atendimentoaoclienteltauon-line.clientediaenoite.com
Open in
urlscan Pro
137.74.199.152
Malicious Activity!
Public Scan
Submission: On February 04 via automatic, source phishtank
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on February 2nd 2020. Valid for: 3 months.
This is the only time atendimentoaoclienteltauon-line.clientediaenoite.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Banco Itau (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
12 | 137.74.199.152 137.74.199.152 | 16276 (OVH) (OVH) | |
12 | 1 |
ASN16276 (OVH, FR)
PTR: 152.ip-137-74-199.eu
atendimentoaoclienteltauon-line.clientediaenoite.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
clientediaenoite.com
atendimentoaoclienteltauon-line.clientediaenoite.com |
65 KB |
12 | 1 |
Domain | Requested by | |
---|---|---|
12 | atendimentoaoclienteltauon-line.clientediaenoite.com |
atendimentoaoclienteltauon-line.clientediaenoite.com
|
12 | 1 |
This site contains links to these domains. Also see Links.
Domain |
---|
ww70.itau.com.br |
www.itau.com.br |
itau.mobi |
Subject Issuer | Validity | Valid | |
---|---|---|---|
atendimentoaoclienteltauon-line.clientediaenoite.com Let's Encrypt Authority X3 |
2020-02-02 - 2020-05-02 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://atendimentoaoclienteltauon-line.clientediaenoite.com/30hrs/?id=MTk5OTE0NDU3MDE=&hash=cdc611647e698cfd00fb88ada88aef8b
Frame ID: 37F38B60B15861FE3E226A969F048292
Requests: 12 HTTP requests in this frame
Screenshot
Detected technologies
Ubuntu (Operating Systems) ExpandDetected patterns
- headers server /Ubuntu/i
OpenSSL (Web Server Extensions) Expand
Detected patterns
- headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
11 Outgoing links
These are links going to different origins than the main page.
Title: Cliente pessoa jurídica
Search URL Search Domain Scan URL
Title: Gerar código iToken
Search URL Search Domain Scan URL
Title: Simulador de previdência
Search URL Search Domain Scan URL
Title: Telefones
Search URL Search Domain Scan URL
Title: Indicadores de mercado
Search URL Search Domain Scan URL
Title: Agências
Search URL Search Domain Scan URL
Title: Caixas eletrônicos
Search URL Search Domain Scan URL
Title: Dispensadores de cheques
Search URL Search Domain Scan URL
Title: Configurações
Search URL Search Domain Scan URL
Title: Celular
Search URL Search Domain Scan URL
Title: PC
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
12 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
atendimentoaoclienteltauon-line.clientediaenoite.com/30hrs/ |
26 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.11.3.min.js
atendimentoaoclienteltauon-line.clientediaenoite.com/30hrs/js/ |
94 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
passarCampo.js
atendimentoaoclienteltauon-line.clientediaenoite.com/30hrs/js/ |
241 B 511 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
validationCampos.js
atendimentoaoclienteltauon-line.clientediaenoite.com/30hrs/js/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
iphone.css
atendimentoaoclienteltauon-line.clientediaenoite.com/30hrs/arquivos/ |
17 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_nm.png
atendimentoaoclienteltauon-line.clientediaenoite.com/30hrs/arquivos/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
30_nm.png
atendimentoaoclienteltauon-line.clientediaenoite.com/30hrs/arquivos/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bt-ok.png
atendimentoaoclienteltauon-line.clientediaenoite.com/30hrs/arquivos/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
spacer.gif
atendimentoaoclienteltauon-line.clientediaenoite.com/30hrs/arquivos/ |
45 B 322 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
seta_laranja.png
atendimentoaoclienteltauon-line.clientediaenoite.com/30hrs/arquivos/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg_iph_nm.png
atendimentoaoclienteltauon-line.clientediaenoite.com/30hrs/arquivos/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ItauLogo.png
atendimentoaoclienteltauon-line.clientediaenoite.com/30hrs/arquivos/ |
7 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Banco Itau (Banking)20 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| $ function| jQuery function| pulacampo function| mostrar_erro function| ocultar_erro function| castly function| se function| sc function| cc function| macdonate function| validarAgCtDg function| pad function| formatarAgCtDg function| validar function| telefone_validation function| SomenteNumero string| autenticado boolean| isIPad0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
atendimentoaoclienteltauon-line.clientediaenoite.com
137.74.199.152
20e11ce61890c08c0529911822233c9023ebc367df6c1050dec105e2b9628104
2942283657612b371f42e59a6e28db8d2c3095fc31cf0b4eed39ccc5a1672485
2a10c4327bd735dd1653839c420c51f6f12fab04ee65edb1989d3918a67e8892
479e98acc92133600bf208703d3d6aa267e8b270291de67f999d96c20451a35f
56de049a54da6dd29c04507dfe38e70fca4d53ee7a95cde26d3a35183250a598
75d8fcc07c45dd1d9419cc11bd3d55e00153b9f348a8e7d804133b88dad832cf
7b6793adb9c95b47b80451f3665a58b4713f7427d640b99bb03c3d3a25a06778
8415ff453bcb6e92f4216c91782317d39d84e1e830814c24d8e65c2d4e79ec63
94bbcab0a5d38fe43b9989fdf8d7d6d2dfb671d495b9bd8824320721c8b4dc57
e07cf160f6c2a25c1232ce0178fad0bf5afd50323e39d947db203a5ff2592b60
e0f8dceb516151e70891cb4ed02aac4b5800b37c13d8328a35919472efe0f93e
fea1d162a3c7bc8f7d4812a40b8047417ab6cc998ca87ab70df1a2d2b99ce3f4