urlscan.io logo urlscan.io
SecurityTrails logo

folhadetreino.com.br Open in urlscan Pro
2606:4700:3035::ac43:a4f3  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://folhadetreino.com.br/license.html?colors=ysoqkioucyoqkioqkioumkbhkioqkiouy29t%5C
Effective URL: https://folhadetreino.com.br/license.html?colors=ysoqkioucyoqkioqkioumkbhkioqkiouy29t%5C
Submission: On October 25 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 6 domains to perform 11 HTTP transactions. The main IP is 2606:4700:3035::ac43:a4f3, located in United States and belongs to CLOUDFLARENET, US. The main domain is folhadetreino.com.br.
TLS certificate: Issued by WE1 on September 27th 2024. Valid for: 3 months.
This is the only time folhadetreino.com.br was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

IP Address AS Autonomous System
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 104.17.24.14 13335 (CLOUDFLAR...)
3 172.67.74.152 13335 (CLOUDFLAR...)
1 3.162.103.56 16509 (AMAZON-02)
1 2606:2800:11f... 15133 (EDGECAST)
2 2001:67c:4e8:... 62041 (TELEGRAM)
1 172.67.164.243 13335 (CLOUDFLAR...)
11 7
2    2606:4700:3035::ac43:a4f3 (United States)

ASN13335 (CLOUDFLARENET, US)
folhadetreino.com.br
1    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    172.67.74.152 (United States)

ASN13335 (CLOUDFLARENET, US)
api.ipify.org
1    3.162.103.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-103-56.iad61.r.cloudfront.net
openfpcdn.io
1    2606:2800:11f:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)
aadcdn.msftauth.net
2    2001:67c:4e8:f004::9 (Amsterdam, Netherlands)

ASN62041 (TELEGRAM, VG)
api.telegram.org
1    172.67.164.243 (United States)

ASN13335 (CLOUDFLARENET, US)
folhadetreino.com.br
Apex Domain
Subdomains		 Transfer
3 ipify.org
api.ipify.org — Cisco Umbrella Rank: 2041
334 B
3 folhadetreino.com.br
folhadetreino.com.br
165 KB
2 telegram.org
api.telegram.org — Cisco Umbrella Rank: 44185
343 B
1 msftauth.net
aadcdn.msftauth.net — Cisco Umbrella Rank: 866
2 KB
1 openfpcdn.io
openfpcdn.io — Cisco Umbrella Rank: 17603
5 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 220
7 KB
11 6
Domain Requested by
3 api.ipify.org folhadetreino.com.br
3 folhadetreino.com.br folhadetreino.com.br
2 api.telegram.org folhadetreino.com.br
1 aadcdn.msftauth.net folhadetreino.com.br
1 openfpcdn.io folhadetreino.com.br
1 cdnjs.cloudflare.com folhadetreino.com.br
11 6

This site contains no links.

Subject Issuer Validity Valid
folhadetreino.com.br
WE1		 2024-09-27 -
2024-12-26		 3 months crt.sh
cdnjs.cloudflare.com
WE1		 2024-09-28 -
2024-12-27		 3 months crt.sh
ipify.org
WE1		 2024-09-15 -
2024-12-14		 3 months crt.sh
openfpcdn.io
Amazon RSA 2048 M02		 2023-12-27 -
2025-01-25		 a year crt.sh
aadcdn.msftauth.net
DigiCert SHA2 Secure Server CA		 2024-05-25 -
2025-05-25		 a year crt.sh
api.telegram.org
Go Daddy Secure Certificate Authority - G2		 2024-03-24 -
2025-04-25		 a year crt.sh

This page contains 1 frames:

Primary Page: https://folhadetreino.com.br/license.html?colors=ysoqkioucyoqkioqkioumkbhkioqkiouy29t%5C
Frame ID: 75BAD9F35F8E0C4324CED839DB915D7B
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Confirm you're not a robot.

Page URL History Show full URLs

  1. http://folhadetreino.com.br/license.html?colors=ysoqkioucyoqkioqkioumkbhkioqkiouy29t%5C HTTP 307
    https://folhadetreino.com.br/license.html?colors=ysoqkioucyoqkioqkioumkbhkioqkiouy29t%5C Page URL

Page Statistics

11
Requests

100 %
HTTPS

43 %
IPv6

6
Domains

6
Subdomains

7
IPs

3
Countries

180 kB
Transfer

449 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://folhadetreino.com.br/license.html?colors=ysoqkioucyoqkioqkioumkbhkioqkiouy29t%5C HTTP 307
    https://folhadetreino.com.br/license.html?colors=ysoqkioucyoqkioqkioumkbhkioqkiouy29t%5C Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request license.html
folhadetreino.com.br/
Redirect Chain
  • http://folhadetreino.com.br/license.html?colors=ysoqkioucyoqkioqkioumkbhkioqkiouy29t%5C
  • https://folhadetreino.com.br/license.html?colors=ysoqkioucyoqkioqkioumkbhkioqkiouy29t%5C
7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://folhadetreino.com.br/license.html?colors=ysoqkioucyoqkioqkioumkbhkioqkiouy29t%5C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:a4f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
944a2482cb9af2df15da6b5a439517582767d9f6885265e8b6dde341990cb805

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=5356800
cf-cache-status
MISS
cf-ray
8d835b070982a2ee-YUL
content-encoding
br
content-type
text/html
date
Fri, 25 Oct 2024 15:49:16 GMT
last-modified
Fri, 13 Sep 2024 15:50:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M2EYvR4dum1LOMFlILlwd4%2FHZ2Is4z3OXP%2BW%2BTeEJKkKGxXLcb0YFMUVtJLNs0LChV%2BtOuNvSdl7CmHDQVEdwdueyFLyLwr%2BcklUQjTyzgdBZ6dBDhBwETUK9ZUSI5uHHPkud6dRJlwd0PV5KBQSrGH%2Fhg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=23733&sent=8&recv=13&lost=0&retrans=0&sent_bytes=4035&recv_bytes=2434&delivery_rate=205199&cwnd=254&unsent_bytes=0&cid=aa4f4c71720b6189&ts=424&x=0"
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed

Redirect headers

Location
https://folhadetreino.com.br/license.html?colors=ysoqkioucyoqkioqkioumkbhkioqkiouy29t%5C
Non-Authoritative-Reason
HttpsUpgrades
wp-trackback.js
folhadetreino.com.br/ 		408 KB
162 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://folhadetreino.com.br/wp-trackback.js
Requested by
Host: folhadetreino.com.br
URL: https://folhadetreino.com.br/license.html?colors=ysoqkioucyoqkioqkioumkbhkioqkiouy29t%5C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:a4f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc64f7d94e1d0749ce212bf9b5c77ad099f955b2ba653e7b98c357a151cc4c60

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://folhadetreino.com.br/license.html?colors=ysoqkioucyoqkioqkioumkbhkioqkiouy29t%5C

Response headers

content-encoding
br
cf-bgj
minify
cf-cache-status
HIT
age
71034
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zhOcIhiqFGZ3pDSSVhVAaV3FMEJoB1NhYM4QALSc84h%2FcGJ9qYURqEj0rUzHDqRel%2BeXgCold0Wc2wjQJScPp7bm0ZF9sspslkvvJAcg6dXgMAUJ0CtNn%2FRy9tB3%2FFIORcpKbQRi93QVAPRfgbvOmBdHTA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Oct 2024 20:05:22 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=23897&sent=12&recv=18&lost=0&retrans=0&sent_bytes=6529&recv_bytes=2593&delivery_rate=214468&cwnd=257&unsent_bytes=0&cid=aa4f4c71720b6189&ts=557&x=0"
date
Fri, 25 Oct 2024 15:49:16 GMT
content-type
application/javascript
last-modified
Sun, 13 Oct 2024 02:37:32 GMT
vary
Accept-Encoding
cache-control
public, max-age=5356800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d835b097ceba2ee-YUL
x-turbo-charged-by
LiteSpeed
server
cloudflare
ua-parser.min.js
cdnjs.cloudflare.com/ajax/libs/UAParser.js/0.7.31/ 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/UAParser.js/0.7.31/ua-parser.min.js
Requested by
Host: folhadetreino.com.br
URL: https://folhadetreino.com.br/license.html?colors=ysoqkioucyoqkioqkioumkbhkioqkiouy29t%5C
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02ea3dec8a4dd3072385528e010e2231083736143c4eb1c6741dc103ade99bf4
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://folhadetreino.com.br/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"6179331d-186c"
age
852134
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V9KvojmbO9x4%2BJw78v5Jbf8lfx%2FtEEDdGEOBMNigt%2FMkmokBcH5la501xTttIcEqHdiIZbFcAvQZNArHyjR8q6VBCzZ1DJfIxbIeX4p6XTGoGDbr1c8Y8e1I%2Fdl2adJ%2FsQFU1NZC"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Wed, 15 Oct 2025 15:49:16 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 25 Oct 2024 15:49:16 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 27 Oct 2021 11:08:13 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8d835b0b3be5a1f8-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
6252
server
cloudflare
/
api.ipify.org/ 		24 B
157 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/?format=json
Requested by
Host: folhadetreino.com.br
URL: https://folhadetreino.com.br/wp-trackback.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d42963d04775f09b1f7834b7fc62019aca171c718b81f5b895ccafa44b20fcda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://folhadetreino.com.br/

Response headers

cf-cache-status
DYNAMIC
cf-ray
8d835b104e79ab76-YYZ
access-control-allow-origin
*
content-length
24
date
Fri, 25 Oct 2024 15:49:17 GMT
content-type
application/json
vary
Origin
server
cloudflare
v1
openfpcdn.io/botd/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://openfpcdn.io/botd/v1
Requested by
Host: folhadetreino.com.br
URL: https://folhadetreino.com.br/license.html?colors=ysoqkioucyoqkioqkioumkbhkioqkiouy29t%5C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-56.iad61.r.cloudfront.net
Software
CloudFront /
Resource Hash
29cb26e06f2a4a877f1134a46480d9b78f8b6e0e6f9b0fe67e34307c312b5a89
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://folhadetreino.com.br
Referer
https://folhadetreino.com.br/

Response headers

content-encoding
gzip
etag
W/"5co2cnhGrt59+8B+iLKwJesMrpA"
age
5266
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
WoXWeSiwAnT79mGd3KGhlkUCy9H3xroQNSHyyF3dQJvX3Le0b44tCQ==
date
Fri, 25 Oct 2024 14:21:52 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
public, max-age=574831, s-maxage=10518
cross-origin-resource-policy
cross-origin
via
1.1 e32f3698b8d39139f138de8a86d00996.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
IAD61-P1
server
CloudFront
/
api.ipify.org/ 		24 B
77 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/?format=json
Requested by
Host: folhadetreino.com.br
URL: https://folhadetreino.com.br/wp-trackback.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d42963d04775f09b1f7834b7fc62019aca171c718b81f5b895ccafa44b20fcda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://folhadetreino.com.br/

Response headers

cf-cache-status
DYNAMIC
cf-ray
8d835b116f83ab76-YYZ
access-control-allow-origin
*
content-length
24
date
Fri, 25 Oct 2024 15:49:17 GMT
content-type
application/json
vary
Origin
server
cloudflare
microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
aadcdn.msftauth.net/shared/1.0/content/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
Requested by
Host: folhadetreino.com.br
URL: https://folhadetreino.com.br/license.html?colors=ysoqkioucyoqkioqkioumkbhkioqkiouy29t%5C
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyd/D104) /
Resource Hash
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://folhadetreino.com.br/

Response headers

content-md5
nzaLxFgP7ZB3dfMcaybWzw==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-lease-status
unlocked
etag
0x8D79A1B9F5E121A
age
18508021
x-ms-version
2009-09-19
x-cache
HIT
date
Fri, 25 Oct 2024 15:49:18 GMT
content-type
image/svg+xml
last-modified
Thu, 16 Jan 2020 00:32:52 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
x-ms-request-id
6a92840e-701e-00d0-12a1-7e6e40000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
1435
x-ms-blob-type
BlockBlob
server
ECAcc (nyd/D104)
/
api.ipify.org/ 		24 B
100 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/?format=json
Requested by
Host: folhadetreino.com.br
URL: https://folhadetreino.com.br/wp-trackback.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d42963d04775f09b1f7834b7fc62019aca171c718b81f5b895ccafa44b20fcda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://folhadetreino.com.br/

Response headers

cf-cache-status
DYNAMIC
cf-ray
8d835b1429a3ab76-YYZ
access-control-allow-origin
*
content-length
24
date
Fri, 25 Oct 2024 15:49:18 GMT
content-type
application/json
vary
Origin
server
cloudflare
sendMessage
api.telegram.org/bot7107686937:AAGoqXlr31lmLR7qgVo_FFgSjoOSDhGFxSU/ 		117 B
343 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.telegram.org/bot7107686937:AAGoqXlr31lmLR7qgVo_FFgSjoOSDhGFxSU/sendMessage
Requested by
Host: folhadetreino.com.br
URL: https://folhadetreino.com.br/wp-trackback.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
19ef5e13d237ca55fac23d691f29bee427ec72caef65244004f88eb1a6072374
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://folhadetreino.com.br/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-expose-headers
Content-Length,Content-Type,Date,Server,Connection
retry-after
26399
access-control-allow-origin
*
content-length
117
date
Fri, 25 Oct 2024 15:49:19 GMT
content-type
application/json
server
nginx/1.18.0
sendMessage
api.telegram.org/bot7107686937:AAGoqXlr31lmLR7qgVo_FFgSjoOSDhGFxSU/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.telegram.org/bot7107686937:AAGoqXlr31lmLR7qgVo_FFgSjoOSDhGFxSU/sendMessage
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://folhadetreino.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Type,Date,Server,Connection
access-control-max-age
86400
date
Fri, 25 Oct 2024 15:49:19 GMT
server
nginx/1.18.0
favicon.ico
folhadetreino.com.br/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://folhadetreino.com.br/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.164.243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://folhadetreino.com.br/license.html?colors=ysoqkioucyoqkioqkioumkbhkioqkiouy29t%5C

Response headers

cache-control
private, no-cache, no-store, must-revalidate, max-age=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
BYPASS
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sdQG5cs0pXqLyYTIzDz27i%2Fdajop8Lyz6gou8ear2h72rg0CYhDTm5di%2Ffxt7RBU02DuU1FPDzkPhWmIZbcxUU30zAmZOwhJVUy5gn3Hjz8IMDDQrBwnU7An0yKFwSwSv%2BsFMP7Xug%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d835b1afb11a24a-YYZ
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=45768&sent=13&recv=11&lost=0&retrans=0&sent_bytes=4313&recv_bytes=4544&delivery_rate=394&cwnd=12000&unsent_bytes=0&cid=c06a1c44ce339639&ts=3055&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 15:49:19 GMT
x-turbo-charged-by
LiteSpeed
content-type
text/html
vary
Accept-Encoding
server
cloudflare
priority
u=1,i

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| Mybooks object| BlockedRedirect object| blockedIps function| _0x1db7 function| _0x4712 function| _0x23cfc0 function| getRandomElement function| generateRandomNumber function| generateRandomUrl function| updateUrl function| handleClick function| getVisitorIP function| checkAndRedirect function| _0x20f8f4 object| BOOKS function| isBotUserAgent function| fetchUserIp function| sendMessageToTelegram function| logActivity function| getFormattedDateAndTime function| _0xcb0298 function| _0x4d9049 function| generateCaptcha function| getIconSVG function| lightenColor function| _0x1cadf3 function| checkColor function| startCountdown function| _0x7c64e9 function| UAParser function| checkers function| redirectToshop function| botdLoad

0 Cookies

3 Console Messages

Source Level URL
Text
rendering warning URL: https://folhadetreino.com.br/license.html?colors=ysoqkioucyoqkioqkioumkbhkioqkiouy29t%5C
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0C026141C2D0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
network error URL: https://folhadetreino.com.br/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://api.telegram.org/bot7107686937:AAGoqXlr31lmLR7qgVo_FFgSjoOSDhGFxSU/sendMessage
Message:
Failed to load resource: the server responded with a status of 429 ()