centralatendimentocx.online Open in urlscan Pro
185.196.9.239 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://centralatendimentocx.online/index/
Submission: On November 11 via api (November 11th 2023, 11:11:30 pm UTC) from US — Scanned from DE

Summary HTTP 15 Redirects Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 4 IPs in 1 countries across 4 domains to perform 15 HTTP transactions. The main IP is 185.196.9.239, located in United States and belongs to SIMPLECARRIER, US. The main domain is centralatendimentocx.online.

This is the only time centralatendimentocx.online was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Caixa (Government)

Domain & IP information

	IP Address		AS Autonomous System
1 9	185.196.9.239 185.196.9.239		42624 (SIMPLECAR...) (SIMPLECARRIER)
3	2606:4700::68... 2606:4700::6810:5614		13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6811:180e		13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:200... 2a04:4e42:200::649		54113 (FASTLY) (FASTLY)
15	4

9 185.196.9.239 (United States) 1 redirects

ASN42624 (SIMPLECARRIER, US)

centralatendimentocx.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	centralatendimentocx.online 1 redirects centralatendimentocx.online	4 MB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	272 KB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 335	62 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 762	30 KB
15	4

	Domain	Requested by
9	centralatendimentocx.online	1 redirects centralatendimentocx.online
3	cdnjs.cloudflare.com	centralatendimentocx.online cdnjs.cloudflare.com
3	cdn.jsdelivr.net	centralatendimentocx.online
1	code.jquery.com	centralatendimentocx.online
15	4

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://centralatendimentocx.online/index/
Frame ID: B900B361971FCD9E96B0F708F6C84646
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Empréstimo Auxilio Brasil

Page URL History Show full URLs

http://centralatendimentocx.online/index HTTP 301
http://centralatendimentocx.online/index/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

SweetAlert2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+?href="[^"]+sweetalert2(?:\.min)?\.css
/npm/sweetalert2@([\d.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

15
Requests

47 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

1
Countries

4684 kB
Transfer

5084 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://centralatendimentocx.online/index HTTP 301
http://centralatendimentocx.online/index/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
centralatendimentocx.online/index/
Redirect Chain

http://centralatendimentocx.online/index
http://centralatendimentocx.online/index/

8 KB
8 KB

20ms
20ms

Document
text/html

185.196.9.239
SIMPLECARRIER

General

Check archive.org

Show headers Download Go to

Full URL: http://centralatendimentocx.online/index/
Protocol: HTTP/1.1
Server: 185.196.9.239 , United States, ASN42624 (SIMPLECARRIER, US),
Reverse DNS
Software: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.2.4 / PHP/8.2.4
Resource Hash: e797090f9e39147f7ea631e7e8c4c4df4a1717e258151f544d9856276393598e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Sat, 11 Nov 2023 23:11:25 GMT
Keep-Alive: timeout=5, max=99
Server: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.2.4
Transfer-Encoding: chunked
X-Powered-By: PHP/8.2.4

Redirect headers

Connection: Keep-Alive
Content-Length: 366
Content-Type: text/html; charset=iso-8859-1
Date: Sat, 11 Nov 2023 23:11:25 GMT
Keep-Alive: timeout=5, max=100
Location: http://centralatendimentocx.online/index/
Server: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.2.4

GET
H/1.1 200
OK index.css
centralatendimentocx.online/index/assets/css/ 3 KB
3 KB 19ms
18ms Stylesheet
text/css 185.196.9.239
SIMPLECARRIER

General

Check archive.org

Show headers Download Go to

Full URL: http://centralatendimentocx.online/index/assets/css/index.css
Requested by: Host: centralatendimentocx.online
URL: http://centralatendimentocx.online/index/
Protocol: HTTP/1.1
Server: 185.196.9.239 , United States, ASN42624 (SIMPLECARRIER, US),
Reverse DNS
Software: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.2.4 /
Resource Hash: df22f350b3aa8616d1717e2125575073d29ac5ed8886139b855a08ec8c657300

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://centralatendimentocx.online/index/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Sat, 11 Nov 2023 23:11:25 GMT
Last-Modified: Mon, 25 Sep 2023 13:38:35 GMT
Server: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.2.4
ETag: "ba7-6062f1329ccc0"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 2983

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha3/dist/css/ 227 KB
33 KB 44ms
19ms Stylesheet
text/css 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha3/dist/css/bootstrap.min.css

Requested by

Host: centralatendimentocx.online
URL: http://centralatendimentocx.online/index/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16ee7f3d53462650bbd32e263c48c0ea759574fcf620c681ad719008912c461a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://centralatendimentocx.online/
Origin: http://centralatendimentocx.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 11 Nov 2023 23:11:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 77122
x-jsd-version: 5.3.0-alpha3
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230028-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"38cf3-SvPX4VpqOAxsurukLprfMwtJ1Y8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y0eOBxTp6F6nvNU72cmZHJFhM0PEeGtddb7sBZUWKAAAJxVjgZ2K2UmhrWW4A54HTOo%2FInGNA%2FLvT7G6M7Fj6Jbz0%2BnKtGD16HV6ly7I6HX%2F6tFn%2FmD5doxJxiD539niI%2FuEwkpS%2BbugotSOUfM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 824a36d88c2f71b8-FRA

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/ 100 KB
19 KB 50ms
19ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css

Requested by

Host: centralatendimentocx.online
URL: http://centralatendimentocx.online/index/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1edb1725a9ea8ca4dcf2f5508cee183218aa1685e47c1b23056717f754f58ebf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: http://centralatendimentocx.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 11 Nov 2023 23:11:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 148333
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 18752
last-modified: Mon, 27 Mar 2023 17:46:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "6421d693-4940"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QGErV6XuI5MPencDWTYrjEGeezXRra1Tzm%2FRCWw9ZyEuJSmZtugs4mupZKd48DMW5d0joBF5OtbXwcW4Hd6d%2FDart5Cc%2BegOrXSNP6iv5zqGzZvbclHhT%2B%2F8GEqA0Xql8Rmg939HdHwhG6WlhVDcrZVm"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 824a36d899b4085d-FRA
expires: Thu, 31 Oct 2024 23:11:25 GMT

GET
H2 200 sweetalert2.min.css
cdn.jsdelivr.net/npm/sweetalert2@11.1.4/dist/ 22 KB
5 KB 60ms
22ms Stylesheet
text/css 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/sweetalert2@11.1.4/dist/sweetalert2.min.css

Requested by

Host: centralatendimentocx.online
URL: http://centralatendimentocx.online/index/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b594b8d833ee6135c84734924c94bd83028fbfcfa98256c17cdb4950dbddc96e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://centralatendimentocx.online/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 11 Nov 2023 23:11:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1349946
x-jsd-version: 11.1.4
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230087-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"58a2-XPxzoPU1bK3mp3tlYqyqsfPgWT4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=miow%2BuKahdI2hRgWoVDux%2FoEuKbusnyuG%2Bw2liyz1%2BGyzmSYK7V9DxYtZDrtyEcIoIhh1CE%2Bb2hf%2FA6JhIVjQbLIMsiCmkBoHQBrzjdUMd%2BzlmPDjSo%2BR%2FcpxlJjKilINvGEdkOsNEUJzscyc6c%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 824a36d89a6a1c15-FRA

GET
H/1.1 200
OK aux_brasil.png
centralatendimentocx.online/index/assets/images/ 24 KB
25 KB 34ms
18ms Image
image/png 185.196.9.239
SIMPLECARRIER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://centralatendimentocx.online/index/assets/images/aux_brasil.png
Requested by: Host: centralatendimentocx.online
URL: http://centralatendimentocx.online/index/
Protocol: HTTP/1.1
Server: 185.196.9.239 , United States, ASN42624 (SIMPLECARRIER, US),
Reverse DNS
Software: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.2.4 /
Resource Hash: 714c76b566247379dbb72bc485b762433a0c5a19277f538bbb0daab84db031f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://centralatendimentocx.online/index/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Sat, 11 Nov 2023 23:11:25 GMT
Last-Modified: Mon, 25 Sep 2023 13:38:35 GMT
Server: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.2.4
ETag: "6157-6062f1329ccc0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 24919

GET
H/1.1 200
OK bolsa_familia_logo.png
centralatendimentocx.online/index/assets/images/ 18 KB
18 KB 33ms
17ms Image
image/png 185.196.9.239
SIMPLECARRIER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://centralatendimentocx.online/index/assets/images/bolsa_familia_logo.png
Requested by: Host: centralatendimentocx.online
URL: http://centralatendimentocx.online/index/
Protocol: HTTP/1.1
Server: 185.196.9.239 , United States, ASN42624 (SIMPLECARRIER, US),
Reverse DNS
Software: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.2.4 /
Resource Hash: c547741d4973888d9f430629a7c626a0dc36515ef33c7b4c8bc86a73a3360160

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://centralatendimentocx.online/index/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Sat, 11 Nov 2023 23:11:25 GMT
Last-Modified: Mon, 25 Sep 2023 13:38:35 GMT
Server: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.2.4
ETag: "47fd-6062f1329ccc0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 18429

GET
H/1.1 200
OK 8638314_whatsapp_compress.png
centralatendimentocx.online/index/assets/images/ 4 MB
4 MB 47ms
31ms Image
image/png 185.196.9.239
SIMPLECARRIER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://centralatendimentocx.online/index/assets/images/8638314_whatsapp_compress.png
Requested by: Host: centralatendimentocx.online
URL: http://centralatendimentocx.online/index/
Protocol: HTTP/1.1
Server: 185.196.9.239 , United States, ASN42624 (SIMPLECARRIER, US),
Reverse DNS
Software: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.2.4 /
Resource Hash: 5edac30d081073096f7d5b8e7c14841e1fc25e1488378985d058e89056943432

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://centralatendimentocx.online/index/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Sat, 11 Nov 2023 23:11:25 GMT
Last-Modified: Mon, 25 Sep 2023 13:38:35 GMT
Server: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.2.4
ETag: "3f4b33-6062f1329ccc0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 4148019

GET
H/1.1 200
OK tutorial_1.png
centralatendimentocx.online/index/assets/images/ 210 KB
210 KB 35ms
19ms Image
image/png 185.196.9.239
SIMPLECARRIER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://centralatendimentocx.online/index/assets/images/tutorial_1.png
Requested by: Host: centralatendimentocx.online
URL: http://centralatendimentocx.online/index/
Protocol: HTTP/1.1
Server: 185.196.9.239 , United States, ASN42624 (SIMPLECARRIER, US),
Reverse DNS
Software: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.2.4 /
Resource Hash: af3b21fef32af9e224f88c344c2a09554c5c5041e5a62f0dff96806ce8906995

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://centralatendimentocx.online/index/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Sat, 11 Nov 2023 23:11:25 GMT
Last-Modified: Mon, 25 Sep 2023 13:38:35 GMT
Server: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.2.4
ETag: "347d7-6062f1329ccc0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 214999

GET
H/1.1 200
OK x-volume-positiva-54-v2.png
centralatendimentocx.online/index/assets/images/ 1 KB
1 KB 35ms
19ms Image
image/png 185.196.9.239
SIMPLECARRIER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://centralatendimentocx.online/index/assets/images/x-volume-positiva-54-v2.png
Requested by: Host: centralatendimentocx.online
URL: http://centralatendimentocx.online/index/
Protocol: HTTP/1.1
Server: 185.196.9.239 , United States, ASN42624 (SIMPLECARRIER, US),
Reverse DNS
Software: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.2.4 /
Resource Hash: 311f1ab2729014aa567869f260192aa0de9283534efa405bd36d1b8d8f235270

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://centralatendimentocx.online/index/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Sat, 11 Nov 2023 23:11:25 GMT
Last-Modified: Mon, 25 Sep 2023 13:38:35 GMT
Server: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.2.4
ETag: "4a4-6062f1329ccc0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1188

GET
H/1.1 200
OK ic-acesso-informacao-54-v2.png
centralatendimentocx.online/index/assets/images/ 2 KB
2 KB 17ms
17ms Image
image/png 185.196.9.239
SIMPLECARRIER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://centralatendimentocx.online/index/assets/images/ic-acesso-informacao-54-v2.png
Requested by: Host: centralatendimentocx.online
URL: http://centralatendimentocx.online/index/
Protocol: HTTP/1.1
Server: 185.196.9.239 , United States, ASN42624 (SIMPLECARRIER, US),
Reverse DNS
Software: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.2.4 /
Resource Hash: 8651eae74447f591887264b3e8d5407f67475149f8ef903840449e10f5e35604

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://centralatendimentocx.online/index/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Sat, 11 Nov 2023 23:11:25 GMT
Last-Modified: Mon, 25 Sep 2023 13:38:35 GMT
Server: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.2.4
ETag: "6ea-6062f1329ccc0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1770

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 43ms
7ms Script
application/javascript 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: centralatendimentocx.online
URL: http://centralatendimentocx.online/index/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://centralatendimentocx.online/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 11 Nov 2023 23:11:25 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 4506185
x-cache: HIT, HIT
content-length: 30875
x-served-by: cache-lga21931-LGA, cache-fra-eddf8230134-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1699744286.536796,VS0,VE0
etag: W/"28feccc0-15d9d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 11, 2153559

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha3/dist/js/ 79 KB
24 KB 39ms
17ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha3/dist/js/bootstrap.bundle.min.js

Requested by

Host: centralatendimentocx.online
URL: http://centralatendimentocx.online/index/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea8fe021a4ace4f6786fecc418f70b658fc2dc02d136e8fe5c6ab6b62a46d5d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://centralatendimentocx.online/
Origin: http://centralatendimentocx.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 11 Nov 2023 23:11:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 75481
x-jsd-version: 5.3.0-alpha3
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230047-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"13ac2-jNeXExg3GrPRY3nfbPslSlxkn8o"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H7yqcOEIVeshwHGukARqcRv5bHaiIdtJVUnAm96wl2JD3pfttif1GZ2xtSgwgFZENion2mlH3Jnn7Fzgnucg2ubFm0Mjg6VKEDR9%2B1Y91u%2FNPcUvTT%2ByMUc8N2A3xMlHhB%2BJuYl3nBmhNGM6Hkw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 824a36d88c3071b8-FRA

GET
H2 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/ 147 KB
147 KB 22ms
21ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

698bbc8e78a9779802bf27a1b15e980cdf98ddc765366da65f97e3b7e29340a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css
Origin: http://centralatendimentocx.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 11 Nov 2023 23:11:25 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 249296
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 150124
last-modified: Mon, 27 Mar 2023 17:46:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "6421d693-24a6c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0H0CiZZp7UYjf0GWyxkov%2Bt3k76Z%2B5XgyoIdFN1tKmcAw5Jp139DIkS84AUHMRoV9VfLa5qUssY%2FwpfJ0Egs74M5Qwp%2BjKGbmhlfFLpgap%2FuVoYa5w6DuVC492nT%2BhPv7cqdn6a%2BlX1d1cYxmrp31W%2FU"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 824a36d8f9dd085d-FRA
expires: Thu, 31 Oct 2024 23:11:25 GMT

GET
H2 200 fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/ 105 KB
106 KB 34ms
33ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-brands-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

662f711374c816d7f44d93cecc0fd557871ab1363a446c07e59701f9dde9fe0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css
Origin: http://centralatendimentocx.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 11 Nov 2023 23:11:25 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 146557
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 108020
last-modified: Mon, 27 Mar 2023 17:46:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "6421d693-1a5f4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QdzmwJXFZrVIqjKfS8kMIdI2UCkTLubpdraC8pNP0aFFm2f0%2BD3WS7i9U4POEtjCsoI649MVoS9vaBU8sAX7QlhmjsuvK7QoJXAymlEgz%2F3%2B9PZVN93nSdvTVMAcbpyKRFPu5IhMKDIiSTf2v%2BeHaDBh"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 824a36d8f9de085d-FRA
expires: Thu, 31 Oct 2024 23:11:25 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Caixa (Government)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery number| uidEvent object| bootstrap

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdnjs.cloudflare.com
centralatendimentocx.online
code.jquery.com
185.196.9.239
2606:4700::6810:5614
2606:4700::6811:180e
2a04:4e42:200::649
16ee7f3d53462650bbd32e263c48c0ea759574fcf620c681ad719008912c461a
1edb1725a9ea8ca4dcf2f5508cee183218aa1685e47c1b23056717f754f58ebf
311f1ab2729014aa567869f260192aa0de9283534efa405bd36d1b8d8f235270
5edac30d081073096f7d5b8e7c14841e1fc25e1488378985d058e89056943432
662f711374c816d7f44d93cecc0fd557871ab1363a446c07e59701f9dde9fe0a
698bbc8e78a9779802bf27a1b15e980cdf98ddc765366da65f97e3b7e29340a5
714c76b566247379dbb72bc485b762433a0c5a19277f538bbb0daab84db031f7
8651eae74447f591887264b3e8d5407f67475149f8ef903840449e10f5e35604
af3b21fef32af9e224f88c344c2a09554c5c5041e5a62f0dff96806ce8906995
b594b8d833ee6135c84734924c94bd83028fbfcfa98256c17cdb4950dbddc96e
c547741d4973888d9f430629a7c626a0dc36515ef33c7b4c8bc86a73a3360160
df22f350b3aa8616d1717e2125575073d29ac5ed8886139b855a08ec8c657300
e797090f9e39147f7ea631e7e8c4c4df4a1717e258151f544d9856276393598e
ea8fe021a4ace4f6786fecc418f70b658fc2dc02d136e8fe5c6ab6b62a46d5d0
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e