junkride.sk Open in urlscan Pro
37.9.175.15 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://junkride.sk/sincronismo-30horas/mobile/operadorPJ.php
Submission: On February 20 via automatic, source openphish (February 20th 2019, 12:47:20 pm UTC)

Summary HTTP 16 Redirects Links 4 Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 16 HTTP transactions. The main IP is 37.9.175.15, located in Slovakia and belongs to WEBSUPPORT-SRO-SK-AS, SK. The main domain is junkride.sk.
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on April 5th 2018. Valid for: a year.

This is the only time junkride.sk was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Banco Itau (Banking)

Domain & IP information

	IP Address		AS Autonomous System
13	37.9.175.15 37.9.175.15		51013 (WEBSUPPOR...) (WEBSUPPORT-SRO-SK-AS)
3	2a00:1450:400... 2a00:1450:4001:815::2008		15169 (GOOGLE) (GOOGLE - Google LLC)
16	2

13 37.9.175.15 (Slovakia)

ASN51013 (WEBSUPPORT-SRO-SK-AS, SK)
PTR: 15.175.9.37.in-addr.arpa.websupport.sk

junkride.sk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:815::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	junkride.sk junkride.sk	67 KB
3	google-analytics.com ssl.google-analytics.com	17 KB
16	2

	Domain	Requested by
13	junkride.sk	junkride.sk
3	ssl.google-analytics.com	junkride.sk
16	2

This site contains links to these domains. Also see Links.

Domain
ww70.itau.com.br
itau.mobi
www.youtube.com

Subject Issuer	Validity	Valid
junkride.sk COMODO RSA Domain Validation Secure Server CA	`2018-04-05` - `2019-04-05`	a year	crt.sh
*.google-analytics.com Google Internet Authority G3	`2019-01-29` - `2019-04-23`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://junkride.sk/sincronismo-30horas/mobile/operadorPJ.php
Frame ID: 0B4750463BF7BD0E6A196E54E6583C45
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Lua (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

OpenResty (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

Page Statistics

16
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

84 kB
Transfer

164 kB
Size

5
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://ww70.itau.com.br/M/atendimento.aspx?92A78B8589C3227C3FCFDEA5FD76674698F26B8EA2EA153351319BA9E294B976
Title: Telefones

Search URL Search Domain Scan URL

URL: http://itau.mobi/iph/plus/rede_atendimento/rede_agencias_nm.jsp
Title: Agências

Search URL Search Domain Scan URL

URL: http://itau.mobi/iph/plus/rede_atendimento/rede_caixas_nm.jsp
Title: Caixas eletrônicos

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=A9NOdR6Co44

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request operadorPJ.php Show response
junkride.sk/sincronismo-30horas/mobile/ 16 KB
4 KB 96ms
95ms Document
text/html 37.9.175.15
WEBSUPPORT-SRO-SK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://junkride.sk/sincronismo-30horas/mobile/operadorPJ.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.9.175.15 , Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS: 15.175.9.37.in-addr.arpa.websupport.sk
Software: openresty /
Resource Hash: da18a94f13b9000d8ff6025564cac21c3cfcbdb81a9cf323ea4c2a110e033b5f

Request headers

:method: GET
:authority: junkride.sk
:scheme: https
:path: /sincronismo-30horas/mobile/operadorPJ.php
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
server: openresty
date: Wed, 20 Feb 2019 12:47:04 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding Accept-Encoding
cache-control: max-age=0
expires: Wed, 20 Feb 2019 12:47:04 GMT
content-encoding: gzip

GET
H2 200 ga.js Show response
junkride.sk/sincronismo-30horas/mobile/indexjuridica_files/ 42 KB
16 KB 30ms
25ms Script
application/javascript 37.9.175.15
WEBSUPPORT-SRO-SK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://junkride.sk/sincronismo-30horas/mobile/indexjuridica_files/ga.js
Requested by: Host: junkride.sk
URL: https://junkride.sk/sincronismo-30horas/mobile/operadorPJ.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.9.175.15 , Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS: 15.175.9.37.in-addr.arpa.websupport.sk
Software: openresty /
Resource Hash: 752cbe5428983d2cc4e20933b2df4e298aeae6b833d3d800854808e291afd0ed

Request headers

:path: /sincronismo-30horas/mobile/indexjuridica_files/ga.js
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: junkride.sk
referer: https://junkride.sk/sincronismo-30horas/mobile/operadorPJ.php
:scheme: https
:method: GET
Referer: https://junkride.sk/sincronismo-30horas/mobile/operadorPJ.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Feb 2019 12:47:04 GMT
content-encoding: gzip
last-modified: Wed, 21 Mar 2018 20:56:58 GMT
server: openresty
vary: Accept-Encoding Accept-Encoding
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 16085
expires: Thu, 20 Feb 2020 12:08:58 GMT

GET
H2 200 iphone.css
junkride.sk/sincronismo-30horas/mobile/indexjuridica_files/ 18 KB
3 KB 28ms
25ms Stylesheet
text/css 37.9.175.15
WEBSUPPORT-SRO-SK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://junkride.sk/sincronismo-30horas/mobile/indexjuridica_files/iphone.css
Requested by: Host: junkride.sk
URL: https://junkride.sk/sincronismo-30horas/mobile/operadorPJ.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.9.175.15 , Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS: 15.175.9.37.in-addr.arpa.websupport.sk
Software: openresty /
Resource Hash: 1e784f42d95ca5d2412850d12fe807457b0bf9cb5a2ae3ad32ad541c3e4df403

Request headers

:path: /sincronismo-30horas/mobile/indexjuridica_files/iphone.css
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: junkride.sk
referer: https://junkride.sk/sincronismo-30horas/mobile/operadorPJ.php
:scheme: https
:method: GET
Referer: https://junkride.sk/sincronismo-30horas/mobile/operadorPJ.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Feb 2019 12:47:04 GMT
content-encoding: gzip
last-modified: Wed, 21 Mar 2018 20:56:58 GMT
server: openresty
vary: Accept-Encoding Accept-Encoding
content-type: text/css; charset=utf-8
status: 200
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 2581
expires: Thu, 20 Feb 2020 12:08:58 GMT

GET
H2 200 logo_nm.png
junkride.sk/sincronismo-30horas/mobile/indexjuridica_files/ 2 KB
2 KB 27ms
26ms Image
image/png 37.9.175.15
WEBSUPPORT-SRO-SK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://junkride.sk/sincronismo-30horas/mobile/indexjuridica_files/logo_nm.png
Requested by: Host: junkride.sk
URL: https://junkride.sk/sincronismo-30horas/mobile/operadorPJ.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.9.175.15 , Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS: 15.175.9.37.in-addr.arpa.websupport.sk
Software: openresty /
Resource Hash: ae8ca0b1e556590744a23369628450ef36d5eeea9e5e728216321b0fe405a8a1

Request headers

:path: /sincronismo-30horas/mobile/indexjuridica_files/logo_nm.png
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: junkride.sk
referer: https://junkride.sk/sincronismo-30horas/mobile/operadorPJ.php
:scheme: https
:method: GET
Referer: https://junkride.sk/sincronismo-30horas/mobile/operadorPJ.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Feb 2019 12:47:04 GMT
last-modified: Wed, 21 Mar 2018 20:56:58 GMT
server: openresty
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=10368000, public
accept-ranges: bytes
content-length: 2334
expires: Thu, 20 Jun 2019 12:08:58 GMT

GET
H2 200 unic_iph.png
junkride.sk/sincronismo-30horas/mobile/indexjuridica_files/ 3 KB
3 KB 34ms
32ms Image
image/png 37.9.175.15
WEBSUPPORT-SRO-SK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://junkride.sk/sincronismo-30horas/mobile/indexjuridica_files/unic_iph.png
Requested by: Host: junkride.sk
URL: https://junkride.sk/sincronismo-30horas/mobile/operadorPJ.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.9.175.15 , Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS: 15.175.9.37.in-addr.arpa.websupport.sk
Software: openresty /
Resource Hash: 9c80a7786bf3d054fedc63d09b6fb5c3a3d4261674883000a16bf0e25be73bfa

Request headers

:path: /sincronismo-30horas/mobile/indexjuridica_files/unic_iph.png
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: junkride.sk
referer: https://junkride.sk/sincronismo-30horas/mobile/operadorPJ.php
:scheme: https
:method: GET
Referer: https://junkride.sk/sincronismo-30horas/mobile/operadorPJ.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Feb 2019 12:47:04 GMT
last-modified: Wed, 21 Mar 2018 20:56:58 GMT
server: openresty
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=10368000, public
accept-ranges: bytes
content-length: 3354
expires: Thu, 20 Jun 2019 12:08:58 GMT

GET
H2 200 30_nm.png
junkride.sk/sincronismo-30horas/mobile/indexjuridica_files/ 3 KB
3 KB 34ms
32ms Image
image/png 37.9.175.15
WEBSUPPORT-SRO-SK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://junkride.sk/sincronismo-30horas/mobile/indexjuridica_files/30_nm.png
Requested by: Host: junkride.sk
URL: https://junkride.sk/sincronismo-30horas/mobile/operadorPJ.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.9.175.15 , Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS: 15.175.9.37.in-addr.arpa.websupport.sk
Software: openresty /
Resource Hash: 9427c81ebe21d9d2319268b33dbe73cc552762478010ac4750a8b45b5185b7e8

Request headers

:path: /sincronismo-30horas/mobile/indexjuridica_files/30_nm.png
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: junkride.sk
referer: https://junkride.sk/sincronismo-30horas/mobile/operadorPJ.php
:scheme: https
:method: GET
Referer: https://junkride.sk/sincronismo-30horas/mobile/operadorPJ.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Feb 2019 12:47:04 GMT
last-modified: Wed, 21 Mar 2018 20:56:58 GMT
server: openresty
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=10368000, public
accept-ranges: bytes
content-length: 3252
expires: Thu, 20 Jun 2019 12:08:58 GMT

GET
H2 200 Mascaras.js Show response
junkride.sk/sincronismo-30horas/mobile/indexjuridica_files/ 489 B
421 B 35ms
32ms Script
application/javascript 37.9.175.15
WEBSUPPORT-SRO-SK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://junkride.sk/sincronismo-30horas/mobile/indexjuridica_files/Mascaras.js
Requested by: Host: junkride.sk
URL: https://junkride.sk/sincronismo-30horas/mobile/operadorPJ.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.9.175.15 , Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS: 15.175.9.37.in-addr.arpa.websupport.sk
Software: openresty /
Resource Hash: 7d8c166a62f81d3df8ff78645ea309267c9e6a15cfa3d8f9af19627409e5c63e

Request headers

:path: /sincronismo-30horas/mobile/indexjuridica_files/Mascaras.js
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: junkride.sk
referer: https://junkride.sk/sincronismo-30horas/mobile/operadorPJ.php
:scheme: https
:method: GET
Referer: https://junkride.sk/sincronismo-30horas/mobile/operadorPJ.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Feb 2019 12:47:04 GMT
content-encoding: gzip
last-modified: Wed, 21 Mar 2018 20:56:58 GMT
server: openresty
vary: Accept-Encoding Accept-Encoding
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 178
expires: Thu, 20 Feb 2020 12:16:23 GMT

GET
H2 200 bt-ok.png
junkride.sk/sincronismo-30horas/mobile/indexjuridica_files/ 4 KB
5 KB 49ms
24ms Image
image/png 37.9.175.15
WEBSUPPORT-SRO-SK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://junkride.sk/sincronismo-30horas/mobile/indexjuridica_files/bt-ok.png
Requested by: Host: junkride.sk
URL: https://junkride.sk/sincronismo-30horas/mobile/operadorPJ.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.9.175.15 , Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS: 15.175.9.37.in-addr.arpa.websupport.sk
Software: openresty /
Resource Hash: 75d8fcc07c45dd1d9419cc11bd3d55e00153b9f348a8e7d804133b88dad832cf

Request headers

:path: /sincronismo-30horas/mobile/indexjuridica_files/bt-ok.png
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: junkride.sk
referer: https://junkride.sk/sincronismo-30horas/mobile/operadorPJ.php
:scheme: https
:method: GET
Referer: https://junkride.sk/sincronismo-30horas/mobile/operadorPJ.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Feb 2019 12:47:04 GMT
last-modified: Wed, 21 Mar 2018 20:56:58 GMT
server: openresty
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=10368000, public
accept-ranges: bytes
content-length: 4573
expires: Thu, 20 Jun 2019 12:16:23 GMT

GET
H2 200 spacer.gif
junkride.sk/sincronismo-30horas/mobile/indexjuridica_files/ 45 B
238 B 37ms
25ms Image
image/gif 37.9.175.15
WEBSUPPORT-SRO-SK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://junkride.sk/sincronismo-30horas/mobile/indexjuridica_files/spacer.gif
Requested by: Host: junkride.sk
URL: https://junkride.sk/sincronismo-30horas/mobile/operadorPJ.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.9.175.15 , Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS: 15.175.9.37.in-addr.arpa.websupport.sk
Software: openresty /
Resource Hash: e0f8dceb516151e70891cb4ed02aac4b5800b37c13d8328a35919472efe0f93e

Request headers

:path: /sincronismo-30horas/mobile/indexjuridica_files/spacer.gif
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: junkride.sk
referer: https://junkride.sk/sincronismo-30horas/mobile/operadorPJ.php
:scheme: https
:method: GET
Referer: https://junkride.sk/sincronismo-30horas/mobile/operadorPJ.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Feb 2019 12:47:04 GMT
last-modified: Wed, 21 Mar 2018 20:56:58 GMT
server: openresty
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=10368000, public
accept-ranges: bytes
content-length: 45
expires: Thu, 20 Jun 2019 12:16:23 GMT

GET
H2 200 seta_laranja.png
junkride.sk/sincronismo-30horas/mobile/indexjuridica_files/ 2 KB
3 KB 38ms
27ms Image
image/png 37.9.175.15
WEBSUPPORT-SRO-SK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://junkride.sk/sincronismo-30horas/mobile/indexjuridica_files/seta_laranja.png
Requested by: Host: junkride.sk
URL: https://junkride.sk/sincronismo-30horas/mobile/operadorPJ.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.9.175.15 , Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS: 15.175.9.37.in-addr.arpa.websupport.sk
Software: openresty /
Resource Hash: 56de049a54da6dd29c04507dfe38e70fca4d53ee7a95cde26d3a35183250a598

Request headers

:path: /sincronismo-30horas/mobile/indexjuridica_files/seta_laranja.png
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: junkride.sk
referer: https://junkride.sk/sincronismo-30horas/mobile/operadorPJ.php
:scheme: https
:method: GET
Referer: https://junkride.sk/sincronismo-30horas/mobile/operadorPJ.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Feb 2019 12:47:04 GMT
last-modified: Wed, 21 Mar 2018 20:56:58 GMT
server: openresty
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=10368000, public
accept-ranges: bytes
content-length: 2538
expires: Thu, 20 Jun 2019 12:16:23 GMT

GET
H2 200 banner_empresas.gif
junkride.sk/sincronismo-30horas/mobile/indexjuridica_files/ 19 KB
19 KB 33ms
27ms Image
image/gif 37.9.175.15
WEBSUPPORT-SRO-SK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://junkride.sk/sincronismo-30horas/mobile/indexjuridica_files/banner_empresas.gif
Requested by: Host: junkride.sk
URL: https://junkride.sk/sincronismo-30horas/mobile/operadorPJ.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.9.175.15 , Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS: 15.175.9.37.in-addr.arpa.websupport.sk
Software: openresty /
Resource Hash: 0919527911c254a8590b27cfa1598260ff85c09a8e814f691e575578013711b9

Request headers

:path: /sincronismo-30horas/mobile/indexjuridica_files/banner_empresas.gif
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: junkride.sk
referer: https://junkride.sk/sincronismo-30horas/mobile/operadorPJ.php
:scheme: https
:method: GET
Referer: https://junkride.sk/sincronismo-30horas/mobile/operadorPJ.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Feb 2019 12:47:04 GMT
last-modified: Wed, 21 Mar 2018 20:56:58 GMT
server: openresty
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=10368000, public
accept-ranges: bytes
content-length: 19341
expires: Thu, 20 Jun 2019 12:16:23 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:815::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: junkride.sk
URL: https://junkride.sk/sincronismo-30horas/mobile/operadorPJ.php

Protocol

H2

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:815::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://junkride.sk/sincronismo-30horas/mobile/operadorPJ.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 16 Jan 2019 20:01:45 GMT
server: Golfe2
age: 421
date: Wed, 20 Feb 2019 12:40:03 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 17168
expires: Wed, 20 Feb 2019 14:40:03 GMT

GET
H2 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
101 B 22ms
21ms Image
image/gif 2a00:1450:4001:815::2008
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1036279653&utmhn=junkride.sk&utme=8(Aplicativo*Experiencia)9(NOT_APP%2Fmozilla%205.0%20%20windows%20nt%2010.0%20%20wow64%20%20applewebkit%20537.36%20%20khtml%20%20like%20gecko%20%20chrome%2049.0.2623.110%20safari%20537.36*TOUCH_2)11(2*2)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Ita%EF%BF%BD%2030%20horas&utmhid=419753595&utmr=-&utmp=%2FLoginPJ&utmht=1550666825014&utmac=UA-31857808-7&utmcc=__utma%3D77429774.1213915660.1550666825.1550666825.1550666825.1%3B%2B__utmz%3D77429774.1550666825.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=370242452&utmredir=1&utmu=qQCAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: junkride.sk
URL: https://junkride.sk/sincronismo-30horas/mobile/operadorPJ.php

Protocol

H2

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:815::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://junkride.sk/sincronismo-30horas/mobile/operadorPJ.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Feb 2019 12:47:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bg_iph_nm.png
junkride.sk/sincronismo-30horas/mobile/indexjuridica_files/ 137 B
331 B 28ms
27ms Image
image/png 37.9.175.15
WEBSUPPORT-SRO-SK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://junkride.sk/sincronismo-30horas/mobile/indexjuridica_files/bg_iph_nm.png
Requested by: Host: junkride.sk
URL: https://junkride.sk/sincronismo-30horas/mobile/operadorPJ.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.9.175.15 , Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS: 15.175.9.37.in-addr.arpa.websupport.sk
Software: openresty /
Resource Hash: 64209cefcfb52144c70227b9ae34b0760fa128c4ae6280a25e9a6917b7f61393

Request headers

:path: /sincronismo-30horas/mobile/indexjuridica_files/bg_iph_nm.png
pragma: no-cache
cookie: __utma=77429774.1213915660.1550666825.1550666825.1550666825.1; __utmc=77429774; __utmz=77429774.1550666825.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=77429774.1.10.1550666825
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: junkride.sk
referer: https://junkride.sk/sincronismo-30horas/mobile/operadorPJ.php
:scheme: https
:method: GET
Referer: https://junkride.sk/sincronismo-30horas/mobile/operadorPJ.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Feb 2019 12:47:05 GMT
last-modified: Wed, 21 Mar 2018 20:56:58 GMT
server: openresty
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=10368000, public
accept-ranges: bytes
content-length: 137
expires: Thu, 20 Jun 2019 12:08:59 GMT

GET
H2 200 __utm.gif
ssl.google-analytics.com/ 35 B
99 B 7ms
7ms Image
image/gif 2a00:1450:4001:815::2008
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=1523580989&utmhn=junkride.sk&utmt=event&utme=5(Comportamento*Login_PJ*Touch_Codigo_Operador)8(Aplicativo*Experiencia)9(NOT_APP%2Fmozilla%205.0%20%20windows%20nt%2010.0%20%20wow64%20%20applewebkit%20537.36%20%20khtml%20%20like%20gecko%20%20chrome%2049.0.2623.110%20safari%20537.36*TOUCH_2)11(2*2)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Ita%EF%BF%BD%2030%20horas&utmhid=419753595&utmr=-&utmp=%2Fsincronismo-30horas%2Fmobile%2FoperadorPJ.php&utmht=1550666825135&utmac=UA-31857808-7&utmcc=__utma%3D77429774.1213915660.1550666825.1550666825.1550666825.1%3B%2B__utmz%3D77429774.1550666825.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=6QCAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: junkride.sk
URL: https://junkride.sk/sincronismo-30horas/mobile/operadorPJ.php

Protocol

H2

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:815::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://junkride.sk/sincronismo-30horas/mobile/operadorPJ.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Jan 2019 23:43:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2207015
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ItauLogo.png
junkride.sk/sincronismo-30horas/mobile/indexjuridica_files/ 7 KB
8 KB 54ms
53ms Image
image/png 37.9.175.15
WEBSUPPORT-SRO-SK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://junkride.sk/sincronismo-30horas/mobile/indexjuridica_files/ItauLogo.png
Requested by: Host: junkride.sk
URL: https://junkride.sk/sincronismo-30horas/mobile/operadorPJ.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.9.175.15 , Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS: 15.175.9.37.in-addr.arpa.websupport.sk
Software: openresty /
Resource Hash: 7b6793adb9c95b47b80451f3665a58b4713f7427d640b99bb03c3d3a25a06778

Request headers

:path: /sincronismo-30horas/mobile/indexjuridica_files/ItauLogo.png
pragma: no-cache
cookie: __utma=77429774.1213915660.1550666825.1550666825.1550666825.1; __utmc=77429774; __utmz=77429774.1550666825.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=77429774.2.9.1550666825
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: junkride.sk
referer: https://junkride.sk/sincronismo-30horas/mobile/operadorPJ.php
:scheme: https
:method: GET
Referer: https://junkride.sk/sincronismo-30horas/mobile/operadorPJ.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Feb 2019 12:47:05 GMT
last-modified: Wed, 21 Mar 2018 20:56:58 GMT
server: openresty
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=10368000, public
accept-ranges: bytes
content-length: 7592
expires: Thu, 20 Jun 2019 12:16:23 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banco Itau (Banking)

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask string| autenticado boolean| isIPad object| _gaq object| _gat object| gaGlobal function| PostToDic function| post_to_url function| autoTab function| getIndex function| DefineVersaoTokenApp function| ExisteApp function| RetornaDadosTokenAplicativo function| RetornaSerieTokenAplicativo function| DesabilitaDefTecnoUsuario undefined| theForm function| __doPostBack function| DesabilitaPesFisica function| Mascara

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.junkride.sk/	1970-01-18 22:44:28	Name: __utmb Value: 77429774.2.9.1550666825
			.junkride.sk/	1970-01-18 22:44:27	Name: __utmt Value: 1
			.junkride.sk/	1970-01-19 03:07:14	Name: __utmz Value: 77429774.1550666825.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
			.junkride.sk/	1969-12-31 23:59:59	Name: __utmc Value: 77429774
			.junkride.sk/	1970-01-19 16:15:38	Name: __utma Value: 77429774.1213915660.1550666825.1550666825.1550666825.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

junkride.sk
ssl.google-analytics.com
2a00:1450:4001:815::2008
37.9.175.15
0919527911c254a8590b27cfa1598260ff85c09a8e814f691e575578013711b9
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1e784f42d95ca5d2412850d12fe807457b0bf9cb5a2ae3ad32ad541c3e4df403
56de049a54da6dd29c04507dfe38e70fca4d53ee7a95cde26d3a35183250a598
64209cefcfb52144c70227b9ae34b0760fa128c4ae6280a25e9a6917b7f61393
752cbe5428983d2cc4e20933b2df4e298aeae6b833d3d800854808e291afd0ed
75d8fcc07c45dd1d9419cc11bd3d55e00153b9f348a8e7d804133b88dad832cf
7b6793adb9c95b47b80451f3665a58b4713f7427d640b99bb03c3d3a25a06778
7d8c166a62f81d3df8ff78645ea309267c9e6a15cfa3d8f9af19627409e5c63e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
9427c81ebe21d9d2319268b33dbe73cc552762478010ac4750a8b45b5185b7e8
9c80a7786bf3d054fedc63d09b6fb5c3a3d4261674883000a16bf0e25be73bfa
ae8ca0b1e556590744a23369628450ef36d5eeea9e5e728216321b0fe405a8a1
da18a94f13b9000d8ff6025564cac21c3cfcbdb81a9cf323ea4c2a110e033b5f
e0f8dceb516151e70891cb4ed02aac4b5800b37c13d8328a35919472efe0f93e