urlscan.io logo urlscan.io
SecurityTrails logo

tnprojetosestruturais.com.br Open in urlscan Pro
2606:4700:3032::6815:21da  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://tnprojetosestruturais.com.br/app/App/loadingtootp.php
Submission: On May 11 via automatic, source phishtank — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 16 HTTP transactions. The main IP is 2606:4700:3032::6815:21da, located in United States and belongs to CLOUDFLARENET, US. The main domain is tnprojetosestruturais.com.br.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 2nd 2022. Valid for: a year.
This is the only time tnprojetosestruturais.com.br was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Aruba (Online)

Domain & IP information

IP Address AS Autonomous System
13 2606:4700:303... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
16 2
Domain Requested by
13 tnprojetosestruturais.com.br tnprojetosestruturais.com.br
3 fonts.gstatic.com tnprojetosestruturais.com.br
16 2

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-04-02 -
2023-04-02		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-04-25 -
2022-07-18		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://tnprojetosestruturais.com.br/app/App/loadingtootp.php
Frame ID: 305DCB573BD6EBD7D18B67FDF4AF079D
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Aruba - Dati Cliente

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <(?:div|html)[^>]+ng-app=

Page Statistics

16
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

318 kB
Transfer

474 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request loadingtootp.php
tnprojetosestruturais.com.br/app/App/ 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tnprojetosestruturais.com.br/app/App/loadingtootp.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:21da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.33
Resource Hash
0822b624917a614bfde780879095389208ef4f92412a93c1f263e21bdd72cee0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
709a7d087b1a83b2-MXP
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 11 May 2022 11:13:59 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VqoauoOwNppPvH9rxYZbHUU1Qr90LAbavMhgqibfQ2aUTkPwsNZNyPKH%2F1ixTdIlFAArgLh5gcgG8clA7q1nrKE350Ycpp3cr8rvZLqU2raNNMnUN7AsyB4IPZcvLBEKtZ%2FuNeNKgB1NMW%2BZakK5rFcU1kBV8kT3UwzW"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.3.33
x-turbo-charged-by
LiteSpeed
css.css
tnprojetosestruturais.com.br/app/App/ndart/ 		2 KB
818 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tnprojetosestruturais.com.br/app/App/ndart/css.css
Requested by
Host: tnprojetosestruturais.com.br
URL: https://tnprojetosestruturais.com.br/app/App/loadingtootp.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:21da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
787fa2ad208b19ee8d7fa419f38301d1735eb90d3b27fa24d8e5ec1401f8b8e6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnprojetosestruturais.com.br/app/App/loadingtootp.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 11:13:59 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9842
cf-polished
origSize=2264
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 15 Oct 2018 15:51:12 GMT
server
cloudflare
etag
W/"8d8-5bc4b770-2f0ce545edfbb1ee;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T9oinsh9jOiZisDwwM6t4rVlZeemu94nERYF%2FynnXPbbbp%2FDrylmORxdChiJRkMCFQ6pWOuCzduAFuoRKM%2FwYaLzMBjwXHN33vW%2BgGHPYxKnY%2B1RCrwkgki5bnnnZXaDqj%2F2ody7KpfSifW8D4oX8gjjecLx1ucN7PwH"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
709a7d0a98a083b2-MXP
expires
Wed, 18 May 2022 08:29:57 GMT
css_002.css
tnprojetosestruturais.com.br/app/App/ndart/ 		191 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tnprojetosestruturais.com.br/app/App/ndart/css_002.css
Requested by
Host: tnprojetosestruturais.com.br
URL: https://tnprojetosestruturais.com.br/app/App/loadingtootp.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:21da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78ab4cfcda46745b2e060b4eb8a85747fda7d34356317d41dfabe9b2af27b151

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnprojetosestruturais.com.br/app/App/loadingtootp.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 11:13:59 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9842
cf-polished
status=cannot_optimize
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 15 Oct 2018 15:51:12 GMT
server
cloudflare
etag
W/"2fb7e-5bc4b770-a1a5cc9981c03fae;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZM6DC29iD19P9A7LryCgkCdl1buMckcVdvgVPX%2Fqwoh%2F0ugdRfRrmLmpWQ%2F5uiSTBaY7ch65y4Rl3nk%2BvYAStcFThl8SeTh71DQKEJd5gdQM%2FYMO53lyEvZgYj5rLiFPVcUQApvEVjW2ngpEpiYgHdGZCbJZ2o4oqt%2FE"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
709a7d0a98a483b2-MXP
expires
Wed, 18 May 2022 08:29:57 GMT
LoadArt.gif
tnprojetosestruturais.com.br/app/App/ndart/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tnprojetosestruturais.com.br/app/App/ndart/LoadArt.gif
Requested by
Host: tnprojetosestruturais.com.br
URL: https://tnprojetosestruturais.com.br/app/App/loadingtootp.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:21da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16503fec005b242d5b7cf80d5c8ff55b5df3c0f4c03aebed6f74d36734b3fd35

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnprojetosestruturais.com.br/app/App/loadingtootp.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 11:13:59 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6829
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
40211
last-modified
Mon, 15 Oct 2018 15:51:12 GMT
server
cloudflare
etag
"9d13-5bc4b770-23256a53e85f07b;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TFgOi%2B8KR%2BjTgkg4foZoy8qKLE61EyPc%2FVjuqgVdBLxWNRFuvoKwIytWPepLDErGDamd9zF%2BW95mbzAgTAFexo5pB9E5YpTW8kaQtbhsx37dFFOE%2BiV8fd1TZ1l6oKvyOM8K2UKj%2B540zTjH7wu3Al5Vd%2FJZZDNAOACs"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
709a7d0addcd7365-MRS
expires
Wed, 18 May 2022 09:20:10 GMT
logo-group.png
tnprojetosestruturais.com.br/app/App/ndart/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tnprojetosestruturais.com.br/app/App/ndart/logo-group.png
Requested by
Host: tnprojetosestruturais.com.br
URL: https://tnprojetosestruturais.com.br/app/App/loadingtootp.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:21da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
248e9cde92ebcc6a23a162784324e223736136514e580b06087deb58afa70696

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnprojetosestruturais.com.br/app/App/loadingtootp.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 11:13:59 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6829
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2125
last-modified
Mon, 15 Oct 2018 15:51:12 GMT
server
cloudflare
etag
"84d-5bc4b770-75ed7a40e30a6ff3;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9hpG8PXG701VjoopuJHAMXobwbkfztG%2BvEU3xotPkKC%2FWRHnNbnNd1qeOyVTJq4zMb%2FcyyEkA0%2FZpzUFkKtUcfB2EowZJuP7B8zfp9usundKvASGy2Qr8RV1LRpBfxsMYCF9bw1zDFJ6BXD4UlUt7vrmzic7P33eiggN"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
709a7d0aede87365-MRS
expires
Wed, 18 May 2022 09:20:10 GMT
0_003.txt
tnprojetosestruturais.com.br/app/App/ndart/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tnprojetosestruturais.com.br/app/App/ndart/0_003.txt
Requested by
Host: tnprojetosestruturais.com.br
URL: https://tnprojetosestruturais.com.br/app/App/loadingtootp.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:21da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.33
Resource Hash
9ca393c27005bec3c234938cf3c3f97c003c48d552711d2dd001297f61eb75a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnprojetosestruturais.com.br/app/App/loadingtootp.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 11:14:00 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.3.33
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Cookie
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yEN1XzsIuSBtjvsBVpFoAdfoj0kaUsIb0MMr48fwdCBc4CNWJvbPJX7zgsGp4%2FlEZWQOKbqnoxwftEAJOYOYe3QipNJsO50fxBUvQ89CC6am6lfTXn2yB5SCHB7H9UlJpY73gWYVtRKuoMbMz5mzWpWMtdB9E3dUe5hF"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
x-turbo-charged-by
LiteSpeed
cf-ray
709a7d0aedf77365-MRS
link
<https://tnprojetosestruturais.com.br/wp-json/>; rel="https://api.w.org/"
expires
Wed, 11 Jan 1984 05:00:00 GMT
0_002.txt
tnprojetosestruturais.com.br/app/App/ndart/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tnprojetosestruturais.com.br/app/App/ndart/0_002.txt
Requested by
Host: tnprojetosestruturais.com.br
URL: https://tnprojetosestruturais.com.br/app/App/loadingtootp.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:21da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.33
Resource Hash
9ca393c27005bec3c234938cf3c3f97c003c48d552711d2dd001297f61eb75a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnprojetosestruturais.com.br/app/App/loadingtootp.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 11:14:00 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.3.33
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Cookie
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BJg%2BElcsHo5051vud2oQ4LnEKxDJ4I9XlKuW5rM51p1G4phYr7S9XRHDpcJ8GEbN4wsB0pFIwSO%2B%2ByXpjFDFgwi2Ld62BeG0B2pXEzqEG2Jko%2BKgQyjQa8W%2BY8VZX2N%2BWjIbwavxi%2BpkpHUe%2FP1ld9%2BT79iWyvg4qjqR"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
x-turbo-charged-by
LiteSpeed
cf-ray
709a7d0aedf97365-MRS
link
<https://tnprojetosestruturais.com.br/wp-json/>; rel="https://api.w.org/"
expires
Wed, 11 Jan 1984 05:00:00 GMT
0.txt
tnprojetosestruturais.com.br/app/App/ndart/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tnprojetosestruturais.com.br/app/App/ndart/0.txt
Requested by
Host: tnprojetosestruturais.com.br
URL: https://tnprojetosestruturais.com.br/app/App/loadingtootp.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:21da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.33
Resource Hash
9ca393c27005bec3c234938cf3c3f97c003c48d552711d2dd001297f61eb75a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnprojetosestruturais.com.br/app/App/loadingtootp.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 11:14:00 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.3.33
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Cookie
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qTI%2FZtr6uFGNjzejCac9HuzM7YjMqUo7OwmeiTKYO2c8i49JBn%2BjPuDNEbd8oNxBwT2u3xkjVZtAwAQXpNfwxN%2Bk7%2FXUMWdWyWIQbDibWOYRsJt%2Fsbb3QBIA4lbVP1k596anRmFhcBV7DpoV9rmpJSo2itsBb7WbY4r6"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
x-turbo-charged-by
LiteSpeed
cf-ray
709a7d0aedfb7365-MRS
link
<https://tnprojetosestruturais.com.br/wp-json/>; rel="https://api.w.org/"
expires
Wed, 11 Jan 1984 05:00:00 GMT
separator.png
tnprojetosestruturais.com.br/Content/Images/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tnprojetosestruturais.com.br/Content/Images/separator.png
Requested by
Host: tnprojetosestruturais.com.br
URL: https://tnprojetosestruturais.com.br/app/App/ndart/css_002.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:21da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.33
Resource Hash
9ca393c27005bec3c234938cf3c3f97c003c48d552711d2dd001297f61eb75a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnprojetosestruturais.com.br/app/App/ndart/css_002.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 11:14:00 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.3.33
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Cookie
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TNSKpa4N%2BGZpTUwzPbXZl5Fncw2Ug5Bka9epH2mlZ2nBvBcQWSXflZUvc%2FBpZ8GLzFXpHeSA1gSVAH3qjELAkX2uHFN6%2BoaE6keV%2BVxEtYrJM3MUn3aMR7hlKAMtoy9x4FFEZqBn%2ByheWLgU7VgmOVE3meAnzOOk0xdA"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
max-age=14400, must-revalidate
x-turbo-charged-by
LiteSpeed
cf-ray
709a7d0afe027365-MRS
link
<https://tnprojetosestruturais.com.br/wp-json/>; rel="https://api.w.org/"
expires
Wed, 11 Jan 1984 05:00:00 GMT
logo-aruba-standard.png
tnprojetosestruturais.com.br/Content/Images/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tnprojetosestruturais.com.br/Content/Images/logo-aruba-standard.png
Requested by
Host: tnprojetosestruturais.com.br
URL: https://tnprojetosestruturais.com.br/app/App/ndart/css_002.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:21da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.33
Resource Hash
9ca393c27005bec3c234938cf3c3f97c003c48d552711d2dd001297f61eb75a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnprojetosestruturais.com.br/app/App/ndart/css_002.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 11:14:00 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.3.33
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Cookie
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3aV3PUE35P8uMZ13fYAqWSUNRQTApYn%2FM6iKRzxlQ%2BCZVQJHpaD11LTa%2BdSkJQkLs0K1NmaIRQr9Nko9MGOLIOKAeQhjpxK%2BqZCrzcRK%2FWGxYyr2YrpM7H%2Bx7uM0u72MZ%2FiEc%2FBlrAx4es%2Br2BrCmtHPfzkXLNT0%2FomK"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
max-age=14400, must-revalidate
x-turbo-charged-by
LiteSpeed
cf-ray
709a7d0afe047365-MRS
link
<https://tnprojetosestruturais.com.br/wp-json/>; rel="https://api.w.org/"
expires
Wed, 11 Jan 1984 05:00:00 GMT
maincontent-bg.png
tnprojetosestruturais.com.br/Content/images/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tnprojetosestruturais.com.br/Content/images/maincontent-bg.png
Requested by
Host: tnprojetosestruturais.com.br
URL: https://tnprojetosestruturais.com.br/app/App/ndart/css_002.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:21da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.33
Resource Hash
9ca393c27005bec3c234938cf3c3f97c003c48d552711d2dd001297f61eb75a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnprojetosestruturais.com.br/app/App/ndart/css_002.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 11:14:00 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.3.33
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Cookie
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TVr74DI2%2Bfx3pNXzADSdkbU5qNppEOAaLT8HwEUA6IeBNq%2Bi0Vlg%2FTbBGcC80uyy2CsQ0F0KjvkuYftCcNJnFUX%2FkLKkaiypKFaQ89MCRvabL8ujHT7HQB%2FXRgtPH6cpCPofPf6iMVGP%2FiporVr6Y%2F7yEk%2F6YGkUSXx4"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
max-age=14400, must-revalidate
x-turbo-charged-by
LiteSpeed
cf-ray
709a7d0afe077365-MRS
link
<https://tnprojetosestruturais.com.br/wp-json/>; rel="https://api.w.org/"
expires
Wed, 11 Jan 1984 05:00:00 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v14/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v14/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: tnprojetosestruturais.com.br
URL: https://tnprojetosestruturais.com.br/app/App/ndart/css.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1670565574aab8aa0a287a4cd8f49cf0d8b0959ebe344f90ca8af696ede9c23b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tnprojetosestruturais.com.br/
Origin
https://tnprojetosestruturais.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 06 May 2022 01:44:52 GMT
x-content-type-options
nosniff
age
466147
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23316
x-xss-protection
0
last-modified
Wed, 11 Oct 2017 18:23:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 06 May 2023 01:44:52 GMT
glyphicons-halflings-regular.woff
tnprojetosestruturais.com.br/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://tnprojetosestruturais.com.br/fonts/glyphicons-halflings-regular.woff
Requested by
Host: tnprojetosestruturais.com.br
URL: https://tnprojetosestruturais.com.br/app/App/ndart/css_002.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:21da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.33
Resource Hash

Request headers

Referer
https://tnprojetosestruturais.com.br/app/App/ndart/css_002.css
Origin
https://tnprojetosestruturais.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 11:14:00 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.3.33
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Cookie
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6F1%2BvedN9UKT3s0iCYr1zZ7cepLprPA0n27gXFGAeTwe4iid9AhrKe6KyjIX%2BhgEtz2K9wGgVnNGO1EoA9IvVOXq3JLCICjXsRfrJRNqsnHHmn6Wo0%2Bpvo%2Fj%2FtPVBFKQWo3%2FTKPmJSjgE9UdICE1IqxA15emL%2BFDl6Ri"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
max-age=14400, must-revalidate
x-turbo-charged-by
LiteSpeed
cf-ray
709a7d0afe0b7365-MRS
link
<https://tnprojetosestruturais.com.br/wp-json/>; rel="https://api.w.org/"
expires
Wed, 11 Jan 1984 05:00:00 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v14/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v14/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: tnprojetosestruturais.com.br
URL: https://tnprojetosestruturais.com.br/app/App/ndart/css.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ead13ccfbdea5462c3af37aa6ae04e64ed65a31c33f76e46da5e86ec85c52064
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tnprojetosestruturais.com.br/
Origin
https://tnprojetosestruturais.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 09:41:43 GMT
x-content-type-options
nosniff
age
5536
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22820
x-xss-protection
0
last-modified
Wed, 11 Oct 2017 18:24:09 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 11 May 2023 09:41:43 GMT
S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v14/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v14/S6u9w4BMUTPHh7USSwiPGQ.woff2
Requested by
Host: tnprojetosestruturais.com.br
URL: https://tnprojetosestruturais.com.br/app/App/ndart/css.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e42e92231a8198158ff0296ba69f0495069daaad816faed54cd356247ca451b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tnprojetosestruturais.com.br/
Origin
https://tnprojetosestruturais.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 09 May 2022 21:18:04 GMT
x-content-type-options
nosniff
age
136555
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23208
x-xss-protection
0
last-modified
Wed, 11 Oct 2017 18:24:02 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 09 May 2023 21:18:04 GMT
glyphicons-halflings-regular.ttf
tnprojetosestruturais.com.br/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://tnprojetosestruturais.com.br/fonts/glyphicons-halflings-regular.ttf
Requested by
Host: tnprojetosestruturais.com.br
URL: https://tnprojetosestruturais.com.br/app/App/ndart/css_002.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:21da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.33
Resource Hash

Request headers

Referer
https://tnprojetosestruturais.com.br/app/App/ndart/css_002.css
Origin
https://tnprojetosestruturais.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 11:14:01 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.3.33
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Cookie
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Fo0PgevZwBnVdlx9gL5K%2Fto4wqhB7GFRtBCEN72ztqhpZKOLH7ORMjF%2BoLEn8UoxT%2BAhPHEAIepxV3IwHQafz6TIl45hx55%2BpSs7tMHpApK5Isu9Ov%2F71ULPItnFvWqTctXAcYleu7evgzGIZbBdxE2CapUXtQHYMQT"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
max-age=14400, must-revalidate
x-turbo-charged-by
LiteSpeed
cf-ray
709a7d1158bc7365-MRS
link
<https://tnprojetosestruturais.com.br/wp-json/>; rel="https://api.w.org/"
expires
Wed, 11 Jan 1984 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Aruba (Online)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails string| dispatch

1 Cookies

Domain/Path Name / Value
tnprojetosestruturais.com.br/ Name: PHPSESSID
Value: 46de2ed613b4c4563adb31e157d95637

8 Console Messages

Source Level URL
Text
network error URL: https://tnprojetosestruturais.com.br/app/App/ndart/0_002.txt
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://tnprojetosestruturais.com.br/fonts/glyphicons-halflings-regular.woff
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://tnprojetosestruturais.com.br/app/App/ndart/0.txt
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://tnprojetosestruturais.com.br/app/App/ndart/0_003.txt
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://tnprojetosestruturais.com.br/Content/Images/separator.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://tnprojetosestruturais.com.br/Content/images/maincontent-bg.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://tnprojetosestruturais.com.br/Content/Images/logo-aruba-standard.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://tnprojetosestruturais.com.br/fonts/glyphicons-halflings-regular.ttf
Message:
Failed to load resource: the server responded with a status of 404 ()