![](/screenshots/0b347fdb-73ed-43ee-a4ed-8c22849e6845.png)
clientes-online-cuenta-acceso.com
Open in
urlscan Pro
160.153.141.116
Malicious Activity!
Public Scan
Effective URL: https://clientes-online-cuenta-acceso.com/6da727b9e630392/index.php
Submission: On August 24 via manual from ES
Summary
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on August 24th 2020. Valid for: 2 years.
This is the only time clientes-online-cuenta-acceso.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Bankia (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 2 | 2600:1f16:b35... 2600:1f16:b35:6400:72b2:4941:bad1:fba7 | 16509 (AMAZON-02) (AMAZON-02) | |
1 13 | 160.153.141.116 160.153.141.116 | 21501 (GODADDY-AMS) (GODADDY-AMS) | |
12 | 1 |
ASN21501 (GODADDY-AMS, DE)
PTR: ip-160-153-141-116.ip.secureserver.net
clientes-online-cuenta-acceso.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
clientes-online-cuenta-acceso.com
1 redirects
clientes-online-cuenta-acceso.com |
2 MB |
2 |
da.gd
2 redirects
da.gd |
963 B |
12 | 2 |
Domain | Requested by | |
---|---|---|
13 | clientes-online-cuenta-acceso.com |
1 redirects
clientes-online-cuenta-acceso.com
|
2 | da.gd | 2 redirects |
12 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
clientes-online-cuenta-acceso.com Go Daddy Secure Certificate Authority - G2 |
2020-08-24 - 2022-08-24 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://clientes-online-cuenta-acceso.com/6da727b9e630392/index.php
Frame ID: 950AC652584A8819937184CCBD9DB9CA
Requests: 12 HTTP requests in this frame
Screenshot
![](/screenshots/0b347fdb-73ed-43ee-a4ed-8c22849e6845.png)
Page URL History Show full URLs
-
http://da.gd/g3fhKO
HTTP 302
https://da.gd/g3fhKO HTTP 302
https://clientes-online-cuenta-acceso.com/ HTTP 302
https://clientes-online-cuenta-acceso.com/6da727b9e630392/index.php Page URL
Detected technologies
![](/vendor/wappa/icons/OpenSSL.png)
Detected patterns
- headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://da.gd/g3fhKO
HTTP 302
https://da.gd/g3fhKO HTTP 302
https://clientes-online-cuenta-acceso.com/ HTTP 302
https://clientes-online-cuenta-acceso.com/6da727b9e630392/index.php Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
12 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
index.php
clientes-online-cuenta-acceso.com/6da727b9e630392/ Redirect Chain
|
4 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
clientes-online-cuenta-acceso.com/assets/css/ |
138 KB 21 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
helpers.css
clientes-online-cuenta-acceso.com/assets/css/ |
41 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fonts.css
clientes-online-cuenta-acceso.com/assets/css/ |
1 KB 359 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.css
clientes-online-cuenta-acceso.com/assets/css/ |
9 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lock.png
clientes-online-cuenta-acceso.com/assets/images/ |
269 B 353 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
clientes-online-cuenta-acceso.com/assets/js/ |
86 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
popper.min.js
clientes-online-cuenta-acceso.com/assets/js/ |
20 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
clientes-online-cuenta-acceso.com/assets/js/ |
133 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome.min.js
clientes-online-cuenta-acceso.com/assets/js/ |
1 MB 379 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
clientes-online-cuenta-acceso.com/assets/js/ |
2 KB 776 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.png
clientes-online-cuenta-acceso.com/assets/images/ |
1 MB 1 MB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Bankia (Banking)13 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| trustedTypes function| $ function| jQuery function| Popper object| bootstrap object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome boolean| isShift string| seperator string| space function| IsNumeric function| ValidateDateFormat1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
clientes-online-cuenta-acceso.com/ | Name: PHPSESSID Value: 7d0b174f87f2ce7d8e5e678df118a8e4 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
clientes-online-cuenta-acceso.com
da.gd
160.153.141.116
2600:1f16:b35:6400:72b2:4941:bad1:fba7
21bd54c766f0a1385f24f0b9a074e83881d82288d9d31bab0e3076721121f52e
2b381363dda049f2d49a59037b228bc865d51ffb977c8f5c3547d5c28de48e3a
2caa6404ddb0de2b9d191b1e2c8b5c35c68ca48f2a9521140bbf83b27c063700
315ac5479007d2e864a4b51f505fd0785ebbbe931a6b511467fa49504a082c58
7269bc538f1393c8830854a5f1a8fb2bc97d9c950bbd07399aa2792f7839f5a5
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
986542923151bc003234fcdd77ac5bcb00c85925c545ca769a64aed93b7b316d
98b62b715000035bde65a6ada525f27da578202c9996ef4acfd8bcd725a7374c
a9657e72b0acec56eb2f61e51f3151aa58cad417eb002c773e0d22febd931161
d5a5f17c9e00041140d96d884c5f750077c8ff2ffa4d0c4abe56bc35952de41c
f36d554fade2cf4c333abf1d3e3da0bb8f3bf9ab62e84e67de2f9b87d738058d
f839760d1621714efedeb3eb08b25e619812dcc33d77aceb0daf405ac727a765