emprestimo-consig-bolsafamilia.click Open in urlscan Pro
2606:4700:3035::6815:9cf Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://emprestimo-consig-bolsafamilia.click/
Effective URL:
https://emprestimo-consig-bolsafamilia.click/atualizar/
Submission Tags: suspect
Submission: On May 23 via api (May 23rd 2024, 1:54:05 pm UTC) from BR — Scanned from DE

Summary HTTP 19 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 19 HTTP transactions. The main IP is 2606:4700:3035::6815:9cf, located in United States and belongs to CLOUDFLARENET, US. The main domain is emprestimo-consig-bolsafamilia.click.
TLS certificate: Issued by GTS CA 1P5 on May 22nd 2024. Valid for: 3 months.

This is the only time emprestimo-consig-bolsafamilia.click was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Caixa (Government)

Domain & IP information

	IP Address	AS Autonomous System
1 18	2606:4700:303... 2606:4700:3035::6815:9cf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42::649 2a04:4e42::649	54113 (FASTLY) (FASTLY)
1	188.114.96.9 188.114.96.9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	3

18 2606:4700:3035::6815:9cf (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

emprestimo-consig-bolsafamilia.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.96.9 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

userstatics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	emprestimo-consig-bolsafamilia.click 1 redirects emprestimo-consig-bolsafamilia.click	10 MB
1	userstatics.com userstatics.com — Cisco Umbrella Rank: 90025	632 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 776	31 KB
19	3

	Domain	Requested by
18	emprestimo-consig-bolsafamilia.click	1 redirects emprestimo-consig-bolsafamilia.click
1	userstatics.com	emprestimo-consig-bolsafamilia.click
1	code.jquery.com	emprestimo-consig-bolsafamilia.click
19	3

This site contains no links.

Subject Issuer	Validity	Valid
emprestimo-consig-bolsafamilia.click GTS CA 1P5	`2024-05-22` - `2024-08-20`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
userstatics.com E1	`2024-03-28` - `2024-06-26`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://emprestimo-consig-bolsafamilia.click/atualizar/
Frame ID: 213134E65CFA3AA4C99629713EA85B2F
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Empréstimo Auxilio Brasil

Page URL History Show full URLs

http://emprestimo-consig-bolsafamilia.click/ HTTP 307
https://emprestimo-consig-bolsafamilia.click/ HTTP 302
https://emprestimo-consig-bolsafamilia.click/atualizar/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

SweetAlert2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+?href="[^"]+sweetalert2(?:\.min)?\.css
sweetalert2(?:\.all)?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

10189 kB
Transfer

10615 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://emprestimo-consig-bolsafamilia.click/ HTTP 307
https://emprestimo-consig-bolsafamilia.click/ HTTP 302
https://emprestimo-consig-bolsafamilia.click/atualizar/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
emprestimo-consig-bolsafamilia.click/atualizar/
Redirect Chain

http://emprestimo-consig-bolsafamilia.click/
https://emprestimo-consig-bolsafamilia.click/
https://emprestimo-consig-bolsafamilia.click/atualizar/

10 KB
4 KB

35ms
35ms

Document
text/html

2606:4700:3035::6815:9cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://emprestimo-consig-bolsafamilia.click/atualizar/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:9cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c9425015ad9bd4812440051995c29df37b98444f817fcf9a2ec47d701311862

Security Headers

Name	Value
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
referer: https://www.google.com

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 88858915890c39be-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 23 May 2024 13:54:01 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
referrer-policy: same-origin same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pgN11ocpDAeAbzbgkIJoSIqBe71Vach9xDOLdcUFdO6EemSKirrH8hzlOuNmss6uvWAX6WkBBqVb4ozyjYlhsEo%2BxzuhenAdtfbUjKbSnXLnr5tz77TeQl2GSJ5uXnXBYukthBFyztJ%2FrqgNB%2FUP5fH%2Fv4vcP3gI3VHnRPwAdxnxhFE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff nosniff
x-frame-options: SAMEORIGIN SAMEORIGIN
x-permitted-cross-domain-policies: master-only master-only
x-xss-protection: 1; mode=block 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 88858915183739be-FRA
content-type: text/html; charset=UTF-8
date: Thu, 23 May 2024 13:54:01 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: atualizar/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
referrer-policy: same-origin same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J%2B1z69q1R3py%2BH7oZgwiM8C2rXr70evI71T6SysmO%2FKNYEopAlob8coK7N7VR0l1HpwPrNdH7cGO040%2BzcwSEj%2F85dqH7pxV%2FuXOPUjzkl3HBr9MYUrdmtFqRCbeltp4R0CeUW5eAQq7Mhn6oD0YurthTkxH9cx1HfsOObGTDxg9zD0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-content-type-options: nosniff nosniff
x-frame-options: SAMEORIGIN SAMEORIGIN
x-permitted-cross-domain-policies: master-only master-only
x-xss-protection: 1; mode=block 1; mode=block

GET
H2 200 jquery-3.6.4.min.js Show response
code.jquery.com/ 88 KB
31 KB 41ms
6ms Script
application/javascript 2a04:4e42::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.4.min.js
Requested by: Host: emprestimo-consig-bolsafamilia.click
URL: https://emprestimo-consig-bolsafamilia.click/atualizar/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Thu, 23 May 2024 13:54:01 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 21670241
x-cache: HIT, HIT
content-length: 31011
x-served-by: cache-lga21953-LGA, cache-fra-eddf8230103-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1716472441.278935,VS0,VE0
etag: W/"28feccc0-15ec3"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 133, 15854

GET
H3 200 index.css
emprestimo-consig-bolsafamilia.click/atualizar/css/ 3 KB
1 KB 102ms
101ms Stylesheet
text/css 2606:4700:3035::6815:9cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://emprestimo-consig-bolsafamilia.click/atualizar/css/index.css
Requested by: Host: emprestimo-consig-bolsafamilia.click
URL: https://emprestimo-consig-bolsafamilia.click/atualizar/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:9cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df22f350b3aa8616d1717e2125575073d29ac5ed8886139b855a08ec8c657300

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Thu, 23 May 2024 13:54:01 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 19 Nov 2023 18:27:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"655a5386-ba7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EDYSTIrSSELVFbLCaNqBNvrp2UobZR8%2BJuuf61vILHoc7jFto%2BOcTTxHfBMgOoj1MwMkivO8laOcfOnTlG7MUuTI4Pvu2efym7CLfkF8K3UxC7cJ%2FUte%2BXx6T2MkkzH0lBgHVT1JqjPE4ZjCcmxXiJMep%2BE3yoT62l6lpUTTB6idMdU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 88858915c95439be-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 bootstrap.min.css
emprestimo-consig-bolsafamilia.click/atualizar/css/ 227 KB
33 KB 110ms
109ms Stylesheet
text/css 2606:4700:3035::6815:9cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://emprestimo-consig-bolsafamilia.click/atualizar/css/bootstrap.min.css
Requested by: Host: emprestimo-consig-bolsafamilia.click
URL: https://emprestimo-consig-bolsafamilia.click/atualizar/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:9cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16ee7f3d53462650bbd32e263c48c0ea759574fcf620c681ad719008912c461a

Request headers

Referer: https://www.google.com
Origin: https://emprestimo-consig-bolsafamilia.click
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Thu, 23 May 2024 13:54:01 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 19 Nov 2023 18:27:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"655a5386-38cf3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QdqzQkn5pbOk8aPk8HmXjz0G%2BV%2BhDBUZFQ5VTAliT76Kl9p1%2FCUM71gnhdyONGL%2BYcmsfwAdHBRMOCnUNihjbxhQQSCEJnp8p%2B3siPRzVRckSb%2F48bAt1s6T5YIzBTxZFDmG747fO%2FoiLlgDtkjiKlkVGWTbTQ81gQw5eqd6IQRODyk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 88858915c95839be-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 all.min.css
emprestimo-consig-bolsafamilia.click/atualizar/css/ 100 KB
23 KB 77ms
76ms Stylesheet
text/css 2606:4700:3035::6815:9cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://emprestimo-consig-bolsafamilia.click/atualizar/css/all.min.css
Requested by: Host: emprestimo-consig-bolsafamilia.click
URL: https://emprestimo-consig-bolsafamilia.click/atualizar/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:9cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4785b6972fb2353f0b4e7bb64ff081d2f3cbbfc555de4132b41cd9fb2faef104

Request headers

Referer: https://www.google.com
Origin: https://emprestimo-consig-bolsafamilia.click
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Thu, 23 May 2024 13:54:01 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 19 Nov 2023 18:27:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"655a5386-18e4d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zgw0cg2BLyrChS7qXTWZznbpN52gDDtcP4QTlo4PibsZemyH62ePQGlvntOKmlTt%2B7YpzozUhEWZPIbgSeZwnz%2BP21NAU3y2eZNB5qf2ZPMjdgxAzWNRL1c3NQO%2FRlSWHD3ZJfm9oOpsixUds0TShhaaZoWa%2B29fINUkDHij1Kj9TsI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 88858915c95939be-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 sweetalert2.min.css
emprestimo-consig-bolsafamilia.click/atualizar/css/ 22 KB
5 KB 61ms
60ms Stylesheet
text/css 2606:4700:3035::6815:9cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://emprestimo-consig-bolsafamilia.click/atualizar/css/sweetalert2.min.css
Requested by: Host: emprestimo-consig-bolsafamilia.click
URL: https://emprestimo-consig-bolsafamilia.click/atualizar/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:9cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b594b8d833ee6135c84734924c94bd83028fbfcfa98256c17cdb4950dbddc96e

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Thu, 23 May 2024 13:54:01 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 19 Nov 2023 18:27:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"655a5386-58a2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MC0djujjf3jqSZEfbjj0REke1SzOW40d6YdbkdGV5wVzQTYJPN8n08QocOBR5xsnaD%2F5ZuQudrQtc33v7if4QjBlFXs4QN9dyMwOAmF3iYIPrnGpoE%2Fr92q3MGAKCZkXMEl7hnr7mf5I18QuPRt4%2BzuRsP6HJmjgKVjJUslZDlenIaw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 88858915c95c39be-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 aux_brasil.png
emprestimo-consig-bolsafamilia.click/atualizar/images/ 24 KB
25 KB 54ms
53ms Image
image/png 2606:4700:3035::6815:9cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emprestimo-consig-bolsafamilia.click/atualizar/images/aux_brasil.png
Requested by: Host: emprestimo-consig-bolsafamilia.click
URL: https://emprestimo-consig-bolsafamilia.click/atualizar/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:9cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 714c76b566247379dbb72bc485b762433a0c5a19277f538bbb0daab84db031f7

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Thu, 23 May 2024 13:54:01 GMT
cf-cache-status: MISS
last-modified: Sun, 19 Nov 2023 18:27:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"655a5386-6157"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qQKWc6pJQAxWPJygo2woSgSK2KL4VakXba3faWJ96SjFV20L7bGTB6Nj6ThcQ71n7C47oBYgEW4xUE9m74bugoxr4ZHPrgnSmqStPvZpkDwm9WliZ%2Bmiypf6TrLrZj%2Ff0sWIKvSOEf5WMOPeSwTc%2FCRuINxz6ijnJ1KqyH6tYgSSY8I%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 88858915c95d39be-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 bolsa_familia_logo.png
emprestimo-consig-bolsafamilia.click/atualizar/images/ 18 KB
19 KB 64ms
63ms Image
image/png 2606:4700:3035::6815:9cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emprestimo-consig-bolsafamilia.click/atualizar/images/bolsa_familia_logo.png
Requested by: Host: emprestimo-consig-bolsafamilia.click
URL: https://emprestimo-consig-bolsafamilia.click/atualizar/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:9cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c547741d4973888d9f430629a7c626a0dc36515ef33c7b4c8bc86a73a3360160

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Thu, 23 May 2024 13:54:01 GMT
cf-cache-status: MISS
last-modified: Sun, 19 Nov 2023 18:27:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"655a5386-47fd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3w7U78SILAL9C12BmqQcXOmKZigQIaf%2BpxL3EBEqNaW%2Fyq1ei91rronYFxpASkMIJklUU944rYwkboqXrWq0jo0mbZOWMMg3%2FyBucBsgJvwTyGazGX%2FvWphfZ1Tk2HDlI08%2FZSPX5OHw5pCc1ZYss5Kl3KPktc6uRMcusxsP3swFmUg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 88858915c95e39be-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 site2.png
emprestimo-consig-bolsafamilia.click/atualizar/images/ 9 MB
9 MB 69ms
68ms Image
image/png 2606:4700:3035::6815:9cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emprestimo-consig-bolsafamilia.click/atualizar/images/site2.png
Requested by: Host: emprestimo-consig-bolsafamilia.click
URL: https://emprestimo-consig-bolsafamilia.click/atualizar/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:9cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc34263eef5b8e46a858b4594b7ab0100ef6e14f96bc58cc905aea1afe4871eb

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Thu, 23 May 2024 13:54:01 GMT
cf-cache-status: MISS
last-modified: Wed, 22 May 2024 16:13:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"664e19ae-94e4fd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CLWMTNzkHj0RXc7EHu1Iyi399C9SnBbzma8q%2FJkABndwhDq2aXXGgP1XBAHbJhcb2ZxfP3bC4TUeVNMJDGIQrvVysMgLy0srpDEkpd9Irs4q2xuDbq1eTwRU8JQJvgcTY2j5uTBrGjlarnEDN%2BkjgHe9Ybi4%2BS4Yzlpc2lQ861Ynv%2FE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 8885891629ea39be-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 tutorial_1.png
emprestimo-consig-bolsafamilia.click/atualizar/images/ 210 KB
211 KB 94ms
93ms Image
image/png 2606:4700:3035::6815:9cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emprestimo-consig-bolsafamilia.click/atualizar/images/tutorial_1.png
Requested by: Host: emprestimo-consig-bolsafamilia.click
URL: https://emprestimo-consig-bolsafamilia.click/atualizar/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:9cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af3b21fef32af9e224f88c344c2a09554c5c5041e5a62f0dff96806ce8906995

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Thu, 23 May 2024 13:54:01 GMT
cf-cache-status: MISS
last-modified: Sun, 19 Nov 2023 18:27:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"655a5386-347d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z12VyGO9i%2FBBX8a1Y0pAZOYeDdmFvs46fwlE8ZzRNado%2F0KMezUobLRdswaNR0T5MaTses7Ymv2ku0kvI6yHCiX%2Byw7i4B%2F3hCRVpz5Kxae4Bmavd5YV62n3NsySALDjyWy9nYg5nAlPQVHFTQ%2BwSJtHECs36JHoYy%2F8kPJjMaXopNY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 8885891629f339be-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 x-volume-positiva-54-v2.png
emprestimo-consig-bolsafamilia.click/atualizar/images/ 1 KB
2 KB 62ms
62ms Image
image/png 2606:4700:3035::6815:9cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emprestimo-consig-bolsafamilia.click/atualizar/images/x-volume-positiva-54-v2.png
Requested by: Host: emprestimo-consig-bolsafamilia.click
URL: https://emprestimo-consig-bolsafamilia.click/atualizar/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:9cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 311f1ab2729014aa567869f260192aa0de9283534efa405bd36d1b8d8f235270

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Thu, 23 May 2024 13:54:01 GMT
cf-cache-status: MISS
last-modified: Sun, 19 Nov 2023 18:27:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"655a5386-4a4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DDqjZjKWa2mOOimsPVl1MPb6EKu0HPJvyQh30R0UqbLCBvaUxUuHe4F3S5Gvj4mTSLC0BXgn9KsvYYZr3JBKYgD620hplRgBNy1iwQ08VtDB56vUdVfbsrBkbq9OfqFigaveNuPTetq8XcL1HRQ1IXB3Fh2r23fTyGyhuOHeR5SJYVw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 8885891629f539be-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 ic-acesso-informacao-54-v2.png
emprestimo-consig-bolsafamilia.click/atualizar/images/ 2 KB
2 KB 63ms
63ms Image
image/png 2606:4700:3035::6815:9cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emprestimo-consig-bolsafamilia.click/atualizar/images/ic-acesso-informacao-54-v2.png
Requested by: Host: emprestimo-consig-bolsafamilia.click
URL: https://emprestimo-consig-bolsafamilia.click/atualizar/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:9cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8651eae74447f591887264b3e8d5407f67475149f8ef903840449e10f5e35604

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Thu, 23 May 2024 13:54:01 GMT
cf-cache-status: MISS
last-modified: Sun, 19 Nov 2023 18:27:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"655a5386-6ea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qOHjnMaQOthxDOiMD5qw0lm3pnPoQsdz5L9HFkiGdlkWhH1fZ6%2BwKLJBvlZ4O3ORd8LtUZAKJNYEijGGpkk26gYBM91qOR6TIuaM61C2QtE%2Bl8ImxWteFYNTHeP4Khetp59qPog1TP2g49OS6RtyUio0pz83CISBYUjnpfGtZl8psJQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 888589162a0339be-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 sweetalert2.min.js Show response
emprestimo-consig-bolsafamilia.click/atualizar/js/ 40 KB
14 KB 61ms
60ms Script
application/javascript 2606:4700:3035::6815:9cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://emprestimo-consig-bolsafamilia.click/atualizar/js/sweetalert2.min.js
Requested by: Host: emprestimo-consig-bolsafamilia.click
URL: https://emprestimo-consig-bolsafamilia.click/atualizar/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:9cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 254035f46a1e99ce2bb3c0bf1a19658809e8351e2a9d5f7ebc57193ee0a4cbf0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Thu, 23 May 2024 13:54:01 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 19 Nov 2023 18:27:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"655a5386-a179"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dc43HomDptJSNiUC0dRGVIuNlhrid8XzXbBpz%2ByDy7a8pHnwUoO%2FKHBVmU9ZwdKd2b6Nc%2BMU2pBZ4jTt%2BttPGsa00aKX0xa5jMVrWsQP6f8IHyzv204Wn6ZQUaRVssC8Y0TGfz7afrzGcR%2FZE2TPvJSsdrEo3mV6T2v8zPbZnlHeLxg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 8885891629fa39be-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 bootstrap.bundle.min.js Show response
emprestimo-consig-bolsafamilia.click/atualizar/js/ 79 KB
24 KB 77ms
76ms Script
application/javascript 2606:4700:3035::6815:9cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://emprestimo-consig-bolsafamilia.click/atualizar/js/bootstrap.bundle.min.js
Requested by: Host: emprestimo-consig-bolsafamilia.click
URL: https://emprestimo-consig-bolsafamilia.click/atualizar/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:9cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a23bc241647e57f561aef14b09c3e9c6ea14caf2358278cc725eeb179b303ea3

Request headers

Referer: https://www.google.com
Origin: https://emprestimo-consig-bolsafamilia.click
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Thu, 23 May 2024 13:54:01 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 19 Nov 2023 18:27:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"655a5386-13b4d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VdYDxK2BZEcMta6CR5w2Octo2DTPu7FIqB76WB%2FKpeLQNLyG%2Fa2WCJN9RjDgTlemak2M%2Fh%2FNtLE7a5avC8GlEDVteR8EgmEck2TedqLVExljh1mBivW6hJ4hYSUbPAg6J0tIr4gMe%2Fhk2X%2B2lnEqVmE%2BHGIFGffaH0b7Mw6vYamoX8o%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 888589162a0039be-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 fa-solid-900.woff2
emprestimo-consig-bolsafamilia.click/atualizar/fonts/ 147 KB
147 KB 64ms
64ms Font
application/octet-stream 2606:4700:3035::6815:9cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://emprestimo-consig-bolsafamilia.click/atualizar/fonts/fa-solid-900.woff2
Requested by: Host: emprestimo-consig-bolsafamilia.click
URL: https://emprestimo-consig-bolsafamilia.click/atualizar/css/all.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:9cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7152a6933ee3d690ec2af3d09da9d701723d16aa3410a6d80f28ff8866f3b880

Request headers

Referer: https://www.google.com
Origin: https://emprestimo-consig-bolsafamilia.click
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Thu, 23 May 2024 13:54:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 150124
last-modified: Sun, 19 Nov 2023 18:27:18 GMT
server: cloudflare
etag: "655a5386-24a6c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eBSGvEg2j1VRmtnUI3SUYGYjhnXcJ7z3LBZXHNsHMIk3AJapO4jZhxC%2FbwomSSneNG3LUIyJYisAv0%2BJkYNcoWzPLdmVS0V8hThPO%2FHD5aRvsc4lfYvNtxKUVPx3bsp8wv3Rx4hrLdNVgjvpbYdFv1CpWMpsIfq0G5Y1N0JjXNYO4Uc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 888589169abf39be-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 fa-brands-400.woff2
emprestimo-consig-bolsafamilia.click/atualizar/fonts/ 105 KB
106 KB 55ms
55ms Font
application/octet-stream 2606:4700:3035::6815:9cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://emprestimo-consig-bolsafamilia.click/atualizar/fonts/fa-brands-400.woff2
Requested by: Host: emprestimo-consig-bolsafamilia.click
URL: https://emprestimo-consig-bolsafamilia.click/atualizar/css/all.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:9cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 748332090c4b8e20f95d0ff59f0be20fa9c889359d3b36d4b886d73376054207

Request headers

Referer: https://www.google.com
Origin: https://emprestimo-consig-bolsafamilia.click
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Thu, 23 May 2024 13:54:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 108020
last-modified: Sun, 19 Nov 2023 18:27:18 GMT
server: cloudflare
etag: "655a5386-1a5f4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j8YTl12ke5fV4TqaejB%2FQpNG8LQ1fszTa6UiYZBH5EdNb5zgc1HgdMEatRoxM%2F30b%2FBsRoqJaZI0G7o1NgpFoo1S6pkKV8Z5%2BB5SRKj2vwTcl1lfNVYbkSiVo9SGd3poTkeyCpYaAL9Rcq%2BDS9hgNVXi8mcwMty28Y1l4f3T%2B9xoKnM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 88858916aacf39be-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H3 200 online.php Show response
emprestimo-consig-bolsafamilia.click/atualizar/ 0
669 B 850ms
849ms Fetch
text/html 2606:4700:3035::6815:9cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://emprestimo-consig-bolsafamilia.click/atualizar/online.php

Requested by

Host: emprestimo-consig-bolsafamilia.click
URL: https://emprestimo-consig-bolsafamilia.click/atualizar/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:9cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://www.google.com
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 23 May 2024 13:54:01 GMT
content-encoding: br
x-content-type-options: nosniff, nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: master-only, master-only
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block, 1; mode=block
pragma: no-cache
referrer-policy: same-origin, same-origin
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: text/html; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6lF5736lILo2k1%2BCV3z2L03xsUqoT4OG%2FOI08JC5TSqdHXiG%2FsV1ieQKP163MNJ%2FXd4e%2FA9uVwmOUaQZfDnCUz29Ncr5OdDVaz7wo1L%2FJROmhjRVHusCyWXWWZuaC4galREwWDIh7eghAv9O%2F53Vkh0457a2eIwZXxRKmmqtrh%2F0TZc%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-store, no-cache, must-revalidate
cf-ray: 88858916bae939be-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 caixa_tem.png
emprestimo-consig-bolsafamilia.click/atualizar/ 9 KB
10 KB 59ms
59ms Other
image/png 2606:4700:3035::6815:9cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://emprestimo-consig-bolsafamilia.click/atualizar/caixa_tem.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:9cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ba7b24088ced5ffe836b6ccb3256a298ae314fa39370d81660f900617f3519a

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Thu, 23 May 2024 13:54:02 GMT
cf-cache-status: MISS
last-modified: Mon, 12 Feb 2024 07:02:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65c9c2a0-2471"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=neFK5UWh5Iel4NHTd9aVeGBbxaDfoN5r41utrlBkI%2BY%2FOVgmGZOFNke%2FRRCmWEM7ckzU020PEzjlgZ10y3w2GLdLMYlkTufSClHzMCim4Y%2Bem401hceciykz5B8dFqmcZE%2FdXx%2FyxNoGMCEADwo%2FbvpAbVy9zljfHlbWZ6O4W13WcnI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 8885891c2b7b39be-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 script.js Show response
userstatics.com/get/ 133 B
632 B 116ms
70ms Script
text/html 188.114.96.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userstatics.com/get/script.js?referrer=https://emprestimo-consig-bolsafamilia.click/atualizar/
Requested by: Host: emprestimo-consig-bolsafamilia.click
URL: https://emprestimo-consig-bolsafamilia.click/atualizar/js/bootstrap.bundle.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.2.1
Resource Hash: df9690fea031319de38a437cb6d393026c4aae70642ed394c4254ed64f035b26

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Thu, 23 May 2024 13:54:02 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/8.2.1
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.google.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=corDAu99Zkdz9wcIQ5CUZKNUtSq%2BlQtu8Wj4gPdUH2nsS6t3PTneSnmIqWQ6usyVeXqqZp%2FrdYaRg3tLRbuK2PL%2BDoO%2FzdU0j8ymdDWAi2XhrX0zKLAFu32NFGVCe3vdz3U%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 8885891db87bbb55-FRA
access-control-allow-headers: X-Requested-With,content-type
alt-svc: h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Caixa (Government)

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			emprestimo-consig-bolsafamilia.click/atualizar	1970-01-20 20:48:32	Name: PHPREFS Value: full
			emprestimo-consig-bolsafamilia.click/	1969-12-31 23:59:59	Name: PHPSESSID Value: 3ev0fg2od3f0tisb0cgepllf2u

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
emprestimo-consig-bolsafamilia.click
userstatics.com
188.114.96.9
2606:4700:3035::6815:9cf
2a04:4e42::649
16ee7f3d53462650bbd32e263c48c0ea759574fcf620c681ad719008912c461a
254035f46a1e99ce2bb3c0bf1a19658809e8351e2a9d5f7ebc57193ee0a4cbf0
311f1ab2729014aa567869f260192aa0de9283534efa405bd36d1b8d8f235270
4785b6972fb2353f0b4e7bb64ff081d2f3cbbfc555de4132b41cd9fb2faef104
5ba7b24088ced5ffe836b6ccb3256a298ae314fa39370d81660f900617f3519a
714c76b566247379dbb72bc485b762433a0c5a19277f538bbb0daab84db031f7
7152a6933ee3d690ec2af3d09da9d701723d16aa3410a6d80f28ff8866f3b880
748332090c4b8e20f95d0ff59f0be20fa9c889359d3b36d4b886d73376054207
8651eae74447f591887264b3e8d5407f67475149f8ef903840449e10f5e35604
8c9425015ad9bd4812440051995c29df37b98444f817fcf9a2ec47d701311862
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af
a23bc241647e57f561aef14b09c3e9c6ea14caf2358278cc725eeb179b303ea3
af3b21fef32af9e224f88c344c2a09554c5c5041e5a62f0dff96806ce8906995
b594b8d833ee6135c84734924c94bd83028fbfcfa98256c17cdb4950dbddc96e
c547741d4973888d9f430629a7c626a0dc36515ef33c7b4c8bc86a73a3360160
cc34263eef5b8e46a858b4594b7ab0100ef6e14f96bc58cc905aea1afe4871eb
df22f350b3aa8616d1717e2125575073d29ac5ed8886139b855a08ec8c657300
df9690fea031319de38a437cb6d393026c4aae70642ed394c4254ed64f035b26
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

emprestimo-consig-bolsafamilia.click Open in urlscan Pro 2606:4700:3035::6815:9cf Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

19 Requests

100 %HTTPS

67 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

10189 kBTransfer

10615 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

12 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

emprestimo-consig-bolsafamilia.click Open in urlscan Pro
2606:4700:3035::6815:9cf Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

10189 kB
Transfer

10615 kB
Size

2
Cookies

19 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!