atendimentocxdigitalon.org Open in urlscan Pro
185.196.9.239 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://atendimentocxdigitalon.org/index/
Submission: On November 08 via api (November 8th 2023, 4:44:18 pm UTC) — Scanned from DE

Summary HTTP 15 Redirects Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 4 IPs in 1 countries across 4 domains to perform 15 HTTP transactions. The main IP is 185.196.9.239, located in United States and belongs to SIMPLECARRIER, US. The main domain is atendimentocxdigitalon.org.

This is the only time atendimentocxdigitalon.org was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Caixa (Government)

Domain & IP information

	IP Address		AS Autonomous System
1 9	185.196.9.239 185.196.9.239		42624 (SIMPLECAR...) (SIMPLECARRIER)
3	2606:4700::68... 2606:4700::6810:5814		13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6811:190e		13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:400... 2a04:4e42:400::649		54113 (FASTLY) (FASTLY)
15	4

9 185.196.9.239 (United States) 1 redirects

ASN42624 (SIMPLECARRIER, US)

atendimentocxdigitalon.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	atendimentocxdigitalon.org 1 redirects atendimentocxdigitalon.org	4 MB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	272 KB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 335	62 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 762	30 KB
15	4

	Domain	Requested by
9	atendimentocxdigitalon.org	1 redirects atendimentocxdigitalon.org
3	cdnjs.cloudflare.com	atendimentocxdigitalon.org cdnjs.cloudflare.com
3	cdn.jsdelivr.net	atendimentocxdigitalon.org
1	code.jquery.com	atendimentocxdigitalon.org
15	4

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://atendimentocxdigitalon.org/index/
Frame ID: 743047582932EC8238DF7FF2F5047133
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Empréstimo Auxilio Brasil

Page URL History Show full URLs

http://atendimentocxdigitalon.org/index HTTP 301
http://atendimentocxdigitalon.org/index/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

SweetAlert2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+?href="[^"]+sweetalert2(?:\.min)?\.css
/npm/sweetalert2@([\d.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

15
Requests

47 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

1
Countries

4684 kB
Transfer

5084 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://atendimentocxdigitalon.org/index HTTP 301
http://atendimentocxdigitalon.org/index/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
atendimentocxdigitalon.org/index/
Redirect Chain

http://atendimentocxdigitalon.org/index
http://atendimentocxdigitalon.org/index/

8 KB
8 KB

22ms
22ms

Document
text/html

185.196.9.239
SIMPLECARRIER

General

Check archive.org

Show headers Download Go to

Full URL: http://atendimentocxdigitalon.org/index/
Protocol: HTTP/1.1
Server: 185.196.9.239 , United States, ASN42624 (SIMPLECARRIER, US),
Reverse DNS
Software: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.2.4 / PHP/8.2.4
Resource Hash: 4eb70eef294eae790cf036f5844c18fc1b121aa6fb82923f4a410c61bc46d726

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Wed, 08 Nov 2023 16:44:13 GMT
Keep-Alive: timeout=5, max=99
Server: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.2.4
Transfer-Encoding: chunked
X-Powered-By: PHP/8.2.4

Redirect headers

Connection: Keep-Alive
Content-Length: 364
Content-Type: text/html; charset=iso-8859-1
Date: Wed, 08 Nov 2023 16:44:13 GMT
Keep-Alive: timeout=5, max=100
Location: http://atendimentocxdigitalon.org/index/
Server: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.2.4

GET
H/1.1 200
OK index.css
atendimentocxdigitalon.org/index/assets/css/ 3 KB
3 KB 18ms
17ms Stylesheet
text/css 185.196.9.239
SIMPLECARRIER

General

Check archive.org

Show headers Download Go to

Full URL: http://atendimentocxdigitalon.org/index/assets/css/index.css
Requested by: Host: atendimentocxdigitalon.org
URL: http://atendimentocxdigitalon.org/index/
Protocol: HTTP/1.1
Server: 185.196.9.239 , United States, ASN42624 (SIMPLECARRIER, US),
Reverse DNS
Software: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.2.4 /
Resource Hash: df22f350b3aa8616d1717e2125575073d29ac5ed8886139b855a08ec8c657300

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://atendimentocxdigitalon.org/index/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Wed, 08 Nov 2023 16:44:13 GMT
Last-Modified: Mon, 25 Sep 2023 13:38:35 GMT
Server: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.2.4
ETag: "ba7-6062f1329ccc0"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 2983

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha3/dist/css/ 227 KB
33 KB 43ms
23ms Stylesheet
text/css 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha3/dist/css/bootstrap.min.css

Requested by

Host: atendimentocxdigitalon.org
URL: http://atendimentocxdigitalon.org/index/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16ee7f3d53462650bbd32e263c48c0ea759574fcf620c681ad719008912c461a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://atendimentocxdigitalon.org/
Origin: http://atendimentocxdigitalon.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 08 Nov 2023 16:44:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 554937
x-jsd-version: 5.3.0-alpha3
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230067-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"38cf3-SvPX4VpqOAxsurukLprfMwtJ1Y8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=imaamxGERWuhKbGzVdoucHpEnQ5cgFuhVDnbyfG%2BkyJ1l2Il%2FsEOCDsPAipiYhwck33EOtIQZ2id6e5GI%2FleRUtRph63nWKUOUMc0O4ecEOEF7r7Eq%2FCa0QlO9PUnOCJ5wgeRTfBl2btujfAaVI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 822f47892f323621-FRA

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/ 100 KB
19 KB 41ms
21ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css

Requested by

Host: atendimentocxdigitalon.org
URL: http://atendimentocxdigitalon.org/index/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1edb1725a9ea8ca4dcf2f5508cee183218aa1685e47c1b23056717f754f58ebf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: http://atendimentocxdigitalon.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 08 Nov 2023 16:44:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 34218
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 18752
last-modified: Mon, 27 Mar 2023 17:46:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "6421d693-4940"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a00YX9ao1mFPUCeRyVyHtPKqOc%2BFPMMVuTjh45z%2BGTyupGzvVQiLZiZqH314%2BhdnlXARyw%2FTot1MnGXie82VH0Caixp%2FGYfHBBk%2FrnIpfupmz7m3P1waWUfEwFyYM60TFjRWK5Dj9PEH2WO4u2iKCnxD"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 822f478928bd1c79-FRA
expires: Mon, 28 Oct 2024 16:44:13 GMT

GET
H2 200 sweetalert2.min.css
cdn.jsdelivr.net/npm/sweetalert2@11.1.4/dist/ 22 KB
5 KB 36ms
17ms Stylesheet
text/css 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/sweetalert2@11.1.4/dist/sweetalert2.min.css

Requested by

Host: atendimentocxdigitalon.org
URL: http://atendimentocxdigitalon.org/index/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b594b8d833ee6135c84734924c94bd83028fbfcfa98256c17cdb4950dbddc96e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://atendimentocxdigitalon.org/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 08 Nov 2023 16:44:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 12454469
x-jsd-version: 11.1.4
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230052-FRA, cache-bma1669-BMA
x-jsd-version-type: version
server: cloudflare
etag: W/"58a2-XPxzoPU1bK3mp3tlYqyqsfPgWT4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a5lVECkbPpftr5THjMItVDx6uCFreQHWG3UNhAdH9uY14CjNtPRkVHp1Yejwh6n7csCE1n4Ad1OuG%2FPyaNa%2BB0mGWDN13BTyKzvLn3hM93ndWCGJJ1kE9hzjJ9LnJOZYE641U276Xq3pJLUV4tQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 822f47892c0d9189-FRA

GET
H/1.1 200
OK aux_brasil.png
atendimentocxdigitalon.org/index/assets/images/ 24 KB
25 KB 38ms
22ms Image
image/png 185.196.9.239
SIMPLECARRIER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://atendimentocxdigitalon.org/index/assets/images/aux_brasil.png
Requested by: Host: atendimentocxdigitalon.org
URL: http://atendimentocxdigitalon.org/index/
Protocol: HTTP/1.1
Server: 185.196.9.239 , United States, ASN42624 (SIMPLECARRIER, US),
Reverse DNS
Software: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.2.4 /
Resource Hash: 714c76b566247379dbb72bc485b762433a0c5a19277f538bbb0daab84db031f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://atendimentocxdigitalon.org/index/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Wed, 08 Nov 2023 16:44:13 GMT
Last-Modified: Mon, 25 Sep 2023 13:38:35 GMT
Server: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.2.4
ETag: "6157-6062f1329ccc0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 24919

GET
H/1.1 200
OK bolsa_familia_logo.png
atendimentocxdigitalon.org/index/assets/images/ 18 KB
18 KB 37ms
22ms Image
image/png 185.196.9.239
SIMPLECARRIER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://atendimentocxdigitalon.org/index/assets/images/bolsa_familia_logo.png
Requested by: Host: atendimentocxdigitalon.org
URL: http://atendimentocxdigitalon.org/index/
Protocol: HTTP/1.1
Server: 185.196.9.239 , United States, ASN42624 (SIMPLECARRIER, US),
Reverse DNS
Software: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.2.4 /
Resource Hash: c547741d4973888d9f430629a7c626a0dc36515ef33c7b4c8bc86a73a3360160

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://atendimentocxdigitalon.org/index/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Wed, 08 Nov 2023 16:44:13 GMT
Last-Modified: Mon, 25 Sep 2023 13:38:35 GMT
Server: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.2.4
ETag: "47fd-6062f1329ccc0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 18429

GET
H/1.1 200
OK 8638314_whatsapp_compress.png
atendimentocxdigitalon.org/index/assets/images/ 4 MB
4 MB 50ms
32ms Image
image/png 185.196.9.239
SIMPLECARRIER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://atendimentocxdigitalon.org/index/assets/images/8638314_whatsapp_compress.png
Requested by: Host: atendimentocxdigitalon.org
URL: http://atendimentocxdigitalon.org/index/
Protocol: HTTP/1.1
Server: 185.196.9.239 , United States, ASN42624 (SIMPLECARRIER, US),
Reverse DNS
Software: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.2.4 /
Resource Hash: 5edac30d081073096f7d5b8e7c14841e1fc25e1488378985d058e89056943432

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://atendimentocxdigitalon.org/index/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Wed, 08 Nov 2023 16:44:13 GMT
Last-Modified: Mon, 25 Sep 2023 13:38:35 GMT
Server: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.2.4
ETag: "3f4b33-6062f1329ccc0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 4148019

GET
H/1.1 200
OK tutorial_1.png
atendimentocxdigitalon.org/index/assets/images/ 210 KB
210 KB 36ms
19ms Image
image/png 185.196.9.239
SIMPLECARRIER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://atendimentocxdigitalon.org/index/assets/images/tutorial_1.png
Requested by: Host: atendimentocxdigitalon.org
URL: http://atendimentocxdigitalon.org/index/
Protocol: HTTP/1.1
Server: 185.196.9.239 , United States, ASN42624 (SIMPLECARRIER, US),
Reverse DNS
Software: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.2.4 /
Resource Hash: af3b21fef32af9e224f88c344c2a09554c5c5041e5a62f0dff96806ce8906995

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://atendimentocxdigitalon.org/index/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Wed, 08 Nov 2023 16:44:13 GMT
Last-Modified: Mon, 25 Sep 2023 13:38:35 GMT
Server: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.2.4
ETag: "347d7-6062f1329ccc0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 214999

GET
H/1.1 200
OK x-volume-positiva-54-v2.png
atendimentocxdigitalon.org/index/assets/images/ 1 KB
1 KB 34ms
17ms Image
image/png 185.196.9.239
SIMPLECARRIER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://atendimentocxdigitalon.org/index/assets/images/x-volume-positiva-54-v2.png
Requested by: Host: atendimentocxdigitalon.org
URL: http://atendimentocxdigitalon.org/index/
Protocol: HTTP/1.1
Server: 185.196.9.239 , United States, ASN42624 (SIMPLECARRIER, US),
Reverse DNS
Software: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.2.4 /
Resource Hash: 311f1ab2729014aa567869f260192aa0de9283534efa405bd36d1b8d8f235270

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://atendimentocxdigitalon.org/index/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Wed, 08 Nov 2023 16:44:13 GMT
Last-Modified: Mon, 25 Sep 2023 13:38:35 GMT
Server: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.2.4
ETag: "4a4-6062f1329ccc0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1188

GET
H/1.1 200
OK ic-acesso-informacao-54-v2.png
atendimentocxdigitalon.org/index/assets/images/ 2 KB
2 KB 20ms
18ms Image
image/png 185.196.9.239
SIMPLECARRIER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://atendimentocxdigitalon.org/index/assets/images/ic-acesso-informacao-54-v2.png
Requested by: Host: atendimentocxdigitalon.org
URL: http://atendimentocxdigitalon.org/index/
Protocol: HTTP/1.1
Server: 185.196.9.239 , United States, ASN42624 (SIMPLECARRIER, US),
Reverse DNS
Software: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.2.4 /
Resource Hash: 8651eae74447f591887264b3e8d5407f67475149f8ef903840449e10f5e35604

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://atendimentocxdigitalon.org/index/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Wed, 08 Nov 2023 16:44:13 GMT
Last-Modified: Mon, 25 Sep 2023 13:38:35 GMT
Server: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.2.4
ETag: "6ea-6062f1329ccc0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1770

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 41ms
8ms Script
application/javascript 2a04:4e42:400::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: atendimentocxdigitalon.org
URL: http://atendimentocxdigitalon.org/index/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://atendimentocxdigitalon.org/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 08 Nov 2023 16:44:13 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 4223753
x-cache: HIT, HIT
content-length: 30875
x-served-by: cache-lga21931-LGA, cache-fra-eddf8230112-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1699461854.637325,VS0,VE0
etag: W/"28feccc0-15d9d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 11, 1195255

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha3/dist/js/ 79 KB
24 KB 38ms
21ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha3/dist/js/bootstrap.bundle.min.js

Requested by

Host: atendimentocxdigitalon.org
URL: http://atendimentocxdigitalon.org/index/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea8fe021a4ace4f6786fecc418f70b658fc2dc02d136e8fe5c6ab6b62a46d5d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://atendimentocxdigitalon.org/
Origin: http://atendimentocxdigitalon.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 08 Nov 2023 16:44:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 16969999
x-jsd-version: 5.3.0-alpha3
content-encoding: br
x-cache: MISS, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230059-FRA, cache-yyz4564-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"13ac2-jNeXExg3GrPRY3nfbPslSlxkn8o"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IpI60yy38EpHYg%2BlDPdMkZzfvv1nLT7XhKLiPBjKCq2T8rhoiKPzw2BGKGz12%2FVyie6HlZ5C%2BRL8Tpl%2B3F2NyiOC5o9MbriUUH%2FC1orydE0vNwJPVKUSX%2FmCviptExv2k717VqlvRNw3amPEIxs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 822f47892f363621-FRA

GET
H2 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/ 147 KB
147 KB 18ms
17ms Font
application/octet-stream 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

698bbc8e78a9779802bf27a1b15e980cdf98ddc765366da65f97e3b7e29340a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css
Origin: http://atendimentocxdigitalon.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 08 Nov 2023 16:44:13 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 580493
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 150124
last-modified: Mon, 27 Mar 2023 17:46:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "6421d693-24a6c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hIib7iDWdjT4SakocdtWhQWFHd2dMU9BaMhsTnkfAxY0zDcvb5xgMHFBfzWlo7VsABuBwHSr6ZQYVYLLzF%2FZaEm%2FWsmeMfva2ORVi6MEwL3vt2ZK%2B%2BwH6VYRdytSMOVYVZznC5m%2B6h9hSvj1DeETfYUb"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 822f478969241c79-FRA
expires: Mon, 28 Oct 2024 16:44:13 GMT

GET
H2 200 fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/ 105 KB
106 KB 28ms
28ms Font
application/octet-stream 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-brands-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

662f711374c816d7f44d93cecc0fd557871ab1363a446c07e59701f9dde9fe0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css
Origin: http://atendimentocxdigitalon.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 08 Nov 2023 16:44:13 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1804005
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 108020
last-modified: Mon, 27 Mar 2023 17:46:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "6421d693-1a5f4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FUxqTghQayVLc5rjUcCH2TCahwpfHHziGv8QjbGSLSKNnUUo8O3yYzTx97NH8PPxIoRzMotSk3P9raO%2FaWznj89KWfsl63KwVMETmUNG7RsmKQkRF4ulGOM6CdJo16DJSMXzi7xKSA745752OqAKPmO%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 822f478969261c79-FRA
expires: Mon, 28 Oct 2024 16:44:13 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Caixa (Government)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery number| uidEvent object| bootstrap

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

atendimentocxdigitalon.org
cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
185.196.9.239
2606:4700::6810:5814
2606:4700::6811:190e
2a04:4e42:400::649
16ee7f3d53462650bbd32e263c48c0ea759574fcf620c681ad719008912c461a
1edb1725a9ea8ca4dcf2f5508cee183218aa1685e47c1b23056717f754f58ebf
311f1ab2729014aa567869f260192aa0de9283534efa405bd36d1b8d8f235270
4eb70eef294eae790cf036f5844c18fc1b121aa6fb82923f4a410c61bc46d726
5edac30d081073096f7d5b8e7c14841e1fc25e1488378985d058e89056943432
662f711374c816d7f44d93cecc0fd557871ab1363a446c07e59701f9dde9fe0a
698bbc8e78a9779802bf27a1b15e980cdf98ddc765366da65f97e3b7e29340a5
714c76b566247379dbb72bc485b762433a0c5a19277f538bbb0daab84db031f7
8651eae74447f591887264b3e8d5407f67475149f8ef903840449e10f5e35604
af3b21fef32af9e224f88c344c2a09554c5c5041e5a62f0dff96806ce8906995
b594b8d833ee6135c84734924c94bd83028fbfcfa98256c17cdb4950dbddc96e
c547741d4973888d9f430629a7c626a0dc36515ef33c7b4c8bc86a73a3360160
df22f350b3aa8616d1717e2125575073d29ac5ed8886139b855a08ec8c657300
ea8fe021a4ace4f6786fecc418f70b658fc2dc02d136e8fe5c6ab6b62a46d5d0
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e