consignadodobem.online
Open in
urlscan Pro
2a02:4780:13:1408:0:3992:3113:2
Malicious Activity!
Public Scan
Submission: On April 11 via api from US — Scanned from US
Summary
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on April 10th 2024. Valid for: 3 months.
This is the only time consignadodobem.online was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Caixa (Government)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
13 | 2a02:4780:13:... 2a02:4780:13:1408:0:3992:3113:2 | 47583 (AS-HOSTINGER) (AS-HOSTINGER) | |
3 | 89.116.115.138 89.116.115.138 | 47583 (AS-HOSTINGER) (AS-HOSTINGER) | |
1 | 104.21.53.38 104.21.53.38 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
17 | 3 |
ASN47583 (AS-HOSTINGER, CY)
consignadodobem.online |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
consignadodobem.online
consignadodobem.online |
5 MB |
1 |
userstatics.com
userstatics.com — Cisco Umbrella Rank: 256093 |
634 B |
17 | 2 |
Domain | Requested by | |
---|---|---|
16 | consignadodobem.online |
consignadodobem.online
|
1 | userstatics.com |
consignadodobem.online
|
17 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
consignadodobem.online ZeroSSL RSA Domain Secure Site CA |
2024-04-10 - 2024-07-09 |
3 months | crt.sh |
userstatics.com E1 |
2024-03-28 - 2024-06-26 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://consignadodobem.online/
Frame ID: C6425BF619D7D881F85702B542A479F0
Requests: 17 HTTP requests in this frame
Screenshot
Page Title
Empréstimo Auxilio BrasilDetected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
SweetAlert2 (JavaScript Libraries) Expand
Detected patterns
- <link[^>]+?href="[^"]+sweetalert2(?:\.min)?\.css
- sweetalert2(?:\.all)?(?:\.min)?\.js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
17 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
consignadodobem.online/ |
10 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.css
consignadodobem.online/assets/index_files/css/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
consignadodobem.online/assets/index_files/css/ |
227 KB 27 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.min.css
consignadodobem.online/assets/index_files/css/ |
100 KB 21 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sweetalert2.min.css
consignadodobem.online/assets/index_files/css/ |
22 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aux_brasil.png
consignadodobem.online/assets/index_files/images/ |
24 KB 24 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bolsa_familia_logo.png
consignadodobem.online/assets/index_files/images/ |
18 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
8638314_whatsapp_compress.png
consignadodobem.online/assets/index_files/images/ |
4 MB 4 MB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tutorial_1.png
consignadodobem.online/assets/index_files/images/ |
210 KB 210 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
x-volume-positiva-54-v2.png
consignadodobem.online/assets/index_files/images/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ic-acesso-informacao-54-v2.png
consignadodobem.online/assets/index_files/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sweetalert2.min.js
consignadodobem.online/assets/index_files/js/ |
40 KB 13 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.bundle.min.js
consignadodobem.online/assets/index_files/js/ |
79 KB 22 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fa-solid-900.woff2
consignadodobem.online/assets/index_files/fonts/ |
147 KB 147 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fa-brands-400.woff2
consignadodobem.online/assets/index_files/fonts/ |
105 KB 106 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
caixa_tem.png
consignadodobem.online/assets/index_files/images/ |
9 KB 9 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
script.js
userstatics.com/get/ |
133 B 634 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Caixa (Government)9 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| deleteAllCookies object| aceitarContratoBtn function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal number| uidEvent object| bootstrap0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | upgrade-insecure-requests |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
consignadodobem.online
userstatics.com
104.21.53.38
2a02:4780:13:1408:0:3992:3113:2
89.116.115.138
16ee7f3d53462650bbd32e263c48c0ea759574fcf620c681ad719008912c461a
254035f46a1e99ce2bb3c0bf1a19658809e8351e2a9d5f7ebc57193ee0a4cbf0
311f1ab2729014aa567869f260192aa0de9283534efa405bd36d1b8d8f235270
4785b6972fb2353f0b4e7bb64ff081d2f3cbbfc555de4132b41cd9fb2faef104
5ba7b24088ced5ffe836b6ccb3256a298ae314fa39370d81660f900617f3519a
5edac30d081073096f7d5b8e7c14841e1fc25e1488378985d058e89056943432
61191c03ed92a40bcd0c72abe56c3be8ccd599a73438e1fcd7f09431da160772
714c76b566247379dbb72bc485b762433a0c5a19277f538bbb0daab84db031f7
7152a6933ee3d690ec2af3d09da9d701723d16aa3410a6d80f28ff8866f3b880
748332090c4b8e20f95d0ff59f0be20fa9c889359d3b36d4b886d73376054207
8651eae74447f591887264b3e8d5407f67475149f8ef903840449e10f5e35604
a23bc241647e57f561aef14b09c3e9c6ea14caf2358278cc725eeb179b303ea3
af3b21fef32af9e224f88c344c2a09554c5c5041e5a62f0dff96806ce8906995
b594b8d833ee6135c84734924c94bd83028fbfcfa98256c17cdb4950dbddc96e
c547741d4973888d9f430629a7c626a0dc36515ef33c7b4c8bc86a73a3360160
df22f350b3aa8616d1717e2125575073d29ac5ed8886139b855a08ec8c657300
df9690fea031319de38a437cb6d393026c4aae70642ed394c4254ed64f035b26