![](/screenshots/278cd5d5-e0b0-4c14-800a-04c131101343.png)
lasempanadas.com.ar
Open in
urlscan Pro
66.97.33.212
Malicious Activity!
Public Scan
Submission: On February 12 via manual from PH — Scanned from DE
Summary
This is the only time lasempanadas.com.ar was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: GCash (Financial)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 4 | 66.97.33.212 66.97.33.212 | 27823 (Dattatec.com) (Dattatec.com) | |
1 | 2a00:1450:400... 2a00:1450:4001:809::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:812::2003 | 15169 (GOOGLE) (GOOGLE) | |
5 | 3 |
ASN27823 (Dattatec.com, AR)
PTR: vps-1511147-x.dattaweb.com
lasempanadas.com.ar |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
lasempanadas.com.ar
1 redirects
lasempanadas.com.ar |
27 KB |
1 |
gstatic.com
fonts.gstatic.com |
24 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31 |
1010 B |
5 | 3 |
Domain | Requested by | |
---|---|---|
4 | lasempanadas.com.ar |
1 redirects
lasempanadas.com.ar
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | fonts.googleapis.com |
lasempanadas.com.ar
|
5 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
upload.video.google.com GTS CA 1C3 |
2024-01-09 - 2024-04-02 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2024-01-09 - 2024-04-02 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
http://lasempanadas.com.ar/wp-admin/Data/online/jJSHY_20220920_042107/sepo/
Frame ID: 32A98B1E1D35600EB5F82DDDEF656B30
Requests: 5 HTTP requests in this frame
Screenshot
![](/screenshots/278cd5d5-e0b0-4c14-800a-04c131101343.png)
Page Title
GCashPage URL History Show full URLs
-
http://lasempanadas.com.ar/wp-admin/Data/online/jJSHY_20220920_042107/sepo
HTTP 301
http://lasempanadas.com.ar/wp-admin/Data/online/jJSHY_20220920_042107/sepo/ Page URL
Detected technologies
![](/vendor/wappa/icons/Google Font API.png)
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://lasempanadas.com.ar/wp-admin/Data/online/jJSHY_20220920_042107/sepo
HTTP 301
http://lasempanadas.com.ar/wp-admin/Data/online/jJSHY_20220920_042107/sepo/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
5 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
lasempanadas.com.ar/wp-admin/Data/online/jJSHY_20220920_042107/sepo/ Redirect Chain
|
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.css
lasempanadas.com.ar/wp-admin/Data/online/jJSHY_20220920_042107/sepo/css/ |
84 KB 15 KB |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
4 KB 1010 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gcash-1024x768.png
lasempanadas.com.ar/wp-admin/Data/online/jJSHY_20220920_042107/sepo/Gcash_files/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
qkB9XvYC6trAT55ZBi1ueQVIjQTD-JrIH2G7nytkHRyQ8p4wUje6bg.woff2
fonts.gstatic.com/s/karla/v31/ |
24 KB 24 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: GCash (Financial)2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| isNumber function| length_disabled_btn0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fonts.googleapis.com
fonts.gstatic.com
lasempanadas.com.ar
2a00:1450:4001:809::200a
2a00:1450:4001:812::2003
66.97.33.212
0b022da978f07df901703de2ba5b3303fbb496a81d05964e4bc079ae04275fdf
4d0240b90ca4e5e14affdc504600d9eb61c828900c645cb20c91c5c6cc5fa66e
e5229742bc94eaa31382c074d058555327a37637776a81dce6d26a7c1f92f552
e74317ccdc7985c05e0957f06bb973c213f83aec4be0a03d0e47c6397e069bb6
ef71f07257bf7ab1ff3b76ac3c0fa25b8686bbb26c5617c570c7528e337e48d0