centrosulturismo.com.br
Open in
urlscan Pro
191.6.205.41
Malicious Activity!
Public Scan
Effective URL: https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/
Submission: On September 01 via manual from CA
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on August 31st 2020. Valid for: 3 months.
This is the only time centrosulturismo.com.br was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Shaw (Telecommunication)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 41.185.13.53 41.185.13.53 | 36943 (Gridhost) (Gridhost) | |
1 | 43.240.30.76 43.240.30.76 | 133199 (SONDERCLO...) (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited) | |
11 | 191.6.205.41 191.6.205.41 | 28299 (IPV6 Inte...) (IPV6 Internet Ltda) | |
1 | 2a00:1450:400... 2a00:1450:4001:81b::2002 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:800::2002 | 15169 (GOOGLE) (GOOGLE) | |
5 | 172.217.23.98 172.217.23.98 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:824::2002 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:809::2001 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:81a::2008 | 15169 (GOOGLE) (GOOGLE) | |
30 | 10 |
ASN36943 (Gridhost, ZA)
PTR: winwebr03.cpt.wa.co.za
lnaccounting.co.za |
ASN28299 (IPV6 Internet Ltda, BR)
PTR: wp7601.kinghost.net
centrosulturismo.com.br |
ASN15169 (GOOGLE, US)
adservice.google.com.eg |
ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net
securepubads.g.doubleclick.net |
ASN15169 (GOOGLE, US)
www.googletagservices.com |
ASN15169 (GOOGLE, US)
tpc.googlesyndication.com |
ASN15169 (GOOGLE, US)
ssl.google-analytics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
centrosulturismo.com.br
centrosulturismo.com.br |
110 KB |
5 |
doubleclick.net
securepubads.g.doubleclick.net |
202 KB |
2 |
google-analytics.com
ssl.google-analytics.com www.google-analytics.com Failed |
18 KB |
1 |
googlesyndication.com
tpc.googlesyndication.com Failed |
|
1 |
googletagservices.com
www.googletagservices.com Failed |
18 KB |
1 |
google.com
adservice.google.com |
890 B |
1 |
google.com.eg
adservice.google.com.eg |
890 B |
1 |
mylife.top
mylife.top |
596 B |
1 |
lnaccounting.co.za
lnaccounting.co.za |
739 B |
0 |
qualtrics.com
Failed
zn_djzxqpnjgabhfwh-shaw.siteintercept.qualtrics.com Failed |
|
30 | 10 |
Domain | Requested by | |
---|---|---|
11 | centrosulturismo.com.br |
centrosulturismo.com.br
|
5 | securepubads.g.doubleclick.net |
centrosulturismo.com.br
www.googletagservices.com securepubads.g.doubleclick.net |
2 | ssl.google-analytics.com |
centrosulturismo.com.br
|
1 | tpc.googlesyndication.com |
centrosulturismo.com.br
securepubads.g.doubleclick.net |
1 | www.googletagservices.com |
centrosulturismo.com.br
|
1 | adservice.google.com |
centrosulturismo.com.br
|
1 | adservice.google.com.eg |
centrosulturismo.com.br
|
1 | mylife.top | |
1 | lnaccounting.co.za | |
0 | www.google-analytics.com Failed |
centrosulturismo.com.br
|
0 | zn_djzxqpnjgabhfwh-shaw.siteintercept.qualtrics.com Failed |
centrosulturismo.com.br
|
30 | 11 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.shaw.ca |
business.shaw.ca |
community.shaw.ca |
my.shaw.ca |
signon.shaw.ca |
register.shaw.ca |
Subject Issuer | Validity | Valid | |
---|---|---|---|
centrosulturismo.com.br Let's Encrypt Authority X3 |
2020-08-31 - 2020-11-29 |
3 months | crt.sh |
*.google.com.eg GTS CA 1O1 |
2020-08-19 - 2020-11-11 |
3 months | crt.sh |
*.google.com GTS CA 1O1 |
2020-08-11 - 2020-11-03 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2020-08-11 - 2020-11-03 |
3 months | crt.sh |
tpc.googlesyndication.com GTS CA 1O1 |
2020-08-11 - 2020-11-03 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-08-11 - 2020-11-03 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/
Frame ID: C0733CFC60D0D713497F7A97A2A94F11
Requests: 29 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- http://lnaccounting.co.za/libraries/s/ Page URL
- http://mylife.top/wp-content/plugins/vlxdwrk/dcjds.php Page URL
- https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update... Page URL
Detected technologies
Windows Server (Operating Systems) ExpandDetected patterns
- headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
IIS (Web Servers) Expand
Detected patterns
- headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Page Statistics
10 Outgoing links
These are links going to different origins than the main page.
Title: Personal
Search URL Search Domain Scan URL
Title: Business
Search URL Search Domain Scan URL
Title: Support
Search URL Search Domain Scan URL
Title: My Shaw
Search URL Search Domain Scan URL
Title: Find a store
Search URL Search Domain Scan URL
Title: visit the Internet section in My Shaw
Search URL Search Domain Scan URL
Title: Don't have an account? Create one now.
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Terms of Use
Search URL Search Domain Scan URL
Title: Accessibility
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://lnaccounting.co.za/libraries/s/ Page URL
- http://mylife.top/wp-content/plugins/vlxdwrk/dcjds.php Page URL
- https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
30 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
lnaccounting.co.za/libraries/s/ |
471 B 739 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dcjds.php
mylife.top/wp-content/plugins/vlxdwrk/ |
531 B 596 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/ |
19 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrator.js
adservice.google.com.eg/adsid/ |
109 B 890 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrator.js
adservice.google.com/adsid/ |
109 B 890 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
combine_signon_136.css
centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/css/ |
160 KB 27 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pubads_impl_rendering_2019013101.js
securepubads.g.doubleclick.net/gpt/ |
63 KB 24 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
pubads_impl_2019013101.js
securepubads.g.doubleclick.net/gpt/ |
181 KB 62 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webmail-desktop.png
centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/images/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
error_button.png
centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/images/ |
185 B 459 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
helpIcon.png
centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/images/icons/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modal-close.png
centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/images/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/js/ |
93 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
combine_signon_136.js
centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/js/ |
97 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login-form.shaw.js
centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/js/ |
5 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.cookie.js
centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/js/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.base64.min.js
centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/js/ |
2 KB 1022 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
zn_djzxqpnjgabhfwh-shaw.siteintercept.qualtrics.com/SIE/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
gpt.js
www.googletagservices.com/tag/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gpt.js
www.googletagservices.com/tag/js/ |
54 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
container.html
tpc.googlesyndication.com/safeframe/1-0-32/html/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
pubads_impl_2020082701.js
securepubads.g.doubleclick.net/gpt/ |
262 KB 92 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
ads
securepubads.g.doubleclick.net/gampad/ |
203 B 454 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
pubads_impl_rendering_2019013101.js
securepubads.g.doubleclick.net/gpt/ |
63 KB 23 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
container.html
tpc.googlesyndication.com/safeframe/1-0-31/html/ |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga.js
ssl.google-analytics.com/ |
45 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
ga.js
www.google-analytics.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
__utm.gif
ssl.google-analytics.com/r/ |
35 B 386 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
zn_djzxqpnjgabhfwh-shaw.siteintercept.qualtrics.com/SIE/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- zn_djzxqpnjgabhfwh-shaw.siteintercept.qualtrics.com
- URL
- https://zn_djzxqpnjgabhfwh-shaw.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_djzxQPnJgAbhfwh&Q_LOC=http%3A%2F%2Flocalhost%2Ftest%2F&t=1549684120333
- Domain
- www.googletagservices.com
- URL
- http://www.googletagservices.com/tag/js/gpt.js
- Domain
- tpc.googlesyndication.com
- URL
- http://tpc.googlesyndication.com/safeframe/1-0-32/html/container.html
- Domain
- www.google-analytics.com
- URL
- http://www.google-analytics.com/ga.js
- Domain
- zn_djzxqpnjgabhfwh-shaw.siteintercept.qualtrics.com
- URL
- https://zn_djzxqpnjgabhfwh-shaw.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_djzxQPnJgAbhfwh&Q_LOC=https%3A%2F%2Fcentrosulturismo.com.br%2Fwp-content%2Fplugins%2Fgoogle-analytics-for-wordpress%2Fassets%2Fcss%2Fimages%2F3%2FUpdate%2FShaw%2F&t=1598996366918
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Shaw (Telecommunication)53 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| trustedTypes object| gptadslots object| googletag function| checkAd function| $ function| jQuery object| ggeac object| googleToken object| googleIMState object| google_js_reporting_queue object| GPT_jstiming undefined| google_measure_js_timing boolean| google_noFetch boolean| google_DisableInitialLoad number| __google_ad_urls_id number| google_unique_id object| closure_memoize_cache_ object| gaGlobal function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter object| Handlebars function| openChatWindow function| openEmailWindow boolean| supportsTransitions object| analyticsSignon object| analyticsRegisterForgot object| shaw function| init function| showTabs function| checkFailedLogin function| showTabsForRealms function| matchRealmsInRealmsArray function| showRealm function| manageCookie object| submitButton function| manageUserNameInput function| email function| occ function| shawDirect function| showEmailTabActive function| showOCCTabActive function| showShawdirectTabActive function| setAnchorFromURL object| jQuery172019225444589751683 object| html5 object| Modernizr function| yepnope function| displayError function| checkEmpty string| gaJsHost object| _gat object| _gaq object| pageTracker5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.centrosulturismo.com.br/ | Name: __utmb Value: 260021784.1.10.1598996367 |
|
.centrosulturismo.com.br/ | Name: __utmt Value: 1 |
|
.centrosulturismo.com.br/ | Name: __utma Value: 260021784.945733045.1598996367.1598996367.1598996367.1 |
|
.centrosulturismo.com.br/ | Name: __utmz Value: 260021784.1598996367.1.1.utmcsr=mylife.top|utmccn=(referral)|utmcmd=referral|utmcct=/wp-content/plugins/vlxdwrk/dcjds.php |
|
.centrosulturismo.com.br/ | Name: __utmc Value: 260021784 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
adservice.google.com
adservice.google.com.eg
centrosulturismo.com.br
lnaccounting.co.za
mylife.top
securepubads.g.doubleclick.net
ssl.google-analytics.com
tpc.googlesyndication.com
www.google-analytics.com
www.googletagservices.com
zn_djzxqpnjgabhfwh-shaw.siteintercept.qualtrics.com
tpc.googlesyndication.com
www.google-analytics.com
www.googletagservices.com
zn_djzxqpnjgabhfwh-shaw.siteintercept.qualtrics.com
172.217.23.98
191.6.205.41
2a00:1450:4001:800::2002
2a00:1450:4001:809::2001
2a00:1450:4001:81a::2008
2a00:1450:4001:81b::2002
2a00:1450:4001:824::2002
41.185.13.53
43.240.30.76
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0fb170f24675c84f8228ad6b61d69bf6705030949cc2fec316b3a006eab282f8
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1bd05e125ef3d7c1b11e6a2bd07459ef0dbeede76af3184812d9c3e34b10c27d
27c361265ec07215bcd0373d146e385e13bc62d35cda4f1310faad6dee9eb7b2
30b07af0c79b6241e9cd0ac1b56006cefb70b6204d9a1eb98a61b7b73e3fb7a5
3de0670375c8a9763362d95d2863c6e1e0360fa3f900c4e9b4b1a10194e3fe89
422793946c47b3cd8ca88d6390d25b60a36097d9bb22da8e6464a08eb92820e2
4893b6ab6f829846b2d16d9b09bbcf9422f3719610bd61d2d4682a9115fb9ce1
49416531519583e597dccc3856da2fa093b5e739baf9fda442b7047309e7f51c
4a57782e3a025dd4aef0918ddab21ffa7dc69777710836bd1f185ac77a468b37
4d9867046e990bd68ab027d5e92df3e32e5d72a09ec3ad0a791ddb8130d0017f
559ee5e3428563ea15e4eb0d6dd27632c7f18be5f576e27eb0d7e614d0faa3ad
5ac0d1a87ad5eccf2f71c70cad9a38a11e498cc395f2205d45dd7a4524c6582d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
90431299afc79f2f07c5bbbc64d9d9c6b3e0613db138e0e1675a5a400e3d3e2e
9fe1ecbc52e21d5ab2a3a7640d24eb67006b258dd684b5449c140a4699e0c872
b3ac405c96e1194eb6ab54b6676028c7380716aa5212a26f1572a845808abd5e
b78fa1b7aaccb8a793c60b6232e784f462cde1cd993f1c1863714d66d9127b6b
c0159d71bfd21f50878f12b283950402c6364354bcd559af9accc22191dddb5b
e0ad5458dbc7bf04431ba5aa06bbc9d2dcb984c22c419c4605a458c3e0c9db8b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855