www.viettaichi.q4.pl Open in urlscan Pro
2400:cb00:2048:1::681b:8adc Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.viettaichi.q4.pl//Cliente/atendimento/chamada.php?=Q2GYLCXPLI2B74UNB5RB1K5ADVOT88WY0DWUPUKBCLNJPI81MYCMJGXWCLPKTM...
Submission: On June 22 via automatic, source phishtank (June 22nd 2018, 3:20:57 pm UTC)

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 13 HTTP transactions. The main IP is 2400:cb00:2048:1::681b:8adc, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is www.viettaichi.q4.pl.

This is the only time www.viettaichi.q4.pl was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Banco Itau (Banking)

Domain & IP information

	IP Address	AS Autonomous System
7	2400:cb00:204... 2400:cb00:2048:1::681b:8adc	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	205.185.208.52 205.185.208.52	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
5	2400:cb00:204... 2400:cb00:2048:1::681b:8bdc	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
13	3

7 2400:cb00:2048:1::681b:8adc (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.viettaichi.q4.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.208.52 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip052.ssl.hwcdn.net

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2400:cb00:2048:1::681b:8bdc (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.viettaichi.q4.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	q4.pl www.viettaichi.q4.pl	195 KB
1	jquery.com code.jquery.com	37 KB
13	2

	Domain	Requested by
12	www.viettaichi.q4.pl	www.viettaichi.q4.pl code.jquery.com
1	code.jquery.com	www.viettaichi.q4.pl
13	2

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://www.viettaichi.q4.pl//Cliente/atendimento/chamada.php?=Q2GYLCXPLI2B74UNB5RB1K5ADVOT88WY0DWUPUKBCLNJPI81MYCMJGXWCLPKTMI3ZFXOAH1M4O7S7DSSC6FVMCRYYHJR43U4IRRS0SFCGL6NYYFB4V7P9YO7G8YK0TNRKFKU8Z8OKCBJARUEM24U1R2HZZ29SO1D4K9BKFZ5SBO43JHPLKKLCL3BL4KDSKRW6Z8PF8U8IJAL3RANCU9OFBZ1FJE9575A7B1LIUT2D4MFVW48RCW8NV94FMBJSFUYRUKAODB3HYIDULLMXHTLD2PSO2CHH7G921IPEUSWSA0NWU0UC4FP66IT7VBN3RW4SET80L42WDOS9YMK33A88S2ENC3P4YSWDM4M88N4KCWSBIDDLNKTFL84X0T28LYK937F0UJU8FNIX1VINGB42J7ZSZ21LZLT3R9BMR7T8TC5U8NHNZKPIROBQPBBPX6RPE4B706D4HHXO6FC512NRQYHGAT78YXXD29JBDW
Frame ID: 2226E85F9EA4452B524153EBEA7EE53A
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /cloudflare/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js/i
env /^jQuery$/i

Page Statistics

13
Requests

0 %
HTTPS

67 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

233 kB
Transfer

299 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set chamada.php Show response www.viettaichi.q4.pl//Cliente/atendimento/	754 B 1 KB	51ms 45ms	Document text/html	2400:cb00:2048:1::681b:8adc Cloudflare
General Check archive.org Show headers Download Go to Full URL http://www.viettaichi.q4.pl//Cliente/atendimento/chamada.php?=Q2GYLCXPLI2B74UNB5RB1K5ADVOT88WY0DWUPUKBCLNJPI81MYCMJGXWCLPKTMI3ZFXOAH1M4O7S7DSSC6FVMCRYYHJR43U4IRRS0SFCGL6NYYFB4V7P9YO7G8YK0TNRKFKU8Z8OKCBJARUEM24U1R2HZZ29SO1D4K9BKFZ5SBO43JHPLKKLCL3BL4KDSKRW6Z8PF8U8IJAL3RANCU9OFBZ1FJE9575A7B1LIUT2D4MFVW48RCW8NV94FMBJSFUYRUKAODB3HYIDULLMXHTLD2PSO2CHH7G921IPEUSWSA0NWU0UC4FP66IT7VBN3RW4SET80L42WDOS9YMK33A88S2ENC3P4YSWDM4M88N4KCWSBIDDLNKTFL84X0T28LYK937F0UJU8FNIX1VINGB42J7ZSZ21LZLT3R9BMR7T8TC5U8NHNZKPIROBQPBBPX6RPE4B706D4HHXO6FC512NRQYHGAT78YXXD29JBDW Protocol HTTP/1.1 Server 2400:cb00:2048:1::681b:8adc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / PHP/5.6.30 Resource Hash `9a46aa37422c580a2bc76ddd3f06521ac0de875c9b591685126d2514d062a923` Request headers Host www.viettaichi.q4.pl Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 X-DevTools-Emulate-Network-Conditions-Client-Id 2226E85F9EA4452B524153EBEA7EE53A Response headers Date Fri, 22 Jun 2018 15:20:47 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Set-Cookie __cfduid=d128da35795e8bc43b7efe7b0df1094901529680847; expires=Sat, 22-Jun-19 15:20:47 GMT; path=/; domain=.q4.pl; HttpOnly PHPSESSID=c6jdc8egos71rjcen92lfnep34; path=/ X-Powered-By PHP/5.6.30 Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma no-cache Vary Accept-Encoding,User-Agent Server cloudflare CF-RAY 42efb36e146f6409-FRA Content-Encoding gzip
GET H/1.1	200 OK	jquery-1.9.1.min.js Show response code.jquery.com/	90 KB 37 KB	12ms 6ms	Script application/javascript	205.185.208.52 Highwinds Network...
General Check archive.org Show headers Download Go to Full URL http://code.jquery.com/jquery-1.9.1.min.js Requested by Host: www.viettaichi.q4.pl URL: http://www.viettaichi.q4.pl//Cliente/atendimento/chamada.php?=Q2GYLCXPLI2B74UNB5RB1K5ADVOT88WY0DWUPUKBCLNJPI81MYCMJGXWCLPKTMI3ZFXOAH1M4O7S7DSSC6FVMCRYYHJR43U4IRRS0SFCGL6NYYFB4V7P9YO7G8YK0TNRKFKU8Z8OKCBJARUEM24U1R2HZZ29SO1D4K9BKFZ5SBO43JHPLKKLCL3BL4KDSKRW6Z8PF8U8IJAL3RANCU9OFBZ1FJE9575A7B1LIUT2D4MFVW48RCW8NV94FMBJSFUYRUKAODB3HYIDULLMXHTLD2PSO2CHH7G921IPEUSWSA0NWU0UC4FP66IT7VBN3RW4SET80L42WDOS9YMK33A88S2ENC3P4YSWDM4M88N4KCWSBIDDLNKTFL84X0T28LYK937F0UJU8FNIX1VINGB42J7ZSZ21LZLT3R9BMR7T8TC5U8NHNZKPIROBQPBBPX6RPE4B706D4HHXO6FC512NRQYHGAT78YXXD29JBDW Protocol HTTP/1.1 Server 205.185.208.52 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US), Reverse DNS vip052.ssl.hwcdn.net Software nginx / Resource Hash `c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4` Request headers Referer http://www.viettaichi.q4.pl//Cliente/atendimento/chamada.php?=Q2GYLCXPLI2B74UNB5RB1K5ADVOT88WY0DWUPUKBCLNJPI81MYCMJGXWCLPKTMI3ZFXOAH1M4O7S7DSSC6FVMCRYYHJR43U4IRRS0SFCGL6NYYFB4V7P9YO7G8YK0TNRKFKU8Z8OKCBJARUEM24U1R2HZZ29SO1D4K9BKFZ5SBO43JHPLKKLCL3BL4KDSKRW6Z8PF8U8IJAL3RANCU9OFBZ1FJE9575A7B1LIUT2D4MFVW48RCW8NV94FMBJSFUYRUKAODB3HYIDULLMXHTLD2PSO2CHH7G921IPEUSWSA0NWU0UC4FP66IT7VBN3RW4SET80L42WDOS9YMK33A88S2ENC3P4YSWDM4M88N4KCWSBIDDLNKTFL84X0T28LYK937F0UJU8FNIX1VINGB42J7ZSZ21LZLT3R9BMR7T8TC5U8NHNZKPIROBQPBBPX6RPE4B706D4HHXO6FC512NRQYHGAT78YXXD29JBDW User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers Date Fri, 22 Jun 2018 15:20:47 GMT Content-Encoding gzip Last-Modified Fri, 24 Oct 2014 00:16:07 GMT Server nginx ETag W/"54499a47-169d5" Vary Accept-Encoding X-HW 1529680847.dop007.fr8.t,1529680847.cds018.fr8.c Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control max-age=315360000 Connection Keep-Alive Accept-Ranges bytes Content-Length 37959
GET H/1.1	200 OK	script.js Show response www.viettaichi.q4.pl//Cliente/atendimento/js/	5 KB 2 KB	87ms 86ms	Script application/javascript	2400:cb00:2048:1::681b:8adc Cloudflare
General Check archive.org Show headers Download Go to Full URL http://www.viettaichi.q4.pl//Cliente/atendimento/js/script.js Requested by Host: www.viettaichi.q4.pl URL: http://www.viettaichi.q4.pl//Cliente/atendimento/chamada.php?=Q2GYLCXPLI2B74UNB5RB1K5ADVOT88WY0DWUPUKBCLNJPI81MYCMJGXWCLPKTMI3ZFXOAH1M4O7S7DSSC6FVMCRYYHJR43U4IRRS0SFCGL6NYYFB4V7P9YO7G8YK0TNRKFKU8Z8OKCBJARUEM24U1R2HZZ29SO1D4K9BKFZ5SBO43JHPLKKLCL3BL4KDSKRW6Z8PF8U8IJAL3RANCU9OFBZ1FJE9575A7B1LIUT2D4MFVW48RCW8NV94FMBJSFUYRUKAODB3HYIDULLMXHTLD2PSO2CHH7G921IPEUSWSA0NWU0UC4FP66IT7VBN3RW4SET80L42WDOS9YMK33A88S2ENC3P4YSWDM4M88N4KCWSBIDDLNKTFL84X0T28LYK937F0UJU8FNIX1VINGB42J7ZSZ21LZLT3R9BMR7T8TC5U8NHNZKPIROBQPBBPX6RPE4B706D4HHXO6FC512NRQYHGAT78YXXD29JBDW Protocol HTTP/1.1 Server 2400:cb00:2048:1::681b:8adc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `63310e72ecb87c85c07756eebd250c6e939f972a60a55e176472d05e9b135ee4` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.viettaichi.q4.pl User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Accept / Referer http://www.viettaichi.q4.pl//Cliente/atendimento/chamada.php?=Q2GYLCXPLI2B74UNB5RB1K5ADVOT88WY0DWUPUKBCLNJPI81MYCMJGXWCLPKTMI3ZFXOAH1M4O7S7DSSC6FVMCRYYHJR43U4IRRS0SFCGL6NYYFB4V7P9YO7G8YK0TNRKFKU8Z8OKCBJARUEM24U1R2HZZ29SO1D4K9BKFZ5SBO43JHPLKKLCL3BL4KDSKRW6Z8PF8U8IJAL3RANCU9OFBZ1FJE9575A7B1LIUT2D4MFVW48RCW8NV94FMBJSFUYRUKAODB3HYIDULLMXHTLD2PSO2CHH7G921IPEUSWSA0NWU0UC4FP66IT7VBN3RW4SET80L42WDOS9YMK33A88S2ENC3P4YSWDM4M88N4KCWSBIDDLNKTFL84X0T28LYK937F0UJU8FNIX1VINGB42J7ZSZ21LZLT3R9BMR7T8TC5U8NHNZKPIROBQPBBPX6RPE4B706D4HHXO6FC512NRQYHGAT78YXXD29JBDW Cookie __cfduid=d128da35795e8bc43b7efe7b0df1094901529680847; PHPSESSID=c6jdc8egos71rjcen92lfnep34 Connection keep-alive Cache-Control no-cache Referer http://www.viettaichi.q4.pl//Cliente/atendimento/chamada.php?=Q2GYLCXPLI2B74UNB5RB1K5ADVOT88WY0DWUPUKBCLNJPI81MYCMJGXWCLPKTMI3ZFXOAH1M4O7S7DSSC6FVMCRYYHJR43U4IRRS0SFCGL6NYYFB4V7P9YO7G8YK0TNRKFKU8Z8OKCBJARUEM24U1R2HZZ29SO1D4K9BKFZ5SBO43JHPLKKLCL3BL4KDSKRW6Z8PF8U8IJAL3RANCU9OFBZ1FJE9575A7B1LIUT2D4MFVW48RCW8NV94FMBJSFUYRUKAODB3HYIDULLMXHTLD2PSO2CHH7G921IPEUSWSA0NWU0UC4FP66IT7VBN3RW4SET80L42WDOS9YMK33A88S2ENC3P4YSWDM4M88N4KCWSBIDDLNKTFL84X0T28LYK937F0UJU8FNIX1VINGB42J7ZSZ21LZLT3R9BMR7T8TC5U8NHNZKPIROBQPBBPX6RPE4B706D4HHXO6FC512NRQYHGAT78YXXD29JBDW User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers Date Fri, 22 Jun 2018 15:20:47 GMT Content-Encoding gzip CF-Cache-Status EXPIRED Last-Modified Tue, 19 Jun 2018 20:27:19 GMT Server cloudflare ETag "1590-56f04823d72bc-gzip" Vary Accept-Encoding,User-Agent Content-Type application/javascript Cache-Control public, max-age=14400 Connection keep-alive Accept-Ranges bytes CF-RAY 42efb36e64866409-FRA Content-Length 1582 Expires Fri, 22 Jun 2018 19:20:47 GMT
GET H/1.1	200 OK	norm.css www.viettaichi.q4.pl//Cliente/atendimento/css/	5 KB 2 KB	37ms 31ms	Stylesheet text/css	2400:cb00:2048:1::681b:8bdc Cloudflare
General Check archive.org Show headers Download Go to Full URL http://www.viettaichi.q4.pl//Cliente/atendimento/css/norm.css Requested by Host: www.viettaichi.q4.pl URL: http://www.viettaichi.q4.pl//Cliente/atendimento/chamada.php?=Q2GYLCXPLI2B74UNB5RB1K5ADVOT88WY0DWUPUKBCLNJPI81MYCMJGXWCLPKTMI3ZFXOAH1M4O7S7DSSC6FVMCRYYHJR43U4IRRS0SFCGL6NYYFB4V7P9YO7G8YK0TNRKFKU8Z8OKCBJARUEM24U1R2HZZ29SO1D4K9BKFZ5SBO43JHPLKKLCL3BL4KDSKRW6Z8PF8U8IJAL3RANCU9OFBZ1FJE9575A7B1LIUT2D4MFVW48RCW8NV94FMBJSFUYRUKAODB3HYIDULLMXHTLD2PSO2CHH7G921IPEUSWSA0NWU0UC4FP66IT7VBN3RW4SET80L42WDOS9YMK33A88S2ENC3P4YSWDM4M88N4KCWSBIDDLNKTFL84X0T28LYK937F0UJU8FNIX1VINGB42J7ZSZ21LZLT3R9BMR7T8TC5U8NHNZKPIROBQPBBPX6RPE4B706D4HHXO6FC512NRQYHGAT78YXXD29JBDW Protocol HTTP/1.1 Server 2400:cb00:2048:1::681b:8bdc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `6a2254469ced28896c6bf89ebd814150c7a4e47710c593993d885e13ced1f76c` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.viettaichi.q4.pl User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Accept text/css,/;q=0.1 Referer http://www.viettaichi.q4.pl//Cliente/atendimento/chamada.php?=Q2GYLCXPLI2B74UNB5RB1K5ADVOT88WY0DWUPUKBCLNJPI81MYCMJGXWCLPKTMI3ZFXOAH1M4O7S7DSSC6FVMCRYYHJR43U4IRRS0SFCGL6NYYFB4V7P9YO7G8YK0TNRKFKU8Z8OKCBJARUEM24U1R2HZZ29SO1D4K9BKFZ5SBO43JHPLKKLCL3BL4KDSKRW6Z8PF8U8IJAL3RANCU9OFBZ1FJE9575A7B1LIUT2D4MFVW48RCW8NV94FMBJSFUYRUKAODB3HYIDULLMXHTLD2PSO2CHH7G921IPEUSWSA0NWU0UC4FP66IT7VBN3RW4SET80L42WDOS9YMK33A88S2ENC3P4YSWDM4M88N4KCWSBIDDLNKTFL84X0T28LYK937F0UJU8FNIX1VINGB42J7ZSZ21LZLT3R9BMR7T8TC5U8NHNZKPIROBQPBBPX6RPE4B706D4HHXO6FC512NRQYHGAT78YXXD29JBDW Cookie __cfduid=d128da35795e8bc43b7efe7b0df1094901529680847; PHPSESSID=c6jdc8egos71rjcen92lfnep34 Connection keep-alive Cache-Control no-cache Referer http://www.viettaichi.q4.pl//Cliente/atendimento/chamada.php?=Q2GYLCXPLI2B74UNB5RB1K5ADVOT88WY0DWUPUKBCLNJPI81MYCMJGXWCLPKTMI3ZFXOAH1M4O7S7DSSC6FVMCRYYHJR43U4IRRS0SFCGL6NYYFB4V7P9YO7G8YK0TNRKFKU8Z8OKCBJARUEM24U1R2HZZ29SO1D4K9BKFZ5SBO43JHPLKKLCL3BL4KDSKRW6Z8PF8U8IJAL3RANCU9OFBZ1FJE9575A7B1LIUT2D4MFVW48RCW8NV94FMBJSFUYRUKAODB3HYIDULLMXHTLD2PSO2CHH7G921IPEUSWSA0NWU0UC4FP66IT7VBN3RW4SET80L42WDOS9YMK33A88S2ENC3P4YSWDM4M88N4KCWSBIDDLNKTFL84X0T28LYK937F0UJU8FNIX1VINGB42J7ZSZ21LZLT3R9BMR7T8TC5U8NHNZKPIROBQPBBPX6RPE4B706D4HHXO6FC512NRQYHGAT78YXXD29JBDW User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers Date Fri, 22 Jun 2018 15:20:47 GMT Content-Encoding gzip CF-Cache-Status EXPIRED Last-Modified Tue, 19 Jun 2018 20:27:19 GMT Server cloudflare ETag "15a3-56f04823d0d2c-gzip" Vary Accept-Encoding,User-Agent Content-Type text/css Cache-Control public, max-age=14400 Connection keep-alive Accept-Ranges bytes CF-RAY 42efb36e73ea6457-FRA Content-Length 1312 Expires Fri, 22 Jun 2018 19:20:47 GMT
GET H/1.1	200 OK	princ.php Show response www.viettaichi.q4.pl//Cliente/atendimento/	3 KB 2 KB	17ms 16ms	XHR text/html	2400:cb00:2048:1::681b:8adc Cloudflare
General Check archive.org Show headers Download Go to Full URL http://www.viettaichi.q4.pl//Cliente/atendimento/princ.php?a=601.692499504965 Requested by Host: code.jquery.com URL: http://code.jquery.com/jquery-1.9.1.min.js Protocol HTTP/1.1 Server 2400:cb00:2048:1::681b:8adc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / PHP/5.6.30 Resource Hash `c4dfee101f84df6791aeff075309b922d0496bb002ccc45c6543f8758081ec26` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.viettaichi.q4.pl User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Accept / Referer http://www.viettaichi.q4.pl//Cliente/atendimento/chamada.php?=Q2GYLCXPLI2B74UNB5RB1K5ADVOT88WY0DWUPUKBCLNJPI81MYCMJGXWCLPKTMI3ZFXOAH1M4O7S7DSSC6FVMCRYYHJR43U4IRRS0SFCGL6NYYFB4V7P9YO7G8YK0TNRKFKU8Z8OKCBJARUEM24U1R2HZZ29SO1D4K9BKFZ5SBO43JHPLKKLCL3BL4KDSKRW6Z8PF8U8IJAL3RANCU9OFBZ1FJE9575A7B1LIUT2D4MFVW48RCW8NV94FMBJSFUYRUKAODB3HYIDULLMXHTLD2PSO2CHH7G921IPEUSWSA0NWU0UC4FP66IT7VBN3RW4SET80L42WDOS9YMK33A88S2ENC3P4YSWDM4M88N4KCWSBIDDLNKTFL84X0T28LYK937F0UJU8FNIX1VINGB42J7ZSZ21LZLT3R9BMR7T8TC5U8NHNZKPIROBQPBBPX6RPE4B706D4HHXO6FC512NRQYHGAT78YXXD29JBDW X-Requested-With XMLHttpRequest Cookie __cfduid=d128da35795e8bc43b7efe7b0df1094901529680847; PHPSESSID=c6jdc8egos71rjcen92lfnep34 Connection keep-alive Cache-Control no-cache Accept / Referer http://www.viettaichi.q4.pl//Cliente/atendimento/chamada.php?=Q2GYLCXPLI2B74UNB5RB1K5ADVOT88WY0DWUPUKBCLNJPI81MYCMJGXWCLPKTMI3ZFXOAH1M4O7S7DSSC6FVMCRYYHJR43U4IRRS0SFCGL6NYYFB4V7P9YO7G8YK0TNRKFKU8Z8OKCBJARUEM24U1R2HZZ29SO1D4K9BKFZ5SBO43JHPLKKLCL3BL4KDSKRW6Z8PF8U8IJAL3RANCU9OFBZ1FJE9575A7B1LIUT2D4MFVW48RCW8NV94FMBJSFUYRUKAODB3HYIDULLMXHTLD2PSO2CHH7G921IPEUSWSA0NWU0UC4FP66IT7VBN3RW4SET80L42WDOS9YMK33A88S2ENC3P4YSWDM4M88N4KCWSBIDDLNKTFL84X0T28LYK937F0UJU8FNIX1VINGB42J7ZSZ21LZLT3R9BMR7T8TC5U8NHNZKPIROBQPBBPX6RPE4B706D4HHXO6FC512NRQYHGAT78YXXD29JBDW X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers Pragma no-cache Date Fri, 22 Jun 2018 15:20:48 GMT Content-Encoding gzip Server cloudflare X-Powered-By PHP/5.6.30 Vary Accept-Encoding,User-Agent Content-Type text/html; charset=UTF-8 Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Transfer-Encoding chunked Connection keep-alive CF-RAY 42efb375563a6409-FRA Expires Thu, 19 Nov 1981 08:52:00 GMT
POST H/1.1	200 OK	function.php Show response www.viettaichi.q4.pl//Cliente/atendimento/	82 B 405 B	46ms 45ms	XHR text/html	2400:cb00:2048:1::681b:8bdc Cloudflare
General Check archive.org Show headers Download Go to Full URL http://www.viettaichi.q4.pl//Cliente/atendimento/function.php?sk=364.9205047424484 Requested by Host: code.jquery.com URL: http://code.jquery.com/jquery-1.9.1.min.js Protocol HTTP/1.1 Server 2400:cb00:2048:1::681b:8bdc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / PHP/5.6.30 Resource Hash `9c7b1445f05db0225449017ab14542f13e987bfadba3493f6485746bad1c66f5` Request headers Pragma no-cache Origin http://www.viettaichi.q4.pl Accept-Encoding gzip, deflate Host www.viettaichi.q4.pl User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Accept / Cache-Control no-cache X-Requested-With XMLHttpRequest Cookie __cfduid=d128da35795e8bc43b7efe7b0df1094901529680847; PHPSESSID=c6jdc8egos71rjcen92lfnep34 Connection keep-alive Referer http://www.viettaichi.q4.pl//Cliente/atendimento/chamada.php?=Q2GYLCXPLI2B74UNB5RB1K5ADVOT88WY0DWUPUKBCLNJPI81MYCMJGXWCLPKTMI3ZFXOAH1M4O7S7DSSC6FVMCRYYHJR43U4IRRS0SFCGL6NYYFB4V7P9YO7G8YK0TNRKFKU8Z8OKCBJARUEM24U1R2HZZ29SO1D4K9BKFZ5SBO43JHPLKKLCL3BL4KDSKRW6Z8PF8U8IJAL3RANCU9OFBZ1FJE9575A7B1LIUT2D4MFVW48RCW8NV94FMBJSFUYRUKAODB3HYIDULLMXHTLD2PSO2CHH7G921IPEUSWSA0NWU0UC4FP66IT7VBN3RW4SET80L42WDOS9YMK33A88S2ENC3P4YSWDM4M88N4KCWSBIDDLNKTFL84X0T28LYK937F0UJU8FNIX1VINGB42J7ZSZ21LZLT3R9BMR7T8TC5U8NHNZKPIROBQPBBPX6RPE4B706D4HHXO6FC512NRQYHGAT78YXXD29JBDW Content-Length 32 Accept / Referer http://www.viettaichi.q4.pl//Cliente/atendimento/chamada.php?=Q2GYLCXPLI2B74UNB5RB1K5ADVOT88WY0DWUPUKBCLNJPI81MYCMJGXWCLPKTMI3ZFXOAH1M4O7S7DSSC6FVMCRYYHJR43U4IRRS0SFCGL6NYYFB4V7P9YO7G8YK0TNRKFKU8Z8OKCBJARUEM24U1R2HZZ29SO1D4K9BKFZ5SBO43JHPLKKLCL3BL4KDSKRW6Z8PF8U8IJAL3RANCU9OFBZ1FJE9575A7B1LIUT2D4MFVW48RCW8NV94FMBJSFUYRUKAODB3HYIDULLMXHTLD2PSO2CHH7G921IPEUSWSA0NWU0UC4FP66IT7VBN3RW4SET80L42WDOS9YMK33A88S2ENC3P4YSWDM4M88N4KCWSBIDDLNKTFL84X0T28LYK937F0UJU8FNIX1VINGB42J7ZSZ21LZLT3R9BMR7T8TC5U8NHNZKPIROBQPBBPX6RPE4B706D4HHXO6FC512NRQYHGAT78YXXD29JBDW Origin http://www.viettaichi.q4.pl X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Date Fri, 22 Jun 2018 15:20:48 GMT Content-Encoding gzip Server cloudflare X-Powered-By PHP/5.6.30 Vary Accept-Encoding,User-Agent Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive CF-RAY 42efb37556956457-FRA
GET H/1.1	200 OK	script.js Show response www.viettaichi.q4.pl//Cliente/atendimento/js/	5 KB 2 KB	122ms 121ms	XHR application/javascript	2400:cb00:2048:1::681b:8adc Cloudflare
General Check archive.org Show headers Download Go to Full URL http://www.viettaichi.q4.pl//Cliente/atendimento/js/script.js?_=1529680847134 Requested by Host: code.jquery.com URL: http://code.jquery.com/jquery-1.9.1.min.js Protocol HTTP/1.1 Server 2400:cb00:2048:1::681b:8adc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `63310e72ecb87c85c07756eebd250c6e939f972a60a55e176472d05e9b135ee4` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.viettaichi.q4.pl User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Accept text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, /; q=0.01 Referer http://www.viettaichi.q4.pl//Cliente/atendimento/chamada.php?=Q2GYLCXPLI2B74UNB5RB1K5ADVOT88WY0DWUPUKBCLNJPI81MYCMJGXWCLPKTMI3ZFXOAH1M4O7S7DSSC6FVMCRYYHJR43U4IRRS0SFCGL6NYYFB4V7P9YO7G8YK0TNRKFKU8Z8OKCBJARUEM24U1R2HZZ29SO1D4K9BKFZ5SBO43JHPLKKLCL3BL4KDSKRW6Z8PF8U8IJAL3RANCU9OFBZ1FJE9575A7B1LIUT2D4MFVW48RCW8NV94FMBJSFUYRUKAODB3HYIDULLMXHTLD2PSO2CHH7G921IPEUSWSA0NWU0UC4FP66IT7VBN3RW4SET80L42WDOS9YMK33A88S2ENC3P4YSWDM4M88N4KCWSBIDDLNKTFL84X0T28LYK937F0UJU8FNIX1VINGB42J7ZSZ21LZLT3R9BMR7T8TC5U8NHNZKPIROBQPBBPX6RPE4B706D4HHXO6FC512NRQYHGAT78YXXD29JBDW X-Requested-With XMLHttpRequest Cookie __cfduid=d128da35795e8bc43b7efe7b0df1094901529680847; PHPSESSID=c6jdc8egos71rjcen92lfnep34 Connection keep-alive Cache-Control no-cache Accept text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, /; q=0.01 Referer http://www.viettaichi.q4.pl//Cliente/atendimento/chamada.php?=Q2GYLCXPLI2B74UNB5RB1K5ADVOT88WY0DWUPUKBCLNJPI81MYCMJGXWCLPKTMI3ZFXOAH1M4O7S7DSSC6FVMCRYYHJR43U4IRRS0SFCGL6NYYFB4V7P9YO7G8YK0TNRKFKU8Z8OKCBJARUEM24U1R2HZZ29SO1D4K9BKFZ5SBO43JHPLKKLCL3BL4KDSKRW6Z8PF8U8IJAL3RANCU9OFBZ1FJE9575A7B1LIUT2D4MFVW48RCW8NV94FMBJSFUYRUKAODB3HYIDULLMXHTLD2PSO2CHH7G921IPEUSWSA0NWU0UC4FP66IT7VBN3RW4SET80L42WDOS9YMK33A88S2ENC3P4YSWDM4M88N4KCWSBIDDLNKTFL84X0T28LYK937F0UJU8FNIX1VINGB42J7ZSZ21LZLT3R9BMR7T8TC5U8NHNZKPIROBQPBBPX6RPE4B706D4HHXO6FC512NRQYHGAT78YXXD29JBDW X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers Date Fri, 22 Jun 2018 15:20:48 GMT Content-Encoding gzip CF-Cache-Status MISS Last-Modified Tue, 19 Jun 2018 20:27:19 GMT Server cloudflare ETag "1590-56f04823d72bc-gzip" Vary Accept-Encoding,User-Agent Content-Type application/javascript Cache-Control public, max-age=14400 Connection keep-alive Accept-Ranges bytes CF-RAY 42efb37576406409-FRA Content-Length 1582 Expires Fri, 22 Jun 2018 19:20:48 GMT
GET H/1.1	200 OK	prg.png www.viettaichi.q4.pl//Cliente/atendimento/img/	77 KB 77 KB	36ms 35ms	Image image/png	2400:cb00:2048:1::681b:8adc Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL http://www.viettaichi.q4.pl//Cliente/atendimento/img/prg.png Protocol HTTP/1.1 Server 2400:cb00:2048:1::681b:8adc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `7b11dbbe6edc20717b9505228a79627587f71d44004e02971991baefb9e0b5d9` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.viettaichi.q4.pl User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://www.viettaichi.q4.pl//Cliente/atendimento/chamada.php?=Q2GYLCXPLI2B74UNB5RB1K5ADVOT88WY0DWUPUKBCLNJPI81MYCMJGXWCLPKTMI3ZFXOAH1M4O7S7DSSC6FVMCRYYHJR43U4IRRS0SFCGL6NYYFB4V7P9YO7G8YK0TNRKFKU8Z8OKCBJARUEM24U1R2HZZ29SO1D4K9BKFZ5SBO43JHPLKKLCL3BL4KDSKRW6Z8PF8U8IJAL3RANCU9OFBZ1FJE9575A7B1LIUT2D4MFVW48RCW8NV94FMBJSFUYRUKAODB3HYIDULLMXHTLD2PSO2CHH7G921IPEUSWSA0NWU0UC4FP66IT7VBN3RW4SET80L42WDOS9YMK33A88S2ENC3P4YSWDM4M88N4KCWSBIDDLNKTFL84X0T28LYK937F0UJU8FNIX1VINGB42J7ZSZ21LZLT3R9BMR7T8TC5U8NHNZKPIROBQPBBPX6RPE4B706D4HHXO6FC512NRQYHGAT78YXXD29JBDW Cookie __cfduid=d128da35795e8bc43b7efe7b0df1094901529680847; PHPSESSID=c6jdc8egos71rjcen92lfnep34 Connection keep-alive Cache-Control no-cache Referer http://www.viettaichi.q4.pl//Cliente/atendimento/chamada.php?=Q2GYLCXPLI2B74UNB5RB1K5ADVOT88WY0DWUPUKBCLNJPI81MYCMJGXWCLPKTMI3ZFXOAH1M4O7S7DSSC6FVMCRYYHJR43U4IRRS0SFCGL6NYYFB4V7P9YO7G8YK0TNRKFKU8Z8OKCBJARUEM24U1R2HZZ29SO1D4K9BKFZ5SBO43JHPLKKLCL3BL4KDSKRW6Z8PF8U8IJAL3RANCU9OFBZ1FJE9575A7B1LIUT2D4MFVW48RCW8NV94FMBJSFUYRUKAODB3HYIDULLMXHTLD2PSO2CHH7G921IPEUSWSA0NWU0UC4FP66IT7VBN3RW4SET80L42WDOS9YMK33A88S2ENC3P4YSWDM4M88N4KCWSBIDDLNKTFL84X0T28LYK937F0UJU8FNIX1VINGB42J7ZSZ21LZLT3R9BMR7T8TC5U8NHNZKPIROBQPBBPX6RPE4B706D4HHXO6FC512NRQYHGAT78YXXD29JBDW User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers Date Fri, 22 Jun 2018 15:20:48 GMT CF-Cache-Status REVALIDATED Last-Modified Tue, 19 Jun 2018 20:27:19 GMT Server cloudflare ETag "13281-56f04823d5f34" Vary Accept-Encoding Content-Type image/png Cache-Control public, max-age=14400 Connection keep-alive Accept-Ranges bytes CF-RAY 42efb37636786409-FRA Content-Length 78465 Expires Fri, 22 Jun 2018 19:20:48 GMT
GET H/1.1	200 OK	norm.png www.viettaichi.q4.pl//Cliente/atendimento/img/	47 KB 47 KB	32ms 31ms	Image image/png	2400:cb00:2048:1::681b:8bdc Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL http://www.viettaichi.q4.pl//Cliente/atendimento/img/norm.png Protocol HTTP/1.1 Server 2400:cb00:2048:1::681b:8bdc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `6978dea752f77a60fc06b87e0e6474dfa01845259c291640a8f96a0b432e7b55` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.viettaichi.q4.pl User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://www.viettaichi.q4.pl//Cliente/atendimento/css/norm.css Cookie __cfduid=d128da35795e8bc43b7efe7b0df1094901529680847; PHPSESSID=c6jdc8egos71rjcen92lfnep34 Connection keep-alive Cache-Control no-cache Referer http://www.viettaichi.q4.pl//Cliente/atendimento/css/norm.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers Date Fri, 22 Jun 2018 15:20:48 GMT CF-Cache-Status REVALIDATED Last-Modified Tue, 19 Jun 2018 20:27:19 GMT Server cloudflare ETag "badb-56f04823d5764" Vary Accept-Encoding Content-Type image/png Cache-Control public, max-age=14400 Connection keep-alive Accept-Ranges bytes CF-RAY 42efb37647056457-FRA Content-Length 47835 Expires Fri, 22 Jun 2018 19:20:48 GMT
GET H/1.1	200 OK	tbb1.jpg www.viettaichi.q4.pl//Cliente/atendimento/img/	49 KB 49 KB	36ms 30ms	Image image/jpeg	2400:cb00:2048:1::681b:8adc Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL http://www.viettaichi.q4.pl//Cliente/atendimento/img/tbb1.jpg Protocol HTTP/1.1 Server 2400:cb00:2048:1::681b:8adc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `45df1375333905411509ba8c1bdc20f5b29572ad30fbd4fd6408623a8b073d4a` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.viettaichi.q4.pl User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://www.viettaichi.q4.pl//Cliente/atendimento/chamada.php?=Q2GYLCXPLI2B74UNB5RB1K5ADVOT88WY0DWUPUKBCLNJPI81MYCMJGXWCLPKTMI3ZFXOAH1M4O7S7DSSC6FVMCRYYHJR43U4IRRS0SFCGL6NYYFB4V7P9YO7G8YK0TNRKFKU8Z8OKCBJARUEM24U1R2HZZ29SO1D4K9BKFZ5SBO43JHPLKKLCL3BL4KDSKRW6Z8PF8U8IJAL3RANCU9OFBZ1FJE9575A7B1LIUT2D4MFVW48RCW8NV94FMBJSFUYRUKAODB3HYIDULLMXHTLD2PSO2CHH7G921IPEUSWSA0NWU0UC4FP66IT7VBN3RW4SET80L42WDOS9YMK33A88S2ENC3P4YSWDM4M88N4KCWSBIDDLNKTFL84X0T28LYK937F0UJU8FNIX1VINGB42J7ZSZ21LZLT3R9BMR7T8TC5U8NHNZKPIROBQPBBPX6RPE4B706D4HHXO6FC512NRQYHGAT78YXXD29JBDW Cookie __cfduid=d128da35795e8bc43b7efe7b0df1094901529680847; PHPSESSID=c6jdc8egos71rjcen92lfnep34 Connection keep-alive Cache-Control no-cache Referer http://www.viettaichi.q4.pl//Cliente/atendimento/chamada.php?=Q2GYLCXPLI2B74UNB5RB1K5ADVOT88WY0DWUPUKBCLNJPI81MYCMJGXWCLPKTMI3ZFXOAH1M4O7S7DSSC6FVMCRYYHJR43U4IRRS0SFCGL6NYYFB4V7P9YO7G8YK0TNRKFKU8Z8OKCBJARUEM24U1R2HZZ29SO1D4K9BKFZ5SBO43JHPLKKLCL3BL4KDSKRW6Z8PF8U8IJAL3RANCU9OFBZ1FJE9575A7B1LIUT2D4MFVW48RCW8NV94FMBJSFUYRUKAODB3HYIDULLMXHTLD2PSO2CHH7G921IPEUSWSA0NWU0UC4FP66IT7VBN3RW4SET80L42WDOS9YMK33A88S2ENC3P4YSWDM4M88N4KCWSBIDDLNKTFL84X0T28LYK937F0UJU8FNIX1VINGB42J7ZSZ21LZLT3R9BMR7T8TC5U8NHNZKPIROBQPBBPX6RPE4B706D4HHXO6FC512NRQYHGAT78YXXD29JBDW User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers Date Fri, 22 Jun 2018 15:20:48 GMT CF-Cache-Status REVALIDATED Last-Modified Tue, 19 Jun 2018 20:27:19 GMT Server cloudflare ETag "c20b-56f04823d6aec" Vary Accept-Encoding Content-Type image/jpeg Cache-Control public, max-age=14400 Connection keep-alive Accept-Ranges bytes CF-RAY 42efb37643076439-FRA Content-Length 49675 Expires Fri, 22 Jun 2018 19:20:48 GMT
GET H/1.1	200 OK	atribate2.png www.viettaichi.q4.pl//Cliente/atendimento/img/	11 KB 11 KB	146ms 136ms	Image image/png	2400:cb00:2048:1::681b:8bdc Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL http://www.viettaichi.q4.pl//Cliente/atendimento/img/atribate2.png Protocol HTTP/1.1 Server 2400:cb00:2048:1::681b:8bdc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `3a84db18f1c76c20689ebd07728273df641cf1b6298d6f424e829e3e842a1af0` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.viettaichi.q4.pl User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://www.viettaichi.q4.pl//Cliente/atendimento/chamada.php?=Q2GYLCXPLI2B74UNB5RB1K5ADVOT88WY0DWUPUKBCLNJPI81MYCMJGXWCLPKTMI3ZFXOAH1M4O7S7DSSC6FVMCRYYHJR43U4IRRS0SFCGL6NYYFB4V7P9YO7G8YK0TNRKFKU8Z8OKCBJARUEM24U1R2HZZ29SO1D4K9BKFZ5SBO43JHPLKKLCL3BL4KDSKRW6Z8PF8U8IJAL3RANCU9OFBZ1FJE9575A7B1LIUT2D4MFVW48RCW8NV94FMBJSFUYRUKAODB3HYIDULLMXHTLD2PSO2CHH7G921IPEUSWSA0NWU0UC4FP66IT7VBN3RW4SET80L42WDOS9YMK33A88S2ENC3P4YSWDM4M88N4KCWSBIDDLNKTFL84X0T28LYK937F0UJU8FNIX1VINGB42J7ZSZ21LZLT3R9BMR7T8TC5U8NHNZKPIROBQPBBPX6RPE4B706D4HHXO6FC512NRQYHGAT78YXXD29JBDW Cookie __cfduid=d128da35795e8bc43b7efe7b0df1094901529680847; PHPSESSID=c6jdc8egos71rjcen92lfnep34 Connection keep-alive Cache-Control no-cache Referer http://www.viettaichi.q4.pl//Cliente/atendimento/chamada.php?=Q2GYLCXPLI2B74UNB5RB1K5ADVOT88WY0DWUPUKBCLNJPI81MYCMJGXWCLPKTMI3ZFXOAH1M4O7S7DSSC6FVMCRYYHJR43U4IRRS0SFCGL6NYYFB4V7P9YO7G8YK0TNRKFKU8Z8OKCBJARUEM24U1R2HZZ29SO1D4K9BKFZ5SBO43JHPLKKLCL3BL4KDSKRW6Z8PF8U8IJAL3RANCU9OFBZ1FJE9575A7B1LIUT2D4MFVW48RCW8NV94FMBJSFUYRUKAODB3HYIDULLMXHTLD2PSO2CHH7G921IPEUSWSA0NWU0UC4FP66IT7VBN3RW4SET80L42WDOS9YMK33A88S2ENC3P4YSWDM4M88N4KCWSBIDDLNKTFL84X0T28LYK937F0UJU8FNIX1VINGB42J7ZSZ21LZLT3R9BMR7T8TC5U8NHNZKPIROBQPBBPX6RPE4B706D4HHXO6FC512NRQYHGAT78YXXD29JBDW User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers Date Fri, 22 Jun 2018 15:20:48 GMT CF-Cache-Status REVALIDATED Last-Modified Tue, 19 Jun 2018 20:27:19 GMT Server cloudflare ETag "2baa-56f04823d3824" Vary Accept-Encoding Content-Type image/png Cache-Control public, max-age=14400 Connection keep-alive Accept-Ranges bytes CF-RAY 42efb37646ff64e7-FRA Content-Length 11178 Expires Fri, 22 Jun 2018 19:20:48 GMT
GET H/1.1	200 OK	norm.css www.viettaichi.q4.pl//Cliente/atendimento/css/	5 KB 2 KB	22ms 21ms	Stylesheet text/css	2400:cb00:2048:1::681b:8adc Cloudflare
General Check archive.org Show headers Download Go to Full URL http://www.viettaichi.q4.pl//Cliente/atendimento/css/norm.css Requested by Host: code.jquery.com URL: http://code.jquery.com/jquery-1.9.1.min.js Protocol HTTP/1.1 Server 2400:cb00:2048:1::681b:8adc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `6a2254469ced28896c6bf89ebd814150c7a4e47710c593993d885e13ced1f76c` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.viettaichi.q4.pl User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Accept text/css,/;q=0.1 Referer http://www.viettaichi.q4.pl//Cliente/atendimento/chamada.php?=Q2GYLCXPLI2B74UNB5RB1K5ADVOT88WY0DWUPUKBCLNJPI81MYCMJGXWCLPKTMI3ZFXOAH1M4O7S7DSSC6FVMCRYYHJR43U4IRRS0SFCGL6NYYFB4V7P9YO7G8YK0TNRKFKU8Z8OKCBJARUEM24U1R2HZZ29SO1D4K9BKFZ5SBO43JHPLKKLCL3BL4KDSKRW6Z8PF8U8IJAL3RANCU9OFBZ1FJE9575A7B1LIUT2D4MFVW48RCW8NV94FMBJSFUYRUKAODB3HYIDULLMXHTLD2PSO2CHH7G921IPEUSWSA0NWU0UC4FP66IT7VBN3RW4SET80L42WDOS9YMK33A88S2ENC3P4YSWDM4M88N4KCWSBIDDLNKTFL84X0T28LYK937F0UJU8FNIX1VINGB42J7ZSZ21LZLT3R9BMR7T8TC5U8NHNZKPIROBQPBBPX6RPE4B706D4HHXO6FC512NRQYHGAT78YXXD29JBDW Cookie __cfduid=d128da35795e8bc43b7efe7b0df1094901529680847; PHPSESSID=c6jdc8egos71rjcen92lfnep34 Connection keep-alive Cache-Control no-cache Referer http://www.viettaichi.q4.pl//Cliente/atendimento/chamada.php?=Q2GYLCXPLI2B74UNB5RB1K5ADVOT88WY0DWUPUKBCLNJPI81MYCMJGXWCLPKTMI3ZFXOAH1M4O7S7DSSC6FVMCRYYHJR43U4IRRS0SFCGL6NYYFB4V7P9YO7G8YK0TNRKFKU8Z8OKCBJARUEM24U1R2HZZ29SO1D4K9BKFZ5SBO43JHPLKKLCL3BL4KDSKRW6Z8PF8U8IJAL3RANCU9OFBZ1FJE9575A7B1LIUT2D4MFVW48RCW8NV94FMBJSFUYRUKAODB3HYIDULLMXHTLD2PSO2CHH7G921IPEUSWSA0NWU0UC4FP66IT7VBN3RW4SET80L42WDOS9YMK33A88S2ENC3P4YSWDM4M88N4KCWSBIDDLNKTFL84X0T28LYK937F0UJU8FNIX1VINGB42J7ZSZ21LZLT3R9BMR7T8TC5U8NHNZKPIROBQPBBPX6RPE4B706D4HHXO6FC512NRQYHGAT78YXXD29JBDW User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers Date Fri, 22 Jun 2018 15:20:48 GMT Content-Encoding gzip CF-Cache-Status HIT Last-Modified Tue, 19 Jun 2018 20:27:19 GMT Server cloudflare ETag "15a3-56f04823d0d2c-gzip" Vary Accept-Encoding,User-Agent Content-Type text/css Cache-Control public, max-age=14400 Connection keep-alive Accept-Ranges bytes CF-RAY 42efb376469164b1-FRA Content-Length 1312 Expires Fri, 22 Jun 2018 19:20:48 GMT
POST H/1.1	200 OK	Cookie set function.php Show response www.viettaichi.q4.pl//Cliente/atendimento/	82 B 541 B	33ms 33ms	XHR text/html	2400:cb00:2048:1::681b:8bdc Cloudflare
General Check archive.org Show headers Download Go to Full URL http://www.viettaichi.q4.pl//Cliente/atendimento/function.php?sk=934.9639495771937 Requested by Host: code.jquery.com URL: http://code.jquery.com/jquery-1.9.1.min.js Protocol HTTP/1.1 Server 2400:cb00:2048:1::681b:8bdc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / PHP/5.6.30 Resource Hash `9c7b1445f05db0225449017ab14542f13e987bfadba3493f6485746bad1c66f5` Request headers Pragma no-cache Origin http://www.viettaichi.q4.pl Accept-Encoding gzip, deflate Host www.viettaichi.q4.pl User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Accept / Cache-Control no-cache X-Requested-With XMLHttpRequest Connection keep-alive Referer http://www.viettaichi.q4.pl//Cliente/atendimento/chamada.php?=Q2GYLCXPLI2B74UNB5RB1K5ADVOT88WY0DWUPUKBCLNJPI81MYCMJGXWCLPKTMI3ZFXOAH1M4O7S7DSSC6FVMCRYYHJR43U4IRRS0SFCGL6NYYFB4V7P9YO7G8YK0TNRKFKU8Z8OKCBJARUEM24U1R2HZZ29SO1D4K9BKFZ5SBO43JHPLKKLCL3BL4KDSKRW6Z8PF8U8IJAL3RANCU9OFBZ1FJE9575A7B1LIUT2D4MFVW48RCW8NV94FMBJSFUYRUKAODB3HYIDULLMXHTLD2PSO2CHH7G921IPEUSWSA0NWU0UC4FP66IT7VBN3RW4SET80L42WDOS9YMK33A88S2ENC3P4YSWDM4M88N4KCWSBIDDLNKTFL84X0T28LYK937F0UJU8FNIX1VINGB42J7ZSZ21LZLT3R9BMR7T8TC5U8NHNZKPIROBQPBBPX6RPE4B706D4HHXO6FC512NRQYHGAT78YXXD29JBDW Content-Length 32 Accept / Referer http://www.viettaichi.q4.pl//Cliente/atendimento/chamada.php?=Q2GYLCXPLI2B74UNB5RB1K5ADVOT88WY0DWUPUKBCLNJPI81MYCMJGXWCLPKTMI3ZFXOAH1M4O7S7DSSC6FVMCRYYHJR43U4IRRS0SFCGL6NYYFB4V7P9YO7G8YK0TNRKFKU8Z8OKCBJARUEM24U1R2HZZ29SO1D4K9BKFZ5SBO43JHPLKKLCL3BL4KDSKRW6Z8PF8U8IJAL3RANCU9OFBZ1FJE9575A7B1LIUT2D4MFVW48RCW8NV94FMBJSFUYRUKAODB3HYIDULLMXHTLD2PSO2CHH7G921IPEUSWSA0NWU0UC4FP66IT7VBN3RW4SET80L42WDOS9YMK33A88S2ENC3P4YSWDM4M88N4KCWSBIDDLNKTFL84X0T28LYK937F0UJU8FNIX1VINGB42J7ZSZ21LZLT3R9BMR7T8TC5U8NHNZKPIROBQPBBPX6RPE4B706D4HHXO6FC512NRQYHGAT78YXXD29JBDW Origin http://www.viettaichi.q4.pl X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Date Fri, 22 Jun 2018 15:20:52 GMT Content-Encoding gzip Server cloudflare X-Powered-By PHP/5.6.30 Vary Accept-Encoding,User-Agent Content-Type text/html; charset=UTF-8 Set-Cookie __cfduid=d12e32c06216d118359698acb4a8c81a51529680852; expires=Sat, 22-Jun-19 15:20:52 GMT; path=/; domain=.q4.pl; HttpOnly Transfer-Encoding chunked Connection keep-alive CF-RAY 42efb38e315c64e7-FRA

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banco Itau (Banking)

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.viettaichi.q4.pl/	1969-12-31 23:59:59	Name: PHPSESSID Value: c6jdc8egos71rjcen92lfnep34
			.q4.pl/	1970-01-19 01:40:16	Name: __cfduid Value: d128da35795e8bc43b7efe7b0df1094901529680847

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
www.viettaichi.q4.pl
205.185.208.52
2400:cb00:2048:1::681b:8adc
2400:cb00:2048:1::681b:8bdc
3a84db18f1c76c20689ebd07728273df641cf1b6298d6f424e829e3e842a1af0
45df1375333905411509ba8c1bdc20f5b29572ad30fbd4fd6408623a8b073d4a
63310e72ecb87c85c07756eebd250c6e939f972a60a55e176472d05e9b135ee4
6978dea752f77a60fc06b87e0e6474dfa01845259c291640a8f96a0b432e7b55
6a2254469ced28896c6bf89ebd814150c7a4e47710c593993d885e13ced1f76c
7b11dbbe6edc20717b9505228a79627587f71d44004e02971991baefb9e0b5d9
9a46aa37422c580a2bc76ddd3f06521ac0de875c9b591685126d2514d062a923
9c7b1445f05db0225449017ab14542f13e987bfadba3493f6485746bad1c66f5
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c4dfee101f84df6791aeff075309b922d0496bb002ccc45c6543f8758081ec26

www.viettaichi.q4.pl Open in urlscan Pro 2400:cb00:2048:1::681b:8adc Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

13 Requests

0 %HTTPS

67 %IPv6

2 Domains

2 Subdomains

3 IPs

1 Countries

233 kBTransfer

299 kBSize

2 Cookies

0 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

15 JavaScript Global Variables

2 Cookies

Indicators

www.viettaichi.q4.pl Open in urlscan Pro
2400:cb00:2048:1::681b:8adc Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

0 %
HTTPS

67 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

233 kB
Transfer

299 kB
Size

2
Cookies

13 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!