xn--restaurante-lascaas-c4b.com Open in urlscan Pro Puny
restaurante-lascañas.com IDN
89.44.32.125 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://edmwear.com/wp-admin/js/wp/mic.php
Effective URL:
https://xn--restaurante-lascaas-c4b.com/plugins/67%25%23$%25&%25%23$%25&/splxfile/
Submission: On August 17 via manual (August 17th 2018, 1:29:20 pm UTC) from US

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 14 HTTP transactions. The main IP is 89.44.32.125, located in Romania and belongs to CUBENODE, ES. The main domain is xn--restaurante-lascaas-c4b.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on July 29th 2018. Valid for: 3 months.

This is the only time xn--restaurante-lascaas-c4b.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
1	45.40.132.175 45.40.132.175	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com)
1 13	89.44.32.125 89.44.32.125	203178 (CUBENODE) (CUBENODE)
14	3

1 45.40.132.175 (Scottsdale, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: ip-45-40-132-175.ip.secureserver.net

edmwear.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 89.44.32.125 (Romania) 1 redirects

ASN203178 (CUBENODE, ES)
PTR: pcvera.com

xn--restaurante-lascaas-c4b.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	xn--restaurante-lascaas-c4b.com 1 redirects xn--restaurante-lascaas-c4b.com	552 KB
1	edmwear.com edmwear.com	383 B
0	googleapis.com Failed fonts.googleapis.com Failed
14	3

	Domain	Requested by
13	xn--restaurante-lascaas-c4b.com	1 redirects xn--restaurante-lascaas-c4b.com
1	edmwear.com
0	fonts.googleapis.com Failed	xn--restaurante-lascaas-c4b.com
14	3

This site contains no links.

Subject Issuer	Validity	Valid
edmwear.com cPanel, Inc. Certification Authority	`2018-07-20` - `2018-10-18`	3 months	crt.sh
xn--restaurante-lascaas-c4b.com cPanel, Inc. Certification Authority	`2018-07-29` - `2018-10-27`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://xn--restaurante-lascaas-c4b.com/plugins/67%25%23$%25&%25%23$%25&/splxfile/
Frame ID: EF772E74690671AC192B9C5B1F2A1D7B
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://edmwear.com/wp-admin/js/wp/mic.php Page URL
https://xn--restaurante-lascaas-c4b.com/plugins/67%25%23%24%25%26%25%23%24%25%26/splxfile HTTP 301
https://xn--restaurante-lascaas-c4b.com/plugins/67%25%23$%25&%25%23$%25&/splxfile/ Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js/i
env /^jQuery$/i

Page Statistics

14
Requests

93 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

552 kB
Transfer

550 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://edmwear.com/wp-admin/js/wp/mic.php Page URL
https://xn--restaurante-lascaas-c4b.com/plugins/67%25%23%24%25%26%25%23%24%25%26/splxfile HTTP 301
https://xn--restaurante-lascaas-c4b.com/plugins/67%25%23$%25&%25%23$%25&/splxfile/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	mic.php Show response edmwear.com/wp-admin/js/wp/	127 B 383 B	461ms 152ms	Document text/html	45.40.132.175 GoDaddy.com
General Check archive.org Show headers Download Go to Full URL https://edmwear.com/wp-admin/js/wp/mic.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 45.40.132.175 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US), Reverse DNS ip-45-40-132-175.ip.secureserver.net Software Apache / Resource Hash `8307a01429e2ff05011de147ae4ef623dec6bfda4f0d8e7611ed954a2ce04b1a` Request headers Host edmwear.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 X-DevTools-Emulate-Network-Conditions-Client-Id EF772E74690671AC192B9C5B1F2A1D7B Response headers Date Fri, 17 Aug 2018 13:29:10 GMT Server Apache Content-Encoding gzip Vary Accept-Encoding Keep-Alive timeout=5, max=100 Connection Keep-Alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	Primary Request / Show response xn--restaurante-lascaas-c4b.com/plugins/67%25%23$%25&%25%23$%25&/splxfile/ Redirect Chain https://xn--restaurante-lascaas-c4b.com/plugins/67%25%23%24%25%26%25%23%24%25%26/splxfile https://xn--restaurante-lascaas-c4b.com/plugins/67%25%23$%25&%25%23$%25&/splxfile/	5 KB 5 KB	35ms 34ms	Document text/html	89.44.32.125 CUBENODE
General Check archive.org Show headers Download Go to Full URL https://xn--restaurante-lascaas-c4b.com/plugins/67%25%23$%25&%25%23$%25&/splxfile/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 89.44.32.125 , Romania, ASN203178 (CUBENODE, ES), Reverse DNS pcvera.com Software Apache / Resource Hash `c11c0b82941ab709104a3639e5e4c542a317e633beff4b96c4510885a3257502` Request headers Host xn--restaurante-lascaas-c4b.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Referer https://edmwear.com/wp-admin/js/wp/mic.php Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 X-DevTools-Emulate-Network-Conditions-Client-Id EF772E74690671AC192B9C5B1F2A1D7B Referer https://edmwear.com/wp-admin/js/wp/mic.php Response headers Date Fri, 17 Aug 2018 13:29:10 GMT Server Apache Keep-Alive timeout=5, max=99 Connection Keep-Alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8 Redirect headers Date Fri, 17 Aug 2018 13:29:10 GMT Server Apache Location https://xn--restaurante-lascaas-c4b.com/plugins/67%25%23$%25&%25%23$%25&/splxfile/ Content-Length 380 Keep-Alive timeout=5, max=100 Connection Keep-Alive Content-Type text/html; charset=iso-8859-1
GET H/1.1	200 OK	theDocs.all.min.css xn--restaurante-lascaas-c4b.com/plugins/67%25%23$%25&%25%23$%25&/splxfile/docs/	203 KB 203 KB	35ms 34ms	Stylesheet text/css	89.44.32.125 CUBENODE
General Check archive.org Show headers Download Go to Full URL https://xn--restaurante-lascaas-c4b.com/plugins/67%25%23$%25&%25%23$%25&/splxfile/docs/theDocs.all.min.css Requested by Host: xn--restaurante-lascaas-c4b.com URL: https://xn--restaurante-lascaas-c4b.com/plugins/67%25%23$%25&%25%23$%25&/splxfile/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 89.44.32.125 , Romania, ASN203178 (CUBENODE, ES), Reverse DNS pcvera.com Software Apache / Resource Hash `a0d8eac3c45463beb336136683e92bf09881bd7e072449f9627fddaa469e60d9` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host xn--restaurante-lascaas-c4b.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/css,/;q=0.1 Referer https://xn--restaurante-lascaas-c4b.com/plugins/67%25%23$%25&%25%23$%25&/splxfile/ Connection keep-alive Cache-Control no-cache Referer https://xn--restaurante-lascaas-c4b.com/plugins/67%25%23$%25&%25%23$%25&/splxfile/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Fri, 17 Aug 2018 13:29:10 GMT Last-Modified Wed, 08 Aug 2018 13:37:18 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 207726
GET H/1.1	200 OK	custom.css xn--restaurante-lascaas-c4b.com/plugins/67%25%23$%25&%25%23$%25&/splxfile/docs/	2 KB 2 KB	102ms 34ms	Stylesheet text/css	89.44.32.125 CUBENODE
General Check archive.org Show headers Download Go to Full URL https://xn--restaurante-lascaas-c4b.com/plugins/67%25%23$%25&%25%23$%25&/splxfile/docs/custom.css Requested by Host: xn--restaurante-lascaas-c4b.com URL: https://xn--restaurante-lascaas-c4b.com/plugins/67%25%23$%25&%25%23$%25&/splxfile/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 89.44.32.125 , Romania, ASN203178 (CUBENODE, ES), Reverse DNS pcvera.com Software Apache / Resource Hash `2cc68b94666feb1fdd89122bf25fe10b0089cd51abbeec09913026d20f085dd5` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host xn--restaurante-lascaas-c4b.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/css,/;q=0.1 Referer https://xn--restaurante-lascaas-c4b.com/plugins/67%25%23$%25&%25%23$%25&/splxfile/ Connection keep-alive Cache-Control no-cache Referer https://xn--restaurante-lascaas-c4b.com/plugins/67%25%23$%25&%25%23$%25&/splxfile/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Fri, 17 Aug 2018 13:29:10 GMT Last-Modified Wed, 08 Aug 2018 13:38:42 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 1762
GET H/1.1	200 OK	logo.png xn--restaurante-lascaas-c4b.com/plugins/67%25%23$%25&%25%23$%25&/splxfile/docs/	21 KB 21 KB	103ms 34ms	Image image/png	89.44.32.125 CUBENODE
General Check archive.org Show headers Download Go to Show image Full URL https://xn--restaurante-lascaas-c4b.com/plugins/67%25%23$%25&%25%23$%25&/splxfile/docs/logo.png Requested by Host: xn--restaurante-lascaas-c4b.com URL: https://xn--restaurante-lascaas-c4b.com/plugins/67%25%23$%25&%25%23$%25&/splxfile/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 89.44.32.125 , Romania, ASN203178 (CUBENODE, ES), Reverse DNS pcvera.com Software Apache / Resource Hash `3ae10ed925ca3203f6f4907da618fa90061d565b0b38af565b2fc5396477361a` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host xn--restaurante-lascaas-c4b.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://xn--restaurante-lascaas-c4b.com/plugins/67%25%23$%25&%25%23$%25&/splxfile/ Connection keep-alive Cache-Control no-cache Referer https://xn--restaurante-lascaas-c4b.com/plugins/67%25%23$%25&%25%23$%25&/splxfile/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Fri, 17 Aug 2018 13:29:10 GMT Last-Modified Wed, 08 Aug 2018 13:40:14 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 21171
GET H/1.1	200 OK	word.png xn--restaurante-lascaas-c4b.com/plugins/67%25%23$%25&%25%23$%25&/splxfile/docs/	7 KB 7 KB	103ms 34ms	Image image/png	89.44.32.125 CUBENODE
General Check archive.org Show headers Download Go to Show image Full URL https://xn--restaurante-lascaas-c4b.com/plugins/67%25%23$%25&%25%23$%25&/splxfile/docs/word.png Requested by Host: xn--restaurante-lascaas-c4b.com URL: https://xn--restaurante-lascaas-c4b.com/plugins/67%25%23$%25&%25%23$%25&/splxfile/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 89.44.32.125 , Romania, ASN203178 (CUBENODE, ES), Reverse DNS pcvera.com Software Apache / Resource Hash `2cbcd235e7bd37011920b82ef900a4c2e87a048faa7345a1af59c1f28bce7188` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host xn--restaurante-lascaas-c4b.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://xn--restaurante-lascaas-c4b.com/plugins/67%25%23$%25&%25%23$%25&/splxfile/ Connection keep-alive Cache-Control no-cache Referer https://xn--restaurante-lascaas-c4b.com/plugins/67%25%23$%25&%25%23$%25&/splxfile/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Fri, 17 Aug 2018 13:29:10 GMT Last-Modified Wed, 08 Aug 2018 13:42:36 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 7259
GET H/1.1	200 OK	jquery.min.js Show response xn--restaurante-lascaas-c4b.com/plugins/67%25%23$%25&%25%23$%25&/splxfile/docs/	81 KB 81 KB	101ms 34ms	Script application/javascript	89.44.32.125 CUBENODE
General Check archive.org Show headers Download Go to Full URL https://xn--restaurante-lascaas-c4b.com/plugins/67%25%23$%25&%25%23$%25&/splxfile/docs/jquery.min.js Requested by Host: xn--restaurante-lascaas-c4b.com URL: https://xn--restaurante-lascaas-c4b.com/plugins/67%25%23$%25&%25%23$%25&/splxfile/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 89.44.32.125 , Romania, ASN203178 (CUBENODE, ES), Reverse DNS pcvera.com Software Apache / Resource Hash `d482871a5e948cb4884fa0972ea98a81abca057b6bd3f8c995a18c12487e761c` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host xn--restaurante-lascaas-c4b.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept / Referer https://xn--restaurante-lascaas-c4b.com/plugins/67%25%23$%25&%25%23$%25&/splxfile/ Connection keep-alive Cache-Control no-cache Referer https://xn--restaurante-lascaas-c4b.com/plugins/67%25%23$%25&%25%23$%25&/splxfile/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Fri, 17 Aug 2018 13:29:10 GMT Last-Modified Wed, 08 Aug 2018 13:43:24 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 83095
GET H/1.1	200 OK	jstz.min.js Show response xn--restaurante-lascaas-c4b.com/plugins/67%25%23$%25&%25%23$%25&/splxfile/docs/	5 KB 5 KB	35ms 34ms	Script application/javascript	89.44.32.125 CUBENODE
General Check archive.org Show headers Download Go to Full URL https://xn--restaurante-lascaas-c4b.com/plugins/67%25%23$%25&%25%23$%25&/splxfile/docs/jstz.min.js Requested by Host: xn--restaurante-lascaas-c4b.com URL: https://xn--restaurante-lascaas-c4b.com/plugins/67%25%23$%25&%25%23$%25&/splxfile/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 89.44.32.125 , Romania, ASN203178 (CUBENODE, ES), Reverse DNS pcvera.com Software Apache / Resource Hash `538f30288aa121eb73b8f5408eaf086bd42ae067460dc99bb859f4a18950bae0` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host xn--restaurante-lascaas-c4b.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept / Referer https://xn--restaurante-lascaas-c4b.com/plugins/67%25%23$%25&%25%23$%25&/splxfile/ Connection keep-alive Cache-Control no-cache Referer https://xn--restaurante-lascaas-c4b.com/plugins/67%25%23$%25&%25%23$%25&/splxfile/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Fri, 17 Aug 2018 13:29:10 GMT Last-Modified Wed, 08 Aug 2018 13:44:06 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 5340
GET H/1.1	200 OK	theDocs.all.min.js Show response xn--restaurante-lascaas-c4b.com/plugins/67%25%23$%25&%25%23$%25&/splxfile/docs/	222 KB 222 KB	35ms 34ms	Script application/javascript	89.44.32.125 CUBENODE
General Check archive.org Show headers Download Go to Full URL https://xn--restaurante-lascaas-c4b.com/plugins/67%25%23$%25&%25%23$%25&/splxfile/docs/theDocs.all.min.js Requested by Host: xn--restaurante-lascaas-c4b.com URL: https://xn--restaurante-lascaas-c4b.com/plugins/67%25%23$%25&%25%23$%25&/splxfile/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 89.44.32.125 , Romania, ASN203178 (CUBENODE, ES), Reverse DNS pcvera.com Software Apache / Resource Hash `f81e12f67f4c6f10ed89f3be4a9f7f4685c1e746cae88373f1e5f823980601fb` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host xn--restaurante-lascaas-c4b.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept / Referer https://xn--restaurante-lascaas-c4b.com/plugins/67%25%23$%25&%25%23$%25&/splxfile/ Connection keep-alive Cache-Control no-cache Referer https://xn--restaurante-lascaas-c4b.com/plugins/67%25%23$%25&%25%23$%25&/splxfile/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Fri, 17 Aug 2018 13:29:10 GMT Last-Modified Wed, 08 Aug 2018 13:44:28 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 227270
GET H/1.1	200 OK	custom.js Show response xn--restaurante-lascaas-c4b.com/plugins/67%25%23$%25&%25%23$%25&/splxfile/docs/	4 KB 4 KB	69ms 34ms	Script application/javascript	89.44.32.125 CUBENODE
General Check archive.org Show headers Download Go to Full URL https://xn--restaurante-lascaas-c4b.com/plugins/67%25%23$%25&%25%23$%25&/splxfile/docs/custom.js Requested by Host: xn--restaurante-lascaas-c4b.com URL: https://xn--restaurante-lascaas-c4b.com/plugins/67%25%23$%25&%25%23$%25&/splxfile/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 89.44.32.125 , Romania, ASN203178 (CUBENODE, ES), Reverse DNS pcvera.com Software Apache / Resource Hash `d095f2c89eb0bf0de592fe58141f1437898789a532828c97eba1638b5f821637` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host xn--restaurante-lascaas-c4b.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept / Referer https://xn--restaurante-lascaas-c4b.com/plugins/67%25%23$%25&%25%23$%25&/splxfile/ Connection keep-alive Cache-Control no-cache Referer https://xn--restaurante-lascaas-c4b.com/plugins/67%25%23$%25&%25%23$%25&/splxfile/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Fri, 17 Aug 2018 13:29:10 GMT Last-Modified Mon, 13 Aug 2018 13:10:06 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 4279
GET		css fonts.googleapis.com/	0 0

GET H/1.1	404 ArtÃculo no encontrado	Cookie set fontawesome-webfont.woff2 xn--restaurante-lascaas-c4b.com/plugins/67%25%23$%25&%25%23$%25&/splxfile/fonts/	0 0	249ms 224ms	Font text/html	89.44.32.125 CUBENODE
General Check archive.org Show headers Download Go to Full URL https://xn--restaurante-lascaas-c4b.com/plugins/67%25%23$%25&%25%23$%25&/splxfile/fonts/fontawesome-webfont.woff2?v=4.6.3 Requested by Host: xn--restaurante-lascaas-c4b.com URL: https://xn--restaurante-lascaas-c4b.com/plugins/67%25%23$%25&%25%23$%25&/splxfile/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 89.44.32.125 , Romania, ASN203178 (CUBENODE, ES), Reverse DNS pcvera.com Software Apache / Resource Hash Request headers Pragma no-cache Origin https://xn--restaurante-lascaas-c4b.com Accept-Encoding gzip, deflate Host xn--restaurante-lascaas-c4b.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept / Referer https://xn--restaurante-lascaas-c4b.com/plugins/67%25%23$%25&%25%23$%25&/splxfile/docs/theDocs.all.min.css Connection keep-alive Cache-Control no-cache User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://xn--restaurante-lascaas-c4b.com/plugins/67%25%23$%25&%25%23$%25&/splxfile/docs/theDocs.all.min.css Origin https://xn--restaurante-lascaas-c4b.com Response headers Pragma no-cache Date Fri, 17 Aug 2018 13:29:10 GMT Server Apache Transfer-Encoding chunked P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Set-Cookie f6809ab9d89c407493436f18d2312d11=4aaacb7e5861ad8df551bda240e250d9; path=/ ja_droid_tpl=ja_droid; expires=Wed, 07-Aug-2019 13:29:11 GMT; Max-Age=30672000; path=/ Cache-Control no-cache Connection Keep-Alive Content-Type text/html; charset=utf-8 Keep-Alive timeout=5, max=99
GET H/1.1	404 ArtÃculo no encontrado	fontawesome-webfont.woff xn--restaurante-lascaas-c4b.com/plugins/67%25%23$%25&%25%23$%25&/splxfile/fonts/	0 0	221ms 221ms	Font text/html	89.44.32.125 CUBENODE
General Check archive.org Show headers Download Go to Full URL https://xn--restaurante-lascaas-c4b.com/plugins/67%25%23$%25&%25%23$%25&/splxfile/fonts/fontawesome-webfont.woff?v=4.6.3 Requested by Host: xn--restaurante-lascaas-c4b.com URL: https://xn--restaurante-lascaas-c4b.com/plugins/67%25%23$%25&%25%23$%25&/splxfile/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 89.44.32.125 , Romania, ASN203178 (CUBENODE, ES), Reverse DNS pcvera.com Software Apache / Resource Hash Request headers Pragma no-cache Origin https://xn--restaurante-lascaas-c4b.com Accept-Encoding gzip, deflate Host xn--restaurante-lascaas-c4b.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept / Referer https://xn--restaurante-lascaas-c4b.com/plugins/67%25%23$%25&%25%23$%25&/splxfile/docs/theDocs.all.min.css Cookie f6809ab9d89c407493436f18d2312d11=4aaacb7e5861ad8df551bda240e250d9; ja_droid_tpl=ja_droid Connection keep-alive Cache-Control no-cache User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://xn--restaurante-lascaas-c4b.com/plugins/67%25%23$%25&%25%23$%25&/splxfile/docs/theDocs.all.min.css Origin https://xn--restaurante-lascaas-c4b.com Response headers Pragma no-cache Date Fri, 17 Aug 2018 13:29:11 GMT Server Apache Transfer-Encoding chunked P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Cache-Control no-cache Connection Keep-Alive Content-Type text/html; charset=utf-8 Keep-Alive timeout=5, max=98
GET H/1.1	404 ArtÃculo no encontrado	Cookie set fontawesome-webfont.ttf xn--restaurante-lascaas-c4b.com/plugins/67%25%23$%25&%25%23$%25&/splxfile/fonts/	0 0	237ms 236ms	Font text/html	89.44.32.125 CUBENODE
General Check archive.org Show headers Download Go to Full URL https://xn--restaurante-lascaas-c4b.com/plugins/67%25%23$%25&%25%23$%25&/splxfile/fonts/fontawesome-webfont.ttf?v=4.6.3 Requested by Host: xn--restaurante-lascaas-c4b.com URL: https://xn--restaurante-lascaas-c4b.com/plugins/67%25%23$%25&%25%23$%25&/splxfile/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 89.44.32.125 , Romania, ASN203178 (CUBENODE, ES), Reverse DNS pcvera.com Software Apache / Resource Hash Request headers Pragma no-cache Origin https://xn--restaurante-lascaas-c4b.com Accept-Encoding gzip, deflate Host xn--restaurante-lascaas-c4b.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept / Referer https://xn--restaurante-lascaas-c4b.com/plugins/67%25%23$%25&%25%23$%25&/splxfile/docs/theDocs.all.min.css Connection keep-alive Cache-Control no-cache User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://xn--restaurante-lascaas-c4b.com/plugins/67%25%23$%25&%25%23$%25&/splxfile/docs/theDocs.all.min.css Origin https://xn--restaurante-lascaas-c4b.com Response headers Pragma no-cache Date Fri, 17 Aug 2018 13:29:11 GMT Server Apache Transfer-Encoding chunked P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Set-Cookie f6809ab9d89c407493436f18d2312d11=97eed3735c9495d14d35f5a578098901; path=/ ja_droid_tpl=ja_droid; expires=Wed, 07-Aug-2019 13:29:11 GMT; Max-Age=30672000; path=/ Cache-Control no-cache Connection Keep-Alive Content-Type text/html; charset=utf-8 Keep-Alive timeout=5, max=97

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Raleway:100,300,400,500%7CLato:300,400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			xn--restaurante-lascaas-c4b.com/	1970-01-19 02:46:24	Name: ja_droid_tpl Value: ja_droid
			xn--restaurante-lascaas-c4b.com/	1969-12-31 23:59:59	Name: f6809ab9d89c407493436f18d2312d11 Value: 97eed3735c9495d14d35f5a578098901

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

edmwear.com
fonts.googleapis.com
xn--restaurante-lascaas-c4b.com
fonts.googleapis.com
45.40.132.175
89.44.32.125
2cbcd235e7bd37011920b82ef900a4c2e87a048faa7345a1af59c1f28bce7188
2cc68b94666feb1fdd89122bf25fe10b0089cd51abbeec09913026d20f085dd5
3ae10ed925ca3203f6f4907da618fa90061d565b0b38af565b2fc5396477361a
538f30288aa121eb73b8f5408eaf086bd42ae067460dc99bb859f4a18950bae0
8307a01429e2ff05011de147ae4ef623dec6bfda4f0d8e7611ed954a2ce04b1a
a0d8eac3c45463beb336136683e92bf09881bd7e072449f9627fddaa469e60d9
c11c0b82941ab709104a3639e5e4c542a317e633beff4b96c4510885a3257502
d095f2c89eb0bf0de592fe58141f1437898789a532828c97eba1638b5f821637
d482871a5e948cb4884fa0972ea98a81abca057b6bd3f8c995a18c12487e761c
f81e12f67f4c6f10ed89f3be4a9f7f4685c1e746cae88373f1e5f823980601fb

xn--restaurante-lascaas-c4b.com Open in urlscan Pro Puny restaurante-lascañas.com IDN 89.44.32.125 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

14 Requests

93 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

552 kBTransfer

550 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

14 JavaScript Global Variables

2 Cookies

Indicators

xn--restaurante-lascaas-c4b.com Open in urlscan Pro Puny
restaurante-lascañas.com IDN
89.44.32.125 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

93 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

552 kB
Transfer

550 kB
Size

2
Cookies

14 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!