monteroraimafm.com.br
Open in
urlscan Pro
69.162.109.242
Malicious Activity!
Public Scan
Effective URL: http://monteroraimafm.com.br//bnz/
Submission: On September 23 via automatic, source openphish
Summary
This is the only time monteroraimafm.com.br was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: BNZ Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 124.81.121.32 124.81.121.32 | 4795 (INDOSATM2...) (INDOSATM2-ID INDOSATM2 ASN) | |
4 | 69.162.109.242 69.162.109.242 | 46475 (LIMESTONE...) (LIMESTONENETWORKS - Limestone Networks) | |
5 | 2 |
ASN46475 (LIMESTONENETWORKS - Limestone Networks, Inc., US)
PTR: 242-109-162-69.static.reverse.lstn.net
monteroraimafm.com.br |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
monteroraimafm.com.br
monteroraimafm.com.br |
42 KB |
1 |
maranatha.edu
art.maranatha.edu |
377 B |
5 | 2 |
Domain | Requested by | |
---|---|---|
4 | monteroraimafm.com.br |
art.maranatha.edu
monteroraimafm.com.br |
1 | art.maranatha.edu | |
5 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://monteroraimafm.com.br//bnz/
Frame ID: 87DB1DD9AC3ABAA4F6281B1147516A35
Requests: 5 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- http://art.maranatha.edu/wp-content/bnzer/bnz.html Page URL
- http://monteroraimafm.com.br//bnz/ Page URL
Detected technologies
Nginx (Web Servers) ExpandDetected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Pure CSS (Web Frameworks) Expand
Detected patterns
- html /<link[^>]+(?:([\d.])+\/)?pure(?:-min)?\.css/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://art.maranatha.edu/wp-content/bnzer/bnz.html Page URL
- http://monteroraimafm.com.br//bnz/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
5 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
bnz.html
art.maranatha.edu/wp-content/bnzer/ |
85 B 377 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
/
monteroraimafm.com.br//bnz/ |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pure-min.css
monteroraimafm.com.br//bnz/ |
17 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1.PNG
monteroraimafm.com.br//bnz/images/ |
35 KB 35 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
22.PNG
monteroraimafm.com.br//bnz/images/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: BNZ Bank (Banking)1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| unhideBody0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
art.maranatha.edu
monteroraimafm.com.br
124.81.121.32
69.162.109.242
255d6dfae2b0ab59f97774b8fe2a2c037e8550571af5299150cf8175ed71bac9
3af02c7891106046be6ad35e0bfe4d0bfdf7361181fad11bfdf6b83421cdbeb0
559798c0b4ee89c98d3dee8ee6922080a8d1aa2350edf6d93a544b78e459964f
788e569d5ef069bbc3366e4dfcf779db292effdbc88d9e3842131ae0e8e4fae0
c9ce6af8a0f3ebbb4bc812c7193dee54f4f364dc4c1176c78860d2a4c74a4c4d