www.asv.boaviagem.ce.gov.br
Open in
urlscan Pro
138.128.166.178
Malicious Activity!
Public Scan
Effective URL: https://www.asv.boaviagem.ce.gov.br/app/
Submission: On April 26 via api from US — Scanned from DE
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on March 8th 2024. Valid for: 3 months.
This is the only time www.asv.boaviagem.ce.gov.br was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Yahoo (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 8 | 138.128.166.178 138.128.166.178 | 33182 (DIMENOC) (DIMENOC) | |
5 | 2a00:1288:80:... 2a00:1288:80:807::1 | 203220 (YAHOO-DEB) (YAHOO-DEB) | |
12 | 3 |
ASN33182 (DIMENOC, US)
PTR: server2.assesi.com
asv.boaviagem.ce.gov.br | |
www.asv.boaviagem.ce.gov.br |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
boaviagem.ce.gov.br
2 redirects
asv.boaviagem.ce.gov.br www.asv.boaviagem.ce.gov.br |
524 KB |
5 |
yimg.com
s.yimg.com — Cisco Umbrella Rank: 651 |
761 KB |
12 | 2 |
Domain | Requested by | |
---|---|---|
7 | www.asv.boaviagem.ce.gov.br |
1 redirects
www.asv.boaviagem.ce.gov.br
|
5 | s.yimg.com |
www.asv.boaviagem.ce.gov.br
|
1 | asv.boaviagem.ce.gov.br | 1 redirects |
12 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
asv.boaviagem.ce.gov.br cPanel, Inc. Certification Authority |
2024-03-08 - 2024-06-06 |
3 months | crt.sh |
*.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA |
2024-04-02 - 2024-05-22 |
2 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.asv.boaviagem.ce.gov.br/app/
Frame ID: C9C08FC78B456218BB2AC064DCC739E6
Requests: 12 HTTP requests in this frame
Screenshot
Page Title
YahooPage URL History Show full URLs
-
http://asv.boaviagem.ce.gov.br/app
HTTP 307
https://asv.boaviagem.ce.gov.br/app HTTP 301
https://www.asv.boaviagem.ce.gov.br/app HTTP 301
https://www.asv.boaviagem.ce.gov.br/app/ Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://asv.boaviagem.ce.gov.br/app
HTTP 307
https://asv.boaviagem.ce.gov.br/app HTTP 301
https://www.asv.boaviagem.ce.gov.br/app HTTP 301
https://www.asv.boaviagem.ce.gov.br/app/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 3- https://www.asv.boaviagem.ce.gov.br/Libraries/jquery.min.js HTTP 302
- https://www.asv.boaviagem.ce.gov.br/Libraries/app HTTP 302
- https://www.asv.boaviagem.ce.gov.br/Libraries/app HTTP 302
- https://www.asv.boaviagem.ce.gov.br/Libraries/app HTTP 302
- https://www.asv.boaviagem.ce.gov.br/Libraries/app HTTP 302
- https://www.asv.boaviagem.ce.gov.br/Libraries/app HTTP 302
- https://www.asv.boaviagem.ce.gov.br/Libraries/app HTTP 302
- https://www.asv.boaviagem.ce.gov.br/Libraries/app HTTP 302
- https://www.asv.boaviagem.ce.gov.br/Libraries/app HTTP 302
- https://www.asv.boaviagem.ce.gov.br/Libraries/app HTTP 302
- https://www.asv.boaviagem.ce.gov.br/Libraries/app HTTP 302
- https://www.asv.boaviagem.ce.gov.br/Libraries/app HTTP 302
- https://www.asv.boaviagem.ce.gov.br/Libraries/app HTTP 302
- https://www.asv.boaviagem.ce.gov.br/Libraries/app HTTP 302
- https://www.asv.boaviagem.ce.gov.br/Libraries/app HTTP 302
- https://www.asv.boaviagem.ce.gov.br/Libraries/app HTTP 302
- https://www.asv.boaviagem.ce.gov.br/Libraries/app HTTP 302
- https://www.asv.boaviagem.ce.gov.br/Libraries/app HTTP 302
- https://www.asv.boaviagem.ce.gov.br/Libraries/app HTTP 302
- https://www.asv.boaviagem.ce.gov.br/Libraries/app HTTP 302
- https://www.asv.boaviagem.ce.gov.br/Libraries/app
12 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.asv.boaviagem.ce.gov.br/app/ Redirect Chain
|
4 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.css
www.asv.boaviagem.ce.gov.br/libraries/ |
515 KB 515 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
frontpage_en-US_s_f_p_bestfit_frontpage_2x.png
www.asv.boaviagem.ce.gov.br/libraries/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
frontpage_en-US_s_f_w_bestfit_frontpage_2x.png
www.asv.boaviagem.ce.gov.br/libraries/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
app
www.asv.boaviagem.ce.gov.br/Libraries/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hide-v0.0.1.svg
s.yimg.com/wm/mbr/images/ |
860 KB 646 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Yahoo_Sans-Regular.woff2
s.yimg.com/cv/ae/sports/fonts/2017/ |
28 KB 29 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Yahoo_Sans-Semibold.woff2
s.yimg.com/cv/ae/sports/fonts/2017/ |
28 KB 29 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Yahoo_Sans-Medium.woff2
s.yimg.com/cv/ae/sports/fonts/2017/ |
29 KB 29 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Yahoo_Sans-ExtraBold.woff2
s.yimg.com/cv/ae/sports/fonts/2017/ |
28 KB 28 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon-img-v0.0.2.ico
www.asv.boaviagem.ce.gov.br/libraries/ |
1 KB 1 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon-img-v0.0.2.ico
www.asv.boaviagem.ce.gov.br/libraries/ |
1 KB 0 |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.asv.boaviagem.ce.gov.br
- URL
- https://www.asv.boaviagem.ce.gov.br/Libraries/app
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Yahoo (Online)1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| FunctionShow1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.asv.boaviagem.ce.gov.br/ | Name: PHPSESSID Value: aa256d61abd4a9df929660db68300e96 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
asv.boaviagem.ce.gov.br
s.yimg.com
www.asv.boaviagem.ce.gov.br
www.asv.boaviagem.ce.gov.br
138.128.166.178
2a00:1288:80:807::1
0fdefe26bac6a6b0b06fe67984582f887af70b7da25d6cb1b401f9074db58338
119acd68e288f17e86722a67e341ec74f7f6a377ec8e15b3914245f57caf6fbf
153fa24a836bcba71a95f5852d592b050dd164df2006ed34c909cfb776605870
4a491acd00880c407a2b749619003716c87e9c25ac344e5934c13e8f9aa0e8b3
4f47ef8ff3dad2a78360ab207cf35ff2905622511c0426109f6e225052cf5637
b7719303cdf1b1145820d2a4f93274d7c99e07e8f4fd4a056ff5ba0ec57d464d
b8989e0be6a0c3a8a407d8b69b7884eb5ebf401b7eee8b8b98c5eeec3ba497fa
d5312dacbe6f248c6c4b60251d7acf77bc3bc891cd9b880dead36d9babb288c4
e3b229d1d0e49226f929a219c007a701c2c2646ef75c215e427a28e36466ab1b
fc0e2df417e7959509df87df6b4de2eb1479c8718bc2d8ab0bc70d3753c68560