gestionatalleres.com Open in urlscan Pro
146.255.101.37 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://gestionatalleres.com/wpcontent/themes/generatepress/css/soporte-directo/home/Tarjeta.html
Submission: On March 17 via automatic, source openphish (March 17th 2022, 1:08:39 am UTC) — Scanned from ES

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 10 HTTP transactions. The main IP is 146.255.101.37, located in Spain and belongs to ASGIGAS, ES. The main domain is gestionatalleres.com.

This is the only time gestionatalleres.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Caixabank (Banking)

Domain & IP information

	IP Address		AS Autonomous System
10	146.255.101.37 146.255.101.37		57286 (ASGIGAS) (ASGIGAS)
10	1

10 146.255.101.37 (Spain)

ASN57286 (ASGIGAS, ES)
PTR: cabellobasico.com

gestionatalleres.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	gestionatalleres.com gestionatalleres.com	581 KB
10	1

	Domain	Requested by
10	gestionatalleres.com	gestionatalleres.com
10	1

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://gestionatalleres.com/wpcontent/themes/generatepress/css/soporte-directo/home/Tarjeta.html
Frame ID: BC4A2464C31EC22FDF58ABE52633A296
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

CaiхaBank | banca digital CaiхaBankNow

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui[.-]([\d.]*\d)[^/]*\.js
jquery-ui.*\.js

Page Statistics

10
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

581 kB
Transfer

578 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Tarjeta.html Show response gestionatalleres.com/wpcontent/themes/generatepress/css/soporte-directo/home/	17 KB 17 KB	66ms 33ms	Document text/html	146.255.101.37 ASGIGAS
General Check archive.org Show headers Download Go to Full URL http://gestionatalleres.com/wpcontent/themes/generatepress/css/soporte-directo/home/Tarjeta.html Protocol HTTP/1.1 Server 146.255.101.37 , Spain, ASN57286 (ASGIGAS, ES), Reverse DNS cabellobasico.com Software nginx / PleskLin Resource Hash `9cdc3c7f87b53177cd8cfb5409cd74b9a747d5c5654914181050631888bee5fe` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language es-ES,es;q=0.9 Response headers Server nginx Date Thu, 17 Mar 2022 01:08:34 GMT Content-Type text/html Content-Length 17517 Last-Modified Mon, 14 Mar 2022 10:48:27 GMT Connection keep-alive ETag "622f1d7b-446d" X-Powered-By PleskLin Accept-Ranges bytes
GET H/1.1	200 OK	estilos-login.css gestionatalleres.com/wpcontent/themes/generatepress/css/soporte-directo/home/css/	11 KB 12 KB	47ms 33ms	Stylesheet text/css	146.255.101.37 ASGIGAS
General Check archive.org Show headers Download Go to Full URL http://gestionatalleres.com/wpcontent/themes/generatepress/css/soporte-directo/home/css/estilos-login.css Requested by Host: gestionatalleres.com URL: http://gestionatalleres.com/wpcontent/themes/generatepress/css/soporte-directo/home/Tarjeta.html Protocol HTTP/1.1 Server 146.255.101.37 , Spain, ASN57286 (ASGIGAS, ES), Reverse DNS cabellobasico.com Software nginx / PleskLin Resource Hash `eec865152fd586668f4c90b2a24368d8c377f7471225e7d41c6f10992d4f1a99` Request headers Accept-Language es-ES,es;q=0.9 Referer http://gestionatalleres.com/wpcontent/themes/generatepress/css/soporte-directo/home/Tarjeta.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Thu, 17 Mar 2022 01:08:34 GMT Last-Modified Mon, 14 Mar 2022 10:48:27 GMT Server nginx X-Powered-By PleskLin ETag "622f1d7b-2dc2" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 11714
GET H/1.1	200 OK	jquery-ui-1.10.4.custom.css gestionatalleres.com/wpcontent/themes/generatepress/css/soporte-directo/home/css/lolopo/	34 KB 34 KB	64ms 32ms	Stylesheet text/css	146.255.101.37 ASGIGAS
General Check archive.org Show headers Download Go to Full URL http://gestionatalleres.com/wpcontent/themes/generatepress/css/soporte-directo/home/css/lolopo/jquery-ui-1.10.4.custom.css Requested by Host: gestionatalleres.com URL: http://gestionatalleres.com/wpcontent/themes/generatepress/css/soporte-directo/home/Tarjeta.html Protocol HTTP/1.1 Server 146.255.101.37 , Spain, ASN57286 (ASGIGAS, ES), Reverse DNS cabellobasico.com Software nginx / PleskLin Resource Hash `a866337babaa443c561a33460ae202c00624ae3a35b643fdafc02125b99f6f5d` Request headers Accept-Language es-ES,es;q=0.9 Referer http://gestionatalleres.com/wpcontent/themes/generatepress/css/soporte-directo/home/Tarjeta.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Thu, 17 Mar 2022 01:08:34 GMT Last-Modified Mon, 14 Mar 2022 10:48:27 GMT Server nginx X-Powered-By PleskLin ETag "622f1d7b-8639" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 34361
GET H/1.1	200 OK	jquery-1.8.3.min.js Show response gestionatalleres.com/wpcontent/themes/generatepress/css/soporte-directo/home/js/arq/jQuery/	91 KB 92 KB	65ms 33ms	Script application/javascript	146.255.101.37 ASGIGAS
General Check archive.org Show headers Download Go to Full URL http://gestionatalleres.com/wpcontent/themes/generatepress/css/soporte-directo/home/js/arq/jQuery/jquery-1.8.3.min.js Requested by Host: gestionatalleres.com URL: http://gestionatalleres.com/wpcontent/themes/generatepress/css/soporte-directo/home/Tarjeta.html Protocol HTTP/1.1 Server 146.255.101.37 , Spain, ASN57286 (ASGIGAS, ES), Reverse DNS cabellobasico.com Software nginx / PleskLin Resource Hash `42dd197f5d15d2a06539ab87fb97e1d3e1c40583deee00b6899a68981f0e33fa` Request headers Accept-Language es-ES,es;q=0.9 Referer http://gestionatalleres.com/wpcontent/themes/generatepress/css/soporte-directo/home/Tarjeta.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Thu, 17 Mar 2022 01:08:34 GMT Last-Modified Mon, 14 Mar 2022 10:48:27 GMT Server nginx X-Powered-By PleskLin ETag "622f1d7b-16dc5" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 93637
GET H/1.1	200 OK	jquery-ui-1.9.2.custom.min.js Show response gestionatalleres.com/wpcontent/themes/generatepress/css/soporte-directo/home/js/arq/jQueryUI/	232 KB 232 KB	65ms 33ms	Script application/javascript	146.255.101.37 ASGIGAS
General Check archive.org Show headers Download Go to Full URL http://gestionatalleres.com/wpcontent/themes/generatepress/css/soporte-directo/home/js/arq/jQueryUI/jquery-ui-1.9.2.custom.min.js Requested by Host: gestionatalleres.com URL: http://gestionatalleres.com/wpcontent/themes/generatepress/css/soporte-directo/home/Tarjeta.html Protocol HTTP/1.1 Server 146.255.101.37 , Spain, ASN57286 (ASGIGAS, ES), Reverse DNS cabellobasico.com Software nginx / PleskLin Resource Hash `daf728aaefa7a524a97280481b2996b310d185ddac37a8cc26ba4cb9e79aef66` Request headers Accept-Language es-ES,es;q=0.9 Referer http://gestionatalleres.com/wpcontent/themes/generatepress/css/soporte-directo/home/Tarjeta.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Thu, 17 Mar 2022 01:08:34 GMT Last-Modified Mon, 14 Mar 2022 10:48:27 GMT Server nginx X-Powered-By PleskLin ETag "622f1d7b-3a0e6" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 237798
GET H/1.1	200 OK	candado.png gestionatalleres.com/wpcontent/themes/generatepress/css/soporte-directo/imatge/lolopo/	2 KB 2 KB	34ms 34ms	Image image/png	146.255.101.37 ASGIGAS
General Check archive.org Show headers Download Go to Show image Full URL http://gestionatalleres.com/wpcontent/themes/generatepress/css/soporte-directo/imatge/lolopo/candado.png Requested by Host: gestionatalleres.com URL: http://gestionatalleres.com/wpcontent/themes/generatepress/css/soporte-directo/home/Tarjeta.html Protocol HTTP/1.1 Server 146.255.101.37 , Spain, ASN57286 (ASGIGAS, ES), Reverse DNS cabellobasico.com Software nginx / PleskLin Resource Hash `9723a6d5f5ea669e43fd75e6af8770704573ebc065e148c13c78c334654f9007` Request headers Accept-Language es-ES,es;q=0.9 Referer http://gestionatalleres.com/wpcontent/themes/generatepress/css/soporte-directo/home/Tarjeta.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Thu, 17 Mar 2022 01:08:34 GMT Last-Modified Mon, 14 Mar 2022 10:48:27 GMT Server nginx X-Powered-By PleskLin ETag "622f1d7b-6a2" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 1698
GET H/1.1	200 OK	ico_world_login.png gestionatalleres.com/wpcontent/themes/generatepress/css/soporte-directo/home/c-images/css-images/	577 B 860 B	34ms 33ms	Image image/png	146.255.101.37 ASGIGAS
General Check archive.org Show headers Download Go to Show image Full URL http://gestionatalleres.com/wpcontent/themes/generatepress/css/soporte-directo/home/c-images/css-images/ico_world_login.png Requested by Host: gestionatalleres.com URL: http://gestionatalleres.com/wpcontent/themes/generatepress/css/soporte-directo/home/css/estilos-login.css Protocol HTTP/1.1 Server 146.255.101.37 , Spain, ASN57286 (ASGIGAS, ES), Reverse DNS cabellobasico.com Software nginx / PleskLin Resource Hash `5ac009489ecf0eb04acecc023afe768a7d42e3f90eba65f46353dd2d8d2f6698` Request headers Accept-Language es-ES,es;q=0.9 Referer http://gestionatalleres.com/wpcontent/themes/generatepress/css/soporte-directo/home/css/estilos-login.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Thu, 17 Mar 2022 01:08:34 GMT ETag "241-5da2b6b86d280" Last-Modified Mon, 14 Mar 2022 10:48:26 GMT Server nginx X-Powered-By PleskLin Content-Type image/png X-Accel-Version 0.01 Connection keep-alive Accept-Ranges bytes Content-Length 577
GET H/1.1	200 OK	ico_down_login.png gestionatalleres.com/wpcontent/themes/generatepress/css/soporte-directo/home/c-images/css-images/	158 B 440 B	34ms 34ms	Image image/png	146.255.101.37 ASGIGAS
General Check archive.org Show headers Download Go to Show image Full URL http://gestionatalleres.com/wpcontent/themes/generatepress/css/soporte-directo/home/c-images/css-images/ico_down_login.png Requested by Host: gestionatalleres.com URL: http://gestionatalleres.com/wpcontent/themes/generatepress/css/soporte-directo/home/css/estilos-login.css Protocol HTTP/1.1 Server 146.255.101.37 , Spain, ASN57286 (ASGIGAS, ES), Reverse DNS cabellobasico.com Software nginx / PleskLin Resource Hash `0ca642d9873edab8dd38a9758117aadbb67ead25784d39cb4999df2f6079eebc` Request headers Accept-Language es-ES,es;q=0.9 Referer http://gestionatalleres.com/wpcontent/themes/generatepress/css/soporte-directo/home/css/estilos-login.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Thu, 17 Mar 2022 01:08:34 GMT ETag "9e-5da2b6b86d280" Last-Modified Mon, 14 Mar 2022 10:48:26 GMT Server nginx X-Powered-By PleskLin Content-Type image/png X-Accel-Version 0.01 Connection keep-alive Accept-Ranges bytes Content-Length 158
GET H/1.1	200 OK	OpenSans-Semibold-webfont.woff gestionatalleres.com/wpcontent/themes/generatepress/css/soporte-directo/home/fonts/	96 KB 96 KB	34ms 33ms	Font application/font-woff	146.255.101.37 ASGIGAS
General Check archive.org Show headers Download Go to Full URL http://gestionatalleres.com/wpcontent/themes/generatepress/css/soporte-directo/home/fonts/OpenSans-Semibold-webfont.woff Requested by Host: gestionatalleres.com URL: http://gestionatalleres.com/wpcontent/themes/generatepress/css/soporte-directo/home/css/estilos-login.css Protocol HTTP/1.1 Server 146.255.101.37 , Spain, ASN57286 (ASGIGAS, ES), Reverse DNS cabellobasico.com Software nginx / PleskLin Resource Hash `ab823b2f6201651b4f8d0fc7afa16f0808ff92a96bd5a73273239151bf0e10d0` Request headers Referer http://gestionatalleres.com/wpcontent/themes/generatepress/css/soporte-directo/home/css/estilos-login.css Origin http://gestionatalleres.com Accept-Language es-ES,es;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Thu, 17 Mar 2022 01:08:34 GMT Last-Modified Mon, 14 Mar 2022 10:48:27 GMT Server nginx X-Powered-By PleskLin ETag "622f1d7b-180a0" Content-Type application/font-woff Connection keep-alive Accept-Ranges bytes Content-Length 98464
GET H/1.1	200 OK	OpenSans-Regular-webfont.woff gestionatalleres.com/wpcontent/themes/generatepress/css/soporte-directo/home/fonts/	94 KB 94 KB	33ms 33ms	Font application/font-woff	146.255.101.37 ASGIGAS
General Check archive.org Show headers Download Go to Full URL http://gestionatalleres.com/wpcontent/themes/generatepress/css/soporte-directo/home/fonts/OpenSans-Regular-webfont.woff Requested by Host: gestionatalleres.com URL: http://gestionatalleres.com/wpcontent/themes/generatepress/css/soporte-directo/home/css/estilos-login.css Protocol HTTP/1.1 Server 146.255.101.37 , Spain, ASN57286 (ASGIGAS, ES), Reverse DNS cabellobasico.com Software nginx / PleskLin Resource Hash `3c669add48bf3a45fa266a020fcaac2e6da0fc72d1dd95ba78ac9b77e0afba32` Request headers Referer http://gestionatalleres.com/wpcontent/themes/generatepress/css/soporte-directo/home/css/estilos-login.css Origin http://gestionatalleres.com Accept-Language es-ES,es;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Thu, 17 Mar 2022 01:08:34 GMT Last-Modified Mon, 14 Mar 2022 10:48:27 GMT Server nginx X-Powered-By PleskLin ETag "622f1d7b-17774" Content-Type application/font-woff Connection keep-alive Accept-Ranges bytes Content-Length 96116

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Caixabank (Banking)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

gestionatalleres.com
146.255.101.37
0ca642d9873edab8dd38a9758117aadbb67ead25784d39cb4999df2f6079eebc
3c669add48bf3a45fa266a020fcaac2e6da0fc72d1dd95ba78ac9b77e0afba32
42dd197f5d15d2a06539ab87fb97e1d3e1c40583deee00b6899a68981f0e33fa
5ac009489ecf0eb04acecc023afe768a7d42e3f90eba65f46353dd2d8d2f6698
9723a6d5f5ea669e43fd75e6af8770704573ebc065e148c13c78c334654f9007
9cdc3c7f87b53177cd8cfb5409cd74b9a747d5c5654914181050631888bee5fe
a866337babaa443c561a33460ae202c00624ae3a35b643fdafc02125b99f6f5d
ab823b2f6201651b4f8d0fc7afa16f0808ff92a96bd5a73273239151bf0e10d0
daf728aaefa7a524a97280481b2996b310d185ddac37a8cc26ba4cb9e79aef66
eec865152fd586668f4c90b2a24368d8c377f7471225e7d41c6f10992d4f1a99

gestionatalleres.com Open in urlscan Pro 146.255.101.37 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

10 Requests

0 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

581 kBTransfer

578 kBSize

0 Cookies

0 Outgoing links

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

8 JavaScript Global Variables

0 Cookies

Indicators

gestionatalleres.com Open in urlscan Pro
146.255.101.37 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

581 kB
Transfer

578 kB
Size

0
Cookies

10 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!