170.254.72.99 Open in urlscan Pro
170.254.72.99 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://170.254.72.99/
Effective URL:
http://170.254.72.99/login.html
Submission Tags: falconsandbox
Submission: On November 29 via api (November 29th 2021, 10:31:02 am UTC) from US — Scanned from DE

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 0 domains to perform 11 HTTP transactions. The main IP is 170.254.72.99, located in Trombas, Brazil and belongs to FIUZA INFORMATICA & TELECOMUNICACAO LTDA ME, BR. The main domain is 170.254.72.99.

This is the only time 170.254.72.99 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 12	170.254.72.99 170.254.72.99		263888 (FIUZA INF...) (FIUZA INFORMATICA & TELECOMUNICACAO LTDA ME)
11	1

12 170.254.72.99 (Trombas, Brazil) 1 redirects

ASN263888 (FIUZA INFORMATICA & TELECOMUNICACAO LTDA ME, BR)
PTR: 99.72.254.170.venonconnect.com

170.254.72.99	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	0

	Domain	Requested by
11	0

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 3 frames:

Primary Page: http://170.254.72.99/login.html
Frame ID: 4DD9A504237105F2348AEAC425FA3348
Requests: 1 HTTP requests in this frame

Frame: http://170.254.72.99/left.asp
Frame ID: 29DC3811F318548736BA7F06EE177425
Requests: 2 HTTP requests in this frame

Frame: http://170.254.72.99/login_inter.asp
Frame ID: BEDDFFD18E914998581D3649B3760BBE
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

welcome

Page URL History Show full URLs

http://170.254.72.99/ HTTP 302
http://170.254.72.99/login.html Page URL

Page Statistics

11
Requests

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

1
IPs

1
Countries

76 kB
Transfer

89 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://170.254.72.99/ HTTP 302
http://170.254.72.99/login.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.0	200 OK	Primary Request login.html Show response 170.254.72.99/ Redirect Chain http://170.254.72.99/ http://170.254.72.99/login.html	532 B 727 B	435ms 219ms	Document text/html	170.254.72.99 FIUZA INFORMATICA...
General Check archive.org Show headers Download Go to Full URL http://170.254.72.99/login.html Protocol HTTP/1.0 Server 170.254.72.99 Trombas, Brazil, ASN263888 (FIUZA INFORMATICA & TELECOMUNICACAO LTDA ME, BR), Reverse DNS 99.72.254.170.venonconnect.com Software GoAhead-Webs/2.5.0 PeerSec-MatrixSSL/3.4.2-OPEN / Resource Hash `78e9365eb6efb337787e4adf197f8ae7d1eb78ec86110109097860dfb4834e35` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Date Mon Nov 29 08:24:44 2021 Server GoAhead-Webs/2.5.0 PeerSec-MatrixSSL/3.4.2-OPEN Last-modified Mon Dec 19 09:18:05 2016 Content-length 532 Content-type text/html Redirect headers Server GoAhead-Webs/2.5.0 PeerSec-MatrixSSL/3.4.2-OPEN Date Mon Nov 29 08:24:43 2021 Pragma no-cache Cache-Control no-cache Content-Type text/html Location http://170.254.72.99/login.html
GET H/1.0	200 OK	left.asp Show response 170.254.72.99/ Frame 29DC	647 B 823 B	434ms 219ms	Document text/html	170.254.72.99 FIUZA INFORMATICA...
General Check archive.org Show headers Download Go to Full URL http://170.254.72.99/left.asp Requested by Host: 170.254.72.99 URL: http://170.254.72.99/login.html Protocol HTTP/1.0 Server 170.254.72.99 Trombas, Brazil, ASN263888 (FIUZA INFORMATICA & TELECOMUNICACAO LTDA ME, BR), Reverse DNS 99.72.254.170.venonconnect.com Software GoAhead-Webs/2.5.0 PeerSec-MatrixSSL/3.4.2-OPEN / Resource Hash `9286aa1f18e7e20384036797810a1b58c6571d5e108b2849254a01d4e6f15f4a` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://170.254.72.99/login.html Response headers Date Mon Nov 29 08:24:44 2021 Server GoAhead-Webs/2.5.0 PeerSec-MatrixSSL/3.4.2-OPEN Pragma no-cache Cache-Control no-cache Content-type text/html
GET H/1.0	200 OK	utils.js Show response 170.254.72.99/js/ Frame 29DC	18 KB 18 KB	434ms 219ms	Script application/x-javascript	170.254.72.99 FIUZA INFORMATICA...
General Check archive.org Show headers Download Go to Full URL http://170.254.72.99/js/utils.js Requested by Host: 170.254.72.99 URL: http://170.254.72.99/left.asp Protocol HTTP/1.0 Server 170.254.72.99 Trombas, Brazil, ASN263888 (FIUZA INFORMATICA & TELECOMUNICACAO LTDA ME, BR), Reverse DNS 99.72.254.170.venonconnect.com Software GoAhead-Webs/2.5.0 PeerSec-MatrixSSL/3.4.2-OPEN / Resource Hash `b4ef085a6287782f24b810e3101c7ad4f75072a5535779f22ea9d6701f85f1a3` Request headers Accept-Language de-DE,de;q=0.9 Referer http://170.254.72.99/left.asp User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Mon Nov 29 08:24:45 2021 Last-modified Mon Dec 19 09:18:04 2016 Server GoAhead-Webs/2.5.0 PeerSec-MatrixSSL/3.4.2-OPEN Content-length 18263 Content-type application/x-javascript
GET H/1.0	200 OK	login_inter.asp Show response 170.254.72.99/ Frame BEDD	10 KB 10 KB	435ms 220ms	Document text/html	170.254.72.99 FIUZA INFORMATICA...
General Check archive.org Show headers Download Go to Full URL http://170.254.72.99/login_inter.asp Requested by Host: 170.254.72.99 URL: http://170.254.72.99/js/utils.js Protocol HTTP/1.0 Server 170.254.72.99 Trombas, Brazil, ASN263888 (FIUZA INFORMATICA & TELECOMUNICACAO LTDA ME, BR), Reverse DNS 99.72.254.170.venonconnect.com Software GoAhead-Webs/2.5.0 PeerSec-MatrixSSL/3.4.2-OPEN / Resource Hash `9244bd9feb9fe9f8a0e22c5d19364a32e0e3bdd773ce231a4ecf18a7828820ba` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://170.254.72.99/login.html Response headers Date Mon Nov 29 08:24:46 2021 Server GoAhead-Webs/2.5.0 PeerSec-MatrixSSL/3.4.2-OPEN Pragma no-cache Cache-Control no-cache Content-type text/html
GET H/1.0	200 OK	b28n.js Show response 170.254.72.99/lang/ Frame BEDD	7 KB 7 KB	435ms 221ms	Script application/x-javascript	170.254.72.99 FIUZA INFORMATICA...
General Check archive.org Show headers Download Go to Full URL http://170.254.72.99/lang/b28n.js Requested by Host: 170.254.72.99 URL: http://170.254.72.99/login_inter.asp Protocol HTTP/1.0 Server 170.254.72.99 Trombas, Brazil, ASN263888 (FIUZA INFORMATICA & TELECOMUNICACAO LTDA ME, BR), Reverse DNS 99.72.254.170.venonconnect.com Software GoAhead-Webs/2.5.0 PeerSec-MatrixSSL/3.4.2-OPEN / Resource Hash `a66d9b4b1cde722a1aa05888f55330fbce4235d97b1919d99a9d711d29e6ce28` Request headers Accept-Language de-DE,de;q=0.9 Referer http://170.254.72.99/login_inter.asp User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Mon Nov 29 08:24:46 2021 Last-modified Mon Dec 19 09:18:05 2016 Server GoAhead-Webs/2.5.0 PeerSec-MatrixSSL/3.4.2-OPEN Content-length 6953 Content-type application/x-javascript
GET H/1.0	200 OK	checkValue.js Show response 170.254.72.99/js/ Frame BEDD	6 KB 7 KB	440ms 226ms	Script application/x-javascript	170.254.72.99 FIUZA INFORMATICA...
General Check archive.org Show headers Download Go to Full URL http://170.254.72.99/js/checkValue.js Requested by Host: 170.254.72.99 URL: http://170.254.72.99/login_inter.asp Protocol HTTP/1.0 Server 170.254.72.99 Trombas, Brazil, ASN263888 (FIUZA INFORMATICA & TELECOMUNICACAO LTDA ME, BR), Reverse DNS 99.72.254.170.venonconnect.com Software GoAhead-Webs/2.5.0 PeerSec-MatrixSSL/3.4.2-OPEN / Resource Hash `612c2d9224af88699f848d165d54035727e54e2ea8adad2b6dcd5d3be984786f` Request headers Accept-Language de-DE,de;q=0.9 Referer http://170.254.72.99/login_inter.asp User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Mon Nov 29 08:24:46 2021 Last-modified Mon Dec 19 09:18:04 2016 Server GoAhead-Webs/2.5.0 PeerSec-MatrixSSL/3.4.2-OPEN Content-length 6530 Content-type application/x-javascript
GET H/1.0	200 OK	utils.js Show response 170.254.72.99/js/ Frame BEDD	18 KB 18 KB	443ms 228ms	Script application/x-javascript	170.254.72.99 FIUZA INFORMATICA...
General Check archive.org Show headers Download Go to Full URL http://170.254.72.99/js/utils.js Requested by Host: 170.254.72.99 URL: http://170.254.72.99/login_inter.asp Protocol HTTP/1.0 Server 170.254.72.99 Trombas, Brazil, ASN263888 (FIUZA INFORMATICA & TELECOMUNICACAO LTDA ME, BR), Reverse DNS 99.72.254.170.venonconnect.com Software GoAhead-Webs/2.5.0 PeerSec-MatrixSSL/3.4.2-OPEN / Resource Hash `b4ef085a6287782f24b810e3101c7ad4f75072a5535779f22ea9d6701f85f1a3` Request headers Accept-Language de-DE,de;q=0.9 Referer http://170.254.72.99/login_inter.asp User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Mon Nov 29 08:24:46 2021 Last-modified Mon Dec 19 09:18:04 2016 Server GoAhead-Webs/2.5.0 PeerSec-MatrixSSL/3.4.2-OPEN Content-length 18263 Content-type application/x-javascript
GET H/1.0	200 OK	style.css 170.254.72.99/style/ Frame BEDD	6 KB 6 KB	431ms 219ms	Stylesheet text/css	170.254.72.99 FIUZA INFORMATICA...
General Check archive.org Show headers Download Go to Full URL http://170.254.72.99/style/style.css Requested by Host: 170.254.72.99 URL: http://170.254.72.99/login_inter.asp Protocol HTTP/1.0 Server 170.254.72.99 Trombas, Brazil, ASN263888 (FIUZA INFORMATICA & TELECOMUNICACAO LTDA ME, BR), Reverse DNS 99.72.254.170.venonconnect.com Software GoAhead-Webs/2.5.0 PeerSec-MatrixSSL/3.4.2-OPEN / Resource Hash `34805d91016b5fb787a23aa1ad6248d2e7423289d84efbcb1faddc384c650f23` Request headers Accept-Language de-DE,de;q=0.9 Referer http://170.254.72.99/login_inter.asp User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Mon Nov 29 08:24:46 2021 Last-modified Mon Dec 19 09:18:04 2016 Server GoAhead-Webs/2.5.0 PeerSec-MatrixSSL/3.4.2-OPEN Content-length 5759 Content-type text/css
GET H/1.0	200 OK	menu.xml Show response 170.254.72.99/lang/en/ Frame BEDD	7 KB 7 KB	431ms 218ms	XHR text/xml	170.254.72.99 FIUZA INFORMATICA...
General Check archive.org Show headers Download Go to Full URL http://170.254.72.99/lang/en/menu.xml Requested by Host: 170.254.72.99 URL: http://170.254.72.99/lang/b28n.js Protocol HTTP/1.0 Server 170.254.72.99 Trombas, Brazil, ASN263888 (FIUZA INFORMATICA & TELECOMUNICACAO LTDA ME, BR), Reverse DNS 99.72.254.170.venonconnect.com Software GoAhead-Webs/2.5.0 PeerSec-MatrixSSL/3.4.2-OPEN / Resource Hash `8a6e62cefaaa05f86f67dab1e90aceadba645313bac4d14df1726fc375f32978` Request headers Accept-Language de-DE,de;q=0.9 Referer http://170.254.72.99/login_inter.asp User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Mon Nov 29 08:24:47 2021 Last-modified Mon Dec 19 09:18:05 2016 Server GoAhead-Webs/2.5.0 PeerSec-MatrixSSL/3.4.2-OPEN Content-length 7300 Content-type text/xml
GET H/1.0	200 OK	background.png 170.254.72.99/images/ Frame BEDD	1 KB 1 KB	436ms 221ms	Image image/png	170.254.72.99 FIUZA INFORMATICA...
General Check archive.org Show headers Download Go to Show image Full URL http://170.254.72.99/images/background.png Requested by Host: 170.254.72.99 URL: http://170.254.72.99/login_inter.asp Protocol HTTP/1.0 Server 170.254.72.99 Trombas, Brazil, ASN263888 (FIUZA INFORMATICA & TELECOMUNICACAO LTDA ME, BR), Reverse DNS 99.72.254.170.venonconnect.com Software GoAhead-Webs/2.5.0 PeerSec-MatrixSSL/3.4.2-OPEN / Resource Hash `45a80ff945377d46f34100b22be6ea87e66e4ebf5a36b7c3aa1f541e1c037650` Request headers Accept-Language de-DE,de;q=0.9 Referer http://170.254.72.99/login_inter.asp User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Mon Nov 29 08:24:48 2021 Last-modified Mon Dec 19 09:18:04 2016 Server GoAhead-Webs/2.5.0 PeerSec-MatrixSSL/3.4.2-OPEN Content-length 1196 Content-type image/png
GET H/1.0	200 OK	login.png 170.254.72.99/images/ Frame BEDD	15 KB 0	442ms 226ms	Image image/png	170.254.72.99 FIUZA INFORMATICA...
General Check archive.org Show headers Download Go to Show image Full URL http://170.254.72.99/images/login.png Requested by Host: 170.254.72.99 URL: http://170.254.72.99/login_inter.asp Protocol HTTP/1.0 Server 170.254.72.99 Trombas, Brazil, ASN263888 (FIUZA INFORMATICA & TELECOMUNICACAO LTDA ME, BR), Reverse DNS 99.72.254.170.venonconnect.com Software GoAhead-Webs/2.5.0 PeerSec-MatrixSSL/3.4.2-OPEN / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer http://170.254.72.99/login_inter.asp User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Mon Nov 29 08:24:48 2021 Last-modified Mon Dec 19 09:18:04 2016 Server GoAhead-Webs/2.5.0 PeerSec-MatrixSSL/3.4.2-OPEN Content-length 225928 Content-type image/png

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
deprecation	warning	URL: http://170.254.72.99/lang/b28n.js(Line 100) Message: Synchronous XMLHttpRequest on the main thread is deprecated because of its detrimental effects to the end user's experience. For more help, check https://xhr.spec.whatwg.org/.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

170.254.72.99
34805d91016b5fb787a23aa1ad6248d2e7423289d84efbcb1faddc384c650f23
45a80ff945377d46f34100b22be6ea87e66e4ebf5a36b7c3aa1f541e1c037650
612c2d9224af88699f848d165d54035727e54e2ea8adad2b6dcd5d3be984786f
78e9365eb6efb337787e4adf197f8ae7d1eb78ec86110109097860dfb4834e35
8a6e62cefaaa05f86f67dab1e90aceadba645313bac4d14df1726fc375f32978
9244bd9feb9fe9f8a0e22c5d19364a32e0e3bdd773ce231a4ecf18a7828820ba
9286aa1f18e7e20384036797810a1b58c6571d5e108b2849254a01d4e6f15f4a
a66d9b4b1cde722a1aa05888f55330fbce4235d97b1919d99a9d711d29e6ce28
b4ef085a6287782f24b810e3101c7ad4f75072a5535779f22ea9d6701f85f1a3

170.254.72.99 Open in urlscan Pro 170.254.72.99 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

11 Requests

0 %HTTPS

0 %IPv6

0 Domains

0 Subdomains

1 IPs

1 Countries

76 kBTransfer

89 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

170.254.72.99 Open in urlscan Pro
170.254.72.99 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

1
IPs

1
Countries

76 kB
Transfer

89 kB
Size

0
Cookies

11 HTTP transactions
0 data transactions