analiafranco.com.br Open in urlscan Pro
177.70.106.253  Malicious Activity! Public Scan

Submitted URL: http://www.residencialgirassoltorres.com.br/ITAU.REDIRECTI01/ITA.REDIRECTI1/atendimento.cliente.seguro/cadastrar.referencia/acesso.pendente....
Effective URL: http://analiafranco.com.br/Bankline02/
Submission: On March 18 via automatic, source openphish

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 22 HTTP transactions. The main IP is 177.70.106.253, located in Brazil and belongs to Mandic S.A., BR. The main domain is analiafranco.com.br.
This is the only time analiafranco.com.br was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Banco Itau (Banking)

Domain & IP information

IP Address AS Autonomous System
1 201.33.17.100 28271 (DataCorpo...)
1 19 177.70.106.253 262545 (Mandic S.A.)
1 172.217.16.170 15169 (GOOGLE)
2 216.58.214.67 15169 (GOOGLE)
22 4
Domain Requested by
19 analiafranco.com.br 1 redirects analiafranco.com.br
2 fonts.gstatic.com analiafranco.com.br
1 fonts.googleapis.com analiafranco.com.br
1 www.residencialgirassoltorres.com.br
22 4

This site contains no links.

Subject Issuer Validity Valid

This page contains 1 frames:

Primary Page: http://analiafranco.com.br/Bankline02/
Frame ID: D456FD1B26AC64C3A386CDF7D16DFED1
Requests: 22 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://www.residencialgirassoltorres.com.br/ITAU.REDIRECTI01/ITA.REDIRECTI1/atendimento.cliente.seguro/cadastrar.referen... Page URL
  2. http://analiafranco.com.br/Bankline02 HTTP 301
    http://analiafranco.com.br/Bankline02/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Page Statistics

22
Requests

0 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

463 kB
Transfer

466 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.residencialgirassoltorres.com.br/ITAU.REDIRECTI01/ITA.REDIRECTI1/atendimento.cliente.seguro/cadastrar.referencia/acesso.pendente.comunicacao/ Page URL
  2. http://analiafranco.com.br/Bankline02 HTTP 301
    http://analiafranco.com.br/Bankline02/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
www.residencialgirassoltorres.com.br/ITAU.REDIRECTI01/ITA.REDIRECTI1/atendimento.cliente.seguro/cadastrar.referencia/acesso.pendente.comunicacao/
82 B
425 B
Document
General
Full URL
http://www.residencialgirassoltorres.com.br/ITAU.REDIRECTI01/ITA.REDIRECTI1/atendimento.cliente.seguro/cadastrar.referencia/acesso.pendente.comunicacao/
Protocol
HTTP/1.1
Server
201.33.17.100 Rio De Janeiro, Brazil, ASN28271 (DataCorpore Serviços e Representações, BR),
Reverse DNS
rede17-server100.t5.com.br
Software
Apache /
Resource Hash
d8eeb25756f350e8fe3dd7939938be56edb72c951e29c7ac87ec222f275f3eff

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.residencialgirassoltorres.com.br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Cache-Control
no-cache
Connection
keep-alive
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Sun, 18 Mar 2018 12:49:51 GMT
Content-Encoding
gzip
Last-Modified
Sun, 18 Mar 2018 06:48:19 GMT
Server
Apache
ETag
"1cc67c9f-52-567aa3a0412c0"
Vary
Accept-Encoding
Content-Type
text/html
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=8, max=80
Content-Length
102
Primary Request /
analiafranco.com.br/Bankline02/
Redirect Chain
  • http://analiafranco.com.br/Bankline02
  • http://analiafranco.com.br/Bankline02/
3 KB
1 KB
Document
General
Full URL
http://analiafranco.com.br/Bankline02/
Protocol
HTTP/1.1
Server
177.70.106.253 , Brazil, ASN262545 (Mandic S.A., BR),
Reverse DNS
Software
nginx / PHP/5.6.20 PleskLin
Resource Hash
475fced2cdf2779ea1fa5d13c2579b99f93d6220c9e3473f8cf8c95859c81861

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
analiafranco.com.br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://www.residencialgirassoltorres.com.br/ITAU.REDIRECTI01/ITA.REDIRECTI1/atendimento.cliente.seguro/cadastrar.referencia/acesso.pendente.comunicacao/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.residencialgirassoltorres.com.br/ITAU.REDIRECTI01/ITA.REDIRECTI1/atendimento.cliente.seguro/cadastrar.referencia/acesso.pendente.comunicacao/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Sun, 18 Mar 2018 14:35:23 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
PHP/5.6.20 PleskLin
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive

Redirect headers

Location
http://analiafranco.com.br/Bankline02/
Date
Sun, 18 Mar 2018 14:35:23 GMT
Server
nginx
Connection
keep-alive
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
home.css
analiafranco.com.br/Bankline02/_styles/
5 KB
6 KB
Stylesheet
General
Full URL
http://analiafranco.com.br/Bankline02/_styles/home.css
Requested by
Host: analiafranco.com.br
URL: http://analiafranco.com.br/Bankline02/
Protocol
HTTP/1.1
Server
177.70.106.253 , Brazil, ASN262545 (Mandic S.A., BR),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
9f38e0842276175707b0c625f1dc34e6ba4bd75ba1acff70c809688ba381d3f8

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
analiafranco.com.br
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://analiafranco.com.br/Bankline02/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://analiafranco.com.br/Bankline02/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Sun, 18 Mar 2018 14:35:23 GMT
ETag
"e65939-15e7-567a80c0aa5bf"
Last-Modified
Sun, 18 Mar 2018 04:12:17 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5607
jquery.js
analiafranco.com.br/Bankline02/_jscripts/
252 KB
252 KB
Script
General
Full URL
http://analiafranco.com.br/Bankline02/_jscripts/jquery.js
Requested by
Host: analiafranco.com.br
URL: http://analiafranco.com.br/Bankline02/
Protocol
HTTP/1.1
Server
177.70.106.253 , Brazil, ASN262545 (Mandic S.A., BR),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
893e90f6230962e42231635df650f20544ad22affc3ee396df768eaa6bc5a6a2

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
analiafranco.com.br
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
http://analiafranco.com.br/Bankline02/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://analiafranco.com.br/Bankline02/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Sun, 18 Mar 2018 14:35:23 GMT
ETag
"e658a7-3ee0f-567a80c14a06f"
Last-Modified
Sun, 18 Mar 2018 04:12:18 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
257551
j_home.js
analiafranco.com.br/Bankline02/_jscripts/
2 KB
2 KB
Script
General
Full URL
http://analiafranco.com.br/Bankline02/_jscripts/j_home.js
Requested by
Host: analiafranco.com.br
URL: http://analiafranco.com.br/Bankline02/
Protocol
HTTP/1.1
Server
177.70.106.253 , Brazil, ASN262545 (Mandic S.A., BR),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
b046acbcaec568b51e48a35af60ff51d7802052b2dab3b3f03fa403484149a11

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
analiafranco.com.br
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
http://analiafranco.com.br/Bankline02/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://analiafranco.com.br/Bankline02/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Sun, 18 Mar 2018 14:35:23 GMT
ETag
"e658db-694-567a80bba4f57"
Last-Modified
Sun, 18 Mar 2018 04:12:12 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1684
css
fonts.googleapis.com/
7 KB
791 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700,900
Requested by
Host: analiafranco.com.br
URL: http://analiafranco.com.br/Bankline02/
Protocol
SPDY
Server
172.217.16.170 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s11-in-f170.1e100.net
Software
ESF /
Resource Hash
f1655eda94fb96051896e5248ce1f9b939d55c0a1dfe0c4d58e2771974c10df8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://analiafranco.com.br/Bankline02/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Sun, 18 Mar 2018 14:42:03 GMT
content-encoding
gzip
last-modified
Sun, 18 Mar 2018 14:42:03 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
x-xss-protection
1; mode=block
expires
Sun, 18 Mar 2018 14:42:03 GMT
logo.png
analiafranco.com.br/Bankline02/_images/
14 KB
14 KB
Image
General
Full URL
http://analiafranco.com.br/Bankline02/_images/logo.png
Requested by
Host: analiafranco.com.br
URL: http://analiafranco.com.br/Bankline02/
Protocol
HTTP/1.1
Server
177.70.106.253 , Brazil, ASN262545 (Mandic S.A., BR),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
f785fde60db37f874e6e4202bf78d6b654d51e3cd8d9c76eb0821bb218222207

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
analiafranco.com.br
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://analiafranco.com.br/Bankline02/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://analiafranco.com.br/Bankline02/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Sun, 18 Mar 2018 14:35:24 GMT
ETag
"e65855-366a-567a80b9d1eaf"
Last-Modified
Sun, 18 Mar 2018 04:12:10 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13930
abrir_cnt.png
analiafranco.com.br/Bankline02/_images/
2 KB
3 KB
Image
General
Full URL
http://analiafranco.com.br/Bankline02/_images/abrir_cnt.png
Requested by
Host: analiafranco.com.br
URL: http://analiafranco.com.br/Bankline02/
Protocol
HTTP/1.1
Server
177.70.106.253 , Brazil, ASN262545 (Mandic S.A., BR),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
df368f0e337541f9eb0723730acdd7e874bfed27607ad5b1a8deed656a2116e7

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
analiafranco.com.br
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://analiafranco.com.br/Bankline02/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://analiafranco.com.br/Bankline02/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Sun, 18 Mar 2018 14:35:24 GMT
ETag
"e65721-920-567a80b501407"
Last-Modified
Sun, 18 Mar 2018 04:12:05 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2336
fast_acess.jpg
analiafranco.com.br/Bankline02/_images/
4 KB
4 KB
Image
General
Full URL
http://analiafranco.com.br/Bankline02/_images/fast_acess.jpg
Requested by
Host: analiafranco.com.br
URL: http://analiafranco.com.br/Bankline02/
Protocol
HTTP/1.1
Server
177.70.106.253 , Brazil, ASN262545 (Mandic S.A., BR),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
e4b86d9457a6a7d7f898728af2f2e75ca2a35cbafb216aa9b56f6c991837bbfb

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
analiafranco.com.br
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://analiafranco.com.br/Bankline02/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://analiafranco.com.br/Bankline02/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Sun, 18 Mar 2018 14:35:24 GMT
ETag
"e657da-e6b-567a80b82f75f"
Last-Modified
Sun, 18 Mar 2018 04:12:08 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3691
text_acess_nw.jpg
analiafranco.com.br/Bankline02/_images/
5 KB
5 KB
Image
General
Full URL
http://analiafranco.com.br/Bankline02/_images/text_acess_nw.jpg
Requested by
Host: analiafranco.com.br
URL: http://analiafranco.com.br/Bankline02/
Protocol
HTTP/1.1
Server
177.70.106.253 , Brazil, ASN262545 (Mandic S.A., BR),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
b11cbc356f2622f91160aeeb4865f4b18bd07f9b5d8bb80dfb5009b352c47b3b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
analiafranco.com.br
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://analiafranco.com.br/Bankline02/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://analiafranco.com.br/Bankline02/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Sun, 18 Mar 2018 14:35:24 GMT
ETag
"e65875-1373-567a80ba859af"
Last-Modified
Sun, 18 Mar 2018 04:12:11 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4979
ag_acess.jpg
analiafranco.com.br/Bankline02/_images/
1 KB
2 KB
Image
General
Full URL
http://analiafranco.com.br/Bankline02/_images/ag_acess.jpg
Requested by
Host: analiafranco.com.br
URL: http://analiafranco.com.br/Bankline02/
Protocol
HTTP/1.1
Server
177.70.106.253 , Brazil, ASN262545 (Mandic S.A., BR),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
d4bbfc5aa93742f18631f6de398d99d2d231470da345025a521fa2e4948da533

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
analiafranco.com.br
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://analiafranco.com.br/Bankline02/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://analiafranco.com.br/Bankline02/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Sun, 18 Mar 2018 14:35:24 GMT
ETag
"e65727-503-567a80b5363af"
Last-Modified
Sun, 18 Mar 2018 04:12:05 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1283
ct_acess.jpg
analiafranco.com.br/Bankline02/_images/
9 KB
10 KB
Image
General
Full URL
http://analiafranco.com.br/Bankline02/_images/ct_acess.jpg
Requested by
Host: analiafranco.com.br
URL: http://analiafranco.com.br/Bankline02/
Protocol
HTTP/1.1
Server
177.70.106.253 , Brazil, ASN262545 (Mandic S.A., BR),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
2d3fbe84b2a673b2a6fc9da6db8473e604727b95a8570a83803eef1b1f5c3b47

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
analiafranco.com.br
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://analiafranco.com.br/Bankline02/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://analiafranco.com.br/Bankline02/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Sun, 18 Mar 2018 14:35:25 GMT
ETag
"e657c3-25a1-567a80b7ee467"
Last-Modified
Sun, 18 Mar 2018 04:12:08 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9633
seguanca.jpg
analiafranco.com.br/Bankline02/_images/
30 KB
30 KB
Image
General
Full URL
http://analiafranco.com.br/Bankline02/_images/seguanca.jpg
Requested by
Host: analiafranco.com.br
URL: http://analiafranco.com.br/Bankline02/
Protocol
HTTP/1.1
Server
177.70.106.253 , Brazil, ASN262545 (Mandic S.A., BR),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
141e7110592d4cd069b54377ba339670faaf913a0d87fe40b1d391187fd69c60

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
analiafranco.com.br
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://analiafranco.com.br/Bankline02/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://analiafranco.com.br/Bankline02/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Sun, 18 Mar 2018 14:35:25 GMT
ETag
"e65867-78de-567a80ba469df"
Last-Modified
Sun, 18 Mar 2018 04:12:11 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
30942
bg_products_now.jpg
analiafranco.com.br/Bankline02/_images/
11 KB
11 KB
Image
General
Full URL
http://analiafranco.com.br/Bankline02/_images/bg_products_now.jpg
Requested by
Host: analiafranco.com.br
URL: http://analiafranco.com.br/Bankline02/
Protocol
HTTP/1.1
Server
177.70.106.253 , Brazil, ASN262545 (Mandic S.A., BR),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
300040059efd99bb6904cfa70c0c6815189f80d467f43b64ee7d1cae3d3bf4f5

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
analiafranco.com.br
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://analiafranco.com.br/Bankline02/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://analiafranco.com.br/Bankline02/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Sun, 18 Mar 2018 14:35:25 GMT
ETag
"e6579d-2cbd-567a80b75726f"
Last-Modified
Sun, 18 Mar 2018 04:12:07 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11453
bg_footer_one.jpg
analiafranco.com.br/Bankline02/_images/
53 KB
54 KB
Image
General
Full URL
http://analiafranco.com.br/Bankline02/_images/bg_footer_one.jpg
Requested by
Host: analiafranco.com.br
URL: http://analiafranco.com.br/Bankline02/
Protocol
HTTP/1.1
Server
177.70.106.253 , Brazil, ASN262545 (Mandic S.A., BR),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
0a1b1d40f6973f448456c4171082a7d6167d9756d1d7affc230f2f0b8c8bf810

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
analiafranco.com.br
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://analiafranco.com.br/Bankline02/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://analiafranco.com.br/Bankline02/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Sun, 18 Mar 2018 14:35:25 GMT
ETag
"e6575a-d5f0-567a80b73110f"
Last-Modified
Sun, 18 Mar 2018 04:12:07 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
54768
footer_left.jpg
analiafranco.com.br/Bankline02/_images/
5 KB
5 KB
Image
General
Full URL
http://analiafranco.com.br/Bankline02/_images/footer_left.jpg
Requested by
Host: analiafranco.com.br
URL: http://analiafranco.com.br/Bankline02/
Protocol
HTTP/1.1
Server
177.70.106.253 , Brazil, ASN262545 (Mandic S.A., BR),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
3bbbc4ac78e391465dad7668a997c5fbad5066e48f28de84f55b022911164174

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
analiafranco.com.br
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://analiafranco.com.br/Bankline02/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://analiafranco.com.br/Bankline02/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Sun, 18 Mar 2018 14:35:25 GMT
ETag
"e657de-14e9-567a80b87a697"
Last-Modified
Sun, 18 Mar 2018 04:12:09 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5353
footer_right.jpg
analiafranco.com.br/Bankline02/_images/
16 KB
17 KB
Image
General
Full URL
http://analiafranco.com.br/Bankline02/_images/footer_right.jpg
Requested by
Host: analiafranco.com.br
URL: http://analiafranco.com.br/Bankline02/
Protocol
HTTP/1.1
Server
177.70.106.253 , Brazil, ASN262545 (Mandic S.A., BR),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
f7068b1fe876277521fba4b0de381f330554a2691daada540f962e55a189a328

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
analiafranco.com.br
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://analiafranco.com.br/Bankline02/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://analiafranco.com.br/Bankline02/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Sun, 18 Mar 2018 14:35:25 GMT
ETag
"e657e0-4177-567a80b90f94f"
Last-Modified
Sun, 18 Mar 2018 04:12:09 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16759
bg-footer.jpg
analiafranco.com.br/Bankline02/_images/
8 KB
9 KB
Image
General
Full URL
http://analiafranco.com.br/Bankline02/_images/bg-footer.jpg
Requested by
Host: analiafranco.com.br
URL: http://analiafranco.com.br/Bankline02/
Protocol
HTTP/1.1
Server
177.70.106.253 , Brazil, ASN262545 (Mandic S.A., BR),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
0aa9d8e31171a1376f381523cb5d933648c7df034e3bd879532e3a871e9a3688

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
analiafranco.com.br
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://analiafranco.com.br/Bankline02/_styles/home.css
Connection
keep-alive
Cache-Control
no-cache
Referer
http://analiafranco.com.br/Bankline02/_styles/home.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Sun, 18 Mar 2018 14:35:25 GMT
ETag
"e6574c-211d-567a80b5c6c2f"
Last-Modified
Sun, 18 Mar 2018 04:12:06 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8477
btn_acess.png
analiafranco.com.br/Bankline02/_images/
2 KB
2 KB
Image
General
Full URL
http://analiafranco.com.br/Bankline02/_images/btn_acess.png
Requested by
Host: analiafranco.com.br
URL: http://analiafranco.com.br/Bankline02/
Protocol
HTTP/1.1
Server
177.70.106.253 , Brazil, ASN262545 (Mandic S.A., BR),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
31b2f28369dac115c91637744d77786e1aaa2bce7c79610ddc7d4eab33095660

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
analiafranco.com.br
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://analiafranco.com.br/Bankline02/_styles/home.css
Connection
keep-alive
Cache-Control
no-cache
Referer
http://analiafranco.com.br/Bankline02/_styles/home.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Sun, 18 Mar 2018 14:35:25 GMT
ETag
"e657bc-88b-567a80b7a9abf"
Last-Modified
Sun, 18 Mar 2018 04:12:08 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2187
bg-header.jpg
analiafranco.com.br/Bankline02/_images/
15 KB
15 KB
Image
General
Full URL
http://analiafranco.com.br/Bankline02/_images/bg-header.jpg
Requested by
Host: analiafranco.com.br
URL: http://analiafranco.com.br/Bankline02/
Protocol
HTTP/1.1
Server
177.70.106.253 , Brazil, ASN262545 (Mandic S.A., BR),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
3a7e24b61b54676282f0e7cd5bcbb07298844a395574d3b82808ba8e730ec3e2

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
analiafranco.com.br
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://analiafranco.com.br/Bankline02/_styles/home.css
Connection
keep-alive
Cache-Control
no-cache
Referer
http://analiafranco.com.br/Bankline02/_styles/home.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Sun, 18 Mar 2018 14:35:25 GMT
ETag
"e65759-3a44-567a80b61c35f"
Last-Modified
Sun, 18 Mar 2018 04:12:06 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14916
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v18/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: analiafranco.com.br
URL: http://analiafranco.com.br/Bankline02/
Protocol
SPDY
Server
216.58.214.67 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s10-in-f3.1e100.net
Software
sffe /
Resource Hash
1be216dbc059d96e288b0c1f399a1a80ee8c65e4c1272dbc4574bd6d23cf45d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:400,700,900
Origin
http://analiafranco.com.br

Response headers

date
Thu, 08 Feb 2018 17:50:16 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:33:03 GMT
server
sffe
age
3271909
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
content-length
10764
x-xss-protection
1; mode=block
expires
Fri, 08 Feb 2019 17:50:16 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v18/
10 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: analiafranco.com.br
URL: http://analiafranco.com.br/Bankline02/
Protocol
SPDY
Server
216.58.214.67 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s10-in-f3.1e100.net
Software
sffe /
Resource Hash
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:400,700,900
Origin
http://analiafranco.com.br

Response headers

date
Mon, 12 Mar 2018 18:01:44 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:51 GMT
server
sffe
age
506421
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
content-length
10748
x-xss-protection
1; mode=block
expires
Tue, 12 Mar 2019 18:01:44 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banco Itau (Banking)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| check_form

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analiafranco.com.br
fonts.googleapis.com
fonts.gstatic.com
www.residencialgirassoltorres.com.br
172.217.16.170
177.70.106.253
201.33.17.100
216.58.214.67
0a1b1d40f6973f448456c4171082a7d6167d9756d1d7affc230f2f0b8c8bf810
0aa9d8e31171a1376f381523cb5d933648c7df034e3bd879532e3a871e9a3688
141e7110592d4cd069b54377ba339670faaf913a0d87fe40b1d391187fd69c60
1be216dbc059d96e288b0c1f399a1a80ee8c65e4c1272dbc4574bd6d23cf45d9
2d3fbe84b2a673b2a6fc9da6db8473e604727b95a8570a83803eef1b1f5c3b47
300040059efd99bb6904cfa70c0c6815189f80d467f43b64ee7d1cae3d3bf4f5
31b2f28369dac115c91637744d77786e1aaa2bce7c79610ddc7d4eab33095660
3a7e24b61b54676282f0e7cd5bcbb07298844a395574d3b82808ba8e730ec3e2
3bbbc4ac78e391465dad7668a997c5fbad5066e48f28de84f55b022911164174
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280
475fced2cdf2779ea1fa5d13c2579b99f93d6220c9e3473f8cf8c95859c81861
893e90f6230962e42231635df650f20544ad22affc3ee396df768eaa6bc5a6a2
9f38e0842276175707b0c625f1dc34e6ba4bd75ba1acff70c809688ba381d3f8
b046acbcaec568b51e48a35af60ff51d7802052b2dab3b3f03fa403484149a11
b11cbc356f2622f91160aeeb4865f4b18bd07f9b5d8bb80dfb5009b352c47b3b
d4bbfc5aa93742f18631f6de398d99d2d231470da345025a521fa2e4948da533
d8eeb25756f350e8fe3dd7939938be56edb72c951e29c7ac87ec222f275f3eff
df368f0e337541f9eb0723730acdd7e874bfed27607ad5b1a8deed656a2116e7
e4b86d9457a6a7d7f898728af2f2e75ca2a35cbafb216aa9b56f6c991837bbfb
f1655eda94fb96051896e5248ce1f9b939d55c0a1dfe0c4d58e2771974c10df8
f7068b1fe876277521fba4b0de381f330554a2691daada540f962e55a189a328
f785fde60db37f874e6e4202bf78d6b654d51e3cd8d9c76eb0821bb218222207