lojarstech.com.br Open in urlscan Pro
201.48.8.160 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://lojarstech.com.br/login.microsoft.com_office365_signin/step2.php
Submission: On March 18 via api (March 18th 2022, 5:46:54 am UTC) from JP — Scanned from JP

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 10 HTTP transactions. The main IP is 201.48.8.160, located in Goiânia, Brazil and belongs to ALGAR TELECOM SA, BR. The main domain is lojarstech.com.br.

This is the only time lojarstech.com.br was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic (Online) Office 365 (Online) Microsoft (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
8	201.48.8.160 201.48.8.160	16735 (ALGAR TEL...) (ALGAR TELECOM SA)
1 1	2600:9000:21d... 2600:9000:21d2:cc00:10:7abf:f800:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:50c0:800... 2606:50c0:8000::153	54113 (FASTLY) (FASTLY)
1 2	192.186.220.3 192.186.220.3	398101 (GO-DADDY-...) (GO-DADDY-COM-LLC)
10	3

8 201.48.8.160 (Goiânia, Brazil)

ASN16735 (ALGAR TELECOM SA, BR)
PTR: bz34.hostgator.com.br

lojarstech.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21d2:cc00:10:7abf:f800:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

www.sitepoint.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:50c0:8000::153 (United States)

ASN54113 (FASTLY, US)

i2.sitepoint.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.186.220.3 (United States) 1 redirects

ASN398101 (GO-DADDY-COM-LLC, US)
PTR: ip-192-186-220-3.ip.secureserver.net

csscheckbox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.csscheckbox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	lojarstech.com.br lojarstech.com.br	23 KB
2	csscheckbox.com 1 redirects csscheckbox.com — Cisco Umbrella Rank: 721991 www.csscheckbox.com — Cisco Umbrella Rank: 864972	1 KB
2	sitepoint.com 1 redirects www.sitepoint.com — Cisco Umbrella Rank: 202564 i2.sitepoint.com	6 KB
10	3

	Domain	Requested by
8	lojarstech.com.br	lojarstech.com.br
1	www.csscheckbox.com	lojarstech.com.br
1	csscheckbox.com	1 redirects
1	i2.sitepoint.com	lojarstech.com.br
1	www.sitepoint.com	1 redirects
10	5

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://lojarstech.com.br/login.microsoft.com_office365_signin/step2.php
Frame ID: 84668418A8479C0685A4A1142660DB02
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign in to your account

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

10
Requests

0 %
HTTPS

50 %
IPv6

3
Domains

5
Subdomains

3
IPs

2
Countries

30 kB
Transfer

42 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://www.sitepoint.com/examples/password/MaskedPassword/MaskedPassword.js HTTP 301
https://i2.sitepoint.com/examples/password/MaskedPassword/MaskedPassword.js

Request Chain 8

http://csscheckbox.com/checkboxes/u/csscheckbox_a4824bcf5d413f078bdd6abd3e6e5bf4.png HTTP 301
http://www.csscheckbox.com/checkboxes/u/csscheckbox_a4824bcf5d413f078bdd6abd3e6e5bf4.png

10 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request step2.php Show response lojarstech.com.br/login.microsoft.com_office365_signin/	6 KB 3 KB	3058ms 540ms	Document text/html	201.48.8.160 ALGAR TELECOM SA
General Check archive.org Show headers Download Go to Full URL http://lojarstech.com.br/login.microsoft.com_office365_signin/step2.php Protocol HTTP/1.1 Server 201.48.8.160 Goiânia, Brazil, ASN16735 (ALGAR TELECOM SA, BR), Reverse DNS bz34.hostgator.com.br Software Apache / Resource Hash `3ca9ccc358e40cf8f7f4f5b1589ada35bd66663f66c4cf535371a23fa5a88d5e` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language jp-JP,jp;q=0.9 Response headers Date Fri, 18 Mar 2022 05:46:45 GMT Server Apache Upgrade h2,h2c Connection Upgrade, Keep-Alive Vary Accept-Encoding Content-Encoding gzip Content-Length 2592 Keep-Alive timeout=5, max=75 Content-Type text/html; charset=UTF-8
GET H2	200	MaskedPassword.js Show response i2.sitepoint.com/examples/password/MaskedPassword/ Redirect Chain https://www.sitepoint.com/examples/password/MaskedPassword/MaskedPassword.js https://i2.sitepoint.com/examples/password/MaskedPassword/MaskedPassword.js	17 KB 6 KB	614ms 335ms	Script application/javascript	2606:50c0:8000::153 FASTLY
General Check archive.org Show headers Download Go to Full URL https://i2.sitepoint.com/examples/password/MaskedPassword/MaskedPassword.js Requested by Host: lojarstech.com.br URL: http://lojarstech.com.br/login.microsoft.com_office365_signin/step2.php Protocol H2 Server 2606:50c0:8000::153 , United States, ASN54113 (FASTLY, US), Reverse DNS Software GitHub.com / Resource Hash `2cfdb08c07395b0be65df154f068ade61c1bfad7e3e3e2d0e40b85319fa95825` Request headers Accept-Language jp-JP,jp;q=0.9 Referer http://lojarstech.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers x-fastly-request-id 72706333713f20071a6164c9fb751d99d5d9d136 date Fri, 18 Mar 2022 05:46:46 GMT content-encoding gzip age 0 x-cache MISS content-length 5816 x-served-by cache-qpg1269-QPG access-control-allow-origin * last-modified Sun, 18 Oct 2020 23:08:24 GMT server GitHub.com x-github-request-id 5470:0B58:284F15:5D619E:62341CC6 x-timer S1647582406.328013,VS0,VE235 etag W/"5f8ccae8-4208" vary Accept-Encoding content-type application/javascript; charset=utf-8 via 1.1 varnish expires Fri, 18 Mar 2022 05:56:46 GMT cache-control max-age=600 accept-ranges bytes x-proxy-cache MISS x-cache-hits 0 Redirect headers date Fri, 18 Mar 2022 05:46:45 GMT via 1.1 d05095d5d00b4729431faf1afe434fc0.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop NRT12-C4 x-cache LambdaGeneratedResponse from cloudfront location https://i2.sitepoint.com/examples/password/MaskedPassword/MaskedPassword.js content-length 0 x-amz-cf-id gIWD041L2aJh9nZd_6WohAE0U--U8yYP0Lk9bGefaVOyL3Z_uhNAZA==
GET H/1.1	200 OK	f7.png lojarstech.com.br/login.microsoft.com_office365_signin/images/	12 KB 12 KB	281ms 281ms	Image image/png	201.48.8.160 ALGAR TELECOM SA
General Check archive.org Show headers Download Go to Show image Full URL http://lojarstech.com.br/login.microsoft.com_office365_signin/images/f7.png Requested by Host: lojarstech.com.br URL: http://lojarstech.com.br/login.microsoft.com_office365_signin/step2.php Protocol HTTP/1.1 Server 201.48.8.160 Goiânia, Brazil, ASN16735 (ALGAR TELECOM SA, BR), Reverse DNS bz34.hostgator.com.br Software Apache / Resource Hash `a4bb54b527f5b4b5f1a6dac1e0086576994d89b0f765d12ed4ac3602cb575484` Request headers Accept-Language jp-JP,jp;q=0.9 Referer http://lojarstech.com.br/login.microsoft.com_office365_signin/step2.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Fri, 18 Mar 2022 05:46:45 GMT Last-Modified Tue, 15 Aug 2017 02:57:20 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=74 Content-Length 12072
GET H/1.1	200 OK	f1.png lojarstech.com.br/login.microsoft.com_office365_signin/images/	2 KB 2 KB	277ms 276ms	Image image/png	201.48.8.160 ALGAR TELECOM SA
General Check archive.org Show headers Download Go to Show image Full URL http://lojarstech.com.br/login.microsoft.com_office365_signin/images/f1.png Requested by Host: lojarstech.com.br URL: http://lojarstech.com.br/login.microsoft.com_office365_signin/step2.php Protocol HTTP/1.1 Server 201.48.8.160 Goiânia, Brazil, ASN16735 (ALGAR TELECOM SA, BR), Reverse DNS bz34.hostgator.com.br Software Apache / Resource Hash `9e9e4e516e46a0ad7364c691c823513e256144217281f39c47f9f8644ad8e882` Request headers Accept-Language jp-JP,jp;q=0.9 Referer http://lojarstech.com.br/login.microsoft.com_office365_signin/step2.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Fri, 18 Mar 2022 05:46:46 GMT Last-Modified Tue, 15 Aug 2017 02:29:50 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=73 Content-Length 1844
GET H/1.1	200 OK	f4.png lojarstech.com.br/login.microsoft.com_office365_signin/images/	2 KB 2 KB	276ms 275ms	Image image/png	201.48.8.160 ALGAR TELECOM SA
General Check archive.org Show headers Download Go to Show image Full URL http://lojarstech.com.br/login.microsoft.com_office365_signin/images/f4.png Requested by Host: lojarstech.com.br URL: http://lojarstech.com.br/login.microsoft.com_office365_signin/step2.php Protocol HTTP/1.1 Server 201.48.8.160 Goiânia, Brazil, ASN16735 (ALGAR TELECOM SA, BR), Reverse DNS bz34.hostgator.com.br Software Apache / Resource Hash `0fd0bf8ee301b4a8f20737ec77ad8bfd43d580842f83be81c7393a07a1e902bc` Request headers Accept-Language jp-JP,jp;q=0.9 Referer http://lojarstech.com.br/login.microsoft.com_office365_signin/step2.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Fri, 18 Mar 2022 05:46:46 GMT Last-Modified Tue, 15 Aug 2017 02:30:50 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=72 Content-Length 1789
GET H/1.1	200 OK	f5.png lojarstech.com.br/login.microsoft.com_office365_signin/images/	1 KB 1 KB	277ms 276ms	Image image/png	201.48.8.160 ALGAR TELECOM SA
General Check archive.org Show headers Download Go to Show image Full URL http://lojarstech.com.br/login.microsoft.com_office365_signin/images/f5.png Requested by Host: lojarstech.com.br URL: http://lojarstech.com.br/login.microsoft.com_office365_signin/step2.php Protocol HTTP/1.1 Server 201.48.8.160 Goiânia, Brazil, ASN16735 (ALGAR TELECOM SA, BR), Reverse DNS bz34.hostgator.com.br Software Apache / Resource Hash `fa0a3c38510e56d83b965e3dc6bbf79eabab8780571c768388ef7f6f8af258be` Request headers Accept-Language jp-JP,jp;q=0.9 Referer http://lojarstech.com.br/login.microsoft.com_office365_signin/step2.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Fri, 18 Mar 2022 05:46:46 GMT Last-Modified Tue, 15 Aug 2017 02:31:40 GMT Server Apache Upgrade h2,h2c Connection Upgrade, Keep-Alive Accept-Ranges bytes Content-Type image/png Keep-Alive timeout=5, max=75 Content-Length 1119
GET H/1.1	200 OK	f8.png lojarstech.com.br/login.microsoft.com_office365_signin/images/	753 B 994 B	372ms 310ms	Image image/png	201.48.8.160 ALGAR TELECOM SA
General Check archive.org Show headers Download Go to Show image Full URL http://lojarstech.com.br/login.microsoft.com_office365_signin/images/f8.png Requested by Host: lojarstech.com.br URL: http://lojarstech.com.br/login.microsoft.com_office365_signin/step2.php Protocol HTTP/1.1 Server 201.48.8.160 Goiânia, Brazil, ASN16735 (ALGAR TELECOM SA, BR), Reverse DNS bz34.hostgator.com.br Software Apache / Resource Hash `9dd5e031a96cb31830ef2fb13009f70f2001f7204e8e96faf0999821e7dd67eb` Request headers Accept-Language jp-JP,jp;q=0.9 Referer http://lojarstech.com.br/login.microsoft.com_office365_signin/step2.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Fri, 18 Mar 2022 05:46:46 GMT Last-Modified Mon, 31 Jul 2017 06:13:50 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=71 Content-Length 753
GET H/1.1	200 OK	f9.png lojarstech.com.br/login.microsoft.com_office365_signin/images/	518 B 785 B	548ms 275ms	Image image/png	201.48.8.160 ALGAR TELECOM SA
General Check archive.org Show headers Download Go to Show image Full URL http://lojarstech.com.br/login.microsoft.com_office365_signin/images/f9.png Requested by Host: lojarstech.com.br URL: http://lojarstech.com.br/login.microsoft.com_office365_signin/step2.php Protocol HTTP/1.1 Server 201.48.8.160 Goiânia, Brazil, ASN16735 (ALGAR TELECOM SA, BR), Reverse DNS bz34.hostgator.com.br Software Apache / Resource Hash `85e2ac81e461ab1ade344e29a40a6b92b83e8b231e092003dd52042c007e28bb` Request headers Accept-Language jp-JP,jp;q=0.9 Referer http://lojarstech.com.br/login.microsoft.com_office365_signin/step2.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Fri, 18 Mar 2022 05:46:47 GMT Last-Modified Mon, 31 Jul 2017 06:14:14 GMT Server Apache Upgrade h2,h2c Connection Upgrade, Keep-Alive Accept-Ranges bytes Content-Type image/png Keep-Alive timeout=5, max=75 Content-Length 518
GET H/1.1	200 OK	logn.png lojarstech.com.br/login.microsoft.com_office365_signin/images/	574 B 815 B	555ms 283ms	Image image/png	201.48.8.160 ALGAR TELECOM SA
General Check archive.org Show headers Download Go to Show image Full URL http://lojarstech.com.br/login.microsoft.com_office365_signin/images/logn.png Requested by Host: lojarstech.com.br URL: http://lojarstech.com.br/login.microsoft.com_office365_signin/step2.php Protocol HTTP/1.1 Server 201.48.8.160 Goiânia, Brazil, ASN16735 (ALGAR TELECOM SA, BR), Reverse DNS bz34.hostgator.com.br Software Apache / Resource Hash `c97d1d203e88bb6e827e3df7f611a2950e1d9b5ee6acd996f337561524389c34` Request headers Accept-Language jp-JP,jp;q=0.9 Referer http://lojarstech.com.br/login.microsoft.com_office365_signin/step2.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Fri, 18 Mar 2022 05:46:47 GMT Last-Modified Mon, 31 Jul 2017 06:14:34 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=74 Content-Length 574
GET H/1.1	200 OK	csscheckbox_a4824bcf5d413f078bdd6abd3e6e5bf4.png www.csscheckbox.com/checkboxes/u/ Redirect Chain http://csscheckbox.com/checkboxes/u/csscheckbox_a4824bcf5d413f078bdd6abd3e6e5bf4.png http://www.csscheckbox.com/checkboxes/u/csscheckbox_a4824bcf5d413f078bdd6abd3e6e5bf4.png	536 B 876 B	516ms 124ms	Image image/png	192.186.220.3 GO-DADDY-COM-LLC
General Check archive.org Show headers Download Go to Show image Full URL http://www.csscheckbox.com/checkboxes/u/csscheckbox_a4824bcf5d413f078bdd6abd3e6e5bf4.png Requested by Host: lojarstech.com.br URL: http://lojarstech.com.br/login.microsoft.com_office365_signin/step2.php Protocol HTTP/1.1 Server 192.186.220.3 , United States, ASN398101 (GO-DADDY-COM-LLC, US), Reverse DNS ip-192-186-220-3.ip.secureserver.net Software Apache / Resource Hash `3328548bcb03a94996313cb4d9b1b014b1a85cd5e6519c7fd0b9446b78e69208` Request headers Accept-Language jp-JP,jp;q=0.9 Referer http://lojarstech.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Fri, 18 Mar 2022 05:46:47 GMT Last-Modified Mon, 31 Jul 2017 00:49:27 GMT Server Apache Upgrade h2,h2c Cache-Control max-age=31557600, public Connection Upgrade, Keep-Alive Accept-Ranges bytes Content-Type image/png Keep-Alive timeout=5 Content-Length 536 Expires Sat, 18 Mar 2023 05:46:47 GMT Redirect headers Date Fri, 18 Mar 2022 05:46:46 GMT Server Apache Content-Type text/html; charset=iso-8859-1 Location http://www.csscheckbox.com/checkboxes/u/csscheckbox_a4824bcf5d413f078bdd6abd3e6e5bf4.png Cache-Control max-age=31536000 Connection Keep-Alive Keep-Alive timeout=5 Content-Length 296 Expires Sat, 18 Mar 2023 05:46:46 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic (Online) Office 365 (Online) Microsoft (Consumer)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

csscheckbox.com
i2.sitepoint.com
lojarstech.com.br
www.csscheckbox.com
www.sitepoint.com
192.186.220.3
201.48.8.160
2600:9000:21d2:cc00:10:7abf:f800:93a1
2606:50c0:8000::153
0fd0bf8ee301b4a8f20737ec77ad8bfd43d580842f83be81c7393a07a1e902bc
2cfdb08c07395b0be65df154f068ade61c1bfad7e3e3e2d0e40b85319fa95825
3328548bcb03a94996313cb4d9b1b014b1a85cd5e6519c7fd0b9446b78e69208
3ca9ccc358e40cf8f7f4f5b1589ada35bd66663f66c4cf535371a23fa5a88d5e
85e2ac81e461ab1ade344e29a40a6b92b83e8b231e092003dd52042c007e28bb
9dd5e031a96cb31830ef2fb13009f70f2001f7204e8e96faf0999821e7dd67eb
9e9e4e516e46a0ad7364c691c823513e256144217281f39c47f9f8644ad8e882
a4bb54b527f5b4b5f1a6dac1e0086576994d89b0f765d12ed4ac3602cb575484
c97d1d203e88bb6e827e3df7f611a2950e1d9b5ee6acd996f337561524389c34
fa0a3c38510e56d83b965e3dc6bbf79eabab8780571c768388ef7f6f8af258be

lojarstech.com.br Open in urlscan Pro 201.48.8.160 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

10 Requests

0 %HTTPS

50 %IPv6

3 Domains

5 Subdomains

3 IPs

2 Countries

30 kBTransfer

42 kBSize

0 Cookies

0 Outgoing links

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

5 JavaScript Global Variables

0 Cookies

Indicators

lojarstech.com.br Open in urlscan Pro
201.48.8.160 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

0 %
HTTPS

50 %
IPv6

3
Domains

5
Subdomains

3
IPs

2
Countries

30 kB
Transfer

42 kB
Size

0
Cookies

10 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!