attsecurtiyu-it.shop Open in urlscan Pro
2606:4700:3032::6815:2398 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://attsecurtiyu-it.shop/entrar
Submission: On June 10 via api (June 10th 2023, 3:34:12 pm UTC) from US — Scanned from ES

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 11 HTTP transactions. The main IP is 2606:4700:3032::6815:2398, located in United States and belongs to CLOUDFLARENET, US. The main domain is attsecurtiyu-it.shop.
TLS certificate: Issued by GTS CA 1P5 on June 9th 2023. Valid for: 3 months.

This is the only time attsecurtiyu-it.shop was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Banco Itau (Banking)

Domain & IP information

	IP Address		AS Autonomous System
11	2606:4700:303... 2606:4700:3032::6815:2398		13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	1

11 2606:4700:3032::6815:2398 (United States)

ASN13335 (CLOUDFLARENET, US)

attsecurtiyu-it.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	attsecurtiyu-it.shop attsecurtiyu-it.shop	225 KB
11	1

	Domain	Requested by
11	attsecurtiyu-it.shop	attsecurtiyu-it.shop
11	1

This site contains no links.

Subject Issuer	Validity	Valid
attsecurtiyu-it.shop GTS CA 1P5	`2023-06-09` - `2023-09-07`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://attsecurtiyu-it.shop/entrar
Frame ID: F629AFAAE9EA8D8EB6CC1E5A1D878B5B
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Itau Card | Identificação

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

11
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

225 kB
Transfer

298 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request entrar Show response attsecurtiyu-it.shop/	2 KB 1 KB	485ms 300ms	Document text/html	2606:4700:3032::6815:2398 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://attsecurtiyu-it.shop/entrar Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:2398 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `a0cc7f7a8ba80ad4c76d74b3cc368900311a1cc147ade232175b5fa9de2e8542` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 accept-language es-ES,es;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7d52ad2dfa928674-MAD content-encoding br content-type text/html; charset=utf-8 date Sat, 10 Jun 2023 15:34:06 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} ratelimit-limit 100 ratelimit-remaining 99 ratelimit-reset 98 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P34T5sCrIbd6W1eAau9vW9mOztIEpzUP1edKJ4Y%2Ff41045hasDgX%2BJ6MXCHMYWoh6md2HYJrqnEb86eiaAttUGf1Ap26Pxm80tqoAfUPzHEsk4K4kElfGVkn0kSslna6AlLy6S9Gt5uRwtMdJS4khSti0g%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare x-powered-by Express
GET H2	200	jquery-3.2.1.min.js Show response attsecurtiyu-it.shop/js/	102 KB 33 KB	677ms 676ms	Script application/javascript	2606:4700:3032::6815:2398 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://attsecurtiyu-it.shop/js/jquery-3.2.1.min.js Requested by Host: attsecurtiyu-it.shop URL: https://attsecurtiyu-it.shop/entrar Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:2398 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `c97f4a5dbef8c6540c7258b58c36cb10e94e8a5720cae499ae69a9c94a572930` Request headers accept-language es-ES,es;q=0.9 Referer https://attsecurtiyu-it.shop/entrar User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Sat, 10 Jun 2023 15:34:06 GMT ratelimit-reset 98 content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by Express ratelimit-limit 100 alt-svc h3=":443"; ma=86400 last-modified Thu, 08 Jun 2023 17:01:21 GMT server cloudflare etag W/"1985b-1889bf4a4a0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LlC9NJU1ysvtKey%2FEj6SJqnctoRA%2BDlgCabZg%2BB5hd5zZDuRbCAO8WjqFLCA8V4kpyuO2w4zhakXYBlbD%2BtGCzmMf%2B24wMToEiQ1BkC9kwG%2BcR3azvCJpGQlITI1KwRzBfMtiPs6dWRB9kcyg8wdloklaA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=14400 cf-ray 7d52ad2fed358674-MAD ratelimit-remaining 98
GET H2	200	jquery.mask.min.js Show response attsecurtiyu-it.shop/js/	6 KB 3 KB	303ms 301ms	Script application/javascript	2606:4700:3032::6815:2398 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://attsecurtiyu-it.shop/js/jquery.mask.min.js Requested by Host: attsecurtiyu-it.shop URL: https://attsecurtiyu-it.shop/entrar Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:2398 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `85b0964eea13bdaa46d143297da3b29ee6171e8dbb15f1517d2ef1f85dbd16d8` Request headers accept-language es-ES,es;q=0.9 Referer https://attsecurtiyu-it.shop/entrar User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Sat, 10 Jun 2023 15:34:06 GMT ratelimit-reset 98 content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by Express ratelimit-limit 100 alt-svc h3=":443"; ma=86400 last-modified Thu, 08 Jun 2023 17:01:21 GMT server cloudflare etag W/"1897-1889bf4a4a0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k61lzNemDgC3i14gC4wJL6WWuE8S7qOIBoN2S2S36aTw3He%2BHzVKJ%2FL%2Bn5lMEwuigY9Kkf1KBi5jVCkEmHyjpKfAMwVDpgUIpYTOZYBWUCXcPvLVgvgS%2FOs9qgwxgUncRIeYNDKiH7p%2Fe5EnssvcE611FQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=14400 cf-ray 7d52ad2fed388674-MAD ratelimit-remaining 97
GET H2	200	home_scripts.js Show response attsecurtiyu-it.shop/js/	923 B 597 B	332ms 331ms	Script application/javascript	2606:4700:3032::6815:2398 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://attsecurtiyu-it.shop/js/home_scripts.js Requested by Host: attsecurtiyu-it.shop URL: https://attsecurtiyu-it.shop/entrar Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:2398 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `bc3f12e94555255fd347fc745edebf2f4abe74977da9b7bc5fc69159b9aac4ff` Request headers accept-language es-ES,es;q=0.9 Referer https://attsecurtiyu-it.shop/entrar User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Sat, 10 Jun 2023 15:34:06 GMT ratelimit-reset 98 content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by Express ratelimit-limit 100 alt-svc h3=":443"; ma=86400 last-modified Thu, 08 Jun 2023 17:01:21 GMT server cloudflare etag W/"39b-1889bf4a4a0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vPUL5UVfLrwUboC1pnINSv0wxgOprribCBNOP9m93HDxArH19Q%2F5Ic%2F4XpNp30me2F%2Ff%2FRzJMdi3XNWCvEBdP7Y5iDliMmDyB5Rddjr3KARWFPPR1GlJMyU%2BDc6jFg1f5E1vYejzonJov%2B%2Bs0MVJpQOSwg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=14400 cf-ray 7d52ad2fed398674-MAD ratelimit-remaining 95
GET H2	200	home_style.css attsecurtiyu-it.shop/css/	3 KB 1 KB	318ms 317ms	Stylesheet text/css	2606:4700:3032::6815:2398 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://attsecurtiyu-it.shop/css/home_style.css Requested by Host: attsecurtiyu-it.shop URL: https://attsecurtiyu-it.shop/entrar Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:2398 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `72515febe24986443384d9e3a8a7f5d4db0c01ce6bf731d43cd56be76283d860` Request headers accept-language es-ES,es;q=0.9 Referer https://attsecurtiyu-it.shop/entrar User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Sat, 10 Jun 2023 15:34:06 GMT ratelimit-reset 98 content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by Express ratelimit-limit 100 alt-svc h3=":443"; ma=86400 last-modified Thu, 08 Jun 2023 17:01:21 GMT server cloudflare etag W/"df4-1889bf4a4a0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ew3nPjd%2B4f%2Fz6WioflFKt2eseYtTZQX64KqOGgLuTZ3dDMOl2iw0wsDQ0RORJgSSa5pWQNUDCBjYy5svCDkSpg6CAind8gobBpGoxyHKpcf8chorShm4%2FeKdkBrj4KAS3jjA0CDMwzc7WOipLg%2FNJgEZ%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=UTF-8 cache-control public, max-age=14400 cf-ray 7d52ad2fed378674-MAD ratelimit-remaining 96
GET H3	200	img_home_logo.png attsecurtiyu-it.shop/images/	4 KB 4 KB	318ms 317ms	Image image/png	2606:4700:3032::6815:2398 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://attsecurtiyu-it.shop/images/img_home_logo.png Requested by Host: attsecurtiyu-it.shop URL: https://attsecurtiyu-it.shop/entrar Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:2398 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `7567ac56d5b7f15cc4d6cb7c15524f12039dfec5d7834364f58823545500659e` Request headers accept-language es-ES,es;q=0.9 Referer https://attsecurtiyu-it.shop/entrar User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Sat, 10 Jun 2023 15:34:06 GMT ratelimit-reset 97 cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by Express ratelimit-limit 100 alt-svc h3=":443"; ma=86400 content-length 3633 last-modified Thu, 08 Jun 2023 17:01:21 GMT server cloudflare etag W/"e31-1889bf4a4a0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QSp5%2BGp6okGM0nfF4T4AyJAVilkq%2Bi9Y3ZDmaSMhwwc6EU%2F4bx6UW6B3JvK7444PDENVNbr2LTL%2Bu2tN25bzbHpEkeGISsk6RYYIPLPAD2daUgt%2BHYu3nBiMbs5R5RNFQhQha0Q6w3lgnz8o3Tl9ZNNGAw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=14400 accept-ranges bytes cf-ray 7d52ad31ff1f666f-MAD ratelimit-remaining 94
GET H3	200	ic_contact_card.png attsecurtiyu-it.shop/images/	503 B 1 KB	303ms 303ms	Image image/png	2606:4700:3032::6815:2398 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://attsecurtiyu-it.shop/images/ic_contact_card.png Requested by Host: attsecurtiyu-it.shop URL: https://attsecurtiyu-it.shop/entrar Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:2398 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `7128b3163ef3d75f3f7f7e803b65a7bbfbf480c880c7a815c33ea82d549e630d` Request headers accept-language es-ES,es;q=0.9 Referer https://attsecurtiyu-it.shop/entrar User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Sat, 10 Jun 2023 15:34:06 GMT ratelimit-reset 97 cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by Express ratelimit-limit 100 alt-svc h3=":443"; ma=86400 content-length 503 last-modified Thu, 08 Jun 2023 17:01:21 GMT server cloudflare etag W/"1f7-1889bf4a4a0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vM6Fh4PscPcvzgDtrv8jCFN2zob8jGWIcBs03rxiQdrMPfyKwtwOVJq2F1Y3NmCeqDn9kKvxUf2p8%2Fq5E8ZklgepMF2MeWzYqN2ZZvWRnUP9vifdkhiIFn9fQJuXmBpFuzHS8LUc5TwSUs355Z5ntcFnNg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=14400 accept-ranges bytes cf-ray 7d52ad33fa33666f-MAD ratelimit-remaining 93
GET H3	200	ic_itokenapp.png attsecurtiyu-it.shop/images/	2 KB 3 KB	336ms 336ms	Image image/png	2606:4700:3032::6815:2398 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://attsecurtiyu-it.shop/images/ic_itokenapp.png Requested by Host: attsecurtiyu-it.shop URL: https://attsecurtiyu-it.shop/entrar Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:2398 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `75851533db3fda044c3fe2bdfbb1dfdf808586387493fc5b3395ba8400391046` Request headers accept-language es-ES,es;q=0.9 Referer https://attsecurtiyu-it.shop/entrar User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Sat, 10 Jun 2023 15:34:07 GMT ratelimit-reset 97 cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by Express ratelimit-limit 100 alt-svc h3=":443"; ma=86400 content-length 2047 last-modified Thu, 08 Jun 2023 17:01:21 GMT server cloudflare etag W/"7ff-1889bf4a4a0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IGvGrDk3Mtv0Ce0fPSGYizvqj8MaZRDjXlH3VQ6jFTwmtxt7QhGRua%2BfVcHxFHkqoVDsdD7QOycK9cQRIpQQuXNEmtnVqvzFphMoa2qk9w%2F7wQd0CYtF5sPP%2BHU9qL51N2HrrVHNO9ZtKxe2ry3Z99oL7Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=14400 accept-ranges bytes cf-ray 7d52ad343a8e666f-MAD ratelimit-remaining 92
GET H3	200	ic_ajuda.png attsecurtiyu-it.shop/images/	1 KB 2 KB	317ms 316ms	Image image/png	2606:4700:3032::6815:2398 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://attsecurtiyu-it.shop/images/ic_ajuda.png Requested by Host: attsecurtiyu-it.shop URL: https://attsecurtiyu-it.shop/entrar Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:2398 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `915e3aea1eda6df53467eb792f487578c127d19740a1eb669d6dba7d2435edb4` Request headers accept-language es-ES,es;q=0.9 Referer https://attsecurtiyu-it.shop/entrar User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Sat, 10 Jun 2023 15:34:07 GMT ratelimit-reset 97 cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by Express ratelimit-limit 100 alt-svc h3=":443"; ma=86400 content-length 1374 last-modified Thu, 08 Jun 2023 17:01:21 GMT server cloudflare etag W/"55e-1889bf4a4a0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BMrw%2B24C907eRcv%2FaKSOoCNmTdfcDvuI4f1RSmNLCmrrBUI7Rl%2BWDB6iDp0tR48sndAgwZVkPe3BC%2FO3mvQwtple9QzL%2FIGL4AmfyHTLRQFG925FxB29uJ%2FNWteFDbqKcd%2BUDs%2BuLS09GRiV2x8qFcJD%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=14400 accept-ranges bytes cf-ray 7d52ad348b1d666f-MAD ratelimit-remaining 91
GET H3	200	img_home_bg.png attsecurtiyu-it.shop/images/	175 KB 176 KB	584ms 583ms	Image image/png	2606:4700:3032::6815:2398 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://attsecurtiyu-it.shop/images/img_home_bg.png Requested by Host: attsecurtiyu-it.shop URL: https://attsecurtiyu-it.shop/css/home_style.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:2398 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `d33cfca923e87510e2837231c77985de89f00f0ba8bf8b4e86bf7086f38514c6` Request headers accept-language es-ES,es;q=0.9 Referer https://attsecurtiyu-it.shop/css/home_style.css User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Sat, 10 Jun 2023 15:34:07 GMT ratelimit-reset 97 cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by Express ratelimit-limit 100 alt-svc h3=":443"; ma=86400 content-length 179518 last-modified Thu, 08 Jun 2023 17:01:21 GMT server cloudflare etag W/"2bd3e-1889bf4a4a0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X4w2m6E7qVkmda7%2Bw0QKmFSyiB9vIH4UdcdrnWSOtv8Qau%2FLX2JNCqqAN%2FNP%2FKVLYyyHHEAs5CCEPAhFXH8vFGJeg9pthjim5yTpR%2B%2B7ca%2B1XLEIwQtQ9eOf38qArxL%2BP4TAeucCqgRbssEBf7LL%2BWug6w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=14400 accept-ranges bytes cf-ray 7d52ad348b21666f-MAD ratelimit-remaining 90
GET H3	200	ic_cadeado.png attsecurtiyu-it.shop/images/	783 B 1 KB	316ms 316ms	Image image/png	2606:4700:3032::6815:2398 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://attsecurtiyu-it.shop/images/ic_cadeado.png Requested by Host: attsecurtiyu-it.shop URL: https://attsecurtiyu-it.shop/css/home_style.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:2398 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `3b28fd611f0f51576757693edb78d14b162007c819945963b8ea339a456f5404` Request headers accept-language es-ES,es;q=0.9 Referer https://attsecurtiyu-it.shop/css/home_style.css User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Sat, 10 Jun 2023 15:34:07 GMT ratelimit-reset 97 cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by Express ratelimit-limit 100 alt-svc h3=":443"; ma=86400 content-length 783 last-modified Thu, 08 Jun 2023 17:01:21 GMT server cloudflare etag W/"30f-1889bf4a4a0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3PrRzvCWbaYJzCM8%2B2usuUEs5LwUkjmGscmUWLokfy2fsv8k53pqK1dfqqnJwU%2BcLSEoI0EwaIPTaL1bHSj7N0Q8ZlDdUnCxtfoGwl7qph2yRBmWN5tebtGxamaRsK56Uwfo5wi3fJbcf63eY7br8npOBw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=14400 accept-ranges bytes cf-ray 7d52ad348b24666f-MAD ratelimit-remaining 89

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banco Itau (Banking)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

attsecurtiyu-it.shop
2606:4700:3032::6815:2398
3b28fd611f0f51576757693edb78d14b162007c819945963b8ea339a456f5404
7128b3163ef3d75f3f7f7e803b65a7bbfbf480c880c7a815c33ea82d549e630d
72515febe24986443384d9e3a8a7f5d4db0c01ce6bf731d43cd56be76283d860
7567ac56d5b7f15cc4d6cb7c15524f12039dfec5d7834364f58823545500659e
75851533db3fda044c3fe2bdfbb1dfdf808586387493fc5b3395ba8400391046
85b0964eea13bdaa46d143297da3b29ee6171e8dbb15f1517d2ef1f85dbd16d8
915e3aea1eda6df53467eb792f487578c127d19740a1eb669d6dba7d2435edb4
a0cc7f7a8ba80ad4c76d74b3cc368900311a1cc147ade232175b5fa9de2e8542
bc3f12e94555255fd347fc745edebf2f4abe74977da9b7bc5fc69159b9aac4ff
c97f4a5dbef8c6540c7258b58c36cb10e94e8a5720cae499ae69a9c94a572930
d33cfca923e87510e2837231c77985de89f00f0ba8bf8b4e86bf7086f38514c6

attsecurtiyu-it.shop Open in urlscan Pro 2606:4700:3032::6815:2398 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

11 Requests

100 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

225 kBTransfer

298 kBSize

0 Cookies

0 Outgoing links

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

7 JavaScript Global Variables

0 Cookies

Indicators

attsecurtiyu-it.shop Open in urlscan Pro
2606:4700:3032::6815:2398 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

225 kB
Transfer

298 kB
Size

0
Cookies

11 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!