urlscan.io logo urlscan.io
SecurityTrails logo

carrinho.cloud.itau.com.br Open in urlscan Pro
2600:9000:211e:3400:19:c04b:6e40:93a1  Public Scan

Go To Rescan Add Verdict Report
URL: https://carrinho.cloud.itau.com.br/
Submission Tags: @phishunt_io
Submission: On May 21 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 11 HTTP transactions. The main IP is 2600:9000:211e:3400:19:c04b:6e40:93a1, located in United States and belongs to AMAZON-02, US. The main domain is carrinho.cloud.itau.com.br.
TLS certificate: Issued by Amazon RSA 2048 M03 on May 21st 2024. Valid for: a year.
This is the only time carrinho.cloud.itau.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 2600:9000:211... 16509 (AMAZON-02)
4 2.19.217.39 16625 (AKAMAI-AS)
11 3
Apex Domain
Subdomains		 Transfer
7 itau.com.br
carrinho.cloud.itau.com.br
estatico.itau.com.br — Cisco Umbrella Rank: 235306
589 KB
0 cloudflare.com Failed
cdnjs.cloudflare.com Failed
11 2
Domain Requested by
4 estatico.itau.com.br carrinho.cloud.itau.com.br
estatico.itau.com.br
3 carrinho.cloud.itau.com.br carrinho.cloud.itau.com.br
0 cdnjs.cloudflare.com Failed carrinho.cloud.itau.com.br
11 3

This site contains no links.

Subject Issuer Validity Valid
carrinho.cloud.itau.com.br
Amazon RSA 2048 M03		 2024-05-21 -
2025-06-20		 a year crt.sh
www.itau.com.br
GeoTrust RSA CA 2018		 2023-12-26 -
2025-01-03		 a year crt.sh

This page contains 1 frames:

Primary Page: https://carrinho.cloud.itau.com.br/
Frame ID: E21FE9C0C6758918465C72FF7F41727D
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Itaú - Carrinho abandonado

Page Statistics

11
Requests

64 %
HTTPS

50 %
IPv6

2
Domains

3
Subdomains

3
IPs

2
Countries

589 kB
Transfer

615 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
carrinho.cloud.itau.com.br/ 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://carrinho.cloud.itau.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:3400:19:c04b:6e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dcb6ead6af601d50b9c0f65b5a3fc0cc11015feb3622dae9f33c2e83671a4974

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
content-length
1347
content-type
text/html
date
Tue, 21 May 2024 07:11:25 GMT
etag
"158bfeb2d21b558c8836cd9342b9be9e"
last-modified
Tue, 19 Jul 2022 02:29:15 GMT
server
AmazonS3
via
1.1 ef4ff53b101ef123a46ec560b6c94cb8.cloudfront.net (CloudFront)
x-amz-cf-id
2fGwCq8kSV0vs5t2abaipDZRohNqPlbCKyMdLDHlPaMZByAlq1CIcQ==
x-amz-cf-pop
FRA56-C2
x-amz-server-side-encryption
AES256
x-amz-version-id
null
x-cache
RefreshHit from cloudfront
itau-fonts.css
estatico.itau.com.br/ibanking/commons/css/ 		102 B
246 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://estatico.itau.com.br/ibanking/commons/css/itau-fonts.css
Requested by
Host: carrinho.cloud.itau.com.br
URL: https://carrinho.cloud.itau.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.217.39 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-39.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
dbf6db2a6028b606243bb78a728f0531777bf3de58f2646335047e099b5d2870

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://carrinho.cloud.itau.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 07:11:24 GMT
content-encoding
gzip
last-modified
Tue, 09 Mar 2021 15:40:02 GMT
etag
"101f70-66-5bd1c5d15d880"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=35873
accept-ranges
bytes
content-length
69
expires
Tue, 21 May 2024 17:09:17 GMT
main.js
carrinho.cloud.itau.com.br/ 		579 KB
580 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://carrinho.cloud.itau.com.br/main.js
Requested by
Host: carrinho.cloud.itau.com.br
URL: https://carrinho.cloud.itau.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:3400:19:c04b:6e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1197d33ddfc46f0b5f12f44883e60dab218a6230a8db4b79eea702af705293de

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://carrinho.cloud.itau.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 07:11:26 GMT
x-amz-version-id
null
via
1.1 ef4ff53b101ef123a46ec560b6c94cb8.cloudfront.net (CloudFront)
last-modified
Tue, 19 Jul 2022 02:29:15 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
etag
"332123b12340dd8890048692d5535d8a"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
593160
x-amz-cf-id
ntMNuezLAcig5TxmZpex7-XuUlg9AGP2OSDC6n-ZOvmpIncxnpKosA==
font-itau.css
estatico.itau.com.br/ibanking/commons/css/ 		27 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://estatico.itau.com.br/ibanking/commons/css/font-itau.css
Requested by
Host: estatico.itau.com.br
URL: https://estatico.itau.com.br/ibanking/commons/css/itau-fonts.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.217.39 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-39.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d62526eb902463e311230d4c9eda1e6f0aaac70a136476214fe1a1e208dbfcbf

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://estatico.itau.com.br/ibanking/commons/css/itau-fonts.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 07:11:24 GMT
content-encoding
gzip
last-modified
Tue, 09 Mar 2021 15:39:57 GMT
etag
"1020a9-6a63-5bd1c5cc98d40"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=8742
accept-ranges
bytes
content-length
5143
expires
Tue, 21 May 2024 09:37:06 GMT
font-itau-display.css
estatico.itau.com.br/ibanking/commons/css/ 		5 KB
782 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://estatico.itau.com.br/ibanking/commons/css/font-itau-display.css
Requested by
Host: estatico.itau.com.br
URL: https://estatico.itau.com.br/ibanking/commons/css/itau-fonts.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.217.39 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-39.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a488440bb753b69fae447f6d1a6b8316fae716b8ee7f6aaa7e001086b648136a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://estatico.itau.com.br/ibanking/commons/css/itau-fonts.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 07:11:24 GMT
content-encoding
gzip
last-modified
Tue, 09 Mar 2021 15:39:57 GMT
etag
"1020b5-1328-5bd1c5cc98d40"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=8728
accept-ranges
bytes
content-length
604
expires
Tue, 21 May 2024 09:36:52 GMT
font-itau-text.css
estatico.itau.com.br/ibanking/commons/css/ 		3 KB
659 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://estatico.itau.com.br/ibanking/commons/css/font-itau-text.css
Requested by
Host: estatico.itau.com.br
URL: https://estatico.itau.com.br/ibanking/commons/css/itau-fonts.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.217.39 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-39.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f3dcf302e919ebd374d16f1308af2d9b34590156e3a3094585c97aed6a08a35d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://estatico.itau.com.br/ibanking/commons/css/itau-fonts.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 07:11:24 GMT
content-encoding
gzip
last-modified
Tue, 09 Mar 2021 15:39:57 GMT
etag
"101f5c-bfa-5bd1c5cc98d40"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=11268
accept-ranges
bytes
content-length
480
expires
Tue, 21 May 2024 10:19:12 GMT
core.min.js
cdnjs.cloudflare.com/ajax/libs/core-js/2.6.9/ 		0
0
zone.min.js
cdnjs.cloudflare.com/ajax/libs/zone.js/0.10.3/ 		0
0
custom-elements-es5-adapter.js
cdnjs.cloudflare.com/ajax/libs/webcomponentsjs/1.3.3/ 		0
0
webcomponents-ce.js
cdnjs.cloudflare.com/ajax/libs/webcomponentsjs/1.3.3/ 		0
0
favicon.ico
carrinho.cloud.itau.com.br/ 		286 B
522 B 		Other
General
Check archive.org
Download Go to
Full URL
https://carrinho.cloud.itau.com.br/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:3400:19:c04b:6e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9bb86b59a748a7773e7342b4cd26bb4e2da63060fb127d7f3cd89b7b7c3a1e72

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://carrinho.cloud.itau.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 07:11:26 GMT
via
1.1 ef4ff53b101ef123a46ec560b6c94cb8.cloudfront.net (CloudFront)
server
AmazonS3
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
molZ1dkEfP6rcLzroI9tmyu63JpqYNN2JbrPwJ5SRpAS4lPVQOI5zA==
x-cache
Error from cloudfront
content-type
application/xml

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdnjs.cloudflare.com
URL
http://cdnjs.cloudflare.com/ajax/libs/core-js/2.6.9/core.min.js
Domain
cdnjs.cloudflare.com
URL
http://cdnjs.cloudflare.com/ajax/libs/zone.js/0.10.3/zone.min.js
Domain
cdnjs.cloudflare.com
URL
http://cdnjs.cloudflare.com/ajax/libs/webcomponentsjs/1.3.3/custom-elements-es5-adapter.js
Domain
cdnjs.cloudflare.com
URL
http://cdnjs.cloudflare.com/ajax/libs/webcomponentsjs/1.3.3/webcomponents-ce.js

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| authToken object| webpackJsonp

0 Cookies

5 Console Messages

Source Level URL
Text
security error URL: https://carrinho.cloud.itau.com.br/
Message:
Mixed Content: The page at 'https://carrinho.cloud.itau.com.br/' was loaded over HTTPS, but requested an insecure script 'http://cdnjs.cloudflare.com/ajax/libs/core-js/2.6.9/core.min.js'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://carrinho.cloud.itau.com.br/
Message:
Mixed Content: The page at 'https://carrinho.cloud.itau.com.br/' was loaded over HTTPS, but requested an insecure script 'http://cdnjs.cloudflare.com/ajax/libs/zone.js/0.10.3/zone.min.js'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://carrinho.cloud.itau.com.br/
Message:
Mixed Content: The page at 'https://carrinho.cloud.itau.com.br/' was loaded over HTTPS, but requested an insecure script 'http://cdnjs.cloudflare.com/ajax/libs/webcomponentsjs/1.3.3/custom-elements-es5-adapter.js'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://carrinho.cloud.itau.com.br/
Message:
Mixed Content: The page at 'https://carrinho.cloud.itau.com.br/' was loaded over HTTPS, but requested an insecure script 'http://cdnjs.cloudflare.com/ajax/libs/webcomponentsjs/1.3.3/webcomponents-ce.js'. This request has been blocked; the content must be served over HTTPS.
network error URL: https://carrinho.cloud.itau.com.br/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()