urlscan.io logo urlscan.io
SecurityTrails logo

suportecaixa.org Open in urlscan Pro
172.67.175.102  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://v1.portaltermails.com/?bradesco
Effective URL: https://suportecaixa.org/portal/html/empresa/
Submission: On December 14 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 15 HTTP transactions. The main IP is 172.67.175.102, located in United States and belongs to CLOUDFLARENET, US. The main domain is suportecaixa.org.
TLS certificate: Issued by WE1 on November 11th 2024. Valid for: 3 months.
This is the only time suportecaixa.org was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Cloudflare (Online)

Domain & IP information

IP Address AS Autonomous System
2 6 172.67.182.156 13335 (CLOUDFLAR...)
11 172.67.175.102 13335 (CLOUDFLAR...)
15 2
Apex Domain
Subdomains		 Transfer
11 suportecaixa.org
suportecaixa.org
140 KB
6 portaltermails.com
v1.portaltermails.com
10 KB
15 2
Domain Requested by
11 suportecaixa.org suportecaixa.org
6 v1.portaltermails.com 2 redirects v1.portaltermails.com
15 2

This site contains no links.

Subject Issuer Validity Valid
portaltermails.com
WE1		 2024-12-08 -
2025-03-08		 3 months crt.sh
suportecaixa.org
WE1		 2024-11-11 -
2025-02-09		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://suportecaixa.org/portal/html/empresa/
Frame ID: 003B6932F3CC789705E6C24E31C376F3
Requests: 6 HTTP requests in this frame

Frame: https://suportecaixa.org/portal/html/empresa/aprovar.php
Frame ID: E29BF42B4745043E016E132774841371
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Empresas

Page URL History Show full URLs

  1. http://v1.portaltermails.com/?bradesco HTTP 307
    https://v1.portaltermails.com/?bradesco Page URL
  2. https://v1.portaltermails.com/cdn-cgi/phish-bypass?atok=XPRY0bx8AVK_7ICl0Lqo6AlHcW1oXmEm.qLPKbN3TdU-173414... HTTP 301
    https://v1.portaltermails.com/?bradesco HTTP 302
    https://suportecaixa.org/portal/html/empresa/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

15
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

149 kB
Transfer

409 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://v1.portaltermails.com/?bradesco HTTP 307
    https://v1.portaltermails.com/?bradesco Page URL
  2. https://v1.portaltermails.com/cdn-cgi/phish-bypass?atok=XPRY0bx8AVK_7ICl0Lqo6AlHcW1oXmEm.qLPKbN3TdU-1734148807-0.0.1.1-%2F%3Fbradesco HTTP 301
    https://v1.portaltermails.com/?bradesco HTTP 302
    https://suportecaixa.org/portal/html/empresa/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://v1.portaltermails.com/?bradesco HTTP 307
  • https://v1.portaltermails.com/?bradesco

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
v1.portaltermails.com/
Redirect Chain
  • http://v1.portaltermails.com/?bradesco
  • https://v1.portaltermails.com/?bradesco
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://v1.portaltermails.com/?bradesco
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.182.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7ecdc885abc1efdf33631ac6b539e250f8218f5c447102667538b045e09b0ce
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

cf-ray
8f1b4901be344c1a-MIA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 14 Dec 2024 04:00:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BDTEGjVdqQHEnuKOMvClLJaDCEH6UdifMpCV4Md5inrp7eBmqVoKeimAspmAraUr9%2FXZiu%2FLYVP3rTSjduEj4BAOhSUcQAWYRwSD%2F1avMn7AZLLB9pnFm7oFxKfalfyLExmJmtI0c4E%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN

Redirect headers

Location
https://v1.portaltermails.com/?bradesco
Non-Authoritative-Reason
HttpsUpgrades
cf.errors.css
v1.portaltermails.com/cdn-cgi/styles/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://v1.portaltermails.com/cdn-cgi/styles/cf.errors.css
Requested by
Host: v1.portaltermails.com
URL: https://v1.portaltermails.com/?bradesco
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.182.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://v1.portaltermails.com/?bradesco

Response headers

vary
Accept-Encoding
cache-control
max-age=7200, public
content-encoding
gzip
etag
W/"67531899-5df3"
x-content-type-options
nosniff
cf-ray
8f1b49022eb24c1a-MIA
expires
Sat, 14 Dec 2024 06:00:08 GMT
date
Sat, 14 Dec 2024 04:00:08 GMT
content-type
text/css
last-modified
Fri, 06 Dec 2024 15:30:33 GMT
server
cloudflare
x-frame-options
DENY
icon-exclamation.png
v1.portaltermails.com/cdn-cgi/images/ 		452 B
635 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v1.portaltermails.com/cdn-cgi/images/icon-exclamation.png?1376755637
Requested by
Host: v1.portaltermails.com
URL: https://v1.portaltermails.com/cdn-cgi/styles/cf.errors.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.182.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://v1.portaltermails.com/cdn-cgi/styles/cf.errors.css

Response headers

vary
Accept-Encoding
cache-control
max-age=7200, public
etag
"67531899-1c4"
x-content-type-options
nosniff
cf-ray
8f1b49027ef44c1a-MIA
expires
Sat, 14 Dec 2024 06:00:08 GMT
accept-ranges
bytes
content-length
452
date
Sat, 14 Dec 2024 04:00:08 GMT
content-type
image/png
last-modified
Fri, 06 Dec 2024 15:30:33 GMT
server
cloudflare
x-frame-options
DENY
favicon.ico
v1.portaltermails.com/ 		4 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://v1.portaltermails.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.182.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea20c2316a96eec4ed5dddfc8bb487a99637683e512c6654b3febcf03836de28
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://v1.portaltermails.com/?bradesco

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G4m%2Bvi4M6PM2as%2BL%2FXdEpFgp9Cl6KHl4qM%2BHugGXwGSgJSp2CeBuSbMb4jW84HTTOgz0LfD2D4zUcSUnpGhR%2BrMVm%2FE1pe1o2sT5rifGFhP%2FOXIOSpzdQP3TQrs1PFVRwzBwvl2k0Fc%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f1b4902af894c1a-MIA
date
Sat, 14 Dec 2024 04:00:08 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
x-frame-options
SAMEORIGIN
Primary Request /
suportecaixa.org/portal/html/empresa/
Redirect Chain
  • https://v1.portaltermails.com/cdn-cgi/phish-bypass?atok=XPRY0bx8AVK_7ICl0Lqo6AlHcW1oXmEm.qLPKbN3TdU-1734148807-0.0.1.1-%2F%3Fbradesco
  • https://v1.portaltermails.com/?bradesco
  • https://suportecaixa.org/portal/html/empresa/
245 B
866 B 		Document
General
Check archive.org
Download Go to
Full URL
https://suportecaixa.org/portal/html/empresa/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.175.102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
929d76955a8e1ced958976ce8782b8b9f9dc15411acf8ab901c01a58c00d6137

Request headers

Referer
https://v1.portaltermails.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f1b491d3e384c2b-MIA
content-encoding
zstd
content-type
text/html
date
Sat, 14 Dec 2024 04:00:12 GMT
last-modified
Sun, 12 Nov 2023 20:55:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3wKYw%2BvBFIKEoXeyoMT7OF7RFnXrwrA6DgWc1wgltO9ciCfq%2B1%2FVmVOFKHlEfuQdjo2dKCFxcUe8cxfKV7KC3CfdXPG3SRZL%2B%2FlIQvx5PVmWlsjKbanzidXpXJkNm0V5fSMk"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=31015&min_rtt=30803&rtt_var=5069&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4169&recv_bytes=4540&delivery_rate=501&cwnd=12000&unsent_bytes=0&cid=bcec5364fbea3d9e&ts=131&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f1b491b9e6d4c1a-MIA
content-type
text/html; charset=UTF-8
date
Sat, 14 Dec 2024 04:00:12 GMT
location
https://suportecaixa.org/portal/html/empresa/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pMSNbfq7TucCOfqrMb%2FKioFqA1EvJU5rvf23nYxJanUFwyvT%2B%2F5%2B9UyHW3yXqZY1W8lfvlrl6LIm9WW9ZxFagiMcmZ40eaAEHUmmFDI24rJJw4NJA2mAOKItbJ%2FVThImtfqXQQeT0KQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=32905&min_rtt=30786&rtt_var=2139&sent=29&recv=21&lost=0&retrans=0&sent_bytes=14797&recv_bytes=6982&delivery_rate=516&cwnd=12000&unsent_bytes=0&cid=fc0ac7b3dee30ea6&ts=4350&x=1" cfExtPri cfHdrFlush;dur=0
aprovar.php
suportecaixa.org/portal/html/empresa/ Frame E29B 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://suportecaixa.org/portal/html/empresa/aprovar.php
Requested by
Host: suportecaixa.org
URL: https://suportecaixa.org/portal/html/empresa/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.175.102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b61ae717fdb199c87de1e68e95e0171753f3508fc49df5314af845f9c2e76ce9

Request headers

Referer
https://suportecaixa.org/portal/html/empresa/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f1b491e5f2c4c2b-MIA
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Sat, 14 Dec 2024 04:00:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ju84GZj0UHmJb4Ei%2B44XJUWoabbN5xNXFKH9sEDAsrH1eQm6yAcrWvrscKVTmsBmLHQo9iR7Mh%2FaFREbd5fdPR4XgNF2OGaS7%2FEgD2yF2U1lORpkcyRp4oKrFk7zCopHE04V"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=30994&min_rtt=30803&rtt_var=3844&sent=15&recv=12&lost=0&retrans=0&sent_bytes=5106&recv_bytes=5038&delivery_rate=29591&cwnd=12000&unsent_bytes=0&cid=bcec5364fbea3d9e&ts=736&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
loading.gif
suportecaixa.org/portal/html/empresa/images/ Frame E29B 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://suportecaixa.org/portal/html/empresa/images/loading.gif
Requested by
Host: suportecaixa.org
URL: https://suportecaixa.org/portal/html/empresa/aprovar.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.175.102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b28604c7e478ef48a7c1f3554e64d72aa69438a9ec15cea40e1cd661dc74f432

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://suportecaixa.org/portal/html/empresa/aprovar.php

Response headers

cf-cache-status
REVALIDATED
etag
"8a91-5d1499fb7e480"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n3h6d%2BGk7%2BthX%2BXNWsYatQ8Tm%2Bt4dGsrWrAU5sQpDf3YO9yNKlgB6Lsk0IY%2B6cW1w9MM79XQ0vqMG2vkPsVaztLebHMLg5px5%2BqfwBisvRIRwpBGGVQhc8o5xBIcrueUICsg"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=30984&min_rtt=30803&rtt_var=2179&sent=20&recv=19&lost=0&retrans=0&sent_bytes=8172&recv_bytes=6990&delivery_rate=5483&cwnd=12000&unsent_bytes=0&cid=bcec5364fbea3d9e&ts=893&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 14 Dec 2024 04:00:13 GMT
content-type
image/gif
last-modified
Sun, 21 Nov 2021 10:03:46 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f1b4921ea9e4c2b-MIA
accept-ranges
bytes
content-length
35473
server
cloudflare
jquery-1.12.4.min.js
suportecaixa.org/portal/html/empresa/ Frame E29B 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://suportecaixa.org/portal/html/empresa/jquery-1.12.4.min.js
Requested by
Host: suportecaixa.org
URL: https://suportecaixa.org/portal/html/empresa/aprovar.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.175.102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin
https://suportecaixa.org
Referer
https://suportecaixa.org/portal/html/empresa/aprovar.php

Response headers

content-encoding
gzip
cf-cache-status
EXPIRED
etag
"17b8b-5d14b74ce9000-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vd%2BPCPcIT2VifwUR6POTV8AVNmD7wDpNrzSBr5p6xZj4ydywCyqoeWm6KLyXst9oNDm80DX9yxFI8UzejpoA9LVJ7QzeuwVspnJG9ZksUjH1WTN8y8j0MvawDvr3cau5IygJ"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=31562&min_rtt=30803&rtt_var=1332&sent=53&recv=24&lost=0&retrans=0&sent_bytes=44172&recv_bytes=7205&delivery_rate=90340&cwnd=24000&unsent_bytes=0&cid=bcec5364fbea3d9e&ts=940&x=1", cfExtPri, cfHdrFlush;dur=16
date
Sat, 14 Dec 2024 04:00:13 GMT
content-type
application/javascript
last-modified
Sun, 21 Nov 2021 12:14:56 GMT
vary
Accept-Encoding
priority
u=2,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f1b4921ea9f4c2b-MIA
accept-ranges
bytes
content-length
33760
server
cloudflare
jquery-3.3.1.min.js
suportecaixa.org/portal/html/empresa/js/ Frame E29B 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://suportecaixa.org/portal/html/empresa/js/jquery-3.3.1.min.js
Requested by
Host: suportecaixa.org
URL: https://suportecaixa.org/portal/html/empresa/aprovar.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.175.102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d30b6114fb9496ae46b2a8cdf59379c8ffdb957534bd1dd73e626c7c61c7e67d

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://suportecaixa.org/portal/html/empresa/aprovar.php

Response headers

content-encoding
gzip
cf-cache-status
EXPIRED
etag
"1538f-58fd3abfe6280-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zNKXwxj61HdeQ6tA4wyBx1dSOUwDpJ6N8r4dG4TqxDD7lh7%2BJUE%2FJuBanQ1GH0Mr7bFdJQ6h2PzrkWIH0wQRfuQkjPznH7enqPqnSEiTm3N7tA%2BBy9CbEtQNWIbjXFJH%2F4fG"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=31562&min_rtt=30803&rtt_var=1332&sent=53&recv=24&lost=0&retrans=0&sent_bytes=44172&recv_bytes=7205&delivery_rate=90340&cwnd=24000&unsent_bytes=0&cid=bcec5364fbea3d9e&ts=947&x=1", cfExtPri, cfHdrFlush;dur=9
date
Sat, 14 Dec 2024 04:00:13 GMT
content-type
application/javascript
last-modified
Sun, 11 Aug 2019 09:02:50 GMT
vary
Accept-Encoding
priority
u=2,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f1b4921eaa04c2b-MIA
accept-ranges
bytes
content-length
30309
server
cloudflare
popper.min.js
suportecaixa.org/portal/html/empresa/js/ Frame E29B 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://suportecaixa.org/portal/html/empresa/js/popper.min.js
Requested by
Host: suportecaixa.org
URL: https://suportecaixa.org/portal/html/empresa/aprovar.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.175.102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdb2e9deef68ae1f1263363f7a7bae58a913cc1b2cee2e3cd2c46bcd181ebf75

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://suportecaixa.org/portal/html/empresa/aprovar.php

Response headers

content-encoding
gzip
cf-cache-status
EXPIRED
etag
"5211-58fd3abfe6280-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0xFT90Lj4fuiwenyovM4zpXJyH9qH6Vxm3exXKgZmcMkPWKt4AylowNwEoxikv7LKapfi4oRoyRechrzXwgj9xh1B9081Iap3N8%2BxxplQvAJSqtOBh0wuneonOIvOLQWQgIR"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=30984&min_rtt=30803&rtt_var=2179&sent=30&recv=19&lost=0&retrans=0&sent_bytes=20172&recv_bytes=6990&delivery_rate=5483&cwnd=12000&unsent_bytes=0&cid=bcec5364fbea3d9e&ts=915&x=1", cfExtPri, cfHdrFlush;dur=10
date
Sat, 14 Dec 2024 04:00:13 GMT
content-type
application/javascript
last-modified
Sun, 11 Aug 2019 09:02:50 GMT
vary
Accept-Encoding
priority
u=2,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f1b4921eaa34c2b-MIA
accept-ranges
bytes
content-length
7463
server
cloudflare
bootstrap-4.3.1.js
suportecaixa.org/portal/html/empresa/js/ Frame E29B 		133 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://suportecaixa.org/portal/html/empresa/js/bootstrap-4.3.1.js
Requested by
Host: suportecaixa.org
URL: https://suportecaixa.org/portal/html/empresa/aprovar.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.175.102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2caa6404ddb0de2b9d191b1e2c8b5c35c68ca48f2a9521140bbf83b27c063700

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://suportecaixa.org/portal/html/empresa/aprovar.php

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
"21388-58fd3abfe6280-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Az0hxQ9twK1pojLeN7N0%2BA9TOCG7edzXXcjn7cMQ1iJh1Yg7qDBN6ODIFW4Cki71htQpKw1u18febhpmczCysMxWTuRewBhqbfkjGRqQe2Q%2B2XwuFZkW2Ci2FHh%2BEag%2FvPq0"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=30984&min_rtt=30803&rtt_var=2179&sent=30&recv=19&lost=0&retrans=0&sent_bytes=20172&recv_bytes=6990&delivery_rate=5483&cwnd=12000&unsent_bytes=0&cid=bcec5364fbea3d9e&ts=902&x=1", cfExtPri, cfHdrFlush;dur=23
date
Sat, 14 Dec 2024 04:00:13 GMT
content-type
application/javascript
last-modified
Sun, 11 Aug 2019 09:02:50 GMT
vary
Accept-Encoding
priority
u=2,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f1b4921eaa64c2b-MIA
accept-ranges
bytes
content-length
25283
server
cloudflare
wp-admin.php
suportecaixa.org/portal/html/empresa/gerenciador/ Frame E29B 		69 B
837 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://suportecaixa.org/portal/html/empresa/gerenciador/wp-admin.php
Requested by
Host: suportecaixa.org
URL: https://suportecaixa.org/portal/html/empresa/js/jquery-3.3.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.175.102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd9ffb3e93ae7e538c1148cf835d6a8c51837974348fdb1215482f5dbe599604

Request headers

Referer
https://suportecaixa.org/portal/html/empresa/aprovar.php
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Accept
application/json, text/javascript, */*; q=0.01
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

cache-control
no-store, no-cache, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FWQu5XAgRH6FWx05x%2F%2B2rIHw8YjjcCrwiB7cR8vFWL%2FYI0R9ng%2BA3zUKDETgnq0GSefN38HuY8241%2B6fHwYFSX5B7ptphmatU9R1pq1iMmd1wZsOvtZoIzBkOXSt71FLShiF"}],"group":"cf-nel","max_age":604800}
cf-ray
8f1b49238be34c2b-MIA
expires
Thu, 19 Nov 1981 08:52:00 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=34716&min_rtt=30803&rtt_var=844&sent=152&recv=72&lost=0&retrans=0&sent_bytes=147224&recv_bytes=10640&delivery_rate=2195475&cwnd=74400&unsent_bytes=0&cid=bcec5364fbea3d9e&ts=1115&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 14 Dec 2024 04:00:13 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=1,i
wp-admin.php
suportecaixa.org/portal/html/empresa/gerenciador/ Frame E29B 		113 B
871 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://suportecaixa.org/portal/html/empresa/gerenciador/wp-admin.php
Requested by
Host: suportecaixa.org
URL: https://suportecaixa.org/portal/html/empresa/js/jquery-3.3.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.175.102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69ae933d5eeee3162ff4fe781dae5693d9a6af3bf2941f04d7d6160bac7b47e8

Request headers

Referer
https://suportecaixa.org/portal/html/empresa/aprovar.php
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Accept
application/json, text/javascript, */*; q=0.01
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

cache-control
no-store, no-cache, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LVJk%2BpROLklRz5wBpM0k7cWq%2FPhubgnWIv7E64D6tEZt6BswXWrb1EaniVSx5Ab%2Fu9N8QaI2g5F%2FYzHAxdPyZHl%2FJ7RoRpTe9Dy5hUcg02ORPiW1BHxcFye6ibKMhef5qNAc"}],"group":"cf-nel","max_age":604800}
cf-ray
8f1b49239bea4c2b-MIA
expires
Thu, 19 Nov 1981 08:52:00 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=34288&min_rtt=30803&rtt_var=1487&sent=156&recv=73&lost=0&retrans=0&sent_bytes=149041&recv_bytes=10685&delivery_rate=8648&cwnd=74400&unsent_bytes=0&cid=bcec5364fbea3d9e&ts=1184&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 14 Dec 2024 04:00:13 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=1,i
favicon.ico
suportecaixa.org/ 		278 B
886 B 		Other
General
Check archive.org
Download Go to
Full URL
https://suportecaixa.org/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.175.102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e57816d0cffd7dc93a05a4fdb4e06321de4fb14f39ac865a346ed95b21825a3a

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://suportecaixa.org/portal/html/empresa/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
EXPIRED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b7Fo97V40SiuJOmc9fy%2BumWvysEc1FRJiZUo%2F9oGCeCKSs%2BaaEntnMEDI8KQOPC%2BWAzZt7qYqcNO1FxEAbgXCvCrZcz5sF7k419WLotPQfohsKsWW0VRoxW2s8lgQUAQR06C"}],"group":"cf-nel","max_age":604800}
cf-ray
8f1b49239bed4c2b-MIA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=34288&min_rtt=30803&rtt_var=1487&sent=154&recv=73&lost=0&retrans=0&sent_bytes=148108&recv_bytes=10685&delivery_rate=8648&cwnd=74400&unsent_bytes=0&cid=bcec5364fbea3d9e&ts=1157&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 14 Dec 2024 04:00:13 GMT
content-type
text/html; charset=iso-8859-1
vary
Accept-Encoding
server
cloudflare
priority
u=1,i
wp-admin.php
suportecaixa.org/portal/html/empresa/gerenciador/ Frame E29B 		113 B
839 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://suportecaixa.org/portal/html/empresa/gerenciador/wp-admin.php
Requested by
Host: suportecaixa.org
URL: https://suportecaixa.org/portal/html/empresa/js/jquery-3.3.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.175.102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69ae933d5eeee3162ff4fe781dae5693d9a6af3bf2941f04d7d6160bac7b47e8

Request headers

Referer
https://suportecaixa.org/portal/html/empresa/aprovar.php
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Accept
application/json, text/javascript, */*; q=0.01
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

cache-control
no-store, no-cache, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vsFlBWGI1mJ9eEbXPBbEzCeNBgPj%2Bs9yrooFA7Uzws7S8OC1oc6rTX%2BMNK9U9VBfIJVKXJ247SLTBIP4KPDkx%2B9jnle%2F%2BkzvOju7AvdZwea7zD2I16RhLGqDWcGtKZei%2BFij"}],"group":"cf-nel","max_age":604800}
cf-ray
8f1b49365f564c2b-MIA
expires
Thu, 19 Nov 1981 08:52:00 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=33559&min_rtt=30803&rtt_var=2106&sent=159&recv=77&lost=0&retrans=0&sent_bytes=149984&recv_bytes=11363&delivery_rate=46034&cwnd=74400&unsent_bytes=0&cid=bcec5364fbea3d9e&ts=4122&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 14 Dec 2024 04:00:16 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=1,i

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Cloudflare (Online)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

2 Cookies

Domain/Path Name / Value
.v1.portaltermails.com/ Name: __cf_mw_byp
Value: XPRY0bx8AVK_7ICl0Lqo6AlHcW1oXmEm.qLPKbN3TdU-1734148807-0.0.1.1-/?bradesco
suportecaixa.org/ Name: PHPSESSID
Value: ba57f9l816jm0rvvf1i2mgod8d

3 Console Messages

Source Level URL
Text
network error URL: https://v1.portaltermails.com/?bradesco
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://v1.portaltermails.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://suportecaixa.org/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN