consignadodobem.online Open in urlscan Pro
2a02:4780:13:1408:0:3992:3113:2 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://consignadodobem.online/
Submission: On April 11 via api (April 11th 2024, 3:51:44 am UTC) from US — Scanned from US

Summary HTTP 17 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 2 domains to perform 17 HTTP transactions. The main IP is 2a02:4780:13:1408:0:3992:3113:2, located in São Paulo, Brazil and belongs to AS-HOSTINGER, CY. The main domain is consignadodobem.online.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on April 10th 2024. Valid for: 3 months.

This is the only time consignadodobem.online was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Caixa (Government)

Domain & IP information

	IP Address	AS Autonomous System
13	2a02:4780:13:... 2a02:4780:13:1408:0:3992:3113:2	47583 (AS-HOSTINGER) (AS-HOSTINGER)
3	89.116.115.138 89.116.115.138	47583 (AS-HOSTINGER) (AS-HOSTINGER)
1	104.21.53.38 104.21.53.38	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	3

13 2a02:4780:13:1408:0:3992:3113:2 (São Paulo, Brazil)

ASN47583 (AS-HOSTINGER, CY)

consignadodobem.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 89.116.115.138 (Lithuania)

ASN47583 (AS-HOSTINGER, CY)

consignadodobem.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.53.38 (None, )

ASN13335 (CLOUDFLARENET, US)

userstatics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	consignadodobem.online consignadodobem.online	5 MB
1	userstatics.com userstatics.com — Cisco Umbrella Rank: 256093	634 B
17	2

	Domain	Requested by
16	consignadodobem.online	consignadodobem.online
1	userstatics.com	consignadodobem.online
17	2

This site contains no links.

Subject Issuer	Validity	Valid
consignadodobem.online ZeroSSL RSA Domain Secure Site CA	`2024-04-10` - `2024-07-09`	3 months	crt.sh
userstatics.com E1	`2024-03-28` - `2024-06-26`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://consignadodobem.online/
Frame ID: C6425BF619D7D881F85702B542A479F0
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Empréstimo Auxilio Brasil

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

SweetAlert2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+?href="[^"]+sweetalert2(?:\.min)?\.css
sweetalert2(?:\.all)?(?:\.min)?\.js

Page Statistics

17
Requests

100 %
HTTPS

33 %
IPv6

2
Domains

2
Subdomains

3
IPs

3
Countries

4662 kB
Transfer

5049 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
consignadodobem.online/ 10 KB
4 KB 614ms
190ms Document
text/html 2a02:4780:13:1408:0:3992:3113:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://consignadodobem.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:13:1408:0:3992:3113:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed / PHP/8.1.27

Resource Hash

61191c03ed92a40bcd0c72abe56c3be8ccd599a73438e1fcd7f09431da160772

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Thu, 11 Apr 2024 03:51:38 GMT
platform: hostinger
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/8.1.27

GET
H2 200 index.css
consignadodobem.online/assets/index_files/css/ 3 KB
1 KB 147ms
144ms Stylesheet
text/css 2a02:4780:13:1408:0:3992:3113:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://consignadodobem.online/assets/index_files/css/index.css

Requested by

Host: consignadodobem.online
URL: https://consignadodobem.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:13:1408:0:3992:3113:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

df22f350b3aa8616d1717e2125575073d29ac5ed8886139b855a08ec8c657300

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://consignadodobem.online/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 03:51:38 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 10 Apr 2024 21:49:58 GMT
server: LiteSpeed
etag: "ba7-66170986-9253e3ba93dd2f44;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 900
expires: Thu, 18 Apr 2024 03:51:38 GMT

GET
H2 200 bootstrap.min.css
consignadodobem.online/assets/index_files/css/ 227 KB
27 KB 147ms
144ms Stylesheet
text/css 2a02:4780:13:1408:0:3992:3113:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://consignadodobem.online/assets/index_files/css/bootstrap.min.css

Requested by

Host: consignadodobem.online
URL: https://consignadodobem.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:13:1408:0:3992:3113:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

16ee7f3d53462650bbd32e263c48c0ea759574fcf620c681ad719008912c461a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://consignadodobem.online/
Origin: https://consignadodobem.online
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 03:51:38 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 10 Apr 2024 21:49:58 GMT
server: LiteSpeed
etag: "38cf3-66170986-610d9b87103fe17c;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 27179
expires: Thu, 18 Apr 2024 03:51:38 GMT

GET
H2 200 all.min.css
consignadodobem.online/assets/index_files/css/ 100 KB
21 KB 289ms
287ms Stylesheet
text/css 2a02:4780:13:1408:0:3992:3113:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://consignadodobem.online/assets/index_files/css/all.min.css

Requested by

Host: consignadodobem.online
URL: https://consignadodobem.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:13:1408:0:3992:3113:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

4785b6972fb2353f0b4e7bb64ff081d2f3cbbfc555de4132b41cd9fb2faef104

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Origin: https://consignadodobem.online
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 03:51:38 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 10 Apr 2024 21:49:58 GMT
server: LiteSpeed
etag: "18e4d-66170986-58f81a7007bba6af;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 21555
expires: Thu, 18 Apr 2024 03:51:38 GMT

GET
H2 200 sweetalert2.min.css
consignadodobem.online/assets/index_files/css/ 22 KB
4 KB 428ms
426ms Stylesheet
text/css 2a02:4780:13:1408:0:3992:3113:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://consignadodobem.online/assets/index_files/css/sweetalert2.min.css

Requested by

Host: consignadodobem.online
URL: https://consignadodobem.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:13:1408:0:3992:3113:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

b594b8d833ee6135c84734924c94bd83028fbfcfa98256c17cdb4950dbddc96e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://consignadodobem.online/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 03:51:38 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 10 Apr 2024 21:49:58 GMT
server: LiteSpeed
etag: "58a2-66170986-4e70a3ca03aa13f8;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 3896
expires: Thu, 18 Apr 2024 03:51:38 GMT

GET
H2 200 aux_brasil.png
consignadodobem.online/assets/index_files/images/ 24 KB
24 KB 428ms
427ms Image
image/png 2a02:4780:13:1408:0:3992:3113:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consignadodobem.online/assets/index_files/images/aux_brasil.png

Requested by

Host: consignadodobem.online
URL: https://consignadodobem.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:13:1408:0:3992:3113:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

714c76b566247379dbb72bc485b762433a0c5a19277f538bbb0daab84db031f7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://consignadodobem.online/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 03:51:38 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 10 Apr 2024 21:49:58 GMT
server: LiteSpeed
etag: "6157-66170986-e13f3143d5b3c751;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 24919
expires: Thu, 18 Apr 2024 03:51:38 GMT

GET
H2 200 bolsa_familia_logo.png
consignadodobem.online/assets/index_files/images/ 18 KB
18 KB 428ms
427ms Image
image/png 2a02:4780:13:1408:0:3992:3113:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consignadodobem.online/assets/index_files/images/bolsa_familia_logo.png

Requested by

Host: consignadodobem.online
URL: https://consignadodobem.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:13:1408:0:3992:3113:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

c547741d4973888d9f430629a7c626a0dc36515ef33c7b4c8bc86a73a3360160

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://consignadodobem.online/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 03:51:38 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 10 Apr 2024 21:49:58 GMT
server: LiteSpeed
etag: "47fd-66170986-c64c8e5e61a23d75;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 18429
expires: Thu, 18 Apr 2024 03:51:38 GMT

GET
H2 200 8638314_whatsapp_compress.png
consignadodobem.online/assets/index_files/images/ 4 MB
4 MB 544ms
541ms Image
image/png 2a02:4780:13:1408:0:3992:3113:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consignadodobem.online/assets/index_files/images/8638314_whatsapp_compress.png

Requested by

Host: consignadodobem.online
URL: https://consignadodobem.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:13:1408:0:3992:3113:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

5edac30d081073096f7d5b8e7c14841e1fc25e1488378985d058e89056943432

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://consignadodobem.online/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 03:51:39 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 10 Apr 2024 21:49:58 GMT
server: LiteSpeed
etag: "3f4b33-66170986-935c56a4a92d3276;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 4148019
expires: Thu, 18 Apr 2024 03:51:39 GMT

GET
H2 200 tutorial_1.png
consignadodobem.online/assets/index_files/images/ 210 KB
210 KB 544ms
541ms Image
image/png 2a02:4780:13:1408:0:3992:3113:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consignadodobem.online/assets/index_files/images/tutorial_1.png

Requested by

Host: consignadodobem.online
URL: https://consignadodobem.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:13:1408:0:3992:3113:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

af3b21fef32af9e224f88c344c2a09554c5c5041e5a62f0dff96806ce8906995

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://consignadodobem.online/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 03:51:39 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 10 Apr 2024 21:49:58 GMT
server: LiteSpeed
etag: "347d7-66170986-f3f924f72a1b962c;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 214999
expires: Thu, 18 Apr 2024 03:51:39 GMT

GET
H2 200 x-volume-positiva-54-v2.png
consignadodobem.online/assets/index_files/images/ 1 KB
1 KB 544ms
542ms Image
image/png 2a02:4780:13:1408:0:3992:3113:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consignadodobem.online/assets/index_files/images/x-volume-positiva-54-v2.png

Requested by

Host: consignadodobem.online
URL: https://consignadodobem.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:13:1408:0:3992:3113:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

311f1ab2729014aa567869f260192aa0de9283534efa405bd36d1b8d8f235270

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://consignadodobem.online/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 03:51:39 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 10 Apr 2024 21:49:58 GMT
server: LiteSpeed
etag: "4a4-66170986-30f4e4151ecf357a;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 1188
expires: Thu, 18 Apr 2024 03:51:39 GMT

GET
H2 200 ic-acesso-informacao-54-v2.png
consignadodobem.online/assets/index_files/images/ 2 KB
2 KB 406ms
404ms Image
image/png 2a02:4780:13:1408:0:3992:3113:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consignadodobem.online/assets/index_files/images/ic-acesso-informacao-54-v2.png

Requested by

Host: consignadodobem.online
URL: https://consignadodobem.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:13:1408:0:3992:3113:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

8651eae74447f591887264b3e8d5407f67475149f8ef903840449e10f5e35604

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://consignadodobem.online/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 03:51:38 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 10 Apr 2024 21:49:58 GMT
server: LiteSpeed
etag: "6ea-66170986-3b1ce9471741f08a;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 1770
expires: Thu, 18 Apr 2024 03:51:38 GMT

GET
H2 200 sweetalert2.min.js Show response
consignadodobem.online/assets/index_files/js/ 40 KB
13 KB 544ms
542ms Script
application/x-javascript 2a02:4780:13:1408:0:3992:3113:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://consignadodobem.online/assets/index_files/js/sweetalert2.min.js

Requested by

Host: consignadodobem.online
URL: https://consignadodobem.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:13:1408:0:3992:3113:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

254035f46a1e99ce2bb3c0bf1a19658809e8351e2a9d5f7ebc57193ee0a4cbf0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://consignadodobem.online/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 03:51:39 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 10 Apr 2024 21:49:58 GMT
server: LiteSpeed
etag: "a179-66170986-f39182f8a93e4aea;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 12763
expires: Thu, 18 Apr 2024 03:51:39 GMT

GET
H2 200 bootstrap.bundle.min.js Show response
consignadodobem.online/assets/index_files/js/ 79 KB
22 KB 545ms
543ms Script
application/x-javascript 2a02:4780:13:1408:0:3992:3113:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://consignadodobem.online/assets/index_files/js/bootstrap.bundle.min.js

Requested by

Host: consignadodobem.online
URL: https://consignadodobem.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:13:1408:0:3992:3113:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

a23bc241647e57f561aef14b09c3e9c6ea14caf2358278cc725eeb179b303ea3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://consignadodobem.online/
Origin: https://consignadodobem.online
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 03:51:39 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 10 Apr 2024 21:49:58 GMT
server: LiteSpeed
etag: "13b4d-66170986-dca64acc9ed4087;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 22397
expires: Thu, 18 Apr 2024 03:51:39 GMT

GET
H3 200 fa-solid-900.woff2
consignadodobem.online/assets/index_files/fonts/ 147 KB
147 KB 189ms
187ms Font
font/woff2 89.116.115.138
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://consignadodobem.online/assets/index_files/fonts/fa-solid-900.woff2

Requested by

Host: consignadodobem.online
URL: https://consignadodobem.online/assets/index_files/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

89.116.115.138 , Lithuania, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

7152a6933ee3d690ec2af3d09da9d701723d16aa3410a6d80f28ff8866f3b880

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://consignadodobem.online/assets/index_files/css/all.min.css
Origin: https://consignadodobem.online
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 03:51:39 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 10 Apr 2024 21:49:58 GMT
server: LiteSpeed
etag: "24a6c-66170986-9fb51e3d1b2e1336;;;"
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 150124
expires: Thu, 18 Apr 2024 03:51:39 GMT

GET
H3 200 fa-brands-400.woff2
consignadodobem.online/assets/index_files/fonts/ 105 KB
106 KB 185ms
185ms Font
font/woff2 89.116.115.138
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://consignadodobem.online/assets/index_files/fonts/fa-brands-400.woff2

Requested by

Host: consignadodobem.online
URL: https://consignadodobem.online/assets/index_files/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

89.116.115.138 , Lithuania, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

748332090c4b8e20f95d0ff59f0be20fa9c889359d3b36d4b886d73376054207

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://consignadodobem.online/assets/index_files/css/all.min.css
Origin: https://consignadodobem.online
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 03:51:39 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 10 Apr 2024 21:49:58 GMT
server: LiteSpeed
etag: "1a5f4-66170986-3cb588b4239a40e9;;;"
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 108020
expires: Thu, 18 Apr 2024 03:51:39 GMT

GET
H3 200 caixa_tem.png
consignadodobem.online/assets/index_files/images/ 9 KB
9 KB 137ms
137ms Other
image/png 89.116.115.138
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://consignadodobem.online/assets/index_files/images/caixa_tem.png

Protocol

Security

QUIC, , AES_128_GCM

Server

89.116.115.138 , Lithuania, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

5ba7b24088ced5ffe836b6ccb3256a298ae314fa39370d81660f900617f3519a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://consignadodobem.online/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 03:51:40 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 10 Apr 2024 21:49:58 GMT
server: LiteSpeed
etag: "2471-66170986-4a46cf4241514a61;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 9329
expires: Thu, 18 Apr 2024 03:51:40 GMT

GET
H3 200 script.js Show response
userstatics.com/get/ 133 B
634 B 281ms
225ms Script
text/html 104.21.53.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userstatics.com/get/script.js?referrer=https://consignadodobem.online/
Requested by: Host: consignadodobem.online
URL: https://consignadodobem.online/assets/index_files/js/bootstrap.bundle.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.53.38 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.2.1
Resource Hash: df9690fea031319de38a437cb6d393026c4aae70642ed394c4254ed64f035b26

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://consignadodobem.online/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 03:51:40 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/8.2.1
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: text/html; charset=utf-8
access-control-allow-origin: https://consignadodobem.online
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oRDbfCXVeMs%2BO1WxsEK2Ulace1D7bYha8FJwOnk3jila%2FQg49nfzO8ChvV14c9xxPyerKxC2W9cNmnp075pTRbl%2BcQaOhXHitPDd8wN3Ll%2F8bTbkqMjfWauLPnnK77umANg%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 872804ff48943a00-YYZ
access-control-allow-headers: X-Requested-With,content-type
alt-svc: h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Caixa (Government)

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

consignadodobem.online
userstatics.com
104.21.53.38
2a02:4780:13:1408:0:3992:3113:2
89.116.115.138
16ee7f3d53462650bbd32e263c48c0ea759574fcf620c681ad719008912c461a
254035f46a1e99ce2bb3c0bf1a19658809e8351e2a9d5f7ebc57193ee0a4cbf0
311f1ab2729014aa567869f260192aa0de9283534efa405bd36d1b8d8f235270
4785b6972fb2353f0b4e7bb64ff081d2f3cbbfc555de4132b41cd9fb2faef104
5ba7b24088ced5ffe836b6ccb3256a298ae314fa39370d81660f900617f3519a
5edac30d081073096f7d5b8e7c14841e1fc25e1488378985d058e89056943432
61191c03ed92a40bcd0c72abe56c3be8ccd599a73438e1fcd7f09431da160772
714c76b566247379dbb72bc485b762433a0c5a19277f538bbb0daab84db031f7
7152a6933ee3d690ec2af3d09da9d701723d16aa3410a6d80f28ff8866f3b880
748332090c4b8e20f95d0ff59f0be20fa9c889359d3b36d4b886d73376054207
8651eae74447f591887264b3e8d5407f67475149f8ef903840449e10f5e35604
a23bc241647e57f561aef14b09c3e9c6ea14caf2358278cc725eeb179b303ea3
af3b21fef32af9e224f88c344c2a09554c5c5041e5a62f0dff96806ce8906995
b594b8d833ee6135c84734924c94bd83028fbfcfa98256c17cdb4950dbddc96e
c547741d4973888d9f430629a7c626a0dc36515ef33c7b4c8bc86a73a3360160
df22f350b3aa8616d1717e2125575073d29ac5ed8886139b855a08ec8c657300
df9690fea031319de38a437cb6d393026c4aae70642ed394c4254ed64f035b26

consignadodobem.online Open in urlscan Pro 2a02:4780:13:1408:0:3992:3113:2 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

17 Requests

100 %HTTPS

33 %IPv6

2 Domains

2 Subdomains

3 IPs

3 Countries

4662 kBTransfer

5049 kBSize

0 Cookies

0 Outgoing links

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

9 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

consignadodobem.online Open in urlscan Pro
2a02:4780:13:1408:0:3992:3113:2 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

100 %
HTTPS

33 %
IPv6

2
Domains

2
Subdomains

3
IPs

3
Countries

4662 kB
Transfer

5049 kB
Size

0
Cookies

17 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!