libereem2horas.online Open in urlscan Pro
2a02:4780:13:1536:0:3819:7bbf:4 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://libereem2horas.online/
Effective URL:
https://libereem2horas.online/
Submission: On August 24 via api (August 24th 2024, 5:58:26 pm UTC) from US — Scanned from CA

Summary HTTP 19 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 19 HTTP transactions. The main IP is 2a02:4780:13:1536:0:3819:7bbf:4, located in São Paulo, Brazil and belongs to AS-HOSTINGER, CY. The main domain is libereem2horas.online.
TLS certificate: Issued by WR1 on August 23rd 2024. Valid for: 3 months.

This is the only time libereem2horas.online was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Caixa (Government)

Domain & IP information

	IP Address	AS Autonomous System
17	2a02:4780:13:... 2a02:4780:13:1536:0:3819:7bbf:4	47583 (AS-HOSTINGER) (AS-HOSTINGER)
1	77.37.127.76 77.37.127.76	31400 (ACCELERAT...) (ACCELERATED-IT)
19	3

17 2a02:4780:13:1536:0:3819:7bbf:4 (São Paulo, Brazil)

ASN47583 (AS-HOSTINGER, CY)

libereem2horas.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 77.37.127.76 (São Paulo, Brazil)

ASN31400 (ACCELERATED-IT, DE)

libereem2horas.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	libereem2horas.online libereem2horas.online	4 MB
0	contratoliberadoaux.com Failed contratoliberadoaux.com Failed
19	2

	Domain	Requested by
18	libereem2horas.online	libereem2horas.online
0	contratoliberadoaux.com Failed
19	2

This site contains no links.

Subject Issuer	Validity	Valid
libereem2horas.online WR1	`2024-08-23` - `2024-11-21`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://libereem2horas.online/
Frame ID: FEFDF5A30A87D6B281F8AA751001CFBF
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Brasil

Page URL History Show full URLs

http://libereem2horas.online/ HTTP 307
https://libereem2horas.online/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

SweetAlert2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+?href="[^"]+sweetalert2(?:\.min)?\.css
sweetalert2(?:\.all)?(?:\.min)?\.js

Page Statistics

19
Requests

95 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

4433 kB
Transfer

4821 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://libereem2horas.online/ HTTP 307
https://libereem2horas.online/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
libereem2horas.online/
Redirect Chain

http://libereem2horas.online/
https://libereem2horas.online/

11 KB
4 KB

522ms
197ms

Document
text/html

2a02:4780:13:1536:0:3819:7bbf:4
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://libereem2horas.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:13:1536:0:3819:7bbf:4 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed / PHP/7.4.33

Resource Hash

6c28a3c4c4d23cecf2450782c7c64204e3c13d85d47e79c65ddc6b9517b28d38

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-length: 4014
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Sat, 24 Aug 2024 17:58:18 GMT
platform: hostinger
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

Redirect headers

Location: https://libereem2horas.online/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 index.css
libereem2horas.online/Brasil_files/ 3 KB
1 KB 149ms
133ms Stylesheet
text/css 2a02:4780:13:1536:0:3819:7bbf:4
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://libereem2horas.online/Brasil_files/index.css

Requested by

Host: libereem2horas.online
URL: https://libereem2horas.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:13:1536:0:3819:7bbf:4 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

df22f350b3aa8616d1717e2125575073d29ac5ed8886139b855a08ec8c657300

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://libereem2horas.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 24 Aug 2024 17:58:18 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 24 Aug 2024 13:48:59 GMT
server: LiteSpeed
etag: "ba7-66c9e4cb-2ebb0f2a7cff0462;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 900
expires: Sat, 31 Aug 2024 17:58:18 GMT

GET
H2 200 bootstrap.min.css
libereem2horas.online/Brasil_files/ 227 KB
27 KB 148ms
132ms Stylesheet
text/css 2a02:4780:13:1536:0:3819:7bbf:4
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://libereem2horas.online/Brasil_files/bootstrap.min.css

Requested by

Host: libereem2horas.online
URL: https://libereem2horas.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:13:1536:0:3819:7bbf:4 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

16ee7f3d53462650bbd32e263c48c0ea759574fcf620c681ad719008912c461a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://libereem2horas.online/
Origin: https://libereem2horas.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 24 Aug 2024 17:58:18 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 24 Aug 2024 13:48:58 GMT
server: LiteSpeed
etag: "38cf3-66c9e4ca-90524989ec0e633a;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 27179
expires: Sat, 31 Aug 2024 17:58:18 GMT

GET
H2 200 all.min.css
libereem2horas.online/Brasil_files/ 100 KB
21 KB 290ms
275ms Stylesheet
text/css 2a02:4780:13:1536:0:3819:7bbf:4
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://libereem2horas.online/Brasil_files/all.min.css

Requested by

Host: libereem2horas.online
URL: https://libereem2horas.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:13:1536:0:3819:7bbf:4 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

1edb1725a9ea8ca4dcf2f5508cee183218aa1685e47c1b23056717f754f58ebf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer
Origin: https://libereem2horas.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 24 Aug 2024 17:58:18 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 24 Aug 2024 13:48:57 GMT
server: LiteSpeed
etag: "18e89-66c9e4c9-c6f91c8eaaabb6bf;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 21557
expires: Sat, 31 Aug 2024 17:58:18 GMT

GET
H2 200 sweetalert2.min.css
libereem2horas.online/Brasil_files/ 22 KB
4 KB 422ms
407ms Stylesheet
text/css 2a02:4780:13:1536:0:3819:7bbf:4
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://libereem2horas.online/Brasil_files/sweetalert2.min.css

Requested by

Host: libereem2horas.online
URL: https://libereem2horas.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:13:1536:0:3819:7bbf:4 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

b594b8d833ee6135c84734924c94bd83028fbfcfa98256c17cdb4950dbddc96e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://libereem2horas.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 24 Aug 2024 17:58:18 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 24 Aug 2024 13:48:59 GMT
server: LiteSpeed
etag: "58a2-66c9e4cb-2b2c397e0e81e654;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 3896
expires: Sat, 31 Aug 2024 17:58:18 GMT

GET
H2 200 aux_brasil.png
libereem2horas.online/Brasil_files/ 24 KB
24 KB 419ms
404ms Image
image/png 2a02:4780:13:1536:0:3819:7bbf:4
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://libereem2horas.online/Brasil_files/aux_brasil.png

Requested by

Host: libereem2horas.online
URL: https://libereem2horas.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:13:1536:0:3819:7bbf:4 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

714c76b566247379dbb72bc485b762433a0c5a19277f538bbb0daab84db031f7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://libereem2horas.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 24 Aug 2024 17:58:18 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 24 Aug 2024 13:48:57 GMT
server: LiteSpeed
etag: "6157-66c9e4c9-8fc37683b50a9b2c;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 24919
expires: Sat, 31 Aug 2024 17:58:18 GMT

GET
H2 200 bolsa_familia_logo.png
libereem2horas.online/Brasil_files/ 18 KB
18 KB 419ms
405ms Image
image/png 2a02:4780:13:1536:0:3819:7bbf:4
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://libereem2horas.online/Brasil_files/bolsa_familia_logo.png

Requested by

Host: libereem2horas.online
URL: https://libereem2horas.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:13:1536:0:3819:7bbf:4 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

c547741d4973888d9f430629a7c626a0dc36515ef33c7b4c8bc86a73a3360160

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://libereem2horas.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 24 Aug 2024 17:58:18 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 24 Aug 2024 13:48:58 GMT
server: LiteSpeed
etag: "47fd-66c9e4ca-87c5f0d39dcd6264;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 18429
expires: Sat, 31 Aug 2024 17:58:18 GMT

GET
H2 200 8638314_whatsapp_compress.png
libereem2horas.online/Brasil_files/ 4 MB
4 MB 549ms
526ms Image
image/png 2a02:4780:13:1536:0:3819:7bbf:4
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://libereem2horas.online/Brasil_files/8638314_whatsapp_compress.png

Requested by

Host: libereem2horas.online
URL: https://libereem2horas.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:13:1536:0:3819:7bbf:4 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

5edac30d081073096f7d5b8e7c14841e1fc25e1488378985d058e89056943432

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://libereem2horas.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 24 Aug 2024 17:58:18 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 24 Aug 2024 13:49:01 GMT
server: LiteSpeed
etag: "3f4b33-66c9e4cd-f5340eba8ebfb5af;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 4148019
expires: Sat, 31 Aug 2024 17:58:18 GMT

GET
H2 200 Captura%20de%20tela%202024-08-19%20124357.png
libereem2horas.online/Brasil_files/ 2 KB
2 KB 549ms
525ms Image
image/png 2a02:4780:13:1536:0:3819:7bbf:4
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://libereem2horas.online/Brasil_files/Captura%20de%20tela%202024-08-19%20124357.png

Requested by

Host: libereem2horas.online
URL: https://libereem2horas.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:13:1536:0:3819:7bbf:4 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

c196820a55ae19bdd38b7415251c27630957daa9f3d40277400785eb3d96fb71

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://libereem2horas.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 24 Aug 2024 17:58:18 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 24 Aug 2024 13:48:59 GMT
server: LiteSpeed
etag: "632-66c9e4cb-9ec879e9d56113fc;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 1586
expires: Sat, 31 Aug 2024 17:58:18 GMT

GET
H2 200 calendario.png
libereem2horas.online/Brasil_files/ 1 KB
1 KB 550ms
526ms Image
image/png 2a02:4780:13:1536:0:3819:7bbf:4
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://libereem2horas.online/Brasil_files/calendario.png

Requested by

Host: libereem2horas.online
URL: https://libereem2horas.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:13:1536:0:3819:7bbf:4 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

aca25761c8ceee7b6b707bf1895be1402454eb5f8a33d001646a785fa335da2c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://libereem2horas.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 24 Aug 2024 17:58:18 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 24 Aug 2024 13:48:58 GMT
server: LiteSpeed
etag: "4f8-66c9e4ca-c3693c90b06c2574;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 1272
expires: Sat, 31 Aug 2024 17:58:18 GMT

GET
H2 200 cred.png
libereem2horas.online/Brasil_files/ 4 KB
4 KB 413ms
389ms Image
image/png 2a02:4780:13:1536:0:3819:7bbf:4
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://libereem2horas.online/Brasil_files/cred.png

Requested by

Host: libereem2horas.online
URL: https://libereem2horas.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:13:1536:0:3819:7bbf:4 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

751f800cb65506d8e412281974949cb44d499445acd71d241e3858b6c415c182

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://libereem2horas.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 24 Aug 2024 17:58:18 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 24 Aug 2024 13:48:59 GMT
server: LiteSpeed
etag: "1193-66c9e4cb-ca2755663baef0d8;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 4499
expires: Sat, 31 Aug 2024 17:58:18 GMT

GET
H2 200 tutorial_1.png
libereem2horas.online/Brasil_files/ 236 KB
236 KB 411ms
390ms Image
image/png 2a02:4780:13:1536:0:3819:7bbf:4
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://libereem2horas.online/Brasil_files/tutorial_1.png

Requested by

Host: libereem2horas.online
URL: https://libereem2horas.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:13:1536:0:3819:7bbf:4 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

113691e7c6dbd424bea1f55eaf9f9785d47b629df9612ffe22a31f7be1b23c74

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://libereem2horas.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 24 Aug 2024 17:58:18 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 24 Aug 2024 13:54:49 GMT
server: LiteSpeed
etag: "3ae88-66c9e629-4a770f10972984b7;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 241288
expires: Sat, 31 Aug 2024 17:58:18 GMT

GET
H2 200 x-volume-positiva-54-v2.png
libereem2horas.online/Brasil_files/ 1 KB
1 KB 411ms
390ms Image
image/png 2a02:4780:13:1536:0:3819:7bbf:4
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://libereem2horas.online/Brasil_files/x-volume-positiva-54-v2.png

Requested by

Host: libereem2horas.online
URL: https://libereem2horas.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:13:1536:0:3819:7bbf:4 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

311f1ab2729014aa567869f260192aa0de9283534efa405bd36d1b8d8f235270

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://libereem2horas.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 24 Aug 2024 17:58:18 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 24 Aug 2024 13:49:00 GMT
server: LiteSpeed
etag: "4a4-66c9e4cc-4717a7a5ea1c6738;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 1188
expires: Sat, 31 Aug 2024 17:58:18 GMT

GET
H2 200 ic-acesso-informacao-54-v2.png
libereem2horas.online/Brasil_files/ 2 KB
2 KB 408ms
387ms Image
image/png 2a02:4780:13:1536:0:3819:7bbf:4
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://libereem2horas.online/Brasil_files/ic-acesso-informacao-54-v2.png

Requested by

Host: libereem2horas.online
URL: https://libereem2horas.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:13:1536:0:3819:7bbf:4 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

8651eae74447f591887264b3e8d5407f67475149f8ef903840449e10f5e35604

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://libereem2horas.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 24 Aug 2024 17:58:18 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 24 Aug 2024 13:48:59 GMT
server: LiteSpeed
etag: "6ea-66c9e4cb-7bf4f7f824f22a8b;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 1770
expires: Sat, 31 Aug 2024 17:58:18 GMT

GET
H2 200 sweetalert2.min.js.transferir Show response
libereem2horas.online/Brasil_files/ 40 KB
13 KB 545ms
524ms Script
text/plain 2a02:4780:13:1536:0:3819:7bbf:4
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://libereem2horas.online/Brasil_files/sweetalert2.min.js.transferir

Requested by

Host: libereem2horas.online
URL: https://libereem2horas.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:13:1536:0:3819:7bbf:4 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

254035f46a1e99ce2bb3c0bf1a19658809e8351e2a9d5f7ebc57193ee0a4cbf0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://libereem2horas.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 24 Aug 2024 17:58:18 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 24 Aug 2024 13:48:59 GMT
server: LiteSpeed
etag: "a179-66c9e4cb-734f0cc5d5bc6115;br"
vary: Accept-Encoding
content-type: text/plain
accept-ranges: bytes
platform: hostinger
content-length: 12763

GET
H2 200 bootstrap.bundle.min.js.transferir Show response
libereem2horas.online/Brasil_files/ 79 KB
22 KB 545ms
524ms Script
text/plain 2a02:4780:13:1536:0:3819:7bbf:4
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://libereem2horas.online/Brasil_files/bootstrap.bundle.min.js.transferir

Requested by

Host: libereem2horas.online
URL: https://libereem2horas.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:13:1536:0:3819:7bbf:4 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

ea8fe021a4ace4f6786fecc418f70b658fc2dc02d136e8fe5c6ab6b62a46d5d0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://libereem2horas.online/
Origin: https://libereem2horas.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 24 Aug 2024 17:58:18 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 24 Aug 2024 13:48:58 GMT
server: LiteSpeed
etag: "13ac2-66c9e4ca-70d1ec7c30fe3dd9;br"
vary: Accept-Encoding
content-type: text/plain
accept-ranges: bytes
platform: hostinger
content-length: 22317

GET
H2 404 fa-solid-900.woff2
libereem2horas.online/webfonts/ 0
0 456ms
446ms Font
text/html 2a02:4780:13:1536:0:3819:7bbf:4
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://libereem2horas.online/webfonts/fa-solid-900.woff2

Requested by

Host: libereem2horas.online
URL: https://libereem2horas.online/Brasil_files/all.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:13:1536:0:3819:7bbf:4 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://libereem2horas.online/Brasil_files/all.min.css
Origin: https://libereem2horas.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 24 Aug 2024 17:58:19 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 19 Apr 2024 12:48:22 GMT
server: LiteSpeed
etag: "999-66226816-386098dfb2b660bd;br"
vary: Accept-Encoding
content-type: text/html
accept-ranges: bytes
platform: hostinger
content-length: 912

GET
H3 404 fa-solid-900.ttf
libereem2horas.online/webfonts/ 0
0 156ms
155ms Font
text/html 77.37.127.76
ACCELERATED-IT

General

Check archive.org

Show headers Download Go to

Full URL: https://libereem2horas.online/webfonts/fa-solid-900.ttf
Requested by: Host: libereem2horas.online
URL: https://libereem2horas.online/Brasil_files/all.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 77.37.127.76 São Paulo, Brazil, ASN31400 (ACCELERATED-IT, DE),
Reverse DNS
Software: LiteSpeed /
Resource Hash

Request headers

Referer: https://libereem2horas.online/Brasil_files/all.min.css
Origin: https://libereem2horas.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 24 Aug 2024 17:58:19 GMT
content-encoding: br
last-modified: Fri, 19 Apr 2024 12:48:22 GMT
server: LiteSpeed
etag: "999-66226816-386098dfb2b660bd;br"
vary: Accept-Encoding
content-type: text/html
accept-ranges: bytes
platform: hostinger
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 912

GET caixa_tem.png
contratoliberadoaux.com/assets/img/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: contratoliberadoaux.com
URL: https://contratoliberadoaux.com/assets/img/caixa_tem.png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Caixa (Government)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://libereem2horas.online/webfonts/fa-solid-900.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://libereem2horas.online/webfonts/fa-solid-900.ttf Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

contratoliberadoaux.com
libereem2horas.online
contratoliberadoaux.com
2a02:4780:13:1536:0:3819:7bbf:4
77.37.127.76
113691e7c6dbd424bea1f55eaf9f9785d47b629df9612ffe22a31f7be1b23c74
16ee7f3d53462650bbd32e263c48c0ea759574fcf620c681ad719008912c461a
1edb1725a9ea8ca4dcf2f5508cee183218aa1685e47c1b23056717f754f58ebf
254035f46a1e99ce2bb3c0bf1a19658809e8351e2a9d5f7ebc57193ee0a4cbf0
311f1ab2729014aa567869f260192aa0de9283534efa405bd36d1b8d8f235270
5edac30d081073096f7d5b8e7c14841e1fc25e1488378985d058e89056943432
6c28a3c4c4d23cecf2450782c7c64204e3c13d85d47e79c65ddc6b9517b28d38
714c76b566247379dbb72bc485b762433a0c5a19277f538bbb0daab84db031f7
751f800cb65506d8e412281974949cb44d499445acd71d241e3858b6c415c182
8651eae74447f591887264b3e8d5407f67475149f8ef903840449e10f5e35604
aca25761c8ceee7b6b707bf1895be1402454eb5f8a33d001646a785fa335da2c
b594b8d833ee6135c84734924c94bd83028fbfcfa98256c17cdb4950dbddc96e
c196820a55ae19bdd38b7415251c27630957daa9f3d40277400785eb3d96fb71
c547741d4973888d9f430629a7c626a0dc36515ef33c7b4c8bc86a73a3360160
df22f350b3aa8616d1717e2125575073d29ac5ed8886139b855a08ec8c657300
ea8fe021a4ace4f6786fecc418f70b658fc2dc02d136e8fe5c6ab6b62a46d5d0

libereem2horas.online Open in urlscan Pro 2a02:4780:13:1536:0:3819:7bbf:4 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

19 Requests

95 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

3 IPs

1 Countries

4433 kBTransfer

4821 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

8 JavaScript Global Variables

0 Cookies

2 Console Messages

Security Headers

Indicators

libereem2horas.online Open in urlscan Pro
2a02:4780:13:1536:0:3819:7bbf:4 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

95 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

4433 kB
Transfer

4821 kB
Size

0
Cookies

19 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!