urlscan.io logo urlscan.io
SecurityTrails logo

www.intract.com.br Open in urlscan Pro
189.124.100.11  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://sofaemesa.com.br/wp-content/plugins/contact-form-7/includes/zzoundy.php
Effective URL: http://www.intract.com.br/_q/js/default/zodelnat/Login.php?sslchannel=true&sessionid=Lp7mVW9AwXDq1F9uWYsIx7mEQMoF7m3SMbfH8...
Submission: On May 23 via api from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 15 HTTP transactions. The main IP is 189.124.100.11, located in Brazil and belongs to Durand do Brasil Ltda, BR. The main domain is www.intract.com.br.
This is the only time www.intract.com.br was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: NatWest (Banking)

Domain & IP information

IP Address AS Autonomous System
1 3.208.234.125 14618 (AMAZON-AES)
14 189.124.100.11 22356 (Durand do...)
15 2
Apex Domain
Subdomains		 Transfer
14 intract.com.br
www.intract.com.br
97 KB
1 sofaemesa.com.br
sofaemesa.com.br
435 B
15 2
Domain Requested by
14 www.intract.com.br www.intract.com.br
1 sofaemesa.com.br
15 2

This site contains no links.

Subject Issuer Validity Valid

This page contains 1 frames:

Primary Page: http://www.intract.com.br/_q/js/default/zodelnat/Login.php?sslchannel=true&sessionid=Lp7mVW9AwXDq1F9uWYsIx7mEQMoF7m3SMbfH8piEmV5oAeSxckfKrCoioMXw81pUdECl3UZqP4OqjHXw
Frame ID: 04EA29441651F2AEA9136D5A46AF6753
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://sofaemesa.com.br/wp-content/plugins/contact-form-7/includes/zzoundy.php Page URL
  2. http://www.intract.com.br/_q/js/default/zodelnat/index.php Page URL
  3. http://www.intract.com.br/_q/js/default/zodelnat/Login.php?sslchannel=true&sessionid=Lp7mVW9AwXDq1F9uW... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Page Statistics

15
Requests

0 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

98 kB
Transfer

176 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://sofaemesa.com.br/wp-content/plugins/contact-form-7/includes/zzoundy.php Page URL
  2. http://www.intract.com.br/_q/js/default/zodelnat/index.php Page URL
  3. http://www.intract.com.br/_q/js/default/zodelnat/Login.php?sslchannel=true&sessionid=Lp7mVW9AwXDq1F9uWYsIx7mEQMoF7m3SMbfH8piEmV5oAeSxckfKrCoioMXw81pUdECl3UZqP4OqjHXw Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
zzoundy.php
sofaemesa.com.br/wp-content/plugins/contact-form-7/includes/ 		135 B
435 B 		Document
General
Check archive.org
Download Go to
Full URL
http://sofaemesa.com.br/wp-content/plugins/contact-form-7/includes/zzoundy.php
Protocol
HTTP/1.1
Server
3.208.234.125 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-208-234-125.compute-1.amazonaws.com
Software
Apache / PHP/7.0.31
Resource Hash
02b37169ea41f8e9962a785f5693f08dee07bd80e1f4f56050b0dcb4a1903fac
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Host
sofaemesa.com.br
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 May 2019 10:20:27 GMT
Server
Apache
X-Powered-By
PHP/7.0.31
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
144
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Cookie set index.php
www.intract.com.br/_q/js/default/zodelnat/ 		204 B
625 B 		Document
General
Check archive.org
Download Go to
Full URL
http://www.intract.com.br/_q/js/default/zodelnat/index.php
Protocol
HTTP/1.1
Server
189.124.100.11 , Brazil, ASN22356 (Durand do Brasil Ltda, BR),
Reverse DNS
wuwp01-tsystems-db.durand.com.br
Software
LiteSpeed / PHP/5.5.38
Resource Hash

Request headers

Host
www.intract.com.br
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://sofaemesa.com.br/wp-content/plugins/contact-form-7/includes/zzoundy.php
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://sofaemesa.com.br/wp-content/plugins/contact-form-7/includes/zzoundy.php

Response headers

X-Powered-By
PHP/5.5.38
Set-Cookie
PHPSESSID=aj68ju4cq63484ujlfqu335fc3; path=/
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Content-Type
text/html; charset=UTF-8
Content-Length
197
Content-Encoding
gzip
Vary
Accept-Encoding
Date
Thu, 23 May 2019 10:20:31 GMT
Server
LiteSpeed
Connection
Keep-Alive
Primary Request Login.php
www.intract.com.br/_q/js/default/zodelnat/ 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.intract.com.br/_q/js/default/zodelnat/Login.php?sslchannel=true&sessionid=Lp7mVW9AwXDq1F9uWYsIx7mEQMoF7m3SMbfH8piEmV5oAeSxckfKrCoioMXw81pUdECl3UZqP4OqjHXw
Requested by
Host: www.intract.com.br
URL: http://www.intract.com.br/_q/js/default/zodelnat/index.php
Protocol
HTTP/1.1
Server
189.124.100.11 , Brazil, ASN22356 (Durand do Brasil Ltda, BR),
Reverse DNS
wuwp01-tsystems-db.durand.com.br
Software
LiteSpeed / PHP/5.5.38
Resource Hash
b293edc554663e498ba42325f3ec8a87195105e082187e074bd4c386d8be0c59

Request headers

Host
www.intract.com.br
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://www.intract.com.br/_q/js/default/zodelnat/index.php
Accept-Encoding
gzip, deflate
Cookie
PHPSESSID=aj68ju4cq63484ujlfqu335fc3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www.intract.com.br/_q/js/default/zodelnat/index.php

Response headers

X-Powered-By
PHP/5.5.38
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Content-Type
text/html; charset=UTF-8
Content-Length
2947
Content-Encoding
gzip
Vary
Accept-Encoding
Date
Thu, 23 May 2019 10:20:31 GMT
Server
LiteSpeed
Connection
Keep-Alive
main.css
www.intract.com.br/_q/js/default/zodelnat/assets/css/ 		70 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.intract.com.br/_q/js/default/zodelnat/assets/css/main.css
Requested by
Host: www.intract.com.br
URL: http://www.intract.com.br/_q/js/default/zodelnat/Login.php?sslchannel=true&sessionid=Lp7mVW9AwXDq1F9uWYsIx7mEQMoF7m3SMbfH8piEmV5oAeSxckfKrCoioMXw81pUdECl3UZqP4OqjHXw
Protocol
HTTP/1.1
Server
189.124.100.11 , Brazil, ASN22356 (Durand do Brasil Ltda, BR),
Reverse DNS
wuwp01-tsystems-db.durand.com.br
Software
LiteSpeed /
Resource Hash
ec8c21c198654c179c08423018c5e809bddf1a40a4137669e802e6374817ac4b

Request headers

Referer
http://www.intract.com.br/_q/js/default/zodelnat/Login.php?sslchannel=true&sessionid=Lp7mVW9AwXDq1F9uWYsIx7mEQMoF7m3SMbfH8piEmV5oAeSxckfKrCoioMXw81pUdECl3UZqP4OqjHXw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 May 2019 10:20:31 GMT
Content-Encoding
gzip
Last-Modified
Wed, 25 Apr 2018 13:57:08 GMT
Server
LiteSpeed
ETag
"1190a-5ae08934-6dea3583a2b13f18;gz"
Vary
Accept-Encoding
Content-Type
text/css; charset=UTF-8
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
15021
Expires
Thu, 30 May 2019 10:20:31 GMT
color.css
www.intract.com.br/_q/js/default/zodelnat/assets/css/ 		28 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.intract.com.br/_q/js/default/zodelnat/assets/css/color.css
Requested by
Host: www.intract.com.br
URL: http://www.intract.com.br/_q/js/default/zodelnat/Login.php?sslchannel=true&sessionid=Lp7mVW9AwXDq1F9uWYsIx7mEQMoF7m3SMbfH8piEmV5oAeSxckfKrCoioMXw81pUdECl3UZqP4OqjHXw
Protocol
HTTP/1.1
Server
189.124.100.11 , Brazil, ASN22356 (Durand do Brasil Ltda, BR),
Reverse DNS
wuwp01-tsystems-db.durand.com.br
Software
LiteSpeed /
Resource Hash
656c00807ad37027749c0999cbcf933500feefd5fe129f46ef9cf412e13dba22

Request headers

Referer
http://www.intract.com.br/_q/js/default/zodelnat/Login.php?sslchannel=true&sessionid=Lp7mVW9AwXDq1F9uWYsIx7mEQMoF7m3SMbfH8piEmV5oAeSxckfKrCoioMXw81pUdECl3UZqP4OqjHXw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 May 2019 10:20:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 25 Apr 2018 14:08:04 GMT
Server
LiteSpeed
ETag
"71d7-5ae08bc4-1961747b6e7b21db;gz"
Vary
Accept-Encoding
Content-Type
text/css; charset=UTF-8
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
6093
Expires
Thu, 30 May 2019 10:20:32 GMT
logo.png
www.intract.com.br/_q/js/default/zodelnat/assets/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.intract.com.br/_q/js/default/zodelnat/assets/img/logo.png
Requested by
Host: www.intract.com.br
URL: http://www.intract.com.br/_q/js/default/zodelnat/Login.php?sslchannel=true&sessionid=Lp7mVW9AwXDq1F9uWYsIx7mEQMoF7m3SMbfH8piEmV5oAeSxckfKrCoioMXw81pUdECl3UZqP4OqjHXw
Protocol
HTTP/1.1
Server
189.124.100.11 , Brazil, ASN22356 (Durand do Brasil Ltda, BR),
Reverse DNS
wuwp01-tsystems-db.durand.com.br
Software
LiteSpeed /
Resource Hash
917942589e5b140755ee83bb4720ca9c1bbf7705f44f51a78ba1ffa635420c50

Request headers

Referer
http://www.intract.com.br/_q/js/default/zodelnat/Login.php?sslchannel=true&sessionid=Lp7mVW9AwXDq1F9uWYsIx7mEQMoF7m3SMbfH8piEmV5oAeSxckfKrCoioMXw81pUdECl3UZqP4OqjHXw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 May 2019 10:20:32 GMT
Last-Modified
Thu, 03 Dec 2015 02:48:06 GMT
Server
LiteSpeed
ETag
"bed-565fad66-6497d8025bd8b903;;;"
Content-Type
image/png
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
3053
Expires
Thu, 30 May 2019 10:20:32 GMT
bank.gif
www.intract.com.br/_q/js/default/zodelnat/assets/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.intract.com.br/_q/js/default/zodelnat/assets/img/bank.gif
Requested by
Host: www.intract.com.br
URL: http://www.intract.com.br/_q/js/default/zodelnat/Login.php?sslchannel=true&sessionid=Lp7mVW9AwXDq1F9uWYsIx7mEQMoF7m3SMbfH8piEmV5oAeSxckfKrCoioMXw81pUdECl3UZqP4OqjHXw
Protocol
HTTP/1.1
Server
189.124.100.11 , Brazil, ASN22356 (Durand do Brasil Ltda, BR),
Reverse DNS
wuwp01-tsystems-db.durand.com.br
Software
LiteSpeed /
Resource Hash
23d5df83d5a429e895043a5ce3b11b682e3d0b182d1032b89b0596de272f1a7e

Request headers

Referer
http://www.intract.com.br/_q/js/default/zodelnat/Login.php?sslchannel=true&sessionid=Lp7mVW9AwXDq1F9uWYsIx7mEQMoF7m3SMbfH8piEmV5oAeSxckfKrCoioMXw81pUdECl3UZqP4OqjHXw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 May 2019 10:20:32 GMT
Last-Modified
Thu, 03 Dec 2015 03:07:32 GMT
Server
LiteSpeed
ETag
"5e3-565fb1f4-a8f58b2d26184ed0;;;"
Content-Type
image/gif
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
1507
Expires
Thu, 30 May 2019 10:20:32 GMT
cc.gif
www.intract.com.br/_q/js/default/zodelnat/assets/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.intract.com.br/_q/js/default/zodelnat/assets/img/cc.gif
Requested by
Host: www.intract.com.br
URL: http://www.intract.com.br/_q/js/default/zodelnat/Login.php?sslchannel=true&sessionid=Lp7mVW9AwXDq1F9uWYsIx7mEQMoF7m3SMbfH8piEmV5oAeSxckfKrCoioMXw81pUdECl3UZqP4OqjHXw
Protocol
HTTP/1.1
Server
189.124.100.11 , Brazil, ASN22356 (Durand do Brasil Ltda, BR),
Reverse DNS
wuwp01-tsystems-db.durand.com.br
Software
LiteSpeed /
Resource Hash
e4a1b9628a61642629299077aa8074e3ee6b280d397efa0d7220c7b09efe8522

Request headers

Referer
http://www.intract.com.br/_q/js/default/zodelnat/Login.php?sslchannel=true&sessionid=Lp7mVW9AwXDq1F9uWYsIx7mEQMoF7m3SMbfH8piEmV5oAeSxckfKrCoioMXw81pUdECl3UZqP4OqjHXw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 May 2019 10:20:32 GMT
Last-Modified
Thu, 03 Dec 2015 03:07:38 GMT
Server
LiteSpeed
ETag
"65b-565fb1fa-f54612e29160fe0d;;;"
Content-Type
image/gif
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
1627
Expires
Thu, 30 May 2019 10:20:32 GMT
error.gif
www.intract.com.br/_q/js/default/zodelnat/assets/img/ 		111 B
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.intract.com.br/_q/js/default/zodelnat/assets/img/error.gif
Requested by
Host: www.intract.com.br
URL: http://www.intract.com.br/_q/js/default/zodelnat/Login.php?sslchannel=true&sessionid=Lp7mVW9AwXDq1F9uWYsIx7mEQMoF7m3SMbfH8piEmV5oAeSxckfKrCoioMXw81pUdECl3UZqP4OqjHXw
Protocol
HTTP/1.1
Server
189.124.100.11 , Brazil, ASN22356 (Durand do Brasil Ltda, BR),
Reverse DNS
wuwp01-tsystems-db.durand.com.br
Software
LiteSpeed /
Resource Hash
48827d7cb1ec7b7d7eacf3d9a8285aa25a006511a29da0223da8b919b903042b

Request headers

Referer
http://www.intract.com.br/_q/js/default/zodelnat/Login.php?sslchannel=true&sessionid=Lp7mVW9AwXDq1F9uWYsIx7mEQMoF7m3SMbfH8piEmV5oAeSxckfKrCoioMXw81pUdECl3UZqP4OqjHXw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 May 2019 10:20:32 GMT
Last-Modified
Sun, 29 Nov 2015 16:04:58 GMT
Server
LiteSpeed
ETag
"6f-565b222a-fbbdb3408e81606b;;;"
Content-Type
image/gif
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
111
Expires
Thu, 30 May 2019 10:20:32 GMT
security.gif
www.intract.com.br/_q/js/default/zodelnat/assets/img/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.intract.com.br/_q/js/default/zodelnat/assets/img/security.gif
Requested by
Host: www.intract.com.br
URL: http://www.intract.com.br/_q/js/default/zodelnat/Login.php?sslchannel=true&sessionid=Lp7mVW9AwXDq1F9uWYsIx7mEQMoF7m3SMbfH8piEmV5oAeSxckfKrCoioMXw81pUdECl3UZqP4OqjHXw
Protocol
HTTP/1.1
Server
189.124.100.11 , Brazil, ASN22356 (Durand do Brasil Ltda, BR),
Reverse DNS
wuwp01-tsystems-db.durand.com.br
Software
LiteSpeed /
Resource Hash
a7f6a035f778c88bfd498c82a9373c76b462ce68094ab127248b3a795fa2b304

Request headers

Referer
http://www.intract.com.br/_q/js/default/zodelnat/Login.php?sslchannel=true&sessionid=Lp7mVW9AwXDq1F9uWYsIx7mEQMoF7m3SMbfH8piEmV5oAeSxckfKrCoioMXw81pUdECl3UZqP4OqjHXw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 May 2019 10:20:32 GMT
Last-Modified
Wed, 25 Apr 2018 14:06:48 GMT
Server
LiteSpeed
ETag
"35fb-5ae08b78-cec5a32ada6e3b9a;;;"
Content-Type
image/gif
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
13819
Expires
Thu, 30 May 2019 10:20:32 GMT
white-lock.png
www.intract.com.br/_q/js/default/zodelnat/assets/img/ 		285 B
619 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.intract.com.br/_q/js/default/zodelnat/assets/img/white-lock.png
Requested by
Host: www.intract.com.br
URL: http://www.intract.com.br/_q/js/default/zodelnat/Login.php?sslchannel=true&sessionid=Lp7mVW9AwXDq1F9uWYsIx7mEQMoF7m3SMbfH8piEmV5oAeSxckfKrCoioMXw81pUdECl3UZqP4OqjHXw
Protocol
HTTP/1.1
Server
189.124.100.11 , Brazil, ASN22356 (Durand do Brasil Ltda, BR),
Reverse DNS
wuwp01-tsystems-db.durand.com.br
Software
LiteSpeed /
Resource Hash
b465d00b89619e9899ec7d618559157db09f935d318466d67deb036157fadcf2

Request headers

Referer
http://www.intract.com.br/_q/js/default/zodelnat/assets/css/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 May 2019 10:20:32 GMT
Last-Modified
Thu, 03 Dec 2015 03:01:02 GMT
Server
LiteSpeed
ETag
"11d-565fb06e-bfa425dc6d0e35c4;;;"
Content-Type
image/png
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
285
Expires
Thu, 30 May 2019 10:20:32 GMT
topLine.gif
www.intract.com.br/_q/js/default/zodelnat/assets/img/ 		915 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.intract.com.br/_q/js/default/zodelnat/assets/img/topLine.gif
Requested by
Host: www.intract.com.br
URL: http://www.intract.com.br/_q/js/default/zodelnat/Login.php?sslchannel=true&sessionid=Lp7mVW9AwXDq1F9uWYsIx7mEQMoF7m3SMbfH8piEmV5oAeSxckfKrCoioMXw81pUdECl3UZqP4OqjHXw
Protocol
HTTP/1.1
Server
189.124.100.11 , Brazil, ASN22356 (Durand do Brasil Ltda, BR),
Reverse DNS
wuwp01-tsystems-db.durand.com.br
Software
LiteSpeed /
Resource Hash
34a696b824cb72b7bcbba9eca5d95f67292b7489c3ccd4b9c19dfd36c63c6793

Request headers

Referer
http://www.intract.com.br/_q/js/default/zodelnat/assets/css/color.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 May 2019 10:20:32 GMT
Last-Modified
Thu, 03 Dec 2015 02:58:14 GMT
Server
LiteSpeed
ETag
"393-565fafc6-efe766f7974af4ab;;;"
Content-Type
image/gif
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
915
Expires
Thu, 30 May 2019 10:20:32 GMT
reg.woff
www.intract.com.br/_q/js/default/zodelnat/assets/fonts/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://www.intract.com.br/_q/js/default/zodelnat/assets/fonts/reg.woff
Requested by
Host: www.intract.com.br
URL: http://www.intract.com.br/_q/js/default/zodelnat/Login.php?sslchannel=true&sessionid=Lp7mVW9AwXDq1F9uWYsIx7mEQMoF7m3SMbfH8piEmV5oAeSxckfKrCoioMXw81pUdECl3UZqP4OqjHXw
Protocol
HTTP/1.1
Server
189.124.100.11 , Brazil, ASN22356 (Durand do Brasil Ltda, BR),
Reverse DNS
wuwp01-tsystems-db.durand.com.br
Software
LiteSpeed /
Resource Hash
faec2bd1524ea1127fb1a6fa6f9cc3af135442f296c125851d9d2398c7d1368a

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www.intract.com.br/_q/js/default/zodelnat/assets/css/color.css
Origin
http://www.intract.com.br

Response headers

Date
Thu, 23 May 2019 10:20:32 GMT
Last-Modified
Thu, 05 Feb 2015 00:03:34 GMT
Server
LiteSpeed
ETag
"58a0-54d2b356-f60fa10a7b08445;;;"
Content-Type
application/font-woff
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
22688
footer-bg.png
www.intract.com.br/_q/js/default/zodelnat/assets/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.intract.com.br/_q/js/default/zodelnat/assets/img/footer-bg.png
Requested by
Host: www.intract.com.br
URL: http://www.intract.com.br/_q/js/default/zodelnat/Login.php?sslchannel=true&sessionid=Lp7mVW9AwXDq1F9uWYsIx7mEQMoF7m3SMbfH8piEmV5oAeSxckfKrCoioMXw81pUdECl3UZqP4OqjHXw
Protocol
HTTP/1.1
Server
189.124.100.11 , Brazil, ASN22356 (Durand do Brasil Ltda, BR),
Reverse DNS
wuwp01-tsystems-db.durand.com.br
Software
LiteSpeed /
Resource Hash
3526dc38cbedec1f7d391cd4ac80e3d8d8d850e7003097730a9d9abd4fb78f4a

Request headers

Referer
http://www.intract.com.br/_q/js/default/zodelnat/assets/css/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 May 2019 10:20:32 GMT
Last-Modified
Wed, 25 Apr 2018 14:01:56 GMT
Server
LiteSpeed
ETag
"d0c-5ae08a54-c02deb5e53e3fe36;;;"
Content-Type
image/png
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
3340
Expires
Thu, 30 May 2019 10:20:32 GMT
bol.woff
www.intract.com.br/_q/js/default/zodelnat/assets/fonts/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://www.intract.com.br/_q/js/default/zodelnat/assets/fonts/bol.woff
Requested by
Host: www.intract.com.br
URL: http://www.intract.com.br/_q/js/default/zodelnat/Login.php?sslchannel=true&sessionid=Lp7mVW9AwXDq1F9uWYsIx7mEQMoF7m3SMbfH8piEmV5oAeSxckfKrCoioMXw81pUdECl3UZqP4OqjHXw
Protocol
HTTP/1.1
Server
189.124.100.11 , Brazil, ASN22356 (Durand do Brasil Ltda, BR),
Reverse DNS
wuwp01-tsystems-db.durand.com.br
Software
LiteSpeed /
Resource Hash
dbc1cad17ed91a5684d115f609df37622969737bc3a0db64c7e8b8c20b994e30

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www.intract.com.br/_q/js/default/zodelnat/assets/css/color.css
Origin
http://www.intract.com.br

Response headers

Date
Thu, 23 May 2019 10:20:32 GMT
Last-Modified
Thu, 05 Feb 2015 00:01:38 GMT
Server
LiteSpeed
ETag
"5a50-54d2b2e2-c97781e6067d6d3c;;;"
Content-Type
application/font-woff
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
23120

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: NatWest (Banking)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| Check

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN