bancosantander.es.swtest.ru Open in urlscan Pro
77.222.61.25  Malicious Activity! Public Scan

URL: http://bancosantander.es.swtest.ru/carrefour/
Submission: On September 23 via manual from ES — Scanned from DE

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 16 HTTP transactions. The main IP is 77.222.61.25, located in Russian Federation and belongs to SWEB-AS, RU. The main domain is bancosantander.es.swtest.ru.
This is the only time bancosantander.es.swtest.ru was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Carrefour (Financial)

Domain & IP information

IP Address AS Autonomous System
1 9 77.222.61.25 44112 (SWEB-AS)
3 45.60.78.12 19551 (INCAPSULA)
1 172.67.214.69 13335 (CLOUDFLAR...)
1 142.250.185.202 15169 (GOOGLE)
3 172.217.23.99 15169 (GOOGLE)
16 5
Domain Requested by
9 bancosantander.es.swtest.ru 1 redirects bancosantander.es.swtest.ru
3 fonts.gstatic.com fonts.googleapis.com
3 www.pass.carrefour.es bancosantander.es.swtest.ru
1 fonts.googleapis.com bancosantander.es.swtest.ru
1 use.fontawesome.com bancosantander.es.swtest.ru
16 5

This site contains no links.

Subject Issuer Validity Valid
www.pass.carrefour.es
DigiCert TLS RSA SHA256 2020 CA1
2021-04-29 -
2022-05-30
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-07-07 -
2022-07-06
a year crt.sh
upload.video.google.com
GTS CA 1O1
2021-08-30 -
2021-11-22
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2021-08-30 -
2021-11-22
3 months crt.sh

This page contains 1 frames:

Primary Page: http://bancosantander.es.swtest.ru/carrefour/
Frame ID: 504B89ED9E2F48857F9443CB4C2FD90E
Requests: 16 HTTP requests in this frame

Screenshot

Page Title

PASS Carrefour acceso a Zona Clientes

Page URL History Show full URLs

  1. http://bancosantander.es.swtest.ru/carrefour HTTP 301
    http://bancosantander.es.swtest.ru/carrefour/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

16
Requests

50 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

499 kB
Transfer

1322 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bancosantander.es.swtest.ru/carrefour HTTP 301
    http://bancosantander.es.swtest.ru/carrefour/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set /
bancosantander.es.swtest.ru/carrefour/
Redirect Chain
  • http://bancosantander.es.swtest.ru/carrefour
  • http://bancosantander.es.swtest.ru/carrefour/
9 KB
3 KB
Document
General
Full URL
http://bancosantander.es.swtest.ru/carrefour/
Protocol
HTTP/1.1
Server
77.222.61.25 , Russian Federation, ASN44112 (SWEB-AS, RU),
Reverse DNS
vh289.sweb.ru
Software
nginx/1.19.1 / PHP/7.4.16
Resource Hash
96e62d7e41ffe4e2ce558d596663b6c4a3c74cb27cc6a09787e514a965fa6e54

Request headers

Host
bancosantander.es.swtest.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
nginx/1.19.1
Date
Thu, 23 Sep 2021 21:27:47 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=10
Vary
Accept-Encoding
X-Powered-By
PHP/7.4.16
Set-Cookie
PHPSESSID=0f165af280ef77b5e42028eb5b8a562d; path=/
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Content-Encoding
gzip

Redirect headers

Server
nginx/1.19.1
Date
Thu, 23 Sep 2021 21:27:47 GMT
Content-Type
text/html; charset=iso-8859-1
Content-Length
371
Connection
keep-alive
Keep-Alive
timeout=10
Location
http://bancosantander.es.swtest.ru/carrefour/
bootstrap.min.css
bancosantander.es.swtest.ru/carrefour/assets/css/
138 KB
21 KB
Stylesheet
General
Full URL
http://bancosantander.es.swtest.ru/carrefour/assets/css/bootstrap.min.css
Requested by
Host: bancosantander.es.swtest.ru
URL: http://bancosantander.es.swtest.ru/carrefour/
Protocol
HTTP/1.1
Server
77.222.61.25 , Russian Federation, ASN44112 (SWEB-AS, RU),
Reverse DNS
vh289.sweb.ru
Software
nginx/1.19.1 /
Resource Hash
9ef4fbe459177af5f4e9647cbe584514fd36c7386af6a1712d03ae4b42e45b24

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
bancosantander.es.swtest.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://bancosantander.es.swtest.ru/carrefour/
Cookie
PHPSESSID=0f165af280ef77b5e42028eb5b8a562d
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://bancosantander.es.swtest.ru/carrefour/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 23 Sep 2021 21:27:48 GMT
Content-Encoding
gzip
Last-Modified
Thu, 23 Sep 2021 17:18:41 GMT
Server
nginx/1.19.1
ETag
W/"444830a-22688-5ccacd27a5ad2"
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=10
main.css
bancosantander.es.swtest.ru/carrefour/assets/css/
12 KB
3 KB
Stylesheet
General
Full URL
http://bancosantander.es.swtest.ru/carrefour/assets/css/main.css
Requested by
Host: bancosantander.es.swtest.ru
URL: http://bancosantander.es.swtest.ru/carrefour/
Protocol
HTTP/1.1
Server
77.222.61.25 , Russian Federation, ASN44112 (SWEB-AS, RU),
Reverse DNS
vh289.sweb.ru
Software
nginx/1.19.1 /
Resource Hash
7e3cf2b6d422846b58f17c4b219f5a3660c97ec6070b1898f7eb3cdda63ddbf9

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
bancosantander.es.swtest.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://bancosantander.es.swtest.ru/carrefour/
Cookie
PHPSESSID=0f165af280ef77b5e42028eb5b8a562d
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://bancosantander.es.swtest.ru/carrefour/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 23 Sep 2021 21:27:48 GMT
Content-Encoding
gzip
Last-Modified
Thu, 23 Sep 2021 17:18:41 GMT
Server
nginx/1.19.1
ETag
W/"444830b-31c9-5ccacd27a5ad2"
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=10
logo.svg
www.pass.carrefour.es/cs/Leonardo/img/Pub/
22 KB
8 KB
Image
General
Full URL
https://www.pass.carrefour.es/cs/Leonardo/img/Pub/logo.svg
Requested by
Host: bancosantander.es.swtest.ru
URL: http://bancosantander.es.swtest.ru/carrefour/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.78.12 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
4b90ce8b15a39d190983ce70034899df7bcd1e523042bc637326beb72ce098a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://bancosantander.es.swtest.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 23 Sep 2021 21:27:47 GMT
content-encoding
gzip
last-modified
Thu, 18 Jul 2019 06:50:20 GMT
x-cdn
Imperva
age
1
etag
"26096c-5878-58def05f20300"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/svg+xml
x-iinfo
13-9236723-9233408 2VNN RT(1632432467792 0) q(0 0 0 0) r(2 2)
cache-control
max-age=86400, public
content-length
7911
burguer.svg
www.pass.carrefour.es/cs/Leonardo/img/Pub/
865 B
960 B
Image
General
Full URL
https://www.pass.carrefour.es/cs/Leonardo/img/Pub/burguer.svg
Requested by
Host: bancosantander.es.swtest.ru
URL: http://bancosantander.es.swtest.ru/carrefour/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.78.12 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
c2a76ae6fb744e6076005aadefc77c20dbc036d6f2c72e7ad595df165ae9876c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://bancosantander.es.swtest.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 23 Sep 2021 21:27:47 GMT
content-encoding
gzip
last-modified
Thu, 18 Jul 2019 06:50:20 GMT
x-cdn
Imperva
age
1
etag
"26092e-361-58def05f20300"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/svg+xml
x-iinfo
13-9236724-9233539 2VNN RT(1632432467795 0) q(0 0 0 0) r(2 2)
cache-control
max-age=86400, public
content-length
467
user.svg
www.pass.carrefour.es/cs/Leonardo/img/Pub/
1 KB
953 B
Image
General
Full URL
https://www.pass.carrefour.es/cs/Leonardo/img/Pub/user.svg
Requested by
Host: bancosantander.es.swtest.ru
URL: http://bancosantander.es.swtest.ru/carrefour/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.78.12 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
a4737c844e565f1fb0950a93a1e2f323b5d264f5f10da60a1701cbd56821e6e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://bancosantander.es.swtest.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 23 Sep 2021 21:27:47 GMT
content-encoding
gzip
last-modified
Thu, 18 Jul 2019 06:50:20 GMT
x-cdn
Imperva
age
1
etag
"260955-4da-58def05f20300"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/svg+xml
x-iinfo
13-9236725-9236612 2VNN RT(1632432467797 0) q(0 0 0 0) r(2 2)
cache-control
max-age=86400, public
content-length
587
jquery-3.3.1.slim.min.js
bancosantander.es.swtest.ru/carrefour/assets/js/
68 KB
24 KB
Script
General
Full URL
http://bancosantander.es.swtest.ru/carrefour/assets/js/jquery-3.3.1.slim.min.js
Requested by
Host: bancosantander.es.swtest.ru
URL: http://bancosantander.es.swtest.ru/carrefour/
Protocol
HTTP/1.1
Server
77.222.61.25 , Russian Federation, ASN44112 (SWEB-AS, RU),
Reverse DNS
vh289.sweb.ru
Software
nginx/1.19.1 /
Resource Hash
90b1062e67696dc253d20e324ed0dd5f953b39c069cf82e8c6fc14eb9f2f62d6

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
bancosantander.es.swtest.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Referer
http://bancosantander.es.swtest.ru/carrefour/
Cookie
PHPSESSID=0f165af280ef77b5e42028eb5b8a562d
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://bancosantander.es.swtest.ru/carrefour/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 23 Sep 2021 21:27:48 GMT
Content-Encoding
gzip
Last-Modified
Thu, 23 Sep 2021 17:18:41 GMT
Server
nginx/1.19.1
ETag
W/"444830d-1111d-5ccacd27a5eba"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=10
popper.min.js
bancosantander.es.swtest.ru/carrefour/assets/js/
20 KB
7 KB
Script
General
Full URL
http://bancosantander.es.swtest.ru/carrefour/assets/js/popper.min.js
Requested by
Host: bancosantander.es.swtest.ru
URL: http://bancosantander.es.swtest.ru/carrefour/
Protocol
HTTP/1.1
Server
77.222.61.25 , Russian Federation, ASN44112 (SWEB-AS, RU),
Reverse DNS
vh289.sweb.ru
Software
nginx/1.19.1 /
Resource Hash
315ac5479007d2e864a4b51f505fd0785ebbbe931a6b511467fa49504a082c58

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
bancosantander.es.swtest.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Referer
http://bancosantander.es.swtest.ru/carrefour/
Cookie
PHPSESSID=0f165af280ef77b5e42028eb5b8a562d
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://bancosantander.es.swtest.ru/carrefour/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 23 Sep 2021 21:27:48 GMT
Content-Encoding
gzip
Last-Modified
Thu, 23 Sep 2021 17:18:41 GMT
Server
nginx/1.19.1
ETag
W/"4448310-4f74-5ccacd27a5eba"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=10
bootstrap.min.js
bancosantander.es.swtest.ru/carrefour/assets/js/
50 KB
14 KB
Script
General
Full URL
http://bancosantander.es.swtest.ru/carrefour/assets/js/bootstrap.min.js
Requested by
Host: bancosantander.es.swtest.ru
URL: http://bancosantander.es.swtest.ru/carrefour/
Protocol
HTTP/1.1
Server
77.222.61.25 , Russian Federation, ASN44112 (SWEB-AS, RU),
Reverse DNS
vh289.sweb.ru
Software
nginx/1.19.1 /
Resource Hash
5d7bfe9d27b26cf974c827eebc4323047f00e6b52b953d2be6d1e19a19230d10

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
bancosantander.es.swtest.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Referer
http://bancosantander.es.swtest.ru/carrefour/
Cookie
PHPSESSID=0f165af280ef77b5e42028eb5b8a562d
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://bancosantander.es.swtest.ru/carrefour/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 23 Sep 2021 21:27:48 GMT
Content-Encoding
gzip
Last-Modified
Thu, 23 Sep 2021 17:18:41 GMT
Server
nginx/1.19.1
ETag
W/"444830f-c8c4-5ccacd27a5eba"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=10
all.js
use.fontawesome.com/releases/v5.1.0/js/
893 KB
316 KB
Script
General
Full URL
https://use.fontawesome.com/releases/v5.1.0/js/all.js
Requested by
Host: bancosantander.es.swtest.ru
URL: http://bancosantander.es.swtest.ru/carrefour/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.214.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
566d12cf66ff3d64ed100bdf634ce4b2de1dfa8ce38006f1b50912594865c1ae

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://bancosantander.es.swtest.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 23 Sep 2021 21:27:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6830356
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
185ND532256X0FJP
x-amz-id-2
VcVCUktZbdiu+epLVGXOE8EOOdZiJ1JeEW3D79R0eKfVrIX2jVr+qSTWK7dDRfqJqO/xR9BV8EU=
last-modified
Wed, 30 Jun 2021 15:30:32 GMT
server
cloudflare
etag
W/"004993df80280fa6c4af6ca17c4e5433"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YuK9L%2BnUkotPW10d9B62ehUd1V9Ou5C66%2Bym1u5VA%2BRvvygu7QL%2Fc57CsxgZLombwiM2EXlEwtkb6fQYaP0GoUSt%2BixFYfkzJKR9jjt8GGsaNUJ1BAEZ%2B38gOlIFlSMP0%2F5WzxXx"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31556926
cf-ray
6936dbed1e77413e-PRG
main.js
bancosantander.es.swtest.ru/carrefour/assets/js/
1015 B
606 B
Script
General
Full URL
http://bancosantander.es.swtest.ru/carrefour/assets/js/main.js
Requested by
Host: bancosantander.es.swtest.ru
URL: http://bancosantander.es.swtest.ru/carrefour/
Protocol
HTTP/1.1
Server
77.222.61.25 , Russian Federation, ASN44112 (SWEB-AS, RU),
Reverse DNS
vh289.sweb.ru
Software
nginx/1.19.1 /
Resource Hash
faf1ab86f93612b18d79987ed53985b63eeb124fcb004ab8471c13b1e937c7d5

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
bancosantander.es.swtest.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Referer
http://bancosantander.es.swtest.ru/carrefour/
Cookie
PHPSESSID=0f165af280ef77b5e42028eb5b8a562d
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://bancosantander.es.swtest.ru/carrefour/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 23 Sep 2021 21:27:48 GMT
Content-Encoding
gzip
Last-Modified
Thu, 23 Sep 2021 17:18:41 GMT
Server
nginx/1.19.1
ETag
W/"444830e-3f7-5ccacd27a5eba"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=10
css
fonts.googleapis.com/
9 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700
Requested by
Host: bancosantander.es.swtest.ru
URL: http://bancosantander.es.swtest.ru/carrefour/assets/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f10.1e100.net
Software
ESF /
Resource Hash
b0c6270c06376a439c78b771536429905666d4899fea1561e7d9a4b1d8a2eca2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://bancosantander.es.swtest.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 23 Sep 2021 19:59:23 GMT
server
ESF
date
Thu, 23 Sep 2021 21:27:48 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Sep 2021 21:27:48 GMT
footer.jpg
bancosantander.es.swtest.ru/carrefour/assets/images/
51 KB
52 KB
Image
General
Full URL
http://bancosantander.es.swtest.ru/carrefour/assets/images/footer.jpg
Requested by
Host: bancosantander.es.swtest.ru
URL: http://bancosantander.es.swtest.ru/carrefour/assets/css/main.css
Protocol
HTTP/1.1
Server
77.222.61.25 , Russian Federation, ASN44112 (SWEB-AS, RU),
Reverse DNS
vh289.sweb.ru
Software
nginx/1.19.1 /
Resource Hash
7b4ed3622afb78e2db2994c4ab464511d72479ca15f5bd787633c4251bc8ceac

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
bancosantander.es.swtest.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://bancosantander.es.swtest.ru/carrefour/assets/css/main.css
Cookie
PHPSESSID=0f165af280ef77b5e42028eb5b8a562d
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://bancosantander.es.swtest.ru/carrefour/assets/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 23 Sep 2021 21:27:48 GMT
Last-Modified
Thu, 23 Sep 2021 17:18:41 GMT
Server
nginx/1.19.1
ETag
"444830c-cd00-5ccacd27a5eba"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=10
Content-Length
52480
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v14/
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f3.1e100.net
Software
sffe /
Resource Hash
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://bancosantander.es.swtest.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 17:41:06 GMT
x-content-type-options
nosniff
age
100002
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16112
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:10:09 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Sep 2022 17:41:06 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v14/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f3.1e100.net
Software
sffe /
Resource Hash
24f7e397faec79e62c37ff2f00b170f6dc1557fb46ac169f9f1897a9d641dd03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://bancosantander.es.swtest.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 03:52:06 GMT
x-content-type-options
nosniff
age
236142
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15764
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:10:17 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 21 Sep 2022 03:52:06 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v14/
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f3.1e100.net
Software
sffe /
Resource Hash
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://bancosantander.es.swtest.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 04:26:59 GMT
x-content-type-options
nosniff
age
320449
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15948
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:10:32 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 20 Sep 2022 04:26:59 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Carrefour (Financial)

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster function| $ function| jQuery function| Popper object| bootstrap object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome

3 Cookies

Domain/Path Name / Value
bancosantander.es.swtest.ru/ Name: PHPSESSID
Value: 0f165af280ef77b5e42028eb5b8a562d
.pass.carrefour.es/ Name: visid_incap_1139608
Value: UuaZdGFDRpOv7uYWm74QP1PxTGEAAAAAQUIPAAAAAAD1nuEX5vh6GZ7nDryOKcyK
.pass.carrefour.es/ Name: incap_ses_7228_1139608
Value: 98bpB/ECigB1My+K7gNPZFPxTGEAAAAANO+ze2nxajQlYgz8xy1RGQ==