caixainfos.com
Open in
urlscan Pro
34.125.128.151
Malicious Activity!
Public Scan
Effective URL: http://caixainfos.com/pc/index.php?id=d067fb013da9f71517e0a25d5db4ad6a&uuid=2839183f6094edb699585fe2252bc5c1&session=3...
Submission: On May 15 via manual from ES — Scanned from ES
Summary
This is the only time caixainfos.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Caixabank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2a00:1450:400... 2a00:1450:4001:809::2013 | 15169 (GOOGLE) (GOOGLE) | |
1 10 | 34.125.128.151 34.125.128.151 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
1 | 2a00:1450:400... 2a00:1450:400f:802::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2600:9000:205... 2600:9000:2057:fa00:1:cde5:7345:88c1 | 16509 (AMAZON-02) (AMAZON-02) | |
11 | 4 |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 151.128.125.34.bc.googleusercontent.com
caixainfos.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
caixainfos.com
1 redirects
caixainfos.com |
2 MB |
1 |
gfycat.com
thumbs.gfycat.com — Cisco Umbrella Rank: 15350 |
184 KB |
1 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 295 |
31 KB |
1 |
caixabamk.app
1 redirects
mailing.caixabamk.app |
127 B |
11 | 4 |
Domain | Requested by | |
---|---|---|
10 | caixainfos.com |
1 redirects
caixainfos.com
ajax.googleapis.com |
1 | thumbs.gfycat.com |
caixainfos.com
|
1 | ajax.googleapis.com |
caixainfos.com
|
1 | mailing.caixabamk.app | 1 redirects |
11 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
upload.video.google.com GTS CA 1C3 |
2022-04-25 - 2022-07-18 |
3 months | crt.sh |
gfycat.com Amazon |
2022-04-19 - 2023-05-17 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
http://caixainfos.com/pc/index.php?id=d067fb013da9f71517e0a25d5db4ad6a&uuid=2839183f6094edb699585fe2252bc5c1&session=3144d91a9c6828a1b562df37e0476671&zone=es
Frame ID: BFEE69DE59E1B20F400E807ABF791518
Requests: 14 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://mailing.caixabamk.app/
HTTP 307
https://mailing.caixabamk.app/ HTTP 302
http://caixainfos.com/ HTTP 302
http://caixainfos.com/pc/index.php?id=d067fb013da9f71517e0a25d5db4ad6a&uuid=2839183f6094edb699585f... Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://mailing.caixabamk.app/
HTTP 307
https://mailing.caixabamk.app/ HTTP 302
http://caixainfos.com/ HTTP 302
http://caixainfos.com/pc/index.php?id=d067fb013da9f71517e0a25d5db4ad6a&uuid=2839183f6094edb699585fe2252bc5c1&session=3144d91a9c6828a1b562df37e0476671&zone=es Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
index.php
caixainfos.com/pc/ Redirect Chain
|
13 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
NEO-R2016-Home.css
caixainfos.com/pc/caixfile/ |
181 KB 31 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ |
86 KB 31 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
menu.png
caixainfos.com/pc/caixfile/ |
249 B 532 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cross.png
caixainfos.com/pc/caixfile/ |
276 B 276 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
HeartyKeyBubblefish-size_restricted.gif
thumbs.gfycat.com/ |
184 KB 184 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
196 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/jpg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/jpg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
border.png
caixainfos.com/pc/caixfile/ |
38 KB 38 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
search.png
caixainfos.com/pc/css/icons/ |
276 B 276 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.png
caixainfos.com/pc/caixfile/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
page.png
caixainfos.com/pc/caixfile/ |
2 MB 2 MB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
api.php
caixainfos.com/fct/ |
180 B 418 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Caixabank (Banking)6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone function| $ function| jQuery function| submit_lgn0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
caixainfos.com
mailing.caixabamk.app
thumbs.gfycat.com
2600:9000:2057:fa00:1:cde5:7345:88c1
2a00:1450:4001:809::2013
2a00:1450:400f:802::200a
34.125.128.151
089cab32d085aefcd8b7024c900af72f89d7d5910e8ffd6162ffaafeed5d3418
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0dda6a09ba068d7e28b20d8c60125bf172fd981efbcf4d10e63811f482890ac7
31547e24da917a29e9d1ea4743ada14003260ddf5fabe0d7b1eaf602d48bcef0
4a69404fe30e6c15637c2af40bcb75ce396ee07590ee6a0f0f7dad86d9995935
511a2b30a3f6b60096dfd8cb81664acda99013d59a478fe485f327c06af40826
72002c48a378cc24c5819e6774dd0b50b87e3b1b7d14fc8324bc2f1ff8e2a0c5
89cc914893d1550b1d5eea7ae99898103b44e396971ae8faefc228c44da73ecd
a40e36058ba8718c6edffa8ac41d6bd94d5d6951cbc5163f3334b268a83ed5e3
dc63dd8b9343050e60e2e06a87dec9d79435569d01e57fd5b4e3bf9f6b405c5b
dd9acdaaecd877329a7e2678a5b2c3016669f4a60762d31d8b4d71fa51265014
eccd88b540ab2810f1f600bde09245883a44fd4c54867b6aa9f1baedf37386ae
f5af79cb876c53c78aa831871022da933379aabdd0a0eec43983c2f2d95a9219