loginvervideobr.com.br
Open in
urlscan Pro
198.11.211.200
Malicious Activity!
Public Scan
Effective URL: http://loginvervideobr.com.br/index2.php?KtcwMAfC8LQ6iNk0h0NeLkNCrH83a
Submission: On June 30 via api from GB
Summary
This is the only time loginvervideobr.com.br was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
5 | 198.11.211.200 198.11.211.200 | 36351 (SOFTLAYER) (SOFTLAYER - SoftLayer Technologies Inc.) | |
5 | 1 |
ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: uswest64.myserverhosts.com
loginvervideobr.com.br |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
loginvervideobr.com.br
loginvervideobr.com.br |
62 KB |
5 | 1 |
Domain | Requested by | |
---|---|---|
5 | loginvervideobr.com.br |
loginvervideobr.com.br
|
5 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
1970-01-01 - 1970-01-01 |
a few seconds | crt.sh |
This page contains 1 frames:
Primary Page:
http://loginvervideobr.com.br/index2.php?KtcwMAfC8LQ6iNk0h0NeLkNCrH83a
Frame ID: 96DA8674B7C1A1F6A4D2EA58B02D3EE0
Requests: 5 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- http://loginvervideobr.com.br/ Page URL
- http://loginvervideobr.com.br/index2.php?KtcwMAfC8LQ6iNk0h0NeLkNCrH83a Page URL
Detected technologies
Nginx (Web Servers) ExpandDetected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://loginvervideobr.com.br/ Page URL
- http://loginvervideobr.com.br/index2.php?KtcwMAfC8LQ6iNk0h0NeLkNCrH83a Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
5 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
loginvervideobr.com.br/ |
149 B 383 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
index2.php
loginvervideobr.com.br/ |
11 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
NtA53_DiiEn.css
loginvervideobr.com.br/inc/ |
68 KB 21 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lA6-OW2Cls5.css
loginvervideobr.com.br/inc/ |
15 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fbpPmQMtmCj.png
loginvervideobr.com.br/inc/ |
32 KB 33 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
loginvervideobr.com.br
198.11.211.200
3da3964a882d41dc163e52e472a993cc8222342eaf6f11685591dc8cce83233c
45a26c93e5d8e73057d494b2639071ee8be9dab2d36a4f450b1e0b75c2a750a4
72d8272605f195d87bb0f44a5edc1fde20f547dadcd9b2d9f3f8797cfb76b979
7a2be98966764a4afa8ea2e4f099705f02ae68e5125bed2f2ddcef0065133ba8
e1a14910c03e1601cd7e64c8fd71af433d8d0bf1df1a2d1f400fa053cf998188