antiaderentesespecias.com Open in urlscan Pro
198.12.245.157  Malicious Activity! Public Scan

URL: https://antiaderentesespecias.com/desk/endereco.php?enc=
Submission: On May 23 via automatic, source phishtank

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 20 HTTP transactions. The main IP is 198.12.245.157, located in Scottsdale, United States and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is antiaderentesespecias.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on May 22nd 2020. Valid for: 2 years.
This is the only time antiaderentesespecias.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Casas Bahia (Banking)

Domain & IP information

IP Address AS Autonomous System
9 198.12.245.157 26496 (AS-26496-...)
9 2.21.38.152 20940 (AKAMAI-ASN1)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2606:4700::68... 13335 (CLOUDFLAR...)
20 4
Domain Requested by
9 carrinho.casasbahia.com.br antiaderentesespecias.com
9 antiaderentesespecias.com antiaderentesespecias.com
1 cdn.jsdelivr.net antiaderentesespecias.com
1 code.jquery.com antiaderentesespecias.com
20 4
Subject Issuer Validity Valid
antiaderentesespecias.com
Go Daddy Secure Certificate Authority - G2
2020-05-22 -
2022-05-17
2 years crt.sh
*.casasbahia.com.br
DigiCert SHA2 Secure Server CA
2019-12-02 -
2021-03-02
a year crt.sh
jquery.org
COMODO RSA Domain Validation Secure Server CA
2018-10-17 -
2020-10-16
2 years crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2
2020-04-06 -
2020-10-09
6 months crt.sh

This page contains 2 frames:

Primary Page: https://antiaderentesespecias.com/desk/endereco.php?enc=
Frame ID: F95277CF04C5B6E921989A79B938F19E
Requests: 19 HTTP requests in this frame

Frame: https://antiaderentesespecias.com/desk/endereco_files/anchor.html
Frame ID: 718F6FFB708C774F420B3CB6928FAF7E
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i

Overall confidence: 100%
Detected patterns
  • headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

20
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

153 kB
Transfer

611 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request endereco.php
antiaderentesespecias.com/desk/
51 KB
12 KB
Document
General
Full URL
https://antiaderentesespecias.com/desk/endereco.php?enc=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.12.245.157 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-198-12-245-157.ip.secureserver.net
Software
Apache/2.4.41 (cPanel) OpenSSL/1.1.1d mod_bwlimited/1.4 Phusion_Passenger/5.3.7 / PHP/7.3.14
Resource Hash
87b1f5a8cdf0f1b0ef84a711c65adc28e48635c62c132f01edc5c921d60c509c

Request headers

:method
GET
:authority
antiaderentesespecias.com
:scheme
https
:path
/desk/endereco.php?enc=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Sat, 23 May 2020 22:39:46 GMT
server
Apache/2.4.41 (cPanel) OpenSSL/1.1.1d mod_bwlimited/1.4 Phusion_Passenger/5.3.7
x-powered-by
PHP/7.3.14
vary
Accept-Encoding,User-Agent
content-encoding
gzip
content-length
12434
content-type
text/html; charset=UTF-8
jquery-ui-1.10.3.custom.css
carrinho.casasbahia.com.br/Content/css/
21 KB
4 KB
Stylesheet
General
Full URL
https://carrinho.casasbahia.com.br/Content/css/jquery-ui-1.10.3.custom.css
Requested by
Host: antiaderentesespecias.com
URL: https://antiaderentesespecias.com/desk/endereco.php?enc=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.38.152 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-21-38-152.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8c080379d528de1ba70472f789393ee4b764e5a02e9b59caa245c6ff20db1a45

Request headers

Referer
https://antiaderentesespecias.com/desk/endereco.php?enc=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 23 May 2020 22:39:46 GMT
content-encoding
gzip
x-powered-by
ASP.NET
status
200
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
3993
x-dynatrace
PT=211353327;PA=-1252515654;SP=Monitoring;PS=-2089771683
last-modified
Tue, 19 May 2020 22:08:40 GMT
server
Microsoft-IIS/10.0
etag
"0e442d2a2ed61:0"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=75988
x-server
FRONTADM-CB01
accept-ranges
bytes
checkout.css
carrinho.casasbahia.com.br/Content/CasasBahia/css/
234 KB
40 KB
Stylesheet
General
Full URL
https://carrinho.casasbahia.com.br/Content/CasasBahia/css/checkout.css
Requested by
Host: antiaderentesespecias.com
URL: https://antiaderentesespecias.com/desk/endereco.php?enc=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.38.152 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-21-38-152.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
489a43f34623782563f81209e00a76737436f7cea3294e91b99c8f7b3841e724

Request headers

Referer
https://antiaderentesespecias.com/desk/endereco.php?enc=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
6899
date
Sat, 23 May 2020 22:39:46 GMT
content-encoding
gzip
x-edgeconnect-midmile-rtt
0
x-powered-by
ASP.NET
status
200
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
40342
last-modified
Tue, 19 May 2020 22:08:40 GMT
server
Microsoft-IIS/10.0
etag
"0e442d2a2ed61:0"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=74188
x-server
FRONTADM-CB04
accept-ranges
bytes
tokenizacao.css
carrinho.casasbahia.com.br/Content/CasasBahia/css/
20 KB
4 KB
Stylesheet
General
Full URL
https://carrinho.casasbahia.com.br/Content/CasasBahia/css/tokenizacao.css
Requested by
Host: antiaderentesespecias.com
URL: https://antiaderentesespecias.com/desk/endereco.php?enc=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.38.152 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-21-38-152.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
84cb00424c5dae6743d76d836e27fbb3ff5a9cee5da6f1c0518bb1c48868a6a3

Request headers

Referer
https://antiaderentesespecias.com/desk/endereco.php?enc=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 23 May 2020 22:39:46 GMT
content-encoding
gzip
status
200
last-modified
Tue, 19 May 2020 22:08:40 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"0e442d2a2ed61:0"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=73703
x-server
FRONTADM-CB03
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
3804
thickbox.css
carrinho.casasbahia.com.br/Content/css/thickbox/
2 KB
1 KB
Stylesheet
General
Full URL
https://carrinho.casasbahia.com.br/Content/css/thickbox/thickbox.css
Requested by
Host: antiaderentesespecias.com
URL: https://antiaderentesespecias.com/desk/endereco.php?enc=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.38.152 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-21-38-152.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
19750c4cfaae04a9f4ee5435dd942bf7f707d98ae33af0ca09578d6ba3d047c4

Request headers

Referer
https://antiaderentesespecias.com/desk/endereco.php?enc=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 23 May 2020 22:39:46 GMT
content-encoding
gzip
status
200
last-modified
Tue, 19 May 2020 22:08:40 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"0e442d2a2ed61:0"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=71822
x-server
FRONTADM-CB05
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
814
express-delivery.svg
antiaderentesespecias.com/desk/endereco_files/
315 B
315 B
Image
General
Full URL
https://antiaderentesespecias.com/desk/endereco_files/express-delivery.svg
Requested by
Host: antiaderentesespecias.com
URL: https://antiaderentesespecias.com/desk/endereco.php?enc=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.12.245.157 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-198-12-245-157.ip.secureserver.net
Software
Apache/2.4.41 (cPanel) OpenSSL/1.1.1d mod_bwlimited/1.4 Phusion_Passenger/5.3.7 /
Resource Hash
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

Referer
https://antiaderentesespecias.com/desk/endereco.php?enc=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
404
date
Sat, 23 May 2020 22:39:46 GMT
server
Apache/2.4.41 (cPanel) OpenSSL/1.1.1d mod_bwlimited/1.4 Phusion_Passenger/5.3.7
content-length
315
content-type
text/html; charset=iso-8859-1
pick-up-store.svg
antiaderentesespecias.com/desk/endereco_files/
315 B
315 B
Image
General
Full URL
https://antiaderentesespecias.com/desk/endereco_files/pick-up-store.svg
Requested by
Host: antiaderentesespecias.com
URL: https://antiaderentesespecias.com/desk/endereco.php?enc=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.12.245.157 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-198-12-245-157.ip.secureserver.net
Software
Apache/2.4.41 (cPanel) OpenSSL/1.1.1d mod_bwlimited/1.4 Phusion_Passenger/5.3.7 /
Resource Hash
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

Referer
https://antiaderentesespecias.com/desk/endereco.php?enc=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
404
date
Sat, 23 May 2020 22:39:46 GMT
server
Apache/2.4.41 (cPanel) OpenSSL/1.1.1d mod_bwlimited/1.4 Phusion_Passenger/5.3.7
content-length
315
content-type
text/html; charset=iso-8859-1
retira-antifraude-entrega.jpg
antiaderentesespecias.com/desk/endereco_files/
315 B
315 B
Image
General
Full URL
https://antiaderentesespecias.com/desk/endereco_files/retira-antifraude-entrega.jpg
Requested by
Host: antiaderentesespecias.com
URL: https://antiaderentesespecias.com/desk/endereco.php?enc=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.12.245.157 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-198-12-245-157.ip.secureserver.net
Software
Apache/2.4.41 (cPanel) OpenSSL/1.1.1d mod_bwlimited/1.4 Phusion_Passenger/5.3.7 /
Resource Hash
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

Referer
https://antiaderentesespecias.com/desk/endereco.php?enc=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
404
date
Sat, 23 May 2020 22:39:46 GMT
server
Apache/2.4.41 (cPanel) OpenSSL/1.1.1d mod_bwlimited/1.4 Phusion_Passenger/5.3.7
content-length
315
content-type
text/html; charset=iso-8859-1
retira-lockers-endereco.jpg
antiaderentesespecias.com/desk/endereco_files/
315 B
315 B
Image
General
Full URL
https://antiaderentesespecias.com/desk/endereco_files/retira-lockers-endereco.jpg
Requested by
Host: antiaderentesespecias.com
URL: https://antiaderentesespecias.com/desk/endereco.php?enc=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.12.245.157 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-198-12-245-157.ip.secureserver.net
Software
Apache/2.4.41 (cPanel) OpenSSL/1.1.1d mod_bwlimited/1.4 Phusion_Passenger/5.3.7 /
Resource Hash
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

Referer
https://antiaderentesespecias.com/desk/endereco.php?enc=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
404
date
Sat, 23 May 2020 22:39:46 GMT
server
Apache/2.4.41 (cPanel) OpenSSL/1.1.1d mod_bwlimited/1.4 Phusion_Passenger/5.3.7
content-length
315
content-type
text/html; charset=iso-8859-1
retira-correio-endereco.jpg
antiaderentesespecias.com/desk/endereco_files/
315 B
315 B
Image
General
Full URL
https://antiaderentesespecias.com/desk/endereco_files/retira-correio-endereco.jpg
Requested by
Host: antiaderentesespecias.com
URL: https://antiaderentesespecias.com/desk/endereco.php?enc=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.12.245.157 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-198-12-245-157.ip.secureserver.net
Software
Apache/2.4.41 (cPanel) OpenSSL/1.1.1d mod_bwlimited/1.4 Phusion_Passenger/5.3.7 /
Resource Hash
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

Referer
https://antiaderentesespecias.com/desk/endereco.php?enc=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
404
date
Sat, 23 May 2020 22:39:46 GMT
server
Apache/2.4.41 (cPanel) OpenSSL/1.1.1d mod_bwlimited/1.4 Phusion_Passenger/5.3.7
content-length
315
content-type
text/html; charset=iso-8859-1
regular-delivery.svg
carrinho.casasbahia.com.br/Content/img/Entrega/
0
0
Image
General
Full URL
https://carrinho.casasbahia.com.br/Content/img/Entrega/regular-delivery.svg
Requested by
Host: antiaderentesespecias.com
URL: https://antiaderentesespecias.com/desk/endereco.php?enc=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.38.152 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-21-38-152.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://antiaderentesespecias.com/desk/endereco.php?enc=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

schedule-delivery.svg
antiaderentesespecias.com/desk/endereco_files/
315 B
315 B
Image
General
Full URL
https://antiaderentesespecias.com/desk/endereco_files/schedule-delivery.svg
Requested by
Host: antiaderentesespecias.com
URL: https://antiaderentesespecias.com/desk/endereco.php?enc=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.12.245.157 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-198-12-245-157.ip.secureserver.net
Software
Apache/2.4.41 (cPanel) OpenSSL/1.1.1d mod_bwlimited/1.4 Phusion_Passenger/5.3.7 /
Resource Hash
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

Referer
https://antiaderentesespecias.com/desk/endereco.php?enc=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
404
date
Sat, 23 May 2020 22:39:46 GMT
server
Apache/2.4.41 (cPanel) OpenSSL/1.1.1d mod_bwlimited/1.4 Phusion_Passenger/5.3.7
content-length
315
content-type
text/html; charset=iso-8859-1
anchor.html
antiaderentesespecias.com/desk/endereco_files/ Frame 718F
315 B
343 B
Document
General
Full URL
https://antiaderentesespecias.com/desk/endereco_files/anchor.html
Requested by
Host: antiaderentesespecias.com
URL: https://antiaderentesespecias.com/desk/endereco.php?enc=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.12.245.157 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-198-12-245-157.ip.secureserver.net
Software
Apache/2.4.41 (cPanel) OpenSSL/1.1.1d mod_bwlimited/1.4 Phusion_Passenger/5.3.7 /
Resource Hash
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

:method
GET
:authority
antiaderentesespecias.com
:scheme
https
:path
/desk/endereco_files/anchor.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://antiaderentesespecias.com/desk/endereco.php?enc=
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://antiaderentesespecias.com/desk/endereco.php?enc=

Response headers

status
404
date
Sat, 23 May 2020 22:39:46 GMT
server
Apache/2.4.41 (cPanel) OpenSSL/1.1.1d mod_bwlimited/1.4 Phusion_Passenger/5.3.7
content-length
315
content-type
text/html; charset=iso-8859-1
jquery-3.4.1.js
code.jquery.com/
274 KB
81 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.4.1.js
Requested by
Host: antiaderentesespecias.com
URL: https://antiaderentesespecias.com/desk/endereco.php?enc=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
5a93a88493aa32aab228bf4571c01207d3b42b0002409a454d404b4d8395bd55

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://antiaderentesespecias.com/desk/endereco.php?enc=
Origin
https://antiaderentesespecias.com

Response headers

Date
Sat, 23 May 2020 22:39:46 GMT
Content-Encoding
gzip
Last-Modified
Wed, 01 May 2019 21:14:27 GMT
Server
nginx
ETag
W/"5cca0c33-4472c"
Vary
Accept-Encoding
X-HW
1590273586.dop138.fr8.t,1590273586.cds158.fr8.shn,1590273586.cds158.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
82889
js.cookie.min.js
cdn.jsdelivr.net/npm/js-cookie@beta/dist/
1 KB
1 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/js-cookie@beta/dist/js.cookie.min.js
Requested by
Host: antiaderentesespecias.com
URL: https://antiaderentesespecias.com/desk/endereco.php?enc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96f171604e284998042d56431b61046bf7fdc32fd29c5fa399702d03299a7966
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://antiaderentesespecias.com/desk/endereco.php?enc=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 23 May 2020 22:39:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1863
x-cache
HIT
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id
02e54a4e8d00009ace3cbb2200000001
x-served-by
cache-fra19179-FRA
timing-allow-origin
*
server
cloudflare
etag
W/"5de-umxYiZHe1aDZ+J/AVp+cMSpsIxY"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
5982465daa8b9ace-FRA
real.js
antiaderentesespecias.com/global/
1 KB
698 B
Script
General
Full URL
https://antiaderentesespecias.com/global/real.js
Requested by
Host: antiaderentesespecias.com
URL: https://antiaderentesespecias.com/desk/endereco.php?enc=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.12.245.157 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-198-12-245-157.ip.secureserver.net
Software
Apache/2.4.41 (cPanel) OpenSSL/1.1.1d mod_bwlimited/1.4 Phusion_Passenger/5.3.7 /
Resource Hash
5015c976a5e14a30cd1796688d050d84d258eab0466404dfbff45b2c2d197edb

Request headers

Referer
https://antiaderentesespecias.com/desk/endereco.php?enc=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 23 May 2020 22:39:46 GMT
content-encoding
gzip
last-modified
Mon, 04 May 2020 02:59:30 GMT
server
Apache/2.4.41 (cPanel) OpenSSL/1.1.1d mod_bwlimited/1.4 Phusion_Passenger/5.3.7
etag
"400076-50b-5a4c9b83de880-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
594
logo-bahia.png
carrinho.casasbahia.com.br/App_Themes/CasasBahia/img/header/
4 KB
4 KB
Image
General
Full URL
https://carrinho.casasbahia.com.br/App_Themes/CasasBahia/img/header/logo-bahia.png
Requested by
Host: antiaderentesespecias.com
URL: https://antiaderentesespecias.com/desk/endereco.php?enc=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.38.152 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-21-38-152.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
a4e5b2f709e5de04b3c8a74796e7e325aae068f70d7c49299ba55556e5403459

Request headers

Referer
https://carrinho.casasbahia.com.br/Content/CasasBahia/css/checkout.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 23 May 2020 22:39:46 GMT
x-exc-imdebug2
last-modified
Fri, 22 May 2020 14:54:30 GMT
server
Akamai Image Manager
etag
"02979835bd6d31:0"
x-exc-imdebug1
status
200
content-type
image/webp
access-control-allow-origin
*
cache-control
private, no-transform, max-age=62520
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
3854
expires
Sun, 24 May 2020 16:01:46 GMT
icon-atendimento-menu.png
carrinho.casasbahia.com.br/App_Themes/CasasBahia/img/
456 B
727 B
Image
General
Full URL
https://carrinho.casasbahia.com.br/App_Themes/CasasBahia/img/icon-atendimento-menu.png
Requested by
Host: antiaderentesespecias.com
URL: https://antiaderentesespecias.com/desk/endereco.php?enc=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.38.152 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-21-38-152.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
f4b2562b2c8274db1e2edf4e25b6384fb6198a4549e3f65468ced880bb992422

Request headers

Referer
https://carrinho.casasbahia.com.br/Content/CasasBahia/css/checkout.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 23 May 2020 22:39:46 GMT
x-exc-imdebug2
last-modified
Fri, 22 May 2020 15:04:53 GMT
server
Akamai Image Manager
etag
"13d0a489ffcbd11:0"
x-exc-imdebug1
status
200
content-type
image/webp
access-control-allow-origin
*
cache-control
private, no-transform, max-age=65053
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
456
expires
Sun, 24 May 2020 16:43:59 GMT
icon-meus-pedidos-menu.png
carrinho.casasbahia.com.br/App_Themes/CasasBahia/img/
202 B
500 B
Image
General
Full URL
https://carrinho.casasbahia.com.br/App_Themes/CasasBahia/img/icon-meus-pedidos-menu.png
Requested by
Host: antiaderentesespecias.com
URL: https://antiaderentesespecias.com/desk/endereco.php?enc=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.38.152 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-21-38-152.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
9dbf98ebb6a6541767d9ca67e7ecb0c1cf722f1e40977c031274dca700da0354

Request headers

Referer
https://carrinho.casasbahia.com.br/Content/CasasBahia/css/checkout.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 23 May 2020 22:39:46 GMT
x-exc-imdebug2
x-check-cacheable
YES
server
Akamai Image Manager
etag
"1bcb7329ffcbd11:0"
x-serial
383
status
200
content-type
image/webp
access-control-allow-origin
*
cache-control
private, no-transform, max-age=61241
last-modified
Fri, 22 May 2020 14:30:20 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
202
x-exc-imdebug1
expires
Sun, 24 May 2020 15:40:27 GMT
icon-secure.png
carrinho.casasbahia.com.br/App_Themes/CasasBahia/img/
274 B
573 B
Image
General
Full URL
https://carrinho.casasbahia.com.br/App_Themes/CasasBahia/img/icon-secure.png
Requested by
Host: antiaderentesespecias.com
URL: https://antiaderentesespecias.com/desk/endereco.php?enc=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.38.152 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-21-38-152.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
1572df9c329b9da18dbed8f877123a00d33a446b9fe47986f70911590c806c03

Request headers

Referer
https://carrinho.casasbahia.com.br/Content/CasasBahia/css/checkout.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 23 May 2020 22:39:46 GMT
x-exc-imdebug2
x-check-cacheable
YES
server
Akamai Image Manager
etag
"4279cd210d2d11:0"
x-serial
459
status
200
content-type
image/webp
access-control-allow-origin
*
cache-control
private, no-transform, max-age=64293
last-modified
Fri, 22 May 2020 14:52:22 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
274
x-exc-imdebug1
expires
Sun, 24 May 2020 16:31:19 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Casas Bahia (Banking)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery object| Cookies function| redir function| cookie function| validaCPF

0 Cookies