personalitte30horas.shop Open in urlscan Pro
172.67.200.249 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://personalitte30horas.shop/
Effective URL:
https://personalitte30horas.shop/
Submission: On November 19 via api (November 19th 2024, 3:04:59 pm UTC) from US — Scanned from ES

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 12 HTTP transactions. The main IP is 172.67.200.249, located in United States and belongs to CLOUDFLARENET, US. The main domain is personalitte30horas.shop.
TLS certificate: Issued by WE1 on November 19th 2024. Valid for: 3 months.

This is the only time personalitte30horas.shop was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Banco Itau (Banking)

Domain & IP information

	IP Address		AS Autonomous System
12	172.67.200.249 172.67.200.249		13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	1

12 172.67.200.249 (United States)

ASN13335 (CLOUDFLARENET, US)

personalitte30horas.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	personalitte30horas.shop personalitte30horas.shop	266 KB
12	1

	Domain	Requested by
12	personalitte30horas.shop	personalitte30horas.shop
12	1

This site contains no links.

Subject Issuer	Validity	Valid
personalitte30horas.shop WE1	`2024-11-19` - `2025-02-17`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://personalitte30horas.shop/
Frame ID: B7B6C107E98DACBB1B227346AF3C13BA
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Identificação | Itaucard

Page URL History Show full URLs

http://personalitte30horas.shop/ HTTP 307
https://personalitte30horas.shop/ Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

12
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

266 kB
Transfer

320 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://personalitte30horas.shop/ HTTP 307
https://personalitte30horas.shop/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response personalitte30horas.shop/ Redirect Chain http://personalitte30horas.shop/ https://personalitte30horas.shop/	2 KB 2 KB	860ms 704ms	Document text/html	172.67.200.249 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://personalitte30horas.shop/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.200.249 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `adefbbbdac7a236a3ee213ca0e334f7fee5fec9e4304ce5bd3fe9c28c89bb761` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8e511863e98bcc6d-MAD content-encoding zstd content-type text/html; charset=UTF-8 date Tue, 19 Nov 2024 15:04:53 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} priority u=0,i report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=23Uq7VMelUWerJBiFyvPnQJbzR%2F0GApHimQb1myhzXMpAcfxJzOfrRHDhhJ9sgpoym1NpXW3JmAqAj%2FnE7QJ%2FAq1qAu%2FolAV9lVC5hnXZLo1oRWHdgct7W9h69I5fAzj69O19QTgf%2Fn%2Bs3s%3D"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=QUIC&rtt=65555&sent=14&recv=12&lost=0&retrans=0&sent_bytes=4267&recv_bytes=4611&delivery_rate=329&cwnd=12000&unsent_bytes=0&cid=41690d13ba1ad34f&ts=808&x=1" cfExtPri cfHdrFlush;dur=0 vary Accept-Encoding Redirect headers Location https://personalitte30horas.shop/ Non-Authoritative-Reason HttpsUpgrades
GET H3	200	style.home.css personalitte30horas.shop/assets/css/	5 KB 2 KB	508ms 501ms	Stylesheet text/css	172.67.200.249 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://personalitte30horas.shop/assets/css/style.home.css Requested by Host: personalitte30horas.shop URL: https://personalitte30horas.shop/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.200.249 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `52ac34e13fb313977c45e5a8b508f7e2aaf3a25d64b09ca7782598fa7c2b5e5b` Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Referer https://personalitte30horas.shop/ Response headers content-encoding gzip cf-cache-status MISS etag "1526-627397d4b5551-gzip" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=26Sf%2FYbkJQDXi8348jIy9o0FcgE4k%2BbGFMlAvzhDsTnleT9jGxu2tflr9ChXymdR9uujRq7cJB0KkH%2BlhcRV%2FTqdTWMbeYHpjF8nYioNbPtZd%2Fn4kGG36Cg8BW2MVEn9vYcTkiHcgGT8Cao%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=58672&sent=28&recv=20&lost=0&retrans=0&sent_bytes=17983&recv_bytes=6845&delivery_rate=47910&cwnd=12000&unsent_bytes=0&cid=41690d13ba1ad34f&ts=1414&x=1", cfExtPri, cfHdrFlush;dur=28 date Tue, 19 Nov 2024 15:04:54 GMT content-type text/css last-modified Tue, 19 Nov 2024 00:55:28 GMT vary Accept-Encoding priority u=0,i=?0 cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e511869191ccc6d-MAD accept-ranges bytes content-length 1480 server cloudflare
GET H3	200	jquery-3.2.1.min.js Show response personalitte30horas.shop/js/	85 KB 30 KB	467ms 460ms	Script text/javascript	172.67.200.249 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://personalitte30horas.shop/js/jquery-3.2.1.min.js Requested by Host: personalitte30horas.shop URL: https://personalitte30horas.shop/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.200.249 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de` Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Referer https://personalitte30horas.shop/ Response headers content-encoding gzip cf-cache-status MISS etag "15283-627397d82285d-gzip" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ltazSZHumGrVThTQQWSMOA1HhGgouENRMq1ZVPmyM%2FM1CdJZbBi%2F0wfUyfauaDBC%2Fze%2FaPEfs1bVehEDrsTjXy7qVYSWGNuxubPOmhnnNRxKzibxwX%2BGsWNMdlAfUFOdKfbvSpXsl409VaE%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=58672&sent=18&recv=20&lost=0&retrans=0&sent_bytes=5983&recv_bytes=6845&delivery_rate=47910&cwnd=12000&unsent_bytes=0&cid=41690d13ba1ad34f&ts=1401&x=1", cfExtPri, cfHdrFlush;dur=0 date Tue, 19 Nov 2024 15:04:54 GMT content-type text/javascript last-modified Tue, 19 Nov 2024 00:55:32 GMT vary Accept-Encoding priority u=1,i=?0 cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e511869191ecc6d-MAD accept-ranges bytes content-length 30138 server cloudflare
GET H3	200	jquery.mask.min.js Show response personalitte30horas.shop/js/	1 KB 1 KB	513ms 506ms	Script text/javascript	172.67.200.249 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://personalitte30horas.shop/js/jquery.mask.min.js Requested by Host: personalitte30horas.shop URL: https://personalitte30horas.shop/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.200.249 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `56721cb624b1a4b769f185038084613f440659392f2402a422331d4fddffd32f` Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Referer https://personalitte30horas.shop/ Response headers content-encoding gzip cf-cache-status MISS etag "44f-627397d85165c-gzip" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PCTViylZ%2BP3yQwDJDuxDOQXdOa07E1%2FQ%2FTI8PJP6blzZTI9b2pvqi4747YR6aC2QEE4Dg3OrjoT6pP%2BP6wuGlyIeEZScgUvXv1MWvutEipdSPcyQeQSC9DeZahJIcKDO0ky0NCC5N1T%2FORk%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=58672&sent=28&recv=20&lost=0&retrans=0&sent_bytes=17983&recv_bytes=6845&delivery_rate=47910&cwnd=12000&unsent_bytes=0&cid=41690d13ba1ad34f&ts=1413&x=1", cfExtPri, cfHdrFlush;dur=29 date Tue, 19 Nov 2024 15:04:54 GMT content-type text/javascript last-modified Tue, 19 Nov 2024 00:55:32 GMT vary Accept-Encoding priority u=1,i=?0 cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e5118691920cc6d-MAD accept-ranges bytes content-length 610 server cloudflare
GET H3	200	script.home.js Show response personalitte30horas.shop/js/	2 KB 2 KB	508ms 501ms	Script text/javascript	172.67.200.249 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://personalitte30horas.shop/js/script.home.js Requested by Host: personalitte30horas.shop URL: https://personalitte30horas.shop/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.200.249 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d29d09e4b260d822b3d0335161209b0c9105b770719a508431292c423ba86bfb` Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Referer https://personalitte30horas.shop/ Response headers content-encoding gzip cf-cache-status MISS etag "98d-627397d87aa83-gzip" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ovbAnBXoPn7m8IFacxwZkAcVhQm0uKTq8Z662q6gIasfsDhw9GIpsk752Mljomq2rS%2Fw6L4JJtoCz2M5tCelCcNR20IU%2Bq8Me1VqWFc2pvHVwaOgpBpc7Yb03fAh1cAfbg6VckI8zHvERQQ%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=58672&sent=28&recv=20&lost=0&retrans=0&sent_bytes=17983&recv_bytes=6845&delivery_rate=47910&cwnd=12000&unsent_bytes=0&cid=41690d13ba1ad34f&ts=1422&x=1", cfExtPri, cfHdrFlush;dur=20 date Tue, 19 Nov 2024 15:04:54 GMT content-type text/javascript last-modified Tue, 19 Nov 2024 00:55:32 GMT vary Accept-Encoding priority u=1,i=?0 cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e5118691922cc6d-MAD accept-ranges bytes content-length 903 server cloudflare
GET H3	200	img_home_logo.png personalitte30horas.shop/assets/images/	4 KB 4 KB	577ms 571ms	Image image/png	172.67.200.249 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://personalitte30horas.shop/assets/images/img_home_logo.png Requested by Host: personalitte30horas.shop URL: https://personalitte30horas.shop/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.200.249 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `7567ac56d5b7f15cc4d6cb7c15524f12039dfec5d7834364f58823545500659e` Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Referer https://personalitte30horas.shop/ Response headers cf-cache-status MISS etag "e31-627397d629666" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8SKFTCP4JMnNxV7dC9%2BnTceA1UQ%2FzY9VGWx4%2FaeERuHxOdnXshP%2BP8v4wHFHjYJfF3psejNpNwRlPGIEoiZLhqXzRMxLUCGS6z0X0a5P7bjsF1RX%2FHT4wgvQbbDe8XoYAHmqcVG2qKrqSvc%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=50318&sent=30&recv=25&lost=0&retrans=0&sent_bytes=20184&recv_bytes=7060&delivery_rate=26255&cwnd=24000&unsent_bytes=0&cid=41690d13ba1ad34f&ts=1444&x=1", cfExtPri, cfHdrFlush;dur=0 date Tue, 19 Nov 2024 15:04:54 GMT content-type image/png last-modified Tue, 19 Nov 2024 00:55:30 GMT vary Accept-Encoding priority u=2,i cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e5118691924cc6d-MAD accept-ranges bytes content-length 3633 server cloudflare
GET H3	200	ic_contact_card.png personalitte30horas.shop/assets/images/	503 B 1 KB	572ms 566ms	Image image/png	172.67.200.249 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://personalitte30horas.shop/assets/images/ic_contact_card.png Requested by Host: personalitte30horas.shop URL: https://personalitte30horas.shop/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.200.249 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `7128b3163ef3d75f3f7f7e803b65a7bbfbf480c880c7a815c33ea82d549e630d` Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Referer https://personalitte30horas.shop/ Response headers cf-cache-status MISS etag "1f7-627397d5a7c32" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xyphFmpbGUmzKUiHQm37m%2FYzZGWiVJe2f2JZ6dUYlpCGztphuQSIHaO2ujQrSRjXwQLzfG12jWcNx8xx0aAAT2TraU3MP2r5ZcgZGddoqnKTXF4WGei4tHNNQ%2F5SjILNpajN1GrSs2Ndjqw%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=58672&sent=28&recv=20&lost=0&retrans=0&sent_bytes=17983&recv_bytes=6845&delivery_rate=47910&cwnd=12000&unsent_bytes=0&cid=41690d13ba1ad34f&ts=1427&x=1", cfExtPri, cfHdrFlush;dur=15 date Tue, 19 Nov 2024 15:04:54 GMT content-type image/png last-modified Tue, 19 Nov 2024 00:55:29 GMT vary Accept-Encoding priority u=2,i cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e5118691926cc6d-MAD accept-ranges bytes content-length 503 server cloudflare
GET H3	200	ic_itokenapp.png personalitte30horas.shop/assets/images/	2 KB 3 KB	508ms 503ms	Image image/png	172.67.200.249 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://personalitte30horas.shop/assets/images/ic_itokenapp.png Requested by Host: personalitte30horas.shop URL: https://personalitte30horas.shop/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.200.249 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `75851533db3fda044c3fe2bdfbb1dfdf808586387493fc5b3395ba8400391046` Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Referer https://personalitte30horas.shop/ Response headers cf-cache-status MISS etag "7ff-627397d5cf118" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2SF0YPexQyq8tWT3ZNFS6G5VABXqyxPrGQjsvln%2FwzhTJEn%2FnEdgUAQZkfD0AYb6LGJqCzlEJAbCPfl0h55lALqplCyuuKtb%2Bh4zPSFw6oIIFX272ZWXle6IMD1gFVlYQ8VkZxNzMmnrEoY%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=47862&sent=60&recv=44&lost=0&retrans=0&sent_bytes=48343&recv_bytes=9305&delivery_rate=453584&cwnd=27600&unsent_bytes=0&cid=41690d13ba1ad34f&ts=2015&x=1", cfExtPri, cfHdrFlush;dur=0 date Tue, 19 Nov 2024 15:04:54 GMT content-type image/png last-modified Tue, 19 Nov 2024 00:55:30 GMT vary Accept-Encoding priority u=2,i cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e51186cde2acc6d-MAD accept-ranges bytes content-length 2047 server cloudflare
GET H3	200	ic_ajuda.png personalitte30horas.shop/assets/images/	1 KB 2 KB	545ms 541ms	Image image/png	172.67.200.249 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://personalitte30horas.shop/assets/images/ic_ajuda.png Requested by Host: personalitte30horas.shop URL: https://personalitte30horas.shop/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.200.249 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `915e3aea1eda6df53467eb792f487578c127d19740a1eb669d6dba7d2435edb4` Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Referer https://personalitte30horas.shop/ Response headers cf-cache-status MISS etag "55e-627397d5799eb" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mBBtkPZCKBx4BIINxLpPI8wM5OMDpv2Td%2FJPHluTv2iIcuU6WYJIfs99xHbaX0EgPBeyx%2FVq44oCiyMaNezAYznzpXF3%2BjYTMFkv7UFWQOLxLdkBnc%2BoUt9nX6lQG5Icn4RFCSmdaMuZpl8%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=47862&sent=65&recv=44&lost=0&retrans=0&sent_bytes=52624&recv_bytes=9305&delivery_rate=453584&cwnd=27600&unsent_bytes=0&cid=41690d13ba1ad34f&ts=2032&x=1", cfExtPri, cfHdrFlush;dur=0 date Tue, 19 Nov 2024 15:04:54 GMT content-type image/png last-modified Tue, 19 Nov 2024 00:55:29 GMT vary Accept-Encoding priority u=2,i cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e51186cde2ccc6d-MAD accept-ranges bytes content-length 1374 server cloudflare
GET H3	200	img_home_bg.png personalitte30horas.shop/assets/images/	175 KB 176 KB	1151ms 1150ms	Image image/png	172.67.200.249 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://personalitte30horas.shop/assets/images/img_home_bg.png Requested by Host: personalitte30horas.shop URL: https://personalitte30horas.shop/assets/css/style.home.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.200.249 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d33cfca923e87510e2837231c77985de89f00f0ba8bf8b4e86bf7086f38514c6` Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Referer https://personalitte30horas.shop/assets/css/style.home.css Response headers cf-cache-status MISS etag "2bd3e-627397d61fa26" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jBWgOyQ1ZD0uhl7AgdC3KUP534fT8T2pzqkdQRVUCNq5jzpvKTalZ%2BXp5FymtjspmtFnHzj0Q3vW4eaR1TzAdBE%2BBnA9Uor5ltThUBUwpuuT4aHcSK3MEwX05vAKZlpNn9Baqr0fLCWrcaM%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=63430&sent=67&recv=48&lost=0&retrans=0&sent_bytes=54712&recv_bytes=9478&delivery_rate=12603&cwnd=27600&unsent_bytes=0&cid=41690d13ba1ad34f&ts=2703&x=1", cfExtPri, cfHdrFlush;dur=0 date Tue, 19 Nov 2024 15:04:55 GMT content-type image/png last-modified Tue, 19 Nov 2024 00:55:30 GMT vary Accept-Encoding priority u=3,i cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e51186cee46cc6d-MAD accept-ranges bytes content-length 179518 server cloudflare
GET H3	200	ic_cadeado.png personalitte30horas.shop/assets/images/	783 B 1 KB	490ms 489ms	Image image/png	172.67.200.249 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://personalitte30horas.shop/assets/images/ic_cadeado.png Requested by Host: personalitte30horas.shop URL: https://personalitte30horas.shop/assets/css/style.home.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.200.249 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3b28fd611f0f51576757693edb78d14b162007c819945963b8ea339a456f5404` Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Referer https://personalitte30horas.shop/assets/css/style.home.css Response headers cf-cache-status MISS etag "30f-627397d5799eb" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DmGg6CEAi0nDv5WZkFHtgSWw%2F91sse8isW%2FiwsqpbOUVmtk1OnRwI0uuDztWOukVU%2B3m%2BYMuavYLtYOQI5QrdrlYAWEhzqSfX1XEqsikTEqFTp%2B7n6nz0i7Q9Yv87dJyBZaGPRP9xDcP8S4%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=47862&sent=63&recv=44&lost=0&retrans=0&sent_bytes=51127&recv_bytes=9305&delivery_rate=453584&cwnd=27600&unsent_bytes=0&cid=41690d13ba1ad34f&ts=2026&x=1", cfExtPri, cfHdrFlush;dur=0 date Tue, 19 Nov 2024 15:04:54 GMT content-type image/png last-modified Tue, 19 Nov 2024 00:55:29 GMT vary Accept-Encoding priority u=3,i cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e51186cee47cc6d-MAD accept-ranges bytes content-length 783 server cloudflare
GET H3	200	ico_favicon.png personalitte30horas.shop/assets/images/	41 KB 42 KB	671ms 670ms	Other image/png	172.67.200.249 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://personalitte30horas.shop/assets/images/ico_favicon.png Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.200.249 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `bad8117c7b23f326216e85e630e3915ea1c73387a7b7d2da61e800e96fc8b8c6` Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Referer https://personalitte30horas.shop/ Response headers cf-cache-status MISS etag "a45e-6273a736fe053" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l%2FWIS0XFT4XS56VpIDiaVDin%2Bs5zL3ERDKlTQcvBIdR9QBTfYRp3xF7D2vmbDjXlTPzMFPVpOST3OhZDrrSyf1F1YAW4MOSJJIlB3OTxB%2BYi%2FbpGQJI3QjFGoiqsGeccmow%2FpAA9aVbN3lg%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=82140&sent=222&recv=82&lost=0&retrans=0&sent_bytes=238950&recv_bytes=11341&delivery_rate=576087&cwnd=84000&unsent_bytes=0&cid=41690d13ba1ad34f&ts=3587&x=1", cfExtPri, cfHdrFlush;dur=0 date Tue, 19 Nov 2024 15:04:56 GMT content-type image/png last-modified Tue, 19 Nov 2024 02:04:18 GMT vary Accept-Encoding priority u=1,i cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e51187579b0cc6d-MAD accept-ranges bytes content-length 42078 server cloudflare

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banco Itau (Banking)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

personalitte30horas.shop
172.67.200.249
3b28fd611f0f51576757693edb78d14b162007c819945963b8ea339a456f5404
52ac34e13fb313977c45e5a8b508f7e2aaf3a25d64b09ca7782598fa7c2b5e5b
56721cb624b1a4b769f185038084613f440659392f2402a422331d4fddffd32f
7128b3163ef3d75f3f7f7e803b65a7bbfbf480c880c7a815c33ea82d549e630d
7567ac56d5b7f15cc4d6cb7c15524f12039dfec5d7834364f58823545500659e
75851533db3fda044c3fe2bdfbb1dfdf808586387493fc5b3395ba8400391046
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
915e3aea1eda6df53467eb792f487578c127d19740a1eb669d6dba7d2435edb4
adefbbbdac7a236a3ee213ca0e334f7fee5fec9e4304ce5bd3fe9c28c89bb761
bad8117c7b23f326216e85e630e3915ea1c73387a7b7d2da61e800e96fc8b8c6
d29d09e4b260d822b3d0335161209b0c9105b770719a508431292c423ba86bfb
d33cfca923e87510e2837231c77985de89f00f0ba8bf8b4e86bf7086f38514c6

personalitte30horas.shop Open in urlscan Pro 172.67.200.249 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

12 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

266 kBTransfer

320 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

7 JavaScript Global Variables

0 Cookies

Indicators

personalitte30horas.shop Open in urlscan Pro
172.67.200.249 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

266 kB
Transfer

320 kB
Size

0
Cookies

12 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!