fonefacill.com
Open in
urlscan Pro
2606:4700:3033::ac43:a76a
Malicious Activity!
Public Scan
Effective URL: https://fonefacill.com/aspx/classic/index.php?162.158.92.245&30/03/2021%2012:28:11
Submission: On March 30 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 30th 2021. Valid for: a year.
This is the only time fonefacill.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Banco Bradesco (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 216.172.172.189 216.172.172.189 | 46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1) | |
1 37 | 2606:4700:303... 2606:4700:3033::ac43:a76a | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
36 | 1 |
ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: br472-ip05.hostgator.com.br
www.ib12-banking.elevarmkt.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
37 |
fonefacill.com
1 redirects
fonefacill.com |
3 MB |
1 |
elevarmkt.com
1 redirects
www.ib12-banking.elevarmkt.com |
99 B |
36 | 2 |
Domain | Requested by | |
---|---|---|
37 | fonefacill.com |
1 redirects
fonefacill.com
|
1 | www.ib12-banking.elevarmkt.com | 1 redirects |
36 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-03-30 - 2022-03-29 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://fonefacill.com/aspx/classic/index.php?162.158.92.245&30/03/2021%2012:28:11
Frame ID: 97EAE4E827D81249462A60FDFACFF273
Requests: 36 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://www.ib12-banking.elevarmkt.com/
HTTP 301
https://fonefacill.com/aspx/ HTTP 302
https://fonefacill.com/aspx/classic/index.php?162.158.92.245&30/03/2021%2012:28:11 Page URL
Detected technologies
CloudFlare (CDN) ExpandDetected patterns
- headers server /^cloudflare$/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://www.ib12-banking.elevarmkt.com/
HTTP 301
https://fonefacill.com/aspx/ HTTP 302
https://fonefacill.com/aspx/classic/index.php?162.158.92.245&30/03/2021%2012:28:11 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
36 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
index.php
fonefacill.com/aspx/classic/ Redirect Chain
|
8 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_fonts.css
fonefacill.com/aspx/_fonts/ |
1 KB 521 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
boot.css
fonefacill.com/aspx/_styles/ |
1 KB 924 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
initial.css
fonefacill.com/aspx/_styles/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.js
fonefacill.com/aspx/_jscripts/ |
85 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jcycle.js
fonefacill.com/aspx/_jscripts/ |
52 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
d_content.js
fonefacill.com/aspx/_jscripts/ |
10 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dataVerifica.js
fonefacill.com/aspx/classic/scripts/ |
926 B 742 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hd_acesso_ib.png
fonefacill.com/aspx/_images/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sl_consignado.jpg
fonefacill.com/aspx/_images/ |
281 KB 281 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sl_investimento.jpg
fonefacill.com/aspx/_images/ |
243 KB 243 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sl_ipva2k17.jpg
fonefacill.com/aspx/_images/ |
281 KB 282 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sl_fgts.jpg
fonefacill.com/aspx/_images/ |
473 KB 474 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Bradesco_logo.png
fonefacill.com/aspx/_images/ |
28 KB 28 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mi_produtos.png
fonefacill.com/aspx/_images/ |
407 B 925 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mi_campanhas.png
fonefacill.com/aspx/_images/ |
754 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mi_acessibilidade.png
fonefacill.com/aspx/_images/ |
484 B 814 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mi_brada_logo.png
fonefacill.com/aspx/_images/ |
685 B 993 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mi_poupar.png
fonefacill.com/aspx/_images/ |
835 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mi_responsivo.png
fonefacill.com/aspx/_images/ |
244 B 579 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mi_atendimento.png
fonefacill.com/aspx/_images/ |
640 B 973 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hd_ft-recarga-celular.png
fonefacill.com/aspx/_images/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hd_ft-seguro-auto.png
fonefacill.com/aspx/_images/ |
12 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hd_ft-automatico.png
fonefacill.com/aspx/_images/ |
12 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hd_ft-portabilidade.png
fonefacill.com/aspx/_images/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dest_play-video.png
fonefacill.com/aspx/_images/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gif_home.gif
fonefacill.com/aspx/_images/ |
501 KB 502 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dest_credito.jpg
fonefacill.com/aspx/_images/ |
98 KB 99 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dest_seguro.jpg
fonefacill.com/aspx/_images/ |
39 KB 40 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dest_pe_quente.jpg
fonefacill.com/aspx/_images/ |
466 KB 467 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dest_biometria.jpg
fonefacill.com/aspx/_images/ |
300 KB 301 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ft_logo_all.png
fonefacill.com/aspx/_images/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
newjunemedium.woff2
fonefacill.com/aspx/_fonts/ |
24 KB 24 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
newjunebold.woff2
fonefacill.com/aspx/_fonts/ |
23 KB 23 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
newjuneregular.woff2
fonefacill.com/aspx/_fonts/ |
23 KB 24 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
newjunefine.woff2
fonefacill.com/aspx/_fonts/ |
24 KB 25 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Banco Bradesco (Banking)32 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| setNumber4 function| setNumber6 function| check_P4 function| checkTable function| checkTks function| checkAssina function| NextCampo function| check_FPT function| check_P6 function| check_FC function| SomenteNumero function| checkAccount function| checkCard function| data object| Hoje number| Data number| Dia number| Mes number| Ano object| NomeDia object| NomeMes0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fonefacill.com
www.ib12-banking.elevarmkt.com
216.172.172.189
2606:4700:3033::ac43:a76a
003cf85289a58c2afa637180480947b957631e299680d7e15a96806266d8c140
108d5535e882226aee12864144588793ae9fd3083f8d9762e220ed765c84e16e
1219624e65ec806de11d81897572d04384a3558a73b707f85d66e1ebfc41c2d5
131988de39a81d36ce8cb763a5db16aed9677229218cc3cb5ad2b5086a8870c1
350c781a7439f5dd5871f789233103dc19a0f83670a393eecd1c3ba47babdb9e
36a5684a0cf3e12f291a647614f3fc20c150c890868bdfdf94757f8485a1ebc0
38820b398bfc2c268aeb98ff262beccdb8e34c3e7cd0a3a7e94cea1c92fd26ec
38c8b68844c4a0c791f554971523cdc846d08837bbee8c02cde196a512fd9aa0
3d2a5c37797c5443ad24f97e0c5642248ad1cf01d78f4a9a4f7c70655c2c896e
417ae168e78e08f1d003caf98ed74f8444abfde6cad05db13ca4b29c3e1743a9
4ca413e23bb1240348ab4a67ad99e4b345642199d6655f8ee7d834694e94cef1
570ce8e08dfe28888802c5167fd85c8ea69c0570a8bfd2ea283e96b677ab5d66
59d4ec02249039fb8a901b1860a2a833ed586648c5af7e23e31cf0ed4b674aff
6411cc415707b7e6533e88458e43c3b442ec5f5e9dedefd442b212bc228b1e35
64b1b6ab8d1627dc4849b4f025553478003a555ad4cac443652a0bdca31f853b
81eeaa9ff17410c59cd73105fd7ec288ef2009f230a50bca9573bf1ed49247b8
8310588340fd3e87e9b98ae09835ff357d87836a22986e80fbdf388533943a51
8460b053e50ca69adec8ced3e2fb8b783f68627f7c8630738bb5feca8d4e2ee4
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
897791b1eb6e662aa6c693c94d66af7cb71b987646b4d8f9630d2d1ea196082a
92db8cd99e12ffa3cebef7e7dce25c7933daba492af03e2f0e7b1818fd4ba2ea
93175860a8567897eaa1302243c15b0d47c7f43207e4e1ed18cac9ac7f68ee59
9730ace2744a98dfd61f4f11fa8da7fd173da98eb23c36c40bd73e9dde544b17
9967b0e03a30387f409b3032ecca62ed58e8bbc1c66f752066cc012639bc1b52
aba7ef26aed8a83e6d45e009efd00b671f22be73daf4c9412a1bdc770bb1396a
b180f77687bbbf2248990463ce7fd8e858bf322a6fe7ba4e93a68448118a74df
ba60fde6c9e9b71112150f706d1f62cc8df811ab9e15845a991c6ba2f98b2eee
bb1d41334ef5e8138d6a31f5f3366f1e1690107d7d15663f342a639b4de14148
bbffdb0176362385be74e8cf944ddb2c7a5ca89e17c0160d78e71a681bcad0e4
c4eba37757d3d701ec52e50a62743b443f2fd7b06e4deac9f539c3c2c0dc02b9
d0f8967a92e29a98b65931cc5cab30df250eec4ba269b8f1b31e66751d7dba22
d45a8618d89c56a716108d6d18356f1a58a672ad2e44cc73e3a8cdac5fcb4edc
e4e217eb6faccd2cc80d24a62142344797890dbf4b3fa5de49ad345898c2b6ec
e64e299390ea2829e2d4c922c8a277eab0e4e648e3980ddbf2f011318ad2d57a
f06157a017a6c1bf9e38800bbf11627973bd08854c09a909d9af7bd75f9eb9e2
fbbb1063995c3187b5ebc7056ca6f744a186716ab539d7c40c5ced883c4301e8