attcadcx3.com Open in urlscan Pro
104.21.0.178 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://attonline-cxtemapplive.com/
Effective URL:
https://attcadcx3.com/auth?flow=inputUsername
Submission Tags: suspect
Submission: On April 25 via api (April 25th 2024, 2:51:50 pm UTC) from BR — Scanned from PT

Summary HTTP 20 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 20 HTTP transactions. The main IP is 104.21.0.178, located in and belongs to CLOUDFLARENET, US. The main domain is attcadcx3.com.
TLS certificate: Issued by E1 on March 23rd 2024. Valid for: 3 months.

This is the only time attcadcx3.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Caixa (Government)

Domain & IP information

	IP Address	AS Autonomous System
1 1	209.141.38.71 209.141.38.71	53667 (PONYNET) (PONYNET)
1 1	107.161.23.204 107.161.23.204	3842 (RAMNODE) (RAMNODE)
3 22	104.21.0.178 104.21.0.178	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.245.31.89 18.245.31.89	16509 (AMAZON-02) (AMAZON-02)
20	2

1 209.141.38.71 (Las Vegas, United States) 1 redirects

ASN53667 (PONYNET, US)
PTR: parking.namesilo.com

attonline-cxtemapplive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.161.23.204 (United States) 1 redirects

ASN3842 (RAMNODE, US)
PTR: parking.namesilo.com

www.attonline-cxtemapplive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 104.21.0.178 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

attcadcx3.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.31.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-31-89.fra56.r.cloudfront.net

cdn.socket.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	attcadcx3.com 3 redirects attcadcx3.com	103 KB
2	attonline-cxtemapplive.com 2 redirects attonline-cxtemapplive.com www.attonline-cxtemapplive.com	394 B
1	socket.io cdn.socket.io — Cisco Umbrella Rank: 32463	15 KB
20	3

	Domain	Requested by
22	attcadcx3.com	3 redirects attcadcx3.com cdn.socket.io
1	cdn.socket.io	attcadcx3.com
1	www.attonline-cxtemapplive.com	1 redirects
1	attonline-cxtemapplive.com	1 redirects
20	4

This site contains no links.

Subject Issuer	Validity	Valid
attcadcx3.com E1	`2024-03-23` - `2024-06-21`	3 months	crt.sh
cdn.socket.io Amazon RSA 2048 M03	`2023-10-22` - `2024-11-17`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://attcadcx3.com/auth?flow=inputUsername
Frame ID: 32B6EFC924A4A5E88E727150DC795241
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

CAIXA

Page URL History Show full URLs

http://attonline-cxtemapplive.com/ HTTP 307
https://attonline-cxtemapplive.com/ HTTP 307
http://attonline-cxtemapplive.com/ HTTP 301
http://www.attonline-cxtemapplive.com/ HTTP 307
https://www.attonline-cxtemapplive.com/ HTTP 307
http://www.attonline-cxtemapplive.com/ HTTP 301
http://attcadcx3.com/ HTTP 307
https://attcadcx3.com/ HTTP 302
https://attcadcx3.com/auth?flow=inputUsername Page URL

Detected technologies

Socket.io (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

socket\.io.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

20
Requests

95 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

2
IPs

2
Countries

117 kB
Transfer

270 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://attonline-cxtemapplive.com/ HTTP 307
https://attonline-cxtemapplive.com/ HTTP 307
http://attonline-cxtemapplive.com/ HTTP 301
http://www.attonline-cxtemapplive.com/ HTTP 307
https://www.attonline-cxtemapplive.com/ HTTP 307
http://www.attonline-cxtemapplive.com/ HTTP 301
http://attcadcx3.com/ HTTP 307
https://attcadcx3.com/ HTTP 302
https://attcadcx3.com/auth?flow=inputUsername Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://attcadcx3.com/images/favicon.ico HTTP 302
https://attcadcx3.com/ HTTP 302
https://attcadcx3.com/auth?flow=inputUsername

20 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request auth Show response
attcadcx3.com/
Redirect Chain

http://attonline-cxtemapplive.com/
https://attonline-cxtemapplive.com/
http://attonline-cxtemapplive.com/
http://www.attonline-cxtemapplive.com/
https://www.attonline-cxtemapplive.com/
http://www.attonline-cxtemapplive.com/
http://attcadcx3.com/
https://attcadcx3.com/
https://attcadcx3.com/auth?flow=inputUsername

5 KB
2 KB

560ms
559ms

Document
text/html

104.21.0.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://attcadcx3.com/auth?flow=inputUsername
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.0.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 64f47dac58ac1396c702a238a73e3bce43d340c508305dbde78dfdc7ae9bd07f

Request headers

Accept-Language: pt-PT,pt;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
referer: https://www.google.com

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 879f27172d3d69ea-MAD
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 25 Apr 2024 14:51:43 GMT
last-modified: Mon, 25 Mar 2024 17:27:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qp5Kglu3yEEMYRyRtXfNhSOv6qRksR2hT9zl4ba1KWWlqx79FYCt8asAJavOU7U0Vw0ZvOaqi5sq5vPkDf2oeIXyet3oiJm1IjIs2eXZ3Od%2Fk5wpz5QJZDW4or%2BxK33v"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 879f2713281269ea-MAD
content-type: text/html; charset=utf-8
date: Thu, 25 Apr 2024 14:51:42 GMT
location: /auth?flow=inputUsername
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EiXUqIPQS5fOODfjDGM4Af53MFS3Q0w8rT1I%2BKPHLsSArmEXR5NAtvPo7KlmQmz0rVxqrrqS25y9a1S0N%2BDIHUQZtwLQBIvX2xUPYjRhs%2B%2BljwRALlhXrrzAoUhDIhbv"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept
x-powered-by: Express

GET
H2 200 socket.io.min.js Show response
cdn.socket.io/4.7.2/ 49 KB
15 KB 304ms
105ms Script
application/javascript 18.245.31.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.socket.io/4.7.2/socket.io.min.js

Requested by

Host: attcadcx3.com
URL: https://attcadcx3.com/auth?flow=inputUsername

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.31.89 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-31-89.fra56.r.cloudfront.net

Software

Vercel /

Resource Hash

83df4abc7eec941f1d29ae254e80bac0bb82d398fbe2e8ee4ea2a7efc8e704f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept-Language: pt-PT,pt;q=0.9;q=0.9
Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Mon, 08 Jan 2024 22:46:20 GMT
content-encoding: gzip
via: 1.1 a4079c0a5989b4b7af98433fdd07f680.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000
x-amz-cf-pop: FRA56-P8
age: 9358813
x-cache: Hit from cloudfront
content-disposition: inline; filename="socket.io.min.js"
server: Vercel
x-vercel-id: fra1::vnf4r-1704753980261-d8f784e7e651
etag: W/"4e14b9a049f4bc16901e8e5ff726a16f"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: MMmc1cvsP1MScZcxUwujalY4SqjlSziYXZ_5t8x9lXiGUZE5M3pB_w==

GET
H3 200 sessionHelpers.js Show response
attcadcx3.com/js/ 8 KB
3 KB 657ms
655ms Script
application/javascript 104.21.0.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://attcadcx3.com/js/sessionHelpers.js
Requested by: Host: attcadcx3.com
URL: https://attcadcx3.com/auth?flow=inputUsername
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.0.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 455d9f26b641e2c2c9363b5321607aaf9410d3900ef626839a2653d49b0024b9

Request headers

Accept-Language: pt-PT,pt;q=0.9;q=0.9
Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Thu, 25 Apr 2024 14:51:43 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 11 Apr 2024 10:27:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"1f83-18eccb2f8e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NpjrWZMTUAUewnWKLdI0FVelYvhQfjuv09Bw96yaS4fyzh9sqT9htnYfrlHS8idfLuvv%2FlrOGqP7oeRwt6Vp%2FP5xQeTnzwwUnSIElzjNFFPwXX6cQOmI7zN74yYCpRZ5"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 879f271ab96069ea-MAD
alt-svc: h3=":443"; ma=86400

GET
H3 200 main.css
attcadcx3.com/css/ 25 KB
5 KB 914ms
912ms Stylesheet
text/css 104.21.0.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://attcadcx3.com/css/main.css?v=3
Requested by: Host: attcadcx3.com
URL: https://attcadcx3.com/auth?flow=inputUsername
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.0.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 3fd4831c4c7cdc3d26a978b40241a16a7795c65d9f0f9c0b887602b719007a4a

Request headers

Accept-Language: pt-PT,pt;q=0.9;q=0.9
Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Thu, 25 Apr 2024 14:51:43 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 04 Feb 2024 12:27:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"621f-18d74167b98"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hy%2F9azSzFt8XgJAlC%2B005fpxcXOCmcIgZ05kQQlAUHuihKBCi1B%2Fg3Y8DcUY9%2Ful%2BVhkNH3kxNaJs9kjQWCaniGwCDu%2F1B0Cie15rYxrG8XcM3ya4u4P6QW6z8wzd5m%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 879f271ab96369ea-MAD
alt-svc: h3=":443"; ma=86400

GET
H3 200 fsso.css
attcadcx3.com/css/ 1 KB
917 B 630ms
628ms Stylesheet
text/css 104.21.0.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://attcadcx3.com/css/fsso.css
Requested by: Host: attcadcx3.com
URL: https://attcadcx3.com/auth?flow=inputUsername
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.0.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 736161c02d6980a800ee35c57b869cbd6f352c411203b89e794b53edc56cdf5e

Request headers

Accept-Language: pt-PT,pt;q=0.9;q=0.9
Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Thu, 25 Apr 2024 14:51:43 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 02 Feb 2024 10:59:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"4fa-18d697907a0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VbKA10Q1mpMHA%2FUn3oJX%2FE0Ei7AQBBo%2FxUQcGJ%2BHYPPwYQa%2BT7BlTWz0J1rmUOWSHlOnrIeqdJjVp5kZBoog4cdwzsUkxl1xmDAjfkRz%2Fx%2BMzDJRezyL9YgnVA0A4tux"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 879f271ab96569ea-MAD
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.js Show response
attcadcx3.com/js/ 85 KB
31 KB 1267ms
1266ms Script
application/javascript 104.21.0.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://attcadcx3.com/js/jquery.js
Requested by: Host: attcadcx3.com
URL: https://attcadcx3.com/auth?flow=inputUsername
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.0.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 99e691fae5e88eb36bafb24758b35f0f990708295f8f2abe2221891e328f776a

Request headers

Accept-Language: pt-PT,pt;q=0.9;q=0.9
Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Thu, 25 Apr 2024 14:51:44 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 02 Feb 2024 10:35:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"155ed-18d69636878"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ofzAIOs5%2FDYZmeSXX9SgHJk8CMxemERa8K7XNSxV9vqza59%2BbDgt3dnh9%2FbTThxPHqQzDIAXnyXfsnVU%2B6fDZ%2FffHW%2BmmzBixIJBWDGDpsgOPfZ5wF63AuiT%2Bjh03JPk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 879f271ab96869ea-MAD
alt-svc: h3=":443"; ma=86400

GET
H3 200 imask.min.js Show response
attcadcx3.com/js/ 44 KB
13 KB 1083ms
1082ms Script
application/javascript 104.21.0.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://attcadcx3.com/js/imask.min.js
Requested by: Host: attcadcx3.com
URL: https://attcadcx3.com/auth?flow=inputUsername
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.0.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 63c6bca75c5ba6da5336acef9f07f249f52b6ef6343f5d1ec46916139b30ee16

Request headers

Accept-Language: pt-PT,pt;q=0.9;q=0.9
Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Thu, 25 Apr 2024 14:51:44 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 02 Feb 2024 10:36:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"b1f1-18d6963d1f0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F%2FdCR0t1uFRI5XIT%2B5vqAauC5QtxQH07NTKGGaC1RE%2BtZwykdhVXm6JoD%2BlqTUp5UCU8M7jKqxhzasdZ%2FxMRdgc4MiWKlxytb0ktRktu8%2FeczXc1OtxLBYxARQ0oi%2Fbw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 879f271ab96969ea-MAD
alt-svc: h3=":443"; ma=86400

GET
H3 200 validate.js Show response
attcadcx3.com/js/ 4 KB
2 KB 569ms
568ms Script
application/javascript 104.21.0.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://attcadcx3.com/js/validate.js
Requested by: Host: attcadcx3.com
URL: https://attcadcx3.com/auth?flow=inputUsername
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.0.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: eb545b8ac4e9673641214567329f2d88a8546e1a7a10e0be37ce709fd94f0fb4

Request headers

Accept-Language: pt-PT,pt;q=0.9;q=0.9
Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Thu, 25 Apr 2024 14:51:43 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 05 Feb 2024 06:54:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"116b-18d780c1be0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bNmbYuY%2BfYzrU03FrlJMw7LeGiLVMgjfuYYvYQJhO2WmyYud0Yfua6gaPk8jIWFe4z7F%2FB3toHdySDtb6qScXqbkW6IFuuShq3tIYix98gFJifyp2SVsqyiO96cIpnoA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 879f271ab96a69ea-MAD
alt-svc: h3=":443"; ma=86400

GET
H3 200 logo-caixa.png
attcadcx3.com/images/ 4 KB
5 KB 628ms
627ms Image
image/png 104.21.0.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://attcadcx3.com/images/logo-caixa.png
Requested by: Host: attcadcx3.com
URL: https://attcadcx3.com/auth?flow=inputUsername
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.0.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: a10b2226b24cb524fc090fc6b617601ddfa9c6bfc32b95c415b8057f0b32b340

Request headers

Accept-Language: pt-PT,pt;q=0.9;q=0.9
Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Thu, 25 Apr 2024 14:51:43 GMT
cf-cache-status: MISS
last-modified: Fri, 02 Feb 2024 10:39:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"1083-18d6966cba8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tu7cHlV5hRktJA4iVAjd0cbQiE5HhHLyecEBt94pzoAI1f%2BgWnuuLqlkC4BDr9c9%2Fs8FubnE87AmZaAKYoULP5Ccsn2QR7wYw96Hep%2BBDajgL6zDDQQzTDH5d%2B2HwjxK"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 879f271ab96c69ea-MAD
alt-svc: h3=":443"; ma=86400
content-length: 4227

GET
H3 200 interrogacao.svg
attcadcx3.com/images/ 1021 B
994 B 632ms
631ms Image
image/svg+xml 104.21.0.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://attcadcx3.com/images/interrogacao.svg
Requested by: Host: attcadcx3.com
URL: https://attcadcx3.com/auth?flow=inputUsername
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.0.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: eb36e7473ecb490885c097151ae7b39578df4140aaf254db51b4082f83840dc1

Request headers

Accept-Language: pt-PT,pt;q=0.9;q=0.9
Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Thu, 25 Apr 2024 14:51:43 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 20 Jan 2024 08:53:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"3fd-18d261342c8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dfNTCXZx7n0YMmCGjC%2BIIdUkK9jnaAzH2XKRaW1A62UeLjzm8jHoZOuaQb%2BCHKzyNUBl%2FzeHjEP8IFmV%2BTHUEEvqWrihMpxpsD1kd7CXS3%2F8s1N3EuDuUfJ0O01YC7jg"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 879f271ab96e69ea-MAD
alt-svc: h3=":443"; ma=86400

GET
H3 200 caixatem-white.png
attcadcx3.com/images/ 17 KB
17 KB 887ms
887ms Image
image/png 104.21.0.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://attcadcx3.com/images/caixatem-white.png
Requested by: Host: attcadcx3.com
URL: https://attcadcx3.com/auth?flow=inputUsername
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.0.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 88fb48c350619c7ede48413118c899900d5801f565f16bf2f78b23c753128c79

Request headers

Accept-Language: pt-PT,pt;q=0.9;q=0.9
Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Thu, 25 Apr 2024 14:51:44 GMT
cf-cache-status: MISS
last-modified: Tue, 02 Jan 2024 20:24:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"43f3-18ccbd8faa0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ABHxh3E0W%2Fgs7yE0IstzbDxiVjYEsYPw5YYkUQ9M8Fjo%2ForKW7G9M97cCBe%2BNom0XIrTi3y7T8Y4oNyIkLzhPWp5hJS8wxQLt0IwDgEi2O0RXn6%2FiVn8WwLXm%2FZVe2Cu"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 879f271eae5869ea-MAD
alt-svc: h3=":443"; ma=86400
content-length: 17395

GET
H3 200 helpers.js Show response
attcadcx3.com/js/ 4 KB
2 KB 624ms
624ms Script
application/javascript 104.21.0.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://attcadcx3.com/js/helpers.js
Requested by: Host: attcadcx3.com
URL: https://attcadcx3.com/auth?flow=inputUsername
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.0.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: d0b35815e7476d0367ee28e2cce8f169f70b5a2673c4eb39994644eab5fe5a96

Request headers

Accept-Language: pt-PT,pt;q=0.9;q=0.9
Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Thu, 25 Apr 2024 14:51:44 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 26 Mar 2024 00:21:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"106f-18e78220be8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p62VZShUXNkaJ9VezgkWop0sHfSOCRvSw%2FfAwrdJ%2Bk6T%2B%2FQ%2F1nXPjoifI8T2k98fKCPppY4YIKKBPwhMcYFpgFqMumShSIVwCPAMvoqGV7oBygqOYosokxEzIfXbKm%2Bg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 879f271eae6169ea-MAD
alt-svc: h3=":443"; ma=86400

GET
H3 200 / Show response
attcadcx3.com/socket.io/ 118 B
511 B 586ms
586ms XHR
text/plain 104.21.0.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://attcadcx3.com/socket.io/?EIO=4&transport=polling&t=OyLlQyZ
Requested by: Host: cdn.socket.io
URL: https://cdn.socket.io/4.7.2/socket.io.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.0.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 310e2bb0f123054cf221a3e993fad8d3a590c406dd00ba35779f8b4d5380c944

Request headers

Accept: */*
Referer: https://www.google.com
Accept-Language: pt-PT,pt;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Thu, 25 Apr 2024 14:51:44 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=niaFlyqXZrR2Ff4N0oF3mk1dSCVMPtYP%2FNaW%2B0BQuSXHAfFVIY25ghlkolGLfXI%2BxQuYBU8LXPykzpAC%2BqTZf3jzMW6Yzpn%2FLFcm%2FpannNDlsGho%2FtmWfo2Zr%2FbPcsEq"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cache-control: no-store
cf-ray: 879f271ede9569ea-MAD
alt-svc: h3=":443"; ma=86400

POST
H3 200 / Show response
attcadcx3.com/socket.io/ 2 B
395 B 570ms
569ms XHR
text/html 104.21.0.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://attcadcx3.com/socket.io/?EIO=4&transport=polling&t=OyLlR5m&sid=mhJqTvCfb07_o_97AAIo
Requested by: Host: cdn.socket.io
URL: https://cdn.socket.io/4.7.2/socket.io.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.0.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept: */*
Referer: https://www.google.com
Accept-Language: pt-PT,pt;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Content-type: text/plain;charset=UTF-8

Response headers

date: Thu, 25 Apr 2024 14:51:44 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GhOodV6wTvQnzgkMZ2UrkPcSEeQcaDACCkvrBpabVKefR201n%2B%2B1%2FYcuhw0Jq8aqw%2BGZt1YcOMzT%2FsoNhOCSI5DrekxyR7r0T%2BkvP9aDvQGu3nucgkrxjK4v7KkU1O0N"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: no-store
cf-ray: 879f27228b8769ea-MAD
alt-svc: h3=":443"; ma=86400

GET
H3 200 / Show response
attcadcx3.com/socket.io/ 32 B
436 B 610ms
610ms XHR
text/plain 104.21.0.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://attcadcx3.com/socket.io/?EIO=4&transport=polling&t=OyLlR5n&sid=mhJqTvCfb07_o_97AAIo
Requested by: Host: cdn.socket.io
URL: https://cdn.socket.io/4.7.2/socket.io.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.0.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4768faa975bebc81e3ad7a6bdc60a2857e125a0150d1fb7f17d7701d3fe3e95

Request headers

Accept: */*
Referer: https://www.google.com
Accept-Language: pt-PT,pt;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Thu, 25 Apr 2024 14:51:44 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GU300sxJI7utANUoOUNQ%2Fa9yH3FluQpjTwa%2ByUE9ADTjZ%2BSXepd3UAz3uqzPqIz2B9nJeozt1TPJF9sqlQ%2FfAcPZOh0X4HMnslfgiLu4yHyv%2FUxF%2F%2F075rBe3mjBbPHL"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cache-control: no-store
cf-ray: 879f27228b8969ea-MAD
alt-svc: h3=":443"; ma=86400
content-length: 32

GET
H3 200 futuraBook.woff
attcadcx3.com/fonts/ 12 KB
13 KB 832ms
831ms Font
font/woff 104.21.0.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://attcadcx3.com/fonts/futuraBook.woff
Requested by: Host: attcadcx3.com
URL: https://attcadcx3.com/css/main.css?v=3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.0.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: cef588bc026161c06f8f09683b4dbe9478955be7d9704bf81b625725b3d495d5

Request headers

Referer: https://www.google.com
Origin: https://attcadcx3.com
Accept-Language: pt-PT,pt;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Thu, 25 Apr 2024 14:51:45 GMT
cf-cache-status: MISS
last-modified: Fri, 02 Feb 2024 11:00:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"31e0-18d697a1cf8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mk36nLI0qMRkxTYkwqb3ZvmWV609xUv3pCBD8kizs1cUbYWCWfHVioiIh4XhpjasVrfPKSMjC5hXAJLlmNnV68ITf5hW0VcdhoG6Kc13rHw%2FjhMF85%2B1PVMl%2BCN4Wo41"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 879f27232c5069ea-MAD
alt-svc: h3=":443"; ma=86400
content-length: 12768

GET
H3 200 fsso.woff2
attcadcx3.com/fonts/ 4 KB
4 KB 642ms
642ms Font
font/woff2 104.21.0.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://attcadcx3.com/fonts/fsso.woff2?
Requested by: Host: attcadcx3.com
URL: https://attcadcx3.com/css/fsso.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.0.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: f4d77754b30e09df3ae9f69513eb48fc68e092d2599cc29cd961b8254e311dbb

Request headers

Referer: https://www.google.com
Origin: https://attcadcx3.com
Accept-Language: pt-PT,pt;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Thu, 25 Apr 2024 14:51:45 GMT
cf-cache-status: MISS
last-modified: Fri, 02 Feb 2024 10:57:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"ea0-18d69779870"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XquwoPBgV%2BPGpHs9soT8tvoT8jRFeFQTz5N1bQIQH1OrUlkajZP4Wo0WAKcawq%2FfsVGhfe7drFDW6VT%2FveJGhmOD1%2BIC0vThH5Rb1oNEnlzsHZvb7KKdSvzg%2B2kKEHEZ"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 879f27232c5569ea-MAD
alt-svc: h3=":443"; ma=86400
content-length: 3744

GET
H3 200 / Show response
attcadcx3.com/socket.io/ 1 B
397 B 612ms
611ms XHR
text/plain 104.21.0.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://attcadcx3.com/socket.io/?EIO=4&transport=polling&t=OyLlRFL&sid=mhJqTvCfb07_o_97AAIo
Requested by: Host: cdn.socket.io
URL: https://cdn.socket.io/4.7.2/socket.io.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.0.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683

Request headers

Accept: */*
Referer: https://www.google.com
Accept-Language: pt-PT,pt;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Thu, 25 Apr 2024 14:51:45 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9sDJrzMaz7Ni18C0cJbmvRF190rjSUbokQC0BOSEBE9M5eG0UFQyZUn%2FzJiuOgysuh3CYgpnD4jIfDrE0ujcnw26TjUoxWDICLRuzXxr8%2FxP4nspAOiFe3murwZHPsRt"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cache-control: no-store
cf-ray: 879f2726582869ea-MAD
alt-svc: h3=":443"; ma=86400
content-length: 1

POST
H3 200 / Show response
attcadcx3.com/socket.io/ 2 B
397 B 577ms
576ms XHR
text/html 104.21.0.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://attcadcx3.com/socket.io/?EIO=4&transport=polling&t=OyLlRFM&sid=mhJqTvCfb07_o_97AAIo
Requested by: Host: cdn.socket.io
URL: https://cdn.socket.io/4.7.2/socket.io.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.0.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept: */*
Referer: https://www.google.com
Accept-Language: pt-PT,pt;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Content-type: text/plain;charset=UTF-8

Response headers

date: Thu, 25 Apr 2024 14:51:45 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tTdvEWxd40Z2%2B7Ntu0ltDP37tVLCSp9oHm3Vr61FexQh2ff1hbgf2dvkyyKf8GFCtL4SrVYW6%2F9klSiizszfayL%2BBreHhISeP%2Fs%2Fb1I%2BLxiDKh0%2FCaLl%2FtBAXqOw3U56"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: no-store
cf-ray: 879f2726582b69ea-MAD
alt-svc: h3=":443"; ma=86400

GET
H3

200

auth
attcadcx3.com/
Redirect Chain

https://attcadcx3.com/images/favicon.ico
https://attcadcx3.com/
https://attcadcx3.com/auth?flow=inputUsername

5 KB
447 B

556ms
556ms

Other
text/html

104.21.0.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://attcadcx3.com/auth?flow=inputUsername
Protocol: H3
Server: 104.21.0.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 64f47dac58ac1396c702a238a73e3bce43d340c508305dbde78dfdc7ae9bd07f

Request headers

Accept-Language: pt-PT,pt;q=0.9;q=0.9
Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Thu, 25 Apr 2024 14:51:47 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Mon, 25 Mar 2024 17:27:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZvkQArgzeibGm6%2FvQa9%2FIAPR8RfIMZjVweQ0m9hTQjRN1Q0RpxpmVwGlhccT0y%2BySp1UHTvpefDdowMOWqatJlsgnJmcG1HaVRhg7ZMyfAk1%2B5HsouzudXHDrR4NT2%2Bu"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
cf-ray: 879f272fcbc569ea-MAD
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Thu, 25 Apr 2024 14:51:46 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=su0s9%2FT6U%2FjUZJ%2Bz9Z70izBzOdWmww2kwb7MZ13lAG75194tWxDzGHkua8zSLJmrbFnMOH7QvLAMQbvBGyjEC%2Fo6o5dVomO1ooC55JgVjYyaQfKwNC0kbB8eAyd0n9G0"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
location: /auth?flow=inputUsername
cf-ray: 879f272c3f9969ea-MAD
alt-svc: h3=":443"; ma=86400
content-length: 46

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Caixa (Government)

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			attcadcx3.com/	1969-12-31 23:59:59	Name: connect.sid Value: s%3AyEGTb-zr9swHZvge-H1Ndr5L_u1qfaDZ.p5ps4ZiYJ%2B47bO9%2FfRGBgYDhnQN8qT85DnsIgfmalLM

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

attcadcx3.com
attonline-cxtemapplive.com
cdn.socket.io
www.attonline-cxtemapplive.com
104.21.0.178
107.161.23.204
18.245.31.89
209.141.38.71
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
310e2bb0f123054cf221a3e993fad8d3a590c406dd00ba35779f8b4d5380c944
3fd4831c4c7cdc3d26a978b40241a16a7795c65d9f0f9c0b887602b719007a4a
455d9f26b641e2c2c9363b5321607aaf9410d3900ef626839a2653d49b0024b9
63c6bca75c5ba6da5336acef9f07f249f52b6ef6343f5d1ec46916139b30ee16
64f47dac58ac1396c702a238a73e3bce43d340c508305dbde78dfdc7ae9bd07f
736161c02d6980a800ee35c57b869cbd6f352c411203b89e794b53edc56cdf5e
83df4abc7eec941f1d29ae254e80bac0bb82d398fbe2e8ee4ea2a7efc8e704f1
88fb48c350619c7ede48413118c899900d5801f565f16bf2f78b23c753128c79
99e691fae5e88eb36bafb24758b35f0f990708295f8f2abe2221891e328f776a
a10b2226b24cb524fc090fc6b617601ddfa9c6bfc32b95c415b8057f0b32b340
c4768faa975bebc81e3ad7a6bdc60a2857e125a0150d1fb7f17d7701d3fe3e95
cef588bc026161c06f8f09683b4dbe9478955be7d9704bf81b625725b3d495d5
d0b35815e7476d0367ee28e2cce8f169f70b5a2673c4eb39994644eab5fe5a96
e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683
eb36e7473ecb490885c097151ae7b39578df4140aaf254db51b4082f83840dc1
eb545b8ac4e9673641214567329f2d88a8546e1a7a10e0be37ce709fd94f0fb4
f4d77754b30e09df3ae9f69513eb48fc68e092d2599cc29cd961b8254e311dbb

attcadcx3.com Open in urlscan Pro 104.21.0.178 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

20 Requests

95 %HTTPS

0 %IPv6

3 Domains

4 Subdomains

2 IPs

2 Countries

117 kBTransfer

270 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

21 JavaScript Global Variables

1 Cookies

Indicators

attcadcx3.com Open in urlscan Pro
104.21.0.178 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

95 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

2
IPs

2
Countries

117 kB
Transfer

270 kB
Size

1
Cookies

20 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!