natalsys.com.br Open in urlscan Pro
187.111.252.36 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://natalsys.com.br/index.html
Submission: On June 04 via automatic, source phishtank (June 4th 2021, 3:07:49 am UTC)

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 12 HTTP transactions. The main IP is 187.111.252.36, located in Natal, Brazil and belongs to CABO SERVICOS DE TELECOMUNICACOES LTDA, BR. The main domain is natalsys.com.br.
TLS certificate: Issued by cPanel, Inc. Certification Authority on May 28th 2021. Valid for: 3 months.

This is the only time natalsys.com.br was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Chase (Banking)

Domain & IP information

	IP Address	AS Autonomous System
10	187.111.252.36 187.111.252.36	28220 (CABO SERV...) (CABO SERVICOS DE TELECOMUNICACOES LTDA)
2	184.30.26.48 184.30.26.48	16625 (AKAMAI-AS) (AKAMAI-AS)
12	2

10 187.111.252.36 (Natal, Brazil)

ASN28220 (CABO SERVICOS DE TELECOMUNICACOES LTDA, BR)
PTR: ip252-36.btn.com.br

natalsys.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.30.26.48 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-26-48.deploy.static.akamaitechnologies.com

static.chasecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	natalsys.com.br natalsys.com.br	387 KB
2	chasecdn.com static.chasecdn.com	185 KB
12	2

	Domain	Requested by
10	natalsys.com.br	natalsys.com.br
2	static.chasecdn.com	natalsys.com.br
12	2

This site contains no links.

Subject Issuer	Validity	Valid
natalsys.com.br cPanel, Inc. Certification Authority	`2021-05-28` - `2021-08-26`	3 months	crt.sh
static.chasecdn.com Entrust Certification Authority - L1M	`2020-11-23` - `2021-11-23`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://natalsys.com.br/index.html
Frame ID: CC5BAF0BD519168DF2F9E0D037078A90
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

12
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

572 kB
Transfer

569 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request index.html Show response
natalsys.com.br/ 9 KB
10 KB 530ms
177ms Document
text/html 187.111.252.36
CABO SERVICOS DE ...

General

Check archive.org

Show headers Download Go to

Full URL: https://natalsys.com.br/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 187.111.252.36 Natal, Brazil, ASN28220 (CABO SERVICOS DE TELECOMUNICACOES LTDA, BR),
Reverse DNS: ip252-36.btn.com.br
Software: Apache /
Resource Hash: ab5ec21f6570cda07dcfc3f5e8eebea1dc4bff85f60a6df885fdec5851f27866

Request headers

Host: natalsys.com.br
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Jun 2021 03:07:29 GMT
Server: Apache
Last-Modified: Thu, 03 Jun 2021 13:55:00 GMT
Accept-Ranges: bytes
Content-Length: 9685
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html

GET
H/1.1 200
OK appConfig.js Show response
natalsys.com.br/files/ 11 KB
12 KB 174ms
173ms Script
application/javascript 187.111.252.36
CABO SERVICOS DE ...

General

Check archive.org

Show headers Download Go to

Full URL: https://natalsys.com.br/files/appConfig.js
Requested by: Host: natalsys.com.br
URL: https://natalsys.com.br/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 187.111.252.36 Natal, Brazil, ASN28220 (CABO SERVICOS DE TELECOMUNICACOES LTDA, BR),
Reverse DNS: ip252-36.btn.com.br
Software: Apache /
Resource Hash: a0ff0feed10a8e21e566ab538008e58c55d6eeaad8c8ea7efcd36d2633726c3e

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: natalsys.com.br
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://natalsys.com.br/index.html
Connection: keep-alive
Referer: https://natalsys.com.br/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Jun 2021 03:07:29 GMT
Last-Modified: Thu, 11 Jan 2018 23:30:42 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 11596

GET
H/1.1 500
Internal Server Error ss.js
natalsys.com.br/files/ 0
0 517ms
173ms Script
text/html 187.111.252.36
CABO SERVICOS DE ...

General

Check archive.org

Show headers Download Go to

Full URL: https://natalsys.com.br/files/ss.js
Requested by: Host: natalsys.com.br
URL: https://natalsys.com.br/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 187.111.252.36 Natal, Brazil, ASN28220 (CABO SERVICOS DE TELECOMUNICACOES LTDA, BR),
Reverse DNS: ip252-36.btn.com.br
Software: Apache /
Resource Hash

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: natalsys.com.br
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://natalsys.com.br/index.html
Connection: keep-alive
Referer: https://natalsys.com.br/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Jun 2021 03:07:30 GMT
Server: Apache
Connection: close
Content-Length: 669
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK blue-ui.css
natalsys.com.br/files/ 258 KB
258 KB 351ms
175ms Stylesheet
text/css 187.111.252.36
CABO SERVICOS DE ...

General

Check archive.org

Show headers Download Go to

Full URL: https://natalsys.com.br/files/blue-ui.css
Requested by: Host: natalsys.com.br
URL: https://natalsys.com.br/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 187.111.252.36 Natal, Brazil, ASN28220 (CABO SERVICOS DE TELECOMUNICACOES LTDA, BR),
Reverse DNS: ip252-36.btn.com.br
Software: Apache /
Resource Hash: 80a18543ba3fff90a23a10df2d435680fcefee6c962dd9d20ab3f51c2abaf162

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: natalsys.com.br
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://natalsys.com.br/index.html
Connection: keep-alive
Referer: https://natalsys.com.br/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Jun 2021 03:07:29 GMT
Last-Modified: Fri, 15 Sep 2017 23:07:40 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 263831

GET
H/1.1 200
OK logon.css
natalsys.com.br/files/ 82 KB
83 KB 515ms
172ms Stylesheet
text/css 187.111.252.36
CABO SERVICOS DE ...

General

Check archive.org

Show headers Download Go to

Full URL: https://natalsys.com.br/files/logon.css
Requested by: Host: natalsys.com.br
URL: https://natalsys.com.br/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 187.111.252.36 Natal, Brazil, ASN28220 (CABO SERVICOS DE TELECOMUNICACOES LTDA, BR),
Reverse DNS: ip252-36.btn.com.br
Software: Apache /
Resource Hash: 13aa9ff522d67f8b784fbc58a23ad97fb87dbbcf31dcc727fe896547d0c3e5cf

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: natalsys.com.br
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://natalsys.com.br/index.html
Connection: keep-alive
Referer: https://natalsys.com.br/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Jun 2021 03:07:30 GMT
Last-Modified: Wed, 31 Jan 2018 22:50:32 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 84443

GET
H/1.1 200
OK logo.png
natalsys.com.br/files/ 15 KB
15 KB 174ms
173ms Image
image/png 187.111.252.36
CABO SERVICOS DE ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://natalsys.com.br/files/logo.png
Requested by: Host: natalsys.com.br
URL: https://natalsys.com.br/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 187.111.252.36 Natal, Brazil, ASN28220 (CABO SERVICOS DE TELECOMUNICACOES LTDA, BR),
Reverse DNS: ip252-36.btn.com.br
Software: Apache /
Resource Hash: 22725883f90963b8fa60a9cea8dc65bc6aeb64783533a1375decfa9bb6fe55f3

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: natalsys.com.br
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://natalsys.com.br/index.html
Connection: keep-alive
Referer: https://natalsys.com.br/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Jun 2021 03:07:30 GMT
Last-Modified: Wed, 31 Jan 2018 23:25:24 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 14854

GET
H/1.1 200
OK Capture.PNG
natalsys.com.br/files/ 632 B
873 B 473ms
172ms Image
image/png 187.111.252.36
CABO SERVICOS DE ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://natalsys.com.br/files/Capture.PNG
Requested by: Host: natalsys.com.br
URL: https://natalsys.com.br/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 187.111.252.36 Natal, Brazil, ASN28220 (CABO SERVICOS DE TELECOMUNICACOES LTDA, BR),
Reverse DNS: ip252-36.btn.com.br
Software: Apache /
Resource Hash: 774da4f67a524dd237c2feeb02b64dece2e23fb3f8272f17e121ebf8e78ef174

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: natalsys.com.br
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://natalsys.com.br/index.html
Connection: keep-alive
Referer: https://natalsys.com.br/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Jun 2021 03:07:30 GMT
Last-Modified: Sat, 03 Feb 2018 02:32:48 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 632

GET
H2 200 background.desktop.night.11.jpeg
static.chasecdn.com/content/geo-images/images/ 160 KB
160 KB 103ms
32ms Image
image/jpeg 184.30.26.48
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.chasecdn.com/content/geo-images/images/background.desktop.night.11.jpeg

Requested by

Host: natalsys.com.br
URL: https://natalsys.com.br/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.26.48 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-26-48.deploy.static.akamaitechnologies.com

Software

Resource Hash

ef85a34565c1a5a1c8cdb5543f029447fbd0c3e97fdb2a7dbad555124f1f911c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://natalsys.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Sat, 26 Sep 2020 00:39:18 GMT
date: Fri, 04 Jun 2021 03:07:30 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000,s-maxage=2592000
accept-ranges: bytes
content-length: 163473

GET
H2 200 opensans-regular.woff
static.chasecdn.com/content/dam/cpo-static/fonts/ 24 KB
25 KB 104ms
38ms Font
font/woff 184.30.26.48
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://static.chasecdn.com/content/dam/cpo-static/fonts/opensans-regular.woff

Requested by

Host: natalsys.com.br
URL: https://natalsys.com.br/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.26.48 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-26-48.deploy.static.akamaitechnologies.com

Software

Resource Hash

b8422277fc69c8e6ab51112dbf25048e40425cc497490fee251b56d7ef0ca179

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://natalsys.com.br
Referer: https://natalsys.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Thu, 22 Apr 2021 19:01:59 GMT
date: Fri, 04 Jun 2021 03:07:30 GMT
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=2592000,s-maxage=2592000
accept-ranges: bytes
content-length: 24876

GET
H/1.1 200
OK index.html
natalsys.com.br/ 9 KB
10 KB 173ms
172ms Font
text/html 187.111.252.36
CABO SERVICOS DE ...

General

Check archive.org

Show headers Download Go to

Full URL: https://natalsys.com.br/index.html
Requested by: Host: natalsys.com.br
URL: https://natalsys.com.br/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 187.111.252.36 Natal, Brazil, ASN28220 (CABO SERVICOS DE TELECOMUNICACOES LTDA, BR),
Reverse DNS: ip252-36.btn.com.br
Software: Apache /
Resource Hash: ab5ec21f6570cda07dcfc3f5e8eebea1dc4bff85f60a6df885fdec5851f27866

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://natalsys.com.br
Accept-Encoding: gzip, deflate, br
Host: natalsys.com.br
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://natalsys.com.br/index.html
Connection: keep-alive
Origin: https://natalsys.com.br
Referer: https://natalsys.com.br/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Jun 2021 03:07:30 GMT
Last-Modified: Thu, 03 Jun 2021 13:55:00 GMT
Server: Apache
Content-Type: text/html
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 9685

GET
H/1.1 500
Internal Server Error dcefont.woff
natalsys.com.br/files/fonts/ 0
0 173ms
173ms Font
text/html 187.111.252.36
CABO SERVICOS DE ...

General

Check archive.org

Show headers Download Go to

Full URL: https://natalsys.com.br/files/fonts/dcefont.woff
Requested by: Host: natalsys.com.br
URL: https://natalsys.com.br/files/blue-ui.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 187.111.252.36 Natal, Brazil, ASN28220 (CABO SERVICOS DE TELECOMUNICACOES LTDA, BR),
Reverse DNS: ip252-36.btn.com.br
Software: Apache /
Resource Hash

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://natalsys.com.br
Accept-Encoding: gzip, deflate, br
Host: natalsys.com.br
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://natalsys.com.br/files/blue-ui.css
Connection: keep-alive
Origin: https://natalsys.com.br
Referer: https://natalsys.com.br/files/blue-ui.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Jun 2021 03:07:30 GMT
Server: Apache
Connection: close
Content-Length: 669
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 500
Internal Server Error dcefont.ttf
natalsys.com.br/files/fonts/ 0
0 172ms
172ms Font
text/html 187.111.252.36
CABO SERVICOS DE ...

General

Check archive.org

Show headers Download Go to

Full URL: https://natalsys.com.br/files/fonts/dcefont.ttf
Requested by: Host: natalsys.com.br
URL: https://natalsys.com.br/files/blue-ui.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 187.111.252.36 Natal, Brazil, ASN28220 (CABO SERVICOS DE TELECOMUNICACOES LTDA, BR),
Reverse DNS: ip252-36.btn.com.br
Software: Apache /
Resource Hash

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://natalsys.com.br
Accept-Encoding: gzip, deflate, br
Host: natalsys.com.br
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://natalsys.com.br/files/blue-ui.css
Connection: keep-alive
Origin: https://natalsys.com.br
Referer: https://natalsys.com.br/files/blue-ui.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Jun 2021 03:07:30 GMT
Server: Apache
Connection: close
Content-Length: 669
Content-Type: text/html; charset=iso-8859-1

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Chase (Banking)

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

natalsys.com.br
static.chasecdn.com
184.30.26.48
187.111.252.36
13aa9ff522d67f8b784fbc58a23ad97fb87dbbcf31dcc727fe896547d0c3e5cf
22725883f90963b8fa60a9cea8dc65bc6aeb64783533a1375decfa9bb6fe55f3
774da4f67a524dd237c2feeb02b64dece2e23fb3f8272f17e121ebf8e78ef174
80a18543ba3fff90a23a10df2d435680fcefee6c962dd9d20ab3f51c2abaf162
a0ff0feed10a8e21e566ab538008e58c55d6eeaad8c8ea7efcd36d2633726c3e
ab5ec21f6570cda07dcfc3f5e8eebea1dc4bff85f60a6df885fdec5851f27866
b8422277fc69c8e6ab51112dbf25048e40425cc497490fee251b56d7ef0ca179
ef85a34565c1a5a1c8cdb5543f029447fbd0c3e97fdb2a7dbad555124f1f911c

natalsys.com.br Open in urlscan Pro 187.111.252.36 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

12 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

572 kBTransfer

569 kBSize

0 Cookies

0 Outgoing links

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

14 JavaScript Global Variables

0 Cookies

Indicators

natalsys.com.br Open in urlscan Pro
187.111.252.36 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

572 kB
Transfer

569 kB
Size

0
Cookies

12 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!