URL: https://www.gtsdicosta.it/modules/update/confirm/xaufi/
Submission: On May 14 via automatic, source phishtank

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 7 HTTP transactions. The main IP is 178.255.72.78, located in Italy and belongs to ASN-IDC T.NO.OM.I.NC, IT. The main domain is www.gtsdicosta.it.
TLS certificate: Issued by Let's Encrypt Authority X3 on May 2nd 2019. Valid for: 3 months.
This is the only time www.gtsdicosta.it was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 178.255.72.78 20746 (ASN-IDC T...)
2 209.197.3.15 20446 (HIGHWINDS3)
7 2
Apex Domain
Subdomains
Transfer
5 gtsdicosta.it
www.gtsdicosta.it
41 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com
21 KB
7 2
Domain Requested by
5 www.gtsdicosta.it www.gtsdicosta.it
2 maxcdn.bootstrapcdn.com www.gtsdicosta.it
7 2

This site contains no links.

Subject Issuer Validity Valid
gtsdicosta.it
Let's Encrypt Authority X3
2019-05-02 -
2019-07-31
3 months crt.sh
*.bootstrapcdn.com
COMODO RSA Domain Validation Secure Server CA
2018-10-03 -
2019-10-12
a year crt.sh

This page contains 1 frames:

Primary Page: https://www.gtsdicosta.it/modules/update/confirm/xaufi/
Frame ID: 71AA8C44CDE1D3AF9D1C3ED766C94462
Requests: 7 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Overall confidence: 100%
Detected patterns
  • script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i

Page Statistics

7
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

62 kB
Transfer

240 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set /
www.gtsdicosta.it/modules/update/confirm/xaufi/
4 KB
2 KB
Document
General
Full URL
https://www.gtsdicosta.it/modules/update/confirm/xaufi/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.255.72.78 , Italy, ASN20746 (ASN-IDC T.NO.OM.I.NC, IT),
Reverse DNS
easy-bit.ro
Software
Apache / PHP/7.0.33 PleskLin
Resource Hash
d10a565ce2ad8a24d17bac548af2c3092b5f1d1e5438c56f459fe00db3dd1727
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Host
www.gtsdicosta.it
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 14 May 2019 22:56:41 GMT
Server
Apache
X-Powered-By
PHP/7.0.33 PleskLin
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Set-Cookie
PHPSESSID=qrgj726k0d6mqdu76k51mj2fq5; path=/
X-Content-Type-Options
nosniff
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1262
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.1.3/css/
138 KB
21 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min.css
Requested by
Host: www.gtsdicosta.it
URL: https://www.gtsdicosta.it/modules/update/confirm/xaufi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip0x00f.map2.ssl.hwcdn.net
Software
/
Resource Hash
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11

Request headers

Referer
https://www.gtsdicosta.it/modules/update/confirm/xaufi/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 14 May 2019 22:56:41 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:34:11 GMT
access-control-allow-origin
*
etag
"1544639651"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
status
200
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
21050
bootstrap-theme.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.1.3/css/
0
0
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap-theme.min.css
Requested by
Host: www.gtsdicosta.it
URL: https://www.gtsdicosta.it/modules/update/confirm/xaufi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip0x00f.map2.ssl.hwcdn.net
Software
/
Resource Hash

Request headers

Referer
https://www.gtsdicosta.it/modules/update/confirm/xaufi/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

access-control-allow-origin
*
login.css
www.gtsdicosta.it/modules/update/confirm/xaufi/css/
7 KB
2 KB
Stylesheet
General
Full URL
https://www.gtsdicosta.it/modules/update/confirm/xaufi/css/login.css
Requested by
Host: www.gtsdicosta.it
URL: https://www.gtsdicosta.it/modules/update/confirm/xaufi/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.255.72.78 , Italy, ASN20746 (ASN-IDC T.NO.OM.I.NC, IT),
Reverse DNS
easy-bit.ro
Software
Apache / PleskLin
Resource Hash
20b52337eca231ac673f90ea4dd1c7923e4431c30a2d4aa9866dfc663206594a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gtsdicosta.it/modules/update/confirm/xaufi/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 14 May 2019 22:56:41 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 25 Apr 2019 14:33:34 GMT
Server
Apache
X-Powered-By
PleskLin
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1776
ETag
"1c84-5875bb3ed4b80-gzip"
simple-php-captcha.php
www.gtsdicosta.it/modules/update/confirm/xaufi/cap/
4 KB
5 KB
Image
General
Full URL
https://www.gtsdicosta.it/modules/update/confirm/xaufi/cap/simple-php-captcha.php?_CAPTCHA&t=0.63096600+1557874601
Requested by
Host: www.gtsdicosta.it
URL: https://www.gtsdicosta.it/modules/update/confirm/xaufi/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.255.72.78 , Italy, ASN20746 (ASN-IDC T.NO.OM.I.NC, IT),
Reverse DNS
easy-bit.ro
Software
Apache / PHP/7.0.33, PleskLin
Resource Hash
4dd2f71deb6ebcbcd29f5e0fcd4de3f7e221e81485ef3a12221ef03eda9642d3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gtsdicosta.it/modules/update/confirm/xaufi/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 May 2019 22:56:42 GMT
X-Content-Type-Options
nosniff
Server
Apache
X-Powered-By
PHP/7.0.33, PleskLin
Transfer-Encoding
chunked
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Expires
Thu, 19 Nov 1981 08:52:00 GMT
lil.png
www.gtsdicosta.it/modules/update/confirm/xaufi/img/
3 KB
3 KB
Image
General
Full URL
https://www.gtsdicosta.it/modules/update/confirm/xaufi/img/lil.png
Requested by
Host: www.gtsdicosta.it
URL: https://www.gtsdicosta.it/modules/update/confirm/xaufi/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.255.72.78 , Italy, ASN20746 (ASN-IDC T.NO.OM.I.NC, IT),
Reverse DNS
easy-bit.ro
Software
Apache / PleskLin
Resource Hash
7b811580b665667021829e3f731caa0f794929e215402e2053b0366be24e8d17
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gtsdicosta.it/modules/update/confirm/xaufi/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 14 May 2019 22:56:42 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 25 Apr 2019 14:41:44 GMT
Server
Apache
X-Powered-By
PleskLin
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
2563
ETag
"a03-5875bd1221a00"
jquery-1.11.3.min.js
www.gtsdicosta.it/modules/update/confirm/xaufi/js/
85 KB
30 KB
Script
General
Full URL
https://www.gtsdicosta.it/modules/update/confirm/xaufi/js/jquery-1.11.3.min.js
Requested by
Host: www.gtsdicosta.it
URL: https://www.gtsdicosta.it/modules/update/confirm/xaufi/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.255.72.78 , Italy, ASN20746 (ASN-IDC T.NO.OM.I.NC, IT),
Reverse DNS
easy-bit.ro
Software
Apache / PleskLin
Resource Hash
4fe68fa216176e6d1f4580e924bafecc9f519984ecc06b1a840a08b0d88c95de
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gtsdicosta.it/modules/update/confirm/xaufi/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 14 May 2019 22:56:41 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 25 Apr 2019 14:33:34 GMT
Server
Apache
X-Powered-By
PleskLin
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
30325
ETag
"15394-5875bb3ed4b80-gzip"

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery

1 Cookies

Domain/Path Name / Value
www.gtsdicosta.it/ Name: PHPSESSID
Value: qrgj726k0d6mqdu76k51mj2fq5

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff