anglotucuman.com.ar Open in urlscan Pro
2800:6c0:2::141 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://skysimplified.com/da
Effective URL:
https://anglotucuman.com.ar/fi/logs/ec93b59/Sign_in.php
Submission: On December 28 via api (December 28th 2023, 1:06:47 pm UTC) from GB — Scanned from GB

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 12 HTTP transactions. The main IP is 2800:6c0:2::141, located in Buenos Aires, Argentina and belongs to Dattatec.com, AR. The main domain is anglotucuman.com.ar.
TLS certificate: Issued by R3 on November 26th 2023. Valid for: 3 months.

This is the only time anglotucuman.com.ar was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: S-Pankki (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 2	68.66.216.37 68.66.216.37	55293 (A2HOSTING) (A2HOSTING)
3 12	2800:6c0:2::141 2800:6c0:2::141	27823 (Dattatec.com) (Dattatec.com)
1	199.217.115.24 199.217.115.24	() ()
12	4

2 68.66.216.37 (United States) 1 redirects

ASN55293 (A2HOSTING, US)
PTR: mi3-ss32.a2hosting.com

skysimplified.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2800:6c0:2::141 (Buenos Aires, Argentina) 3 redirects

ASN27823 (Dattatec.com, AR)

anglotucuman.com.ar	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.217.115.24 (None, )

ASN- ()

0174meldingen.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	anglotucuman.com.ar 3 redirects anglotucuman.com.ar	692 KB
2	skysimplified.com 1 redirects skysimplified.com	857 B
1	0174meldingen.online 0174meldingen.online
12	3

	Domain	Requested by
12	anglotucuman.com.ar	3 redirects anglotucuman.com.ar
2	skysimplified.com	1 redirects
1	0174meldingen.online	anglotucuman.com.ar
12	3

This site contains no links.

Subject Issuer	Validity	Valid
skysimplified.com cPanel, Inc. Certification Authority	`2023-11-05` - `2024-02-03`	3 months	crt.sh
*.anglotucuman.com.ar R3	`2023-11-26` - `2024-02-24`	3 months	crt.sh
*.0174meldingen.online R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://anglotucuman.com.ar/fi/logs/ec93b59/Sign_in.php
Frame ID: 7829AD3408EDC691EB6DF32BA60A8063
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Tunnistautuminen

Page URL History Show full URLs

https://skysimplified.com/da HTTP 301
https://skysimplified.com/da/ Page URL
https://anglotucuman.com.ar/fi/logs/ HTTP 302
https://anglotucuman.com.ar/fi/logs/ec93b59 HTTP 301
https://anglotucuman.com.ar/fi/logs/ec93b59/ HTTP 302
https://anglotucuman.com.ar/fi/logs/ec93b59/Sign_in.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

12
Requests

92 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

692 kB
Transfer

954 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://skysimplified.com/da HTTP 301
https://skysimplified.com/da/ Page URL
https://anglotucuman.com.ar/fi/logs/ HTTP 302
https://anglotucuman.com.ar/fi/logs/ec93b59 HTTP 301
https://anglotucuman.com.ar/fi/logs/ec93b59/ HTTP 302
https://anglotucuman.com.ar/fi/logs/ec93b59/Sign_in.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://skysimplified.com/da HTTP 301
https://skysimplified.com/da/

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
skysimplified.com/da/
Redirect Chain

https://skysimplified.com/da
https://skysimplified.com/da/

83 B
481 B

125ms
125ms

Document
text/html

68.66.216.37
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://skysimplified.com/da/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

68.66.216.37 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

mi3-ss32.a2hosting.com

Software

Apache / PHP/7.2.34

Resource Hash

fb19a184ccbd85dafa6e6b8bc5c9efc14c2806c94ab312db8cbfd77b36b62b02

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 94
Content-Type: text/html; charset=UTF-8
Date: Thu, 28 Dec 2023 13:06:41 GMT
Keep-Alive: timeout=3, max=499
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Powered-By: PHP/7.2.34

Redirect headers

Connection: Keep-Alive
Content-Length: 237
Content-Type: text/html; charset=iso-8859-1
Date: Thu, 28 Dec 2023 13:06:41 GMT
Keep-Alive: timeout=3, max=500
Location: https://skysimplified.com/da/
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN

GET
H2

200

Primary Request Sign_in.php Show response
anglotucuman.com.ar/fi/logs/ec93b59/
Redirect Chain

https://anglotucuman.com.ar/fi/logs/
https://anglotucuman.com.ar/fi/logs/ec93b59
https://anglotucuman.com.ar/fi/logs/ec93b59/
https://anglotucuman.com.ar/fi/logs/ec93b59/Sign_in.php

12 KB
3 KB

251ms
251ms

Document
text/html

2800:6c0:2::141
Dattatec.com

General

Check archive.org

Show headers Download Go to

Full URL: https://anglotucuman.com.ar/fi/logs/ec93b59/Sign_in.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2800:6c0:2::141 Buenos Aires, Argentina, ASN27823 (Dattatec.com, AR),
Reverse DNS
Software: Apache / PHP/7.4.25
Resource Hash: bfe02e6d414edbf2a8994a5851fde8eaa3abc1f15d762e1083673219ad27b49c

Request headers

Referer: https://skysimplified.com/da/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-encoding: gzip
content-length: 3097
content-type: text/html; charset=UTF-8
date: Thu, 28 Dec 2023 13:06:43 GMT
server: Apache
vary: Accept-Encoding
x-powered-by: PHP/7.4.25

Redirect headers

content-type: text/html; charset=UTF-8
date: Thu, 28 Dec 2023 13:06:42 GMT
location: ./Sign_in.php
server: Apache
x-powered-by: PHP/7.4.25

GET
H2 200 auth.05f49022e1cd9c5b1b15.css
anglotucuman.com.ar/fi/logs/ec93b59/Folder/ 302 KB
56 KB 498ms
497ms Stylesheet
text/css 2800:6c0:2::141
Dattatec.com

General

Check archive.org

Show headers Download Go to

Full URL: https://anglotucuman.com.ar/fi/logs/ec93b59/Folder/auth.05f49022e1cd9c5b1b15.css
Requested by: Host: anglotucuman.com.ar
URL: https://anglotucuman.com.ar/fi/logs/ec93b59/Sign_in.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2800:6c0:2::141 Buenos Aires, Argentina, ASN27823 (Dattatec.com, AR),
Reverse DNS
Software: Apache /
Resource Hash: 72efeb969eb82f2a5bdf388076bcd15802a870d781df3729a6366c7e5d351207

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://anglotucuman.com.ar/fi/logs/ec93b59/Sign_in.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 13:06:43 GMT
content-encoding: gzip
last-modified: Thu, 28 Dec 2023 13:06:42 GMT
server: Apache
etag: "4b6b9-60d9196402282-gzip"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 57320

GET
H2 200 s-bank-fi.svg
anglotucuman.com.ar/fi/logs/ec93b59/Folder/ 3 KB
3 KB 252ms
252ms Image
image/svg+xml 2800:6c0:2::141
Dattatec.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://anglotucuman.com.ar/fi/logs/ec93b59/Folder/s-bank-fi.svg
Requested by: Host: anglotucuman.com.ar
URL: https://anglotucuman.com.ar/fi/logs/ec93b59/Sign_in.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2800:6c0:2::141 Buenos Aires, Argentina, ASN27823 (Dattatec.com, AR),
Reverse DNS
Software: Apache /
Resource Hash: f549b7f82c657c6667a9307218885710788ce71d4349b6a8b74abd8eb19be6ae

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://anglotucuman.com.ar/fi/logs/ec93b59/Sign_in.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 13:06:43 GMT
last-modified: Thu, 28 Dec 2023 13:06:42 GMT
server: Apache
accept-ranges: bytes
etag: "ca4-60d9196403222"
content-length: 3236
content-type: image/svg+xml

GET
H2 200 identificationservice.svg
anglotucuman.com.ar/fi/logs/ec93b59/Folder/ 2 KB
2 KB 252ms
252ms Image
image/svg+xml 2800:6c0:2::141
Dattatec.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://anglotucuman.com.ar/fi/logs/ec93b59/Folder/identificationservice.svg
Requested by: Host: anglotucuman.com.ar
URL: https://anglotucuman.com.ar/fi/logs/ec93b59/Sign_in.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2800:6c0:2::141 Buenos Aires, Argentina, ASN27823 (Dattatec.com, AR),
Reverse DNS
Software: Apache /
Resource Hash: 7f5b78806f1ae9108ad8b5dfd75d66d4756b6c42b5cc4a914e7506d88c1eafd4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://anglotucuman.com.ar/fi/logs/ec93b59/Sign_in.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 13:06:43 GMT
last-modified: Thu, 28 Dec 2023 13:06:42 GMT
server: Apache
accept-ranges: bytes
etag: "7c9-60d9196402282"
content-length: 1993
content-type: image/svg+xml

GET
H2 200 codetable.jpg
anglotucuman.com.ar/fi/logs/ec93b59/Folder/ 53 KB
54 KB 737ms
736ms Image
image/jpeg 2800:6c0:2::141
Dattatec.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://anglotucuman.com.ar/fi/logs/ec93b59/Folder/codetable.jpg
Requested by: Host: anglotucuman.com.ar
URL: https://anglotucuman.com.ar/fi/logs/ec93b59/Sign_in.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2800:6c0:2::141 Buenos Aires, Argentina, ASN27823 (Dattatec.com, AR),
Reverse DNS
Software: Apache /
Resource Hash: 21c1ba8aa59654d4f6be2b79ce7aaa0f55ed8a55b399cd2e9283e97f328944f5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://anglotucuman.com.ar/fi/logs/ec93b59/Sign_in.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 13:06:43 GMT
last-modified: Thu, 28 Dec 2023 13:06:42 GMT
server: Apache
accept-ranges: bytes
etag: "d4cb-60d919640360a"
content-length: 54475
content-type: image/jpeg

GET
H2 200 s-mobile-with-qr-code-verification.jpg
anglotucuman.com.ar/fi/logs/ec93b59/Folder/ 266 KB
268 KB 736ms
736ms Image
image/jpeg 2800:6c0:2::141
Dattatec.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://anglotucuman.com.ar/fi/logs/ec93b59/Folder/s-mobile-with-qr-code-verification.jpg
Requested by: Host: anglotucuman.com.ar
URL: https://anglotucuman.com.ar/fi/logs/ec93b59/Sign_in.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2800:6c0:2::141 Buenos Aires, Argentina, ASN27823 (Dattatec.com, AR),
Reverse DNS
Software: Apache /
Resource Hash: f4a00680186eb6d2c8b0e30b3f41fa9982ffbbca614d9ac1c50b1609827ea6bb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://anglotucuman.com.ar/fi/logs/ec93b59/Sign_in.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 13:06:43 GMT
last-modified: Thu, 28 Dec 2023 13:06:42 GMT
server: Apache
accept-ranges: bytes
etag: "427c4-60d919640266a"
content-length: 272324
content-type: image/jpeg

GET
H2 200 s-mobiililla-tunnistautuminen-info-kuva-1x.jpg
anglotucuman.com.ar/fi/logs/ec93b59/Folder/ 292 KB
294 KB 737ms
737ms Image
image/jpeg 2800:6c0:2::141
Dattatec.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://anglotucuman.com.ar/fi/logs/ec93b59/Folder/s-mobiililla-tunnistautuminen-info-kuva-1x.jpg
Requested by: Host: anglotucuman.com.ar
URL: https://anglotucuman.com.ar/fi/logs/ec93b59/Sign_in.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2800:6c0:2::141 Buenos Aires, Argentina, ASN27823 (Dattatec.com, AR),
Reverse DNS
Software: Apache /
Resource Hash: 9704dba972352122c91f512d9670b55ca13ddb6edc7c3ecadf01a70c9a8404df

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://anglotucuman.com.ar/fi/logs/ec93b59/Sign_in.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 13:06:43 GMT
last-modified: Thu, 28 Dec 2023 13:06:42 GMT
server: Apache
accept-ranges: bytes
etag: "48f52-60d919640266a"
content-length: 298834
content-type: image/jpeg

GET
H/1.1 404
Not Found %66%6F%6E%74%73.%70%6E%67
0174meldingen.online/%63%73%73/%43%72%79%70%74%6F/ 0
0 3130ms
2734ms Stylesheet
text/html 199.217.115.24

General

Check archive.org

Show headers Download Go to

Full URL: https://0174meldingen.online/%63%73%73/%43%72%79%70%74%6F/%66%6F%6E%74%73.%70%6E%67
Requested by: Host: anglotucuman.com.ar
URL: https://anglotucuman.com.ar/fi/logs/ec93b59/Folder/auth.05f49022e1cd9c5b1b15.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 199.217.115.24 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://anglotucuman.com.ar/fi/logs/ec93b59/Folder/auth.05f49022e1cd9c5b1b15.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Thu, 28 Dec 2023 13:06:44 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 Sign_in.php
anglotucuman.com.ar/fi/logs/ec93b59/ 12 KB
12 KB 252ms
252ms Image
text/html 2800:6c0:2::141
Dattatec.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://anglotucuman.com.ar/fi/logs/ec93b59/Sign_in.php
Requested by: Host: anglotucuman.com.ar
URL: https://anglotucuman.com.ar/fi/logs/ec93b59/Sign_in.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2800:6c0:2::141 Buenos Aires, Argentina, ASN27823 (Dattatec.com, AR),
Reverse DNS
Software: Apache / PHP/7.4.25
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://anglotucuman.com.ar/fi/logs/ec93b59/Sign_in.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 13:06:47 GMT
content-encoding: gzip
server: Apache
x-powered-by: PHP/7.4.25
content-length: 3097
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 e2d3fd034896d1bc0fc5cd6586862202.woff
anglotucuman.com.ar/fi/logs/ec93b59/Folder/ 13 KB
0 252ms
252ms Font
application/x-font-woff 2800:6c0:2::141
Dattatec.com

General

Check archive.org

Show headers Download Go to

Full URL: https://anglotucuman.com.ar/fi/logs/ec93b59/Folder/e2d3fd034896d1bc0fc5cd6586862202.woff
Requested by: Host: anglotucuman.com.ar
URL: https://anglotucuman.com.ar/fi/logs/ec93b59/Folder/auth.05f49022e1cd9c5b1b15.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2800:6c0:2::141 Buenos Aires, Argentina, ASN27823 (Dattatec.com, AR),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Referer: https://anglotucuman.com.ar/fi/logs/ec93b59/Folder/auth.05f49022e1cd9c5b1b15.css
Origin: https://anglotucuman.com.ar
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 13:06:47 GMT
last-modified: Thu, 28 Dec 2023 13:06:42 GMT
server: Apache
accept-ranges: bytes
etag: "f604-60d919640360a"
content-length: 62980
content-type: application/x-font-woff

GET 5e1aec00d3a032511dde0121ec1ecc5d.woff
anglotucuman.com.ar/fi/logs/ec93b59/Folder/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: anglotucuman.com.ar
URL: https://anglotucuman.com.ar/fi/logs/ec93b59/Folder/5e1aec00d3a032511dde0121ec1ecc5d.woff

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: S-Pankki (Banking)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://0174meldingen.online/%63%73%73/%43%72%79%70%74%6F/%66%6F%6E%74%73.%70%6E%67 Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0174meldingen.online
anglotucuman.com.ar
skysimplified.com
anglotucuman.com.ar
199.217.115.24
2800:6c0:2::141
68.66.216.37
21c1ba8aa59654d4f6be2b79ce7aaa0f55ed8a55b399cd2e9283e97f328944f5
72efeb969eb82f2a5bdf388076bcd15802a870d781df3729a6366c7e5d351207
7f5b78806f1ae9108ad8b5dfd75d66d4756b6c42b5cc4a914e7506d88c1eafd4
9704dba972352122c91f512d9670b55ca13ddb6edc7c3ecadf01a70c9a8404df
bfe02e6d414edbf2a8994a5851fde8eaa3abc1f15d762e1083673219ad27b49c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f4a00680186eb6d2c8b0e30b3f41fa9982ffbbca614d9ac1c50b1609827ea6bb
f549b7f82c657c6667a9307218885710788ce71d4349b6a8b74abd8eb19be6ae
fb19a184ccbd85dafa6e6b8bc5c9efc14c2806c94ab312db8cbfd77b36b62b02

anglotucuman.com.ar Open in urlscan Pro 2800:6c0:2::141 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

12 Requests

92 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

4 IPs

2 Countries

692 kBTransfer

954 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

1 JavaScript Global Variables

0 Cookies

1 Console Messages

Security Headers

Indicators

anglotucuman.com.ar Open in urlscan Pro
2800:6c0:2::141 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

92 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

692 kB
Transfer

954 kB
Size

0
Cookies

12 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!