aceso.maislivelopontos.club
Open in
urlscan Pro
104.21.14.44
Malicious Activity!
Public Scan
Effective URL: https://aceso.maislivelopontos.club/
Submission: On November 03 via api from BR — Scanned from DE
Summary
TLS certificate: Issued by GTS CA 1P5 on November 1st 2023. Valid for: 3 months.
This is the only time aceso.maislivelopontos.club was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Livelo (E-commerce)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 62.3.58.85 62.3.58.85 | 212913 (TIMEHOST-AS) (TIMEHOST-AS) | |
10 | 104.21.14.44 104.21.14.44 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
10 | 1 |
ASN212913 (TIMEHOST-AS, UA)
PTR: vds348.com
oresgateptssite.online |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
maislivelopontos.club
aceso.maislivelopontos.club |
119 KB |
1 |
oresgateptssite.online
1 redirects
oresgateptssite.online |
257 B |
10 | 2 |
Domain | Requested by | |
---|---|---|
10 | aceso.maislivelopontos.club |
aceso.maislivelopontos.club
|
1 | oresgateptssite.online | 1 redirects |
10 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
maislivelopontos.club GTS CA 1P5 |
2023-11-01 - 2024-01-30 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://aceso.maislivelopontos.club/
Frame ID: 4BB85760AE5CED8F62062D50E02D8EAE
Requests: 10 HTTP requests in this frame
Screenshot
Page Title
liveloPage URL History Show full URLs
-
http://oresgateptssite.online/
HTTP 301
https://aceso.maislivelopontos.club/ Page URL
Detected technologies
Vue.js (JavaScript Frameworks) ExpandDetected patterns
- <[^>]+\sdata-v(?:ue)?-
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://oresgateptssite.online/
HTTP 301
https://aceso.maislivelopontos.club/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
10 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
aceso.maislivelopontos.club/ Redirect Chain
|
739 B 931 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chunk-vendors.1a3e10a8.js
aceso.maislivelopontos.club/js/ |
216 KB 78 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.f603692d.js
aceso.maislivelopontos.club/js/ |
26 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.66ec128e.css
aceso.maislivelopontos.club/css/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
4b9bcd08-082c-4a3f-850b-2cd1498373f0
aceso.maislivelopontos.club/2e3e21b3-0b32-4594-83a4-36e053a9bda2/api/ |
41 B 371 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo1.2c7a4267.svg
aceso.maislivelopontos.club/img/ |
5 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo2.5907da53.svg
aceso.maislivelopontos.club/img/ |
803 B 764 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1.776fc6b1.woff2
aceso.maislivelopontos.club/fonts/ |
23 KB 24 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo1.2c7a4267.svg
aceso.maislivelopontos.club/img/ |
5 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo2.5907da53.svg
aceso.maislivelopontos.club/img/ |
803 B 858 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Livelo (E-commerce)7 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture string| MSGEND string| MSGINI string| SERVER_URL object| webpackChunklivelo object| __VUE_INSTANCE_SETTERS__ boolean| __VUE__1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
aceso.maislivelopontos.club/ | Name: session Value: c375250e-282a-4725-914c-6ab17cc9b884 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aceso.maislivelopontos.club
oresgateptssite.online
104.21.14.44
62.3.58.85
376349038ea0361e3e85caccea1faf6d2076e7e7d68cbbc8c117eda7e692302e
3becca4e7dd1d0511eabf978dfb1bd8aa48a1b18a31e70fe376a3ccf8d20189a
5fa223e08fb1cabafc88f01f0aa1eba6b5453630f880e2044c7ba83fe946ca7a
72dc37dd92ac41a904175b927273429d71ca73c3294a8c30e7de96f364495c25
750fd2230014a4a420ad792b29e1c59d92424bafe4fc38fd572b263087de4a00
9a5006e51390a8b3bc0a24cc87d842f874a33a0c8ae5fd5eaae2cdd3ddfb234a
a93839a2c1e9457a6a66474a128ae6221798e5fec089c172e8160b592584dd93
baa582f17e15f36d5f466ca812a1ddd9adf561ca38bb70f7141822198254c87c