itau.protecaonoapp.com Open in urlscan Pro
2a06:98c1:3120::c  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response itau.protecaonoapp.com/desktop/	7 KB 3 KB	1617ms 1327ms	Document text/html	2a06:98c1:3120::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://itau.protecaonoapp.com/desktop/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.2.34 Resource Hash 60664c57899216e7debcb052dfb83f5701c7e18f139661d394732d16f35f8c58 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 73500a27ed35bb4a-FRA content-encoding br content-type text/html; charset=UTF-8 date Wed, 03 Aug 2022 15:20:52 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dW5OnIwaejlHR%2Fcp9KBNvoXt%2BNaK%2FyFC%2FjOmM8oE0rv%2FytAIy8Hj5rGzrPPp2uPQ4HsjT%2BHlN57HyXV1XQoFvaH4rSh4ktRaTVYH%2B2O344ZbhF6rSyjqKoikMXofqdQQk2%2B6FbjIWEAJphzaGOPZLorOmN8e"}],"group":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.2.34
GET H2	200	home.css itau.protecaonoapp.com/desktop/css/	3 KB 1 KB	315ms 314ms	Stylesheet text/css	2a06:98c1:3120::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://itau.protecaonoapp.com/desktop/css/home.css Requested by Host: itau.protecaonoapp.com URL: https://itau.protecaonoapp.com/desktop/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dd9fec2bfccf637be42d553d586cfc4e734f1f741a4317fc0a494e054dc1a9c6 Request headers accept-language nl-NL,nl;q=0.9 Referer https://itau.protecaonoapp.com/desktop/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Wed, 03 Aug 2022 15:20:52 GMT content-encoding br cf-cache-status REVALIDATED last-modified Mon, 25 Jul 2022 12:12:25 GMT server cloudflare etag W/"cae-5e4a018cc3dd2" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xNCZ4S%2FUYzrRaPW%2FMoqPaQn1%2BxvfZb%2FKdqFGuq7lunIbJJv9DayBFpTrFxo9noC%2FBCe7SBjKXn34NjXdSthCJVERoSO%2F5cesc0Kp0M67BGu8B5qsK7iyhMEDUufivbsae1cYizSXN3ht9R2%2BG8h0y8AFnXOG"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 73500a303a26bb4a-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	jquery.js Show response itau.protecaonoapp.com/desktop/js/	30 KB 16 KB	308ms 308ms	Script application/javascript	2a06:98c1:3120::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://itau.protecaonoapp.com/desktop/js/jquery.js Requested by Host: itau.protecaonoapp.com URL: https://itau.protecaonoapp.com/desktop/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4b4e5615009a01b9dc1c7372569c28b8ba705e2d1544692821fbe32d66a3f9e6 Request headers accept-language nl-NL,nl;q=0.9 Referer https://itau.protecaonoapp.com/desktop/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Wed, 03 Aug 2022 15:20:52 GMT content-encoding br cf-cache-status REVALIDATED last-modified Mon, 25 Jul 2022 12:12:45 GMT server cloudflare etag W/"7939-5e4a019fcd7b6" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4AgkK5OkWtLwcZy81WlKnubqbL7GqbW5v3bpWD3jFCWjK7qZUk10IdViDr%2Fi%2FCoZRApvuGqb%2BMlyUOxcP04O3nRUzYy3WEoi9%2FfUpKhj19622shFgSRTc3Bm0MGHwmIIihApuec33IF6NqJt0EhOjuA9eyz7"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 73500a303a28bb4a-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	jquery.maskedinput.js Show response itau.protecaonoapp.com/desktop/js/	3 KB 2 KB	313ms 312ms	Script application/javascript	2a06:98c1:3120::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://itau.protecaonoapp.com/desktop/js/jquery.maskedinput.js Requested by Host: itau.protecaonoapp.com URL: https://itau.protecaonoapp.com/desktop/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a2ddc7152d7d5ba4d21d6f38b64d138eb9d75700a6d4dc37775318851574a2ba Request headers accept-language nl-NL,nl;q=0.9 Referer https://itau.protecaonoapp.com/desktop/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Wed, 03 Aug 2022 15:20:52 GMT content-encoding br cf-cache-status REVALIDATED last-modified Mon, 25 Jul 2022 12:12:45 GMT server cloudflare etag W/"b5f-5e4a019fcb48e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n2RV%2Bvhb59P1zZGFbQT468k27ijqGGIv%2BEY2bbmmIcNLgBFlQ4nznRpc%2BKv0olsqkxnltJKc0hgLUmOBdFMXSAkzVc4T3MTs9CMV%2BHQQk5VhwvuzsMtVUmNTcmk0V5jNCt%2BCXTL2483wD6%2BMlk7xSVaChzDE"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 73500a303a2abb4a-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	logo.png itau.protecaonoapp.com/desktop/img/	135 KB 136 KB	316ms 315ms	Image image/png	2a06:98c1:3120::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://itau.protecaonoapp.com/desktop/img/logo.png Requested by Host: itau.protecaonoapp.com URL: https://itau.protecaonoapp.com/desktop/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d54e6126a8bc275e0068272ce7af408669eae3715053b63233d6bbe4fd0a8e5d Request headers accept-language nl-NL,nl;q=0.9 Referer https://itau.protecaonoapp.com/desktop/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Wed, 03 Aug 2022 15:20:53 GMT cf-cache-status REVALIDATED last-modified Mon, 25 Jul 2022 12:12:38 GMT server cloudflare etag "21c8f-5e4a0198f197b" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BIuZ1wWr3rlM%2BpTJirrNzEVChRDdxr3q1RNQAC6obEYaEkOUjvuYPPRg4nIu0Idb%2FYwe8B3kpJOO3%2BxfRoMD4IPLZZEeI9KBSA1WU5h6V35R2dRp8m9AGkOQVOro8NahrpwbKeZxJ5ItRc4n50rGnOdcHrRn"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 73500a322a709a15-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 138383
GET H3	200	flechabw.png itau.protecaonoapp.com/desktop/img/	3 KB 3 KB	316ms 315ms	Image image/png	2a06:98c1:3120::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://itau.protecaonoapp.com/desktop/img/flechabw.png Requested by Host: itau.protecaonoapp.com URL: https://itau.protecaonoapp.com/desktop/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash de6a0aed3659ea07b73d859501951a188447e0c432e2c4bbb2dd3a084b04f65b Request headers accept-language nl-NL,nl;q=0.9 Referer https://itau.protecaonoapp.com/desktop/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Wed, 03 Aug 2022 15:20:53 GMT cf-cache-status REVALIDATED last-modified Mon, 25 Jul 2022 12:12:33 GMT server cloudflare etag "b59-5e4a019485014" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ImPq3eIWFvJHfGFrdGpOUbQA2pdu75T93XDLcOtAtRc7iQ6PdN%2BQ9w%2F%2B8SFHZ37xxQRl3SLEbkFSZFagKO67iYE3iXzfmbFR5%2FnjdIZRQ4Hs2eeDtiTJqYa9kgczxyhqCm5j0wkTQ8%2Bew9M83A7Lo7EXVJ7U"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 73500a322a729a15-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2905
GET H3	200	bgk.png itau.protecaonoapp.com/desktop/img/	17 KB 17 KB	387ms 386ms	Image image/png	2a06:98c1:3120::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://itau.protecaonoapp.com/desktop/img/bgk.png Requested by Host: itau.protecaonoapp.com URL: https://itau.protecaonoapp.com/desktop/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fec2c8434d4a82dcb960063d3ce855ce37dbed5e5d8c2bb02edad5e8bc60b4f7 Request headers accept-language nl-NL,nl;q=0.9 Referer https://itau.protecaonoapp.com/desktop/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Wed, 03 Aug 2022 15:20:53 GMT cf-cache-status REVALIDATED last-modified Mon, 25 Jul 2022 12:12:32 GMT server cloudflare etag "4224-5e4a019327e0c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZV0OFezki4yr0gmGl6DdlD87l8SdfFUURdA9MdM06PwQCYHf1E2q%2FD1mnlfgZ8i%2F0bA8Mj3UIA1yJGzzlagIgR%2FOjviA%2BqQ6xq5fmDaBMyhUFWTNfTCVebksnrvoysqJQ17zms2l0GELGgsz1VPjmvPXnJU%2F"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 73500a323a869a15-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 16932
GET H3	200	carossel.png itau.protecaonoapp.com/desktop/img/	40 KB 40 KB	1344ms 1343ms	Image image/png	2a06:98c1:3120::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://itau.protecaonoapp.com/desktop/img/carossel.png Requested by Host: itau.protecaonoapp.com URL: https://itau.protecaonoapp.com/desktop/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fffc91b5a28f2e55ff956b0e2a77fb509c47eb32dd06983fe5735d39ec9a86d3 Request headers accept-language nl-NL,nl;q=0.9 Referer https://itau.protecaonoapp.com/desktop/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Wed, 03 Aug 2022 15:20:54 GMT cf-cache-status REVALIDATED last-modified Mon, 25 Jul 2022 12:12:33 GMT server cloudflare etag "9f90-5e4a01947f254" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yMVrLe6A6K%2FQov1iRkdrhjg8%2BXGAlbshgZE6KHjH6KCnZzBgnkt%2FSf0rzgjQYhc9ODDRTjhB%2BkFJrxxaDlZLzPuZO8LG%2FLA7oKskAA%2FmSwrURL4mIrcRYtwr8ePCiluFr6DP6XtQbEWLyZTdKIH6Gh1TCJpS"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 73500a323a889a15-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 40848
GET H3	200	loading.gif itau.protecaonoapp.com/desktop/img/	51 KB 51 KB	387ms 387ms	Image image/gif	2a06:98c1:3120::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://itau.protecaonoapp.com/desktop/img/loading.gif Requested by Host: itau.protecaonoapp.com URL: https://itau.protecaonoapp.com/desktop/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 61e9f6cd67a40ee41f5b9161ac6db67e51540db50b70d3f876781e43b1685bd4 Request headers accept-language nl-NL,nl;q=0.9 Referer https://itau.protecaonoapp.com/desktop/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Wed, 03 Aug 2022 15:20:53 GMT cf-cache-status REVALIDATED last-modified Mon, 25 Jul 2022 12:12:37 GMT server cloudflare etag "cb05-5e4a0198b0e4f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yRRvV88tx1T89aZ7Pik0kCe6F%2BMZavRQJg5V8P0UioRqk1z202UKWNR6dHWyabxxkwvHYUikXAqDFqwtYYpk4K3mf1gTlG853gxLeJbUne4EZgeg2rAWIakuzrKxxibIBzymsK1KllN22roNjLZ978xhfARW"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 73500a323a8a9a15-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 51973
GET H3	200	btncad.jpg itau.protecaonoapp.com/desktop/img/	17 KB 18 KB	1342ms 1342ms	Image image/jpeg	2a06:98c1:3120::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://itau.protecaonoapp.com/desktop/img/btncad.jpg Requested by Host: itau.protecaonoapp.com URL: https://itau.protecaonoapp.com/desktop/css/home.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 92d0fa0560933a2519bbab6cd96e637cdae4bf9bafbbb33c2feeba02112098b1 Request headers accept-language nl-NL,nl;q=0.9 Referer https://itau.protecaonoapp.com/desktop/css/home.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Wed, 03 Aug 2022 15:20:54 GMT cf-cache-status REVALIDATED last-modified Mon, 25 Jul 2022 12:12:32 GMT server cloudflare etag "456b-5e4a0193d1cd8" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BWbe6JfbUommCmPSegmzqwiAvOl%2B6HZB2TtYbAnGHM8%2B7mya5NvgmmpTTNIQcPdyFAWxqUGo6v5PuI7sJzM%2BX5ZyFxI3JyNG0k3ofpcb7t98jFGDMrB%2BSByN8VEqxsw6qjqI%2FTVgmctpuq1wMDNeogylH8or"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 73500a324a949a15-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 17771
GET H3	200	bacgrkoundhome.jpg itau.protecaonoapp.com/desktop/img/	117 KB 118 KB	322ms 322ms	Image image/jpeg	2a06:98c1:3120::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://itau.protecaonoapp.com/desktop/img/bacgrkoundhome.jpg Requested by Host: itau.protecaonoapp.com URL: https://itau.protecaonoapp.com/desktop/css/home.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 52f216bb57d122e64c4c40f2bd460c503bdb98ae89746903cb69db442000db80 Request headers accept-language nl-NL,nl;q=0.9 Referer https://itau.protecaonoapp.com/desktop/css/home.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Wed, 03 Aug 2022 15:20:53 GMT cf-cache-status REVALIDATED last-modified Mon, 25 Jul 2022 12:12:30 GMT server cloudflare etag "1d494-5e4a0191c8cc4" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cxkd2a%2FvyFSGPPzYnX%2BR1y1z9YAiWvCgEmGtwAedxg5NzM35cwi%2FUYSofy%2FiGWiImGasA4X8H4WOZZrZM2a7G4EWBcGI%2FUaSesGJI2sajyV6wPoO1bCoLqoOH9aFcaqTcheSBzd5PR9QD6mBFs65xiKK2swC"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 73500a324a969a15-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 119956

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banco Itau (Banking)

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery function| nextcamp function| entrou1 function| get_XmlHttp undefined| myVar function| clearcomando function| myTimer function| Sendlogin function| login

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

itau.protecaonoapp.com
2a06:98c1:3120::c
4b4e5615009a01b9dc1c7372569c28b8ba705e2d1544692821fbe32d66a3f9e6
52f216bb57d122e64c4c40f2bd460c503bdb98ae89746903cb69db442000db80
60664c57899216e7debcb052dfb83f5701c7e18f139661d394732d16f35f8c58
61e9f6cd67a40ee41f5b9161ac6db67e51540db50b70d3f876781e43b1685bd4
92d0fa0560933a2519bbab6cd96e637cdae4bf9bafbbb33c2feeba02112098b1
a2ddc7152d7d5ba4d21d6f38b64d138eb9d75700a6d4dc37775318851574a2ba
d54e6126a8bc275e0068272ce7af408669eae3715053b63233d6bbe4fd0a8e5d
dd9fec2bfccf637be42d553d586cfc4e734f1f741a4317fc0a494e054dc1a9c6
de6a0aed3659ea07b73d859501951a188447e0c432e2c4bbb2dd3a084b04f65b
fec2c8434d4a82dcb960063d3ce855ce37dbed5e5d8c2bb02edad5e8bc60b4f7
fffc91b5a28f2e55ff956b0e2a77fb509c47eb32dd06983fe5735d39ec9a86d3