acessarbotaorenner.azurewebsites.net
Open in
urlscan Pro
20.119.8.29
Malicious Activity!
Public Scan
Submission: On February 13 via automatic, source phishtank — Scanned from DE
Summary
TLS certificate: Issued by Microsoft Azure TLS Issuing CA 05 on December 27th 2022. Valid for: a year.
This is the only time acessarbotaorenner.azurewebsites.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Realize (Financial)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
4 | 20.119.8.29 20.119.8.29 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
10 | 2606:4700::68... 2606:4700::6810:7aaf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:831::2004 | 15169 (GOOGLE) (GOOGLE) | |
4 | 200.248.113.245 200.248.113.245 | 4230 (CLARO S.A.) (CLARO S.A.) | |
3 | 2a00:1450:400... 2a00:1450:4001:812::2002 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:806::2002 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:830::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:800::2003 | 15169 (GOOGLE) (GOOGLE) | |
27 | 8 |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
acessarbotaorenner.azurewebsites.net |
ASN4230 (CLARO S.A., BR)
www.realizesolucoesfinanceiras.com.br |
ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
unpkg.com
unpkg.com — Cisco Umbrella Rank: 1110 |
9 KB |
4 |
realizesolucoesfinanceiras.com.br
www.realizesolucoesfinanceiras.com.br |
167 KB |
4 |
azurewebsites.net
acessarbotaorenner.azurewebsites.net |
143 KB |
3 |
googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 132 |
169 KB |
2 |
gstatic.com
www.gstatic.com |
|
2 |
doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 67 |
5 KB |
1 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 510 |
30 KB |
1 |
google.com
www.google.com — Cisco Umbrella Rank: 18 |
23 KB |
27 | 8 |
Domain | Requested by | |
---|---|---|
10 | unpkg.com |
acessarbotaorenner.azurewebsites.net
unpkg.com |
4 | www.realizesolucoesfinanceiras.com.br |
acessarbotaorenner.azurewebsites.net
|
4 | acessarbotaorenner.azurewebsites.net |
acessarbotaorenner.azurewebsites.net
|
3 | pagead2.googlesyndication.com |
acessarbotaorenner.azurewebsites.net
pagead2.googlesyndication.com |
2 | www.gstatic.com |
www.google.com
|
2 | googleads.g.doubleclick.net |
acessarbotaorenner.azurewebsites.net
pagead2.googlesyndication.com |
1 | ajax.googleapis.com |
acessarbotaorenner.azurewebsites.net
|
1 | www.google.com |
acessarbotaorenner.azurewebsites.net
|
27 | 8 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.google.com |
play.google.com |
apps.apple.com |
www.realizesolucoesfinanceiras.com.br |
rennerchat.flexcontact.com.br |
wa.me |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.azurewebsites.net Microsoft Azure TLS Issuing CA 05 |
2022-12-27 - 2023-12-22 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-06-01 - 2023-06-01 |
a year | crt.sh |
www.google.com GTS CA 1C3 |
2023-01-31 - 2023-04-25 |
3 months | crt.sh |
*.realizesolucoesfinanceiras.com.br Sectigo RSA Domain Validation Secure Server CA |
2022-04-04 - 2023-04-04 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2023-01-31 - 2023-04-25 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-01-31 - 2023-04-25 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-01-31 - 2023-04-25 |
3 months | crt.sh |
This page contains 4 frames:
Primary Page:
https://acessarbotaorenner.azurewebsites.net/renner/
Frame ID: 08CCA6368DC46BB22C0A3F4B93F919E0
Requests: 22 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcNwW8UAAAAAJ8eSLfer6Z8Lm28favadVWPryjV&co=aHR0cHM6Ly93d3cucmVhbGl6ZXNvbHVjb2VzZmluYW5jZWlyYXMuY29tLmJyOjQ0Mw..&hl=pt-BR&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&badge=inline&cb=2v5tfq911hky
Frame ID: E005C603C06767A72A96940F30CA2AE0
Requests: 3 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7890629395260020&output=html&h=120&slotname=5794379991&adk=2795671433&adf=1774445400&pi=t.ma~as.5794379991&w=1070&lmt=1664726492&rafmt=12&format=1070x120&url=https%3A%2F%2Fr-e-v-i-s-t-a-29582.azurewebsites.net%2Frenner%2Finicio%2Flogin.php&wgl=1&adsid=ChEI8O3kmQYQmZzp_6ip-8WtARI5ADZgdjZRMLpoworSz8c7CCQAIFcC-5T6_xyizkb-UVncrLiCxXPEITGCT9OJbWM7Dx_AYaIEFlMm&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTA0LjAuNTExMi4xMDIiLFtdLGZhbHNlLG51bGwsIjY0IixbWyJDaHJvbWl1bSIsIjEwNC4wLjUxMTIuMTAyIl0sWyIgTm90IEE7QnJhbmQiLCI5OS4wLjAuMCJdLFsiT3BlcmEgR1giLCIxMDQuMC41MTEyLjEwMiJdXSxmYWxzZV0.&dt=1664726482553&bpp=5&bdt=831&idt=324&shv=r20220928&mjsv=m202209270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5677531498160&frm=20&pv=1&ga_vid=245287172.1664726482&ga_sid=1664726483&ga_hid=254348409&ga_fc=1&u_tz=-180&u_his=1&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_sd=1&dmc=8&adx=397&ady=3583&biw=1864&bih=939&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069963%2C42531706%2C31070009%2C44772927%2C31062931&oid=2&pvsid=3776065030673640&tmod=1971245323&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1920%2C0%2C1920%2C1040%2C1879%2C939&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&jar=2022-10-02-04&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=IL8ANWTQef&p=https%3A//r-e-v-i-s-t-a-29582.azurewebsites.net&dtd=9523
Frame ID: 015920A4B6B09C45796AFD11030F5E43
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/html/r20230207/r20190131/zrt_lookup.html
Frame ID: 101B625ACE301BEE6FE896CE1D3301E4
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Consulte sua fatura online [RENNER]Detected technologies
Google AdSense (Advertising Networks) ExpandDetected patterns
- googlesyndication\.com/
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
19 Outgoing links
These are links going to different origins than the main page.
Title: Termos
Search URL Search Domain Scan URL
Title: Privacidade
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Home
Search URL Search Domain Scan URL
Title: Cartão Renner
Search URL Search Domain Scan URL
Title: Meu cartão
Search URL Search Domain Scan URL
Title: Quero cartão Renner
Search URL Search Domain Scan URL
Title: Contato
Search URL Search Domain Scan URL
Title: Institucional
Search URL Search Domain Scan URL
Title: Cartão Renner
Search URL Search Domain Scan URL
Title: Meu cartão
Search URL Search Domain Scan URL
Title: Saque Rápido e Seguros
Search URL Search Domain Scan URL
Title: Privacidade e Segurança
Search URL Search Domain Scan URL
Title: Central de Negociação
Search URL Search Domain Scan URL
Title: Acessa Sua Conta
Search URL Search Domain Scan URL
Title: Para acessar o canal de atendimento por vÃdeo, clique aqui.
Search URL Search Domain Scan URL
Title: +55 (51) 3921 4004
Search URL Search Domain Scan URL
Title: Orientações para Representantes de Deficientes Auditivos ou de Fala
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
27 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
acessarbotaorenner.azurewebsites.net/renner/ |
942 KB 135 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ionicons.esm.js
unpkg.com/ionicons@5.5.2/dist/ionicons/ |
399 B 644 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
anchor
www.google.com/recaptcha/api2/ Frame E005 |
43 KB 23 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p-e26ac56f.js
unpkg.com/ionicons@5.5.2/dist/ionicons/ |
7 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
google-play-badge-reverse.svg
www.realizesolucoesfinanceiras.com.br/cartoes-renner/vectors/ |
11 KB 5 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
celular-login.png
www.realizesolucoesfinanceiras.com.br/cartoes-renner/images/ |
152 KB 153 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
whatsapp.svg
acessarbotaorenner.azurewebsites.net/cartoes-renner/vectors/ |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
google-play-badge.svg
www.realizesolucoesfinanceiras.com.br/cartoes-renner/vectors/ |
11 KB 5 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app-store-badge.svg
www.realizesolucoesfinanceiras.com.br/cartoes-renner/vectors/ |
14 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ |
143 KB 49 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ads
googleads.g.doubleclick.net/pagead/ Frame 0159 |
603 B 218 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ |
85 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.mask.min.js
acessarbotaorenner.azurewebsites.net/renner/ |
8 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg-login.svg
acessarbotaorenner.azurewebsites.net/cartoes-renner/vectors/ |
555 B 555 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles__ltr.css
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame E005 |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__pt_br.js
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame E005 |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p-5c60b45e.entry.js
unpkg.com/ionicons@5.5.2/dist/ionicons/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p-3f680f7e.js
unpkg.com/ionicons@5.5.2/dist/ionicons/ |
809 B 608 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302090101/ |
366 KB 120 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230207/r20190131/ Frame 101B |
10 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
gen_204
pagead2.googlesyndication.com/pagead/ |
0 20 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
card-outline.svg
unpkg.com/ionicons@5.5.2/dist/ionicons/svg/ |
369 B 345 B |
Fetch
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
person-outline.svg
unpkg.com/ionicons@5.5.2/dist/ionicons/svg/ |
503 B 433 B |
Fetch
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lock-closed-outline.svg
unpkg.com/ionicons@5.5.2/dist/ionicons/svg/ |
405 B 332 B |
Fetch
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
calendar-outline.svg
unpkg.com/ionicons@5.5.2/dist/ionicons/svg/ |
758 B 380 B |
Fetch
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
keypad-outline.svg
unpkg.com/ionicons@5.5.2/dist/ionicons/svg/ |
1 KB 353 B |
Fetch
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
key-outline.svg
unpkg.com/ionicons@5.5.2/dist/ionicons/svg/ |
727 B 564 B |
Fetch
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Realize (Financial)28 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 boolean| credentialless object| oncontentvisibilityautostatechange object| adsbygoogle function| $ function| jQuery object| $jscomp function| isValidfeline object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots object| google_image_requests string| google_user_agent_client_hint object| Ionicons function| google_sa_impl1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
5 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
acessarbotaorenner.azurewebsites.net
ajax.googleapis.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
unpkg.com
www.google.com
www.gstatic.com
www.realizesolucoesfinanceiras.com.br
20.119.8.29
200.248.113.245
2606:4700::6810:7aaf
2a00:1450:4001:800::2003
2a00:1450:4001:806::2002
2a00:1450:4001:812::2002
2a00:1450:4001:830::200a
2a00:1450:4001:831::2004
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
108edfb0bdb9cfe6f8a0924325598e083793cb7a428e5a9176e64821168b4bed
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
20193736d900f0b602a678f804676349764578ab2adcd07ffebb6d06df1afd96
2ebe32eb96d80df14656ed485b5c625752e142607e910255e2d19021008c976d
3dd08d21a5c010294a50355af3565a50d08ea4aef83e822114be29171209f109
411ebf3f42ff97b8fdcb02ef60f534e0fd011b86878ec33abf2509b4bfe58037
639f9073a6e13d0516f19577c766a601591bc51fb98edc6b4411460118af6de8
6b3b312399bc7b89593ed6bf6d5fe78f6094b2dfb33f581bdf1ec690dace2c4c
6d05491c9827de5983662cc34c0586f8b87f807e41727408321837dcd610f5ec
77df749f6bbe85442500437f7e798f46b9635da344811ae3b4bf7d43048ee9bb
7db4ada57262fbacd47bef4e96e3cedda276b9267e6ca4d20adeeb1c24d870b6
8502ecd820f69485866495504cae4d5dee939f30c5d74aeabfa97cc002fad741
8827f96ace2afe4aeff4c33db4ac86193f38a62cb30d9fbba949e0b72c2a55ff
8dab9a0fa46a86448736002bdea06c2eb25faf514d6731626040c00bd36c504c
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
c5fcbac15c0abed33928ea0df2b92e51d06cc351cce4097f0d1372e967769141
cceba7049069b3c0d22b68da355f7d7e2ad263a0fd32a81e23d2acb1b6cf4752
ce00b2696a4a9c7d1326fd09623e8c8f4624c9abdf5424b2cf19b9de2f981f18
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f9457e31ebbf210bb21127718dbf6a01203d776896f7b5151ed07d1f8600d0
e83f00db825f0f723d897317f5891d7d8f753f46ac5e2621b594d688a318f13d
e946d863a136a09089fd275d574ff3346bad8327d4ef378c06af35872d9fe56d
fe2b29e0705999a225505dd7f39a1e7160eff7fb04b439cb35485d338a92742f