maisofertasnovalu.com

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 7 HTTP transactions. The main IP is 177.53.142.90, located in Brazil and belongs to Brasil Site Informatica LTDA, BR. The main domain is maisofertasnovalu.com.

This is the only time maisofertasnovalu.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Santander (Banking)

Domain & IP information

	IP Address		AS Autonomous System
7	177.53.142.90 177.53.142.90		53243 (Brasil Si...) (Brasil Site Informatica LTDA)
7	1

7 177.53.142.90 (Brazil)

ASN53243 (Brasil Site Informatica LTDA, BR)
PTR: shared-host-cen-qua-dois-noventa.viabrs.com.br

maisofertasnovalu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	maisofertasnovalu.com maisofertasnovalu.com	313 KB
7	1

	Domain	Requested by
7	maisofertasnovalu.com	maisofertasnovalu.com
7	1

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://maisofertasnovalu.com/sites/compras/santa/
Frame ID: CD483666DB19C5D91149DC0B8479AB94
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^jQuery$/i

Page Statistics

7
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

313 kB
Transfer

312 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response maisofertasnovalu.com/sites/compras/santa/	3 KB 3 KB	715ms 270ms	Document text/html	177.53.142.90 Brasil Site Infor...
General Check archive.org Show headers Download Go to Full URL http://maisofertasnovalu.com/sites/compras/santa/ Protocol HTTP/1.1 Server 177.53.142.90 , Brazil, ASN53243 (Brasil Site Informatica LTDA, BR), Reverse DNS shared-host-cen-qua-dois-noventa.viabrs.com.br Software Apache / Resource Hash `450e4fb7efd611ed57390a510ff95c2dcb8ca14f1854bdbe58e61d267913b5e4` Request headers Host maisofertasnovalu.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 07 Nov 2018 00:17:09 GMT Server Apache Connection close Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	tiopatas.css maisofertasnovalu.com/sites/compras/santa/css/	95 KB 95 KB	220ms 219ms	Stylesheet text/css	177.53.142.90 Brasil Site Infor...
General Check archive.org Show headers Download Go to Full URL http://maisofertasnovalu.com/sites/compras/santa/css/tiopatas.css Requested by Host: maisofertasnovalu.com URL: http://maisofertasnovalu.com/sites/compras/santa/ Protocol HTTP/1.1 Server 177.53.142.90 , Brazil, ASN53243 (Brasil Site Informatica LTDA, BR), Reverse DNS shared-host-cen-qua-dois-noventa.viabrs.com.br Software Apache / Resource Hash `510cfce3185b58505dd3115aa612d28a4336d5160ecdfe8f6edd10788026b18c` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host maisofertasnovalu.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/css,/;q=0.1 Referer http://maisofertasnovalu.com/sites/compras/santa/ Connection keep-alive Cache-Control no-cache Referer http://maisofertasnovalu.com/sites/compras/santa/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 07 Nov 2018 00:17:09 GMT Last-Modified Wed, 19 Jul 2017 03:02:22 GMT Server Apache Connection close Accept-Ranges bytes Content-Length 97089 Content-Type text/css
GET H/1.1	200 OK	tom-e-jerry.js Show response maisofertasnovalu.com/sites/compras/santa/css/	94 KB 94 KB	660ms 216ms	Script application/javascript	177.53.142.90 Brasil Site Infor...
General Check archive.org Show headers Download Go to Full URL http://maisofertasnovalu.com/sites/compras/santa/css/tom-e-jerry.js Requested by Host: maisofertasnovalu.com URL: http://maisofertasnovalu.com/sites/compras/santa/ Protocol HTTP/1.1 Server 177.53.142.90 , Brazil, ASN53243 (Brasil Site Informatica LTDA, BR), Reverse DNS shared-host-cen-qua-dois-noventa.viabrs.com.br Software Apache / Resource Hash `87981e8062814ca279922ee55276ad14bbdc29649f98e34b2d83c3afb5052a51` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host maisofertasnovalu.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept / Referer http://maisofertasnovalu.com/sites/compras/santa/ Connection keep-alive Cache-Control no-cache Referer http://maisofertasnovalu.com/sites/compras/santa/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 07 Nov 2018 00:17:09 GMT Last-Modified Wed, 19 Jul 2017 03:01:48 GMT Server Apache Connection close Accept-Ranges bytes Content-Length 95788 Content-Type application/javascript
GET H/1.1	200 OK	patolino.js Show response maisofertasnovalu.com/sites/compras/santa/css/	27 KB 27 KB	667ms 220ms	Script application/javascript	177.53.142.90 Brasil Site Infor...
General Check archive.org Show headers Download Go to Full URL http://maisofertasnovalu.com/sites/compras/santa/css/patolino.js Requested by Host: maisofertasnovalu.com URL: http://maisofertasnovalu.com/sites/compras/santa/ Protocol HTTP/1.1 Server 177.53.142.90 , Brazil, ASN53243 (Brasil Site Informatica LTDA, BR), Reverse DNS shared-host-cen-qua-dois-noventa.viabrs.com.br Software Apache / Resource Hash `8b08618a3fdefce17aa6cb87a64d54bd8090dc9cfdedccf54251b4978c9636bc` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host maisofertasnovalu.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept / Referer http://maisofertasnovalu.com/sites/compras/santa/ Connection keep-alive Cache-Control no-cache Referer http://maisofertasnovalu.com/sites/compras/santa/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 07 Nov 2018 00:17:09 GMT Last-Modified Wed, 19 Jul 2017 03:01:22 GMT Server Apache Connection close Accept-Ranges bytes Content-Length 27731 Content-Type application/javascript
GET H/1.1	200 OK	logo.png maisofertasnovalu.com/sites/compras/santa/img/	11 KB 11 KB	667ms 220ms	Image image/png	177.53.142.90 Brasil Site Infor...
General Check archive.org Show headers Download Go to Show image Full URL http://maisofertasnovalu.com/sites/compras/santa/img/logo.png Requested by Host: maisofertasnovalu.com URL: http://maisofertasnovalu.com/sites/compras/santa/ Protocol HTTP/1.1 Server 177.53.142.90 , Brazil, ASN53243 (Brasil Site Informatica LTDA, BR), Reverse DNS shared-host-cen-qua-dois-noventa.viabrs.com.br Software Apache / Resource Hash `0ee3912c24e2447483e0d8c248ef3ae0d144dc180a7fc2bdcdd56f35bd96671f` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host maisofertasnovalu.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://maisofertasnovalu.com/sites/compras/santa/ Connection keep-alive Cache-Control no-cache Referer http://maisofertasnovalu.com/sites/compras/santa/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 07 Nov 2018 00:17:09 GMT Last-Modified Wed, 19 Jul 2017 03:00:22 GMT Server Apache Connection close Accept-Ranges bytes Content-Length 11233 Content-Type image/png
GET H/1.1	200 OK	tabw.png maisofertasnovalu.com/sites/compras/santa/img/	80 KB 80 KB	668ms 221ms	Image image/png	177.53.142.90 Brasil Site Infor...
General Check archive.org Show headers Download Go to Show image Full URL http://maisofertasnovalu.com/sites/compras/santa/img/tabw.png Requested by Host: maisofertasnovalu.com URL: http://maisofertasnovalu.com/sites/compras/santa/ Protocol HTTP/1.1 Server 177.53.142.90 , Brazil, ASN53243 (Brasil Site Informatica LTDA, BR), Reverse DNS shared-host-cen-qua-dois-noventa.viabrs.com.br Software Apache / Resource Hash `8125f38995ea43365a7b93a1638cc77c4443a14e1282fd29cb232e36c86adbf2` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host maisofertasnovalu.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://maisofertasnovalu.com/sites/compras/santa/ Connection keep-alive Cache-Control no-cache Referer http://maisofertasnovalu.com/sites/compras/santa/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 07 Nov 2018 00:17:09 GMT Last-Modified Wed, 19 Jul 2017 03:00:10 GMT Server Apache Connection close Accept-Ranges bytes Content-Length 81555 Content-Type image/png
GET H/1.1	200 OK	one.png maisofertasnovalu.com/sites/compras/santa/img/	3 KB 3 KB	450ms 219ms	Image image/png	177.53.142.90 Brasil Site Infor...
General Check archive.org Show headers Download Go to Show image Full URL http://maisofertasnovalu.com/sites/compras/santa/img/one.png Requested by Host: maisofertasnovalu.com URL: http://maisofertasnovalu.com/sites/compras/santa/ Protocol HTTP/1.1 Server 177.53.142.90 , Brazil, ASN53243 (Brasil Site Informatica LTDA, BR), Reverse DNS shared-host-cen-qua-dois-noventa.viabrs.com.br Software Apache / Resource Hash `981b1cd9553ac126be664648169f9cb6ebaf4df35fd1f695614a4222e25e479b` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host maisofertasnovalu.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://maisofertasnovalu.com/sites/compras/santa/ Connection keep-alive Cache-Control no-cache Referer http://maisofertasnovalu.com/sites/compras/santa/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 07 Nov 2018 00:17:10 GMT Last-Modified Wed, 19 Jul 2017 03:00:16 GMT Server Apache Connection close Accept-Ranges bytes Content-Length 2931 Content-Type image/png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Santander (Banking)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| jQuery111105409989852573174

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

maisofertasnovalu.com
177.53.142.90
0ee3912c24e2447483e0d8c248ef3ae0d144dc180a7fc2bdcdd56f35bd96671f
450e4fb7efd611ed57390a510ff95c2dcb8ca14f1854bdbe58e61d267913b5e4
510cfce3185b58505dd3115aa612d28a4336d5160ecdfe8f6edd10788026b18c
8125f38995ea43365a7b93a1638cc77c4443a14e1282fd29cb232e36c86adbf2
87981e8062814ca279922ee55276ad14bbdc29649f98e34b2d83c3afb5052a51
8b08618a3fdefce17aa6cb87a64d54bd8090dc9cfdedccf54251b4978c9636bc
981b1cd9553ac126be664648169f9cb6ebaf4df35fd1f695614a4222e25e479b

maisofertasnovalu.com Open in urlscan Pro 177.53.142.90 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

7 Requests

0 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

313 kBTransfer

312 kBSize

0 Cookies

0 Outgoing links

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

3 JavaScript Global Variables

0 Cookies

Indicators

maisofertasnovalu.com Open in urlscan Pro
177.53.142.90 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

313 kB
Transfer

312 kB
Size

0
Cookies

7 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!