bungalowsmexico.com.ar
Open in
urlscan Pro
2800:6c0:2::150
Malicious Activity!
Public Scan
Submission Tags: @phish_report
Submission: On October 26 via api from FI — Scanned from FI
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on August 16th 2023. Valid for: a year.
This is the only time bungalowsmexico.com.ar was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Unicredit (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
20 | 2800:6c0:2::150 2800:6c0:2::150 | 27823 (Dattatec.com) (Dattatec.com) | |
1 | 2606:4700::68... 2606:4700::6810:5514 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
21 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
20 |
bungalowsmexico.com.ar
bungalowsmexico.com.ar |
762 KB |
1 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 558 |
25 KB |
21 | 2 |
Domain | Requested by | |
---|---|---|
20 | bungalowsmexico.com.ar |
bungalowsmexico.com.ar
|
1 | cdn.jsdelivr.net |
bungalowsmexico.com.ar
|
21 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
bungalowsmexico.com.ar Sectigo RSA Domain Validation Secure Server CA |
2023-08-16 - 2024-08-15 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-05-02 - 2024-05-01 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://bungalowsmexico.com.ar/carousel/UNIVDFGHJKSS/FGHJKLKLLLL/auth/?unlock=code&appIdKey=ad4d49c18fe27ccc5ffc921470f42e562bbe30c3&country=CZ
Frame ID: 9613E621D931FC5E208DA64FF83855C2
Requests: 9 HTTP requests in this frame
Frame:
https://bungalowsmexico.com.ar/carousel/UNIVDFGHJKSS/FGHJKLKLLLL/auth/frame.php
Frame ID: 3223B09E49735535A072ADBE9BB78A30
Requests: 12 HTTP requests in this frame
Screenshot
Page Title
My UniCredit BankingDetected technologies
Adobe Experience Manager (CMS) ExpandDetected patterns
- /etc/designs/
AngularJS (JavaScript Frameworks) Expand
Detected patterns
- \bangular.{0,32}\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jsDelivr (CDN) Expand
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
21 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
bungalowsmexico.com.ar/carousel/UNIVDFGHJKSS/FGHJKLKLLLL/auth/ |
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cwblogincore.css
bungalowsmexico.com.ar/carousel/UNIVDFGHJKSS/FGHJKLKLLLL/auth/css/ |
697 KB 144 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
angular.min.js
bungalowsmexico.com.ar/carousel/UNIVDFGHJKSS/FGHJKLKLLLL/auth/css/js/ |
163 KB 58 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
bungalowsmexico.com.ar/carousel/UNIVDFGHJKSS/FGHJKLKLLLL/auth/css/js/ |
86 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.mask.js
bungalowsmexico.com.ar/carousel/UNIVDFGHJKSS/FGHJKLKLLLL/auth/css/js/ |
18 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.js
bungalowsmexico.com.ar/carousel/UNIVDFGHJKSS/FGHJKLKLLLL/auth/css/js/ |
2 KB 928 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo_uc.png
bungalowsmexico.com.ar/carousel/UNIVDFGHJKSS/FGHJKLKLLLL/auth/css/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
frame.php
bungalowsmexico.com.ar/carousel/UNIVDFGHJKSS/FGHJKLKLLLL/auth/ Frame 3223 |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
PTS55F-webfont.woff
bungalowsmexico.com.ar/cms/!root!/etc/designs/cee2020-ib-core/static/fonts/NewPTSans/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/ Frame 3223 |
152 KB 25 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ib_login.1586279958151.min.css
bungalowsmexico.com.ar/carousel/UNIVDFGHJKSS/FGHJKLKLLLL/auth/css/ Frame 3223 |
5 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main-critical.1615914578326.min.css
bungalowsmexico.com.ar/carousel/UNIVDFGHJKSS/FGHJKLKLLLL/auth/css/ Frame 3223 |
55 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main-noncritical.1663088573720.min.css
bungalowsmexico.com.ar/carousel/UNIVDFGHJKSS/FGHJKLKLLLL/auth/css/ Frame 3223 |
63 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fonts.1634055477527.min.css
bungalowsmexico.com.ar/carousel/UNIVDFGHJKSS/FGHJKLKLLLL/auth/css/ Frame 3223 |
75 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cwblogincore.css
bungalowsmexico.com.ar/carousel/UNIVDFGHJKSS/FGHJKLKLLLL/auth/css/ Frame 3223 |
697 KB 144 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
angular.min.js
bungalowsmexico.com.ar/carousel/UNIVDFGHJKSS/FGHJKLKLLLL/auth/css/js/ Frame 3223 |
163 KB 58 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
bungalowsmexico.com.ar/carousel/UNIVDFGHJKSS/FGHJKLKLLLL/auth/css/js/ Frame 3223 |
86 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.mask.js
bungalowsmexico.com.ar/carousel/UNIVDFGHJKSS/FGHJKLKLLLL/auth/css/js/ Frame 3223 |
18 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.js
bungalowsmexico.com.ar/carousel/UNIVDFGHJKSS/FGHJKLKLLLL/auth/css/js/ Frame 3223 |
2 KB 888 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
PTS55F-webfont.ttf
bungalowsmexico.com.ar/cms/!root!/etc/designs/cee2020-ib-core/static/fonts/NewPTSans/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Banner_460x410px.png
bungalowsmexico.com.ar/carousel/UNIVDFGHJKSS/FGHJKLKLLLL/auth/css/ Frame 3223 |
243 KB 245 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Unicredit (Banking)6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| documentPictureInPicture object| angular function| $ function| jQuery function| preventBack1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
bungalowsmexico.com.ar/ | Name: PHPSESSID Value: fce36037d3c88d6017b65bdff6a27795 |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bungalowsmexico.com.ar
cdn.jsdelivr.net
2606:4700::6810:5514
2800:6c0:2::150
20781bfaa215ebcc88d7a5063fc3341aed927a55b3b3618ed05529b0366f34bb
2972ec1ebced3ccf2a7087fd38a5b670ce65dca39ad4f7befb90d007911282e8
2b381363dda049f2d49a59037b228bc865d51ffb977c8f5c3547d5c28de48e3a
3741c98aef345ac860d50683a87eb52ccb7d9b60faf2fa6c5ff822f657d5f644
5251db7e1b764ebf71f7fdf1480895809b2dd4cba5322a31fe6a8470491c6f2f
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
807e575b3390b8e07a59b8fbd6140eb2909929d461e8ab5a5510c78375ff6ef3
87b59bce8df8c8fbc3221d7928c5fef41c0eb71b312b992b0ff6daaa1b1a1a2f
8c50aa8567731858e81bcfd2027718d9a7c8fd7bf54cf496499adbf5da5741b9
a2c480dec10eb28ea8ff560764c99fd659d5c728de3aebd2e97b540bdc61df21
cf1f0d954cbbbcb32d170b1ff68c5b082a1086f34f2bbee825ca88b7c9fb213a
da8e7fad547bd8f30ee57da9f8ecd719518f2a9f2128ea5751c14207e6bdb28a
dd5f4571ef790fd8eda24080318c3a90af12e7981bd1b703708f34534162e194
f050012b033cb391112b37757113c73ff09884815ff73ce45592ee309ce87b3f