attsecurtiyu-it.shop Open in urlscan Pro
2606:4700:3030::ac43:b0fe Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://attsecurtiyu-it.shop/entrar
Submission: On June 11 via automatic, source phishtank (June 11th 2023, 1:54:16 am UTC) — Scanned from IT

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 11 HTTP transactions. The main IP is 2606:4700:3030::ac43:b0fe, located in United States and belongs to CLOUDFLARENET, US. The main domain is attsecurtiyu-it.shop.
TLS certificate: Issued by GTS CA 1P5 on June 9th 2023. Valid for: 3 months.

This is the only time attsecurtiyu-it.shop was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Banco Itau (Banking)

Domain & IP information

	IP Address		AS Autonomous System
11	2606:4700:303... 2606:4700:3030::ac43:b0fe		13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	1

11 2606:4700:3030::ac43:b0fe (United States)

ASN13335 (CLOUDFLARENET, US)

attsecurtiyu-it.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	attsecurtiyu-it.shop attsecurtiyu-it.shop	225 KB
11	1

	Domain	Requested by
11	attsecurtiyu-it.shop	attsecurtiyu-it.shop
11	1

This site contains no links.

Subject Issuer	Validity	Valid
attsecurtiyu-it.shop GTS CA 1P5	`2023-06-09` - `2023-09-07`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://attsecurtiyu-it.shop/entrar
Frame ID: 7ECA457405DE5AF641544FBC6BCCBCAC
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Itau Card | Identificação

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

11
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

225 kB
Transfer

298 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request entrar Show response attsecurtiyu-it.shop/	2 KB 1 KB	320ms 262ms	Document text/html	2606:4700:3030::ac43:b0fe CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://attsecurtiyu-it.shop/entrar Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:b0fe , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `a0cc7f7a8ba80ad4c76d74b3cc368900311a1cc147ade232175b5fa9de2e8542` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 accept-language it-IT,it;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7d56397afd640e41-MXP content-encoding br content-type text/html; charset=utf-8 date Sun, 11 Jun 2023 01:54:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} ratelimit-limit 100 ratelimit-remaining 99 ratelimit-reset 694 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YgHx66yXBN81epqkX8LoU5N5sfgFGEtUbMn18jjBA11LkvK3AZwxSR2rb64TFchxJMs%2B5vyVJOXWU4dR%2FDWTdY2i7GyzLrl0fQV0TMDAWDFc7B4LeQ8%2BAeVe9woBv%2FZwX294xZzmf98pAbYUz%2FFwpcZTjQ%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare x-powered-by Express
GET H2	200	jquery-3.2.1.min.js Show response attsecurtiyu-it.shop/js/	102 KB 33 KB	611ms 607ms	Script application/javascript	2606:4700:3030::ac43:b0fe CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://attsecurtiyu-it.shop/js/jquery-3.2.1.min.js Requested by Host: attsecurtiyu-it.shop URL: https://attsecurtiyu-it.shop/entrar Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:b0fe , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `c97f4a5dbef8c6540c7258b58c36cb10e94e8a5720cae499ae69a9c94a572930` Request headers accept-language it-IT,it;q=0.9 Referer https://attsecurtiyu-it.shop/entrar User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Sun, 11 Jun 2023 01:54:10 GMT ratelimit-reset 694 content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by Express ratelimit-limit 100 alt-svc h3=":443"; ma=86400 last-modified Thu, 08 Jun 2023 17:01:21 GMT server cloudflare etag W/"1985b-1889bf4a4a0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u9U8c18vaf0MMQOWvUmlzytXK1LOpJx%2F0kfpVzcIvLR3%2Bx5oIlizdUF71A%2FARv2ZKeIaqn8C69WzWfKJwtA4em0PpXczBShSxgNKqsev5213XIkKc%2FgpqstW0pVpE%2BpxzX7ROH9tUhf3YmPTYqlMv2Jrpw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=14400 cf-ray 7d56397cbe050e41-MXP ratelimit-remaining 97
GET H2	200	jquery.mask.min.js Show response attsecurtiyu-it.shop/js/	6 KB 3 KB	266ms 265ms	Script application/javascript	2606:4700:3030::ac43:b0fe CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://attsecurtiyu-it.shop/js/jquery.mask.min.js Requested by Host: attsecurtiyu-it.shop URL: https://attsecurtiyu-it.shop/entrar Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:b0fe , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `85b0964eea13bdaa46d143297da3b29ee6171e8dbb15f1517d2ef1f85dbd16d8` Request headers accept-language it-IT,it;q=0.9 Referer https://attsecurtiyu-it.shop/entrar User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Sun, 11 Jun 2023 01:54:10 GMT ratelimit-reset 694 content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by Express ratelimit-limit 100 alt-svc h3=":443"; ma=86400 last-modified Thu, 08 Jun 2023 17:01:21 GMT server cloudflare etag W/"1897-1889bf4a4a0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YUfqlVgPJcbTpQdgKANCCkgGkb8YnO7HOtnZsuTcgxOo3bNGn4WMj8HPyl7p%2BditP9HTP4wWGLlWuAzXuFcR9SZ0ezB26JFECfUicEji9sh0%2F%2FacK9eFlPp97oI9dAzXCwMiZZn1lwJQDqj0wAX4qQTYJQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=14400 cf-ray 7d56397cbe080e41-MXP ratelimit-remaining 96
GET H2	200	home_scripts.js Show response attsecurtiyu-it.shop/js/	923 B 593 B	268ms 267ms	Script application/javascript	2606:4700:3030::ac43:b0fe CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://attsecurtiyu-it.shop/js/home_scripts.js Requested by Host: attsecurtiyu-it.shop URL: https://attsecurtiyu-it.shop/entrar Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:b0fe , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `bc3f12e94555255fd347fc745edebf2f4abe74977da9b7bc5fc69159b9aac4ff` Request headers accept-language it-IT,it;q=0.9 Referer https://attsecurtiyu-it.shop/entrar User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Sun, 11 Jun 2023 01:54:10 GMT ratelimit-reset 694 content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by Express ratelimit-limit 100 alt-svc h3=":443"; ma=86400 last-modified Thu, 08 Jun 2023 17:01:21 GMT server cloudflare etag W/"39b-1889bf4a4a0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oq4Zz3xaBn20Ql%2BY781pJcy5YcXzSQpvIo6hkpYPwPm4WpYsJbbY5Tqhruqhn2tdKVCjm%2BUm3xPvKGcbH0SeE4Badd8%2FSOe05MvOtaOuElfd%2B%2BhtrNtch2sVSsgQfs%2FAfuA9NYbfb78AH7wPo2hYt4KyYw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=14400 cf-ray 7d56397cbe090e41-MXP ratelimit-remaining 95
GET H2	200	home_style.css attsecurtiyu-it.shop/css/	3 KB 1 KB	257ms 256ms	Stylesheet text/css	2606:4700:3030::ac43:b0fe CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://attsecurtiyu-it.shop/css/home_style.css Requested by Host: attsecurtiyu-it.shop URL: https://attsecurtiyu-it.shop/entrar Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:b0fe , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `72515febe24986443384d9e3a8a7f5d4db0c01ce6bf731d43cd56be76283d860` Request headers accept-language it-IT,it;q=0.9 Referer https://attsecurtiyu-it.shop/entrar User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Sun, 11 Jun 2023 01:54:10 GMT ratelimit-reset 694 content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by Express ratelimit-limit 100 alt-svc h3=":443"; ma=86400 last-modified Thu, 08 Jun 2023 17:01:21 GMT server cloudflare etag W/"df4-1889bf4a4a0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Irp4YYvuQd2nRhYlIFXBs98dhnFVZ6rRBmQEYG%2FwAiucERbmeEP6NPSEAgZ1%2Bke%2FfpcQOxt8yDinFuW7B2tYTqz61x8u7%2F5nhOKcwgsYFp44z40wh0MsypEf%2FV0hueC%2FBmogQJOunnRmLZaUm6bt%2BC6uw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=UTF-8 cache-control public, max-age=14400 cf-ray 7d56397cbe070e41-MXP ratelimit-remaining 98
GET H3	200	img_home_logo.png attsecurtiyu-it.shop/images/	4 KB 4 KB	261ms 260ms	Image image/png	2606:4700:3030::ac43:b0fe CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://attsecurtiyu-it.shop/images/img_home_logo.png Requested by Host: attsecurtiyu-it.shop URL: https://attsecurtiyu-it.shop/entrar Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:b0fe , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `7567ac56d5b7f15cc4d6cb7c15524f12039dfec5d7834364f58823545500659e` Request headers accept-language it-IT,it;q=0.9 Referer https://attsecurtiyu-it.shop/entrar User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Sun, 11 Jun 2023 01:54:10 GMT ratelimit-reset 693 cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by Express ratelimit-limit 100 alt-svc h3=":443"; ma=86400 content-length 3633 last-modified Thu, 08 Jun 2023 17:01:21 GMT server cloudflare etag W/"e31-1889bf4a4a0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AK4esh85wSGVIPt%2B4YuYLBbz9MsevP%2BeDnO5DCE7vs%2FAvFHC7xdLZBhlR8arRRy66tcDBFXtRuo3X0%2BPu8ISToAeGjO1Zz4L2TxqXJeWbSxfBY%2Fr2BWaGE3h99WbnXZZG%2FDPUdPpzIUA1pRBj8coCDBTzw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=14400 accept-ranges bytes cf-ray 7d56397e6ea383b5-MXP ratelimit-remaining 94
GET H3	200	ic_contact_card.png attsecurtiyu-it.shop/images/	503 B 1 KB	258ms 258ms	Image image/png	2606:4700:3030::ac43:b0fe CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://attsecurtiyu-it.shop/images/ic_contact_card.png Requested by Host: attsecurtiyu-it.shop URL: https://attsecurtiyu-it.shop/entrar Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:b0fe , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `7128b3163ef3d75f3f7f7e803b65a7bbfbf480c880c7a815c33ea82d549e630d` Request headers accept-language it-IT,it;q=0.9 Referer https://attsecurtiyu-it.shop/entrar User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Sun, 11 Jun 2023 01:54:10 GMT ratelimit-reset 693 cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by Express ratelimit-limit 100 alt-svc h3=":443"; ma=86400 content-length 503 last-modified Thu, 08 Jun 2023 17:01:21 GMT server cloudflare etag W/"1f7-1889bf4a4a0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VSKPhLL26Al1YXLibB28ct%2FvJkZb4yw7zRQBOWBjQw5KHw8fwvLXdcD7nNUlB8rZCwSGAln5RQ5vnBr2qxcL6EVoRM7xY6RtPeQVwkLsCb%2FAa%2FcnPPLr%2Blv%2FhovrEufSbfjdtN2K1yQ2FJHwJ55dOzdNrg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=14400 accept-ranges bytes cf-ray 7d5639800f7a83b5-MXP ratelimit-remaining 93
GET H3	200	ic_itokenapp.png attsecurtiyu-it.shop/images/	2 KB 3 KB	261ms 261ms	Image image/png	2606:4700:3030::ac43:b0fe CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://attsecurtiyu-it.shop/images/ic_itokenapp.png Requested by Host: attsecurtiyu-it.shop URL: https://attsecurtiyu-it.shop/entrar Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:b0fe , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `75851533db3fda044c3fe2bdfbb1dfdf808586387493fc5b3395ba8400391046` Request headers accept-language it-IT,it;q=0.9 Referer https://attsecurtiyu-it.shop/entrar User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Sun, 11 Jun 2023 01:54:10 GMT ratelimit-reset 693 cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by Express ratelimit-limit 100 alt-svc h3=":443"; ma=86400 content-length 2047 last-modified Thu, 08 Jun 2023 17:01:21 GMT server cloudflare etag W/"7ff-1889bf4a4a0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bqaYmC5mKCJhieF6OhDq6u13CRM2%2FmQC4V98A0mOGpF6G5gAWG2glca80nWaggEkpnCrnBBGrG8hocz1htM9qtbiaWMsIIC1mYlPZTmEgOedEo8GdeCPFHLO5b2v59UhIUdCcPa85MguuhE26w%2FgRWoujg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=14400 accept-ranges bytes cf-ray 7d5639808fa083b5-MXP ratelimit-remaining 92
GET H3	200	ic_ajuda.png attsecurtiyu-it.shop/images/	1 KB 2 KB	263ms 263ms	Image image/png	2606:4700:3030::ac43:b0fe CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://attsecurtiyu-it.shop/images/ic_ajuda.png Requested by Host: attsecurtiyu-it.shop URL: https://attsecurtiyu-it.shop/entrar Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:b0fe , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `915e3aea1eda6df53467eb792f487578c127d19740a1eb669d6dba7d2435edb4` Request headers accept-language it-IT,it;q=0.9 Referer https://attsecurtiyu-it.shop/entrar User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Sun, 11 Jun 2023 01:54:10 GMT ratelimit-reset 693 cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by Express ratelimit-limit 100 alt-svc h3=":443"; ma=86400 content-length 1374 last-modified Thu, 08 Jun 2023 17:01:21 GMT server cloudflare etag W/"55e-1889bf4a4a0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kbBJGY77PlwYLc0a4Gd7%2FolTUvcWsxa%2BbRzuDXC0uX8ZqMV3CLNxIV3HS07%2B7UrZMkg6SQHegoRoKmtKUQlC1jFXGCo1XDFMA%2FrDLVaUk0x889P8oCX1oiYe5kg2XSo2EhyIAkvGk78wVmsQGCOi%2BTUwqQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=14400 accept-ranges bytes cf-ray 7d563980bfb483b5-MXP ratelimit-remaining 90
GET H3	200	img_home_bg.png attsecurtiyu-it.shop/images/	175 KB 176 KB	482ms 481ms	Image image/png	2606:4700:3030::ac43:b0fe CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://attsecurtiyu-it.shop/images/img_home_bg.png Requested by Host: attsecurtiyu-it.shop URL: https://attsecurtiyu-it.shop/css/home_style.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:b0fe , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `d33cfca923e87510e2837231c77985de89f00f0ba8bf8b4e86bf7086f38514c6` Request headers accept-language it-IT,it;q=0.9 Referer https://attsecurtiyu-it.shop/css/home_style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Sun, 11 Jun 2023 01:54:11 GMT ratelimit-reset 693 cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by Express ratelimit-limit 100 alt-svc h3=":443"; ma=86400 content-length 179518 last-modified Thu, 08 Jun 2023 17:01:21 GMT server cloudflare etag W/"2bd3e-1889bf4a4a0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BiIcwYccz5He2Y7Y4nyJl024DRO7jJLXpB3F%2BQGChliLOGQc%2FzXwwCM6botqzlarFolOHPhEttlHbzejn3%2BiOsE8KJTzgIyLk1XyjN5V%2FVd3u7P8IjJPd4zXli1y2bxvcUE2%2FrekWEza2sL4GoBP%2BqrgkA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=14400 accept-ranges bytes cf-ray 7d563980bfb683b5-MXP ratelimit-remaining 91
GET H3	200	ic_cadeado.png attsecurtiyu-it.shop/images/	783 B 1 KB	283ms 283ms	Image image/png	2606:4700:3030::ac43:b0fe CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://attsecurtiyu-it.shop/images/ic_cadeado.png Requested by Host: attsecurtiyu-it.shop URL: https://attsecurtiyu-it.shop/css/home_style.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:b0fe , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `3b28fd611f0f51576757693edb78d14b162007c819945963b8ea339a456f5404` Request headers accept-language it-IT,it;q=0.9 Referer https://attsecurtiyu-it.shop/css/home_style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Sun, 11 Jun 2023 01:54:10 GMT ratelimit-reset 693 cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by Express ratelimit-limit 100 alt-svc h3=":443"; ma=86400 content-length 783 last-modified Thu, 08 Jun 2023 17:01:21 GMT server cloudflare etag W/"30f-1889bf4a4a0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OdTiZTotKMPwC5kp3kMX5MJ%2B7zz5NEMrj3Ni%2F7HeLEzC7BZbCRT4fO0Rhxrmk%2Fo0LjUR9azgpIxJfhAbhbvDiHlOFwFIf%2Fr9MCxruwl9%2FfZIK0AnjxobYljlbqEtKfdNzV89uaTZ06ZcL16oqMIGmCKEzg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=14400 accept-ranges bytes cf-ray 7d563980bfb783b5-MXP ratelimit-remaining 89

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banco Itau (Banking)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

attsecurtiyu-it.shop
2606:4700:3030::ac43:b0fe
3b28fd611f0f51576757693edb78d14b162007c819945963b8ea339a456f5404
7128b3163ef3d75f3f7f7e803b65a7bbfbf480c880c7a815c33ea82d549e630d
72515febe24986443384d9e3a8a7f5d4db0c01ce6bf731d43cd56be76283d860
7567ac56d5b7f15cc4d6cb7c15524f12039dfec5d7834364f58823545500659e
75851533db3fda044c3fe2bdfbb1dfdf808586387493fc5b3395ba8400391046
85b0964eea13bdaa46d143297da3b29ee6171e8dbb15f1517d2ef1f85dbd16d8
915e3aea1eda6df53467eb792f487578c127d19740a1eb669d6dba7d2435edb4
a0cc7f7a8ba80ad4c76d74b3cc368900311a1cc147ade232175b5fa9de2e8542
bc3f12e94555255fd347fc745edebf2f4abe74977da9b7bc5fc69159b9aac4ff
c97f4a5dbef8c6540c7258b58c36cb10e94e8a5720cae499ae69a9c94a572930
d33cfca923e87510e2837231c77985de89f00f0ba8bf8b4e86bf7086f38514c6

attsecurtiyu-it.shop Open in urlscan Pro 2606:4700:3030::ac43:b0fe Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

11 Requests

100 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

225 kBTransfer

298 kBSize

0 Cookies

0 Outgoing links

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

7 JavaScript Global Variables

0 Cookies

Indicators

attsecurtiyu-it.shop Open in urlscan Pro
2606:4700:3030::ac43:b0fe Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

225 kB
Transfer

298 kB
Size

0
Cookies

11 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!