saboretti.com.br
Open in
urlscan Pro
162.214.48.68
Malicious Activity!
Public Scan
Submission Tags: @ipnigh
Submission: On April 18 via api from GB
Summary
This is the only time saboretti.com.br was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: WeTransfer (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 17 | 162.214.48.68 162.214.48.68 | 46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1) | |
1 | 2a00:1450:400... 2a00:1450:4001:815::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2001:4de0:ac1... 2001:4de0:ac19::1:b:3a | 20446 (HIGHWINDS3) (HIGHWINDS3) | |
25 | 4 |
ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: vps-4192930.mediai.com.br
saboretti.com.br | |
www.saboretti.com.br |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
saboretti.com.br
2 redirects
saboretti.com.br www.saboretti.com.br |
3 MB |
1 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com |
15 KB |
1 |
googleapis.com
ajax.googleapis.com |
30 KB |
25 | 3 |
Domain | Requested by | |
---|---|---|
16 | saboretti.com.br |
2 redirects
saboretti.com.br
|
1 | www.saboretti.com.br |
saboretti.com.br
|
1 | maxcdn.bootstrapcdn.com |
saboretti.com.br
|
1 | ajax.googleapis.com |
saboretti.com.br
|
25 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
wetransfer.zendesk.com |
wetransfer.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
upload.video.google.com GTS CA 1O1 |
2020-04-01 - 2020-06-24 |
3 months | crt.sh |
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA |
2019-09-14 - 2020-10-13 |
a year | crt.sh |
saboretti.com.br cPanel, Inc. Certification Authority |
2020-04-03 - 2020-07-02 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
http://saboretti.com.br/we/we/index.php
Frame ID: 5318A2450E7E81CD7D116A58FBCD7B5A
Requests: 11 HTTP requests in this frame
Frame:
http://saboretti.com.br/we/we/video/vid.htm
Frame ID: 7E6B4377A29A11E4CC71B4F895DE9B06
Requests: 16 HTTP requests in this frame
Screenshot
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
Ruby (Programming Languages) Expand
Detected patterns
- meta csrf-param /^authenticity_token$/i
Bootstrap (Web Frameworks) Expand
Detected patterns
- script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
Ruby on Rails (Web Frameworks) Expand
Detected patterns
- meta csrf-param /^authenticity_token$/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
7 Outgoing links
These are links going to different origins than the main page.
Title: help center
Search URL Search Domain Scan URL
Title: Help
Search URL Search Domain Scan URL
Title: About
Search URL Search Domain Scan URL
Title: Products
Search URL Search Domain Scan URL
Title: Plus
Search URL Search Domain Scan URL
Title: Advertise
Search URL Search Domain Scan URL
Title: Got Plus?
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 5- http://saboretti.com.br/assets/faktpro/FaktProWeb-Medium-fd3bbe8c665638bbd898d20dbf232f1bac9d2b11c31eefc006370f43ee8f1994.woff HTTP 301
- https://saboretti.com.br/assets/faktpro/FaktProWeb-Medium-fd3bbe8c665638bbd898d20dbf232f1bac9d2b11c31eefc006370f43ee8f1994.woff
- http://saboretti.com.br/assets/freightsans/FreightSans-Pro-Medium-688ccadb090cbe2e1fabae9933cd09d9fd9d0613099b04c8dda35afdae6f51ad.woff HTTP 301
- https://saboretti.com.br/assets/freightsans/FreightSans-Pro-Medium-688ccadb090cbe2e1fabae9933cd09d9fd9d0613099b04c8dda35afdae6f51ad.woff
- http://saboretti.com.br/assets/faktpro/FaktProWeb-Normal-8468a6ca1e0907b839ebc6e8899b4dd39b386b7cfa33743da1ffb30a68c924f6.woff HTTP 301
- https://saboretti.com.br/assets/faktpro/FaktProWeb-Normal-8468a6ca1e0907b839ebc6e8899b4dd39b386b7cfa33743da1ffb30a68c924f6.woff
- http://saboretti.com.br/we/we/video/assets/images/next-button.png HTTP 301
- https://saboretti.com.br/we/we/video/assets/images/next-button.png HTTP 301
- https://www.saboretti.com.br/we/we/video/assets/images/next-button.png
- http://saboretti.com.br/we/we/video/assets/fonts/DINNextW1G-Bold.woff HTTP 301
- https://saboretti.com.br/we/we/video/assets/fonts/DINNextW1G-Bold.woff
- http://saboretti.com.br/we/we/video/assets/fonts/DINNextW1G-Regular.woff HTTP 301
- https://saboretti.com.br/we/we/video/assets/fonts/DINNextW1G-Regular.woff
- http://saboretti.com.br/assets/faktpro/FaktCyrWeb-Normal-0038c5aa5c3243bb2995139e9aeb9519f62f098d0e0f7fab6c8b655a292d857d.woff HTTP 301
- https://saboretti.com.br/assets/faktpro/FaktCyrWeb-Normal-0038c5aa5c3243bb2995139e9aeb9519f62f098d0e0f7fab6c8b655a292d857d.woff
- http://saboretti.com.br/assets/faktpro/FaktGrkWeb-Medium-8eb863415ca103c7f90b369e54e6be4786c90c30a06ce32f3dca803206bf74dd.woff HTTP 301
- https://saboretti.com.br/assets/faktpro/FaktGrkWeb-Medium-8eb863415ca103c7f90b369e54e6be4786c90c30a06ce32f3dca803206bf74dd.woff
- http://saboretti.com.br/assets/faktpro/FaktGrkWeb-Normal-9e5daf8f10b7da71bbd3309ebb7c95657cf2e585986d1512700d1c1bec005507.woff HTTP 301
- https://saboretti.com.br/assets/faktpro/FaktGrkWeb-Normal-9e5daf8f10b7da71bbd3309ebb7c95657cf2e585986d1512700d1c1bec005507.woff
25 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
index.php
saboretti.com.br/we/we/ |
19 KB 19 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fine.css
saboretti.com.br/we/we/ |
404 KB 404 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ |
85 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/4.3.1/js/ |
57 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.png
saboretti.com.br/we/we/ |
125 KB 126 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vid.htm
saboretti.com.br/we/we/video/ Frame 7E6B |
7 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
FaktProWeb-Medium-fd3bbe8c665638bbd898d20dbf232f1bac9d2b11c31eefc006370f43ee8f1994.woff
saboretti.com.br/assets/faktpro/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
FreightSans-Pro-Medium-688ccadb090cbe2e1fabae9933cd09d9fd9d0613099b04c8dda35afdae6f51ad.woff
saboretti.com.br/assets/freightsans/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
FaktProWeb-Normal-8468a6ca1e0907b839ebc6e8899b4dd39b386b7cfa33743da1ffb30a68c924f6.woff
saboretti.com.br/assets/faktpro/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wallpaper-toolbox-2.css
saboretti.com.br/we/we/video/ Frame 7E6B |
5 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_white.svg
saboretti.com.br/we/we/video/ Frame 7E6B |
4 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dom4.js
saboretti.com.br/we/we/video/ Frame 7E6B |
17 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
anime.js
saboretti.com.br/we/we/video/ Frame 7E6B |
17 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wallpaper-api-2.js
saboretti.com.br/we/we/video/ Frame 7E6B |
8 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wallpaper-toolbox-2.js
saboretti.com.br/we/we/video/ Frame 7E6B |
223 KB 223 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
video-04.mp4
saboretti.com.br/we/we/video/ Frame 7E6B |
14 KB 0 |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
video-04.mp4
saboretti.com.br/we/we/video/ Frame 7E6B |
2 MB 2 MB |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
video-04.mp4
saboretti.com.br/we/we/video/ Frame 7E6B |
17 KB 0 |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
video-04.mp4
saboretti.com.br/we/we/video/ Frame 7E6B |
2 KB 0 |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 7E6B |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 7E6B |
715 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
next-button.png
www.saboretti.com.br/we/we/video/assets/images/ Frame 7E6B Redirect Chain
|
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
DINNextW1G-Bold.woff
saboretti.com.br/we/we/video/assets/fonts/ Frame 7E6B Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
DINNextW1G-Regular.woff
saboretti.com.br/we/we/video/assets/fonts/ Frame 7E6B Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
FaktCyrWeb-Normal-0038c5aa5c3243bb2995139e9aeb9519f62f098d0e0f7fab6c8b655a292d857d.woff
saboretti.com.br/assets/faktpro/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
FaktGrkWeb-Medium-8eb863415ca103c7f90b369e54e6be4786c90c30a06ce32f3dca803206bf74dd.woff
saboretti.com.br/assets/faktpro/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
FaktGrkWeb-Normal-9e5daf8f10b7da71bbd3309ebb7c95657cf2e585986d1512700d1c1bec005507.woff
saboretti.com.br/assets/faktpro/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- saboretti.com.br
- URL
- https://saboretti.com.br/assets/faktpro/FaktProWeb-Medium-fd3bbe8c665638bbd898d20dbf232f1bac9d2b11c31eefc006370f43ee8f1994.woff
- Domain
- saboretti.com.br
- URL
- https://saboretti.com.br/assets/freightsans/FreightSans-Pro-Medium-688ccadb090cbe2e1fabae9933cd09d9fd9d0613099b04c8dda35afdae6f51ad.woff
- Domain
- saboretti.com.br
- URL
- https://saboretti.com.br/assets/faktpro/FaktProWeb-Normal-8468a6ca1e0907b839ebc6e8899b4dd39b386b7cfa33743da1ffb30a68c924f6.woff
- Domain
- saboretti.com.br
- URL
- https://saboretti.com.br/we/we/video/assets/fonts/DINNextW1G-Bold.woff
- Domain
- saboretti.com.br
- URL
- https://saboretti.com.br/we/we/video/assets/fonts/DINNextW1G-Regular.woff
- Domain
- saboretti.com.br
- URL
- https://saboretti.com.br/assets/faktpro/FaktCyrWeb-Normal-0038c5aa5c3243bb2995139e9aeb9519f62f098d0e0f7fab6c8b655a292d857d.woff
- Domain
- saboretti.com.br
- URL
- https://saboretti.com.br/assets/faktpro/FaktGrkWeb-Medium-8eb863415ca103c7f90b369e54e6be4786c90c30a06ce32f3dca803206bf74dd.woff
- Domain
- saboretti.com.br
- URL
- https://saboretti.com.br/assets/faktpro/FaktGrkWeb-Normal-9e5daf8f10b7da71bbd3309ebb7c95657cf2e585986d1512700d1c1bec005507.woff
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: WeTransfer (Online)18 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| $ function| jQuery object| bootstrap object| _preloaded_transfer_ object| ctx number| al number| start number| cw number| ch undefined| diff undefined| sim function| progressSim function| triggerError function| closeModal function| reset object| Wallpapers0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
maxcdn.bootstrapcdn.com
saboretti.com.br
www.saboretti.com.br
saboretti.com.br
162.214.48.68
2001:4de0:ac19::1:b:3a
2a00:1450:4001:815::200a
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
2357b0e11223f3968f52b17b666be061affffdeb141522b698b7353f7e63a92d
2c5968a107e4fdbb9a3ae3d67c10780c8a644e8d4d1e73dacc32ec78b5712038
4385bd3e5e511ecd0446a137156e2625a41bc817fd2da1da78fc686412064de8
55698987600e1a53ecc16853bb344c4a374db9f1e824ecd43e95a6f544de9595
599246899b28b31a8d9e4bb67dcc481dc3d31169c81c562b2fcda2168906b41f
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
a1e54b3b59a96f04cf45552a9950f1f43d2a2d811d6b54d908be8cdcb063f97f
a2e227f989d4361a56198876607a5acb07a3baccef0f69ce46f30020aafc4d4e
a617b597f5f6fa2378021655a23d3ec80a028c43afbe21d98b2b2a5e9c1d8843
baac93855451e14898a6b5aaf78da07ffa9b61bb4d75c3a5353b18bb6660eab5
cb03f92c07b692ce08005daa5f69a374b6bc2f65e0f5bde64aa1e18499b6e8f9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fed388b6e9e9bde312e38d48afb48ec4dc5a87ab9c06272d760887a9ded3a0b0