www.cnstilimoveis.com.br Open in urlscan Pro
104.28.24.117 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.cnstilimoveis.com.br/BOA/ban/
Submission: On May 09 via automatic, source openphish (May 9th 2018, 7:44:37 pm UTC)

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 1 countries across 1 domains to perform 12 HTTP transactions. The main IP is 104.28.24.117, located in San Francisco, United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is www.cnstilimoveis.com.br.

This is the only time www.cnstilimoveis.com.br was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Bank of America (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 6	104.28.24.117 104.28.24.117	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 4	104.28.25.117 104.28.25.117	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	192.185.216.14 192.185.216.14	20013 (CYRUSONE) (CYRUSONE - CyrusOne LLC)
12	4

6 104.28.24.117 (San Francisco, United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.cnstilimoveis.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.28.25.117 (San Francisco, United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.cnstilimoveis.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.185.216.14 (Houston, United States)

ASN20013 (CYRUSONE - CyrusOne LLC, US)
PTR: srv18-ip11.prodns.com.br

cnstilimoveis.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	cnstilimoveis.com.br 2 redirects www.cnstilimoveis.com.br cnstilimoveis.com.br	151 KB
12	1

	Domain	Requested by
10	www.cnstilimoveis.com.br	2 redirects www.cnstilimoveis.com.br
2	cnstilimoveis.com.br	www.cnstilimoveis.com.br
12	2

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://www.cnstilimoveis.com.br/BOA/ban/
Frame ID: 72F4E98F18955F84D8E48015B5E125DF
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /cloudflare/i

Page Statistics

12
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

4
IPs

1
Countries

150 kB
Transfer

222 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://www.cnstilimoveis.com.br/BOA/ban/files/pbi-homepagetaggingjawr.js HTTP 301
http://cnstilimoveis.com.br/BOA/ban/files/pbi-homepagetaggingjawr.js

Request Chain 8

http://www.cnstilimoveis.com.br/BOA/ban/files/pbi-homepagebottomjawr.js HTTP 301
http://cnstilimoveis.com.br/BOA/ban/files/pbi-homepagebottomjawr.js

12 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set / Show response www.cnstilimoveis.com.br/BOA/ban/	64 KB 14 KB	294ms 294ms	Document text/html	104.28.24.117 Cloudflare
General Check archive.org Show headers Download Go to Full URL http://www.cnstilimoveis.com.br/BOA/ban/ Protocol HTTP/1.1 Server 104.28.24.117 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `2e5a751ef3ec91644d5dcb6535c3f3e75e4b4bfd8063bea9d8bdfae30ca3cb5c` Request headers Host www.cnstilimoveis.com.br Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 X-DevTools-Emulate-Network-Conditions-Client-Id 72F4E98F18955F84D8E48015B5E125DF Response headers Date Wed, 09 May 2018 19:44:05 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive Set-Cookie __cfduid=d66b3d8111c2698c3abfc93f6b7338fbf1525895044; expires=Thu, 09-May-19 19:44:04 GMT; path=/; domain=.cnstilimoveis.com.br; HttpOnly Last-Modified Sat, 25 Jan 2014 11:16:56 GMT Server cloudflare CF-RAY 4186a89ee38e9bf3-AMS Content-Encoding gzip
GET H/1.1	404 Not Found	pbi-homepagetaggingjawr.js cnstilimoveis.com.br/BOA/ban/files/ Redirect Chain http://www.cnstilimoveis.com.br/BOA/ban/files/pbi-homepagetaggingjawr.js http://cnstilimoveis.com.br/BOA/ban/files/pbi-homepagetaggingjawr.js	0 0	15576ms 15447ms	Script text/html	192.185.216.14 CyrusOne LLC
General Check archive.org Show headers Download Go to Full URL http://cnstilimoveis.com.br/BOA/ban/files/pbi-homepagetaggingjawr.js Requested by Host: www.cnstilimoveis.com.br URL: http://www.cnstilimoveis.com.br/BOA/ban/ Protocol HTTP/1.1 Server 192.185.216.14 Houston, United States, ASN20013 (CYRUSONE - CyrusOne LLC, US), Reverse DNS srv18-ip11.prodns.com.br Software nginx/1.12.2 / Resource Hash Request headers Pragma no-cache Accept-Encoding gzip, deflate Host cnstilimoveis.com.br User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Accept / Referer http://www.cnstilimoveis.com.br/BOA/ban/ Connection keep-alive Cache-Control no-cache Referer http://www.cnstilimoveis.com.br/BOA/ban/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers Date Wed, 09 May 2018 19:44:32 GMT Content-Encoding gzip Server nginx/1.12.2 Vary Accept-Encoding,Cookie Content-Type text/html; charset=UTF-8 Cache-Control no-cache, must-revalidate, max-age=0 Transfer-Encoding chunked Connection keep-alive Link <http://cnstilimoveis.com.br/wp-json/>; rel="https://api.w.org/" Expires Wed, 11 Jan 1984 05:00:00 GMT Redirect headers Date Wed, 09 May 2018 19:44:17 GMT CF-Cache-Status MISS Server cloudflare Vary Accept-Encoding,Cookie Content-Type text/html; charset=UTF-8 Location http://cnstilimoveis.com.br/BOA/ban/files/pbi-homepagetaggingjawr.js Cache-Control no-cache, must-revalidate, max-age=0 Transfer-Encoding chunked Connection keep-alive CF-RAY 4186a8a0d2f42bca-AMS Expires Wed, 11 Jan 1984 05:00:00 GMT
GET H/1.1	200 OK	pbi-homepagejawr.css www.cnstilimoveis.com.br/BOA/ban/files/	33 KB 8 KB	15ms 14ms	Stylesheet text/css	104.28.24.117 Cloudflare
General Check archive.org Show headers Download Go to Full URL http://www.cnstilimoveis.com.br/BOA/ban/files/pbi-homepagejawr.css Requested by Host: www.cnstilimoveis.com.br URL: http://www.cnstilimoveis.com.br/BOA/ban/ Protocol HTTP/1.1 Server 104.28.24.117 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `7d7892e9e929d130087595900ef45570317894a8b018e91cafe58febabc93c1d` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.cnstilimoveis.com.br User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Accept text/css,/;q=0.1 Referer http://www.cnstilimoveis.com.br/BOA/ban/ Cookie __cfduid=d66b3d8111c2698c3abfc93f6b7338fbf1525895044 Connection keep-alive Cache-Control no-cache Referer http://www.cnstilimoveis.com.br/BOA/ban/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers Date Wed, 09 May 2018 19:44:05 GMT Content-Encoding gzip CF-Cache-Status HIT Last-Modified Sat, 05 Oct 2013 00:50:16 GMT Server cloudflare Vary Accept-Encoding Content-Type text/css Cache-Control public, max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 4186a8a0d45f9bcf-AMS Expires Wed, 09 May 2018 23:44:05 GMT
GET H/1.1	200 OK	bac_reg_logo_tmp_250X69.gif www.cnstilimoveis.com.br/BOA/ban/files/	4 KB 4 KB	15ms 15ms	Image image/gif	104.28.24.117 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL http://www.cnstilimoveis.com.br/BOA/ban/files/bac_reg_logo_tmp_250X69.gif Requested by Host: www.cnstilimoveis.com.br URL: http://www.cnstilimoveis.com.br/BOA/ban/ Protocol HTTP/1.1 Server 104.28.24.117 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `0509ef5fb3dad7001f5095ebe63933dff0e0d113045e696ed16ff46ce5af8c72` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.cnstilimoveis.com.br User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://www.cnstilimoveis.com.br/BOA/ban/ Cookie __cfduid=d66b3d8111c2698c3abfc93f6b7338fbf1525895044 Connection keep-alive Cache-Control no-cache Referer http://www.cnstilimoveis.com.br/BOA/ban/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers Date Wed, 09 May 2018 19:44:05 GMT CF-Cache-Status HIT Last-Modified Fri, 04 Oct 2013 05:00:32 GMT Server cloudflare Vary Accept-Encoding Content-Type image/gif Cache-Control public, max-age=14400 Connection keep-alive Accept-Ranges bytes CF-RAY 4186a8a0f46f9bcf-AMS Content-Length 3596 Expires Wed, 09 May 2018 23:44:05 GMT
GET H/1.1	200 OK	signin.jpg www.cnstilimoveis.com.br/BOA/ban/	2 KB 2 KB	15ms 15ms	Image image/jpeg	104.28.24.117 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL http://www.cnstilimoveis.com.br/BOA/ban/signin.jpg Requested by Host: www.cnstilimoveis.com.br URL: http://www.cnstilimoveis.com.br/BOA/ban/ Protocol HTTP/1.1 Server 104.28.24.117 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `4a2e7bb59d0ba31124480f60544b843ae6cde428dc6512b63e5a9885ff3ee401` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.cnstilimoveis.com.br User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://www.cnstilimoveis.com.br/BOA/ban/ Cookie __cfduid=d66b3d8111c2698c3abfc93f6b7338fbf1525895044 Connection keep-alive Cache-Control no-cache Referer http://www.cnstilimoveis.com.br/BOA/ban/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers Date Wed, 09 May 2018 19:44:05 GMT CF-Cache-Status HIT Last-Modified Sat, 02 Nov 2013 13:28:22 GMT Server cloudflare Vary Accept-Encoding Content-Type image/jpeg Cache-Control public, max-age=14400 Connection keep-alive Accept-Ranges bytes CF-RAY 4186a8a104809bcf-AMS Content-Length 2043 Expires Wed, 09 May 2018 23:44:05 GMT
GET H/1.1	200 OK	hm_cr-redbar_arc00c23-s.jpg www.cnstilimoveis.com.br/BOA/ban/files/	101 KB 102 KB	17ms 16ms	Image image/jpeg	104.28.24.117 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL http://www.cnstilimoveis.com.br/BOA/ban/files/hm_cr-redbar_arc00c23-s.jpg Requested by Host: www.cnstilimoveis.com.br URL: http://www.cnstilimoveis.com.br/BOA/ban/ Protocol HTTP/1.1 Server 104.28.24.117 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `7aab82ae6f2ba3ba10e919c311432416141d19f9bf52820c4a51dd26211ea613` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.cnstilimoveis.com.br User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://www.cnstilimoveis.com.br/BOA/ban/ Cookie __cfduid=d66b3d8111c2698c3abfc93f6b7338fbf1525895044 Connection keep-alive Cache-Control no-cache Referer http://www.cnstilimoveis.com.br/BOA/ban/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers Date Wed, 09 May 2018 19:44:05 GMT CF-Cache-Status HIT Last-Modified Sat, 05 Oct 2013 00:50:16 GMT Server cloudflare Vary Accept-Encoding Content-Type image/jpeg Cache-Control public, max-age=14400 Connection keep-alive Accept-Ranges bytes CF-RAY 4186a8a1248f9bcf-AMS Content-Length 103870 Expires Wed, 09 May 2018 23:44:05 GMT
GET H/1.1	200 OK	Cookie set me_sc_6.gif www.cnstilimoveis.com.br/BOA/ban/files/	5 KB 5 KB	97ms 96ms	Image image/gif	104.28.25.117 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL http://www.cnstilimoveis.com.br/BOA/ban/files/me_sc_6.gif Requested by Host: www.cnstilimoveis.com.br URL: http://www.cnstilimoveis.com.br/BOA/ban/ Protocol HTTP/1.1 Server 104.28.25.117 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `b49ee1551c59e3d8441dba8de6d7227a07112ab925651b0199c6e91904eb0cc9` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.cnstilimoveis.com.br User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://www.cnstilimoveis.com.br/BOA/ban/ Connection keep-alive Cache-Control no-cache Referer http://www.cnstilimoveis.com.br/BOA/ban/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers Date Wed, 09 May 2018 19:44:29 GMT CF-Cache-Status HIT Last-Modified Sat, 05 Oct 2013 00:50:16 GMT Server cloudflare Vary Accept-Encoding Content-Type image/gif Set-Cookie __cfduid=dec6cbe4f171e2447fd30e4a9144706821525895069; expires=Thu, 09-May-19 19:44:29 GMT; path=/; domain=.cnstilimoveis.com.br; HttpOnly Cache-Control public, max-age=14400 Connection keep-alive Accept-Ranges bytes CF-RAY 4186a93b10b82bca-AMS Content-Length 4920 Expires Wed, 09 May 2018 23:44:29 GMT
GET H/1.1	200 OK	sc_bbrq3-champion_are40fc3_s.gif www.cnstilimoveis.com.br/BOA/ban/files/	7 KB 8 KB	14ms 14ms	Image image/gif	104.28.25.117 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL http://www.cnstilimoveis.com.br/BOA/ban/files/sc_bbrq3-champion_are40fc3_s.gif Requested by Host: www.cnstilimoveis.com.br URL: http://www.cnstilimoveis.com.br/BOA/ban/ Protocol HTTP/1.1 Server 104.28.25.117 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `3a8339945421bb9f81ccb3ae1f128bf15b5d0620ef09bc845d8cd83f7d620fa7` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.cnstilimoveis.com.br User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://www.cnstilimoveis.com.br/BOA/ban/ Cookie __cfduid=dec6cbe4f171e2447fd30e4a9144706821525895069 Connection keep-alive Cache-Control no-cache Referer http://www.cnstilimoveis.com.br/BOA/ban/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers Date Wed, 09 May 2018 19:44:29 GMT CF-Cache-Status HIT Last-Modified Sat, 05 Oct 2013 00:50:16 GMT Server cloudflare Vary Accept-Encoding Content-Type image/gif Cache-Control public, max-age=14400 Connection keep-alive Accept-Ranges bytes CF-RAY 4186a93b40ca2bca-AMS Content-Length 7562 Expires Wed, 09 May 2018 23:44:29 GMT
GET H/1.1	200 OK	sc_tyga_are78d21_s.gif www.cnstilimoveis.com.br/BOA/ban/files/	6 KB 7 KB	15ms 15ms	Image image/gif	104.28.25.117 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL http://www.cnstilimoveis.com.br/BOA/ban/files/sc_tyga_are78d21_s.gif Requested by Host: www.cnstilimoveis.com.br URL: http://www.cnstilimoveis.com.br/BOA/ban/ Protocol HTTP/1.1 Server 104.28.25.117 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `4d20c044cf4dcd4bc21bc6f51198912763e4448ab9b33e349ad3bb2c795a8063` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.cnstilimoveis.com.br User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://www.cnstilimoveis.com.br/BOA/ban/ Cookie __cfduid=dec6cbe4f171e2447fd30e4a9144706821525895069 Connection keep-alive Cache-Control no-cache Referer http://www.cnstilimoveis.com.br/BOA/ban/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers Date Wed, 09 May 2018 19:44:29 GMT CF-Cache-Status HIT Last-Modified Sat, 05 Oct 2013 00:50:16 GMT Server cloudflare Vary Accept-Encoding Content-Type image/gif Cache-Control public, max-age=14400 Connection keep-alive Accept-Ranges bytes CF-RAY 4186a93b60d82bca-AMS Content-Length 6632 Expires Wed, 09 May 2018 23:44:29 GMT
GET H/1.1	404 Not Found	pbi-homepagebottomjawr.js cnstilimoveis.com.br/BOA/ban/files/ Redirect Chain http://www.cnstilimoveis.com.br/BOA/ban/files/pbi-homepagebottomjawr.js http://cnstilimoveis.com.br/BOA/ban/files/pbi-homepagebottomjawr.js	0 0	14084ms 14084ms	Script text/html	192.185.216.14 CyrusOne LLC
General Check archive.org Show headers Download Go to Full URL http://cnstilimoveis.com.br/BOA/ban/files/pbi-homepagebottomjawr.js Requested by Host: www.cnstilimoveis.com.br URL: http://www.cnstilimoveis.com.br/BOA/ban/ Protocol HTTP/1.1 Server 192.185.216.14 Houston, United States, ASN20013 (CYRUSONE - CyrusOne LLC, US), Reverse DNS srv18-ip11.prodns.com.br Software nginx/1.12.2 / Resource Hash Request headers Pragma no-cache Accept-Encoding gzip, deflate Host cnstilimoveis.com.br User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Accept / Referer http://www.cnstilimoveis.com.br/BOA/ban/ Connection keep-alive Cache-Control no-cache Referer http://www.cnstilimoveis.com.br/BOA/ban/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers Date Wed, 09 May 2018 19:44:29 GMT Content-Encoding gzip Server nginx/1.12.2 Vary Accept-Encoding,Cookie Content-Type text/html; charset=UTF-8 Cache-Control no-cache, must-revalidate, max-age=0 Transfer-Encoding chunked Connection keep-alive Link <http://cnstilimoveis.com.br/wp-json/>; rel="https://api.w.org/" Expires Wed, 11 Jan 1984 05:00:00 GMT Redirect headers Date Wed, 09 May 2018 19:44:15 GMT CF-Cache-Status MISS Server cloudflare Vary Accept-Encoding,Cookie Content-Type text/html; charset=UTF-8 Location http://cnstilimoveis.com.br/BOA/ban/files/pbi-homepagebottomjawr.js Cache-Control no-cache, must-revalidate, max-age=0 Transfer-Encoding chunked Connection keep-alive CF-RAY 4186a8a164bb9bcf-AMS Expires Wed, 11 Jan 1984 05:00:00 GMT
GET		hp-static-sprite-v2.png www.cnstilimoveis.com.br/pa/global-assets/1.0/graphic/homepage/	0 0

GET		pbi-homepagebottomjawr.js www.cnstilimoveis.com.br/BOA/ban/files/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.cnstilimoveis.com.br
URL: http://www.cnstilimoveis.com.br/pa/global-assets/1.0/graphic/homepage/hp-static-sprite-v2.png

Domain: www.cnstilimoveis.com.br
URL: http://www.cnstilimoveis.com.br/BOA/ban/files/pbi-homepagebottomjawr.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Bank of America (Banking)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cnstilimoveis.com.br
www.cnstilimoveis.com.br
www.cnstilimoveis.com.br
104.28.24.117
104.28.25.117
192.185.216.14
0509ef5fb3dad7001f5095ebe63933dff0e0d113045e696ed16ff46ce5af8c72
2e5a751ef3ec91644d5dcb6535c3f3e75e4b4bfd8063bea9d8bdfae30ca3cb5c
3a8339945421bb9f81ccb3ae1f128bf15b5d0620ef09bc845d8cd83f7d620fa7
4a2e7bb59d0ba31124480f60544b843ae6cde428dc6512b63e5a9885ff3ee401
4d20c044cf4dcd4bc21bc6f51198912763e4448ab9b33e349ad3bb2c795a8063
7aab82ae6f2ba3ba10e919c311432416141d19f9bf52820c4a51dd26211ea613
7d7892e9e929d130087595900ef45570317894a8b018e91cafe58febabc93c1d
b49ee1551c59e3d8441dba8de6d7227a07112ab925651b0199c6e91904eb0cc9

www.cnstilimoveis.com.br Open in urlscan Pro 104.28.24.117 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

12 Requests

0 %HTTPS

0 %IPv6

1 Domains

2 Subdomains

4 IPs

1 Countries

150 kBTransfer

222 kBSize

0 Cookies

0 Outgoing links

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

0 Cookies

Indicators

www.cnstilimoveis.com.br Open in urlscan Pro
104.28.24.117 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

4
IPs

1
Countries

150 kB
Transfer

222 kB
Size

0
Cookies

12 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!