www.centraldigitalcr.com Open in urlscan Pro
68.66.226.109  Malicious Activity! Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request ls19c5.html Show response www.centraldigitalcr.com/bn/auth.bncr.fi.cr/adfs/	55 KB 13 KB	652ms 154ms	Document text/html	68.66.226.109 A2HOSTING
General Check archive.org Show headers Download Go to Full URL https://www.centraldigitalcr.com/bn/auth.bncr.fi.cr/adfs/ls19c5.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 68.66.226.109 , United States, ASN55293 (A2HOSTING, US), Reverse DNS az1-ss44.a2hosting.com Software Apache / Resource Hash 3e565e234129478310d0fb0aaeed7e406202460d3bd020421ca7a02ae62b9617 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Date Sun, 23 Jan 2022 08:43:50 GMT Server Apache Strict-Transport-Security max-age=63072000; includeSubDomains X-Frame-Options SAMEORIGIN X-Content-Type-Options nosniff Last-Modified Thu, 09 Dec 2021 03:51:28 GMT Accept-Ranges bytes Vary Accept-Encoding Content-Encoding gzip Cache-Control max-age=3600, must-revalidate Content-Length 12944 Keep-Alive timeout=3, max=500 Connection Keep-Alive Content-Type text/html
GET H/1.1	200 OK	style8f57.css www.centraldigitalcr.com/bn/auth.bncr.fi.cr/adfs/portal/css/	27 KB 7 KB	148ms 148ms	Stylesheet text/css	68.66.226.109 A2HOSTING
General Check archive.org Show headers Download Go to Full URL https://www.centraldigitalcr.com/bn/auth.bncr.fi.cr/adfs/portal/css/style8f57.css?id=0F9A4AAB2FC50B0189F436642AAAA301641D0685424D403AAAB8DD4459949820&rp=37d0e840-bdc3-e911-90f3-005056b6cfbb Requested by Host: www.centraldigitalcr.com URL: https://www.centraldigitalcr.com/bn/auth.bncr.fi.cr/adfs/ls19c5.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 68.66.226.109 , United States, ASN55293 (A2HOSTING, US), Reverse DNS az1-ss44.a2hosting.com Software Apache / Resource Hash 1e2d2c4222a58200a2c1f4a0df09281986a332848553a0f4f4748c4ed338c7fe Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.centraldigitalcr.com/bn/auth.bncr.fi.cr/adfs/ls19c5.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sun, 23 Jan 2022 08:43:50 GMT Content-Encoding gzip X-Content-Type-Options nosniff Last-Modified Thu, 09 Dec 2021 00:01:52 GMT Server Apache X-Frame-Options SAMEORIGIN Connection Keep-Alive Content-Type text/css Cache-Control max-age=604800, public Strict-Transport-Security max-age=63072000; includeSubDomains Accept-Ranges bytes Vary Accept-Encoding Content-Length 6254 Keep-Alive timeout=3, max=500
GET H2	200	css fonts.googleapis.com/	3 KB 1 KB	134ms 47ms	Stylesheet text/css	2a00:1450:4001:830::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans Requested by Host: www.centraldigitalcr.com URL: https://www.centraldigitalcr.com/bn/auth.bncr.fi.cr/adfs/ls19c5.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash c99361c0d8561c7d88a237009bac83ecc149fe6f1f91c52dde79b7841b584c40 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.centraldigitalcr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sun, 23 Jan 2022 08:30:53 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Sun, 23 Jan 2022 08:43:50 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 23 Jan 2022 08:43:50 GMT
GET H2	200	css fonts.googleapis.com/	664 B 428 B	134ms 48ms	Stylesheet text/css	2a00:1450:4001:830::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Lato Requested by Host: www.centraldigitalcr.com URL: https://www.centraldigitalcr.com/bn/auth.bncr.fi.cr/adfs/ls19c5.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash f8f5705ee03667d1a28565f6dc84b7748bb9d7c4ded30c270354edd054b86b32 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.centraldigitalcr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sun, 23 Jan 2022 08:07:23 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Sun, 23 Jan 2022 08:43:50 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 23 Jan 2022 08:43:50 GMT
GET H2	200	css fonts.googleapis.com/	5 KB 731 B	135ms 49ms	Stylesheet text/css	2a00:1450:4001:830::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400&display=swap Requested by Host: www.centraldigitalcr.com URL: https://www.centraldigitalcr.com/bn/auth.bncr.fi.cr/adfs/ls19c5.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 0202c1e41ee2a905889b0f4140b2853a48703fae16087f17292cbb75c0385ac0 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.centraldigitalcr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sun, 23 Jan 2022 06:58:19 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Sun, 23 Jan 2022 08:43:50 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 23 Jan 2022 08:43:50 GMT
GET H/1.1	200 OK	illustrationba1b.png www.centraldigitalcr.com/bn/auth.bncr.fi.cr/adfs/portal/illustration/	114 KB 107 KB	152ms 151ms	Image image/png	68.66.226.109 A2HOSTING
General Check archive.org Show headers Download Go to Show image Full URL https://www.centraldigitalcr.com/bn/auth.bncr.fi.cr/adfs/portal/illustration/illustrationba1b.png?id=183128A3C941EDE3D9199FA37D6AA90E0A7DFE101B37D10B4FEDA0CF35E11AFD&amp;rp=37d0e840-bdc3-e911-90f3-005056b6cfbb Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 68.66.226.109 , United States, ASN55293 (A2HOSTING, US), Reverse DNS az1-ss44.a2hosting.com Software Apache / Resource Hash 183128a3c941ede3d9199fa37d6aa90e0a7dfe101b37d10b4feda0cf35e11afd Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.centraldigitalcr.com/bn/auth.bncr.fi.cr/adfs/ls19c5.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sun, 23 Jan 2022 08:43:50 GMT Content-Encoding gzip X-Content-Type-Options nosniff Last-Modified Thu, 09 Dec 2021 00:01:56 GMT Server Apache X-Frame-Options SAMEORIGIN Connection Keep-Alive Content-Type image/png Cache-Control max-age=604800, public Transfer-Encoding chunked Strict-Transport-Security max-age=63072000; includeSubDomains Accept-Ranges bytes Vary Accept-Encoding Keep-Alive timeout=3, max=499
GET H/1.1	200 OK	fondo.jpg www.centraldigitalcr.com/bn/auth.bncr.fi.cr/adfs/portal/images/bncr/	83 KB 81 KB	153ms 153ms	Image image/jpeg	68.66.226.109 A2HOSTING
General Check archive.org Show headers Download Go to Show image Full URL https://www.centraldigitalcr.com/bn/auth.bncr.fi.cr/adfs/portal/images/bncr/fondo.jpg Requested by Host: www.centraldigitalcr.com URL: https://www.centraldigitalcr.com/bn/auth.bncr.fi.cr/adfs/portal/css/style8f57.css?id=0F9A4AAB2FC50B0189F436642AAAA301641D0685424D403AAAB8DD4459949820&rp=37d0e840-bdc3-e911-90f3-005056b6cfbb Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 68.66.226.109 , United States, ASN55293 (A2HOSTING, US), Reverse DNS az1-ss44.a2hosting.com Software Apache / Resource Hash a25ba1b157ec936592d10b603b83173744a279f8be236e4dc3f25aab9fbbd452 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.centraldigitalcr.com/bn/auth.bncr.fi.cr/adfs/portal/css/style8f57.css?id=0F9A4AAB2FC50B0189F436642AAAA301641D0685424D403AAAB8DD4459949820&rp=37d0e840-bdc3-e911-90f3-005056b6cfbb User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sun, 23 Jan 2022 08:43:50 GMT Content-Encoding gzip X-Content-Type-Options nosniff Last-Modified Thu, 09 Dec 2021 00:02:23 GMT Server Apache X-Frame-Options SAMEORIGIN Connection Keep-Alive Content-Type image/jpeg Cache-Control max-age=604800, public Transfer-Encoding chunked Strict-Transport-Security max-age=63072000; includeSubDomains Accept-Ranges bytes Vary Accept-Encoding Keep-Alive timeout=3, max=499
GET H/1.1	200 OK	firma.png www.centraldigitalcr.com/bn/auth.bncr.fi.cr/adfs/portal/images/bncr/	3 KB 3 KB	454ms 152ms	Image image/png	68.66.226.109 A2HOSTING
General Check archive.org Show headers Download Go to Show image Full URL https://www.centraldigitalcr.com/bn/auth.bncr.fi.cr/adfs/portal/images/bncr/firma.png Requested by Host: www.centraldigitalcr.com URL: https://www.centraldigitalcr.com/bn/auth.bncr.fi.cr/adfs/portal/css/style8f57.css?id=0F9A4AAB2FC50B0189F436642AAAA301641D0685424D403AAAB8DD4459949820&rp=37d0e840-bdc3-e911-90f3-005056b6cfbb Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 68.66.226.109 , United States, ASN55293 (A2HOSTING, US), Reverse DNS az1-ss44.a2hosting.com Software Apache / Resource Hash 52691c4f90034c90a93cb95cf2c62e8bfee3f2da454e5ad4195b89db97dfe446 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.centraldigitalcr.com/bn/auth.bncr.fi.cr/adfs/portal/css/style8f57.css?id=0F9A4AAB2FC50B0189F436642AAAA301641D0685424D403AAAB8DD4459949820&rp=37d0e840-bdc3-e911-90f3-005056b6cfbb User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sun, 23 Jan 2022 08:43:50 GMT Content-Encoding gzip X-Content-Type-Options nosniff Last-Modified Thu, 09 Dec 2021 00:02:26 GMT Server Apache X-Frame-Options SAMEORIGIN Connection Keep-Alive Content-Type image/png Cache-Control max-age=604800, public Strict-Transport-Security max-age=63072000; includeSubDomains Accept-Ranges bytes Vary Accept-Encoding Content-Length 2599 Keep-Alive timeout=3, max=498
GET H2	200	JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 fonts.gstatic.com/s/montserrat/v12/	18 KB 19 KB	126ms 40ms	Font font/woff2	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v12/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 Requested by Host: www.centraldigitalcr.com URL: https://www.centraldigitalcr.com/bn/auth.bncr.fi.cr/adfs/portal/css/style8f57.css?id=0F9A4AAB2FC50B0189F436642AAAA301641D0685424D403AAAB8DD4459949820&rp=37d0e840-bdc3-e911-90f3-005056b6cfbb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.centraldigitalcr.com/ Origin https://www.centraldigitalcr.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 17 Jan 2022 21:35:21 GMT x-content-type-options nosniff age 472109 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18684 x-xss-protection 0 last-modified Tue, 07 Nov 2017 15:24:32 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Tue, 17 Jan 2023 21:35:21 GMT
GET H2	200	memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 fonts.gstatic.com/s/opensans/v27/	16 KB 16 KB	138ms 53ms	Font font/woff2	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v27/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.centraldigitalcr.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 21 Jan 2022 13:44:20 GMT x-content-type-options nosniff age 154770 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 16692 x-xss-protection 0 last-modified Thu, 28 Oct 2021 00:32:10 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Sat, 21 Jan 2023 13:44:20 GMT
GET H/1.1	200 OK	logo.png www.centraldigitalcr.com/bn/auth.bncr.fi.cr/adfs/images/bncr/	2 KB 3 KB	437ms 149ms	Image image/png	68.66.226.109 A2HOSTING
General Check archive.org Show headers Download Go to Show image Full URL https://www.centraldigitalcr.com/bn/auth.bncr.fi.cr/adfs/images/bncr/logo.png Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 68.66.226.109 , United States, ASN55293 (A2HOSTING, US), Reverse DNS az1-ss44.a2hosting.com Software Apache / Resource Hash a11306b40a20c1d8d40e2746d1ee259b7556c00bcbc719e5e1065f02b7cc427c Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.centraldigitalcr.com/bn/auth.bncr.fi.cr/adfs/ls19c5.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sun, 23 Jan 2022 08:43:50 GMT Content-Encoding gzip X-Content-Type-Options nosniff Last-Modified Thu, 14 Oct 2021 18:45:47 GMT Server Apache X-Frame-Options SAMEORIGIN Connection Keep-Alive Content-Type image/png Cache-Control max-age=604800, public Strict-Transport-Security max-age=63072000; includeSubDomains Accept-Ranges bytes Vary Accept-Encoding Content-Length 2283 Keep-Alive timeout=3, max=500
GET H/1.1	200 OK	BNChat.png www.centraldigitalcr.com/bn/auth.bncr.fi.cr/adfs/portal/images/bncr/	5 KB 6 KB	450ms 160ms	Image image/png	68.66.226.109 A2HOSTING
General Check archive.org Show headers Download Go to Show image Full URL https://www.centraldigitalcr.com/bn/auth.bncr.fi.cr/adfs/portal/images/bncr/BNChat.png Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 68.66.226.109 , United States, ASN55293 (A2HOSTING, US), Reverse DNS az1-ss44.a2hosting.com Software Apache / Resource Hash 2e4ecfa7866203cf7f8f705c2c9fffa8cdeb3b11bea0cae4399f6bc974b07b6f Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.centraldigitalcr.com/bn/auth.bncr.fi.cr/adfs/ls19c5.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sun, 23 Jan 2022 08:43:50 GMT Content-Encoding gzip X-Content-Type-Options nosniff Last-Modified Thu, 14 Oct 2021 18:45:47 GMT Server Apache X-Frame-Options SAMEORIGIN Connection Keep-Alive Content-Type image/png Cache-Control max-age=604800, public Strict-Transport-Security max-age=63072000; includeSubDomains Accept-Ranges bytes Vary Accept-Encoding Content-Length 5474 Keep-Alive timeout=3, max=500

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banco Nacional (Banking)

74 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| LoginErrors number| maxPasswordLength function| InputUtil function| SelectOption function| Login string| Title string| LoginTitle string| urlBnMovilDefault string| urlIBDefault string| urlBNSDefault string| urlLostPassword string| urlLostPasswordBnMovil string| urlAffiliate string| urlAffiliateBnMovil string| urlApiToken string| urlCambioClave string| urlCambioClaveBNM string| indiceAuth string| indiceBNM string| indiceIB string| indiceBNS string| urlIBCDescarga string| rutabase string| urlLogo string| urlChatImg string| urlChat string| FooterSeccionLeftLogin string| FooterSeccionCenterLogin string| FooterSeccionRightLogin string| FooterSeccionLeftKeyBoard string| FooterSeccionCenterKeyBoard string| FooterSeccionRightKeyBoard string| FooterSeccionLeftOTP string| FooterSeccionCenterOTP string| FooterSeccionRightOTP string| Terms string| TermsUrl string| Privacy string| PrivacyUrl string| chatLink string| helpModal object| contentHtml undefined| emails undefined| msViewportStyle undefined| viewport function| getStyle function| LoadTheme function| IsIB function| IsIBMovil function| IsBNS function| Signout function| ClearDomain function| CambioContrasena function| HideShowControl function| ElementExist function| WindowsRedirect function| ExistMFA function| DrawMFA function| ApplyCSSInput function| SetValueInput function| ControlFooter function| GetReturnUri function| GetParamts function| GetUsrName function| AppendLostPassword function| AppendCertificate function| AppendUserName function| InitControls function| LettersAndNumbers function| CertificateClick function| HelpClick function| ValidarErrorCert function| RestringirMoviles function| Close

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
www.centraldigitalcr.com
2a00:1450:4001:829::2003
2a00:1450:4001:830::200a
68.66.226.109
0202c1e41ee2a905889b0f4140b2853a48703fae16087f17292cbb75c0385ac0
183128a3c941ede3d9199fa37d6aa90e0a7dfe101b37d10b4feda0cf35e11afd
1e2d2c4222a58200a2c1f4a0df09281986a332848553a0f4f4748c4ed338c7fe
2e4ecfa7866203cf7f8f705c2c9fffa8cdeb3b11bea0cae4399f6bc974b07b6f
3e565e234129478310d0fb0aaeed7e406202460d3bd020421ca7a02ae62b9617
4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2
52691c4f90034c90a93cb95cf2c62e8bfee3f2da454e5ad4195b89db97dfe446
a11306b40a20c1d8d40e2746d1ee259b7556c00bcbc719e5e1065f02b7cc427c
a25ba1b157ec936592d10b603b83173744a279f8be236e4dc3f25aab9fbbd452
c99361c0d8561c7d88a237009bac83ecc149fe6f1f91c52dde79b7841b584c40
cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0
f8f5705ee03667d1a28565f6dc84b7748bb9d7c4ded30c270354edd054b86b32