www.continuumdesign.pt
Open in
urlscan Pro
185.11.164.231
Malicious Activity!
Public Scan
Effective URL: https://www.continuumdesign.pt/mx1.principal.com==77dcdd8d98fcb189dc5774e5c75cbe44==mx1.principal.com/72d2257323bce246d7a22b8ff...
Submission: On January 15 via manual from US
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on November 16th 2018. Valid for: 3 months.
This is the only time www.continuumdesign.pt was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Network Solutions (Internet)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 200.98.245.80 200.98.245.80 | 7162 (Universo ...) (Universo Online S.A.) | |
3 18 | 185.11.164.231 185.11.164.231 | 8426 (CLARANET-...) (CLARANET-AS ClaraNET LTD) | |
16 | 2 |
ASN7162 (Universo Online S.A., BR)
PTR: cphost0076.servidorwebfacil.com
www.conectpropaganda.com.br |
ASN8426 (CLARANET-AS ClaraNET LTD, GB)
PTR: vs311.rede1024.com
www.continuumdesign.pt |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
continuumdesign.pt
3 redirects
www.continuumdesign.pt |
813 KB |
1 |
conectpropaganda.com.br
www.conectpropaganda.com.br |
345 B |
16 | 2 |
Domain | Requested by | |
---|---|---|
18 | www.continuumdesign.pt |
3 redirects
www.conectpropaganda.com.br
www.continuumdesign.pt |
1 | www.conectpropaganda.com.br | |
16 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
knowledge.web.com |
forum.web.com |
web.com |
www.networksolutions.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
continuumdesign.pt Let's Encrypt Authority X3 |
2018-11-16 - 2019-02-14 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.continuumdesign.pt/mx1.principal.com==77dcdd8d98fcb189dc5774e5c75cbe44==mx1.principal.com/72d2257323bce246d7a22b8ff3b3b433/?Key=58979232398&rand=13InboxLightaspxn.589792323981774256418&fid.4.1252899642&fid=1&nosmgs=tee&&rand=13InboxLight.aspxn..1774256418&fid.1252899642&fid.1&fav.1&login=c3Vsa293c2tpLWphY29iLmthcmVuQHByaW5jaXBhbC5jb20=&.rand=13InboxLight.aspx?n=589792323981774256418&fid=4
Frame ID: C79882563E930F44A65E0F7955C97C49
Requests: 16 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- http://www.conectpropaganda.com.br/?e=sulkowski-jacob.karen@principal.com Page URL
-
https://www.continuumdesign.pt/?uid=sulkowski-jacob.karen@principal.com
HTTP 302
https://www.continuumdesign.pt/mx1.principal.com==77dcdd8d98fcb189dc5774e5c75cbe44==mx1.principal.com/?open... HTTP 302
https://www.continuumdesign.pt/mx1.principal.com==77dcdd8d98fcb189dc5774e5c75cbe44==mx1.principal.com/72d22... HTTP 301
https://www.continuumdesign.pt/mx1.principal.com==77dcdd8d98fcb189dc5774e5c75cbe44==mx1.principal.com/72d22... Page URL
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Google Font API (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
- script /jquery.*\.js/i
- env /^jQuery$/i
- script /jquery-ui.*\.js/i
jQuery UI (JavaScript Libraries) Expand
Detected patterns
- script /jquery-ui.*\.js/i
Twitter Bootstrap () Expand
Detected patterns
- html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i
Page Statistics
6 Outgoing links
These are links going to different origins than the main page.
Title: Set up your iPhone
Search URL Search Domain Scan URL
Title: Set up your Android
Search URL Search Domain Scan URL
Title: Help Center
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Service Agreement
Search URL Search Domain Scan URL
Title: Terms of Use
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://www.conectpropaganda.com.br/?e=sulkowski-jacob.karen@principal.com Page URL
-
https://www.continuumdesign.pt/?uid=sulkowski-jacob.karen@principal.com
HTTP 302
https://www.continuumdesign.pt/mx1.principal.com==77dcdd8d98fcb189dc5774e5c75cbe44==mx1.principal.com/?open=1&Key=29863486070&rand=13InboxLightaspxn.298634860701774256418&fid.4.&fid=&fav.1&rand.13InboxLight.aspxn.&fid.&fid=&fav.1&uid=c3Vsa293c2tpLWphY29iLmthcmVuQHByaW5jaXBhbC5jb20=&.rand=13InboxLight.aspx?n=29863486070&fid=4 HTTP 302
https://www.continuumdesign.pt/mx1.principal.com==77dcdd8d98fcb189dc5774e5c75cbe44==mx1.principal.com/72d2257323bce246d7a22b8ff3b3b433?Key=58979232398&rand=13InboxLightaspxn.589792323981774256418&fid.4.1252899642&fid=1&nosmgs=tee&&rand=13InboxLight.aspxn..1774256418&fid.1252899642&fid.1&fav.1&login=c3Vsa293c2tpLWphY29iLmthcmVuQHByaW5jaXBhbC5jb20=&.rand=13InboxLight.aspx?n=589792323981774256418&fid=4 HTTP 301
https://www.continuumdesign.pt/mx1.principal.com==77dcdd8d98fcb189dc5774e5c75cbe44==mx1.principal.com/72d2257323bce246d7a22b8ff3b3b433/?Key=58979232398&rand=13InboxLightaspxn.589792323981774256418&fid.4.1252899642&fid=1&nosmgs=tee&&rand=13InboxLight.aspxn..1774256418&fid.1252899642&fid.1&fav.1&login=c3Vsa293c2tpLWphY29iLmthcmVuQHByaW5jaXBhbC5jb20=&.rand=13InboxLight.aspx?n=589792323981774256418&fid=4 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
16 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
www.conectpropaganda.com.br/ |
138 B 345 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
/
www.continuumdesign.pt/mx1.principal.com==77dcdd8d98fcb189dc5774e5c75cbe44==mx1.principal.com/72d2257323bce246d7a22b8ff3b3b433/ Redirect Chain
|
7 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.css
www.continuumdesign.pt/mx1.principal.com==77dcdd8d98fcb189dc5774e5c75cbe44==mx1.principal.com/Email_files/ncss/ |
111 KB 112 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login.css
www.continuumdesign.pt/mx1.principal.com==77dcdd8d98fcb189dc5774e5c75cbe44==mx1.principal.com/Email_files/ncss/ |
4 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-ui-1.css
www.continuumdesign.pt/mx1.principal.com==77dcdd8d98fcb189dc5774e5c75cbe44==mx1.principal.com/Email_files/ncss/ |
27 KB 27 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.js
www.continuumdesign.pt/mx1.principal.com==77dcdd8d98fcb189dc5774e5c75cbe44==mx1.principal.com/Email_files/ncss/ |
271 KB 272 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery_004.js
www.continuumdesign.pt/mx1.principal.com==77dcdd8d98fcb189dc5774e5c75cbe44==mx1.principal.com/Email_files/ncss/ |
42 KB 43 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
form.js
www.continuumdesign.pt/mx1.principal.com==77dcdd8d98fcb189dc5774e5c75cbe44==mx1.principal.com/Email_files/ncss/ |
42 KB 43 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cookie.js
www.continuumdesign.pt/mx1.principal.com==77dcdd8d98fcb189dc5774e5c75cbe44==mx1.principal.com/Email_files/ncss/ |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery_003.js
www.continuumdesign.pt/mx1.principal.com==77dcdd8d98fcb189dc5774e5c75cbe44==mx1.principal.com/Email_files/ncss/ |
4 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-ui-personalized-1.js
www.continuumdesign.pt/mx1.principal.com==77dcdd8d98fcb189dc5774e5c75cbe44==mx1.principal.com/Email_files/ncss/ |
223 KB 223 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.js
www.continuumdesign.pt/mx1.principal.com==77dcdd8d98fcb189dc5774e5c75cbe44==mx1.principal.com/Email_files/ncss/ |
4 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery_002.js
www.continuumdesign.pt/mx1.principal.com==77dcdd8d98fcb189dc5774e5c75cbe44==mx1.principal.com/Email_files/ncss/ |
11 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
oxedhelpers.js
www.continuumdesign.pt/mx1.principal.com==77dcdd8d98fcb189dc5774e5c75cbe44==mx1.principal.com/Email_files/ncss/ |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
oxedlogin.js
www.continuumdesign.pt/mx1.principal.com==77dcdd8d98fcb189dc5774e5c75cbe44==mx1.principal.com/Email_files/ncss/ |
0 252 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.png
www.continuumdesign.pt/mx1.principal.com==77dcdd8d98fcb189dc5774e5c75cbe44==mx1.principal.com/Email_files/ |
59 KB 59 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Network Solutions (Internet)13 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery function| getCookie function| setCookie function| deleteCookie function| ffconsole function| getSessionIDFromJSESSIONCookie string| user string| pass string| testdomainName0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
www.conectpropaganda.com.br
www.continuumdesign.pt
185.11.164.231
200.98.245.80
2b4a3df4498692dc8070a733a2a562bc993035e31663db219d5f6ecb2876ec4c
6413304b1fa55de995428a94ae484d61da0ec83c443ed580af279bf87199c99f
67aaf117b540667df45a44e1717d11a0b2c9401a6b92eb0f5882050bf6fc331d
76d0a7b789698e70fd5a4fd3a1c8e915f4175440c95eca84661935ba88b5952e
824bfa01feb0bb4bb6872da633b81782a6708dfb3d0812b26a0a13d9c9ef3587
8380acb9fc84ac272d7669867f2ac68f08d633a58d12633975ea8875ad3866db
8591913c9c5ea27e9c9d35b7eb51c2d437d5b2c0729d4ae2ad36f3eeced772bb
9d16623082446707b3e760f17360f1ff00b4625a3f67821f0f7c038f9541f4fc
a21f8ab100d68116caf7cf4964172c1ab2538dd35d018caaa523fd97a8896ba6
c329666c1a839c509f032e16064066a6277a5e728a0d2b7e02af4c2e6faa5488
c9516062705c29d701dd1e060a92a51bb058f41ea280a2f2dc53dfcb80f8d26f
d484d2dcb653fb304aaf1cde0c5b7883cd39dbe8a397632467ed0305a170fb0e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3bd15c704cc246a8036efc3bd5d15b0e24ff62b64b52238acb22c02695dddf2
ea2f5cc5ff3e25162d8ec3aefe2f02cddbd63e3e8f54fef390b65b1dc280700e