atendimentoauxbrasil.com
Open in
urlscan Pro
2606:4700:3031::6815:b09
Malicious Activity!
Public Scan
Effective URL: https://atendimentoauxbrasil.com/
Submission: On March 22 via api from BR — Scanned from DE
Summary
TLS certificate: Issued by E1 on March 21st 2024. Valid for: 3 months.
This is the only time atendimentoauxbrasil.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Caixa (Government)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 20 | 2606:4700:303... 2606:4700:3031::6815:b09 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
18 | 1 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
20 |
atendimentoauxbrasil.com
2 redirects
atendimentoauxbrasil.com |
173 KB |
18 | 1 |
Domain | Requested by | |
---|---|---|
20 | atendimentoauxbrasil.com |
2 redirects
atendimentoauxbrasil.com
|
18 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
atendimentoauxbrasil.com E1 |
2024-03-21 - 2024-06-19 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://atendimentoauxbrasil.com/
Frame ID: 73193FB8CE41977546350EEB79472944
Requests: 16 HTTP requests in this frame
Frame:
https://atendimentoauxbrasil.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/de9364586261/main.js
Frame ID: 8668EA3612AFEBD1B60E75E205D8D333
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
Atualizar CadastroPage URL History Show full URLs
-
http://atendimentoauxbrasil.com/
HTTP 301
https://atendimentoauxbrasil.com/ Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://atendimentoauxbrasil.com/
HTTP 301
https://atendimentoauxbrasil.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 15- https://atendimentoauxbrasil.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
- https://atendimentoauxbrasil.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/de9364586261/main.js
18 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
atendimentoauxbrasil.com/ Redirect Chain
|
10 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
9ea5396315fa3886.css
atendimentoauxbrasil.com/_next/static/css/ |
17 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webpack-025d74bd7db3d767.js
atendimentoauxbrasil.com/_next/static/chunks/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fd9d1056-9681f18c26df3d08.js
atendimentoauxbrasil.com/_next/static/chunks/ |
168 KB 53 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
69-b20acf2b03838559.js
atendimentoauxbrasil.com/_next/static/chunks/ |
109 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main-app-e0e133209c2427ca.js
atendimentoauxbrasil.com/_next/static/chunks/ |
462 B 511 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
53c13509-95c3739a981fb75b.js
atendimentoauxbrasil.com/_next/static/chunks/ |
1 KB 897 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
344-e6107a81c739a3b8.js
atendimentoauxbrasil.com/_next/static/chunks/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
150-bca498b1a7c627aa.js
atendimentoauxbrasil.com/_next/static/chunks/ |
20 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
757-2136c83bdc94837f.js
atendimentoauxbrasil.com/_next/static/chunks/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
page-a49fdae0edf153c6.js
atendimentoauxbrasil.com/_next/static/chunks/app/(listening)/ |
5 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
layout-54826cd97e521e91.js
atendimentoauxbrasil.com/_next/static/chunks/app/(listening)/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
242-683b3c24ca3f8728.js
atendimentoauxbrasil.com/_next/static/chunks/ |
14 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
layout-16c20b2bed471b03.js
atendimentoauxbrasil.com/_next/static/chunks/app/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
c9a5bc6a7c948fb0-s.p.woff2
atendimentoauxbrasil.com/_next/static/media/ |
45 KB 46 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
image
atendimentoauxbrasil.com/_next/ |
3 KB 3 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
main.js
atendimentoauxbrasil.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/de9364586261/ Frame 8668 Redirect Chain
|
8 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
8685a32a4f442a7c
atendimentoauxbrasil.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 8668 |
0 618 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Caixa (Government)6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| __next_f object| webpackChunk_N_E undefined| _N_E object| next number| __NUMBER_OF_JOTAI_INSTANCES__1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.atendimentoauxbrasil.com/ | Name: cf_clearance Value: XqUM.TaO4WzFau0qKJ7qhB.ve6BxUo8MbaqcZDpNeNg-1711104801-1.0.1.1-Aw7sN4ZrSNAudfElagN3iQnxl0MuH44OZPicQBtOFblZRtk8vGSKrc3uniq2PTV7HerPNRZDfGdU2BtdZz8o0A |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
atendimentoauxbrasil.com
2606:4700:3031::6815:b09
06f33f42bb5957180eb8d1a07fa7513b27541310fe8f68e3b2e3ea0e74767908
1cc60f27f8000005e403d63c0f634e1e59c0627823d489f6936b02d44121cd00
1ea5aafac4bc78351271d2c778ed58822c047d955163bd21e50d31993e543183
3bcf04ca301e44f13f404c8a04aa4ae707f67a950e12ef30c238f96e784266a1
3c374970250d052429486f8cc13a592e7604b0ee61b81eed252c91ca846dcca7
3f5c53b72daa51dc8d63cd0c3f20c39dc301b819d3dbcc717554261a3391481b
44fc9226a75f47e78cd139f2887a0a82bf26cef2532a7dada100717c0371ba77
463bde993d3499025bf810198c805c608ac2e779ac91ee36b97ec23cb7c9cb5e
7be40091c0770b62831218926409f61d35724c322d63fd5998041aeb2481e2b3
829538342ab371607599c9515a5fa55a22ca6607148c5ba6d17b324db65d9ead
9b9fb82ab6ceb991ca0920f0c73e2d250cea8e17c961a5a1c82af3e37f2eff15
a18c446de2faa7525f5fa0770aef555ac613cda4ef905296eb62a34522a2af70
a9755ba93bcbeada55e2ce41611f69df26a0667b5c11b06c2cf3e8d5ae164794
d4975d59d81ab0f522ed543d52cc1c30735688d1feea1a824f1d61cbaac41c8f
d58f593670093a84e98ab448ad6cde3a627f09cb80dcd502cf71c79044baa1b2
d9fe17b0b27e359bfb49b7d1e705f575b0ca71728e424b610f0347bf7890f0a7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef9004fd9cf772a49461b7583358c16c0e3dfbd60a7485f8020ce7ce48b5ed8b