resgateaqui.net Open in urlscan Pro
2606:4700:3036::6815:6093 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://resgateaqui.net/@/0djd00fmuzaboj9fr9xnd4kilk/?tipocliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b15775987172...
Effective URL:
https://resgateaqui.net/webApps_AplicationHome.php?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b15775987172829...
Submission: On June 22 via automatic, source openphish (June 22nd 2022, 1:16:06 am UTC) — Scanned from DE

Summary HTTP 21 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 21 HTTP transactions. The main IP is 2606:4700:3036::6815:6093, located in United States and belongs to CLOUDFLARENET, US. The main domain is resgateaqui.net.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 21st 2022. Valid for: a year.

This is the only time resgateaqui.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Banco Bradesco (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 20	2606:4700:303... 2606:4700:3036::6815:6093	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
21	2

20 2606:4700:3036::6815:6093 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

resgateaqui.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	resgateaqui.net 1 redirects resgateaqui.net	282 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 329	60 KB
21	2

	Domain	Requested by
20	resgateaqui.net	1 redirects resgateaqui.net
2	ajax.googleapis.com	resgateaqui.net
21	2

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-21` - `2023-06-20`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://resgateaqui.net/webApps_AplicationHome.php?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6
Frame ID: 88178B8AA50DCB0C343CAFC52CCC2E9C
Requests: 17 HTTP requests in this frame

Frame: https://resgateaqui.net/iframes/index.php
Frame ID: EDB50E14F457C4F960A422FBD63F0169
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Banco Bradesco | Pessoa Física, Exclusive, Prime e Private

Page URL History Show full URLs

http://resgateaqui.net/@/0djd00fmuzaboj9fr9xnd4kilk/?tipocliente=fisico&segmento=emp&pk_vid=db4b285... HTTP 301
https://resgateaqui.net/@/0djd00fmuzaboj9fr9xnd4kilk/?tipocliente=fisico&segmento=emp&pk_vid=db4b285... Page URL
https://resgateaqui.net/webApps_AplicationHome.php?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

21
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

341 kB
Transfer

805 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://resgateaqui.net/@/0djd00fmuzaboj9fr9xnd4kilk/?tipocliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6 HTTP 301
https://resgateaqui.net/@/0djd00fmuzaboj9fr9xnd4kilk/?tipocliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6 Page URL
https://resgateaqui.net/webApps_AplicationHome.php?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://resgateaqui.net/@/0djd00fmuzaboj9fr9xnd4kilk/?tipocliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6 HTTP 301
https://resgateaqui.net/@/0djd00fmuzaboj9fr9xnd4kilk/?tipocliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6

21 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
resgateaqui.net/@/0djd00fmuzaboj9fr9xnd4kilk/
Redirect Chain

http://resgateaqui.net/@/0djd00fmuzaboj9fr9xnd4kilk/?tipocliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6
https://resgateaqui.net/@/0djd00fmuzaboj9fr9xnd4kilk/?tipocliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6

933 B
1 KB

336ms
296ms

Document
text/html

2606:4700:3036::6815:6093
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resgateaqui.net/@/0djd00fmuzaboj9fr9xnd4kilk/?tipocliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:6093 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.29
Resource Hash: 41d1f271960fdb67c362141f5e4046d01da5ab1ece758f3b8d72a296397918ad

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 71f122dd6f5292a8-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 22 Jun 2022 01:16:01 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eCP9D39Oe1NS8uhYY50lgrcgN7DwiKsTOf7fJqgIY73UShrRe4aowEmx7x3d58Om4lETR47Tb%2BePoPvFJ5qepzUw3QZxwUqXh%2BhXkd7ci70fAk%2FNUsYdKOfFWCJHkjbWWV7FI32Z8R1H%2B7gt6DM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.29

Redirect headers

CF-RAY: 71f122dcfb0a6937-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Wed, 22 Jun 2022 01:16:01 GMT
Expires: Wed, 22 Jun 2022 02:16:01 GMT
Location: https://resgateaqui.net/@/0djd00fmuzaboj9fr9xnd4kilk/?tipocliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8n6Wxip1T9QAWhvJ7kiXhNdfHgbQvQPiJhVn5yOmcaUMpecBOZA3zbZ2ptBli910e9a9Q5PEmDYyb7mKIWdGj0ETLaMdBryXWgFljwW%2FBgf07bDwKMVQawaKMzUHdVJIghCr4kDbL7%2F2kzIU0tE%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 bootstrap.css
resgateaqui.net/css/ 142 KB
22 KB 300ms
300ms Stylesheet
text/css 2606:4700:3036::6815:6093
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resgateaqui.net/css/bootstrap.css
Requested by: Host: resgateaqui.net
URL: https://resgateaqui.net/@/0djd00fmuzaboj9fr9xnd4kilk/?tipocliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:6093 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ef915b307b4e7d5d5b26fff9b2264bb4f64628a326ad7fc33ffcfb6e3855577

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resgateaqui.net/@/0djd00fmuzaboj9fr9xnd4kilk/?tipocliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 01:16:02 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=187126
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 26 Apr 2021 17:14:36 GMT
server: cloudflare
etag: W/"2daf6-5c0e347b2b490"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZE5wATmDjQNMcCyJIyFfZ3kGh7ik96oYUBqGTEd5P26ZZfZK44nOPn2roxXdxkpL52nsnYm20tJj33lmhM8ZmaARBf87BogGMMzTnNumgVeEOnkumuewi%2BN5%2F%2BFnq%2FnSApkd%2B%2F91NDyimkJtox0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 71f122df488a92a8-FRA
cf-bgj: minify

GET
H2 200 mobile.css
resgateaqui.net/css/ 1 KB
915 B 288ms
288ms Stylesheet
text/css 2606:4700:3036::6815:6093
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resgateaqui.net/css/mobile.css
Requested by: Host: resgateaqui.net
URL: https://resgateaqui.net/@/0djd00fmuzaboj9fr9xnd4kilk/?tipocliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:6093 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86cd1db5064c5b368454c8faf7c8ddf2f63450d6757c5f9f85aa8bc1af856619

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resgateaqui.net/@/0djd00fmuzaboj9fr9xnd4kilk/?tipocliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 01:16:02 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=2092
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 26 Apr 2021 17:14:36 GMT
server: cloudflare
etag: W/"82c-5c0e347ac256d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xJoqscFTLTjweGbtr8KsSL8rHOQA1istyqDC6C1egg2qhAT%2Bkxr1KHMyyk6%2FRAyNkdzzvGMqUz5rFb%2F2ipyQjF9ltYwfb7kW4RhfGvwxTKvC4MAr8Zk%2BxT%2BWe%2Fecu4DIA9ByuQVam1v6g9UhhcE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 71f122df488b92a8-FRA
cf-bgj: minify

GET
H2 200 logo.png
resgateaqui.net/img/ 44 KB
45 KB 314ms
313ms Image
image/png 2606:4700:3036::6815:6093
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resgateaqui.net/img/logo.png
Requested by: Host: resgateaqui.net
URL: https://resgateaqui.net/@/0djd00fmuzaboj9fr9xnd4kilk/?tipocliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:6093 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e42bacf23fa281ab8254f137a05d99e47215bb979b837b9272e18e966806b718

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resgateaqui.net/@/0djd00fmuzaboj9fr9xnd4kilk/?tipocliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 01:16:02 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 26 Apr 2021 17:14:38 GMT
server: cloudflare
etag: "b1e6-5c0e347d1cc3e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JCihF7pMwGAaClxgy9zIDWKe4sCxCanI2cjZF3EzaNw305djrAXunL0c984oKBrHqmTBEw6nEFK9MBsv5pMJcglS5g7L69geftxa5nX%2BBcHPR0q%2BMn0YopU3EtuRZvGRpHWM36FaqQDmsczTC2c%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 71f122df58a892a8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45542

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 85 KB
30 KB 64ms
20ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: resgateaqui.net
URL: https://resgateaqui.net/@/0djd00fmuzaboj9fr9xnd4kilk/?tipocliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resgateaqui.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 23:32:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6208
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30399
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Jun 2023 23:32:33 GMT

GET
H2 200 bootstrap.js Show response
resgateaqui.net/js/ 73 KB
17 KB 292ms
292ms Script
application/javascript 2606:4700:3036::6815:6093
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resgateaqui.net/js/bootstrap.js
Requested by: Host: resgateaqui.net
URL: https://resgateaqui.net/@/0djd00fmuzaboj9fr9xnd4kilk/?tipocliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:6093 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0ec17cb1cfc64850eefa1486739b402ce266968121d20c25b5049aa8192f308

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resgateaqui.net/@/0djd00fmuzaboj9fr9xnd4kilk/?tipocliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 01:16:02 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=118942
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 26 Apr 2021 17:14:41 GMT
server: cloudflare
etag: W/"1d09e-5c0e347ff8023"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HFh0kSDXihcKTJlRJCpzHpl28Gl2jZ1skCu5yBhUhrz3qj0jITW663CtUGS%2BmsRO%2BM0GN9eeCNWXiRM4b869aFZ%2FwpqyhREqG5nSpRYn1tE9xeoQeN7PkP8n3R5ow7GVKkQavJG%2Boa4Zha5c9Y8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 71f122df58a492a8-FRA
cf-bgj: minify

GET
H2 200 padrao_mk.js Show response
resgateaqui.net/js/ 1 KB
972 B 286ms
285ms Script
application/javascript 2606:4700:3036::6815:6093
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resgateaqui.net/js/padrao_mk.js
Requested by: Host: resgateaqui.net
URL: https://resgateaqui.net/@/0djd00fmuzaboj9fr9xnd4kilk/?tipocliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:6093 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27d8a772131eadb8e1d92c6347da074ce571d6da3a7294988a4c9d4522384e66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resgateaqui.net/@/0djd00fmuzaboj9fr9xnd4kilk/?tipocliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 01:16:02 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=1942
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 26 Apr 2021 17:14:40 GMT
server: cloudflare
etag: W/"796-5c0e347f2edd9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X8DWj8PnEw8FmErfuiABnvulaOY%2BmJMpVu0ci0aD0mWnlxm0uvNJJXPe5BNXXVzslKDNOlrxEel%2Fss29DI%2FnGRzgO9l1cgmTjwwZjwk3LIPjlWtOI%2BZwdG8In8KQ%2B3W7Upnzpos3JVAQIonpC0o%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 71f122df58a792a8-FRA
cf-bgj: minify

GET
H3 200 Primary Request webApps_AplicationHome.php Show response
resgateaqui.net/ 4 KB
2 KB 322ms
322ms Document
text/html 2606:4700:3036::6815:6093
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resgateaqui.net/webApps_AplicationHome.php?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:6093 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.29
Resource Hash: 181d327623ab9c71f407ccad13910f9b39c0895950f6997619a6ea2be4750500

Request headers

Referer: https://resgateaqui.net/@/0djd00fmuzaboj9fr9xnd4kilk/?tipocliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 71f122eddbab8fe3-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 22 Jun 2022 01:16:04 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FsqzTkngs11xJQr4y0AZJeCAJ%2F0VG2HrUZuI%2FeYSS9V04T23fQs7JwEIdvASonOrVu1jrvgcL5%2F7MxZEFx7AlZqhAkbOt5elDR6TuQa4XqBZ%2FDv0S6xo93AVx4WXe4NzF%2FR%2FMals98%2FAZt2occU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.29

GET
H3 200 bootstrap.css
resgateaqui.net/css/ 142 KB
22 KB 308ms
307ms Stylesheet
text/css 2606:4700:3036::6815:6093
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resgateaqui.net/css/bootstrap.css
Requested by: Host: resgateaqui.net
URL: https://resgateaqui.net/webApps_AplicationHome.php?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:6093 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ef915b307b4e7d5d5b26fff9b2264bb4f64628a326ad7fc33ffcfb6e3855577

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resgateaqui.net/webApps_AplicationHome.php?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 01:16:04 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=187126
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 26 Apr 2021 17:14:36 GMT
server: cloudflare
etag: W/"2daf6-5c0e347b2b490"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sJRdVzhAOhJtZCtKM791S%2BjPFjewzv6t6fhdUVn65JKkz9pxG4wVNnyyUeX3nzuJygIOWXrbXOjSgOOyqaJhyKwBD6q3ftSYvL7ji9GEFR%2FKRcAXjBte1Qf%2BAUTtg52nPKTMp4gIMSbFiHS64YU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 71f122efdcf38fe3-FRA
cf-bgj: minify

GET
H3 200 mobile.css
resgateaqui.net/css/ 1 KB
1 KB 295ms
294ms Stylesheet
text/css 2606:4700:3036::6815:6093
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resgateaqui.net/css/mobile.css
Requested by: Host: resgateaqui.net
URL: https://resgateaqui.net/webApps_AplicationHome.php?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:6093 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86cd1db5064c5b368454c8faf7c8ddf2f63450d6757c5f9f85aa8bc1af856619

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resgateaqui.net/webApps_AplicationHome.php?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 01:16:04 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=2092
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 26 Apr 2021 17:14:36 GMT
server: cloudflare
etag: W/"82c-5c0e347ac256d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FaX9QKYLBXZvaF7z%2BBfX76WMbMYtgHjRO%2FnXuw9224XXw2eqMQnIS932mZl2pyxZ38QCk71EVW%2FfGY1nA6yFrJ84ZpWJ7xGQ21qVwhdmjdFqLSNn69zKoIcKAjuzPJvEeVBfpHeB2OvLW%2BCnXD4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 71f122efdcf48fe3-FRA
cf-bgj: minify

GET
H3 200 valida_conta.js Show response
resgateaqui.net/js/ 4 KB
2 KB 292ms
292ms Script
application/javascript 2606:4700:3036::6815:6093
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resgateaqui.net/js/valida_conta.js
Requested by: Host: resgateaqui.net
URL: https://resgateaqui.net/webApps_AplicationHome.php?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:6093 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80087dd526449531d3e558f80e141c1fa683beffec2ab87bc5285b4907053334

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resgateaqui.net/webApps_AplicationHome.php?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 01:16:04 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=5811
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 26 Apr 2021 17:14:40 GMT
server: cloudflare
etag: W/"16b3-5c0e347f2a78e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oLZDTwZ5G7Yy28%2BY7EWxQ4K8oRfJOh985cQmihAqplDXsdTwfKEptRX83OxwWz%2BSaLh1seZYy%2B1WDTjorYPKgnB8Fafdd1v6XCWB2c%2F%2FQa%2F8QZilqwqCsq9TbXYn34QVFbzvbidLJ7nN4ezw0z0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 71f122efdcf68fe3-FRA
cf-bgj: minify

GET
H3 200 avatar.png
resgateaqui.net/img/ 85 KB
86 KB 314ms
313ms Image
image/png 2606:4700:3036::6815:6093
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resgateaqui.net/img/avatar.png
Requested by: Host: resgateaqui.net
URL: https://resgateaqui.net/webApps_AplicationHome.php?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:6093 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d56aa7eac91cbca507270424934d6df39592f6705ec5d2ca984ffc76cae4f988

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resgateaqui.net/webApps_AplicationHome.php?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 01:16:05 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 26 Apr 2021 17:14:40 GMT
server: cloudflare
etag: "154f1-5c0e347ee69f8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vkW2%2BcI66ras8IllZDg0zvtsbnPn8yYk%2BA1c2G4Y2OgME2QSmmVJiHyt71aLh1xj6qQV70YavAx9AVPObp1jW6iY0%2BtM0KVEvwW%2Fha071IR9NrEFDW%2BM7Myf5cfqxDuzGNkT6LzxGF%2BdBJvouGQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 71f122f1fe678fe3-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 87281

GET
H3 200 rodape.jpg
resgateaqui.net/img/ 5 KB
6 KB 293ms
293ms Image
image/jpeg 2606:4700:3036::6815:6093
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resgateaqui.net/img/rodape.jpg
Requested by: Host: resgateaqui.net
URL: https://resgateaqui.net/webApps_AplicationHome.php?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:6093 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc788d3fcbf31d5ccf53d50b147658f6e7b16b67c4d69490b745c0e31913e375

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resgateaqui.net/webApps_AplicationHome.php?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 01:16:05 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 26 Apr 2021 17:14:38 GMT
server: cloudflare
etag: "153d-5c0e347cd7455"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vilbJ9ErzTPl8vHGxCKyrCEHt%2FaSUaunMsDtXaAlSy6ulgXapmcQuRjvUYuLtLwACNuMO3LauP6ywXBVn02sz0joD2hFqb38ldf6I2LPrDhatikBUaIljEb29LfXJtWOfESI6Crjo%2FpZDB4U53Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 71f122f1fe688fe3-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5437

GET
H3 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 85 KB
30 KB 58ms
19ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: resgateaqui.net
URL: https://resgateaqui.net/webApps_AplicationHome.php?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resgateaqui.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 23:32:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6211
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30399
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Jun 2023 23:32:33 GMT

GET
H3 200 bootstrap.js Show response
resgateaqui.net/js/ 73 KB
17 KB 298ms
297ms Script
application/javascript 2606:4700:3036::6815:6093
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resgateaqui.net/js/bootstrap.js
Requested by: Host: resgateaqui.net
URL: https://resgateaqui.net/webApps_AplicationHome.php?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:6093 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0ec17cb1cfc64850eefa1486739b402ce266968121d20c25b5049aa8192f308

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resgateaqui.net/webApps_AplicationHome.php?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 01:16:05 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=118942
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 26 Apr 2021 17:14:41 GMT
server: cloudflare
etag: W/"1d09e-5c0e347ff8023"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2FJyA99pbRu3fYvRB34b29oqqSbQ2xojlvGArzYNLn%2FeDjDyu0pqrG0Db4w7buCKWD1Ykcdyw2p%2B4o%2BbNm2BFf3jZVDmV1ANlcpzRvJd6KpYfQgScTzC9WW1GLLv36e0rVi35%2Byrg%2Ba7cALHRWQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 71f122f1ee648fe3-FRA
cf-bgj: minify

GET
H3 200 padrao_mk.js Show response
resgateaqui.net/js/ 1 KB
1 KB 123ms
123ms Script
application/javascript 2606:4700:3036::6815:6093
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resgateaqui.net/js/padrao_mk.js
Requested by: Host: resgateaqui.net
URL: https://resgateaqui.net/webApps_AplicationHome.php?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:6093 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27d8a772131eadb8e1d92c6347da074ce571d6da3a7294988a4c9d4522384e66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resgateaqui.net/webApps_AplicationHome.php?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 01:16:04 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=1942
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 26 Apr 2021 17:14:40 GMT
server: cloudflare
etag: W/"796-5c0e347f2edd9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Mo0nn2jVPXoBGO4K8YrGsQMFv1pd214i%2BTmUlETmUXup8FgXwdQiZxnsBq%2FF9ovn4DcYktsAv%2FjxHoh7VHK%2Ftvo8utms2v5bRDs4689GxR%2B5HE3qWf1gSszYJzYrEz0ACbm%2FbbpqgCkEBwKjqs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 71f122f1fe668fe3-FRA
cf-bgj: minify

GET
H3 200 index.php Show response
resgateaqui.net/iframes/ Frame EDB5 1 KB
1 KB 332ms
332ms Document
text/html 2606:4700:3036::6815:6093
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resgateaqui.net/iframes/index.php
Requested by: Host: resgateaqui.net
URL: https://resgateaqui.net/webApps_AplicationHome.php?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:6093 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.29
Resource Hash: 9042e127a2381abd8cf27ce1d0eb4422073f6c14c83b18b72eba2afd5c479316

Request headers

Referer: https://resgateaqui.net/webApps_AplicationHome.php?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 71f122f1fe698fe3-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 22 Jun 2022 01:16:05 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DYJO%2FrSREy32OmlTevyG3RcUbzuh28r96IQ1QpFm8GIa%2FNYr5cIpLRaXKFFlzBnfTl60WyI6i%2BnFIjXopzP%2FldUqZfMc0noTzHO%2FFvgDnad2mATR3Jdj4abwgs7%2FhtE0%2FOtT%2Fh2Cm%2FDFUrEFU1Y%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.29

GET
H3 200 btnEnviar.jpg
resgateaqui.net/img/ 56 KB
57 KB 331ms
331ms Image
image/jpeg 2606:4700:3036::6815:6093
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resgateaqui.net/img/btnEnviar.jpg
Requested by: Host: resgateaqui.net
URL: https://resgateaqui.net/css/mobile.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:6093 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9b5c8aaf06e5425599e5f71022a4b93705d0f469c60011b2ec7fefcf06a656e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resgateaqui.net/css/mobile.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 01:16:05 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 26 Apr 2021 17:14:40 GMT
server: cloudflare
etag: "e017-5c0e347ebf545"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TS9d4fhSq1GXztWZs8aSY6Ln8Q86lH6ZBAJDtuhNzP%2FvNdAxH03WiDHhQyaeklL5DaivSSgdImYERNhSPs%2F4u9FQ9C2w0jCEdjaYAb05q0N0Q8uNDBKYeY6uI%2FotVsGbYPZ%2FZYdNMN%2Fy0B%2BfBc8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 71f122f1fe6b8fe3-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 57367

GET
H3 404 bootstrap.min.css
resgateaqui.net/bootstrap/css/ Frame EDB5 0
0 288ms
288ms Stylesheet
text/html 2606:4700:3036::6815:6093
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resgateaqui.net/bootstrap/css/bootstrap.min.css
Requested by: Host: resgateaqui.net
URL: https://resgateaqui.net/iframes/index.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:6093 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://resgateaqui.net/iframes/index.php
Origin: https://resgateaqui.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 01:16:05 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fDLFNucdoylQ8trIAb4jbdnV8OowgcBMn6qMsi4oAP5ul5joQKJZJHDtlS7fsxottNldbUi9QNN1NACqdkvzZ0y%2Bs%2B5SqtIi84CmKf7v2fCN%2FmfTgL1bHP0PVljIHEaPSwNaIcXq866uS%2BZoFM0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 71f122f41fc78fe3-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 bootstrap-theme.min.css
resgateaqui.net/bootstrap/css/ Frame EDB5 0
0 295ms
295ms Stylesheet
text/html 2606:4700:3036::6815:6093
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resgateaqui.net/bootstrap/css/bootstrap-theme.min.css
Requested by: Host: resgateaqui.net
URL: https://resgateaqui.net/iframes/index.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:6093 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://resgateaqui.net/iframes/index.php
Origin: https://resgateaqui.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 01:16:05 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6z3FsnXpTfMapCXyZA6rw8%2Fmazd3M520r5w%2F5OyBbpcetfztY71leVUFL4aDa5nj14lPttYsEUx%2BpmwTZ5qYLljpZvmkal1txMpyElcLrkWPbn3VTKLsnGMJe2YmLBANEJjjyJ%2BTX6GHtI5XDbc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 71f122f41fc88fe3-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 bootstrap.min.js
resgateaqui.net/bootstrap/js/ Frame EDB5 0
0 303ms
303ms Script
text/html 2606:4700:3036::6815:6093
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resgateaqui.net/bootstrap/js/bootstrap.min.js
Requested by: Host: resgateaqui.net
URL: https://resgateaqui.net/iframes/index.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:6093 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://resgateaqui.net/iframes/index.php
Origin: https://resgateaqui.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 01:16:05 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p9SSDHikQ04ph4Mb3kHK73y5rOmQwOjlCyC1obPf0lJCYCxrFPbqkcgjzXX63eGess25wZXNec7Qkxhly0ilbrgxq0tVW8HHVqIryUzqdQqjay1BiTZ8T59YkaV5cpygqhhNfStv3u9fcND4nTk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 71f122f41fca8fe3-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banco Bradesco (Banking)

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			resgateaqui.net/	1969-12-31 23:59:59	Name: PHPSESSID Value: kodpo306jjfa1oumkd1soilve1

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://resgateaqui.net/bootstrap/css/bootstrap.min.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://resgateaqui.net/bootstrap/css/bootstrap-theme.min.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://resgateaqui.net/bootstrap/js/bootstrap.min.js Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
resgateaqui.net
2606:4700:3036::6815:6093
2a00:1450:4001:829::200a
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
181d327623ab9c71f407ccad13910f9b39c0895950f6997619a6ea2be4750500
1ef915b307b4e7d5d5b26fff9b2264bb4f64628a326ad7fc33ffcfb6e3855577
27d8a772131eadb8e1d92c6347da074ce571d6da3a7294988a4c9d4522384e66
41d1f271960fdb67c362141f5e4046d01da5ab1ece758f3b8d72a296397918ad
80087dd526449531d3e558f80e141c1fa683beffec2ab87bc5285b4907053334
86cd1db5064c5b368454c8faf7c8ddf2f63450d6757c5f9f85aa8bc1af856619
9042e127a2381abd8cf27ce1d0eb4422073f6c14c83b18b72eba2afd5c479316
a9b5c8aaf06e5425599e5f71022a4b93705d0f469c60011b2ec7fefcf06a656e
b0ec17cb1cfc64850eefa1486739b402ce266968121d20c25b5049aa8192f308
cc788d3fcbf31d5ccf53d50b147658f6e7b16b67c4d69490b745c0e31913e375
d56aa7eac91cbca507270424934d6df39592f6705ec5d2ca984ffc76cae4f988
e42bacf23fa281ab8254f137a05d99e47215bb979b837b9272e18e966806b718

resgateaqui.net Open in urlscan Pro 2606:4700:3036::6815:6093 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

21 Requests

100 %HTTPS

100 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

341 kBTransfer

805 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

31 JavaScript Global Variables

1 Cookies

3 Console Messages

Indicators

resgateaqui.net Open in urlscan Pro
2606:4700:3036::6815:6093 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

341 kB
Transfer

805 kB
Size

1
Cookies

21 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!