itaufeitoparavoce.xyz Open in urlscan Pro
2606:4700:3036::6815:4405 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://itaufeitoparavoce.xyz/
Effective URL:
https://itaufeitoparavoce.xyz/acessar-fatura.php?uid=202f62367fb6497c686bc0ecb9d0956a&the=theking
Submission: On March 25 via automatic, source certstream-suspicious (March 25th 2023, 6:07:55 am UTC) — Scanned from DE

Summary HTTP 23 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 23 HTTP transactions. The main IP is 2606:4700:3036::6815:4405, located in United States and belongs to CLOUDFLARENET, US. The main domain is itaufeitoparavoce.xyz.
TLS certificate: Issued by GTS CA 1P5 on March 25th 2023. Valid for: 3 months.

This is the only time itaufeitoparavoce.xyz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Banco Itau (Banking)

Domain & IP information

	IP Address		AS Autonomous System
1 24	2606:4700:303... 2606:4700:3036::6815:4405		13335 (CLOUDFLAR...) (CLOUDFLARENET)
23	1

24 2606:4700:3036::6815:4405 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

itaufeitoparavoce.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	itaufeitoparavoce.xyz 1 redirects itaufeitoparavoce.xyz	267 KB
23	1

	Domain	Requested by
24	itaufeitoparavoce.xyz	1 redirects itaufeitoparavoce.xyz
23	1

This site contains no links.

Subject Issuer	Validity	Valid
*.itaufeitoparavoce.xyz GTS CA 1P5	`2023-03-25` - `2023-06-23`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://itaufeitoparavoce.xyz/acessar-fatura.php?uid=202f62367fb6497c686bc0ecb9d0956a&the=theking
Frame ID: CF4143C744DE909EAD294CFA900504B3
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Fatura - 1679724466

Page URL History Show full URLs

https://itaufeitoparavoce.xyz/ HTTP 302
https://itaufeitoparavoce.xyz/acessar-fatura.php?uid=202f62367fb6497c686bc0ecb9d0956a&the=theking Page URL

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

<div class="[^"]*aem-Grid

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

23
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

266 kB
Transfer

2187 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://itaufeitoparavoce.xyz/ HTTP 302
https://itaufeitoparavoce.xyz/acessar-fatura.php?uid=202f62367fb6497c686bc0ecb9d0956a&the=theking Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request acessar-fatura.php Show response itaufeitoparavoce.xyz/ Redirect Chain https://itaufeitoparavoce.xyz/ https://itaufeitoparavoce.xyz/acessar-fatura.php?uid=202f62367fb6497c686bc0ecb9d0956a&the=theking	14 KB 2 KB	241ms 240ms	Document text/html	2606:4700:3036::6815:4405 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://itaufeitoparavoce.xyz/acessar-fatura.php?uid=202f62367fb6497c686bc0ecb9d0956a&the=theking Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6815:4405 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/8.0.25 Resource Hash `9ba11b2f3444e3bb9a58410ef009ef10236790548d110c5fcc9ba1807e4fbdd5` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 7ad4f9bc3a28926d-FRA content-encoding br content-type text/html; charset=UTF-8 date Sat, 25 Mar 2023 06:07:46 GMT expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aHIE7FcLIYZH9gOPe6t7I7z8gJRiGh52wpjkcKOF%2BmsGlGKLSqH1DML6ztH%2BALpVNh%2BWUtGIYGGhb16K9MOHG4mgNiYhRcWuqwE8%2FRgqnm1kt7GAAais4JpZruB%2BaDsxSwfzma1RNFN7dxDyLm6AkvqVLlQ%3D"}],"group":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/8.0.25 Redirect headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 7ad4f9baa91b926d-FRA content-type text/html; charset=UTF-8 date Sat, 25 Mar 2023 06:07:46 GMT expires Thu, 19 Nov 1981 08:52:00 GMT location acessar-fatura.php?uid=202f62367fb6497c686bc0ecb9d0956a&the=theking nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7aNeUKfGgA9VEBJGKWZAL0%2FUK85BFgHA7zMCCDodL%2BYVB52vuImUiNFwJe%2B8kMfbkrugzDb%2B9fw8A5Pz6ZV%2FhcyXihX9kBlLIZYSv%2B0%2Fym%2FM5cG91lMeqIk2pXw3x%2F8V6GGkZsQgrHnt8r5ZkV7L6kBSCDQ%3D"}],"group":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/8.0.25
GET H3	200	002.css itaufeitoparavoce.xyz/public/	595 KB 71 KB	1971ms 1966ms	Stylesheet text/css	2606:4700:3036::6815:4405 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://itaufeitoparavoce.xyz/public/002.css?th3king=1679724466 Requested by Host: itaufeitoparavoce.xyz URL: https://itaufeitoparavoce.xyz/acessar-fatura.php?uid=202f62367fb6497c686bc0ecb9d0956a&the=theking Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:4405 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `06d28cd86c35bcacf9ade088b665c4f88cb63b23c65066f1c9894923fad1c314` Request headers accept-language de-DE,de;q=0.9 Referer https://itaufeitoparavoce.xyz/acessar-fatura.php?uid=202f62367fb6497c686bc0ecb9d0956a&the=theking User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Sat, 25 Mar 2023 06:07:48 GMT content-encoding br cf-cache-status MISS last-modified Tue, 28 Jun 2022 16:45:13 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"94d65-5e284c2b7c042" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cDRCxygYH4HTAPOsMiDIqfCcBSpb7QMU9EvqYBw5VBAg5OGn68ulUrbhGmkweHrcU12B8yn9WypFwYvaTOlwbEOdBMOf%2FD%2B20od6rexUtW33DUfDepNWHZSYqJiADzCq3SfluH41sLauprIlerUSAP9x9HU%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7ad4f9bdd9562c33-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	base.css itaufeitoparavoce.xyz/public/	1 MB 147 KB	2158ms 2154ms	Stylesheet text/css	2606:4700:3036::6815:4405 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://itaufeitoparavoce.xyz/public/base.css?th3king=1679724466 Requested by Host: itaufeitoparavoce.xyz URL: https://itaufeitoparavoce.xyz/acessar-fatura.php?uid=202f62367fb6497c686bc0ecb9d0956a&the=theking Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:4405 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `770f488c40fa6563c061ae1bab811a3be5044f7a3245acdf8e0df56fcc0f902d` Request headers accept-language de-DE,de;q=0.9 Referer https://itaufeitoparavoce.xyz/acessar-fatura.php?uid=202f62367fb6497c686bc0ecb9d0956a&the=theking User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Sat, 25 Mar 2023 06:07:48 GMT content-encoding br cf-cache-status MISS last-modified Mon, 16 Jan 2023 18:18:06 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"16dbf9-5f2659ac9cd8e" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PGn%2Fv%2B%2FZ5CMkxDggJPCblXvmnG9mqnwB8ehBiCKBNYmKkzRMBNIV0WwYgNV0sPMMsK2K47e8N1hbbKJmU46icMX5vgDkcady0llC54CYOH5hR5NLk4N9rMfK9KGJUAo3GUvWmWE5VUKVhb0bUl7BfcT8dkY%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7ad4f9bdd9572c33-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	004.css itaufeitoparavoce.xyz/public/	10 KB 2 KB	443ms 439ms	Stylesheet text/css	2606:4700:3036::6815:4405 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://itaufeitoparavoce.xyz/public/004.css?th3king=1679724466 Requested by Host: itaufeitoparavoce.xyz URL: https://itaufeitoparavoce.xyz/acessar-fatura.php?uid=202f62367fb6497c686bc0ecb9d0956a&the=theking Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:4405 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `1b20a2940b193dd20905ccd41c252ceb66e02827f5221c00d8537fcb9a0a5e29` Request headers accept-language de-DE,de;q=0.9 Referer https://itaufeitoparavoce.xyz/acessar-fatura.php?uid=202f62367fb6497c686bc0ecb9d0956a&the=theking User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Sat, 25 Mar 2023 06:07:47 GMT content-encoding br cf-cache-status MISS last-modified Tue, 28 Jun 2022 16:45:13 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"29b0-5e284c2b6b69f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jziInHIW7Ao0v%2FzGIE45%2BiILPR1e2CaIgIt0qSQY49E5ovb%2BdH3PUgaoiMfBzrjIJjFbHkm5lHjtmy5nDzyxSxOm9NyKhC9A2JlZFr1whcoOoy6Lc8xPT9BqbElf2qksZGX%2BoflIuVI%2B7P4zRoOx0VhzZRA%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7ad4f9bdd9582c33-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	006.css itaufeitoparavoce.xyz/public/	2 KB 912 B	443ms 440ms	Stylesheet text/css	2606:4700:3036::6815:4405 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://itaufeitoparavoce.xyz/public/006.css?th3king=1679724466 Requested by Host: itaufeitoparavoce.xyz URL: https://itaufeitoparavoce.xyz/acessar-fatura.php?uid=202f62367fb6497c686bc0ecb9d0956a&the=theking Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:4405 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `cb5b54cbc3bce8733c8de870ca3cfe17e4c8551d68f43c96955d08c7f8704044` Request headers accept-language de-DE,de;q=0.9 Referer https://itaufeitoparavoce.xyz/acessar-fatura.php?uid=202f62367fb6497c686bc0ecb9d0956a&the=theking User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Sat, 25 Mar 2023 06:07:47 GMT content-encoding br cf-cache-status MISS last-modified Tue, 28 Jun 2022 16:45:13 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6f0-5e284c2b81a1c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j2Z9ro8ys27WONDWi9kZQdumo56GsBcvY3DoULPSOY5N4Z3Sk%2F8%2BhZd8BmU3pJE%2BqzW%2BefWeRVcO%2FjCod2OCpodKhqXPyNSA6q%2BgPSwfDpY51meCpdVj872w58KlHxQ1Kfey0tJC1ltM19jzAVmWx%2F3tFT0%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7ad4f9bdd9592c33-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	script.js Show response itaufeitoparavoce.xyz/js/	5 KB 2 KB	444ms 440ms	Script application/javascript	2606:4700:3036::6815:4405 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://itaufeitoparavoce.xyz/js/script.js?th3king=1679724466 Requested by Host: itaufeitoparavoce.xyz URL: https://itaufeitoparavoce.xyz/acessar-fatura.php?uid=202f62367fb6497c686bc0ecb9d0956a&the=theking Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:4405 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c57aea75ab5a2f4f6fb2171c82ce90627e923c42b7eb6c9b17ef927b47debc84` Request headers accept-language de-DE,de;q=0.9 Referer https://itaufeitoparavoce.xyz/acessar-fatura.php?uid=202f62367fb6497c686bc0ecb9d0956a&the=theking User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Sat, 25 Mar 2023 06:07:47 GMT content-encoding br cf-cache-status MISS last-modified Mon, 16 Jan 2023 19:49:13 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"14c8-5f266e0abe66d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vE%2FSOAdeJoQFSnsKlr%2Bu%2BdLzWSRW9c1zBiVOmTDKL88eYysfYKoqnNEiUswRBRX%2FBkjfk8rb2NXRfMZs8IYXWY8kGzmvcrEBfiiNrv7D%2BMwMvvOiI7X7eDiq9Jn0yVe90b4Ojy2sl1bMcy71gWrO%2Fw39L3A%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 7ad4f9bdd95a2c33-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	jquery.js Show response itaufeitoparavoce.xyz/js/	90 KB 33 KB	1016ms 1012ms	Script application/javascript	2606:4700:3036::6815:4405 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://itaufeitoparavoce.xyz/js/jquery.js?th3king=1679724466 Requested by Host: itaufeitoparavoce.xyz URL: https://itaufeitoparavoce.xyz/acessar-fatura.php?uid=202f62367fb6497c686bc0ecb9d0956a&the=theking Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:4405 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `43895fc00c1c429171b35473145ec6a95d7a6df2ee479552e85a823c83a765fd` Request headers accept-language de-DE,de;q=0.9 Referer https://itaufeitoparavoce.xyz/acessar-fatura.php?uid=202f62367fb6497c686bc0ecb9d0956a&the=theking User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Sat, 25 Mar 2023 06:07:47 GMT content-encoding br cf-cache-status MISS last-modified Sat, 06 Nov 2021 20:05:18 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"1671e-5d0244761c6bd" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F4Bb2WWAUMcDzY1eYQodYT%2BGWujEg1YbvnN0mBypu%2BtH2yVPB2y0lE6%2BLG42mG25rADfTbbhXPBwKyqU8G4ZQeRwgqUB1uJM0GdY3RVOgHSBF1%2FL6LqaFGqX7CXr2gsjDXcwT2n3XPV%2BSLe4P1DJcnET2cI%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 7ad4f9bdd95b2c33-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	logo.png itaufeitoparavoce.xyz/public/	8 KB 8 KB	433ms 432ms	Image image/png	2606:4700:3036::6815:4405 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://itaufeitoparavoce.xyz/public/logo.png Requested by Host: itaufeitoparavoce.xyz URL: https://itaufeitoparavoce.xyz/acessar-fatura.php?uid=202f62367fb6497c686bc0ecb9d0956a&the=theking Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:4405 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `16c544705bf08c8e273a2234452a6b478d37091bd1610d3daf88c669524724eb` Request headers accept-language de-DE,de;q=0.9 Referer https://itaufeitoparavoce.xyz/acessar-fatura.php?uid=202f62367fb6497c686bc0ecb9d0956a&the=theking User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Sat, 25 Mar 2023 06:07:49 GMT cf-cache-status MISS last-modified Sat, 17 Sep 2022 18:13:44 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "1eea-5e8e3705ff7ae" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Oc%2BmheD4rcCbOeQLwiRbizsltNTx0kIDBcbZs0a%2FYUQgYguyaWd5PMV51tNQZmhD5wvDGxa395Dr9%2FSEK%2F1AOOAzag9mrKakhledIRcmy184%2FefPvOgYdiwPg5rkEvCrcQXDw1GXOY0goNvPQXlPn8c1L8%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 7ad4f9ca9ed32c33-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 7914
GET H3	404	itaudisplay_rg-webfont.woff2 itaufeitoparavoce.xyz/public/clientlib-base/resources/fonts/ItauDisplay/	0 0	432ms 432ms	Font text/html	2606:4700:3036::6815:4405 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://itaufeitoparavoce.xyz/public/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_rg-webfont.woff2 Requested by Host: itaufeitoparavoce.xyz URL: https://itaufeitoparavoce.xyz/public/002.css?th3king=1679724466 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:4405 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://itaufeitoparavoce.xyz/public/002.css?th3king=1679724466 Origin https://itaufeitoparavoce.xyz accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Sat, 25 Mar 2023 06:07:50 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7D2as9FbTN%2FkL3K1SBDD3r086ujdpepDUh5UETCZo0CldvtaTFhe3dkn9Qz19PNBTsbHtwkOaMOsYNZQ%2ByLLkTl7m5XTMy%2F759S4RQAsEEtgkrmC5cnfhzjRlTI4IUrJ%2FIyH2UiyZo5u7Z1DF3CWhVvGU4o%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 7ad4f9cf7b9a2c33-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	404	itaudisplay_xbd-webfont.woff2 itaufeitoparavoce.xyz/public/clientlib-base/resources/fonts/ItauDisplay/	0 0	240ms 239ms	Font text/html	2606:4700:3036::6815:4405 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://itaufeitoparavoce.xyz/public/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_xbd-webfont.woff2 Requested by Host: itaufeitoparavoce.xyz URL: https://itaufeitoparavoce.xyz/public/002.css?th3king=1679724466 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:4405 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://itaufeitoparavoce.xyz/public/002.css?th3king=1679724466 Origin https://itaufeitoparavoce.xyz accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Sat, 25 Mar 2023 06:07:49 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YpBbIxCva25HMlkvz8NUXvOuD4E4rvtmCN6eU9Jn27XDlVaAYaFBHQv1R1HAxE4gthDKHpsSFnPG2y%2F8NYK8ut4efLh0vopqzGhxgVviqIysp5zLC49IBW%2BnZtXF5IXGUqvyP9W7v6ok7jc5Gi92kOl4RSU%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 7ad4f9cfbbe92c33-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	404	itaudisplay_lt-webfont.woff2 itaufeitoparavoce.xyz/public/clientlib-base/resources/fonts/ItauDisplay/	0 0	431ms 430ms	Font text/html	2606:4700:3036::6815:4405 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://itaufeitoparavoce.xyz/public/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_lt-webfont.woff2 Requested by Host: itaufeitoparavoce.xyz URL: https://itaufeitoparavoce.xyz/public/002.css?th3king=1679724466 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:4405 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://itaufeitoparavoce.xyz/public/002.css?th3king=1679724466 Origin https://itaufeitoparavoce.xyz accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Sat, 25 Mar 2023 06:07:50 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xyQ64iEh0Ve6OAr5aXZMsKgiRme3dGnuwk7F92u2yfcVelnQvFD6KN7c4%2BYw0yupKcyp3QjNbQDjdkY4vqcWlrIms2XXMiM2TTwlUkdXxn8gXmfxvEZqGrzJRdvkvsC7hcdyVjjnwvQ2CeudnfHCs31QrEo%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 7ad4f9cfbbec2c33-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	404	ItauText_Rg.woff2 itaufeitoparavoce.xyz/public/clientlib-base/resources/fonts/ItauText/	0 0	439ms 438ms	Font text/html	2606:4700:3036::6815:4405 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://itaufeitoparavoce.xyz/public/clientlib-base/resources/fonts/ItauText/ItauText_Rg.woff2 Requested by Host: itaufeitoparavoce.xyz URL: https://itaufeitoparavoce.xyz/public/002.css?th3king=1679724466 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:4405 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://itaufeitoparavoce.xyz/public/002.css?th3king=1679724466 Origin https://itaufeitoparavoce.xyz accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Sat, 25 Mar 2023 06:07:50 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xAFTZhuB93%2F%2BZyw7xf7ooXxbc2DUmBhzpGE8fOb%2F9lW3a3jGn4PfFnQ%2B7jfhE8c%2B5OOyKdtmUCUgsqDy9leymLcY6%2BYxgXN45aHxb8gJViMTHGD%2BnQkkc5wvpU5s%2By9pVTYYQpQkZ080iYJp8Hvz%2BfBV6C0%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 7ad4f9cfbbee2c33-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	404	itaudisplay_bd-webfont.woff2 itaufeitoparavoce.xyz/public/clientlib-base/resources/fonts/ItauDisplay/	0 0	431ms 431ms	Font text/html	2606:4700:3036::6815:4405 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://itaufeitoparavoce.xyz/public/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_bd-webfont.woff2 Requested by Host: itaufeitoparavoce.xyz URL: https://itaufeitoparavoce.xyz/public/002.css?th3king=1679724466 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:4405 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://itaufeitoparavoce.xyz/public/002.css?th3king=1679724466 Origin https://itaufeitoparavoce.xyz accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Sat, 25 Mar 2023 06:07:50 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wTV3KiHgtqEohuK6Omyu%2BKgaF4Y82tg9affNH%2BIJDAfkP5AsmtbLG65wPMcJH3A%2FFF3m1ZwNnXp0l0OZaBmFBTI8%2F2zdPpsG%2BtHAOJz8WpH9mVN6xghvkBaudcYQC7MV18rZYW%2FTmdXQ13iNKB4JpA%2BOFCo%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 7ad4f9cfbbef2c33-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	404	itaudisplay_xbd-webfont.woff itaufeitoparavoce.xyz/public/clientlib-base/resources/fonts/ItauDisplay/	0 0	434ms 434ms	Font text/html	2606:4700:3036::6815:4405 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://itaufeitoparavoce.xyz/public/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_xbd-webfont.woff Requested by Host: itaufeitoparavoce.xyz URL: https://itaufeitoparavoce.xyz/public/002.css?th3king=1679724466 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:4405 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://itaufeitoparavoce.xyz/public/002.css?th3king=1679724466 Origin https://itaufeitoparavoce.xyz accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Sat, 25 Mar 2023 06:07:50 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EIftxKSzlOWDEkYMNUsFS2h%2FeqKSe1XGI2Vum9As4pm1EMwCnfl2zu%2BW7HiSleWFPwRitrQtbfHL65%2FXSVxvWMiPHH0TglzWKWiy3HrW1%2Fl1u4csyoHczpaUfzDV7fwZf5ONwAy%2FSRXuzuBIbvcERlWkCFA%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 7ad4f9d13d632c33-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	404	itaudisplay_rg-webfont.woff itaufeitoparavoce.xyz/public/clientlib-base/resources/fonts/ItauDisplay/	0 0	430ms 430ms	Font text/html	2606:4700:3036::6815:4405 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://itaufeitoparavoce.xyz/public/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_rg-webfont.woff Requested by Host: itaufeitoparavoce.xyz URL: https://itaufeitoparavoce.xyz/public/002.css?th3king=1679724466 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:4405 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://itaufeitoparavoce.xyz/public/002.css?th3king=1679724466 Origin https://itaufeitoparavoce.xyz accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Sat, 25 Mar 2023 06:07:50 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sEWCbI9LMmL7Ow31FdEPn3lCd3GtC%2Blm0zVXkY45DAz1bj90e0fv%2Fcf%2Fjc4wwt%2FX1b08RTdrQft0i02auHvL17JpSEjmFOLqclkw9hdg3650QyYDEanI3Iej1Z8IjIjsqjkG1G2a34%2Be0tV9WSwHw074q0o%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 7ad4f9d22e522c33-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	404	itaudisplay_lt-webfont.woff itaufeitoparavoce.xyz/public/clientlib-base/resources/fonts/ItauDisplay/	0 0	431ms 431ms	Font text/html	2606:4700:3036::6815:4405 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://itaufeitoparavoce.xyz/public/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_lt-webfont.woff Requested by Host: itaufeitoparavoce.xyz URL: https://itaufeitoparavoce.xyz/public/002.css?th3king=1679724466 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:4405 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://itaufeitoparavoce.xyz/public/002.css?th3king=1679724466 Origin https://itaufeitoparavoce.xyz accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Sat, 25 Mar 2023 06:07:50 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zdVxnR%2F1n5k5ELyrxPQtcE1%2FMEIxKn%2BUaCcJLsW2r4l0tUUzZ57WetxJRqAIFFUGoClsuuLxYMhEtSVkwlgVOUcBeknTuR94HRxb9KFcy3drx83ecsiUgX%2BZeYi7iqigTPIAn7lSQg%2Fg%2BLpCth4iqAccXvI%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 7ad4f9d26e8e2c33-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	404	itaudisplay_bd-webfont.woff itaufeitoparavoce.xyz/public/clientlib-base/resources/fonts/ItauDisplay/	0 0	432ms 432ms	Font text/html	2606:4700:3036::6815:4405 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://itaufeitoparavoce.xyz/public/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_bd-webfont.woff Requested by Host: itaufeitoparavoce.xyz URL: https://itaufeitoparavoce.xyz/public/002.css?th3king=1679724466 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:4405 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://itaufeitoparavoce.xyz/public/002.css?th3king=1679724466 Origin https://itaufeitoparavoce.xyz accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Sat, 25 Mar 2023 06:07:50 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M5i64Ro%2F66APaVu%2BrZfWdwWATeNMM2poIeC7Gd3M3S%2FHF%2FPI3ZS9VMO5pa6qVcg2z0UOZdKGNYTBfxOyXnIecVubDlSyJLcVEy%2B%2F%2FzXnXePI1v04quiXdxVYPka4ZnWz%2FemTLQpAahUK2zeJA9J3SXhO6tw%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 7ad4f9d26e902c33-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	404	ItauText_Rg.woff itaufeitoparavoce.xyz/public/clientlib-base/resources/fonts/ItauText/	0 0	431ms 430ms	Font text/html	2606:4700:3036::6815:4405 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://itaufeitoparavoce.xyz/public/clientlib-base/resources/fonts/ItauText/ItauText_Rg.woff Requested by Host: itaufeitoparavoce.xyz URL: https://itaufeitoparavoce.xyz/public/002.css?th3king=1679724466 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:4405 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://itaufeitoparavoce.xyz/public/002.css?th3king=1679724466 Origin https://itaufeitoparavoce.xyz accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Sat, 25 Mar 2023 06:07:50 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uKQT1kKDE6QtezqWivXKuzEx94TtHLFnNd47AX%2FENvk3PwO%2BUsFgV9HNIgl5Asva7AqibwiM6MYIcbpgmvx9b7cnnNK5gazCS6yl25vqoP9fRqrpBxGe4hU8VYFXOI%2FNM1favsHvBY7LvkNKm0%2FZgc3sye4%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 7ad4f9d27e9b2c33-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	404	itaudisplay_xbd-webfont.ttf itaufeitoparavoce.xyz/public/clientlib-base/resources/fonts/ItauDisplay/	0 0	436ms 436ms	Font text/html	2606:4700:3036::6815:4405 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://itaufeitoparavoce.xyz/public/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_xbd-webfont.ttf Requested by Host: itaufeitoparavoce.xyz URL: https://itaufeitoparavoce.xyz/public/002.css?th3king=1679724466 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:4405 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://itaufeitoparavoce.xyz/public/002.css?th3king=1679724466 Origin https://itaufeitoparavoce.xyz accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Sat, 25 Mar 2023 06:07:50 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZBFGvb4mgdDSAfn2l9T3mj48CsmzEuJuBvCvkZnURKoTyzAddGtVX7Y85wC6IWTAqbIoUe4JZeWZN4OMWOPihVL3%2BSqXi46eVV1Dod6pXeEAlMfq06pbKDVN6FOT0xzNcGN57A1QYLhIZH5ItaN%2Bo3jwNL8%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 7ad4f9d3e8002c33-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	404	itaudisplay_rg-webfont.ttf itaufeitoparavoce.xyz/public/clientlib-base/resources/fonts/ItauDisplay/	0 0	432ms 431ms	Font text/html	2606:4700:3036::6815:4405 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://itaufeitoparavoce.xyz/public/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_rg-webfont.ttf Requested by Host: itaufeitoparavoce.xyz URL: https://itaufeitoparavoce.xyz/public/002.css?th3king=1679724466 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:4405 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://itaufeitoparavoce.xyz/public/002.css?th3king=1679724466 Origin https://itaufeitoparavoce.xyz accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Sat, 25 Mar 2023 06:07:50 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8e8X2eFX3dVyHgtDLz%2BAWdce7PFPmLgJb%2F4O3ovAjHURnvWUHJkraI1T7cwYENOGgOjaXzJ2JfhHHnZlCmmJtqmZDE%2BylCjCWNw8i4Jm%2F2Mh3AMEHK71TWWOewSiyYlvN0gI55xUiSzR4wGHOyx3yG2icyY%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 7ad4f9d4d8e72c33-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	404	itaudisplay_lt-webfont.ttf itaufeitoparavoce.xyz/public/clientlib-base/resources/fonts/ItauDisplay/	0 0	244ms 243ms	Font text/html	2606:4700:3036::6815:4405 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://itaufeitoparavoce.xyz/public/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_lt-webfont.ttf Requested by Host: itaufeitoparavoce.xyz URL: https://itaufeitoparavoce.xyz/public/002.css?th3king=1679724466 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:4405 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://itaufeitoparavoce.xyz/public/002.css?th3king=1679724466 Origin https://itaufeitoparavoce.xyz accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Sat, 25 Mar 2023 06:07:50 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OVOJyRVRQkPgfBoYpyJdjVNtFVGT9FxhwiAKrT9PRiDZ5XsWC9PDZfq9h4GdiDmQ%2BntcGktMgRsXIR8F%2FEXaF76OGuoGN8T8dTHUtAmmW8VuF4oNoLR3VZfk2OpYZyMHSNNKlUILDJnFMMyLJITPn2FR9FI%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 7ad4f9d519202c33-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	404	itaudisplay_bd-webfont.ttf itaufeitoparavoce.xyz/public/clientlib-base/resources/fonts/ItauDisplay/	0 0	430ms 430ms	Font text/html	2606:4700:3036::6815:4405 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://itaufeitoparavoce.xyz/public/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_bd-webfont.ttf Requested by Host: itaufeitoparavoce.xyz URL: https://itaufeitoparavoce.xyz/public/002.css?th3king=1679724466 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:4405 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://itaufeitoparavoce.xyz/public/002.css?th3king=1679724466 Origin https://itaufeitoparavoce.xyz accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Sat, 25 Mar 2023 06:07:50 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FhV2M%2Fzw%2BrlLqed0GEGcz%2FaTE3LgLNeqr44iN3uZFL3rW9fxQCYntV%2BuTpNXWxL5T5OQyxHNawZmlU4Zy59L%2BFF0BLODFNHF12%2FeSDjiNtmb1YZtCIKMGpyUHmxOFsnSaB7PSqUsAnyuAvEzh%2BTfYC2fRXw%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 7ad4f9d519212c33-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	404	ItauText_Rg.ttf itaufeitoparavoce.xyz/public/clientlib-base/resources/fonts/ItauText/	0 0	242ms 242ms	Font text/html	2606:4700:3036::6815:4405 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://itaufeitoparavoce.xyz/public/clientlib-base/resources/fonts/ItauText/ItauText_Rg.ttf Requested by Host: itaufeitoparavoce.xyz URL: https://itaufeitoparavoce.xyz/public/002.css?th3king=1679724466 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:4405 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://itaufeitoparavoce.xyz/public/002.css?th3king=1679724466 Origin https://itaufeitoparavoce.xyz accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Sat, 25 Mar 2023 06:07:50 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6FVBGsWJk6EEDtHZANCbJEUmHzAEWvUKIY77K1mzPe62e3hLWJJVYKn7UL7B85SpIsxaY6RlviZPOTymqvkedPWfN1tW6v2wiYf4DIVr2DgC90YgVS6kzhu4NvX58ra7EaeSaJVbsQHLL4mhO%2FQJRsuFAzI%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 7ad4f9d5292b2c33-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banco Itau (Banking)

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			itaufeitoparavoce.xyz/	1969-12-31 23:59:59	Name: PHPSESSID Value: 3fssslg91ka3jo27f770lk4e3d

15 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://itaufeitoparavoce.xyz/public/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_xbd-webfont.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://itaufeitoparavoce.xyz/public/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_rg-webfont.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://itaufeitoparavoce.xyz/public/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_lt-webfont.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://itaufeitoparavoce.xyz/public/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_bd-webfont.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://itaufeitoparavoce.xyz/public/clientlib-base/resources/fonts/ItauText/ItauText_Rg.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://itaufeitoparavoce.xyz/public/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_xbd-webfont.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://itaufeitoparavoce.xyz/public/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_rg-webfont.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://itaufeitoparavoce.xyz/public/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_lt-webfont.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://itaufeitoparavoce.xyz/public/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_bd-webfont.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://itaufeitoparavoce.xyz/public/clientlib-base/resources/fonts/ItauText/ItauText_Rg.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://itaufeitoparavoce.xyz/public/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_lt-webfont.ttf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://itaufeitoparavoce.xyz/public/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_xbd-webfont.ttf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://itaufeitoparavoce.xyz/public/clientlib-base/resources/fonts/ItauText/ItauText_Rg.ttf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://itaufeitoparavoce.xyz/public/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_rg-webfont.ttf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://itaufeitoparavoce.xyz/public/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_bd-webfont.ttf Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

itaufeitoparavoce.xyz
2606:4700:3036::6815:4405
06d28cd86c35bcacf9ade088b665c4f88cb63b23c65066f1c9894923fad1c314
16c544705bf08c8e273a2234452a6b478d37091bd1610d3daf88c669524724eb
1b20a2940b193dd20905ccd41c252ceb66e02827f5221c00d8537fcb9a0a5e29
43895fc00c1c429171b35473145ec6a95d7a6df2ee479552e85a823c83a765fd
770f488c40fa6563c061ae1bab811a3be5044f7a3245acdf8e0df56fcc0f902d
9ba11b2f3444e3bb9a58410ef009ef10236790548d110c5fcc9ba1807e4fbdd5
c57aea75ab5a2f4f6fb2171c82ce90627e923c42b7eb6c9b17ef927b47debc84
cb5b54cbc3bce8733c8de870ca3cfe17e4c8551d68f43c96955d08c7f8704044

itaufeitoparavoce.xyz Open in urlscan Pro 2606:4700:3036::6815:4405 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

23 Requests

100 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

266 kBTransfer

2187 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

14 JavaScript Global Variables

1 Cookies

15 Console Messages

Indicators

itaufeitoparavoce.xyz Open in urlscan Pro
2606:4700:3036::6815:4405 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

266 kB
Transfer

2187 kB
Size

1
Cookies

23 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!