edusa.educativo.gt Open in urlscan Pro
172.105.102.199 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://edusa.educativo.gt/
Effective URL:
https://edusa.educativo.gt/ui/
Submission: On October 07 via automatic, source certstream-suspicious (October 7th 2020, 2:36:34 pm UTC)

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 9 HTTP transactions. The main IP is 172.105.102.199, located in Toronto, Canada and belongs to LINODE-AP Linode, LLC, US. The main domain is edusa.educativo.gt.
TLS certificate: Issued by Let's Encrypt Authority X3 on October 7th 2020. Valid for: 3 months.

This is the only time edusa.educativo.gt was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 9	172.105.102.199 172.105.102.199	63949 (LINODE-AP...) (LINODE-AP Linode)
1	172.105.17.139 172.105.17.139	63949 (LINODE-AP...) (LINODE-AP Linode)
9	2

9 172.105.102.199 (Toronto, Canada) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li2115-199.members.linode.com

edusa.educativo.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.105.17.139 (Toronto, Canada)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1972-139.members.linode.com

adm.s4s.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	educativo.gt 1 redirects edusa.educativo.gt	356 KB
1	s4s.gt adm.s4s.gt	14 KB
9	2

	Domain	Requested by
9	edusa.educativo.gt	1 redirects edusa.educativo.gt
1	adm.s4s.gt	edusa.educativo.gt
9	2

This site contains no links.

Subject Issuer	Validity	Valid
edusa.educativo.gt Let's Encrypt Authority X3	`2020-10-07` - `2021-01-05`	3 months	crt.sh
adm.s4s.gt Let's Encrypt Authority X3	`2020-08-11` - `2020-11-09`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://edusa.educativo.gt/ui/
Frame ID: 2F124AD1DB039FC9DE9D0C4860FC5480
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://edusa.educativo.gt/ HTTP 302
https://edusa.educativo.gt/ui/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link [^>]+(?:\/([\d.]+)\/)?animate\.(?:min\.)?css/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

9
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

370 kB
Transfer

538 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://edusa.educativo.gt/ HTTP 302
https://edusa.educativo.gt/ui/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
edusa.educativo.gt/ui/
Redirect Chain

https://edusa.educativo.gt/
https://edusa.educativo.gt/ui/

4 KB
2 KB

122ms
121ms

Document
text/html

172.105.102.199
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL

https://edusa.educativo.gt/ui/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

172.105.102.199 Toronto, Canada, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

li2115-199.members.linode.com

Software

nginx /

Resource Hash

00079072b5ca4b2439c17e10a94f6a4b17e62374f319dae263cce08e799ae377

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: edusa.educativo.gt
:scheme: https
:path: /ui/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
server: nginx
date: Wed, 07 Oct 2020 14:36:16 GMT
content-type: text/html; charset=ISO-8859-1
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=v9br1g6bu2hrsev11mm1f72e7u; expires=Fri, 06-Nov-2020 14:36:16 GMT; Max-Age=2592000; path=/; secure; HttpOnly
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-encoding: gzip

Redirect headers

status: 302
server: nginx
date: Wed, 07 Oct 2020 14:36:16 GMT
content-type: text/html; charset=ISO-8859-1
location: ./ui/
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 bootstrap.min.css
edusa.educativo.gt/bower_components/bootstrap/dist/css/ 118 KB
25 KB 223ms
222ms Stylesheet
text/css 172.105.102.199
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL

https://edusa.educativo.gt/bower_components/bootstrap/dist/css/bootstrap.min.css

Requested by

Host: edusa.educativo.gt
URL: https://edusa.educativo.gt/ui/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

172.105.102.199 Toronto, Canada, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

li2115-199.members.linode.com

Software

nginx /

Resource Hash

eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://edusa.educativo.gt/ui/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 07 Oct 2020 14:36:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 09 Apr 2020 18:31:07 GMT
server: nginx
etag: W/"5e8f69eb-1d9ac"
x-frame-options: SAMEORIGIN
content-type: text/css
status: 200
x-xss-protection: 1; mode=block

GET
H2 200 font-awesome.min.css
edusa.educativo.gt/bower_components/font-awesome/css/ 30 KB
8 KB 231ms
229ms Stylesheet
text/css 172.105.102.199
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL

https://edusa.educativo.gt/bower_components/font-awesome/css/font-awesome.min.css

Requested by

Host: edusa.educativo.gt
URL: https://edusa.educativo.gt/ui/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

172.105.102.199 Toronto, Canada, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

li2115-199.members.linode.com

Software

nginx /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://edusa.educativo.gt/ui/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 07 Oct 2020 14:36:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 09 Apr 2020 18:31:57 GMT
server: nginx
etag: W/"5e8f6a1d-7918"
x-frame-options: SAMEORIGIN
content-type: text/css
status: 200
x-xss-protection: 1; mode=block

GET
H2 200 animate.min.css
edusa.educativo.gt/dist/css/ 57 KB
6 KB 233ms
232ms Stylesheet
text/css 172.105.102.199
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL

https://edusa.educativo.gt/dist/css/animate.min.css

Requested by

Host: edusa.educativo.gt
URL: https://edusa.educativo.gt/ui/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

172.105.102.199 Toronto, Canada, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

li2115-199.members.linode.com

Software

nginx /

Resource Hash

3c770e90f98eb21b0c042fafb49755af93306fbaf42e449524f94fae9fc83295

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://edusa.educativo.gt/ui/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 07 Oct 2020 14:36:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 09 Apr 2020 18:32:37 GMT
server: nginx
etag: W/"5e8f6a45-e311"
x-frame-options: SAMEORIGIN
content-type: text/css
status: 200
x-xss-protection: 1; mode=block

GET
H2 200 logo_sistema.jpg
edusa.educativo.gt/ui/imagenes_sistema/ 3 KB
4 KB 425ms
424ms Image
image/jpeg 172.105.102.199
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://edusa.educativo.gt/ui/imagenes_sistema/logo_sistema.jpg?v=2

Requested by

Host: edusa.educativo.gt
URL: https://edusa.educativo.gt/ui/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

172.105.102.199 Toronto, Canada, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

li2115-199.members.linode.com

Software

nginx /

Resource Hash

0e1c2fde20a0840d3a9cfde9a09850b692bf3d8294f2f0806467798c4d4c0172

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://edusa.educativo.gt/ui/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 07 Oct 2020 14:36:16 GMT
x-content-type-options: nosniff
last-modified: Mon, 20 Apr 2020 23:48:11 GMT
server: nginx
etag: "5e9e34bb-dde"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
status: 200
accept-ranges: bytes
content-length: 3550
x-xss-protection: 1; mode=block

GET
H2 200 s4s-p.png
adm.s4s.gt/ui/imagenes_sistema/ 14 KB
14 KB 477ms
120ms Image
image/png 172.105.17.139
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adm.s4s.gt/ui/imagenes_sistema/s4s-p.png
Requested by: Host: edusa.educativo.gt
URL: https://edusa.educativo.gt/ui/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 172.105.17.139 Toronto, Canada, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1972-139.members.linode.com
Software: nginx /
Resource Hash: 8841377e0d9333205eec18ba375bdaea75b1000563ee1db4e6d51c37b8b534ec

Request headers

Referer: https://edusa.educativo.gt/ui/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 07 Oct 2020 14:36:16 GMT
last-modified: Thu, 11 Jun 2020 16:50:37 GMT
server: nginx
etag: "5ee260dd-372b"
content-type: image/png
status: 200
accept-ranges: bytes
content-length: 14123

GET
H2 200 jquery.min.js Show response
edusa.educativo.gt/bower_components/jquery/dist/ 82 KB
83 KB 327ms
326ms Script
application/javascript 172.105.102.199
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL

https://edusa.educativo.gt/bower_components/jquery/dist/jquery.min.js

Requested by

Host: edusa.educativo.gt
URL: https://edusa.educativo.gt/ui/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

172.105.102.199 Toronto, Canada, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

li2115-199.members.linode.com

Software

nginx /

Resource Hash

22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://edusa.educativo.gt/ui/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 07 Oct 2020 14:36:16 GMT
x-content-type-options: nosniff
last-modified: Thu, 09 Apr 2020 18:32:05 GMT
server: nginx
etag: "5e8f6a25-1499c"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=iso-8859-1
status: 200
accept-ranges: bytes
content-length: 84380
x-xss-protection: 1; mode=block

GET
H2 200 bootstrap.min.js Show response
edusa.educativo.gt/bower_components/bootstrap/dist/js/ 36 KB
36 KB 425ms
424ms Script
application/javascript 172.105.102.199
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL

https://edusa.educativo.gt/bower_components/bootstrap/dist/js/bootstrap.min.js

Requested by

Host: edusa.educativo.gt
URL: https://edusa.educativo.gt/ui/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

172.105.102.199 Toronto, Canada, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

li2115-199.members.linode.com

Software

nginx /

Resource Hash

2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://edusa.educativo.gt/ui/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 07 Oct 2020 14:36:16 GMT
x-content-type-options: nosniff
last-modified: Thu, 09 Apr 2020 18:31:08 GMT
server: nginx
etag: "5e8f69ec-9004"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=iso-8859-1
status: 200
accept-ranges: bytes
content-length: 36868
x-xss-protection: 1; mode=block

GET
H2 200 bg-1.jpg
edusa.educativo.gt/ui/fondos/ 193 KB
193 KB 203ms
203ms Image
image/jpeg 172.105.102.199
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://edusa.educativo.gt/ui/fondos/bg-1.jpg

Requested by

Host: edusa.educativo.gt
URL: https://edusa.educativo.gt/ui/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

172.105.102.199 Toronto, Canada, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

li2115-199.members.linode.com

Software

nginx /

Resource Hash

e580bb67e8f6f5e286fc0620fbd8361e5a209413be6dd7e2f03394d7dc7f5ba7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://edusa.educativo.gt/ui/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 07 Oct 2020 14:36:16 GMT
x-content-type-options: nosniff
last-modified: Thu, 09 Apr 2020 19:06:32 GMT
server: nginx
etag: "5e8f7238-3026c"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
status: 200
accept-ranges: bytes
content-length: 197228
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			edusa.educativo.gt/	1970-01-19 13:44:33	Name: PHPSESSID Value: v9br1g6bu2hrsev11mm1f72e7u

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adm.s4s.gt
edusa.educativo.gt
172.105.102.199
172.105.17.139
00079072b5ca4b2439c17e10a94f6a4b17e62374f319dae263cce08e799ae377
0e1c2fde20a0840d3a9cfde9a09850b692bf3d8294f2f0806467798c4d4c0172
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
3c770e90f98eb21b0c042fafb49755af93306fbaf42e449524f94fae9fc83295
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8841377e0d9333205eec18ba375bdaea75b1000563ee1db4e6d51c37b8b534ec
e580bb67e8f6f5e286fc0620fbd8361e5a209413be6dd7e2f03394d7dc7f5ba7
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c

edusa.educativo.gt Open in urlscan Pro 172.105.102.199 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

9 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

370 kBTransfer

538 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

edusa.educativo.gt Open in urlscan Pro
172.105.102.199 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

370 kB
Transfer

538 kB
Size

1
Cookies

9 HTTP transactions
0 data transactions