camaleaoimoveis.com.br
Open in
urlscan Pro
177.53.143.104
Malicious Activity!
Public Scan
Submitted URL: http://camaleaoimoveis.com.br/wp-admin/maint/a/boc/
Effective URL: https://camaleaoimoveis.com.br/wp-admin/maint/a/boc/
Submission: On August 07 via manual from CY
Effective URL: https://camaleaoimoveis.com.br/wp-admin/maint/a/boc/
Submission: On August 07 via manual from CY
Summary
This website contacted 3 IPs
in 2 countries
across 2 domains to perform 13 HTTP transactions.
The main IP is 177.53.143.104, located in
Santos, Brazil and
belongs to Brasil Site Informatica LTDA, BR.
The main domain is camaleaoimoveis.com.br.
TLS certificate: Issued by R3 on August 4th 2021. Valid for: 3 months.
This is the only time camaleaoimoveis.com.br was scanned on urlscan.io!
TLS certificate: Issued by R3 on August 4th 2021. Valid for: 3 months.
This is the only time camaleaoimoveis.com.br was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Bank of Cyprus (Banking)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 12 | 177.53.143.104 177.53.143.104 | 53243 (Brasil Si...) (Brasil Site Informatica LTDA) | |
| 2 | 81.4.191.110 81.4.191.110 | 24655 (BOC-AS) (BOC-AS) | |
| 13 | 3 |
12
177.53.143.104
(Santos, Brazil)
ASN53243 (Brasil Site Informatica LTDA, BR)
PTR: cloud104.dadocloud.com.br
ASN53243 (Brasil Site Informatica LTDA, BR)
PTR: cloud104.dadocloud.com.br
| camaleaoimoveis.com.br |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 12 |
camaleaoimoveis.com.br
1 redirects
camaleaoimoveis.com.br |
341 KB |
| 2 |
bankofcyprus.com
online.bankofcyprus.com |
31 KB |
| 13 | 2 |
| Domain | Requested by | |
|---|---|---|
| 12 | camaleaoimoveis.com.br |
1 redirects
camaleaoimoveis.com.br
|
| 2 | online.bankofcyprus.com |
camaleaoimoveis.com.br
|
| 13 | 2 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| camaleaoimoveis.com.br R3 |
2021-08-04 - 2021-11-02 |
3 months | crt.sh |
| online.bankofcyprus.com Thawte EV RSA CA 2018 |
2020-12-02 - 2022-01-01 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://camaleaoimoveis.com.br/wp-admin/maint/a/boc/
Frame ID: D69CFE0D174205AA7F20DDBD5009CF60
Requests: 13 HTTP requests in this frame
Frame:
https://camaleaoimoveis.com.br/wp-admin/maint/a/boc/Bank%20Of%20Cyprus%20-%201Bank_files/nFnN1TlBM3ZiqLQFa06U.html
Frame ID: C0275B58750784B8BD4D20CEADAB95D3
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://camaleaoimoveis.com.br/wp-admin/maint/a/boc/
HTTP 301
https://camaleaoimoveis.com.br/wp-admin/maint/a/boc/ Page URL
Detected technologies
Windows Server
(Operating Systems)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
IIS
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Font Awesome
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://camaleaoimoveis.com.br/wp-admin/maint/a/boc/
HTTP 301
https://camaleaoimoveis.com.br/wp-admin/maint/a/boc/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
13 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
/
camaleaoimoveis.com.br/wp-admin/maint/a/boc/ Redirect Chain
|
10 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
RlIVZZZPJpEM5dN.css
camaleaoimoveis.com.br/wp-admin/maint/a/boc/Bank%20Of%20Cyprus%20-%201Bank_files/ |
166 B 576 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
skinning.ecss.faces
camaleaoimoveis.com.br/wp-admin/maint/a/boc/Bank%20Of%20Cyprus%20-%201Bank_files/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
navajo-responsive.css
camaleaoimoveis.com.br/wp-admin/maint/a/boc/Bank%20Of%20Cyprus%20-%201Bank_files/ |
227 KB 228 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
navajo-layout.css
camaleaoimoveis.com.br/wp-admin/maint/a/boc/Bank%20Of%20Cyprus%20-%201Bank_files/ |
411 B 821 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
font-awesome.css
camaleaoimoveis.com.br/wp-admin/maint/a/boc/Bank%20Of%20Cyprus%20-%201Bank_files/ |
33 KB 33 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
css
camaleaoimoveis.com.br/wp-admin/maint/a/boc/Bank%20Of%20Cyprus%20-%201Bank_files/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
loginSmallBanner-en.jpg
camaleaoimoveis.com.br/wp-admin/maint/a/boc/Bank%20Of%20Cyprus%20-%201Bank_files/ |
67 KB 67 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jHnKmVhR9u9G.gif
camaleaoimoveis.com.br/wp-admin/maint/a/boc/Bank%20Of%20Cyprus%20-%201Bank_files/ |
43 B 383 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
68 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
/
online.bankofcyprus.com/EKFoDc/ |
53 B 451 B |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
css
camaleaoimoveis.com.br/wp-admin/maint/a/boc/Bank%20Of%20Cyprus%20-%201Bank_files/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
nFnN1TlBM3ZiqLQFa06U.html
camaleaoimoveis.com.br/wp-admin/maint/a/boc/Bank%20Of%20Cyprus%20-%201Bank_files/ Frame C027 |
211 B 622 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
desktop.jpg
online.bankofcyprus.com/netteller-web/resources/images/Logo/ |
30 KB 31 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Bank of Cyprus (Banking)13 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated boolean| bLauNCTx0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Strict-Transport-Security | max-age=15768000; includeSubDomains |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
camaleaoimoveis.com.br
online.bankofcyprus.com
177.53.143.104
81.4.191.110
2431372a0aa89c31a7d26cd47fedd06412147d0070e3f1286693a1d69d53d3bc
2a0973cd8fc200b1e13a821a30e3042a7834c5c4fcf26fea54152cf7f9d69ded
2de673f2d2e5efeb272c71fff3f2df30f06d297a462009e02b0dd0916c3b61e6
433d4c8eb83f6fd3e06782a30dc516e3c373ec4dea2cc35af6a2bebd5b62dcfe
5f18709e59f9ce79e82636e952f14a6494aeaf481295006b6769d781236292cc
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6aef9bd67386bdd6d4ed375ae564848cf8ccdb037618d46e9df2397021ba9add
6e73875aa7e3a5a4ecee81775dd39ceff5da17707b5b71a570cd85ac1ed94475
afeb5cfe286828d3b33a22b35cd2d865eeea271adf9c379c68cdb2f9eebe88f5
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855