cmp.itat.us Open in urlscan Pro
108.179.243.39 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://cmp.itat.us/
Submission Tags: @phishunt_io
Submission: On April 04 via api (April 4th 2024, 8:47:32 am UTC) from DE — Scanned from US

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 8 HTTP transactions. The main IP is 108.179.243.39, located in United States and belongs to NETWORK-SOLUTIONS-HOSTING, US. The main domain is cmp.itat.us.
TLS certificate: Issued by R3 on April 4th 2024. Valid for: 3 months.

This is the only time cmp.itat.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	108.179.243.39 108.179.243.39	19871 (NETWORK-S...) (NETWORK-SOLUTIONS-HOSTING)
2	23.217.45.147 23.217.45.147	16625 (AKAMAI-AS) (AKAMAI-AS)
8	3

5 108.179.243.39 (United States)

ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: 108-179-243-39.unifiedlayer.com

cmp.itat.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.217.45.147 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-217-45-147.deploy.static.akamaitechnologies.com

appsforoffice.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	itat.us cmp.itat.us	622 KB
2	microsoft.com appsforoffice.microsoft.com — Cisco Umbrella Rank: 1116	57 KB
0	oaspapps.com Failed telemetryservice.firstpartyapps.oaspapps.com Failed
8	3

	Domain	Requested by
5	cmp.itat.us	cmp.itat.us
2	appsforoffice.microsoft.com	cmp.itat.us appsforoffice.microsoft.com
0	telemetryservice.firstpartyapps.oaspapps.com Failed	appsforoffice.microsoft.com
8	3

This site contains no links.

Subject Issuer	Validity	Valid
cmp.itat.us R3	`2024-04-04` - `2024-07-03`	3 months	crt.sh
appsforoffice.microsoft.com Microsoft Azure ECC TLS Issuing CA 04	`2023-12-28` - `2024-12-22`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://cmp.itat.us/
Frame ID: CA57041ED79551FCA3CC264C239DA26B
Requests: 7 HTTP requests in this frame

Frame: https://telemetryservice.firstpartyapps.oaspapps.com/telemetryservice/telemetryproxy.html
Frame ID: 2E2C3C1992AFFD98397FCDA23ABA4919
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

CMP Online

Page Statistics

8
Requests

88 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

679 kB
Transfer

2214 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response cmp.itat.us/	523 B 435 B	752ms 111ms	Document text/html	108.179.243.39 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://cmp.itat.us/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 108.179.243.39 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS 108-179-243-39.unifiedlayer.com Software Apache / Resource Hash `aa4085f69035334cec10db317a1d7e09f4cbbe510d0cb451d00d492266c03421` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 accept-language en-US,en;q=0.9 sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers accept-ranges bytes content-encoding gzip content-length 319 content-type text/html date Thu, 04 Apr 2024 08:47:22 GMT last-modified Tue, 19 Dec 2023 21:35:42 GMT server Apache vary Accept-Encoding
GET H/1.1	200 OK	office.js Show response appsforoffice.microsoft.com/lib/1/hosted/	63 KB 20 KB	161ms 36ms	Script application/javascript	23.217.45.147 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://appsforoffice.microsoft.com/lib/1/hosted/office.js Requested by Host: cmp.itat.us URL: https://cmp.itat.us/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.217.45.147 Piscataway, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-217-45-147.deploy.static.akamaitechnologies.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `bde6b1b8b3741b710a0ab1e5057b15bd061c8fd143cd482effb4c7df3f2ec48c` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://cmp.itat.us/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 04 Apr 2024 08:47:22 GMT Content-Encoding gzip Last-Modified Mon, 25 Mar 2024 18:50:26 GMT Server Microsoft-IIS/10.0 ETag "05af4ce57eda1:0" X-Powered-By ASP.NET Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control public, max-age=6189 Connection keep-alive Accept-Ranges bytes Content-Length 19697
GET H2	200	vendor.0aa76ff2c2a1a1e9a38c.js Show response cmp.itat.us/	218 KB 89 KB	125ms 124ms	Script application/javascript	108.179.243.39 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://cmp.itat.us/vendor.0aa76ff2c2a1a1e9a38c.js Requested by Host: cmp.itat.us URL: https://cmp.itat.us/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 108.179.243.39 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS 108-179-243-39.unifiedlayer.com Software Apache / Resource Hash `8d33b08a959c2de4a019fcdfca85412b5c6667b057d3920aba442f4846dc47cc` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://cmp.itat.us/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 04 Apr 2024 08:47:22 GMT content-encoding gzip last-modified Tue, 19 Dec 2023 21:35:42 GMT server Apache accept-ranges bytes vary Accept-Encoding content-type application/javascript
GET H2	200	app.0aa76ff2c2a1a1e9a38c.js Show response cmp.itat.us/	2 MB 509 KB	370ms 367ms	Script application/javascript	108.179.243.39 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://cmp.itat.us/app.0aa76ff2c2a1a1e9a38c.js Requested by Host: cmp.itat.us URL: https://cmp.itat.us/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 108.179.243.39 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS 108-179-243-39.unifiedlayer.com Software Apache / Resource Hash `520e770d5cbce0a6db9f52b09c2a65cb36b7e58d4c52cf41642b6a945a903035` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://cmp.itat.us/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 04 Apr 2024 08:47:22 GMT content-encoding gzip last-modified Tue, 19 Dec 2023 21:35:42 GMT server Apache accept-ranges bytes vary Accept-Encoding content-type application/javascript
GET H/1.1	200 OK	o15apptofilemappingtable.js Show response appsforoffice.microsoft.com/lib/1/hosted/	167 KB 37 KB	123ms 44ms	Script application/javascript	23.217.45.147 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://appsforoffice.microsoft.com/lib/1/hosted/o15apptofilemappingtable.js Requested by Host: appsforoffice.microsoft.com URL: https://appsforoffice.microsoft.com/lib/1/hosted/office.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.217.45.147 Piscataway, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-217-45-147.deploy.static.akamaitechnologies.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `2cf6e909da5391f513f14379c3ba86fe888f083d9f8205bcc7bd91cde3d9b522` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://cmp.itat.us/ Origin https://cmp.itat.us accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 04 Apr 2024 08:47:22 GMT Content-Encoding gzip Last-Modified Mon, 25 Mar 2024 18:50:26 GMT Server Microsoft-IIS/10.0 ETag "05af4ce57eda1:0" X-Powered-By ASP.NET Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control public, max-age=3072 Connection keep-alive Accept-Ranges bytes Content-Length 37609
GET H2	200	CMPIcon-logo-color.png cmp.itat.us/assets/	23 KB 23 KB	74ms 65ms	Image image/png	108.179.243.39 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Show image Full URL https://cmp.itat.us/assets/CMPIcon-logo-color.png Requested by Host: cmp.itat.us URL: https://cmp.itat.us/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 108.179.243.39 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS 108-179-243-39.unifiedlayer.com Software Apache / Resource Hash `e6f395355b36deda640d1362e95f056754cd68f761e5e39f6c127e52127b625c` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://cmp.itat.us/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 04 Apr 2024 08:47:24 GMT last-modified Tue, 19 Dec 2023 21:35:42 GMT server Apache accept-ranges bytes content-length 23714 content-type image/png
GET H2	404	favicon.ico cmp.itat.us/	746 B 540 B	69ms 64ms	Other text/html	108.179.243.39 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://cmp.itat.us/favicon.ico Protocol H2 Security TLS 1.3, , AES_256_GCM Server 108.179.243.39 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS 108-179-243-39.unifiedlayer.com Software Apache / Resource Hash `63c52aa99ca361b59a27e7f51fe5fadffef99e671f8b4f9560fab204219e0666` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://cmp.itat.us/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 04 Apr 2024 08:47:25 GMT content-encoding gzip last-modified Tue, 23 Aug 2022 13:38:15 GMT server Apache vary Accept-Encoding content-type text/html accept-ranges bytes content-length 462
GET		telemetryproxy.html telemetryservice.firstpartyapps.oaspapps.com/telemetryservice/ Frame 2E2C	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: telemetryservice.firstpartyapps.oaspapps.com
URL: https://telemetryservice.firstpartyapps.oaspapps.com/telemetryservice/telemetryproxy.html

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cmp.itat.us/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

appsforoffice.microsoft.com
cmp.itat.us
telemetryservice.firstpartyapps.oaspapps.com
telemetryservice.firstpartyapps.oaspapps.com
108.179.243.39
23.217.45.147
2cf6e909da5391f513f14379c3ba86fe888f083d9f8205bcc7bd91cde3d9b522
520e770d5cbce0a6db9f52b09c2a65cb36b7e58d4c52cf41642b6a945a903035
63c52aa99ca361b59a27e7f51fe5fadffef99e671f8b4f9560fab204219e0666
8d33b08a959c2de4a019fcdfca85412b5c6667b057d3920aba442f4846dc47cc
aa4085f69035334cec10db317a1d7e09f4cbbe510d0cb451d00d492266c03421
bde6b1b8b3741b710a0ab1e5057b15bd061c8fd143cd482effb4c7df3f2ec48c
e6f395355b36deda640d1362e95f056754cd68f761e5e39f6c127e52127b625c

cmp.itat.us Open in urlscan Pro 108.179.243.39 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

8 Requests

88 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

1 Countries

679 kBTransfer

2214 kBSize

0 Cookies

0 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

cmp.itat.us Open in urlscan Pro
108.179.243.39 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

88 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

679 kB
Transfer

2214 kB
Size

0
Cookies

8 HTTP transactions
0 data transactions