urlscan.io logo urlscan.io
SecurityTrails logo

amagiadoamor.com.br Open in urlscan Pro
162.214.108.193  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: http://amagiadoamor.com.br/tk/login.html
Submission: On September 05 via automatic, source openphish — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 4 countries across 4 domains to perform 14 HTTP transactions. The main IP is 162.214.108.193, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is amagiadoamor.com.br.
This is the only time amagiadoamor.com.br was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Telekom (Telecommunication)

Domain & IP information

IP Address AS Autonomous System
2 162.214.108.193 46606 (UNIFIEDLA...)
9 2003:2:2:140:... 3320 (DTAG Inte...)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.18.11.207 13335 (CLOUDFLAR...)
14 5
Apex Domain
Subdomains		 Transfer
9 telekom.com
accounts.login.idm.telekom.com — Cisco Umbrella Rank: 71420
221 KB
2 amagiadoamor.com.br
amagiadoamor.com.br
12 KB
1 bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 4508
16 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 641
30 KB
14 4
Domain Requested by
9 accounts.login.idm.telekom.com amagiadoamor.com.br
accounts.login.idm.telekom.com
2 amagiadoamor.com.br
1 stackpath.bootstrapcdn.com amagiadoamor.com.br
1 ajax.googleapis.com amagiadoamor.com.br
14 4

This site contains no links.

Subject Issuer Validity Valid
accounts.login.idm.telekom.com
Telekom Security ServerID EV Class 3 CA		 2024-07-12 -
2025-07-16		 a year crt.sh
upload.video.google.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
bootstrapcdn.com
WE1		 2024-07-23 -
2024-10-21		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://amagiadoamor.com.br/tk/login.html
Frame ID: B3DC6FF80B7F329E790A89160C7036E2
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Telekom Login

Page URL History Show full URLs

  1. http://amagiadoamor.com.br/tk/login.html HTTP 307
    https://amagiadoamor.com.br/tk/login.html HTTP 307
    http://amagiadoamor.com.br/tk/login.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

14
Requests

79 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

5
IPs

4
Countries

278 kB
Transfer

455 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://amagiadoamor.com.br/tk/login.html HTTP 307
    https://amagiadoamor.com.br/tk/login.html HTTP 307
    http://amagiadoamor.com.br/tk/login.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://login.t-online.de/stats/t-online-logo-29112019.png HTTP 301
  • https://www.t-online.de/auth/ HTTP 302
  • https://www.t-online.de/auth/oauth2/authorization/telekom HTTP 302
  • https://accounts.login.idm.telekom.com/oauth2/auth?response_type=code&client_id=10LIVESAM30000004901PORTALE2000000000000&scope=openid&state=99fH6LW7crIpxCZ-oFkLSksDhmI6Wm43EORaILo0Vs4%3D&redirect_uri=https://www.t-online.de/auth/login/oauth2/code/telekom&nonce=-9Apw8zCIT7mdW_8xSzvVx7BG1g4sAll673HZXwlcdc&display=popup&claims=%7B%22id_token%22:%7B%22urn:telekom.com:all%22:null%7D%7D%0A

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login.html
amagiadoamor.com.br/tk/
Redirect Chain
  • http://amagiadoamor.com.br/tk/login.html
  • https://amagiadoamor.com.br/tk/login.html
  • http://amagiadoamor.com.br/tk/login.html
11 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://amagiadoamor.com.br/tk/login.html
Protocol
HTTP/1.1
Server
162.214.108.193 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
vps-7263916.crushcosmeticos.com.br
Software
Apache /
Resource Hash
5d72056c0e47ce0756ca914fea06395f9455baae9531418fb6e6c53afe7a3fac

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Connection
Upgrade, Keep-Alive
Content-Length
11027
Content-Type
text/html
Date
Thu, 05 Sep 2024 13:16:15 GMT
Keep-Alive
timeout=5, max=1750
Last-Modified
Tue, 27 Jun 2023 15:24:08 GMT
Server
Apache
Upgrade
h2,h2c

Redirect headers

Location
http://amagiadoamor.com.br/tk/login.html
Non-Authoritative-Reason
HttpsUpgrades
login-24.16.2.css
accounts.login.idm.telekom.com/static/factorx/css/ 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts.login.idm.telekom.com/static/factorx/css/login-24.16.2.css
Requested by
Host: amagiadoamor.com.br
URL: http://amagiadoamor.com.br/tk/login.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2003:2:2:140:62:157:140:200 , Germany, ASN3320 (DTAG Internet service provider operations, DE),
Reverse DNS
Software
Apache /
Resource Hash
9d34f2b8d86dfcbbdb3da353eb04b805b0bf60cd3d90e8a0a1723f2dfff7a916
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
http://amagiadoamor.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
sh
4194a5e2d0d7b40759d719349ca67bb4
last-modified
Wed, 11 May 2022 04:34:06 GMT
server
Apache
date
Thu, 05 Sep 2024 13:16:16 GMT
vary
Accept-Encoding
p3p
CP="NOI CURa TAIa OUR NOR UNI"
content-type
text/css; charset=utf-8
cache-control
public
accept-ranges
bytes
content-length
3686
expires
Thu, 12 Sep 2024 13:16:16 GMT
components.min.css
accounts.login.idm.telekom.com/static/factorx/css/ 		96 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts.login.idm.telekom.com/static/factorx/css/components.min.css
Requested by
Host: amagiadoamor.com.br
URL: http://amagiadoamor.com.br/tk/login.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2003:2:2:140:62:157:140:200 , Germany, ASN3320 (DTAG Internet service provider operations, DE),
Reverse DNS
Software
Apache /
Resource Hash
f7c9a6a063bebf358281210d89deab95b3664efdaa7221d33003e76bb819481a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
http://amagiadoamor.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
sh
4194a5e2d0d7b40759d719349ca67bb4
last-modified
Wed, 25 Nov 2020 06:16:23 GMT
server
Apache
date
Thu, 05 Sep 2024 13:16:16 GMT
vary
Accept-Encoding
p3p
CP="NOI CURa TAIa OUR NOR UNI"
content-type
text/css; charset=utf-8
cache-control
public
accept-ranges
bytes
content-length
18596
expires
Thu, 12 Sep 2024 13:16:16 GMT
auth
accounts.login.idm.telekom.com/oauth2/
Redirect Chain
  • https://login.t-online.de/stats/t-online-logo-29112019.png
  • https://www.t-online.de/auth/
  • https://www.t-online.de/auth/oauth2/authorization/telekom
  • https://accounts.login.idm.telekom.com/oauth2/auth?response_type=code&client_id=10LIVESAM30000004901PORTALE2000000000000&scope=openid&state=99fH6LW7crIpxCZ-oFkLSksDhmI6Wm43EORaILo0Vs4%3D&redirect_u...
0
0
services.png
accounts.login.idm.telekom.com/static/factorx/images/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.login.idm.telekom.com/static/factorx/images/services.png
Requested by
Host: amagiadoamor.com.br
URL: http://amagiadoamor.com.br/tk/login.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2003:2:2:140:62:157:140:200 , Germany, ASN3320 (DTAG Internet service provider operations, DE),
Reverse DNS
Software
Apache /
Resource Hash
14977cb7057352ad7715b93dec52f4993fc16980836d03b64f79566e8c9bec22
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
http://amagiadoamor.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 05 Sep 2024 13:16:16 GMT
sh
4194a5e2d0d7b40759d719349ca67bb4
last-modified
Wed, 25 Nov 2020 06:16:23 GMT
server
Apache
p3p
CP="NOI CURa TAIa OUR NOR UNI"
content-type
image/png
cache-control
public
accept-ranges
bytes
content-length
22647
expires
Thu, 12 Sep 2024 13:16:16 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Requested by
Host: amagiadoamor.com.br
URL: http://amagiadoamor.com.br/tk/login.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://amagiadoamor.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 07:10:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
453922
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30028
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 31 Aug 2025 07:10:54 GMT
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/ 		50 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js
Requested by
Host: amagiadoamor.com.br
URL: http://amagiadoamor.com.br/tk/login.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://amagiadoamor.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 13:16:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
1029
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
894102
cdn-cachedat
08/04/2024 20:14:54
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:06 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"67176c242e1bdc20603c878dee836df3"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
d111e32d511363007c6323c1993605f3
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
8be67e2acd9c900a-FRA
cdn-requestpullsuccess
True
data_protection.svg
accounts.login.idm.telekom.com/static/factorx/images/ 		673 B
743 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.login.idm.telekom.com/static/factorx/images/data_protection.svg
Requested by
Host: accounts.login.idm.telekom.com
URL: https://accounts.login.idm.telekom.com/static/factorx/css/login-24.16.2.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2003:2:2:140:62:157:140:200 , Germany, ASN3320 (DTAG Internet service provider operations, DE),
Reverse DNS
Software
Apache /
Resource Hash
53637a2d4745687c07969427a743c6b9207b3ba6e261fa19a61cccaab46eb316
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://accounts.login.idm.telekom.com/static/factorx/css/login-24.16.2.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 05 Sep 2024 13:16:16 GMT
sh
4194a5e2d0d7b40759d719349ca67bb4
last-modified
Wed, 25 Nov 2020 06:16:23 GMT
server
Apache
p3p
CP="NOI CURa TAIa OUR NOR UNI"
content-type
image/svg+xml
cache-control
public
accept-ranges
bytes
content-length
673
expires
Thu, 05 Sep 2024 14:16:16 GMT
teleicon-outline.woff
accounts.login.idm.telekom.com/static/factorx/fonts/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://accounts.login.idm.telekom.com/static/factorx/fonts/teleicon-outline.woff
Requested by
Host: accounts.login.idm.telekom.com
URL: https://accounts.login.idm.telekom.com/static/factorx/css/components.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2003:2:2:140:62:157:140:200 , Germany, ASN3320 (DTAG Internet service provider operations, DE),
Reverse DNS
Software
Apache /
Resource Hash
01fa42140c7fd1e43496b320027681e75123e8121c4ff52e7a390a4ec37d9379
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://accounts.login.idm.telekom.com/static/factorx/css/components.min.css
Origin
http://amagiadoamor.com.br
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 05 Sep 2024 13:16:16 GMT
sh
62334c584583da8666d3dfbba4a10381
last-modified
Wed, 25 Nov 2020 05:40:30 GMT
server
Apache
p3p
CP="NOI CURa TAIa OUR NOR UNI"
access-control-allow-origin
http://amagiadoamor.com.br
content-type
application/x-font-woff
cache-control
public
accept-ranges
bytes
content-length
8824
expires
Thu, 12 Sep 2024 13:16:16 GMT
telegroteskscreen-ultra.woff
accounts.login.idm.telekom.com/static/factorx/fonts/ 		52 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://accounts.login.idm.telekom.com/static/factorx/fonts/telegroteskscreen-ultra.woff
Requested by
Host: accounts.login.idm.telekom.com
URL: https://accounts.login.idm.telekom.com/static/factorx/css/components.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2003:2:2:140:62:157:140:200 , Germany, ASN3320 (DTAG Internet service provider operations, DE),
Reverse DNS
Software
Apache /
Resource Hash
3b6317d7c6288f6380f182e8bdc16b4cea82df91bc0f0209dfbce457b3e16910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://accounts.login.idm.telekom.com/static/factorx/css/components.min.css
Origin
http://amagiadoamor.com.br
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 05 Sep 2024 13:16:16 GMT
sh
62334c584583da8666d3dfbba4a10381
last-modified
Wed, 25 Nov 2020 05:40:30 GMT
server
Apache
p3p
CP="NOI CURa TAIa OUR NOR UNI"
access-control-allow-origin
http://amagiadoamor.com.br
content-type
application/x-font-woff
cache-control
public
accept-ranges
bytes
content-length
53428
expires
Thu, 12 Sep 2024 13:16:16 GMT
telegroteskscreen-thin.woff
accounts.login.idm.telekom.com/static/factorx/fonts/ 		57 KB
57 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://accounts.login.idm.telekom.com/static/factorx/fonts/telegroteskscreen-thin.woff
Requested by
Host: accounts.login.idm.telekom.com
URL: https://accounts.login.idm.telekom.com/static/factorx/css/components.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2003:2:2:140:62:157:140:200 , Germany, ASN3320 (DTAG Internet service provider operations, DE),
Reverse DNS
Software
Apache /
Resource Hash
3c3cff57406992d5b880806e120965b2a77f6a9ac1bbe7a781bfc9f752b4ab5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://accounts.login.idm.telekom.com/static/factorx/css/components.min.css
Origin
http://amagiadoamor.com.br
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 05 Sep 2024 13:16:16 GMT
sh
62334c584583da8666d3dfbba4a10381
last-modified
Wed, 25 Nov 2020 05:40:30 GMT
server
Apache
p3p
CP="NOI CURa TAIa OUR NOR UNI"
access-control-allow-origin
http://amagiadoamor.com.br
content-type
application/x-font-woff
cache-control
public
accept-ranges
bytes
content-length
58248
expires
Thu, 12 Sep 2024 13:16:16 GMT
telegroteskscreen-regular.woff
accounts.login.idm.telekom.com/static/factorx/fonts/ 		53 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://accounts.login.idm.telekom.com/static/factorx/fonts/telegroteskscreen-regular.woff
Requested by
Host: accounts.login.idm.telekom.com
URL: https://accounts.login.idm.telekom.com/static/factorx/css/components.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2003:2:2:140:62:157:140:200 , Germany, ASN3320 (DTAG Internet service provider operations, DE),
Reverse DNS
Software
Apache /
Resource Hash
b80effdb6b1baee7ad8a926a027a9f085d0b91a1b52e3a8cf34e9a6b087aad97
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://accounts.login.idm.telekom.com/static/factorx/css/components.min.css
Origin
http://amagiadoamor.com.br
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 05 Sep 2024 13:16:16 GMT
sh
62334c584583da8666d3dfbba4a10381
last-modified
Wed, 25 Nov 2020 05:40:30 GMT
server
Apache
p3p
CP="NOI CURa TAIa OUR NOR UNI"
access-control-allow-origin
http://amagiadoamor.com.br
content-type
application/x-font-woff
cache-control
public
accept-ranges
bytes
content-length
54684
expires
Thu, 12 Sep 2024 13:16:16 GMT
teleicon-ui.woff
accounts.login.idm.telekom.com/static/factorx/fonts/ 		3 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://accounts.login.idm.telekom.com/static/factorx/fonts/teleicon-ui.woff
Requested by
Host: accounts.login.idm.telekom.com
URL: https://accounts.login.idm.telekom.com/static/factorx/css/components.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2003:2:2:140:62:157:140:200 , Germany, ASN3320 (DTAG Internet service provider operations, DE),
Reverse DNS
Software
Apache /
Resource Hash
3cf35b128c4c5dcd9bb0a12bcc009f2e46e382edec4737360a623d0052a6fe34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://accounts.login.idm.telekom.com/static/factorx/css/components.min.css
Origin
http://amagiadoamor.com.br
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 05 Sep 2024 13:16:16 GMT
sh
62334c584583da8666d3dfbba4a10381
last-modified
Wed, 25 Nov 2020 05:40:30 GMT
server
Apache
p3p
CP="NOI CURa TAIa OUR NOR UNI"
access-control-allow-origin
http://amagiadoamor.com.br
content-type
application/x-font-woff
cache-control
public
accept-ranges
bytes
content-length
2736
expires
Thu, 12 Sep 2024 13:16:16 GMT
favicon.png
amagiadoamor.com.br/tk/assets/ 		315 B
517 B 		Other
General
Check archive.org
Download Go to
Full URL
http://amagiadoamor.com.br/tk/assets/favicon.png
Protocol
HTTP/1.1
Server
162.214.108.193 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
vps-7263916.crushcosmeticos.com.br
Software
Apache /
Resource Hash
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

Referer
http://amagiadoamor.com.br/tk/login.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Thu, 05 Sep 2024 13:16:16 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=1749
Content-Length
315
Content-Type
text/html; charset=iso-8859-1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
accounts.login.idm.telekom.com
URL
https://accounts.login.idm.telekom.com/oauth2/auth?response_type=code&client_id=10LIVESAM30000004901PORTALE2000000000000&scope=openid&state=99fH6LW7crIpxCZ-oFkLSksDhmI6Wm43EORaILo0Vs4%3D&redirect_uri=https://www.t-online.de/auth/login/oauth2/code/telekom&nonce=-9Apw8zCIT7mdW_8xSzvVx7BG1g4sAll673HZXwlcdc&display=popup&claims=%7B%22id_token%22:%7B%22urn:telekom.com:all%22:null%7D%7D%0A

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Telekom (Telecommunication)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| bootstrap function| _0xfb39 function| _0x5d31 function| _0x382c1f

3 Cookies

Domain/Path Name / Value
www.t-online.de/auth Name: T_SID
Value: OGI5Y2Q4YTMtOTc2OS00NTc3LWI4MjktY2Y4NDM5NzFlYzgw
accounts.login.idm.telekom.com/ Name: CC
Value: CgRrZXkxEhSX3UIGkOkftufpiGDdU9Y44m_doRqwAV3AHwJwSJfmoGayn2vv-IqM6qNyv9-wCwn7V2V2jztpanKL7BzHUC6Hmq7-8fNzCgxYF3XQxWo7CBfbSWPNMJ2f1_JKRRsJGjd9ys5gXIjNIHhmCm-8TwpcTZyO04FB-rqQgP0Agw9X1TsxYxiYp-u6K1uI1PZKK1qkvvwK7SQmoII_-UdNNcRhp6mfxC1N9B-Z1yAnm43VQAekwvU9DFiOkiDrXZ-B1PWWvevKcT4R
accounts.login.idm.telekom.com/ Name: FI08693960-6b89-11ef-bfd2-1b3279d1e4e0
Value: CgRrZXkxEhQ10uof_NQdACZ060g_WOjBdEaKBhqwAegRp3FfOcPhzNGaGIewm2bNVSCQ8WLPTVGfcOSGAB8b40gLTTRB5Ea2_DaSiSPWk7LTPkIfL0sybDUa9AbtKAYbRdGjcWPAeoCSBuxZr8-RbVEvXNnRRHzpZDGqj4w6HOoW6VyrSiyuvBfNJ8RE77z96IL6uj3lBB8PxZ5q6uIL2b_ofSqhiIGJUMHThTKSUQnMWj2jSQucQYgXqV1c2tCI1owPDu8bX4zVlXAbpyOK

1 Console Messages

Source Level URL
Text
network error URL: http://amagiadoamor.com.br/tk/assets/favicon.png
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)