itaumobile.tk Open in urlscan Pro
2606:4700:3033::681b:8fdf  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response itaumobile.tk/	4 KB 2 KB	492ms 458ms	Document text/html	2606:4700:3033::681b:8fdf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://itaumobile.tk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681b:8fdf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4121f4701f3e6881b93719a495b19c496a2f100b01b96d6f871ec57f57f72392 Request headers :method GET :authority itaumobile.tk :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 19 Nov 2020 06:08:30 GMT content-type text/html; charset=UTF-8 set-cookie __cfduid=d85125937ea51bdfacf594d20b93015db1605766110; expires=Sat, 19-Dec-20 06:08:30 GMT; path=/; domain=.itaumobile.tk; HttpOnly; SameSite=Lax; Secure PHPSESSID=1cq316uir6hgqvabrpliu01q66; path=/ expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate pragma no-cache vary Accept-Encoding cf-cache-status DYNAMIC cf-request-id 0680b77527000005d4d2104000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=iTLerWfDh7xgXJRiBeLQqZAto3s28yOgvS1a7fP8TGMrVA6eEIy%2Bl2uQRb35sMxYdi4RW2eEB%2BnqgvY0CI2CJnQmfrC%2FrzRDRvgIagXPNlxT7Q10NTIH4aw7"}],"group":"cf-nel","max_age":604800} nel {"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 5f47c1cea98d05d4-FRA content-encoding br
GET H2	200	style.css itaumobile.tk/css/	3 KB 936 B	440ms 440ms	Stylesheet text/css	2606:4700:3033::681b:8fdf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://itaumobile.tk/css/style.css Requested by Host: itaumobile.tk URL: https://itaumobile.tk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681b:8fdf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f96f8b3796df2751b05bf43cfa73f35f7ec5e4eb235f5982d2f1b7ea85a7db36 Request headers Referer https://itaumobile.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 19 Nov 2020 06:08:31 GMT content-encoding br cf-cache-status MISS last-modified Wed, 18 Nov 2020 17:48:23 GMT server cloudflare etag W/"a58-5b46537be4be0-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bGzL%2FwsRg1lsVjB2fDIVe1pTZPBB8wWTcwwPnCQVvYKcxifD6zROTjL3QTvHChB6rj5Nhfo6xxByhKrcxmnLIXY%2F5GADEX5ODDYTAfFupeJ4iv05q4WssLKw"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 5f47c1d18f9005d4-FRA cf-request-id 0680b776f7000005d4bca8d000000001
GET H2	200	bootstrap.min.css cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/	157 KB 24 KB	20ms 5ms	Stylesheet text/css	2a04:4e42:1b::621 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css Requested by Host: itaumobile.tk URL: https://itaumobile.tk/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Origin https://itaumobile.tk Referer https://itaumobile.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff age 3160423 x-cache HIT, HIT cross-origin-resource-policy cross-origin content-length 23906 etag W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms" x-served-by cache-fra19121-FRA, cache-hhn4040-HHN date Thu, 19 Nov 2020 06:08:30 GMT vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin *
GET H2	200	logo.png itaumobile.tk/img/	4 KB 4 KB	397ms 395ms	Image image/png	2606:4700:3033::681b:8fdf CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://itaumobile.tk/img/logo.png Requested by Host: itaumobile.tk URL: https://itaumobile.tk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681b:8fdf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0ef6e499e59106c26c35a59627df1a1269075dcc1f8aacf486edda5e59537d74 Request headers Referer https://itaumobile.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 19 Nov 2020 06:08:31 GMT cf-cache-status MISS last-modified Wed, 18 Nov 2020 17:48:23 GMT server cloudflare etag "104d-5b46537c020a0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Mo5Q50E%2Bvv8bGajGWiYEKZuU8k3Kjm7UbiuiNdMuR0DKFz4XU9h4qwsQs8ggce9H3svxvqsYOQDi5Hr6FuQLxs0Gss4wlXTxrtSpREAy6xB1HZWPN5wtulwg"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 5f47c1d18f9c05d4-FRA content-length 4173 cf-request-id 0680b776f9000005d4e1a00000000001
GET H2	200	Screenshot_3.png itaumobile.tk/img/	255 B 558 B	446ms 444ms	Image image/png	2606:4700:3033::681b:8fdf CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://itaumobile.tk/img/Screenshot_3.png Requested by Host: itaumobile.tk URL: https://itaumobile.tk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681b:8fdf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7a03a72f34b907f73aefde67ade3cdce98991a6e461362f21cb62626609185a1 Request headers Referer https://itaumobile.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 19 Nov 2020 06:08:31 GMT cf-cache-status MISS last-modified Wed, 18 Nov 2020 17:48:23 GMT server cloudflare etag "ff-5b46537c214a0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IbGr2iqzPMivPUNW8miOQyU7Z28zSW%2F3Z0fp5PkAgPmZ8pM3wGMZ8%2BAdjSFqnE6uUOHnN%2FIVvfQGRKvOVKW5b%2FTYT5EUL97OKQC8Fiwg9uXFZwEvJItTf%2BEg"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 5f47c1d18f9d05d4-FRA content-length 255 cf-request-id 0680b776f9000005d41c2dd000000001
GET H2	200	logodesktop.png itaumobile.tk/img/	8 KB 9 KB	401ms 399ms	Image image/png	2606:4700:3033::681b:8fdf CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://itaumobile.tk/img/logodesktop.png Requested by Host: itaumobile.tk URL: https://itaumobile.tk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681b:8fdf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ec449b90a12df224ff679dcc26fe6a075b8bee6575b7891ea55b96c5869d828c Request headers Referer https://itaumobile.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 19 Nov 2020 06:08:31 GMT cf-cache-status MISS last-modified Wed, 18 Nov 2020 17:48:23 GMT server cloudflare etag "20f0-5b46537c12a40" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ciF1pziGGWfZ6FOsB10Fjjkq2vqVYd0kD99%2FNRX%2BwfVVm6uJVEzwgxsKglCxGVy6uU82eslRGs7VV%2FCEIkNloKoOPT5qOYzS2nlM0Jok6QYlri4cK%2FvNx7Zn"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 5f47c1d18f9e05d4-FRA content-length 8432 cf-request-id 0680b776fa000005d4f2a46000000001
GET H2	200	sdfsdfsdfsdf.png itaumobile.tk/img/	3 KB 3 KB	461ms 460ms	Image image/png	2606:4700:3033::681b:8fdf CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://itaumobile.tk/img/sdfsdfsdfsdf.png Requested by Host: itaumobile.tk URL: https://itaumobile.tk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681b:8fdf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 37c49a3562dc73933681d62bf7bccac032d2fa21268a1d89587773cae29164ee Request headers Referer https://itaumobile.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 19 Nov 2020 06:08:31 GMT cf-cache-status MISS last-modified Wed, 18 Nov 2020 17:48:23 GMT server cloudflare etag "c21-5b46537c2ff00" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FKFFeDwy7DK4wVE%2B7k5ZSc4pzCB3LuGXCQlAlIbsiYz0djHND1jZI2ymKx31lX3KYmcsFbaqBQ8fBhedo%2FbZe0mwng4h0XDQZnVbcaJ3GcIWvdzj%2F8V5PIwO"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 5f47c1d18f9f05d4-FRA content-length 3105 cf-request-id 0680b776fa000005d401a82000000001
GET H2	200	download.png itaumobile.tk/img/	1 KB 2 KB	430ms 429ms	Image image/png	2606:4700:3033::681b:8fdf CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://itaumobile.tk/img/download.png Requested by Host: itaumobile.tk URL: https://itaumobile.tk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681b:8fdf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3f7c16b90d62b64d961e9276a444bfb4673332113c87124cf84bd9ac27be4a07 Request headers Referer https://itaumobile.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 19 Nov 2020 06:08:31 GMT cf-cache-status MISS last-modified Wed, 18 Nov 2020 17:48:23 GMT server cloudflare etag "5c5-5b46537bf26a0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FMKrcqBxWe8f1UQn43HJ8Az705lTsWZIvUE6S%2FMrjQr5ECPgK6DReBChGL3y%2FUddVVG%2FKtcn3sW3ezX8M1tsvoEjnbTK%2BOjWZ2A7VKDlYTFJInwwpZGmtTeU"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 5f47c1d18fa005d4-FRA content-length 1477 cf-request-id 0680b776fa000005d4fba1d000000001
GET H2	200	jquery-3.5.1.slim.min.js Show response code.jquery.com/	71 KB 24 KB	26ms 9ms	Script application/javascript	2001:4de0:ac19::1:b:2b HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.5.1.slim.min.js Requested by Host: itaumobile.tk URL: https://itaumobile.tk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx / Resource Hash e3e5f35d586c0e6a9a9d7187687be087580c40a5f8d0e52f0c4053bbc25c98db Request headers Origin https://itaumobile.tk Referer https://itaumobile.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 19 Nov 2020 06:08:30 GMT content-encoding gzip last-modified Mon, 04 May 2020 23:02:39 GMT server nginx etag W/"5eb09f0f-11abc" vary Accept-Encoding x-hw 1605766110.dop221.fr8.t,1605766110.cds268.fr8.hn,1605766110.cds154.fr8.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 24606
GET H2	200	bootstrap.bundle.min.js Show response cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/	82 KB 21 KB	21ms 7ms	Script application/javascript	2a04:4e42:1b::621 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.bundle.min.js Requested by Host: itaumobile.tk URL: https://itaumobile.tk/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 8d7089253dca29c9cd8d9deb7ec69b0a3d445f88f6a26478c719be1f90adcb01 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Origin https://itaumobile.tk Referer https://itaumobile.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff age 3151708 x-cache HIT, HIT cross-origin-resource-policy cross-origin content-length 21785 etag W/"148b8-qycDEVlyTiQh9v9ccPSOZXq+nTk" x-served-by cache-fra19158-FRA, cache-hhn4040-HHN date Thu, 19 Nov 2020 06:08:30 GMT vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin *
GET H2	200	selecione1.php Show response itaumobile.tk/ Frame 53DF	1 KB 767 B	433ms 432ms	Document text/html	2606:4700:3033::681b:8fdf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://itaumobile.tk/selecione1.php Requested by Host: itaumobile.tk URL: https://itaumobile.tk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681b:8fdf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f2fddbdd7cb0fe78fc6be399e23f3fa71076ae04865a8258080cbaadbdc14234 Request headers :method GET :authority itaumobile.tk :scheme https :path /selecione1.php pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-origin sec-fetch-mode navigate sec-fetch-dest iframe referer https://itaumobile.tk/ accept-encoding gzip, deflate, br accept-language en-US cookie __cfduid=d85125937ea51bdfacf594d20b93015db1605766110; PHPSESSID=1cq316uir6hgqvabrpliu01q66 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://itaumobile.tk/ Response headers date Thu, 19 Nov 2020 06:08:31 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding cf-cache-status DYNAMIC cf-request-id 0680b778b4000005d4deb17000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Reic17FfInsO1EBGmoHKm8ydfwTXdVjoc1jR6ei7Lt7gfDHXuUls8aVnJMaBQjBaB4T56V2gXorHnthzVSoGT40VnK5IQhJfmbZ4%2B7ohb1LkWshDPvOGrwy0"}],"group":"cf-nel","max_age":604800} nel {"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 5f47c1d45d5d05d4-FRA content-encoding br
GET H2	200	Screenshot_2.png itaumobile.tk/img/	248 KB 248 KB	795ms 794ms	Image image/png	2606:4700:3033::681b:8fdf CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://itaumobile.tk/img/Screenshot_2.png Requested by Host: itaumobile.tk URL: https://itaumobile.tk/css/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681b:8fdf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d594aad567e1419e6c856a243885966e57a70b1dee5186cc139af3e4e0139dcc Request headers Referer https://itaumobile.tk/css/style.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 19 Nov 2020 06:08:32 GMT cf-cache-status MISS last-modified Wed, 18 Nov 2020 17:48:23 GMT server cloudflare etag "3deb2-5b46537c1a740" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9nqzTkrxSggJu6c%2B5m0axdfN4M3OLS9j1jZ80zvy2rwEKGQGu2d%2BnJNXXbqGAt%2B26xcG%2F0vmN5%2Fav6Y1%2F3DHzphreXSVyhG90QoR%2B2ziC8BAG5f28AFI7GaZ"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 5f47c1d46d8205d4-FRA content-length 253618 cf-request-id 0680b778c7000005d40c0f5000000001
GET H2	200	style.css itaumobile.tk/css/ Frame 53DF	3 KB 978 B	12ms 11ms	Stylesheet text/css	2606:4700:3033::681b:8fdf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://itaumobile.tk/css/style.css Requested by Host: itaumobile.tk URL: https://itaumobile.tk/selecione1.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681b:8fdf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f96f8b3796df2751b05bf43cfa73f35f7ec5e4eb235f5982d2f1b7ea85a7db36 Request headers Referer https://itaumobile.tk/selecione1.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 19 Nov 2020 06:08:31 GMT content-encoding br cf-cache-status HIT last-modified Wed, 18 Nov 2020 17:48:23 GMT server cloudflare age 0 etag W/"a58-5b46537be4be0-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=P6kpV6So%2FqNavj3X94pWjWET%2FI1rk4PVHIAvGpxCbg24brECRdnnT%2Fi%2BYvdvi5BRtU8dTSe%2B%2BTaIxKyoWKZeKL1yNHc0mHz7T3WzkNBrSXvQa1vaf1JOQUrd"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 5f47c1d70b0805d4-FRA cf-request-id 0680b77a69000005d433ade000000001

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banco Itau (Banking)

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| bootstrap

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			itaumobile.tk/	1969-12-31 23:59:59	Name: PHPSESSID Value: 1cq316uir6hgqvabrpliu01q66
			.itaumobile.tk/	1970-01-19 14:45:58	Name: __cfduid Value: d85125937ea51bdfacf594d20b93015db1605766110

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
code.jquery.com
itaumobile.tk
2001:4de0:ac19::1:b:2b
2606:4700:3033::681b:8fdf
2a04:4e42:1b::621
0ef6e499e59106c26c35a59627df1a1269075dcc1f8aacf486edda5e59537d74
37c49a3562dc73933681d62bf7bccac032d2fa21268a1d89587773cae29164ee
3f7c16b90d62b64d961e9276a444bfb4673332113c87124cf84bd9ac27be4a07
4121f4701f3e6881b93719a495b19c496a2f100b01b96d6f871ec57f57f72392
7a03a72f34b907f73aefde67ade3cdce98991a6e461362f21cb62626609185a1
8d7089253dca29c9cd8d9deb7ec69b0a3d445f88f6a26478c719be1f90adcb01
d594aad567e1419e6c856a243885966e57a70b1dee5186cc139af3e4e0139dcc
e3e5f35d586c0e6a9a9d7187687be087580c40a5f8d0e52f0c4053bbc25c98db
ec449b90a12df224ff679dcc26fe6a075b8bee6575b7891ea55b96c5869d828c
f2fddbdd7cb0fe78fc6be399e23f3fa71076ae04865a8258080cbaadbdc14234
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
f96f8b3796df2751b05bf43cfa73f35f7ec5e4eb235f5982d2f1b7ea85a7db36