urlscan.io logo urlscan.io
SecurityTrails logo

clientebb.gq Open in urlscan Pro
149.56.229.60  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: http://clientebb.gq/inicio.html
Submission: On May 15 via api from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 10 HTTP transactions. The main IP is 149.56.229.60, located in Montréal, Canada and belongs to OVH, FR. The main domain is clientebb.gq.
This is the only time clientebb.gq was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Banco do Brasil (Banking)

Domain & IP information

IP Address AS Autonomous System
9 149.56.229.60 16276 (OVH)
1 216.58.208.42 15169 (GOOGLE)
10 2
Apex Domain
Subdomains		 Transfer
9 clientebb.gq
clientebb.gq
565 KB
1 googleapis.com
ajax.googleapis.com
30 KB
10 2
Domain Requested by
9 clientebb.gq clientebb.gq
1 ajax.googleapis.com clientebb.gq
10 2

This site contains links to these domains. Also see Links.

Domain
bbseguranca.com.br
Subject Issuer Validity Valid

This page contains 1 frames:

Primary Page: http://clientebb.gq/inicio.html
Frame ID: 55727975C881D620CC6A51BE74574C84
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i

Page Statistics

10
Requests

0 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

595 kB
Transfer

647 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request inicio.html
clientebb.gq/ 		13 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://clientebb.gq/inicio.html
Protocol
HTTP/1.1
Server
149.56.229.60 Montréal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cpanel1.hostmf.com.br
Software
Apache /
Resource Hash
34cb077a9a8741e0b1c7c9f3dd5fedbc94e15f66131c7b1f06a311a2e1609f7a

Request headers

Host
clientebb.gq
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
55727975C881D620CC6A51BE74574C84

Response headers

Date
Tue, 15 May 2018 00:00:20 GMT
Server
Apache
Last-Modified
Fri, 02 Feb 2018 15:38:06 GMT
Accept-Ranges
bytes
Content-Length
12960
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html
main.css
clientebb.gq/html/ 		90 KB
90 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://clientebb.gq/html/main.css
Requested by
Host: clientebb.gq
URL: http://clientebb.gq/inicio.html
Protocol
HTTP/1.1
Server
149.56.229.60 Montréal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cpanel1.hostmf.com.br
Software
Apache /
Resource Hash
8ad256beb64e63f1357986ee3de6708b8157707818530235dccb03163f872df3

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
clientebb.gq
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://clientebb.gq/inicio.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://clientebb.gq/inicio.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Tue, 15 May 2018 00:00:21 GMT
Last-Modified
Wed, 22 Nov 2017 16:47:20 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
92127
preloader.css
clientebb.gq/html/ 		651 B
892 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://clientebb.gq/html/preloader.css
Requested by
Host: clientebb.gq
URL: http://clientebb.gq/inicio.html
Protocol
HTTP/1.1
Server
149.56.229.60 Montréal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cpanel1.hostmf.com.br
Software
Apache /
Resource Hash
a43c7a1ea70a622ae52b4e45d34171948d273fd7c5d2070f6cc4275fa1f47991

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
clientebb.gq
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://clientebb.gq/inicio.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://clientebb.gq/inicio.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Tue, 15 May 2018 00:00:21 GMT
Last-Modified
Wed, 22 Nov 2017 16:47:20 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
651
home.png
clientebb.gq/html/ 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://clientebb.gq/html/home.png
Requested by
Host: clientebb.gq
URL: http://clientebb.gq/inicio.html
Protocol
HTTP/1.1
Server
149.56.229.60 Montréal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cpanel1.hostmf.com.br
Software
Apache /
Resource Hash
e6840968b8bf56786c5457497407561fdc171c87b16a4afb350a11827ec40129

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
clientebb.gq
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://clientebb.gq/inicio.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://clientebb.gq/inicio.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Tue, 15 May 2018 00:00:21 GMT
Last-Modified
Wed, 22 Nov 2017 16:47:28 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
75333
icons_home.png
clientebb.gq/html/ 		172 KB
173 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://clientebb.gq/html/icons_home.png
Requested by
Host: clientebb.gq
URL: http://clientebb.gq/inicio.html
Protocol
HTTP/1.1
Server
149.56.229.60 Montréal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cpanel1.hostmf.com.br
Software
Apache /
Resource Hash
4750e9792d75a6819f44b52d36d83818be8df5f57d31196ebf0ca0fad6154759

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
clientebb.gq
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://clientebb.gq/inicio.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://clientebb.gq/inicio.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Tue, 15 May 2018 00:00:21 GMT
Last-Modified
Wed, 22 Nov 2017 16:47:32 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
176508
phone.png
clientebb.gq/html/ 		132 KB
132 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://clientebb.gq/html/phone.png
Requested by
Host: clientebb.gq
URL: http://clientebb.gq/inicio.html
Protocol
HTTP/1.1
Server
149.56.229.60 Montréal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cpanel1.hostmf.com.br
Software
Apache /
Resource Hash
b87363359641691039fa1e3633e3615cdab4321b7d432fb3aca953295d18b5d6

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
clientebb.gq
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://clientebb.gq/inicio.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://clientebb.gq/inicio.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Tue, 15 May 2018 00:00:21 GMT
Last-Modified
Wed, 22 Nov 2017 16:47:36 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
134830
logo-bb.gif
clientebb.gq/html/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://clientebb.gq/html/logo-bb.gif
Requested by
Host: clientebb.gq
URL: http://clientebb.gq/inicio.html
Protocol
HTTP/1.1
Server
149.56.229.60 Montréal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cpanel1.hostmf.com.br
Software
Apache /
Resource Hash
f35e1b3823322b9be7e35c7b831176ce1e949921434c8428d1c2157cb3954fc0

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
clientebb.gq
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://clientebb.gq/inicio.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://clientebb.gq/inicio.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Tue, 15 May 2018 00:00:21 GMT
Last-Modified
Wed, 22 Nov 2017 16:47:20 GMT
Server
Apache
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
3590
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Requested by
Host: clientebb.gq
URL: http://clientebb.gq/inicio.html
Protocol
SPDY
Server
216.58.208.42 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s12-in-f42.1e100.net
Software
sffe /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://clientebb.gq/inicio.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2018 20:48:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8824288
status
200
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
30306
x-xss-protection
1; mode=block
last-modified
Fri, 24 Mar 2017 20:55:54 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Feb 2019 20:48:53 GMT
preloader.js
clientebb.gq/html/ 		114 B
368 B 		Script
General
Check archive.org
Download Go to
Full URL
http://clientebb.gq/html/preloader.js
Requested by
Host: clientebb.gq
URL: http://clientebb.gq/inicio.html
Protocol
HTTP/1.1
Server
149.56.229.60 Montréal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cpanel1.hostmf.com.br
Software
Apache /
Resource Hash
dd7e5532890e5ad7639d7773ef06adaad517ee12402edaf32824a295b649c77a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
clientebb.gq
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
*/*
Referer
http://clientebb.gq/inicio.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://clientebb.gq/inicio.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Tue, 15 May 2018 00:00:21 GMT
Last-Modified
Wed, 22 Nov 2017 16:47:10 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
114
bg.png
clientebb.gq/html/ 		78 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://clientebb.gq/html/bg.png
Requested by
Host: clientebb.gq
URL: http://clientebb.gq/inicio.html
Protocol
HTTP/1.1
Server
149.56.229.60 Montréal, Canada, ASN16276 (OVH, FR),
Reverse DNS
cpanel1.hostmf.com.br
Software
Apache /
Resource Hash
fa108d009804cc68e49ad4dcce278e0b750663d6316890df626f6d681ae4c3de

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
clientebb.gq
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://clientebb.gq/inicio.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://clientebb.gq/inicio.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Tue, 15 May 2018 00:00:21 GMT
Last-Modified
Wed, 22 Nov 2017 16:47:26 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
80073

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banco do Brasil (Banking)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| enviardados1 function| mascara function| pulacampo function| validar function| mascaracel function| $ function| jQuery

0 Cookies