portalbelavistense.com.br Open in urlscan Pro
189.90.130.152 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://cutt.ly/rFFyv1k
Effective URL:
https://portalbelavistense.com.br/wp-content/sbb/
Submission: On April 15 via manual (April 15th 2022, 2:09:42 am UTC) from PK — Scanned from DE

Summary HTTP 17 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 17 HTTP transactions. The main IP is 189.90.130.152, located in Franca, Brazil and belongs to Com4 Data Center Eireli, BR. The main domain is portalbelavistense.com.br.
TLS certificate: Issued by cPanel, Inc. Certification Authority on March 12th 2022. Valid for: 3 months.

This is the only time portalbelavistense.com.br was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: HSBC (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:10:... 2606:4700:10::ac43:8ee	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	189.90.130.152 189.90.130.152	28195 (Com4 Data...) (Com4 Data Center Eireli)
1	2606:4700::68... 2606:4700::6812:1634	() ()
17	2

1 2606:4700:10::ac43:8ee (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cutt.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 189.90.130.152 (Franca, Brazil)

ASN28195 (Com4 Data Center Eireli, BR)
PTR: cloud-cpanel-2.com4.com.br

portalbelavistense.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1634 (United States)

ASN- ()

pro.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	portalbelavistense.com.br portalbelavistense.com.br	526 KB
1	fontawesome.com pro.fontawesome.com — Cisco Umbrella Rank: 5595	29 KB
1	cutt.ly 1 redirects cutt.ly — Cisco Umbrella Rank: 67961	455 B
17	3

	Domain	Requested by
16	portalbelavistense.com.br	portalbelavistense.com.br
1	pro.fontawesome.com	portalbelavistense.com.br
1	cutt.ly	1 redirects
17	3

This site contains no links.

Subject Issuer	Validity	Valid
portalbelavistense.com.br cPanel, Inc. Certification Authority	`2022-03-12` - `2022-06-10`	3 months	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2021-12-01` - `2023-01-01`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://portalbelavistense.com.br/wp-content/sbb/
Frame ID: 3CF1F249E63F5E1CA72B0A2E37064E4C
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Log on to online banking: Username | SABB

Page URL History Show full URLs

https://cutt.ly/rFFyv1k HTTP 301
https://portalbelavistense.com.br/wp-content/sbb/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

17
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

555 kB
Transfer

674 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://cutt.ly/rFFyv1k HTTP 301
https://portalbelavistense.com.br/wp-content/sbb/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response portalbelavistense.com.br/wp-content/sbb/ Redirect Chain https://cutt.ly/rFFyv1k https://portalbelavistense.com.br/wp-content/sbb/	6 KB 6 KB	4338ms 256ms	Document text/html	189.90.130.152 Com4 Data Center ...
General Check archive.org Show headers Download Go to Full URL https://portalbelavistense.com.br/wp-content/sbb/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 189.90.130.152 Franca, Brazil, ASN28195 (Com4 Data Center Eireli, BR), Reverse DNS cloud-cpanel-2.com4.com.br Software Apache / PHP/7.4.28 Resource Hash `f9c6486b07840a6e401a436b84fb76e425bf305dd0443f49500d1637617b7d37` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-type text/html; charset=UTF-8 date Fri, 15 Apr 2022 02:09:19 GMT server Apache x-powered-by PHP/7.4.28 Redirect headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-cache, no-store, must-revalidate cf-cache-status DYNAMIC cf-ray 6fc12353dbce0f6a-MXP content-type text/html; charset=UTF-8 date Fri, 15 Apr 2022 02:09:14 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" expires Thu, 19 Nov 1981 08:52:00 GMT location https://portalbelavistense.com.br/wp-content/sbb/ pragma no-cache server cloudflare vary Accept-Encoding x-content-type-options nosniff x-frame-options SAMEORIGIN x-xss-protection 1; mode=block
GET H2	200	bootstrap.css portalbelavistense.com.br/wp-content/sbb/css/	188 KB 190 KB	229ms 228ms	Stylesheet text/css	189.90.130.152 Com4 Data Center ...
General Check archive.org Show headers Download Go to Full URL https://portalbelavistense.com.br/wp-content/sbb/css/bootstrap.css Requested by Host: portalbelavistense.com.br URL: https://portalbelavistense.com.br/wp-content/sbb/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 189.90.130.152 Franca, Brazil, ASN28195 (Com4 Data Center Eireli, BR), Reverse DNS cloud-cpanel-2.com4.com.br Software Apache / Resource Hash `98e83d9984650ba5490166476129ec0ae631dd146d6701c6027c5209854005f8` Request headers accept-language de-DE,de;q=0.9 Referer https://portalbelavistense.com.br/wp-content/sbb/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Fri, 15 Apr 2022 02:09:19 GMT last-modified Mon, 06 Dec 2021 10:36:22 GMT server Apache accept-ranges bytes content-length 192888 content-type text/css
GET H2	200	test.css portalbelavistense.com.br/wp-content/sbb/css/	1 KB 2 KB	230ms 229ms	Stylesheet text/css	189.90.130.152 Com4 Data Center ...
General Check archive.org Show headers Download Go to Full URL https://portalbelavistense.com.br/wp-content/sbb/css/test.css Requested by Host: portalbelavistense.com.br URL: https://portalbelavistense.com.br/wp-content/sbb/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 189.90.130.152 Franca, Brazil, ASN28195 (Com4 Data Center Eireli, BR), Reverse DNS cloud-cpanel-2.com4.com.br Software Apache / Resource Hash `f185c3b49c985c9be586c5ca1a4f4a4889083025e6f6c1f9e536d98255a1edf4` Request headers accept-language de-DE,de;q=0.9 Referer https://portalbelavistense.com.br/wp-content/sbb/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Fri, 15 Apr 2022 02:09:19 GMT last-modified Tue, 07 Dec 2021 09:04:50 GMT server Apache accept-ranges bytes content-length 1523 content-type text/css
GET H2	200	html5shiv.min.js Show response portalbelavistense.com.br/wp-content/sbb/js/	3 KB 3 KB	445ms 444ms	Script application/javascript	189.90.130.152 Com4 Data Center ...
General Check archive.org Show headers Download Go to Full URL https://portalbelavistense.com.br/wp-content/sbb/js/html5shiv.min.js Requested by Host: portalbelavistense.com.br URL: https://portalbelavistense.com.br/wp-content/sbb/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 189.90.130.152 Franca, Brazil, ASN28195 (Com4 Data Center Eireli, BR), Reverse DNS cloud-cpanel-2.com4.com.br Software Apache / Resource Hash `dc9cbf19b48bae0d28f72e59e67d6ec34ab1644087ec2e8e42954180d1586b48` Request headers accept-language de-DE,de;q=0.9 Referer https://portalbelavistense.com.br/wp-content/sbb/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Fri, 15 Apr 2022 02:09:19 GMT last-modified Tue, 22 Aug 2017 02:37:38 GMT server Apache accept-ranges bytes content-length 2730 content-type application/javascript
GET H2	200	respond.min.js Show response portalbelavistense.com.br/wp-content/sbb/js/	4 KB 5 KB	229ms 229ms	Script application/javascript	189.90.130.152 Com4 Data Center ...
General Check archive.org Show headers Download Go to Full URL https://portalbelavistense.com.br/wp-content/sbb/js/respond.min.js Requested by Host: portalbelavistense.com.br URL: https://portalbelavistense.com.br/wp-content/sbb/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 189.90.130.152 Franca, Brazil, ASN28195 (Com4 Data Center Eireli, BR), Reverse DNS cloud-cpanel-2.com4.com.br Software Apache / Resource Hash `1944a255577a8ed66ae984c6f6356281ff6f29dc84a2af6f1facf258c7dab62e` Request headers accept-language de-DE,de;q=0.9 Referer https://portalbelavistense.com.br/wp-content/sbb/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Fri, 15 Apr 2022 02:09:19 GMT last-modified Fri, 27 Jan 2017 09:50:18 GMT server Apache accept-ranges bytes content-length 4593 content-type application/javascript
GET H2	200	all.css pro.fontawesome.com/releases/v5.10.0/css/	153 KB 29 KB	686ms 626ms	Stylesheet text/css	2606:4700::6812:1634
General Check archive.org Show headers Download Go to Full URL https://pro.fontawesome.com/releases/v5.10.0/css/all.css Requested by Host: portalbelavistense.com.br URL: https://portalbelavistense.com.br/wp-content/sbb/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1634 , United States, ASN (), Reverse DNS Software cloudflare / Resource Hash `2af905d92cfd34b5413126a54f639da408166cbbcb54318e413ad5e10b5bf6ec` Request headers Referer https://portalbelavistense.com.br/ Origin https://portalbelavistense.com.br accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Fri, 15 Apr 2022 02:09:19 GMT content-encoding gzip vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding cf-cache-status MISS x-amz-request-id BNZHEGC3S3EX8W49 x-amz-id-2 ISEg51w1ZDNOLdRsoReltw0IqHl0gMz4ACkzpt4ZBRF+rjPRwBpdHNjW42ZaAfD51w0CCp/eAb4= last-modified Mon, 28 Jun 2021 16:54:32 GMT server cloudflare etag W/"aa1272633e7e552395d147a499bad186" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 3000 access-control-allow-methods GET content-type text/css access-control-allow-origin * cache-control max-age=31556926 cf-ray 6fc123702a0683b8-MXP
GET H2	200	logo.gif portalbelavistense.com.br/wp-content/sbb/image/	2 KB 2 KB	7218ms 7217ms	Image image/gif	189.90.130.152 Com4 Data Center ...
General Check archive.org Show headers Download Go to Show image Full URL https://portalbelavistense.com.br/wp-content/sbb/image/logo.gif Requested by Host: portalbelavistense.com.br URL: https://portalbelavistense.com.br/wp-content/sbb/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 189.90.130.152 Franca, Brazil, ASN28195 (Com4 Data Center Eireli, BR), Reverse DNS cloud-cpanel-2.com4.com.br Software Apache / Resource Hash `cab78213e8c945c10cae355403260048dad7936a706febbacf3782fb0b15f059` Request headers accept-language de-DE,de;q=0.9 Referer https://portalbelavistense.com.br/wp-content/sbb/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Fri, 15 Apr 2022 02:09:29 GMT last-modified Tue, 07 Dec 2021 06:12:38 GMT server Apache accept-ranges bytes content-length 2225 content-type image/gif
GET H2	200	menu.png portalbelavistense.com.br/wp-content/sbb/image/	867 B 920 B	7861ms 7860ms	Image image/png	189.90.130.152 Com4 Data Center ...
General Check archive.org Show headers Download Go to Show image Full URL https://portalbelavistense.com.br/wp-content/sbb/image/menu.png Requested by Host: portalbelavistense.com.br URL: https://portalbelavistense.com.br/wp-content/sbb/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 189.90.130.152 Franca, Brazil, ASN28195 (Com4 Data Center Eireli, BR), Reverse DNS cloud-cpanel-2.com4.com.br Software Apache / Resource Hash `73d0257f6024ef6f53834099a5fc651aae14e19f87a8a76b4204b8ced328006a` Request headers accept-language de-DE,de;q=0.9 Referer https://portalbelavistense.com.br/wp-content/sbb/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Fri, 15 Apr 2022 02:09:29 GMT last-modified Tue, 07 Dec 2021 08:24:42 GMT server Apache accept-ranges bytes content-length 867 content-type image/png
GET H2	200	remeber.png portalbelavistense.com.br/wp-content/sbb/image/	3 KB 3 KB	7217ms 7216ms	Image image/png	189.90.130.152 Com4 Data Center ...
General Check archive.org Show headers Download Go to Show image Full URL https://portalbelavistense.com.br/wp-content/sbb/image/remeber.png Requested by Host: portalbelavistense.com.br URL: https://portalbelavistense.com.br/wp-content/sbb/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 189.90.130.152 Franca, Brazil, ASN28195 (Com4 Data Center Eireli, BR), Reverse DNS cloud-cpanel-2.com4.com.br Software Apache / Resource Hash `04de83a4dba4fbfacbbb3da5036f0fae95793069c000ff3e9fb9abb3f0ca14f7` Request headers accept-language de-DE,de;q=0.9 Referer https://portalbelavistense.com.br/wp-content/sbb/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Fri, 15 Apr 2022 02:09:29 GMT last-modified Tue, 07 Dec 2021 07:17:02 GMT server Apache accept-ranges bytes content-length 3388 content-type image/png
GET H2	200	zx.png portalbelavistense.com.br/wp-content/sbb/image/	155 KB 156 KB	7217ms 7215ms	Image image/png	189.90.130.152 Com4 Data Center ...
General Check archive.org Show headers Download Go to Show image Full URL https://portalbelavistense.com.br/wp-content/sbb/image/zx.png Requested by Host: portalbelavistense.com.br URL: https://portalbelavistense.com.br/wp-content/sbb/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 189.90.130.152 Franca, Brazil, ASN28195 (Com4 Data Center Eireli, BR), Reverse DNS cloud-cpanel-2.com4.com.br Software Apache / Resource Hash `b941adb10fcdeeafca5a5e0496b5f54448fd898e03ee87319e00f25233c94da3` Request headers accept-language de-DE,de;q=0.9 Referer https://portalbelavistense.com.br/wp-content/sbb/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Fri, 15 Apr 2022 02:09:29 GMT last-modified Tue, 07 Dec 2021 07:18:52 GMT server Apache accept-ranges bytes content-length 158697 content-type image/png
GET H2	200	1.png portalbelavistense.com.br/wp-content/sbb/image/	2 KB 2 KB	7217ms 7216ms	Image image/png	189.90.130.152 Com4 Data Center ...
General Check archive.org Show headers Download Go to Show image Full URL https://portalbelavistense.com.br/wp-content/sbb/image/1.png Requested by Host: portalbelavistense.com.br URL: https://portalbelavistense.com.br/wp-content/sbb/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 189.90.130.152 Franca, Brazil, ASN28195 (Com4 Data Center Eireli, BR), Reverse DNS cloud-cpanel-2.com4.com.br Software Apache / Resource Hash `33a9c5b7300fddb6ced5853fc001470f3eb615e0c4d9b59058a17f947c74e63c` Request headers accept-language de-DE,de;q=0.9 Referer https://portalbelavistense.com.br/wp-content/sbb/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Fri, 15 Apr 2022 02:09:29 GMT last-modified Tue, 07 Dec 2021 07:38:42 GMT server Apache accept-ranges bytes content-length 1708 content-type image/png
GET H2	200	2.png portalbelavistense.com.br/wp-content/sbb/image/	2 KB 2 KB	7217ms 7216ms	Image image/png	189.90.130.152 Com4 Data Center ...
General Check archive.org Show headers Download Go to Show image Full URL https://portalbelavistense.com.br/wp-content/sbb/image/2.png Requested by Host: portalbelavistense.com.br URL: https://portalbelavistense.com.br/wp-content/sbb/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 189.90.130.152 Franca, Brazil, ASN28195 (Com4 Data Center Eireli, BR), Reverse DNS cloud-cpanel-2.com4.com.br Software Apache / Resource Hash `7bcb111cc3a9155f581bd6f6e2c54c0f63e5ad05f806de19204747e58f4c17a9` Request headers accept-language de-DE,de;q=0.9 Referer https://portalbelavistense.com.br/wp-content/sbb/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Fri, 15 Apr 2022 02:09:29 GMT last-modified Tue, 07 Dec 2021 07:38:48 GMT server Apache accept-ranges bytes content-length 1988 content-type image/png
GET H2	200	3.png portalbelavistense.com.br/wp-content/sbb/image/	1 KB 1 KB	10444ms 10443ms	Image image/png	189.90.130.152 Com4 Data Center ...
General Check archive.org Show headers Download Go to Show image Full URL https://portalbelavistense.com.br/wp-content/sbb/image/3.png Requested by Host: portalbelavistense.com.br URL: https://portalbelavistense.com.br/wp-content/sbb/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 189.90.130.152 Franca, Brazil, ASN28195 (Com4 Data Center Eireli, BR), Reverse DNS cloud-cpanel-2.com4.com.br Software Apache / Resource Hash `b52ab67633eda703096205d52b00899f6c0d6258272f07b239ed322a3d34df05` Request headers accept-language de-DE,de;q=0.9 Referer https://portalbelavistense.com.br/wp-content/sbb/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Fri, 15 Apr 2022 02:09:29 GMT last-modified Tue, 07 Dec 2021 07:38:56 GMT server Apache accept-ranges bytes content-length 1250 content-type image/png
GET H2	200	4.png portalbelavistense.com.br/wp-content/sbb/image/	2 KB 2 KB	7430ms 7430ms	Image image/png	189.90.130.152 Com4 Data Center ...
General Check archive.org Show headers Download Go to Show image Full URL https://portalbelavistense.com.br/wp-content/sbb/image/4.png Requested by Host: portalbelavistense.com.br URL: https://portalbelavistense.com.br/wp-content/sbb/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 189.90.130.152 Franca, Brazil, ASN28195 (Com4 Data Center Eireli, BR), Reverse DNS cloud-cpanel-2.com4.com.br Software Apache / Resource Hash `febd6d6dc8e864bd600a611bd836ff58f9498a31a9f184d7c357041839770bd4` Request headers accept-language de-DE,de;q=0.9 Referer https://portalbelavistense.com.br/wp-content/sbb/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Fri, 15 Apr 2022 02:09:29 GMT last-modified Tue, 07 Dec 2021 07:39:08 GMT server Apache accept-ranges bytes content-length 1681 content-type image/png
GET H2	200	jquery-3.5.1.min.js Show response portalbelavistense.com.br/wp-content/sbb/js/	87 KB 88 KB	217ms 217ms	Script application/javascript	189.90.130.152 Com4 Data Center ...
General Check archive.org Show headers Download Go to Full URL https://portalbelavistense.com.br/wp-content/sbb/js/jquery-3.5.1.min.js Requested by Host: portalbelavistense.com.br URL: https://portalbelavistense.com.br/wp-content/sbb/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 189.90.130.152 Franca, Brazil, ASN28195 (Com4 Data Center Eireli, BR), Reverse DNS cloud-cpanel-2.com4.com.br Software Apache / Resource Hash `f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d` Request headers accept-language de-DE,de;q=0.9 Referer https://portalbelavistense.com.br/wp-content/sbb/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Fri, 15 Apr 2022 02:09:24 GMT last-modified Tue, 24 Nov 2020 04:18:24 GMT server Apache accept-ranges bytes content-length 89476 content-type application/javascript
GET H2	200	bootstrap.min.js Show response portalbelavistense.com.br/wp-content/sbb/js/	61 KB 61 KB	4859ms 4859ms	Script application/javascript	189.90.130.152 Com4 Data Center ...
General Check archive.org Show headers Download Go to Full URL https://portalbelavistense.com.br/wp-content/sbb/js/bootstrap.min.js Requested by Host: portalbelavistense.com.br URL: https://portalbelavistense.com.br/wp-content/sbb/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 189.90.130.152 Franca, Brazil, ASN28195 (Com4 Data Center Eireli, BR), Reverse DNS cloud-cpanel-2.com4.com.br Software Apache / Resource Hash `2909d4fa86cf09191e768576e1a6eab7f2635a2627549c45d29595ffac9c0da9` Request headers accept-language de-DE,de;q=0.9 Referer https://portalbelavistense.com.br/wp-content/sbb/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Fri, 15 Apr 2022 02:09:25 GMT last-modified Mon, 07 Dec 2020 19:50:12 GMT server Apache accept-ranges bytes content-length 62411 content-type application/javascript
GET H2	200	btn.gif portalbelavistense.com.br/wp-content/sbb/image/	3 KB 3 KB	7211ms 7211ms	Image image/gif	189.90.130.152 Com4 Data Center ...
General Check archive.org Show headers Download Go to Show image Full URL https://portalbelavistense.com.br/wp-content/sbb/image/btn.gif Requested by Host: portalbelavistense.com.br URL: https://portalbelavistense.com.br/wp-content/sbb/css/test.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 189.90.130.152 Franca, Brazil, ASN28195 (Com4 Data Center Eireli, BR), Reverse DNS cloud-cpanel-2.com4.com.br Software Apache / Resource Hash `f2d04f19fe518e0201f68d3a0b0e6979c06848a95d84f3f07c32b000fc621367` Request headers accept-language de-DE,de;q=0.9 Referer https://portalbelavistense.com.br/wp-content/sbb/css/test.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Fri, 15 Apr 2022 02:09:29 GMT last-modified Tue, 07 Dec 2021 07:13:28 GMT server Apache accept-ranges bytes content-length 2563 content-type image/gif

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: HSBC (Banking)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			cutt.ly/	1969-12-31 23:59:59	Name: PHPSESSID Value: cjb4nqgftt0jna0o0il3a1199c

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cutt.ly
portalbelavistense.com.br
pro.fontawesome.com
189.90.130.152
2606:4700:10::ac43:8ee
2606:4700::6812:1634
04de83a4dba4fbfacbbb3da5036f0fae95793069c000ff3e9fb9abb3f0ca14f7
1944a255577a8ed66ae984c6f6356281ff6f29dc84a2af6f1facf258c7dab62e
2909d4fa86cf09191e768576e1a6eab7f2635a2627549c45d29595ffac9c0da9
2af905d92cfd34b5413126a54f639da408166cbbcb54318e413ad5e10b5bf6ec
33a9c5b7300fddb6ced5853fc001470f3eb615e0c4d9b59058a17f947c74e63c
73d0257f6024ef6f53834099a5fc651aae14e19f87a8a76b4204b8ced328006a
7bcb111cc3a9155f581bd6f6e2c54c0f63e5ad05f806de19204747e58f4c17a9
98e83d9984650ba5490166476129ec0ae631dd146d6701c6027c5209854005f8
b52ab67633eda703096205d52b00899f6c0d6258272f07b239ed322a3d34df05
b941adb10fcdeeafca5a5e0496b5f54448fd898e03ee87319e00f25233c94da3
cab78213e8c945c10cae355403260048dad7936a706febbacf3782fb0b15f059
dc9cbf19b48bae0d28f72e59e67d6ec34ab1644087ec2e8e42954180d1586b48
f185c3b49c985c9be586c5ca1a4f4a4889083025e6f6c1f9e536d98255a1edf4
f2d04f19fe518e0201f68d3a0b0e6979c06848a95d84f3f07c32b000fc621367
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f9c6486b07840a6e401a436b84fb76e425bf305dd0443f49500d1637617b7d37
febd6d6dc8e864bd600a611bd836ff58f9498a31a9f184d7c357041839770bd4

portalbelavistense.com.br Open in urlscan Pro 189.90.130.152 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

17 Requests

100 %HTTPS

67 %IPv6

3 Domains

3 Subdomains

2 IPs

2 Countries

555 kBTransfer

674 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

10 JavaScript Global Variables

1 Cookies

Indicators

portalbelavistense.com.br Open in urlscan Pro
189.90.130.152 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

555 kB
Transfer

674 kB
Size

1
Cookies

17 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!