libere-contratos-digital.online Open in urlscan Pro
2a02:4780:13:1296:0:f66:bc00:e Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://libere-contratos-digital.online/
Effective URL:
https://libere-contratos-digital.online/atualizar/
Submission: On May 22 via api (May 22nd 2024, 2:09:01 pm UTC) from US — Scanned from DE

Summary HTTP 19 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 19 HTTP transactions. The main IP is 2a02:4780:13:1296:0:f66:bc00:e, located in São Paulo, Brazil and belongs to AS-HOSTINGER, CY. The main domain is libere-contratos-digital.online.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on May 22nd 2024. Valid for: 3 months.

This is the only time libere-contratos-digital.online was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Caixa (Government)

Domain & IP information

	IP Address	AS Autonomous System
1 14	2a02:4780:13:... 2a02:4780:13:1296:0:f66:bc00:e	47583 (AS-HOSTINGER) (AS-HOSTINGER)
1	2a04:4e42:200... 2a04:4e42:200::649	54113 (FASTLY) (FASTLY)
4	185.245.180.142 185.245.180.142	47583 (AS-HOSTINGER) (AS-HOSTINGER)
1	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	4

14 2a02:4780:13:1296:0:f66:bc00:e (São Paulo, Brazil) 1 redirects

ASN47583 (AS-HOSTINGER, CY)

libere-contratos-digital.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.245.180.142 (São Paulo, Brazil)

ASN47583 (AS-HOSTINGER, CY)

libere-contratos-digital.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

userstatics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	libere-contratos-digital.online 1 redirects libere-contratos-digital.online	5 MB
1	userstatics.com userstatics.com — Cisco Umbrella Rank: 90025	637 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 776	31 KB
19	3

	Domain	Requested by
18	libere-contratos-digital.online	1 redirects libere-contratos-digital.online
1	userstatics.com	libere-contratos-digital.online
1	code.jquery.com	libere-contratos-digital.online
19	3

This site contains no links.

Subject Issuer	Validity	Valid
libere-contratos-digital.online ZeroSSL RSA Domain Secure Site CA	`2024-05-22` - `2024-08-20`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
userstatics.com E1	`2024-03-28` - `2024-06-26`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://libere-contratos-digital.online/atualizar/
Frame ID: 4487C0B5B69190BD8307656D7B987FD3
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Empréstimo Auxilio Brasil

Page URL History Show full URLs

https://libere-contratos-digital.online/ HTTP 302
https://libere-contratos-digital.online/atualizar/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

SweetAlert2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+?href="[^"]+sweetalert2(?:\.min)?\.css
sweetalert2(?:\.all)?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

100 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

4
IPs

3
Countries

4693 kB
Transfer

5137 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://libere-contratos-digital.online/ HTTP 302
https://libere-contratos-digital.online/atualizar/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
libere-contratos-digital.online/atualizar/
Redirect Chain

https://libere-contratos-digital.online/
https://libere-contratos-digital.online/atualizar/

10 KB
4 KB

213ms
213ms

Document
text/html

2a02:4780:13:1296:0:f66:bc00:e
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://libere-contratos-digital.online/atualizar/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:13:1296:0:f66:bc00:e São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed / PHP/8.0.30

Resource Hash

cb0fb40ee88942f52be7f7712e392bfe819dccbeccd049aa8cd296c912ab8295

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Wed, 22 May 2024 14:08:55 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
platform: hostinger
pragma: no-cache
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/8.0.30

Redirect headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: no-cache, no-store, must-revalidate, max-age=0
content-length: 0
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Wed, 22 May 2024 14:08:55 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: atualizar/
platform: hostinger
pragma: no-cache
server: LiteSpeed
x-powered-by: PHP/8.0.30

GET
H2 200 jquery-3.6.4.min.js Show response
code.jquery.com/ 88 KB
31 KB 68ms
19ms Script
application/javascript 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.4.min.js
Requested by: Host: libere-contratos-digital.online
URL: https://libere-contratos-digital.online/atualizar/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://libere-contratos-digital.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 14:08:55 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 21584736
x-cache: HIT, HIT
content-length: 31011
x-served-by: cache-lga21953-LGA, cache-fra-etou8220021-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1716386936.685636,VS0,VE0
etag: W/"28feccc0-15ec3"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 133, 56290

GET
H2 200 index.css
libere-contratos-digital.online/atualizar/css/ 3 KB
1 KB 213ms
211ms Stylesheet
text/css 2a02:4780:13:1296:0:f66:bc00:e
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://libere-contratos-digital.online/atualizar/css/index.css

Requested by

Host: libere-contratos-digital.online
URL: https://libere-contratos-digital.online/atualizar/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:13:1296:0:f66:bc00:e São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

df22f350b3aa8616d1717e2125575073d29ac5ed8886139b855a08ec8c657300

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://libere-contratos-digital.online/atualizar/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 14:08:55 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 22 May 2024 12:47:25 GMT
server: LiteSpeed
etag: "ba7-664de95d-964a650459afc17e;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 900
expires: Wed, 29 May 2024 14:08:55 GMT

GET
H2 200 bootstrap.min.css
libere-contratos-digital.online/atualizar/css/ 227 KB
27 KB 214ms
212ms Stylesheet
text/css 2a02:4780:13:1296:0:f66:bc00:e
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://libere-contratos-digital.online/atualizar/css/bootstrap.min.css

Requested by

Host: libere-contratos-digital.online
URL: https://libere-contratos-digital.online/atualizar/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:13:1296:0:f66:bc00:e São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

16ee7f3d53462650bbd32e263c48c0ea759574fcf620c681ad719008912c461a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://libere-contratos-digital.online/atualizar/
Origin: https://libere-contratos-digital.online
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 14:08:55 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 22 May 2024 12:47:25 GMT
server: LiteSpeed
etag: "38cf3-664de95d-8efb78b536361ac9;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 27179
expires: Wed, 29 May 2024 14:08:55 GMT

GET
H2 200 all.min.css
libere-contratos-digital.online/atualizar/css/ 100 KB
21 KB 214ms
213ms Stylesheet
text/css 2a02:4780:13:1296:0:f66:bc00:e
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://libere-contratos-digital.online/atualizar/css/all.min.css

Requested by

Host: libere-contratos-digital.online
URL: https://libere-contratos-digital.online/atualizar/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:13:1296:0:f66:bc00:e São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

4785b6972fb2353f0b4e7bb64ff081d2f3cbbfc555de4132b41cd9fb2faef104

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin: https://libere-contratos-digital.online
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 14:08:55 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 22 May 2024 12:47:25 GMT
server: LiteSpeed
etag: "18e4d-664de95d-e5921dbf03a4c3f;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 21555
expires: Wed, 29 May 2024 14:08:55 GMT

GET
H2 200 sweetalert2.min.css
libere-contratos-digital.online/atualizar/css/ 22 KB
4 KB 214ms
213ms Stylesheet
text/css 2a02:4780:13:1296:0:f66:bc00:e
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://libere-contratos-digital.online/atualizar/css/sweetalert2.min.css

Requested by

Host: libere-contratos-digital.online
URL: https://libere-contratos-digital.online/atualizar/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:13:1296:0:f66:bc00:e São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

b594b8d833ee6135c84734924c94bd83028fbfcfa98256c17cdb4950dbddc96e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://libere-contratos-digital.online/atualizar/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 14:08:55 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 22 May 2024 12:47:25 GMT
server: LiteSpeed
etag: "58a2-664de95d-e9954e4b77a3ea74;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 3896
expires: Wed, 29 May 2024 14:08:55 GMT

GET
H2 200 aux_brasil.png
libere-contratos-digital.online/atualizar/images/ 24 KB
24 KB 215ms
214ms Image
image/png 2a02:4780:13:1296:0:f66:bc00:e
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://libere-contratos-digital.online/atualizar/images/aux_brasil.png

Requested by

Host: libere-contratos-digital.online
URL: https://libere-contratos-digital.online/atualizar/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:13:1296:0:f66:bc00:e São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

714c76b566247379dbb72bc485b762433a0c5a19277f538bbb0daab84db031f7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://libere-contratos-digital.online/atualizar/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 14:08:55 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 22 May 2024 12:47:25 GMT
server: LiteSpeed
etag: "6157-664de95d-104d35eb82828b38;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 24919
expires: Wed, 29 May 2024 14:08:55 GMT

GET
H2 200 bolsa_familia_logo.png
libere-contratos-digital.online/atualizar/images/ 18 KB
18 KB 215ms
214ms Image
image/png 2a02:4780:13:1296:0:f66:bc00:e
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://libere-contratos-digital.online/atualizar/images/bolsa_familia_logo.png

Requested by

Host: libere-contratos-digital.online
URL: https://libere-contratos-digital.online/atualizar/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:13:1296:0:f66:bc00:e São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

c547741d4973888d9f430629a7c626a0dc36515ef33c7b4c8bc86a73a3360160

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://libere-contratos-digital.online/atualizar/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 14:08:55 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 22 May 2024 12:47:25 GMT
server: LiteSpeed
etag: "47fd-664de95d-e336b63715b36802;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 18429
expires: Wed, 29 May 2024 14:08:55 GMT

GET
H2 200 8638314_whatsapp_compress.png
libere-contratos-digital.online/atualizar/images/ 4 MB
4 MB 753ms
751ms Image
image/png 2a02:4780:13:1296:0:f66:bc00:e
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://libere-contratos-digital.online/atualizar/images/8638314_whatsapp_compress.png

Requested by

Host: libere-contratos-digital.online
URL: https://libere-contratos-digital.online/atualizar/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:13:1296:0:f66:bc00:e São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

5edac30d081073096f7d5b8e7c14841e1fc25e1488378985d058e89056943432

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://libere-contratos-digital.online/atualizar/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 14:08:55 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 22 May 2024 12:47:25 GMT
server: LiteSpeed
etag: "3f4b33-664de95d-3c8ca1795fa2ac4c;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 4148019
expires: Wed, 29 May 2024 14:08:55 GMT

GET
H2 200 tutorial_1.png
libere-contratos-digital.online/atualizar/images/ 210 KB
210 KB 753ms
752ms Image
image/png 2a02:4780:13:1296:0:f66:bc00:e
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://libere-contratos-digital.online/atualizar/images/tutorial_1.png

Requested by

Host: libere-contratos-digital.online
URL: https://libere-contratos-digital.online/atualizar/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:13:1296:0:f66:bc00:e São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

af3b21fef32af9e224f88c344c2a09554c5c5041e5a62f0dff96806ce8906995

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://libere-contratos-digital.online/atualizar/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 14:08:55 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 22 May 2024 12:47:25 GMT
server: LiteSpeed
etag: "347d7-664de95d-d2ca01e982ba4b1e;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 214999
expires: Wed, 29 May 2024 14:08:55 GMT

GET
H2 200 x-volume-positiva-54-v2.png
libere-contratos-digital.online/atualizar/images/ 1 KB
1 KB 753ms
752ms Image
image/png 2a02:4780:13:1296:0:f66:bc00:e
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://libere-contratos-digital.online/atualizar/images/x-volume-positiva-54-v2.png

Requested by

Host: libere-contratos-digital.online
URL: https://libere-contratos-digital.online/atualizar/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:13:1296:0:f66:bc00:e São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

311f1ab2729014aa567869f260192aa0de9283534efa405bd36d1b8d8f235270

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://libere-contratos-digital.online/atualizar/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 14:08:55 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 22 May 2024 12:47:25 GMT
server: LiteSpeed
etag: "4a4-664de95d-68be08ad62737a50;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 1188
expires: Wed, 29 May 2024 14:08:55 GMT

GET
H2 200 ic-acesso-informacao-54-v2.png
libere-contratos-digital.online/atualizar/images/ 2 KB
2 KB 546ms
545ms Image
image/png 2a02:4780:13:1296:0:f66:bc00:e
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://libere-contratos-digital.online/atualizar/images/ic-acesso-informacao-54-v2.png

Requested by

Host: libere-contratos-digital.online
URL: https://libere-contratos-digital.online/atualizar/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:13:1296:0:f66:bc00:e São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

8651eae74447f591887264b3e8d5407f67475149f8ef903840449e10f5e35604

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://libere-contratos-digital.online/atualizar/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 14:08:55 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 22 May 2024 12:47:25 GMT
server: LiteSpeed
etag: "6ea-664de95d-5556144d6993280f;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 1770
expires: Wed, 29 May 2024 14:08:55 GMT

GET
H2 200 sweetalert2.min.js Show response
libere-contratos-digital.online/atualizar/js/ 40 KB
13 KB 754ms
753ms Script
application/x-javascript 2a02:4780:13:1296:0:f66:bc00:e
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://libere-contratos-digital.online/atualizar/js/sweetalert2.min.js

Requested by

Host: libere-contratos-digital.online
URL: https://libere-contratos-digital.online/atualizar/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:13:1296:0:f66:bc00:e São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

254035f46a1e99ce2bb3c0bf1a19658809e8351e2a9d5f7ebc57193ee0a4cbf0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://libere-contratos-digital.online/atualizar/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 14:08:55 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 22 May 2024 12:47:26 GMT
server: LiteSpeed
etag: "a179-664de95e-ee8df64287920f06;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 12763
expires: Wed, 29 May 2024 14:08:55 GMT

GET
H2 200 bootstrap.bundle.min.js Show response
libere-contratos-digital.online/atualizar/js/ 79 KB
22 KB 754ms
753ms Script
application/x-javascript 2a02:4780:13:1296:0:f66:bc00:e
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://libere-contratos-digital.online/atualizar/js/bootstrap.bundle.min.js

Requested by

Host: libere-contratos-digital.online
URL: https://libere-contratos-digital.online/atualizar/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:13:1296:0:f66:bc00:e São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

a23bc241647e57f561aef14b09c3e9c6ea14caf2358278cc725eeb179b303ea3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://libere-contratos-digital.online/atualizar/
Origin: https://libere-contratos-digital.online
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 14:08:55 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 22 May 2024 12:47:26 GMT
server: LiteSpeed
etag: "13b4d-664de95e-7b5d11e623d5ad96;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 22397
expires: Wed, 29 May 2024 14:08:55 GMT

GET
H3 200 fa-solid-900.woff2
libere-contratos-digital.online/atualizar/fonts/ 147 KB
147 KB 215ms
214ms Font
application/font-woff2 185.245.180.142
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://libere-contratos-digital.online/atualizar/fonts/fa-solid-900.woff2

Requested by

Host: libere-contratos-digital.online
URL: https://libere-contratos-digital.online/atualizar/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

185.245.180.142 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

7152a6933ee3d690ec2af3d09da9d701723d16aa3410a6d80f28ff8866f3b880

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://libere-contratos-digital.online/atualizar/css/all.min.css
Origin: https://libere-contratos-digital.online
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 14:08:56 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 22 May 2024 12:47:25 GMT
server: LiteSpeed
etag: "24a6c-664de95d-ba3be8fe362c5a36;;;"
content-type: application/font-woff2
accept-ranges: bytes
platform: hostinger
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 150124

GET
H3 200 fa-brands-400.woff2
libere-contratos-digital.online/atualizar/fonts/ 105 KB
106 KB 625ms
625ms Font
application/font-woff2 185.245.180.142
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://libere-contratos-digital.online/atualizar/fonts/fa-brands-400.woff2

Requested by

Host: libere-contratos-digital.online
URL: https://libere-contratos-digital.online/atualizar/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

185.245.180.142 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

748332090c4b8e20f95d0ff59f0be20fa9c889359d3b36d4b886d73376054207

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://libere-contratos-digital.online/atualizar/css/all.min.css
Origin: https://libere-contratos-digital.online
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 14:08:56 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 22 May 2024 12:47:25 GMT
server: LiteSpeed
etag: "1a5f4-664de95d-d36abce3145058de;;;"
content-type: application/font-woff2
accept-ranges: bytes
platform: hostinger
content-length: 108020

POST
H3 200 online.php Show response
libere-contratos-digital.online/atualizar/ 0
122 B 482ms
482ms Fetch
text/html 185.245.180.142
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://libere-contratos-digital.online/atualizar/online.php

Requested by

Host: libere-contratos-digital.online
URL: https://libere-contratos-digital.online/atualizar/

Protocol

Security

QUIC, , AES_128_GCM

Server

185.245.180.142 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed / PHP/8.0.30

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://libere-contratos-digital.online/atualizar/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 22 May 2024 14:08:56 GMT
content-security-policy: upgrade-insecure-requests
server: LiteSpeed
x-powered-by: PHP/8.0.30
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
platform: hostinger
content-length: 0
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 script.js Show response
userstatics.com/get/ 133 B
637 B 144ms
77ms Script
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userstatics.com/get/script.js?referrer=https://libere-contratos-digital.online/atualizar/
Requested by: Host: libere-contratos-digital.online
URL: https://libere-contratos-digital.online/atualizar/js/bootstrap.bundle.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.2.1
Resource Hash: df9690fea031319de38a437cb6d393026c4aae70642ed394c4254ed64f035b26

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://libere-contratos-digital.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 14:08:57 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/8.2.1
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: text/html; charset=utf-8
access-control-allow-origin: https://libere-contratos-digital.online
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U3iIwo%2BpuIbAG5WRhy5Vn6R9eri8vOqYCumFTY1Fbeg0BvS6%2F2J2psqajLTeTfpV4gib90Jy9v7OfoLWJ8ObintV80MEtyt4voOkhDaRTaCPqXKbj33NnQoeOTHsRyZcZdc%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 887d61992ea137ca-FRA
access-control-allow-headers: X-Requested-With,content-type
alt-svc: h3=":443"; ma=86400

GET
H3 200 caixa_tem.png
libere-contratos-digital.online/atualizar/ 9 KB
9 KB 220ms
219ms Other
image/png 185.245.180.142
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://libere-contratos-digital.online/atualizar/caixa_tem.png

Protocol

Security

QUIC, , AES_128_GCM

Server

185.245.180.142 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

5ba7b24088ced5ffe836b6ccb3256a298ae314fa39370d81660f900617f3519a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://libere-contratos-digital.online/atualizar/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 14:08:58 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 22 May 2024 12:47:22 GMT
server: LiteSpeed
etag: "2471-664de95a-eea5f05175825b47;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 9329
expires: Wed, 29 May 2024 14:08:58 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Caixa (Government)

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			libere-contratos-digital.online/atualizar	1970-01-20 20:47:06	Name: PHPREFS Value: full
			libere-contratos-digital.online/	1969-12-31 23:59:59	Name: PHPSESSID Value: hskfvivk9j3atpd5np1u4fssu1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
libere-contratos-digital.online
userstatics.com
185.245.180.142
188.114.97.3
2a02:4780:13:1296:0:f66:bc00:e
2a04:4e42:200::649
16ee7f3d53462650bbd32e263c48c0ea759574fcf620c681ad719008912c461a
254035f46a1e99ce2bb3c0bf1a19658809e8351e2a9d5f7ebc57193ee0a4cbf0
311f1ab2729014aa567869f260192aa0de9283534efa405bd36d1b8d8f235270
4785b6972fb2353f0b4e7bb64ff081d2f3cbbfc555de4132b41cd9fb2faef104
5ba7b24088ced5ffe836b6ccb3256a298ae314fa39370d81660f900617f3519a
5edac30d081073096f7d5b8e7c14841e1fc25e1488378985d058e89056943432
714c76b566247379dbb72bc485b762433a0c5a19277f538bbb0daab84db031f7
7152a6933ee3d690ec2af3d09da9d701723d16aa3410a6d80f28ff8866f3b880
748332090c4b8e20f95d0ff59f0be20fa9c889359d3b36d4b886d73376054207
8651eae74447f591887264b3e8d5407f67475149f8ef903840449e10f5e35604
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af
a23bc241647e57f561aef14b09c3e9c6ea14caf2358278cc725eeb179b303ea3
af3b21fef32af9e224f88c344c2a09554c5c5041e5a62f0dff96806ce8906995
b594b8d833ee6135c84734924c94bd83028fbfcfa98256c17cdb4950dbddc96e
c547741d4973888d9f430629a7c626a0dc36515ef33c7b4c8bc86a73a3360160
cb0fb40ee88942f52be7f7712e392bfe819dccbeccd049aa8cd296c912ab8295
df22f350b3aa8616d1717e2125575073d29ac5ed8886139b855a08ec8c657300
df9690fea031319de38a437cb6d393026c4aae70642ed394c4254ed64f035b26
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

libere-contratos-digital.online Open in urlscan Pro 2a02:4780:13:1296:0:f66:bc00:e Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

19 Requests

100 %HTTPS

50 %IPv6

3 Domains

3 Subdomains

4 IPs

3 Countries

4693 kBTransfer

5137 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

12 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

libere-contratos-digital.online Open in urlscan Pro
2a02:4780:13:1296:0:f66:bc00:e Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

100 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

4
IPs

3
Countries

4693 kB
Transfer

5137 kB
Size

2
Cookies

19 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!