caixalnternetbankng.cf Open in urlscan Pro
2606:4700:30::6812:2713 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://internetbankinggov.gq/
Effective URL:
https://caixalnternetbankng.cf/Site-Seguro/acesso.php?11,36-23,27,08-19,am
Submission: On August 27 via automatic, source certstream-suspicious (August 27th 2019, 2:37:05 pm UTC)

Summary HTTP 21 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 21 HTTP transactions. The main IP is 2606:4700:30::6812:2713, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is caixalnternetbankng.cf.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on August 27th 2019. Valid for: a year.

This is the only time caixalnternetbankng.cf was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Caixa (Government)

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:30:... 2606:4700:30::681f:4e07	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
5	2606:4700:30:... 2606:4700:30::6812:2713	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
14	200.201.170.59 200.201.170.59	20116 (CAIXA ECO...) (CAIXA ECONOMICA FEDERAL)
21	4

1 2606:4700:30::681f:4e07 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

internetbankinggov.gq	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:30::6812:2713 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

caixalnternetbankng.cf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 200.201.170.59 (Rio de Janeiro, Brazil)

ASN20116 (CAIXA ECONOMICA FEDERAL, BR)
PTR: internetbanking.caixa.gov.br

internetbanking.caixa.gov.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	caixa.gov.br internetbanking.caixa.gov.br	910 KB
5	caixalnternetbankng.cf caixalnternetbankng.cf Failed	237 KB
1	internetbankinggov.gq internetbankinggov.gq	703 B
21	3

	Domain	Requested by
14	internetbanking.caixa.gov.br	caixalnternetbankng.cf
5	caixalnternetbankng.cf	internetbankinggov.gq caixalnternetbankng.cf
1	internetbankinggov.gq
21	3

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-08-27` - `2020-08-26`	a year	crt.sh
internetbanking.caixa.gov.br COMODO RSA Organization Validation Secure Server CA	`2018-03-28` - `2020-04-09`	2 years	crt.sh

This page contains 3 frames:

Primary Page: https://caixalnternetbankng.cf/Site-Seguro/acesso.php?11,36-23,27,08-19,am
Frame ID: A314179F53B298E6340E4417FD429943
Requests: 3 HTTP requests in this frame

Frame: https://caixalnternetbankng.cf/Site-Seguro/
Frame ID: 211E8ED9FFC72E4B45C4721737AD51A3
Requests: 1 HTTP requests in this frame

Frame: https://caixalnternetbankng.cf/Site-Seguro/portal.html?asistema=LR4XB965LR4X-ESLF-LR4XESLFESLF-TY4EESLF
Frame ID: 6AC541EEF05E4D21C51CE65B413572B2
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://internetbankinggov.gq/ Page URL
https://caixalnternetbankng.cf/Site-Seguro/ Page URL
https://caixalnternetbankng.cf/Site-Seguro/acesso.php?11,36-23,27,08-19,am Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

21
Requests

95 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

1148 kB
Transfer

1202 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://internetbankinggov.gq/ Page URL
https://caixalnternetbankng.cf/Site-Seguro/ Page URL
https://caixalnternetbankng.cf/Site-Seguro/acesso.php?11,36-23,27,08-19,am Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ Show response internetbankinggov.gq/	908 B 703 B	370ms 288ms	Document text/html	2606:4700:30::681f:4e07 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://internetbankinggov.gq/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681f:4e07 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `2e1306a0f200331d7961aa152122cc11709ed97fdd59be3168ecf5e1d18c1ed5` Request headers :method GET :authority internetbankinggov.gq :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-mode navigate sec-fetch-user ?1 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 sec-fetch-site none accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Response headers status 200 date Tue, 27 Aug 2019 14:36:27 GMT content-type text/html set-cookie __cfduid=d0a4b64405a952a1f94e54a405a8e290b1566916587; expires=Wed, 26-Aug-20 14:36:27 GMT; path=/; domain=.internetbankinggov.gq; HttpOnly; Secure last-modified Tue, 27 Aug 2019 14:28:59 GMT vary Accept-Encoding expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 50cec71d692159b8-VIE content-encoding br
GET		/ caixalnternetbankng.cf/Site-Seguro/ Frame 211E	0 0

GET H2	200	/ Show response caixalnternetbankng.cf/Site-Seguro/	254 B 472 B	376ms 302ms	Document text/html	2606:4700:30::6812:2713 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://caixalnternetbankng.cf/Site-Seguro/ Requested by Host: internetbankinggov.gq URL: https://internetbankinggov.gq/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::6812:2713 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / PHP/5.5.9-1ubuntu4.29 Resource Hash `0c2fc23d7c2ef323460a27231418e06970168eb3327d8aa5e69aacdd4a2b77c7` Request headers :method GET :authority caixalnternetbankng.cf :scheme https :path /Site-Seguro/ pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-mode navigate accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 sec-fetch-site cross-site referer https://internetbankinggov.gq/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Mode navigate Referer https://internetbankinggov.gq/ Response headers status 200 date Tue, 27 Aug 2019 14:36:27 GMT content-type text/html set-cookie __cfduid=d4e52cfbfc6dcf91c7dbd1597789fce151566916587; expires=Wed, 26-Aug-20 14:36:27 GMT; path=/; domain=.caixalnternetbankng.cf; HttpOnly; Secure x-powered-by PHP/5.5.9-1ubuntu4.29 vary Accept-Encoding expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 50cec71fdc30cbbc-VIE content-encoding br
POST H2	200	Primary Request acesso.php Show response caixalnternetbankng.cf/Site-Seguro/	1 KB 557 B	278ms 278ms	Document text/html	2606:4700:30::6812:2713 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://caixalnternetbankng.cf/Site-Seguro/acesso.php?11,36-23,27,08-19,am Requested by Host: caixalnternetbankng.cf URL: https://caixalnternetbankng.cf/Site-Seguro/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::6812:2713 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / PHP/5.5.9-1ubuntu4.29 Resource Hash `843a7d10a616afcc1814bce2988f7ffd41d225c246b7b6372dd1cbe2034c7cbe` Request headers :method POST :authority caixalnternetbankng.cf :scheme https :path /Site-Seguro/acesso.php?11,36-23,27,08-19,am content-length 0 pragma no-cache cache-control no-cache origin https://caixalnternetbankng.cf upgrade-insecure-requests 1 content-type application/x-www-form-urlencoded user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-mode navigate accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 sec-fetch-site same-origin referer https://caixalnternetbankng.cf/Site-Seguro/ accept-encoding gzip, deflate, br cookie __cfduid=d4e52cfbfc6dcf91c7dbd1597789fce151566916587 Origin https://caixalnternetbankng.cf Upgrade-Insecure-Requests 1 Content-Type application/x-www-form-urlencoded User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Mode navigate Referer https://caixalnternetbankng.cf/Site-Seguro/ Response headers status 200 date Tue, 27 Aug 2019 14:36:28 GMT content-type text/html x-powered-by PHP/5.5.9-1ubuntu4.29 set-cookie PHPSESSID=td5qtqr063emklf1sh158h82f4; path=/ expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 pragma no-cache vary Accept-Encoding expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 50cec721dbbacbbc-VIE content-encoding br
GET H2	200	portal.html Show response caixalnternetbankng.cf/Site-Seguro/ Frame 6AC5	76 KB 18 KB	160ms 160ms	Document text/html	2606:4700:30::6812:2713 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://caixalnternetbankng.cf/Site-Seguro/portal.html?asistema=LR4XB965LR4X-ESLF-LR4XESLFESLF-TY4EESLF Requested by Host: caixalnternetbankng.cf URL: https://caixalnternetbankng.cf/Site-Seguro/acesso.php?11,36-23,27,08-19,am Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::6812:2713 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `b4c238bdf161e37ff7c6f5cfcedbcbd34e2d6138aca82e8506cfa39a7c277da4` Request headers :method GET :authority caixalnternetbankng.cf :scheme https :path /Site-Seguro/portal.html?asistema=LR4XB965LR4X-ESLF-LR4XESLFESLF-TY4EESLF pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-mode nested-navigate accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 sec-fetch-site same-origin referer https://caixalnternetbankng.cf/Site-Seguro/acesso.php?11,36-23,27,08-19,am accept-encoding gzip, deflate, br cookie __cfduid=d4e52cfbfc6dcf91c7dbd1597789fce151566916587; PHPSESSID=td5qtqr063emklf1sh158h82f4 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Mode nested-navigate Referer https://caixalnternetbankng.cf/Site-Seguro/acesso.php?11,36-23,27,08-19,am Response headers status 200 date Tue, 27 Aug 2019 14:36:28 GMT content-type text/html last-modified Sat, 17 Aug 2019 18:59:17 GMT vary Accept-Encoding expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 50cec7239a17cbbc-VIE content-encoding br
GET H/1.1	200 OK	bootstrap.css internetbanking.caixa.gov.br/statics-core/bootstrap/css/ Frame 6AC5	136 B 492 B	1582ms 254ms	Stylesheet text/css	200.201.170.59 CAIXA ECONOMICA F...
General Check archive.org Show headers Download Go to Full URL https://internetbanking.caixa.gov.br/statics-core/bootstrap/css/bootstrap.css?v=38 Requested by Host: caixalnternetbankng.cf URL: https://caixalnternetbankng.cf/Site-Seguro/portal.html?asistema=LR4XB965LR4X-ESLF-LR4XESLFESLF-TY4EESLF Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.201.170.59 Rio de Janeiro, Brazil, ASN20116 (CAIXA ECONOMICA FEDERAL, BR), Reverse DNS internetbanking.caixa.gov.br Software Apache / Resource Hash `d5397da43bad40d1b17a76208a614a6b503a814bc38b8cab5ab99594bb055123` Request headers Sec-Fetch-Mode no-cors Referer https://caixalnternetbankng.cf/Site-Seguro/portal.html?asistema=LR4XB965LR4X-ESLF-LR4XESLFESLF-TY4EESLF User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 27 Aug 2019 14:36:29 GMT Last-Modified Fri, 23 Aug 2019 20:16:40 GMT Server Apache ETag "41b7b-88-590ce7be7ba00" Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=60 Content-Length 136
GET H/1.1	200 OK	login.css internetbanking.caixa.gov.br/statics-core/css/ Frame 6AC5	141 B 497 B	1588ms 239ms	Stylesheet text/css	200.201.170.59 CAIXA ECONOMICA F...
General Check archive.org Show headers Download Go to Full URL https://internetbanking.caixa.gov.br/statics-core/css/login.css?v=38 Requested by Host: caixalnternetbankng.cf URL: https://caixalnternetbankng.cf/Site-Seguro/portal.html?asistema=LR4XB965LR4X-ESLF-LR4XESLFESLF-TY4EESLF Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.201.170.59 Rio de Janeiro, Brazil, ASN20116 (CAIXA ECONOMICA FEDERAL, BR), Reverse DNS internetbanking.caixa.gov.br Software Apache / Resource Hash `09bc93eb4b6de28956fa8a8026f610482bc0bd99ae486df7b771809ae3f37c56` Request headers Sec-Fetch-Mode no-cors Referer https://caixalnternetbankng.cf/Site-Seguro/portal.html?asistema=LR4XB965LR4X-ESLF-LR4XESLFESLF-TY4EESLF User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 27 Aug 2019 14:36:29 GMT Last-Modified Fri, 23 Aug 2019 20:16:40 GMT Server Apache ETag "401c3-8d-590ce7be7ba00" Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=60 Content-Length 141
GET H/1.1	200 OK	principal.css internetbanking.caixa.gov.br/statics-core/css/ Frame 6AC5	352 B 709 B	1808ms 226ms	Stylesheet text/css	200.201.170.59 CAIXA ECONOMICA F...
General Check archive.org Show headers Download Go to Full URL https://internetbanking.caixa.gov.br/statics-core/css/principal.css?v=38 Requested by Host: caixalnternetbankng.cf URL: https://caixalnternetbankng.cf/Site-Seguro/portal.html?asistema=LR4XB965LR4X-ESLF-LR4XESLFESLF-TY4EESLF Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.201.170.59 Rio de Janeiro, Brazil, ASN20116 (CAIXA ECONOMICA FEDERAL, BR), Reverse DNS internetbanking.caixa.gov.br Software Apache / Resource Hash `8f587cb8a75399b59f0613d30c9177e087672839d6e4b1b98383f14b6b3ce204` Request headers Sec-Fetch-Mode no-cors Referer https://caixalnternetbankng.cf/Site-Seguro/portal.html?asistema=LR4XB965LR4X-ESLF-LR4XESLFESLF-TY4EESLF User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 27 Aug 2019 14:36:29 GMT Last-Modified Fri, 23 Aug 2019 20:16:40 GMT Server Apache ETag "41b70-160-590ce7be7ba00" Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=60 Content-Length 352
GET H2	404	loading.css caixalnternetbankng.cf/statics-components/js/componentes/loading/ Frame 6AC5	0 0	283ms 282ms	Stylesheet text/html	2606:4700:30::6812:2713 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://caixalnternetbankng.cf/statics-components/js/componentes/loading/loading.css?v=38 Requested by Host: caixalnternetbankng.cf URL: https://caixalnternetbankng.cf/Site-Seguro/portal.html?asistema=LR4XB965LR4X-ESLF-LR4XESLFESLF-TY4EESLF Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::6812:2713 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash Request headers Sec-Fetch-Mode no-cors Referer https://caixalnternetbankng.cf/Site-Seguro/portal.html?asistema=LR4XB965LR4X-ESLF-LR4XESLFESLF-TY4EESLF User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 27 Aug 2019 14:36:28 GMT content-encoding br cf-cache-status MISS server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html; charset=iso-8859-1 status 404 cache-control public, max-age=14400 cf-ray 50cec7249e43cbbc-VIE expires Tue, 27 Aug 2019 18:36:28 GMT
GET H/1.1	200 OK	pageBase.js Show response internetbanking.caixa.gov.br/statics-core/js/core/ Frame 6AC5	3 KB 4 KB	3605ms 237ms	Script text/javascript	200.201.170.59 CAIXA ECONOMICA F...
General Check archive.org Show headers Download Go to Full URL https://internetbanking.caixa.gov.br/statics-core/js/core/pageBase.js?v=38 Requested by Host: caixalnternetbankng.cf URL: https://caixalnternetbankng.cf/Site-Seguro/portal.html?asistema=LR4XB965LR4X-ESLF-LR4XESLFESLF-TY4EESLF Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.201.170.59 Rio de Janeiro, Brazil, ASN20116 (CAIXA ECONOMICA FEDERAL, BR), Reverse DNS internetbanking.caixa.gov.br Software Apache / Resource Hash `57ddea054d4306acced5d393edcb1664cb3ec5c58867be3bf216a11c71cbad4c` Request headers Sec-Fetch-Mode no-cors Referer https://caixalnternetbankng.cf/Site-Seguro/portal.html?asistema=LR4XB965LR4X-ESLF-LR4XESLFESLF-TY4EESLF User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 27 Aug 2019 14:36:31 GMT Last-Modified Fri, 23 Aug 2019 20:16:40 GMT Server Apache ETag "4020d-db6-590ce7be7ba00" Content-Type text/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=60 Content-Length 3510
GET H/1.1	200 OK	messages.js Show response internetbanking.caixa.gov.br/statics-core/js/lib/ Frame 6AC5	549 B 913 B	3846ms 227ms	Script text/javascript	200.201.170.59 CAIXA ECONOMICA F...
General Check archive.org Show headers Download Go to Full URL https://internetbanking.caixa.gov.br/statics-core/js/lib/messages.js?v=38 Requested by Host: caixalnternetbankng.cf URL: https://caixalnternetbankng.cf/Site-Seguro/portal.html?asistema=LR4XB965LR4X-ESLF-LR4XESLFESLF-TY4EESLF Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.201.170.59 Rio de Janeiro, Brazil, ASN20116 (CAIXA ECONOMICA FEDERAL, BR), Reverse DNS internetbanking.caixa.gov.br Software Apache / Resource Hash `3f07cfc778d2e715d6d81af16712539305298bb2e87a07016ace289b01a44287` Request headers Sec-Fetch-Mode no-cors Referer https://caixalnternetbankng.cf/Site-Seguro/portal.html?asistema=LR4XB965LR4X-ESLF-LR4XESLFESLF-TY4EESLF User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 27 Aug 2019 14:36:31 GMT Last-Modified Fri, 23 Aug 2019 20:16:40 GMT Server Apache ETag "401f3-225-590ce7be7ba00" Content-Type text/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=60 Content-Length 549
GET H/1.1	200 OK	jquery-ui.js Show response internetbanking.caixa.gov.br/statics-core/js/lib/ Frame 6AC5	441 KB 441 KB	3907ms 251ms	Script text/javascript	200.201.170.59 CAIXA ECONOMICA F...
General Check archive.org Show headers Download Go to Full URL https://internetbanking.caixa.gov.br/statics-core/js/lib/jquery-ui.js?v=38 Requested by Host: caixalnternetbankng.cf URL: https://caixalnternetbankng.cf/Site-Seguro/portal.html?asistema=LR4XB965LR4X-ESLF-LR4XESLFESLF-TY4EESLF Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.201.170.59 Rio de Janeiro, Brazil, ASN20116 (CAIXA ECONOMICA FEDERAL, BR), Reverse DNS internetbanking.caixa.gov.br Software Apache / Resource Hash `33c26f4726d807036c3446209e8b34b41ff666ee07225db7e9a78c52ff7a8fed` Request headers Sec-Fetch-Mode no-cors Referer https://caixalnternetbankng.cf/Site-Seguro/portal.html?asistema=LR4XB965LR4X-ESLF-LR4XESLFESLF-TY4EESLF User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 27 Aug 2019 14:36:32 GMT Last-Modified Fri, 23 Aug 2019 20:16:40 GMT Server Apache ETag "42230-6e2ed-590ce7be7ba00" Content-Type text/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=60 Content-Length 451309
GET H/1.1	200 OK	jquery.js Show response internetbanking.caixa.gov.br/statics-core/js/lib/ Frame 6AC5	91 KB 92 KB	3305ms 224ms	Script text/javascript	200.201.170.59 CAIXA ECONOMICA F...
General Check archive.org Show headers Download Go to Full URL https://internetbanking.caixa.gov.br/statics-core/js/lib/jquery.js Requested by Host: caixalnternetbankng.cf URL: https://caixalnternetbankng.cf/Site-Seguro/portal.html?asistema=LR4XB965LR4X-ESLF-LR4XESLFESLF-TY4EESLF Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.201.170.59 Rio de Janeiro, Brazil, ASN20116 (CAIXA ECONOMICA FEDERAL, BR), Reverse DNS internetbanking.caixa.gov.br Software Apache / Resource Hash `9abc1105669b0a00ffa53941da2294cfa15be2de482e994d5997df06ed6f31b0` Request headers Sec-Fetch-Mode no-cors Referer https://caixalnternetbankng.cf/Site-Seguro/portal.html?asistema=LR4XB965LR4X-ESLF-LR4XESLFESLF-TY4EESLF User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 27 Aug 2019 14:36:31 GMT Last-Modified Fri, 23 Aug 2019 20:16:40 GMT Server Apache ETag "41b66-16dcf-590ce7be7ba00" Content-Type text/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=60 Content-Length 93647
GET H/1.1	200 OK	bootstrap_desktop.css internetbanking.caixa.gov.br/statics-core/bootstrap/css/ Frame 6AC5	141 KB 141 KB	271ms 265ms	Stylesheet text/css	200.201.170.59 CAIXA ECONOMICA F...
General Check archive.org Show headers Download Go to Full URL https://internetbanking.caixa.gov.br/statics-core/bootstrap/css/bootstrap_desktop.css Requested by Host: caixalnternetbankng.cf URL: https://caixalnternetbankng.cf/Site-Seguro/portal.html?asistema=LR4XB965LR4X-ESLF-LR4XESLFESLF-TY4EESLF Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.201.170.59 Rio de Janeiro, Brazil, ASN20116 (CAIXA ECONOMICA FEDERAL, BR), Reverse DNS internetbanking.caixa.gov.br Software Apache / Resource Hash `bc9a46579160c853e68e60398e41d1a7edacfac7f41068c35ea49503e540d0d1` Request headers Sec-Fetch-Mode no-cors Referer https://caixalnternetbankng.cf/Site-Seguro/portal.html?asistema=LR4XB965LR4X-ESLF-LR4XESLFESLF-TY4EESLF User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 27 Aug 2019 14:36:29 GMT Last-Modified Fri, 23 Aug 2019 20:16:40 GMT Server Apache ETag "41b7c-23447-590ce7be7ba00" Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=60 Content-Length 144455
GET H/1.1	200 OK	login_desktop.css internetbanking.caixa.gov.br/statics-core/css/ Frame 6AC5	8 KB 8 KB	460ms 240ms	Stylesheet text/css	200.201.170.59 CAIXA ECONOMICA F...
General Check archive.org Show headers Download Go to Full URL https://internetbanking.caixa.gov.br/statics-core/css/login_desktop.css?v=36 Requested by Host: caixalnternetbankng.cf URL: https://caixalnternetbankng.cf/Site-Seguro/portal.html?asistema=LR4XB965LR4X-ESLF-LR4XESLFESLF-TY4EESLF Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.201.170.59 Rio de Janeiro, Brazil, ASN20116 (CAIXA ECONOMICA FEDERAL, BR), Reverse DNS internetbanking.caixa.gov.br Software Apache / Resource Hash `c3892915c37eb021a8fe755d9ce38777b98c6c7bd9c1e090f824a485cadfe460` Request headers Sec-Fetch-Mode no-cors Referer https://caixalnternetbankng.cf/Site-Seguro/portal.html?asistema=LR4XB965LR4X-ESLF-LR4XESLFESLF-TY4EESLF User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 27 Aug 2019 14:36:30 GMT Last-Modified Fri, 23 Aug 2019 20:16:40 GMT Server Apache ETag "41b6f-1f04-590ce7be7ba00" Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=60 Content-Length 7940
GET H/1.1	200 OK	style.css internetbanking.caixa.gov.br/statics-core/css/ Frame 6AC5	65 KB 65 KB	484ms 242ms	Stylesheet text/css	200.201.170.59 CAIXA ECONOMICA F...
General Check archive.org Show headers Download Go to Full URL https://internetbanking.caixa.gov.br/statics-core/css/style.css?v=38 Requested by Host: caixalnternetbankng.cf URL: https://caixalnternetbankng.cf/Site-Seguro/portal.html?asistema=LR4XB965LR4X-ESLF-LR4XESLFESLF-TY4EESLF Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.201.170.59 Rio de Janeiro, Brazil, ASN20116 (CAIXA ECONOMICA FEDERAL, BR), Reverse DNS internetbanking.caixa.gov.br Software Apache / Resource Hash `bd3b3f9a579bcb804c82e7ca938209fe7da47c584d18ff9c6a3a6656ec453ed7` Request headers Sec-Fetch-Mode no-cors Referer https://caixalnternetbankng.cf/Site-Seguro/portal.html?asistema=LR4XB965LR4X-ESLF-LR4XESLFESLF-TY4EESLF User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 27 Aug 2019 14:36:30 GMT Last-Modified Fri, 23 Aug 2019 20:16:40 GMT Server Apache ETag "41b6b-10300-590ce7be7ba00" Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=60 Content-Length 66304
GET H/1.1	200 OK	print.css internetbanking.caixa.gov.br/statics-core/css/ Frame 6AC5	12 KB 12 KB	1188ms 246ms	Stylesheet text/css	200.201.170.59 CAIXA ECONOMICA F...
General Check archive.org Show headers Download Go to Full URL https://internetbanking.caixa.gov.br/statics-core/css/print.css?v=38 Requested by Host: caixalnternetbankng.cf URL: https://caixalnternetbankng.cf/Site-Seguro/portal.html?asistema=LR4XB965LR4X-ESLF-LR4XESLFESLF-TY4EESLF Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.201.170.59 Rio de Janeiro, Brazil, ASN20116 (CAIXA ECONOMICA FEDERAL, BR), Reverse DNS internetbanking.caixa.gov.br Software Apache / Resource Hash `13dc88ddf97c546c10cbe491e3b3c0be872c5bfa3b059eb25c31b40a7090bef7` Request headers Sec-Fetch-Mode no-cors Referer https://caixalnternetbankng.cf/Site-Seguro/portal.html?asistema=LR4XB965LR4X-ESLF-LR4XESLFESLF-TY4EESLF User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 27 Aug 2019 14:36:31 GMT Last-Modified Fri, 23 Aug 2019 20:16:40 GMT Server Apache ETag "401c4-3091-590ce7be7ba00" Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=60 Content-Length 12433
GET H/1.1	200 OK	principal_desktop.css internetbanking.caixa.gov.br/statics-core/css/ Frame 6AC5	61 KB 61 KB	1346ms 229ms	Stylesheet text/css	200.201.170.59 CAIXA ECONOMICA F...
General Check archive.org Show headers Download Go to Full URL https://internetbanking.caixa.gov.br/statics-core/css/principal_desktop.css?v=38 Requested by Host: caixalnternetbankng.cf URL: https://caixalnternetbankng.cf/Site-Seguro/portal.html?asistema=LR4XB965LR4X-ESLF-LR4XESLFESLF-TY4EESLF Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.201.170.59 Rio de Janeiro, Brazil, ASN20116 (CAIXA ECONOMICA FEDERAL, BR), Reverse DNS internetbanking.caixa.gov.br Software Apache / Resource Hash `a0aab8cb30254290350ce91e06f7ea1bbbf735a191463b09136c35ca0b9a89d7` Request headers Sec-Fetch-Mode no-cors Referer https://caixalnternetbankng.cf/Site-Seguro/portal.html?asistema=LR4XB965LR4X-ESLF-LR4XESLFESLF-TY4EESLF User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 27 Aug 2019 14:36:31 GMT Last-Modified Fri, 23 Aug 2019 20:16:40 GMT Server Apache ETag "41b72-f4b7-590ce7be7ba00" Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=60 Content-Length 62647
GET H/1.1	200 OK	datalist.css internetbanking.caixa.gov.br/statics-core/css/ Frame 6AC5	2 KB 2 KB	1414ms 223ms	Stylesheet text/css	200.201.170.59 CAIXA ECONOMICA F...
General Check archive.org Show headers Download Go to Full URL https://internetbanking.caixa.gov.br/statics-core/css/datalist.css?v=38 Requested by Host: caixalnternetbankng.cf URL: https://caixalnternetbankng.cf/Site-Seguro/portal.html?asistema=LR4XB965LR4X-ESLF-LR4XESLFESLF-TY4EESLF Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.201.170.59 Rio de Janeiro, Brazil, ASN20116 (CAIXA ECONOMICA FEDERAL, BR), Reverse DNS internetbanking.caixa.gov.br Software Apache / Resource Hash `8eede361637e3b42a616c308b76c5e7631496d42fbe280fd57077581ac5371a4` Request headers Sec-Fetch-Mode no-cors Referer https://caixalnternetbankng.cf/Site-Seguro/portal.html?asistema=LR4XB965LR4X-ESLF-LR4XESLFESLF-TY4EESLF User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 27 Aug 2019 14:36:31 GMT Last-Modified Fri, 23 Aug 2019 20:16:40 GMT Server Apache ETag "422ba-85f-590ce7be7ba00" Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=60 Content-Length 2143
GET H/1.1	200 OK	sprites.png internetbanking.caixa.gov.br/statics-core/img/ Frame 6AC5	80 KB 80 KB	693ms 221ms	Image image/png	200.201.170.59 CAIXA ECONOMICA F...
General Check archive.org Show headers Download Go to Show image Full URL https://internetbanking.caixa.gov.br/statics-core/img/sprites.png Requested by Host: caixalnternetbankng.cf URL: https://caixalnternetbankng.cf/Site-Seguro/portal.html?asistema=LR4XB965LR4X-ESLF-LR4XESLFESLF-TY4EESLF Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 200.201.170.59 Rio de Janeiro, Brazil, ASN20116 (CAIXA ECONOMICA FEDERAL, BR), Reverse DNS internetbanking.caixa.gov.br Software Apache / Resource Hash `b07f3473f3a889798a93b7b02c3b9399d4814e82765b988aa54edb93f4d5f2c5` Request headers Sec-Fetch-Mode no-cors Referer https://internetbanking.caixa.gov.br/statics-core/css/login_desktop.css?v=36 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 27 Aug 2019 14:36:32 GMT Last-Modified Fri, 23 Aug 2019 20:16:38 GMT Server Apache ETag "41b40-13ea0-590ce7bc93580" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=60 Content-Length 81568
GET H2	200	152945_img.jpg caixalnternetbankng.cf/Site-Seguro/ Frame 6AC5	218 KB 219 KB	543ms 543ms	Image image/jpeg	2606:4700:30::6812:2713 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://caixalnternetbankng.cf/Site-Seguro/152945_img.jpg Requested by Host: caixalnternetbankng.cf URL: https://caixalnternetbankng.cf/Site-Seguro/portal.html?asistema=LR4XB965LR4X-ESLF-LR4XESLFESLF-TY4EESLF Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::6812:2713 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `d5a7e9f7d26960f0ddb1eee1eca68fc6a2e94450a5f933c11eda00f4cd4e08a5` Request headers Sec-Fetch-Mode no-cors Referer https://caixalnternetbankng.cf/Site-Seguro/portal.html?asistema=LR4XB965LR4X-ESLF-LR4XESLFESLF-TY4EESLF User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 27 Aug 2019 14:36:32 GMT cf-cache-status MISS last-modified Sat, 17 Aug 2019 18:58:07 GMT server cloudflare etag "368ea-59054aff0cdc0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/jpeg status 200 cache-control public, max-age=14400 accept-ranges bytes cf-ray 50cec739befccbbc-VIE content-length 223466 expires Tue, 27 Aug 2019 18:36:31 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: caixalnternetbankng.cf
URL: https://caixalnternetbankng.cf/Site-Seguro/

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Caixa (Government)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

caixalnternetbankng.cf
internetbanking.caixa.gov.br
internetbankinggov.gq
caixalnternetbankng.cf
200.201.170.59
2606:4700:30::6812:2713
2606:4700:30::681f:4e07
09bc93eb4b6de28956fa8a8026f610482bc0bd99ae486df7b771809ae3f37c56
0c2fc23d7c2ef323460a27231418e06970168eb3327d8aa5e69aacdd4a2b77c7
13dc88ddf97c546c10cbe491e3b3c0be872c5bfa3b059eb25c31b40a7090bef7
2e1306a0f200331d7961aa152122cc11709ed97fdd59be3168ecf5e1d18c1ed5
33c26f4726d807036c3446209e8b34b41ff666ee07225db7e9a78c52ff7a8fed
3f07cfc778d2e715d6d81af16712539305298bb2e87a07016ace289b01a44287
57ddea054d4306acced5d393edcb1664cb3ec5c58867be3bf216a11c71cbad4c
843a7d10a616afcc1814bce2988f7ffd41d225c246b7b6372dd1cbe2034c7cbe
8eede361637e3b42a616c308b76c5e7631496d42fbe280fd57077581ac5371a4
8f587cb8a75399b59f0613d30c9177e087672839d6e4b1b98383f14b6b3ce204
9abc1105669b0a00ffa53941da2294cfa15be2de482e994d5997df06ed6f31b0
a0aab8cb30254290350ce91e06f7ea1bbbf735a191463b09136c35ca0b9a89d7
b07f3473f3a889798a93b7b02c3b9399d4814e82765b988aa54edb93f4d5f2c5
b4c238bdf161e37ff7c6f5cfcedbcbd34e2d6138aca82e8506cfa39a7c277da4
bc9a46579160c853e68e60398e41d1a7edacfac7f41068c35ea49503e540d0d1
bd3b3f9a579bcb804c82e7ca938209fe7da47c584d18ff9c6a3a6656ec453ed7
c3892915c37eb021a8fe755d9ce38777b98c6c7bd9c1e090f824a485cadfe460
d5397da43bad40d1b17a76208a614a6b503a814bc38b8cab5ab99594bb055123
d5a7e9f7d26960f0ddb1eee1eca68fc6a2e94450a5f933c11eda00f4cd4e08a5

caixalnternetbankng.cf Open in urlscan Pro 2606:4700:30::6812:2713 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

21 Requests

95 %HTTPS

67 %IPv6

3 Domains

3 Subdomains

4 IPs

2 Countries

1148 kBTransfer

1202 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

0 Cookies

Indicators

caixalnternetbankng.cf Open in urlscan Pro
2606:4700:30::6812:2713 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

95 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

1148 kB
Transfer

1202 kB
Size

0
Cookies

21 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!