www.asv.boaviagem.ce.gov.br Open in urlscan Pro
138.128.166.178 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://asv.boaviagem.ce.gov.br/app
Effective URL:
https://www.asv.boaviagem.ce.gov.br/app/
Submission: On April 26 via api (April 26th 2024, 10:19:45 pm UTC) from US — Scanned from DE

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 12 HTTP transactions. The main IP is 138.128.166.178, located in Orlando, United States and belongs to DIMENOC, US. The main domain is www.asv.boaviagem.ce.gov.br.
TLS certificate: Issued by cPanel, Inc. Certification Authority on March 8th 2024. Valid for: 3 months.

This is the only time www.asv.boaviagem.ce.gov.br was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Yahoo (Online)

Domain & IP information

	IP Address	AS Autonomous System
2 8	138.128.166.178 138.128.166.178	33182 (DIMENOC) (DIMENOC)
5	2a00:1288:80:... 2a00:1288:80:807::1	203220 (YAHOO-DEB) (YAHOO-DEB)
12	3

8 138.128.166.178 (Orlando, United States) 2 redirects

ASN33182 (DIMENOC, US)
PTR: server2.assesi.com

asv.boaviagem.ce.gov.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.asv.boaviagem.ce.gov.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	boaviagem.ce.gov.br 2 redirects asv.boaviagem.ce.gov.br www.asv.boaviagem.ce.gov.br	524 KB
5	yimg.com s.yimg.com — Cisco Umbrella Rank: 651	761 KB
12	2

	Domain	Requested by
7	www.asv.boaviagem.ce.gov.br	1 redirects www.asv.boaviagem.ce.gov.br
5	s.yimg.com	www.asv.boaviagem.ce.gov.br
1	asv.boaviagem.ce.gov.br	1 redirects
12	3

This site contains no links.

Subject Issuer	Validity	Valid
asv.boaviagem.ce.gov.br cPanel, Inc. Certification Authority	`2024-03-08` - `2024-06-06`	3 months	crt.sh
*.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2024-04-02` - `2024-05-22`	2 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.asv.boaviagem.ce.gov.br/app/
Frame ID: C9C08FC78B456218BB2AC064DCC739E6
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Yahoo

Page URL History Show full URLs

http://asv.boaviagem.ce.gov.br/app HTTP 307
https://asv.boaviagem.ce.gov.br/app HTTP 301
https://www.asv.boaviagem.ce.gov.br/app HTTP 301
https://www.asv.boaviagem.ce.gov.br/app/ Page URL

Page Statistics

12
Requests

92 %
HTTPS

50 %
IPv6

2
Domains

3
Subdomains

3
IPs

2
Countries

1284 kB
Transfer

1497 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://asv.boaviagem.ce.gov.br/app HTTP 307
https://asv.boaviagem.ce.gov.br/app HTTP 301
https://www.asv.boaviagem.ce.gov.br/app HTTP 301
https://www.asv.boaviagem.ce.gov.br/app/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://www.asv.boaviagem.ce.gov.br/Libraries/jquery.min.js HTTP 302
https://www.asv.boaviagem.ce.gov.br/Libraries/app HTTP 302
https://www.asv.boaviagem.ce.gov.br/Libraries/app HTTP 302
https://www.asv.boaviagem.ce.gov.br/Libraries/app HTTP 302
https://www.asv.boaviagem.ce.gov.br/Libraries/app HTTP 302
https://www.asv.boaviagem.ce.gov.br/Libraries/app HTTP 302
https://www.asv.boaviagem.ce.gov.br/Libraries/app HTTP 302
https://www.asv.boaviagem.ce.gov.br/Libraries/app HTTP 302
https://www.asv.boaviagem.ce.gov.br/Libraries/app HTTP 302
https://www.asv.boaviagem.ce.gov.br/Libraries/app HTTP 302
https://www.asv.boaviagem.ce.gov.br/Libraries/app HTTP 302
https://www.asv.boaviagem.ce.gov.br/Libraries/app HTTP 302
https://www.asv.boaviagem.ce.gov.br/Libraries/app HTTP 302
https://www.asv.boaviagem.ce.gov.br/Libraries/app HTTP 302
https://www.asv.boaviagem.ce.gov.br/Libraries/app HTTP 302
https://www.asv.boaviagem.ce.gov.br/Libraries/app HTTP 302
https://www.asv.boaviagem.ce.gov.br/Libraries/app HTTP 302
https://www.asv.boaviagem.ce.gov.br/Libraries/app HTTP 302
https://www.asv.boaviagem.ce.gov.br/Libraries/app HTTP 302
https://www.asv.boaviagem.ce.gov.br/Libraries/app HTTP 302
https://www.asv.boaviagem.ce.gov.br/Libraries/app

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.asv.boaviagem.ce.gov.br/app/
Redirect Chain

http://asv.boaviagem.ce.gov.br/app
https://asv.boaviagem.ce.gov.br/app
https://www.asv.boaviagem.ce.gov.br/app
https://www.asv.boaviagem.ce.gov.br/app/

4 KB
4 KB

628ms
628ms

Document
text/html

138.128.166.178
DIMENOC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.asv.boaviagem.ce.gov.br/app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 138.128.166.178 Orlando, United States, ASN33182 (DIMENOC, US),
Reverse DNS: server2.assesi.com
Software: Apache /
Resource Hash: b7719303cdf1b1145820d2a4f93274d7c99e07e8f4fd4a056ff5ba0ec57d464d

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

cache-control: no-store, no-cache, must-revalidate
content-length: 4044
content-type: text/html; charset=UTF-8
date: Fri, 26 Apr 2024 22:19:34 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: Apache

Redirect headers

content-length: 248
content-type: text/html; charset=iso-8859-1
date: Fri, 26 Apr 2024 22:19:34 GMT
location: https://www.asv.boaviagem.ce.gov.br/app/
server: Apache

GET
H2 200 main.css
www.asv.boaviagem.ce.gov.br/libraries/ 515 KB
515 KB 295ms
291ms Stylesheet
text/css 138.128.166.178
DIMENOC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.asv.boaviagem.ce.gov.br/libraries/main.css
Requested by: Host: www.asv.boaviagem.ce.gov.br
URL: https://www.asv.boaviagem.ce.gov.br/app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 138.128.166.178 Orlando, United States, ASN33182 (DIMENOC, US),
Reverse DNS: server2.assesi.com
Software: Apache /
Resource Hash: 153fa24a836bcba71a95f5852d592b050dd164df2006ed34c909cfb776605870

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.asv.boaviagem.ce.gov.br/app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 22:19:34 GMT
last-modified: Tue, 05 Apr 2022 19:18:56 GMT
server: Apache
accept-ranges: bytes
etag: "2540952-80a91-5dbed1db9c800"
content-length: 526993
content-type: text/css

GET
H2 200 frontpage_en-US_s_f_p_bestfit_frontpage_2x.png
www.asv.boaviagem.ce.gov.br/libraries/ 1 KB
1 KB 293ms
290ms Image
image/png 138.128.166.178
DIMENOC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.asv.boaviagem.ce.gov.br/libraries/frontpage_en-US_s_f_p_bestfit_frontpage_2x.png
Requested by: Host: www.asv.boaviagem.ce.gov.br
URL: https://www.asv.boaviagem.ce.gov.br/app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 138.128.166.178 Orlando, United States, ASN33182 (DIMENOC, US),
Reverse DNS: server2.assesi.com
Software: Apache /
Resource Hash: 0fdefe26bac6a6b0b06fe67984582f887af70b7da25d6cb1b401f9074db58338

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.asv.boaviagem.ce.gov.br/app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 22:19:34 GMT
last-modified: Tue, 05 Apr 2022 19:18:58 GMT
server: Apache
accept-ranges: bytes
etag: "25406a1-542-5dbed1dd84c80"
content-length: 1346
content-type: image/png

GET
H2 200 frontpage_en-US_s_f_w_bestfit_frontpage_2x.png
www.asv.boaviagem.ce.gov.br/libraries/ 1 KB
1 KB 150ms
147ms Image
image/png 138.128.166.178
DIMENOC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.asv.boaviagem.ce.gov.br/libraries/frontpage_en-US_s_f_w_bestfit_frontpage_2x.png
Requested by: Host: www.asv.boaviagem.ce.gov.br
URL: https://www.asv.boaviagem.ce.gov.br/app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 138.128.166.178 Orlando, United States, ASN33182 (DIMENOC, US),
Reverse DNS: server2.assesi.com
Software: Apache /
Resource Hash: 4f47ef8ff3dad2a78360ab207cf35ff2905622511c0426109f6e225052cf5637

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.asv.boaviagem.ce.gov.br/app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 22:19:34 GMT
last-modified: Tue, 05 Apr 2022 19:18:58 GMT
server: Apache
accept-ranges: bytes
etag: "254072b-56f-5dbed1dd84c80"
content-length: 1391
content-type: image/png

GET

app
www.asv.boaviagem.ce.gov.br/Libraries/
Redirect Chain

https://www.asv.boaviagem.ce.gov.br/Libraries/jquery.min.js
https://www.asv.boaviagem.ce.gov.br/Libraries/app
https://www.asv.boaviagem.ce.gov.br/Libraries/app
https://www.asv.boaviagem.ce.gov.br/Libraries/app
https://www.asv.boaviagem.ce.gov.br/Libraries/app
https://www.asv.boaviagem.ce.gov.br/Libraries/app
https://www.asv.boaviagem.ce.gov.br/Libraries/app
https://www.asv.boaviagem.ce.gov.br/Libraries/app
https://www.asv.boaviagem.ce.gov.br/Libraries/app
https://www.asv.boaviagem.ce.gov.br/Libraries/app
https://www.asv.boaviagem.ce.gov.br/Libraries/app
https://www.asv.boaviagem.ce.gov.br/Libraries/app
https://www.asv.boaviagem.ce.gov.br/Libraries/app
https://www.asv.boaviagem.ce.gov.br/Libraries/app
https://www.asv.boaviagem.ce.gov.br/Libraries/app
https://www.asv.boaviagem.ce.gov.br/Libraries/app
https://www.asv.boaviagem.ce.gov.br/Libraries/app
https://www.asv.boaviagem.ce.gov.br/Libraries/app
https://www.asv.boaviagem.ce.gov.br/Libraries/app
https://www.asv.boaviagem.ce.gov.br/Libraries/app
https://www.asv.boaviagem.ce.gov.br/Libraries/app

0
0

GET
H2 200 hide-v0.0.1.svg
s.yimg.com/wm/mbr/images/ 860 KB
646 KB 154ms
41ms Image
image/svg+xml 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/wm/mbr/images/hide-v0.0.1.svg

Requested by

Host: www.asv.boaviagem.ce.gov.br
URL: https://www.asv.boaviagem.ce.gov.br/libraries/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

119acd68e288f17e86722a67e341ec74f7f6a377ec8e15b3914245f57caf6fbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.asv.boaviagem.ce.gov.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

ats-carp-promotion: 1, 1
date: Wed, 17 Apr 2024 20:15:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: 673GXN02F8P9FBCG
age: 785072
x-amz-server-side-encryption: AES256
content-length: 660584
x-amz-id-2: QVMraFxhs0JN0nr/0nDE4/iK4npipd8diji6eOB/lkwi+F56uptPRGSDOYXKyw7so48+xfklt2NDkWNRhsmuIV52fK2s/XCzXXWagAN13sI=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 16 Jul 2019 23:13:44 GMT
server: ATS
etag: "6bd15a1456d985027ba5ca91528e4b1e-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: image/svg+xml
cache-control: public,max-age=315360000
accept-ranges: bytes

GET
H2 200 Yahoo_Sans-Regular.woff2
s.yimg.com/cv/ae/sports/fonts/2017/ 28 KB
29 KB 222ms
124ms Font
font/woff2 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/cv/ae/sports/fonts/2017/Yahoo_Sans-Regular.woff2

Requested by

Host: www.asv.boaviagem.ce.gov.br
URL: https://www.asv.boaviagem.ce.gov.br/libraries/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

fc0e2df417e7959509df87df6b4de2eb1479c8718bc2d8ab0bc70d3753c68560

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.asv.boaviagem.ce.gov.br/
Origin: https://www.asv.boaviagem.ce.gov.br
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

ats-carp-promotion: 1, 1
date: Sun, 31 Mar 2024 10:42:46 GMT
strict-transport-security: max-age=31536000
x-amz-meta-created-date: Tue, 03 Oct 2017 06:22:51 GMT
x-content-type-options: nosniff
x-amz-request-id: WJC6SQFMRJFY6HBH
age: 2288210
x-amz-server-side-encryption: AES256
x-amz-meta-x-ysws-mbst-vtime: 1507011771545398
content-length: 28860
x-amz-id-2: eUqfV3BH2LZbpPpB8piJwTHXInj/5UaUEsDoikmXfIvfPKJpr1yovkLmk6kQ7v5mdf72DepX34A=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 19 Apr 2018 19:06:41 GMT
server: ATS
etag: "a99b283070afc519f4816e4300c515d2"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000,public
accept-ranges: bytes
x-amz-meta-mbst-etag: "YM:1:cb5e4811-e042-455c-b2b2-f984d5f70e0200055a9e8550b736"
x-amz-meta-x-ysws-access: public
expires: Sat, 05 Sep 2026 00:00:00 GMT

GET
H2 200 Yahoo_Sans-Semibold.woff2
s.yimg.com/cv/ae/sports/fonts/2017/ 28 KB
29 KB 210ms
112ms Font
font/woff2 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/cv/ae/sports/fonts/2017/Yahoo_Sans-Semibold.woff2

Requested by

Host: www.asv.boaviagem.ce.gov.br
URL: https://www.asv.boaviagem.ce.gov.br/libraries/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

b8989e0be6a0c3a8a407d8b69b7884eb5ebf401b7eee8b8b98c5eeec3ba497fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.asv.boaviagem.ce.gov.br/
Origin: https://www.asv.boaviagem.ce.gov.br
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

ats-carp-promotion: 1, 1
date: Tue, 23 Apr 2024 09:38:03 GMT
strict-transport-security: max-age=31536000
x-amz-meta-created-date: Tue, 03 Oct 2017 06:22:51 GMT
x-content-type-options: nosniff
x-amz-request-id: NZ00QYY4725B1941
age: 304893
x-amz-server-side-encryption: AES256
x-amz-meta-x-ysws-mbst-vtime: 1507011771480561
content-length: 29040
x-amz-id-2: plpJGuErCGIV7mw+pNhjVBn6dLEAVHANxx8+2mWeAULpk8ZPoxIj3jbUl3w4n24ayp/8KbaaQaY=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 19 Apr 2018 17:33:29 GMT
server: ATS
etag: "af9fdad7698452697b016850fff96423"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000,public
accept-ranges: bytes
x-amz-meta-mbst-etag: "YM:1:95620d49-21c2-4044-b803-58b70c8e419700055a9e854fb9f1"
x-amz-meta-x-ysws-access: public
expires: Sat, 05 Sep 2026 00:00:00 GMT

GET
H2 200 Yahoo_Sans-Medium.woff2
s.yimg.com/cv/ae/sports/fonts/2017/ 29 KB
29 KB 143ms
45ms Font
font/woff2 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/cv/ae/sports/fonts/2017/Yahoo_Sans-Medium.woff2

Requested by

Host: www.asv.boaviagem.ce.gov.br
URL: https://www.asv.boaviagem.ce.gov.br/libraries/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

d5312dacbe6f248c6c4b60251d7acf77bc3bc891cd9b880dead36d9babb288c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.asv.boaviagem.ce.gov.br/
Origin: https://www.asv.boaviagem.ce.gov.br
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

ats-carp-promotion: 1, 1
date: Tue, 19 Mar 2024 06:36:28 GMT
strict-transport-security: max-age=31536000
x-amz-meta-created-date: Tue, 03 Oct 2017 06:22:52 GMT
x-content-type-options: nosniff
x-amz-request-id: GVYDD434DAZV0N2Z
age: 3339788
x-amz-server-side-encryption: AES256
x-amz-meta-x-ysws-mbst-vtime: 1507011772247755
content-length: 29228
x-amz-id-2: aTpwAQhFIjgYrCYW/CwWRDjrto8fnwAW2zSn0edvtbhuLHo8w+ShGed2ZwiozI6dUidAGWkPmOY=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 19 Apr 2018 16:25:50 GMT
server: ATS
etag: "7c7c02dcee2bf1c2528db6092d4ad1fa"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000,public
accept-ranges: bytes
x-amz-meta-mbst-etag: "YM:1:1bb49599-26ac-442e-b6b8-f4e40f067ea500055a9e855b6ecb"
x-amz-meta-x-ysws-access: public
expires: Sat, 05 Sep 2026 00:00:00 GMT

GET
H2 200 Yahoo_Sans-ExtraBold.woff2
s.yimg.com/cv/ae/sports/fonts/2017/ 28 KB
28 KB 250ms
153ms Font
font/woff2 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/cv/ae/sports/fonts/2017/Yahoo_Sans-ExtraBold.woff2

Requested by

Host: www.asv.boaviagem.ce.gov.br
URL: https://www.asv.boaviagem.ce.gov.br/libraries/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b229d1d0e49226f929a219c007a701c2c2646ef75c215e427a28e36466ab1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.asv.boaviagem.ce.gov.br/
Origin: https://www.asv.boaviagem.ce.gov.br
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

ats-carp-promotion: 1, 1
date: Tue, 23 Apr 2024 12:28:51 GMT
strict-transport-security: max-age=31536000
x-amz-meta-created-date: Tue, 03 Oct 2017 06:22:51 GMT
x-content-type-options: nosniff
x-amz-request-id: 4D1T5HTATFXTCH9A
age: 294646
x-amz-server-side-encryption: AES256
x-amz-meta-x-ysws-mbst-vtime: 1507011771924800
content-length: 28808
x-amz-id-2: 7Cm8LAr7r8SKrT7XCUgB2PRNSOXDdDL9Fj1hZgnxGSlToqImWn64BvtiWgMz+J1mz57+WzIXJNk=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 19 Apr 2018 19:01:13 GMT
server: ATS
etag: "632a74de7778e84fd6e92f2f6c49f1c3"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000,public
accept-ranges: bytes
x-amz-meta-mbst-etag: "YM:1:1ccdd2c4-6102-4773-912a-83dcdcf0e3cd00055a9e85568140"
x-amz-meta-x-ysws-access: public
expires: Sat, 05 Sep 2026 00:00:00 GMT

GET
H2 200 favicon-img-v0.0.2.ico
www.asv.boaviagem.ce.gov.br/libraries/ 1 KB
1 KB 146ms
145ms Other
image/x-icon 138.128.166.178
DIMENOC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.asv.boaviagem.ce.gov.br/libraries/favicon-img-v0.0.2.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 138.128.166.178 Orlando, United States, ASN33182 (DIMENOC, US),
Reverse DNS: server2.assesi.com
Software: Apache /
Resource Hash: 4a491acd00880c407a2b749619003716c87e9c25ac344e5934c13e8f9aa0e8b3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.asv.boaviagem.ce.gov.br/app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 22:19:41 GMT
last-modified: Fri, 08 Apr 2022 17:43:56 GMT
server: Apache
accept-ranges: bytes
etag: "25406a0-57e-5dc282380cf00"
content-length: 1406
content-type: image/x-icon

GET
H2 200 favicon-img-v0.0.2.ico
www.asv.boaviagem.ce.gov.br/libraries/ 1 KB
0 0ms
0ms Other
image/x-icon 138.128.166.178
DIMENOC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.asv.boaviagem.ce.gov.br/libraries/favicon-img-v0.0.2.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 138.128.166.178 Orlando, United States, ASN33182 (DIMENOC, US),
Reverse DNS: server2.assesi.com
Software: Apache /
Resource Hash: 4a491acd00880c407a2b749619003716c87e9c25ac344e5934c13e8f9aa0e8b3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.asv.boaviagem.ce.gov.br/app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 22:19:41 GMT
last-modified: Fri, 08 Apr 2022 17:43:56 GMT
server: Apache
accept-ranges: bytes
etag: "25406a0-57e-5dc282380cf00"
content-length: 1406
content-type: image/x-icon

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.asv.boaviagem.ce.gov.br
URL: https://www.asv.boaviagem.ce.gov.br/Libraries/app

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Yahoo (Online)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| FunctionShow

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.asv.boaviagem.ce.gov.br/	1969-12-31 23:59:59	Name: PHPSESSID Value: aa256d61abd4a9df929660db68300e96

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.asv.boaviagem.ce.gov.br/Libraries/app Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

asv.boaviagem.ce.gov.br
s.yimg.com
www.asv.boaviagem.ce.gov.br
www.asv.boaviagem.ce.gov.br
138.128.166.178
2a00:1288:80:807::1
0fdefe26bac6a6b0b06fe67984582f887af70b7da25d6cb1b401f9074db58338
119acd68e288f17e86722a67e341ec74f7f6a377ec8e15b3914245f57caf6fbf
153fa24a836bcba71a95f5852d592b050dd164df2006ed34c909cfb776605870
4a491acd00880c407a2b749619003716c87e9c25ac344e5934c13e8f9aa0e8b3
4f47ef8ff3dad2a78360ab207cf35ff2905622511c0426109f6e225052cf5637
b7719303cdf1b1145820d2a4f93274d7c99e07e8f4fd4a056ff5ba0ec57d464d
b8989e0be6a0c3a8a407d8b69b7884eb5ebf401b7eee8b8b98c5eeec3ba497fa
d5312dacbe6f248c6c4b60251d7acf77bc3bc891cd9b880dead36d9babb288c4
e3b229d1d0e49226f929a219c007a701c2c2646ef75c215e427a28e36466ab1b
fc0e2df417e7959509df87df6b4de2eb1479c8718bc2d8ab0bc70d3753c68560

www.asv.boaviagem.ce.gov.br Open in urlscan Pro 138.128.166.178 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

12 Requests

92 %HTTPS

50 %IPv6

2 Domains

3 Subdomains

3 IPs

2 Countries

1284 kBTransfer

1497 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

1 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

www.asv.boaviagem.ce.gov.br Open in urlscan Pro
138.128.166.178 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

92 %
HTTPS

50 %
IPv6

2
Domains

3
Subdomains

3
IPs

2
Countries

1284 kB
Transfer

1497 kB
Size

1
Cookies

12 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!