portaldecompras.supercanal.com.br
Open in
urlscan Pro
159.89.232.240
Malicious Activity!
Public Scan
Effective URL: https://portaldecompras.supercanal.com.br/modules/sekeywords/translations/jss/aramex/billing.php
Submission: On February 17 via manual from CA — Scanned from CA
Summary
TLS certificate: Issued by R3 on January 22nd 2023. Valid for: 3 months.
This is the only time portaldecompras.supercanal.com.br was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Aramex (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 45.126.58.78 45.126.58.78 | 132647 (IDNIC-PAN...) (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia) | |
3 24 | 159.89.232.240 159.89.232.240 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
2 | 2607:f8b0:400... 2607:f8b0:4006:80a::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2607:f8b0:400... 2607:f8b0:4006:80c::2008 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2600:141b:500... 2600:141b:5000:481::f09 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 2607:f8b0:400... 2607:f8b0:4006:80c::2003 | 15169 (GOOGLE) (GOOGLE) | |
28 | 6 |
ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID)
s.id |
ASN14061 (DIGITALOCEAN-ASN, US)
PTR: apps.scit-snp
portaldecompras.supercanal.com.br |
ASN20940 (AKAMAI-ASN1, NL)
consentcdn.cookiebot.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
24 |
supercanal.com.br
3 redirects
portaldecompras.supercanal.com.br |
885 KB |
2 |
cookiebot.com
consentcdn.cookiebot.com — Cisco Umbrella Rank: 4688 |
756 B |
2 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 43 |
2 KB |
1 |
gstatic.com
fonts.gstatic.com |
44 KB |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 50 |
80 KB |
1 |
s.id
1 redirects
s.id — Cisco Umbrella Rank: 166654 |
171 B |
28 | 6 |
Domain | Requested by | |
---|---|---|
24 | portaldecompras.supercanal.com.br |
3 redirects
portaldecompras.supercanal.com.br
|
2 | consentcdn.cookiebot.com |
portaldecompras.supercanal.com.br
|
2 | fonts.googleapis.com |
portaldecompras.supercanal.com.br
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | www.googletagmanager.com |
portaldecompras.supercanal.com.br
|
1 | s.id | 1 redirects |
28 | 6 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.aramex.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
portaldecompras.supercanal.com.br R3 |
2023-01-22 - 2023-04-22 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-02-01 - 2023-04-26 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-02-01 - 2023-04-26 |
3 months | crt.sh |
*.cookiebot.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-06-15 - 2023-06-17 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-02-01 - 2023-04-26 |
3 months | crt.sh |
This page contains 4 frames:
Primary Page:
https://portaldecompras.supercanal.com.br/modules/sekeywords/translations/jss/aramex/billing.php
Frame ID: A65D0D4D02216A609E8CF7CAA24A7576
Requests: 27 HTTP requests in this frame
Frame:
https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Frame ID: BB349BFDF29E6EF15A10CE9765BC9749
Requests: 1 HTTP requests in this frame
Frame:
https://portaldecompras.supercanal.com.br/modules/sekeywords/translations/jss/aramex/css/bc-v4.htm
Frame ID: 0C047493F0C095F291496EC795DFCE25
Requests: 1 HTTP requests in this frame
Frame:
https://portaldecompras.supercanal.com.br/modules/sekeywords/translations/jss/aramex/css/bc-v4.htm
Frame ID: 47475E3BF0EE363A473506D64F430EFC
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Sign UpPage URL History Show full URLs
-
https://s.id/1zLh5
HTTP 302
https://portaldecompras.supercanal.com.br/modules/sekeywords/translations/jss/ HTTP 302
https://portaldecompras.supercanal.com.br/modules/sekeywords/translations/jss/aramex HTTP 301
https://portaldecompras.supercanal.com.br/modules/sekeywords/translations/jss/aramex/ HTTP 302
https://portaldecompras.supercanal.com.br/modules/sekeywords/translations/jss/aramex/billing.php Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
AngularJS (JavaScript Frameworks) Expand
Detected patterns
- \bangular.{0,32}\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/ns\.html[^>]+></iframe>
- googletagmanager\.com/gtm\.js
Page Statistics
9 Outgoing links
These are links going to different origins than the main page.
Title: Track Shipments
Search URL Search Domain Scan URL
Title: Track Pickup Requests
Search URL Search Domain Scan URL
Title: Advanced Tracking
Search URL Search Domain Scan URL
Title: Notifications
Search URL Search Domain Scan URL
Title: Express Services
Search URL Search Domain Scan URL
Title: Freight Services
Search URL Search Domain Scan URL
Title: Check Shipping Rates
Search URL Search Domain Scan URL
Title: Prepare Shipment
Search URL Search Domain Scan URL
Title: Schedule Pickup
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://s.id/1zLh5
HTTP 302
https://portaldecompras.supercanal.com.br/modules/sekeywords/translations/jss/ HTTP 302
https://portaldecompras.supercanal.com.br/modules/sekeywords/translations/jss/aramex HTTP 301
https://portaldecompras.supercanal.com.br/modules/sekeywords/translations/jss/aramex/ HTTP 302
https://portaldecompras.supercanal.com.br/modules/sekeywords/translations/jss/aramex/billing.php Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
28 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
billing.php
portaldecompras.supercanal.com.br/modules/sekeywords/translations/jss/aramex/ Redirect Chain
|
541 KB 66 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
WebResource.css
portaldecompras.supercanal.com.br/modules/sekeywords/translations/jss/aramex/css/ |
2 KB 820 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cc.js
portaldecompras.supercanal.com.br/modules/sekeywords/translations/jss/aramex/css/ |
370 B 629 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
configuration.js
portaldecompras.supercanal.com.br/modules/sekeywords/translations/jss/aramex/css/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gtm.js
portaldecompras.supercanal.com.br/modules/sekeywords/translations/jss/aramex/css/ |
212 KB 71 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
uc.js
portaldecompras.supercanal.com.br/modules/sekeywords/translations/jss/aramex/css/ |
96 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
project.css
portaldecompras.supercanal.com.br/modules/sekeywords/translations/jss/aramex/css/ |
687 KB 183 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Common.htm
portaldecompras.supercanal.com.br/modules/sekeywords/translations/jss/aramex/css/ |
6 KB 3 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vendors.js
portaldecompras.supercanal.com.br/modules/sekeywords/translations/jss/aramex/css/ |
307 KB 98 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.js
portaldecompras.supercanal.com.br/modules/sekeywords/translations/jss/aramex/css/ |
717 KB 136 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
angular.js
portaldecompras.supercanal.com.br/modules/sekeywords/translations/jss/aramex/css/ |
209 KB 73 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
angular-locale_en.js
portaldecompras.supercanal.com.br/modules/sekeywords/translations/jss/aramex/css/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
amxApp.js
portaldecompras.supercanal.com.br/modules/sekeywords/translations/jss/aramex/css/ |
232 KB 41 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
aramex-logo.svg
portaldecompras.supercanal.com.br/modules/sekeywords/translations/jss/aramex/css/ |
7 KB 7 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
3 KB 740 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
235 KB 80 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
configuration.js
consentcdn.cookiebot.com/consentconfig/fcb5d3ae-6d51-48f7-8c16-49ce8103dc8a/portaldecompras.supercanal.com.br/ |
0 0 |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cc.js
portaldecompras.supercanal.com.br/fcb5d3ae-6d51-48f7-8c16-49ce8103dc8a/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
26 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ |
44 KB 44 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
37 KB 37 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bc-v4.min.html
consentcdn.cookiebot.com/sdk/ Frame BB34 |
627 B 756 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
23 KB 23 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
bc-v4.htm
portaldecompras.supercanal.com.br/modules/sekeywords/translations/jss/aramex/css/ Frame 0C04 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bc-v4.htm
portaldecompras.supercanal.com.br/modules/sekeywords/translations/jss/aramex/css/ Frame 4747 |
718 B 820 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Common.htm
portaldecompras.supercanal.com.br/modules/sekeywords/translations/jss/aramex/css/ |
6 KB 3 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
angular.js
portaldecompras.supercanal.com.br/modules/sekeywords/translations/jss/aramex/css/ |
209 KB 73 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
angular-locale_en.js
portaldecompras.supercanal.com.br/modules/sekeywords/translations/jss/aramex/css/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
amxApp.js
portaldecompras.supercanal.com.br/modules/sekeywords/translations/jss/aramex/css/ |
232 KB 41 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
portaldecompras.supercanal.com.br/sign-up/GetAntiforgery/ |
61 KB 62 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- portaldecompras.supercanal.com.br
- URL
- https://portaldecompras.supercanal.com.br/modules/sekeywords/translations/jss/aramex/css/bc-v4.htm
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Aramex (Transportation)64 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 boolean| credentialless object| oncontentvisibilityautostatechange object| promotionsOnScroll object| dataLayer object| CookieControl function| __uspapi function| addUspapiLocatorFrame function| __handleUspapiMessage function| propagateIABStub object| Cookiebot object| CookieConsent string| cookiedomainwarning function| outdatedBrowser object| html5 object| Modernizr function| picturefill function| Hammer function| $ function| jQuery object| validator function| SearchIndex function| Bloodhound function| Pikaday function| $clamp function| iFrameResize function| loadFrame object| Common function| SetValueinTimeInterval function| BeginTimeValidation function| DoLogin function| checkStrength function| getShortName object| _global function| bom function| download function| corsEnabled function| click function| saveAs object| Aramex function| pushRecord function| pushPromotion object| activeRange function| LocationSelector function| AddressLookup object| intlTelInputUtils number| CB_jQueryHoldReadyStarted object| google_tag_manager object| google_tag_data string| sf_appPath object| angular function| _typeof object| app function| addLoadEvent object| defaultOpts string| bkgColor string| txtColor string| cssProp string| languagePath number| CB_OnTagsExecuted_Processed function| addEventListenerBase2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
portaldecompras.supercanal.com.br/ | Name: PHPSESSID Value: kfnmbhgdd7up3urbde6hjvd2h0 |
|
.portaldecompras.supercanal.com.br/ | Name: PrestaShop-f8207759e1772609741e14a47839704f Value: WUaYq2RICwvi7jnIxdH7nIYEYuZRKJnfh4Kul7gnzWdeXfaP5SZH0aBRlooNR%2Fvkw0IYWCvdZqiV8LUPhl0wHmUnulej9tW30VT7G%2FLALoZmqTG64cWHgZayhB30HRgfg5l0VhKyCUbhFm9%2BxHZu3L%2Fw37mAsJ0ZDdg%2FheYLadY%3D000115 |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
consentcdn.cookiebot.com
fonts.googleapis.com
fonts.gstatic.com
portaldecompras.supercanal.com.br
s.id
www.googletagmanager.com
portaldecompras.supercanal.com.br
159.89.232.240
2600:141b:5000:481::f09
2607:f8b0:4006:80a::200a
2607:f8b0:4006:80c::2003
2607:f8b0:4006:80c::2008
45.126.58.78
0b25d2164330f32c5374868b17e0b6891384c114631baf0354e2725e9a416ef9
0e67b6d83c563ba0a91057c643fa0307ff4279c303d4c0004253953c2f231b04
12f2fa1ada10a55a67263e35d013cd90551406b8f011bb38b434039cb4716e07
19ee473644cfa7331d656e858258770cf793b7f7c997281049d5bcbfdbc489f7
225030487a83af9104e7643515b5b6b1ebf284f5f22e1aa4f0a948ab4a074f09
26237157a7481c1c836663f1a51f9542a60d3d3b844eb482a7ec658ae7433325
30a9c2bbe538132094bdd5f46d84a5666cf3371f444d710d8a909e11010adb15
3fb55eab0823f65e8b354aa2f6f869140d636db08a152ed1e7cad1bef5681df4
44c9ef161be741317ccac650d6676b03f2ef04d7607a0bc2b7a8aaa93a23e9f8
47a7dd0cada3c63b3d5981848b65973772a3f5ccc578d16ed90e3aa1b74056ab
71103b7fa6562265561a330e6572d73b71a16d2f42bb08a2a5146dfb605c66cd
738e5435f2d18427d291a0d6289eee0ebbc87b596d6003919f255760ac293104
739f9163d22610c132fd50176539bc522fa31c9c638e824c62a3ee56f1f80df0
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
957a0ec7c57ff147177213d797f6d7e8c54b210bf909b9f05988517539c026b1
98e59212ec0c2f92270ff602ad5aa709b8755a5da44c872ffa817474ec36ce34
9bfe5a086142e11cfd4f7310bfcffafb7001bfd62127e0538dcef069714d52cb
ae6ce402d2d2e6cc3f38b941e45cc786ae92f4f12810daf280edb3bca1e7237e
b8c1ae7622b9fc745c9d9e680eef2d826393eaf8e0ed154b7075bb5d3ea488b2
d382d74b13356e9a0e9c5ac3354867fd37d4b0d690ff16f83503673bd199fa0f
d4b328602af9ee8b3a10bace3c1a2716eb10118f4f67ff0ab84507bea08ad6cd
e0447aa04943d0d047baf922ce6f286da4e50d62113aa19505f75705a9a46773
fae0b8f255ca326bdbbafdffae74342b6eac771ef68a71072ec1eacb70dcd39a