luzitarmudancas.com.br Open in urlscan Pro
167.114.48.128 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://luzitarmudancas.com.br/blog/wp-admin/BnpPariba_Crypted_jdida/connexion/suivantpub.php?id=76466754
Submission: On July 25 via manual (July 25th 2019, 3:42:38 pm UTC) from CA

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 11 HTTP transactions. The main IP is 167.114.48.128, located in Montreal, Canada and belongs to OVH, FR. The main domain is luzitarmudancas.com.br.
TLS certificate: Issued by Let's Encrypt Authority X3 on June 5th 2019. Valid for: 3 months.

This is the only time luzitarmudancas.com.br was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: BNP Paribas (Banking)

Domain & IP information

	IP Address		AS Autonomous System
11	167.114.48.128 167.114.48.128		16276 (OVH) (OVH)
11	2

11 167.114.48.128 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ip128.ip-167-114-48.net

luzitarmudancas.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	luzitarmudancas.com.br luzitarmudancas.com.br	349 KB
11	1

	Domain	Requested by
11	luzitarmudancas.com.br	luzitarmudancas.com.br
11	1

This site contains no links.

Subject Issuer	Validity	Valid
luzitarmudancas.com.br Let's Encrypt Authority X3	`2019-06-05` - `2019-09-03`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://luzitarmudancas.com.br/blog/wp-admin/BnpPariba_Crypted_jdida/connexion/suivantpub.php?id=76466754
Frame ID: E23869360821F5A427AF5BE5B9B431CA
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

11
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

366 kB
Transfer

367 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set suivantpub.php Show response luzitarmudancas.com.br/blog/wp-admin/BnpPariba_Crypted_jdida/connexion/	6 KB 3 KB	2765ms 1244ms	Document text/html	167.114.48.128 OVH
General Check archive.org Show headers Download Go to Full URL https://luzitarmudancas.com.br/blog/wp-admin/BnpPariba_Crypted_jdida/connexion/suivantpub.php?id=76466754 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 167.114.48.128 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ip128.ip-167-114-48.net Software nginx / PHP/5.4.45 PleskLin Resource Hash `34a096732dc6b2ec8a0388167290ead01b7658499a1e004f428eb2f810a99bec` Request headers Host luzitarmudancas.com.br Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36 Response headers Server nginx Date Thu, 25 Jul 2019 15:42:18 GMT Content-Type text/html; charset-UTF-8 Content-Length 2159 Connection keep-alive X-Powered-By PHP/5.4.45 PleskLin Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma no-cache Set-Cookie PHPSESSID=su5hppt8k9j6o2r854aq4e1ii6; path=/ Vary Accept-Encoding Content-Encoding gzip
GET H/1.1	200 OK	main.css luzitarmudancas.com.br/blog/wp-admin/BnpPariba_Crypted_jdida/connexion/layout/css/	77 KB 78 KB	281ms 280ms	Stylesheet text/css	167.114.48.128 OVH
General Check archive.org Show headers Download Go to Full URL https://luzitarmudancas.com.br/blog/wp-admin/BnpPariba_Crypted_jdida/connexion/layout/css/main.css Requested by Host: luzitarmudancas.com.br URL: https://luzitarmudancas.com.br/blog/wp-admin/BnpPariba_Crypted_jdida/connexion/suivantpub.php?id=76466754 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 167.114.48.128 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ip128.ip-167-114-48.net Software nginx / PleskLin Resource Hash `f88c09b5cc94b515b5b56906273b1393dd80475f2928ca19b752e9b199b078e7` Request headers Referer https://luzitarmudancas.com.br/blog/wp-admin/BnpPariba_Crypted_jdida/connexion/suivantpub.php?id=76466754 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36 Response headers Date Thu, 25 Jul 2019 15:42:18 GMT ETag "5d2dac32-135c8" Last-Modified Tue, 16 Jul 2019 10:51:30 GMT Server nginx X-Powered-By PleskLin Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 79304
GET H/1.1	200 OK	med.svg luzitarmudancas.com.br/blog/wp-admin/BnpPariba_Crypted_jdida/connexion/layout/img/	1 KB 1 KB	2962ms 975ms	Image image/svg+xml	167.114.48.128 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://luzitarmudancas.com.br/blog/wp-admin/BnpPariba_Crypted_jdida/connexion/layout/img/med.svg Requested by Host: luzitarmudancas.com.br URL: https://luzitarmudancas.com.br/blog/wp-admin/BnpPariba_Crypted_jdida/connexion/suivantpub.php?id=76466754 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 167.114.48.128 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ip128.ip-167-114-48.net Software nginx / PleskLin Resource Hash `84c378354ad81bf2a2018024320e6fc3016316855e2291c29c713a27703c4fdf` Request headers Referer https://luzitarmudancas.com.br/blog/wp-admin/BnpPariba_Crypted_jdida/connexion/suivantpub.php?id=76466754 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36 Response headers Date Thu, 25 Jul 2019 15:42:21 GMT ETag "5d2dac32-47b" Last-Modified Tue, 16 Jul 2019 10:51:30 GMT Server nginx X-Powered-By PleskLin Content-Type image/svg+xml Connection keep-alive Accept-Ranges bytes Content-Length 1147
GET H/1.1	200 OK	lg1.jpg luzitarmudancas.com.br/blog/wp-admin/BnpPariba_Crypted_jdida/connexion/layout/img/	18 KB 18 KB	3494ms 998ms	Image image/jpeg	167.114.48.128 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://luzitarmudancas.com.br/blog/wp-admin/BnpPariba_Crypted_jdida/connexion/layout/img/lg1.jpg Requested by Host: luzitarmudancas.com.br URL: https://luzitarmudancas.com.br/blog/wp-admin/BnpPariba_Crypted_jdida/connexion/suivantpub.php?id=76466754 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 167.114.48.128 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ip128.ip-167-114-48.net Software nginx / PleskLin Resource Hash `175afd5a82045e606e8649be2b5c303c3766ca935c768866a215a72ea07c0418` Request headers Referer https://luzitarmudancas.com.br/blog/wp-admin/BnpPariba_Crypted_jdida/connexion/suivantpub.php?id=76466754 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36 Response headers Date Thu, 25 Jul 2019 15:42:21 GMT ETag "5d2dac32-46fe" Last-Modified Tue, 16 Jul 2019 10:51:30 GMT Server nginx X-Powered-By PleskLin Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 18174
GET H/1.1	200 OK	men.svg luzitarmudancas.com.br/blog/wp-admin/BnpPariba_Crypted_jdida/connexion/layout/img/	39 KB 39 KB	3719ms 757ms	Image image/svg+xml	167.114.48.128 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://luzitarmudancas.com.br/blog/wp-admin/BnpPariba_Crypted_jdida/connexion/layout/img/men.svg Requested by Host: luzitarmudancas.com.br URL: https://luzitarmudancas.com.br/blog/wp-admin/BnpPariba_Crypted_jdida/connexion/suivantpub.php?id=76466754 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 167.114.48.128 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ip128.ip-167-114-48.net Software nginx / PleskLin Resource Hash `c404641adcd27e1367d0bad01b9f49a2a1fe02eaebda1125b0f6412ee43f815d` Request headers Referer https://luzitarmudancas.com.br/blog/wp-admin/BnpPariba_Crypted_jdida/connexion/suivantpub.php?id=76466754 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36 Response headers Date Thu, 25 Jul 2019 15:42:22 GMT ETag "5d2dac32-9aa9" Last-Modified Tue, 16 Jul 2019 10:51:30 GMT Server nginx X-Powered-By PleskLin Content-Type image/svg+xml Connection keep-alive Accept-Ranges bytes Content-Length 39593
GET H/1.1	200 OK	off.svg luzitarmudancas.com.br/blog/wp-admin/BnpPariba_Crypted_jdida/connexion/layout/img/	1 KB 1 KB	3873ms 379ms	Image image/svg+xml	167.114.48.128 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://luzitarmudancas.com.br/blog/wp-admin/BnpPariba_Crypted_jdida/connexion/layout/img/off.svg Requested by Host: luzitarmudancas.com.br URL: https://luzitarmudancas.com.br/blog/wp-admin/BnpPariba_Crypted_jdida/connexion/suivantpub.php?id=76466754 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 167.114.48.128 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ip128.ip-167-114-48.net Software nginx / PleskLin Resource Hash `ca4de060108eeb055f89bd0ff4101ad225851546110d211d68c6e835aeaa1a74` Request headers Referer https://luzitarmudancas.com.br/blog/wp-admin/BnpPariba_Crypted_jdida/connexion/suivantpub.php?id=76466754 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36 Response headers Date Thu, 25 Jul 2019 15:42:22 GMT ETag "5d2dac32-4c5" Last-Modified Tue, 16 Jul 2019 10:51:30 GMT Server nginx X-Powered-By PleskLin Content-Type image/svg+xml Connection keep-alive Accept-Ranges bytes Content-Length 1221
GET H/1.1	200 OK	meng.svg luzitarmudancas.com.br/blog/wp-admin/BnpPariba_Crypted_jdida/connexion/layout/img/	90 KB 91 KB	3561ms 133ms	Image image/svg+xml	167.114.48.128 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://luzitarmudancas.com.br/blog/wp-admin/BnpPariba_Crypted_jdida/connexion/layout/img/meng.svg Requested by Host: luzitarmudancas.com.br URL: https://luzitarmudancas.com.br/blog/wp-admin/BnpPariba_Crypted_jdida/connexion/suivantpub.php?id=76466754 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 167.114.48.128 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ip128.ip-167-114-48.net Software nginx / PleskLin Resource Hash `4eac5ce5fe4f6d3a8fb5364cf1c4b942c6948366f013fb9bbba92dd1aafe199d` Request headers Referer https://luzitarmudancas.com.br/blog/wp-admin/BnpPariba_Crypted_jdida/connexion/suivantpub.php?id=76466754 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36 Response headers Date Thu, 25 Jul 2019 15:42:22 GMT ETag "5d2dac32-1693d" Last-Modified Tue, 16 Jul 2019 10:51:30 GMT Server nginx X-Powered-By PleskLin Content-Type image/svg+xml Connection keep-alive Accept-Ranges bytes Content-Length 92477
GET H/1.1	200 OK	load2.gif luzitarmudancas.com.br/blog/wp-admin/BnpPariba_Crypted_jdida/connexion/layout/img/	9 KB 9 KB	2060ms 785ms	Image image/gif	167.114.48.128 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://luzitarmudancas.com.br/blog/wp-admin/BnpPariba_Crypted_jdida/connexion/layout/img/load2.gif Requested by Host: luzitarmudancas.com.br URL: https://luzitarmudancas.com.br/blog/wp-admin/BnpPariba_Crypted_jdida/connexion/suivantpub.php?id=76466754 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 167.114.48.128 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ip128.ip-167-114-48.net Software nginx / PleskLin Resource Hash `3daeb4531b41a2571019bb291b0cca87f6d416568c4357c7e4d225a59cb9b34f` Request headers Referer https://luzitarmudancas.com.br/blog/wp-admin/BnpPariba_Crypted_jdida/connexion/suivantpub.php?id=76466754 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36 Response headers Date Thu, 25 Jul 2019 15:42:21 GMT ETag "5d2dac32-23f9" Last-Modified Tue, 16 Jul 2019 10:51:30 GMT Server nginx X-Powered-By PleskLin Content-Type image/gif Connection keep-alive Accept-Ranges bytes Content-Length 9209
GET H/1.1	200 OK	ta3ajoub.svg luzitarmudancas.com.br/blog/wp-admin/BnpPariba_Crypted_jdida/connexion/layout/img/	1 KB 2 KB	1552ms 1028ms	Image image/svg+xml	167.114.48.128 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://luzitarmudancas.com.br/blog/wp-admin/BnpPariba_Crypted_jdida/connexion/layout/img/ta3ajoub.svg Requested by Host: luzitarmudancas.com.br URL: https://luzitarmudancas.com.br/blog/wp-admin/BnpPariba_Crypted_jdida/connexion/suivantpub.php?id=76466754 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 167.114.48.128 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ip128.ip-167-114-48.net Software nginx / PleskLin Resource Hash `feb7bc9db5fc450b081c528f5233f768ca70d11df8483c1dc5885c77a4ef80dd` Request headers Referer https://luzitarmudancas.com.br/blog/wp-admin/BnpPariba_Crypted_jdida/connexion/suivantpub.php?id=76466754 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36 Response headers Date Thu, 25 Jul 2019 15:42:20 GMT ETag "5d2dac32-5fa" Last-Modified Tue, 16 Jul 2019 10:51:30 GMT Server nginx X-Powered-By PleskLin Content-Type image/svg+xml Connection keep-alive Accept-Ranges bytes Content-Length 1530
GET H/1.1	200 OK	ftr.png luzitarmudancas.com.br/blog/wp-admin/BnpPariba_Crypted_jdida/connexion/layout/img/	2 KB 3 KB	1509ms 131ms	Image image/png	167.114.48.128 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://luzitarmudancas.com.br/blog/wp-admin/BnpPariba_Crypted_jdida/connexion/layout/img/ftr.png Requested by Host: luzitarmudancas.com.br URL: https://luzitarmudancas.com.br/blog/wp-admin/BnpPariba_Crypted_jdida/connexion/suivantpub.php?id=76466754 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 167.114.48.128 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ip128.ip-167-114-48.net Software nginx / PleskLin Resource Hash `079e6fbca68f9d35945e9a317ce505ecf1f643cf21b5c9c1d2b316795d59a4ab` Request headers Referer https://luzitarmudancas.com.br/blog/wp-admin/BnpPariba_Crypted_jdida/connexion/suivantpub.php?id=76466754 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36 Response headers Date Thu, 25 Jul 2019 15:42:22 GMT ETag "5d2dac32-989" Last-Modified Tue, 16 Jul 2019 10:51:30 GMT Server nginx X-Powered-By PleskLin Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 2441
GET H/1.1	200 OK	main.js Show response luzitarmudancas.com.br/blog/wp-admin/BnpPariba_Crypted_jdida/connexion/layout/js/	105 KB 105 KB	1512ms 1119ms	Script application/javascript	167.114.48.128 OVH
General Check archive.org Show headers Download Go to Full URL https://luzitarmudancas.com.br/blog/wp-admin/BnpPariba_Crypted_jdida/connexion/layout/js/main.js Requested by Host: luzitarmudancas.com.br URL: https://luzitarmudancas.com.br/blog/wp-admin/BnpPariba_Crypted_jdida/connexion/suivantpub.php?id=76466754 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 167.114.48.128 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ip128.ip-167-114-48.net Software nginx / PleskLin Resource Hash `f9afbefc758522cdcad4184e837c18d4b70594e8020fe096b7fb591ebf0b4785` Request headers Referer https://luzitarmudancas.com.br/blog/wp-admin/BnpPariba_Crypted_jdida/connexion/suivantpub.php?id=76466754 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36 Response headers Date Thu, 25 Jul 2019 15:42:20 GMT ETag "5d2dac32-1a27e" Last-Modified Tue, 16 Jul 2019 10:51:30 GMT Server nginx X-Powered-By PleskLin Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 107134
GET DATA	200 OK	truncated /	17 KB 17 KB		Font application/font-woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `5dd216ad75ced5dd6acfb48d1ae11ba66fb373c26da7fc5efbdad9fd1c14f6e3` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36 Origin https://luzitarmudancas.com.br Response headers Content-Type application/font-woff2;charset=utf-8

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: BNP Paribas (Banking)

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

luzitarmudancas.com.br
167.114.48.128
079e6fbca68f9d35945e9a317ce505ecf1f643cf21b5c9c1d2b316795d59a4ab
175afd5a82045e606e8649be2b5c303c3766ca935c768866a215a72ea07c0418
34a096732dc6b2ec8a0388167290ead01b7658499a1e004f428eb2f810a99bec
3daeb4531b41a2571019bb291b0cca87f6d416568c4357c7e4d225a59cb9b34f
4eac5ce5fe4f6d3a8fb5364cf1c4b942c6948366f013fb9bbba92dd1aafe199d
5dd216ad75ced5dd6acfb48d1ae11ba66fb373c26da7fc5efbdad9fd1c14f6e3
84c378354ad81bf2a2018024320e6fc3016316855e2291c29c713a27703c4fdf
c404641adcd27e1367d0bad01b9f49a2a1fe02eaebda1125b0f6412ee43f815d
ca4de060108eeb055f89bd0ff4101ad225851546110d211d68c6e835aeaa1a74
f88c09b5cc94b515b5b56906273b1393dd80475f2928ca19b752e9b199b078e7
f9afbefc758522cdcad4184e837c18d4b70594e8020fe096b7fb591ebf0b4785
feb7bc9db5fc450b081c528f5233f768ca70d11df8483c1dc5885c77a4ef80dd

luzitarmudancas.com.br Open in urlscan Pro 167.114.48.128 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

11 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

366 kBTransfer

367 kBSize

0 Cookies

0 Outgoing links

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

11 JavaScript Global Variables

0 Cookies

Indicators

luzitarmudancas.com.br Open in urlscan Pro
167.114.48.128 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

366 kB
Transfer

367 kB
Size

0
Cookies

11 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!