bldhb.rcshpg.com.br
Open in
urlscan Pro
34.95.197.158
Malicious Activity!
Public Scan
Submission: On January 30 via manual from BR
Summary
This is the only time bldhb.rcshpg.com.br was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Banco do Brasil (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
11 | 34.95.197.158 34.95.197.158 | 15169 (GOOGLE) (GOOGLE) | |
11 | 1 |
ASN15169 (GOOGLE, US)
PTR: 158.197.95.34.bc.googleusercontent.com
bldhb.rcshpg.com.br |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
rcshpg.com.br
bldhb.rcshpg.com.br |
155 KB |
11 | 1 |
Domain | Requested by | |
---|---|---|
11 | bldhb.rcshpg.com.br |
bldhb.rcshpg.com.br
|
11 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://bldhb.rcshpg.com.br/Auto-Atendimento-BB/Atualizacao/bb2.php
Frame ID: 99D8AA63771ACF4B8FB31355A702DFBB
Requests: 11 HTTP requests in this frame
Screenshot
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
Ubuntu (Operating Systems) Expand
Detected patterns
- headers server /Ubuntu/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
bb2.php
bldhb.rcshpg.com.br/Auto-Atendimento-BB/Atualizacao/ |
2 KB 989 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
home.css
bldhb.rcshpg.com.br/Auto-Atendimento-BB/Atualizacao/css/ |
967 B 802 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-3.2.1.min.js
bldhb.rcshpg.com.br/Auto-Atendimento-BB/Atualizacao/js/ |
85 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.mask.js
bldhb.rcshpg.com.br/Auto-Atendimento-BB/Atualizacao/js/ |
20 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
btnEntrar.png
bldhb.rcshpg.com.br/Auto-Atendimento-BB/Atualizacao/imgs/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
btnLimpar.png
bldhb.rcshpg.com.br/Auto-Atendimento-BB/Atualizacao/imgs/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
como_acessar.png
bldhb.rcshpg.com.br/Auto-Atendimento-BB/Atualizacao/imgs/ |
48 KB 48 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mod_seg.png
bldhb.rcshpg.com.br/Auto-Atendimento-BB/Atualizacao/imgs/ |
42 KB 42 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
header_log_bg.png
bldhb.rcshpg.com.br/Auto-Atendimento-BB/Atualizacao/imgs/ |
381 B 665 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
header_log.png
bldhb.rcshpg.com.br/Auto-Atendimento-BB/Atualizacao/imgs/ |
19 KB 19 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
grad_como_acessar.png
bldhb.rcshpg.com.br/Auto-Atendimento-BB/Atualizacao/imgs/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Banco do Brasil (Banking)4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| $ function| jQuery0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bldhb.rcshpg.com.br
34.95.197.158
04a418b8d919dd6981aae5c74ecd1359f8971307cd9faa10d5c1f59160fb298f
4298f77fba2332262b4b307e77a21be3485f413d4b29e4aa65565b0a63e1d7e2
468525c2a7150ec2825d86b203325f315776e6ab04f500f9ecf3e566a3cc4fd0
512955005e4a325935c1874046811d3e83a8fd62ecc5908843cd4a580e3b5bc2
5b6f995bdb0c6496395041e80c99c7df4e98e67458d34cf33eb93a0b73a624d4
5d7cc1a5bf8faabdb0855f48455c5d6879df16c805fc565537de4f6b2ad7b3f6
63366e68890a33aa7f44f0b53c36a91f964ef569e71f021cbce4c1cfc9f1f85f
74c8933611446a7114446b4fd502722e0fa3c45d52e134cee692aac693eac166
820db3748fbae67ca1757c9d42ac3e3955bc47dfceffeabbb9267ecb3a5963f7
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
be483938eb34538b970684f72e312f62652e84b42b7ad86953962d1ce2217c44