mercnews.com.br Open in urlscan Pro
162.241.2.147  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response mercnews.com.br/wp-admin/chivitasupplyandshipment/exourhsjjs3485jdegdngw/	6 KB 3 KB	785ms 493ms	Document text/html	162.241.2.147 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://mercnews.com.br/wp-admin/chivitasupplyandshipment/exourhsjjs3485jdegdngw/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.241.2.147 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-241-2-147.unifiedlayer.com Software Apache / Resource Hash 0c1bd854d121bfd6529df684fad8b69c3e726b989a61b716795fdbe218ed00e0 Request headers :method GET :authority mercnews.com.br :scheme https :path /wp-admin/chivitasupplyandshipment/exourhsjjs3485jdegdngw/ pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 21 Jul 2021 03:23:19 GMT server Apache vary Accept-Encoding content-encoding gzip accept-ranges none content-length 3021 content-type text/html; charset=UTF-8
GET H2	200	sjanur.css mercnews.com.br/wp-admin/chivitasupplyandshipment/exourhsjjs3485jdegdngw/clement/	7 KB 2 KB	139ms 138ms	Stylesheet text/css	162.241.2.147 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://mercnews.com.br/wp-admin/chivitasupplyandshipment/exourhsjjs3485jdegdngw/clement/sjanur.css Requested by Host: mercnews.com.br URL: https://mercnews.com.br/wp-admin/chivitasupplyandshipment/exourhsjjs3485jdegdngw/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.241.2.147 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-241-2-147.unifiedlayer.com Software Apache / Resource Hash f47de9c8c3a4c7351129bfbc69fe12ef115d16835ed1870c4ca40f11c06810a6 Request headers :path /wp-admin/chivitasupplyandshipment/exourhsjjs3485jdegdngw/clement/sjanur.css pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority mercnews.com.br referer https://mercnews.com.br/wp-admin/chivitasupplyandshipment/exourhsjjs3485jdegdngw/ :scheme https sec-fetch-site same-origin :method GET Referer https://mercnews.com.br/wp-admin/chivitasupplyandshipment/exourhsjjs3485jdegdngw/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 21 Jul 2021 03:23:19 GMT content-encoding gzip last-modified Mon, 19 Jul 2021 01:11:07 GMT server Apache vary Accept-Encoding content-type text/css accept-ranges none content-length 2361
GET H2	200	jquery.min.js Show response code.jquery.com/	94 KB 33 KB	29ms 10ms	Script application/javascript	2001:4de0:ac18::1:a:2b HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery.min.js Requested by Host: mercnews.com.br URL: https://mercnews.com.br/wp-admin/chivitasupplyandshipment/exourhsjjs3485jdegdngw/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx / Resource Hash 4b940065e2a67c37e3bd02b23c651f4744a3c219aba2d4fb99a631113494d376 Request headers Referer https://mercnews.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 21 Jul 2021 03:23:19 GMT content-encoding gzip last-modified Fri, 24 Oct 2014 00:16:08 GMT server nginx etag W/"54499a48-1764d" vary Accept-Encoding x-hw 1626837799.dop242.fr8.t,1626837799.cds283.fr8.hn,1626837799.cds103.fr8.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 33226
GET H2	404	jquert7.js mercnews.com.br/wp-admin/chivitasupplyandshipment/exourhsjjs3485jdegdngw/clement/	0 0	140ms 139ms	Script text/html	162.241.2.147 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://mercnews.com.br/wp-admin/chivitasupplyandshipment/exourhsjjs3485jdegdngw/clement/jquert7.js Requested by Host: mercnews.com.br URL: https://mercnews.com.br/wp-admin/chivitasupplyandshipment/exourhsjjs3485jdegdngw/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.241.2.147 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-241-2-147.unifiedlayer.com Software Apache / Resource Hash Request headers :path /wp-admin/chivitasupplyandshipment/exourhsjjs3485jdegdngw/clement/jquert7.js pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority mercnews.com.br referer https://mercnews.com.br/wp-admin/chivitasupplyandshipment/exourhsjjs3485jdegdngw/ :scheme https sec-fetch-site same-origin :method GET Referer https://mercnews.com.br/wp-admin/chivitasupplyandshipment/exourhsjjs3485jdegdngw/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 21 Jul 2021 03:23:19 GMT content-encoding gzip last-modified Mon, 22 Jul 2019 21:01:33 GMT server Apache vary Accept-Encoding content-type text/html accept-ranges bytes content-length 836
GET H2	200	bootstrap.min.css maxcdn.bootstrapcdn.com/bootstrap/3.4.0/css/	119 KB 21 KB	29ms 13ms	Stylesheet text/css	2606:4700::6812:bcf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/bootstrap/3.4.0/css/bootstrap.min.css Requested by Host: mercnews.com.br URL: https://mercnews.com.br/wp-admin/chivitasupplyandshipment/exourhsjjs3485jdegdngw/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1f429f4e2829515fb4ff9b67d875c2d023f08610e15a049ac0976715dd02182a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://mercnews.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 21 Jul 2021 03:23:19 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT cdn-edgestorageid 722, 617 age 10365084 cdn-cachedat 2021-03-11 11:57:56 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 timing-allow-origin * access-control-allow-origin * last-modified Mon, 25 Jan 2021 22:04:00 GMT server cloudflare cdn-requestpullcode 200 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/css; charset=utf-8 cdn-cache HIT vary Accept-Encoding cache-control public, max-age=31919000 cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestid 7efd03b414d153316a7f36d6ba1ba7e0 cf-ray 67214f5848654e79-FRA cdn-requestcountrycode DE cdn-requestpullsuccess True
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.3.1/	85 KB 85 KB	27ms 7ms	Script text/javascript	2a00:1450:4001:80e::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js Requested by Host: mercnews.com.br URL: https://mercnews.com.br/wp-admin/chivitasupplyandshipment/exourhsjjs3485jdegdngw/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://mercnews.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 21 Jul 2021 02:06:51 GMT x-content-type-options nosniff age 4588 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 86927 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Thu, 21 Jul 2022 02:06:51 GMT
GET H2	200	bootstrap.min.js Show response maxcdn.bootstrapcdn.com/bootstrap/3.4.0/js/	37 KB 10 KB	30ms 14ms	Script application/javascript	2606:4700::6812:bcf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/bootstrap/3.4.0/js/bootstrap.min.js Requested by Host: mercnews.com.br URL: https://mercnews.com.br/wp-admin/chivitasupplyandshipment/exourhsjjs3485jdegdngw/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 909ae563eb34f7e4285a3a643ab5d7c21c5e6a80f3f455b949ac45f08d0389b4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://mercnews.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 21 Jul 2021 03:23:19 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT cdn-edgestorageid 565, 617, 617 age 8048888 cdn-cachedat 2021-04-07 13:36:01 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 timing-allow-origin * access-control-allow-origin * last-modified Mon, 25 Jan 2021 22:04:00 GMT server cloudflare cdn-requestpullcode 200 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript; charset=utf-8 cdn-cache HIT vary Accept-Encoding cache-control public, max-age=31919000 cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestid c8c3dd049658e22ccd4bf44b3c5c74cf cf-ray 67214f5848674e79-FRA cdn-requestcountrycode DE cdn-requestpullsuccess True
GET H2	200	side2.png mercnews.com.br/wp-admin/chivitasupplyandshipment/exourhsjjs3485jdegdngw/clement/	52 KB 53 KB	139ms 138ms	Image image/png	162.241.2.147 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://mercnews.com.br/wp-admin/chivitasupplyandshipment/exourhsjjs3485jdegdngw/clement/side2.png Requested by Host: mercnews.com.br URL: https://mercnews.com.br/wp-admin/chivitasupplyandshipment/exourhsjjs3485jdegdngw/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.241.2.147 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-241-2-147.unifiedlayer.com Software Apache / Resource Hash 418019d168be0b2926def4bccd3f573c79489a736cb12b8277ec6ef423819582 Request headers :path /wp-admin/chivitasupplyandshipment/exourhsjjs3485jdegdngw/clement/side2.png pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority mercnews.com.br referer https://mercnews.com.br/wp-admin/chivitasupplyandshipment/exourhsjjs3485jdegdngw/ :scheme https sec-fetch-site same-origin :method GET Referer https://mercnews.com.br/wp-admin/chivitasupplyandshipment/exourhsjjs3485jdegdngw/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 21 Jul 2021 03:23:19 GMT last-modified Mon, 19 Jul 2021 01:11:07 GMT server Apache accept-ranges bytes content-length 53442 content-type image/png
GET H2	200	jaderun.png mercnews.com.br/wp-admin/chivitasupplyandshipment/exourhsjjs3485jdegdngw/clement/	53 KB 53 KB	387ms 386ms	Image image/png	162.241.2.147 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://mercnews.com.br/wp-admin/chivitasupplyandshipment/exourhsjjs3485jdegdngw/clement/jaderun.png Requested by Host: mercnews.com.br URL: https://mercnews.com.br/wp-admin/chivitasupplyandshipment/exourhsjjs3485jdegdngw/clement/sjanur.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.241.2.147 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-241-2-147.unifiedlayer.com Software Apache / Resource Hash ad51c27c3b0d76d7caf93d536de86e746118011e6ab71c5dc7871fbec54754de Request headers :path /wp-admin/chivitasupplyandshipment/exourhsjjs3485jdegdngw/clement/jaderun.png pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority mercnews.com.br referer https://mercnews.com.br/wp-admin/chivitasupplyandshipment/exourhsjjs3485jdegdngw/clement/sjanur.css :scheme https sec-fetch-site same-origin :method GET Referer https://mercnews.com.br/wp-admin/chivitasupplyandshipment/exourhsjjs3485jdegdngw/clement/sjanur.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 21 Jul 2021 03:23:19 GMT last-modified Mon, 19 Jul 2021 01:11:07 GMT server Apache accept-ranges bytes content-length 54126 content-type image/png
GET H2	200	pickeaboo.png mercnews.com.br/wp-admin/chivitasupplyandshipment/exourhsjjs3485jdegdngw/clement/	49 KB 50 KB	391ms 390ms	Image image/png	162.241.2.147 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://mercnews.com.br/wp-admin/chivitasupplyandshipment/exourhsjjs3485jdegdngw/clement/pickeaboo.png Requested by Host: mercnews.com.br URL: https://mercnews.com.br/wp-admin/chivitasupplyandshipment/exourhsjjs3485jdegdngw/clement/sjanur.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.241.2.147 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-241-2-147.unifiedlayer.com Software Apache / Resource Hash b8953f2ea0efd62e46e65782785223b47e185e90b076fd5f35659be1498061af Request headers :path /wp-admin/chivitasupplyandshipment/exourhsjjs3485jdegdngw/clement/pickeaboo.png pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority mercnews.com.br referer https://mercnews.com.br/wp-admin/chivitasupplyandshipment/exourhsjjs3485jdegdngw/clement/sjanur.css :scheme https sec-fetch-site same-origin :method GET Referer https://mercnews.com.br/wp-admin/chivitasupplyandshipment/exourhsjjs3485jdegdngw/clement/sjanur.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 21 Jul 2021 03:23:19 GMT last-modified Mon, 19 Jul 2021 01:11:07 GMT server Apache accept-ranges bytes content-length 50416 content-type image/png
GET H2	200	gienchj.png mercnews.com.br/wp-admin/chivitasupplyandshipment/exourhsjjs3485jdegdngw/clement/	66 KB 66 KB	527ms 526ms	Image image/png	162.241.2.147 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://mercnews.com.br/wp-admin/chivitasupplyandshipment/exourhsjjs3485jdegdngw/clement/gienchj.png Requested by Host: mercnews.com.br URL: https://mercnews.com.br/wp-admin/chivitasupplyandshipment/exourhsjjs3485jdegdngw/clement/sjanur.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.241.2.147 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-241-2-147.unifiedlayer.com Software Apache / Resource Hash 24a4ff6048e166bd3a4e461f0bc48c698360f8f5ea95acabd9b135ec2f367184 Request headers :path /wp-admin/chivitasupplyandshipment/exourhsjjs3485jdegdngw/clement/gienchj.png pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority mercnews.com.br referer https://mercnews.com.br/wp-admin/chivitasupplyandshipment/exourhsjjs3485jdegdngw/clement/sjanur.css :scheme https sec-fetch-site same-origin :method GET Referer https://mercnews.com.br/wp-admin/chivitasupplyandshipment/exourhsjjs3485jdegdngw/clement/sjanur.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 21 Jul 2021 03:23:19 GMT last-modified Mon, 19 Jul 2021 01:11:07 GMT server Apache accept-ranges bytes content-length 67378 content-type image/png
GET H2	200	side4.png mercnews.com.br/wp-admin/chivitasupplyandshipment/exourhsjjs3485jdegdngw/clement/	49 KB 50 KB	527ms 526ms	Image image/png	162.241.2.147 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://mercnews.com.br/wp-admin/chivitasupplyandshipment/exourhsjjs3485jdegdngw/clement/side4.png Requested by Host: mercnews.com.br URL: https://mercnews.com.br/wp-admin/chivitasupplyandshipment/exourhsjjs3485jdegdngw/clement/sjanur.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.241.2.147 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-241-2-147.unifiedlayer.com Software Apache / Resource Hash 867eefec2956923792b8d7a5e1cb94016f00b61e630c59e8c5f1070f7ef2d623 Request headers :path /wp-admin/chivitasupplyandshipment/exourhsjjs3485jdegdngw/clement/side4.png pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority mercnews.com.br referer https://mercnews.com.br/wp-admin/chivitasupplyandshipment/exourhsjjs3485jdegdngw/clement/sjanur.css :scheme https sec-fetch-site same-origin :method GET Referer https://mercnews.com.br/wp-admin/chivitasupplyandshipment/exourhsjjs3485jdegdngw/clement/sjanur.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 21 Jul 2021 03:23:19 GMT last-modified Mon, 19 Jul 2021 01:11:07 GMT server Apache accept-ranges bytes content-length 50573 content-type image/png
GET H2	200	leadhoom.png mercnews.com.br/wp-admin/chivitasupplyandshipment/exourhsjjs3485jdegdngw/clement/	456 KB 459 KB	526ms 526ms	Image image/png	162.241.2.147 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://mercnews.com.br/wp-admin/chivitasupplyandshipment/exourhsjjs3485jdegdngw/clement/leadhoom.png Requested by Host: mercnews.com.br URL: https://mercnews.com.br/wp-admin/chivitasupplyandshipment/exourhsjjs3485jdegdngw/clement/sjanur.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.241.2.147 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-241-2-147.unifiedlayer.com Software Apache / Resource Hash 93514033927e12bd1e96e35f21f7944c8daddf8d92ff0ca47e1711c71b370875 Request headers :path /wp-admin/chivitasupplyandshipment/exourhsjjs3485jdegdngw/clement/leadhoom.png pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority mercnews.com.br referer https://mercnews.com.br/wp-admin/chivitasupplyandshipment/exourhsjjs3485jdegdngw/clement/sjanur.css :scheme https sec-fetch-site same-origin :method GET Referer https://mercnews.com.br/wp-admin/chivitasupplyandshipment/exourhsjjs3485jdegdngw/clement/sjanur.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 21 Jul 2021 03:23:19 GMT last-modified Mon, 19 Jul 2021 01:11:07 GMT server Apache accept-ranges bytes content-length 467129 content-type image/png
GET H2	200	ffoot.png mercnews.com.br/wp-admin/chivitasupplyandshipment/exourhsjjs3485jdegdngw/clement/	54 KB 55 KB	526ms 526ms	Image image/png	162.241.2.147 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://mercnews.com.br/wp-admin/chivitasupplyandshipment/exourhsjjs3485jdegdngw/clement/ffoot.png Requested by Host: mercnews.com.br URL: https://mercnews.com.br/wp-admin/chivitasupplyandshipment/exourhsjjs3485jdegdngw/clement/sjanur.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.241.2.147 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-241-2-147.unifiedlayer.com Software Apache / Resource Hash 67d2ec314a40d07613af79267a4c38f70697f3cb22c550d6b78685329c7f706f Request headers :path /wp-admin/chivitasupplyandshipment/exourhsjjs3485jdegdngw/clement/ffoot.png pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority mercnews.com.br referer https://mercnews.com.br/wp-admin/chivitasupplyandshipment/exourhsjjs3485jdegdngw/clement/sjanur.css :scheme https sec-fetch-site same-origin :method GET Referer https://mercnews.com.br/wp-admin/chivitasupplyandshipment/exourhsjjs3485jdegdngw/clement/sjanur.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 21 Jul 2021 03:23:19 GMT last-modified Mon, 19 Jul 2021 01:11:07 GMT server Apache accept-ranges bytes content-length 55585 content-type image/png

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: OneDrive (Online)

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| formatAMPM

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
code.jquery.com
maxcdn.bootstrapcdn.com
mercnews.com.br
162.241.2.147
2001:4de0:ac18::1:a:2b
2606:4700::6812:bcf
2a00:1450:4001:80e::200a
0c1bd854d121bfd6529df684fad8b69c3e726b989a61b716795fdbe218ed00e0
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1f429f4e2829515fb4ff9b67d875c2d023f08610e15a049ac0976715dd02182a
24a4ff6048e166bd3a4e461f0bc48c698360f8f5ea95acabd9b135ec2f367184
418019d168be0b2926def4bccd3f573c79489a736cb12b8277ec6ef423819582
4b940065e2a67c37e3bd02b23c651f4744a3c219aba2d4fb99a631113494d376
67d2ec314a40d07613af79267a4c38f70697f3cb22c550d6b78685329c7f706f
867eefec2956923792b8d7a5e1cb94016f00b61e630c59e8c5f1070f7ef2d623
909ae563eb34f7e4285a3a643ab5d7c21c5e6a80f3f455b949ac45f08d0389b4
93514033927e12bd1e96e35f21f7944c8daddf8d92ff0ca47e1711c71b370875
ad51c27c3b0d76d7caf93d536de86e746118011e6ab71c5dc7871fbec54754de
b8953f2ea0efd62e46e65782785223b47e185e90b076fd5f35659be1498061af
f47de9c8c3a4c7351129bfbc69fe12ef115d16835ed1870c4ca40f11c06810a6