www.lnternetbanklngcalxa.tk Open in urlscan Pro
2606:4700:30::681f:4122  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request loginsenha.php Show response www.lnternetbanklngcalxa.tk/portal/SAFRA/desktop/empresas/	11 KB 3 KB	374ms 335ms	Document text/html	2606:4700:30::681f:4122 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://www.lnternetbanklngcalxa.tk/portal/SAFRA/desktop/empresas/loginsenha.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681f:4122 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / PHP/5.5.9-1ubuntu4.29 Resource Hash 3157569ece6d7822eefee7e040e437423a6a4cd9d1ef00b7adf64a8775bdcb7a Request headers :method GET :authority www.lnternetbanklngcalxa.tk :scheme https :path /portal/SAFRA/desktop/empresas/loginsenha.php pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 200 date Mon, 03 Jun 2019 18:25:01 GMT content-type text/html set-cookie __cfduid=de27061b87376c13628be9f982f0eda0a1559586301; expires=Tue, 02-Jun-20 18:25:01 GMT; path=/; domain=.lnternetbanklngcalxa.tk; HttpOnly; Secure x-powered-by PHP/5.5.9-1ubuntu4.29 vary Accept-Encoding expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 4e13b5109bed63a1-FRA content-encoding br
GET H/1.1	200 OK	arq-spa-desktop.js Show response www9.safraempresas.com.br/app/assets/js/	45 KB 8 KB	350ms 257ms	Script application/javascript	104.108.39.92 Akamai Technologies
General Check archive.org Show headers Download Go to Full URL https://www9.safraempresas.com.br/app/assets/js/arq-spa-desktop.js Requested by Host: www.lnternetbanklngcalxa.tk URL: https://www.lnternetbanklngcalxa.tk/portal/SAFRA/desktop/empresas/loginsenha.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.108.39.92 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a104-108-39-92.deploy.static.akamaitechnologies.com Software / Resource Hash 7b83be7ea64dbb0abd920340f927dae4c18af0a403abb8d8b53e578152ed91f4 Security Headers Name Value Strict-Transport-Security max-age=157680000 X-Frame-Options DENY Request headers Referer https://www.lnternetbanklngcalxa.tk/portal/SAFRA/desktop/empresas/loginsenha.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Strict-Transport-Security max-age=157680000 Content-Encoding gzip Last-Modified Fri, 31 May 2019 20:21:02 GMT X-Frame-Options DENY ETag "b219-58a34c0da0780" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=0, public, private Date Mon, 03 Jun 2019 18:25:02 GMT Connection keep-alive Accept-Ranges bytes Content-Length 7620
GET H/1.1	200 OK	arq-spa-internet.js Show response www9.safraempresas.com.br/app/assets/js/	15 KB 3 KB	1001ms 893ms	Script application/javascript	104.108.39.92 Akamai Technologies
General Check archive.org Show headers Download Go to Full URL https://www9.safraempresas.com.br/app/assets/js/arq-spa-internet.js Requested by Host: www.lnternetbanklngcalxa.tk URL: https://www.lnternetbanklngcalxa.tk/portal/SAFRA/desktop/empresas/loginsenha.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.108.39.92 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a104-108-39-92.deploy.static.akamaitechnologies.com Software / Resource Hash 179ae139da2e117fa37717e1d769efe69d37a712f759eef1017dfa1a6d7c13e3 Security Headers Name Value Strict-Transport-Security max-age=157680000 X-Frame-Options DENY Request headers Referer https://www.lnternetbanklngcalxa.tk/portal/SAFRA/desktop/empresas/loginsenha.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Strict-Transport-Security max-age=157680000 Content-Encoding gzip Last-Modified Fri, 31 May 2019 20:21:02 GMT X-Frame-Options DENY ETag "3d90-58a34c0da0780" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=0, public, private Date Mon, 03 Jun 2019 18:25:02 GMT Connection keep-alive Accept-Ranges bytes Content-Length 2974
GET H/1.1	200 OK	apl-internet-pj.comumLite.js Show response www9.safraempresas.com.br/app/assets/js/	34 KB 11 KB	382ms 275ms	Script application/javascript	104.108.39.92 Akamai Technologies
General Check archive.org Show headers Download Go to Full URL https://www9.safraempresas.com.br/app/assets/js/apl-internet-pj.comumLite.js Requested by Host: www.lnternetbanklngcalxa.tk URL: https://www.lnternetbanklngcalxa.tk/portal/SAFRA/desktop/empresas/loginsenha.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.108.39.92 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a104-108-39-92.deploy.static.akamaitechnologies.com Software / Resource Hash 64d382662599024fb6db9ab378cde1ecf3bfbbc434c5c5918e6cfd716a6b10ab Security Headers Name Value Strict-Transport-Security max-age=157680000 X-Frame-Options DENY Request headers Referer https://www.lnternetbanklngcalxa.tk/portal/SAFRA/desktop/empresas/loginsenha.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Strict-Transport-Security max-age=157680000 Content-Encoding gzip Last-Modified Fri, 31 May 2019 20:22:16 GMT X-Frame-Options DENY ETag "88b4-58a34c5432e00" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=0, public, private Date Mon, 03 Jun 2019 18:25:02 GMT Connection keep-alive Accept-Ranges bytes Content-Length 11149
GET H2	404	apl-internet-pj.areaAberta.js www.lnternetbanklngcalxa.tk/portal/SAFRA/desktop/empresas/app/assets/js/	0 0	292ms 290ms	Script text/html	2606:4700:30::681f:4122 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://www.lnternetbanklngcalxa.tk/portal/SAFRA/desktop/empresas/app/assets/js/apl-internet-pj.areaAberta.js Requested by Host: www.lnternetbanklngcalxa.tk URL: https://www.lnternetbanklngcalxa.tk/portal/SAFRA/desktop/empresas/loginsenha.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681f:4122 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://www.lnternetbanklngcalxa.tk/portal/SAFRA/desktop/empresas/loginsenha.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 03 Jun 2019 18:25:02 GMT content-encoding br cf-cache-status MISS server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html; charset=iso-8859-1 status 404 cache-control public, max-age=14400 cf-ray 4e13b512ce2e63a1-FRA expires Mon, 03 Jun 2019 22:25:02 GMT
GET H/1.1	200 OK	site24x7rum-min.js Show response static.site24x7rum.com/beacon/	42 KB 42 KB	58ms 15ms	Script application/javascript	13.35.253.118 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://static.site24x7rum.com/beacon/site24x7rum-min.js?appKey=7baf1dda3d517ce723be674543e80521 Requested by Host: www.lnternetbanklngcalxa.tk URL: https://www.lnternetbanklngcalxa.tk/portal/SAFRA/desktop/empresas/loginsenha.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.35.253.118 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-13-35-253-118.fra6.r.cloudfront.net Software ZGS / Resource Hash d6af04b2c5ed5a884e769f1c7cb6ce06f100fccf9c67b1bd1d3e69af011d7e70 Request headers Referer https://www.lnternetbanklngcalxa.tk/portal/SAFRA/desktop/empresas/loginsenha.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 03 Jun 2019 17:17:17 GMT Via 1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront) Server ZGS Age 3303 Transfer-Encoding chunked X-Cache Hit from cloudfront Content-Type application/javascript;charset=ISO-8859-1 Access-Control-Allow-Origin * Connection keep-alive X-Amz-Cf-Id ukfX-JStzny2boSweo5IHWjJxJvxQOFpefExrroiD7xcMG4KeB9vIw==
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/2.1.1/	82 KB 29 KB	8ms 6ms	Script text/javascript	2a00:1450:4001:81c::200a Google LLC
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js Requested by Host: www.lnternetbanklngcalxa.tk URL: https://www.lnternetbanklngcalxa.tk/portal/SAFRA/desktop/empresas/loginsenha.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash 874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.lnternetbanklngcalxa.tk/portal/SAFRA/desktop/empresas/loginsenha.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sat, 09 Mar 2019 00:19:18 GMT content-encoding gzip x-content-type-options nosniff age 7495543 status 200 alt-svc quic=":443"; ma=2592000; v="46,44,43,39" content-length 29671 x-xss-protection 1; mode=block last-modified Tue, 20 Dec 2016 18:17:03 GMT server sffe vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Sun, 08 Mar 2020 00:19:18 GMT
GET H2	200	jquery.mask.js Show response cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.0/	19 KB 5 KB	24ms 21ms	Script application/javascript	2606:4700::6813:c597 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.0/jquery.mask.js Requested by Host: www.lnternetbanklngcalxa.tk URL: https://www.lnternetbanklngcalxa.tk/portal/SAFRA/desktop/empresas/loginsenha.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:c597 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash c09329c4b8061b598febdf389cff6e16afc18e8674b0f583a70b4fe924a6d2fd Security Headers Name Value Strict-Transport-Security max-age=15780000; includeSubDomains Request headers Referer https://www.lnternetbanklngcalxa.tk/portal/SAFRA/desktop/empresas/loginsenha.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 03 Jun 2019 18:25:01 GMT content-encoding br cf-cache-status HIT status 200 strict-transport-security max-age=15780000; includeSubDomains timing-allow-origin * last-modified Thu, 17 May 2018 09:20:13 GMT server cloudflare etag W/"5afd494d-4b19" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * expires Sat, 23 May 2020 18:25:01 GMT cache-control public, max-age=30672000 cf-ray 4e13b512cf91d6f9-FRA served-in-seconds 0.000
GET H2	200	all.css use.fontawesome.com/releases/v5.8.2/css/	54 KB 14 KB	14ms 7ms	Stylesheet text/css	23.111.9.35 Highwinds Network...
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/releases/v5.8.2/css/all.css Requested by Host: www.lnternetbanklngcalxa.tk URL: https://www.lnternetbanklngcalxa.tk/portal/SAFRA/desktop/empresas/loginsenha.php Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US), Reverse DNS Software NetDNA-cache/2.2 / Resource Hash 06d6e10886ed7de5561acab1935bce1c46174baa9cbd0bcb319aa3b69594131f Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://www.lnternetbanklngcalxa.tk/portal/SAFRA/desktop/empresas/loginsenha.php Origin https://www.lnternetbanklngcalxa.tk Response headers date Mon, 03 Jun 2019 18:25:01 GMT content-encoding gzip last-modified Tue, 07 May 2019 16:50:11 GMT server NetDNA-cache/2.2 access-control-allow-origin * etag W/"77cbad34e5ce95e70847b074e05faeab" vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding access-control-allow-methods GET content-type text/css status 200 access-control-max-age 3000 cache-control max-age=31556926 x-cache HIT
GET H/1.1	200 OK	arq-spa-dependencias.js Show response www9.safraempresas.com.br/app/assets/js/	1 MB 401 KB	1564ms 1457ms	Script application/javascript	104.108.39.92 Akamai Technologies
General Check archive.org Show headers Download Go to Full URL https://www9.safraempresas.com.br/app/assets/js/arq-spa-dependencias.js Requested by Host: www.lnternetbanklngcalxa.tk URL: https://www.lnternetbanklngcalxa.tk/portal/SAFRA/desktop/empresas/loginsenha.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.108.39.92 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a104-108-39-92.deploy.static.akamaitechnologies.com Software / Resource Hash c8862fc47da19c4fcaff51323ed65b0c4d0a8a747fad9581391bcf43103c665d Security Headers Name Value Strict-Transport-Security max-age=157680000 X-Frame-Options DENY Request headers Referer https://www.lnternetbanklngcalxa.tk/portal/SAFRA/desktop/empresas/loginsenha.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Strict-Transport-Security max-age=157680000 Content-Encoding gzip Last-Modified Fri, 31 May 2019 20:20:59 GMT X-Frame-Options DENY ETag "174136-58a34c0ac40c0" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=0, public, private Date Mon, 03 Jun 2019 18:25:03 GMT Connection keep-alive, Transfer-Encoding Accept-Ranges bytes Transfer-Encoding chunked
GET H/1.1	200 OK	dependencias.js Show response www9.safraempresas.com.br/app/assets/js/	380 KB 107 KB	1594ms 1481ms	Script application/javascript	104.108.39.92 Akamai Technologies
General Check archive.org Show headers Download Go to Full URL https://www9.safraempresas.com.br/app/assets/js/dependencias.js Requested by Host: www.lnternetbanklngcalxa.tk URL: https://www.lnternetbanklngcalxa.tk/portal/SAFRA/desktop/empresas/loginsenha.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.108.39.92 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a104-108-39-92.deploy.static.akamaitechnologies.com Software / Resource Hash a1bf4d6784882796f23003ef0fc85ec347cca8200f7175a195fe4a244c80c9bb Security Headers Name Value Strict-Transport-Security max-age=157680000 X-Frame-Options DENY Request headers Referer https://www.lnternetbanklngcalxa.tk/portal/SAFRA/desktop/empresas/loginsenha.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Strict-Transport-Security max-age=157680000 Content-Encoding gzip Last-Modified Fri, 31 May 2019 20:21:12 GMT X-Frame-Options DENY ETag "5ee79-58a34c1729e00" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=0, public, private Date Mon, 03 Jun 2019 18:25:03 GMT Connection keep-alive, Transfer-Encoding Accept-Ranges bytes Transfer-Encoding chunked
GET H/1.1	200 OK	arq-spa-base.js Show response www9.safraempresas.com.br/app/assets/js/	117 KB 27 KB	1527ms 1399ms	Script application/javascript	104.108.39.92 Akamai Technologies
General Check archive.org Show headers Download Go to Full URL https://www9.safraempresas.com.br/app/assets/js/arq-spa-base.js Requested by Host: www.lnternetbanklngcalxa.tk URL: https://www.lnternetbanklngcalxa.tk/portal/SAFRA/desktop/empresas/loginsenha.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.108.39.92 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a104-108-39-92.deploy.static.akamaitechnologies.com Software / Resource Hash fd810097b1902b5f382d7b8a492360787691988b0b551ee56f3962f9262357ea Security Headers Name Value Strict-Transport-Security max-age=157680000 X-Frame-Options DENY Request headers Referer https://www.lnternetbanklngcalxa.tk/portal/SAFRA/desktop/empresas/loginsenha.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Strict-Transport-Security max-age=157680000 Content-Encoding gzip Last-Modified Fri, 31 May 2019 20:20:54 GMT X-Frame-Options DENY ETag "1d500-58a34c05ff580" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=0, public, private Date Mon, 03 Jun 2019 18:25:03 GMT Connection keep-alive Accept-Ranges bytes Content-Length 27444
GET H/1.1	200 OK	bootstrap.css www9.safraempresas.com.br/app/assets/css/	112 KB 19 KB	112ms 20ms	Stylesheet text/css	104.108.39.92 Akamai Technologies
General Check archive.org Show headers Download Go to Full URL https://www9.safraempresas.com.br/app/assets/css/bootstrap.css Requested by Host: www.lnternetbanklngcalxa.tk URL: https://www.lnternetbanklngcalxa.tk/portal/SAFRA/desktop/empresas/loginsenha.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.108.39.92 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a104-108-39-92.deploy.static.akamaitechnologies.com Software / Resource Hash 019f2f1ddbbba88136b75bfdd8b3505a5344362ed3a80e26f03bcec3763451e0 Security Headers Name Value Strict-Transport-Security max-age=157680000 X-Frame-Options DENY Request headers Referer https://www.lnternetbanklngcalxa.tk/portal/SAFRA/desktop/empresas/loginsenha.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Strict-Transport-Security max-age=157680000 Content-Encoding gzip Vary Accept-Encoding Last-Modified Fri, 31 May 2019 20:20:56 GMT ETag "1c0b6-58a34c07e7a00" X-Frame-Options DENY Content-Type text/css Cache-Control public, private, max-age=0 Date Mon, 03 Jun 2019 18:25:01 GMT Connection keep-alive Accept-Ranges bytes Content-Length 19088 Expires Mon, 03 Jun 2019 18:25:01 GMT
GET H2	200	apl.css www.lnternetbanklngcalxa.tk/portal/SAFRA/desktop/empresas/	258 KB 41 KB	612ms 610ms	Stylesheet text/css	2606:4700:30::681f:4122 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://www.lnternetbanklngcalxa.tk/portal/SAFRA/desktop/empresas/apl.css Requested by Host: www.lnternetbanklngcalxa.tk URL: https://www.lnternetbanklngcalxa.tk/portal/SAFRA/desktop/empresas/loginsenha.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681f:4122 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 2c9239ee9e9e13edcc7066fb23948c0f84949361f1c43f5af348f09ada42eeec Request headers Referer https://www.lnternetbanklngcalxa.tk/portal/SAFRA/desktop/empresas/loginsenha.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 03 Jun 2019 18:25:02 GMT content-encoding br cf-cache-status MISS last-modified Mon, 06 May 2019 14:44:05 GMT server cloudflare etag W/"406da-5883921cab740-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css status 200 cache-control public, max-age=14400 cf-ray 4e13b512ce2b63a1-FRA expires Mon, 03 Jun 2019 22:25:02 GMT
GET H2	404	apl-internet-pj.areaAberta.js www.lnternetbanklngcalxa.tk/portal/SAFRA/desktop/empresas/app/assets/js/	0 0	11ms 11ms	Script text/html	2606:4700:30::681f:4122 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://www.lnternetbanklngcalxa.tk/portal/SAFRA/desktop/empresas/app/assets/js/apl-internet-pj.areaAberta.js Requested by Host: www.lnternetbanklngcalxa.tk URL: https://www.lnternetbanklngcalxa.tk/portal/SAFRA/desktop/empresas/loginsenha.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681f:4122 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://www.lnternetbanklngcalxa.tk/portal/SAFRA/desktop/empresas/loginsenha.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 03 Jun 2019 18:25:02 GMT content-encoding br cf-cache-status HIT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html; charset=iso-8859-1 status 404 cache-control public, max-age=14400 cf-ray 4e13b5190db763a1-FRA expires Mon, 03 Jun 2019 22:25:02 GMT
GET H2	200	fa-solid-900.woff2 use.fontawesome.com/releases/v5.8.2/webfonts/	73 KB 73 KB	8ms 8ms	Font font/woff2	23.111.9.35 Highwinds Network...
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/releases/v5.8.2/webfonts/fa-solid-900.woff2 Requested by Host: www.lnternetbanklngcalxa.tk URL: https://www.lnternetbanklngcalxa.tk/portal/SAFRA/desktop/empresas/loginsenha.php Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US), Reverse DNS Software NetDNA-cache/2.2 / Resource Hash 0fe6a4357505cb0d3ca8ba0671ad57df6b7410ca02cb8065eed58e2c0381e640 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://use.fontawesome.com/releases/v5.8.2/css/all.css Origin https://www.lnternetbanklngcalxa.tk Response headers date Mon, 03 Jun 2019 18:25:02 GMT last-modified Tue, 07 May 2019 16:51:05 GMT server NetDNA-cache/2.2 access-control-allow-origin * etag "64b3e814a66c2719b15abf8f7998bd73" vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding access-control-allow-methods GET content-type font/woff2 status 200 access-control-max-age 3000 cache-control max-age=31556926 x-cache HIT accept-ranges bytes content-length 74328
GET H/1.1	200 OK	bg-navegador.jpg www9.safraempresas.com.br/app/assets/img/	43 KB 44 KB	28ms 26ms	Image image/jpeg	104.108.39.92 Akamai Technologies
General Check archive.org Show headers Download Go to Show image Full URL https://www9.safraempresas.com.br/app/assets/img/bg-navegador.jpg Requested by Host: www.lnternetbanklngcalxa.tk URL: https://www.lnternetbanklngcalxa.tk/portal/SAFRA/desktop/empresas/loginsenha.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.108.39.92 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a104-108-39-92.deploy.static.akamaitechnologies.com Software / Resource Hash 72f7ec8be81589e674e4ccbe1d91d72632b9163196bcc7810f213093707c4858 Security Headers Name Value Strict-Transport-Security max-age=157680000 X-Frame-Options DENY Request headers Referer https://www.lnternetbanklngcalxa.tk/portal/SAFRA/desktop/empresas/apl.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Strict-Transport-Security max-age=157680000 Last-Modified Fri, 31 May 2019 20:21:21 GMT ETag "acf5-58a34c1fbf240" X-Frame-Options DENY Content-Type image/jpeg Cache-Control public, max-age=0 Date Mon, 03 Jun 2019 18:25:04 GMT Connection keep-alive Accept-Ranges bytes Content-Length 44277 Expires Mon, 03 Jun 2019 18:25:04 GMT
GET		open-sans.woff www9.safraempresas.com.br/app/assets/fonts/open-sans/	0 0
GET		open-sans-semibold.woff www9.safraempresas.com.br/app/assets/fonts/open-sans/	0 0
GET		open-sans.ttf www9.safraempresas.com.br/app/assets/fonts/open-sans/	0 0
GET		open-sans-semibold.ttf www9.safraempresas.com.br/app/assets/fonts/open-sans/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

www9.safraempresas.com.br

URL

https://www9.safraempresas.com.br/app/assets/fonts/open-sans/open-sans.woff

Domain

www9.safraempresas.com.br

URL

https://www9.safraempresas.com.br/app/assets/fonts/open-sans/open-sans-semibold.woff

Domain

www9.safraempresas.com.br

URL

https://www9.safraempresas.com.br/app/assets/fonts/open-sans/open-sans.ttf

Domain

www9.safraempresas.com.br

URL

https://www9.safraempresas.com.br/app/assets/fonts/open-sans/open-sans-semibold.ttf

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banco Safra Limited (Banking)

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| s247RUM object| insightTMRUM object| insightRUM function| initInsightEvent object| site24x7rum string| pDomain function| $ function| jQuery function| valida_form object| ngFileUpload function| duScrollDefaultEasing object| duScroll object| angular object| angular-ui-router object| angulartics object| FileAPI function| moment function| Spinner object| KJUR object| Hex object| Base64 function| ASN1 function| JSEncrypt function| JSZip object| forge function| Chance object| chance function| jsSHA function| Resumable object| pako function| DateRange function| require string| returnExports function| extenso function| _

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
static.site24x7rum.com
use.fontawesome.com
www.lnternetbanklngcalxa.tk
www9.safraempresas.com.br
www9.safraempresas.com.br
104.108.39.92
13.35.253.118
23.111.9.35
2606:4700:30::681f:4122
2606:4700::6813:c597
2a00:1450:4001:81c::200a
019f2f1ddbbba88136b75bfdd8b3505a5344362ed3a80e26f03bcec3763451e0
06d6e10886ed7de5561acab1935bce1c46174baa9cbd0bcb319aa3b69594131f
0fe6a4357505cb0d3ca8ba0671ad57df6b7410ca02cb8065eed58e2c0381e640
179ae139da2e117fa37717e1d769efe69d37a712f759eef1017dfa1a6d7c13e3
2c9239ee9e9e13edcc7066fb23948c0f84949361f1c43f5af348f09ada42eeec
3157569ece6d7822eefee7e040e437423a6a4cd9d1ef00b7adf64a8775bdcb7a
64d382662599024fb6db9ab378cde1ecf3bfbbc434c5c5918e6cfd716a6b10ab
72f7ec8be81589e674e4ccbe1d91d72632b9163196bcc7810f213093707c4858
7b83be7ea64dbb0abd920340f927dae4c18af0a403abb8d8b53e578152ed91f4
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
a1bf4d6784882796f23003ef0fc85ec347cca8200f7175a195fe4a244c80c9bb
c09329c4b8061b598febdf389cff6e16afc18e8674b0f583a70b4fe924a6d2fd
c8862fc47da19c4fcaff51323ed65b0c4d0a8a747fad9581391bcf43103c665d
d6af04b2c5ed5a884e769f1c7cb6ce06f100fccf9c67b1bd1d3e69af011d7e70
fd810097b1902b5f382d7b8a492360787691988b0b551ee56f3962f9262357ea