resgateseusponto.tv Open in urlscan Pro
2a06:98c1:3120::3  Malicious Activity! Public Scan

Submitted URL: http://resgateaqui.net/
Effective URL: https://resgateseusponto.tv/webApps_AplicationHome.php?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b15775987172829...
Submission: On July 09 via automatic, source openphish — Scanned from DE

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 21 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is resgateseusponto.tv.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 8th 2022. Valid for: a year.
This is the only time resgateseusponto.tv was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Banco Bradesco (Banking)

Domain & IP information

IP Address AS Autonomous System
2 2 2606:4700:303... 13335 (CLOUDFLAR...)
2 21 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
21 2
Apex Domain
Subdomains
Transfer
21 resgateseusponto.tv
resgateseusponto.tv
291 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 307
171 KB
2 resgateaqui.net
resgateaqui.net
1 KB
21 3
Domain Requested by
21 resgateseusponto.tv 2 redirects resgateseusponto.tv
2 ajax.googleapis.com resgateseusponto.tv
2 resgateaqui.net 2 redirects
21 3

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-07-08 -
2023-07-07
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh

This page contains 2 frames:

Primary Page: https://resgateseusponto.tv/webApps_AplicationHome.php?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6
Frame ID: 067F85AF9442239505E5AD6DB91B8034
Requests: 17 HTTP requests in this frame

Frame: https://resgateseusponto.tv/iframes/index.php
Frame ID: 903A9C753EFA285F30C5E856C5BFCCE3
Requests: 4 HTTP requests in this frame

Screenshot

Page Title

Banco Bradesco | Pessoa FĂ­sica, Exclusive, Prime e Private

Page URL History Show full URLs

  1. http://resgateaqui.net/ HTTP 301
    https://resgateaqui.net/ HTTP 302
    http://resgateseusponto.tv/index4.php?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b1577598717... HTTP 301
    https://resgateseusponto.tv/index4.php?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b1577598717... HTTP 302
    https://resgateseusponto.tv/@/0yBu48vUYgYZNJONEjZtuEGSr4/?tipoCliente=fisico&segmento=emp&pk_vid=db4b285... Page URL
  2. https://resgateseusponto.tv/webApps_AplicationHome.php?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

21
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

460 kB
Transfer

892 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://resgateaqui.net/ HTTP 301
    https://resgateaqui.net/ HTTP 302
    http://resgateseusponto.tv/index4.php?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6 HTTP 301
    https://resgateseusponto.tv/index4.php?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6 HTTP 302
    https://resgateseusponto.tv/@/0yBu48vUYgYZNJONEjZtuEGSr4/?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6 Page URL
  2. https://resgateseusponto.tv/webApps_AplicationHome.php?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://resgateaqui.net/ HTTP 301
  • https://resgateaqui.net/ HTTP 302
  • http://resgateseusponto.tv/index4.php?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6 HTTP 301
  • https://resgateseusponto.tv/index4.php?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6 HTTP 302
  • https://resgateseusponto.tv/@/0yBu48vUYgYZNJONEjZtuEGSr4/?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6

21 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
resgateseusponto.tv/@/0yBu48vUYgYZNJONEjZtuEGSr4/
Redirect Chain
  • http://resgateaqui.net/
  • https://resgateaqui.net/
  • http://resgateseusponto.tv/index4.php?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6
  • https://resgateseusponto.tv/index4.php?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6
  • https://resgateseusponto.tv/@/0yBu48vUYgYZNJONEjZtuEGSr4/?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6
933 B
826 B
Document
General
Full URL
https://resgateseusponto.tv/@/0yBu48vUYgYZNJONEjZtuEGSr4/?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.29
Resource Hash
41d1f271960fdb67c362141f5e4046d01da5ab1ece758f3b8d72a296397918ad

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
72814b5fef1159ef-MXP
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 09 Jul 2022 13:09:30 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P3WX7j%2BtCk5JITHIb6gj8Y%2BEsOPYgP%2BjycS9oCbRX7WtCxg3iZYEfHHuMdbp0jirm94gRg%2F1YK4lgiN11RPNAYs7C7lPaGDJ5i67jk7ZqXcs77SNmLbnB53m52yFHxuKrwG5ubjM68coFufGKK1h3SqP"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.29

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
72814b5e7c9059ef-MXP
content-type
text/html; charset=UTF-8
date
Sat, 09 Jul 2022 13:09:30 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
./@/0yBu48vUYgYZNJONEjZtuEGSr4/?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VVnf7CtV2P57oPnW%2FheS0nXnYERR%2FnAQEmzWQ6bkGaW2L%2BDk%2Bad3A6wXXJuGrJz2JeJzpjZTb4spFqNjJbg8JMEzwGq%2BM%2FEep3Hl9gJCwTNxgHljc%2Bl4rKXc9jNTRA1JSlYvGIaec25yMgrzDzVJtJMG"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.29
bootstrap.css
resgateseusponto.tv/css/
183 KB
24 KB
Stylesheet
General
Full URL
https://resgateseusponto.tv/css/bootstrap.css
Requested by
Host: resgateseusponto.tv
URL: https://resgateseusponto.tv/@/0yBu48vUYgYZNJONEjZtuEGSr4/?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c15647da5e2cc4fb6bc79881eb7d9da33ceb139678ab96c3417e752173000ba6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://resgateseusponto.tv/@/0yBu48vUYgYZNJONEjZtuEGSr4/?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 09 Jul 2022 13:09:30 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 26 Apr 2021 17:14:36 GMT
server
cloudflare
etag
W/"2daf6-5c0e347b2b490"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CiEUC7sQ6DILpQ%2FOQLWTMJuS%2FwXo0bS9%2F5Yw4rNrBN%2FZbxWCwQsZCgBs80z2ZuuQqNY8l83PCe9YZxFMHgRlhcvOJIG2Qt06500w1RCQ70JPCOMn8RoCGqapHvKw87mL%2BXsXJWIw%2FcjwYAZJt1liDNko"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
72814b60b9c083a6-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
mobile.css
resgateseusponto.tv/css/
2 KB
1 KB
Stylesheet
General
Full URL
https://resgateseusponto.tv/css/mobile.css
Requested by
Host: resgateseusponto.tv
URL: https://resgateseusponto.tv/@/0yBu48vUYgYZNJONEjZtuEGSr4/?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f084adc53b8936342bfb25c0e2b0c253b47ef8a60bf0666ddc8cce33f0d203ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://resgateseusponto.tv/@/0yBu48vUYgYZNJONEjZtuEGSr4/?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 09 Jul 2022 13:09:30 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 26 Apr 2021 17:14:36 GMT
server
cloudflare
etag
W/"82c-5c0e347ac256d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fXnaU6Okl9j2fSD2p4%2BGNF8SV6wF3IVoFWwGrRTkTzMi5LdcvPMcjf8CDVZ9%2Fz0Kh2srrelpjIoSWgLHIzNg1nAGRlyI6v40HPAuhHz9j4aZDiBjnmuNaujgDj4YZ9Ek967BUkjs7OtkT79%2FdVC1W6qf"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
72814b60b9c283a6-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
logo.png
resgateseusponto.tv/img/
44 KB
45 KB
Image
General
Full URL
https://resgateseusponto.tv/img/logo.png
Requested by
Host: resgateseusponto.tv
URL: https://resgateseusponto.tv/@/0yBu48vUYgYZNJONEjZtuEGSr4/?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e42bacf23fa281ab8254f137a05d99e47215bb979b837b9272e18e966806b718

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://resgateseusponto.tv/@/0yBu48vUYgYZNJONEjZtuEGSr4/?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 09 Jul 2022 13:09:30 GMT
cf-cache-status
MISS
last-modified
Mon, 26 Apr 2021 17:14:38 GMT
server
cloudflare
etag
"b1e6-5c0e347d1cc3e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DBnH%2BcO3cxWxeGWbfossHA6uK7999ycz0hhhuElJ4IK7Q%2Fy49BJInAxEvwdTOdlUMrO%2F0zbPaTMZFu2FbEbY5fkcDwJTs0QX8M55seRyzCDMZwiabHjgAM%2FdDYptZbDdujsRYrvSJr9ICBTSMnIJ%2F65s"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
72814b60d9e983a6-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45542
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/
85 KB
86 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: resgateseusponto.tv
URL: https://resgateseusponto.tv/@/0yBu48vUYgYZNJONEjZtuEGSr4/?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://resgateseusponto.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 09 Jul 2022 12:42:50 GMT
x-content-type-options
nosniff
age
1600
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
86927
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 09 Jul 2023 12:42:50 GMT
bootstrap.js
resgateseusponto.tv/js/
116 KB
22 KB
Script
General
Full URL
https://resgateseusponto.tv/js/bootstrap.js
Requested by
Host: resgateseusponto.tv
URL: https://resgateseusponto.tv/@/0yBu48vUYgYZNJONEjZtuEGSr4/?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d23e23341dd9ede31799ec9c3cf354c05b51a227ce4f8b8ae3d4409d5d36fb5e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://resgateseusponto.tv/@/0yBu48vUYgYZNJONEjZtuEGSr4/?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 09 Jul 2022 13:09:30 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 26 Apr 2021 17:14:41 GMT
server
cloudflare
etag
W/"1d09e-5c0e347ff8023"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=URLugJ%2BoXywX7aTPtYZ1baY%2FDEBK8YWo8Ljv%2BRecPdHVC6DkIr3rYujsOeUyKqcyizmpsdQBjNzn8zKNrSEGJUA6gd6fX4LNMiZTBenTHgQdZNBZF86rJjR63IUayrnsfGc6YIsFQgc48qFKIUWOTLRA"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
72814b60d9e583a6-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
padrao_mk.js
resgateseusponto.tv/js/
2 KB
1 KB
Script
General
Full URL
https://resgateseusponto.tv/js/padrao_mk.js
Requested by
Host: resgateseusponto.tv
URL: https://resgateseusponto.tv/@/0yBu48vUYgYZNJONEjZtuEGSr4/?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1441dd1b788acd480830a9ed0611e7169cdc4d571c8e30c167bc04bcb3cd7b15

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://resgateseusponto.tv/@/0yBu48vUYgYZNJONEjZtuEGSr4/?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 09 Jul 2022 13:09:30 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 26 Apr 2021 17:14:40 GMT
server
cloudflare
etag
W/"796-5c0e347f2edd9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TaYrPHT%2Bt%2BH0GSOpbO7%2BdeSwQ2lCFPkE7bdzRfR77LJVUXO930RdUa%2FxkCtxp7b9ZLyh%2B4BR7OFiC535FTFZbAU9VFHygPhGDI3E%2BXD1m0NqYP26DlqDavrB1nfJso7Gko%2Bbhs0Bkm6amD%2BTuYZxiVAn"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
72814b60d9e683a6-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Primary Request webApps_AplicationHome.php
resgateseusponto.tv/
4 KB
2 KB
Document
General
Full URL
https://resgateseusponto.tv/webApps_AplicationHome.php?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.29
Resource Hash
181d327623ab9c71f407ccad13910f9b39c0895950f6997619a6ea2be4750500

Request headers

Referer
https://resgateseusponto.tv/@/0yBu48vUYgYZNJONEjZtuEGSr4/?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
72814b712f5683a6-MXP
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 09 Jul 2022 13:09:33 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kmmculj9gQpW7AL57nX3eY0LHf7fsntr4ucI%2Bgnni81waGdeex6gH4Jq2NXEQ8cFGkc5gHgMu0JSMwso6mJ4tlznxksHeceh0UexKb5FW5e3u4BXWocJPjuacyJk2EIYlL52B9Kj5QtlE6M0GXdMIgaE"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.29
bootstrap.css
resgateseusponto.tv/css/
142 KB
22 KB
Stylesheet
General
Full URL
https://resgateseusponto.tv/css/bootstrap.css
Requested by
Host: resgateseusponto.tv
URL: https://resgateseusponto.tv/webApps_AplicationHome.php?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ef915b307b4e7d5d5b26fff9b2264bb4f64628a326ad7fc33ffcfb6e3855577

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://resgateseusponto.tv/webApps_AplicationHome.php?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 09 Jul 2022 13:09:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3
cf-polished
origSize=187126
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 26 Apr 2021 17:14:36 GMT
server
cloudflare
etag
W/"2daf6-5c0e347b2b490"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ntcrHxxqSqvtfo06DIYa7QugPEkbgzXorN2BJCspq4V1yVm4hFxD%2F9cxgNBiFqJOzw%2Fxa1dW7r1TO7%2BADK%2BqZrJNeMFcL9xDr8d6Qt8aUQRhbf436tjjGdgk%2BjrSn%2FKYYjMhoEhlVnqMXCog6OCGH2d6"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
72814b729a1283a6-MXP
cf-bgj
minify
mobile.css
resgateseusponto.tv/css/
1 KB
1 KB
Stylesheet
General
Full URL
https://resgateseusponto.tv/css/mobile.css
Requested by
Host: resgateseusponto.tv
URL: https://resgateseusponto.tv/webApps_AplicationHome.php?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86cd1db5064c5b368454c8faf7c8ddf2f63450d6757c5f9f85aa8bc1af856619

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://resgateseusponto.tv/webApps_AplicationHome.php?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 09 Jul 2022 13:09:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3
cf-polished
origSize=2092
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 26 Apr 2021 17:14:36 GMT
server
cloudflare
etag
W/"82c-5c0e347ac256d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z81P8oPLcEca382cqIDFYcLW6uQXqjRrob6iRr26AS8rkSZHkNp3zboMZwHm92fJaTb9JEzzqaT3ltLqY6k89KtUz2nuThQCKZ8YMQwlbQIS9xWrlD%2FV4p9KxmKMitXMpMFLa1z6m13h89YYFrUsBdIg"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
72814b729a1683a6-MXP
cf-bgj
minify
valida_conta.js
resgateseusponto.tv/js/
6 KB
2 KB
Script
General
Full URL
https://resgateseusponto.tv/js/valida_conta.js
Requested by
Host: resgateseusponto.tv
URL: https://resgateseusponto.tv/webApps_AplicationHome.php?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e2f830b3f67f08849e8282448c06c7a68aaa8f9b1a21b425e1975c2fc0bbba2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://resgateseusponto.tv/webApps_AplicationHome.php?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 09 Jul 2022 13:09:33 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 26 Apr 2021 17:14:40 GMT
server
cloudflare
etag
W/"16b3-5c0e347f2a78e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=erY%2FphPtMDqFA0itfDN61nuNFudRpQxve%2BXtqTzI6DK6wmQZjo%2BvCqEKeeThkGus2rNEG2ZWMH%2Fw%2BxOsrx0U2cy6wj%2Fnjylr1xANpdjqeFOfI4MP1ZQByX1fTaurudZRAaACx0zY5rvxlCJsGrKuP2fr"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
72814b729a1983a6-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
avatar.png
resgateseusponto.tv/img/
85 KB
86 KB
Image
General
Full URL
https://resgateseusponto.tv/img/avatar.png
Requested by
Host: resgateseusponto.tv
URL: https://resgateseusponto.tv/webApps_AplicationHome.php?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d56aa7eac91cbca507270424934d6df39592f6705ec5d2ca984ffc76cae4f988

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://resgateseusponto.tv/webApps_AplicationHome.php?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 09 Jul 2022 13:09:33 GMT
cf-cache-status
MISS
last-modified
Mon, 26 Apr 2021 17:14:40 GMT
server
cloudflare
etag
"154f1-5c0e347ee69f8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1EgN5TMIeGZ021AQVFl6EvAJwYeszPykOa4kVm9pZSm1MzxTfoBNFylo4Prh7306ZfHNLpoFROK41o60FiLY80tJsHROyOLf%2Bai2Dq%2Fs%2Fo4a3IR50afrI3rNUSSW%2B%2F6HQVbHGy6Pva3vyTzPwOC5b87G"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
72814b735b6583a6-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
87281
rodape.jpg
resgateseusponto.tv/img/
5 KB
6 KB
Image
General
Full URL
https://resgateseusponto.tv/img/rodape.jpg
Requested by
Host: resgateseusponto.tv
URL: https://resgateseusponto.tv/webApps_AplicationHome.php?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc788d3fcbf31d5ccf53d50b147658f6e7b16b67c4d69490b745c0e31913e375

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://resgateseusponto.tv/webApps_AplicationHome.php?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 09 Jul 2022 13:09:33 GMT
cf-cache-status
MISS
last-modified
Mon, 26 Apr 2021 17:14:38 GMT
server
cloudflare
etag
"153d-5c0e347cd7455"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DIuEasyjGOH2uDpLAqDGUf1WZSriGT2yXr4jk862pgDsifP3ngn22gRX1VS%2BYnbfxeoKX8SbJCy0w2OXgJg%2FvBcnUKzgcS2P%2Fm9ZDouRpcfIDBbTswV1cXASLfq3YyZ5J62XUAGGnUvGIj57kE7sp0Yo"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
72814b740ccc83a6-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5437
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/
85 KB
85 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: resgateseusponto.tv
URL: https://resgateseusponto.tv/webApps_AplicationHome.php?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://resgateseusponto.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 09 Jul 2022 12:42:50 GMT
x-content-type-options
nosniff
age
1603
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
86927
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 09 Jul 2023 12:42:50 GMT
bootstrap.js
resgateseusponto.tv/js/
73 KB
17 KB
Script
General
Full URL
https://resgateseusponto.tv/js/bootstrap.js
Requested by
Host: resgateseusponto.tv
URL: https://resgateseusponto.tv/webApps_AplicationHome.php?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0ec17cb1cfc64850eefa1486739b402ce266968121d20c25b5049aa8192f308

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://resgateseusponto.tv/webApps_AplicationHome.php?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 09 Jul 2022 13:09:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3
cf-polished
origSize=118942
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 26 Apr 2021 17:14:41 GMT
server
cloudflare
etag
W/"1d09e-5c0e347ff8023"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f7mIH3EpgvB%2FmZXOYxLcXWtmsSXdLr3mfY77w2dReCv97UtblSwNzXYsBmzBtetVxGN09PpUYL%2Fv%2F9xeuGq6ewKy7FD4SGpt%2FNDexYoQ7bvQLmhcvEPVUlsCh8uVbYIZPju%2BkKusS8ciWs6wyYz%2BOEqO"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
72814b72fac883a6-MXP
cf-bgj
minify
padrao_mk.js
resgateseusponto.tv/js/
1 KB
1 KB
Script
General
Full URL
https://resgateseusponto.tv/js/padrao_mk.js
Requested by
Host: resgateseusponto.tv
URL: https://resgateseusponto.tv/webApps_AplicationHome.php?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27d8a772131eadb8e1d92c6347da074ce571d6da3a7294988a4c9d4522384e66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://resgateseusponto.tv/webApps_AplicationHome.php?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 09 Jul 2022 13:09:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3
cf-polished
origSize=1942
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 26 Apr 2021 17:14:40 GMT
server
cloudflare
etag
W/"796-5c0e347f2edd9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NxJFEcIHJFNvzmDus3PDP3gjxlbd3KZH6IyVE3RC4ciEDiXYxIH1Wh8Z6bzCZn9xoiZulDDUm4LmQd%2B0zuZR%2F8m%2BeXl5vB6%2FN3k3ig%2F9PUXvg%2B8TSE4UhQZizw7Ozfdn3c7Q4EWnpSZnkTTj6rRboxe%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
72814b732b1a83a6-MXP
cf-bgj
minify
index.php
resgateseusponto.tv/iframes/ Frame 903A
1 KB
1 KB
Document
General
Full URL
https://resgateseusponto.tv/iframes/index.php
Requested by
Host: resgateseusponto.tv
URL: https://resgateseusponto.tv/webApps_AplicationHome.php?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.29
Resource Hash
9042e127a2381abd8cf27ce1d0eb4422073f6c14c83b18b72eba2afd5c479316

Request headers

Referer
https://resgateseusponto.tv/webApps_AplicationHome.php?tipoCliente=fisico&segmento=emp&pk_vid=db4b285e4b875c5b157759871728298d&v=2.13.6
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
72814b740cce83a6-MXP
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 09 Jul 2022 13:09:33 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nohd4LIYy75zGYds3k24XL8vN2JYQat7qlc5GkIPU0yC0qlhrr7CNebZmHbgwfWkcN4ueiu4eIyGjhGKSyH0YXHFjW9ZKhy4KhDdFQ1YeWkUuBI16usLSYMiy2JyzjlZ51zJ1ffZrekFE7xg%2Bzs23OYa"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.29
btnEnviar.jpg
resgateseusponto.tv/img/
56 KB
57 KB
Image
General
Full URL
https://resgateseusponto.tv/img/btnEnviar.jpg
Requested by
Host: resgateseusponto.tv
URL: https://resgateseusponto.tv/css/mobile.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9b5c8aaf06e5425599e5f71022a4b93705d0f469c60011b2ec7fefcf06a656e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://resgateseusponto.tv/css/mobile.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 09 Jul 2022 13:09:33 GMT
cf-cache-status
MISS
last-modified
Mon, 26 Apr 2021 17:14:40 GMT
server
cloudflare
etag
"e017-5c0e347ebf545"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oTjA1pRcSIT1vsmPySrxoL4ZhroFPyGrzczI0gZtI1IkFmkdMkivVr29ToSgBmhnqJg3fbRej7nqSKjhYhLN3o3huwpvqRFhNggDiS0gR6YJBY%2B%2FUQTbbIX1PjDvv06Djn6OTyKl%2B9%2FOC%2BSshKqkncI%2F"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
72814b741ce383a6-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
57367
bootstrap.min.css
resgateseusponto.tv/bootstrap/css/ Frame 903A
0
0
Stylesheet
General
Full URL
https://resgateseusponto.tv/bootstrap/css/bootstrap.min.css
Requested by
Host: resgateseusponto.tv
URL: https://resgateseusponto.tv/iframes/index.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://resgateseusponto.tv/iframes/index.php
Origin
https://resgateseusponto.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 09 Jul 2022 13:09:33 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M5gOlvrSRYTKvlrFxTv1k%2Bf8AF%2BAZUodM%2FcHbuTK%2BUBHRsETM66BkuZv4AexIa%2FXQQglSxdIeVM3WM%2Bj4kWzZzgZeJoybUFTjaauDmPn2YEpr4r30OQQpmfUyz8M4aSaIMKEyO47JvSTMBA2KcaqL%2BXt"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
72814b74de6c83a6-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
bootstrap-theme.min.css
resgateseusponto.tv/bootstrap/css/ Frame 903A
0
0
Stylesheet
General
Full URL
https://resgateseusponto.tv/bootstrap/css/bootstrap-theme.min.css
Requested by
Host: resgateseusponto.tv
URL: https://resgateseusponto.tv/iframes/index.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://resgateseusponto.tv/iframes/index.php
Origin
https://resgateseusponto.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 09 Jul 2022 13:09:33 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OZmCUoMajUi9MCVq9SZQUaPhDx3EztCdY3qgbN%2F8LP9vpRp7Y4OEFp0LP39I4iTurx%2B7UAJLBAUWQ24BBiD8YkhQ7Mcbnv2cEVNTw62C48yrm5kHrF39OseULbrwjDt4C2GA3vagibQSEHTjCUu%2FZW3T"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
72814b74de6e83a6-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
bootstrap.min.js
resgateseusponto.tv/bootstrap/js/ Frame 903A
0
0
Script
General
Full URL
https://resgateseusponto.tv/bootstrap/js/bootstrap.min.js
Requested by
Host: resgateseusponto.tv
URL: https://resgateseusponto.tv/iframes/index.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://resgateseusponto.tv/iframes/index.php
Origin
https://resgateseusponto.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 09 Jul 2022 13:09:33 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QUnHYu9%2BRLfYo%2FJFfQz15T61H8pPEieLcFx%2FcTWsTn282B%2Fwm86VNmAKkaj%2FLy8DlQUforaRtZDVKZ%2FvlVnrgdaBmigTnyG%2B9Ercqfn4g%2Fli3SzWFwlgy1UGZq3u3Quxjyuc%2BafT9FgEIc%2BaIb779gOr"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
72814b74de7283a6-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banco Bradesco (Banking)

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| Apenas_Numeros function| VerificaLogin function| ValidaLogin function| ValidaDigito function| Verificar function| checa_agencia function| seguranca_b function| ProcuraObjeto function| controle function| lyrVisual function| mOut function| onMouseOut undefined| tempo number| ns number| ie string| oldId function| ssa function| $ function| jQuery object| bootstrap function| mascaraMike function| pulacampo function| SomenteNumero

2 Cookies

Domain/Path Name / Value
resgateaqui.net/ Name: PHPSESSID
Value: 1e8leq92rdnh1eujgpkjdhdglv
resgateseusponto.tv/ Name: PHPSESSID
Value: 4f110ho7silf93seh3utfc2q1r

3 Console Messages

Source Level URL
Text
network error URL: https://resgateseusponto.tv/bootstrap/css/bootstrap.min.css
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://resgateseusponto.tv/bootstrap/css/bootstrap-theme.min.css
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://resgateseusponto.tv/bootstrap/js/bootstrap.min.js
Message:
Failed to load resource: the server responded with a status of 404 ()