urlscan.io logo urlscan.io
SecurityTrails logo

informativodesaldao.com Open in urlscan Pro
177.55.116.70  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://informativodesaldao.com/
Effective URL: http://informativodesaldao.com/promocao.php
Submission: On April 01 via api from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 10 HTTP transactions. The main IP is 177.55.116.70, located in Brazil and belongs to RedeHost Internet Ltda., BR. The main domain is informativodesaldao.com.
This is the only time informativodesaldao.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Scam (Online)

Domain & IP information

IP Address AS Autonomous System
1 4 177.55.116.70 53057 (RedeHost ...)
1 13.35.253.25 16509 (AMAZON-02)
1 35.227.207.88 15169 (GOOGLE)
5 95.100.197.150 16625 (AKAMAI-AS)
10 4
Domain Requested by
5 static.mlstatic.com informativodesaldao.com
4 informativodesaldao.com 1 redirects informativodesaldao.com
1 a-static.mlcdn.com.br informativodesaldao.com
1 www.mercadolibre.com informativodesaldao.com
10 4

This site contains links to these domains. Also see Links.

Domain
www.mercadolivre.com.br
Subject Issuer Validity Valid
*.mlcdn.com.br
COMODO RSA Domain Validation Secure Server CA		 2018-10-03 -
2020-12-01		 2 years crt.sh

This page contains 1 frames:

Primary Page: http://informativodesaldao.com/promocao.php
Frame ID: 6140698EB6E0C011AC3DA15C40169CC5
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://informativodesaldao.com/ HTTP 302
    http://informativodesaldao.com/promocao.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Page Statistics

10
Requests

10 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

81 kB
Transfer

114 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://informativodesaldao.com/ HTTP 302
    http://informativodesaldao.com/promocao.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request promocao.php
informativodesaldao.com/
Redirect Chain
  • http://informativodesaldao.com/
  • http://informativodesaldao.com/promocao.php
46 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://informativodesaldao.com/promocao.php
Protocol
HTTP/1.1
Server
177.55.116.70 , Brazil, ASN53057 (RedeHost Internet Ltda., BR),
Reverse DNS
Software
Apache / PHP/5.6.30
Resource Hash
68e2fcc61c6a624eb7a2d18a5966ffc76cf0dabd34bd818daec2d157dce32616

Request headers

Host
informativodesaldao.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Cookie
PHPSESSID=2dl56tb9pik88dmn69vkqilcb1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 01 Apr 2019 19:52:05 GMT
Server
Apache
X-Powered-By
PHP/5.6.30
Expires
Thu, 19 Nov 1981 08:52:00 GMT Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0 max-age=0, no-cache, no-store, must-revalidate
Pragma
no-cache no-cache
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
8732
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Mon, 01 Apr 2019 19:52:04 GMT
Server
Apache
X-Powered-By
PHP/5.6.30
Expires
Thu, 19 Nov 1981 08:52:00 GMT Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0 max-age=0, no-cache, no-store, must-revalidate
Pragma
no-cache no-cache
Set-Cookie
PHPSESSID=2dl56tb9pik88dmn69vkqilcb1; path=/
Location
promocao.php
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
23
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
logo-meli-br2x.png
informativodesaldao.com/Raiz/ResponseForm_files/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://informativodesaldao.com/Raiz/ResponseForm_files/logo-meli-br2x.png
Requested by
Host: informativodesaldao.com
URL: http://informativodesaldao.com/promocao.php
Protocol
HTTP/1.1
Server
177.55.116.70 , Brazil, ASN53057 (RedeHost Internet Ltda., BR),
Reverse DNS
Software
Apache /
Resource Hash
7aac328cd05ec15956e0e6e5bc7c2d6800fb94b6d39d89ab7e09535d176aefcb

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
informativodesaldao.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://informativodesaldao.com/promocao.php
Cookie
PHPSESSID=2dl56tb9pik88dmn69vkqilcb1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://informativodesaldao.com/promocao.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 01 Apr 2019 19:52:06 GMT
Content-Encoding
gzip
Last-Modified
Mon, 01 Apr 2019 01:57:16 GMT
Server
Apache
ETag
"b00-5856e570a12af-gzip"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=86400
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
2839
Expires
Tue, 02 Apr 2019 19:52:06 GMT
compra_garantida.png
www.mercadolibre.com/org-img/mkt/email-mkt-assets/images/logos/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.mercadolibre.com/org-img/mkt/email-mkt-assets/images/logos/compra_garantida.png
Requested by
Host: informativodesaldao.com
URL: http://informativodesaldao.com/promocao.php
Protocol
HTTP/1.1
Server
13.35.253.25 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-25.fra6.r.cloudfront.net
Software
Tengine /
Resource Hash
508de1a77bda92757d9f1cf73d8a9d7ba9cb25e4cd24ed4dbbf08134136a5309
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://informativodesaldao.com/promocao.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 01 Apr 2019 19:52:06 GMT
Via
1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
X-D2id
6078b204-a948-4e7b-a60a-101ac1b3a43e
X-Meli-Header
bee57219-4933-4d21-89bb-96169262a69f
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
2305
X-XSS-Protection
1; mode=block
X-Request-Id
6078b204-a948-4e7b-a60a-101ac1b3a43e
Last-Modified
Wed, 12 Jul 2017 16:59:53 GMT
Server
Tengine
Content-Type
image/png
Cache-Control
max-age=2592000
Accept-Ranges
bytes
X-Amz-Cf-Id
NzSniBNiYL7B-FBHmo2GJC8NAVzOoZNLN0F2F2LsJjJP-pZUesc6Yg==
Expires
Wed, 01 May 2019 19:52:06 GMT
033eb0731c0f774c326cc452ea526634.jpg
a-static.mlcdn.com.br/618x463/pneu-aro-13-goodyear-175-70r13-82t-direction-touring-4-unidades/magazineluiza/229116600/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a-static.mlcdn.com.br/618x463/pneu-aro-13-goodyear-175-70r13-82t-direction-touring-4-unidades/magazineluiza/229116600/033eb0731c0f774c326cc452ea526634.jpg
Requested by
Host: informativodesaldao.com
URL: http://informativodesaldao.com/promocao.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.227.207.88 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
88.207.227.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e0add5565b3702a4bca71f425705796617fa013add013c1036881c82edfc9bdc

Request headers

Referer
http://informativodesaldao.com/promocao.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 01 Apr 2019 18:53:40 GMT
via
1.1 google
age
3505
status
200
x-guploader-uploadid
AEnB2UrKc3RXy_cwQh-0nncKfulkHv4sraYIkET7mtzIjUVSjwOVLoObAoJcBDvpPrioW1N6WdKL8UfRh_o_dxx_sauHqCEe7Gbto1DG4Mw3DDjTBZbL5zA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
45318
last-modified
Sat, 30 Mar 2019 12:16:46 GMT
server
nginx
etag
W/"033eb0731c0f774c326cc452ea526634"
x-goog-hash
crc32c=tgmYdg==, md5=Az6wcxwPd0wybMRS6lJmNA==
x-goog-generation
1553948206116072
cache-control
max-age=31536000,public
x-goog-stored-content-length
422228
accept-ranges
bytes
content-type
image/jpeg
expires
Tue, 31 Mar 2020 18:53:40 GMT
appstore_v2.png
static.mlstatic.com/org-img/mkt/email-mkt-assets/icons/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static.mlstatic.com/org-img/mkt/email-mkt-assets/icons/appstore_v2.png
Requested by
Host: informativodesaldao.com
URL: http://informativodesaldao.com/promocao.php
Protocol
HTTP/1.1
Server
95.100.197.150 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-100-197-150.deploy.static.akamaitechnologies.com
Software
Apache/2.2.3 (Red Hat) DAV/2 /
Resource Hash
d1c89e66e1094e5ecdbb25f31e492927dcfeb7f8b1633dfa51956bdbc547c363

Request headers

Referer
http://informativodesaldao.com/promocao.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 01 Apr 2019 19:52:05 GMT
Last-Modified
Wed, 22 Mar 2017 12:55:46 GMT
Server
Apache/2.2.3 (Red Hat) DAV/2
X-Request-Start
1505989112300405
X-Varnish
661347844 652161559
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
4311
Expires
Mon, 09 Oct 2017 14:02:09 GMT
googleplay_v2.png
static.mlstatic.com/org-img/mkt/email-mkt-assets/icons/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static.mlstatic.com/org-img/mkt/email-mkt-assets/icons/googleplay_v2.png
Requested by
Host: informativodesaldao.com
URL: http://informativodesaldao.com/promocao.php
Protocol
HTTP/1.1
Server
95.100.197.150 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-100-197-150.deploy.static.akamaitechnologies.com
Software
Apache/2.2.3 (Red Hat) DAV/2 /
Resource Hash
7a1c0ec6d4b0a580bbf33359f30056432111caeeba5f450d05f6c952c2e1f4d1

Request headers

Referer
http://informativodesaldao.com/promocao.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 01 Apr 2019 19:52:05 GMT
Last-Modified
Wed, 22 Mar 2017 12:55:51 GMT
Server
Apache/2.2.3 (Red Hat) DAV/2
X-Request-Start
1505989112299622
X-Varnish
2235055236 2233065646
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
6123
Expires
Thu, 19 Oct 2017 02:12:00 GMT
facebook.png
static.mlstatic.com/org-img/emails/marketing/bienvenida/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static.mlstatic.com/org-img/emails/marketing/bienvenida/facebook.png
Requested by
Host: informativodesaldao.com
URL: http://informativodesaldao.com/promocao.php
Protocol
HTTP/1.1
Server
95.100.197.150 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-100-197-150.deploy.static.akamaitechnologies.com
Software
Apache/2.2.3 (Red Hat) DAV/2 /
Resource Hash
716bb773b25b092e0f5b0ca057eeaff2b2a61eb36823550b2ef1927f220af3b2

Request headers

Referer
http://informativodesaldao.com/promocao.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 01 Apr 2019 19:52:05 GMT
Last-Modified
Thu, 28 Apr 2016 17:45:32 GMT
Server
Apache/2.2.3 (Red Hat) DAV/2
X-Request-Start
1506063325027518
X-Varnish
2235910164 2212601685
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
1126
Expires
Mon, 25 Sep 2017 13:47:50 GMT
Instagram.png
informativodesaldao.com/Raiz/ResponseForm_files/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://informativodesaldao.com/Raiz/ResponseForm_files/Instagram.png
Requested by
Host: informativodesaldao.com
URL: http://informativodesaldao.com/promocao.php
Protocol
HTTP/1.1
Server
177.55.116.70 , Brazil, ASN53057 (RedeHost Internet Ltda., BR),
Reverse DNS
Software
Apache /
Resource Hash
bfa0db91f56d44d0fb914f975988002f2827ba2ca2d110802f2a62fb45ec3caa

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
informativodesaldao.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://informativodesaldao.com/promocao.php
Cookie
PHPSESSID=2dl56tb9pik88dmn69vkqilcb1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://informativodesaldao.com/promocao.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 01 Apr 2019 19:52:06 GMT
Content-Encoding
gzip
Last-Modified
Mon, 01 Apr 2019 01:57:16 GMT
Server
Apache
ETag
"e85-5856e5705a1f7-gzip"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=86400
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
3466
Expires
Tue, 02 Apr 2019 19:52:06 GMT
icontwt.png
static.mlstatic.com/org-img/mkt/email-mkt-assets/2x/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static.mlstatic.com/org-img/mkt/email-mkt-assets/2x/icontwt.png
Requested by
Host: informativodesaldao.com
URL: http://informativodesaldao.com/promocao.php
Protocol
HTTP/1.1
Server
95.100.197.150 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-100-197-150.deploy.static.akamaitechnologies.com
Software
Apache/2.2.3 (Red Hat) DAV/2 /
Resource Hash
7ec374350419550a817b1d1edbd58f5826ee7072c0c0595cf321a7354bab30c2

Request headers

Referer
http://informativodesaldao.com/promocao.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 01 Apr 2019 19:52:05 GMT
Last-Modified
Tue, 02 Aug 2016 14:14:23 GMT
Server
Apache/2.2.3 (Red Hat) DAV/2
X-Request-Start
1505989112506601
X-Varnish
2235055241 2213571721
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
2937
Expires
Tue, 26 Sep 2017 21:57:06 GMT
youtube.png
static.mlstatic.com/org-img/emails/marketing/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static.mlstatic.com/org-img/emails/marketing/youtube.png
Requested by
Host: informativodesaldao.com
URL: http://informativodesaldao.com/promocao.php
Protocol
HTTP/1.1
Server
95.100.197.150 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-100-197-150.deploy.static.akamaitechnologies.com
Software
Apache/2.2.3 (Red Hat) DAV/2 /
Resource Hash
d25673af09081eadea40309e86030b5b440d27c492eb9c2c6d6b9786f023d03e

Request headers

Referer
http://informativodesaldao.com/promocao.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 01 Apr 2019 19:52:05 GMT
Last-Modified
Thu, 26 May 2016 20:07:30 GMT
Server
Apache/2.2.3 (Red Hat) DAV/2
X-Request-Start
1506063325162744
X-Varnish
2235910168 2212560570
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
1452
Expires
Mon, 25 Sep 2017 12:29:40 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask

1 Cookies

Domain/Path Name / Value
informativodesaldao.com/ Name: PHPSESSID
Value: 2dl56tb9pik88dmn69vkqilcb1