acordocorreto.com
Open in
urlscan Pro
172.67.168.174
Public Scan
Effective URL: https://acordocorreto.com/chat2/?page=home&a=B65F18C1F72227C95065773F9B309317D1EDD897SECURED19145965DCAC33E1C126D9FA11FB31...
Submission Tags: suspect
Submission: On June 15 via api from BR — Scanned from DE
Summary
TLS certificate: Issued by GTS CA 1P5 on May 24th 2024. Valid for: 3 months.
This is the only time acordocorreto.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2606:4700:303... 2606:4700:3032::ac43:d1b2 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 7 | 172.67.168.174 172.67.168.174 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a04:4e42:400... 2a04:4e42:400::485 | 54113 (FASTLY) (FASTLY) | |
8 | 3 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
acordocorreto.com
2 redirects
acordocorreto.com |
36 KB |
1 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 373 |
7 KB |
1 |
confirapass-acesso.site
1 redirects
confirapass-acesso.site |
464 B |
8 | 3 |
Domain | Requested by | |
---|---|---|
7 | acordocorreto.com |
2 redirects
acordocorreto.com
|
1 | cdn.jsdelivr.net |
acordocorreto.com
|
1 | confirapass-acesso.site | 1 redirects |
8 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
acordocorreto.com GTS CA 1P5 |
2024-05-24 - 2024-08-22 |
3 months | crt.sh |
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3 |
2023-09-27 - 2024-10-28 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://acordocorreto.com/chat2/?page=home&a=B65F18C1F72227C95065773F9B309317D1EDD897SECURED19145965DCAC33E1C126D9FA11FB3112B797D86ACCESS&b=C180B549596D79C924BC9DC333EA744DC111807ESECURE3C564597D1D2D35C4FEC6EC0D6E7E95A9D507C96ACCESS&c=B2B09B8D9FBC7939E566D05EC069CF51033CCD63SECURE90ACA094A68C432F2786A1A198B10BD2AF3B8E26ACCESS
Frame ID: 1FA105E82128D20BD2F4C0AB880AFBA4
Requests: 8 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://confirapass-acesso.site/
HTTP 307
https://confirapass-acesso.site/ HTTP 302
https://acordocorreto.com/funil/ HTTP 302
https://acordocorreto.com/chat2/ HTTP 302
https://acordocorreto.com/chat2/?page=home&a=B65F18C1F72227C95065773F9B309317D1EDD897SECURED19145965DC... Page URL
Detected technologies
jsDelivr (CDN) ExpandDetected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://confirapass-acesso.site/
HTTP 307
https://confirapass-acesso.site/ HTTP 302
https://acordocorreto.com/funil/ HTTP 302
https://acordocorreto.com/chat2/ HTTP 302
https://acordocorreto.com/chat2/?page=home&a=B65F18C1F72227C95065773F9B309317D1EDD897SECURED19145965DCAC33E1C126D9FA11FB3112B797D86ACCESS&b=C180B549596D79C924BC9DC333EA744DC111807ESECURE3C564597D1D2D35C4FEC6EC0D6E7E95A9D507C96ACCESS&c=B2B09B8D9FBC7939E566D05EC069CF51033CCD63SECURE90ACA094A68C432F2786A1A198B10BD2AF3B8E26ACCESS Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
8 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
Primary Request
/
acordocorreto.com/chat2/ Redirect Chain
|
50 KB 12 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
disable-devtool@latest
cdn.jsdelivr.net/npm/ |
17 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
serasa-logo.png
acordocorreto.com/chat2/images/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
modal-close-74f0df029374a2c330a1b9c1073e5ef4.svg
acordocorreto.com/chat2/images/ |
842 B 935 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
notiflix-aio-2.6.0.min.js.download
acordocorreto.com/chat2/main/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
acordocorreto.com/chat2/fonts/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
acordocorreto.com/chat2/fonts/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
KFOmCnqEu92Fr1Me5g.woff
acordocorreto.com/chat2/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- acordocorreto.com
- URL
- https://acordocorreto.com/chat2/images/serasa-logo.png
- Domain
- acordocorreto.com
- URL
- https://acordocorreto.com/chat2/fonts/KFOmCnqEu92Fr1Me5g.woff
Verdicts & Comments Add Verdict or Comment
2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
undefined| event object| fence0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
acordocorreto.com
cdn.jsdelivr.net
confirapass-acesso.site
acordocorreto.com
172.67.168.174
2606:4700:3032::ac43:d1b2
2a04:4e42:400::485
0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44
2a741550c18b132b0ef573f818fc79d6c09169be71d538b968ceac551c178ad3
3a0c13fe21698f7cb8145c8d1982f4eaf805ba617deff55ba223b15313696287
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855