www.bb-trocadepontoslivelo.link Open in urlscan Pro
2a06:98c1:3120::3 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.bb-trocadepontoslivelo.link/
Effective URL:
https://www.bb-trocadepontoslivelo.link/login
Submission Tags: @phish_report
Submission: On October 04 via api (October 4th 2023, 1:37:53 pm UTC) from FI — Scanned from NL

Summary HTTP 19 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 6 domains to perform 19 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.bb-trocadepontoslivelo.link.
TLS certificate: Issued by GTS CA 1P5 on September 29th 2023. Valid for: 3 months.

This is the only time www.bb-trocadepontoslivelo.link was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Livelo (E-commerce)

Domain & IP information

	IP Address	AS Autonomous System
3 11	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
1	18.154.63.118 18.154.63.118	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	13.32.27.21 13.32.27.21	16509 (AMAZON-02) (AMAZON-02)
1	63.35.249.238 63.35.249.238	16509 (AMAZON-02) (AMAZON-02)
1	54.171.20.67 54.171.20.67	16509 (AMAZON-02) (AMAZON-02)
19	8

11 2a06:98c1:3120::3 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

www.bb-trocadepontoslivelo.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.154.63.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-154-63-118.dus51.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.27.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-21.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.35.249.238 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-249-238.eu-west-1.compute.amazonaws.com

content.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.171.20.67 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-20-67.eu-west-1.compute.amazonaws.com

metrics.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	bb-trocadepontoslivelo.link 3 redirects www.bb-trocadepontoslivelo.link	119 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 1261 script.hotjar.com — Cisco Umbrella Rank: 1629	62 KB
2	hotjar.io content.hotjar.io — Cisco Umbrella Rank: 8895 metrics.hotjar.io — Cisco Umbrella Rank: 13504	231 B
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 113	1 KB
1	gstatic.com fonts.gstatic.com	24 KB
0	rico-com-vc.com Failed socketio.rico-com-vc.com Failed
19	6

	Domain	Requested by
11	www.bb-trocadepontoslivelo.link	3 redirects www.bb-trocadepontoslivelo.link
2	script.hotjar.com	static.hotjar.com script.hotjar.com
2	fonts.googleapis.com	www.bb-trocadepontoslivelo.link
1	metrics.hotjar.io	static.hotjar.com
1	content.hotjar.io	script.hotjar.com
1	fonts.gstatic.com	fonts.googleapis.com
1	static.hotjar.com	www.bb-trocadepontoslivelo.link
0	socketio.rico-com-vc.com Failed	www.bb-trocadepontoslivelo.link
19	8

This site contains no links.

Subject Issuer	Validity	Valid
bb-trocadepontoslivelo.link GTS CA 1P5	`2023-09-29` - `2023-12-28`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2023-03-02` - `2024-03-30`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.bb-trocadepontoslivelo.link/login
Frame ID: 41C044E0D7FB7A718296AD80F70D7184
Requests: 17 HTTP requests in this frame

Frame: https://www.bb-trocadepontoslivelo.link/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js
Frame ID: 0BFB2963664736D8C82603AF0EDBA14D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Banco do Brasil

Page URL History Show full URLs

http://www.bb-trocadepontoslivelo.link/ HTTP 301
https://www.bb-trocadepontoslivelo.link/ HTTP 302
https://www.bb-trocadepontoslivelo.link/login Page URL

Detected technologies

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Page Statistics

19
Requests

79 %
HTTPS

43 %
IPv6

6
Domains

8
Subdomains

8
IPs

3
Countries

204 kB
Transfer

646 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.bb-trocadepontoslivelo.link/ HTTP 301
https://www.bb-trocadepontoslivelo.link/ HTTP 302
https://www.bb-trocadepontoslivelo.link/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://www.bb-trocadepontoslivelo.link/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.bb-trocadepontoslivelo.link/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js

19 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login Show response
www.bb-trocadepontoslivelo.link/
Redirect Chain

http://www.bb-trocadepontoslivelo.link/
https://www.bb-trocadepontoslivelo.link/
https://www.bb-trocadepontoslivelo.link/login

4 KB
2 KB

74ms
73ms

Document
text/html

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bb-trocadepontoslivelo.link/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74636f4814308ae9e79e113ac348d7a325da4e357e7ff9e471b314d3fe2dfadd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 810dd2554c7fb7f7-AMS
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 04 Oct 2023 13:37:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=py7%2B1cdTKjZM9vTfEqxEZPho6a9Ity9lONzmlh%2FI1EWVKn1ai0ycZleELFjfT26JqXx5p87dv6E07um0QdFeUtcEI1ZJOQgikaF3mBgrtipFVQ419TefrfChOB%2Fpds6%2FoRnr5%2Fb5pAPhsm2CuANyLWiAm3uX6d48x2jWOl9Z"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 810dd24e0c67b7f7-AMS
content-type: text/html; charset=utf-8
date: Wed, 04 Oct 2023 13:37:48 GMT
location: https://www.bb-trocadepontoslivelo.link/login
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tBtm9OLuhoH8Dx1DoCGLiUdzlxdzig2sderOhProaI5VVmpRDrRTgdc6ukQXvUgGEhTNuQD7lrPhhx9eBGX%2FJlyefF1c4M8khIBYGc7%2BzQb0wvXRdSB8ejlSUtVqoL7p265Yf1lMsyVoKWinfjavI33v95ZNui%2BvFpWpz8fx"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 main-v3.css
www.bb-trocadepontoslivelo.link/assets/ 117 KB
16 KB 104ms
104ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bb-trocadepontoslivelo.link/assets/main-v3.css
Requested by: Host: www.bb-trocadepontoslivelo.link
URL: https://www.bb-trocadepontoslivelo.link/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ddbf71ea35869e31a10765b6aa3830af4955e3ebef675f41580fed1af0ec60a1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.bb-trocadepontoslivelo.link/login
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 04 Oct 2023 13:37:48 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Sun, 16 Jul 2023 18:07:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BoLe3RSpfplBwZBzuiSogeOAMtTRhyZrsF4KT9FrbDlEFimLuJwp7ksXAHzOlaBRkJaCirtS1pys19RQp6d5I6bMUmpXIvUJ0XWYVgqy%2F48ywut8InrP1xEDac%2BIoZ8L2KQE9Ki0zc7RD%2BgkcMcyHI0Ed%2BOKydmGjuSXuU20"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
content-disposition: inline; filename=main-v3.css
cf-ray: 810dd255cd23b7f7-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 app2.js Show response
www.bb-trocadepontoslivelo.link/assets/ 207 KB
67 KB 107ms
107ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bb-trocadepontoslivelo.link/assets/app2.js
Requested by: Host: www.bb-trocadepontoslivelo.link
URL: https://www.bb-trocadepontoslivelo.link/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0bd3a3357e1ae9e2a0e94f6c6aeee2fe7f6ea2937226647a30b0f1fd53b1f02b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.bb-trocadepontoslivelo.link/login
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 04 Oct 2023 13:37:48 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Wed, 16 Aug 2023 15:48:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IXCmlLki%2FTCDYHT8cZpAl3esEBcTlpOe0%2Bw0NGvqK2Od1uFcM0omMQbnFjRbB6t41nhCakTZph8yMWi0P43ehM%2Ff5qI4IepdGscjlSS2Vbp4r5M%2Bznk1hiPgK2B%2BtUqHItgXBdXj%2FyF3tgLc6g8uPCDh%2BIVVPqZO%2B0TPkhFs"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
content-disposition: inline; filename=app2.js
cf-ray: 810dd255cd24b7f7-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 logo-livelo.svg
www.bb-trocadepontoslivelo.link/assets/bblivelo/v3/ 5 KB
3 KB 63ms
63ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bb-trocadepontoslivelo.link/assets/bblivelo/v3/logo-livelo.svg
Requested by: Host: www.bb-trocadepontoslivelo.link
URL: https://www.bb-trocadepontoslivelo.link/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a93839a2c1e9457a6a66474a128ae6221798e5fec089c172e8160b592584dd93

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.bb-trocadepontoslivelo.link/login
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 04 Oct 2023 13:37:48 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Sun, 16 Jul 2023 18:07:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cmoHtcKlwCyAsMH1fBY1jMuMWWIot463tIUeO89bPSKqectXNr0YjqGY1ReNeCI3Wms34xZyAkTrLZiOAfJwb%2FbFG%2FVJCoR%2BqvSDYVo2JdzskAHLHEjvzEyvW4asMqefXcYiLySCvRrgTtSoSYi1jJFpRyP5s%2FX2al5Zqsj%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
content-disposition: inline; filename=logo-livelo.svg
cf-ray: 810dd2566dafb7f7-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 logo-bb.svg
www.bb-trocadepontoslivelo.link/assets/bblivelo/v3/ 803 B
1008 B 362ms
361ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bb-trocadepontoslivelo.link/assets/bblivelo/v3/logo-bb.svg
Requested by: Host: www.bb-trocadepontoslivelo.link
URL: https://www.bb-trocadepontoslivelo.link/login
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3becca4e7dd1d0511eabf978dfb1bd8aa48a1b18a31e70fe376a3ccf8d20189a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.bb-trocadepontoslivelo.link/login
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 04 Oct 2023 13:37:48 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Sun, 16 Jul 2023 18:07:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wczamp5kh61drK8dBLHruyYZOx7xFKsPVU2IAd%2BDAhmTXrpsyRQ1lalFI48hruYZsj4O4rggYf7apTczbkvUvsvPlNPSLUTqYYsDfYgM1J10rjVgd3BF1YAXOu%2FPvxwbvw%2BocVit%2Bck5V8lCahXAYwGsdoF%2B%2FrSsbvTCc09U"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
content-disposition: inline; filename=logo-bb.svg
cf-ray: 810dd2574ac4575f-TLH
alt-svc: h3=":443"; ma=86400

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
637 B 76ms
29ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto&display=swap

Requested by

Host: www.bb-trocadepontoslivelo.link
URL: https://www.bb-trocadepontoslivelo.link/assets/main-v3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d09238914760e8ca19a68cdebf15a4d7c39c68af1f94ad3325ef7c39e27c2d45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.bb-trocadepontoslivelo.link/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000
date: Wed, 04 Oct 2023 13:37:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Wed, 04 Oct 2023 13:37:48 GMT

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
782 B 75ms
29ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Signika&display=swap

Requested by

Host: www.bb-trocadepontoslivelo.link
URL: https://www.bb-trocadepontoslivelo.link/assets/main-v3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2f29527072cf570bf1deb502c4388f9f26e655fcbe93d51d32095c92fbe511dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.bb-trocadepontoslivelo.link/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000
date: Wed, 04 Oct 2023 13:37:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Wed, 04 Oct 2023 13:37:48 GMT

GET /
socketio.rico-com-vc.com/socket.io/ 0
0

GET
H2 200 hotjar-2680142.js Show response
static.hotjar.com/c/ 10 KB
4 KB 106ms
54ms Script
application/javascript 18.154.63.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2680142.js?sv=6

Requested by

Host: www.bb-trocadepontoslivelo.link
URL: https://www.bb-trocadepontoslivelo.link/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.154.63.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-154-63-118.dus51.r.cloudfront.net

Software

Resource Hash

69a66c2289c02dca4c4278953f65be8a8a05a30c45438fd5414ab5055329a035

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.bb-trocadepontoslivelo.link/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 04 Oct 2023 13:37:48 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 c6112c76017165ab7d9ba7566718afea.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P4
etag: W/9e04e00f0a02982604aecbe684e3c48c
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: Gqc9sabLSZOeIcbTTJYJMnPnl_uAm2819F5xQd1S3iWJsNRa6aCnBw==

GET
H2 200 vEF72_JTCgwQ5ejvMV0Ox_Kg1UwJ0tKfX4zNpD8E4ASzH1r9gTuoyjkmoN0hjg.woff2
fonts.gstatic.com/s/signika/v25/ 23 KB
24 KB 69ms
19ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/signika/v25/vEF72_JTCgwQ5ejvMV0Ox_Kg1UwJ0tKfX4zNpD8E4ASzH1r9gTuoyjkmoN0hjg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Signika&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b82537792420596f2f384b01727d799c56a0064d55807810cb3b002d649822b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.bb-trocadepontoslivelo.link
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 29 Sep 2023 15:23:38 GMT
x-content-type-options: nosniff
age: 425650
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23804
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 20:47:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Sep 2024 15:23:38 GMT

GET
H3 200 geomanist_medium.otf
www.bb-trocadepontoslivelo.link/assets/bbrasil/fonts/ 38 KB
24 KB 500ms
499ms Font
application/font-sfnt 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bb-trocadepontoslivelo.link/assets/bbrasil/fonts/geomanist_medium.otf
Requested by: Host: www.bb-trocadepontoslivelo.link
URL: https://www.bb-trocadepontoslivelo.link/assets/main-v3.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 384760ed855d8a9f5c3e5f3e6e83dff6e50b69384d46001693f23bc32b57fd98

Request headers

Referer: https://www.bb-trocadepontoslivelo.link/assets/main-v3.css
Origin: https://www.bb-trocadepontoslivelo.link
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 04 Oct 2023 13:37:49 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Sun, 16 Jul 2023 18:07:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FTlKRgr8M217QViFiW2FJ2BklmGYo4AsDCi5InjH%2F3SEkKx%2BrLEBCWh4LTEOjNM3Tt4ri2eDNwXGu5%2FxKi361LvuK81tS961cHJJG1QFBH6Vp6iukvBcQq8fO7BJP5%2BQUZ10EWoP2ghvvrYj%2BvqZd7UA3LHlvioXlowH78lK"}],"group":"cf-nel","max_age":604800}
content-type: application/font-sfnt
access-control-allow-origin: https://www.bb-trocadepontoslivelo.link
cache-control: no-cache
content-disposition: inline; filename=geomanist_medium.otf
cf-ray: 810dd2578afa575f-TLH
alt-svc: h3=":443"; ma=86400

GET
H3

200

main.js Show response
www.bb-trocadepontoslivelo.link/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/ Frame 0BFB
Redirect Chain

https://www.bb-trocadepontoslivelo.link/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.bb-trocadepontoslivelo.link/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js

7 KB
4 KB

133ms
132ms

Script
application/javascript

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bb-trocadepontoslivelo.link/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js

Requested by

Host: www.bb-trocadepontoslivelo.link
URL: https://www.bb-trocadepontoslivelo.link/login

Protocol

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e83a88732754c94d1f7e5bdfcc8cdd2a31b09e9dfcd3a3f62fd6b371f258ee2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 04 Oct 2023 13:37:48 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KUZ%2BxCz4GtLR%2FeMOVwBC0Odibr7XkOjED6b0s1tqdx8oHm20Bp3HvqXNDcTq3J1bg7mZXnQapiZkEn6VDsee1ZTbyvrFy%2FXXrYk0Dowlf0HJqxMJIk1yRelh%2BdY6ZQSbbhD0uNp%2BPNZjlpoV3OtsXL5Lr2J2oLJ674%2FZYmlu"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 810dd2589bcf575f-TLH
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Wed, 04 Oct 2023 13:37:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MNZS9WxujZOEPW%2BjuR7NzD2RS0t%2BMncZxt7234njc%2BQfsIC0P19rSyPm2UpVthIYRngmhJDrOWEXJXquLI%2BIsnc90rjiW5kOc9HnPv2uEUqDd4IyMzzSF35JvOQmhLm7F3bBu0UoaM0dTqZzKhOu6hq8W%2B%2BvD2aEXD%2FVcmxw"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js
cache-control: max-age=300, public
cf-ray: 810dd257bb50575f-TLH
alt-svc: h3=":443"; ma=86400

GET
H2 200 modules.b16e4d57f3928457df7a.js Show response
script.hotjar.com/ 224 KB
55 KB 65ms
22ms Script
application/javascript 13.32.27.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.b16e4d57f3928457df7a.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2680142.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-21.fra56.r.cloudfront.net

Software

Resource Hash

8326289128837c1f6dd5b2c360d01e735e115aae8732b67dad87e864d9c8d271

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.bb-trocadepontoslivelo.link/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 04 Oct 2023 11:19:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 bfa7dfbe8ca6d4eb3690c4c82ca6c0fa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 8322
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55778
last-modified: Wed, 04 Oct 2023 11:18:56 GMT
etag: "b380ae54452b4d14c7cbccb2aa14c902"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: LvzcEK-xluhMVrci19V4Zx_sNeh2TnVPYVmTICKtjyqvCODw8d2jng==

GET
H2 200 browser-perf.33dcc26815d7481e62e8.js Show response
script.hotjar.com/ 6 KB
2 KB 20ms
19ms Script
application/javascript 13.32.27.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/browser-perf.33dcc26815d7481e62e8.js

Requested by

Host: script.hotjar.com
URL: https://script.hotjar.com/modules.b16e4d57f3928457df7a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-21.fra56.r.cloudfront.net

Software

Resource Hash

ef4f60ddf2d15f01ea12c07fa37bda6544e5b2ba7d4ffd66bf1d6b49bbf98fd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.bb-trocadepontoslivelo.link/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 02 Oct 2023 13:39:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 bfa7dfbe8ca6d4eb3690c4c82ca6c0fa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 172722
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 1959
last-modified: Mon, 02 Oct 2023 13:38:29 GMT
etag: "cf8f6bab23395e3bb50abb3b11d2e3ab"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 4YnrfP9DVok-AHkSzFcaFQz06Tb0tPJRybn8bOX3j8B5mN6XndsOsw==

POST
H2 200 / Show response
content.hotjar.io/ 56 B
161 B 111ms
31ms XHR
application/json 63.35.249.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.hotjar.io/?gzip=1
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.b16e4d57f3928457df7a.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 63.35.249.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-249-238.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: c52fa832c85f89528cb2d5292a1d50abaffc4172b9deaed2499edb833bdf28e0

Request headers

Referer: https://www.bb-trocadepontoslivelo.link/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type: text/plain; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 04 Oct 2023 13:37:48 GMT
content-length: 56
vary: Origin
content-type: application/json

POST
H3 200 810dd2554c7fb7f7 Show response
www.bb-trocadepontoslivelo.link/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 0BFB 0
580 B 246ms
242ms XHR
text/plain 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bb-trocadepontoslivelo.link/cdn-cgi/challenge-platform/h/g/jsd/r/810dd2554c7fb7f7
Requested by: Host: www.bb-trocadepontoslivelo.link
URL: https://www.bb-trocadepontoslivelo.link/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type: application/json

Response headers

date: Wed, 04 Oct 2023 13:37:49 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F9As%2FMoLjrznz4pA92gOgcVkadsRpKnFDJBQoZfqGYuoXPCTsyEJEbvJ0ZWfDNTQxujDbiCjzgwnEf1xMX%2FXElowObOxZ%2BxyMRceUJQXrCl00e45N08cRl1Hdg0WRhRWedf8dGCRjszwtLgK1bVohWY7zfgpkpj0iJLqb5fi"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 810dd259ecc1575f-TLH
alt-svc: h3=":443"; ma=86400

GET /
socketio.rico-com-vc.com/socket.io/ 0
0

POST
H2 204 /
metrics.hotjar.io/ 0
70 B 120ms
29ms Ping
text/plain 54.171.20.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://metrics.hotjar.io/?v=6
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2680142.js?sv=6
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.171.20.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-20-67.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bb-trocadepontoslivelo.link/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 04 Oct 2023 13:37:51 GMT
vary: Origin

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: socketio.rico-com-vc.com
URL: https://socketio.rico-com-vc.com/socket.io/?EIO=4&transport=polling&t=OhwwB9e

Domain: socketio.rico-com-vc.com
URL: https://socketio.rico-com-vc.com/socket.io/?EIO=4&transport=polling&t=OhwwBSU

Domain: socketio.rico-com-vc.com
URL: https://socketio.rico-com-vc.com/socket.io/?EIO=4&transport=polling&t=OhwwBru

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Livelo (E-commerce)

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.bb-trocadepontoslivelo.link/	1970-01-20 15:58:25	Name: session Value: c697b4dd-398c-4bfe-a8a7-f9c9b3e949d7
.bb-trocadepontoslivelo.link/	1970-01-20 23:59:22	Name: _hjSessionUser_2680142 Value: eyJpZCI6ImNiOTgzOWRjLTkxNWUtNTE1MC04OWJhLTIyYWI3NzJiNDg5OCIsImNyZWF0ZWQiOjE2OTY0MjY2Njg4NzgsImV4aXN0aW5nIjpmYWxzZX0=
.bb-trocadepontoslivelo.link/	1970-01-20 15:13:48	Name: _hjFirstSeen Value: 1
.bb-trocadepontoslivelo.link/	1970-01-20 15:13:46	Name: _hjIncludedInSessionSample_2680142 Value: 1
.bb-trocadepontoslivelo.link/	1970-01-20 15:13:48	Name: _hjSession_2680142 Value: eyJpZCI6Ijg1ZjY1MGRlLTIyMWItNGVmNC1iYjU3LTk5MDUzNzZjNzgzZiIsImNyZWF0ZWQiOjE2OTY0MjY2Njg4NzksImluU2FtcGxlIjp0cnVlLCJzZXNzaW9uaXplckJldGFFbmFibGVkIjpmYWxzZX0=
.bb-trocadepontoslivelo.link/	1970-01-20 15:13:48	Name: _hjAbsoluteSessionInProgress Value: 0
.bb-trocadepontoslivelo.link/	1970-01-20 23:59:22	Name: cf_clearance Value: NECkWaBYLsd9UvWa4wvQW2xI1os28Tg2pT7LUS8YFRk-1696426669-0-1-25c6bab8.de91320f.41452136-0.2.1696426669

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://www.bb-trocadepontoslivelo.link/login Message: Access to XMLHttpRequest at 'https://socketio.rico-com-vc.com/socket.io/?EIO=4&transport=polling&t=OhwwB9e' from origin 'https://www.bb-trocadepontoslivelo.link' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://socketio.rico-com-vc.com/socket.io/?EIO=4&transport=polling&t=OhwwB9e Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.bb-trocadepontoslivelo.link/login Message: Access to XMLHttpRequest at 'https://socketio.rico-com-vc.com/socket.io/?EIO=4&transport=polling&t=OhwwBSU' from origin 'https://www.bb-trocadepontoslivelo.link' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://socketio.rico-com-vc.com/socket.io/?EIO=4&transport=polling&t=OhwwBSU Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.bb-trocadepontoslivelo.link/login Message: Access to XMLHttpRequest at 'https://socketio.rico-com-vc.com/socket.io/?EIO=4&transport=polling&t=OhwwBru' from origin 'https://www.bb-trocadepontoslivelo.link' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://socketio.rico-com-vc.com/socket.io/?EIO=4&transport=polling&t=OhwwBru Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

content.hotjar.io
fonts.googleapis.com
fonts.gstatic.com
metrics.hotjar.io
script.hotjar.com
socketio.rico-com-vc.com
static.hotjar.com
www.bb-trocadepontoslivelo.link
socketio.rico-com-vc.com
13.32.27.21
18.154.63.118
2a00:1450:4001:80b::200a
2a00:1450:4001:82f::2003
2a06:98c1:3120::3
54.171.20.67
63.35.249.238
0bd3a3357e1ae9e2a0e94f6c6aeee2fe7f6ea2937226647a30b0f1fd53b1f02b
0e83a88732754c94d1f7e5bdfcc8cdd2a31b09e9dfcd3a3f62fd6b371f258ee2
2f29527072cf570bf1deb502c4388f9f26e655fcbe93d51d32095c92fbe511dd
384760ed855d8a9f5c3e5f3e6e83dff6e50b69384d46001693f23bc32b57fd98
3becca4e7dd1d0511eabf978dfb1bd8aa48a1b18a31e70fe376a3ccf8d20189a
69a66c2289c02dca4c4278953f65be8a8a05a30c45438fd5414ab5055329a035
74636f4814308ae9e79e113ac348d7a325da4e357e7ff9e471b314d3fe2dfadd
8326289128837c1f6dd5b2c360d01e735e115aae8732b67dad87e864d9c8d271
a93839a2c1e9457a6a66474a128ae6221798e5fec089c172e8160b592584dd93
b82537792420596f2f384b01727d799c56a0064d55807810cb3b002d649822b8
c52fa832c85f89528cb2d5292a1d50abaffc4172b9deaed2499edb833bdf28e0
d09238914760e8ca19a68cdebf15a4d7c39c68af1f94ad3325ef7c39e27c2d45
ddbf71ea35869e31a10765b6aa3830af4955e3ebef675f41580fed1af0ec60a1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef4f60ddf2d15f01ea12c07fa37bda6544e5b2ba7d4ffd66bf1d6b49bbf98fd1

www.bb-trocadepontoslivelo.link Open in urlscan Pro 2a06:98c1:3120::3 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

19 Requests

79 %HTTPS

43 %IPv6

6 Domains

8 Subdomains

8 IPs

3 Countries

204 kBTransfer

646 kBSize

7 Cookies

0 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

26 JavaScript Global Variables

7 Cookies

6 Console Messages

Indicators

www.bb-trocadepontoslivelo.link Open in urlscan Pro
2a06:98c1:3120::3 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

79 %
HTTPS

43 %
IPv6

6
Domains

8
Subdomains

8
IPs

3
Countries

204 kB
Transfer

646 kB
Size

7
Cookies

19 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!