loginvervideobr.com.br Open in urlscan Pro
198.11.211.200  Malicious Activity! Public Scan

Submitted URL: http://loginvervideobr.com.br/
Effective URL: http://loginvervideobr.com.br/index2.php?KtcwMAfC8LQ6iNk0h0NeLkNCrH83a
Submission: On June 30 via api from GB

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 5 HTTP transactions. The main IP is 198.11.211.200, located in San Jose, United States and belongs to SOFTLAYER - SoftLayer Technologies Inc., US. The main domain is loginvervideobr.com.br.
This is the only time loginvervideobr.com.br was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

IP Address AS Autonomous System
5 198.11.211.200 36351 (SOFTLAYER)
5 1
Apex Domain
Subdomains
Transfer
5 loginvervideobr.com.br
loginvervideobr.com.br
62 KB
5 1
Domain Requested by
5 loginvervideobr.com.br loginvervideobr.com.br
5 1

This site contains no links.

Subject Issuer Validity Valid

1970-01-01 -
1970-01-01
a few seconds crt.sh

This page contains 1 frames:

Primary Page: http://loginvervideobr.com.br/index2.php?KtcwMAfC8LQ6iNk0h0NeLkNCrH83a
Frame ID: 96DA8674B7C1A1F6A4D2EA58B02D3EE0
Requests: 5 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://loginvervideobr.com.br/ Page URL
  2. http://loginvervideobr.com.br/index2.php?KtcwMAfC8LQ6iNk0h0NeLkNCrH83a Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

5
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

62 kB
Transfer

126 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://loginvervideobr.com.br/ Page URL
  2. http://loginvervideobr.com.br/index2.php?KtcwMAfC8LQ6iNk0h0NeLkNCrH83a Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
loginvervideobr.com.br/
149 B
383 B
Document
General
Full URL
http://loginvervideobr.com.br/
Protocol
HTTP/1.1
Server
198.11.211.200 San Jose, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
uswest64.myserverhosts.com
Software
nginx/1.14.0 /
Resource Hash
3da3964a882d41dc163e52e472a993cc8222342eaf6f11685591dc8cce83233c

Request headers

Host
loginvervideobr.com.br
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
nginx/1.14.0
Date
Sun, 30 Jun 2019 05:00:43 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Content-Encoding
gzip
Primary Request index2.php
loginvervideobr.com.br/
11 KB
3 KB
Document
General
Full URL
http://loginvervideobr.com.br/index2.php?KtcwMAfC8LQ6iNk0h0NeLkNCrH83a
Protocol
HTTP/1.1
Server
198.11.211.200 San Jose, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
uswest64.myserverhosts.com
Software
nginx/1.14.0 /
Resource Hash
e1a14910c03e1601cd7e64c8fd71af433d8d0bf1df1a2d1f400fa053cf998188

Request headers

Host
loginvervideobr.com.br
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://loginvervideobr.com.br/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://loginvervideobr.com.br/

Response headers

Server
nginx/1.14.0
Date
Sun, 30 Jun 2019 05:00:45 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Content-Encoding
gzip
NtA53_DiiEn.css
loginvervideobr.com.br/inc/
68 KB
21 KB
Stylesheet
General
Full URL
http://loginvervideobr.com.br/inc/NtA53_DiiEn.css
Requested by
Host: loginvervideobr.com.br
URL: http://loginvervideobr.com.br/index2.php?KtcwMAfC8LQ6iNk0h0NeLkNCrH83a
Protocol
HTTP/1.1
Security
, ,
Server
198.11.211.200 San Jose, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
uswest64.myserverhosts.com
Software
nginx/1.14.0 /
Resource Hash
45a26c93e5d8e73057d494b2639071ee8be9dab2d36a4f450b1e0b75c2a750a4

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://loginvervideobr.com.br/index2.php?KtcwMAfC8LQ6iNk0h0NeLkNCrH83a
Origin
http://loginvervideobr.com.br

Response headers

Date
Sun, 30 Jun 2019 05:00:45 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 Mar 2019 03:16:06 GMT
Server
nginx/1.14.0
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/css
lA6-OW2Cls5.css
loginvervideobr.com.br/inc/
15 KB
5 KB
Stylesheet
General
Full URL
http://loginvervideobr.com.br/inc/lA6-OW2Cls5.css
Requested by
Host: loginvervideobr.com.br
URL: http://loginvervideobr.com.br/index2.php?KtcwMAfC8LQ6iNk0h0NeLkNCrH83a
Protocol
HTTP/1.1
Security
, ,
Server
198.11.211.200 San Jose, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
uswest64.myserverhosts.com
Software
nginx/1.14.0 /
Resource Hash
72d8272605f195d87bb0f44a5edc1fde20f547dadcd9b2d9f3f8797cfb76b979

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://loginvervideobr.com.br/index2.php?KtcwMAfC8LQ6iNk0h0NeLkNCrH83a
Origin
http://loginvervideobr.com.br

Response headers

Date
Sun, 30 Jun 2019 05:00:45 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 Mar 2019 03:16:02 GMT
Server
nginx/1.14.0
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/css
fbpPmQMtmCj.png
loginvervideobr.com.br/inc/
32 KB
33 KB
Image
General
Full URL
http://loginvervideobr.com.br/inc/fbpPmQMtmCj.png
Protocol
HTTP/1.1
Security
, ,
Server
198.11.211.200 San Jose, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
uswest64.myserverhosts.com
Software
nginx/1.14.0 /
Resource Hash
7a2be98966764a4afa8ea2e4f099705f02ae68e5125bed2f2ddcef0065133ba8

Request headers

Referer
http://loginvervideobr.com.br/inc/NtA53_DiiEn.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 30 Jun 2019 05:00:45 GMT
Last-Modified
Wed, 13 Mar 2019 03:16:04 GMT
Server
nginx/1.14.0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
33083
Content-Type
image/png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask

0 Cookies