physicalpilatesbh.com.br Open in urlscan Pro
142.44.226.32 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://physicalpilatesbh.com.br/waiting/Hinet.Html
Submission: On July 08 via manual (July 8th 2022, 11:13:23 am UTC) from TW — Scanned from CA

Summary HTTP 71 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 8 domains to perform 71 HTTP transactions. The main IP is 142.44.226.32, located in Canada and belongs to OVH, FR. The main domain is physicalpilatesbh.com.br.
TLS certificate: Issued by R3 on June 24th 2022. Valid for: 3 months.

This is the only time physicalpilatesbh.com.br was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Chunghwa Telecom (Telecommunication)

Domain & IP information

	IP Address	AS Autonomous System
47	142.44.226.32 142.44.226.32	16276 (OVH) (OVH)
1	2607:f8b0:400... 2607:f8b0:4006:816::2002	15169 (GOOGLE) (GOOGLE)
7	2607:f8b0:400... 2607:f8b0:4006:823::2002	15169 (GOOGLE) (GOOGLE)
1	142.251.40.130 142.251.40.130	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:806::2002	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:81d::2002	15169 (GOOGLE) (GOOGLE)
8	2607:f8b0:400... 2607:f8b0:4006:822::2001	15169 (GOOGLE) (GOOGLE)
1 1	2607:f8b0:400... 2607:f8b0:4006:809::2004	15169 (GOOGLE) (GOOGLE)
1	203.75.213.47 203.75.213.47	3462 (HINET Dat...) (HINET Data Communication Business Group)
71	9

47 142.44.226.32 (Canada)

ASN16276 (OVH, FR)
PTR: server.portal37.com.br

physicalpilatesbh.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:816::2002 (New York, United States)

ASN15169 (GOOGLE, US)

adservice.google.com.ng	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4006:823::2002 (New York, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.130 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:806::2002 (New York, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81d::2002 (New York, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:822::2001 (New York, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:809::2004 (New York, United States) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 203.75.213.47 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)

ssp.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
47	physicalpilatesbh.com.br physicalpilatesbh.com.br	336 KB
14	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 120 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	98 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 54	29 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 179	43 KB
2	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 92 www.google.com — Cisco Umbrella Rank: 8	848 B
1	hinet.net ssp.hinet.net — Cisco Umbrella Rank: 83907	232 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 867	657 B
1	google.com.ng adservice.google.com.ng — Cisco Umbrella Rank: 89658	792 B
71	8

	Domain	Requested by
47	physicalpilatesbh.com.br	physicalpilatesbh.com.br
8	tpc.googlesyndication.com	googleads.g.doubleclick.net physicalpilatesbh.com.br tpc.googlesyndication.com
6	pagead2.googlesyndication.com	physicalpilatesbh.com.br googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
4	googleads.g.doubleclick.net	physicalpilatesbh.com.br googleads.g.doubleclick.net
2	www.googletagservices.com	physicalpilatesbh.com.br googleads.g.doubleclick.net
1	ssp.hinet.net	physicalpilatesbh.com.br
1	www.google.com	1 redirects
1	partner.googleadservices.com	physicalpilatesbh.com.br
1	adservice.google.com	physicalpilatesbh.com.br
1	adservice.google.com.ng	physicalpilatesbh.com.br
71	10

This site contains links to these domains. Also see Links.

Domain
webmail.hinet.net
lib.webmail.hinet.net
www.umail.hinet.net
w3.hibox.hinet.net
www.himail.hinet.net

Subject Issuer	Validity	Valid
physicalpilatesbh.com.br R3	`2022-06-24` - `2022-09-22`	3 months	crt.sh
*.google.com.ng GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
*.ssp.hinet.net	`2021-10-12` - `2022-10-12`	a year	crt.sh

This page contains 12 frames:

Primary Page: https://physicalpilatesbh.com.br/waiting/Hinet.Html
Frame ID: 88CB864ACD3554C2126C13224B875F30
Requests: 22 HTTP requests in this frame

Frame: https://physicalpilatesbh.com.br/waiting/files/top.html
Frame ID: 598F7D10B2024F69D19C2741EBB46D45
Requests: 5 HTTP requests in this frame

Frame: https://physicalpilatesbh.com.br/waiting/files/request.html
Frame ID: 43528192E7EF14407F9880A059A2A6F6
Requests: 2 HTTP requests in this frame

Frame: https://physicalpilatesbh.com.br/waiting/files/saved_resource.html
Frame ID: 3F315AB2420A74463A0F1FA7D36186B7
Requests: 22 HTTP requests in this frame

Frame: https://physicalpilatesbh.com.br/waiting/files/notify.html
Frame ID: 7E7AE3A6E442AE2BF029D33FDE035B17
Requests: 1 HTTP requests in this frame

Frame: https://physicalpilatesbh.com.br/waiting/files/bottom.html
Frame ID: 759C1B83E59BA60CFECA2580F3A7EF62
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200608/r20190131/zrt_lookup.html
Frame ID: 740DE51876A90449715852E1A20A3B4B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4338256439626145&output=html&h=520&slotname=7312952527304936&adk=229428299&adf=1273191373&w=660&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fphysicalpilatesbh.com.br%2Fwaiting%2FHinet.Html&ea=0&flash=0&wgl=1&dt=1657278799105&bpp=21&bdt=163&idt=21&shv=r20200608&cbv=r20190131&ptt=5&saldr=sa&correlator=1793871462034&frm=23&ife=1&pv=2&ga_vid=1774554324.1657278799&ga_sid=1657278799&ga_hid=1246767847&ga_fc=0&iag=3&icsg=2358975&nhd=1&dssz=13&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=130&ady=100&biw=1600&bih=1200&isw=660&ish=520&ifk=3228783812&scr_x=0&scr_y=0&eid=42530474%2C42530476&oid=3&pvsid=759775089276328&pem=443&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C660%2C520&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8212&bc=31&ifi=1&uci=1.fbc3ipb3ppxo&fsb=1&dtd=36
Frame ID: EC2B3AFF245496FDE6112E047223B127
Requests: 9 HTTP requests in this frame

Frame: https://physicalpilatesbh.com.br/waiting/files/zrt_lookup.html
Frame ID: 93F74F0B33844C324CFBA55AB5FDD7FE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 86A061CB4A8E37D1B328A1FE83EAC649
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/PBLy2ghsJAjz8SVbRXt3mPeTz3f3ksFMZv27m_PD6qM.js
Frame ID: 6FB8D56C56DFA0949E65EE61927DD4B1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BE98E86D0F2DB4E73779BB41CFE42132
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

HiNet 網頁郵件服務

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui[.-]([\d.]*\d)[^/]*\.js
jquery-ui.*\.js

Page Statistics

71
Requests

100 %
HTTPS

67 %
IPv6

8
Domains

10
Subdomains

9
IPs

3
Countries

509 kB
Transfer

1470 kB
Size

4
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://webmail.hinet.net/index_en.html
Title: English

Search URL Search Domain Scan URL

URL: https://webmail.hinet.net/#tab1
Title: 個人信箱

Search URL Search Domain Scan URL

URL: https://webmail.hinet.net/#tab2
Title: hiMail

Search URL Search Domain Scan URL

URL: https://lib.webmail.hinet.net/statement/M-help-1.htm
Title: 常見問題

Search URL Search Domain Scan URL

URL: https://www.umail.hinet.net/
Title: UMail

Search URL Search Domain Scan URL

URL: https://w3.hibox.hinet.net/
Title: hiBox全能信箱

Search URL Search Domain Scan URL

URL: https://lib.webmail.hinet.net/statement/F-account-1.htm
Title: 《帳號申請》

Search URL Search Domain Scan URL

URL: https://lib.webmail.hinet.net/statement/manual_v20200330.pdf
Title: 《使用手冊》

Search URL Search Domain Scan URL

URL: https://lib.webmail.hinet.net/statement/F-login-5.htm
Title: 《忘記密碼》

Search URL Search Domain Scan URL

URL: https://lib.webmail.hinet.net/statement/login_info.htm
Title: 《登入說明》

Search URL Search Domain Scan URL

URL: https://lib.webmail.hinet.net/statement/notify.htm
Title: 《系統公告》

Search URL Search Domain Scan URL

URL: https://lib.webmail.hinet.net/statement/termsvs.htm
Title: 《使用規則》

Search URL Search Domain Scan URL

URL: https://www.himail.hinet.net/
Title: 此處。

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

71 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request Hinet.Html Show response
physicalpilatesbh.com.br/waiting/ 20 KB
4 KB 331ms
11ms Document
text/html 142.44.226.32
OVH

General

Domain/Path	Expires	Name / Value
physicalpilatesbh.com.br/	1970-01-20 21:52:30	Name: adid Value: d77ed416-6fb1-381e-f6b8-e719684b8f09
.physicalpilatesbh.com.br/	1970-01-20 13:42:54	Name: __gads Value: ID=80abca128d2a78f6-22c17c9378d3005e:T=1657278799:RT=1657278799:S=ALNI_MYhLeRyB-7vh7lE2deVJN6lN-ZAiw
.doubleclick.net/	1970-01-20 04:21:22	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 21:52:30	Name: IDE Value: AHWqTUncUlbiPf2w3qA-2PXRd5s8pkd1evEKQZPQBQKVRsQWMTbs4AYi2twzNqPk

Source	Level	URL Text
network	error	URL: https://pagead2.googlesyndication.com/pagead/js/r20200608/r20190131/show_ads_impl_fy2019.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://physicalpilatesbh.com.br/waiting/fonts/glyphicons-halflings-regular.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://physicalpilatesbh.com.br/waiting/fonts/glyphicons-halflings-regular.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://physicalpilatesbh.com.br/waiting/fonts/glyphicons-halflings-regular.ttf Message: Failed to load resource: the server responded with a status of 404 ()

physicalpilatesbh.com.br Open in urlscan Pro 142.44.226.32 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

71 Requests

100 %HTTPS

67 %IPv6

8 Domains

10 Subdomains

9 IPs

3 Countries

509 kBTransfer

1470 kBSize

4 Cookies

13 Outgoing links

Redirected requests

71 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

physicalpilatesbh.com.br Open in urlscan Pro
142.44.226.32 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

71
Requests

100 %
HTTPS

67 %
IPv6

8
Domains

10
Subdomains

9
IPs

3
Countries

509 kB
Transfer

1470 kB
Size

4
Cookies

71 HTTP transactions
1 data transactions