs.com/ https://*.the-ascott.com/ https://*.citadines.com/ https://*.somerset.com/
Content-Type
text/html;charset=UTF-8
Date
Mon, 30 Jan 2023 02:23:18 GMT
Expires
0
Keep-Alive
timeout=120, max=20
Location
http://dfew0c.16.pgmudas.com.br/iptb13q1 ?xs_data=42e6b5_2082_11619516_20636470
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Frame-Options
ALLOW-FROM https://*.e-ascott.com/ ALLOW-FROM https://*.crmxs.com/ ALLOW-FROM https://*.the-ascott.com/ ALLOW-FROM https://*.citadines.com/ ALLOW-FROM https://*.somerset.com/
X-XSS-Protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange

3 Cookies

Domain/Path Name / Value
e-ascott.crmxs.com/ Name: JSESSIONID
Value: 52D133DADC685C9DAE6EE5919066AEBA
.e-ascott.crmxs.com/ Name: ApplicationGatewayAffinity
Value: 42f996c99a07e5b878dea61cb5168db739deba45f03a6d8ee6d2e01512106180
.e-ascott.crmxs.com/ Name: ApplicationGatewayAffinityCORS
Value: 42f996c99a07e5b878dea61cb5168db739deba45f03a6d8ee6d2e01512106180

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dfew0c.16.pgmudas.com.br
e-ascott.crmxs.com
104.215.151.146
162.214.100.127
40038f4a80d2cbdd96c15232aa733788130a529a263eaa913935ec92b192ec37