urlscan.io logo urlscan.io
SecurityTrails logo

www.it-supportdesk.com Open in urlscan Pro
63.35.253.68  Public Scan

Go To Rescan Add Verdict Report
URL: http://www.it-supportdesk.com/signin?t=eyJhbGciOiJIUzI1NiJ9.eyJ0cmFja2luZ190b2tlbiI6IjdmMzA4OTYxLTRlZWYtNDcxYy05YmQ3LTA4NjViOT...
Submission: On October 08 via automatic, source openphish
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 7 HTTP transactions. The main IP is 63.35.253.68, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is www.it-supportdesk.com.
This is the only time www.it-supportdesk.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 63.35.253.68 16509 (AMAZON-02)
6 192.0.66.2 2635 (AUTOMATTIC)
7 3
Apex Domain
Subdomains		 Transfer
6 sophos.com
staysafe.sophos.com
111 KB
1 it-supportdesk.com
www.it-supportdesk.com
49 KB
7 2
Domain Requested by
6 staysafe.sophos.com www.it-supportdesk.com
staysafe.sophos.com
1 www.it-supportdesk.com
7 2

This site contains links to these domains. Also see Links.

Domain
www.sophos.com
staysafe.sophos.com
Subject Issuer Validity Valid
dev.staysafe.sophos.com
Let's Encrypt Authority X3		 2020-09-06 -
2020-12-05		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://www.it-supportdesk.com/signin?t=eyJhbGciOiJIUzI1NiJ9.eyJ0cmFja2luZ190b2tlbiI6IjdmMzA4OTYxLTRlZWYtNDcxYy05YmQ3LTA4NjViOTg3OTU4MCIsImNlbGwiOiJodHRwczovL3V0MHA3amg4NGUuZXhlY3V0ZS1hcGkuZXUtY2VudHJhbC0xLmFtYXpvbmF3cy5jb20vcHJvZC9hcGkvcGhpc2hpbmdjYW1wYWlnbiIsImNhbXBhaWduX3Rva2VuIjoiZjBkMGI1NjEtNGU2Ny00NDAyLTk1ZGMtODVkNjAwOTY1YWJjIiwidGVzdF90b2tlbiI6ZmFsc2UsImV4dGVybmFsX3RyYWluaW5nIjpmYWxzZSwiaWF0IjoxNjAxOTc4Nzk1LCJpc3MiOiJodHRwczovL2FwcC5waGlzaHRocmVhdC5jb20iLCJleHAiOjE2MDk3NTQ3OTV9.gNsusgSB4NNvMx0A0b2zOJZjPSVUyEJxc7B0CEIJNZQ
Frame ID: CE6D3B73D0490A131DD5FA90D197F646
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

7
Requests

86 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

161 kB
Transfer

399 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set signin
www.it-supportdesk.com/ 		83 KB
49 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.it-supportdesk.com/signin?t=eyJhbGciOiJIUzI1NiJ9.eyJ0cmFja2luZ190b2tlbiI6IjdmMzA4OTYxLTRlZWYtNDcxYy05YmQ3LTA4NjViOTg3OTU4MCIsImNlbGwiOiJodHRwczovL3V0MHA3amg4NGUuZXhlY3V0ZS1hcGkuZXUtY2VudHJhbC0xLmFtYXpvbmF3cy5jb20vcHJvZC9hcGkvcGhpc2hpbmdjYW1wYWlnbiIsImNhbXBhaWduX3Rva2VuIjoiZjBkMGI1NjEtNGU2Ny00NDAyLTk1ZGMtODVkNjAwOTY1YWJjIiwidGVzdF90b2tlbiI6ZmFsc2UsImV4dGVybmFsX3RyYWluaW5nIjpmYWxzZSwiaWF0IjoxNjAxOTc4Nzk1LCJpc3MiOiJodHRwczovL2FwcC5waGlzaHRocmVhdC5jb20iLCJleHAiOjE2MDk3NTQ3OTV9.gNsusgSB4NNvMx0A0b2zOJZjPSVUyEJxc7B0CEIJNZQ
Protocol
HTTP/1.1
Server
63.35.253.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-35-253-68.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
35be4d288ebbbedfa0f2812155bf1b6d530d93a7bacf209950ae79f2ab2e0e3f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Host
www.it-supportdesk.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 08 Oct 2020 01:10:57 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Server
nginx/1.16.1
Set-Cookie
wordpress_sec_756c12a83cfbec080e0017373d6ae55f=7f308961-4eef-471c-9bd7-0865b9879580%7C1602292256%7CQWoT9fm7XOkzQUcudIwCeMJapkVluwi8I5M1cq0Q7Iq%7C084d47a44c6ec89c04cd9c928ab18b5acde3610da053510d9f51a74d06df1d44; secure; HttpOnly; path=/wp-content/plugins; SameSite=None wordpress_sec_756c12a83cfbec080e0017373d6ae55f=7f308961-4eef-471c-9bd7-0865b9879580%7C1602292256%7CQWoT9fm7XOkzQUcudIwCeMJapkVluwi8I5M1cq0Q7Iq%7C084d47a44c6ec89c04cd9c928ab18b5acde3610da053510d9f51a74d06df1d44; secure; HttpOnly; path=/wp-admin; SameSite=None wordpress_logged_in_756c12a83cfbec080e0017373d6ae55f=7f308961-4eef-471c-9bd7-0865b9879580%7C1602292256%7CQWoT9fm7XOkzQUcudIwCeMJapkVluwi8I5M1cq0Q7Iq%7C2058fae977121ef821b2ad5d8152983fae7a6e3ce0d5b03fd03175fea672311a; secure; HttpOnly; path=/; SameSite=None
Content-Encoding
gzip
X-rq
lhr1 96 227 3129
Age
0
X-Cache
miss
Accept-Ranges
bytes
Strict-Transport-Security
max-age=31536000
master.min.css
staysafe.sophos.com/_static/wp-content/themes/phishthreat/assets/css/ 		88 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://staysafe.sophos.com/_static/wp-content/themes/phishthreat/assets/css/master.min.css
Requested by
Host: www.it-supportdesk.com
URL: http://www.it-supportdesk.com/signin?t=eyJhbGciOiJIUzI1NiJ9.eyJ0cmFja2luZ190b2tlbiI6IjdmMzA4OTYxLTRlZWYtNDcxYy05YmQ3LTA4NjViOTg3OTU4MCIsImNlbGwiOiJodHRwczovL3V0MHA3amg4NGUuZXhlY3V0ZS1hcGkuZXUtY2VudHJhbC0xLmFtYXpvbmF3cy5jb20vcHJvZC9hcGkvcGhpc2hpbmdjYW1wYWlnbiIsImNhbXBhaWduX3Rva2VuIjoiZjBkMGI1NjEtNGU2Ny00NDAyLTk1ZGMtODVkNjAwOTY1YWJjIiwidGVzdF90b2tlbiI6ZmFsc2UsImV4dGVybmFsX3RyYWluaW5nIjpmYWxzZSwiaWF0IjoxNjAxOTc4Nzk1LCJpc3MiOiJodHRwczovL2FwcC5waGlzaHRocmVhdC5jb20iLCJleHAiOjE2MDk3NTQ3OTV9.gNsusgSB4NNvMx0A0b2zOJZjPSVUyEJxc7B0CEIJNZQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f1dd8f33178fc66764414b4552521f686c8c37dec7f8ffe0b255a66e1a81b246
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://www.it-supportdesk.com/signin?t=eyJhbGciOiJIUzI1NiJ9.eyJ0cmFja2luZ190b2tlbiI6IjdmMzA4OTYxLTRlZWYtNDcxYy05YmQ3LTA4NjViOTg3OTU4MCIsImNlbGwiOiJodHRwczovL3V0MHA3amg4NGUuZXhlY3V0ZS1hcGkuZXUtY2VudHJhbC0xLmFtYXpvbmF3cy5jb20vcHJvZC9hcGkvcGhpc2hpbmdjYW1wYWlnbiIsImNhbXBhaWduX3Rva2VuIjoiZjBkMGI1NjEtNGU2Ny00NDAyLTk1ZGMtODVkNjAwOTY1YWJjIiwidGVzdF90b2tlbiI6ZmFsc2UsImV4dGVybmFsX3RyYWluaW5nIjpmYWxzZSwiaWF0IjoxNjAxOTc4Nzk1LCJpc3MiOiJodHRwczovL2FwcC5waGlzaHRocmVhdC5jb20iLCJleHAiOjE2MDk3NTQ3OTV9.gNsusgSB4NNvMx0A0b2zOJZjPSVUyEJxc7B0CEIJNZQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 08 Oct 2020 01:10:57 GMT
content-encoding
gzip
x-rq
fra2 96 227 3129
last-modified
Thu, 08 Oct 2020 01:04:24 GMT
server
nginx
age
0
etag
W/"5f7e6598-160fd"
vary
Accept-Encoding
x-cache
miss
content-type
text/css
status
200
cache-control
max-age=31536000
strict-transport-security
max-age=31536000
accept-ranges
bytes
expires
Fri, 08 Oct 2021 01:10:57 GMT
truncated
/ 		60 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a602f802bfd833d475376a15a30d7c3b2b0bcb82d688735107c63af3b1812774

Request headers

Referer
http://www.it-supportdesk.com/signin?t=eyJhbGciOiJIUzI1NiJ9.eyJ0cmFja2luZ190b2tlbiI6IjdmMzA4OTYxLTRlZWYtNDcxYy05YmQ3LTA4NjViOTg3OTU4MCIsImNlbGwiOiJodHRwczovL3V0MHA3amg4NGUuZXhlY3V0ZS1hcGkuZXUtY2VudHJhbC0xLmFtYXpvbmF3cy5jb20vcHJvZC9hcGkvcGhpc2hpbmdjYW1wYWlnbiIsImNhbXBhaWduX3Rva2VuIjoiZjBkMGI1NjEtNGU2Ny00NDAyLTk1ZGMtODVkNjAwOTY1YWJjIiwidGVzdF90b2tlbiI6ZmFsc2UsImV4dGVybmFsX3RyYWluaW5nIjpmYWxzZSwiaWF0IjoxNjAxOTc4Nzk1LCJpc3MiOiJodHRwczovL2FwcC5waGlzaHRocmVhdC5jb20iLCJleHAiOjE2MDk3NTQ3OTV9.gNsusgSB4NNvMx0A0b2zOJZjPSVUyEJxc7B0CEIJNZQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
sophos-logo.png
staysafe.sophos.com/_static/wp-content/themes/phishthreat/assets/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://staysafe.sophos.com/_static/wp-content/themes/phishthreat/assets/images/sophos-logo.png
Requested by
Host: staysafe.sophos.com
URL: https://staysafe.sophos.com/_static/wp-content/themes/phishthreat/assets/css/master.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
5940cb8b477258b23e3d3e2136f22ec12ff9d26964e54e81a4d4582ceb032169
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://staysafe.sophos.com/_static/wp-content/themes/phishthreat/assets/css/master.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 08 Oct 2020 01:10:57 GMT
x-rq
fra2 102 214 3189
last-modified
Fri, 02 Oct 2020 18:04:25 GMT
server
nginx
age
0
etag
"5f776ba9-10dc"
strict-transport-security
max-age=31536000
x-cache
miss
content-type
image/png
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-length
4316
expires
Fri, 08 Oct 2021 01:10:57 GMT
secondary-logo.png
staysafe.sophos.com/_static/wp-content/themes/phishthreat/assets/images/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://staysafe.sophos.com/_static/wp-content/themes/phishthreat/assets/images/secondary-logo.png
Requested by
Host: staysafe.sophos.com
URL: https://staysafe.sophos.com/_static/wp-content/themes/phishthreat/assets/css/master.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
8a4007fcbdbb05010eeb3b8401048e2c6aef424ff851d25c8409ffe08eb6f526
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://staysafe.sophos.com/_static/wp-content/themes/phishthreat/assets/css/master.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 08 Oct 2020 01:10:57 GMT
x-rq
fra2 100 165 3100
last-modified
Wed, 07 Oct 2020 14:04:54 GMT
server
nginx
age
0
etag
"5f7dcb06-2fe0"
strict-transport-security
max-age=31536000
x-cache
miss
content-type
image/png
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-length
12256
expires
Fri, 08 Oct 2021 01:10:57 GMT
flama-book-webfont.ttf
staysafe.sophos.com/_static/wp-content/themes/phishthreat/assets/fonts/ 		50 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://staysafe.sophos.com/_static/wp-content/themes/phishthreat/assets/fonts/flama-book-webfont.ttf
Requested by
Host: staysafe.sophos.com
URL: https://staysafe.sophos.com/_static/wp-content/themes/phishthreat/assets/css/master.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
d088c5e7ccc85feda2e2f398f4188c8c49f6c0178e75e2e758f9a9c4e3fddff0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Origin
http://www.it-supportdesk.com
Referer
https://staysafe.sophos.com/_static/wp-content/themes/phishthreat/assets/css/master.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 08 Oct 2020 01:10:57 GMT
content-encoding
gzip
vary
Accept-Encoding
age
18718
x-cache
hit
status
200
content-length
26279
x-rq
fra1 100 165 3100
last-modified
Wed, 07 Oct 2020 14:04:54 GMT
server
nginx
etag
W/"5f7dcb06-c8f0"
strict-transport-security
max-age=31536000
access-control-allow-methods
GET, HEAD
content-type
application/font-ttf
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Fri, 08 Oct 2021 01:10:57 GMT
flama-light-webfont.ttf
staysafe.sophos.com/_static/wp-content/themes/phishthreat/assets/fonts/ 		50 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://staysafe.sophos.com/_static/wp-content/themes/phishthreat/assets/fonts/flama-light-webfont.ttf
Requested by
Host: staysafe.sophos.com
URL: https://staysafe.sophos.com/_static/wp-content/themes/phishthreat/assets/css/master.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1eee700208fddc9dbea7fd453e8a1dbaca020a9c0dedb43f985f3fd1ddcbda2d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Origin
http://www.it-supportdesk.com
Referer
https://staysafe.sophos.com/_static/wp-content/themes/phishthreat/assets/css/master.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 08 Oct 2020 01:10:57 GMT
content-encoding
gzip
vary
Accept-Encoding
age
0
x-cache
miss
status
200
x-rq
fra1 100 165 3100
last-modified
Wed, 07 Oct 2020 14:04:54 GMT
server
nginx
etag
W/"5f7dcb06-c918"
strict-transport-security
max-age=31536000
access-control-allow-methods
GET, HEAD
content-type
application/font-ttf
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Fri, 08 Oct 2021 01:10:57 GMT
flama-medium-webfont.ttf
staysafe.sophos.com/_static/wp-content/themes/phishthreat/assets/fonts/ 		51 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://staysafe.sophos.com/_static/wp-content/themes/phishthreat/assets/fonts/flama-medium-webfont.ttf
Requested by
Host: staysafe.sophos.com
URL: https://staysafe.sophos.com/_static/wp-content/themes/phishthreat/assets/css/master.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ec341c00863f513a04b66db10c2180649ab00b68275db6dcd7abdf6bd780b947
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Origin
http://www.it-supportdesk.com
Referer
https://staysafe.sophos.com/_static/wp-content/themes/phishthreat/assets/css/master.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 08 Oct 2020 01:10:57 GMT
content-encoding
gzip
vary
Accept-Encoding
age
0
x-cache
miss
status
200
x-rq
fra1 96 227 3129
last-modified
Thu, 08 Oct 2020 01:04:24 GMT
server
nginx
etag
W/"5f7e6598-ccf0"
strict-transport-security
max-age=31536000
access-control-allow-methods
GET, HEAD
content-type
application/font-ttf
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Fri, 08 Oct 2021 01:10:57 GMT

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000