smcsistemas.com.br Open in urlscan Pro
2606:4700:3031::ac43:b7f8  Malicious Activity! Public Scan

URL: https://smcsistemas.com.br/00000/__MACOSX/cd/ddh/rbk/unblock_verification/customer_center/customer-IDPP00C552/settings/sett...
Submission Tags: phishing malicious Search All
Submission: On March 04 via api from US

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 16 HTTP transactions. The main IP is 2606:4700:3031::ac43:b7f8, located in United States and belongs to CLOUDFLARENET, US. The main domain is smcsistemas.com.br.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 11th 2020. Valid for: a year.
This is the only time smcsistemas.com.br was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: PayPal (Financial)

Domain & IP information

IP Address AS Autonomous System
9 2606:4700:303... 13335 (CLOUDFLAR...)
6 104.111.228.123 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
16 3
Domain Requested by
9 smcsistemas.com.br smcsistemas.com.br
6 www.paypalobjects.com smcsistemas.com.br
www.paypalobjects.com
1 ajax.googleapis.com smcsistemas.com.br
16 3

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-07-11 -
2021-07-11
a year crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA
2021-01-13 -
2022-01-11
a year crt.sh
upload.video.google.com
GTS CA 1O1
2021-02-17 -
2021-05-12
3 months crt.sh

This page contains 1 frames:

Primary Page: https://smcsistemas.com.br/00000/__MACOSX/cd/ddh/rbk/unblock_verification/customer_center/customer-IDPP00C552/settings/settings.php
Frame ID: 87C158B8952AABF3D0AD7E8B605AC909
Requests: 16 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i

Overall confidence: 100%
Detected patterns
  • script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

16
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

174 kB
Transfer

619 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request settings.php
smcsistemas.com.br/00000/__MACOSX/cd/ddh/rbk/unblock_verification/customer_center/customer-IDPP00C552/settings/
41 KB
5 KB
Document
General
Full URL
https://smcsistemas.com.br/00000/__MACOSX/cd/ddh/rbk/unblock_verification/customer_center/customer-IDPP00C552/settings/settings.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:b7f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.11
Resource Hash
030178adec358aa05180be373000a0ff317362f589c622c184a69faca1606849
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
smcsistemas.com.br
:scheme
https
:path
/00000/__MACOSX/cd/ddh/rbk/unblock_verification/customer_center/customer-IDPP00C552/settings/settings.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 23:16:05 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=dadcec9ee2d0254e948773f089b0520e01614899765; expires=Sat, 03-Apr-21 23:16:05 GMT; path=/; domain=.smcsistemas.com.br; HttpOnly; SameSite=Lax PHPSESSID=7158980bfcb6fcdbb1d8fae1124269af; path=/; secure
x-powered-by
PHP/7.4.11
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
vary
Accept-Encoding
x-content-type
nosniff
x_forwarded_for
104.16.77.187
remote_addr
104.16.77.187
host
www.fbi.gov
origin
https://www.fbi.gov
referer
https://www.fbi.gov
x-forwarded-host
www.fbi.gov
x-forwarded-proto
https
x-xss-protection
1; mode=block
x-turbo-charged-by
LiteSpeed
cf-cache-status
DYNAMIC
cf-request-id
08a11ff76900004aa3023e3000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Zy6%2FetgxRgzezMqDl8IxECpeDSvvxV2Idu3UAQu27Tbc1eOd0G7rwX9v1CvhcUl1bK6Ugr26%2ByuqScVFFBr6oWfVS%2BtheSnzSPNm45nqGk83N9KNRbsW%2BZcou%2F28qOY%3D"}],"max_age":604800}
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
cf-ray
62aecf6bd9444aa3-FRA
content-encoding
br
bootstrap.js
www.paypalobjects.com/tagmgmt/
19 B
373 B
Script
General
Full URL
https://www.paypalobjects.com/tagmgmt/bootstrap.js
Requested by
Host: smcsistemas.com.br
URL: https://smcsistemas.com.br/00000/__MACOSX/cd/ddh/rbk/unblock_verification/customer_center/customer-IDPP00C552/settings/settings.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-228-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
be5c4f71eea822cbdcaefcf92963ab573e903f75a60b8bc0793e4eec935a1187
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://smcsistemas.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 23:16:05 GMT
x-content-type-options
nosniff
surrogate-control
max-age=31536000
paypal-debug-id
acdb1298a11e6
dc
ccg11-origin-www-2.paypal.com
vary
Accept-Encoding
content-length
19
last-modified
Thu, 01 Oct 2020 22:15:27 GMT
etag
"5f7654ff-13"
strict-transport-security
max-age=31536000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
access-control-allow-headers
x-csrf-token
expires
Fri, 05 Mar 2021 00:16:05 GMT
Mnine.css
smcsistemas.com.br/00000/__MACOSX/cd/ddh/rbk/unblock_verification/customer_center/customer-IDPP00C552/Mfiles/
4 KB
1 KB
Stylesheet
General
Full URL
https://smcsistemas.com.br/00000/__MACOSX/cd/ddh/rbk/unblock_verification/customer_center/customer-IDPP00C552/Mfiles/Mnine.css
Requested by
Host: smcsistemas.com.br
URL: https://smcsistemas.com.br/00000/__MACOSX/cd/ddh/rbk/unblock_verification/customer_center/customer-IDPP00C552/settings/settings.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:b7f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1598dbf18a68b1cfd8bf8119582aed8ee50e6cae71b0b20aa2cac606c6807b8
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Device-Memory
8
Referer
https://smcsistemas.com.br/00000/__MACOSX/cd/ddh/rbk/unblock_verification/customer_center/customer-IDPP00C552/settings/settings.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 23:16:05 GMT
content-encoding
br
origin
https://www.fbi.gov
cf-cache-status
MISS
nel
{"max_age":604800,"report_to":"cf-nel"}
x-forwarded-host
www.fbi.gov
x_forwarded_for
104.16.77.187
x-forwarded-proto
https
x-xss-protection
1; mode=block
x-content-type
nosniff
remote_addr
104.16.77.187
last-modified
Thu, 04 Mar 2021 22:38:07 GMT
server
cloudflare
host
www.fbi.gov
etag
W/"10f5-6041614f-98ba164be69daf6e;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=avkINSH%2FpzOnYQP%2BTkBsm4KdzmzzsL4TabeLInnPeBmGAw%2BdsN1Fa5uJiW%2FichrY0PyWrkqKMO0nFeg%2FJzYWRShSUuSIHdE4LDEW3CEd%2BDp42sgqBREgdNiJ9J1P35I%3D"}],"max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-request-id
08a11ff97a00004aa353163000000001
referer
https://www.fbi.gov
cf-ray
62aecf6f2cb94aa3-FRA
expires
Thu, 11 Mar 2021 23:16:05 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/
85 KB
30 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: smcsistemas.com.br
URL: https://smcsistemas.com.br/00000/__MACOSX/cd/ddh/rbk/unblock_verification/customer_center/customer-IDPP00C552/settings/settings.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://smcsistemas.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 19:20:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14150
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30399
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Mar 2022 19:20:15 GMT
Meightx.css
smcsistemas.com.br/00000/__MACOSX/cd/ddh/rbk/unblock_verification/customer_center/customer-IDPP00C552/Mfiles/
3 KB
639 B
Stylesheet
General
Full URL
https://smcsistemas.com.br/00000/__MACOSX/cd/ddh/rbk/unblock_verification/customer_center/customer-IDPP00C552/Mfiles/Meightx.css
Requested by
Host: smcsistemas.com.br
URL: https://smcsistemas.com.br/00000/__MACOSX/cd/ddh/rbk/unblock_verification/customer_center/customer-IDPP00C552/settings/settings.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:b7f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4d96d6f4875c408829b1232d458ef55416c2a092b17825ef7ad31534082e4d1
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Device-Memory
8
Referer
https://smcsistemas.com.br/00000/__MACOSX/cd/ddh/rbk/unblock_verification/customer_center/customer-IDPP00C552/settings/settings.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 23:16:05 GMT
content-encoding
br
origin
https://www.fbi.gov
cf-cache-status
MISS
nel
{"max_age":604800,"report_to":"cf-nel"}
x-forwarded-host
www.fbi.gov
x_forwarded_for
104.16.77.187
x-forwarded-proto
https
x-xss-protection
1; mode=block
x-content-type
nosniff
remote_addr
104.16.77.187
last-modified
Thu, 04 Mar 2021 22:38:07 GMT
server
cloudflare
host
www.fbi.gov
etag
W/"a2d-6041614f-8b903da99fba7a08;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=E9vUoC9%2BxEtEv8uVBT64vcuH%2BsjVo%2FxWbbf8TY6LQIFnL2WB2rGW1PetQUv%2BuyMQ9ko1l1RSJEEK6SsHQltzM32qAu%2FdfmXbj353Tc%2BRteNl%2FAaT3T922hbdjskiHRg%3D"}],"max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-request-id
08a11ff97b00004aa320b76000000001
referer
https://www.fbi.gov
cf-ray
62aecf6f2cbb4aa3-FRA
expires
Thu, 11 Mar 2021 23:16:05 GMT
styles.css
www.paypalobjects.com/web/res/b68/a04c217f6513295c043c0faf19ab1/css/
361 KB
59 KB
Stylesheet
General
Full URL
https://www.paypalobjects.com/web/res/b68/a04c217f6513295c043c0faf19ab1/css/styles.css
Requested by
Host: smcsistemas.com.br
URL: https://smcsistemas.com.br/00000/__MACOSX/cd/ddh/rbk/unblock_verification/customer_center/customer-IDPP00C552/settings/settings.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-228-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
540503e73fddf12b8ef60938b17c79f489c3febbc33b91ce7bce9a5796b3211d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://smcsistemas.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 23:16:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
surrogate-control
max-age=31536000
paypal-debug-id
1b40e998d1bbb
dc
ccg11-origin-www-3.paypal.com
vary
Accept-Encoding
content-length
59840
last-modified
Mon, 13 Aug 2018 20:04:45 GMT
etag
W/"5b71e45d-5a48c"
strict-transport-security
max-age=31536000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-headers
x-csrf-token
expires
Fri, 04 Mar 2022 23:16:05 GMT
Mthree.js
smcsistemas.com.br/00000/__MACOSX/cd/ddh/rbk/unblock_verification/customer_center/customer-IDPP00C552/Mfiles/
18 KB
5 KB
Script
General
Full URL
https://smcsistemas.com.br/00000/__MACOSX/cd/ddh/rbk/unblock_verification/customer_center/customer-IDPP00C552/Mfiles/Mthree.js
Requested by
Host: smcsistemas.com.br
URL: https://smcsistemas.com.br/00000/__MACOSX/cd/ddh/rbk/unblock_verification/customer_center/customer-IDPP00C552/settings/settings.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:b7f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf1f0d954cbbbcb32d170b1ff68c5b082a1086f34f2bbee825ca88b7c9fb213a
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Device-Memory
8
Referer
https://smcsistemas.com.br/00000/__MACOSX/cd/ddh/rbk/unblock_verification/customer_center/customer-IDPP00C552/settings/settings.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 23:16:05 GMT
content-encoding
br
origin
https://www.fbi.gov
cf-cache-status
MISS
nel
{"max_age":604800,"report_to":"cf-nel"}
x-forwarded-host
www.fbi.gov
x_forwarded_for
104.16.77.187
x-forwarded-proto
https
x-xss-protection
1; mode=block
x-content-type
nosniff
remote_addr
104.16.77.187
last-modified
Thu, 04 Mar 2021 22:38:07 GMT
server
cloudflare
host
www.fbi.gov
etag
W/"47fe-6041614f-a23f3c53034b2458;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tD%2F63RiEl8poQvp5mCSSJQ60Y3dVoqKsMI4xHreg2Csj0JOYsT%2FPRji7Aro6gsEhy8Dj5ezK97Wf%2B%2B5sgnfpX%2BcSWgzC4rQsCGCwuHUN2jvZ8YiS5vwMXZcKSbX0atY%3D"}],"max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-request-id
08a11ff97b00004aa32db73000000001
referer
https://www.fbi.gov
cf-ray
62aecf6f2cbd4aa3-FRA
expires
Thu, 11 Mar 2021 23:16:05 GMT
Mfour.js
smcsistemas.com.br/00000/__MACOSX/cd/ddh/rbk/unblock_verification/customer_center/customer-IDPP00C552/Mfiles/
45 KB
12 KB
Script
General
Full URL
https://smcsistemas.com.br/00000/__MACOSX/cd/ddh/rbk/unblock_verification/customer_center/customer-IDPP00C552/Mfiles/Mfour.js
Requested by
Host: smcsistemas.com.br
URL: https://smcsistemas.com.br/00000/__MACOSX/cd/ddh/rbk/unblock_verification/customer_center/customer-IDPP00C552/settings/settings.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:b7f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
336dd9aba660c04506c40a3be54c507b0591a07657a3f9a92d5916c5043cc9c1
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Device-Memory
8
Referer
https://smcsistemas.com.br/00000/__MACOSX/cd/ddh/rbk/unblock_verification/customer_center/customer-IDPP00C552/settings/settings.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 23:16:05 GMT
content-encoding
br
origin
https://www.fbi.gov
cf-cache-status
MISS
nel
{"max_age":604800,"report_to":"cf-nel"}
x-forwarded-host
www.fbi.gov
x_forwarded_for
104.16.77.187
x-forwarded-proto
https
x-xss-protection
1; mode=block
x-content-type
nosniff
remote_addr
104.16.77.187
last-modified
Thu, 04 Mar 2021 22:38:07 GMT
server
cloudflare
host
www.fbi.gov
etag
W/"b28f-6041614f-3083d79315c462ae;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tpTBNJ4XpCZ0spw4oAksSDPA5w2U48AvMm5YPokNSLdc3YAiBLM4D7WCwZZ%2BaIVGqzaU7VQGMExTZEoMEr4PqfQAmjdnX%2FkaWW7fcd9S0ZA89c92CCakCEXkj9Hs39c%3D"}],"max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-request-id
08a11ff97b00004aa33f277000000001
referer
https://www.fbi.gov
cf-ray
62aecf6f2cbe4aa3-FRA
expires
Thu, 11 Mar 2021 23:16:05 GMT
Msix.js
smcsistemas.com.br/00000/__MACOSX/cd/ddh/rbk/unblock_verification/customer_center/customer-IDPP00C552/Mfiles/
6 KB
2 KB
Script
General
Full URL
https://smcsistemas.com.br/00000/__MACOSX/cd/ddh/rbk/unblock_verification/customer_center/customer-IDPP00C552/Mfiles/Msix.js
Requested by
Host: smcsistemas.com.br
URL: https://smcsistemas.com.br/00000/__MACOSX/cd/ddh/rbk/unblock_verification/customer_center/customer-IDPP00C552/settings/settings.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:b7f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15efea636446e7652ab9811c16772675888081aaf2b48ec8c1394dea43df4c75
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Device-Memory
8
Referer
https://smcsistemas.com.br/00000/__MACOSX/cd/ddh/rbk/unblock_verification/customer_center/customer-IDPP00C552/settings/settings.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 23:16:05 GMT
content-encoding
br
origin
https://www.fbi.gov
cf-cache-status
MISS
nel
{"max_age":604800,"report_to":"cf-nel"}
x-forwarded-host
www.fbi.gov
x_forwarded_for
104.16.77.187
x-forwarded-proto
https
x-xss-protection
1; mode=block
x-content-type
nosniff
remote_addr
104.16.77.187
last-modified
Thu, 04 Mar 2021 22:38:07 GMT
server
cloudflare
host
www.fbi.gov
etag
W/"1826-6041614f-b28320a248c0b52f;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WrrOxBT8D2HWGiDtWRQEEjSA2v437vgVkchHWXQjeGuOvKwJhC0g3x7tjO0qZrGJOA3GiV4nnGt0lINhE6KN3dDALwUZfSm7Or3m6mCvGI3xjW4%2B%2F9I2msgwJTLMm1g%3D"}],"max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-request-id
08a11ff97b00004aa37eb76000000001
referer
https://www.fbi.gov
cf-ray
62aecf6f2cbf4aa3-FRA
expires
Thu, 11 Mar 2021 23:16:05 GMT
hermes_window_sprite_v16.png
www.paypalobjects.com/images/checkout/hermes/
15 KB
16 KB
Image
General
Full URL
https://www.paypalobjects.com/images/checkout/hermes/hermes_window_sprite_v16.png
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/b68/a04c217f6513295c043c0faf19ab1/css/styles.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-228-123.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
70eef1ed9452841efc7d4431e939d1bddb703d6b0ac4a9d64c097a0f68d65414
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypalobjects.com/web/res/b68/a04c217f6513295c043c0faf19ab1/css/styles.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 23:16:05 GMT
x-content-type-options
nosniff
last-modified
Mon, 01 Mar 2021 02:11:26 GMT
server
Akamai Image Manager
etag
"nnzRlS9MBgJaF5KTitXTyIJxOe9T0imDmyJbBzcjo2U"
strict-transport-security
max-age=31536000
content-type
image/webp
cache-control
private, no-transform, max-age=43200
content-length
15830
expires
Fri, 05 Mar 2021 11:16:05 GMT
sprite_logos_wallet_v10_1x.png
www.paypalobjects.com/images/checkout/hermes/
6 KB
6 KB
Image
General
Full URL
https://www.paypalobjects.com/images/checkout/hermes/sprite_logos_wallet_v10_1x.png
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/b68/a04c217f6513295c043c0faf19ab1/css/styles.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-228-123.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
7094f0d2b5ce9e9387eabf7ef3fa0f48b2cdcf8f0fc54d5d9d560429869a350d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypalobjects.com/web/res/b68/a04c217f6513295c043c0faf19ab1/css/styles.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 23:16:05 GMT
x-content-type-options
nosniff
x-check-cacheable
YES
x-serial
2
etag
"60271b45-2d75"
strict-transport-security
max-age=31536000
content-type
image/webp
cache-control
private, no-transform, max-age=43200
last-modified
Mon, 01 Mar 2021 01:45:14 GMT
content-length
5940
server
Akamai Image Manager
expires
Fri, 05 Mar 2021 11:16:05 GMT
Mten.png
smcsistemas.com.br/00000/__MACOSX/cd/ddh/rbk/unblock_verification/customer_center/customer-IDPP00C552/Mpic/
24 KB
24 KB
Image
General
Full URL
https://smcsistemas.com.br/00000/__MACOSX/cd/ddh/rbk/unblock_verification/customer_center/customer-IDPP00C552/Mpic/Mten.png
Requested by
Host: smcsistemas.com.br
URL: https://smcsistemas.com.br/00000/__MACOSX/cd/ddh/rbk/unblock_verification/customer_center/customer-IDPP00C552/settings/settings.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:b7f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a47f9feda7682c5085fa780e2560144c5bc70caa592a8d1a345a852948efa94a
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Device-Memory
8
Referer
https://smcsistemas.com.br/00000/__MACOSX/cd/ddh/rbk/unblock_verification/customer_center/customer-IDPP00C552/settings/settings.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 23:16:06 GMT
origin
https://www.fbi.gov
cf-cache-status
MISS
nel
{"max_age":604800,"report_to":"cf-nel"}
x-forwarded-host
www.fbi.gov
x_forwarded_for
104.16.77.187
x-forwarded-proto
https
content-length
24180
x-xss-protection
1; mode=block
x-content-type
nosniff
accept-ranges
bytes
remote_addr
104.16.77.187
last-modified
Thu, 04 Mar 2021 22:38:07 GMT
server
cloudflare
host
www.fbi.gov
etag
"5e74-6041614f-7dc26dec39f63fa7;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1HJYwlGzTeYFqSLvY8drois5OYtV8VZuuhoY%2Fl9AHdvw6vu7vjeuvZ2DI5joYHJfQVtKgHvT3wQp33W540fGslAM7b8n8%2BHEXPSXyOD5SA9xOLzyPeBAPqSwiaxPlW0%3D"}],"max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-request-id
08a11ffa7a00004aa316822000000001
referer
https://www.fbi.gov
cf-ray
62aecf70ceb34aa3-FRA
expires
Thu, 11 Mar 2021 23:16:06 GMT
sprite_forms_1x.png
www.paypalobjects.com/images/shared/
11 KB
11 KB
Image
General
Full URL
https://www.paypalobjects.com/images/shared/sprite_forms_1x.png
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/b68/a04c217f6513295c043c0faf19ab1/css/styles.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-228-123.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
17cb711cb21fb35211d663cd3a445c5e41e2e233349ad9761440569e00995794
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypalobjects.com/web/res/b68/a04c217f6513295c043c0faf19ab1/css/styles.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 23:16:05 GMT
x-content-type-options
nosniff
x-check-cacheable
YES
x-serial
1134
etag
"60271b47-3940"
strict-transport-security
max-age=31536000
content-type
image/webp
cache-control
private, no-transform, max-age=43200
last-modified
Mon, 01 Mar 2021 01:54:41 GMT
content-length
10980
server
Akamai Image Manager
expires
Fri, 05 Mar 2021 11:16:05 GMT
scr_vp_fprd_shield_bags.png
www.paypalobjects.com/images/checkout/hermes/
2 KB
2 KB
Image
General
Full URL
https://www.paypalobjects.com/images/checkout/hermes/scr_vp_fprd_shield_bags.png
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/b68/a04c217f6513295c043c0faf19ab1/css/styles.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-228-123.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
d2b1f1c0d6cecdeef42cea8e7ce26178d59a603ae18847896519500b0ac911de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypalobjects.com/web/res/b68/a04c217f6513295c043c0faf19ab1/css/styles.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 23:16:05 GMT
x-content-type-options
nosniff
last-modified
Fri, 12 Feb 2021 06:57:04 GMT
server
Akamai Image Manager
etag
"kUreO+d0P7chp8ydUtcXSEorG9XPq0VelcAaZkMjlvI"
strict-transport-security
max-age=31536000
content-type
image/webp
cache-control
private, no-transform, max-age=43200
content-length
1730
expires
Fri, 05 Mar 2021 11:16:05 GMT
PayPalSansBig-Regular.woff2
smcsistemas.com.br/00000/__MACOSX/cd/ddh/rbk/unblock_verification/customer_center/customer-IDPP00C552/Mfiles/
0
0
Font
General
Full URL
https://smcsistemas.com.br/00000/__MACOSX/cd/ddh/rbk/unblock_verification/customer_center/customer-IDPP00C552/Mfiles/PayPalSansBig-Regular.woff2
Requested by
Host: smcsistemas.com.br
URL: https://smcsistemas.com.br/00000/__MACOSX/cd/ddh/rbk/unblock_verification/customer_center/customer-IDPP00C552/Mfiles/Mnine.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:b7f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Device-Memory
8
Referer
https://smcsistemas.com.br/00000/__MACOSX/cd/ddh/rbk/unblock_verification/customer_center/customer-IDPP00C552/Mfiles/Mnine.css
Origin
https://smcsistemas.com.br
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 23:16:06 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 25 Jun 2019 07:01:49 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XqTLMWPkuTb%2FYkJW7Hyf1tTDWhYCKN6itpqkNNUsh4jLyk%2F5xDuYxySWHu0bp%2FYDCAHmRLLf3a66vyEZJy3zAaSfWV9OabbwM8HJ%2FYxo5xbjY7Bvo%2BhxLz9SWgBO83o%3D"}],"max_age":604800}
content-type
text/html
cache-control
max-age=14400
nel
{"max_age":604800,"report_to":"cf-nel"}
x-turbo-charged-by
LiteSpeed
cf-ray
62aecf70dec94aa3-FRA
cf-request-id
08a11ffa8400004aa30c34f000000001
PayPalSansBig-Regular.woff
smcsistemas.com.br/00000/__MACOSX/cd/ddh/rbk/unblock_verification/customer_center/customer-IDPP00C552/Mfiles/
0
0
Font
General
Full URL
https://smcsistemas.com.br/00000/__MACOSX/cd/ddh/rbk/unblock_verification/customer_center/customer-IDPP00C552/Mfiles/PayPalSansBig-Regular.woff
Requested by
Host: smcsistemas.com.br
URL: https://smcsistemas.com.br/00000/__MACOSX/cd/ddh/rbk/unblock_verification/customer_center/customer-IDPP00C552/Mfiles/Mnine.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:b7f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Device-Memory
8
Referer
https://smcsistemas.com.br/00000/__MACOSX/cd/ddh/rbk/unblock_verification/customer_center/customer-IDPP00C552/Mfiles/Mnine.css
Origin
https://smcsistemas.com.br
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 23:16:06 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 25 Jun 2019 07:01:49 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=act1QpurX51BR%2BiFNXuNOyB3RTkuqk6GJl6nH7YFicZvnklI9%2Bd3sGJnZfQhzHFd6KJ%2F4SYC3W53KAqs9I0HjO%2FJqwkHS8oXOOIW7lck%2BZWjoY0n0B43eT3ia94Tnb4%3D"}],"max_age":604800}
content-type
text/html
cache-control
max-age=14400
nel
{"max_age":604800,"report_to":"cf-nel"}
x-turbo-charged-by
LiteSpeed
cf-ray
62aecf72384f4aa3-FRA
cf-request-id
08a11ffb6300004aa30c35a000000001

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: PayPal (Financial)

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery

2 Cookies

Domain/Path Name / Value
smcsistemas.com.br/ Name: PHPSESSID
Value: 7158980bfcb6fcdbb1d8fae1124269af
.smcsistemas.com.br/ Name: __cfduid
Value: dadcec9ee2d0254e948773f089b0520e01614899765

2 Console Messages

Source Level URL
Text
console-api warning URL: https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js(Line 2)
Message:
jQuery.Deferred exception: $(...).validateCreditCard is not a function TypeError: $(...).validateCreditCard is not a function at HTMLDocument.<anonymous> (https://smcsistemas.com.br/00000/__MACOSX/cd/ddh/rbk/unblock_verification/customer_center/customer-IDPP00C552/Mfiles/Msix.js:83:22) at l (https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js:2:29375) at c (https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js:2:29677) undefined
console-api warning URL: https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js(Line 2)
Message:
jQuery.Deferred exception: $(...).validateCreditCard is not a function TypeError: $(...).validateCreditCard is not a function at HTMLDocument.<anonymous> (https://smcsistemas.com.br/00000/__MACOSX/cd/ddh/rbk/unblock_verification/customer_center/customer-IDPP00C552/settings/settings.php:676:26) at l (https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js:2:29375) at c (https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js:2:29677) undefined

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Xss-Protection 1; mode=block