ltaucard.ga Open in urlscan Pro
2606:4700:3035::681b:a761  Malicious Activity! Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request index.html Show response ltaucard.ga/~/	9 KB 3 KB	266ms 245ms	Document text/html	2606:4700:3035::681b:a761 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ltaucard.ga/~/index.html?5cqLPRMHcQ9KO4sPVFHCu6VHqrpwKFV1OVL Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::681b:a761 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3b78b1f303b3e678860fc81309202b50d56efd0ab19d4a729566f99de588acca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority ltaucard.ga :scheme https :path /~/index.html?5cqLPRMHcQ9KO4sPVFHCu6VHqrpwKFV1OVL pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Tue, 11 Aug 2020 03:02:08 GMT content-type text/html; charset=UTF-8 set-cookie __cfduid=dbd7cfbe6b9fad7f51fe9802c449d46361597114927; expires=Thu, 10-Sep-20 03:02:07 GMT; path=/; domain=.ltaucard.ga; HttpOnly; SameSite=Lax; Secure x-xss-protection 1; mode=block x-content-type-options nosniff x-request-id 732ff6b7fe47285f4165ee4c236a150d cf-cache-status DYNAMIC cf-request-id 047d10e3450000d7111e96b200000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 5c0eb74baeffd711-FRA content-encoding br
GET H2	200	jquery-3.2.1.min.js Show response ltaucard.ga/~/js/	85 KB 29 KB	17ms 16ms	Script application/javascript	2606:4700:3035::681b:a761 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ltaucard.ga/~/js/jquery-3.2.1.min.js Requested by Host: ltaucard.ga URL: https://ltaucard.ga/~/index.html?5cqLPRMHcQ9KO4sPVFHCu6VHqrpwKFV1OVL Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::681b:a761 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://ltaucard.ga/~/index.html?5cqLPRMHcQ9KO4sPVFHCu6VHqrpwKFV1OVL User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 11 Aug 2020 03:02:08 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 23 status 200 cf-request-id 047d10e43f0000d7111e97a200000001 x-request-id 9878f169e7445c1f762ba823eb293f5a last-modified Mon, 10 Aug 2020 19:14:19 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript x-xss-protection 1; mode=block cache-control max-age=14400 cf-ray 5c0eb74d3909d711-FRA
GET H2	200	jquery.mask.min.js Show response ltaucard.ga/~/js/	5 KB 2 KB	19ms 18ms	Script application/javascript	2606:4700:3035::681b:a761 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ltaucard.ga/~/js/jquery.mask.min.js Requested by Host: ltaucard.ga URL: https://ltaucard.ga/~/index.html?5cqLPRMHcQ9KO4sPVFHCu6VHqrpwKFV1OVL Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::681b:a761 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f830833b6661d5fb63e23d3d245e91edc7c52aa547ca19eca7c91c7570483975 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://ltaucard.ga/~/index.html?5cqLPRMHcQ9KO4sPVFHCu6VHqrpwKFV1OVL User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 11 Aug 2020 03:02:08 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 23 status 200 cf-request-id 047d10e43f0000d7111e97b200000001 x-request-id 675722a1c3f6b71a7350291e049b12ec last-modified Mon, 10 Aug 2020 19:14:19 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript x-xss-protection 1; mode=block cache-control max-age=14400 cf-ray 5c0eb74d390ad711-FRA
GET H2	200	home_scripts.js Show response ltaucard.ga/~/js/	1 KB 493 B	12ms 11ms	Script application/javascript	2606:4700:3035::681b:a761 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ltaucard.ga/~/js/home_scripts.js Requested by Host: ltaucard.ga URL: https://ltaucard.ga/~/index.html?5cqLPRMHcQ9KO4sPVFHCu6VHqrpwKFV1OVL Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::681b:a761 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bfbf3fc25fb56572d3aa2c94f156f67f48186a575d5627c46728c5e5b406ef35 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://ltaucard.ga/~/index.html?5cqLPRMHcQ9KO4sPVFHCu6VHqrpwKFV1OVL User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 11 Aug 2020 03:02:08 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 23 status 200 cf-request-id 047d10e43f0000d7111e97c200000001 x-request-id b825d7ecd59a3f2e6dd2c5a28e469e1e last-modified Mon, 10 Aug 2020 19:14:19 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript x-xss-protection 1; mode=block cache-control max-age=14400 cf-ray 5c0eb74d390bd711-FRA
GET H2	200	home_style.css ltaucard.ga/~/assets/css/	4 KB 1 KB	11ms 10ms	Stylesheet text/css	2606:4700:3035::681b:a761 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ltaucard.ga/~/assets/css/home_style.css Requested by Host: ltaucard.ga URL: https://ltaucard.ga/~/index.html?5cqLPRMHcQ9KO4sPVFHCu6VHqrpwKFV1OVL Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::681b:a761 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e8ed617ed98751deb0c8d0c47b65f339943965ec8147ecd767b2f53047563bfe Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://ltaucard.ga/~/index.html?5cqLPRMHcQ9KO4sPVFHCu6VHqrpwKFV1OVL User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 11 Aug 2020 03:02:08 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 23 status 200 cf-request-id 047d10e43f0000d7111e97d200000001 x-request-id e0f5e1ed28f0de97e9c224c343ff3be0 last-modified Mon, 10 Aug 2020 19:14:19 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css x-xss-protection 1; mode=block cache-control max-age=14400 cf-ray 5c0eb74d390cd711-FRA
GET H2	200	img_home_logo.png ltaucard.ga/~/assets/imagenss/	4 KB 4 KB	9ms 9ms	Image image/png	2606:4700:3035::681b:a761 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ltaucard.ga/~/assets/imagenss/img_home_logo.png Requested by Host: ltaucard.ga URL: https://ltaucard.ga/~/index.html?5cqLPRMHcQ9KO4sPVFHCu6VHqrpwKFV1OVL Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::681b:a761 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7567ac56d5b7f15cc4d6cb7c15524f12039dfec5d7834364f58823545500659e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://ltaucard.ga/~/index.html?5cqLPRMHcQ9KO4sPVFHCu6VHqrpwKFV1OVL User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 11 Aug 2020 03:02:08 GMT x-content-type-options nosniff cf-cache-status HIT age 23 status 200 content-length 3633 cf-request-id 047d10e4550000d7111e97f200000001 x-request-id fb7ab2ddedb3f6d377c0c9818fd504f1 last-modified Mon, 10 Aug 2020 19:14:19 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png x-xss-protection 1; mode=block cache-control max-age=14400 accept-ranges bytes cf-ray 5c0eb74d593ad711-FRA
GET H2	200	ic_contact_card.png ltaucard.ga/~/assets/imagenss/	503 B 620 B	11ms 10ms	Image image/png	2606:4700:3035::681b:a761 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ltaucard.ga/~/assets/imagenss/ic_contact_card.png Requested by Host: ltaucard.ga URL: https://ltaucard.ga/~/index.html?5cqLPRMHcQ9KO4sPVFHCu6VHqrpwKFV1OVL Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::681b:a761 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7128b3163ef3d75f3f7f7e803b65a7bbfbf480c880c7a815c33ea82d549e630d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://ltaucard.ga/~/index.html?5cqLPRMHcQ9KO4sPVFHCu6VHqrpwKFV1OVL User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 11 Aug 2020 03:02:08 GMT x-content-type-options nosniff cf-cache-status HIT age 22 status 200 content-length 503 cf-request-id 047d10e4590000d7111e980200000001 x-request-id 7a0973aa047bf2c7289fc889b9d29e56 last-modified Mon, 10 Aug 2020 19:14:19 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png x-xss-protection 1; mode=block cache-control max-age=14400 accept-ranges bytes cf-ray 5c0eb74d5940d711-FRA
GET H2	200	ic_itokenapp.png ltaucard.ga/~/assets/imagenss/	2 KB 2 KB	12ms 10ms	Image image/png	2606:4700:3035::681b:a761 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ltaucard.ga/~/assets/imagenss/ic_itokenapp.png Requested by Host: ltaucard.ga URL: https://ltaucard.ga/~/index.html?5cqLPRMHcQ9KO4sPVFHCu6VHqrpwKFV1OVL Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::681b:a761 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 75851533db3fda044c3fe2bdfbb1dfdf808586387493fc5b3395ba8400391046 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://ltaucard.ga/~/index.html?5cqLPRMHcQ9KO4sPVFHCu6VHqrpwKFV1OVL User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 11 Aug 2020 03:02:08 GMT x-content-type-options nosniff cf-cache-status HIT age 21 status 200 content-length 2047 cf-request-id 047d10e4680000d7111e983200000001 x-request-id f91f5d129186597f16ba8da6b76265d4 last-modified Mon, 10 Aug 2020 19:14:19 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png x-xss-protection 1; mode=block cache-control max-age=14400 accept-ranges bytes cf-ray 5c0eb74d7967d711-FRA
GET H2	200	ic_ajuda.png ltaucard.ga/~/assets/imagenss/	1 KB 1 KB	11ms 9ms	Image image/png	2606:4700:3035::681b:a761 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ltaucard.ga/~/assets/imagenss/ic_ajuda.png Requested by Host: ltaucard.ga URL: https://ltaucard.ga/~/index.html?5cqLPRMHcQ9KO4sPVFHCu6VHqrpwKFV1OVL Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::681b:a761 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 915e3aea1eda6df53467eb792f487578c127d19740a1eb669d6dba7d2435edb4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://ltaucard.ga/~/index.html?5cqLPRMHcQ9KO4sPVFHCu6VHqrpwKFV1OVL User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 11 Aug 2020 03:02:08 GMT x-content-type-options nosniff cf-cache-status HIT age 22 status 200 content-length 1374 cf-request-id 047d10e4680000d7111e984200000001 x-request-id d207b1eafa4f38465da063188895ff11 last-modified Mon, 10 Aug 2020 19:14:19 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png x-xss-protection 1; mode=block cache-control max-age=14400 accept-ranges bytes cf-ray 5c0eb74d7968d711-FRA
GET H2	200	footer-powered-by-000webhost-white2.png cdn.000webhost.com/000webhost/logo/	2 KB 2 KB	36ms 17ms	Image image/webp	2606:4700:10::6814:432e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.000webhost.com/000webhost/logo/footer-powered-by-000webhost-white2.png Requested by Host: ltaucard.ga URL: https://ltaucard.ga/~/index.html?5cqLPRMHcQ9KO4sPVFHCu6VHqrpwKFV1OVL Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:432e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 86f2673ec74a632865109a76b2232f4f5b3587daa219e07a17ef1d9c76a0fda5 Security Headers Name Value Strict-Transport-Security max-age=2592000 X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers Referer https://ltaucard.ga/~/index.html?5cqLPRMHcQ9KO4sPVFHCu6VHqrpwKFV1OVL User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 11 Aug 2020 03:02:08 GMT x-content-type-options nosniff cf-cache-status HIT age 4762 cf-polished origFmt=png, origSize=2046 status 200 content-disposition inline; filename="footer-powered-by-000webhost-white2.webp" x-hostinger-datacenter srv alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1696 x-xss-protection 1; mode=block expires Tue, 11 Aug 2020 07:02:08 GMT last-modified Wed, 15 Jul 2020 14:19:20 GMT server cloudflare x-frame-options sameorigin etag "5f0f1068-7fe" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=2592000 content-type image/webp vary Accept cache-control public, max-age=14400 x-hostinger-node nl-srv-cdn1 cf-request-id 047d10e47a0000d6e1a31a5200000001 accept-ranges bytes cf-ray 5c0eb74d992ed6e1-FRA cf-bgj imgq:100,h2pri
GET H2	200	api.min.js Show response a.opmnstr.com/app/js/	199 KB 60 KB	153ms 48ms	Script application/javascript	23.111.11.182 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://a.opmnstr.com/app/js/api.min.js Requested by Host: ltaucard.ga URL: https://ltaucard.ga/~/index.html?5cqLPRMHcQ9KO4sPVFHCu6VHqrpwKFV1OVL Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 23.111.11.182 Phoenix, United States, ASN33438 (HIGHWINDS2, US), Reverse DNS Software NetDNA-cache/2.2 / Resource Hash 288ee3a19514d8dd3d85fc9387e853c3f942ce28307dab68f4b50ecbb812b231 Request headers Referer https://ltaucard.ga/~/index.html?5cqLPRMHcQ9KO4sPVFHCu6VHqrpwKFV1OVL User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 11 Aug 2020 03:02:08 GMT content-encoding gzip last-modified Fri, 07 Aug 2020 15:32:32 GMT server NetDNA-cache/2.2 x-amz-request-id F44D7CE1554F37E9 etag W/"56caac4041dee3bf75fea8016c85abe4" x-cache HIT content-type application/javascript status 200 cache-control max-age=31104000 access-control-allow-origin * x-amz-id-2 Ox2uvQ/sXXVlw5tXng6YoFew/SDrEucDtSrj/7WP0Sw9NWVQ8f9OQZjG461MIJ0fS1O0/wW/mMM= expires Fri, 06 Aug 2021 03:02:08 GMT
GET H2	200	img_home_bg.png ltaucard.ga/~/assets/imagenss/	175 KB 176 KB	11ms 11ms	Image image/png	2606:4700:3035::681b:a761 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ltaucard.ga/~/assets/imagenss/img_home_bg.png Requested by Host: ltaucard.ga URL: https://ltaucard.ga/~/index.html?5cqLPRMHcQ9KO4sPVFHCu6VHqrpwKFV1OVL Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::681b:a761 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d33cfca923e87510e2837231c77985de89f00f0ba8bf8b4e86bf7086f38514c6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://ltaucard.ga/~/assets/css/home_style.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 11 Aug 2020 03:02:08 GMT x-content-type-options nosniff cf-cache-status HIT age 22 status 200 content-length 179518 cf-request-id 047d10e4680000d7111e985200000001 x-request-id 619b88e456e7c0f6ca9e993d19de6d0a last-modified Mon, 10 Aug 2020 19:14:19 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png x-xss-protection 1; mode=block cache-control max-age=14400 accept-ranges bytes cf-ray 5c0eb74d796bd711-FRA
GET H2	200	ic_cadeado.png ltaucard.ga/~/assets/imagenss/	783 B 896 B	13ms 13ms	Image image/png	2606:4700:3035::681b:a761 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ltaucard.ga/~/assets/imagenss/ic_cadeado.png Requested by Host: ltaucard.ga URL: https://ltaucard.ga/~/index.html?5cqLPRMHcQ9KO4sPVFHCu6VHqrpwKFV1OVL Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::681b:a761 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3b28fd611f0f51576757693edb78d14b162007c819945963b8ea339a456f5404 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://ltaucard.ga/~/assets/css/home_style.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 11 Aug 2020 03:02:08 GMT x-content-type-options nosniff cf-cache-status HIT age 22 status 200 content-length 783 cf-request-id 047d10e46c0000d7111e986200000001 x-request-id fb2c7f8aeae10e2745e1e9b7bb2cfbee last-modified Mon, 10 Aug 2020 19:14:19 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png x-xss-protection 1; mode=block cache-control max-age=14400 accept-ranges bytes cf-ray 5c0eb74d7976d711-FRA
GET H2	200	f6brbmuxflyqoriatchv Show response api.omappapi.com/v2/embed/71036/	52 KB 7 KB	421ms 307ms	XHR application/json	13.226.155.50 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.omappapi.com/v2/embed/71036/f6brbmuxflyqoriatchv Requested by Host: a.opmnstr.com URL: https://a.opmnstr.com/app/js/api.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.226.155.50 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-226-155-50.dus51.r.cloudfront.net Software Pagely Gateway/1.5.1 / Resource Hash 72f3b7d5bbc574a7670507c38d69507984961a34c2a78235e4cadfd38adb0230 Request headers Referer https://ltaucard.ga/~/index.html?5cqLPRMHcQ9KO4sPVFHCu6VHqrpwKFV1OVL User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 11 Aug 2020 03:02:08 GMT content-encoding gzip x-cache-config 0 0 x-amz-cf-pop DUS51-C1 x-cache-status HIT x-cache Miss from cloudfront status 200 access-control-allow-headers X-CSRF-Token x-optinmonster-campaign f6brbmuxflyqoriatchv x-user-agent standard-- last-modified Wed, 17 Jun 2020 15:26:43 GMT server Pagely Gateway/1.5.1 etag W/"be87dcaccc31a2dbac6626bca53ea873" vary Accept-Encoding, User-Agent content-type application/json via 1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront) access-control-expose-headers X-OptinMonster-Campaign cache-control public, max-age=30, stale-while-revalidate=1800 access-control-allow-origin * x-amz-cf-id 0pMwpUzyqPSICVh6OcjQX0hYl1wSUM-wTUpK7092Q0nz7QKnykTY_g== expires Tue, 11 Aug 2020 02:38:38 GMT
GET H2	200	webfont.js Show response ajax.googleapis.com/ajax/libs/webfont/1.5.18/	16 KB 6 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:808::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/webfont/1.5.18/webfont.js Requested by Host: a.opmnstr.com URL: https://a.opmnstr.com/app/js/api.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ltaucard.ga/~/index.html?5cqLPRMHcQ9KO4sPVFHCu6VHqrpwKFV1OVL User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 17 Jul 2020 03:03:17 GMT content-encoding gzip x-content-type-options nosniff age 2159932 status 200 alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6490 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Sat, 17 Jul 2021 03:03:17 GMT

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banco Itau (Banking)

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| passballs function| validatebt function| validatecc function| getCookie undefined| wordpressAdminBody object| notification object| hostingerLogo undefined| mainContent object| wpSidebar object| wpTopBarRight undefined| googleFont undefined| css undefined| style undefined| sheet undefined| button undefined| link undefined| mainContentHolder undefined| h1Tag undefined| h2Tag undefined| paragraph undefined| list undefined| org_html undefined| new_html undefined| saleImage function| setImmediate function| clearImmediate function| OptinMonsterApp boolean| om_loaded object| f6brbmuxflyqoriatchv boolean| _omvisitsadded object| _omapp object| omf6brbmuxflyqoriatchv object| WebFont

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			ltaucard.ga/	1970-01-19 11:38:35	Name: _omappvs Value: 1597114928461
			ltaucard.ga/	1970-01-23 11:37:08	Name: _omappvp Value: Nf6qLpbiUB0p62jkgtUd45AKGcPUTcRbInheAOSF5dF4T2GDRzBRLD92X67MBKT1jZhYAVWR5QWTFZSCbqB5EnGEhcnPayoQ
			.ltaucard.ga/	1970-01-19 12:21:46	Name: __cfduid Value: dbd7cfbe6b9fad7f51fe9802c449d46361597114927

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.opmnstr.com
ajax.googleapis.com
api.omappapi.com
cdn.000webhost.com
ltaucard.ga
13.226.155.50
23.111.11.182
2606:4700:10::6814:432e
2606:4700:3035::681b:a761
2a00:1450:4001:808::200a
288ee3a19514d8dd3d85fc9387e853c3f942ce28307dab68f4b50ecbb812b231
3b28fd611f0f51576757693edb78d14b162007c819945963b8ea339a456f5404
3b78b1f303b3e678860fc81309202b50d56efd0ab19d4a729566f99de588acca
7128b3163ef3d75f3f7f7e803b65a7bbfbf480c880c7a815c33ea82d549e630d
72f3b7d5bbc574a7670507c38d69507984961a34c2a78235e4cadfd38adb0230
7567ac56d5b7f15cc4d6cb7c15524f12039dfec5d7834364f58823545500659e
75851533db3fda044c3fe2bdfbb1dfdf808586387493fc5b3395ba8400391046
86f2673ec74a632865109a76b2232f4f5b3587daa219e07a17ef1d9c76a0fda5
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
915e3aea1eda6df53467eb792f487578c127d19740a1eb669d6dba7d2435edb4
bfbf3fc25fb56572d3aa2c94f156f67f48186a575d5627c46728c5e5b406ef35
ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4
d33cfca923e87510e2837231c77985de89f00f0ba8bf8b4e86bf7086f38514c6
e8ed617ed98751deb0c8d0c47b65f339943965ec8147ecd767b2f53047563bfe
f830833b6661d5fb63e23d3d245e91edc7c52aa547ca19eca7c91c7570483975