kalash.es Open in urlscan Pro
185.101.224.41 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://kalash.es/bcb
Effective URL:
https://kalash.es/bcb/
Submission: On September 05 via api (September 5th 2024, 2:21:36 pm UTC) from US — Scanned from ES

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 13 HTTP transactions. The main IP is 185.101.224.41, located in Spain and belongs to AXARNET-AS, ES. The main domain is kalash.es.
TLS certificate: Issued by R11 on August 11th 2024. Valid for: 3 months.

This is the only time kalash.es was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Bancolombia (Banking)

Domain & IP information

	IP Address		AS Autonomous System
1 14	185.101.224.41 185.101.224.41		50926 (AXARNET-AS) (AXARNET-AS)
13	1

14 185.101.224.41 (Spain) 1 redirects

ASN50926 (AXARNET-AS, ES)
PTR: mail.ehost4041.hostinet.com

kalash.es	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	kalash.es 1 redirects kalash.es	313 KB
13	1

	Domain	Requested by
14	kalash.es	1 redirects kalash.es
13	1

This site contains no links.

Subject Issuer	Validity	Valid
kalash.es R11	`2024-08-11` - `2024-11-09`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://kalash.es/bcb/
Frame ID: 9376853162B74F8FBE7AB0CECF212189
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Beneficios Bancolombia

Page URL History Show full URLs

http://kalash.es/bcb HTTP 307
https://kalash.es/bcb HTTP 301
https://kalash.es/bcb/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Page Statistics

13
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

312 kB
Transfer

312 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://kalash.es/bcb HTTP 307
https://kalash.es/bcb HTTP 301
https://kalash.es/bcb/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response kalash.es/bcb/ Redirect Chain http://kalash.es/bcb https://kalash.es/bcb https://kalash.es/bcb/	12 KB 12 KB	382ms 317ms	Document text/html	185.101.224.41 AXARNET-AS
General Check archive.org Show headers Download Go to Full URL https://kalash.es/bcb/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.101.224.41 , Spain, ASN50926 (AXARNET-AS, ES), Reverse DNS mail.ehost4041.hostinet.com Software Apache / Resource Hash `b0283bfdb60f674df3618095fd31d00d8de716c8f558607d77815dbb4e9b0f24` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers accept-ranges bytes content-length 11967 content-type text/html date Thu, 05 Sep 2024 14:21:27 GMT last-modified Mon, 02 Sep 2024 23:25:36 GMT server Apache Redirect headers content-length 230 content-type text/html; charset=iso-8859-1 date Thu, 05 Sep 2024 14:21:27 GMT location https://kalash.es/bcb/ server Apache
GET H2	200	style.css kalash.es/bcb/archivos/	104 KB 104 KB	1219ms 1051ms	Stylesheet text/css	185.101.224.41 AXARNET-AS
General Check archive.org Show headers Download Go to Full URL https://kalash.es/bcb/archivos/style.css Requested by Host: kalash.es URL: https://kalash.es/bcb/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.101.224.41 , Spain, ASN50926 (AXARNET-AS, ES), Reverse DNS mail.ehost4041.hostinet.com Software Apache / Resource Hash `e841c0eff016968a22da08306e2ae72a57b548031f998311611554de2e631f77` Request headers Referer https://kalash.es/bcb/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Thu, 05 Sep 2024 14:21:28 GMT last-modified Sun, 01 Sep 2024 14:40:54 GMT server Apache accept-ranges bytes content-length 106499 content-type text/css
GET H2	200	bootstrap.css kalash.es/bcb/archivos/	118 KB 118 KB	464ms 297ms	Stylesheet text/css	185.101.224.41 AXARNET-AS
General Check archive.org Show headers Download Go to Full URL https://kalash.es/bcb/archivos/bootstrap.css Requested by Host: kalash.es URL: https://kalash.es/bcb/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.101.224.41 , Spain, ASN50926 (AXARNET-AS, ES), Reverse DNS mail.ehost4041.hostinet.com Software Apache / Resource Hash `868fd2c8f776bde92f44e3b9ae9df8dec0c8ae5e67b2730b7432401a06547963` Request headers Referer https://kalash.es/bcb/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Thu, 05 Sep 2024 14:21:28 GMT last-modified Thu, 09 May 2024 12:33:00 GMT server Apache accept-ranges bytes content-length 121144 content-type text/css
GET H2	200	ui.css kalash.es/bcb/archivos/	13 KB 13 KB	1232ms 1065ms	Stylesheet text/css	185.101.224.41 AXARNET-AS
General Check archive.org Show headers Download Go to Full URL https://kalash.es/bcb/archivos/ui.css Requested by Host: kalash.es URL: https://kalash.es/bcb/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.101.224.41 , Spain, ASN50926 (AXARNET-AS, ES), Reverse DNS mail.ehost4041.hostinet.com Software Apache / Resource Hash `9c058408a6dac3bcdafd207d0d76f0521fa6a912225c357b9ca8e331bd1d709f` Request headers Referer https://kalash.es/bcb/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Thu, 05 Sep 2024 14:21:28 GMT last-modified Thu, 09 May 2024 12:36:34 GMT server Apache accept-ranges bytes content-length 13475 content-type text/css
GET H2	200	jquery-ui.css kalash.es/bcb/archivos/	30 KB 30 KB	501ms 335ms	Stylesheet text/css	185.101.224.41 AXARNET-AS
General Check archive.org Show headers Download Go to Full URL https://kalash.es/bcb/archivos/jquery-ui.css Requested by Host: kalash.es URL: https://kalash.es/bcb/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.101.224.41 , Spain, ASN50926 (AXARNET-AS, ES), Reverse DNS mail.ehost4041.hostinet.com Software Apache / Resource Hash `731e99d35fa14811bf79d3d6ae6a34d4e2e53c68f363da5f30c450419f167a70` Request headers Referer https://kalash.es/bcb/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Thu, 05 Sep 2024 14:21:28 GMT last-modified Thu, 09 May 2024 12:34:54 GMT server Apache accept-ranges bytes content-length 30429 content-type text/css
GET H2	200	showLoading.css kalash.es/bcb/archivos/	2 KB 2 KB	1248ms 1081ms	Stylesheet text/css	185.101.224.41 AXARNET-AS
General Check archive.org Show headers Download Go to Full URL https://kalash.es/bcb/archivos/showLoading.css Requested by Host: kalash.es URL: https://kalash.es/bcb/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.101.224.41 , Spain, ASN50926 (AXARNET-AS, ES), Reverse DNS mail.ehost4041.hostinet.com Software Apache / Resource Hash `525013f00da7ca61d7948f1592a5c04c9dfaa8a3bb7b722408ea9047f11eef69` Request headers Referer https://kalash.es/bcb/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Thu, 05 Sep 2024 14:21:28 GMT last-modified Thu, 09 May 2024 12:36:06 GMT server Apache accept-ranges bytes content-length 1963 content-type text/css
GET H2	200	ingre.png kalash.es/bcb/archivos/	417 B 479 B	1246ms 1080ms	Image image/png	185.101.224.41 AXARNET-AS
General Check archive.org Show headers Download Go to Show image Full URL https://kalash.es/bcb/archivos/ingre.png Requested by Host: kalash.es URL: https://kalash.es/bcb/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.101.224.41 , Spain, ASN50926 (AXARNET-AS, ES), Reverse DNS mail.ehost4041.hostinet.com Software Apache / Resource Hash `8581e96081c0e6faca474be3e30cb3cd548b41f37bcf55baa6de2f1d03a0dee4` Request headers Referer https://kalash.es/bcb/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Thu, 05 Sep 2024 14:21:28 GMT last-modified Thu, 09 May 2024 12:34:44 GMT server Apache accept-ranges bytes content-length 417 content-type image/png
GET H2	200	imgPublicidad.jpg kalash.es/bcb/archivos/	24 KB 24 KB	1237ms 1087ms	Image image/jpeg	185.101.224.41 AXARNET-AS
General Check archive.org Show headers Download Go to Show image Full URL https://kalash.es/bcb/archivos/imgPublicidad.jpg Requested by Host: kalash.es URL: https://kalash.es/bcb/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.101.224.41 , Spain, ASN50926 (AXARNET-AS, ES), Reverse DNS mail.ehost4041.hostinet.com Software Apache / Resource Hash `6652225be14a13b5fd45ebfbe7518e028fc6234da2af2bff61d3b3aa38158118` Request headers Referer https://kalash.es/bcb/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Thu, 05 Sep 2024 14:21:28 GMT last-modified Wed, 28 Aug 2024 15:46:24 GMT server Apache accept-ranges bytes content-length 24409 content-type image/jpeg
GET H2	200	logo-personas.svg kalash.es/bcb/archivos/	7 KB 7 KB	93ms 91ms	Image image/svg+xml	185.101.224.41 AXARNET-AS
General Check archive.org Show headers Download Go to Show image Full URL https://kalash.es/bcb/archivos/logo-personas.svg Requested by Host: kalash.es URL: https://kalash.es/bcb/archivos/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.101.224.41 , Spain, ASN50926 (AXARNET-AS, ES), Reverse DNS mail.ehost4041.hostinet.com Software Apache / Resource Hash `2c7a6ea74a49a6adc3fad622078895e9b2589448214913d8c035764148aca7d0` Request headers Referer https://kalash.es/bcb/archivos/style.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Thu, 05 Sep 2024 14:21:30 GMT last-modified Thu, 09 May 2024 12:35:14 GMT server Apache accept-ranges bytes content-length 7020 content-type image/svg+xml
GET H2	503	OpenSans-Regular.ttf kalash.es/bcb/css/font/	0 0	173ms 169ms	Font text/html	185.101.224.41 AXARNET-AS
General Check archive.org Show headers Download Go to Full URL https://kalash.es/bcb/css/font/OpenSans-Regular.ttf Requested by Host: kalash.es URL: https://kalash.es/bcb/archivos/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.101.224.41 , Spain, ASN50926 (AXARNET-AS, ES), Reverse DNS mail.ehost4041.hostinet.com Software Apache / Resource Hash Request headers Referer https://kalash.es/bcb/archivos/style.css Origin https://kalash.es User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Thu, 05 Sep 2024 14:21:30 GMT server Apache retry-after 3600 content-type text/html; charset=utf-8
GET H2	200	icon-user.png kalash.es/bcb/archivos/	447 B 500 B	73ms 68ms	Image image/png	185.101.224.41 AXARNET-AS
General Check archive.org Show headers Download Go to Show image Full URL https://kalash.es/bcb/archivos/icon-user.png Requested by Host: kalash.es URL: https://kalash.es/bcb/archivos/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.101.224.41 , Spain, ASN50926 (AXARNET-AS, ES), Reverse DNS mail.ehost4041.hostinet.com Software Apache / Resource Hash `75d5b455151a3b1a0a5b100041fee37de2daa0b41d1d177deaa863177c5b5b83` Request headers Referer https://kalash.es/bcb/archivos/style.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Thu, 05 Sep 2024 14:21:30 GMT last-modified Thu, 09 May 2024 12:34:18 GMT server Apache accept-ranges bytes content-length 447 content-type image/png
GET H2	503	CIBFontSans-Light.ttf kalash.es/bcb/css/font/	0 0	231ms 228ms	Font text/html	185.101.224.41 AXARNET-AS
General Check archive.org Show headers Download Go to Full URL https://kalash.es/bcb/css/font/CIBFontSans-Light.ttf Requested by Host: kalash.es URL: https://kalash.es/bcb/archivos/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.101.224.41 , Spain, ASN50926 (AXARNET-AS, ES), Reverse DNS mail.ehost4041.hostinet.com Software Apache / Resource Hash Request headers Referer https://kalash.es/bcb/archivos/style.css Origin https://kalash.es User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Thu, 05 Sep 2024 14:21:30 GMT server Apache retry-after 3600 content-type text/html; charset=utf-8
GET H2	503	favicon.ico kalash.es/	1 KB 1 KB	288ms 160ms	Other text/html	185.101.224.41 AXARNET-AS
General Check archive.org Show headers Download Go to Full URL https://kalash.es/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.101.224.41 , Spain, ASN50926 (AXARNET-AS, ES), Reverse DNS mail.ehost4041.hostinet.com Software Apache / Resource Hash `3dbb3ee6cdcc226cec0519011ba9cf9987420260244b7652721041b64ac0b200` Request headers Referer https://kalash.es/bcb/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Thu, 05 Sep 2024 14:21:30 GMT server Apache retry-after 3600 content-type text/html; charset=utf-8

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Bancolombia (Banking)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| meses object| diasSemana object| f string| hora

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.kalash.es/	1970-01-20 23:47:54	Name: PrestaShop-199adbe5d3008bc4484cc8376ac9a424 Value: def502001ecd80f8351009ec5418869e25138b03d4b5b6ee9ae7beaa935ede0f89fb39af3350d4cd684fc527bb695a2f1a6d21206b90c2cbcac0a42fd681b83d39e134a33c7d960e6386334df44429b68765729980f66645f2b0341e3c048cf1e9eb71faedbe78e68450c4ac95788c09a8baf388fb4b40d27fba5f93cbcd9d459efe9948ef259f9e91b9012ead55a880b873068b678628e2dce19813fe8fa2d8c2b2b0d5a7392d736995024c7af19f06dbb426320667d081e28d0d3856edf5404afca02cb207d40a7cecd376a8b010119970833694

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://kalash.es/bcb/css/font/OpenSans-Regular.ttf Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://kalash.es/bcb/css/font/CIBFontSans-Light.ttf Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://kalash.es/favicon.ico Message: Failed to load resource: the server responded with a status of 503 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

kalash.es
185.101.224.41
2c7a6ea74a49a6adc3fad622078895e9b2589448214913d8c035764148aca7d0
3dbb3ee6cdcc226cec0519011ba9cf9987420260244b7652721041b64ac0b200
525013f00da7ca61d7948f1592a5c04c9dfaa8a3bb7b722408ea9047f11eef69
6652225be14a13b5fd45ebfbe7518e028fc6234da2af2bff61d3b3aa38158118
731e99d35fa14811bf79d3d6ae6a34d4e2e53c68f363da5f30c450419f167a70
75d5b455151a3b1a0a5b100041fee37de2daa0b41d1d177deaa863177c5b5b83
8581e96081c0e6faca474be3e30cb3cd548b41f37bcf55baa6de2f1d03a0dee4
868fd2c8f776bde92f44e3b9ae9df8dec0c8ae5e67b2730b7432401a06547963
9c058408a6dac3bcdafd207d0d76f0521fa6a912225c357b9ca8e331bd1d709f
b0283bfdb60f674df3618095fd31d00d8de716c8f558607d77815dbb4e9b0f24
e841c0eff016968a22da08306e2ae72a57b548031f998311611554de2e631f77

kalash.es Open in urlscan Pro 185.101.224.41 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

13 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

312 kBTransfer

312 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

4 JavaScript Global Variables

1 Cookies

3 Console Messages

Indicators

kalash.es Open in urlscan Pro
185.101.224.41 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

312 kB
Transfer

312 kB
Size

1
Cookies

13 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!