home-24.joomla.com
Open in
urlscan Pro
2607:1b00:93b2:e42c::bfd8
Malicious Activity!
Public Scan
Submission: On March 09 via automatic, source phishtank
Summary
This is the only time home-24.joomla.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Banco Itau (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
13 | 2607:1b00:93b... 2607:1b00:93b2:e42c::bfd8 | 54456 (CLOUDACCE...) (CLOUDACCESS-NETWORK) | |
13 | 1 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
joomla.com
home-24.joomla.com |
208 KB |
13 | 1 |
Domain | Requested by | |
---|---|---|
13 | home-24.joomla.com |
home-24.joomla.com
|
13 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://home-24.joomla.com/includes/air/pf/index.php
Frame ID: D968EBA4027A4F464B86BC3030B2823F
Requests: 13 HTTP requests in this frame
Screenshot
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
Bootstrap (Web Frameworks) Expand
Detected patterns
- html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
- script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
index.php
home-24.joomla.com/includes/air/pf/ |
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.css
home-24.joomla.com/includes/air/pf/css/ |
118 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap-theme.min.css
home-24.joomla.com/includes/air/pf/css/ |
23 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.js
home-24.joomla.com/includes/air/pf/js/ |
36 KB 10 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pulacampo.js
home-24.joomla.com/includes/air/pf/js/ |
241 B 488 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.js
home-24.joomla.com/includes/air/pf/js/ |
30 KB 16 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.maskedinput.js
home-24.joomla.com/includes/air/pf/js/ |
3 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
001.jpg
home-24.joomla.com/includes/air/pf/img/ |
77 KB 77 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
000.png
home-24.joomla.com/includes/air/pf/img/ |
37 KB 37 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
003.jpg
home-24.joomla.com/includes/air/pf/img/ |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
T01.png
home-24.joomla.com/includes/air/pf/img/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
T02.png
home-24.joomla.com/includes/air/pf/img/ |
32 KB 33 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
T03.png
home-24.joomla.com/includes/air/pf/img/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Banco Itau (Banking)11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| pulacampo function| $ function| jQuery function| validar function| clicar function| clicarAgencia function| clicarConta function| ValidaConta function| check_enter0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
home-24.joomla.com
2607:1b00:93b2:e42c::bfd8
005b287d977c17d5cf6677103cc353babb47fa4c302ec8b5ea2c86817d8cb0d0
26f89432f26835fdb007dbf41441a6f7440865cc0fbd0f36e880dc4c26d00d7d
2f9f71d96d253ecafb0d73e4cc37e7a4c843cc0d082c757c80cc5de8a0edc2df
4b4e5615009a01b9dc1c7372569c28b8ba705e2d1544692821fbe32d66a3f9e6
4eb2a2eb856a757b1edd05aedf6d27d5f43f0d187761b2a98cf29d75c9b55336
5ec8cb1caaa7820070bda3c570db4a773ccca59bc504696d71b9d6f8b5fff4d3
8415ff453bcb6e92f4216c91782317d39d84e1e830814c24d8e65c2d4e79ec63
9914027ab92b6e61c8a72f889a464817f7fc657ed771706692b981b8132a3fcb
a2ddc7152d7d5ba4d21d6f38b64d138eb9d75700a6d4dc37775318851574a2ba
d0418c20a6f514abdad13553da8ddea90e66f7357b0649d3cf2875b56fbb41b4
e0523eb82cafe30e3d6eade4032c5ed308701c96ba71a012fe1afe7176bc9cae
e5053d6442b70582e893cd4b413b62a2f6f00c33d245584939ff0f424301642b
f56553eec03d1ed0a39cf012fbb184f8ddaf40dc966231be53a8f4dbc9dd9c03