maracarvalho.com.br - urlscan.io

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 7 HTTP transactions. The main IP is 177.53.143.56, located in Brazil and belongs to Brasil Site Informatica LTDA, BR. The main domain is maracarvalho.com.br.
TLS certificate: Issued by R3 on February 23rd 2024. Valid for: 3 months.

This is the only time maracarvalho.com.br was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Alibaba (Online)

Domain & IP information

	IP Address		AS Autonomous System
7	177.53.143.56 177.53.143.56		53243 (Brasil Si...) (Brasil Site Informatica LTDA)
7	1

7 177.53.143.56 (Brazil)

ASN53243 (Brasil Site Informatica LTDA, BR)
PTR: server3.cpwm.srv.br

maracarvalho.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	maracarvalho.com.br maracarvalho.com.br	160 KB
7	1

	Domain	Requested by
7	maracarvalho.com.br	maracarvalho.com.br
7	1

This site contains no links.

Subject Issuer	Validity	Valid
*.maracarvalho.com.br R3	`2024-02-23` - `2024-05-23`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://maracarvalho.com.br/imagens/files/login.htm
Frame ID: A390B31B1C638333E43336B30DAE6E6F
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign In

Page Statistics

7
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

160 kB
Transfer

169 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request login.htm Show response maracarvalho.com.br/imagens/files/	11 KB 2 KB	729ms 135ms	Document text/html	177.53.143.56 Brasil Site Infor...
General Check archive.org Show headers Download Go to Full URL https://maracarvalho.com.br/imagens/files/login.htm Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 177.53.143.56 , Brazil, ASN53243 (Brasil Site Informatica LTDA, BR), Reverse DNS server3.cpwm.srv.br Software Apache/2 / Resource Hash `feceb5085029d534bdf52b6a014c021708815675a33390f7b0fd85cb462f611d` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 accept-language en-US,en;q=0.9 sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers accept-ranges bytes content-encoding gzip content-length 1946 content-type text/html date Mon, 08 Apr 2024 15:08:41 GMT etag "2a28-55dc087bd7e00-gzip" last-modified Sun, 12 Nov 2017 03:12:56 GMT server Apache/2 vary Accept-Encoding,User-Agent
GET H2	200	vv.png maracarvalho.com.br/imagens/files/images/	141 KB 141 KB	268ms 267ms	Image image/png	177.53.143.56 Brasil Site Infor...
General Check archive.org Show headers Download Go to Show image Full URL https://maracarvalho.com.br/imagens/files/images/vv.png Requested by Host: maracarvalho.com.br URL: https://maracarvalho.com.br/imagens/files/login.htm Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 177.53.143.56 , Brazil, ASN53243 (Brasil Site Informatica LTDA, BR), Reverse DNS server3.cpwm.srv.br Software Apache/2 / Resource Hash `8885e8994684350f79411c3f0fb8ecaba704be69872a1439eb751f8d1e0f48a8` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://maracarvalho.com.br/imagens/files/login.htm accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 08 Apr 2024 15:08:41 GMT last-modified Mon, 20 Nov 2017 03:12:00 GMT server Apache/2 accept-ranges bytes etag "23517-55e6173220000" content-length 144663 content-type image/png
GET H2	200	cm.png maracarvalho.com.br/imagens/files/images/	4 KB 4 KB	135ms 134ms	Image image/png	177.53.143.56 Brasil Site Infor...
General Check archive.org Show headers Download Go to Show image Full URL https://maracarvalho.com.br/imagens/files/images/cm.png Requested by Host: maracarvalho.com.br URL: https://maracarvalho.com.br/imagens/files/login.htm Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 177.53.143.56 , Brazil, ASN53243 (Brasil Site Informatica LTDA, BR), Reverse DNS server3.cpwm.srv.br Software Apache/2 / Resource Hash `91a4546ea6f702da8c8d50a7deaa4214b14db29ca7bfc9cc6d5c853ee1891b6f` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://maracarvalho.com.br/imagens/files/login.htm accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 08 Apr 2024 15:08:41 GMT last-modified Sun, 01 Oct 2017 21:21:02 GMT server Apache/2 accept-ranges bytes etag "e3c-55a82d5c10b80" content-length 3644 content-type image/png
GET H2	404	sc.png maracarvalho.com.br/imagens/files/images/	315 B 315 B	268ms 267ms	Image text/html	177.53.143.56 Brasil Site Infor...
General Check archive.org Show headers Download Go to Show image Full URL https://maracarvalho.com.br/imagens/files/images/sc.png Requested by Host: maracarvalho.com.br URL: https://maracarvalho.com.br/imagens/files/login.htm Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 177.53.143.56 , Brazil, ASN53243 (Brasil Site Informatica LTDA, BR), Reverse DNS server3.cpwm.srv.br Software Apache/2 / Resource Hash `d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://maracarvalho.com.br/imagens/files/login.htm accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 08 Apr 2024 15:08:41 GMT server Apache/2 content-length 315 content-type text/html; charset=iso-8859-1
GET H2	200	Sc2.png maracarvalho.com.br/imagens/files/images/	11 KB 11 KB	135ms 134ms	Image image/png	177.53.143.56 Brasil Site Infor...
General Check archive.org Show headers Download Go to Show image Full URL https://maracarvalho.com.br/imagens/files/images/Sc2.png Requested by Host: maracarvalho.com.br URL: https://maracarvalho.com.br/imagens/files/login.htm Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 177.53.143.56 , Brazil, ASN53243 (Brasil Site Informatica LTDA, BR), Reverse DNS server3.cpwm.srv.br Software Apache/2 / Resource Hash `4a3367b3e35043478ad7ffe0222781e8c9c2c65b9280d02c690bcaaddc860fb9` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://maracarvalho.com.br/imagens/files/login.htm accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 08 Apr 2024 15:08:41 GMT last-modified Sun, 12 Nov 2017 03:15:30 GMT server Apache/2 accept-ranges bytes etag "2cc2-55dc090eb5880" content-length 11458 content-type image/png
GET H2	200	bn.png maracarvalho.com.br/imagens/files/images/	1 KB 1 KB	267ms 266ms	Image image/png	177.53.143.56 Brasil Site Infor...
General Check archive.org Show headers Download Go to Show image Full URL https://maracarvalho.com.br/imagens/files/images/bn.png Requested by Host: maracarvalho.com.br URL: https://maracarvalho.com.br/imagens/files/login.htm Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 177.53.143.56 , Brazil, ASN53243 (Brasil Site Informatica LTDA, BR), Reverse DNS server3.cpwm.srv.br Software Apache/2 / Resource Hash `be2ee21089afbf62e72ac3e9d416a85a132d622f4b037dea041e06e4237d9aeb` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://maracarvalho.com.br/imagens/files/login.htm accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 08 Apr 2024 15:08:41 GMT last-modified Sun, 01 Oct 2017 22:11:04 GMT server Apache/2 accept-ranges bytes etag "427-55a8388afee00" content-length 1063 content-type image/png
GET H2	200	favicon.ico maracarvalho.com.br/imagens/files/images/	1 KB 552 B	134ms 133ms	Other image/x-icon	177.53.143.56 Brasil Site Infor...
General Check archive.org Show headers Download Go to Full URL https://maracarvalho.com.br/imagens/files/images/favicon.ico Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 177.53.143.56 , Brazil, ASN53243 (Brasil Site Informatica LTDA, BR), Reverse DNS server3.cpwm.srv.br Software Apache/2 / Resource Hash `12a8e74153c9331dfb091e086a88a20f8b417399d86adf5d18202b095e4d15b5` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://maracarvalho.com.br/imagens/files/login.htm accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 08 Apr 2024 15:08:42 GMT content-encoding gzip last-modified Sat, 04 Jul 2015 22:08:04 GMT server Apache/2 etag "57e-51a13e815d900-gzip" vary Accept-Encoding,User-Agent content-type image/x-icon accept-ranges bytes content-length 443

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Alibaba (Online)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| unhideBody

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://maracarvalho.com.br/imagens/files/login.htm Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network	error	URL: https://maracarvalho.com.br/imagens/files/images/sc.png Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

maracarvalho.com.br
177.53.143.56
12a8e74153c9331dfb091e086a88a20f8b417399d86adf5d18202b095e4d15b5
4a3367b3e35043478ad7ffe0222781e8c9c2c65b9280d02c690bcaaddc860fb9
8885e8994684350f79411c3f0fb8ecaba704be69872a1439eb751f8d1e0f48a8
91a4546ea6f702da8c8d50a7deaa4214b14db29ca7bfc9cc6d5c853ee1891b6f
be2ee21089afbf62e72ac3e9d416a85a132d622f4b037dea041e06e4237d9aeb
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
feceb5085029d534bdf52b6a014c021708815675a33390f7b0fd85cb462f611d

maracarvalho.com.br Open in urlscan Pro 177.53.143.56 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

7 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

160 kBTransfer

169 kBSize

0 Cookies

0 Outgoing links

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

1 JavaScript Global Variables

0 Cookies

2 Console Messages

Indicators

maracarvalho.com.br Open in urlscan Pro
177.53.143.56 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

160 kB
Transfer

169 kB
Size

0
Cookies

7 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!