fuentesyestanques.es Open in urlscan Pro
51.15.12.119 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://fuentesyestanques.es/new/2012/en/
Submission: On July 25 via automatic, source phishtank (July 25th 2017, 10:46:04 pm UTC)

Summary HTTP 13 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 13 HTTP transactions. The main IP is 51.15.12.119, located in Haarlem, Netherlands and belongs to AS12876, FR. The main domain is fuentesyestanques.es.
TLS certificate: Issued by Let's Encrypt Authority X3 on June 21st 2017. Valid for: 3 months.

This is the only time fuentesyestanques.es was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic (Online) Bank of America (Banking)

Domain & IP information

	IP Address		AS Autonomous System
11	51.15.12.119 51.15.12.119		12876 (AS12876) (AS12876)
13	2

11 51.15.12.119 (Haarlem, Netherlands)

ASN12876 (AS12876, FR)
PTR: fina.rayohost.net

fuentesyestanques.es	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.fuentesyestanques.es	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	fuentesyestanques.es fuentesyestanques.es www.fuentesyestanques.es	183 KB
13	1

	Domain	Requested by
10	fuentesyestanques.es	fuentesyestanques.es
1	www.fuentesyestanques.es	fuentesyestanques.es
13	2

This site contains links to these domains. Also see Links.

Domain
www.bankofamerica.com

Subject Issuer	Validity	Valid
fuentesyestanques.es Let's Encrypt Authority X3	`2017-06-21` - `2017-09-19`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://fuentesyestanques.es/new/2012/en/
Frame ID: 11653.1
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

13
Requests

85 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

2
IPs

1
Countries

183 kB
Transfer

584 kB
Size

0
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.bankofamerica.com/onlinebanking/learning-center.go
Title: Learn more about Online Banking

Search URL Search Domain Scan URL

URL: https://www.bankofamerica.com/online-banking/service-agreement.go
Title: Service Agreement

Search URL Search Domain Scan URL

URL: https://www.bankofamerica.com/privacy/
Title: Privacy & Security

Search URL Search Domain Scan URL

URL: http://www.bankofamerica.com/help/equalhousing_popup.cfm
Title: Equal Housing Lender

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request 5

https://fuentesyestanques.es/new/2012/en/imgs/summary-bground.jpg
https://www.fuentesyestanques.es/new/2012/en/imgs/summary-bground.jpg

Request 10

https://fuentesyestanques.es/pa/global-assets/1.0/font/cnx-regular/cnx-regular.woff
https://www.fuentesyestanques.es/pa/global-assets/1.0/font/cnx-regular/cnx-regular.woff

Request 11

https://fuentesyestanques.es/pa/global-assets/1.0/font/cnx-regular/cnx-regular.ttf
https://www.fuentesyestanques.es/pa/global-assets/1.0/font/cnx-regular/cnx-regular.ttf

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
fuentesyestanques.es/new/2012/en/ 13 KB
10 KB 768ms
697ms Document
text/html 51.15.12.119
AS12876

General

Check archive.org

Show headers Download Go to

Full URL

https://fuentesyestanques.es/new/2012/en/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.15.12.119 Haarlem, Netherlands, ASN12876 (AS12876, FR),

Reverse DNS

fina.rayohost.net

Software

nginx /

Resource Hash

f86b052bb1f928c637354fca484886c96ac57230385e28bae7e4a9dbb626713f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Tue, 25 Jul 2017 22:45:49 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Vary: Accept-Encoding
X-Nginx-Cache-Status: EXPIRED
Transfer-Encoding: chunked
X-Server-Powered-By: Engintron
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK soa.js Show response
fuentesyestanques.es/new/2012/en/imgs/ 20 KB
6 KB 67ms
67ms Script
application/javascript 51.15.12.119
AS12876

General

Check archive.org

Show headers Download Go to

Full URL

https://fuentesyestanques.es/new/2012/en/imgs/soa.js

Requested by

Host: fuentesyestanques.es
URL: https://fuentesyestanques.es/new/2012/en/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.15.12.119 Haarlem, Netherlands, ASN12876 (AS12876, FR),

Reverse DNS

fina.rayohost.net

Software

nginx /

Resource Hash

847c86ae982abe9180233276125b930b4a1b6f1bd12649b0c07535c1e984def8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fuentesyestanques.es/new/2012/en/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Pragma: public
Date: Tue, 25 Jul 2017 22:45:50 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 14 Jul 2014 14:24:16 GMT
Server: nginx
Vary: Accept-Encoding
X-Nginx-Cache-Status: MISS
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
X-Server-Powered-By: Engintron
Connection: keep-alive
Content-Type: application/javascript
X-XSS-Protection: 1; mode=block
Expires: Thu, 24 Aug 2017 22:45:50 GMT

GET
H/1.1 200
OK login.css
fuentesyestanques.es/new/2012/en/imgs/ 133 KB
21 KB 74ms
73ms Stylesheet
text/css 51.15.12.119
AS12876

General

Check archive.org

Show headers Download Go to

Full URL

https://fuentesyestanques.es/new/2012/en/imgs/login.css

Requested by

Host: fuentesyestanques.es
URL: https://fuentesyestanques.es/new/2012/en/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.15.12.119 Haarlem, Netherlands, ASN12876 (AS12876, FR),

Reverse DNS

fina.rayohost.net

Software

nginx /

Resource Hash

092f0fd4ebf0542f944fb3ff4d704bfc308daf374efd1bfe5d7f37e2ac62060c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fuentesyestanques.es/new/2012/en/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Pragma: public
Date: Tue, 25 Jul 2017 22:45:50 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 19 Feb 2015 11:27:08 GMT
Server: nginx
Vary: Accept-Encoding
X-Nginx-Cache-Status: MISS
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
X-Server-Powered-By: Engintron
Connection: keep-alive
Content-Type: text/css
X-XSS-Protection: 1; mode=block
Expires: Thu, 24 Aug 2017 22:45:50 GMT

GET
H/1.1 200
OK login.js Show response
fuentesyestanques.es/new/2012/en/imgs/ 355 KB
93 KB 155ms
112ms Script
application/javascript 51.15.12.119
AS12876

General

Check archive.org

Show headers Download Go to

Full URL

https://fuentesyestanques.es/new/2012/en/imgs/login.js

Requested by

Host: fuentesyestanques.es
URL: https://fuentesyestanques.es/new/2012/en/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.15.12.119 Haarlem, Netherlands, ASN12876 (AS12876, FR),

Reverse DNS

fina.rayohost.net

Software

nginx /

Resource Hash

07e4c753ffc2eb5b218c8f022406951f1c052771ffe9b22aecff0e705f4c13f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fuentesyestanques.es/new/2012/en/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Pragma: public
Date: Tue, 25 Jul 2017 22:45:50 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 02 Sep 2014 05:09:54 GMT
Server: nginx
Vary: Accept-Encoding
X-Nginx-Cache-Status: MISS
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
X-Server-Powered-By: Engintron
Connection: keep-alive
Content-Type: application/javascript
X-XSS-Protection: 1; mode=block
Expires: Thu, 24 Aug 2017 22:45:50 GMT

GET
H/1.1 200
OK LOGO.gif
fuentesyestanques.es/new/2012/en/imgs/ 4 KB
4 KB 66ms
65ms Image
image/gif 51.15.12.119
AS12876

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fuentesyestanques.es/new/2012/en/imgs/LOGO.gif

Requested by

Host: fuentesyestanques.es
URL: https://fuentesyestanques.es/new/2012/en/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.15.12.119 Haarlem, Netherlands, ASN12876 (AS12876, FR),

Reverse DNS

fina.rayohost.net

Software

nginx /

Resource Hash

0509ef5fb3dad7001f5095ebe63933dff0e0d113045e696ed16ff46ce5af8c72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fuentesyestanques.es/new/2012/en/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Pragma: public
Date: Tue, 25 Jul 2017 22:45:50 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 23 Sep 2014 22:03:54 GMT
Server: nginx
X-Nginx-Cache-Status: MISS
Cache-Control: max-age=5184000
X-Server-Powered-By: Engintron
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 3596
X-XSS-Protection: 1; mode=block
Expires: Sat, 23 Sep 2017 22:45:50 GMT

GET
H/1.1 200
OK secure.png
fuentesyestanques.es/new/2012/en/imgs/ 473 B
473 B 67ms
67ms Image
image/png 51.15.12.119
AS12876

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fuentesyestanques.es/new/2012/en/imgs/secure.png

Requested by

Host: fuentesyestanques.es
URL: https://fuentesyestanques.es/new/2012/en/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.15.12.119 Haarlem, Netherlands, ASN12876 (AS12876, FR),

Reverse DNS

fina.rayohost.net

Software

nginx /

Resource Hash

8c37fb372596058d87dd9208541c49b020d0e840e4f3a5baa27d39be2dc70b01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fuentesyestanques.es/new/2012/en/imgs/login.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Pragma: public
Date: Tue, 25 Jul 2017 22:45:50 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 01 Sep 2014 19:16:36 GMT
Server: nginx
X-Nginx-Cache-Status: MISS
Cache-Control: max-age=5184000
X-Server-Powered-By: Engintron
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 473
X-XSS-Protection: 1; mode=block
Expires: Sat, 23 Sep 2017 22:45:50 GMT

GET
H/1.1

404
Not Found

summary-bground.jpg
www.fuentesyestanques.es/new/2012/en/imgs/
Redirect Chain

https://fuentesyestanques.es/new/2012/en/imgs/summary-bground.jpg
https://www.fuentesyestanques.es/new/2012/en/imgs/summary-bground.jpg

11 KB
0

1169ms
1036ms

Image
text/html

51.15.12.119
AS12876

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fuentesyestanques.es/new/2012/en/imgs/summary-bground.jpg

Requested by

Host: fuentesyestanques.es
URL: https://fuentesyestanques.es/new/2012/en/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.15.12.119 Haarlem, Netherlands, ASN12876 (AS12876, FR),

Reverse DNS

fina.rayohost.net

Software

nginx /

Resource Hash

fab8401f9240158c44ac74a5cada216bcb5726dfceb0bed9c79a6f3075f77fb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fuentesyestanques.es/new/2012/en/imgs/login.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Tue, 25 Jul 2017 22:45:52 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Link: <https://www.fuentesyestanques.es/wp-json/>; rel="https://api.w.org/"
X-XSS-Protection: 1; mode=block

Redirect headers

Pragma: public
Date: Tue, 25 Jul 2017 22:45:51 GMT
X-Content-Type-Options: nosniff
Server: nginx
X-Nginx-Cache-Status: MISS
Location: https://www.fuentesyestanques.es/new/2012/en/imgs/summary-bground.jpg
Cache-Control: max-age=5184000
X-Server-Powered-By: Engintron
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Sat, 23 Sep 2017 22:45:51 GMT

GET
H/1.1 200
OK help-qmark.png
fuentesyestanques.es/new/2012/en/imgs/ 546 B
546 B 178ms
132ms Image
image/png 51.15.12.119
AS12876

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fuentesyestanques.es/new/2012/en/imgs/help-qmark.png

Requested by

Host: fuentesyestanques.es
URL: https://fuentesyestanques.es/new/2012/en/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.15.12.119 Haarlem, Netherlands, ASN12876 (AS12876, FR),

Reverse DNS

fina.rayohost.net

Software

nginx /

Resource Hash

6b28134763b4b32a61d1dc80c408fc211f73dc758a22ef0c8e5e83ea770a61f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fuentesyestanques.es/new/2012/en/imgs/login.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Pragma: public
Date: Tue, 25 Jul 2017 22:45:50 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 02 Sep 2014 05:29:54 GMT
Server: nginx
X-Nginx-Cache-Status: MISS
Cache-Control: max-age=5184000
X-Server-Powered-By: Engintron
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 546
X-XSS-Protection: 1; mode=block
Expires: Sat, 23 Sep 2017 22:45:50 GMT

GET
H/1.1 200
OK gfootb.png
fuentesyestanques.es/new/2012/en/imgs/ 48 KB
48 KB 186ms
145ms Image
image/png 51.15.12.119
AS12876

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fuentesyestanques.es/new/2012/en/imgs/gfootb.png

Requested by

Host: fuentesyestanques.es
URL: https://fuentesyestanques.es/new/2012/en/imgs/login.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.15.12.119 Haarlem, Netherlands, ASN12876 (AS12876, FR),

Reverse DNS

fina.rayohost.net

Software

nginx /

Resource Hash

ca3205c6a4eecfd67ad990b62b10e19f601230a2a5b2791676089e82836763f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fuentesyestanques.es/new/2012/en/imgs/login.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Pragma: public
Date: Tue, 25 Jul 2017 22:45:50 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 01 Sep 2014 19:12:18 GMT
Server: nginx
X-Nginx-Cache-Status: MISS
Cache-Control: max-age=5184000
X-Server-Powered-By: Engintron
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 48667
X-XSS-Protection: 1; mode=block
Expires: Sat, 23 Sep 2017 22:45:50 GMT

GET
H/1.1 200
OK gfoot-home.png
fuentesyestanques.es/new/2012/en/imgs/ 144 B
144 B 165ms
124ms Image
image/png 51.15.12.119
AS12876

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fuentesyestanques.es/new/2012/en/imgs/gfoot-home.png

Requested by

Host: fuentesyestanques.es
URL: https://fuentesyestanques.es/new/2012/en/imgs/login.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.15.12.119 Haarlem, Netherlands, ASN12876 (AS12876, FR),

Reverse DNS

fina.rayohost.net

Software

nginx /

Resource Hash

a8bc6337547a246ef75d1ae66d7ec8a0ed6171c1ba49804a403124e27c8e8452

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fuentesyestanques.es/new/2012/en/imgs/login.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Pragma: public
Date: Tue, 25 Jul 2017 22:45:50 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 01 Sep 2014 19:12:18 GMT
Server: nginx
X-Nginx-Cache-Status: MISS
Cache-Control: max-age=5184000
X-Server-Powered-By: Engintron
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 144
X-XSS-Protection: 1; mode=block
Expires: Sat, 23 Sep 2017 22:45:50 GMT

GET
H/1.1 200
OK fsd-arrows.png
fuentesyestanques.es/new/2012/en/imgs/ 246 B
246 B 126ms
67ms Image
image/png 51.15.12.119
AS12876

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fuentesyestanques.es/new/2012/en/imgs/fsd-arrows.png

Requested by

Host: fuentesyestanques.es
URL: https://fuentesyestanques.es/new/2012/en/imgs/login.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.15.12.119 Haarlem, Netherlands, ASN12876 (AS12876, FR),

Reverse DNS

fina.rayohost.net

Software

nginx /

Resource Hash

ec8a7b5d27dd9c4cd59db1c74a73aec065c0660675f7ef26f300ab49e4bb5825

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fuentesyestanques.es/new/2012/en/imgs/login.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Pragma: public
Date: Tue, 25 Jul 2017 22:45:50 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 23 Sep 2014 22:20:10 GMT
Server: nginx
X-Nginx-Cache-Status: MISS
Cache-Control: max-age=5184000
X-Server-Powered-By: Engintron
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 246
X-XSS-Protection: 1; mode=block
Expires: Sat, 23 Sep 2017 22:45:50 GMT

GET

cnx-regular.woff
www.fuentesyestanques.es/pa/global-assets/1.0/font/cnx-regular/
Redirect Chain

https://fuentesyestanques.es/pa/global-assets/1.0/font/cnx-regular/cnx-regular.woff
https://www.fuentesyestanques.es/pa/global-assets/1.0/font/cnx-regular/cnx-regular.woff

0
0

GET

cnx-regular.ttf
www.fuentesyestanques.es/pa/global-assets/1.0/font/cnx-regular/
Redirect Chain

https://fuentesyestanques.es/pa/global-assets/1.0/font/cnx-regular/cnx-regular.ttf
https://www.fuentesyestanques.es/pa/global-assets/1.0/font/cnx-regular/cnx-regular.ttf

0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.fuentesyestanques.es
URL: https://www.fuentesyestanques.es/pa/global-assets/1.0/font/cnx-regular/cnx-regular.woff

Domain: www.fuentesyestanques.es
URL: https://www.fuentesyestanques.es/pa/global-assets/1.0/font/cnx-regular/cnx-regular.ttf

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic (Online) Bank of America (Banking)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fuentesyestanques.es
www.fuentesyestanques.es
www.fuentesyestanques.es
51.15.12.119
0509ef5fb3dad7001f5095ebe63933dff0e0d113045e696ed16ff46ce5af8c72
07e4c753ffc2eb5b218c8f022406951f1c052771ffe9b22aecff0e705f4c13f8
092f0fd4ebf0542f944fb3ff4d704bfc308daf374efd1bfe5d7f37e2ac62060c
6b28134763b4b32a61d1dc80c408fc211f73dc758a22ef0c8e5e83ea770a61f7
847c86ae982abe9180233276125b930b4a1b6f1bd12649b0c07535c1e984def8
8c37fb372596058d87dd9208541c49b020d0e840e4f3a5baa27d39be2dc70b01
a8bc6337547a246ef75d1ae66d7ec8a0ed6171c1ba49804a403124e27c8e8452
ca3205c6a4eecfd67ad990b62b10e19f601230a2a5b2791676089e82836763f4
ec8a7b5d27dd9c4cd59db1c74a73aec065c0660675f7ef26f300ab49e4bb5825
f86b052bb1f928c637354fca484886c96ac57230385e28bae7e4a9dbb626713f
fab8401f9240158c44ac74a5cada216bcb5726dfceb0bed9c79a6f3075f77fb9

fuentesyestanques.es Open in urlscan Pro 51.15.12.119 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

13 Requests

85 %HTTPS

0 %IPv6

1 Domains

2 Subdomains

2 IPs

1 Countries

183 kBTransfer

584 kBSize

0 Cookies

4 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

fuentesyestanques.es Open in urlscan Pro
51.15.12.119 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

85 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

2
IPs

1
Countries

183 kB
Transfer

584 kB
Size

0
Cookies

13 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!