regularizar-acesso.org Open in urlscan Pro
2606:4700:3034::6815:3086 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://regularizar-acesso.org/
Effective URL:
https://regularizar-acesso.org/
Submission: On February 27 via manual (February 27th 2024, 11:16:48 pm UTC) from US — Scanned from DE

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 12 HTTP transactions. The main IP is 2606:4700:3034::6815:3086, located in United States and belongs to CLOUDFLARENET, US. The main domain is regularizar-acesso.org.
TLS certificate: Issued by GTS CA 1P5 on February 22nd 2024. Valid for: 3 months.

This is the only time regularizar-acesso.org was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Caixa (Government)

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3033::ac43:9801	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2606:4700:303... 2606:4700:3034::6815:3086	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2

1 2606:4700:3033::ac43:9801 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

regularizar-acesso.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:3034::6815:3086 (United States)

ASN13335 (CLOUDFLARENET, US)

regularizar-acesso.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	regularizar-acesso.org 1 redirects regularizar-acesso.org	108 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 226	166 KB
12	2

	Domain	Requested by
11	regularizar-acesso.org	1 redirects regularizar-acesso.org
2	cdnjs.cloudflare.com	regularizar-acesso.org cdnjs.cloudflare.com
12	2

This site contains no links.

Subject Issuer	Validity	Valid
regularizar-acesso.org GTS CA 1P5	`2024-02-22` - `2024-05-22`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://regularizar-acesso.org/
Frame ID: A9FCED2680F08CEF4D6D17C2029C39D8
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Entrar em Login Caixa

Page URL History Show full URLs

http://regularizar-acesso.org/ HTTP 301
https://regularizar-acesso.org/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

12
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

273 kB
Transfer

661 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://regularizar-acesso.org/ HTTP 301
https://regularizar-acesso.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
regularizar-acesso.org/
Redirect Chain

http://regularizar-acesso.org/
https://regularizar-acesso.org/

7 KB
3 KB

625ms
384ms

Document
text/html

2606:4700:3034::6815:3086
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://regularizar-acesso.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:3086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.2.12
Resource Hash: 9b45840bf333a286518b87283e66c018e8c45d5df0cec144e1ad8a804998cd0a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 85c423163add8c30-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 27 Feb 2024 23:16:42 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tbsWKq0XxEH3JMNrVt6C0xaTsUmH6vFkHs90wstJwJq65nLE34NxNGu9wmwIaG6n98chE4z%2BRwg2k6coGjzJkbYzBkg3m9TCiQX6d2DxbewHadzss1G5NLSCOHSdEx1JPZxlQqbT4bBUp4LImP41OfijM3Sx"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/8.2.12

Redirect headers

CF-RAY: 85c42313e82d42f2-EWR
Cache-Control: max-age=3600
Connection: keep-alive
Date: Tue, 27 Feb 2024 23:16:42 GMT
Expires: Wed, 28 Feb 2024 00:16:42 GMT
Location: https://regularizar-acesso.org/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JDGH2mqB022Gv4dkGLfgPqztPkGr1Bi00iEKlEX7gQ3VzLAmlESlW8XV7QzYca%2F15nJ3ChA%2Ff0IO510dWptKW7WDM37%2BWmYhzxIFGjkAOmk1iVYZsTp1ojY469%2FLF4S027LNHgkMGnP5udlNpa2xoIe%2F8hZg"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 bootstrap.min.css
regularizar-acesso.org/assets/css/ 227 KB
33 KB 871ms
869ms Stylesheet
text/css 2606:4700:3034::6815:3086
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://regularizar-acesso.org/assets/css/bootstrap.min.css
Requested by: Host: regularizar-acesso.org
URL: https://regularizar-acesso.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:3086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16ee7f3d53462650bbd32e263c48c0ea759574fcf620c681ad719008912c461a

Request headers

Referer: https://regularizar-acesso.org/
Origin: https://regularizar-acesso.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Tue, 27 Feb 2024 23:16:43 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 14 Feb 2024 09:46:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"38cf3-6115464109f80"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O10SLnTJsV%2B0sKk1CyhQ2TrszRXgqV1fKmiHL16VmuSe2YoKSeuVXxX2%2B4Dgaxw%2FvN%2F8b1pXCKj1iGK9XzqkiOWNJrrwquXLAcMrwPFOAp2SPYQ3IVQDldMyzDcL0J%2FnLJyM3DB%2FM00TwA%2Fb%2FUxQ9kMp5Ty0"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 85c42318ae648c30-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/ 100 KB
19 KB 117ms
45ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css

Requested by

Host: regularizar-acesso.org
URL: https://regularizar-acesso.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1edb1725a9ea8ca4dcf2f5508cee183218aa1685e47c1b23056717f754f58ebf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://regularizar-acesso.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Tue, 27 Feb 2024 23:16:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4591030
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 18752
last-modified: Mon, 27 Mar 2023 17:46:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "6421d693-4940"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PJEotQjcvl6Z%2BvmpjU54OE0ePZwFgm%2Bu3hY3PIIKwoukwgiWgNrfPMAlH7XuFHd%2BFTCTdIpCbqR3eRoYwfNNNNdXs2UkZyBoIWLheZPL%2BKlM7eEL2KcxksvXvHSojHsZNllVkI%2FrnKUV7qLr9a8D%2F1qf"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 85c42318d85c190d-FRA
expires: Sun, 16 Feb 2025 23:16:43 GMT

GET
H2 200 login.css
regularizar-acesso.org/assets/css/ 296 B
491 B 383ms
382ms Stylesheet
text/css 2606:4700:3034::6815:3086
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://regularizar-acesso.org/assets/css/login.css
Requested by: Host: regularizar-acesso.org
URL: https://regularizar-acesso.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:3086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec5a90e954afb2d290d3db84561a304a53bc4380da799701ffe25d364ee1559c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://regularizar-acesso.org/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Tue, 27 Feb 2024 23:16:43 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 14 Feb 2024 09:46:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"128-6115463a5cfc0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tO3gB5E8w7%2BgEY8ngnr7GbWeFBy5b%2FyJh43CLW%2FDmvRPhf3v5X60pxmTC4q5yeM%2FkqFkCuVyoDbZHpqvHwXnK3r13qltM%2BO138y%2BCVCPMaXG8fuP%2FdChIeSre5nkA1urN1E0zLJKjiarZwNv0yCI%2BYKppoWk"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 85c42318ae688c30-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 main.css
regularizar-acesso.org/assets/css/ 22 KB
5 KB 499ms
498ms Stylesheet
text/css 2606:4700:3034::6815:3086
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://regularizar-acesso.org/assets/css/main.css
Requested by: Host: regularizar-acesso.org
URL: https://regularizar-acesso.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:3086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6d5e5272293d6212040ade68138e4a3eb698739603c6be040b940a3e4acbce2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://regularizar-acesso.org/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Tue, 27 Feb 2024 23:16:43 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 14 Feb 2024 09:46:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"56e6-6115463a5cfc0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gt9sn9gzKw%2B3%2FemYT4AlzrvDDotwDitVQO89J87pgMXrysgSM9dsQ9mYxMwNOvrUOAmoOYQsZcvab%2F9urdd1yGUoA1MHjstKxkufZkax6vKXd9HC8MW9Alyx0YOkdsei9msMAtOq9HVJ9eF2vcsN6FcsjaVq"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 85c42318ae6a8c30-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 fsso.css
regularizar-acesso.org/assets/css/ 1 KB
811 B 374ms
373ms Stylesheet
text/css 2606:4700:3034::6815:3086
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://regularizar-acesso.org/assets/css/fsso.css
Requested by: Host: regularizar-acesso.org
URL: https://regularizar-acesso.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:3086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a8389b9be2cca3dc5f663dfdde77f7a8d1b305f041553a4374bac683b2c193c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://regularizar-acesso.org/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Tue, 27 Feb 2024 23:16:43 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 14 Feb 2024 09:46:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"4b5-6115463c45440"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a2%2FrDwb6QEUWox44UQGzXkiCvCPSVGdsPxzkkAOebvOLcPyrHFyW5f1xQ0j4Ra3O4IuMGMIxog2AQ7gbsPdKeP4Gyy2qu0MBnfEiUnUeRyLzYuEbidZBnj3%2BXVnUfiqFxpu7EnuhFrm70FEdcz1BDevnUZcm"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 85c42318ae6c8c30-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 logo-caixa.png
regularizar-acesso.org/assets/img/ 4 KB
4 KB 379ms
378ms Image
image/png 2606:4700:3034::6815:3086
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://regularizar-acesso.org/assets/img/logo-caixa.png
Requested by: Host: regularizar-acesso.org
URL: https://regularizar-acesso.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:3086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a10b2226b24cb524fc090fc6b617601ddfa9c6bfc32b95c415b8057f0b32b340

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://regularizar-acesso.org/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Tue, 27 Feb 2024 23:16:43 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 14 Feb 2024 09:44:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1083-611545ac44080"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FppusgJ%2BEb9%2BAU7%2BdUqqG72wVNrfoEOePi1SoqRQtvZvIKPPrbl1XhA7XpvBb9NEWSE1XBSAssyI%2BRbXkzj%2Fl4UAblw%2BaHKaWrPddt9UyAv5UNSBtvvK9rotLJvNbXW5rin5oH4OxrqGgSFkTGSrIFAxvPio"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85c42318ae6e8c30-EWR
alt-svc: h3=":443"; ma=86400
content-length: 4227

GET
H2 200 jquery-3.6.0.min.js Show response
regularizar-acesso.org/assets/js/ 87 KB
32 KB 625ms
625ms Script
text/javascript 2606:4700:3034::6815:3086
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://regularizar-acesso.org/assets/js/jquery-3.6.0.min.js
Requested by: Host: regularizar-acesso.org
URL: https://regularizar-acesso.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:3086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://regularizar-acesso.org/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Tue, 27 Feb 2024 23:16:43 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 14 Feb 2024 09:43:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"15d9d-611545983d140"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q7CgXx1Uka7RhB1%2FJq9jaFrDT%2B46tWhUQzpm7Zv3j59sYdk2T5k%2FEtCEQ0%2Fwnj7JYSdYIoltj0DzvDivLaSDwXgx2P4LbcEF%2Fjetqg%2Bbr%2BzOqxo4c4fbdVQQop9pcDIsGz0U1pQrSWui5P%2FPhd2YfeC5gybD"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 85c42318ae708c30-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery.mask.min.js Show response
regularizar-acesso.org/assets/js/ 8 KB
4 KB 375ms
375ms Script
text/javascript 2606:4700:3034::6815:3086
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://regularizar-acesso.org/assets/js/jquery.mask.min.js
Requested by: Host: regularizar-acesso.org
URL: https://regularizar-acesso.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:3086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a0db34dc14ef4b5ce73b230701c7561e5012667a4c9cb274ecab646e1474995

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://regularizar-acesso.org/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Tue, 27 Feb 2024 23:16:43 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 14 Feb 2024 09:43:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2087-6115459654cc0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5%2BbY2DY2wBWXjUAe0D6mFJzY7YKCMFXPYdr6mKlGh8uczf%2Fhl2kPuCJzERHKzZLEKUsnn87YC2R3EXnl%2BGp%2BD%2FLIiZmTXHRiEQUoI%2Bm3ATwAZ4VmkfjE65PkkA8xzTa2GZ20zoz78wBq%2F1CkDnBv2sWkpjJy"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 85c42318ae728c30-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 imask.min.js Show response
regularizar-acesso.org/assets/js/ 44 KB
13 KB 658ms
657ms Script
text/javascript 2606:4700:3034::6815:3086
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://regularizar-acesso.org/assets/js/imask.min.js
Requested by: Host: regularizar-acesso.org
URL: https://regularizar-acesso.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:3086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63c6bca75c5ba6da5336acef9f07f249f52b6ef6343f5d1ec46916139b30ee16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://regularizar-acesso.org/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Tue, 27 Feb 2024 23:16:43 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 14 Feb 2024 09:43:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"b1f1-6115459a255c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oi8wJOLgpURvLR7Kr8qoymI6q41izzPmRxZ031UFgu3KXCjGuzo%2FMzUpky7v7u4JsEL2vzX6JQSKVFPPAEYq2K%2FTTLpSD0yUnlap34DvFuO%2Fkm0GEpFdF1lOIKo6WoNhivjcLPVklALcITquVxjud0jNOmON"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 85c42318ae748c30-EWR
alt-svc: h3=":443"; ma=86400

GET
H3 200 futuraBook.woff
regularizar-acesso.org/assets/fonts/futuraBook/ 12 KB
13 KB 484ms
484ms Font
font/woff 2606:4700:3034::6815:3086
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://regularizar-acesso.org/assets/fonts/futuraBook/futuraBook.woff
Requested by: Host: regularizar-acesso.org
URL: https://regularizar-acesso.org/assets/css/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:3086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cef588bc026161c06f8f09683b4dbe9478955be7d9704bf81b625725b3d495d5

Request headers

Referer: https://regularizar-acesso.org/assets/css/main.css
Origin: https://regularizar-acesso.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Tue, 27 Feb 2024 23:16:44 GMT
cf-cache-status: MISS
last-modified: Wed, 14 Feb 2024 09:46:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "31e0-6115462561e40"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Th7Wr4Mi7eEwBQb0thRyediQWqADWpKFuRPr0VkafViBh6CaEXRFwsXpwCsuyQVWfnS6Mtm2jZex0KCLvebtL4PvEz4ssWaPSLnFnQ0cyzuk2cCleP3QvrrMsIGTajXvToQdvB8zG83bkxd%2B5D2MqDaUpg8o"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85c4231e1dcc7032-CDG
alt-svc: h3=":443"; ma=86400
content-length: 12768

GET
H2 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/ 147 KB
147 KB 36ms
36ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7152a6933ee3d690ec2af3d09da9d701723d16aa3410a6d80f28ff8866f3b880

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css
Origin: https://regularizar-acesso.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Tue, 27 Feb 2024 23:16:43 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 17855
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 150124
last-modified: Mon, 27 Mar 2023 17:46:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "6421d693-24a6c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KexndrzgOlLJDLXKi1LmU6v5Wu8IHhMNRmZfhEFH3gJo6m%2BEwdok5cEsekn5ClhYGmNzs3UBUdAAd7hr%2BX7x4g0CXhKraEPwxkT78qOsU%2FIml%2BRkwN%2FsAoHenxNuY7WCNUygAE%2FwWWip%2BaIKq7TI6eIn"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 85c4231e3adb190d-FRA
expires: Sun, 16 Feb 2025 23:16:43 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Caixa (Government)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			regularizar-acesso.org/	1969-12-31 23:59:59	Name: PHPSESSID Value: tnpbf6qp4i0hdh25qhnek7rv0n

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
regularizar-acesso.org
2606:4700:3033::ac43:9801
2606:4700:3034::6815:3086
2606:4700::6811:180e
0a8389b9be2cca3dc5f663dfdde77f7a8d1b305f041553a4374bac683b2c193c
16ee7f3d53462650bbd32e263c48c0ea759574fcf620c681ad719008912c461a
1edb1725a9ea8ca4dcf2f5508cee183218aa1685e47c1b23056717f754f58ebf
2a0db34dc14ef4b5ce73b230701c7561e5012667a4c9cb274ecab646e1474995
63c6bca75c5ba6da5336acef9f07f249f52b6ef6343f5d1ec46916139b30ee16
7152a6933ee3d690ec2af3d09da9d701723d16aa3410a6d80f28ff8866f3b880
9b45840bf333a286518b87283e66c018e8c45d5df0cec144e1ad8a804998cd0a
a10b2226b24cb524fc090fc6b617601ddfa9c6bfc32b95c415b8057f0b32b340
b6d5e5272293d6212040ade68138e4a3eb698739603c6be040b940a3e4acbce2
cef588bc026161c06f8f09683b4dbe9478955be7d9704bf81b625725b3d495d5
ec5a90e954afb2d290d3db84561a304a53bc4380da799701ffe25d364ee1559c
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

regularizar-acesso.org Open in urlscan Pro 2606:4700:3034::6815:3086 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

12 Requests

100 %HTTPS

100 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

273 kBTransfer

661 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

8 JavaScript Global Variables

1 Cookies

Indicators

regularizar-acesso.org Open in urlscan Pro
2606:4700:3034::6815:3086 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

273 kB
Transfer

661 kB
Size

1
Cookies

12 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!