ita-acesso-promo.tk Open in urlscan Pro
2606:4700:3033::ac43:af42 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://ita-acesso-promo.tk/
Submission Tags: 7093586
Submission: On May 02 via api (May 2nd 2021, 2:03:20 am UTC) from NL

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 11 HTTP transactions. The main IP is 2606:4700:3033::ac43:af42, located in United States and belongs to CLOUDFLARENET, US. The main domain is ita-acesso-promo.tk.

This is the only time ita-acesso-promo.tk was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Banco Itau (Banking)

Domain & IP information

	IP Address		AS Autonomous System
11	2606:4700:303... 2606:4700:3033::ac43:af42		13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	1

11 2606:4700:3033::ac43:af42 (United States)

ASN13335 (CLOUDFLARENET, US)

ita-acesso-promo.tk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	ita-acesso-promo.tk ita-acesso-promo.tk	226 KB
11	1

	Domain	Requested by
11	ita-acesso-promo.tk	ita-acesso-promo.tk
11	1

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://ita-acesso-promo.tk/
Frame ID: 5722E753694164D76667A55E02C31E1C
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

11
Requests

0 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

226 kB
Transfer

280 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set / Show response ita-acesso-promo.tk/	2 KB 2 KB	280ms 235ms	Document text/html	2606:4700:3033::ac43:af42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://ita-acesso-promo.tk/ Protocol HTTP/1.1 Server 2606:4700:3033::ac43:af42 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.3.27 Resource Hash `dc158408183d814f98f6eea1fd627caddf855c0728f4fe87cf45cece82f36797` Request headers Host ita-acesso-promo.tk Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sun, 02 May 2021 02:03:00 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Set-Cookie __cfduid=d7404c9fde23cbb91a894f3bc3e5a64d61619920980; expires=Tue, 01-Jun-21 02:03:00 GMT; path=/; domain=.ita-acesso-promo.tk; HttpOnly; SameSite=Lax X-Powered-By PHP/7.3.27 CF-Cache-Status DYNAMIC cf-request-id 09cc69a05900004a55c5a8a000000001 Report-To {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wlE3TeYDGOo9jS7aRMgZgjDQ%2BWp8k5ynRuB4u0W7ZZI30k0R00TzKUc91WF5vWHkLEVcZo11v3C7Kgs5xm8hsI4XRSFcemZLM0l59CM5gSI9jI3fugWJAi25ss8%2FpPWm"}],"max_age":604800} NEL {"max_age":604800,"report_to":"cf-nel"} Server cloudflare CF-RAY 648dabad5e7d4a55-FRA Content-Encoding gzip alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	200 OK	jquery-3.2.1.min.js Show response ita-acesso-promo.tk/js/	85 KB 30 KB	13ms 12ms	Script application/javascript	2606:4700:3033::ac43:af42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://ita-acesso-promo.tk/js/jquery-3.2.1.min.js Requested by Host: ita-acesso-promo.tk URL: http://ita-acesso-promo.tk/ Protocol HTTP/1.1 Server 2606:4700:3033::ac43:af42 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host ita-acesso-promo.tk Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept / Referer http://ita-acesso-promo.tk/ Cookie __cfduid=d7404c9fde23cbb91a894f3bc3e5a64d61619920980 Connection keep-alive Cache-Control no-cache Referer http://ita-acesso-promo.tk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sun, 02 May 2021 02:03:00 GMT Content-Encoding gzip CF-Cache-Status HIT NEL {"max_age":604800,"report_to":"cf-nel"} Age 6692 Transfer-Encoding chunked Connection keep-alive alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 09cc69a14900004a552522d000000001 Last-Modified Thu, 26 Mar 2020 19:14:30 GMT Server cloudflare ETag W/"15283-5a1c6cb4d7180" Vary Accept-Encoding Report-To {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=R8PBuGxPnTlFrvuCEAtijVqaQrNCJy9Kp%2BSCFuZp%2B9R2RpY1t059olDyOaWGbLTe%2FdYASZjjZZ0tdWnNDoQdirIrd47Sman29bRJyqKb2z%2BGvGrMKWWcynzmDnvT0DbN"}],"max_age":604800} Content-Type application/javascript Cache-Control max-age=14400 CF-RAY 648dabaed8444a55-FRA
GET H/1.1	200 OK	jquery.mask.min.js Show response ita-acesso-promo.tk/js/	5 KB 3 KB	24ms 18ms	Script application/javascript	2606:4700:3033::ac43:af42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://ita-acesso-promo.tk/js/jquery.mask.min.js Requested by Host: ita-acesso-promo.tk URL: http://ita-acesso-promo.tk/ Protocol HTTP/1.1 Server 2606:4700:3033::ac43:af42 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f830833b6661d5fb63e23d3d245e91edc7c52aa547ca19eca7c91c7570483975` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host ita-acesso-promo.tk Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept / Referer http://ita-acesso-promo.tk/ Cookie __cfduid=d7404c9fde23cbb91a894f3bc3e5a64d61619920980 Connection keep-alive Cache-Control no-cache Referer http://ita-acesso-promo.tk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sun, 02 May 2021 02:03:00 GMT Content-Encoding gzip CF-Cache-Status HIT NEL {"report_to":"cf-nel","max_age":604800} Age 6692 Transfer-Encoding chunked Connection keep-alive alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 09cc69a14e00004e432e105000000001 Last-Modified Thu, 26 Mar 2020 19:14:30 GMT Server cloudflare ETag W/"12fc-5a1c6cb4d7180" Vary Accept-Encoding Report-To {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WllklYetU7fUd3o%2FTZD4gthtE2s1iysE48AS1IHHOnzIV19%2BCzta7e%2BEZDFxhT1FCsfhImN0rLVVkiv9SRMtmovKQAnnvyAZiqLESK%2BR0sP9%2BptkHPGUp8w0HBgk%2Fbuz"}]} Content-Type application/javascript Cache-Control max-age=14400 CF-RAY 648dabaeed8b4e43-FRA
GET H/1.1	200 OK	home_scripts.js Show response ita-acesso-promo.tk/js/	1 KB 1 KB	23ms 17ms	Script application/javascript	2606:4700:3033::ac43:af42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://ita-acesso-promo.tk/js/home_scripts.js Requested by Host: ita-acesso-promo.tk URL: http://ita-acesso-promo.tk/ Protocol HTTP/1.1 Server 2606:4700:3033::ac43:af42 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `bfbf3fc25fb56572d3aa2c94f156f67f48186a575d5627c46728c5e5b406ef35` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host ita-acesso-promo.tk Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept / Referer http://ita-acesso-promo.tk/ Cookie __cfduid=d7404c9fde23cbb91a894f3bc3e5a64d61619920980 Connection keep-alive Cache-Control no-cache Referer http://ita-acesso-promo.tk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sun, 02 May 2021 02:03:00 GMT Content-Encoding gzip CF-Cache-Status HIT NEL {"report_to":"cf-nel","max_age":604800} Age 6692 Transfer-Encoding chunked Connection keep-alive alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 09cc69a14e0000176a3c381000000001 Last-Modified Thu, 26 Mar 2020 19:14:30 GMT Server cloudflare ETag W/"5f4-5a1c6cb4d7180" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=m9u6118On4q0MwUWjGH0Fx3zx8FmxLwvdKfDL2D4s6KP6fWH%2FNkgRXoAWX%2BdTxMCfUsQv43weto7yBa46hdh40CkiuqBr26yDgoml5OQ%2B8Cehc6IKdK5bS%2Fy%2FXP2i%2B1G"}],"max_age":604800,"group":"cf-nel"} Content-Type application/javascript Cache-Control max-age=14400 CF-RAY 648dabaeebcd176a-FRA
GET H/1.1	200 OK	home_style.css ita-acesso-promo.tk/assets/css/	4 KB 2 KB	25ms 19ms	Stylesheet text/css	2606:4700:3033::ac43:af42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://ita-acesso-promo.tk/assets/css/home_style.css Requested by Host: ita-acesso-promo.tk URL: http://ita-acesso-promo.tk/ Protocol HTTP/1.1 Server 2606:4700:3033::ac43:af42 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e8ed617ed98751deb0c8d0c47b65f339943965ec8147ecd767b2f53047563bfe` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host ita-acesso-promo.tk Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/css,/;q=0.1 Referer http://ita-acesso-promo.tk/ Cookie __cfduid=d7404c9fde23cbb91a894f3bc3e5a64d61619920980 Connection keep-alive Cache-Control no-cache Referer http://ita-acesso-promo.tk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sun, 02 May 2021 02:03:00 GMT Content-Encoding gzip CF-Cache-Status HIT NEL {"report_to":"cf-nel","max_age":604800} Age 6692 Transfer-Encoding chunked Connection keep-alive alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 09cc69a14e00004a5cc033b000000001 last-modified Thu, 26 Mar 2020 19:14:30 GMT Server cloudflare etag W/"ec6-5a1c6cb4d7180" Vary Accept-Encoding Report-To {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=O5pm0sKHVUvIFYiNtTcEdGJ6BmLONHwHtbEAqILAwUde12lN13tf%2B0lgtSjWHDKXVWUIw4MvW6vKflNk4PW6zPKeI2g0V2DPQG%2FjqwDZdi8evDJ%2BxRWqX%2FnDGo6G4GMr"}]} Content-Type text/css Cache-Control max-age=14400 CF-RAY 648dabaee92a4a5c-FRA
GET H/1.1	200 OK	img_home_logo.png ita-acesso-promo.tk/assets/imagenss/	4 KB 4 KB	13ms 12ms	Image image/png	2606:4700:3033::ac43:af42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://ita-acesso-promo.tk/assets/imagenss/img_home_logo.png Requested by Host: ita-acesso-promo.tk URL: http://ita-acesso-promo.tk/ Protocol HTTP/1.1 Server 2606:4700:3033::ac43:af42 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `7567ac56d5b7f15cc4d6cb7c15524f12039dfec5d7834364f58823545500659e` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host ita-acesso-promo.tk Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 Referer* http://ita-acesso-promo.tk/ Cookie __cfduid=d7404c9fde23cbb91a894f3bc3e5a64d61619920980 Connection keep-alive Cache-Control no-cache Referer http://ita-acesso-promo.tk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sun, 02 May 2021 02:03:00 GMT CF-Cache-Status HIT NEL {"report_to":"cf-nel","max_age":604800} Age 6691 Connection keep-alive alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 3633 cf-request-id 09cc69a16500004a5cba95e000000001 Last-Modified Thu, 26 Mar 2020 19:14:30 GMT Server cloudflare ETag "e31-5a1c6cb4d7180" Vary Accept-Encoding Report-To {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oLasM%2BKAZNxDT73C9TSoaNIrYhdvOhFjB9aC9vM4qlakSWNrKmWuKmCiJFofE%2BsW4WHI1mLw%2FE%2Fn1fyO7tTceN3dd4yDUY7dq2T06ghb5%2Bio2U3aCzBA8bLjP2MaQ3DF"}]} Content-Type image/png Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 648dabaf095b4a5c-FRA
GET H/1.1	200 OK	ic_contact_card.png ita-acesso-promo.tk/assets/imagenss/	503 B 1 KB	10ms 10ms	Image image/png	2606:4700:3033::ac43:af42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://ita-acesso-promo.tk/assets/imagenss/ic_contact_card.png Requested by Host: ita-acesso-promo.tk URL: http://ita-acesso-promo.tk/ Protocol HTTP/1.1 Server 2606:4700:3033::ac43:af42 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `7128b3163ef3d75f3f7f7e803b65a7bbfbf480c880c7a815c33ea82d549e630d` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host ita-acesso-promo.tk Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 Referer* http://ita-acesso-promo.tk/ Cookie __cfduid=d7404c9fde23cbb91a894f3bc3e5a64d61619920980 Connection keep-alive Cache-Control no-cache Referer http://ita-acesso-promo.tk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sun, 02 May 2021 02:03:00 GMT CF-Cache-Status HIT NEL {"report_to":"cf-nel","max_age":604800} Age 6691 Connection keep-alive alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 503 cf-request-id 09cc69a16300004e43149ea000000001 Last-Modified Thu, 26 Mar 2020 19:14:30 GMT Server cloudflare ETag "1f7-5a1c6cb4d7180" Vary Accept-Encoding Report-To {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=laDFi%2FraHmlq9eV%2FUSse8KsuW4yxLreCRtHmYpmTJ1MnXxtTCJDYqXiEiX1n%2FM7x5%2BYMee%2BHg3igsUvW77Du2v%2F%2BGa%2FkYy9UZf3ik7hzGm1FeTghB%2BueAfSpQylRbMfB"}]} Content-Type image/png Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 648dabaf0db24e43-FRA
GET H/1.1	200 OK	ic_itokenapp.png ita-acesso-promo.tk/assets/imagenss/	2 KB 3 KB	16ms 15ms	Image image/png	2606:4700:3033::ac43:af42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://ita-acesso-promo.tk/assets/imagenss/ic_itokenapp.png Requested by Host: ita-acesso-promo.tk URL: http://ita-acesso-promo.tk/ Protocol HTTP/1.1 Server 2606:4700:3033::ac43:af42 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `75851533db3fda044c3fe2bdfbb1dfdf808586387493fc5b3395ba8400391046` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host ita-acesso-promo.tk Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 Referer* http://ita-acesso-promo.tk/ Cookie __cfduid=d7404c9fde23cbb91a894f3bc3e5a64d61619920980 Connection keep-alive Cache-Control no-cache Referer http://ita-acesso-promo.tk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sun, 02 May 2021 02:03:00 GMT CF-Cache-Status HIT NEL {"report_to":"cf-nel","max_age":604800} Age 6691 Connection keep-alive alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 2047 cf-request-id 09cc69a1670000176a2a8fc000000001 Last-Modified Thu, 26 Mar 2020 19:14:30 GMT Server cloudflare ETag "7ff-5a1c6cb4d7180" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZEFVk1WEKECRvQYDjb19r4py6nS%2B%2FGvReell1XDOpKE%2Byf6WyHu5uWn1Gg5YegD2Dm6qO3zsBxKMfBJK7I4jGgM2v3VbIH5NTm91eBCAdTXOWTh3ry8amz3sk3e5FGWS"}],"max_age":604800,"group":"cf-nel"} Content-Type image/png Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 648dabaf0bea176a-FRA
GET H/1.1	200 OK	ic_ajuda.png ita-acesso-promo.tk/assets/imagenss/	1 KB 2 KB	12ms 11ms	Image image/png	2606:4700:3033::ac43:af42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://ita-acesso-promo.tk/assets/imagenss/ic_ajuda.png Requested by Host: ita-acesso-promo.tk URL: http://ita-acesso-promo.tk/ Protocol HTTP/1.1 Server 2606:4700:3033::ac43:af42 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `915e3aea1eda6df53467eb792f487578c127d19740a1eb669d6dba7d2435edb4` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host ita-acesso-promo.tk Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 Referer* http://ita-acesso-promo.tk/ Cookie __cfduid=d7404c9fde23cbb91a894f3bc3e5a64d61619920980 Connection keep-alive Cache-Control no-cache Referer http://ita-acesso-promo.tk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sun, 02 May 2021 02:03:00 GMT CF-Cache-Status HIT NEL {"max_age":604800,"report_to":"cf-nel"} Age 6691 Connection keep-alive alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 1374 cf-request-id 09cc69a16700004a55eb8f5000000001 Last-Modified Thu, 26 Mar 2020 19:14:30 GMT Server cloudflare ETag "55e-5a1c6cb4d7180" Vary Accept-Encoding Report-To {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2pFp%2BIKiER7k2Is%2BQXif4meVvk99fI6HoBbEuLyqSt%2Bg15VvGFB4YxREa3Mn8xBZKIWGHmMbVa%2BDl8e0cszLrzh7Jt78dOkRI58J6MPmlBZ%2FrX03RZ%2BjSdYfbhvMUcHB"}],"max_age":604800} Content-Type image/png Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 648dabaf086d4a55-FRA
GET H/1.1	200 OK	img_home_bg.png ita-acesso-promo.tk/assets/imagenss/	175 KB 176 KB	20ms 14ms	Image image/png	2606:4700:3033::ac43:af42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://ita-acesso-promo.tk/assets/imagenss/img_home_bg.png Requested by Host: ita-acesso-promo.tk URL: http://ita-acesso-promo.tk/assets/css/home_style.css Protocol HTTP/1.1 Server 2606:4700:3033::ac43:af42 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d33cfca923e87510e2837231c77985de89f00f0ba8bf8b4e86bf7086f38514c6` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host ita-acesso-promo.tk Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 Referer* http://ita-acesso-promo.tk/assets/css/home_style.css Cookie __cfduid=d7404c9fde23cbb91a894f3bc3e5a64d61619920980 Connection keep-alive Cache-Control no-cache Referer http://ita-acesso-promo.tk/assets/css/home_style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sun, 02 May 2021 02:03:00 GMT CF-Cache-Status HIT NEL {"max_age":604800,"report_to":"cf-nel"} Age 6691 Connection keep-alive alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 179518 cf-request-id 09cc69a16b00004e61ef2b3000000001 last-modified Thu, 26 Mar 2020 19:14:30 GMT Server cloudflare etag "2bd3e-5a1c6cb4d7180" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=x7sbNBNRQINgFUFIOpDHUAU8QWNTNRUU8Xqwys7kn6lJOGxOB2YwORhLcDNtimzIDyCP%2Bp6Ry0bsxNOO8RUvPE3uJfL23Lp8JaoR2xT9AmR%2Bf2AKfimr7rs4WRj3B3TV"}],"group":"cf-nel","max_age":604800} Content-Type image/png Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 648dabaf195f4e61-FRA
GET H/1.1	200 OK	ic_cadeado.png ita-acesso-promo.tk/assets/imagenss/	783 B 2 KB	15ms 11ms	Image image/png	2606:4700:3033::ac43:af42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://ita-acesso-promo.tk/assets/imagenss/ic_cadeado.png Requested by Host: ita-acesso-promo.tk URL: http://ita-acesso-promo.tk/assets/css/home_style.css Protocol HTTP/1.1 Server 2606:4700:3033::ac43:af42 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3b28fd611f0f51576757693edb78d14b162007c819945963b8ea339a456f5404` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host ita-acesso-promo.tk Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 Referer* http://ita-acesso-promo.tk/assets/css/home_style.css Cookie __cfduid=d7404c9fde23cbb91a894f3bc3e5a64d61619920980 Connection keep-alive Cache-Control no-cache Referer http://ita-acesso-promo.tk/assets/css/home_style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sun, 02 May 2021 02:03:00 GMT CF-Cache-Status HIT NEL {"report_to":"cf-nel","max_age":604800} Age 6691 Connection keep-alive alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 783 cf-request-id 09cc69a16d00004e431a8f9000000001 Last-Modified Thu, 26 Mar 2020 19:14:30 GMT Server cloudflare ETag "30f-5a1c6cb4d7180" Vary Accept-Encoding Report-To {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tvlUCthzLwoE10sTLcMXn2A2Jy4EexRMB24kSlR1LLVt8zSYzCCziZlrc4mToAjExUT38BCVz%2BTwlRBjPVj3lvYYP5TAvIfmRX9TTtdDaC%2BoW4QtpLEIY%2BVxoEi4S67W"}]} Content-Type image/png Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 648dabaf1dc84e43-FRA

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banco Itau (Banking)

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.ita-acesso-promo.tk/	1970-01-19 18:41:52	Name: __cfduid Value: d7404c9fde23cbb91a894f3bc3e5a64d61619920980

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ita-acesso-promo.tk
2606:4700:3033::ac43:af42
3b28fd611f0f51576757693edb78d14b162007c819945963b8ea339a456f5404
7128b3163ef3d75f3f7f7e803b65a7bbfbf480c880c7a815c33ea82d549e630d
7567ac56d5b7f15cc4d6cb7c15524f12039dfec5d7834364f58823545500659e
75851533db3fda044c3fe2bdfbb1dfdf808586387493fc5b3395ba8400391046
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
915e3aea1eda6df53467eb792f487578c127d19740a1eb669d6dba7d2435edb4
bfbf3fc25fb56572d3aa2c94f156f67f48186a575d5627c46728c5e5b406ef35
d33cfca923e87510e2837231c77985de89f00f0ba8bf8b4e86bf7086f38514c6
dc158408183d814f98f6eea1fd627caddf855c0728f4fe87cf45cece82f36797
e8ed617ed98751deb0c8d0c47b65f339943965ec8147ecd767b2f53047563bfe
f830833b6661d5fb63e23d3d245e91edc7c52aa547ca19eca7c91c7570483975

ita-acesso-promo.tk Open in urlscan Pro 2606:4700:3033::ac43:af42 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

11 Requests

0 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

226 kBTransfer

280 kBSize

1 Cookies

0 Outgoing links

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

12 JavaScript Global Variables

1 Cookies

Indicators

ita-acesso-promo.tk Open in urlscan Pro
2606:4700:3033::ac43:af42 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

0 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

226 kB
Transfer

280 kB
Size

1
Cookies

11 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!