urlscan.io logo urlscan.io
SecurityTrails logo

consignadxtem.online Open in urlscan Pro
188.114.96.3  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://crasresolveaqui.life/
Effective URL: https://consignadxtem.online/
Submission Tags: suspect
Submission: On April 27 via api from BR — Scanned from PT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 4 countries across 5 domains to perform 11 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is consignadxtem.online.
TLS certificate: Issued by GTS CA 1P5 on March 29th 2024. Valid for: 3 months.
This is the only time consignadxtem.online was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Caixa (Government)

Domain & IP information

IP Address AS Autonomous System
1 1 84.32.84.32 47583 (AS-HOSTINGER)
1 8 188.114.96.3 13335 (CLOUDFLAR...)
2 104.17.25.14 13335 (CLOUDFLAR...)
1 142.250.185.138 15169 (GOOGLE)
1 15.204.22.185 16276 (OVH)
11 4
1    84.32.84.32 (Lithuania)

ASN47583 (AS-HOSTINGER, CY)
crasresolveaqui.life
8    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
consignadxtem.online
2    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    142.250.185.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f10.1e100.net
ajax.googleapis.com
1    15.204.22.185 (Hillsboro, United States)

ASN16276 (OVH, FR)
PTR: ip185.ip-15-204-22.us
db.onlinewebfonts.com
Apex Domain
Subdomains		 Transfer
8 consignadxtem.online
consignadxtem.online
14 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 231
138 KB
1 onlinewebfonts.com
db.onlinewebfonts.com — Cisco Umbrella Rank: 13846
14 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 363
31 KB
1 crasresolveaqui.life
crasresolveaqui.life
319 B
11 5
Domain Requested by
8 consignadxtem.online 1 redirects consignadxtem.online
2 cdnjs.cloudflare.com consignadxtem.online
cdnjs.cloudflare.com
1 db.onlinewebfonts.com consignadxtem.online
1 ajax.googleapis.com consignadxtem.online
1 crasresolveaqui.life 1 redirects
11 5

This site contains no links.

Subject Issuer Validity Valid
consignadxtem.online
GTS CA 1P5		 2024-03-29 -
2024-06-27		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-04-08 -
2024-07-01		 3 months crt.sh
*.onlinewebfonts.com
Sectigo RSA Domain Validation Secure Server CA		 2023-11-22 -
2024-11-21		 a year crt.sh

This page contains 2 frames:

Primary Page: https://consignadxtem.online/
Frame ID: F3FC050E3B144709A648FE15A110752C
Requests: 9 HTTP requests in this frame

Frame: https://consignadxtem.online/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
Frame ID: 68D8D9ED951F1B42DAB0266BF05412CD
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login

Page URL History Show full URLs

  1. http://crasresolveaqui.life/ HTTP 307
    https://crasresolveaqui.life/ HTTP 307
    http://crasresolveaqui.life/ HTTP 302
    https://consignadxtem.online/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

11
Requests

91 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

4
IPs

4
Countries

197 kB
Transfer

325 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://crasresolveaqui.life/ HTTP 307
    https://crasresolveaqui.life/ HTTP 307
    http://crasresolveaqui.life/ HTTP 302
    https://consignadxtem.online/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://consignadxtem.online/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://consignadxtem.online/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
consignadxtem.online/
Redirect Chain
  • http://crasresolveaqui.life/
  • https://crasresolveaqui.life/
  • http://crasresolveaqui.life/
  • https://consignadxtem.online/
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://consignadxtem.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd63e27cd6d6ac7ba1a8878cf9ca2b1a884ddd322d4f29b0748199d0daf297c7

Request headers

Accept-Language
pt-PT,pt;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
referer
https://www.google.com

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
87b06101fd342150-MAD
content-encoding
br
content-type
text/html
date
Sat, 27 Apr 2024 17:02:12 GMT
last-modified
Wed, 24 Apr 2024 12:53:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0M5ZdLguRDNVnNVxhtoAweTuNmVyAFPwMf1usEXnX3EfUfyGaBQsVunVVQR%2FF3%2BwPu08W4cLEaJTIkIyw66Fady7PdbwUtIqan%2F7L7kbTWwo%2B7aAJ%2BLK6oThOC0WSe03oX1rT598SA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

Connection
keep-alive
Content-Length
137
Content-Type
text/html
Date
Sat, 27 Apr 2024 17:02:12 GMT
Location
https://consignadxtem.online/
Server
hcdn
alt-svc
h3=":443"; ma=86400
x-hcdn-cache-status
DYNAMIC
x-hcdn-request-id
3c651670a54c4befb3d117b1cd8023d4-asc-edge5
style.css
consignadxtem.online/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://consignadxtem.online/css/style.css
Requested by
Host: consignadxtem.online
URL: https://consignadxtem.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d6f2c9eb37f0008825ed91bdca677367acc940fa6885d56b051ce6591a2516d

Request headers

Accept-Language
pt-PT,pt;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sat, 27 Apr 2024 17:02:13 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Apr 2024 12:53:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"e46-616d7282fccc6-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7EouZ%2BD2GKfRwvKN00XVISwT%2BUxCgIIF%2BFkQ7968nRgLFeqK52JfmxF2KQeUT%2FykEZMUqrk55Bdv5qdpDSDZ2yTWb5pjn1px6t%2FJq%2BE06FHpUUJY4eIl42CudurkvnJk1VllQb43Ew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
87b0610378042150-MAD
alt-svc
h3=":443"; ma=86400
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/ 		82 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css
Requested by
Host: consignadxtem.online
URL: https://consignadxtem.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a361e7885c36bacb3fd9cb068da207c3b9329962cac022d06e28923939f575e8
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
pt-PT,pt;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sat, 27 Apr 2024 17:02:13 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
246882
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
14850
last-modified
Mon, 22 Nov 2021 21:02:51 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"619c057b-3a02"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qIkDs9xCd7iGiPfgHozzuDQhzsYup1YfFepekZ0va7nzYrjWbtfnOdz5kDwgz1n%2FMJbfZwfoAgFl%2FCSETJbyW9OPj%2FhKbJPaB%2FlDK7YMLI1o1w4YT4suVk7yo912%2BnGsdWABZ1aA"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
87b06103c8cf69fa-MAD
expires
Thu, 17 Apr 2025 17:02:13 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: consignadxtem.online
URL: https://consignadxtem.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f10.1e100.net
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
pt-PT,pt;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sat, 27 Apr 2024 06:13:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38905
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31021
x-xss-protection
0
last-modified
Fri, 08 May 2020 07:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 27 Apr 2025 06:13:48 GMT
1.PNG
consignadxtem.online/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consignadxtem.online/img/1.PNG
Requested by
Host: consignadxtem.online
URL: https://consignadxtem.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
892f4da36a4cbf874fed0b0f635e924a79a0ede5a758c2ac2eed597f0280fdac

Request headers

Accept-Language
pt-PT,pt;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sat, 27 Apr 2024 17:02:13 GMT
cf-cache-status
HIT
last-modified
Wed, 24 Apr 2024 12:53:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1067-616d7283942b0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yq9ctop82Gf2z7cxKzVBV9eAZMhl1r%2BbpeoGoLB752AYTypm1TcslEf%2Bu%2FdQ2c3ETfKJ0yjs4uKAIYKp%2FO6qFUzOLRM5bOeOcMY%2B8peuhUjjpYUQpalgFuESg8WqQo2sThF4cyUyYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
87b0610378092150-MAD
alt-svc
h3=":443"; ma=86400
content-length
4199
i.svg
consignadxtem.online/img/ 		1021 B
985 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consignadxtem.online/img/i.svg
Requested by
Host: consignadxtem.online
URL: https://consignadxtem.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb36e7473ecb490885c097151ae7b39578df4140aaf254db51b4082f83840dc1

Request headers

Accept-Language
pt-PT,pt;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sat, 27 Apr 2024 17:02:13 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Apr 2024 12:53:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"3fd-616d72854aa6f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HXE4VjAKZfWF5xKtrObKjCZEXVV%2Fzw5wU6vDUprNHICn9HlxVQXNyL0BIksPxN%2B07VQ2iPpIGMzP2%2BKznJM6W8rwJWDznlXpvcNHKYwdRw7hES6DOqSG9mwJ4%2FP8FdIdxmUbMRijXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
87b06103780b2150-MAD
alt-svc
h3=":443"; ma=86400
fd6e6c30c7d355528ba9428eea942445.woff2
db.onlinewebfonts.com/t/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://db.onlinewebfonts.com/t/fd6e6c30c7d355528ba9428eea942445.woff2
Requested by
Host: consignadxtem.online
URL: https://consignadxtem.online/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.204.22.185 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-15-204-22.us
Software
nginx /
Resource Hash
d3c3949f5e6fd7bc5d04ec037ce04f6959b978c04c1a444aeeb38bb3ff9fcf58

Request headers

Referer
https://www.google.com
Origin
https://consignadxtem.online
Accept-Language
pt-PT,pt;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sat, 27 Apr 2024 17:00:34 GMT
server
nginx
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/x-font-woff
access-control-allow-origin
*
nginx-cache
HIT
cache-control
public,max-age=86400,must-revalidate
access-control-allow-headers
X-Requested-With
content-length
14588
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/webfonts/ 		122 KB
123 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94e1bbc1c2a41ebc73fa5253fd563256c0035b4d69181e48f9aef9e474a11251
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.google.com
Origin
https://consignadxtem.online
Accept-Language
pt-PT,pt;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sat, 27 Apr 2024 17:02:13 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
850372
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
125064
last-modified
Mon, 22 Nov 2021 21:02:51 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"619c057b-1e888"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SsLuk9ptmAQaMAkIpEMr2gaH8GnB4v1HYP1WyjbworiFphXCzjmd4NcdA2mYJZM9wTt8c1BopbLcEhoXAfjToevD%2FSO9A9St3Y4P46MtdUaKO%2B1qCGOutrK27RrJBK5Edi0s8E3i"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
87b06105d96c5e28-MAD
expires
Thu, 17 Apr 2025 17:02:13 GMT
main.js
consignadxtem.online/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/ Frame 68D8
Redirect Chain
  • https://consignadxtem.online/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://consignadxtem.online/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consignadxtem.online/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
Requested by
Host: consignadxtem.online
URL: https://consignadxtem.online/
Protocol
H3
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9586ac33aa770412fc62f7b25dbf2e1fec66bf543b1fcb12ae2670fd5b26e88
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
pt-PT,pt;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sat, 27 Apr 2024 17:02:13 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WimUCnhSC3B%2B%2BrhiD13KIK%2B9j1uEaInJIdx0u5nXbS3AgHMOYorIA0%2FmGHn66HyBt4hgDgGh6jtQy8CMQ%2BSgs%2BCe1O934apetiy11R4HnXI6SjKn07pbzej3c%2BmGRMVHKZHrF6yz0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
87b06105dc262150-MAD
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Sat, 27 Apr 2024 17:02:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vY99PA5%2FCOjmKUn6HNFhvvox9TgbiT0Egl%2FtLf0h%2FMAnEIBQoAww2WVtlIeO5GWpkjdpDU%2BsmcU%2Bjp8HyMhV9z0Q5rzXd5f8oS%2FzVHPrK1MHbi23cGCfiq%2BIsbvOJlYdtLq5yr9Knw%3D%3D"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
87b061057b732150-MAD
alt-svc
h3=":443"; ma=86400
content-length
0
87b06101fd342150
consignadxtem.online/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 68D8 		0
596 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://consignadxtem.online/cdn-cgi/challenge-platform/h/b/jsd/r/87b06101fd342150
Requested by
Host: consignadxtem.online
URL: https://consignadxtem.online/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.google.com
Accept-Language
pt-PT,pt;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Content-Type
application/json

Response headers

date
Sat, 27 Apr 2024 17:02:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kMGNqfiHj46Pj0Wq5lkXeHWI0QI7log%2FqBbSNp8NdvY9e4RP9pT5PAA4ATMRFcxLW40z2s6legm8gQTXsTAf4vC5BU%2F8pBxpjlUCYmeB%2B1HkJjK0QwO3H7itLk6GH3v8RQVMArR%2BBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
87b061074ee12150-MAD
alt-svc
h3=":443"; ma=86400
content-length
0
favicon.ico
consignadxtem.online/ 		282 B
649 B 		Other
General
Check archive.org
Download Go to
Full URL
https://consignadxtem.online/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76d68c3689897ee026ff7791f2e256cb66485a005fc6aa63498ea95a97ec102f

Request headers

Accept-Language
pt-PT,pt;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sat, 27 Apr 2024 17:02:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VCZKaCqtN0JdwLJ4u5UwSyiR0gWe%2B0%2B7KpR1ppGpCc4bSsnrjhFCnHoXyYBj1x5Kbu4rcOYZLBz3rvHZ4bFsMbLfThufftadfBwaO%2FQBZdgXBifzBkX4gPNuGP5107LOhMvm134hmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
87b0610a7cfa2150-MAD
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Caixa (Government)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| $ function| jQuery

1 Cookies

Domain/Path Name / Value
.consignadxtem.online/ Name: cf_clearance
Value: hCzLCDsSLW1tn0Zo5EFUqANbJgfVHebPnmkuhZOp2.s-1714237333-1.0.1.1-n5wj5asU7p4_tq0wNyIU8tVTXr09WoCuWDMwQ_ErYgbzQOySZPvCjBKNE2mMp8U6OACCaxp8fywmvYLuqX4hsg

1 Console Messages

Source Level URL
Text
network error URL: https://consignadxtem.online/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()