smiles-resgate.cloudaccess.host Open in urlscan Pro
2607:1b00:93b2:e42c::aa0f Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://smiles-resgate.cloudaccess.host/areadocliente/b2/index1.php
Submission: On March 28 via manual (March 28th 2019, 12:22:41 am UTC) from BR

Summary HTTP 19 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 19 HTTP transactions. The main IP is 2607:1b00:93b2:e42c::aa0f, located in United States and belongs to CLOUDACCESS-NETWORK - CloudAccess.net, LLC, US. The main domain is smiles-resgate.cloudaccess.host.
TLS certificate: Issued by RapidSSL RSA CA 2018 on October 29th 2018. Valid for: a year.

This is the only time smiles-resgate.cloudaccess.host was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic (Online) Banco do Brasil (Banking)

Domain & IP information

	IP Address		AS Autonomous System
19	2607:1b00:93b... 2607:1b00:93b2:e42c::aa0f		54456 (CLOUDACCE...) (CLOUDACCESS-NETWORK - CloudAccess.net)
19	1

19 2607:1b00:93b2:e42c::aa0f (United States)

ASN54456 (CLOUDACCESS-NETWORK - CloudAccess.net, LLC, US)

smiles-resgate.cloudaccess.host	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	cloudaccess.host smiles-resgate.cloudaccess.host	146 KB
19	1

	Domain	Requested by
19	smiles-resgate.cloudaccess.host	smiles-resgate.cloudaccess.host
19	1

This site contains no links.

Subject Issuer	Validity	Valid
*.cloudaccess.host RapidSSL RSA CA 2018	`2018-10-29` - `2019-10-29`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://smiles-resgate.cloudaccess.host/areadocliente/b2/index1.php
Frame ID: 232FB5705FAB03B04F9DDCAA3D514FE3
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Twitter Bootstrap () Expand

Overall confidence: 100%
Detected patterns

html /<div[^>]+class="[^"]*glyphicon glyphicon-/i

Page Statistics

19
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

146 kB
Transfer

155 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request index1.php Show response smiles-resgate.cloudaccess.host/areadocliente/b2/	10 KB 2 KB	480ms 119ms	Document text/html	2607:1b00:93b2:e42c::aa0f CloudAccess.net
General Check archive.org Show headers Download Go to Full URL https://smiles-resgate.cloudaccess.host/areadocliente/b2/index1.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2607:1b00:93b2:e42c::aa0f , United States, ASN54456 (CLOUDACCESS-NETWORK - CloudAccess.net, LLC, US), Reverse DNS Software Apache / Resource Hash `e68b0841917b6180fcc597cf25e77148275feab7b589e063a51bc485866eaec6` Request headers Host smiles-resgate.cloudaccess.host Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 28 Mar 2019 00:22:24 GMT Server Apache Vary Accept-Encoding Content-Encoding gzip Keep-Alive timeout=60 Connection Keep-Alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	html5shiv.js Show response smiles-resgate.cloudaccess.host/areadocliente/b2/scripts/	3 KB 2 KB	120ms 119ms	Script text/javascript	2607:1b00:93b2:e42c::aa0f CloudAccess.net
General Check archive.org Show headers Download Go to Full URL https://smiles-resgate.cloudaccess.host/areadocliente/b2/scripts/html5shiv.js Requested by Host: smiles-resgate.cloudaccess.host URL: https://smiles-resgate.cloudaccess.host/areadocliente/b2/index1.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2607:1b00:93b2:e42c::aa0f , United States, ASN54456 (CLOUDACCESS-NETWORK - CloudAccess.net, LLC, US), Reverse DNS Software Apache / Resource Hash `e0eac80838c161f29e7c46d54fbc044d12cd164baae13255e562c6be3aa91809` Request headers Pragma no-cache Accept-Encoding gzip, deflate, br Host smiles-resgate.cloudaccess.host User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept / Referer https://smiles-resgate.cloudaccess.host/areadocliente/b2/index1.php Connection keep-alive Cache-Control no-cache Referer https://smiles-resgate.cloudaccess.host/areadocliente/b2/index1.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 28 Mar 2019 00:22:24 GMT Content-Encoding gzip Last-Modified Tue, 26 Mar 2019 20:59:32 GMT Server Apache Vary Accept-Encoding Content-Type text/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=60 Content-Length 1309
GET H/1.1	200 OK	validation.js Show response smiles-resgate.cloudaccess.host/areadocliente/b2/scripts/	2 KB 1 KB	356ms 119ms	Script text/javascript	2607:1b00:93b2:e42c::aa0f CloudAccess.net
General Check archive.org Show headers Download Go to Full URL https://smiles-resgate.cloudaccess.host/areadocliente/b2/scripts/validation.js Requested by Host: smiles-resgate.cloudaccess.host URL: https://smiles-resgate.cloudaccess.host/areadocliente/b2/index1.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2607:1b00:93b2:e42c::aa0f , United States, ASN54456 (CLOUDACCESS-NETWORK - CloudAccess.net, LLC, US), Reverse DNS Software Apache / Resource Hash `d14f78c56db5003279a3ef61acace7474c222cd8fd59b9f23960664af5c1a464` Request headers Pragma no-cache Accept-Encoding gzip, deflate, br Host smiles-resgate.cloudaccess.host User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept / Referer https://smiles-resgate.cloudaccess.host/areadocliente/b2/index1.php Connection keep-alive Cache-Control no-cache Referer https://smiles-resgate.cloudaccess.host/areadocliente/b2/index1.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 28 Mar 2019 00:22:24 GMT Content-Encoding gzip Last-Modified Tue, 26 Mar 2019 20:59:33 GMT Server Apache Vary Accept-Encoding Content-Type text/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=60 Content-Length 926
GET H/1.1	200 OK	style.css smiles-resgate.cloudaccess.host/areadocliente/b2/css/	3 KB 1 KB	239ms 119ms	Stylesheet text/css	2607:1b00:93b2:e42c::aa0f CloudAccess.net
General Check archive.org Show headers Download Go to Full URL https://smiles-resgate.cloudaccess.host/areadocliente/b2/css/style.css Requested by Host: smiles-resgate.cloudaccess.host URL: https://smiles-resgate.cloudaccess.host/areadocliente/b2/index1.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2607:1b00:93b2:e42c::aa0f , United States, ASN54456 (CLOUDACCESS-NETWORK - CloudAccess.net, LLC, US), Reverse DNS Software Apache / Resource Hash `bd87b1b59995899e056041882b31e4ccf8433ffcf19c3b5caed56c71bfe42759` Request headers Pragma no-cache Accept-Encoding gzip, deflate, br Host smiles-resgate.cloudaccess.host User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/css,/;q=0.1 Referer https://smiles-resgate.cloudaccess.host/areadocliente/b2/index1.php Connection keep-alive Cache-Control no-cache Referer https://smiles-resgate.cloudaccess.host/areadocliente/b2/index1.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 28 Mar 2019 00:22:24 GMT Content-Encoding gzip Last-Modified Tue, 26 Mar 2019 20:59:22 GMT Server Apache Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=60 Content-Length 982
GET H/1.1	200 OK	bg-loading.png smiles-resgate.cloudaccess.host/areadocliente/b2/images/	936 B 1 KB	119ms 119ms	Image image/png	2607:1b00:93b2:e42c::aa0f CloudAccess.net
General Check archive.org Show headers Download Go to Show image Full URL https://smiles-resgate.cloudaccess.host/areadocliente/b2/images/bg-loading.png Requested by Host: smiles-resgate.cloudaccess.host URL: https://smiles-resgate.cloudaccess.host/areadocliente/b2/index1.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2607:1b00:93b2:e42c::aa0f , United States, ASN54456 (CLOUDACCESS-NETWORK - CloudAccess.net, LLC, US), Reverse DNS Software Apache / Resource Hash `0f816aa3e13c76f3afc51dac686b7c5c705344ff43d91d64701463f7e0bbdea4` Request headers Pragma no-cache Accept-Encoding gzip, deflate, br Host smiles-resgate.cloudaccess.host User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://smiles-resgate.cloudaccess.host/areadocliente/b2/css/style.css Connection keep-alive Cache-Control no-cache Referer https://smiles-resgate.cloudaccess.host/areadocliente/b2/css/style.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 28 Mar 2019 00:22:25 GMT Last-Modified Tue, 26 Mar 2019 20:59:30 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=60 Content-Length 936
GET H/1.1	200 OK	a001.jpg smiles-resgate.cloudaccess.host/areadocliente/b2/images/	688 B 923 B	119ms 118ms	Image image/jpeg	2607:1b00:93b2:e42c::aa0f CloudAccess.net
General Check archive.org Show headers Download Go to Show image Full URL https://smiles-resgate.cloudaccess.host/areadocliente/b2/images/a001.jpg Requested by Host: smiles-resgate.cloudaccess.host URL: https://smiles-resgate.cloudaccess.host/areadocliente/b2/index1.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2607:1b00:93b2:e42c::aa0f , United States, ASN54456 (CLOUDACCESS-NETWORK - CloudAccess.net, LLC, US), Reverse DNS Software Apache / Resource Hash `0d06f3aca331f8937e75ff556646373af0e08daf6d6176a167d238fbac9e2edf` Request headers Pragma no-cache Accept-Encoding gzip, deflate, br Host smiles-resgate.cloudaccess.host User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://smiles-resgate.cloudaccess.host/areadocliente/b2/index1.php Connection keep-alive Cache-Control no-cache Referer https://smiles-resgate.cloudaccess.host/areadocliente/b2/index1.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 28 Mar 2019 00:22:25 GMT Last-Modified Tue, 26 Mar 2019 20:59:25 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=60 Content-Length 688
GET H/1.1	200 OK	vendana.ttf smiles-resgate.cloudaccess.host/areadocliente/b2/font/	24 KB 24 KB	119ms 119ms	Font application/font-sfnt	2607:1b00:93b2:e42c::aa0f CloudAccess.net
General Check archive.org Show headers Download Go to Full URL https://smiles-resgate.cloudaccess.host/areadocliente/b2/font/vendana.ttf Requested by Host: smiles-resgate.cloudaccess.host URL: https://smiles-resgate.cloudaccess.host/areadocliente/b2/index1.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2607:1b00:93b2:e42c::aa0f , United States, ASN54456 (CLOUDACCESS-NETWORK - CloudAccess.net, LLC, US), Reverse DNS Software Apache / Resource Hash `08a6d8da065b19284ca6b507b10881daae2230a9e933c3c3e93ad6a8d7d75105` Request headers Pragma no-cache Origin https://smiles-resgate.cloudaccess.host Accept-Encoding gzip, deflate, br Host smiles-resgate.cloudaccess.host User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept / Referer https://smiles-resgate.cloudaccess.host/areadocliente/b2/css/style.css Connection keep-alive Cache-Control no-cache User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://smiles-resgate.cloudaccess.host/areadocliente/b2/css/style.css Origin https://smiles-resgate.cloudaccess.host Response headers Date Thu, 28 Mar 2019 00:22:25 GMT Last-Modified Tue, 26 Mar 2019 20:59:23 GMT Server Apache Content-Type application/font-sfnt Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=60 Content-Length 24632
GET H/1.1	200 OK	a005.jpg smiles-resgate.cloudaccess.host/areadocliente/b2/images/	291 B 526 B	475ms 118ms	Image image/jpeg	2607:1b00:93b2:e42c::aa0f CloudAccess.net
General Check archive.org Show headers Download Go to Show image Full URL https://smiles-resgate.cloudaccess.host/areadocliente/b2/images/a005.jpg Requested by Host: smiles-resgate.cloudaccess.host URL: https://smiles-resgate.cloudaccess.host/areadocliente/b2/index1.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2607:1b00:93b2:e42c::aa0f , United States, ASN54456 (CLOUDACCESS-NETWORK - CloudAccess.net, LLC, US), Reverse DNS Software Apache / Resource Hash `df31128097dfd09bc967c2a3551e788782a143cc9e7bccaade77fbc2a516912a` Request headers Pragma no-cache Accept-Encoding gzip, deflate, br Host smiles-resgate.cloudaccess.host User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://smiles-resgate.cloudaccess.host/areadocliente/b2/css/style.css Connection keep-alive Cache-Control no-cache Referer https://smiles-resgate.cloudaccess.host/areadocliente/b2/css/style.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 28 Mar 2019 00:22:25 GMT Last-Modified Tue, 26 Mar 2019 20:59:27 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=60 Content-Length 291
GET H/1.1	200 OK	a001.png smiles-resgate.cloudaccess.host/areadocliente/b2/images/	58 KB 58 KB	476ms 119ms	Image image/png	2607:1b00:93b2:e42c::aa0f CloudAccess.net
General Check archive.org Show headers Download Go to Show image Full URL https://smiles-resgate.cloudaccess.host/areadocliente/b2/images/a001.png Requested by Host: smiles-resgate.cloudaccess.host URL: https://smiles-resgate.cloudaccess.host/areadocliente/b2/index1.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2607:1b00:93b2:e42c::aa0f , United States, ASN54456 (CLOUDACCESS-NETWORK - CloudAccess.net, LLC, US), Reverse DNS Software Apache / Resource Hash `820d994be588724db546b2427c4157f5d14745f6a4ad3693aaa1a5c0aa6e7ecb` Request headers Pragma no-cache Accept-Encoding gzip, deflate, br Host smiles-resgate.cloudaccess.host User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://smiles-resgate.cloudaccess.host/areadocliente/b2/index1.php Connection keep-alive Cache-Control no-cache Referer https://smiles-resgate.cloudaccess.host/areadocliente/b2/index1.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 28 Mar 2019 00:22:25 GMT Last-Modified Tue, 26 Mar 2019 20:59:26 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=60 Content-Length 59040
GET H/1.1	200 OK	b001.jpg smiles-resgate.cloudaccess.host/areadocliente/b2/images/	2 KB 3 KB	475ms 119ms	Image image/jpeg	2607:1b00:93b2:e42c::aa0f CloudAccess.net
General Check archive.org Show headers Download Go to Show image Full URL https://smiles-resgate.cloudaccess.host/areadocliente/b2/images/b001.jpg Requested by Host: smiles-resgate.cloudaccess.host URL: https://smiles-resgate.cloudaccess.host/areadocliente/b2/index1.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2607:1b00:93b2:e42c::aa0f , United States, ASN54456 (CLOUDACCESS-NETWORK - CloudAccess.net, LLC, US), Reverse DNS Software Apache / Resource Hash `b901ddff0baeb768dbaa7700cd2c01e1f031b4a025aec332451674c25badaca6` Request headers Pragma no-cache Accept-Encoding gzip, deflate, br Host smiles-resgate.cloudaccess.host User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://smiles-resgate.cloudaccess.host/areadocliente/b2/index1.php Connection keep-alive Cache-Control no-cache Referer https://smiles-resgate.cloudaccess.host/areadocliente/b2/index1.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 28 Mar 2019 00:22:25 GMT Last-Modified Tue, 26 Mar 2019 20:59:28 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=60 Content-Length 2359
GET H/1.1	200 OK	b002.jpg smiles-resgate.cloudaccess.host/areadocliente/b2/images/	3 KB 3 KB	351ms 120ms	Image image/jpeg	2607:1b00:93b2:e42c::aa0f CloudAccess.net
General Check archive.org Show headers Download Go to Show image Full URL https://smiles-resgate.cloudaccess.host/areadocliente/b2/images/b002.jpg Requested by Host: smiles-resgate.cloudaccess.host URL: https://smiles-resgate.cloudaccess.host/areadocliente/b2/index1.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2607:1b00:93b2:e42c::aa0f , United States, ASN54456 (CLOUDACCESS-NETWORK - CloudAccess.net, LLC, US), Reverse DNS Software Apache / Resource Hash `22862f217cdb1a70c959cce6f90d6373787c9f6b75f0b6f83bbb825b4e63daea` Request headers Pragma no-cache Accept-Encoding gzip, deflate, br Host smiles-resgate.cloudaccess.host User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://smiles-resgate.cloudaccess.host/areadocliente/b2/index1.php Connection keep-alive Cache-Control no-cache Referer https://smiles-resgate.cloudaccess.host/areadocliente/b2/index1.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 28 Mar 2019 00:22:25 GMT Last-Modified Tue, 26 Mar 2019 20:59:28 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=60 Content-Length 3157
GET H/1.1	200 OK	b003.jpg smiles-resgate.cloudaccess.host/areadocliente/b2/images/	2 KB 3 KB	350ms 119ms	Image image/jpeg	2607:1b00:93b2:e42c::aa0f CloudAccess.net
General Check archive.org Show headers Download Go to Show image Full URL https://smiles-resgate.cloudaccess.host/areadocliente/b2/images/b003.jpg Requested by Host: smiles-resgate.cloudaccess.host URL: https://smiles-resgate.cloudaccess.host/areadocliente/b2/index1.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2607:1b00:93b2:e42c::aa0f , United States, ASN54456 (CLOUDACCESS-NETWORK - CloudAccess.net, LLC, US), Reverse DNS Software Apache / Resource Hash `948b0f27b52fb0173c5eeb4790f8542befb2fb2478e7a0946c4ef8eecec4d45a` Request headers Pragma no-cache Accept-Encoding gzip, deflate, br Host smiles-resgate.cloudaccess.host User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://smiles-resgate.cloudaccess.host/areadocliente/b2/index1.php Connection keep-alive Cache-Control no-cache Referer https://smiles-resgate.cloudaccess.host/areadocliente/b2/index1.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 28 Mar 2019 00:22:25 GMT Last-Modified Tue, 26 Mar 2019 20:59:29 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=60 Content-Length 2485
GET H/1.1	200 OK	b004.jpg smiles-resgate.cloudaccess.host/areadocliente/b2/images/	3 KB 3 KB	351ms 119ms	Image image/jpeg	2607:1b00:93b2:e42c::aa0f CloudAccess.net
General Check archive.org Show headers Download Go to Show image Full URL https://smiles-resgate.cloudaccess.host/areadocliente/b2/images/b004.jpg Requested by Host: smiles-resgate.cloudaccess.host URL: https://smiles-resgate.cloudaccess.host/areadocliente/b2/index1.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2607:1b00:93b2:e42c::aa0f , United States, ASN54456 (CLOUDACCESS-NETWORK - CloudAccess.net, LLC, US), Reverse DNS Software Apache / Resource Hash `c1ed9502f0dbb8ccd392682536ba0ad9cd9eee98d411899f73eafe0696b11b71` Request headers Pragma no-cache Accept-Encoding gzip, deflate, br Host smiles-resgate.cloudaccess.host User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://smiles-resgate.cloudaccess.host/areadocliente/b2/index1.php Connection keep-alive Cache-Control no-cache Referer https://smiles-resgate.cloudaccess.host/areadocliente/b2/index1.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 28 Mar 2019 00:22:25 GMT Last-Modified Tue, 26 Mar 2019 20:59:29 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=60 Content-Length 2721
GET H/1.1	200 OK	b005.jpg smiles-resgate.cloudaccess.host/areadocliente/b2/images/	3 KB 3 KB	351ms 119ms	Image image/jpeg	2607:1b00:93b2:e42c::aa0f CloudAccess.net
General Check archive.org Show headers Download Go to Show image Full URL https://smiles-resgate.cloudaccess.host/areadocliente/b2/images/b005.jpg Requested by Host: smiles-resgate.cloudaccess.host URL: https://smiles-resgate.cloudaccess.host/areadocliente/b2/index1.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2607:1b00:93b2:e42c::aa0f , United States, ASN54456 (CLOUDACCESS-NETWORK - CloudAccess.net, LLC, US), Reverse DNS Software Apache / Resource Hash `aeffc43eafdd31839f0f7c0d98dbcf6227998473b4f767643e601f0473c91ccf` Request headers Pragma no-cache Accept-Encoding gzip, deflate, br Host smiles-resgate.cloudaccess.host User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://smiles-resgate.cloudaccess.host/areadocliente/b2/index1.php Connection keep-alive Cache-Control no-cache Referer https://smiles-resgate.cloudaccess.host/areadocliente/b2/index1.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 28 Mar 2019 00:22:25 GMT Last-Modified Tue, 26 Mar 2019 20:59:29 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=60 Content-Length 2906
GET H/1.1	200 OK	b006.jpg smiles-resgate.cloudaccess.host/areadocliente/b2/images/	4 KB 5 KB	230ms 119ms	Image image/jpeg	2607:1b00:93b2:e42c::aa0f CloudAccess.net
General Check archive.org Show headers Download Go to Show image Full URL https://smiles-resgate.cloudaccess.host/areadocliente/b2/images/b006.jpg Requested by Host: smiles-resgate.cloudaccess.host URL: https://smiles-resgate.cloudaccess.host/areadocliente/b2/index1.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2607:1b00:93b2:e42c::aa0f , United States, ASN54456 (CLOUDACCESS-NETWORK - CloudAccess.net, LLC, US), Reverse DNS Software Apache / Resource Hash `3de4beba648833a8ccf8a5ae98814334667d35c90334aec8d02896c13271e238` Request headers Pragma no-cache Accept-Encoding gzip, deflate, br Host smiles-resgate.cloudaccess.host User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://smiles-resgate.cloudaccess.host/areadocliente/b2/index1.php Connection keep-alive Cache-Control no-cache Referer https://smiles-resgate.cloudaccess.host/areadocliente/b2/index1.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 28 Mar 2019 00:22:25 GMT Last-Modified Tue, 26 Mar 2019 20:59:29 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=60 Content-Length 4483
GET H/1.1	200 OK	b007.jpg smiles-resgate.cloudaccess.host/areadocliente/b2/images/	2 KB 3 KB	230ms 119ms	Image image/jpeg	2607:1b00:93b2:e42c::aa0f CloudAccess.net
General Check archive.org Show headers Download Go to Show image Full URL https://smiles-resgate.cloudaccess.host/areadocliente/b2/images/b007.jpg Requested by Host: smiles-resgate.cloudaccess.host URL: https://smiles-resgate.cloudaccess.host/areadocliente/b2/index1.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2607:1b00:93b2:e42c::aa0f , United States, ASN54456 (CLOUDACCESS-NETWORK - CloudAccess.net, LLC, US), Reverse DNS Software Apache / Resource Hash `62260119b6810358aa4c80adaf88a701c534b0837eeb14f2cb3281a83491ad8f` Request headers Pragma no-cache Accept-Encoding gzip, deflate, br Host smiles-resgate.cloudaccess.host User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://smiles-resgate.cloudaccess.host/areadocliente/b2/index1.php Connection keep-alive Cache-Control no-cache Referer https://smiles-resgate.cloudaccess.host/areadocliente/b2/index1.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 28 Mar 2019 00:22:25 GMT Last-Modified Tue, 26 Mar 2019 20:59:30 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=60 Content-Length 2371
GET H/1.1	200 OK	b008.jpg smiles-resgate.cloudaccess.host/areadocliente/b2/images/	2 KB 2 KB	351ms 119ms	Image image/jpeg	2607:1b00:93b2:e42c::aa0f CloudAccess.net
General Check archive.org Show headers Download Go to Show image Full URL https://smiles-resgate.cloudaccess.host/areadocliente/b2/images/b008.jpg Requested by Host: smiles-resgate.cloudaccess.host URL: https://smiles-resgate.cloudaccess.host/areadocliente/b2/index1.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2607:1b00:93b2:e42c::aa0f , United States, ASN54456 (CLOUDACCESS-NETWORK - CloudAccess.net, LLC, US), Reverse DNS Software Apache / Resource Hash `9a05007ed6bc7e521d536facba4f294b1645889887b8f10ef955c38030739c2f` Request headers Pragma no-cache Accept-Encoding gzip, deflate, br Host smiles-resgate.cloudaccess.host User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://smiles-resgate.cloudaccess.host/areadocliente/b2/index1.php Connection keep-alive Cache-Control no-cache Referer https://smiles-resgate.cloudaccess.host/areadocliente/b2/index1.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 28 Mar 2019 00:22:25 GMT Last-Modified Tue, 26 Mar 2019 20:59:30 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=60 Content-Length 1753
GET H/1.1	200 OK	a003.jpg smiles-resgate.cloudaccess.host/areadocliente/b2/images/	16 KB 16 KB	350ms 120ms	Image image/jpeg	2607:1b00:93b2:e42c::aa0f CloudAccess.net
General Check archive.org Show headers Download Go to Show image Full URL https://smiles-resgate.cloudaccess.host/areadocliente/b2/images/a003.jpg Requested by Host: smiles-resgate.cloudaccess.host URL: https://smiles-resgate.cloudaccess.host/areadocliente/b2/index1.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2607:1b00:93b2:e42c::aa0f , United States, ASN54456 (CLOUDACCESS-NETWORK - CloudAccess.net, LLC, US), Reverse DNS Software Apache / Resource Hash `f285d38ff7118a7a7cfa89933b8080bf1da608bbedd2843b9c7ca84e61018c26` Request headers Pragma no-cache Accept-Encoding gzip, deflate, br Host smiles-resgate.cloudaccess.host User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://smiles-resgate.cloudaccess.host/areadocliente/b2/index1.php Connection keep-alive Cache-Control no-cache Referer https://smiles-resgate.cloudaccess.host/areadocliente/b2/index1.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 28 Mar 2019 00:22:25 GMT Last-Modified Tue, 26 Mar 2019 20:59:26 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=60 Content-Length 16246
GET H/1.1	200 OK	a004.jpg smiles-resgate.cloudaccess.host/areadocliente/b2/images/	15 KB 16 KB	467ms 119ms	Image image/jpeg	2607:1b00:93b2:e42c::aa0f CloudAccess.net
General Check archive.org Show headers Download Go to Show image Full URL https://smiles-resgate.cloudaccess.host/areadocliente/b2/images/a004.jpg Requested by Host: smiles-resgate.cloudaccess.host URL: https://smiles-resgate.cloudaccess.host/areadocliente/b2/index1.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2607:1b00:93b2:e42c::aa0f , United States, ASN54456 (CLOUDACCESS-NETWORK - CloudAccess.net, LLC, US), Reverse DNS Software Apache / Resource Hash `95a7e068e63e20d49755321eaf90791c0e191407794b961b4e9223e564ecbaac` Request headers Pragma no-cache Accept-Encoding gzip, deflate, br Host smiles-resgate.cloudaccess.host User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://smiles-resgate.cloudaccess.host/areadocliente/b2/index1.php Connection keep-alive Cache-Control no-cache Referer https://smiles-resgate.cloudaccess.host/areadocliente/b2/index1.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 28 Mar 2019 00:22:25 GMT Last-Modified Tue, 26 Mar 2019 20:59:27 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=60 Content-Length 15710

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic (Online) Banco do Brasil (Banking)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

smiles-resgate.cloudaccess.host
2607:1b00:93b2:e42c::aa0f
08a6d8da065b19284ca6b507b10881daae2230a9e933c3c3e93ad6a8d7d75105
0d06f3aca331f8937e75ff556646373af0e08daf6d6176a167d238fbac9e2edf
0f816aa3e13c76f3afc51dac686b7c5c705344ff43d91d64701463f7e0bbdea4
22862f217cdb1a70c959cce6f90d6373787c9f6b75f0b6f83bbb825b4e63daea
3de4beba648833a8ccf8a5ae98814334667d35c90334aec8d02896c13271e238
62260119b6810358aa4c80adaf88a701c534b0837eeb14f2cb3281a83491ad8f
820d994be588724db546b2427c4157f5d14745f6a4ad3693aaa1a5c0aa6e7ecb
948b0f27b52fb0173c5eeb4790f8542befb2fb2478e7a0946c4ef8eecec4d45a
95a7e068e63e20d49755321eaf90791c0e191407794b961b4e9223e564ecbaac
9a05007ed6bc7e521d536facba4f294b1645889887b8f10ef955c38030739c2f
aeffc43eafdd31839f0f7c0d98dbcf6227998473b4f767643e601f0473c91ccf
b901ddff0baeb768dbaa7700cd2c01e1f031b4a025aec332451674c25badaca6
bd87b1b59995899e056041882b31e4ccf8433ffcf19c3b5caed56c71bfe42759
c1ed9502f0dbb8ccd392682536ba0ad9cd9eee98d411899f73eafe0696b11b71
d14f78c56db5003279a3ef61acace7474c222cd8fd59b9f23960664af5c1a464
df31128097dfd09bc967c2a3551e788782a143cc9e7bccaade77fbc2a516912a
e0eac80838c161f29e7c46d54fbc044d12cd164baae13255e562c6be3aa91809
e68b0841917b6180fcc597cf25e77148275feab7b589e063a51bc485866eaec6
f285d38ff7118a7a7cfa89933b8080bf1da608bbedd2843b9c7ca84e61018c26

smiles-resgate.cloudaccess.host Open in urlscan Pro 2607:1b00:93b2:e42c::aa0f Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

19 Requests

100 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

146 kBTransfer

155 kBSize

0 Cookies

0 Outgoing links

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

10 JavaScript Global Variables

0 Cookies

Indicators

smiles-resgate.cloudaccess.host Open in urlscan Pro
2607:1b00:93b2:e42c::aa0f Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

146 kB
Transfer

155 kB
Size

0
Cookies

19 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!