escolasobidos.net Open in urlscan Pro
109.71.40.14 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://escolasobidos.net/dt/index3.html
Submission: On July 06 via automatic, source phishtank (July 6th 2024, 8:37:00 pm UTC) — Scanned from PT

Summary HTTP 26 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 26 HTTP transactions. The main IP is 109.71.40.14, located in Lisbon, Portugal and belongs to ALMOUROLTEC, PT. The main domain is escolasobidos.net.
TLS certificate: Issued by R3 on May 9th 2024. Valid for: 3 months.

This is the only time escolasobidos.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Banco Itau (Banking)

Domain & IP information

	IP Address		AS Autonomous System
26	109.71.40.14 109.71.40.14		24768 (ALMOUROLTEC) (ALMOUROLTEC)
26	1

26 109.71.40.14 (Lisbon, Portugal)

ASN24768 (ALMOUROLTEC, PT)
PTR: cp32.webserver.pt

escolasobidos.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	escolasobidos.net escolasobidos.net	1 MB
26	1

	Domain	Requested by
26	escolasobidos.net	escolasobidos.net
26	1

This site contains no links.

Subject Issuer	Validity	Valid
*.escolasobidos.net R3	`2024-05-09` - `2024-08-07`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://escolasobidos.net/dt/index3.html
Frame ID: 445BBE3428569E0333B63CFC8717E82F
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ltalink

Page Statistics

26
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

1408 kB
Transfer

1651 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request index3.html Show response escolasobidos.net/dt/	26 KB 6 KB	147ms 49ms	Document text/html	109.71.40.14 ALMOUROLTEC
General Check archive.org Show headers Download Go to Full URL https://escolasobidos.net/dt/index3.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 109.71.40.14 Lisbon, Portugal, ASN24768 (ALMOUROLTEC, PT), Reverse DNS cp32.webserver.pt Software nginx / Resource Hash `c8a6088380143545cb68241b122239246de774466c3e9ebd1b172f2d5de0976d` Request headers Accept-Language pt-PT,pt;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers content-encoding gzip content-type text/html date Sat, 06 Jul 2024 20:36:55 GMT last-modified Mon, 17 Jun 2024 12:58:28 GMT server nginx vary Accept-Encoding x-scale YXBvY2FzQGdpdGh1Yg==
GET H2	200	trofaciosd2.css escolasobidos.net/dt/estilos/	2 KB 905 B	43ms 43ms	Stylesheet text/css	109.71.40.14 ALMOUROLTEC
General Check archive.org Show headers Download Go to Full URL https://escolasobidos.net/dt/estilos/trofaciosd2.css Requested by Host: escolasobidos.net URL: https://escolasobidos.net/dt/index3.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 109.71.40.14 Lisbon, Portugal, ASN24768 (ALMOUROLTEC, PT), Reverse DNS cp32.webserver.pt Software nginx / Resource Hash `8230f91702a02a696b78364492eca19fcd40b89d6cb2063d38dd5518f7ea22ad` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://escolasobidos.net/dt/index3.html Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-type static date Sat, 06 Jul 2024 20:36:55 GMT content-encoding gzip last-modified Wed, 11 Oct 2023 16:30:18 GMT server nginx vary Accept-Encoding x-cache HIT content-type text/css
GET H2	200	nuevoslider.css escolasobidos.net/dt/estilos/	2 KB 955 B	44ms 43ms	Stylesheet text/css	109.71.40.14 ALMOUROLTEC
General Check archive.org Show headers Download Go to Full URL https://escolasobidos.net/dt/estilos/nuevoslider.css Requested by Host: escolasobidos.net URL: https://escolasobidos.net/dt/index3.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 109.71.40.14 Lisbon, Portugal, ASN24768 (ALMOUROLTEC, PT), Reverse DNS cp32.webserver.pt Software nginx / Resource Hash `1445a1c40e53d785721c7af9b6121eebff659c3cdbdd993284c89ab87c873d09` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://escolasobidos.net/dt/index3.html Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-type static date Sat, 06 Jul 2024 20:36:55 GMT content-encoding gzip last-modified Wed, 11 Oct 2023 16:30:18 GMT server nginx vary Accept-Encoding x-cache HIT content-type text/css
GET H2	200	css.css escolasobidos.net/dt/estilos/	114 KB 19 KB	61ms 61ms	Stylesheet text/css	109.71.40.14 ALMOUROLTEC
General Check archive.org Show headers Download Go to Full URL https://escolasobidos.net/dt/estilos/css.css Requested by Host: escolasobidos.net URL: https://escolasobidos.net/dt/index3.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 109.71.40.14 Lisbon, Portugal, ASN24768 (ALMOUROLTEC, PT), Reverse DNS cp32.webserver.pt Software nginx / Resource Hash `48b7a9ac68085a7a7fc2e8a825703f3b6217f15aeb908bfc15b8da82bae206e7` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://escolasobidos.net/dt/index3.html Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-type static date Sat, 06 Jul 2024 20:36:55 GMT content-encoding gzip last-modified Wed, 11 Oct 2023 16:44:46 GMT server nginx vary Accept-Encoding x-cache HIT content-type text/css
GET H2	200	fonts.css escolasobidos.net/dt/estilos/	2 KB 406 B	68ms 68ms	Stylesheet text/css	109.71.40.14 ALMOUROLTEC
General Check archive.org Show headers Download Go to Full URL https://escolasobidos.net/dt/estilos/fonts.css Requested by Host: escolasobidos.net URL: https://escolasobidos.net/dt/index3.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 109.71.40.14 Lisbon, Portugal, ASN24768 (ALMOUROLTEC, PT), Reverse DNS cp32.webserver.pt Software nginx / Resource Hash `240304a0a7293642f0fc46494267e6dcdff3bdb8547a83e97dfe0b25d555b89e` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://escolasobidos.net/dt/index3.html Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-type static date Sat, 06 Jul 2024 20:36:55 GMT content-encoding gzip last-modified Wed, 11 Oct 2023 17:08:14 GMT server nginx vary Accept-Encoding x-cache HIT content-type text/css
GET H2	200	generales2.css escolasobidos.net/dt/estilos/	42 KB 8 KB	260ms 259ms	Stylesheet text/css	109.71.40.14 ALMOUROLTEC
General Check archive.org Show headers Download Go to Full URL https://escolasobidos.net/dt/estilos/generales2.css Requested by Host: escolasobidos.net URL: https://escolasobidos.net/dt/index3.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 109.71.40.14 Lisbon, Portugal, ASN24768 (ALMOUROLTEC, PT), Reverse DNS cp32.webserver.pt Software nginx / Resource Hash `bd7e247ce7d8b2a1c691a15bb820f71cb0d14365e51f759474c35ad7a50dda71` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://escolasobidos.net/dt/index3.html Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-type static date Sat, 06 Jul 2024 20:36:55 GMT content-encoding gzip last-modified Mon, 17 Jun 2024 13:12:42 GMT server nginx vary Accept-Encoding x-cache MISS content-type text/css
GET H2	200	otrosestilitos.css escolasobidos.net/dt/estilos/	101 KB 14 KB	91ms 91ms	Stylesheet text/css	109.71.40.14 ALMOUROLTEC
General Check archive.org Show headers Download Go to Full URL https://escolasobidos.net/dt/estilos/otrosestilitos.css Requested by Host: escolasobidos.net URL: https://escolasobidos.net/dt/index3.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 109.71.40.14 Lisbon, Portugal, ASN24768 (ALMOUROLTEC, PT), Reverse DNS cp32.webserver.pt Software nginx / Resource Hash `b5084c7a8649f3b1d91a10160ac0f24f46c9846c1d9312d985a273b0c31599e8` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://escolasobidos.net/dt/index3.html Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-type static date Sat, 06 Jul 2024 20:36:55 GMT content-encoding gzip last-modified Wed, 11 Oct 2023 16:56:02 GMT server nginx vary Accept-Encoding x-cache HIT content-type text/css
GET H2	200	css2.css escolasobidos.net/dt/estilos/	7 KB 828 B	92ms 91ms	Stylesheet text/css	109.71.40.14 ALMOUROLTEC
General Check archive.org Show headers Download Go to Full URL https://escolasobidos.net/dt/estilos/css2.css Requested by Host: escolasobidos.net URL: https://escolasobidos.net/dt/index3.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 109.71.40.14 Lisbon, Portugal, ASN24768 (ALMOUROLTEC, PT), Reverse DNS cp32.webserver.pt Software nginx / Resource Hash `d5e4168c549beeeb7946e688c11e8ebec9ae7d2d53fd20a1992660551b7b3668` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://escolasobidos.net/dt/index3.html Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-type static date Sat, 06 Jul 2024 20:36:55 GMT content-encoding gzip last-modified Wed, 11 Oct 2023 16:46:04 GMT server nginx vary Accept-Encoding x-cache HIT content-type text/css
GET H2	200	logo_mobile@2x.png escolasobidos.net/dt/1mg/	879 B 1015 B	256ms 254ms	Image image/png	109.71.40.14 ALMOUROLTEC
General Check archive.org Show headers Download Go to Show image Full URL https://escolasobidos.net/dt/1mg/logo_mobile@2x.png Requested by Host: escolasobidos.net URL: https://escolasobidos.net/dt/index3.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 109.71.40.14 Lisbon, Portugal, ASN24768 (ALMOUROLTEC, PT), Reverse DNS cp32.webserver.pt Software nginx / Resource Hash `7cc103b3c4ca6f47da3879109232b9beb484b9a041766c4d6741260f556501dd` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://escolasobidos.net/dt/index3.html Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-type static date Sat, 06 Jul 2024 20:36:55 GMT last-modified Mon, 17 Jun 2024 12:54:06 GMT server nginx x-cache HIT content-type image/png accept-ranges bytes content-length 879
GET H2	200	search-primary.svg escolasobidos.net/dt/1mg/	859 B 585 B	259ms 257ms	Image image/svg+xml	109.71.40.14 ALMOUROLTEC
General Check archive.org Show headers Download Go to Show image Full URL https://escolasobidos.net/dt/1mg/search-primary.svg Requested by Host: escolasobidos.net URL: https://escolasobidos.net/dt/index3.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 109.71.40.14 Lisbon, Portugal, ASN24768 (ALMOUROLTEC, PT), Reverse DNS cp32.webserver.pt Software nginx / Resource Hash `0f20b2d4b08a7c1449d670ba47caf2900110342ac4bc1e653836f91553a62f77` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://escolasobidos.net/dt/index3.html Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 06 Jul 2024 20:36:55 GMT content-encoding gzip x-scale YXBvY2FzQGdpdGh1Yg== last-modified Wed, 11 Oct 2023 16:30:30 GMT server nginx vary Accept-Encoding content-type image/svg+xml
GET H2	200	img_10041723_itautkBannerHome1440x900_Home.jpg escolasobidos.net/dt/1mg/	417 KB 417 KB	109ms 109ms	Image image/jpeg	109.71.40.14 ALMOUROLTEC
General Check archive.org Show headers Download Go to Show image Full URL https://escolasobidos.net/dt/1mg/img_10041723_itautkBannerHome1440x900_Home.jpg Requested by Host: escolasobidos.net URL: https://escolasobidos.net/dt/index3.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 109.71.40.14 Lisbon, Portugal, ASN24768 (ALMOUROLTEC, PT), Reverse DNS cp32.webserver.pt Software nginx / Resource Hash `335e328c531e5bcdbb36a0e9878ea1469cb365e0d3f04eb747ff0ff82ac6cdfd` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://escolasobidos.net/dt/index3.html Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-type static date Sat, 06 Jul 2024 20:36:55 GMT last-modified Tue, 02 Jul 2024 11:16:00 GMT server nginx x-cache HIT content-type image/jpeg accept-ranges bytes content-length 426639
GET H2	200	img_9323559_HOMEMODAOCT2023.jpg escolasobidos.net/dt/1mg/	226 KB 226 KB	165ms 165ms	Image image/jpeg	109.71.40.14 ALMOUROLTEC
General Check archive.org Show headers Download Go to Show image Full URL https://escolasobidos.net/dt/1mg/img_9323559_HOMEMODAOCT2023.jpg Requested by Host: escolasobidos.net URL: https://escolasobidos.net/dt/index3.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 109.71.40.14 Lisbon, Portugal, ASN24768 (ALMOUROLTEC, PT), Reverse DNS cp32.webserver.pt Software nginx / Resource Hash `2a91f8dedc308a580ec68f8bd00762a4a7f1e92f8f00f5709dbb00e6e36bb197` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://escolasobidos.net/dt/index3.html Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-type static date Sat, 06 Jul 2024 20:36:55 GMT last-modified Wed, 11 Oct 2023 16:30:32 GMT server nginx x-cache HIT content-type image/jpeg accept-ranges bytes content-length 231318
GET H2	200	img_9981787_Inversores_Placahomecopia.jpg escolasobidos.net/dt/1mg/	170 KB 170 KB	239ms 236ms	Image image/jpeg	109.71.40.14 ALMOUROLTEC
General Check archive.org Show headers Download Go to Show image Full URL https://escolasobidos.net/dt/1mg/img_9981787_Inversores_Placahomecopia.jpg Requested by Host: escolasobidos.net URL: https://escolasobidos.net/dt/index3.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 109.71.40.14 Lisbon, Portugal, ASN24768 (ALMOUROLTEC, PT), Reverse DNS cp32.webserver.pt Software nginx / Resource Hash `c01096c353031876f4566a9e61b50b8f4a4b96903dfa51eb4bead8df749b3d4d` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://escolasobidos.net/dt/index3.html Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-type static date Sat, 06 Jul 2024 20:36:55 GMT last-modified Wed, 11 Oct 2023 16:30:32 GMT server nginx x-cache HIT content-type image/jpeg accept-ranges bytes content-length 173578
GET H2	200	img_9657776_HOMECUENTAUNIPERSONALSET2023.jpg escolasobidos.net/dt/1mg/	138 KB 138 KB	251ms 249ms	Image image/jpeg	109.71.40.14 ALMOUROLTEC
General Check archive.org Show headers Download Go to Show image Full URL https://escolasobidos.net/dt/1mg/img_9657776_HOMECUENTAUNIPERSONALSET2023.jpg Requested by Host: escolasobidos.net URL: https://escolasobidos.net/dt/index3.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 109.71.40.14 Lisbon, Portugal, ASN24768 (ALMOUROLTEC, PT), Reverse DNS cp32.webserver.pt Software nginx / Resource Hash `c0d7bb6319a695a382097ba100408c390670d4471abba5f6f4bfffc80286b004` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://escolasobidos.net/dt/index3.html Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-type static date Sat, 06 Jul 2024 20:36:55 GMT last-modified Wed, 11 Oct 2023 16:30:32 GMT server nginx x-cache HIT content-type image/jpeg accept-ranges bytes content-length 140905
GET H2	200	img_9609268_HOMEDIVINOMILLASX3OCTUBRE2023.jpg escolasobidos.net/dt/1mg/	256 KB 256 KB	256ms 253ms	Image image/jpeg	109.71.40.14 ALMOUROLTEC
General Check archive.org Show headers Download Go to Show image Full URL https://escolasobidos.net/dt/1mg/img_9609268_HOMEDIVINOMILLASX3OCTUBRE2023.jpg Requested by Host: escolasobidos.net URL: https://escolasobidos.net/dt/index3.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 109.71.40.14 Lisbon, Portugal, ASN24768 (ALMOUROLTEC, PT), Reverse DNS cp32.webserver.pt Software nginx / Resource Hash `eeb82159689974a345ee96c8107f58d9324529746c01dbc476527dd541db2145` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://escolasobidos.net/dt/index3.html Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-type static date Sat, 06 Jul 2024 20:36:55 GMT last-modified Wed, 11 Oct 2023 16:30:32 GMT server nginx x-cache HIT content-type image/jpeg accept-ranges bytes content-length 261913
GET H2	200	img_10058835_itautkBannerHome_Boton120x60.jpg escolasobidos.net/dt/1mg/	6 KB 6 KB	256ms 254ms	Image image/jpeg	109.71.40.14 ALMOUROLTEC
General Check archive.org Show headers Download Go to Show image Full URL https://escolasobidos.net/dt/1mg/img_10058835_itautkBannerHome_Boton120x60.jpg Requested by Host: escolasobidos.net URL: https://escolasobidos.net/dt/index3.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 109.71.40.14 Lisbon, Portugal, ASN24768 (ALMOUROLTEC, PT), Reverse DNS cp32.webserver.pt Software nginx / Resource Hash `a7d1059a82013b30a648a302b2a6eea584b54d4372ef8a6f74c4c5576ebf36e6` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://escolasobidos.net/dt/index3.html Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-type static date Sat, 06 Jul 2024 20:36:55 GMT last-modified Tue, 02 Jul 2024 11:16:16 GMT server nginx x-cache HIT content-type image/jpeg accept-ranges bytes content-length 5887
GET H2	200	img_9323558_BOTONHOMEMODAOCT2023.jpg escolasobidos.net/dt/1mg/	8 KB 8 KB	256ms 254ms	Image image/jpeg	109.71.40.14 ALMOUROLTEC
General Check archive.org Show headers Download Go to Show image Full URL https://escolasobidos.net/dt/1mg/img_9323558_BOTONHOMEMODAOCT2023.jpg Requested by Host: escolasobidos.net URL: https://escolasobidos.net/dt/index3.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 109.71.40.14 Lisbon, Portugal, ASN24768 (ALMOUROLTEC, PT), Reverse DNS cp32.webserver.pt Software nginx / Resource Hash `bfc2646e0c88ba9ee42df835243939f04dff959e869835466995600e7b2ebf63` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://escolasobidos.net/dt/index3.html Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-type static date Sat, 06 Jul 2024 20:36:55 GMT last-modified Thu, 13 Jun 2024 16:41:14 GMT server nginx x-cache HIT content-type image/jpeg accept-ranges bytes content-length 7754
GET H2	200	img_9547853_Inversores_Placahomechica.jpg escolasobidos.net/dt/1mg/	25 KB 25 KB	256ms 254ms	Image image/jpeg	109.71.40.14 ALMOUROLTEC
General Check archive.org Show headers Download Go to Show image Full URL https://escolasobidos.net/dt/1mg/img_9547853_Inversores_Placahomechica.jpg Requested by Host: escolasobidos.net URL: https://escolasobidos.net/dt/index3.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 109.71.40.14 Lisbon, Portugal, ASN24768 (ALMOUROLTEC, PT), Reverse DNS cp32.webserver.pt Software nginx / Resource Hash `b1033b42b23ad1e60739c84bea041ffd45cfc08d2ac8ce07eaeaaf1a9fdfd0f2` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://escolasobidos.net/dt/index3.html Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-type static date Sat, 06 Jul 2024 20:36:55 GMT last-modified Wed, 11 Oct 2023 16:30:32 GMT server nginx x-cache HIT content-type image/jpeg accept-ranges bytes content-length 25659
GET H2	200	img_9663101_BOTONHOMECUENTAUNIPERSONALSET2023.jpg escolasobidos.net/dt/1mg/	7 KB 7 KB	256ms 255ms	Image image/jpeg	109.71.40.14 ALMOUROLTEC
General Check archive.org Show headers Download Go to Show image Full URL https://escolasobidos.net/dt/1mg/img_9663101_BOTONHOMECUENTAUNIPERSONALSET2023.jpg Requested by Host: escolasobidos.net URL: https://escolasobidos.net/dt/index3.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 109.71.40.14 Lisbon, Portugal, ASN24768 (ALMOUROLTEC, PT), Reverse DNS cp32.webserver.pt Software nginx / Resource Hash `a3af0e6bb149d89c475141b0f2776d5ad02e2984a4db154c5b31353b72c973b9` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://escolasobidos.net/dt/index3.html Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-type static date Sat, 06 Jul 2024 20:36:55 GMT last-modified Wed, 11 Oct 2023 16:30:32 GMT server nginx x-cache HIT content-type image/jpeg accept-ranges bytes content-length 7182
GET H2	200	img_5210834_BOTONHOMEDIVINOMILLASX3JUNIO2023.jpg escolasobidos.net/dt/1mg/	6 KB 7 KB	256ms 255ms	Image image/jpeg	109.71.40.14 ALMOUROLTEC
General Check archive.org Show headers Download Go to Show image Full URL https://escolasobidos.net/dt/1mg/img_5210834_BOTONHOMEDIVINOMILLASX3JUNIO2023.jpg Requested by Host: escolasobidos.net URL: https://escolasobidos.net/dt/index3.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 109.71.40.14 Lisbon, Portugal, ASN24768 (ALMOUROLTEC, PT), Reverse DNS cp32.webserver.pt Software nginx / Resource Hash `9ce06f4364cd3b168ecc94ccd4e07d19509b232d6400a4c6115432fb5d7a83d9` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://escolasobidos.net/dt/index3.html Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-type static date Sat, 06 Jul 2024 20:36:55 GMT last-modified Wed, 11 Oct 2023 16:30:32 GMT server nginx x-cache HIT content-type image/jpeg accept-ranges bytes content-length 6605
GET H2	404	bgHeader.png escolasobidos.net/dt/eforpsrw/	315 B 315 B	47ms 47ms	Image text/html	109.71.40.14 ALMOUROLTEC
General Check archive.org Show headers Download Go to Show image Full URL https://escolasobidos.net/dt/eforpsrw/bgHeader.png Requested by Host: escolasobidos.net URL: https://escolasobidos.net/dt/estilos/css.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 109.71.40.14 Lisbon, Portugal, ASN24768 (ALMOUROLTEC, PT), Reverse DNS cp32.webserver.pt Software nginx / Resource Hash `d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://escolasobidos.net/dt/estilos/css.css Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 06 Jul 2024 20:36:55 GMT content-encoding gzip server nginx vary Accept-Encoding content-type text/html; charset=iso-8859-1
GET H2	200	ItauDisplay-Bold.woff escolasobidos.net/dt/estilos/	23 KB 24 KB	49ms 47ms	Font font/woff	109.71.40.14 ALMOUROLTEC
General Check archive.org Show headers Download Go to Full URL https://escolasobidos.net/dt/estilos/ItauDisplay-Bold.woff Requested by Host: escolasobidos.net URL: https://escolasobidos.net/dt/estilos/fonts.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 109.71.40.14 Lisbon, Portugal, ASN24768 (ALMOUROLTEC, PT), Reverse DNS cp32.webserver.pt Software nginx / Resource Hash `0c401fcf85069618f8b21283b575df7278a10e2ba08c8b59416be7169b5cef3b` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://escolasobidos.net/dt/estilos/fonts.css Origin https://escolasobidos.net Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 06 Jul 2024 20:36:55 GMT x-scale YXBvY2FzQGdpdGh1Yg== last-modified Sun, 03 Sep 2023 16:57:14 GMT server nginx accept-ranges bytes content-length 23916 content-type font/woff
GET H2	200	ItauText-Bold.woff escolasobidos.net/dt/estilos/	24 KB 24 KB	48ms 47ms	Font font/woff	109.71.40.14 ALMOUROLTEC
General Check archive.org Show headers Download Go to Full URL https://escolasobidos.net/dt/estilos/ItauText-Bold.woff Requested by Host: escolasobidos.net URL: https://escolasobidos.net/dt/estilos/fonts.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 109.71.40.14 Lisbon, Portugal, ASN24768 (ALMOUROLTEC, PT), Reverse DNS cp32.webserver.pt Software nginx / Resource Hash `db48fd91001dffface8723b0d3c522bea41e8db3590097dca3ce821481d85499` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://escolasobidos.net/dt/estilos/fonts.css Origin https://escolasobidos.net Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 06 Jul 2024 20:36:55 GMT x-scale YXBvY2FzQGdpdGh1Yg== last-modified Sun, 03 Sep 2023 16:57:26 GMT server nginx accept-ranges bytes content-length 24436 content-type font/woff
GET H2	200	ItauDisplay-Regular.woff escolasobidos.net/dt/estilos/	23 KB 23 KB	50ms 49ms	Font font/woff	109.71.40.14 ALMOUROLTEC
General Check archive.org Show headers Download Go to Full URL https://escolasobidos.net/dt/estilos/ItauDisplay-Regular.woff Requested by Host: escolasobidos.net URL: https://escolasobidos.net/dt/estilos/fonts.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 109.71.40.14 Lisbon, Portugal, ASN24768 (ALMOUROLTEC, PT), Reverse DNS cp32.webserver.pt Software nginx / Resource Hash `a9cd10b634aad4860d91f6b152b9583ffc262229c49e219aacba324635fed163` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://escolasobidos.net/dt/estilos/fonts.css Origin https://escolasobidos.net Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 06 Jul 2024 20:36:55 GMT x-scale YXBvY2FzQGdpdGh1Yg== last-modified Sun, 03 Sep 2023 16:57:18 GMT server nginx accept-ranges bytes content-length 23740 content-type font/woff
GET H2	200	ItauDisplay-XBold.woff escolasobidos.net/dt/estilos/	24 KB 24 KB	48ms 47ms	Font font/woff	109.71.40.14 ALMOUROLTEC
General Check archive.org Show headers Download Go to Full URL https://escolasobidos.net/dt/estilos/ItauDisplay-XBold.woff Requested by Host: escolasobidos.net URL: https://escolasobidos.net/dt/estilos/fonts.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 109.71.40.14 Lisbon, Portugal, ASN24768 (ALMOUROLTEC, PT), Reverse DNS cp32.webserver.pt Software nginx / Resource Hash `54c5afe517830edf5f47188dfe93fdac02fd8d87ccd0eecdc8e1f5aaa6cf7335` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://escolasobidos.net/dt/estilos/fonts.css Origin https://escolasobidos.net Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 06 Jul 2024 20:36:55 GMT x-scale YXBvY2FzQGdpdGh1Yg== last-modified Sun, 03 Sep 2023 16:57:22 GMT server nginx accept-ranges bytes content-length 24856 content-type font/woff
GET H2	404	favicon.ico escolasobidos.net/	315 B 340 B	45ms 45ms	Other text/html	109.71.40.14 ALMOUROLTEC
General Check archive.org Show headers Download Go to Full URL https://escolasobidos.net/favicon.ico Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 109.71.40.14 Lisbon, Portugal, ASN24768 (ALMOUROLTEC, PT), Reverse DNS cp32.webserver.pt Software nginx / Resource Hash `d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://escolasobidos.net/dt/index3.html Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 06 Jul 2024 20:36:56 GMT content-encoding gzip server nginx vary Accept-Encoding content-type text/html; charset=iso-8859-1

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banco Itau (Banking)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://escolasobidos.net/dt/eforpsrw/bgHeader.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://escolasobidos.net/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

escolasobidos.net
109.71.40.14
0c401fcf85069618f8b21283b575df7278a10e2ba08c8b59416be7169b5cef3b
0f20b2d4b08a7c1449d670ba47caf2900110342ac4bc1e653836f91553a62f77
1445a1c40e53d785721c7af9b6121eebff659c3cdbdd993284c89ab87c873d09
240304a0a7293642f0fc46494267e6dcdff3bdb8547a83e97dfe0b25d555b89e
2a91f8dedc308a580ec68f8bd00762a4a7f1e92f8f00f5709dbb00e6e36bb197
335e328c531e5bcdbb36a0e9878ea1469cb365e0d3f04eb747ff0ff82ac6cdfd
48b7a9ac68085a7a7fc2e8a825703f3b6217f15aeb908bfc15b8da82bae206e7
54c5afe517830edf5f47188dfe93fdac02fd8d87ccd0eecdc8e1f5aaa6cf7335
7cc103b3c4ca6f47da3879109232b9beb484b9a041766c4d6741260f556501dd
8230f91702a02a696b78364492eca19fcd40b89d6cb2063d38dd5518f7ea22ad
9ce06f4364cd3b168ecc94ccd4e07d19509b232d6400a4c6115432fb5d7a83d9
a3af0e6bb149d89c475141b0f2776d5ad02e2984a4db154c5b31353b72c973b9
a7d1059a82013b30a648a302b2a6eea584b54d4372ef8a6f74c4c5576ebf36e6
a9cd10b634aad4860d91f6b152b9583ffc262229c49e219aacba324635fed163
b1033b42b23ad1e60739c84bea041ffd45cfc08d2ac8ce07eaeaaf1a9fdfd0f2
b5084c7a8649f3b1d91a10160ac0f24f46c9846c1d9312d985a273b0c31599e8
bd7e247ce7d8b2a1c691a15bb820f71cb0d14365e51f759474c35ad7a50dda71
bfc2646e0c88ba9ee42df835243939f04dff959e869835466995600e7b2ebf63
c01096c353031876f4566a9e61b50b8f4a4b96903dfa51eb4bead8df749b3d4d
c0d7bb6319a695a382097ba100408c390670d4471abba5f6f4bfffc80286b004
c8a6088380143545cb68241b122239246de774466c3e9ebd1b172f2d5de0976d
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
d5e4168c549beeeb7946e688c11e8ebec9ae7d2d53fd20a1992660551b7b3668
db48fd91001dffface8723b0d3c522bea41e8db3590097dca3ce821481d85499
eeb82159689974a345ee96c8107f58d9324529746c01dbc476527dd541db2145

escolasobidos.net Open in urlscan Pro 109.71.40.14 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

26 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

1408 kBTransfer

1651 kBSize

0 Cookies

0 Outgoing links

Redirected requests

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

7 JavaScript Global Variables

0 Cookies

2 Console Messages

Indicators

escolasobidos.net Open in urlscan Pro
109.71.40.14 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

26
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

1408 kB
Transfer

1651 kB
Size

0
Cookies

26 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!