qtechno-eg.com Open in urlscan Pro
192.185.73.134 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://qtechno-eg.com/es/favicon/index/asistencia/Codigo.php
Submission: On September 30 via automatic, source openphish (September 30th 2018, 8:18:01 pm UTC)

Summary HTTP 18 Redirects Links 3 Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 18 HTTP transactions. The main IP is 192.185.73.134, located in Houston, United States and belongs to CYRUSONE - CyrusOne LLC, US. The main domain is qtechno-eg.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on August 8th 2018. Valid for: 3 months.

This is the only time qtechno-eg.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: BBVA (Financial)

Domain & IP information

	IP Address		AS Autonomous System
8	192.185.73.134 192.185.73.134		20013 (CYRUSONE) (CYRUSONE - CyrusOne LLC)
1 2	46.31.112.210 46.31.112.210		51625 (THY-AS) (THY-AS)
18	3

8 192.185.73.134 (Houston, United States)

ASN20013 (CYRUSONE - CyrusOne LLC, US)
PTR: 192-185-73-134.unifiedlayer.com

qtechno-eg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.31.112.210 (Istanbul, Turkey) 1 redirects

ASN51625 (THY-AS, TR)

www.turkishcargo.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	qtechno-eg.com qtechno-eg.com	328 KB
2	turkishcargo.com.tr 1 redirects www.turkishcargo.com.tr	859 KB
0	dexemboutrse.cf Failed dexemboutrse.cf Failed
18	3

	Domain	Requested by
8	qtechno-eg.com	qtechno-eg.com
2	www.turkishcargo.com.tr	1 redirects qtechno-eg.com
0	dexemboutrse.cf Failed	qtechno-eg.com
18	3

This site contains links to these domains. Also see Links.

Domain
rentingmov.bancosantander.es
www.bancosantander.es
particulares.gruposantander.es

Subject Issuer	Validity	Valid
qtechno-eg.com Let's Encrypt Authority X3	`2018-08-08` - `2018-11-06`	3 months	crt.sh
*.turkishcargo.com.tr E-Tugra Organization Validated CA	`2018-06-18` - `2020-06-18`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://qtechno-eg.com/es/favicon/index/asistencia/Codigo.php
Frame ID: 6B6E18748FC722D334C802E721DB637B
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

env /^angular$/i

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^Modernizr$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^jQuery$/i

Page Statistics

18
Requests

50 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

1187 kB
Transfer

1970 kB
Size

0
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://rentingmov.bancosantander.es/CONPR5_MOV_ALCO/acceso.htm?canal=MOV&codOferta=&opType=C&token=QUMxNjIyNzY4MzQwNzNBNjkwQkFCRkEzIzE3Mi4yMi4zNC4yMDUjMTUxODU1MjU5OTY5OSNQRDk0Yld3Z2RtVnljMmx2YmowaU1TNHdJaUJsYm1OdlpHbHVaejBpU1ZOUExUZzROVGt0TVNJL1BqeDBiMnRsYmtSbFptbHVhWFJwYjI0K1BHTnZaR2xuYjFCbGNuTnZibUUrTVRNM056RTBNREU4TDJOdlpHbG5iMUJsY25OdmJtRStQSFZ6WlhKSlJENHdNREF6TURRNE9Ud3ZkWE5sY2tsRVBqeDBhWEJ2VUdWeWMyOXVZVDVHUEM5MGFYQnZVR1Z5YzI5dVlUNDhibUZ0WlQ1Q1JVZFAwVUZTUlZsYVFVSkJUQ0JHUlZKT1FVNUVSVm9nVmtsTVRFRlNTbFZDU1R3dmJtRnRaVDQ4TDNSdmEyVnVSR1ZtYVc1cGRHbHZiajQ9I0RFU2VkZS9DQkMvUEtDUzVQYWRkaW5nI3YxI1BhcnRpY3VsYXJlc1NBTlBSTyNOT1QgVVNFRCNTSEExd2l0aFJTQSN1aVNTNThyWk8zcHMvT2UrM3lUZWtKcHBtbVNEZ2dQZlVGNHE3STJudzV5QmZlbkFXdGdUcDZYYjdxY2dqNW13WkJJS0JkT2FCQ2hMQmw2aVVxMUU4b3IydkhiN1ZoL3hyL1hRUnZlcXVsUmFXYTdVMjd0bmVGYjcxRU80ZUlSc3RZUTNtQ3dXRjJZeStwb3NxSDJaaVZMTngxYUYxOVNVd0Y2d2daRlR4STA9
Title: Renting

Search URL Search Domain Scan URL

URL: https://www.bancosantander.es/cssa/Satellite?pagename=BuscadorOficinas/Page/BOF_FrontEnd&empr=Santander&leng=es_ES&_ga=2.77213333.186514139.1518536319-307806305.1518201795
Title: Oficinas y cajeros

Search URL Search Domain Scan URL

URL: https://particulares.gruposantander.es/SUPFPA_SPB_ENS/BtoChannelDriver.ssobto?dse_operationName=NavLoginSupernet&dse_parentContextName=&dse_processorState=initial&dse_nextEventName=start&perfil.empresaAsociada=0013&token=QUMxNjIyNzY4MzQwNzNBNjkwQkFCRkEzIzE3Mi4yMi4zNC4yMDUjMTUxODU1MjU5OTY5OSNQRDk0Yld3Z2RtVnljMmx2YmowaU1TNHdJaUJsYm1OdlpHbHVaejBpU1ZOUExUZzROVGt0TVNJL1BqeDBiMnRsYmtSbFptbHVhWFJwYjI0K1BHTnZaR2xuYjFCbGNuTnZibUUrTVRNM056RTBNREU4TDJOdlpHbG5iMUJsY25OdmJtRStQSFZ6WlhKSlJENHdNREF6TURRNE9Ud3ZkWE5sY2tsRVBqeDBhWEJ2VUdWeWMyOXVZVDVHUEM5MGFYQnZVR1Z5YzI5dVlUNDhibUZ0WlQ1Q1JVZFAwVUZTUlZsYVFVSkJUQ0JHUlZKT1FVNUVSVm9nVmtsTVRFRlNTbFZDU1R3dmJtRnRaVDQ4TDNSdmEyVnVSR1ZtYVc1cGRHbHZiajQ9I0RFU2VkZS9DQkMvUEtDUzVQYWRkaW5nI3YxI1BhcnRpY3VsYXJlc1NBTlBSTyNOT1QgVVNFRCNTSEExd2l0aFJTQSN1aVNTNThyWk8zcHMvT2UrM3lUZWtKcHBtbVNEZ2dQZlVGNHE3STJudzV5QmZlbkFXdGdUcDZYYjdxY2dqNW13WkJJS0JkT2FCQ2hMQmw2aVVxMUU4b3IydkhiN1ZoL3hyL1hRUnZlcXVsUmFXYTdVMjd0bmVGYjcxRU80ZUlSc3RZUTNtQ3dXRjJZeStwb3NxSDJaaVZMTngxYUYxOVNVd0Y2d2daRlR4STA9
Title: VersiÃ³n clÃ¡sica

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

http://www.turkishcargo.com.tr/documents/TurkishCargo/img/redloadingcircle.gif HTTP 302
https://www.turkishcargo.com.tr/documents/TurkishCargo/img/redloadingcircle.gif

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Codigo.php Show response
qtechno-eg.com/es/favicon/index/asistencia/ 100 KB
38 KB 451ms
450ms Document
text/html 192.185.73.134
CyrusOne LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://qtechno-eg.com/es/favicon/index/asistencia/Codigo.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.185.73.134 Houston, United States, ASN20013 (CYRUSONE - CyrusOne LLC, US),
Reverse DNS: 192-185-73-134.unifiedlayer.com
Software: nginx/1.14.0 /
Resource Hash: 6af1b99e57b00120df73324eb2b9d8eb3bf88754b175cdb0f65ade2d17ce7e98

Request headers

Host: qtechno-eg.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server: nginx/1.14.0
Date: Sun, 30 Sep 2018 20:17:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip

GET
H/1.1 200
OK styles.css
qtechno-eg.com/es/favicon/index/asistencia/konto/ 211 KB
44 KB 181ms
180ms Stylesheet
text/css 192.185.73.134
CyrusOne LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://qtechno-eg.com/es/favicon/index/asistencia/konto/styles.css
Requested by: Host: qtechno-eg.com
URL: https://qtechno-eg.com/es/favicon/index/asistencia/Codigo.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.185.73.134 Houston, United States, ASN20013 (CYRUSONE - CyrusOne LLC, US),
Reverse DNS: 192-185-73-134.unifiedlayer.com
Software: nginx/1.14.0 /
Resource Hash: bafdd97b96d6444a862d7df4a8e1c01496ec64c180e6da53890068e0d4bd8937

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: qtechno-eg.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: https://qtechno-eg.com/es/favicon/index/asistencia/Codigo.php
Connection: keep-alive
Cache-Control: no-cache
Referer: https://qtechno-eg.com/es/favicon/index/asistencia/Codigo.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 30 Sep 2018 20:17:49 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Aug 2018 03:58:52 GMT
Server: nginx/1.14.0
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/css

GET
H/1.1 200
OK net.css
qtechno-eg.com/es/favicon/index/asistencia/konto// 25 KB
5 KB 185ms
185ms Stylesheet
text/css 192.185.73.134
CyrusOne LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://qtechno-eg.com/es/favicon/index/asistencia/konto//net.css
Requested by: Host: qtechno-eg.com
URL: https://qtechno-eg.com/es/favicon/index/asistencia/Codigo.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.185.73.134 Houston, United States, ASN20013 (CYRUSONE - CyrusOne LLC, US),
Reverse DNS: 192-185-73-134.unifiedlayer.com
Software: nginx/1.14.0 /
Resource Hash: a2ca412537556bd572a2095ca0cbc2eb7305f22273c62e5d8f2e8b3b1664f5f3

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: qtechno-eg.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: https://qtechno-eg.com/es/favicon/index/asistencia/Codigo.php
Connection: keep-alive
Cache-Control: no-cache
Referer: https://qtechno-eg.com/es/favicon/index/asistencia/Codigo.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 30 Sep 2018 20:17:49 GMT
Content-Encoding: gzip
Last-Modified: Mon, 05 Mar 2018 02:51:26 GMT
Server: nginx/1.14.0
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/css

GET
H/1.1 200
OK supernetAll_170710_161546.min.js Show response
qtechno-eg.com/es/favicon/index/asistencia/konto/ 726 KB
224 KB 345ms
344ms Script
application/javascript 192.185.73.134
CyrusOne LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://qtechno-eg.com/es/favicon/index/asistencia/konto/supernetAll_170710_161546.min.js
Requested by: Host: qtechno-eg.com
URL: https://qtechno-eg.com/es/favicon/index/asistencia/Codigo.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.185.73.134 Houston, United States, ASN20013 (CYRUSONE - CyrusOne LLC, US),
Reverse DNS: 192-185-73-134.unifiedlayer.com
Software: nginx/1.14.0 /
Resource Hash: bb5f0c36cf1c488246ab81b4cb82ee5c01923109967d1764e14b6004e988ad08

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: qtechno-eg.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://qtechno-eg.com/es/favicon/index/asistencia/Codigo.php
Connection: keep-alive
Cache-Control: no-cache
Referer: https://qtechno-eg.com/es/favicon/index/asistencia/Codigo.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 30 Sep 2018 20:17:49 GMT
Content-Encoding: gzip
Last-Modified: Mon, 05 Mar 2018 02:51:26 GMT
Server: nginx/1.14.0
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK utag.2.js Show response
qtechno-eg.com/es/favicon/index/asistencia/konto/ 24 KB
7 KB 166ms
166ms Script
application/javascript 192.185.73.134
CyrusOne LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://qtechno-eg.com/es/favicon/index/asistencia/konto/utag.2.js
Requested by: Host: qtechno-eg.com
URL: https://qtechno-eg.com/es/favicon/index/asistencia/Codigo.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.185.73.134 Houston, United States, ASN20013 (CYRUSONE - CyrusOne LLC, US),
Reverse DNS: 192-185-73-134.unifiedlayer.com
Software: nginx/1.14.0 /
Resource Hash: 1a31584ad3b47257575549863cf9a890f59d4a2f06e106813ad3c9d044b8b60e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: qtechno-eg.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://qtechno-eg.com/es/favicon/index/asistencia/Codigo.php
Connection: keep-alive
Cache-Control: no-cache
Referer: https://qtechno-eg.com/es/favicon/index/asistencia/Codigo.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 30 Sep 2018 20:17:49 GMT
Content-Encoding: gzip
Last-Modified: Mon, 05 Mar 2018 02:51:26 GMT
Server: nginx/1.14.0
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK utag.8.js Show response
qtechno-eg.com/es/favicon/index/asistencia/konto/ 21 KB
6 KB 205ms
205ms Script
application/javascript 192.185.73.134
CyrusOne LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://qtechno-eg.com/es/favicon/index/asistencia/konto/utag.8.js
Requested by: Host: qtechno-eg.com
URL: https://qtechno-eg.com/es/favicon/index/asistencia/Codigo.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.185.73.134 Houston, United States, ASN20013 (CYRUSONE - CyrusOne LLC, US),
Reverse DNS: 192-185-73-134.unifiedlayer.com
Software: nginx/1.14.0 /
Resource Hash: a8fa99938da27ebe6e3a72c52781f5ee1219a7b66f21cfb2c75948fead36f49e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: qtechno-eg.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://qtechno-eg.com/es/favicon/index/asistencia/Codigo.php
Connection: keep-alive
Cache-Control: no-cache
Referer: https://qtechno-eg.com/es/favicon/index/asistencia/Codigo.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 30 Sep 2018 20:17:49 GMT
Content-Encoding: gzip
Last-Modified: Mon, 05 Mar 2018 02:51:26 GMT
Server: nginx/1.14.0
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK icn_renting.svg
qtechno-eg.com/es/favicon/index/asistencia/konto/ 4 KB
5 KB 168ms
167ms Image
image/svg+xml 192.185.73.134
CyrusOne LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qtechno-eg.com/es/favicon/index/asistencia/konto/icn_renting.svg
Requested by: Host: qtechno-eg.com
URL: https://qtechno-eg.com/es/favicon/index/asistencia/Codigo.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.185.73.134 Houston, United States, ASN20013 (CYRUSONE - CyrusOne LLC, US),
Reverse DNS: 192-185-73-134.unifiedlayer.com
Software: nginx/1.14.0 /
Resource Hash: bd865d3b49087c4d4626aafddcfb4a2adc6c5109acc9f4efe64d3ab54fe6db56

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: qtechno-eg.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://qtechno-eg.com/es/favicon/index/asistencia/Codigo.php
Connection: keep-alive
Cache-Control: no-cache
Referer: https://qtechno-eg.com/es/favicon/index/asistencia/Codigo.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 30 Sep 2018 20:17:49 GMT
Last-Modified: Mon, 05 Mar 2018 02:51:26 GMT
Server: nginx/1.14.0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4513
Content-Type: image/svg+xml

GET
H/1.1

200
OK

redloadingcircle.gif
www.turkishcargo.com.tr/documents/TurkishCargo/img/
Redirect Chain

http://www.turkishcargo.com.tr/documents/TurkishCargo/img/redloadingcircle.gif
https://www.turkishcargo.com.tr/documents/TurkishCargo/img/redloadingcircle.gif

858 KB
858 KB

543ms
74ms

Image
image/gif

46.31.112.210
THY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.turkishcargo.com.tr/documents/TurkishCargo/img/redloadingcircle.gif

Requested by

Host: qtechno-eg.com
URL: https://qtechno-eg.com/es/favicon/index/asistencia/Codigo.php

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

46.31.112.210 Istanbul, Turkey, ASN51625 (THY-AS, TR),

Reverse DNS

Software

/

Resource Hash

451240502265cb6107d21e27b9a36297de049a127e02c13a6bad9714a46f66aa

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 30 Sep 2018 20:17:50 GMT
Last-Modified: Thu, 28 Sep 2017 11:25:55 GMT
Server
ETag: "7ed1e48c4c38d31:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 878699

Redirect headers

Location: https://www.turkishcargo.com.tr/documents/TurkishCargo/img/redloadingcircle.gif
Server: BigIP
Connection: Keep-Alive
Content-Length: 0

GET
H/1.1 200
OK bg-menu.svg
qtechno-eg.com/es/favicon/index/asistencia/ 599 B
819 B 164ms
164ms Image
image/svg+xml 192.185.73.134
CyrusOne LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qtechno-eg.com/es/favicon/index/asistencia/bg-menu.svg
Requested by: Host: qtechno-eg.com
URL: https://qtechno-eg.com/es/favicon/index/asistencia/konto/supernetAll_170710_161546.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.185.73.134 Houston, United States, ASN20013 (CYRUSONE - CyrusOne LLC, US),
Reverse DNS: 192-185-73-134.unifiedlayer.com
Software: nginx/1.14.0 /
Resource Hash: c1a892da96dda2555afab80d17910aa3e9865c03a8c5ab1086364c0df94c1ece

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: qtechno-eg.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://qtechno-eg.com/es/favicon/index/asistencia/konto/styles.css
Connection: keep-alive
Cache-Control: no-cache
Referer: https://qtechno-eg.com/es/favicon/index/asistencia/konto/styles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 30 Sep 2018 20:17:50 GMT
Last-Modified: Thu, 02 Aug 2018 01:32:12 GMT
Server: nginx/1.14.0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 599
Content-Type: image/svg+xml

GET Lato-Regular-webfont.woff2
dexemboutrse.cf/fonts/ 0
0

GET Lato-Light-webfont.woff2
dexemboutrse.cf/fonts/ 0
0

GET Lato-Bold-webfont.woff2
dexemboutrse.cf/fonts/ 0
0

GET Lato-Regular-webfont.woff
dexemboutrse.cf/fonts/ 0
0

GET Lato-Light-webfont.woff
dexemboutrse.cf/fonts/ 0
0

GET Lato-Bold-webfont.woff
dexemboutrse.cf/fonts/ 0
0

GET Lato-Regular-webfont.ttf
dexemboutrse.cf/fonts/ 0
0

GET Lato-Light-webfont.ttf
dexemboutrse.cf/fonts/ 0
0

GET Lato-Bold-webfont.ttf
dexemboutrse.cf/fonts/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: dexemboutrse.cf
URL: https://dexemboutrse.cf/fonts/Lato-Regular-webfont.woff2

Domain: dexemboutrse.cf
URL: https://dexemboutrse.cf/fonts/Lato-Light-webfont.woff2

Domain: dexemboutrse.cf
URL: https://dexemboutrse.cf/fonts/Lato-Bold-webfont.woff2

Domain: dexemboutrse.cf
URL: https://dexemboutrse.cf/fonts/Lato-Regular-webfont.woff

Domain: dexemboutrse.cf
URL: https://dexemboutrse.cf/fonts/Lato-Light-webfont.woff

Domain: dexemboutrse.cf
URL: https://dexemboutrse.cf/fonts/Lato-Bold-webfont.woff

Domain: dexemboutrse.cf
URL: https://dexemboutrse.cf/fonts/Lato-Regular-webfont.ttf

Domain: dexemboutrse.cf
URL: https://dexemboutrse.cf/fonts/Lato-Light-webfont.ttf

Domain: dexemboutrse.cf
URL: https://dexemboutrse.cf/fonts/Lato-Bold-webfont.ttf

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: BBVA (Financial)

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| CryptoJS object| services function| formatMoney function| validaCuenta function| validaLibreta function| calcularIBAN function| trim object| arrayLetras function| fCalcularNIF function| fCalcularNIE function| fCalcularCIF function| fCalcularPasaporte function| validarXIF function| hexToString function| StringToHex function| cifraToken function| descifraToken function| descifraServidor function| cifraServidor function| timeStamp function| start object| nwptApp function| ImageExist function| checkBrowserValid function| get_browser_info function| ValoresController function| ConctactInfoController function| LoginController function| HomeController function| ImposicionController function| ProductController function| SendMoneyAccessController function| SendMoneyController function| TarjetaController function| SociusController function| PullOffersController function| ContractOffersController function| PBController function| PBProductController number| windowWidth function| $ function| jQuery object| Modernizr object| jstz object| angular object| Select2 function| removeHover object| GibberishAES function| hideMessage function| startTimer function| getUrlParam object| jQuery111109275819537099357 string| GoogleAnalyticsObject function| ga

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://qtechno-eg.com/es/favicon/index/asistencia/konto/supernetAll_170710_161546.min.js(Line 290) Message: This browser does not support Web Storage!

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dexemboutrse.cf
qtechno-eg.com
www.turkishcargo.com.tr
dexemboutrse.cf
192.185.73.134
46.31.112.210
1a31584ad3b47257575549863cf9a890f59d4a2f06e106813ad3c9d044b8b60e
451240502265cb6107d21e27b9a36297de049a127e02c13a6bad9714a46f66aa
6af1b99e57b00120df73324eb2b9d8eb3bf88754b175cdb0f65ade2d17ce7e98
a2ca412537556bd572a2095ca0cbc2eb7305f22273c62e5d8f2e8b3b1664f5f3
a8fa99938da27ebe6e3a72c52781f5ee1219a7b66f21cfb2c75948fead36f49e
bafdd97b96d6444a862d7df4a8e1c01496ec64c180e6da53890068e0d4bd8937
bb5f0c36cf1c488246ab81b4cb82ee5c01923109967d1764e14b6004e988ad08
bd865d3b49087c4d4626aafddcfb4a2adc6c5109acc9f4efe64d3ab54fe6db56
c1a892da96dda2555afab80d17910aa3e9865c03a8c5ab1086364c0df94c1ece