resgateseusponto.tv
Open in
urlscan Pro
2a06:98c1:3120::3
Malicious Activity!
Public Scan
Effective URL: https://resgateseusponto.tv/webApps_AplicationHome.php?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b15775987172829...
Submission: On July 09 via automatic, source openphish — Scanned from DE
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 8th 2022. Valid for: a year.
This is the only time resgateseusponto.tv was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Banco Bradesco (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 2 | 2606:4700:303... 2606:4700:3032::ac43:b6d5 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 21 | 2a06:98c1:312... 2a06:98c1:3120::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2a00:1450:400... 2a00:1450:4001:80f::200a | 15169 (GOOGLE) (GOOGLE) | |
21 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
21 |
resgateseusponto.tv
2 redirects
resgateseusponto.tv |
291 KB |
2 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 307 |
171 KB |
2 |
resgateaqui.net
2 redirects
resgateaqui.net |
1 KB |
21 | 3 |
Domain | Requested by | |
---|---|---|
21 | resgateseusponto.tv |
2 redirects
resgateseusponto.tv
|
2 | ajax.googleapis.com |
resgateseusponto.tv
|
2 | resgateaqui.net | 2 redirects |
21 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-07-08 - 2023-07-07 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-06-06 - 2022-08-29 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://resgateseusponto.tv/webApps_AplicationHome.php?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6
Frame ID: 067F85AF9442239505E5AD6DB91B8034
Requests: 17 HTTP requests in this frame
Frame:
https://resgateseusponto.tv/iframes/index.php
Frame ID: 903A9C753EFA285F30C5E856C5BFCCE3
Requests: 4 HTTP requests in this frame
Screenshot
Page Title
Banco Bradesco | Pessoa FĂsica, Exclusive, Prime e PrivatePage URL History Show full URLs
-
http://resgateaqui.net/
HTTP 301
https://resgateaqui.net/ HTTP 302
http://resgateseusponto.tv/index4.php?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b1577598717... HTTP 301
https://resgateseusponto.tv/index4.php?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b1577598717... HTTP 302
https://resgateseusponto.tv/@/0yBu48vUYgYZNJONEjZtuEGSr4/?tipoCliente=fisico&segmento=emp&pk_vid=db4b285... Page URL
- https://resgateseusponto.tv/webApps_AplicationHome.php?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b... Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
Bootstrap (Web Frameworks) Expand
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://resgateaqui.net/
HTTP 301
https://resgateaqui.net/ HTTP 302
http://resgateseusponto.tv/index4.php?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6 HTTP 301
https://resgateseusponto.tv/index4.php?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6 HTTP 302
https://resgateseusponto.tv/@/0yBu48vUYgYZNJONEjZtuEGSr4/?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6 Page URL
- https://resgateseusponto.tv/webApps_AplicationHome.php?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://resgateaqui.net/ HTTP 301
- https://resgateaqui.net/ HTTP 302
- http://resgateseusponto.tv/index4.php?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6 HTTP 301
- https://resgateseusponto.tv/index4.php?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6 HTTP 302
- https://resgateseusponto.tv/@/0yBu48vUYgYZNJONEjZtuEGSr4/?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6
21 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
resgateseusponto.tv/@/0yBu48vUYgYZNJONEjZtuEGSr4/ Redirect Chain
|
933 B 826 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bootstrap.css
resgateseusponto.tv/css/ |
183 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
mobile.css
resgateseusponto.tv/css/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo.png
resgateseusponto.tv/img/ |
44 KB 45 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ |
85 KB 86 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bootstrap.js
resgateseusponto.tv/js/ |
116 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
padrao_mk.js
resgateseusponto.tv/js/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Primary Request
webApps_AplicationHome.php
resgateseusponto.tv/ |
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bootstrap.css
resgateseusponto.tv/css/ |
142 KB 22 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
mobile.css
resgateseusponto.tv/css/ |
1 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
valida_conta.js
resgateseusponto.tv/js/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
avatar.png
resgateseusponto.tv/img/ |
85 KB 86 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
rodape.jpg
resgateseusponto.tv/img/ |
5 KB 6 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ |
85 KB 85 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bootstrap.js
resgateseusponto.tv/js/ |
73 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
padrao_mk.js
resgateseusponto.tv/js/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
index.php
resgateseusponto.tv/iframes/ Frame 903A |
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
btnEnviar.jpg
resgateseusponto.tv/img/ |
56 KB 57 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bootstrap.min.css
resgateseusponto.tv/bootstrap/css/ Frame 903A |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bootstrap-theme.min.css
resgateseusponto.tv/bootstrap/css/ Frame 903A |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bootstrap.min.js
resgateseusponto.tv/bootstrap/js/ Frame 903A |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Banco Bradesco (Banking)32 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| Apenas_Numeros function| VerificaLogin function| ValidaLogin function| ValidaDigito function| Verificar function| checa_agencia function| seguranca_b function| ProcuraObjeto function| controle function| lyrVisual function| mOut function| onMouseOut undefined| tempo number| ns number| ie string| oldId function| ssa function| $ function| jQuery object| bootstrap function| mascaraMike function| pulacampo function| SomenteNumero2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
resgateaqui.net/ | Name: PHPSESSID Value: 1e8leq92rdnh1eujgpkjdhdglv |
|
resgateseusponto.tv/ | Name: PHPSESSID Value: 4f110ho7silf93seh3utfc2q1r |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
resgateaqui.net
resgateseusponto.tv
2606:4700:3032::ac43:b6d5
2a00:1450:4001:80f::200a
2a06:98c1:3120::3
1441dd1b788acd480830a9ed0611e7169cdc4d571c8e30c167bc04bcb3cd7b15
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
181d327623ab9c71f407ccad13910f9b39c0895950f6997619a6ea2be4750500
1ef915b307b4e7d5d5b26fff9b2264bb4f64628a326ad7fc33ffcfb6e3855577
27d8a772131eadb8e1d92c6347da074ce571d6da3a7294988a4c9d4522384e66
41d1f271960fdb67c362141f5e4046d01da5ab1ece758f3b8d72a296397918ad
6e2f830b3f67f08849e8282448c06c7a68aaa8f9b1a21b425e1975c2fc0bbba2
86cd1db5064c5b368454c8faf7c8ddf2f63450d6757c5f9f85aa8bc1af856619
9042e127a2381abd8cf27ce1d0eb4422073f6c14c83b18b72eba2afd5c479316
a9b5c8aaf06e5425599e5f71022a4b93705d0f469c60011b2ec7fefcf06a656e
b0ec17cb1cfc64850eefa1486739b402ce266968121d20c25b5049aa8192f308
c15647da5e2cc4fb6bc79881eb7d9da33ceb139678ab96c3417e752173000ba6
cc788d3fcbf31d5ccf53d50b147658f6e7b16b67c4d69490b745c0e31913e375
d23e23341dd9ede31799ec9c3cf354c05b51a227ce4f8b8ae3d4409d5d36fb5e
d56aa7eac91cbca507270424934d6df39592f6705ec5d2ca984ffc76cae4f988
e42bacf23fa281ab8254f137a05d99e47215bb979b837b9272e18e966806b718
f084adc53b8936342bfb25c0e2b0c253b47ef8a60bf0666ddc8cce33f0d203ce