141.118.125.34.bc.googleusercontent.com Open in urlscan Pro
34.125.118.141 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://141.118.125.34.bc.googleusercontent.com/caixa/appWeb/desktop/v2/user/?auth=20ZeBWaN9VTh0YT3Ibg6mWKCOPvU0dBrEyPhR1g8Mzl40O4AuJKMzrpDxaqY5...
Submission: On October 17 via manual (October 17th 2021, 11:22:19 am UTC) from BR — Scanned from DE

Summary HTTP 11 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 11 HTTP transactions. The main IP is 34.125.118.141, located in Las Vegas, United States and belongs to GOOGLE, US. The main domain is 141.118.125.34.bc.googleusercontent.com.

This is the only time 141.118.125.34.bc.googleusercontent.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Caixa (Government)

Domain & IP information

	IP Address		AS Autonomous System
11	34.125.118.141 34.125.118.141		15169 (GOOGLE) (GOOGLE)
11	1

11 34.125.118.141 (Las Vegas, United States)

ASN15169 (GOOGLE, US)
PTR: 141.118.125.34.bc.googleusercontent.com

141.118.125.34.bc.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	googleusercontent.com 141.118.125.34.bc.googleusercontent.com	246 KB
11	1

	Domain	Requested by
11	141.118.125.34.bc.googleusercontent.com	141.118.125.34.bc.googleusercontent.com
11	1

This site contains links to these domains. Also see Links.

Domain
www.caixa.gov.br
internetbanking.caixa.gov.br

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://141.118.125.34.bc.googleusercontent.com/caixa/appWeb/desktop/v2/user/?auth=20ZeBWaN9VTh0YT3Ibg6mWKCOPvU0dBrEyPhR1g8Mzl40O4AuJKMzrpDxaqY5bdvShw97XcPnMDzEldnRShkM
Frame ID: 0EFF1DA8357DBD5E028EFAC022AC5AA6
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Internet___BanK:ing--- ....____CaI...XA

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

11
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

246 kB
Transfer

554 kB
Size

1
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: http://www.caixa.gov.br/atendimento/internet-banking/perguntas-frequentes/Paginas/default.aspx
Title: clique aqui

Search URL Search Domain Scan URL

URL: http://www.caixa.gov.br/seguranca/Paginas/default.aspx
Title: Segurança

Search URL Search Domain Scan URL

URL: http://www.caixa.gov.br/atendimento/Paginas/default.aspx
Title: .

Search URL Search Domain Scan URL

URL: http://www.caixa.gov.br/atendimento/internet-banking/Paginas/default.aspx
Title: .

Search URL Search Domain Scan URL

URL: https://internetbanking.caixa.gov.br/statics-core/pdf/contrato.pdf
Title: .

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set / Show response 141.118.125.34.bc.googleusercontent.com/caixa/appWeb/desktop/v2/user/	11 KB 4 KB	370ms 182ms	Document text/html	34.125.118.141 GOOGLE
General Check archive.org Show headers Download Go to Full URL http://141.118.125.34.bc.googleusercontent.com/caixa/appWeb/desktop/v2/user/?auth=20ZeBWaN9VTh0YT3Ibg6mWKCOPvU0dBrEyPhR1g8Mzl40O4AuJKMzrpDxaqY5bdvShw97XcPnMDzEldnRShkM Protocol HTTP/1.1 Server 34.125.118.141 Las Vegas, United States, ASN15169 (GOOGLE, US), Reverse DNS 141.118.125.34.bc.googleusercontent.com Software Apache/2.4.29 (Ubuntu) / Resource Hash `2ae3761a1b279402320aa1a25a8f12caf4ac30d293c65b1a5e27d853b81b1c40` Request headers Host 141.118.125.34.bc.googleusercontent.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Date Sun, 17 Oct 2021 11:22:15 GMT Server Apache/2.4.29 (Ubuntu) Set-Cookie PHPSESSID=uksp3t2uo3vm99qc531jh847no; path=/ Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate Pragma no-cache Vary Accept-Encoding Content-Encoding gzip Content-Length 3271 Keep-Alive timeout=5, max=100 Connection Keep-Alive Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	bootstrap.min.css 141.118.125.34.bc.googleusercontent.com/caixa/public/_css/	152 KB 23 KB	165ms 164ms	Stylesheet text/css	34.125.118.141 GOOGLE
General Check archive.org Show headers Download Go to Full URL http://141.118.125.34.bc.googleusercontent.com/caixa/public/_css/bootstrap.min.css Requested by Host: 141.118.125.34.bc.googleusercontent.com URL: http://141.118.125.34.bc.googleusercontent.com/caixa/appWeb/desktop/v2/user/?auth=20ZeBWaN9VTh0YT3Ibg6mWKCOPvU0dBrEyPhR1g8Mzl40O4AuJKMzrpDxaqY5bdvShw97XcPnMDzEldnRShkM Protocol HTTP/1.1 Server 34.125.118.141 Las Vegas, United States, ASN15169 (GOOGLE, US), Reverse DNS 141.118.125.34.bc.googleusercontent.com Software Apache/2.4.29 (Ubuntu) / Resource Hash `60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host 141.118.125.34.bc.googleusercontent.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept text/css,/;q=0.1 Referer http://141.118.125.34.bc.googleusercontent.com/caixa/appWeb/desktop/v2/user/?auth=20ZeBWaN9VTh0YT3Ibg6mWKCOPvU0dBrEyPhR1g8Mzl40O4AuJKMzrpDxaqY5bdvShw97XcPnMDzEldnRShkM Cookie PHPSESSID=uksp3t2uo3vm99qc531jh847no Connection keep-alive Cache-Control no-cache Accept-Language de-DE,de;q=0.9 Referer http://141.118.125.34.bc.googleusercontent.com/caixa/appWeb/desktop/v2/user/?auth=20ZeBWaN9VTh0YT3Ibg6mWKCOPvU0dBrEyPhR1g8Mzl40O4AuJKMzrpDxaqY5bdvShw97XcPnMDzEldnRShkM User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Sun, 17 Oct 2021 11:22:15 GMT Content-Encoding gzip Last-Modified Wed, 13 Feb 2019 16:01:40 GMT Server Apache/2.4.29 (Ubuntu) ETag "2606e-581c8a843a100-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 23238
GET H/1.1	200 OK	style.page.desktop.css 141.118.125.34.bc.googleusercontent.com/caixa/public/_css/	13 KB 3 KB	313ms 157ms	Stylesheet text/css	34.125.118.141 GOOGLE
General Check archive.org Show headers Download Go to Full URL http://141.118.125.34.bc.googleusercontent.com/caixa/public/_css/style.page.desktop.css Requested by Host: 141.118.125.34.bc.googleusercontent.com URL: http://141.118.125.34.bc.googleusercontent.com/caixa/appWeb/desktop/v2/user/?auth=20ZeBWaN9VTh0YT3Ibg6mWKCOPvU0dBrEyPhR1g8Mzl40O4AuJKMzrpDxaqY5bdvShw97XcPnMDzEldnRShkM Protocol HTTP/1.1 Server 34.125.118.141 Las Vegas, United States, ASN15169 (GOOGLE, US), Reverse DNS 141.118.125.34.bc.googleusercontent.com Software Apache/2.4.29 (Ubuntu) / Resource Hash `22e75377574177d549958caec7e3b2d850674a8a7a2905ef4af2d6b71f0741d5` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host 141.118.125.34.bc.googleusercontent.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept text/css,/;q=0.1 Referer http://141.118.125.34.bc.googleusercontent.com/caixa/appWeb/desktop/v2/user/?auth=20ZeBWaN9VTh0YT3Ibg6mWKCOPvU0dBrEyPhR1g8Mzl40O4AuJKMzrpDxaqY5bdvShw97XcPnMDzEldnRShkM Cookie PHPSESSID=uksp3t2uo3vm99qc531jh847no Connection keep-alive Cache-Control no-cache Accept-Language de-DE,de;q=0.9 Referer http://141.118.125.34.bc.googleusercontent.com/caixa/appWeb/desktop/v2/user/?auth=20ZeBWaN9VTh0YT3Ibg6mWKCOPvU0dBrEyPhR1g8Mzl40O4AuJKMzrpDxaqY5bdvShw97XcPnMDzEldnRShkM User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Sun, 17 Oct 2021 11:22:15 GMT Content-Encoding gzip Last-Modified Sat, 09 Oct 2021 14:44:54 GMT Server Apache/2.4.29 (Ubuntu) ETag "32d3-5cdec89f40580-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 2686
GET H/1.1	200 OK	jquery-3.2.1.min.js Show response 141.118.125.34.bc.googleusercontent.com/caixa/public/_js/	85 KB 30 KB	319ms 162ms	Script application/javascript	34.125.118.141 GOOGLE
General Check archive.org Show headers Download Go to Full URL http://141.118.125.34.bc.googleusercontent.com/caixa/public/_js/jquery-3.2.1.min.js Requested by Host: 141.118.125.34.bc.googleusercontent.com URL: http://141.118.125.34.bc.googleusercontent.com/caixa/appWeb/desktop/v2/user/?auth=20ZeBWaN9VTh0YT3Ibg6mWKCOPvU0dBrEyPhR1g8Mzl40O4AuJKMzrpDxaqY5bdvShw97XcPnMDzEldnRShkM Protocol HTTP/1.1 Server 34.125.118.141 Las Vegas, United States, ASN15169 (GOOGLE, US), Reverse DNS 141.118.125.34.bc.googleusercontent.com Software Apache/2.4.29 (Ubuntu) / Resource Hash `87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host 141.118.125.34.bc.googleusercontent.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept / Referer http://141.118.125.34.bc.googleusercontent.com/caixa/appWeb/desktop/v2/user/?auth=20ZeBWaN9VTh0YT3Ibg6mWKCOPvU0dBrEyPhR1g8Mzl40O4AuJKMzrpDxaqY5bdvShw97XcPnMDzEldnRShkM Cookie PHPSESSID=uksp3t2uo3vm99qc531jh847no Connection keep-alive Cache-Control no-cache Accept-Language de-DE,de;q=0.9 Referer http://141.118.125.34.bc.googleusercontent.com/caixa/appWeb/desktop/v2/user/?auth=20ZeBWaN9VTh0YT3Ibg6mWKCOPvU0dBrEyPhR1g8Mzl40O4AuJKMzrpDxaqY5bdvShw97XcPnMDzEldnRShkM User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Sun, 17 Oct 2021 11:22:15 GMT Content-Encoding gzip Last-Modified Sun, 29 Oct 2017 21:22:36 GMT Server Apache/2.4.29 (Ubuntu) ETag "15283-55cb61ee9df00-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 30138
GET H/1.1	200 OK	jquery.mask.min.js Show response 141.118.125.34.bc.googleusercontent.com/caixa/public/_js/	5 KB 2 KB	319ms 160ms	Script application/javascript	34.125.118.141 GOOGLE
General Check archive.org Show headers Download Go to Full URL http://141.118.125.34.bc.googleusercontent.com/caixa/public/_js/jquery.mask.min.js Requested by Host: 141.118.125.34.bc.googleusercontent.com URL: http://141.118.125.34.bc.googleusercontent.com/caixa/appWeb/desktop/v2/user/?auth=20ZeBWaN9VTh0YT3Ibg6mWKCOPvU0dBrEyPhR1g8Mzl40O4AuJKMzrpDxaqY5bdvShw97XcPnMDzEldnRShkM Protocol HTTP/1.1 Server 34.125.118.141 Las Vegas, United States, ASN15169 (GOOGLE, US), Reverse DNS 141.118.125.34.bc.googleusercontent.com Software Apache/2.4.29 (Ubuntu) / Resource Hash `f830833b6661d5fb63e23d3d245e91edc7c52aa547ca19eca7c91c7570483975` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host 141.118.125.34.bc.googleusercontent.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept / Referer http://141.118.125.34.bc.googleusercontent.com/caixa/appWeb/desktop/v2/user/?auth=20ZeBWaN9VTh0YT3Ibg6mWKCOPvU0dBrEyPhR1g8Mzl40O4AuJKMzrpDxaqY5bdvShw97XcPnMDzEldnRShkM Cookie PHPSESSID=uksp3t2uo3vm99qc531jh847no Connection keep-alive Cache-Control no-cache Accept-Language de-DE,de;q=0.9 Referer http://141.118.125.34.bc.googleusercontent.com/caixa/appWeb/desktop/v2/user/?auth=20ZeBWaN9VTh0YT3Ibg6mWKCOPvU0dBrEyPhR1g8Mzl40O4AuJKMzrpDxaqY5bdvShw97XcPnMDzEldnRShkM User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Sun, 17 Oct 2021 11:22:15 GMT Content-Encoding gzip Last-Modified Wed, 10 Sep 2014 20:31:34 GMT Server Apache/2.4.29 (Ubuntu) ETag "12fc-502bbf01b1580-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 2158
GET H/1.1	200 OK	bootstrap.js Show response 141.118.125.34.bc.googleusercontent.com/caixa/public/_js/	129 KB 25 KB	325ms 165ms	Script application/javascript	34.125.118.141 GOOGLE
General Check archive.org Show headers Download Go to Full URL http://141.118.125.34.bc.googleusercontent.com/caixa/public/_js/bootstrap.js Requested by Host: 141.118.125.34.bc.googleusercontent.com URL: http://141.118.125.34.bc.googleusercontent.com/caixa/appWeb/desktop/v2/user/?auth=20ZeBWaN9VTh0YT3Ibg6mWKCOPvU0dBrEyPhR1g8Mzl40O4AuJKMzrpDxaqY5bdvShw97XcPnMDzEldnRShkM Protocol HTTP/1.1 Server 34.125.118.141 Las Vegas, United States, ASN15169 (GOOGLE, US), Reverse DNS 141.118.125.34.bc.googleusercontent.com Software Apache/2.4.29 (Ubuntu) / Resource Hash `a65d5b4abb65aad37f302c96f1751362e2422a8869f7f889112556d77e384813` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host 141.118.125.34.bc.googleusercontent.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept / Referer http://141.118.125.34.bc.googleusercontent.com/caixa/appWeb/desktop/v2/user/?auth=20ZeBWaN9VTh0YT3Ibg6mWKCOPvU0dBrEyPhR1g8Mzl40O4AuJKMzrpDxaqY5bdvShw97XcPnMDzEldnRShkM Cookie PHPSESSID=uksp3t2uo3vm99qc531jh847no Connection keep-alive Cache-Control no-cache Accept-Language de-DE,de;q=0.9 Referer http://141.118.125.34.bc.googleusercontent.com/caixa/appWeb/desktop/v2/user/?auth=20ZeBWaN9VTh0YT3Ibg6mWKCOPvU0dBrEyPhR1g8Mzl40O4AuJKMzrpDxaqY5bdvShw97XcPnMDzEldnRShkM User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Sun, 17 Oct 2021 11:22:15 GMT Content-Encoding gzip Last-Modified Wed, 13 Feb 2019 16:01:40 GMT Server Apache/2.4.29 (Ubuntu) ETag "20235-581c8a843a100-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 25068
GET H/1.1	200 OK	base.js Show response 141.118.125.34.bc.googleusercontent.com/caixa/public/_js/	2 KB 1 KB	319ms 159ms	Script application/javascript	34.125.118.141 GOOGLE
General Check archive.org Show headers Download Go to Full URL http://141.118.125.34.bc.googleusercontent.com/caixa/public/_js/base.js Requested by Host: 141.118.125.34.bc.googleusercontent.com URL: http://141.118.125.34.bc.googleusercontent.com/caixa/appWeb/desktop/v2/user/?auth=20ZeBWaN9VTh0YT3Ibg6mWKCOPvU0dBrEyPhR1g8Mzl40O4AuJKMzrpDxaqY5bdvShw97XcPnMDzEldnRShkM Protocol HTTP/1.1 Server 34.125.118.141 Las Vegas, United States, ASN15169 (GOOGLE, US), Reverse DNS 141.118.125.34.bc.googleusercontent.com Software Apache/2.4.29 (Ubuntu) / Resource Hash `d112295f181df48d42c33c339f347c848d7ecf77d2ff74bbc1951176593d0b06` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host 141.118.125.34.bc.googleusercontent.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept / Referer http://141.118.125.34.bc.googleusercontent.com/caixa/appWeb/desktop/v2/user/?auth=20ZeBWaN9VTh0YT3Ibg6mWKCOPvU0dBrEyPhR1g8Mzl40O4AuJKMzrpDxaqY5bdvShw97XcPnMDzEldnRShkM Cookie PHPSESSID=uksp3t2uo3vm99qc531jh847no Connection keep-alive Cache-Control no-cache Accept-Language de-DE,de;q=0.9 Referer http://141.118.125.34.bc.googleusercontent.com/caixa/appWeb/desktop/v2/user/?auth=20ZeBWaN9VTh0YT3Ibg6mWKCOPvU0dBrEyPhR1g8Mzl40O4AuJKMzrpDxaqY5bdvShw97XcPnMDzEldnRShkM User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Sun, 17 Oct 2021 11:22:15 GMT Content-Encoding gzip Last-Modified Tue, 16 Oct 2018 15:06:58 GMT Server Apache/2.4.29 (Ubuntu) ETag "7f0-57859e7af4880-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 825
GET H/1.1	200 OK	page.user-desktop.js Show response 141.118.125.34.bc.googleusercontent.com/caixa/public/_js/	366 B 599 B	469ms 156ms	Script application/javascript	34.125.118.141 GOOGLE
General Check archive.org Show headers Download Go to Full URL http://141.118.125.34.bc.googleusercontent.com/caixa/public/_js/page.user-desktop.js Requested by Host: 141.118.125.34.bc.googleusercontent.com URL: http://141.118.125.34.bc.googleusercontent.com/caixa/appWeb/desktop/v2/user/?auth=20ZeBWaN9VTh0YT3Ibg6mWKCOPvU0dBrEyPhR1g8Mzl40O4AuJKMzrpDxaqY5bdvShw97XcPnMDzEldnRShkM Protocol HTTP/1.1 Server 34.125.118.141 Las Vegas, United States, ASN15169 (GOOGLE, US), Reverse DNS 141.118.125.34.bc.googleusercontent.com Software Apache/2.4.29 (Ubuntu) / Resource Hash `53b27b95cb05bf98e98c704496cc7403a7e8083c837b006c8730fd74f287aab8` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host 141.118.125.34.bc.googleusercontent.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept / Referer http://141.118.125.34.bc.googleusercontent.com/caixa/appWeb/desktop/v2/user/?auth=20ZeBWaN9VTh0YT3Ibg6mWKCOPvU0dBrEyPhR1g8Mzl40O4AuJKMzrpDxaqY5bdvShw97XcPnMDzEldnRShkM Cookie PHPSESSID=uksp3t2uo3vm99qc531jh847no Connection keep-alive Cache-Control no-cache Accept-Language de-DE,de;q=0.9 Referer http://141.118.125.34.bc.googleusercontent.com/caixa/appWeb/desktop/v2/user/?auth=20ZeBWaN9VTh0YT3Ibg6mWKCOPvU0dBrEyPhR1g8Mzl40O4AuJKMzrpDxaqY5bdvShw97XcPnMDzEldnRShkM User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Sun, 17 Oct 2021 11:22:15 GMT Content-Encoding gzip Last-Modified Sat, 09 Oct 2021 13:27:06 GMT Server Apache/2.4.29 (Ubuntu) ETag "16e-5cdeb73b7fe80-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 250
GET H/1.1	200 OK	mk-loading.gif 141.118.125.34.bc.googleusercontent.com/caixa/public/_img/	35 KB 35 KB	160ms 159ms	Image image/gif	34.125.118.141 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL http://141.118.125.34.bc.googleusercontent.com/caixa/public/_img/mk-loading.gif Requested by Host: 141.118.125.34.bc.googleusercontent.com URL: http://141.118.125.34.bc.googleusercontent.com/caixa/public/_css/style.page.desktop.css Protocol HTTP/1.1 Server 34.125.118.141 Las Vegas, United States, ASN15169 (GOOGLE, US), Reverse DNS 141.118.125.34.bc.googleusercontent.com Software Apache/2.4.29 (Ubuntu) / Resource Hash `b28604c7e478ef48a7c1f3554e64d72aa69438a9ec15cea40e1cd661dc74f432` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host 141.118.125.34.bc.googleusercontent.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 Referer* http://141.118.125.34.bc.googleusercontent.com/caixa/public/_css/style.page.desktop.css Cookie PHPSESSID=uksp3t2uo3vm99qc531jh847no Connection keep-alive Cache-Control no-cache Accept-Language de-DE,de;q=0.9 Referer http://141.118.125.34.bc.googleusercontent.com/caixa/public/_css/style.page.desktop.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Sun, 17 Oct 2021 11:22:15 GMT Last-Modified Sat, 09 Oct 2021 13:21:35 GMT Server Apache/2.4.29 (Ubuntu) ETag "8a91-5cdeb5ffd55c0" Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 35473
GET H/1.1	200 OK	sprites.png 141.118.125.34.bc.googleusercontent.com/caixa/public/_img/	80 KB 80 KB	159ms 159ms	Image image/png	34.125.118.141 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL http://141.118.125.34.bc.googleusercontent.com/caixa/public/_img/sprites.png Requested by Host: 141.118.125.34.bc.googleusercontent.com URL: http://141.118.125.34.bc.googleusercontent.com/caixa/public/_css/style.page.desktop.css Protocol HTTP/1.1 Server 34.125.118.141 Las Vegas, United States, ASN15169 (GOOGLE, US), Reverse DNS 141.118.125.34.bc.googleusercontent.com Software Apache/2.4.29 (Ubuntu) / Resource Hash `b07f3473f3a889798a93b7b02c3b9399d4814e82765b988aa54edb93f4d5f2c5` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host 141.118.125.34.bc.googleusercontent.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 Referer* http://141.118.125.34.bc.googleusercontent.com/caixa/public/_css/style.page.desktop.css Cookie PHPSESSID=uksp3t2uo3vm99qc531jh847no Connection keep-alive Cache-Control no-cache Accept-Language de-DE,de;q=0.9 Referer http://141.118.125.34.bc.googleusercontent.com/caixa/public/_css/style.page.desktop.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Sun, 17 Oct 2021 11:22:15 GMT Last-Modified Sat, 09 Oct 2021 01:42:09 GMT Server Apache/2.4.29 (Ubuntu) ETag "13ea0-5cde19a9efe40" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 81568
GET H/1.1	200 OK	mk-background-login.jpg 141.118.125.34.bc.googleusercontent.com/caixa/public/_img/	43 KB 43 KB	159ms 158ms	Image image/jpeg	34.125.118.141 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL http://141.118.125.34.bc.googleusercontent.com/caixa/public/_img/mk-background-login.jpg Requested by Host: 141.118.125.34.bc.googleusercontent.com URL: http://141.118.125.34.bc.googleusercontent.com/caixa/appWeb/desktop/v2/user/?auth=20ZeBWaN9VTh0YT3Ibg6mWKCOPvU0dBrEyPhR1g8Mzl40O4AuJKMzrpDxaqY5bdvShw97XcPnMDzEldnRShkM Protocol HTTP/1.1 Server 34.125.118.141 Las Vegas, United States, ASN15169 (GOOGLE, US), Reverse DNS 141.118.125.34.bc.googleusercontent.com Software Apache/2.4.29 (Ubuntu) / Resource Hash `e746c6c794e5e5fd6a63b81b941dc6a11a80df25354592c502c163ceb705baeb` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host 141.118.125.34.bc.googleusercontent.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 Referer* http://141.118.125.34.bc.googleusercontent.com/caixa/appWeb/desktop/v2/user/?auth=20ZeBWaN9VTh0YT3Ibg6mWKCOPvU0dBrEyPhR1g8Mzl40O4AuJKMzrpDxaqY5bdvShw97XcPnMDzEldnRShkM Cookie PHPSESSID=uksp3t2uo3vm99qc531jh847no Connection keep-alive Cache-Control no-cache Accept-Language de-DE,de;q=0.9 Referer http://141.118.125.34.bc.googleusercontent.com/caixa/appWeb/desktop/v2/user/?auth=20ZeBWaN9VTh0YT3Ibg6mWKCOPvU0dBrEyPhR1g8Mzl40O4AuJKMzrpDxaqY5bdvShw97XcPnMDzEldnRShkM User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Sun, 17 Oct 2021 11:22:15 GMT Last-Modified Sat, 09 Oct 2021 01:57:30 GMT Server Apache/2.4.29 (Ubuntu) ETag "aaa1-5cde1d1845680" Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 43681

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Caixa (Government)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			141.118.125.34.bc.googleusercontent.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: uksp3t2uo3vm99qc531jh847no

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

141.118.125.34.bc.googleusercontent.com
34.125.118.141
22e75377574177d549958caec7e3b2d850674a8a7a2905ef4af2d6b71f0741d5
2ae3761a1b279402320aa1a25a8f12caf4ac30d293c65b1a5e27d853b81b1c40
53b27b95cb05bf98e98c704496cc7403a7e8083c837b006c8730fd74f287aab8
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
a65d5b4abb65aad37f302c96f1751362e2422a8869f7f889112556d77e384813
b07f3473f3a889798a93b7b02c3b9399d4814e82765b988aa54edb93f4d5f2c5
b28604c7e478ef48a7c1f3554e64d72aa69438a9ec15cea40e1cd661dc74f432
d112295f181df48d42c33c339f347c848d7ecf77d2ff74bbc1951176593d0b06
e746c6c794e5e5fd6a63b81b941dc6a11a80df25354592c502c163ceb705baeb
f830833b6661d5fb63e23d3d245e91edc7c52aa547ca19eca7c91c7570483975

141.118.125.34.bc.googleusercontent.com Open in urlscan Pro 34.125.118.141 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

11 Requests

0 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

246 kBTransfer

554 kBSize

1 Cookies

5 Outgoing links

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

10 JavaScript Global Variables

1 Cookies

Indicators

141.118.125.34.bc.googleusercontent.com Open in urlscan Pro
34.125.118.141 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

246 kB
Transfer

554 kB
Size

1
Cookies

11 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!