urlscan.io logo urlscan.io
SecurityTrails logo

online.bankfab.com.studiolegalelolli.com Open in urlscan Pro
89.252.166.50  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://secure-web.cisco.com/1hXwkAD0-SY846B3ouq7JlDv8W4-lk8peJDohmeWhHOFeFQ6GMRgPs4ns6SIVXT07V8BMfzMlMNv7t_1tD3QSVjZjDOZPVDU...
Effective URL: http://online.bankfab.com.studiolegalelolli.com/PersonalBankingWeb/login/7f099518e07aa91cf3fae3755c466e5e/
Submission: On January 21 via manual from IN
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 5 countries across 5 domains to perform 15 HTTP transactions. The main IP is 89.252.166.50, located in Turkey and belongs to NETINTERNET Netinternet Bilisim Teknolojileri AS, TR. The main domain is online.bankfab.com.studiolegalelolli.com.
This is the only time online.bankfab.com.studiolegalelolli.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: First Abu Dhabi Bank (Banking)

Domain & IP information

IP Address AS Autonomous System
1 1 2620:101:2005... 16417 (IRONPORT-...)
1 1 62.149.128.157 31034 (ARUBA-ASN)
1 1 62.149.128.45 31034 (ARUBA-ASN)
2 12 89.252.166.50 51559 (NETINTERN...)
4 2a00:1450:400... 15169 (GOOGLE)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
15 3
1    2620:101:2005:11f0::1001 (United States)

ASN16417 (IRONPORT-SYSTEMS-INC, US)
secure-web.cisco.com
1    62.149.128.157 (Arezzo, Italy)

ASN31034 (ARUBA-ASN, IT)
PTR: mxd8.aruba.it
palmastudio.it
1    62.149.128.45 (Arezzo, Italy)

ASN31034 (ARUBA-ASN, IT)
PTR: redirect.aruba.it
www.palmastudio.it
12    89.252.166.50 (Turkey)

ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR)
PTR: zkim2kli.ni.net.tr
online.bankfab.com.studiolegalelolli.com
4    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.googleapis.com
1    2001:4de0:ac19::1:b:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
Domain Requested by
12 online.bankfab.com.studiolegalelolli.com 2 redirects online.bankfab.com.studiolegalelolli.com
4 maps.googleapis.com online.bankfab.com.studiolegalelolli.com
maps.googleapis.com
1 code.jquery.com online.bankfab.com.studiolegalelolli.com
1 www.palmastudio.it 1 redirects
1 palmastudio.it 1 redirects
1 secure-web.cisco.com 1 redirects
15 6

This site contains no links.

Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
jquery.org
Sectigo RSA Domain Validation Secure Server CA		 2020-10-06 -
2021-10-16		 a year crt.sh

This page contains 1 frames:

Primary Page: http://online.bankfab.com.studiolegalelolli.com/PersonalBankingWeb/login/7f099518e07aa91cf3fae3755c466e5e/
Frame ID: 514779EE39FCE3878F7A70183B019002
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://secure-web.cisco.com/1hXwkAD0-SY846B3ouq7JlDv8W4-lk8peJDohmeWhHOFeFQ6GMRgPs4ns6SIVXT07V8BMfzMlMNv... HTTP 302
    http://palmastudio.it/ HTTP 301
    http://www.palmastudio.it/ HTTP 301
    http://online.bankfab.com.studiolegalelolli.com/PersonalBankingWeb/login/ HTTP 302
    http://online.bankfab.com.studiolegalelolli.com/PersonalBankingWeb/login/7f099518e07aa91cf3fae3755c466e5e HTTP 301
    http://online.bankfab.com.studiolegalelolli.com/PersonalBankingWeb/login/7f099518e07aa91cf3fae3755c466e5e/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /\/\/maps\.googleapis\.com\/maps\/api\/js/i
Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<[^>]+ ng-version="([\d.]+)"/i
Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

15
Requests

33 %
HTTPS

50 %
IPv6

5
Domains

6
Subdomains

3
IPs

5
Countries

1336 kB
Transfer

1478 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://secure-web.cisco.com/1hXwkAD0-SY846B3ouq7JlDv8W4-lk8peJDohmeWhHOFeFQ6GMRgPs4ns6SIVXT07V8BMfzMlMNv7t_1tD3QSVjZjDOZPVDU-GAePFcLbBTyOJK06f7OB18ixvFMIxiXb9vSqmgzCZa8x07UNboYiqXNrnZSvEHC1lHF2dz7uQAcnw5F8tyfznDTy9iFBfCXOItX5bG3IMGuxVarDGqk36VWvWbvKyUuxPEPbYk0jQ79LOe2F7hy1lQcTtHxrX4igvRl-28Uo4GfnxRVgp7frrYObKxxS3Q83NmnZhE_pP5fXwd4hMkjr760D9dKkgQ_Vp5KHvn9XO1ZOTuxbnc5jCiK0LOeSv2BIicuCvEg-YyGe0Z9EjNz-_fYU2bSfFyhys1qytU7nSYlBbgBLpbJhCdgVOQ8x-YqgQZ9wbqbOCrwjBU-4P5pYl6wtnYoxXYSMWtWG6gjkHZEdVKP3W36-wEgkGvR9foisBncN6INNsrgDPTAkDs3StVQG-s12HccS-5jvZAfsvXTkaOkMPSE9iA/http%3A%2F%2Fpalmastudio.it%2F HTTP 302
    http://palmastudio.it/ HTTP 301
    http://www.palmastudio.it/ HTTP 301
    http://online.bankfab.com.studiolegalelolli.com/PersonalBankingWeb/login/ HTTP 302
    http://online.bankfab.com.studiolegalelolli.com/PersonalBankingWeb/login/7f099518e07aa91cf3fae3755c466e5e HTTP 301
    http://online.bankfab.com.studiolegalelolli.com/PersonalBankingWeb/login/7f099518e07aa91cf3fae3755c466e5e/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
online.bankfab.com.studiolegalelolli.com/PersonalBankingWeb/login/7f099518e07aa91cf3fae3755c466e5e/
Redirect Chain
  • http://secure-web.cisco.com/1hXwkAD0-SY846B3ouq7JlDv8W4-lk8peJDohmeWhHOFeFQ6GMRgPs4ns6SIVXT07V8BMfzMlMNv7t_1tD3QSVjZjDOZPVDU-GAePFcLbBTyOJK06f7OB18ixvFMIxiXb9vSqmgzCZa8x07UNboYiqXNrnZSvEHC1lHF2dz7u...
  • http://palmastudio.it/
  • http://www.palmastudio.it/
  • http://online.bankfab.com.studiolegalelolli.com/PersonalBankingWeb/login/
  • http://online.bankfab.com.studiolegalelolli.com/PersonalBankingWeb/login/7f099518e07aa91cf3fae3755c466e5e
  • http://online.bankfab.com.studiolegalelolli.com/PersonalBankingWeb/login/7f099518e07aa91cf3fae3755c466e5e/
11 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://online.bankfab.com.studiolegalelolli.com/PersonalBankingWeb/login/7f099518e07aa91cf3fae3755c466e5e/
Protocol
HTTP/1.1
Server
89.252.166.50 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS
zkim2kli.ni.net.tr
Software
Microsoft-IIS/10.0 / PHP/5.6.31
Resource Hash
3708cad31f6c01e8c24239471c9d90759a4deaabddee4f02b29e0601d866c947

Request headers

Host
online.bankfab.com.studiolegalelolli.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Cookie
PHPSESSID=fms849alhqgsrenvvf33cbl6i4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Content-Type
text/html; charset=UTF-8
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
PHP/5.6.31
Date
Thu, 21 Jan 2021 05:09:03 GMT
Content-Length
11148

Redirect headers

Content-Type
text/html; charset=UTF-8
Location
http://online.bankfab.com.studiolegalelolli.com/PersonalBankingWeb/login/7f099518e07aa91cf3fae3755c466e5e/
Server
Microsoft-IIS/10.0
Date
Thu, 21 Jan 2021 05:08:59 GMT
Content-Length
229
js
maps.googleapis.com/maps/api/ 		124 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?v=3.exp&key=AIzaSyDzFnoLe6TaueLybd7iwkD7oTy05GALMBo
Requested by
Host: online.bankfab.com.studiolegalelolli.com
URL: http://online.bankfab.com.studiolegalelolli.com/PersonalBankingWeb/login/7f099518e07aa91cf3fae3755c466e5e/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
fa1604a8b53bfe82b313cbae93610dfad5e7685b00bdca61009d7022d6afd54d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://online.bankfab.com.studiolegalelolli.com/PersonalBankingWeb/login/7f099518e07aa91cf3fae3755c466e5e/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 05:09:38 GMT
content-encoding
gzip
vary
Accept-Language
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
server-timing
gfet4t7; dur=10
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41339
x-xss-protection
0
expires
Thu, 21 Jan 2021 05:39:38 GMT
jquery-1.11.2.min.js
code.jquery.com/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.11.2.min.js
Requested by
Host: online.bankfab.com.studiolegalelolli.com
URL: http://online.bankfab.com.studiolegalelolli.com/PersonalBankingWeb/login/7f099518e07aa91cf3fae3755c466e5e/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Request headers

Referer
http://online.bankfab.com.studiolegalelolli.com/PersonalBankingWeb/login/7f099518e07aa91cf3fae3755c466e5e/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 05:09:38 GMT
content-encoding
gzip
last-modified
Wed, 17 Dec 2014 16:05:21 GMT
server
nginx
etag
W/"5491a9c1-176bb"
vary
Accept-Encoding
x-hw
1611205778.dop006.fr8.t,1611205778.cds273.fr8.hc,1611205778.cds202.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
33262
styles.3c9a8ebbfe1d1d70190d.bundle.css
online.bankfab.com.studiolegalelolli.com/PersonalBankingWeb/login/files/ 		697 KB
697 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://online.bankfab.com.studiolegalelolli.com/PersonalBankingWeb/login/files/styles.3c9a8ebbfe1d1d70190d.bundle.css
Requested by
Host: online.bankfab.com.studiolegalelolli.com
URL: http://online.bankfab.com.studiolegalelolli.com/PersonalBankingWeb/login/7f099518e07aa91cf3fae3755c466e5e/
Protocol
HTTP/1.1
Server
89.252.166.50 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS
zkim2kli.ni.net.tr
Software
Microsoft-IIS/10.0 /
Resource Hash
7919aaea6692d6268ed0cf4c55ca5b73e3e05f1f0a50a50caf383b7dce0085bd

Request headers

Referer
http://online.bankfab.com.studiolegalelolli.com/PersonalBankingWeb/login/7f099518e07aa91cf3fae3755c466e5e/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 21 Jan 2021 05:09:03 GMT
Last-Modified
Mon, 18 Jan 2021 00:50:02 GMT
Server
Microsoft-IIS/10.0
Accept-Ranges
bytes
ETag
"e6cbbda33edd61:0"
Content-Length
713240
Content-Type
text/css
logo-small.png
online.bankfab.com.studiolegalelolli.com/PersonalBankingWeb/login/files/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://online.bankfab.com.studiolegalelolli.com/PersonalBankingWeb/login/files/logo-small.png
Requested by
Host: online.bankfab.com.studiolegalelolli.com
URL: http://online.bankfab.com.studiolegalelolli.com/PersonalBankingWeb/login/7f099518e07aa91cf3fae3755c466e5e/
Protocol
HTTP/1.1
Server
89.252.166.50 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS
zkim2kli.ni.net.tr
Software
Microsoft-IIS/10.0 /
Resource Hash
8a3e4976612cff0144277a74701a801bc703665e5c033bcbb29d18fbee213fe9

Request headers

Referer
http://online.bankfab.com.studiolegalelolli.com/PersonalBankingWeb/login/7f099518e07aa91cf3fae3755c466e5e/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 21 Jan 2021 05:09:04 GMT
Last-Modified
Sun, 17 Jan 2021 22:44:26 GMT
Server
Microsoft-IIS/10.0
Accept-Ranges
bytes
ETag
"71c474f22edd61:0"
Content-Length
6469
Content-Type
image/png
bg.jpg
online.bankfab.com.studiolegalelolli.com/PersonalBankingWeb/login/files/ 		229 KB
229 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://online.bankfab.com.studiolegalelolli.com/PersonalBankingWeb/login/files/bg.jpg
Requested by
Host: online.bankfab.com.studiolegalelolli.com
URL: http://online.bankfab.com.studiolegalelolli.com/PersonalBankingWeb/login/7f099518e07aa91cf3fae3755c466e5e/
Protocol
HTTP/1.1
Server
89.252.166.50 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS
zkim2kli.ni.net.tr
Software
Microsoft-IIS/10.0 /
Resource Hash
303382f3f424fedc1a49d241bd5c79dcc8e9a4b2c5d86955b67b1795a5f1c42f

Request headers

Referer
http://online.bankfab.com.studiolegalelolli.com/PersonalBankingWeb/login/7f099518e07aa91cf3fae3755c466e5e/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 21 Jan 2021 05:09:04 GMT
Last-Modified
Sun, 17 Jan 2021 22:38:27 GMT
Server
Microsoft-IIS/10.0
Accept-Ranges
bytes
ETag
"e49df97821edd61:0"
Content-Length
234624
Content-Type
image/jpeg
new-brand-bg.13ccd1f222a52156712d.jpg
online.bankfab.com.studiolegalelolli.com/PersonalBankingWeb/login/files/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://online.bankfab.com.studiolegalelolli.com/PersonalBankingWeb/login/files/new-brand-bg.13ccd1f222a52156712d.jpg
Requested by
Host: online.bankfab.com.studiolegalelolli.com
URL: http://online.bankfab.com.studiolegalelolli.com/PersonalBankingWeb/login/files/styles.3c9a8ebbfe1d1d70190d.bundle.css
Protocol
HTTP/1.1
Server
89.252.166.50 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS
zkim2kli.ni.net.tr
Software
Microsoft-IIS/10.0 /
Resource Hash
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f

Request headers

Referer
http://online.bankfab.com.studiolegalelolli.com/PersonalBankingWeb/login/files/styles.3c9a8ebbfe1d1d70190d.bundle.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 21 Jan 2021 05:09:04 GMT
Server
Microsoft-IIS/10.0
Content-Length
1245
Content-Type
text/html
FSMatthew-Light.87474fc035d3d70e79c6.woff
online.bankfab.com.studiolegalelolli.com/PersonalBankingWeb/login/files/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://online.bankfab.com.studiolegalelolli.com/PersonalBankingWeb/login/files/FSMatthew-Light.87474fc035d3d70e79c6.woff
Requested by
Host: online.bankfab.com.studiolegalelolli.com
URL: http://online.bankfab.com.studiolegalelolli.com/PersonalBankingWeb/login/files/styles.3c9a8ebbfe1d1d70190d.bundle.css
Protocol
HTTP/1.1
Server
89.252.166.50 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS
zkim2kli.ni.net.tr
Software
Microsoft-IIS/10.0 /
Resource Hash
b85f0f35cc3b5f51593f4b4c2eda0b925de731d4504bfd6d386156bd82f23ae1

Request headers

Origin
http://online.bankfab.com.studiolegalelolli.com
Referer
http://online.bankfab.com.studiolegalelolli.com/PersonalBankingWeb/login/files/styles.3c9a8ebbfe1d1d70190d.bundle.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 21 Jan 2021 05:09:04 GMT
Last-Modified
Sun, 17 Jan 2021 23:02:01 GMT
Server
Microsoft-IIS/10.0
Accept-Ranges
bytes
ETag
"5f8b18c424edd61:0"
Content-Length
31316
Content-Type
font/x-woff
FSMatthew-Bold.d8bb43a4623fa531c43a.woff
online.bankfab.com.studiolegalelolli.com/PersonalBankingWeb/login/files/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://online.bankfab.com.studiolegalelolli.com/PersonalBankingWeb/login/files/FSMatthew-Bold.d8bb43a4623fa531c43a.woff
Requested by
Host: online.bankfab.com.studiolegalelolli.com
URL: http://online.bankfab.com.studiolegalelolli.com/PersonalBankingWeb/login/files/styles.3c9a8ebbfe1d1d70190d.bundle.css
Protocol
HTTP/1.1
Server
89.252.166.50 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS
zkim2kli.ni.net.tr
Software
Microsoft-IIS/10.0 /
Resource Hash
3dd740d3fd0832fbda81b5d373825ec524b10b332b4ea23eafbb56d96254521c

Request headers

Origin
http://online.bankfab.com.studiolegalelolli.com
Referer
http://online.bankfab.com.studiolegalelolli.com/PersonalBankingWeb/login/files/styles.3c9a8ebbfe1d1d70190d.bundle.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 21 Jan 2021 05:09:04 GMT
Last-Modified
Sun, 17 Jan 2021 22:47:33 GMT
Server
Microsoft-IIS/10.0
Accept-Ranges
bytes
ETag
"5e86aebe22edd61:0"
Content-Length
32308
Content-Type
font/x-woff
FSMatthew-Medium.9640afcb869f0c9a49a7.woff
online.bankfab.com.studiolegalelolli.com/PersonalBankingWeb/login/files/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://online.bankfab.com.studiolegalelolli.com/PersonalBankingWeb/login/files/FSMatthew-Medium.9640afcb869f0c9a49a7.woff
Requested by
Host: online.bankfab.com.studiolegalelolli.com
URL: http://online.bankfab.com.studiolegalelolli.com/PersonalBankingWeb/login/files/styles.3c9a8ebbfe1d1d70190d.bundle.css
Protocol
HTTP/1.1
Server
89.252.166.50 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS
zkim2kli.ni.net.tr
Software
Microsoft-IIS/10.0 /
Resource Hash
204feb08527d33ec76b439fe94b2d5bc217f1940b8fdae4bc231b66dcde91e14

Request headers

Origin
http://online.bankfab.com.studiolegalelolli.com
Referer
http://online.bankfab.com.studiolegalelolli.com/PersonalBankingWeb/login/files/styles.3c9a8ebbfe1d1d70190d.bundle.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 21 Jan 2021 05:09:04 GMT
Last-Modified
Sun, 17 Jan 2021 22:53:38 GMT
Server
Microsoft-IIS/10.0
Accept-Ranges
bytes
ETag
"e71399823edd61:0"
Content-Length
34720
Content-Type
font/x-woff
FSMatthew.42cc6f9c1eed3594a0c9.woff
online.bankfab.com.studiolegalelolli.com/PersonalBankingWeb/login/files/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
http://online.bankfab.com.studiolegalelolli.com/PersonalBankingWeb/login/files/FSMatthew.42cc6f9c1eed3594a0c9.woff
Requested by
Host: online.bankfab.com.studiolegalelolli.com
URL: http://online.bankfab.com.studiolegalelolli.com/PersonalBankingWeb/login/files/styles.3c9a8ebbfe1d1d70190d.bundle.css
Protocol
HTTP/1.1
Server
89.252.166.50 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS
zkim2kli.ni.net.tr
Software
Microsoft-IIS/10.0 /
Resource Hash

Request headers

Origin
http://online.bankfab.com.studiolegalelolli.com
Referer
http://online.bankfab.com.studiolegalelolli.com/PersonalBankingWeb/login/files/styles.3c9a8ebbfe1d1d70190d.bundle.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 21 Jan 2021 05:09:04 GMT
Server
Microsoft-IIS/10.0
Content-Length
1245
Content-Type
text/html
FSMatthew.1c6027b680abefdfa9bb.ttf
online.bankfab.com.studiolegalelolli.com/PersonalBankingWeb/login/files/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
http://online.bankfab.com.studiolegalelolli.com/PersonalBankingWeb/login/files/FSMatthew.1c6027b680abefdfa9bb.ttf
Requested by
Host: online.bankfab.com.studiolegalelolli.com
URL: http://online.bankfab.com.studiolegalelolli.com/PersonalBankingWeb/login/files/styles.3c9a8ebbfe1d1d70190d.bundle.css
Protocol
HTTP/1.1
Server
89.252.166.50 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS
zkim2kli.ni.net.tr
Software
Microsoft-IIS/10.0 /
Resource Hash

Request headers

Origin
http://online.bankfab.com.studiolegalelolli.com
Referer
http://online.bankfab.com.studiolegalelolli.com/PersonalBankingWeb/login/files/styles.3c9a8ebbfe1d1d70190d.bundle.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 21 Jan 2021 05:09:04 GMT
Server
Microsoft-IIS/10.0
Content-Length
1245
Content-Type
text/html
common.js
maps.googleapis.com/maps-api-v3/api/js/43/6/ 		75 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/43/6/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?v=3.exp&key=AIzaSyDzFnoLe6TaueLybd7iwkD7oTy05GALMBo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a5bbe4a819917e9cbb849eb882e1a1617d56a2b7d87d1fac48826079d9cd9e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://online.bankfab.com.studiolegalelolli.com/PersonalBankingWeb/login/7f099518e07aa91cf3fae3755c466e5e/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 20 Jan 2021 19:10:16 GMT
x-content-type-options
nosniff
last-modified
Tue, 19 Jan 2021 21:56:25 GMT
server
sffe
age
35967
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
76572
x-xss-protection
0
expires
Thu, 20 Jan 2022 19:10:16 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/43/6/ 		145 KB
146 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/43/6/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?v=3.exp&key=AIzaSyDzFnoLe6TaueLybd7iwkD7oTy05GALMBo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e88054bce5b571855b9e8d68f2a418bd9318b21cb5ae7d010e917b33414abf34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://online.bankfab.com.studiolegalelolli.com/PersonalBankingWeb/login/7f099518e07aa91cf3fae3755c466e5e/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 20 Jan 2021 19:10:16 GMT
x-content-type-options
nosniff
last-modified
Tue, 19 Jan 2021 21:56:25 GMT
server
sffe
age
35967
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
148910
x-xss-protection
0
expires
Thu, 20 Jan 2022 19:10:16 GMT
AuthenticationService.Authenticate
maps.googleapis.com/maps/api/js/ 		62 B
406 B 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttp%3A%2F%2Fonline.bankfab.com.studiolegalelolli.com%2FPersonalBankingWeb%2Flogin%2F7f099518e07aa91cf3fae3755c466e5e%2F&4sAIzaSyDzFnoLe6TaueLybd7iwkD7oTy05GALMBo&callback=_xdc_._i2t5j6&key=AIzaSyDzFnoLe6TaueLybd7iwkD7oTy05GALMBo&token=127008
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/43/6/common.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
69885943c0c9b43e1b918bcb1516f969bb50d0e8e85c2e8d81657f1a314b5f00
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://online.bankfab.com.studiolegalelolli.com/PersonalBankingWeb/login/7f099518e07aa91cf3fae3755c466e5e/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jan 2021 05:09:43 GMT
content-encoding
gzip
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
content-disposition
attachment
server-timing
gfet4t7; dur=16
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: First Abu Dhabi Bank (Banking)

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated object| google object| module$contents$MapsEvent_MapsEvent object| module$contents$mapsapi$overlay$OverlayView_OverlayView function| $ function| jQuery function| enlogin function| arlogin object| _xdc_

0 Cookies