URL: http://blueshift.com.br/scope/indexx.php
Submission: On May 23 via automatic, source openphish

Summary

This website contacted 6 IPs in 2 countries across 4 domains to perform 9 HTTP transactions. The main IP is 72.167.177.168, located in Scottsdale, United States and belongs to AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US. The main domain is blueshift.com.br.
This is the only time blueshift.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 72.167.177.168 26496 (AS-26496-...)
3 189.90.130.236 28195 (Com4 Data...)
1 104.20.13.105 13335 (CLOUDFLAR...)
1 151.101.12.193 54113 (FASTLY)
1 104.20.14.105 13335 (CLOUDFLAR...)
9 6
Domain Requested by
3 stockdoceefesta.com.br stockdoceefesta.com.br
2 image.prntscr.com stockdoceefesta.com.br
2 blueshift.com.br
1 i.imgur.com stockdoceefesta.com.br
9 4

This site contains no links.

Subject Issuer Validity Valid

This page contains 2 frames:

Frame: http://stockdoceefesta.com.br/js/index.html
Frame ID: 32709.1
Requests: 3 HTTP requests in this frame

Frame: http://stockdoceefesta.com.br/js/index.html
Frame ID: 32723.1
Requests: 6 HTTP requests in this frame

Screenshot


Page Statistics

9
Requests

0 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

6
IPs

2
Countries

573 kB
Transfer

573 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request indexx.php
blueshift.com.br/scope/
96 B
102 B
Document
General
Full URL
http://blueshift.com.br/scope/indexx.php
Protocol
HTTP/1.1
Server
72.167.177.168 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-72-167-177-168.ip.secureserver.net
Software
Apache/2.2.25 (Unix) mod_ssl/2.2.25 OpenSSL/1.0.0-fips mod_auth_passthrough/2.1 mod_bwlimited/1.4 / PHP/5.4.19
Resource Hash
8c9da205c10cc722998f36f107bdc1bb8d11a1ac65a8141d0a8fa8fdcf6b3bde

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
blueshift.com.br
Accept-Language
en-US,en;q=0.8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Cache-Control
no-cache
Connection
keep-alive
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date
Tue, 23 May 2017 08:38:44 GMT
Server
Apache/2.2.25 (Unix) mod_ssl/2.2.25 OpenSSL/1.0.0-fips mod_auth_passthrough/2.1 mod_bwlimited/1.4
Connection
Keep-Alive
X-Powered-By
PHP/5.4.19
Transfer-Encoding
chunked
Keep-Alive
timeout=5, max=100
Content-Type
text/html
index.html
stockdoceefesta.com.br/js/
0
0

favicon.ico
blueshift.com.br/
0
0
Other
General
Full URL
http://blueshift.com.br/favicon.ico
Protocol
HTTP/1.1
Server
72.167.177.168 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-72-167-177-168.ip.secureserver.net
Software
Apache/2.2.25 (Unix) mod_ssl/2.2.25 OpenSSL/1.0.0-fips mod_auth_passthrough/2.1 mod_bwlimited/1.4 / PHP/5.4.19
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
blueshift.com.br
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://blueshift.com.br/scope/indexx.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://blueshift.com.br/scope/indexx.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date
Tue, 23 May 2017 08:38:44 GMT
Server
Apache/2.2.25 (Unix) mod_ssl/2.2.25 OpenSSL/1.0.0-fips mod_auth_passthrough/2.1 mod_bwlimited/1.4
Connection
Keep-Alive
X-Powered-By
PHP/5.4.19
Content-Length
0
Keep-Alive
timeout=5, max=99
Content-Type
image/vnd.microsoft.icon
index.html
stockdoceefesta.com.br/js/ Frame 3272
835 B
835 B
Document
General
Full URL
http://stockdoceefesta.com.br/js/index.html
Protocol
HTTP/1.1
Server
189.90.130.236 Franca, Brazil, ASN28195 (Com4 Data Center Ltda EPP, BR),
Reverse DNS
aguaenergy.com.br
Software
Apache /
Resource Hash
dc0057c923006db834269a7bb5c6d8bae3aa0d7d29b80721b7e40ac289013bde

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
stockdoceefesta.com.br
Accept-Language
en-US,en;q=0.8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Referer
http://blueshift.com.br/scope/indexx.php
Connection
keep-alive
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
Referer
http://blueshift.com.br/scope/indexx.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date
Tue, 23 May 2017 08:38:44 GMT
Last-Modified
Mon, 13 Feb 2017 13:54:11 GMT
Server
Apache
Content-Type
text/html
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
835
Cookie set 65e60b27723740d6813c391a7592f5af.png
image.prntscr.com/image/ Frame 3272
8 KB
8 KB
Image
General
Full URL
http://image.prntscr.com/image/65e60b27723740d6813c391a7592f5af.png
Requested by
Host: stockdoceefesta.com.br
URL: http://stockdoceefesta.com.br/js/index.html
Protocol
HTTP/1.1
Server
104.20.13.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx / Magic
Resource Hash
f9b5d17e60ce122027f8fb0a0e69a1b2e82814078dc4c66f1cdbf2c30e60dd54

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
image.prntscr.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://stockdoceefesta.com.br/js/index.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://stockdoceefesta.com.br/js/index.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date
Tue, 23 May 2017 08:38:45 GMT
CF-Cache-Status
HIT
Cf-Polished
origFmt=png, origSize=13186
Content-Disposition
inline; filename="65e60b27723740d6813c391a7592f5af.webp"
Connection
keep-alive
Content-Length
8042
Last-Modified
Mon, 13 Feb 2017 13:46:01 GMT
Server
cloudflare-nginx
X-Powered-By
Magic
Etag
"97f83c12878c850e12cf0cbf884e2779"
Vary
Accept
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/webp
Access-Control-Allow-Origin
*
Expires
Wed, 23 May 2018 08:38:45 GMT
Cache-Control
public, max-age=31536000
Set-Cookie
__cfduid=d75b93e3f3a2817d5a49416385ced3c931495528725; expires=Wed, 23-May-18 08:38:45 GMT; path=/; domain=.prntscr.com; HttpOnly
Accept-Ranges
bytes
CF-RAY
3636b365b14a647b-FRA
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Cf-Bgj
imgq:100
jPWhx7i.png
i.imgur.com/ Frame 3272
559 KB
559 KB
Image
General
Full URL
http://i.imgur.com/jPWhx7i.png
Requested by
Host: stockdoceefesta.com.br
URL: http://stockdoceefesta.com.br/js/index.html
Protocol
HTTP/1.1
Server
151.101.12.193 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
5c99c554f1c382517517ec4e23778eb8b175baf686d4ed83ab7463b657af3267

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
i.imgur.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://stockdoceefesta.com.br/js/index.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://stockdoceefesta.com.br/js/index.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date
Tue, 23 May 2017 08:38:45 GMT
Age
2056
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
572665
X-Served-By
cache-iad2135-IAD, cache-fra1235-FRA
Last-Modified
Mon, 13 Feb 2017 13:45:17 GMT
Server
cat factory 1.0
cache-control
public, max-age=31536000
X-Timer
S1495528725.397207,VS0,VE8
ETag
"7c8a3a6d7e369f37a6a271d3f88cd786"
Vary
Accept, Accept
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Fastly-Debug-Digest
8310e1bd11eb383e32515c11cf2188b3b8cbebaf34b8b2036e75625f5c5ab472
Accept-Ranges
bytes
X-Cache-Hits
1, 1
style.css
stockdoceefesta.com.br/js/ Frame 3272
820 B
820 B
Stylesheet
General
Full URL
http://stockdoceefesta.com.br/js/style.css
Requested by
Host: stockdoceefesta.com.br
URL: http://stockdoceefesta.com.br/js/index.html
Protocol
HTTP/1.1
Server
189.90.130.236 Franca, Brazil, ASN28195 (Com4 Data Center Ltda EPP, BR),
Reverse DNS
aguaenergy.com.br
Software
Apache /
Resource Hash
717f9d4f5107fdb821b18883758de300df5c5f843a52c8aad01d783a33c6d92a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
stockdoceefesta.com.br
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://stockdoceefesta.com.br/js/index.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://stockdoceefesta.com.br/js/index.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date
Tue, 23 May 2017 08:38:44 GMT
Last-Modified
Mon, 13 Feb 2017 13:40:18 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
820
Cookie set 7c62bb67e58f479591b8d06e4584fee0.png
image.prntscr.com/image/ Frame 3272
4 KB
4 KB
Image
General
Full URL
http://image.prntscr.com/image/7c62bb67e58f479591b8d06e4584fee0.png
Requested by
Host: stockdoceefesta.com.br
URL: http://stockdoceefesta.com.br/js/index.html
Protocol
HTTP/1.1
Server
104.20.14.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx / Magic
Resource Hash
a7a5d5439872125e7a329f1ca4a5df8bf7a7ce9b340466d6390560312a625ba0

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
image.prntscr.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://stockdoceefesta.com.br/js/index.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://stockdoceefesta.com.br/js/index.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date
Tue, 23 May 2017 08:38:45 GMT
CF-Cache-Status
HIT
Cf-Polished
origFmt=png, origSize=6271
Content-Disposition
inline; filename="7c62bb67e58f479591b8d06e4584fee0.webp"
Connection
keep-alive
Content-Length
4450
Last-Modified
Mon, 13 Feb 2017 13:37:17 GMT
Server
cloudflare-nginx
X-Powered-By
Magic
Etag
"606125442f7bccb4a23a8be69d354951"
Vary
Accept
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/webp
Access-Control-Allow-Origin
*
Expires
Wed, 23 May 2018 08:38:45 GMT
Cache-Control
public, max-age=31536000
Set-Cookie
__cfduid=d74714a6b6e2fdcd8cbc0c5b56ce0cd8c1495528725; expires=Wed, 23-May-18 08:38:45 GMT; path=/; domain=.prntscr.com; HttpOnly
Accept-Ranges
bytes
CF-RAY
3636b365b68526ae-FRA
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Cf-Bgj
imgq:100
favicon.ico
stockdoceefesta.com.br/ Frame 3272
328 B
328 B
Other
General
Full URL
http://stockdoceefesta.com.br/favicon.ico
Protocol
HTTP/1.1
Server
189.90.130.236 Franca, Brazil, ASN28195 (Com4 Data Center Ltda EPP, BR),
Reverse DNS
aguaenergy.com.br
Software
Apache /
Resource Hash
6b62a3658ad247e8f30d3e9f35da5e00ffac1ea09785bd1f0a9830f659cf01da

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
stockdoceefesta.com.br
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://stockdoceefesta.com.br/js/index.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://stockdoceefesta.com.br/js/index.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date
Tue, 23 May 2017 08:38:45 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Content-Length
328
Content-Type
text/html; charset=iso-8859-1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
stockdoceefesta.com.br
URL
http://stockdoceefesta.com.br/js/index.html

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies