www.stm.com.br Open in urlscan Pro
191.6.209.19 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.stm.com.br/swiss/page.php
Submission Tags: 7507132
Submission: On May 05 via api (May 5th 2022, 8:46:19 am UTC) from US — Scanned from DE

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 12 HTTP transactions. The main IP is 191.6.209.19, located in Brazil and belongs to IPV6 Internet Ltda, BR. The main domain is www.stm.com.br.

This is the only time www.stm.com.br was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic (Online)

Domain & IP information

	IP Address		AS Autonomous System
11	191.6.209.19 191.6.209.19		28299 (IPV6 Inte...) (IPV6 Internet Ltda)
12	2

11 191.6.209.19 (Brazil)

ASN28299 (IPV6 Internet Ltda, BR)
PTR: varnish-farm1.kinghost.net

www.stm.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	stm.com.br www.stm.com.br	1 MB
12	1

	Domain	Requested by
11	www.stm.com.br	www.stm.com.br
12	1

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://www.stm.com.br/swiss/page.php
Frame ID: FAF3586797945D9D2FE44C1B41DBE324
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui[.-]([\d.]*\d)[^/]*\.js
jquery-ui.*\.js

Page Statistics

12
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

1115 kB
Transfer

1133 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request page.php Show response www.stm.com.br/swiss/	28 KB 7 KB	1179ms 289ms	Document text/html	191.6.209.19 IPV6 Internet Ltda
General Check archive.org Show headers Download Go to Full URL http://www.stm.com.br/swiss/page.php Protocol HTTP/1.1 Server 191.6.209.19 , Brazil, ASN28299 (IPV6 Internet Ltda, BR), Reverse DNS varnish-farm1.kinghost.net Software / Resource Hash `fea0828b2891fed8dcbc843bdd5f9487598da5bfd583c7b832f9d76654d19589` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Age 29 Connection keep-alive Content-Encoding gzip Content-Length 7289 Content-Type text/html; charset=UTF-8 Date Thu, 05 May 2022 08:44:54 GMT Vary Accept-Encoding X-Cache HIT X-Cache-Hits 18 X-Served-By varnish-farm1.kinghost.net
GET H/1.1	200 OK	typeKit.js Show response www.stm.com.br/swiss/assets/js/	18 KB 18 KB	294ms 294ms	Script application/javascript	191.6.209.19 IPV6 Internet Ltda
General Check archive.org Show headers Download Go to Full URL http://www.stm.com.br/swiss/assets/js/typeKit.js Requested by Host: www.stm.com.br URL: http://www.stm.com.br/swiss/page.php Protocol HTTP/1.1 Server 191.6.209.19 , Brazil, ASN28299 (IPV6 Internet Ltda, BR), Reverse DNS varnish-farm1.kinghost.net Software / Resource Hash `0cfa72c034d5c3ddfa8c6845af7dd7a62e0540d1b3190e100ef42758bb73fcc4` Request headers accept-language de-DE,de;q=0.9 Referer http://www.stm.com.br/swiss/page.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Date Thu, 05 May 2022 08:45:24 GMT Last-Modified Thu, 09 Jul 2020 23:05:52 GMT Age 14 ETag "4618-5aa0a44125400" X-Served-By varnish-farm1.kinghost.net X-Cache HIT Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 17944 X-Cache-Hits 5
GET H/1.1	200 OK	bootstrap.css www.stm.com.br/swiss/assets/css/	149 KB 149 KB	293ms 293ms	Stylesheet text/css	191.6.209.19 IPV6 Internet Ltda
General Check archive.org Show headers Download Go to Full URL http://www.stm.com.br/swiss/assets/css/bootstrap.css Requested by Host: www.stm.com.br URL: http://www.stm.com.br/swiss/page.php Protocol HTTP/1.1 Server 191.6.209.19 , Brazil, ASN28299 (IPV6 Internet Ltda, BR), Reverse DNS varnish-farm1.kinghost.net Software / Resource Hash `a29236eed54ff257f34dd88abfd5a2f14b9190d84802f6703152d6b4ea511ca9` Request headers accept-language de-DE,de;q=0.9 Referer http://www.stm.com.br/swiss/page.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Date Thu, 05 May 2022 08:45:24 GMT Last-Modified Thu, 09 Jul 2020 23:05:52 GMT Age 14 ETag "254c2-5aa0a44125400" X-Served-By varnish-farm1.kinghost.net X-Cache HIT Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 152770 X-Cache-Hits 5
GET H/1.1	200 OK	main.css www.stm.com.br/swiss/assets/css/	22 KB 22 KB	572ms 284ms	Stylesheet text/css	191.6.209.19 IPV6 Internet Ltda
General Check archive.org Show headers Download Go to Full URL http://www.stm.com.br/swiss/assets/css/main.css Requested by Host: www.stm.com.br URL: http://www.stm.com.br/swiss/page.php Protocol HTTP/1.1 Server 191.6.209.19 , Brazil, ASN28299 (IPV6 Internet Ltda, BR), Reverse DNS varnish-farm1.kinghost.net Software / Resource Hash `4c0e0830747b89f629806815b59e660dcc92281b2108a2875998c4fb1cb5a846` Request headers accept-language de-DE,de;q=0.9 Referer http://www.stm.com.br/swiss/page.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Date Thu, 05 May 2022 08:45:24 GMT Last-Modified Thu, 09 Jul 2020 23:05:52 GMT Age 14 ETag "5783-5aa0a44125400" X-Served-By varnish-farm1.kinghost.net X-Cache HIT Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 22403 X-Cache-Hits 5
GET H/1.1	200 OK	jquery-1.js Show response www.stm.com.br/swiss/assets/js/	242 KB 243 KB	572ms 283ms	Script application/javascript	191.6.209.19 IPV6 Internet Ltda
General Check archive.org Show headers Download Go to Full URL http://www.stm.com.br/swiss/assets/js/jquery-1.js Requested by Host: www.stm.com.br URL: http://www.stm.com.br/swiss/page.php Protocol HTTP/1.1 Server 191.6.209.19 , Brazil, ASN28299 (IPV6 Internet Ltda, BR), Reverse DNS varnish-farm1.kinghost.net Software / Resource Hash `9fcc241093405946885039df428cfa7f0051a1f2bdbcc5a313a177a9e35f8806` Request headers accept-language de-DE,de;q=0.9 Referer http://www.stm.com.br/swiss/page.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Date Thu, 05 May 2022 08:45:24 GMT Last-Modified Thu, 09 Jul 2020 23:05:52 GMT Age 14 ETag "3c9ab-5aa0a44125400" X-Served-By varnish-farm1.kinghost.net X-Cache HIT Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 248235 X-Cache-Hits 5
GET		jquery-1_002.js www.stm.com.br/swiss/assets/js/	0 0

GET H/1.1	200 OK	jquery-ui-1.js Show response www.stm.com.br/swiss/assets/js/	206 KB 206 KB	581ms 287ms	Script application/javascript	191.6.209.19 IPV6 Internet Ltda
General Check archive.org Show headers Download Go to Full URL http://www.stm.com.br/swiss/assets/js/jquery-ui-1.js Requested by Host: www.stm.com.br URL: http://www.stm.com.br/swiss/page.php Protocol HTTP/1.1 Server 191.6.209.19 , Brazil, ASN28299 (IPV6 Internet Ltda, BR), Reverse DNS varnish-farm1.kinghost.net Software / Resource Hash `794bf1ff4b8bbc981cb280b4efeb6e5b040afb34b85f6e3cd2546ace15910301` Request headers accept-language de-DE,de;q=0.9 Referer http://www.stm.com.br/swiss/page.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Date Thu, 05 May 2022 08:45:25 GMT Last-Modified Thu, 09 Jul 2020 23:05:52 GMT Age 14 ETag "337d6-5aa0a44125400" X-Served-By varnish-farm1.kinghost.net X-Cache HIT Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 210902 X-Cache-Hits 5
GET H/1.1	200 OK	WebResource.js Show response www.stm.com.br/swiss/assets/js/	20 KB 21 KB	873ms 294ms	Script application/javascript	191.6.209.19 IPV6 Internet Ltda
General Check archive.org Show headers Download Go to Full URL http://www.stm.com.br/swiss/assets/js/WebResource.js Requested by Host: www.stm.com.br URL: http://www.stm.com.br/swiss/page.php Protocol HTTP/1.1 Server 191.6.209.19 , Brazil, ASN28299 (IPV6 Internet Ltda, BR), Reverse DNS varnish-farm1.kinghost.net Software / Resource Hash `0ba2f6756001669bdf934f9d79e8fd1ccf2028130c33a0510279581ec9dfd73a` Request headers accept-language de-DE,de;q=0.9 Referer http://www.stm.com.br/swiss/page.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Date Thu, 05 May 2022 08:45:24 GMT Last-Modified Thu, 09 Jul 2020 23:05:52 GMT Age 15 ETag "513a-5aa0a44125400" X-Served-By varnish-farm1.kinghost.net X-Cache HIT Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 20794 X-Cache-Hits 5
GET H/1.1	200 OK	ScriptResource_002.js Show response www.stm.com.br/swiss/assets/js/	349 KB 350 KB	1144ms 287ms	Script application/javascript	191.6.209.19 IPV6 Internet Ltda
General Check archive.org Show headers Download Go to Full URL http://www.stm.com.br/swiss/assets/js/ScriptResource_002.js Requested by Host: www.stm.com.br URL: http://www.stm.com.br/swiss/page.php Protocol HTTP/1.1 Server 191.6.209.19 , Brazil, ASN28299 (IPV6 Internet Ltda, BR), Reverse DNS varnish-farm1.kinghost.net Software / Resource Hash `0cfc4a70c37cecef342f0e14a9204008485665202a40ae48a2af09d381554435` Request headers accept-language de-DE,de;q=0.9 Referer http://www.stm.com.br/swiss/page.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Date Thu, 05 May 2022 08:45:25 GMT Last-Modified Thu, 09 Jul 2020 23:05:52 GMT Age 15 ETag "575c1-5aa0a44125400" X-Served-By varnish-farm1.kinghost.net X-Cache HIT Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 357825 X-Cache-Hits 5
GET H/1.1	200 OK	ScriptResource.js Show response www.stm.com.br/swiss/assets/js/	93 KB 94 KB	1164ms 290ms	Script application/javascript	191.6.209.19 IPV6 Internet Ltda
General Check archive.org Show headers Download Go to Full URL http://www.stm.com.br/swiss/assets/js/ScriptResource.js Requested by Host: www.stm.com.br URL: http://www.stm.com.br/swiss/page.php Protocol HTTP/1.1 Server 191.6.209.19 , Brazil, ASN28299 (IPV6 Internet Ltda, BR), Reverse DNS varnish-farm1.kinghost.net Software / Resource Hash `06831185e31b1a87a5b40a61252ab31da46e5517f7899a1697a7ec8674adf5ab` Request headers accept-language de-DE,de;q=0.9 Referer http://www.stm.com.br/swiss/page.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Date Thu, 05 May 2022 08:45:25 GMT Last-Modified Thu, 09 Jul 2020 23:05:52 GMT Age 15 ETag "17598-5aa0a44125400" X-Served-By varnish-farm1.kinghost.net X-Cache HIT Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 95640 X-Cache-Hits 5
GET H/1.1	200 OK	ogilvy-logos.svg www.stm.com.br/swiss/assets/images/	3 KB 4 KB	270ms 270ms	Image image/svg+xml	191.6.209.19 IPV6 Internet Ltda
General Check archive.org Show headers Download Go to Show image Full URL http://www.stm.com.br/swiss/assets/images/ogilvy-logos.svg Requested by Host: www.stm.com.br URL: http://www.stm.com.br/swiss/page.php Protocol HTTP/1.1 Server 191.6.209.19 , Brazil, ASN28299 (IPV6 Internet Ltda, BR), Reverse DNS varnish-farm1.kinghost.net Software / Resource Hash `b1d8e73aeaca62e519b792ade3c0400821a86647bb75095a1367ae0301af807d` Request headers accept-language de-DE,de;q=0.9 Referer http://www.stm.com.br/swiss/page.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Date Thu, 05 May 2022 08:45:25 GMT Last-Modified Mon, 24 Aug 2020 09:25:04 GMT Age 15 ETag "dde-5ad9c295cbc00" X-Served-By varnish-farm1.kinghost.net X-Cache HIT Content-Type image/svg+xml Connection keep-alive Accept-Ranges bytes Content-Length 3550 X-Cache-Hits 6
GET H/1.1	200 OK	ogilvy-iconoTarjeta.png www.stm.com.br/swiss/assets/images/	1 KB 1 KB	274ms 274ms	Image image/png	191.6.209.19 IPV6 Internet Ltda
General Check archive.org Show headers Download Go to Show image Full URL http://www.stm.com.br/swiss/assets/images/ogilvy-iconoTarjeta.png Requested by Host: www.stm.com.br URL: http://www.stm.com.br/swiss/page.php Protocol HTTP/1.1 Server 191.6.209.19 , Brazil, ASN28299 (IPV6 Internet Ltda, BR), Reverse DNS varnish-farm1.kinghost.net Software / Resource Hash `ecc047250aed883bd0038ba4cdf2b4b7f7105e28fae93712ad1a9090b014a9c9` Request headers accept-language de-DE,de;q=0.9 Referer http://www.stm.com.br/swiss/page.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Date Thu, 05 May 2022 08:45:25 GMT Last-Modified Thu, 09 Jul 2020 23:05:52 GMT Age 15 ETag "4a8-5aa0a44125400" X-Served-By varnish-farm1.kinghost.net X-Cache HIT Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 1192 X-Cache-Hits 6

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.stm.com.br
URL: http://www.stm.com.br/swiss/assets/js/jquery-1_002.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic (Online)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

www.stm.com.br
www.stm.com.br
191.6.209.19
06831185e31b1a87a5b40a61252ab31da46e5517f7899a1697a7ec8674adf5ab
0ba2f6756001669bdf934f9d79e8fd1ccf2028130c33a0510279581ec9dfd73a
0cfa72c034d5c3ddfa8c6845af7dd7a62e0540d1b3190e100ef42758bb73fcc4
0cfc4a70c37cecef342f0e14a9204008485665202a40ae48a2af09d381554435
4c0e0830747b89f629806815b59e660dcc92281b2108a2875998c4fb1cb5a846
794bf1ff4b8bbc981cb280b4efeb6e5b040afb34b85f6e3cd2546ace15910301
9fcc241093405946885039df428cfa7f0051a1f2bdbcc5a313a177a9e35f8806
a29236eed54ff257f34dd88abfd5a2f14b9190d84802f6703152d6b4ea511ca9
b1d8e73aeaca62e519b792ade3c0400821a86647bb75095a1367ae0301af807d
ecc047250aed883bd0038ba4cdf2b4b7f7105e28fae93712ad1a9090b014a9c9
fea0828b2891fed8dcbc843bdd5f9487598da5bfd583c7b832f9d76654d19589

www.stm.com.br Open in urlscan Pro 191.6.209.19 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

12 Requests

0 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

1115 kBTransfer

1133 kBSize

0 Cookies

0 Outgoing links

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

6 JavaScript Global Variables

0 Cookies

Indicators

www.stm.com.br Open in urlscan Pro
191.6.209.19 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

1115 kB
Transfer

1133 kB
Size

0
Cookies

12 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!