www.jettratores.com.br
Open in
urlscan Pro
192.185.216.235
Malicious Activity!
Public Scan
Submitted URL: http://www.jettratores.com.br/dwin7
Effective URL: http://www.jettratores.com.br/dwin7/8d0d2f06e9cbca03cd4b756971340398/2b926eee3933ad837f3307513d57a00e/
Submission: On April 30 via manual from AU
Effective URL: http://www.jettratores.com.br/dwin7/8d0d2f06e9cbca03cd4b756971340398/2b926eee3933ad837f3307513d57a00e/
Submission: On April 30 via manual from AU
Summary
This website contacted 3 IPs
in 1 countries
across 3 domains to perform 22 HTTP transactions.
The main IP is 192.185.216.235, located in
Houston, United States and
belongs to CYRUSONE - CyrusOne LLC, US.
The main domain is www.jettratores.com.br.
This is the only time www.jettratores.com.br was scanned on urlscan.io!
This is the only time www.jettratores.com.br was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: NAB Bank (Banking)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 5 24 | 192.185.216.235 192.185.216.235 | 20013 (CYRUSONE) (CYRUSONE - CyrusOne LLC) | |
| 1 | 104.19.193.102 104.19.193.102 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
| 2 | 172.217.22.110 172.217.22.110 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 22 | 3 |
24
192.185.216.235
(Houston, United States)
ASN20013 (CYRUSONE - CyrusOne LLC, US)
PTR: srv26-ip06.prodns.com.br
ASN20013 (CYRUSONE - CyrusOne LLC, US)
PTR: srv26-ip06.prodns.com.br
| www.jettratores.com.br |
1
104.19.193.102
(San Francisco, United States)
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
| ajax.cloudflare.com |
2
172.217.22.110
(Mountain View, United States)
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s18-in-f110.1e100.net
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s18-in-f110.1e100.net
| www.google-analytics.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 24 |
jettratores.com.br
5 redirects
www.jettratores.com.br |
138 KB |
| 2 |
google-analytics.com
www.google-analytics.com |
17 KB |
| 1 |
cloudflare.com
ajax.cloudflare.com |
2 KB |
| 22 | 3 |
| Domain | Requested by | |
|---|---|---|
| 24 | www.jettratores.com.br |
5 redirects
www.jettratores.com.br
|
| 2 | www.google-analytics.com |
www.jettratores.com.br
|
| 1 | ajax.cloudflare.com |
www.jettratores.com.br
|
| 22 | 3 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| nab.com.au |
| Subject Issuer | Validity | Valid |
|---|
This page contains 1 frames:
Primary Page:
http://www.jettratores.com.br/dwin7/8d0d2f06e9cbca03cd4b756971340398/2b926eee3933ad837f3307513d57a00e/
Frame ID: E790535D2B33EB915121BE431D623712
Requests: 22 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://www.jettratores.com.br/dwin7
HTTP 301
http://www.jettratores.com.br/dwin7/ HTTP 302
http://www.jettratores.com.br/dwin7/8d0d2f06e9cbca03cd4b756971340398 HTTP 301
http://www.jettratores.com.br/dwin7/8d0d2f06e9cbca03cd4b756971340398/ HTTP 302
http://www.jettratores.com.br/dwin7/8d0d2f06e9cbca03cd4b756971340398/2b926eee3933ad837f3307513d57a00e HTTP 301
http://www.jettratores.com.br/dwin7/8d0d2f06e9cbca03cd4b756971340398/2b926eee3933ad837f3307513d57a00e/ Page URL
Detected technologies
Nginx
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
CloudFlare
(CDN)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- env /^CloudFlare$/i
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
- env /^gaGlobal$/i
SWFObject
(Miscellaneous)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /swfobject.*\.js/i
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /jquery.*\.js/i
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
URL: http://nab.com.au/wps/wcm/connect/nab/nab/home/About_Us/9/6
Title: disclaimer page
Title: disclaimer page
Search URL Search Domain Scan URL
URL: http://nab.com.au/wps/wcm/connect/nab/nab/home/About_Us/10/1/
Title: Privacy Policy
Title: Privacy Policy
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://www.jettratores.com.br/dwin7
HTTP 301
http://www.jettratores.com.br/dwin7/ HTTP 302
http://www.jettratores.com.br/dwin7/8d0d2f06e9cbca03cd4b756971340398 HTTP 301
http://www.jettratores.com.br/dwin7/8d0d2f06e9cbca03cd4b756971340398/ HTTP 302
http://www.jettratores.com.br/dwin7/8d0d2f06e9cbca03cd4b756971340398/2b926eee3933ad837f3307513d57a00e HTTP 301
http://www.jettratores.com.br/dwin7/8d0d2f06e9cbca03cd4b756971340398/2b926eee3933ad837f3307513d57a00e/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 12- http://ajax.cloudflare.com/cdn-cgi/nexp/dokv=97fb4d042e/cloudflare.min.js HTTP 307
- https://ajax.cloudflare.com/cdn-cgi/nexp/dokv=97fb4d042e/cloudflare.min.js
- http://www.google-analytics.com/ga.js HTTP 307
- https://www.google-analytics.com/ga.js
- http://www.google-analytics.com/__utm.gif?utmwv=5.5.5&utms=1&utmn=1670480662&utmhn=www.jettratores.com.br&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=NAB%20-%20Member%20Satisfaction%20Survey&utmhid=1697269838&utmr=-&utmp=%2Fdwin7%2F8d0d2f06e9cbca03cd4b756971340398%2F2b926eee3933ad837f3307513d57a00e%2F&utmht=1525065489211&utmac=UA-24957846-7&utmcc=__utma%3D169786170.626515503.1525065489.1525065489.1525065489.1%3B%2B__utmz%3D169786170.1525065489.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmu=q~ HTTP 307
- https://www.google-analytics.com/__utm.gif?utmwv=5.5.5&utms=1&utmn=1670480662&utmhn=www.jettratores.com.br&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=NAB%20-%20Member%20Satisfaction%20Survey&utmhid=1697269838&utmr=-&utmp=%2Fdwin7%2F8d0d2f06e9cbca03cd4b756971340398%2F2b926eee3933ad837f3307513d57a00e%2F&utmht=1525065489211&utmac=UA-24957846-7&utmcc=__utma%3D169786170.626515503.1525065489.1525065489.1525065489.1%3B%2B__utmz%3D169786170.1525065489.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmu=q~
22 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
/
www.jettratores.com.br/dwin7/8d0d2f06e9cbca03cd4b756971340398/2b926eee3933ad837f3307513d57a00e/ Redirect Chain
|
11 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ga.js
www.jettratores.com.br/dwin7/8d0d2f06e9cbca03cd4b756971340398/2b926eee3933ad837f3307513d57a00e/NAB%20-%20Member%20Satisfaction%20Survey_fichiers/ |
40 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cloudflare.js
www.jettratores.com.br/dwin7/8d0d2f06e9cbca03cd4b756971340398/2b926eee3933ad837f3307513d57a00e/NAB%20-%20Member%20Satisfaction%20Survey_fichiers/ |
48 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
rocket.js
www.jettratores.com.br/dwin7/8d0d2f06e9cbca03cd4b756971340398/2b926eee3933ad837f3307513d57a00e/NAB%20-%20Member%20Satisfaction%20Survey_fichiers/ |
83 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
LayoutStyle22.css
www.jettratores.com.br/dwin7/8d0d2f06e9cbca03cd4b756971340398/2b926eee3933ad837f3307513d57a00e/NAB%20-%20Member%20Satisfaction%20Survey_fichiers/ |
3 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ContentStyle2.css
www.jettratores.com.br/dwin7/8d0d2f06e9cbca03cd4b756971340398/2b926eee3933ad837f3307513d57a00e/NAB%20-%20Member%20Satisfaction%20Survey_fichiers/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
nabLogoHP.gif
www.jettratores.com.br/dwin7/8d0d2f06e9cbca03cd4b756971340398/2b926eee3933ad837f3307513d57a00e/NAB%20-%20Member%20Satisfaction%20Survey_fichiers/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
t.gif
www.jettratores.com.br/dwin7/8d0d2f06e9cbca03cd4b756971340398/2b926eee3933ad837f3307513d57a00e/NAB%20-%20Member%20Satisfaction%20Survey_fichiers/ |
57 B 272 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
arrow_outlined-short.gif
www.jettratores.com.br/dwin7/8d0d2f06e9cbca03cd4b756971340398/2b926eee3933ad837f3307513d57a00e/NAB%20-%20Member%20Satisfaction%20Survey_fichiers/ |
152 B 368 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
btn2_start-1294477364.gif
www.jettratores.com.br/dwin7/8d0d2f06e9cbca03cd4b756971340398/2b926eee3933ad837f3307513d57a00e/NAB%20-%20Member%20Satisfaction%20Survey_fichiers/ |
372 B 588 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cview3.htm
www.jettratores.com.br/dwin7/8d0d2f06e9cbca03cd4b756971340398/2b926eee3933ad837f3307513d57a00e/NAB%20-%20Member%20Satisfaction%20Survey_fichiers/ |
21 KB 21 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cview3_002.htm
www.jettratores.com.br/dwin7/8d0d2f06e9cbca03cd4b756971340398/2b926eee3933ad837f3307513d57a00e/NAB%20-%20Member%20Satisfaction%20Survey_fichiers/ |
2 KB 2 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cview3.gif
www.jettratores.com.br/dwin7/8d0d2f06e9cbca03cd4b756971340398/2b926eee3933ad837f3307513d57a00e/NAB%20-%20Member%20Satisfaction%20Survey_fichiers/ |
43 B 258 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
cloudflare.min.js
ajax.cloudflare.com/cdn-cgi/nexp/dokv=97fb4d042e/ Redirect Chain
|
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
LayoutStyle2-print2.css
www.jettratores.com.br/dwin7/8d0d2f06e9cbca03cd4b756971340398/2b926eee3933ad837f3307513d57a00e/NAB%20-%20Member%20Satisfaction%20Survey_fichiers/ |
612 B 616 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
LayoutStyle2-increased2.css
www.jettratores.com.br/dwin7/8d0d2f06e9cbca03cd4b756971340398/2b926eee3933ad837f3307513d57a00e/NAB%20-%20Member%20Satisfaction%20Survey_fichiers/ |
62 B 320 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
ga.js
www.google-analytics.com/ Redirect Chain
|
45 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
__utm.gif
www.google-analytics.com/ Redirect Chain
|
35 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
nab_calc_bg.gif
www.jettratores.com.br/images/ |
12 KB 12 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Calculators_banner.jpg
www.jettratores.com.br/vgnmedia/images/National/ |
12 KB 12 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
dot_bullet.gif
www.jettratores.com.br/images/ |
12 KB 12 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
LayoutStyle2.css
www.jettratores.com.br/dwin7/8d0d2f06e9cbca03cd4b756971340398/2b926eee3933ad837f3307513d57a00e/NAB%20-%20Member%20Satisfaction%20Survey_fichiers/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmu=q~){kind=link}
%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmu=q~){kind=link}
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: NAB Bank (Banking)4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| CloudFlare object| _gat object| _gaq object| gaGlobal4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .jettratores.com.br/ | Name: __utmz Value: 169786170.1525065489.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none) |
|
| .jettratores.com.br/ | Name: __utmc Value: 169786170 |
|
| .jettratores.com.br/ | Name: __utmb Value: 169786170.1.10.1525065489 |
|
| .jettratores.com.br/ | Name: __utma Value: 169786170.626515503.1525065489.1525065489.1525065489.1 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.cloudflare.com
www.google-analytics.com
www.jettratores.com.br
104.19.193.102
172.217.22.110
192.185.216.235
0af9c0a383c83a20fee5ba9166a0500f3f733e91d6df33dddeb758342effc4e3
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
2ccea11a3293dba73736666f5e9aa85a521f9d6a57022c81220456c7f0b4d44c
63b98a0c8568c08fd01a6946a147bca65eff26c8085f1ccb5330aafe0f0dcd15
6ac8bfafd1a11fe86ac11130323f1fa0f7946f825645e6e32a84142dc7ffd47e
6be5fbf7f4eeb50a2f5f1f4a6d92ee27af1722f49ec0980ba564987f96af19ae
79d1744b3148a4b7265a9d2006eb1f6b72fda68490c398e380cb0692aeb8c5e5
7a0de04b124c14eca3d65d9b0383ce15591e3db10d16c03c7a198a928ffedbd8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
a01f249e88eb7ed260c7b6e42d6b3a7a946df6751042823a65a4ebbe6ec5ac72
b98e58f0f2c62969d61ce2ec31043dacb8d378ecbbfcae138b6250d432e195dd
d7246b1b440b7cd8c34f88600cb294e449cb304254a174d8788a12d708cec670
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e406b888e52bb4542f8446ab48df43d065e0a6e13d314c52cc6c540e1278d325
e4570441947025dce5344485547e6a292588beb69c42d10c6f803ee26636c36a
ed344edd96511e71167a942bba93fb2716152fd77466c5ebdc7b961ccc1e11a1
f3f8c944608a84ade18337a28593ce54d3b809e6ec4b51a1c95d48196654a795
f93c6a5914f9adfd192ac3d1be94a96b3def91a2b345646091aaa87f3f204d12