postosinai.headthink.info Open in urlscan Pro
66.42.116.97 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://postosinai.headthink.info/
Effective URL:
https://postosinai.headthink.info/Home/Login?ReturnUrl=%2F
Submission: On May 24 via automatic, source certstream-suspicious (May 24th 2021, 2:45:15 am UTC)

Summary HTTP 19 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 19 HTTP transactions. The main IP is 66.42.116.97, located in United States and belongs to AS-CHOOPA, US. The main domain is postosinai.headthink.info.
TLS certificate: Issued by R3 on May 24th 2021. Valid for: 3 months.

This is the only time postosinai.headthink.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 14	66.42.116.97 66.42.116.97	20473 (AS-CHOOPA) (AS-CHOOPA)
3	54.175.66.37 54.175.66.37	14618 (AMAZON-AES) (AMAZON-AES)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2a	20446 (HIGHWINDS3) (HIGHWINDS3)
2	13.224.195.103 13.224.195.103	16509 (AMAZON-02) (AMAZON-02)
19	4

14 66.42.116.97 (United States) 1 redirects

ASN20473 (AS-CHOOPA, US)
PTR: vps1681.tmdvps.com

postosinai.headthink.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.175.66.37 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-66-37.compute-1.amazonaws.com

chat.movidesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.195.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-195-103.fra2.r.cloudfront.net

cdn.app.movidesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	headthink.info 1 redirects postosinai.headthink.info	1 MB
5	movidesk.com chat.movidesk.com cdn.app.movidesk.com	11 KB
1	jquery.com code.jquery.com	30 KB
19	3

	Domain	Requested by
14	postosinai.headthink.info	1 redirects postosinai.headthink.info
3	chat.movidesk.com	postosinai.headthink.info code.jquery.com
2	cdn.app.movidesk.com	code.jquery.com
1	code.jquery.com	chat.movidesk.com
19	4

This site contains no links.

Subject Issuer	Validity	Valid
postosinai.headthink.info R3	`2021-05-24` - `2021-08-22`	3 months	crt.sh
movidesk.com Amazon	`2021-04-28` - `2022-05-27`	a year	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://postosinai.headthink.info/Home/Login?ReturnUrl=%2F
Frame ID: E1F4F5A43B0503D0BEE76A8FD372D3C8
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://postosinai.headthink.info/ HTTP 302
https://postosinai.headthink.info/Home/Login?ReturnUrl=%2F Page URL

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Page Statistics

19
Requests

100 %
HTTPS

25 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

1093 kB
Transfer

1168 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://postosinai.headthink.info/ HTTP 302
https://postosinai.headthink.info/Home/Login?ReturnUrl=%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request Login Show response postosinai.headthink.info/Home/ Redirect Chain https://postosinai.headthink.info/ https://postosinai.headthink.info/Home/Login?ReturnUrl=%2F	6 KB 6 KB	123ms 122ms	Document text/html	66.42.116.97 AS-CHOOPA
General Check archive.org Show headers Download Go to Full URL https://postosinai.headthink.info/Home/Login?ReturnUrl=%2F Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 66.42.116.97 , United States, ASN20473 (AS-CHOOPA, US), Reverse DNS vps1681.tmdvps.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `9c784131695f1dc0855a7b5d9d99f921f443cd78525634c01a3947006d1e1a40` Request headers :method GET :authority postosinai.headthink.info :scheme https :path /Home/Login?ReturnUrl=%2F pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers cache-control private content-type text/html; charset=utf-8 server Microsoft-IIS/10.0 x-aspnetmvc-version 5.2 x-aspnet-version 4.0.30319 x-powered-by ASP.NET x-powered-by-plesk PleskWin date Mon, 24 May 2021 02:44:38 GMT content-length 6378 Redirect headers cache-control private content-type text/html; charset=utf-8 location /Home/Login?ReturnUrl=%2F server Microsoft-IIS/10.0 x-aspnetmvc-version 5.2 x-aspnet-version 4.0.30319 set-cookie .ASPXAUTH=; expires=Tue, 12-Oct-1999 03:00:00 GMT; path=/; HttpOnly; SameSite=Lax x-powered-by ASP.NET x-powered-by-plesk PleskWin date Mon, 24 May 2021 02:44:38 GMT content-length 142
GET H2	200	bootstrap.css postosinai.headthink.info/Content/	157 KB 157 KB	224ms 222ms	Stylesheet text/css	66.42.116.97 AS-CHOOPA
General Check archive.org Show headers Download Go to Full URL https://postosinai.headthink.info/Content/bootstrap.css Requested by Host: postosinai.headthink.info URL: https://postosinai.headthink.info/Home/Login?ReturnUrl=%2F Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 66.42.116.97 , United States, ASN20473 (AS-CHOOPA, US), Reverse DNS vps1681.tmdvps.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `ada4163ee7284390f2f349cfc986e225deded96a4e0993d74ea29f001611dff2` Request headers :path /Content/bootstrap.css pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept text/css,/;q=0.1 cache-control no-cache sec-fetch-dest style :authority postosinai.headthink.info referer https://postosinai.headthink.info/Home/Login?ReturnUrl=%2F :scheme https sec-fetch-site same-origin :method GET Referer https://postosinai.headthink.info/Home/Login?ReturnUrl=%2F User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-powered-by-plesk PleskWin date Mon, 24 May 2021 02:44:38 GMT last-modified Wed, 13 Nov 2019 22:35:45 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET etag "80362db0729ad51:0" content-type text/css accept-ranges bytes content-length 161096
GET H2	200	metisMenu.css postosinai.headthink.info/Content/	1 KB 1 KB	118ms 116ms	Stylesheet text/css	66.42.116.97 AS-CHOOPA
General Check archive.org Show headers Download Go to Full URL https://postosinai.headthink.info/Content/metisMenu.css Requested by Host: postosinai.headthink.info URL: https://postosinai.headthink.info/Home/Login?ReturnUrl=%2F Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 66.42.116.97 , United States, ASN20473 (AS-CHOOPA, US), Reverse DNS vps1681.tmdvps.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `fe3c6dae3be80f62e074b2ffde516a6b1ce84364b48d6ce43078d11861cdb8bf` Request headers :path /Content/metisMenu.css pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept text/css,/;q=0.1 cache-control no-cache sec-fetch-dest style :authority postosinai.headthink.info referer https://postosinai.headthink.info/Home/Login?ReturnUrl=%2F :scheme https sec-fetch-site same-origin :method GET Referer https://postosinai.headthink.info/Home/Login?ReturnUrl=%2F User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-powered-by-plesk PleskWin date Mon, 24 May 2021 02:44:38 GMT last-modified Wed, 13 Nov 2019 22:35:45 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET etag "80362db0729ad51:0" content-type text/css accept-ranges bytes content-length 1089
GET H2	200	font-awesome.min.css postosinai.headthink.info/Content/	23 KB 23 KB	123ms 122ms	Stylesheet text/css	66.42.116.97 AS-CHOOPA
General Check archive.org Show headers Download Go to Full URL https://postosinai.headthink.info/Content/font-awesome.min.css Requested by Host: postosinai.headthink.info URL: https://postosinai.headthink.info/Home/Login?ReturnUrl=%2F Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 66.42.116.97 , United States, ASN20473 (AS-CHOOPA, US), Reverse DNS vps1681.tmdvps.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `222d75918bb518d46a4d283da7de243b4409d597a8c6856070a07e96b600e6d7` Request headers :path /Content/font-awesome.min.css pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept text/css,/;q=0.1 cache-control no-cache sec-fetch-dest style :authority postosinai.headthink.info referer https://postosinai.headthink.info/Home/Login?ReturnUrl=%2F :scheme https sec-fetch-site same-origin :method GET Referer https://postosinai.headthink.info/Home/Login?ReturnUrl=%2F User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-powered-by-plesk PleskWin date Mon, 24 May 2021 02:44:38 GMT last-modified Wed, 13 Nov 2019 22:35:45 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET etag "80362db0729ad51:0" content-type text/css accept-ranges bytes content-length 23742
GET H2	200	sb-admin-2.css postosinai.headthink.info/Content/	6 KB 6 KB	116ms 115ms	Stylesheet text/css	66.42.116.97 AS-CHOOPA
General Check archive.org Show headers Download Go to Full URL https://postosinai.headthink.info/Content/sb-admin-2.css Requested by Host: postosinai.headthink.info URL: https://postosinai.headthink.info/Home/Login?ReturnUrl=%2F Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 66.42.116.97 , United States, ASN20473 (AS-CHOOPA, US), Reverse DNS vps1681.tmdvps.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `652cbe4f8c1f2d350c12c7a5fe3c1ac236d68d9d859ec80d7d263e1fcde79c60` Request headers :path /Content/sb-admin-2.css pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept text/css,/;q=0.1 cache-control no-cache sec-fetch-dest style :authority postosinai.headthink.info referer https://postosinai.headthink.info/Home/Login?ReturnUrl=%2F :scheme https sec-fetch-site same-origin :method GET Referer https://postosinai.headthink.info/Home/Login?ReturnUrl=%2F User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-powered-by-plesk PleskWin date Mon, 24 May 2021 02:44:38 GMT last-modified Wed, 13 Nov 2019 22:35:45 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET etag "80362db0729ad51:0" content-type text/css accept-ranges bytes content-length 5946
GET H2	200	jquery-1.10.2.js Show response postosinai.headthink.info/Scripts/	375 KB 375 KB	515ms 514ms	Script application/javascript	66.42.116.97 AS-CHOOPA
General Check archive.org Show headers Download Go to Full URL https://postosinai.headthink.info/Scripts/jquery-1.10.2.js Requested by Host: postosinai.headthink.info URL: https://postosinai.headthink.info/Home/Login?ReturnUrl=%2F Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 66.42.116.97 , United States, ASN20473 (AS-CHOOPA, US), Reverse DNS vps1681.tmdvps.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `60cfefac2f769ce5f50667a093e61eb02e2db5744e75d0c2ef27ce7fcd85a793` Request headers :path /Scripts/jquery-1.10.2.js pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept / cache-control no-cache sec-fetch-dest script :authority postosinai.headthink.info referer https://postosinai.headthink.info/Home/Login?ReturnUrl=%2F :scheme https sec-fetch-site same-origin :method GET Referer https://postosinai.headthink.info/Home/Login?ReturnUrl=%2F User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-powered-by-plesk PleskWin date Mon, 24 May 2021 02:44:38 GMT last-modified Thu, 29 Apr 2021 16:56:01 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET etag "a0771989183dd71:0" content-type application/javascript accept-ranges bytes content-length 383735
GET H2	200	metisMenu.js Show response postosinai.headthink.info/Scripts/	4 KB 4 KB	618ms 617ms	Script application/javascript	66.42.116.97 AS-CHOOPA
General Check archive.org Show headers Download Go to Full URL https://postosinai.headthink.info/Scripts/metisMenu.js Requested by Host: postosinai.headthink.info URL: https://postosinai.headthink.info/Home/Login?ReturnUrl=%2F Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 66.42.116.97 , United States, ASN20473 (AS-CHOOPA, US), Reverse DNS vps1681.tmdvps.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `e8a19636b65fbe7097e213dee936881f5b1a77dad7e10f79cc0575bfef53a9d9` Request headers :path /Scripts/metisMenu.js pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept / cache-control no-cache sec-fetch-dest script :authority postosinai.headthink.info referer https://postosinai.headthink.info/Home/Login?ReturnUrl=%2F :scheme https sec-fetch-site same-origin :method GET Referer https://postosinai.headthink.info/Home/Login?ReturnUrl=%2F User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-powered-by-plesk PleskWin date Mon, 24 May 2021 02:44:38 GMT last-modified Thu, 29 Apr 2021 16:56:12 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET etag "69742a8f183dd71:0" content-type application/javascript accept-ranges bytes content-length 4096
GET H2	200	sb-admin-2.js Show response postosinai.headthink.info/Scripts/	1 KB 1 KB	616ms 615ms	Script application/javascript	66.42.116.97 AS-CHOOPA
General Check archive.org Show headers Download Go to Full URL https://postosinai.headthink.info/Scripts/sb-admin-2.js Requested by Host: postosinai.headthink.info URL: https://postosinai.headthink.info/Home/Login?ReturnUrl=%2F Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 66.42.116.97 , United States, ASN20473 (AS-CHOOPA, US), Reverse DNS vps1681.tmdvps.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `d652d8351615caa5dfe618603a972e426074e2bcf8e7ba29e8d70f5d0ce9b49d` Request headers :path /Scripts/sb-admin-2.js pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept / cache-control no-cache sec-fetch-dest script :authority postosinai.headthink.info referer https://postosinai.headthink.info/Home/Login?ReturnUrl=%2F :scheme https sec-fetch-site same-origin :method GET Referer https://postosinai.headthink.info/Home/Login?ReturnUrl=%2F User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-powered-by-plesk PleskWin date Mon, 24 May 2021 02:44:38 GMT last-modified Thu, 29 Apr 2021 16:56:13 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET etag "87cbe68f183dd71:0" content-type application/javascript accept-ranges bytes content-length 1217
GET H2	200	jquery.validate.min.js Show response postosinai.headthink.info/Scripts/	21 KB 21 KB	618ms 617ms	Script application/javascript	66.42.116.97 AS-CHOOPA
General Check archive.org Show headers Download Go to Full URL https://postosinai.headthink.info/Scripts/jquery.validate.min.js Requested by Host: postosinai.headthink.info URL: https://postosinai.headthink.info/Home/Login?ReturnUrl=%2F Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 66.42.116.97 , United States, ASN20473 (AS-CHOOPA, US), Reverse DNS vps1681.tmdvps.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `b9a6d11a426fcbaed8d60d645f628515e9974f397e871ee7a406c1bd8f65de2d` Request headers :path /Scripts/jquery.validate.min.js pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept / cache-control no-cache sec-fetch-dest script :authority postosinai.headthink.info referer https://postosinai.headthink.info/Home/Login?ReturnUrl=%2F :scheme https sec-fetch-site same-origin :method GET Referer https://postosinai.headthink.info/Home/Login?ReturnUrl=%2F User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-powered-by-plesk PleskWin date Mon, 24 May 2021 02:44:38 GMT last-modified Thu, 29 Apr 2021 16:56:02 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET etag "e5476f89183dd71:0" content-type application/javascript accept-ranges bytes content-length 21877
GET H2	200	jquery.validate.unobtrusive.min.js Show response postosinai.headthink.info/Scripts/	6 KB 6 KB	619ms 618ms	Script application/javascript	66.42.116.97 AS-CHOOPA
General Check archive.org Show headers Download Go to Full URL https://postosinai.headthink.info/Scripts/jquery.validate.unobtrusive.min.js Requested by Host: postosinai.headthink.info URL: https://postosinai.headthink.info/Home/Login?ReturnUrl=%2F Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 66.42.116.97 , United States, ASN20473 (AS-CHOOPA, US), Reverse DNS vps1681.tmdvps.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `93ae3cfc998ce270aaba00f0724010e5198f715a3a9aa8a4b70df675cbf6bd5e` Request headers :path /Scripts/jquery.validate.unobtrusive.min.js pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept / cache-control no-cache sec-fetch-dest script :authority postosinai.headthink.info referer https://postosinai.headthink.info/Home/Login?ReturnUrl=%2F :scheme https sec-fetch-site same-origin :method GET Referer https://postosinai.headthink.info/Home/Login?ReturnUrl=%2F User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-powered-by-plesk PleskWin date Mon, 24 May 2021 02:44:38 GMT last-modified Thu, 29 Apr 2021 16:56:02 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET etag "916f7689183dd71:0" content-type application/javascript accept-ranges bytes content-length 6050
GET H2	200	chat-widget.min.js Show response chat.movidesk.com/Scripts/	11 KB 4 KB	313ms 102ms	Script application/javascript	54.175.66.37 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://chat.movidesk.com/Scripts/chat-widget.min.js Requested by Host: postosinai.headthink.info URL: https://postosinai.headthink.info/Home/Login?ReturnUrl=%2F Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.175.66.37 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-175-66-37.compute-1.amazonaws.com Software / Resource Hash `4d6cedcd1a487f9bf077e4bcb1d4e6a2715003f5ddff7b18d6d142489c35da9d` Request headers Referer https://postosinai.headthink.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 24 May 2021 02:44:55 GMT content-encoding gzip last-modified Wed, 12 May 2021 01:09:50 GMT server etag "03c281cb46d71:0" vary Accept-Encoding p3p CP = "IDC DSP COR ADM Devi Taii PSA PSD IvaÃ IVDi CONi HIS OUR IND CNT" x-stackifyid V1\|2b80b8f6-d837-4ef5-a6c3-eccc6f9f2185\|C63188\|CD1\| cache-control no-cache accept-ranges bytes content-type application/javascript content-length 4224
GET H2	200	Logo_Roxo.png postosinai.headthink.info/Content/imagens/	10 KB 10 KB	196ms 196ms	Image image/png	66.42.116.97 AS-CHOOPA
General Check archive.org Show headers Download Go to Show image Full URL https://postosinai.headthink.info/Content/imagens/Logo_Roxo.png Requested by Host: postosinai.headthink.info URL: https://postosinai.headthink.info/Home/Login?ReturnUrl=%2F Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 66.42.116.97 , United States, ASN20473 (AS-CHOOPA, US), Reverse DNS vps1681.tmdvps.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `50b136853d502524fd285a51c54d26e7f4358a6011e7c2f69e31cb691d10bf38` Request headers :path /Content/imagens/Logo_Roxo.png pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 cache-control* no-cache sec-fetch-dest image :authority postosinai.headthink.info referer https://postosinai.headthink.info/Home/Login?ReturnUrl=%2F :scheme https sec-fetch-site same-origin :method GET Referer https://postosinai.headthink.info/Home/Login?ReturnUrl=%2F User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-powered-by-plesk PleskWin date Mon, 24 May 2021 02:44:38 GMT last-modified Wed, 13 Nov 2019 22:35:45 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET etag "80362db0729ad51:0" content-type image/png accept-ranges bytes content-length 10042
GET H2	200	LogoWhatsApp.png postosinai.headthink.info/Content/imagens/	435 KB 436 KB	117ms 117ms	Image image/png	66.42.116.97 AS-CHOOPA
General Check archive.org Show headers Download Go to Show image Full URL https://postosinai.headthink.info/Content/imagens/LogoWhatsApp.png Requested by Host: postosinai.headthink.info URL: https://postosinai.headthink.info/Home/Login?ReturnUrl=%2F Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 66.42.116.97 , United States, ASN20473 (AS-CHOOPA, US), Reverse DNS vps1681.tmdvps.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `eafa6a83bb4d5f6a3e88a541626d7706babfe3496c4069ae0dbdb1a8c9d8b267` Request headers :path /Content/imagens/LogoWhatsApp.png pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 cache-control* no-cache sec-fetch-dest image :authority postosinai.headthink.info referer https://postosinai.headthink.info/Home/Login?ReturnUrl=%2F :scheme https sec-fetch-site same-origin :method GET Referer https://postosinai.headthink.info/Home/Login?ReturnUrl=%2F User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-powered-by-plesk PleskWin date Mon, 24 May 2021 02:44:39 GMT last-modified Wed, 13 Nov 2019 22:35:45 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET etag "80362db0729ad51:0" content-type image/png accept-ranges bytes content-length 445764
GET H2	200	jquery-3.6.0.min.js Show response code.jquery.com/	87 KB 30 KB	27ms 10ms	Script application/javascript	2001:4de0:ac18::1:a:2a HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.6.0.min.js Requested by Host: chat.movidesk.com URL: https://chat.movidesk.com/Scripts/chat-widget.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx / Resource Hash `ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e` Request headers Referer https://postosinai.headthink.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 24 May 2021 02:44:55 GMT content-encoding gzip last-modified Tue, 02 Mar 2021 17:27:20 GMT server nginx etag W/"603e7578-15d9d" vary Accept-Encoding x-hw 1621824295.dop215.fr8.t,1621824295.cds221.fr8.hc,1621824295.cds144.fr8.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 30875
GET H2	404	undefined postosinai.headthink.info/Home/	4 KB 4 KB	152ms 152ms	Image text/html	66.42.116.97 AS-CHOOPA
General Check archive.org Show headers Download Go to Show image Full URL https://postosinai.headthink.info/Home/undefined Requested by Host: postosinai.headthink.info URL: https://postosinai.headthink.info/Home/Login?ReturnUrl=%2F Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 66.42.116.97 , United States, ASN20473 (AS-CHOOPA, US), Reverse DNS vps1681.tmdvps.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `49685d2ec421870c4fa3bb48746b0d1507b0b2a4c83bf722f124536ecf23df22` Request headers :path /Home/undefined pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 cache-control* no-cache sec-fetch-dest image :authority postosinai.headthink.info referer https://postosinai.headthink.info/Home/Login?ReturnUrl=%2F :scheme https sec-fetch-site same-origin :method GET Referer https://postosinai.headthink.info/Home/Login?ReturnUrl=%2F User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-powered-by-plesk PleskWin date Mon, 24 May 2021 02:44:39 GMT server Microsoft-IIS/10.0 x-aspnet-version 4.0.30319 x-powered-by ASP.NET content-type text/html; charset=utf-8 cache-control private content-length 4194
GET H2	200	chat-widget.min.css chat.movidesk.com/Content/css/	17 KB 3 KB	105ms 105ms	Stylesheet text/css	54.175.66.37 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://chat.movidesk.com/Content/css/chat-widget.min.css?v=9 Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-3.6.0.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.175.66.37 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-175-66-37.compute-1.amazonaws.com Software / Resource Hash `16849555c5d36f5c6a4f8d50e75da7875d72ed61cb20356b322521d31a5545ca` Request headers Referer https://postosinai.headthink.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 24 May 2021 02:44:55 GMT content-encoding gzip last-modified Thu, 29 Apr 2021 01:10:08 GMT server etag "0d81d65943cd71:0" vary Accept-Encoding p3p CP = "IDC DSP COR ADM Devi Taii PSA PSD IvaÃ IVDi CONi HIS OUR IND CNT" x-stackifyid V1\|91f1342b-2067-47b6-942c-aa34554fafc8\|C63188\|CD1\| accept-ranges bytes content-type text/css content-length 3002
GET H2	200	icon-collapse.svg Show response cdn.app.movidesk.com/Content/img/ChatWidgetIcons/	1 KB 2 KB	99ms 38ms	XHR image/svg+xml	13.224.195.103 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.app.movidesk.com/Content/img/ChatWidgetIcons/icon-collapse.svg Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-3.6.0.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.195.103 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-195-103.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash `a970cb2759096728483c4a1d4706e9bb9f1b7e7013e8aa9f751e7a60b9937fc3` Request headers Accept text/plain, /; q=0.01 Referer https://postosinai.headthink.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 24 May 2021 02:42:58 GMT via 1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront) vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method age 118 x-cache Hit from cloudfront content-length 1104 last-modified Thu, 21 Nov 2019 16:59:53 GMT server AmazonS3 etag "f0d1a331afbed7ea63930411dc06730c" access-control-max-age 3000 access-control-allow-methods GET x-amz-version-id null access-control-allow-origin * x-amz-cf-pop FRA2-C1 accept-ranges bytes content-type image/svg+xml x-amz-cf-id q_3iuWQrXZ5uWtVoiixKIemI1bBEUX7yyRXBZ2zbeXN61CcEV7zJpw==
GET H2	403	GetConfig chat.movidesk.com/ChatWidget/	0 0	117ms 116ms	Script text/html	54.175.66.37 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://chat.movidesk.com/ChatWidget/GetConfig?callback=JSONPgetConfigCallback&id=72DCB605E6634741B22D8E99620CF9CC&format=json Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-3.6.0.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.175.66.37 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-175-66-37.compute-1.amazonaws.com Software / Resource Hash Request headers Referer https://postosinai.headthink.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H2	200	icon-collapse.svg Show response cdn.app.movidesk.com/Content/img/ChatWidgetIcons/	1 KB 2 KB	94ms 39ms	XHR image/svg+xml	13.224.195.103 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.app.movidesk.com/Content/img/ChatWidgetIcons/icon-collapse.svg Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-3.6.0.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.195.103 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-195-103.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash `a970cb2759096728483c4a1d4706e9bb9f1b7e7013e8aa9f751e7a60b9937fc3` Request headers Accept text/plain, /; q=0.01 Referer https://postosinai.headthink.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 24 May 2021 02:42:58 GMT via 1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront) vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method age 118 x-cache Hit from cloudfront content-length 1104 last-modified Thu, 21 Nov 2019 16:59:53 GMT server AmazonS3 etag "f0d1a331afbed7ea63930411dc06730c" access-control-max-age 3000 access-control-allow-methods GET x-amz-version-id null access-control-allow-origin * x-amz-cf-pop FRA2-C1 accept-ranges bytes content-type image/svg+xml x-amz-cf-id LdA8Aw6N7P_YyPEsUGmge0ITf3EddBb9YcSQG1JUQiVObyjxH1Gs-A==

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			postosinai.headthink.info/	1969-12-31 23:59:59	Name: chatWidgetWindowState72DCB605E6634741B22D8E99620CF9CC Value: false

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://chat.movidesk.com/Scripts/chat-widget.min.js(Line 1) Message: Erro ao buscar a configuração do widget do chat
console-api	error	URL: https://chat.movidesk.com/Scripts/chat-widget.min.js(Line 1) Message: Erro ao buscar a configuração do widget do chat

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.app.movidesk.com
chat.movidesk.com
code.jquery.com
postosinai.headthink.info
13.224.195.103
2001:4de0:ac18::1:a:2a
54.175.66.37
66.42.116.97
16849555c5d36f5c6a4f8d50e75da7875d72ed61cb20356b322521d31a5545ca
222d75918bb518d46a4d283da7de243b4409d597a8c6856070a07e96b600e6d7
49685d2ec421870c4fa3bb48746b0d1507b0b2a4c83bf722f124536ecf23df22
4d6cedcd1a487f9bf077e4bcb1d4e6a2715003f5ddff7b18d6d142489c35da9d
50b136853d502524fd285a51c54d26e7f4358a6011e7c2f69e31cb691d10bf38
60cfefac2f769ce5f50667a093e61eb02e2db5744e75d0c2ef27ce7fcd85a793
652cbe4f8c1f2d350c12c7a5fe3c1ac236d68d9d859ec80d7d263e1fcde79c60
93ae3cfc998ce270aaba00f0724010e5198f715a3a9aa8a4b70df675cbf6bd5e
9c784131695f1dc0855a7b5d9d99f921f443cd78525634c01a3947006d1e1a40
a970cb2759096728483c4a1d4706e9bb9f1b7e7013e8aa9f751e7a60b9937fc3
ada4163ee7284390f2f349cfc986e225deded96a4e0993d74ea29f001611dff2
b9a6d11a426fcbaed8d60d645f628515e9974f397e871ee7a406c1bd8f65de2d
d652d8351615caa5dfe618603a972e426074e2bcf8e7ba29e8d70f5d0ce9b49d
e8a19636b65fbe7097e213dee936881f5b1a77dad7e10f79cc0575bfef53a9d9
eafa6a83bb4d5f6a3e88a541626d7706babfe3496c4069ae0dbdb1a8c9d8b267
fe3c6dae3be80f62e074b2ffde516a6b1ce84364b48d6ce43078d11861cdb8bf
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

postosinai.headthink.info Open in urlscan Pro 66.42.116.97 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

19 Requests

100 %HTTPS

25 %IPv6

3 Domains

4 Subdomains

4 IPs

2 Countries

1093 kBTransfer

1168 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

1 Cookies

2 Console Messages

Indicators

postosinai.headthink.info Open in urlscan Pro
66.42.116.97 Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

100 %
HTTPS

25 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

1093 kB
Transfer

1168 kB
Size

1
Cookies

19 HTTP transactions
0 data transactions