urlscan.io logo urlscan.io
SecurityTrails logo

berel.com.mx Open in urlscan Pro
34.216.250.212  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://berel.com.mx/sites/--/https:/www2.bb.com.br/smiles//login.php
Submission: On January 24 via manual
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 15 HTTP transactions. The main IP is 34.216.250.212, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is berel.com.mx.
TLS certificate: Issued by Amazon on January 9th 2020. Valid for: a year.
This is the only time berel.com.mx was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Banco do Brasil (Banking)

Domain & IP information

IP Address AS Autonomous System
11 34.216.250.212 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 23.111.9.35 33438 (HIGHWINDS2)
2 2a00:1450:400... 15169 (GOOGLE)
15 4
Domain Requested by
11 berel.com.mx berel.com.mx
2 fonts.gstatic.com berel.com.mx
1 use.fontawesome.com berel.com.mx
1 fonts.googleapis.com berel.com.mx
15 4

This site contains no links.

Subject Issuer Validity Valid
berel.com
Amazon		 2020-01-09 -
2021-02-09		 a year crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2020-01-07 -
2020-03-31		 3 months crt.sh
*.fontawesome.com
DigiCert SHA2 Secure Server CA		 2019-10-28 -
2020-12-23		 a year crt.sh
*.google.com
GTS CA 1O1		 2020-01-07 -
2020-03-31		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://berel.com.mx/sites/--/https:/www2.bb.com.br/smiles//login.php
Frame ID: 084925BC30CD1DD396064DAD41B7A3B2
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /CentOS/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href="https:\/\/use\.fontawesome\.com\/releases\/v([^>]+)\/css\//i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

15
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

171 kB
Transfer

293 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login.php
berel.com.mx/sites/--/https:/www2.bb.com.br/smiles// 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://berel.com.mx/sites/--/https:/www2.bb.com.br/smiles//login.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.216.250.212 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-216-250-212.us-west-2.compute.amazonaws.com
Software
Apache/2.2.15 (CentOS) / PHP/5.6.38
Resource Hash
e9a428402333b62b3df7863e3a8312dfe8e019183801137ee0a0eaa76d6c17ef
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
berel.com.mx
:scheme
https
:path
/sites/--/https:/www2.bb.com.br/smiles//login.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Sec-Fetch-User
?1

Response headers

status
200
date
Fri, 24 Jan 2020 16:48:36 GMT
content-type
text/html; charset=UTF-8
content-length
1472
server
Apache/2.2.15 (CentOS)
x-content-type-options
nosniff
x-powered-by
PHP/5.6.38
vary
Accept-Encoding,Origin
content-encoding
gzip
all.css
berel.com.mx/sites/--/https:/www2.bb.com.br/smiles//styles/ 		15 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://berel.com.mx/sites/--/https:/www2.bb.com.br/smiles//styles/all.css
Requested by
Host: berel.com.mx
URL: https://berel.com.mx/sites/--/https:/www2.bb.com.br/smiles//login.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.216.250.212 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-216-250-212.us-west-2.compute.amazonaws.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
521936c864f7a1d096e47566673e6f3696a6ab7b8fb638ceca5082d7534e9114
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://berel.com.mx/sites/--/https:/www2.bb.com.br/smiles//login.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 24 Jan 2020 16:48:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Apr 2019 17:08:18 GMT
server
Apache/2.2.15 (CentOS)
etag
"415e2-3df4-585b76aa10480"
vary
Accept-Encoding,Origin
content-type
text/css
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
3384
expires
Sat, 25 Jan 2020 16:49:00 GMT
css
fonts.googleapis.com/ 		10 KB
801 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,800
Requested by
Host: berel.com.mx
URL: https://berel.com.mx/sites/--/https:/www2.bb.com.br/smiles//login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
15b54d408557488fd7cc7fc3c6240046813d492b9d2b936a0bee8b8fe1597853
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://berel.com.mx/sites/--/https:/www2.bb.com.br/smiles//login.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 24 Jan 2020 16:48:36 GMT
server
ESF
access-control-allow-origin
*
date
Fri, 24 Jan 2020 16:48:36 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Fri, 24 Jan 2020 16:48:36 GMT
all.css
use.fontawesome.com/releases/v5.8.1/css/ 		54 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.8.1/css/all.css
Requested by
Host: berel.com.mx
URL: https://berel.com.mx/sites/--/https:/www2.bb.com.br/smiles//login.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://berel.com.mx/sites/--/https:/www2.bb.com.br/smiles//login.php
Origin
https://berel.com.mx

Response headers

date
Fri, 24 Jan 2020 16:48:36 GMT
content-encoding
gzip
last-modified
Thu, 21 Mar 2019 21:31:35 GMT
server
NetDNA-cache/2.2
access-control-allow-origin
*
etag
W/"e4c542a7f6bf6f74fdd8cdf6e8096396"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
status
200
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
jquery.min.js
berel.com.mx/sites/--/https:/www2.bb.com.br/smiles//javascripts/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://berel.com.mx/sites/--/https:/www2.bb.com.br/smiles//javascripts/jquery.min.js
Requested by
Host: berel.com.mx
URL: https://berel.com.mx/sites/--/https:/www2.bb.com.br/smiles//login.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.216.250.212 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-216-250-212.us-west-2.compute.amazonaws.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://berel.com.mx/sites/--/https:/www2.bb.com.br/smiles//login.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 24 Jan 2020 16:48:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 03 Apr 2019 01:32:28 GMT
server
Apache/2.2.15 (CentOS)
etag
"415b0-1538f-5859639fca300"
vary
Accept-Encoding,Origin
content-type
text/javascript
status
200
cache-control
max-age=604800
accept-ranges
bytes
content-length
30249
expires
Fri, 31 Jan 2020 16:49:00 GMT
all.js
berel.com.mx/sites/--/https:/www2.bb.com.br/smiles//javascripts/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://berel.com.mx/sites/--/https:/www2.bb.com.br/smiles//javascripts/all.js
Requested by
Host: berel.com.mx
URL: https://berel.com.mx/sites/--/https:/www2.bb.com.br/smiles//login.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.216.250.212 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-216-250-212.us-west-2.compute.amazonaws.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
b6cad66d3275431f13cceabc09d830db05eb1043105c276da3678a98b5001cd1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://berel.com.mx/sites/--/https:/www2.bb.com.br/smiles//login.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 24 Jan 2020 16:48:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Apr 2019 17:54:54 GMT
server
Apache/2.2.15 (CentOS)
etag
"415a9-2007-585b811489780"
vary
Accept-Encoding,Origin
content-type
text/javascript
status
200
cache-control
max-age=604800
accept-ranges
bytes
content-length
2447
expires
Fri, 31 Jan 2020 16:49:00 GMT
destaque_cima_login.jpg
berel.com.mx/sites/--/https:/www2.bb.com.br/smiles//images/ 		71 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://berel.com.mx/sites/--/https:/www2.bb.com.br/smiles//images/destaque_cima_login.jpg
Requested by
Host: berel.com.mx
URL: https://berel.com.mx/sites/--/https:/www2.bb.com.br/smiles//login.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.216.250.212 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-216-250-212.us-west-2.compute.amazonaws.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
0d4962ba649e1a5e9f069771cf9ee9abe522f4c7b6849ed48e168d00edf2a90a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://berel.com.mx/sites/--/https:/www2.bb.com.br/smiles//login.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 24 Jan 2020 16:48:36 GMT
x-content-type-options
nosniff
last-modified
Wed, 03 Apr 2019 15:11:22 GMT
server
Apache/2.2.15 (CentOS)
etag
"406ea-11d21-585a1aa99fa80"
vary
Origin
content-type
image/jpeg
status
200
cache-control
max-age=5184000
accept-ranges
bytes
content-length
72993
expires
Tue, 24 Mar 2020 16:49:00 GMT
background_login_header.jpg
berel.com.mx/sites/--/https:/www2.bb.com.br/smiles//images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://berel.com.mx/sites/--/https:/www2.bb.com.br/smiles//images/background_login_header.jpg
Requested by
Host: berel.com.mx
URL: https://berel.com.mx/sites/--/https:/www2.bb.com.br/smiles//login.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.216.250.212 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-216-250-212.us-west-2.compute.amazonaws.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f15e58d6db051d920c231b6dc993c81ba588838681a871335a1da4961df4a23f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://berel.com.mx/sites/--/https:/www2.bb.com.br/smiles//styles/all.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 24 Jan 2020 16:48:37 GMT
x-content-type-options
nosniff
last-modified
Wed, 03 Apr 2019 15:11:02 GMT
server
Apache/2.2.15 (CentOS)
etag
"40644-2630-585a1a968cd80"
vary
Origin
content-type
image/jpeg
status
200
cache-control
max-age=5184000
accept-ranges
bytes
content-length
9776
expires
Tue, 24 Mar 2020 16:49:01 GMT
bg_cx_login.png
berel.com.mx/sites/--/https:/www2.bb.com.br/smiles//images/ 		215 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://berel.com.mx/sites/--/https:/www2.bb.com.br/smiles//images/bg_cx_login.png
Requested by
Host: berel.com.mx
URL: https://berel.com.mx/sites/--/https:/www2.bb.com.br/smiles//login.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.216.250.212 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-216-250-212.us-west-2.compute.amazonaws.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ddba6f8cb9f95657e08d71ede2c025786c09835962a49b81978bccb9666d6817
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://berel.com.mx/sites/--/https:/www2.bb.com.br/smiles//styles/all.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 24 Jan 2020 16:48:37 GMT
x-content-type-options
nosniff
last-modified
Wed, 03 Apr 2019 15:59:50 GMT
server
Apache/2.2.15 (CentOS)
etag
"406c7-d7-585a257ee8980"
vary
Origin
content-type
image/png
status
200
cache-control
max-age=5184000
accept-ranges
bytes
content-length
215
expires
Tue, 24 Mar 2020 16:49:01 GMT
sep_bx_login.png
berel.com.mx/sites/--/https:/www2.bb.com.br/smiles//images/ 		145 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://berel.com.mx/sites/--/https:/www2.bb.com.br/smiles//images/sep_bx_login.png
Requested by
Host: berel.com.mx
URL: https://berel.com.mx/sites/--/https:/www2.bb.com.br/smiles//login.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.216.250.212 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-216-250-212.us-west-2.compute.amazonaws.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
85ff25d12bcb48480b3092be47d2a016582ab093335c594518893c8f685cb004
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://berel.com.mx/sites/--/https:/www2.bb.com.br/smiles//styles/all.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 24 Jan 2020 16:48:37 GMT
x-content-type-options
nosniff
last-modified
Wed, 03 Apr 2019 16:02:40 GMT
server
Apache/2.2.15 (CentOS)
etag
"41554-91-585a262108800"
vary
Origin
content-type
image/png
status
200
cache-control
max-age=5184000
accept-ranges
bytes
content-length
145
expires
Tue, 24 Mar 2020 16:49:01 GMT
login_bx_on.png
berel.com.mx/sites/--/https:/www2.bb.com.br/smiles//images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://berel.com.mx/sites/--/https:/www2.bb.com.br/smiles//images/login_bx_on.png
Requested by
Host: berel.com.mx
URL: https://berel.com.mx/sites/--/https:/www2.bb.com.br/smiles//login.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.216.250.212 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-216-250-212.us-west-2.compute.amazonaws.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
cde5f2a739de7b9aa9f8df2294940a28bf62ed55bf438878029695969703ba50
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://berel.com.mx/sites/--/https:/www2.bb.com.br/smiles//styles/all.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 24 Jan 2020 16:48:37 GMT
x-content-type-options
nosniff
last-modified
Wed, 03 Apr 2019 17:53:34 GMT
server
Apache/2.2.15 (CentOS)
etag
"4111e-1a19-585a3eeac8380"
vary
Origin
content-type
image/png
status
200
cache-control
max-age=5184000
accept-ranges
bytes
content-length
6681
expires
Tue, 24 Mar 2020 16:49:01 GMT
login_bx_2_on.png
berel.com.mx/sites/--/https:/www2.bb.com.br/smiles//images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://berel.com.mx/sites/--/https:/www2.bb.com.br/smiles//images/login_bx_2_on.png
Requested by
Host: berel.com.mx
URL: https://berel.com.mx/sites/--/https:/www2.bb.com.br/smiles//login.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.216.250.212 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-216-250-212.us-west-2.compute.amazonaws.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c6d6af98f2f41d74982ca3b99ace4f37483fe909463df5583f21838389839f93
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://berel.com.mx/sites/--/https:/www2.bb.com.br/smiles//styles/all.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 24 Jan 2020 16:48:37 GMT
x-content-type-options
nosniff
last-modified
Wed, 03 Apr 2019 17:54:58 GMT
server
Apache/2.2.15 (CentOS)
etag
"41116-28da-585a3f3ae4080"
vary
Origin
content-type
image/png
status
200
cache-control
max-age=5184000
accept-ranges
bytes
content-length
10458
expires
Tue, 24 Mar 2020 16:49:01 GMT
bg_footer.gif
berel.com.mx/sites/--/https:/www2.bb.com.br/smiles//images/ 		579 B
834 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://berel.com.mx/sites/--/https:/www2.bb.com.br/smiles//images/bg_footer.gif
Requested by
Host: berel.com.mx
URL: https://berel.com.mx/sites/--/https:/www2.bb.com.br/smiles//login.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.216.250.212 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-216-250-212.us-west-2.compute.amazonaws.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
a03bd27a7d3756b4e09a7e9ac101f3da239a24b9635e8ca61857ed3cad21477a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://berel.com.mx/sites/--/https:/www2.bb.com.br/smiles//styles/all.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 24 Jan 2020 16:48:37 GMT
x-content-type-options
nosniff
last-modified
Wed, 03 Apr 2019 18:03:00 GMT
server
Apache/2.2.15 (CentOS)
etag
"406ce-243-585a41068fd00"
vary
Origin
content-type
image/gif
status
200
cache-control
max-age=5184000
accept-ranges
bytes
content-length
579
expires
Tue, 24 Mar 2020 16:49:01 GMT
mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
Requested by
Host: berel.com.mx
URL: https://berel.com.mx/sites/--/https:/www2.bb.com.br/smiles//login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,800
Origin
https://berel.com.mx

Response headers

date
Wed, 22 Jan 2020 14:14:21 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:44 GMT
server
sffe
age
182056
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
9180
x-xss-protection
0
expires
Thu, 21 Jan 2021 14:14:21 GMT
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: berel.com.mx
URL: https://berel.com.mx/sites/--/https:/www2.bb.com.br/smiles//login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,800
Origin
https://berel.com.mx

Response headers

date
Fri, 20 Dec 2019 05:36:27 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:49 GMT
server
sffe
age
3064330
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
9132
x-xss-protection
0
expires
Sat, 19 Dec 2020 05:36:27 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banco do Brasil (Banking)

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery function| alt_message function| check_cici function| check_codigo function| check_fone function| check_login function| checkCard function| FormataDado function| mask

0 Cookies

1 Console Messages

Source Level URL
Text
console-api warning URL: https://berel.com.mx/sites/--/https:/www2.bb.com.br/smiles//javascripts/jquery.min.js(Line 2)
Message:
jQuery.Deferred exception: $(...).mask is not a function TypeError: $(...).mask is not a function at HTMLDocument.<anonymous> (https://berel.com.mx/sites/--/https:/www2.bb.com.br/smiles//javascripts/all.js:2:19) at l (https://berel.com.mx/sites/--/https:/www2.bb.com.br/smiles//javascripts/jquery.min.js:2:29375) at c (https://berel.com.mx/sites/--/https:/www2.bb.com.br/smiles//javascripts/jquery.min.js:2:29677) undefined

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff