atualizeauxx.xyz
Open in
urlscan Pro
200.9.154.176
Malicious Activity!
Public Scan
Effective URL: https://atualizeauxx.xyz/
Submission: On April 18 via api from BR — Scanned from DE
Summary
TLS certificate: Issued by localhost on November 10th 2009. Valid for: 10 years.
This is the only time atualizeauxx.xyz was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Caixa (Government)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
11 | 200.9.154.176 200.9.154.176 | 270353 (Tyna Host) (Tyna Host - Datacenter no Brasil) | |
2 | 2606:4700::68... 2606:4700::6811:180e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
13 | 2 |
ASN270353 (Tyna Host - Datacenter no Brasil, BR)
PTR: 200-9-154-176.tynahost.com
atualizeauxx.xyz |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
atualizeauxx.xyz
atualizeauxx.xyz |
427 KB |
2 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 231 |
166 KB |
13 | 2 |
Domain | Requested by | |
---|---|---|
11 | atualizeauxx.xyz |
atualizeauxx.xyz
|
2 | cdnjs.cloudflare.com |
atualizeauxx.xyz
cdnjs.cloudflare.com |
13 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
localhost localhost |
2009-11-10 - 2019-11-08 |
10 years | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-07-03 - 2024-07-02 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://atualizeauxx.xyz/
Frame ID: 1F8236E76C883F03DBDEA59257008C3B
Requests: 13 HTTP requests in this frame
Screenshot
Page Title
Entrar em Login CaixaPage URL History Show full URLs
-
http://atualizeauxx.xyz/
HTTP 307
https://atualizeauxx.xyz/ Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://atualizeauxx.xyz/
HTTP 307
https://atualizeauxx.xyz/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
atualizeauxx.xyz/ Redirect Chain
|
7 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.css
atualizeauxx.xyz/assets/css/ |
227 KB 228 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/ |
100 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login.css
atualizeauxx.xyz/assets/css/ |
296 B 604 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.css
atualizeauxx.xyz/assets/css/ |
22 KB 22 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fsso.css
atualizeauxx.xyz/assets/css/ |
1 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-caixa.png
atualizeauxx.xyz/assets/img/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-3.6.0.min.js
atualizeauxx.xyz/assets/js/ |
87 KB 88 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.mask.min.js
atualizeauxx.xyz/assets/js/ |
8 KB 8 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
imask.min.js
atualizeauxx.xyz/assets/js/ |
44 KB 45 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/ |
147 KB 147 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
futuraBook.woff
atualizeauxx.xyz/assets/fonts/futuraBook/ |
12 KB 13 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
caixa_tem.png
atualizeauxx.xyz/assets/img/ |
9 KB 9 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Caixa (Government)8 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| validarCPF function| animateDots function| $ function| jQuery object| $jscomp object| __core-js_shared__ object| core function| IMask1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
atualizeauxx.xyz/ | Name: PHPSESSID Value: h8o8ms3rdgblt1d54c2sfg6sfq |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
atualizeauxx.xyz
cdnjs.cloudflare.com
200.9.154.176
2606:4700::6811:180e
0a8389b9be2cca3dc5f663dfdde77f7a8d1b305f041553a4374bac683b2c193c
16ee7f3d53462650bbd32e263c48c0ea759574fcf620c681ad719008912c461a
1edb1725a9ea8ca4dcf2f5508cee183218aa1685e47c1b23056717f754f58ebf
2a0db34dc14ef4b5ce73b230701c7561e5012667a4c9cb274ecab646e1474995
5ba7b24088ced5ffe836b6ccb3256a298ae314fa39370d81660f900617f3519a
63c6bca75c5ba6da5336acef9f07f249f52b6ef6343f5d1ec46916139b30ee16
7152a6933ee3d690ec2af3d09da9d701723d16aa3410a6d80f28ff8866f3b880
a10b2226b24cb524fc090fc6b617601ddfa9c6bfc32b95c415b8057f0b32b340
b6d5e5272293d6212040ade68138e4a3eb698739603c6be040b940a3e4acbce2
cdd5acce0e4ddc7acb654c874d794105c80182fbf941f887f8d4a589c4bb3d9d
cef588bc026161c06f8f09683b4dbe9478955be7d9704bf81b625725b3d495d5
ec5a90e954afb2d290d3db84561a304a53bc4380da799701ffe25d364ee1559c
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e