206.189.200.99
Open in
urlscan Pro
206.189.200.99
Malicious Activity!
Public Scan
Submission: On June 08 via automatic, source phishtank
Summary
This is the only time 206.189.200.99 was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Caixa (Government)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
4 | 206.189.200.99 206.189.200.99 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
5 17 | 95.100.200.80 95.100.200.80 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
18 | 3 |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-100-200-80.deploy.static.akamaitechnologies.com
internetbanking.caixa.gov.br |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
caixa.gov.br
5 redirects
internetbanking.caixa.gov.br |
177 KB |
0 |
Failed
function sub() { [native code] }. Failed |
|
18 | 2 |
Domain | Requested by | |
---|---|---|
17 | internetbanking.caixa.gov.br |
5 redirects
206.189.200.99
internetbanking.caixa.gov.br |
0 | dghlnijganhlceoeehiahcjaokidbadp Failed |
206.189.200.99
|
18 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
internetbanking.caixa.gov.br DigiCert SHA2 Secure Server CA |
2021-04-13 - 2022-04-18 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
http://206.189.200.99/bemvindoportal.php?04
Frame ID: 951D3FF7552AB793A2568918DC862B71
Requests: 1 HTTP requests in this frame
Frame:
http://206.189.200.99/portallogin.html?asistema=W71D7RQGW71D-FT2T-W71DFT2TFT2T-BW79FT2T
Frame ID: EBBD78D9ACDD452EC4ADC0FBAE9E4F6D
Requests: 17 HTTP requests in this frame
Screenshot
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
Ubuntu (Operating Systems) Expand
Detected patterns
- headers server /Ubuntu/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 1- http://internetbanking.caixa.gov.br/statics-core/bootstrap/css/bootstrap.css?v=38 HTTP 302
- https://internetbanking.caixa.gov.br/statics-core/bootstrap/css/bootstrap.css?v=38
- http://internetbanking.caixa.gov.br/statics-core/css/login.css?v=38 HTTP 302
- https://internetbanking.caixa.gov.br/statics-core/css/login.css?v=38
- http://internetbanking.caixa.gov.br/statics-core/css/principal.css?v=38 HTTP 302
- https://internetbanking.caixa.gov.br/statics-core/css/principal.css?v=38
- http://internetbanking.caixa.gov.br/statics-components/js/componentes/loading/loading.css?v=38 HTTP 302
- https://internetbanking.caixa.gov.br/statics-components/js/componentes/loading/loading.css?v=38
- http://internetbanking.caixa.gov.br/statics-portal/conteudo_login/PRODUCAO_INTER/17112020_100934_img.jpg HTTP 302
- https://internetbanking.caixa.gov.br/statics-portal/conteudo_login/PRODUCAO_INTER/17112020_100934_img.jpg
18 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
bemvindoportal.php
206.189.200.99/ |
1 KB 944 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
portallogin.html
206.189.200.99/ Frame EBBD |
77 KB 20 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.css
internetbanking.caixa.gov.br/statics-core/bootstrap/css/ Frame EBBD Redirect Chain
|
136 B 322 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login.css
internetbanking.caixa.gov.br/statics-core/css/ Frame EBBD Redirect Chain
|
154 B 340 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
principal.css
internetbanking.caixa.gov.br/statics-core/css/ Frame EBBD Redirect Chain
|
352 B 539 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loading.css
internetbanking.caixa.gov.br/statics-components/js/componentes/loading/ Frame EBBD Redirect Chain
|
594 B 781 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.js
206.189.200.99/statics-core/js/lib/ Frame EBBD |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
internetbanking.caixa.gov.br/statics-core/css/ Frame EBBD |
67 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
print.css
internetbanking.caixa.gov.br/statics-core/css/ Frame EBBD |
12 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
principal_desktop.css
internetbanking.caixa.gov.br/statics-core/css/ Frame EBBD |
62 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
datalist.css
internetbanking.caixa.gov.br/statics-core/css/ Frame EBBD |
2 KB 981 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login_desktop.css
internetbanking.caixa.gov.br/statics-core/css/ Frame EBBD |
8 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap_desktop.css
internetbanking.caixa.gov.br/statics-core/bootstrap/css/ Frame EBBD |
141 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sprites.png
internetbanking.caixa.gov.br/statics-core/img/ Frame EBBD |
80 KB 80 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
17112020_100934_img.jpg
internetbanking.caixa.gov.br/statics-portal/conteudo_login/PRODUCAO_INTER/ Frame EBBD Redirect Chain
|
43 KB 43 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.js
206.189.200.99/statics-core/js/lib/ Frame EBBD |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
ACCELERATION.mp3
dghlnijganhlceoeehiahcjaokidbadp/sons/ Frame EBBD |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
BRAKE.mp3
dghlnijganhlceoeehiahcjaokidbadp/sons/ Frame EBBD |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- dghlnijganhlceoeehiahcjaokidbadp
- URL
- chrome-extension://dghlnijganhlceoeehiahcjaokidbadp/sons/ACCELERATION.mp3
- Domain
- dghlnijganhlceoeehiahcjaokidbadp
- URL
- chrome-extension://dghlnijganhlceoeehiahcjaokidbadp/sons/BRAKE.mp3
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Caixa (Government)8 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
206.189.200.99/ | Name: PHPSESSID Value: jct1ho8nha72gr5ek6foraare3 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
dghlnijganhlceoeehiahcjaokidbadp
internetbanking.caixa.gov.br
dghlnijganhlceoeehiahcjaokidbadp
206.189.200.99
95.100.200.80
13dc88ddf97c546c10cbe491e3b3c0be872c5bfa3b059eb25c31b40a7090bef7
383e2a9097be8b34bdded86a173076d1333e679511f0b3ac7c20c95ce7795187
5edc6e8bd56e97283b90f1af114f96f14ca0c5c7ac5ea792e749642389c0018b
8eede361637e3b42a616c308b76c5e7631496d42fbe280fd57077581ac5371a4
8f587cb8a75399b59f0613d30c9177e087672839d6e4b1b98383f14b6b3ce204
a3edfbdb0f7aab25f420d56d2d41bc388463cd70c9f0dadcb067aaf02264248a
b07f3473f3a889798a93b7b02c3b9399d4814e82765b988aa54edb93f4d5f2c5
b57dbe6ece1f6eb21f54618a746d0063d8db30136b5c94fb63eb29e4429e4474
bc9a46579160c853e68e60398e41d1a7edacfac7f41068c35ea49503e540d0d1
bf6f766f9e8a08d7ffe39c9fb2993aa7804d82157baef6e208c6f1bc25ebad0a
c3892915c37eb021a8fe755d9ce38777b98c6c7bd9c1e090f824a485cadfe460
d026720c5d15c2acb8ff812e8fa71dea1c4a6400a717a1b41365074bb4ab844f
d5397da43bad40d1b17a76208a614a6b503a814bc38b8cab5ab99594bb055123
e746c6c794e5e5fd6a63b81b941dc6a11a80df25354592c502c163ceb705baeb