urlscan.io logo urlscan.io
SecurityTrails logo

2cs.com.br Open in urlscan Pro
191.6.222.119  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: http://2cs.com.br/wp-admin/shopify/verification/790M03N3CC3849E851N1/
Submission: On June 17 via api from LU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 1 HTTP transactions. The main IP is 191.6.222.119, located in Brazil and belongs to IPV6 Internet Ltda, BR. The main domain is 2cs.com.br.
This is the only time 2cs.com.br was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Shopify (Online)

Domain & IP information

IP Address AS Autonomous System
1 2 191.6.222.119 28299 (IPV6 Inte...)
1 2
Apex Domain
Subdomains		 Transfer
2 2cs.com.br
2cs.com.br
581 KB
1 1
Domain Requested by
2 2cs.com.br 1 redirects
1 1

This site contains no links.

Subject Issuer Validity Valid

This page contains 2 frames:

Primary Page: http://2cs.com.br/wp-admin/shopify/verification/790M03N3CC3849E851N1/
Frame ID: BEAFF9342C75EA79E807F62ED884ACDA
Requests: 3 HTTP requests in this frame

Frame: data://truncated
Frame ID: 2FAF739CB36A23655A99BF03C21DDD0B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Shopify

Page URL History Show full URLs

  1. http://2cs.com.br/wp-admin/shopify/verification/790M03N3CC3849E851N1 HTTP 301
    http://2cs.com.br/wp-admin/shopify/verification/790M03N3CC3849E851N1/ Page URL

Page Statistics

1
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

618 kB
Transfer

1626 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://2cs.com.br/wp-admin/shopify/verification/790M03N3CC3849E851N1 HTTP 301
    http://2cs.com.br/wp-admin/shopify/verification/790M03N3CC3849E851N1/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

1 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
2cs.com.br/wp-admin/shopify/verification/790M03N3CC3849E851N1/
Redirect Chain
  • http://2cs.com.br/wp-admin/shopify/verification/790M03N3CC3849E851N1
  • http://2cs.com.br/wp-admin/shopify/verification/790M03N3CC3849E851N1/
2 MB
581 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://2cs.com.br/wp-admin/shopify/verification/790M03N3CC3849E851N1/
Protocol
HTTP/1.1
Server
191.6.222.119 , Brazil, ASN28299 (IPV6 Internet Ltda, BR),
Reverse DNS
web10f45.kinghost.net
Software
Apache /
Resource Hash
7aaebe8d5642efbe8c80984a4aedbade3b01b73b052d2b2015312b0de47599bb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Fri, 17 Jun 2022 23:16:24 GMT
Keep-Alive
timeout=5, max=499
Server
Apache
Transfer-Encoding
chunked
Vary
Accept-Encoding

Redirect headers

Connection
Keep-Alive
Content-Length
277
Content-Type
text/html; charset=iso-8859-1
Date
Fri, 17 Jun 2022 23:16:24 GMT
Keep-Alive
timeout=5, max=500
Location
http://2cs.com.br/wp-admin/shopify/verification/790M03N3CC3849E851N1/
Server
Apache
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
31218e858c0c19e74e2c504640631d96bdc143a47314a39c2e9e20cc908f00b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2cs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7cdcb8dafd2f35ec642986935ed106e2c36f93e2a3143297a98cdcf00351744b

Request headers

Referer
http://2cs.com.br/
Origin
http://2cs.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36

Response headers

Content-Type
font/woff2
truncated
/ Frame 2FAF 		16 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
76d88b182de9fb2fc737373f07d88e8077a4cf241c24aa690d773aaa2c990607

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame 2FAF 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
25160d1a05da787452b5cb119049bcf4c734b41845b981ab80e0a5b9fb860bf7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36

Response headers

Content-Type
image/png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Shopify (Online)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation

0 Cookies