urlscan.io logo urlscan.io
SecurityTrails logo

suportecaixa.org Open in urlscan Pro
172.67.175.102  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://v1.portaltermails.com/?santander
Effective URL: https://suportecaixa.org/portal/html/empresa/
Submission: On December 14 via api from US — Scanned from IL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 18 HTTP transactions. The main IP is 172.67.175.102, located in United States and belongs to CLOUDFLARENET, US. The main domain is suportecaixa.org.
TLS certificate: Issued by WE1 on November 11th 2024. Valid for: 3 months.
This is the only time suportecaixa.org was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Cloudflare (Online)

Domain & IP information

IP Address AS Autonomous System
2 6 172.67.182.156 13335 (CLOUDFLAR...)
14 172.67.175.102 13335 (CLOUDFLAR...)
18 2
Apex Domain
Subdomains		 Transfer
14 suportecaixa.org
suportecaixa.org
142 KB
6 portaltermails.com
v1.portaltermails.com
10 KB
18 2
Domain Requested by
14 suportecaixa.org suportecaixa.org
6 v1.portaltermails.com 2 redirects v1.portaltermails.com
18 2

This site contains no links.

Subject Issuer Validity Valid
portaltermails.com
WE1		 2024-12-08 -
2025-03-08		 3 months crt.sh
suportecaixa.org
WE1		 2024-11-11 -
2025-02-09		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://suportecaixa.org/portal/html/empresa/
Frame ID: 970A2851830F139633F0600B2CFD7709
Requests: 6 HTTP requests in this frame

Frame: https://suportecaixa.org/portal/html/empresa/aprovar.php
Frame ID: 5E28D65FD5CF653D6F249CF51AC00CF9
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Empresas

Page URL History Show full URLs

  1. http://v1.portaltermails.com/?santander HTTP 307
    https://v1.portaltermails.com/?santander Page URL
  2. https://v1.portaltermails.com/cdn-cgi/phish-bypass?atok=S2Ms362_bqwsj1ycVRumTQU1G1LfBSP_ODEveZRzBWA-173414... HTTP 301
    https://v1.portaltermails.com/?santander HTTP 302
    https://suportecaixa.org/portal/html/empresa/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

18
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

152 kB
Transfer

410 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://v1.portaltermails.com/?santander HTTP 307
    https://v1.portaltermails.com/?santander Page URL
  2. https://v1.portaltermails.com/cdn-cgi/phish-bypass?atok=S2Ms362_bqwsj1ycVRumTQU1G1LfBSP_ODEveZRzBWA-1734148991-0.0.1.1-%2F%3Fsantander HTTP 301
    https://v1.portaltermails.com/?santander HTTP 302
    https://suportecaixa.org/portal/html/empresa/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://v1.portaltermails.com/?santander HTTP 307
  • https://v1.portaltermails.com/?santander

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
v1.portaltermails.com/
Redirect Chain
  • http://v1.portaltermails.com/?santander
  • https://v1.portaltermails.com/?santander
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://v1.portaltermails.com/?santander
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.182.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6508819bf160c4984895be39653fc44e37cc6cf097fd79de06641e655e5b37a4
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

cf-ray
8f1b4d7aad325d44-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 14 Dec 2024 04:03:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HKWSQcebwisjDIICwWqrFiHXwuf0jsk%2BHpIQhGiLx%2BZ87rq0sTwEOkUluTxpGlRZqWaDgqmBbDzXtpSddueqNtscbWSOjS9yflAy%2BfNB4SQn4CUArvpfcqLUhL140AlXs5z7rl6ap88%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN

Redirect headers

Location
https://v1.portaltermails.com/?santander
Non-Authoritative-Reason
HttpsUpgrades
cf.errors.css
v1.portaltermails.com/cdn-cgi/styles/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://v1.portaltermails.com/cdn-cgi/styles/cf.errors.css
Requested by
Host: v1.portaltermails.com
URL: https://v1.portaltermails.com/?santander
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.182.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://v1.portaltermails.com/?santander

Response headers

vary
Accept-Encoding
cache-control
max-age=7200, public
content-encoding
gzip
etag
W/"67531958-5df3"
x-content-type-options
nosniff
cf-ray
8f1b4d7cadad5d44-FRA
expires
Sat, 14 Dec 2024 06:03:11 GMT
date
Sat, 14 Dec 2024 04:03:11 GMT
content-type
text/css
last-modified
Fri, 06 Dec 2024 15:33:44 GMT
server
cloudflare
x-frame-options
DENY
icon-exclamation.png
v1.portaltermails.com/cdn-cgi/images/ 		452 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v1.portaltermails.com/cdn-cgi/images/icon-exclamation.png?1376755637
Requested by
Host: v1.portaltermails.com
URL: https://v1.portaltermails.com/cdn-cgi/styles/cf.errors.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.182.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://v1.portaltermails.com/cdn-cgi/styles/cf.errors.css

Response headers

vary
Accept-Encoding
cache-control
max-age=7200, public
etag
"67531958-1c4"
x-content-type-options
nosniff
cf-ray
8f1b4d7ddddb5d44-FRA
expires
Sat, 14 Dec 2024 06:03:11 GMT
accept-ranges
bytes
content-length
452
date
Sat, 14 Dec 2024 04:03:11 GMT
content-type
image/png
last-modified
Fri, 06 Dec 2024 15:33:44 GMT
server
cloudflare
x-frame-options
DENY
favicon.ico
v1.portaltermails.com/ 		4 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://v1.portaltermails.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.182.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ba53a1f8f5a6c19b808a47fddfde7e94daee47c33fb19a5c4716a3136a04214
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://v1.portaltermails.com/?santander

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XeNrosE2KbmV5yg5PbEZbKFrmC5SYUZUhXMP443dELGpTIfzsoaZtyOkz25A7U2bTb0Y0%2BSr8BYI0ZssS5hLeUCsZ1L1JtwjwZpgVFVeDJbl%2BfRg0F%2B9lcnJqAej4Z4HukSQdiY%2Fkxc%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f1b4d7ede095d44-FRA
date
Sat, 14 Dec 2024 04:03:11 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
x-frame-options
SAMEORIGIN
Primary Request /
suportecaixa.org/portal/html/empresa/
Redirect Chain
  • https://v1.portaltermails.com/cdn-cgi/phish-bypass?atok=S2Ms362_bqwsj1ycVRumTQU1G1LfBSP_ODEveZRzBWA-1734148991-0.0.1.1-%2F%3Fsantander
  • https://v1.portaltermails.com/?santander
  • https://suportecaixa.org/portal/html/empresa/
245 B
862 B 		Document
General
Check archive.org
Download Go to
Full URL
https://suportecaixa.org/portal/html/empresa/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.175.102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
929d76955a8e1ced958976ce8782b8b9f9dc15411acf8ab901c01a58c00d6137

Request headers

Referer
https://v1.portaltermails.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f1b4d9afdcee1bc-MRS
content-encoding
zstd
content-type
text/html
date
Sat, 14 Dec 2024 04:03:16 GMT
last-modified
Sun, 12 Nov 2023 20:55:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QWqcUHzo3xARs0j1F2fycFqa%2FKHaQpjFZRlY3RdfrvJo24ty5exCNekxy6zEIcupCsRhclfqT7gJ4WUWbSt3dEyRcYA8sl7a4RHrSOdqdoOwmYR9whsat7%2FybM6sC3igwnzH"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=158125&min_rtt=148626&rtt_var=42399&sent=12&recv=9&lost=0&retrans=0&sent_bytes=4169&recv_bytes=4492&delivery_rate=3915&cwnd=12000&unsent_bytes=0&cid=883d5106ba946482&ts=417&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f1b4d96db435d44-FRA
content-type
text/html; charset=UTF-8
date
Sat, 14 Dec 2024 04:03:15 GMT
location
https://suportecaixa.org/portal/html/empresa/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9OhFkEu8np9ZNv%2FfPYtOJfNUcIZbqAF05zM9eK2H5PDQRLUwzEqU98Jreggjgh5CniWuQmeaXSYR59mLO7H%2Bu4KApNm7KeL2fpmHi03DBdLp%2BxJuyRxMCvg%2BfpEwWmp1KZFBZmmXmC8%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=152654&min_rtt=128882&rtt_var=19993&sent=28&recv=23&lost=0&retrans=0&sent_bytes=14797&recv_bytes=7077&delivery_rate=155&cwnd=12000&unsent_bytes=0&cid=633a0933e33f5241&ts=5086&x=1" cfExtPri cfHdrFlush;dur=0
aprovar.php
suportecaixa.org/portal/html/empresa/ Frame 5E28 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://suportecaixa.org/portal/html/empresa/aprovar.php
Requested by
Host: suportecaixa.org
URL: https://suportecaixa.org/portal/html/empresa/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.175.102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d57632e49587972516c1cc3dde32114efd4f6054f92dbc05fad0df40290fafe

Request headers

Referer
https://suportecaixa.org/portal/html/empresa/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f1b4d9e6c1ae1bc-MRS
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Sat, 14 Dec 2024 04:03:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XQkBYJjtlzwYkZLFhLcG0Iuva3Z8aJVwn314Zoqk6Mf6Am7MM7aKpKnw1m7VJFK2PyK2NhRoOxm4xIiV0KqNa6Uk23M6pkgPC7daw4t7Sv9xTyRf%2BqxABATb%2FNrzwf4IcG2w"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=160823&min_rtt=148626&rtt_var=37194&sent=14&recv=11&lost=0&retrans=0&sent_bytes=5077&recv_bytes=4990&delivery_rate=5079&cwnd=12000&unsent_bytes=0&cid=883d5106ba946482&ts=1277&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
loading.gif
suportecaixa.org/portal/html/empresa/images/ Frame 5E28 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://suportecaixa.org/portal/html/empresa/images/loading.gif
Requested by
Host: suportecaixa.org
URL: https://suportecaixa.org/portal/html/empresa/aprovar.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.175.102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b28604c7e478ef48a7c1f3554e64d72aa69438a9ec15cea40e1cd661dc74f432

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://suportecaixa.org/portal/html/empresa/aprovar.php

Response headers

cf-cache-status
REVALIDATED
etag
"8a91-5d1499fb7e480"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VHZwk5r6LFmKU6x%2B%2FKuJRy9E89Lq1SxCZkIUJF28uJn5ryYa5%2BJlZd01leCvtFxE8GNGqjzOcyXQOmZlI2nsieNOX9mfigRT%2Bx4xMOWt413469gQP4UHcUBqqxYlgBztLQg8"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=157678&min_rtt=129070&rtt_var=28523&sent=20&recv=18&lost=0&retrans=0&sent_bytes=8191&recv_bytes=6943&delivery_rate=4650&cwnd=12000&unsent_bytes=0&cid=883d5106ba946482&ts=1715&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 14 Dec 2024 04:03:17 GMT
content-type
image/gif
last-modified
Sun, 21 Nov 2021 10:03:46 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f1b4da31d84e1bc-MRS
accept-ranges
bytes
content-length
35473
server
cloudflare
jquery-1.12.4.min.js
suportecaixa.org/portal/html/empresa/ Frame 5E28 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://suportecaixa.org/portal/html/empresa/jquery-1.12.4.min.js
Requested by
Host: suportecaixa.org
URL: https://suportecaixa.org/portal/html/empresa/aprovar.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.175.102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin
https://suportecaixa.org
Referer
https://suportecaixa.org/portal/html/empresa/aprovar.php

Response headers

content-encoding
gzip
cf-cache-status
EXPIRED
etag
"17b8b-5d14b74ce9000-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GnI7fPCHWQZbmk0wiYhlq8asCpL25lqf1CEACqb3ss9wv0Y%2F8YxkZrNv4lkEA6uAxDgW4ffeteq%2FmrdSEi%2B0kIYFlUq1n08MCry2aRk0cO7flaSn2pkobxjPbCDwTcKBfgPy"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=157678&min_rtt=129070&rtt_var=28523&sent=30&recv=18&lost=0&retrans=0&sent_bytes=20191&recv_bytes=6943&delivery_rate=4650&cwnd=12000&unsent_bytes=0&cid=883d5106ba946482&ts=1831&x=1", cfExtPri, cfHdrFlush;dur=16
date
Sat, 14 Dec 2024 04:03:17 GMT
content-type
application/javascript
last-modified
Sun, 21 Nov 2021 12:14:56 GMT
vary
Accept-Encoding
priority
u=2,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f1b4da32dabe1bc-MRS
accept-ranges
bytes
content-length
33760
server
cloudflare
jquery-3.3.1.min.js
suportecaixa.org/portal/html/empresa/js/ Frame 5E28 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://suportecaixa.org/portal/html/empresa/js/jquery-3.3.1.min.js
Requested by
Host: suportecaixa.org
URL: https://suportecaixa.org/portal/html/empresa/aprovar.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.175.102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d30b6114fb9496ae46b2a8cdf59379c8ffdb957534bd1dd73e626c7c61c7e67d

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://suportecaixa.org/portal/html/empresa/aprovar.php

Response headers

content-encoding
gzip
cf-cache-status
EXPIRED
etag
"1538f-58fd3abfe6280-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DoT%2Fdi7MaGqqspgwwGfiqHd%2BQCo0ilDfbMcZ4H%2Bvjx4OrxsxyuRxHlCkLPue38uHkMRRomXkyMujQfuH%2ByEIfQ6DYDBv%2FLg9Nbg0qnEA97Py%2F%2BZLTcIltUAcNhV6VC0xhQRJ"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=157678&min_rtt=129070&rtt_var=28523&sent=30&recv=18&lost=0&retrans=0&sent_bytes=20191&recv_bytes=6943&delivery_rate=4650&cwnd=12000&unsent_bytes=0&cid=883d5106ba946482&ts=1833&x=1", cfExtPri, cfHdrFlush;dur=14
date
Sat, 14 Dec 2024 04:03:17 GMT
content-type
application/javascript
last-modified
Sun, 11 Aug 2019 09:02:50 GMT
vary
Accept-Encoding
priority
u=2,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f1b4da33db0e1bc-MRS
accept-ranges
bytes
content-length
30309
server
cloudflare
popper.min.js
suportecaixa.org/portal/html/empresa/js/ Frame 5E28 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://suportecaixa.org/portal/html/empresa/js/popper.min.js
Requested by
Host: suportecaixa.org
URL: https://suportecaixa.org/portal/html/empresa/aprovar.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.175.102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdb2e9deef68ae1f1263363f7a7bae58a913cc1b2cee2e3cd2c46bcd181ebf75

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://suportecaixa.org/portal/html/empresa/aprovar.php

Response headers

content-encoding
gzip
cf-cache-status
EXPIRED
etag
"5211-58fd3abfe6280-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dsj3hHkjslNJmqldrCWN%2FYTmwzpeL4lBoYXL66xYWDF2mqg%2FhVA8tdZj1jCg60jixlmWp%2FRgdFecjEZtjVY6tf78TmAWdk0pfGXEndUrU728SK6K0DHm%2FMs9E76FyDI6C86U"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=157678&min_rtt=129070&rtt_var=28523&sent=30&recv=18&lost=0&retrans=0&sent_bytes=20191&recv_bytes=6943&delivery_rate=4650&cwnd=12000&unsent_bytes=0&cid=883d5106ba946482&ts=1738&x=1", cfExtPri, cfHdrFlush;dur=109
date
Sat, 14 Dec 2024 04:03:17 GMT
content-type
application/javascript
last-modified
Sun, 11 Aug 2019 09:02:50 GMT
vary
Accept-Encoding
priority
u=2,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f1b4da33db3e1bc-MRS
accept-ranges
bytes
content-length
7463
server
cloudflare
bootstrap-4.3.1.js
suportecaixa.org/portal/html/empresa/js/ Frame 5E28 		133 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://suportecaixa.org/portal/html/empresa/js/bootstrap-4.3.1.js
Requested by
Host: suportecaixa.org
URL: https://suportecaixa.org/portal/html/empresa/aprovar.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.175.102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2caa6404ddb0de2b9d191b1e2c8b5c35c68ca48f2a9521140bbf83b27c063700

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://suportecaixa.org/portal/html/empresa/aprovar.php

Response headers

content-encoding
gzip
cf-cache-status
EXPIRED
etag
"21388-58fd3abfe6280-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rSY2qviQ1ztKCVxUJ0eSp4UWmSDR5H6mHQ8wTG6Yi59RYurbW3RpFjgnWpdzMxPcFm5Vvf0EVnXwT8bMK2s6%2FxYxuPVItjqWs96xV3GCmeA79CaSeysVVKGWxvc91R3WewKb"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=157678&min_rtt=129070&rtt_var=28523&sent=30&recv=18&lost=0&retrans=0&sent_bytes=20191&recv_bytes=6943&delivery_rate=4650&cwnd=12000&unsent_bytes=0&cid=883d5106ba946482&ts=1828&x=1", cfExtPri, cfHdrFlush;dur=19
date
Sat, 14 Dec 2024 04:03:17 GMT
content-type
application/javascript
last-modified
Sun, 11 Aug 2019 09:02:50 GMT
vary
Accept-Encoding
priority
u=2,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f1b4da33db4e1bc-MRS
accept-ranges
bytes
content-length
25283
server
cloudflare
wp-admin.php
suportecaixa.org/portal/html/empresa/gerenciador/ Frame 5E28 		69 B
838 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://suportecaixa.org/portal/html/empresa/gerenciador/wp-admin.php
Requested by
Host: suportecaixa.org
URL: https://suportecaixa.org/portal/html/empresa/js/jquery-3.3.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.175.102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd9ffb3e93ae7e538c1148cf835d6a8c51837974348fdb1215482f5dbe599604

Request headers

Referer
https://suportecaixa.org/portal/html/empresa/aprovar.php
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Accept
application/json, text/javascript, */*; q=0.01
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

cache-control
no-store, no-cache, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7j3w42GPVsqRthBzbZps%2Bjo0Ev6cwJdtsoQ6uUuJHUV0Y2PWf1MyaZ7%2BilgbWKNI6WpyaMjEFdK4W4ZgFPknIxVzio67ZHTKe6%2BBne%2B5owS771iLZUZQeNOwylwfrmKeWkL%2F"}],"group":"cf-nel","max_age":604800}
cf-ray
8f1b4da81ef2e1bc-MRS
expires
Thu, 19 Nov 1981 08:52:00 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=123975&min_rtt=114802&rtt_var=5218&sent=147&recv=70&lost=0&retrans=1&sent_bytes=148292&recv_bytes=10484&delivery_rate=5524&cwnd=82800&unsent_bytes=0&cid=883d5106ba946482&ts=2433&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 14 Dec 2024 04:03:18 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=1,i
wp-admin.php
suportecaixa.org/portal/html/empresa/gerenciador/ Frame 5E28 		146 B
899 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://suportecaixa.org/portal/html/empresa/gerenciador/wp-admin.php
Requested by
Host: suportecaixa.org
URL: https://suportecaixa.org/portal/html/empresa/js/jquery-3.3.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.175.102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48d784487d46d24832625b8afb63f31bed0c9a287cce7f2d345bde01abb4dd16

Request headers

Referer
https://suportecaixa.org/portal/html/empresa/aprovar.php
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Accept
application/json, text/javascript, */*; q=0.01
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

cache-control
no-store, no-cache, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6OPrRVOQEjeMfLQo1Fy9f1R9NA4V9rOTaaCPaHKFHaS1cwseG5UyAoP%2BlPZOEhrtwlX0oR4EGoLYs%2Fqe1LwoUQK%2F2VLQsV6e0StNBTSS426GLyAHWVjiXUGA2iLMx8UTKtwI"}],"group":"cf-nel","max_age":604800}
cf-ray
8f1b4da8e872e1bc-MRS
expires
Thu, 19 Nov 1981 08:52:00 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=123975&min_rtt=114802&rtt_var=5218&sent=149&recv=71&lost=0&retrans=1&sent_bytes=149177&recv_bytes=10622&delivery_rate=5524&cwnd=82800&unsent_bytes=0&cid=883d5106ba946482&ts=2560&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 14 Dec 2024 04:03:18 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=1,i
favicon.ico
suportecaixa.org/ 		278 B
890 B 		Other
General
Check archive.org
Download Go to
Full URL
https://suportecaixa.org/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.175.102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e57816d0cffd7dc93a05a4fdb4e06321de4fb14f39ac865a346ed95b21825a3a

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://suportecaixa.org/portal/html/empresa/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
EXPIRED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X1dM0In5ONzM3N99m8o%2F5yC%2FOEdhEXf4WL8FWXlnnrj0WIjiwtGcuwRzP2ZYHQa7qNegKJrTeRF%2FvkCQVTOj2lfwCDwy8Y%2B8ufs5PZUce9HX4qUrLqyb6HZoOdYHJanvjunu"}],"group":"cf-nel","max_age":604800}
cf-ray
8f1b4da8e875e1bc-MRS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=123240&min_rtt=114802&rtt_var=5383&sent=150&recv=72&lost=0&retrans=1&sent_bytes=150099&recv_bytes=10666&delivery_rate=7329&cwnd=82800&unsent_bytes=0&cid=883d5106ba946482&ts=2733&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 14 Dec 2024 04:03:18 GMT
content-type
text/html; charset=iso-8859-1
vary
Accept-Encoding
server
cloudflare
priority
u=1,i
wp-admin.php
suportecaixa.org/portal/html/empresa/gerenciador/ Frame 5E28 		146 B
866 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://suportecaixa.org/portal/html/empresa/gerenciador/wp-admin.php
Requested by
Host: suportecaixa.org
URL: https://suportecaixa.org/portal/html/empresa/js/jquery-3.3.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.175.102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48d784487d46d24832625b8afb63f31bed0c9a287cce7f2d345bde01abb4dd16

Request headers

Referer
https://suportecaixa.org/portal/html/empresa/aprovar.php
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Accept
application/json, text/javascript, */*; q=0.01
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

cache-control
no-store, no-cache, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3u%2FR53hQQz98cRa2JuKQjyLzaljKp7eABoC8Z8nel5Q6NxUHVTyCodWGUivWcn5Csz7F%2Fu6tO85YxOo6rdtyBHtcFHFEVWDgNbWE4fLL3UUwKr3wYFjw4L%2FENg6vkBH2Qd1T"}],"group":"cf-nel","max_age":604800}
cf-ray
8f1b4dbabb87e1bc-MRS
expires
Thu, 19 Nov 1981 08:52:00 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=125814&min_rtt=114802&rtt_var=12047&sent=155&recv=76&lost=0&retrans=2&sent_bytes=151773&recv_bytes=11342&delivery_rate=9002&cwnd=82800&unsent_bytes=0&cid=883d5106ba946482&ts=5416&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 14 Dec 2024 04:03:21 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=1,i
wp-admin.php
suportecaixa.org/portal/html/empresa/gerenciador/ Frame 5E28 		146 B
877 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://suportecaixa.org/portal/html/empresa/gerenciador/wp-admin.php
Requested by
Host: suportecaixa.org
URL: https://suportecaixa.org/portal/html/empresa/js/jquery-3.3.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.175.102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48d784487d46d24832625b8afb63f31bed0c9a287cce7f2d345bde01abb4dd16

Request headers

Referer
https://suportecaixa.org/portal/html/empresa/aprovar.php
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Accept
application/json, text/javascript, */*; q=0.01
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

cache-control
no-store, no-cache, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aNZExCputTjg%2BTBP0K84f%2F%2BEA93eYo%2BnO8K%2BAFhHwIWPugZdarXX2ABXHUB62DL1SC%2BIOy7sz8J0KwLf3OXFhOCwdxOX%2BMGBw%2BRTD9cj5eLyt%2Bb7ICZ5pZxwSPAc7%2B5T27V2"}],"group":"cf-nel","max_age":604800}
cf-ray
8f1b4dcd8b10e1bc-MRS
expires
Thu, 19 Nov 1981 08:52:00 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=125021&min_rtt=114802&rtt_var=10622&sent=158&recv=79&lost=0&retrans=2&sent_bytes=152710&recv_bytes=11975&delivery_rate=3251&cwnd=82800&unsent_bytes=0&cid=883d5106ba946482&ts=8414&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 14 Dec 2024 04:03:24 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=1,i
wp-admin.php
suportecaixa.org/portal/html/empresa/gerenciador/ Frame 5E28 		146 B
868 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://suportecaixa.org/portal/html/empresa/gerenciador/wp-admin.php
Requested by
Host: suportecaixa.org
URL: https://suportecaixa.org/portal/html/empresa/js/jquery-3.3.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.175.102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48d784487d46d24832625b8afb63f31bed0c9a287cce7f2d345bde01abb4dd16

Request headers

Referer
https://suportecaixa.org/portal/html/empresa/aprovar.php
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Accept
application/json, text/javascript, */*; q=0.01
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

cache-control
no-store, no-cache, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qQJ94A%2BhCHRre%2BFGSpIIeLRVqjTpxOCfW2jQYoX2IQMsxBbhB7R1QikFcSuLwJkg67hxNWdyW3mgWCwNHKbjomFyKdUuF6ek1n3Nh5ydL6pOreH8Wbtj5qs5B%2FuJG%2BwboNI9"}],"group":"cf-nel","max_age":604800}
cf-ray
8f1b4de049ece1bc-MRS
expires
Thu, 19 Nov 1981 08:52:00 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=123820&min_rtt=114802&rtt_var=10368&sent=161&recv=82&lost=0&retrans=2&sent_bytes=153658&recv_bytes=12608&delivery_rate=3380&cwnd=82800&unsent_bytes=0&cid=883d5106ba946482&ts=11418&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 14 Dec 2024 04:03:27 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=1,i
wp-admin.php
suportecaixa.org/portal/html/empresa/gerenciador/ Frame 5E28 		146 B
871 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://suportecaixa.org/portal/html/empresa/gerenciador/wp-admin.php
Requested by
Host: suportecaixa.org
URL: https://suportecaixa.org/portal/html/empresa/js/jquery-3.3.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.175.102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48d784487d46d24832625b8afb63f31bed0c9a287cce7f2d345bde01abb4dd16

Request headers

Referer
https://suportecaixa.org/portal/html/empresa/aprovar.php
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Accept
application/json, text/javascript, */*; q=0.01
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

cache-control
no-store, no-cache, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bS%2F79B%2B1bkQpiD7VMGRiXb%2Bn0N4GMNJjox5JfGH8tVTkXbonsAo1E%2Fvr%2Fj293S6QinIjbNSNB8c241CM1Mg%2F%2FFOGYb8JwIIjIOaHUTyPUi7sUx7zE5snhGyFUhcQtVBcMhw2"}],"group":"cf-nel","max_age":604800}
cf-ray
8f1b4df3081ee1bc-MRS
expires
Thu, 19 Nov 1981 08:52:00 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=123419&min_rtt=114802&rtt_var=8576&sent=164&recv=85&lost=0&retrans=2&sent_bytes=154598&recv_bytes=13241&delivery_rate=3251&cwnd=82800&unsent_bytes=0&cid=883d5106ba946482&ts=14454&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 14 Dec 2024 04:03:30 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=1,i

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Cloudflare (Online)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

2 Cookies

Domain/Path Name / Value
.v1.portaltermails.com/ Name: __cf_mw_byp
Value: S2Ms362_bqwsj1ycVRumTQU1G1LfBSP_ODEveZRzBWA-1734148991-0.0.1.1-/?santander
suportecaixa.org/ Name: PHPSESSID
Value: daos2hmclil6sn0r5ndu1q0c8e

3 Console Messages

Source Level URL
Text
network error URL: https://v1.portaltermails.com/?santander
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://v1.portaltermails.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://suportecaixa.org/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN