nova.atualizacaowebsegura.ga
Open in
urlscan Pro
194.113.104.181
Malicious Activity!
Public Scan
Submission Tags: 6784310
Submission: On September 26 via api from NL
Summary
This is the only time nova.atualizacaowebsegura.ga was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Caixa (Government)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 10 | 194.113.104.181 194.113.104.181 | 59504 (Hosting v...) (Hosting vpsville.ru) | |
1 | 2001:4de0:ac1... 2001:4de0:ac19::1:b:2a | 20446 (HIGHWINDS3) (HIGHWINDS3) | |
1 | 2a00:1450:400... 2a00:1450:4001:821::200a | 15169 (GOOGLE) (GOOGLE) | |
11 | 3 |
ASN59504 (Hosting vpsville.ru, RU)
PTR: vps109020.vpsville.ru
nova.atualizacaowebsegura.ga |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
atualizacaowebsegura.ga
1 redirects
nova.atualizacaowebsegura.ga |
212 KB |
1 |
googleapis.com
ajax.googleapis.com |
30 KB |
1 |
jquery.com
code.jquery.com |
33 KB |
11 | 3 |
Domain | Requested by | |
---|---|---|
10 | nova.atualizacaowebsegura.ga |
1 redirects
nova.atualizacaowebsegura.ga
|
1 | ajax.googleapis.com |
nova.atualizacaowebsegura.ga
|
1 | code.jquery.com |
nova.atualizacaowebsegura.ga
|
11 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
jquery.org COMODO RSA Domain Validation Secure Server CA |
2018-10-17 - 2020-10-16 |
2 years | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-09-03 - 2020-11-26 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
http://nova.atualizacaowebsegura.ga/login/home/04/login/
Frame ID: 50E599E5A8CCBE31FFCAF4601C6C0F2E
Requests: 11 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://nova.atualizacaowebsegura.ga/login/home/04/login
HTTP 301
http://nova.atualizacaowebsegura.ga/login/home/04/login/ Page URL
Detected technologies
Ubuntu (Operating Systems) ExpandDetected patterns
- headers server /Ubuntu/i
Bootstrap (Web Frameworks) Expand
Detected patterns
- html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery[.-]([\d.]*\d)[^/]*\.js/i
- script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://nova.atualizacaowebsegura.ga/login/home/04/login
HTTP 301
http://nova.atualizacaowebsegura.ga/login/home/04/login/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
/
nova.atualizacaowebsegura.ga/login/home/04/login/ Redirect Chain
|
13 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.css
nova.atualizacaowebsegura.ga/login/css/ |
174 KB 22 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
desktop.css
nova.atualizacaowebsegura.ga/login/css/ |
8 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
loading.css
nova.atualizacaowebsegura.ga/login/css/ |
499 B 608 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-1.12.0.min.js
code.jquery.com/ |
95 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ |
85 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
padrao_mk.js
nova.atualizacaowebsegura.ga/login/js/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
geral.js
nova.atualizacaowebsegura.ga/login/js/ |
9 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
loading.gif
nova.atualizacaowebsegura.ga/login/img/ |
35 KB 35 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sprites.png
nova.atualizacaowebsegura.ga/login/img/ |
80 KB 80 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fundoLogin.jpeg
nova.atualizacaowebsegura.ga/login/img/ |
64 KB 64 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Caixa (Government)17 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| trustedTypes function| $ function| jQuery function| mascaraMike function| pulacampo function| SomenteNumero function| need_acess function| check_st function| check_fone function| check_sms function| ValidaUsuarioInternet function| ValidaSenhaInternet function| ValidaSenha function| isNumber function| IsNumber function| IsString object| jQuery11200335400351353729141 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
nova.atualizacaowebsegura.ga/ | Name: PHPSESSID Value: meao0j2dp5kckftlb455d4bbdd |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
code.jquery.com
nova.atualizacaowebsegura.ga
194.113.104.181
2001:4de0:ac19::1:b:2a
2a00:1450:4001:821::200a
06c03a25f7d0cc0fbda704220ad79e9a0111740b91e2234af7c7084683d8ba21
1441dd1b788acd480830a9ed0611e7169cdc4d571c8e30c167bc04bcb3cd7b15
1500081c4de78f7025644c327d7b7acaf207afdfcd80f8f45e60f735146f9aa0
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf
8c1a4c25634d5841924aab1848acc9dcbc3d5672183053c8b71ff2139b65d7c3
b07f3473f3a889798a93b7b02c3b9399d4814e82765b988aa54edb93f4d5f2c5
b28604c7e478ef48a7c1f3554e64d72aa69438a9ec15cea40e1cd661dc74f432
b48f28432eda2202f4724a207216008162ff4b17fe380cb9e9a241d399bfc433
bc78c39dbed9bbdcaf3cd7dd722256f976f5063136fbf141b2079e468b439a7c
c0e4551a5d1154da3e1890a2b88623f2b5c8296eec1b8e76f728f035726ea0d2