sitesegurobrasil.sbs Open in urlscan Pro
185.220.113.199 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://sitesegurobrasil.sbs/
Effective URL:
https://sitesegurobrasil.sbs/
Submission Tags: suspect
Submission: On May 09 via api (May 9th 2024, 6:37:23 pm UTC) from BR — Scanned from DE

Summary HTTP 9 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 9 HTTP transactions. The main IP is 185.220.113.199, located in Erbil, Iraq and belongs to ZANA-COMPANY, IQ. The main domain is sitesegurobrasil.sbs.
TLS certificate: Issued by R3 on May 9th 2024. Valid for: 3 months.

This is the only time sitesegurobrasil.sbs was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	185.220.113.199 185.220.113.199	205371 (ZANA-COMPANY) (ZANA-COMPANY)
1	2a09:8280:1::... 2a09:8280:1::2a:6f56:0	40509 (FLY) (FLY)
9	3

2 185.220.113.199 (Erbil, Iraq)

ASN205371 (ZANA-COMPANY, IQ)

sitesegurobrasil.sbs	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a09:8280:1::2a:6f56:0 (United States)

ASN40509 (FLY, US)

cdn.utmify.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	sitesegurobrasil.sbs sitesegurobrasil.sbs	14 KB
1	utmify.com.br cdn.utmify.com.br	2 KB
0	perfeito-seguro.online Failed perfeito-seguro.online Failed
9	3

	Domain	Requested by
2	sitesegurobrasil.sbs	sitesegurobrasil.sbs
1	cdn.utmify.com.br	sitesegurobrasil.sbs
0	perfeito-seguro.online Failed	sitesegurobrasil.sbs
9	3

This site contains links to these domains. Also see Links.

Domain
perfeito-seguro.online

Subject Issuer	Validity	Valid
sitesegurobrasil.sbs R3	`2024-05-09` - `2024-08-07`	3 months	crt.sh
cdn.utmify.com.br R3	`2024-04-12` - `2024-07-11`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://sitesegurobrasil.sbs/
Frame ID: 70E952E6AD3E9F60081DAAFFA673E481
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Fazer login - Serasa

Page URL History Show full URLs

http://sitesegurobrasil.sbs/ HTTP 307
https://sitesegurobrasil.sbs/ Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

9
Requests

33 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

16 kB
Transfer

78 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://perfeito-seguro.online/cadastrar?product=limpa-nome&redirectUrl=%2Flimpa-nome-online%2Farea-cliente&utm_source=&utm_campaign=rKm-km-rKm&utm_medium=&utm_content=&utm_term=&subid=&sid2=rKm-km-rKm&subid2=rKm-km-rKm&subid3=&subid4=&subid5=rKm-km-rKm&xcod=hQwK21wXxRrKm-km-rKmhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=hQwK21wXxRrKm-km-rKmhQwK21wXxRhQwK21wXxRhQwK21wXxR
Title: Criar uma conta

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://sitesegurobrasil.sbs/ HTTP 307
https://sitesegurobrasil.sbs/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response sitesegurobrasil.sbs/ Redirect Chain http://sitesegurobrasil.sbs/ https://sitesegurobrasil.sbs/	62 KB 10 KB	319ms 101ms	Document text/html	185.220.113.199 ZANA-COMPANY
General Check archive.org Show headers Download Go to Full URL https://sitesegurobrasil.sbs/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.220.113.199 Erbil, Iraq, ASN205371 (ZANA-COMPANY, IQ), Reverse DNS Software LiteSpeed / Resource Hash `6e79c1ad2f899268e1919c7a927190447d85548b150cde05b832e2eae281fe15` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0 referer https://www.google.com Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-encoding br content-length 10009 content-type text/html date Thu, 09 May 2024 18:37:18 GMT last-modified Sun, 21 Apr 2024 09:22:02 GMT server LiteSpeed vary Accept-Encoding Redirect headers Location https://sitesegurobrasil.sbs/ Non-Authoritative-Reason HttpsUpgrades
GET H2	200	latest.js Show response cdn.utmify.com.br/scripts/utms/	4 KB 2 KB	590ms 489ms	Script application/javascript	2a09:8280:1::2a:6f56:0 FLY
General Check archive.org Show headers Download Go to Full URL https://cdn.utmify.com.br/scripts/utms/latest.js Requested by Host: sitesegurobrasil.sbs URL: https://sitesegurobrasil.sbs/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a09:8280:1::2a:6f56:0 , United States, ASN40509 (FLY, US), Reverse DNS Software Fly/da08c35d (2024-05-07) / Express Resource Hash `f691e381f3fcf3fcd77889dcdd89f25cdc277198e8aea5de16adb90f551cd24d` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.google.com User-Agent Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0 Response headers date Thu, 09 May 2024 18:37:19 GMT content-encoding zstd via 2 fly.io last-modified Thu, 09 May 2024 18:06:09 GMT server Fly/da08c35d (2024-05-07) fly-request-id 01HXFAAG8H1N8HV9NJXTA8TB7P-ams x-powered-by Express etag W/"11cc-18f5e88b668" content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=0 access-control-allow-credentials true accept-ranges bytes
GET H2	200	logo.svg sitesegurobrasil.sbs/assets/	11 KB 4 KB	101ms 101ms	Image image/svg+xml	185.220.113.199 ZANA-COMPANY
General Check archive.org Show headers Download Go to Show image Full URL https://sitesegurobrasil.sbs/assets/logo.svg Requested by Host: sitesegurobrasil.sbs URL: https://sitesegurobrasil.sbs/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.220.113.199 Erbil, Iraq, ASN205371 (ZANA-COMPANY, IQ), Reverse DNS Software LiteSpeed / Resource Hash `85e0bc0b7974d457c038971216b1b1c87b83cfb9360f6dd50bb9916a20429189` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.google.com User-Agent Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0 Response headers date Thu, 09 May 2024 18:37:18 GMT content-encoding br last-modified Sun, 21 Apr 2024 09:22:03 GMT server LiteSpeed vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=604800 accept-ranges bytes content-length 3773 expires Thu, 16 May 2024 18:37:18 GMT
GET		index.html perfeito-seguro.online/www.serasa.com.br/assets/web/authorization-front/2.15.4/_next/static/images/modal-close-74f0df029374a2c330a1b9c1073e5ef4.svg/	0 0

GET		KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 perfeito-seguro.online/fonts.gstatic.com/s/roboto/v30/	0 0

GET		KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2 perfeito-seguro.online/fonts.gstatic.com/s/roboto/v30/	0 0

GET		KFOmCnqEu92Fr1Me5g.woff perfeito-seguro.online/fonts.gstatic.com/s/roboto/v30/	0 0

GET		KFOlCnqEu92Fr1MmWUlvAA.woff perfeito-seguro.online/fonts.gstatic.com/s/roboto/v30/	0 0

GET		favicon.ico perfeito-seguro.online/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: perfeito-seguro.online
URL: https://perfeito-seguro.online/www.serasa.com.br/assets/web/authorization-front/2.15.4/_next/static/images/modal-close-74f0df029374a2c330a1b9c1073e5ef4.svg/index.html

Domain: perfeito-seguro.online
URL: https://perfeito-seguro.online/fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Domain: perfeito-seguro.online
URL: https://perfeito-seguro.online/fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Domain: perfeito-seguro.online
URL: https://perfeito-seguro.online/fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Me5g.woff

Domain: perfeito-seguro.online
URL: https://perfeito-seguro.online/fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlvAA.woff

Domain: perfeito-seguro.online
URL: https://perfeito-seguro.online/favicon.ico

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| paramsList number| itemExpInDays

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://perfeito-seguro.online/www.serasa.com.br/assets/web/authorization-front/2.15.4/_next/static/images/modal-close-74f0df029374a2c330a1b9c1073e5ef4.svg/index.html Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://perfeito-seguro.online/fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://perfeito-seguro.online/fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Me5g.woff Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://perfeito-seguro.online/fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://perfeito-seguro.online/fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlvAA.woff Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://perfeito-seguro.online/favicon.ico Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.utmify.com.br
perfeito-seguro.online
sitesegurobrasil.sbs
perfeito-seguro.online
185.220.113.199
2a09:8280:1::2a:6f56:0
6e79c1ad2f899268e1919c7a927190447d85548b150cde05b832e2eae281fe15
85e0bc0b7974d457c038971216b1b1c87b83cfb9360f6dd50bb9916a20429189
f691e381f3fcf3fcd77889dcdd89f25cdc277198e8aea5de16adb90f551cd24d

sitesegurobrasil.sbs Open in urlscan Pro 185.220.113.199 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

9 Requests

33 %HTTPS

50 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

16 kBTransfer

78 kBSize

0 Cookies

1 Outgoing links

Page URL History

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

0 Cookies

6 Console Messages

Indicators

sitesegurobrasil.sbs Open in urlscan Pro
185.220.113.199 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

33 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

16 kB
Transfer

78 kB
Size

0
Cookies

9 HTTP transactions
0 data transactions