urlscan.io logo urlscan.io
SecurityTrails logo

online-wa.me Open in urlscan Pro
34.227.65.78  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://online-wa.me/
Submission: On March 24 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 5 domains to perform 14 HTTP transactions. The main IP is 34.227.65.78, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is online-wa.me.
TLS certificate: Issued by R3 on March 22nd 2024. Valid for: 3 months.
This is the only time online-wa.me was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Banco do Brasil (Banking)

Domain & IP information

IP Address AS Autonomous System
1 34.227.65.78 14618 (AMAZON-AES)
1 2606:4700:440... 13335 (CLOUDFLAR...)
2 2a04:4e42:400... 54113 (FASTLY)
1 170.66.14.84 11993 (BANCO DO ...)
1 2606:2800:220... 15133 (EDGECAST)
2 170.66.192.4 11993 (BANCO DO ...)
6 2606:4700:e0:... 13335 (CLOUDFLAR...)
14 7
1    34.227.65.78 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-227-65-78.compute-1.amazonaws.com
online-wa.me
1    2606:4700:4400::ac40:93bc (United States)

ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com
2    2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    170.66.14.84 (Brasília, Brazil)

ASN11993 (BANCO DO BRASIL S.A., BR)
www49.bb.com.br
1    2606:2800:220:13d:2176:94a:948:148e (United States)

ASN15133 (EDGECAST, US)
pbs.twimg.com
2    170.66.192.4 (São Paulo, Brazil)

ASN11993 (BANCO DO BRASIL S.A., BR)
cdn.bb.com.br
6    2606:4700:e0::ac40:6a17 (United States)

ASN13335 (CLOUDFLARENET, US)
ka-f.fontawesome.com
Apex Domain
Subdomains		 Transfer
7 fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 3290
ka-f.fontawesome.com — Cisco Umbrella Rank: 7004
303 KB
3 bb.com.br
www49.bb.com.br
cdn.bb.com.br
389 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 437
59 KB
1 twimg.com
pbs.twimg.com — Cisco Umbrella Rank: 1060
244 KB
1 online-wa.me
online-wa.me
2 KB
14 5
Domain Requested by
6 ka-f.fontawesome.com kit.fontawesome.com
online-wa.me
2 cdn.bb.com.br online-wa.me
2 cdn.jsdelivr.net online-wa.me
1 pbs.twimg.com online-wa.me
1 www49.bb.com.br online-wa.me
1 kit.fontawesome.com online-wa.me
1 online-wa.me
14 7

This site contains links to these domains. Also see Links.

Domain
wa.me
Subject Issuer Validity Valid
online-wa.me
R3		 2024-03-22 -
2024-06-20		 3 months crt.sh
*.fontawesome.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-04 -
2025-01-03		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
www49.bb.com.br
GeoTrust EV RSA CA G2		 2023-07-05 -
2024-07-09		 a year crt.sh
*.twimg.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-28 -
2024-07-26		 a year crt.sh
cdn.bb.com.br
GeoTrust EV RSA CA G2		 2024-03-14 -
2025-03-13		 a year crt.sh
ka-f.fontawesome.com
GTS CA 1P5		 2024-03-05 -
2024-06-03		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://online-wa.me/
Frame ID: 7759C6E7849E9DA7AB611A5419F604D1
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

BB | Contestação

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • kit\.fontawesome\.com/([0-9a-z]+).js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

14
Requests

100 %
HTTPS

57 %
IPv6

5
Domains

7
Subdomains

7
IPs

2
Countries

998 kB
Transfer

1350 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
online-wa.me/ 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://online-wa.me/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.227.65.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-65-78.compute-1.amazonaws.com
Software
Apache/2.4.52 (Ubuntu) /
Resource Hash
0089b3f37f6fc6f6823a0386ea7d16b0016db9c6fbb2f1497e91bcf56045cd50

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
2002
Content-Type
text/html
Date
Sun, 24 Mar 2024 20:48:11 GMT
ETag
"168a-6048c8d034c00-gzip"
Keep-Alive
timeout=5, max=100
Last-Modified
Mon, 04 Sep 2023 18:19:28 GMT
Server
Apache/2.4.52 (Ubuntu)
Vary
Accept-Encoding
9464b2a436.js
kit.fontawesome.com/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/9464b2a436.js
Requested by
Host: online-wa.me
URL: https://online-wa.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e1ca022ca46fe7d3378e2ce64b4eec93ed05bab22a685e662095496afa7efd8

Request headers

Referer
https://online-wa.me/
Origin
https://online-wa.me
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 20:48:11 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
server
cloudflare
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
*
content-type
text/javascript
cache-control
max-age=60, public, stale-while-revalidate=30
cf-ray
8699854689624bcd-BUF
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id
F784jwknQWoAZbq24PoB
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/ 		227 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/bootstrap.min.css
Requested by
Host: online-wa.me
URL: https://online-wa.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7f1d37f0d90b6385354c2ac10e2bb91563c46bd7a266ed351222ebcac8496c2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://online-wa.me/
Origin
https://online-wa.me
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 24 Mar 2024 20:48:11 GMT
x-content-type-options
nosniff
content-encoding
br
age
15624714
x-jsd-version
5.3.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
34860
x-served-by
cache-fra-eddf8230088-FRA, cache-ewr18127-EWR
x-jsd-version-type
version
etag
W/"38dd2-sjFlHg/Wi72HWBifvTZCxGLTT6Y"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
logo.png
www49.bb.com.br/web-integrador/app/docs/comum/images/structure/header/ 		2 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www49.bb.com.br/web-integrador/app/docs/comum/images/structure/header/logo.png
Requested by
Host: online-wa.me
URL: https://online-wa.me/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
170.66.14.84 Brasília, Brazil, ASN11993 (BANCO DO BRASIL S.A., BR),
Reverse DNS
Software
/
Resource Hash
fc1c5d8c9aa750b035f80171038766b502616cd3f1b52abbff668a712c485274
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google-analytics.com/analytics.js http://www.googleadservices.com/pagead/conversion_async.js https://googleads.g.doubleclick.net https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/js https://eni.bb.com.br/piwik.js https://connect.facebook.net/en_US/fbevents.js https://www.youtube.com/iframe_api https://www.googleapis.com/youtube/v3/videos http://cdn.navdmp.com/req http://usr.navdmp.com/usr https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://www.gstatic.com/recaptcha/api2/ http://cse-consolida-comentario.labbs.com.br https://www100.desenv.bb.com.br https://www100.bb.com.br https://s.yimg.com/wi/ytc.js https://www.googleapis.com/youtube/v3/videos https://www.googleapis.com https://connect.facebook.net/signals/config/1616591318608338 https://connect.facebook.net https://www.googletagmanager.com/gtm.js https://sync.navdmp.com/sync https://cdn.navdmp.com/cus https://cus.navdmp.com/cus https://www100.bb.com.br https://www.gstatic.com/recaptcha/releases/ https://s.yimg.com/wi/ytc.js https://s.yimg.com https://sp.analytics.yahoo.com https://eni.bb.com.br/eni1/piwik.js https://snap.licdn.com/li.lms-analytics/insight.min.js http://static.ads-twitter.com/uwt.js https://pubads.g.doubleclick.net/activity https://tm.jsuol.com.br/uoltm.js http://pkg.ydigitalmedia.com/conversion@4/yd-conversion.js https://pubads.g.doubleclick.net/activity https://pubads.g.doubleclick.net/activity https://pubads.g.doubleclick.net https://www.googletagmanager.com/debug https://www.googletagmanager.com/debug/bootstrap https://www.googleoptimize.com/ https://optimize.google.com/ https://www.youtube.com/s/player/9f996d3e/www-widgetapi.vflset/www-widgetapi.js https://eni.bb.com.br/eni2/piwik.js https://www49.bb.com.br/ https://www.bb.com.br/ wss://www101.bb.com.br/mqtt
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=157680000, max-age=0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://online-wa.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Sun, 24 Mar 2024 20:48:12 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload, max-age=157680000, max-age=0
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google-analytics.com/analytics.js http://www.googleadservices.com/pagead/conversion_async.js https://googleads.g.doubleclick.net https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/js https://eni.bb.com.br/piwik.js https://connect.facebook.net/en_US/fbevents.js https://www.youtube.com/iframe_api https://www.googleapis.com/youtube/v3/videos http://cdn.navdmp.com/req http://usr.navdmp.com/usr https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://www.gstatic.com/recaptcha/api2/ http://cse-consolida-comentario.labbs.com.br https://www100.desenv.bb.com.br https://www100.bb.com.br https://s.yimg.com/wi/ytc.js https://www.googleapis.com/youtube/v3/videos https://www.googleapis.com https://connect.facebook.net/signals/config/1616591318608338 https://connect.facebook.net https://www.googletagmanager.com/gtm.js https://sync.navdmp.com/sync https://cdn.navdmp.com/cus https://cus.navdmp.com/cus https://www100.bb.com.br https://www.gstatic.com/recaptcha/releases/ https://s.yimg.com/wi/ytc.js https://s.yimg.com https://sp.analytics.yahoo.com https://eni.bb.com.br/eni1/piwik.js https://snap.licdn.com/li.lms-analytics/insight.min.js http://static.ads-twitter.com/uwt.js https://pubads.g.doubleclick.net/activity https://tm.jsuol.com.br/uoltm.js http://pkg.ydigitalmedia.com/conversion@4/yd-conversion.js https://pubads.g.doubleclick.net/activity https://pubads.g.doubleclick.net/activity https://pubads.g.doubleclick.net https://www.googletagmanager.com/debug https://www.googletagmanager.com/debug/bootstrap https://www.googleoptimize.com/ https://optimize.google.com/ https://www.youtube.com/s/player/9f996d3e/www-widgetapi.vflset/www-widgetapi.js https://eni.bb.com.br/eni2/piwik.js https://www49.bb.com.br/ https://www.bb.com.br/ wss://www101.bb.com.br/mqtt
Last-Modified
Wed, 10 Mar 2021 11:13:20 GMT
Access-Control-Max-Age
1209600
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS, HEAD
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin, content-type, accept, authorization
Content-Length
2101
-8XjMBt1
pbs.twimg.com/ad_img/1342204483774906380/ 		243 KB
244 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/ad_img/1342204483774906380/-8XjMBt1?format=png&name=900x900
Requested by
Host: online-wa.me
URL: https://online-wa.me/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:13d:2176:94a:948:148e , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyd/D151) /
Resource Hash
df1acffb65c1d7e22eb5b55a97cdc111b958b15606212193c180456e97848c7f
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://online-wa.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 20:48:11 GMT
strict-transport-security
max-age=631138519
x-content-type-options
nosniff
age
25719
x-cache
HIT
server-timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length
249303
x-response-time
26
surrogate-key
ad_img ad_img/bucket/5 ad_img/1342204483774906380
last-modified
Thu, 24 Dec 2020 20:22:20 GMT
server
ECS (nyd/D151)
x-tw-cdn
VZ, VZ, VZ
content-type
image/png
access-control-allow-origin
*
x-transaction-id
1559de7af7636811
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7469935968
x-connection-hash
d8018da203590f846f375de27efe1634f315348d51be5060925fc9bcdcb63b25
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
Prancheta-1-1.png
cdn.bb.com.br/wp-content/uploads/2022/11/ 		203 KB
204 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.bb.com.br/wp-content/uploads/2022/11/Prancheta-1-1.png
Requested by
Host: online-wa.me
URL: https://online-wa.me/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
170.66.192.4 São Paulo, Brazil, ASN11993 (BANCO DO BRASIL S.A., BR),
Reverse DNS
Software
/
Resource Hash
26124185bb1a42bd0c3580911f7dc0a3a7eb7c342d686ddbd9039736214129ff
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://online-wa.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 20:48:12 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Tue, 22 Nov 2022 19:20:57 GMT
etag
"637d2119-32db1"
vary
Accept-Encoding
content-type
image/jpeg
accept-ranges
bytes
content-length
208305
Prancheta-2-1.png
cdn.bb.com.br/wp-content/uploads/2022/11/ 		180 KB
181 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.bb.com.br/wp-content/uploads/2022/11/Prancheta-2-1.png
Requested by
Host: online-wa.me
URL: https://online-wa.me/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
170.66.192.4 São Paulo, Brazil, ASN11993 (BANCO DO BRASIL S.A., BR),
Reverse DNS
Software
/
Resource Hash
f75d5b4d27d0b63d5aa94b32c3ce4b7adf9cf91b050e93d582e547a3f314bc6d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://online-wa.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 20:48:12 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Tue, 22 Nov 2022 19:21:02 GMT
etag
"637d211e-2d040"
vary
Accept-Encoding
content-type
image/jpeg
accept-ranges
bytes
content-length
184384
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/js/ 		79 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/js/bootstrap.bundle.min.js
Requested by
Host: online-wa.me
URL: https://online-wa.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
aa53d582f97eb594c2a5cc5824574707f9ba9837bce3046bfa5f3556860f4e04
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://online-wa.me/
Origin
https://online-wa.me
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 24 Mar 2024 20:48:11 GMT
x-content-type-options
nosniff
content-encoding
br
age
11217088
x-jsd-version
5.3.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
24668
x-served-by
cache-fra-etou8220038-FRA, cache-ewr18127-EWR
x-jsd-version-type
version
etag
W/"13a25-1yL6mYLaiqSN+IJRuxiX8Twds7k"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
free.min.css
ka-f.fontawesome.com/releases/v6.5.1/css/ 		101 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.5.1/css/free.min.css?token=9464b2a436
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/9464b2a436.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6a17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2bfe99e2e78f71c88eb00c49e1392a15531fb6486d0d0c2ea71937dda34deab

Request headers

accept-language
en-US,en;q=0.9
Referer
https://online-wa.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 20:48:11 GMT
via
1.1 7aea4d81c29185bd2784c2f86062007a.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK50-P8
age
165962
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 30 Nov 2023 17:25:52 GMT
server
cloudflare
etag
W/"edc53d8d44037708e54122b9e30bb2a1"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LAgS%2F1%2BWmQQCBjUH4p4sZ3TJscxsf2raypFRRcaL%2B5AIYwt3SyG10wFv43g%2B5MFi6caeWWdynq6ntNcD4xMWnHkeSigjvXX162CdXiSpFsiEzuivh9WrEmeJEHQa2wC82OnYZ3PYcEDL08tdwfj8Z2nCyA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
86998547fb600f47-EWR
access-control-allow-headers
fa-kit-token
x-amz-cf-id
4syxzV91RZ1EQYozJn99boRtvYqtYyA4Dbwa_8Kh81ob_nIfhibv3g==
free-v4-shims.min.css
ka-f.fontawesome.com/releases/v6.5.1/css/ 		27 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.5.1/css/free-v4-shims.min.css?token=9464b2a436
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/9464b2a436.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6a17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5031c11dd77875afefe4eeddfaa320af07fdccea327f7416a5ee8980674c9c76

Request headers

accept-language
en-US,en;q=0.9
Referer
https://online-wa.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 20:48:11 GMT
via
1.1 b8a14e264cc616c0c59fba7aea8f19be.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK50-P8
age
165961
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 30 Nov 2023 17:25:51 GMT
server
cloudflare
etag
W/"604d6da359831b0dc67e0f522f1ff94d"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HsCzDuyjf8MaV7o%2Ft%2BtneW6Cib8Qpt21PiPIzc89xyPQ07eTL37VUprBpJSvZztyprqVR893w%2FTNX0btbuza%2F6KEsMLaQ2iiEJYNHC5K67eaa4Pz4iBCRsCnIYAjCDPJuzY8vYdHpDMrqciqL%2B3kGl4uzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
869985480b640f47-EWR
access-control-allow-headers
fa-kit-token
x-amz-cf-id
11pA5JG61J9XC_MwbZ_oQvdrUdp13C-iiEkB4QY1O5j-Cm6m8az-Nw==
free-v5-font-face.min.css
ka-f.fontawesome.com/releases/v6.5.1/css/ 		823 B
728 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.5.1/css/free-v5-font-face.min.css?token=9464b2a436
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/9464b2a436.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6a17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f581083ac72ae169a698cd0cb7f02d8bb2e079844bfad68cc98df5b3c4692408

Request headers

accept-language
en-US,en;q=0.9
Referer
https://online-wa.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 20:48:11 GMT
via
1.1 7c10de2006b7b1d4ae37bbcf905eecd6.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK50-P8
age
151675
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 30 Nov 2023 17:25:51 GMT
server
cloudflare
etag
W/"496965a55b1faa4d5c41073ef276afc0"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C53aRsAqn%2BbFnKyfoGHN8jix2%2FeapPmX94aPsAf0sQvUAW2KgUHcO4kYJTYofj8yOhJdAkUF%2FFPJjAM0xaoE9fAvk19W8KV%2F%2BnY93IX1cKwEXnPflIYEPoB9nmvYuQlrsdXvfxgSQgYxrjZnN7MJNcZjqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
869985480b620f47-EWR
access-control-allow-headers
fa-kit-token
x-amz-cf-id
0x27SbnrTnpqyNc8gyBcJWJ-EcOB6CTI7w5FgKOAqSr12cjUcPddPw==
free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v6.5.1/css/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.5.1/css/free-v4-font-face.min.css?token=9464b2a436
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/9464b2a436.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6a17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6530f32fa70a330cd76547497f20048ae081dcc897af26befc84600357ba06be

Request headers

accept-language
en-US,en;q=0.9
Referer
https://online-wa.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 20:48:11 GMT
via
1.1 cea4663e4864185add284e6e883e90f2.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK50-P8
age
165962
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 30 Nov 2023 17:25:51 GMT
server
cloudflare
etag
W/"cc84affe95dbdd9726525f57d20b4ea6"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KCAElOwg94KmWz%2B7cu98XWxnF5vrKpravzQYvVwzAUAbr0itIT5GHYSVFi02BLXUNU15NZo5nnPtwXi0ZSfo2F0aDkeWU0uBL%2BaHvQLrHPiVdc9tPzj6uVz%2FYm0ODO4ylpWe09bXZKXfyzpdm43emaMUIg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
869985480b630f47-EWR
access-control-allow-headers
fa-kit-token
x-amz-cf-id
ykdWsQOORDfzCUfbw4JMFUaSjHfHM2r3Dxx0gIQBvgrxcv_hefocEw==
free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v6.5.1/webfonts/ 		153 KB
153 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.5.1/webfonts/free-fa-solid-900.woff2
Requested by
Host: online-wa.me
URL: https://online-wa.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6a17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a93f7f459e0dabc5d86e6b6e3936c07d2dd02b52369f26bb7e8c0005a5d26368

Request headers

Referer
https://online-wa.me/
Origin
https://online-wa.me
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 20:48:11 GMT
via
1.1 cea4663e4864185add284e6e883e90f2.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK50-P8
age
165961
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
156504
last-modified
Thu, 30 Nov 2023 17:53:29 GMT
server
cloudflare
etag
"98ff5c340b38803d09d3f22fd9a00501"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q12OUdP1T0ZsHwXIXR%2FZSOy3eH1fgVRnW7ERnUcgQ1qr970BbYtLX60jAkODXLn4NY1v2KuSQfnqWH15L9vo6HbywSnvrInTitWf9lj%2BN4A%2BiLCr6PaWYXmQ7QpvgbB7dCwXF7vuLGsRHyX9DVVUL0zszw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
869985485bba0f47-EWR
access-control-allow-headers
fa-kit-token
x-amz-cf-id
W88vnxG7V0vRLk3DjQxr0QnosrcpYRtBKr_dwxorrGlOdgGd6vcZ_Q==
free-fa-brands-400.woff2
ka-f.fontawesome.com/releases/v6.5.1/webfonts/ 		115 KB
115 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.5.1/webfonts/free-fa-brands-400.woff2
Requested by
Host: online-wa.me
URL: https://online-wa.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6a17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58522c58cbb9b2231026ce7d65096807a3f97fffaf22cea6fb180590286fa53d

Request headers

Referer
https://online-wa.me/
Origin
https://online-wa.me
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 20:48:11 GMT
via
1.1 4810d74d0025d8ce3dbab6cb71a901d2.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK50-P8
age
165961
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
117376
last-modified
Thu, 30 Nov 2023 17:53:29 GMT
server
cloudflare
etag
"7d46df6bf5bc9cd2a8992bb4f275ad45"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1VkwB9EBRfcmiZ3AjmpMGxEuotuoKgJNKY9UF8dsOrm7qjjTHeNet1GSMau8RC01%2FDunaMs2XFCzF%2F%2BbM86DaIk0O0V29m56vJUKf08o8%2BX4re4CSwYTNpR9DXJk59r9Nm5Clf%2BoMUtjMTMimCVoLZDjiA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
869985485bbe0f47-EWR
access-control-allow-headers
fa-kit-token
x-amz-cf-id
_TFBZlCnPwppCnxnra_PSEcIOK0o0WGXlUWhOs04asYW94XqEISW1Q==

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banco do Brasil (Banking)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| FontAwesomeKitConfig number| uidEvent object| bootstrap

0 Cookies