bilter220.com.br Open in urlscan Pro
195.154.41.45  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set / Show response bilter220.com.br/new/auth/	117 KB 117 KB	257ms 34ms	Document text/html	195.154.41.45 Online SAS
General Check archive.org Show headers Download Go to Full URL https://bilter220.com.br/new/auth/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 195.154.41.45 , France, ASN12876 (Online SAS, FR), Reverse DNS 195-154-41-45.rev.poneytelecom.eu Software Apache / Resource Hash 8feb31918199868b36fc03976a57b46d5ba32503232f11556368f5bc56be30cd Request headers Host bilter220.com.br Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 30 Mar 2021 21:45:15 GMT Server Apache Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma no-cache Set-Cookie PHPSESSID=npfmhapqdtn6f2el2nmq75qqv5; path=/ Keep-Alive timeout=5, max=100 Connection Keep-Alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	styles-LTR.css bilter220.com.br/new/auth/bigdata/	0 0	80ms 27ms	Stylesheet text/css	195.154.41.45 Online SAS
General Check archive.org Show headers Download Go to Full URL https://bilter220.com.br/new/auth/bigdata/styles-LTR.css Requested by Host: bilter220.com.br URL: https://bilter220.com.br/new/auth/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 195.154.41.45 , France, ASN12876 (Online SAS, FR), Reverse DNS 195-154-41-45.rev.poneytelecom.eu Software Apache / Resource Hash Request headers Referer https://bilter220.com.br/new/auth/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 30 Mar 2021 21:45:15 GMT Last-Modified Sun, 10 Jan 2021 01:11:46 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 512496
GET H2	200	bootstrap.min.css maxcdn.bootstrapcdn.com/bootstrap/3.4.0/css/	119 KB 19 KB	33ms 19ms	Stylesheet text/css	2606:4700::6812:bcf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/bootstrap/3.4.0/css/bootstrap.min.css Requested by Host: bilter220.com.br URL: https://bilter220.com.br/new/auth/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1f429f4e2829515fb4ff9b67d875c2d023f08610e15a049ac0976715dd02182a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://bilter220.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 30 Mar 2021 21:45:15 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT cdn-edgestorageid 632, 617 age 1736258 cdn-cachedat 2021-03-10 20:26:44 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 0926b229790000bf234939f000000001 timing-allow-origin * access-control-allow-origin * last-modified Mon, 25 Jan 2021 22:04:00 GMT server cloudflare cdn-requestpullcode 200 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/css; charset=utf-8 cdn-cache HIT vary Accept-Encoding cache-control public, max-age=31919000 cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestid 21574e7e9dcebf01aaa4e97b5e22acce cf-ray 63848622596cbf23-FRA cdn-requestcountrycode DE cdn-requestpullsuccess True
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.5.1/	87 KB 31 KB	26ms 7ms	Script text/javascript	2a00:1450:4001:802::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js Requested by Host: bilter220.com.br URL: https://bilter220.com.br/new/auth/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://bilter220.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 24 Mar 2021 20:19:24 GMT content-encoding gzip x-content-type-options nosniff age 523551 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 31021 x-xss-protection 0 last-modified Fri, 08 May 2020 07:05:03 GMT server sffe vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Thu, 24 Mar 2022 20:19:24 GMT
GET H2	200	bootstrap.min.js Show response maxcdn.bootstrapcdn.com/bootstrap/3.4.0/js/	37 KB 10 KB	34ms 20ms	Script application/javascript	2606:4700::6812:bcf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/bootstrap/3.4.0/js/bootstrap.min.js Requested by Host: bilter220.com.br URL: https://bilter220.com.br/new/auth/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 909ae563eb34f7e4285a3a643ab5d7c21c5e6a80f3f455b949ac45f08d0389b4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://bilter220.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 30 Mar 2021 21:45:15 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT cdn-edgestorageid 632, 617 age 1736259 cdn-cachedat 2021-03-10 20:26:23 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 0926b229790000bf23511fe000000001 timing-allow-origin * access-control-allow-origin * last-modified Mon, 25 Jan 2021 22:04:00 GMT server cloudflare cdn-requestpullcode 200 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript; charset=utf-8 cdn-cache HIT vary Accept-Encoding cache-control public, max-age=31919000 cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestid 73a3553e74b668514a0a6c2e8cc7f60a cf-ray 63848622596dbf23-FRA cdn-requestcountrycode DE cdn-requestpullsuccess True
GET H/1.1	200 OK	apps.44610.31fc453a-d49f-48c7-8963-bf12d4fd3374.a2a00468-0987-4794-997b-2d5029b3a429.243e6688-c0b8-4bb4-bf79-439c33a98965.png bilter220.com.br/new/auth/bigdata/	5 KB 5 KB	5047ms 58ms	Image image/png	195.154.41.45 Online SAS
General Check archive.org Show headers Download Go to Show image Full URL https://bilter220.com.br/new/auth/bigdata/apps.44610.31fc453a-d49f-48c7-8963-bf12d4fd3374.a2a00468-0987-4794-997b-2d5029b3a429.243e6688-c0b8-4bb4-bf79-439c33a98965.png Requested by Host: bilter220.com.br URL: https://bilter220.com.br/new/auth/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 195.154.41.45 , France, ASN12876 (Online SAS, FR), Reverse DNS 195-154-41-45.rev.poneytelecom.eu Software Apache / Resource Hash 42aef6f7db503ca897e3b374196de194bcb6138abb77059db00fe02a7e2cc5b1 Request headers Referer https://bilter220.com.br/new/auth/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 30 Mar 2021 21:45:20 GMT Last-Modified Sun, 10 Jan 2021 00:29:52 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 4735
GET H/1.1	200 OK	apps.43392.23c5ae3a-3551-42b6-9ba6-5a9ac6c8ade4.14de091f-6544-45e8-b3a6-4a222e2ca359.f3ef8ae0-fa4a-46f7-9f22-7cb0e2e90fcd.png bilter220.com.br/new/auth/bigdata/	15 KB 15 KB	59ms 59ms	Image image/png	195.154.41.45 Online SAS
General Check archive.org Show headers Download Go to Show image Full URL https://bilter220.com.br/new/auth/bigdata/apps.43392.23c5ae3a-3551-42b6-9ba6-5a9ac6c8ade4.14de091f-6544-45e8-b3a6-4a222e2ca359.f3ef8ae0-fa4a-46f7-9f22-7cb0e2e90fcd.png Requested by Host: bilter220.com.br URL: https://bilter220.com.br/new/auth/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 195.154.41.45 , France, ASN12876 (Online SAS, FR), Reverse DNS 195-154-41-45.rev.poneytelecom.eu Software Apache / Resource Hash 80a9010e6998ee0cb975c5a9d81cd2778c663f96b468ee6362e9d5e647f48e79 Request headers Referer https://bilter220.com.br/new/auth/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 30 Mar 2021 21:45:21 GMT Last-Modified Sun, 10 Jan 2021 00:29:52 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 15316
GET H/1.1	200 OK	apps.44160.caa10083-95fd-4aa5-9299-a40c68cdc829.9e6b7934-9a4d-4e0f-948d-4f54dafab3f8.df43bd30-714e-4369-803a-00c9491be63b.png bilter220.com.br/new/auth/bigdata/	8 KB 9 KB	58ms 57ms	Image image/png	195.154.41.45 Online SAS
General Check archive.org Show headers Download Go to Show image Full URL https://bilter220.com.br/new/auth/bigdata/apps.44160.caa10083-95fd-4aa5-9299-a40c68cdc829.9e6b7934-9a4d-4e0f-948d-4f54dafab3f8.df43bd30-714e-4369-803a-00c9491be63b.png Requested by Host: bilter220.com.br URL: https://bilter220.com.br/new/auth/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 195.154.41.45 , France, ASN12876 (Online SAS, FR), Reverse DNS 195-154-41-45.rev.poneytelecom.eu Software Apache / Resource Hash 80ace451cd24f4d6f1d90f0aece34ee22dbe1a5e8f90360b81363b9e48568e14 Request headers Referer https://bilter220.com.br/new/auth/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 30 Mar 2021 21:45:21 GMT Last-Modified Sun, 10 Jan 2021 00:29:52 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 8651
GET H/1.1	200 OK	apps.53359.8f331dfa-b1f3-4007-af01-f3e4e799e999.1696073a-4347-4b55-838a-e2b180b612f5.59da1dae-7d2e-421e-b637-f60e94205551.png bilter220.com.br/new/auth/bigdata/	18 KB 18 KB	58ms 58ms	Image image/png	195.154.41.45 Online SAS
General Check archive.org Show headers Download Go to Show image Full URL https://bilter220.com.br/new/auth/bigdata/apps.53359.8f331dfa-b1f3-4007-af01-f3e4e799e999.1696073a-4347-4b55-838a-e2b180b612f5.59da1dae-7d2e-421e-b637-f60e94205551.png Requested by Host: bilter220.com.br URL: https://bilter220.com.br/new/auth/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 195.154.41.45 , France, ASN12876 (Online SAS, FR), Reverse DNS 195-154-41-45.rev.poneytelecom.eu Software Apache / Resource Hash 6fd0535c4ce5386953575c2ddb0c02df3e8c63db0cb22cafe476e61f39a18eb7 Request headers Referer https://bilter220.com.br/new/auth/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 30 Mar 2021 21:45:21 GMT Last-Modified Sun, 10 Jan 2021 00:29:52 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 18311

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
bilter220.com.br
maxcdn.bootstrapcdn.com
195.154.41.45
2606:4700::6812:bcf
2a00:1450:4001:802::200a
1f429f4e2829515fb4ff9b67d875c2d023f08610e15a049ac0976715dd02182a
42aef6f7db503ca897e3b374196de194bcb6138abb77059db00fe02a7e2cc5b1
6fd0535c4ce5386953575c2ddb0c02df3e8c63db0cb22cafe476e61f39a18eb7
80a9010e6998ee0cb975c5a9d81cd2778c663f96b468ee6362e9d5e647f48e79
80ace451cd24f4d6f1d90f0aece34ee22dbe1a5e8f90360b81363b9e48568e14
8feb31918199868b36fc03976a57b46d5ba32503232f11556368f5bc56be30cd
909ae563eb34f7e4285a3a643ab5d7c21c5e6a80f3f455b949ac45f08d0389b4
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d