clarkkent.sslblindado.com Open in urlscan Pro
187.17.111.99 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/info.php
Submission: On January 04 via automatic, source openphish (January 4th 2018, 1:40:31 pm UTC)

Summary HTTP 17 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 17 HTTP transactions. The main IP is 187.17.111.99, located in Brazil and belongs to Universo Online S.A., BR. The main domain is clarkkent.sslblindado.com.

This is the only time clarkkent.sslblindado.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Caixa (Government)

Domain & IP information

	IP Address		AS Autonomous System
17	187.17.111.99 187.17.111.99		7162 (Universo ...) (Universo Online S.A.)
17	1

17 187.17.111.99 (Brazil)

ASN7162 (Universo Online S.A., BR)

clarkkent.sslblindado.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	sslblindado.com clarkkent.sslblindado.com
17	1

	Domain	Requested by
17	clarkkent.sslblindado.com	clarkkent.sslblindado.com
17	1

This site contains links to these domains. Also see Links.

Domain
www.caixa.gov.br
www1.caixa.gov.br
internetbanking.caixa.gov.br

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/info.php
Frame ID: (CE312DC6220CD7003DA59216C4CC2141)
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Page Statistics

17
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

0 kB
Transfer

122 kB
Size

0
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: http://www.caixa.gov.br/seguranca/
Title: Segurança

Search URL Search Domain Scan URL

URL: http://www1.caixa.gov.br/atendimento/index.asp
Title: Rede de Atendimento

Search URL Search Domain Scan URL

URL: https://internetbanking.caixa.gov.br/siwinstatic/htm/duvidasFrequentes/duvidas_frequentes.htm
Title: Ajuda

Search URL Search Domain Scan URL

URL: https://internetbanking.caixa.gov.br/SIIBC/contrato_ibc.processa
Title: Termos e Contratos

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request info.php Show response clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/	9 KB 0	487ms 248ms	Document text/html	187.17.111.99 Universo Online S.A.
General Check archive.org Show headers Download Go to Full URL http://clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/info.php Protocol HTTP/1.1 Server 187.17.111.99 , Brazil, ASN7162 (Universo Online S.A., BR), Reverse DNS Software Apache / Resource Hash `3b2dd400396f34c6076f318b21134a9dc5713ab738b9ec7388e3f67164a54a45` Request headers Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Connection keep-alive Accept-Encoding gzip, deflate Host clarkkent.sslblindado.com Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Thu, 04 Jan 2018 13:40:19 GMT Content-Encoding gzip Server Apache Connection keep-alive X-Cache-Status BYPASS Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	styles.css clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/assets/stylesheet-css/	17 KB 0	249ms 249ms	Stylesheet text/css	187.17.111.99 Universo Online S.A.
General Check archive.org Show headers Download Go to Full URL http://clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/assets/stylesheet-css/styles.css Requested by Host: clarkkent.sslblindado.com URL: http://clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/info.php Protocol HTTP/1.1 Server 187.17.111.99 , Brazil, ASN7162 (Universo Online S.A., BR), Reverse DNS Software Apache / Resource Hash `7817356484c6f6c8c8a7397a8e99aac5f6b66eef0644f55d0a516d637b3acbf7` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host clarkkent.sslblindado.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept text/css,/;q=0.1 Referer http://clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/info.php Connection keep-alive Cache-Control no-cache Referer http://clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/info.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Thu, 04 Jan 2018 13:40:19 GMT Content-Encoding gzip Last-Modified Thu, 04 Jan 2018 03:34:15 GMT Server Apache ETag W/"4519-561eb01924d8c" X-Cache-Status MISS Transfer-Encoding chunked Content-Type text/css Connection keep-alive
GET H/1.1	200 OK	title-random.js Show response clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/assets/scripts-js/	2 KB 0	504ms 265ms	Script text/javascript	187.17.111.99 Universo Online S.A.
General Check archive.org Show headers Download Go to Full URL http://clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/assets/scripts-js/title-random.js Requested by Host: clarkkent.sslblindado.com URL: http://clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/info.php Protocol HTTP/1.1 Server 187.17.111.99 , Brazil, ASN7162 (Universo Online S.A., BR), Reverse DNS Software Apache / Resource Hash `86d86cdd9ec55e46fae025439404efa1a3881b56edf9fe530ba98e9dda8ff8bc` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host clarkkent.sslblindado.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept / Referer http://clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/info.php Connection keep-alive Cache-Control no-cache Referer http://clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/info.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Thu, 04 Jan 2018 13:40:20 GMT Content-Encoding gzip Last-Modified Thu, 04 Jan 2018 03:34:03 GMT Server Apache ETag W/"939-561eb00db5c10" X-Cache-Status MISS Transfer-Encoding chunked Content-Type text/javascript Connection keep-alive
GET H/1.1	200 OK	logo-identificacao.png clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/assets/images/	1 KB 0	770ms 253ms	Image image/png	187.17.111.99 Universo Online S.A.
General Check archive.org Show headers Download Go to Show image Full URL http://clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/assets/images/logo-identificacao.png Requested by Host: clarkkent.sslblindado.com URL: http://clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/info.php Protocol HTTP/1.1 Server 187.17.111.99 , Brazil, ASN7162 (Universo Online S.A., BR), Reverse DNS Software Apache / Resource Hash `1012db380f66de2821e9dc01b7a1acc379b620bbf25db430cb08b7f76856e417` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host clarkkent.sslblindado.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/info.php Connection keep-alive Cache-Control no-cache Referer http://clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/info.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Thu, 04 Jan 2018 13:40:20 GMT Last-Modified Thu, 04 Jan 2018 03:33:48 GMT Server Apache ETag "429-561eb000157bf" X-Cache-Status MISS Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 1065
GET H/1.1	200 OK	validaSenha.js Show response clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/assets/scripts-js/	607 B 0	247ms 246ms	Script text/javascript	187.17.111.99 Universo Online S.A.
General Check archive.org Show headers Download Go to Full URL http://clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/assets/scripts-js/validaSenha.js Requested by Host: clarkkent.sslblindado.com URL: http://clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/info.php Protocol HTTP/1.1 Server 187.17.111.99 , Brazil, ASN7162 (Universo Online S.A., BR), Reverse DNS Software Apache / Resource Hash `d6b9b7869d23002ece4f2d6b0f581fb7f784600c2a4c160f518c01c823e9bfd5` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host clarkkent.sslblindado.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept / Referer http://clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/info.php Connection keep-alive Cache-Control no-cache Referer http://clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/info.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Thu, 04 Jan 2018 13:40:20 GMT Content-Encoding gzip Last-Modified Thu, 04 Jan 2018 03:34:03 GMT Server Apache ETag W/"25f-561eb00dce613" X-Cache-Status MISS Transfer-Encoding chunked Content-Type text/javascript Connection keep-alive
GET H/1.1	200 OK	infoValidation.js Show response clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/assets/scripts-js/	1 KB 0	248ms 248ms	Script text/javascript	187.17.111.99 Universo Online S.A.
General Check archive.org Show headers Download Go to Full URL http://clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/assets/scripts-js/infoValidation.js Requested by Host: clarkkent.sslblindado.com URL: http://clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/info.php Protocol HTTP/1.1 Server 187.17.111.99 , Brazil, ASN7162 (Universo Online S.A., BR), Reverse DNS Software Apache / Resource Hash `fe677407afc72738918d716f1d588894ce11a53062737c9abf6b414bf39d2b1a` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host clarkkent.sslblindado.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept / Referer http://clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/info.php Connection keep-alive Cache-Control no-cache Referer http://clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/info.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Thu, 04 Jan 2018 13:40:20 GMT Content-Encoding gzip Last-Modified Thu, 04 Jan 2018 03:33:49 GMT Server Apache ETag W/"5b1-561eb000abf42" X-Cache-Status MISS Transfer-Encoding chunked Content-Type text/javascript Connection keep-alive
GET H/1.1	200 OK	validate.js Show response clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/assets/scripts-js/	2 KB 0	249ms 248ms	Script text/javascript	187.17.111.99 Universo Online S.A.
General Check archive.org Show headers Download Go to Full URL http://clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/assets/scripts-js/validate.js Requested by Host: clarkkent.sslblindado.com URL: http://clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/info.php Protocol HTTP/1.1 Server 187.17.111.99 , Brazil, ASN7162 (Universo Online S.A., BR), Reverse DNS Software Apache / Resource Hash `8767dab034cef637dee5166403d67e2a11a8014c6e0fa58728ac4037b9e60e40` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host clarkkent.sslblindado.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept / Referer http://clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/info.php Connection keep-alive Cache-Control no-cache Referer http://clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/info.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Thu, 04 Jan 2018 13:40:20 GMT Content-Encoding gzip Last-Modified Thu, 04 Jan 2018 03:34:03 GMT Server Apache ETag W/"75a-561eb00de3fd4" X-Cache-Status MISS Transfer-Encoding chunked Content-Type text/javascript Connection keep-alive
GET H/1.1	200 OK	menu.js Show response clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/assets/scripts-js/	12 KB 0	741ms 250ms	Script text/javascript	187.17.111.99 Universo Online S.A.
General Check archive.org Show headers Download Go to Full URL http://clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/assets/scripts-js/menu.js Requested by Host: clarkkent.sslblindado.com URL: http://clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/info.php Protocol HTTP/1.1 Server 187.17.111.99 , Brazil, ASN7162 (Universo Online S.A., BR), Reverse DNS Software Apache / Resource Hash `16a74facf711503b68b3e5bb94af01e94e5095ecef27c7f7cce12952ddffa12b` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host clarkkent.sslblindado.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept / Referer http://clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/info.php Connection keep-alive Cache-Control no-cache Referer http://clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/info.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Thu, 04 Jan 2018 13:40:20 GMT Content-Encoding gzip Last-Modified Thu, 04 Jan 2018 03:33:58 GMT Server Apache ETag W/"30db-561eb009673dc" X-Cache-Status MISS Transfer-Encoding chunked Content-Type text/javascript Connection keep-alive
GET H/1.1	200 OK	scroll.js Show response clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/assets/scripts-js/	303 B 0	743ms 248ms	Script text/javascript	187.17.111.99 Universo Online S.A.
General Check archive.org Show headers Download Go to Full URL http://clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/assets/scripts-js/scroll.js Requested by Host: clarkkent.sslblindado.com URL: http://clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/info.php Protocol HTTP/1.1 Server 187.17.111.99 , Brazil, ASN7162 (Universo Online S.A., BR), Reverse DNS Software Apache / Resource Hash `831859ae8bf78135ebc630bad4c20e6d7b7e22e7e3154c9c0bd25d82e548862d` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host clarkkent.sslblindado.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept / Referer http://clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/info.php Connection keep-alive Cache-Control no-cache Referer http://clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/info.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Thu, 04 Jan 2018 13:40:20 GMT Content-Encoding gzip Last-Modified Thu, 04 Jan 2018 03:34:02 GMT Server Apache ETag W/"12f-561eb00d8170e" X-Cache-Status MISS Transfer-Encoding chunked Content-Type text/javascript Connection keep-alive
GET H/1.1	200 OK	alert.mod.js Show response clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/assets/scripts-js/	1 KB 0	750ms 252ms	Script text/javascript	187.17.111.99 Universo Online S.A.
General Check archive.org Show headers Download Go to Full URL http://clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/assets/scripts-js/alert.mod.js Requested by Host: clarkkent.sslblindado.com URL: http://clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/info.php Protocol HTTP/1.1 Server 187.17.111.99 , Brazil, ASN7162 (Universo Online S.A., BR), Reverse DNS Software Apache / Resource Hash `6285f8ace5fa9c3b0c51c982081fce563cb0c78e28d4de31511e106bfb8a6892` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host clarkkent.sslblindado.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept / Referer http://clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/info.php Connection keep-alive Cache-Control no-cache Referer http://clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/info.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Thu, 04 Jan 2018 13:40:20 GMT Content-Encoding gzip Last-Modified Thu, 04 Jan 2018 03:33:49 GMT Server Apache ETag W/"44a-561eb000a64a3" X-Cache-Status MISS Transfer-Encoding chunked Content-Type text/javascript Connection keep-alive
GET H/1.1	200 OK	loading.gif clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/assets/images/	9 KB 0	481ms 247ms	Image image/gif	187.17.111.99 Universo Online S.A.
General Check archive.org Show headers Download Go to Show image Full URL http://clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/assets/images/loading.gif Requested by Host: clarkkent.sslblindado.com URL: http://clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/info.php Protocol HTTP/1.1 Server 187.17.111.99 , Brazil, ASN7162 (Universo Online S.A., BR), Reverse DNS Software Apache / Resource Hash `738179b83b47f10aa7377cda69f55438269fff9b15375e63d9f4bc0ca73206f0` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host clarkkent.sslblindado.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/assets/stylesheet-css/styles.css Connection keep-alive Cache-Control no-cache Referer http://clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/assets/stylesheet-css/styles.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Thu, 04 Jan 2018 13:40:20 GMT Last-Modified Thu, 04 Jan 2018 03:33:48 GMT Server Apache ETag "2597-561eb0000a1fb" X-Cache-Status MISS Content-Type image/gif Connection keep-alive Accept-Ranges bytes Content-Length 9623
GET H/1.1	200 OK	background-internas.jpg clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/assets/images/	8 KB 0	506ms 275ms	Image image/jpeg	187.17.111.99 Universo Online S.A.
General Check archive.org Show headers Download Go to Show image Full URL http://clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/assets/images/background-internas.jpg Requested by Host: clarkkent.sslblindado.com URL: http://clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/info.php Protocol HTTP/1.1 Server 187.17.111.99 , Brazil, ASN7162 (Universo Online S.A., BR), Reverse DNS Software Apache / Resource Hash `f5e0023a64035c1ef750ae9e2ccb6a6fc366d6c7f77582e72c18cdcc0d3ca720` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host clarkkent.sslblindado.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/assets/stylesheet-css/styles.css Connection keep-alive Cache-Control no-cache Referer http://clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/assets/stylesheet-css/styles.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Thu, 04 Jan 2018 13:40:20 GMT Last-Modified Thu, 04 Jan 2018 03:33:41 GMT Server Apache ETag "1e2a-561eaff95a715" X-Cache-Status MISS Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 7722
GET H/1.1	200 OK	header-logo.jpg clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/assets/images/	7 KB 0	480ms 250ms	Image image/jpeg	187.17.111.99 Universo Online S.A.
General Check archive.org Show headers Download Go to Show image Full URL http://clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/assets/images/header-logo.jpg Requested by Host: clarkkent.sslblindado.com URL: http://clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/info.php Protocol HTTP/1.1 Server 187.17.111.99 , Brazil, ASN7162 (Universo Online S.A., BR), Reverse DNS Software Apache / Resource Hash `39f28089cf24727bdfb897160adb82c707f923d4a3fd4b19770849364e080b02` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host clarkkent.sslblindado.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/assets/stylesheet-css/styles.css Connection keep-alive Cache-Control no-cache Referer http://clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/assets/stylesheet-css/styles.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Thu, 04 Jan 2018 13:40:20 GMT Last-Modified Thu, 04 Jan 2018 03:33:44 GMT Server Apache ETag "1c55-561eaffbea2a9" X-Cache-Status MISS Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 7253
GET H/1.1	200 OK	banner_credito_imovel_proprio.jpg clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/assets/images/	49 KB 0	505ms 278ms	Image image/jpeg	187.17.111.99 Universo Online S.A.
General Check archive.org Show headers Download Go to Show image Full URL http://clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/assets/images/banner_credito_imovel_proprio.jpg Requested by Host: clarkkent.sslblindado.com URL: http://clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/info.php Protocol HTTP/1.1 Server 187.17.111.99 , Brazil, ASN7162 (Universo Online S.A., BR), Reverse DNS Software Apache / Resource Hash `f462feb357975303658846c3953b9fb6a5da3cd29da474917d3f3eaaaa7b14c9` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host clarkkent.sslblindado.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/assets/stylesheet-css/styles.css Connection keep-alive Cache-Control no-cache Referer http://clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/assets/stylesheet-css/styles.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Thu, 04 Jan 2018 13:40:20 GMT Last-Modified Thu, 04 Jan 2018 03:33:42 GMT Server Apache ETag "c4fc-561eaffa25555" X-Cache-Status MISS Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 50428
GET H/1.1	200 OK	button-orange-left-alink.png clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/assets/images/	328 B 0	484ms 254ms	Image image/png	187.17.111.99 Universo Online S.A.
General Check archive.org Show headers Download Go to Show image Full URL http://clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/assets/images/button-orange-left-alink.png Requested by Host: clarkkent.sslblindado.com URL: http://clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/info.php Protocol HTTP/1.1 Server 187.17.111.99 , Brazil, ASN7162 (Universo Online S.A., BR), Reverse DNS Software Apache / Resource Hash `c0d3d1159c9ca8a77c6c8ea8eb00aed7993c6c4b1fbbac1e378f736539ebd0b4` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host clarkkent.sslblindado.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/assets/stylesheet-css/styles.css Connection keep-alive Cache-Control no-cache Referer http://clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/assets/stylesheet-css/styles.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Thu, 04 Jan 2018 13:40:20 GMT Last-Modified Thu, 04 Jan 2018 03:33:43 GMT Server Apache ETag "148-561eaffb46fe7" X-Cache-Status MISS Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 328
GET H/1.1	200 OK	button-blue-left-alink.png clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/assets/images/	1 KB 0	487ms 249ms	Image image/png	187.17.111.99 Universo Online S.A.
General Check archive.org Show headers Download Go to Show image Full URL http://clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/assets/images/button-blue-left-alink.png Requested by Host: clarkkent.sslblindado.com URL: http://clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/info.php Protocol HTTP/1.1 Server 187.17.111.99 , Brazil, ASN7162 (Universo Online S.A., BR), Reverse DNS Software Apache / Resource Hash `dca245036ba023b303742157484d4a8ec14141c9d5c3d75143c58fca6567bb2c` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host clarkkent.sslblindado.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/assets/stylesheet-css/styles.css Connection keep-alive Cache-Control no-cache Referer http://clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/assets/stylesheet-css/styles.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Thu, 04 Jan 2018 13:40:20 GMT Last-Modified Thu, 04 Jan 2018 03:33:43 GMT Server Apache ETag "563-561eaffb1a4cc" X-Cache-Status MISS Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 1379
GET H/1.1	200 OK	footer-background.jpg clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/assets/images/	332 B 0	486ms 248ms	Image image/jpeg	187.17.111.99 Universo Online S.A.
General Check archive.org Show headers Download Go to Show image Full URL http://clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/assets/images/footer-background.jpg Requested by Host: clarkkent.sslblindado.com URL: http://clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/info.php Protocol HTTP/1.1 Server 187.17.111.99 , Brazil, ASN7162 (Universo Online S.A., BR), Reverse DNS Software Apache / Resource Hash `845ce12783a84cef95bb61ddf16abb4c333f268e031ecdc007b1e37bebcba4ed` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host clarkkent.sslblindado.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/assets/stylesheet-css/styles.css Connection keep-alive Cache-Control no-cache Referer http://clarkkent.sslblindado.com/Bankers/cef/cef_priv8/resource/decoded/zn/assets/stylesheet-css/styles.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Thu, 04 Jan 2018 13:40:20 GMT Last-Modified Thu, 04 Jan 2018 03:33:44 GMT Server Apache ETag "14c-561eaffb91e5e" X-Cache-Status MISS Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 332

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Caixa (Government)

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

clarkkent.sslblindado.com
187.17.111.99
1012db380f66de2821e9dc01b7a1acc379b620bbf25db430cb08b7f76856e417
16a74facf711503b68b3e5bb94af01e94e5095ecef27c7f7cce12952ddffa12b
39f28089cf24727bdfb897160adb82c707f923d4a3fd4b19770849364e080b02
3b2dd400396f34c6076f318b21134a9dc5713ab738b9ec7388e3f67164a54a45
6285f8ace5fa9c3b0c51c982081fce563cb0c78e28d4de31511e106bfb8a6892
738179b83b47f10aa7377cda69f55438269fff9b15375e63d9f4bc0ca73206f0
7817356484c6f6c8c8a7397a8e99aac5f6b66eef0644f55d0a516d637b3acbf7
831859ae8bf78135ebc630bad4c20e6d7b7e22e7e3154c9c0bd25d82e548862d
845ce12783a84cef95bb61ddf16abb4c333f268e031ecdc007b1e37bebcba4ed
86d86cdd9ec55e46fae025439404efa1a3881b56edf9fe530ba98e9dda8ff8bc
8767dab034cef637dee5166403d67e2a11a8014c6e0fa58728ac4037b9e60e40
c0d3d1159c9ca8a77c6c8ea8eb00aed7993c6c4b1fbbac1e378f736539ebd0b4
d6b9b7869d23002ece4f2d6b0f581fb7f784600c2a4c160f518c01c823e9bfd5
dca245036ba023b303742157484d4a8ec14141c9d5c3d75143c58fca6567bb2c
f462feb357975303658846c3953b9fb6a5da3cd29da474917d3f3eaaaa7b14c9
f5e0023a64035c1ef750ae9e2ccb6a6fc366d6c7f77582e72c18cdcc0d3ca720
fe677407afc72738918d716f1d588894ce11a53062737c9abf6b414bf39d2b1a

clarkkent.sslblindado.com Open in urlscan Pro 187.17.111.99 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

17 Requests

0 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

0 kBTransfer

122 kBSize

0 Cookies

4 Outgoing links

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

39 JavaScript Global Variables

0 Cookies

Indicators

clarkkent.sslblindado.com Open in urlscan Pro
187.17.111.99 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

0 kB
Transfer

122 kB
Size

0
Cookies

17 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!