0/100

medium Risk

servicosdtranmeusc.com

https://servicosdtranmeusc.com/santacatarina

2.24.75.27

Location

London, United Kingdom

Domain Age

6 days ⚠

HTTP

403 · 51.9s

SSL

Valid· E7, Let's Encrypt, US

Status

COMPLETED

Visual Evidence

Zoom

Save

Linked Phishing Report

This scan is attached to a vendor submission report

Brand

servicosdtranmeusc.com

Vendors

23/31

Status

partial

⟳ openphish⟳ emsisoft⟳ apple✓ bitdefender✓ brightcloud⟳ apwg✓ sophos✓ eset✓ chainpatrol⟳ isitphish✓ avast✗ threatyeti✗ norton✓ yandex✓ microsoft✓ polyswarm✓ kaspersky✓ avg✓ spamhaus✓ urlquery✓ netcraft⟳ cisa✓ drweb✓ phishreport✓ urlscan✓ phishtank✓ virustotal✓ urlabuse✓ mcafee✓ google✓ fortiguard

KB/IOK Matches (0)—

No KB/IOK detections were recorded for this scan.

servicosdtranmeusc.com

Unknown

technology | finance | ecommerce | government | other · 6/3/2026

Summary

The page presents a Portuguese “Acesso Restrito” (Restricted Access) message with content restricted to Brazil. The URL path and homepage do not show any company branding, logos, or impersonation cues beyond a generic restricted access page. The screenshot and HTML indicate a simple access restriction page rather than a credential phishing surface, suggesting no clear impersonation of a well-known brand. Given the new domain and restricted content, there is insufficient evidence of phishing or credential harvesting on this page.

Evidence Summary

▸Observed 2 capture stage(s); canonical stage is settled_render.

Capture

Stages: 2

Canonical: Settled Render

Changed: No

Credential Signals

Forms: 0

Password fields: 0

Late-stage login UI: No

Resource Signals

Resources: 2

Hosts: 1

Domains: 1

Attack Techniques (1)

Absence of login forms or credential capture surfaces in static HTML

Indicators of Compromise (1)

▸No login forms, no credential fields observed in static HTML

Risk AssessmentUsed in abuse reports

The page shows a country-restricted access message in Portuguese, with no credential harvesting UI visible in the static HTML. The combination of a very new domain, a free Let's Encrypt SSL, and a restrictive 403 page could indicate a placeholder or gate for content rather than an active phishing surface. However, the extremely new domain and absence of brand signals warrant caution. Recommend monitoring and further probing for client-side rendering to reveal any hidden login implementations, and consider domain-age risk when correlating with potential impersonation or abuse. At this time, there is no concrete evidence of credential phishing on this page.

Recommended Action

Monitor

Cross-Reference9

URL Intelligence