ventlogos.com.br Open in urlscan Pro
187.17.111.47 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://twixar.me/pyFT
Effective URL:
https://ventlogos.com.br/tmp/banco.bradesco/html/classic/
Submission: On November 27 via manual (November 27th 2019, 8:56:16 pm UTC) from BR

Summary HTTP 22 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 22 HTTP transactions. The main IP is 187.17.111.47, located in Brazil and belongs to Universo Online S.A., BR. The main domain is ventlogos.com.br.
TLS certificate: Issued by Let's Encrypt Authority X3 on October 25th 2019. Valid for: 3 months.

This is the only time ventlogos.com.br was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Banco Bradesco (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.4.183.65 52.4.183.65	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
17	187.17.111.47 187.17.111.47	7162 (Universo ...) (Universo Online S.A.)
1	2606:4700::68... 2606:4700::6810:a010	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2a00:1450:400... 2a00:1450:4001:81b::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
1	198.145.13.14 198.145.13.14	2044 (IINET-2044) (IINET-2044 - Infinity Internet)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
22	5

1 52.4.183.65 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-4-183-65.compute-1.amazonaws.com

twixar.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 187.17.111.47 (Brazil)

ASN7162 (Universo Online S.A., BR)

ventlogos.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a010 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

static.getclicky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.145.13.14 (United States)

ASN2044 (IINET-2044 - Infinity Internet, Inc., US)
PTR: getclicky.com

in.getclicky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	ventlogos.com.br ventlogos.com.br	155 KB
2	google-analytics.com www.google-analytics.com	18 KB
2	getclicky.com static.getclicky.com in.getclicky.com	6 KB
1	googletagmanager.com www.googletagmanager.com	27 KB
1	twixar.me 1 redirects twixar.me	396 B
22	5

	Domain	Requested by
17	ventlogos.com.br	ventlogos.com.br
2	www.google-analytics.com	www.googletagmanager.com ventlogos.com.br
1	in.getclicky.com	static.getclicky.com
1	www.googletagmanager.com	ventlogos.com.br
1	static.getclicky.com	ventlogos.com.br
1	twixar.me	1 redirects
22	6

This site contains no links.

Subject Issuer	Validity	Valid
ventlogos.com.br Let's Encrypt Authority X3	`2019-10-25` - `2020-01-23`	3 months	crt.sh
ssl468981.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-07-01` - `2020-01-07`	6 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.getclicky.com COMODO RSA Domain Validation Secure Server CA	`2018-10-29` - `2020-10-15`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://ventlogos.com.br/tmp/banco.bradesco/html/classic/
Frame ID: 08A403326AF96A2CB977651A19EAFEF0
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://twixar.me/pyFT HTTP 301
https://ventlogos.com.br/tmp/banco.bradesco/html/classic/ Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Clicky (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /static\.getclicky\.com/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i

Page Statistics

22
Requests

100 %
HTTPS

50 %
IPv6

5
Domains

6
Subdomains

5
IPs

3
Countries

206 kB
Transfer

570 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://twixar.me/pyFT HTTP 301
https://ventlogos.com.br/tmp/banco.bradesco/html/classic/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
ventlogos.com.br/tmp/banco.bradesco/html/classic/
Redirect Chain

http://twixar.me/pyFT
https://ventlogos.com.br/tmp/banco.bradesco/html/classic/

13 KB
5 KB

1519ms
269ms

Document
text/html

187.17.111.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://ventlogos.com.br/tmp/banco.bradesco/html/classic/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 187.17.111.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
Software: Apache /
Resource Hash: acfd841123eea81b9763424105f2b77fba1423b0c6bd45fd21f41618936c80a6

Request headers

Host: ventlogos.com.br
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 27 Nov 2019 20:55:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Server: Apache
X-App-Status: 1
Last-Modified: Sun, 24 Nov 2019 15:42:36 GMT
ETag: W/"3325-598197f100149"
X-Cache-Status: BYPASS
Content-Encoding: gzip

Redirect headers

Server: nginx
Date: Wed, 27 Nov 2019 20:55:52 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: user_locale=en; path=/; httponly
Cache-Control: private, max-age=300
Location: https://ventlogos.com.br/tmp/banco.bradesco/html/classic/
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H2 200 js Show response
static.getclicky.com/ 15 KB
6 KB 56ms
22ms Script
text/javascript 2606:4700::6810:a010
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://static.getclicky.com/js
Requested by: Host: ventlogos.com.br
URL: https://ventlogos.com.br/tmp/banco.bradesco/html/classic/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:a010 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: eaf0fdaf39995776ab355a621c66e0ba2da52f8f3a55b1b859eeb8eab2ca644b

Request headers

Referer: https://ventlogos.com.br/tmp/banco.bradesco/html/classic/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 27 Nov 2019 20:55:54 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 509373
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript; charset=utf-8
status: 200
cache-control: max-age=604800
cf-ray: 53c701743dfccbb0-VIE
x-proxy-cache: HIT
expires: Thu, 28 Nov 2019 23:26:21 GMT

GET
H/1.1 200
OK normalisec069.css
ventlogos.com.br/tmp/banco.bradesco/html/classic/css/ 3 KB
1 KB 249ms
248ms Stylesheet
text/css 187.17.111.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://ventlogos.com.br/tmp/banco.bradesco/html/classic/css/normalisec069.css?v=114
Requested by: Host: ventlogos.com.br
URL: https://ventlogos.com.br/tmp/banco.bradesco/html/classic/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 187.17.111.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
Software: Apache /
Resource Hash: 0af15537afcc47a198c4123f1f3cc784a09872307c7b2e448c35a49e45dddc40

Request headers

Referer: https://ventlogos.com.br/tmp/banco.bradesco/html/classic/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 27 Nov 2019 20:55:54 GMT
Content-Encoding: gzip
Last-Modified: Thu, 21 Nov 2019 23:31:18 GMT
Server: Apache
ETag: W/"a39-597e3b1afc4c8"
X-Cache-Status: BYPASS
Transfer-Encoding: chunked
Content-Type: text/css
X-App-Status: 1
Connection: keep-alive

GET
H/1.1 200
OK animatec069.css
ventlogos.com.br/tmp/banco.bradesco/html/classic/css/ 55 KB
6 KB 502ms
252ms Stylesheet
text/css 187.17.111.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://ventlogos.com.br/tmp/banco.bradesco/html/classic/css/animatec069.css?v=114
Requested by: Host: ventlogos.com.br
URL: https://ventlogos.com.br/tmp/banco.bradesco/html/classic/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 187.17.111.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
Software: Apache /
Resource Hash: ff7d6101211ebf67dc06ba7e34211a56cb83b6f1375387af2a2f73d66a5d22ad

Request headers

Referer: https://ventlogos.com.br/tmp/banco.bradesco/html/classic/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 27 Nov 2019 20:55:54 GMT
Content-Encoding: gzip
Last-Modified: Thu, 21 Nov 2019 23:31:17 GMT
Server: Apache
ETag: W/"dafd-597e3b1af9918"
X-Cache-Status: BYPASS
Transfer-Encoding: chunked
Content-Type: text/css
X-App-Status: 1
Connection: keep-alive

GET
H/1.1 200
OK bootstrap.minc069.css
ventlogos.com.br/tmp/banco.bradesco/html/classic/css/ 141 KB
28 KB 1015ms
530ms Stylesheet
text/css 187.17.111.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://ventlogos.com.br/tmp/banco.bradesco/html/classic/css/bootstrap.minc069.css?v=114
Requested by: Host: ventlogos.com.br
URL: https://ventlogos.com.br/tmp/banco.bradesco/html/classic/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 187.17.111.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
Software: Apache /
Resource Hash: 2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d

Request headers

Referer: https://ventlogos.com.br/tmp/banco.bradesco/html/classic/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 27 Nov 2019 20:55:54 GMT
Content-Encoding: gzip
Last-Modified: Thu, 21 Nov 2019 23:31:18 GMT
Server: Apache
ETag: W/"235ed-597e3b1afae2c"
X-Cache-Status: BYPASS
Transfer-Encoding: chunked
Content-Type: text/css
X-App-Status: 1
Connection: keep-alive

GET
H/1.1 200
OK stylec069.css
ventlogos.com.br/tmp/banco.bradesco/html/classic/css/ 13 KB
4 KB 820ms
328ms Stylesheet
text/css 187.17.111.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://ventlogos.com.br/tmp/banco.bradesco/html/classic/css/stylec069.css?v=114
Requested by: Host: ventlogos.com.br
URL: https://ventlogos.com.br/tmp/banco.bradesco/html/classic/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 187.17.111.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
Software: Apache /
Resource Hash: c5ea8fb7758aecffa941d0515840f8b7c545819cc079815dec1c4e35a91bb588

Request headers

Referer: https://ventlogos.com.br/tmp/banco.bradesco/html/classic/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 27 Nov 2019 20:55:54 GMT
Content-Encoding: gzip
Last-Modified: Thu, 21 Nov 2019 23:31:18 GMT
Server: Apache
ETag: W/"3243-597e3b1afd92a"
X-Cache-Status: BYPASS
Transfer-Encoding: chunked
Content-Type: text/css
X-App-Status: 1
Connection: keep-alive

GET
H/1.1 200
OK standardc069.css
ventlogos.com.br/tmp/banco.bradesco/html/classic/css/ 8 KB
3 KB 781ms
289ms Stylesheet
text/css 187.17.111.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://ventlogos.com.br/tmp/banco.bradesco/html/classic/css/standardc069.css?v=114
Requested by: Host: ventlogos.com.br
URL: https://ventlogos.com.br/tmp/banco.bradesco/html/classic/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 187.17.111.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
Software: Apache /
Resource Hash: 918ba7861547d3b0c0ca2b8395a30eae076eced2c1b185a92252359f213ecb7a

Request headers

Referer: https://ventlogos.com.br/tmp/banco.bradesco/html/classic/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 27 Nov 2019 20:55:54 GMT
Content-Encoding: gzip
Last-Modified: Thu, 21 Nov 2019 23:31:18 GMT
Server: Apache
ETag: W/"1fe1-597e3b1afccff"
X-Cache-Status: BYPASS
Transfer-Encoding: chunked
Content-Type: text/css
X-App-Status: 1
Connection: keep-alive

GET
H/1.1 200
OK modernizrc069.js Show response
ventlogos.com.br/tmp/banco.bradesco/html/classic/js/ 15 KB
7 KB 860ms
364ms Script
application/javascript 187.17.111.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://ventlogos.com.br/tmp/banco.bradesco/html/classic/js/modernizrc069.js?v=114
Requested by: Host: ventlogos.com.br
URL: https://ventlogos.com.br/tmp/banco.bradesco/html/classic/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 187.17.111.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
Software: Apache /
Resource Hash: 7e26ca2fd58d9878a3754800828a0b4a1af34f747c19c7d48ff1add55b1759c3

Request headers

Referer: https://ventlogos.com.br/tmp/banco.bradesco/html/classic/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 27 Nov 2019 20:55:54 GMT
Content-Encoding: gzip
Last-Modified: Thu, 21 Nov 2019 23:31:19 GMT
Server: Apache
ETag: W/"3b92-597e3b1c0b345"
X-Cache-Status: BYPASS
Transfer-Encoding: chunked
Content-Type: application/javascript
X-App-Status: 1
Connection: keep-alive

GET
H/1.1 200
OK logo-mobile.png
ventlogos.com.br/tmp/banco.bradesco/html/classic/img/ 2 KB
2 KB 529ms
250ms Image
image/png 187.17.111.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ventlogos.com.br/tmp/banco.bradesco/html/classic/img/logo-mobile.png
Requested by: Host: ventlogos.com.br
URL: https://ventlogos.com.br/tmp/banco.bradesco/html/classic/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 187.17.111.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
Software: nginx /
Resource Hash: 65c0136d95a0ee5ce87e547c510a0cde09bdc53a992cb4c60b00fec5cdde6340

Request headers

Referer: https://ventlogos.com.br/tmp/banco.bradesco/html/classic/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 27 Nov 2019 20:55:55 GMT
Last-Modified: Thu, 21 Nov 2019 23:31:19 GMT
Server: nginx
ETag: "762-597e3b1bfe48f"
X-Cache-Status: HIT
Content-Type: image/png
X-App-Status: 1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1890

GET
H/1.1 200
OK jquery.minc069.js Show response
ventlogos.com.br/tmp/banco.bradesco/html/classic/js/ 95 KB
39 KB 865ms
611ms Script
application/javascript 187.17.111.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://ventlogos.com.br/tmp/banco.bradesco/html/classic/js/jquery.minc069.js?v=114
Requested by: Host: ventlogos.com.br
URL: https://ventlogos.com.br/tmp/banco.bradesco/html/classic/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 187.17.111.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
Software: Apache /
Resource Hash: 3ae5d8b5a2806b811378107313b19f0b05baae4b2bbe85e19e9cd223391a0fe3

Request headers

Referer: https://ventlogos.com.br/tmp/banco.bradesco/html/classic/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 27 Nov 2019 20:55:54 GMT
Content-Encoding: gzip
Last-Modified: Thu, 21 Nov 2019 23:31:19 GMT
Server: Apache
ETag: W/"17b8e-597e3b1c09ce3"
X-Cache-Status: BYPASS
Transfer-Encoding: chunked
Content-Type: application/javascript
X-App-Status: 1
Connection: keep-alive

GET
H/1.1 200
OK bootstrap.minc069.js Show response
ventlogos.com.br/tmp/banco.bradesco/html/classic/js/ 48 KB
16 KB 501ms
501ms Script
application/javascript 187.17.111.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://ventlogos.com.br/tmp/banco.bradesco/html/classic/js/bootstrap.minc069.js?v=114
Requested by: Host: ventlogos.com.br
URL: https://ventlogos.com.br/tmp/banco.bradesco/html/classic/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 187.17.111.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
Software: Apache /
Resource Hash: e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

Request headers

Referer: https://ventlogos.com.br/tmp/banco.bradesco/html/classic/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 27 Nov 2019 20:55:55 GMT
Content-Encoding: gzip
Last-Modified: Thu, 21 Nov 2019 23:31:19 GMT
Server: Apache
ETag: W/"bf30-597e3b1c0810b"
X-Cache-Status: BYPASS
Transfer-Encoding: chunked
Content-Type: application/javascript
X-App-Status: 1
Connection: keep-alive

GET
H/1.1 200
OK functionsc069.js Show response
ventlogos.com.br/tmp/banco.bradesco/html/classic/js/ 3 KB
1 KB 251ms
250ms Script
application/javascript 187.17.111.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://ventlogos.com.br/tmp/banco.bradesco/html/classic/js/functionsc069.js?v=114
Requested by: Host: ventlogos.com.br
URL: https://ventlogos.com.br/tmp/banco.bradesco/html/classic/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 187.17.111.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
Software: Apache /
Resource Hash: fc8ca0b4d8c5b82505b00b1be4088835c18059ad3e6c36666440f48377513120

Request headers

Referer: https://ventlogos.com.br/tmp/banco.bradesco/html/classic/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 27 Nov 2019 20:55:55 GMT
Content-Encoding: gzip
Last-Modified: Thu, 21 Nov 2019 23:31:19 GMT
Server: Apache
ETag: W/"bc2-597e3b1c08bfa"
X-Cache-Status: BYPASS
Transfer-Encoding: chunked
Content-Type: application/javascript
X-App-Status: 1
Connection: keep-alive

GET
H/1.1 200
OK mainc069.js Show response
ventlogos.com.br/tmp/banco.bradesco/html/classic/js/ 2 KB
1 KB 272ms
272ms Script
application/javascript 187.17.111.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://ventlogos.com.br/tmp/banco.bradesco/html/classic/js/mainc069.js?v=114
Requested by: Host: ventlogos.com.br
URL: https://ventlogos.com.br/tmp/banco.bradesco/html/classic/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 187.17.111.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
Software: Apache /
Resource Hash: 36f735b02fbc2b69e49e05c7322524e867c2a9053c5709508b885e5cbdb49cc5

Request headers

Referer: https://ventlogos.com.br/tmp/banco.bradesco/html/classic/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 27 Nov 2019 20:55:55 GMT
Content-Encoding: gzip
Last-Modified: Thu, 21 Nov 2019 23:31:19 GMT
Server: Apache
ETag: W/"8ca-597e3b1c0a7e8"
X-Cache-Status: BYPASS
Transfer-Encoding: chunked
Content-Type: application/javascript
X-App-Status: 1
Connection: keep-alive

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 73 KB
27 KB 39ms
39ms Script
application/javascript 2a00:1450:4001:81b::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-137961888-1

Requested by

Host: ventlogos.com.br
URL: https://ventlogos.com.br/tmp/banco.bradesco/html/classic/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

05b2853106314485a0a1b58957f5792ad8b50d34918fd27043c17d9f8e7d6df1

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ventlogos.com.br/tmp/banco.bradesco/html/classic/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 27 Nov 2019 20:55:55 GMT
content-encoding: br
last-modified: Wed, 27 Nov 2019 18:00:00 GMT
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 27667
x-xss-protection: 0
expires: Wed, 27 Nov 2019 20:55:55 GMT

GET
H2 200 in.php Show response
in.getclicky.com/ 63 B
375 B 452ms
153ms Script
text/javascript 198.145.13.14
Infinity Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://in.getclicky.com/in.php?site_id=101222892&type=pageview&href=%2Ftmp%2Fbanco.bradesco%2Fhtml%2Fclassic%2F&title=Componente%20de%20Seguran%C3%A7a%20Bradesco&res=1600x1200&lang=en&jsuid=500669388&mime=js&x=0.4265218985677115
Requested by: Host: static.getclicky.com
URL: https://static.getclicky.com/js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.145.13.14 , United States, ASN2044 (IINET-2044 - Infinity Internet, Inc., US),
Reverse DNS: getclicky.com
Software: nginx /
Resource Hash: 711ef32c301e5348481682e2a9618215f6964bf1a5c1dec268a10ef39c50793f

Request headers

Referer: https://ventlogos.com.br/tmp/banco.bradesco/html/classic/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 27 Nov 2019 20:55:55 GMT
content-encoding: gzip
server: nginx
access-control-allow-origin: *
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript; charset=utf-8
status: 200
cache-control: no-cache, must-revalidate, post-check=0, pre-check=0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK bgr_topo.jpg
ventlogos.com.br/tmp/banco.bradesco/html/classic/img/ 393 B
668 B 251ms
251ms Image
image/jpeg 187.17.111.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ventlogos.com.br/tmp/banco.bradesco/html/classic/img/bgr_topo.jpg
Requested by: Host: ventlogos.com.br
URL: https://ventlogos.com.br/tmp/banco.bradesco/html/classic/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 187.17.111.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
Software: nginx /
Resource Hash: cbd676888aae1a7d5af33445b41565ea329d663004528b59b467b053691af885

Request headers

Referer: https://ventlogos.com.br/tmp/banco.bradesco/html/classic/css/stylec069.css?v=114
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 27 Nov 2019 20:55:55 GMT
Last-Modified: Thu, 21 Nov 2019 23:31:19 GMT
Server: nginx
ETag: "189-597e3b1bf4d71"
X-Cache-Status: HIT
Content-Type: image/jpeg
X-App-Status: 1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 393

GET
H/1.1 200
OK logo.png
ventlogos.com.br/tmp/banco.bradesco/html/classic/img/ 38 KB
39 KB 774ms
503ms Image
image/png 187.17.111.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ventlogos.com.br/tmp/banco.bradesco/html/classic/img/logo.png
Requested by: Host: ventlogos.com.br
URL: https://ventlogos.com.br/tmp/banco.bradesco/html/classic/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 187.17.111.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
Software: nginx /
Resource Hash: 0abfdde0eb3ac592bd0d11636e15d83900fc06575c54fb8ae4e9a8dc7475acc9

Request headers

Referer: https://ventlogos.com.br/tmp/banco.bradesco/html/classic/css/stylec069.css?v=114
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 27 Nov 2019 20:55:55 GMT
Last-Modified: Thu, 21 Nov 2019 23:31:19 GMT
Server: nginx
ETag: "997f-597e3b1bff68e"
X-Cache-Status: HIT
Content-Type: image/png
X-App-Status: 1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 39295

GET
H/1.1 200
OK bto_avancar.gif
ventlogos.com.br/tmp/banco.bradesco/html/classic/img/ 2 KB
2 KB 506ms
261ms Image
image/gif 187.17.111.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ventlogos.com.br/tmp/banco.bradesco/html/classic/img/bto_avancar.gif
Requested by: Host: ventlogos.com.br
URL: https://ventlogos.com.br/tmp/banco.bradesco/html/classic/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 187.17.111.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
Software: nginx /
Resource Hash: 594aac4e9a473f489ca997549591a62dfa079266b641002674df5f9af9538204

Request headers

Referer: https://ventlogos.com.br/tmp/banco.bradesco/html/classic/css/stylec069.css?v=114
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 27 Nov 2019 20:55:55 GMT
Last-Modified: Thu, 21 Nov 2019 23:31:19 GMT
Server: nginx
ETag: "86a-597e3b1bf96a8"
X-Cache-Status: HIT
Content-Type: image/gif
X-App-Status: 1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2154

GET
H/1.1 200
OK ico-alert-y.gif
ventlogos.com.br/tmp/banco.bradesco/html/classic/img/ 803 B
1 KB 488ms
245ms Image
image/gif 187.17.111.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ventlogos.com.br/tmp/banco.bradesco/html/classic/img/ico-alert-y.gif
Requested by: Host: ventlogos.com.br
URL: https://ventlogos.com.br/tmp/banco.bradesco/html/classic/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 187.17.111.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
Software: nginx /
Resource Hash: e759f6dadfa02dd96a2e96ca54ba7c67e8eb6bbda116ee5197a84d998bfd519e

Request headers

Referer: https://ventlogos.com.br/tmp/banco.bradesco/html/classic/css/stylec069.css?v=114
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 27 Nov 2019 20:55:55 GMT
Last-Modified: Thu, 21 Nov 2019 23:31:19 GMT
Server: nginx
ETag: "323-597e3b1bfb2df"
X-Cache-Status: HIT
Content-Type: image/gif
X-App-Status: 1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 803

GET
H/1.1 200
OK bgr_rodape.jpg
ventlogos.com.br/tmp/banco.bradesco/html/classic/img/ 306 B
581 B 431ms
271ms Image
image/jpeg 187.17.111.47
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ventlogos.com.br/tmp/banco.bradesco/html/classic/img/bgr_rodape.jpg
Requested by: Host: ventlogos.com.br
URL: https://ventlogos.com.br/tmp/banco.bradesco/html/classic/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 187.17.111.47 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
Software: nginx /
Resource Hash: a1ef173174792370228fe39d0be016e05cd08f5c567c19aab63a1e6899edfd84

Request headers

Referer: https://ventlogos.com.br/tmp/banco.bradesco/html/classic/css/stylec069.css?v=114
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 27 Nov 2019 20:55:55 GMT
Last-Modified: Thu, 21 Nov 2019 23:31:19 GMT
Server: nginx
ETag: "132-597e3b1bf462f"
X-Cache-Status: HIT
Content-Type: image/jpeg
X-App-Status: 1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 306

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-137961888-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ventlogos.com.br/tmp/banco.bradesco/html/classic/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 1338
date: Wed, 27 Nov 2019 20:33:37 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Wed, 27 Nov 2019 22:33:37 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
101 B 17ms
17ms Image
image/gif 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1941619286&t=pageview&_s=1&dl=https%3A%2F%2Fventlogos.com.br%2Ftmp%2Fbanco.bradesco%2Fhtml%2Fclassic%2F&ul=en-us&de=UTF-8&dt=Componente%20de%20Seguran%C3%A7a%20Bradesco&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=515445595&gjid=1773130505&cid=375006358.1574888156&tid=UA-137961888-1&_gid=1318344681.1574888156&_r=1&gtm=2ouav9&z=703851490

Requested by

Host: ventlogos.com.br
URL: https://ventlogos.com.br/tmp/banco.bradesco/html/classic/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ventlogos.com.br/tmp/banco.bradesco/html/classic/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Nov 2019 20:55:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banco Bradesco (Banking)

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ventlogos.com.br/	1970-01-19 05:28:08	Name: _gat_gtag_UA_137961888_1 Value: 1
.ventlogos.com.br/	1970-01-19 05:29:34	Name: _gid Value: GA1.3.1318344681.1574888156
.ventlogos.com.br/	1970-01-19 22:59:20	Name: _ga Value: GA1.3.375006358.1574888156

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

in.getclicky.com
static.getclicky.com
twixar.me
ventlogos.com.br
www.google-analytics.com
www.googletagmanager.com
187.17.111.47
198.145.13.14
2606:4700::6810:a010
2a00:1450:4001:808::200e
2a00:1450:4001:81b::2008
52.4.183.65
05b2853106314485a0a1b58957f5792ad8b50d34918fd27043c17d9f8e7d6df1
0abfdde0eb3ac592bd0d11636e15d83900fc06575c54fb8ae4e9a8dc7475acc9
0af15537afcc47a198c4123f1f3cc784a09872307c7b2e448c35a49e45dddc40
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
36f735b02fbc2b69e49e05c7322524e867c2a9053c5709508b885e5cbdb49cc5
3ae5d8b5a2806b811378107313b19f0b05baae4b2bbe85e19e9cd223391a0fe3
594aac4e9a473f489ca997549591a62dfa079266b641002674df5f9af9538204
65c0136d95a0ee5ce87e547c510a0cde09bdc53a992cb4c60b00fec5cdde6340
711ef32c301e5348481682e2a9618215f6964bf1a5c1dec268a10ef39c50793f
7e26ca2fd58d9878a3754800828a0b4a1af34f747c19c7d48ff1add55b1759c3
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
918ba7861547d3b0c0ca2b8395a30eae076eced2c1b185a92252359f213ecb7a
a1ef173174792370228fe39d0be016e05cd08f5c567c19aab63a1e6899edfd84
acfd841123eea81b9763424105f2b77fba1423b0c6bd45fd21f41618936c80a6
c5ea8fb7758aecffa941d0515840f8b7c545819cc079815dec1c4e35a91bb588
cbd676888aae1a7d5af33445b41565ea329d663004528b59b467b053691af885
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e759f6dadfa02dd96a2e96ca54ba7c67e8eb6bbda116ee5197a84d998bfd519e
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
eaf0fdaf39995776ab355a621c66e0ba2da52f8f3a55b1b859eeb8eab2ca644b
fc8ca0b4d8c5b82505b00b1be4088835c18059ad3e6c36666440f48377513120
ff7d6101211ebf67dc06ba7e34211a56cb83b6f1375387af2a2f73d66a5d22ad

ventlogos.com.br Open in urlscan Pro 187.17.111.47 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

22 Requests

100 %HTTPS

50 %IPv6

5 Domains

6 Subdomains

5 IPs

3 Countries

206 kBTransfer

570 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

37 JavaScript Global Variables

3 Cookies

Indicators

ventlogos.com.br Open in urlscan Pro
187.17.111.47 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

100 %
HTTPS

50 %
IPv6

5
Domains

6
Subdomains

5
IPs

3
Countries

206 kB
Transfer

570 kB
Size

3
Cookies

22 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!