camaraeugeniodecastro.rs.gov.br Open in urlscan Pro
50.116.87.108 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://camaraeugeniodecastro.rs.gov.br/assets/ID3/hakam%20new/piled.php?email=waqar.s@adcb.com
Effective URL:
http://camaraeugeniodecastro.rs.gov.br/assets/ID3/hakam%20new/piled.php?email=waqar.s@adcb.com
Submission: On May 21 via manual (May 21st 2019, 6:07:34 pm UTC) from AE

Summary HTTP 11 Redirects Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 11 HTTP transactions. The main IP is 50.116.87.108, located in Houston, United States and belongs to ,. The main domain is camaraeugeniodecastro.rs.gov.br.

This is the only time camaraeugeniodecastro.rs.gov.br was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: LinkedIn (Social Network)

Domain & IP information

	IP Address		AS Autonomous System
1	50.116.87.108 50.116.87.108		46606 () ()
8	2a02:26f0:6c0... 2a02:26f0:6c00:28c::25ea		20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	178.237.33.50 178.237.33.50		8455 (ATOM86-AS...) (ATOM86-AS ATOM86)
1	2a02:26f0:6c0... 2a02:26f0:6c00:296::25ea		20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
11	4

1 50.116.87.108 (Houston, United States)

ASN46606 (,)
PTR: srv218.prodns.com.br

camaraeugeniodecastro.rs.gov.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:26f0:6c00:28c::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

static.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.237.33.50 (Netherlands)

ASN8455 (ATOM86-AS ATOM86, NL)

www.geoplugin.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:296::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

static.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	licdn.com static.licdn.com	282 KB
1	geoplugin.net www.geoplugin.net	2 KB
1	camaraeugeniodecastro.rs.gov.br camaraeugeniodecastro.rs.gov.br	7 KB
11	3

	Domain	Requested by
9	static.licdn.com	camaraeugeniodecastro.rs.gov.br
1	www.geoplugin.net	camaraeugeniodecastro.rs.gov.br
1	camaraeugeniodecastro.rs.gov.br
11	3

This site contains no links.

Subject Issuer	Validity	Valid
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh

This page contains 1 frames:

Primary Page: http://camaraeugeniodecastro.rs.gov.br/assets/ID3/hakam%20new/piled.php?email=waqar.s@adcb.com
Frame ID: BCE9F164461ED2CD7253BF72A89F168F
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

env /^google_ad_/i

YUI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^YAHOO$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^jQuery$/i

Page Statistics

11
Requests

82 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

4
IPs

3
Countries

290 kB
Transfer

704 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request piled.php Show response camaraeugeniodecastro.rs.gov.br/assets/ID3/hakam%20new/	15 KB 7 KB	1307ms 321ms	Document text/html	50.116.87.108
General Check archive.org Show headers Download Go to Full URL http://camaraeugeniodecastro.rs.gov.br/assets/ID3/hakam%20new/piled.php?email=waqar.s@adcb.com Protocol HTTP/1.1 Server 50.116.87.108 Houston, United States, ASN46606 (,), Reverse DNS srv218.prodns.com.br Software Apache / Resource Hash `c6530e390dc35e728d06cd880cbc32d8c2bd6f81537c02c65df4f40125df51ee` Request headers Host camaraeugeniodecastro.rs.gov.br Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 21 May 2019 18:07:17 GMT Server Apache Vary Accept-Encoding Content-Encoding gzip Content-Length 6591 Keep-Alive timeout=5, max=75 Connection Keep-Alive Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	css static.licdn.com/scds/concat/common/	77 KB 13 KB	98ms 7ms	Stylesheet text/css	2a02:26f0:6c00:28c::25ea AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://static.licdn.com/scds/concat/common/css?h=765zh9odycznutep5f0mj07m4-c8kkvmvykvq2ncgxoqb13d2by-97r9i8f0vw2gmq97lpzb2ohek-7mxyksftlcjzimz2r05hd289r-4uu2pkz5u0jch61r2nhpyyrn8-7poavrvxlvh0irzkbnoyoginp-4om4nn3a2z730xs82d78xj3be-7m0xa9uspuliui8l4c806ppxc-ct4kfyj4tquup0bvqhttvymms-c1cmlc2imos8f942j65p5pmjm-9zbbsrdszts09by60it4vuo3q-8ti9u6z5f55pestwbmte40d9-cernnxjzxrrt8qy88tyxhj3c5-3pwwsn1udmwoy3iort8vfmygt-b1019pao2n44df9be9gay2vfw-7fo5l62eztikpp1cfui1jz4to-ab01tg8funn2n1exayaej7367 Requested by Host: camaraeugeniodecastro.rs.gov.br URL: http://camaraeugeniodecastro.rs.gov.br/assets/ID3/hakam%20new/piled.php?email=waqar.s@adcb.com Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:28c::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software Play / Resource Hash `50868732797a7ca5ab13037131ac579eb3986822ca127ac7bc82bc65f98b1a2e` Request headers Referer http://camaraeugeniodecastro.rs.gov.br/assets/ID3/hakam%20new/piled.php?email=waqar.s@adcb.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 21 May 2019 18:07:18 GMT Content-Encoding gzip X-CDN-CLIENT-IP-VERSION IPV6 X-CDN AKAM X-Li-Pop prod-efr5 X-CDN-Proto HTTP1 Connection keep-alive Content-Length 12557 X-LI-UUID 33U70lTPmRVAmQ6waysAAA== Timing-Allow-Origin * Last-Modified Mon, 05 Nov 2012 04:00:51 GMT Server Play Cache-Control max-age=31536000, immutable X-EdgeConnect-Cache-Status 1 Vary Accept-Encoding Content-Type text/css Access-Control-Allow-Origin * Access-Control-Expose-Headers X-CDN, X-CDN-CLIENT-IP-VERSION, X-CDN-Proto X-LI-Proto http/1.1 X-LI-Static-Content 1 X-Li-Fabric prod-lva1 Expires Tue, 28 Apr 2020 01:59:38 GMT
GET H/1.1	200 OK	js Show response static.licdn.com/scds/concat/common/	298 KB 87 KB	98ms 7ms	Script text/javascript	2a02:26f0:6c00:28c::25ea AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://static.licdn.com/scds/concat/common/js?h=a06jpss2hf43xwxobn0gl598m-b7ksroocq54owoz2fawjb292y-62og8s54488owngg0s7escdit-c8ha6zrgpgcni7poa5ctye7il-8gz32kphtrjyfula3jpu9q6wl-51dv6schthjydhvcv6rxvospp-e9rsfv7b5gx0bk0tln31dx3sq-2r5gveucqe4lsolc3n0oljsn1-8v2hz0euzy8m1tk5d6tfrn6j-di2107u61yb11ttimo0s2qyh2-a5z91y8xfiqdawrgpl2z4m6gs-93jgstnkffqiw9htrr1tva7y3-7oayq6ato0qqkz6gz6iunlkxr-999q8q1ovip41ng1nylee3woz-5gedbbq7rksg5ypd5ruwisrah-39kuwv80yvqr74w4oe9bge0md-7ty57fxmbd5klxui85wcgpq3k-e1yamnwwzlstlh2d0l31jqbq3-39qtiin34ku3a7j62elxviuxr-8su35siohpmem14ncxhw06cld-ccxtvi3w660pars8qw3alamil Requested by Host: camaraeugeniodecastro.rs.gov.br URL: http://camaraeugeniodecastro.rs.gov.br/assets/ID3/hakam%20new/piled.php?email=waqar.s@adcb.com Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:28c::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software Play / Resource Hash `db04e92ea545ec70121e7664aaa1b34da2ba494909351ba98a6cd9215dde1313` Request headers Referer http://camaraeugeniodecastro.rs.gov.br/assets/ID3/hakam%20new/piled.php?email=waqar.s@adcb.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers X-EdgeConnect-Origin-MEX-Latency 211 Date Tue, 21 May 2019 18:07:18 GMT Content-Encoding gzip X-CDN-CLIENT-IP-VERSION IPV6 X-CDN AKAM X-Li-Pop prod-esv5-tls13 X-EdgeConnect-MidMile-RTT 0 X-CDN-Proto HTTP1 Connection keep-alive Content-Length 88192 X-LI-UUID nWMg24wGmxXAG2iIXysAAA== Timing-Allow-Origin * Last-Modified Mon, 05 Nov 2012 04:00:51 GMT Server Play Cache-Control max-age=31536000, immutable Vary Accept-Encoding Content-Type text/javascript Access-Control-Allow-Origin * Access-Control-Expose-Headers X-CDN, X-CDN-CLIENT-IP-VERSION, X-CDN-Proto X-LI-Proto http/1.1 X-LI-Static-Content 1 X-Li-Fabric prod-ltx1 Expires Fri, 01 May 2020 14:00:20 GMT
GET H/1.1	200 OK	css static.licdn.com/scds/concat/common/	27 KB 6 KB	97ms 6ms	Stylesheet text/css	2a02:26f0:6c00:28c::25ea AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://static.licdn.com/scds/concat/common/css?h=1o07vpl9fx1wygty96v5v520o-a4kjc5uqttio53azw54aex6s3 Requested by Host: camaraeugeniodecastro.rs.gov.br URL: http://camaraeugeniodecastro.rs.gov.br/assets/ID3/hakam%20new/piled.php?email=waqar.s@adcb.com Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:28c::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software Play / Resource Hash `c07be4260dc5cbc828431f397d15f9be0e1040e0d6dc3d42240e372e152550b7` Request headers Referer http://camaraeugeniodecastro.rs.gov.br/assets/ID3/hakam%20new/piled.php?email=waqar.s@adcb.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 21 May 2019 18:07:18 GMT Content-Encoding gzip X-CDN-CLIENT-IP-VERSION IPV6 X-CDN AKAM X-Li-Pop prod-eda6 X-CDN-Proto HTTP1 Connection keep-alive Content-Length 5233 X-LI-UUID zLCqJ2UcmxUA9R3JAisAAA== Timing-Allow-Origin * Last-Modified Mon, 05 Nov 2012 04:00:51 GMT Server Play Cache-Control max-age=31536000, immutable X-EdgeConnect-Cache-Status 1 Vary Accept-Encoding Content-Type text/css Access-Control-Allow-Origin * Access-Control-Expose-Headers X-CDN, X-CDN-CLIENT-IP-VERSION, X-CDN-Proto X-LI-Proto http/1.1 X-LI-Static-Content 1 X-Li-Fabric prod-ltx1 Expires Fri, 01 May 2020 23:51:24 GMT
GET H/1.1	200 OK	css static.licdn.com/scds/concat/common/	42 KB 5 KB	97ms 6ms	Stylesheet text/css	2a02:26f0:6c00:28c::25ea AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://static.licdn.com/scds/concat/common/css?h=c52xqty03kc2uumayfdgw52ha-6eb15yl27eoj4wlyl799ae32f-9isvvzw61fpveso9doy1mzsas-2qk68hrxrqya74okuimf9dv0c-613o3z852fmufuoq56wjec8bn-aibd4bc52tilbqe5gz50e4sem Requested by Host: camaraeugeniodecastro.rs.gov.br URL: http://camaraeugeniodecastro.rs.gov.br/assets/ID3/hakam%20new/piled.php?email=waqar.s@adcb.com Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:28c::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software Apache-Coyote/1.1 / Resource Hash `3f27748da1da1cef51b213afad440c090580922d4eff02d368f8c8fe9fd5639c` Request headers Referer http://camaraeugeniodecastro.rs.gov.br/assets/ID3/hakam%20new/piled.php?email=waqar.s@adcb.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 21 May 2019 18:07:18 GMT Content-Encoding gzip X-CDN-CLIENT-IP-VERSION IPV6 X-CDN AKAM X-Li-Pop prod-tln1 X-CDN-Proto HTTP1 Connection keep-alive Content-Length 4925 X-LI-UUID Rqd6W6AH7BSAFu+n0yoAAA== Timing-Allow-Origin * Last-Modified Mon, 05 Nov 2012 04:00:51 GMT Server Apache-Coyote/1.1 Cache-Control max-age=31536000, immutable Vary Accept-Encoding Content-Type text/css Access-Control-Allow-Origin * Access-Control-Expose-Headers X-CDN, X-CDN-CLIENT-IP-VERSION, X-CDN-Proto X-LI-Proto http/1.1 X-LI-Static-Content 1 X-Li-Fabric prod-ltx1 Expires Tue, 03 Sep 2019 10:11:20 GMT
GET H/1.1	200 OK	css static.licdn.com/scds/concat/common/	69 KB 10 KB	111ms 20ms	Stylesheet text/css	2a02:26f0:6c00:28c::25ea AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://static.licdn.com/scds/concat/common/css?h=cfsam81o5sp3cxb7m0hs933c4-am4posir4cbrpjbyrv9hmzsud-35lybw28luek036334m0p39y7 Requested by Host: camaraeugeniodecastro.rs.gov.br URL: http://camaraeugeniodecastro.rs.gov.br/assets/ID3/hakam%20new/piled.php?email=waqar.s@adcb.com Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:28c::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software Play / Resource Hash `149befa213c2bd3f943d16ab640be73c4261b472c3ce8e901ff345478430757d` Request headers Referer http://camaraeugeniodecastro.rs.gov.br/assets/ID3/hakam%20new/piled.php?email=waqar.s@adcb.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 21 May 2019 18:07:18 GMT Content-Encoding gzip X-CDN-CLIENT-IP-VERSION IPV6 X-CDN AKAM X-Li-Pop prod-esv5-tls13 X-CDN-Proto HTTP1 Connection keep-alive Content-Length 9531 X-LI-UUID CxvTKGUcmxVgNgl0JSsAAA== Timing-Allow-Origin * Last-Modified Mon, 05 Nov 2012 04:00:51 GMT Server Play Cache-Control max-age=31536000, immutable Vary Accept-Encoding Content-Type text/css Access-Control-Allow-Origin * Access-Control-Expose-Headers X-CDN, X-CDN-CLIENT-IP-VERSION, X-CDN-Proto X-LI-Proto http/1.1 X-LI-Static-Content 1 X-Li-Fabric prod-lor1 Expires Sat, 02 May 2020 05:39:11 GMT
GET H/1.1	200 OK	javascript.gp Show response www.geoplugin.net/	2 KB 2 KB	338ms 48ms	Script application/javascript	178.237.33.50 ATOM86-AS ATOM86
General Check archive.org Show headers Download Go to Full URL http://www.geoplugin.net/javascript.gp Requested by Host: camaraeugeniodecastro.rs.gov.br URL: http://camaraeugeniodecastro.rs.gov.br/assets/ID3/hakam%20new/piled.php?email=waqar.s@adcb.com Protocol HTTP/1.1 Server 178.237.33.50 , Netherlands, ASN8455 (ATOM86-AS ATOM86, NL), Reverse DNS Software Apache / Resource Hash `2bf81bb533f9be357bd8611b5ccb63316c24486cb1005049615d4eadb6873705` Request headers Referer http://camaraeugeniodecastro.rs.gov.br/assets/ID3/hakam%20new/piled.php?email=waqar.s@adcb.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Tue, 21 May 2019 18:07:18 GMT Server Apache Connection keep-alive Content-Length 1572 Content-Type application/javascript; charset=utf-8
GET H/1.1	200 OK	photo_splash_signin_1141x759_v4.jpg static.licdn.com/scds/common/u/images/apps/uas/	140 KB 140 KB	8ms 8ms	Image image/jpeg	2a02:26f0:6c00:28c::25ea AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://static.licdn.com/scds/common/u/images/apps/uas/photo_splash_signin_1141x759_v4.jpg Requested by Host: camaraeugeniodecastro.rs.gov.br URL: http://camaraeugeniodecastro.rs.gov.br/assets/ID3/hakam%20new/piled.php?email=waqar.s@adcb.com Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:28c::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software Play / Resource Hash `30052f65174a9e2d75f3ac731c71c6dc14f48a4585a29b176401df4051d64ece` Request headers Referer https://static.licdn.com/scds/concat/common/css?h=cfsam81o5sp3cxb7m0hs933c4-am4posir4cbrpjbyrv9hmzsud-35lybw28luek036334m0p39y7 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 21 May 2019 18:07:18 GMT Content-Encoding gzip X-CDN-CLIENT-IP-VERSION IPV6 X-CDN AKAM X-Li-Pop PROD-IDB2 X-CDN-Proto HTTP1 Connection keep-alive Content-Length 143181 X-LI-UUID 3toJy4a8jBXAysfmECsAAA== Timing-Allow-Origin * Last-Modified Mon, 05 Nov 2012 04:00:51 GMT Server Play Cache-Control max-age=31536000, immutable Vary Accept-Encoding Content-Type image/jpeg Access-Control-Allow-Origin * Access-Control-Expose-Headers X-CDN, X-CDN-CLIENT-IP-VERSION, X-CDN-Proto X-LI-Proto http/1.1 X-LI-Static-Content 1 X-Li-Fabric prod-ltx1 Expires Sun, 15 Mar 2020 15:51:09 GMT
GET H/1.1	200 OK	logo_linkedin_242x59_v1.png static.licdn.com/scds/common/u/images/logos/linkedin/	1 KB 2 KB	109ms 109ms	Image image/png	2a02:26f0:6c00:28c::25ea AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://static.licdn.com/scds/common/u/images/logos/linkedin/logo_linkedin_242x59_v1.png Requested by Host: camaraeugeniodecastro.rs.gov.br URL: http://camaraeugeniodecastro.rs.gov.br/assets/ID3/hakam%20new/piled.php?email=waqar.s@adcb.com Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:28c::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software Play / Resource Hash `a752cd8b5059dda8f8c25786a2565f824c6a14db9f60204755ca4c49243f5bc9` Request headers Referer https://static.licdn.com/scds/concat/common/css?h=cfsam81o5sp3cxb7m0hs933c4-am4posir4cbrpjbyrv9hmzsud-35lybw28luek036334m0p39y7 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 21 May 2019 18:07:18 GMT Content-Encoding gzip X-CDN-CLIENT-IP-VERSION IPV6 X-CDN AKAM X-Li-Pop PROD-IDB2 X-CDN-Proto HTTP1 Connection keep-alive Content-Length 1069 X-LI-UUID Wi9CTFUH7BTAGKIbbSsAAA== Timing-Allow-Origin * Last-Modified Mon, 05 Nov 2012 04:00:51 GMT Server Play Cache-Control max-age=31536000, immutable Vary Accept-Encoding Content-Type image/png Access-Control-Allow-Origin * Access-Control-Expose-Headers X-CDN, X-CDN-CLIENT-IP-VERSION, X-CDN-Proto X-LI-Proto http/1.1 X-LI-Static-Content 1 X-Li-Fabric prod-ltx1 Expires Tue, 03 Sep 2019 03:07:24 GMT
GET H/1.1	200 OK	LinkedIn-Glyphs-16px.woff static.licdn.com/scds/common/u//fonts/LinkedInGlyphs/2.0.7/	32 KB 18 KB	19ms 6ms	Font application/font-woff	2a02:26f0:6c00:296::25ea AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://static.licdn.com/scds/common/u//fonts/LinkedInGlyphs/2.0.7/LinkedIn-Glyphs-16px.woff Requested by Host: camaraeugeniodecastro.rs.gov.br URL: http://camaraeugeniodecastro.rs.gov.br/assets/ID3/hakam%20new/piled.php?email=waqar.s@adcb.com Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:296::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software Apache-Coyote/1.1 / Resource Hash `8b52b560411ddd0674ae06172bea8599767a0064ae40214f6cba70f92f4b2fb6` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://static.licdn.com/scds/concat/common/css?h=765zh9odycznutep5f0mj07m4-c8kkvmvykvq2ncgxoqb13d2by-97r9i8f0vw2gmq97lpzb2ohek-7mxyksftlcjzimz2r05hd289r-4uu2pkz5u0jch61r2nhpyyrn8-7poavrvxlvh0irzkbnoyoginp-4om4nn3a2z730xs82d78xj3be-7m0xa9uspuliui8l4c806ppxc-ct4kfyj4tquup0bvqhttvymms-c1cmlc2imos8f942j65p5pmjm-9zbbsrdszts09by60it4vuo3q-8ti9u6z5f55pestwbmte40d9-cernnxjzxrrt8qy88tyxhj3c5-3pwwsn1udmwoy3iort8vfmygt-b1019pao2n44df9be9gay2vfw-7fo5l62eztikpp1cfui1jz4to-ab01tg8funn2n1exayaej7367 Origin http://camaraeugeniodecastro.rs.gov.br Response headers Date Tue, 21 May 2019 18:07:18 GMT Content-Encoding gzip X-CDN-CLIENT-IP-VERSION IPV6 X-CDN AKAM X-Li-Pop prod-ela1 X-CDN-Proto HTTP1 Connection keep-alive Content-Length 17257 X-LI-UUID Xq3pesIG7BTAAIs15CoAAA== Timing-Allow-Origin * Last-Modified Mon, 05 Nov 2012 04:00:51 GMT Server Apache-Coyote/1.1 Cache-Control max-age=31536000, immutable Vary Accept-Encoding Content-Type application/font-woff Access-Control-Allow-Origin * Access-Control-Expose-Headers X-CDN, X-CDN-CLIENT-IP-VERSION, X-CDN-Proto X-LI-Proto http/1.1 X-LI-Static-Content 1 X-Li-Fabric prod-lor1 Expires Tue, 03 Sep 2019 09:25:43 GMT
GET H/1.1	200 OK	logo_linkedin_white_trans_64x16_v1.png static.licdn.com/scds/common/u/images/logos/	761 B 1 KB	12ms 7ms	Image image/png	2a02:26f0:6c00:28c::25ea AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://static.licdn.com/scds/common/u/images/logos/logo_linkedin_white_trans_64x16_v1.png Requested by Host: camaraeugeniodecastro.rs.gov.br URL: http://camaraeugeniodecastro.rs.gov.br/assets/ID3/hakam%20new/piled.php?email=waqar.s@adcb.com Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:28c::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software Apache-Coyote/1.1 / Resource Hash `3b212ee3e0509a0088d1cd6d364a613c36ca079ccaf73a26c54ebbf5fe2f3239` Request headers Referer https://static.licdn.com/scds/concat/common/css?h=cfsam81o5sp3cxb7m0hs933c4-am4posir4cbrpjbyrv9hmzsud-35lybw28luek036334m0p39y7 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 21 May 2019 18:07:18 GMT Content-Encoding gzip X-CDN-CLIENT-IP-VERSION IPV6 X-CDN AKAM X-Li-Pop prod-tln1 X-CDN-Proto HTTP1 Connection keep-alive Content-Length 784 X-LI-UUID dhH8baAH7BTAiwwb0ioAAA== Timing-Allow-Origin * Last-Modified Mon, 05 Nov 2012 04:00:51 GMT Server Apache-Coyote/1.1 Cache-Control max-age=31536000, immutable Vary Accept-Encoding Content-Type image/png Access-Control-Allow-Origin * Access-Control-Expose-Headers X-CDN, X-CDN-CLIENT-IP-VERSION, X-CDN-Proto X-LI-Proto http/1.1 X-LI-Static-Content 1 X-Li-Fabric prod-ltx1 Expires Tue, 03 Sep 2019 06:56:59 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: LinkedIn (Social Network)

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| YAHOO undefined| f function| UISettings object| oUISettings function| WebTrack object| LIAds undefined| google_ad_width undefined| google_ad_height string| google_ad_format string| google_color_border string| google_color_bg string| google_color_link string| google_color_url string| google_color_text function| quoted function| google_encodeURIComponent function| google_write_tracker function| google_append_url function| google_append_url_esc function| google_append_color function| google_get_user_data function| google_show_ad function| FocusField function| $ function| jQuery object| LI object| i18n object| Lui object| lui object| YUtil object| YConn object| YGet object| YJson object| YWidget object| YDom object| YEvent function| YAnim function| Y$ object| LIModules function| LI_WCT object| WebTracking string| google_ad_url number| google_channel_id object| google_date number| google_random number| google_ad_frameborder string| google_ad_output object| google_page_url number| google_last_modified_time string| google_referrer_url object| google_num_slots_by_channel function| geoplugin_request function| geoplugin_status function| geoplugin_credit function| geoplugin_delay function| geoplugin_city function| geoplugin_region function| geoplugin_regionCode function| geoplugin_regionName function| geoplugin_areaCode function| geoplugin_dmaCode function| geoplugin_countryCode function| geoplugin_countryName function| geoplugin_inEU function| geoplugin_euVATrate function| geoplugin_continentCode function| geoplugin_latitude function| geoplugin_longitude function| geoplugin_locationAccuracyRadius function| geoplugin_timezone function| geoplugin_currencyCode function| geoplugin_currencySymbol function| geoplugin_currencySymbol_UTF8 function| geoplugin_currencyConverter function| initInput function| nospaces function| validate

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

camaraeugeniodecastro.rs.gov.br
static.licdn.com
www.geoplugin.net
178.237.33.50
2a02:26f0:6c00:28c::25ea
2a02:26f0:6c00:296::25ea
50.116.87.108
149befa213c2bd3f943d16ab640be73c4261b472c3ce8e901ff345478430757d
2bf81bb533f9be357bd8611b5ccb63316c24486cb1005049615d4eadb6873705
30052f65174a9e2d75f3ac731c71c6dc14f48a4585a29b176401df4051d64ece
3b212ee3e0509a0088d1cd6d364a613c36ca079ccaf73a26c54ebbf5fe2f3239
3f27748da1da1cef51b213afad440c090580922d4eff02d368f8c8fe9fd5639c
50868732797a7ca5ab13037131ac579eb3986822ca127ac7bc82bc65f98b1a2e
8b52b560411ddd0674ae06172bea8599767a0064ae40214f6cba70f92f4b2fb6
a752cd8b5059dda8f8c25786a2565f824c6a14db9f60204755ca4c49243f5bc9
c07be4260dc5cbc828431f397d15f9be0e1040e0d6dc3d42240e372e152550b7
c6530e390dc35e728d06cd880cbc32d8c2bd6f81537c02c65df4f40125df51ee
db04e92ea545ec70121e7664aaa1b34da2ba494909351ba98a6cd9215dde1313