https://tools.cybb0rg.com/accessgovleak

Scan ID:
fc8db48a-0374-44f0-8197-1184d53b20c2Finished
Submitted URL:
https://lnkd.in/g3ya7kThRedirected
Report Finished:

The outgoing links identified from the page

JavaScript Variables · 6 found

Global JavaScript variables loaded on the window object of a page, are variables declared outside of functions and accessible from anywhere in the code within the current scope

NameType
onbeforetoggleobject
documentPictureInPictureobject
onscrollendobject
_0x3033function
_0x4b71function
checkLeakedCredentialsfunction

Console log messages · 1 found

Messages logged to the web console

TypeCategoryLog
errorother
URL
https://tools.cybb0rg.com/accessgovleak
Text
X-Frame-Options may only be set via an HTTP header sent along with a document. It may not be set inside <meta>.

HTML

The raw HTML body of the page

<!DOCTYPE html><html lang="pt"><head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>Leak Checker - ACESSO.GOV.PT</title>
    <link rel="icon" type="image/png" href="https://www.cybb0rg.com/wp-content/uploads/2024/05/fav.png">
    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/bulma/0.9.4/css/bulma.min.css">
    <meta http-equiv="X-Content-Type-Options" content="nosniff">
    <meta http-equiv="X-Frame-Options" content="DENY">
    <meta http-equiv="Referrer-Policy" content="no-referrer">
    <meta http-equiv="Strict-Transport-Security" content="max-age=63072000; includeSubDomains; preload">
    <style>
        body {
            background-color: #f5f5f5;
        }
        .container {
            margin-top: 50px;
            max-width: 500px;
        }
        .notification {
            display: none;
        }
    </style>
</head>
<body>
    <section class="hero is-primary">
        <div class="hero-body">
            <p class="title">
                Leak Checker - ACESSO.GOV.PT
            </p>
            <p class="subtitle">
                Verifica se as tuas credenciais do ACESSO.GOV.PT foram leaked. <br>Leak 10/08/2024.
            </p>
        </div>
    </section>

    <div class="container">
        <div class="box">
            <div class="field">
                <label class="label">Número Identificação Fiscal (NIF)</label>
                <div class="control">
                    <input class="input" id="username" type="text" placeholder="Inserir NIF" maxlength="9" pattern="\d{9}" required="">
                </div>
            </div>
            <div class="field">
                <div class="control">
                    <button class="button is-primary" onclick="checkLeakedCredentials()">Verificar</button>
                </div>
            </div>
            <div id="result" class="notification"></div>
        </div>
        <p><b>INFO:</b> Não guardamos quaisquer informações inseridas no formulário nas nossas bases de dados, a ferramenta tem somente interação front-end e depois validação com a lista de nifs que foi publicamente leaked.
    </p></div>

    <script>
function _0x3033(){const _0x2d2ef8=['is-danger','block','validation.php','3833048fpVKpl','Failed\x20to\x20verify\x20the\x20NIF','style','textContent','notification\x20','className','json','POST','display','result','value','Por\x20favor,\x20insira\x20um\x20NIF\x20válido\x20(9\x20dígitos).','4641540DyUIgr','681813fAVLQO','50aRCJMf','Failed\x20to\x20fetch\x20CSRF\x20token','848ydmxNA','21440wQxzZa','stringify','getElementById','test','none','18dkfXvO','username','csrf_token','status','Erro:\x20Não\x20foi\x20possível\x20verificar\x20o\x20NIF.\x20Tente\x20novamente\x20mais\x20tarde.','1050002pSFzzA','3464643TBRfFB','trim','success','message','application/json','is-success','6ZzQtIC','GET','notification\x20is-danger','1883178cYMkYc'];_0x3033=function(){return _0x2d2ef8;};return _0x3033();}(function(_0x113a15,_0x3930cc){const _0x4a89a6=_0x4b71,_0x27515d=_0x113a15();while(!![]){try{const _0x5b64d4=-parseInt(_0x4a89a6(0x169))/0x1+-parseInt(_0x4a89a6(0x14e))/0x2*(-parseInt(_0x4a89a6(0x155))/0x3)+parseInt(_0x4a89a6(0x16c))/0x4*(parseInt(_0x4a89a6(0x16d))/0x5)+-parseInt(_0x4a89a6(0x168))/0x6+parseInt(_0x4a89a6(0x14f))/0x7+-parseInt(_0x4a89a6(0x15c))/0x8*(parseInt(_0x4a89a6(0x149))/0x9)+parseInt(_0x4a89a6(0x16a))/0xa*(parseInt(_0x4a89a6(0x158))/0xb);if(_0x5b64d4===_0x3930cc)break;else _0x27515d['push'](_0x27515d['shift']());}catch(_0x4f0f4d){_0x27515d['push'](_0x27515d['shift']());}}}(_0x3033,0xdad4c));function _0x4b71(_0x2948bf,_0x1dbe8a){const _0x30336c=_0x3033();return _0x4b71=function(_0x4b71c7,_0x391c30){_0x4b71c7=_0x4b71c7-0x148;let _0x3f4e41=_0x30336c[_0x4b71c7];return _0x3f4e41;},_0x4b71(_0x2948bf,_0x1dbe8a);}async function checkLeakedCredentials(){const _0x4d8c80=_0x4b71,_0x4aa7c9=document[_0x4d8c80(0x16f)](_0x4d8c80(0x14a))[_0x4d8c80(0x166)][_0x4d8c80(0x150)](),_0x1207fc=document[_0x4d8c80(0x16f)](_0x4d8c80(0x165));_0x1207fc[_0x4d8c80(0x15e)][_0x4d8c80(0x164)]=_0x4d8c80(0x148);if(!_0x4aa7c9||!/^[0-9]{9}$/[_0x4d8c80(0x170)](_0x4aa7c9)){alert(_0x4d8c80(0x167));return;}try{const _0x2ca9b7=await fetch(_0x4d8c80(0x15b),{'method':_0x4d8c80(0x156),'headers':{'Content-Type':_0x4d8c80(0x153)}});if(!_0x2ca9b7['ok'])throw new Error(_0x4d8c80(0x16b));const _0x1de7bd=await _0x2ca9b7[_0x4d8c80(0x162)](),_0x8927c3=_0x1de7bd[_0x4d8c80(0x14b)],_0x126777=await fetch(_0x4d8c80(0x15b),{'method':_0x4d8c80(0x163),'headers':{'Content-Type':_0x4d8c80(0x153),'X-CSRF-Token':_0x8927c3},'body':JSON[_0x4d8c80(0x16e)]({'nif':_0x4aa7c9})});if(_0x126777['ok']){const _0x22e79f=await _0x126777[_0x4d8c80(0x162)]();_0x1207fc[_0x4d8c80(0x15e)][_0x4d8c80(0x164)]=_0x4d8c80(0x15a),_0x1207fc[_0x4d8c80(0x161)]=_0x4d8c80(0x160)+(_0x22e79f[_0x4d8c80(0x14c)]===_0x4d8c80(0x151)?_0x4d8c80(0x154):_0x4d8c80(0x159)),_0x1207fc[_0x4d8c80(0x15f)]=_0x22e79f[_0x4d8c80(0x152)];}else throw new Error(_0x4d8c80(0x15d));}catch(_0x398aea){_0x1207fc[_0x4d8c80(0x15e)][_0x4d8c80(0x164)]=_0x4d8c80(0x15a),_0x1207fc[_0x4d8c80(0x161)]=_0x4d8c80(0x157),_0x1207fc[_0x4d8c80(0x15f)]=_0x4d8c80(0x14d);}}
    </script>


</body></html>