jens.com.es Open in urlscan Pro
82.223.37.188 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://jens.com.es/clases/phishing/facebook/login.html
Submission: On May 13 via automatic, source openphish (May 13th 2022, 1:10:05 pm UTC) — Scanned from ES

Summary HTTP 23 Redirects Links 48 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 23 HTTP transactions. The main IP is 82.223.37.188, located in Madrid, Spain and belongs to IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE. The main domain is jens.com.es.
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G1 on January 5th 2022. Valid for: a year.

This is the only time jens.com.es was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

	IP Address		AS Autonomous System
23	82.223.37.188 82.223.37.188		8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
23	2

23 82.223.37.188 (Madrid, Spain)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)

jens.com.es	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	jens.com.es jens.com.es	362 KB
23	1

	Domain	Requested by
23	jens.com.es	jens.com.es
23	1

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
ur-pk.facebook.com
ps-af.facebook.com
ar-ar.facebook.com
hi-in.facebook.com
bn-in.facebook.com
pa-in.facebook.com
fa-ir.facebook.com
gu-in.facebook.com
de-de.facebook.com
es-la.facebook.com
messenger.com
l.facebook.com
developers.facebook.com

Subject Issuer	Validity	Valid
*.jens.com.es Encryption Everywhere DV TLS CA - G1	`2022-01-05` - `2023-01-04`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://jens.com.es/clases/phishing/facebook/login.html
Frame ID: DACCECE428FA74EE11630119A218B9FD
Requests: 24 HTTP requests in this frame

Frame: https://jens.com.es/clases/phishing/facebook/index_files/referer_frame.html
Frame ID: 90C62A9601B321A28264F8BF9C7118DE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Facebook – log in or sign up

Page Statistics

23
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

377 kB
Transfer

1117 kB
Size

0
Cookies

48 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/
Title: Sections of this page

Search URL Search Domain Scan URL

URL: https://www.facebook.com/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.facebook.com/recover/initiate?lwv=110&ars=royal_blue_bar
Title: Forgotten account?

Search URL Search Domain Scan URL

URL: https://www.facebook.com/legal/terms/update
Title: Terms

Search URL Search Domain Scan URL

URL: https://www.facebook.com/about/privacy/update
Title: Data Policy

Search URL Search Domain Scan URL

URL: https://www.facebook.com/policies/cookies/
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: https://ur-pk.facebook.com/
Title: اردو

Search URL Search Domain Scan URL

URL: https://ps-af.facebook.com/
Title: پښتو

Search URL Search Domain Scan URL

URL: https://ar-ar.facebook.com/
Title: العربية

Search URL Search Domain Scan URL

URL: https://hi-in.facebook.com/
Title: हिन्दी

Search URL Search Domain Scan URL

URL: https://bn-in.facebook.com/
Title: বাংলা

Search URL Search Domain Scan URL

URL: https://pa-in.facebook.com/
Title: ਪੰਜਾਬੀ

Search URL Search Domain Scan URL

URL: https://fa-ir.facebook.com/
Title: فارسی

Search URL Search Domain Scan URL

URL: https://gu-in.facebook.com/
Title: ગુજરાતી

Search URL Search Domain Scan URL

URL: https://de-de.facebook.com/
Title: Deutsch

Search URL Search Domain Scan URL

URL: https://es-la.facebook.com/
Title: Español

Search URL Search Domain Scan URL

URL: https://www.facebook.com/r.php
Title: Sign Up

Search URL Search Domain Scan URL

URL: https://www.facebook.com/login/
Title: Log In

Search URL Search Domain Scan URL

URL: https://messenger.com/
Title: Messenger

Search URL Search Domain Scan URL

URL: https://www.facebook.com/lite/
Title: Facebook Lite

Search URL Search Domain Scan URL

URL: https://www.facebook.com/watch/
Title: Watch

Search URL Search Domain Scan URL

URL: https://www.facebook.com/directory/people_remain/
Title: People

Search URL Search Domain Scan URL

URL: https://www.facebook.com/directory/people_sm/
Title: Profiles

Search URL Search Domain Scan URL

URL: https://www.facebook.com/directory/pages/
Title: Pages

Search URL Search Domain Scan URL

URL: https://www.facebook.com/pages/category/
Title: Page categories

Search URL Search Domain Scan URL

URL: https://www.facebook.com/directory/events_directories/
Title: Events

Search URL Search Domain Scan URL

URL: https://www.facebook.com/places/
Title: Places

Search URL Search Domain Scan URL

URL: https://www.facebook.com/games/
Title: Games

Search URL Search Domain Scan URL

URL: https://www.facebook.com/directory/places/
Title: Locations

Search URL Search Domain Scan URL

URL: https://www.facebook.com/marketplace/directory/
Title: Marketplace

Search URL Search Domain Scan URL

URL: https://www.facebook.com/directory/groups/
Title: Groups

Search URL Search Domain Scan URL

URL: https://l.facebook.com/l.php?u=https%3A%2F%2Finstagram.com%2F&h=AT0LySGLfRfSxD2oxt9Wlumk5deVS8dr4BlB1CghqQL4g3M7ahIStycttVYrrpuFYIHmuJGwUa5sTdacEZ1BZqf3PrCt4UL8fZAbN77wr1UFktHEZ3nd3Bh2GDSG444yAPpU8JXS8ZT7Lw
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.facebook.com/local/lists/245019872666104/
Title: Local

Search URL Search Domain Scan URL

URL: https://www.facebook.com/fundraisers/
Title: Fundraisers

Search URL Search Domain Scan URL

URL: https://www.facebook.com/biz/directory/
Title: Services

Search URL Search Domain Scan URL

URL: https://www.facebook.com/facebook
Title: About

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ad_campaign/landing.php?placement=pflo&campaign_id=402047449186&extra_1=auto
Title: Create ad

Search URL Search Domain Scan URL

URL: https://www.facebook.com/pages/create/?ref_type=sitefooter
Title: Create Page

Search URL Search Domain Scan URL

URL: https://developers.facebook.com/?ref=pf
Title: Developers

Search URL Search Domain Scan URL

URL: https://www.facebook.com/careers/?ref=pf
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.facebook.com/privacy/explanation
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.facebook.com/help/568137493302217
Title: AdChoices

Search URL Search Domain Scan URL

URL: https://www.facebook.com/policies?ref=pf
Title: Terms

Search URL Search Domain Scan URL

URL: https://www.facebook.com/help/2687943754764396
Title: Account security

Search URL Search Domain Scan URL

URL: https://www.facebook.com/help/www/1573156092981768/
Title: Login help

Search URL Search Domain Scan URL

URL: https://www.facebook.com/help/?ref=pf
Title: Help

Search URL Search Domain Scan URL

URL: https://www.facebook.com/settings
Title: Settings

Search URL Search Domain Scan URL

URL: https://www.facebook.com/allactivity?privacy_source=activity_log_top_menu
Title: Activity log

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request login.html Show response jens.com.es/clases/phishing/facebook/	119 KB 29 KB	177ms 78ms	Document text/html	82.223.37.188 IONOS-AS This is ...
General Check archive.org Show headers Download Go to Full URL https://jens.com.es/clases/phishing/facebook/login.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 82.223.37.188 Madrid, Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE), Reverse DNS Software nginx / PleskLin Resource Hash `d863e3130d79ed27fc5141a0cb2d0af407a00b6c3989fbb1805db8dc399c7b39` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 accept-language es-ES,es;q=0.9 Response headers content-encoding br content-type text/html date Fri, 13 May 2022 13:10:01 GMT etag W/"627d2a59-1db93" last-modified Thu, 12 May 2022 15:40:09 GMT server nginx x-powered-by PleskLin
GET H2	200	SuIZL5aHqA4.css jens.com.es/clases/phishing/facebook/index_files/	30 KB 6 KB	48ms 46ms	Stylesheet text/css	82.223.37.188 IONOS-AS This is ...
General Check archive.org Show headers Download Go to Full URL https://jens.com.es/clases/phishing/facebook/index_files/SuIZL5aHqA4.css Requested by Host: jens.com.es URL: https://jens.com.es/clases/phishing/facebook/login.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 82.223.37.188 Madrid, Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE), Reverse DNS Software nginx / PleskLin Resource Hash `e5446135e4743aa77bc47f5a7d11900b0366448844cc8a6f330026cd5cc89cab` Request headers Referer https://jens.com.es/clases/phishing/facebook/login.html Origin https://jens.com.es accept-language es-ES,es;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Fri, 13 May 2022 13:10:01 GMT content-encoding br etag W/"627d2a57-77cd" last-modified Thu, 12 May 2022 15:40:07 GMT server nginx x-powered-by PleskLin content-type text/css
GET H2	200	_fa_Q_Q3Yqm.css jens.com.es/clases/phishing/facebook/index_files/	22 KB 6 KB	48ms 47ms	Stylesheet text/css	82.223.37.188 IONOS-AS This is ...
General Check archive.org Show headers Download Go to Full URL https://jens.com.es/clases/phishing/facebook/index_files/_fa_Q_Q3Yqm.css Requested by Host: jens.com.es URL: https://jens.com.es/clases/phishing/facebook/login.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 82.223.37.188 Madrid, Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE), Reverse DNS Software nginx / PleskLin Resource Hash `59eeda5bccc87a379162ae0594e643fd98075da49a26e4f963f0a74408c8cd6d` Request headers Referer https://jens.com.es/clases/phishing/facebook/login.html Origin https://jens.com.es accept-language es-ES,es;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Fri, 13 May 2022 13:10:01 GMT content-encoding br etag W/"627d2a58-594c" last-modified Thu, 12 May 2022 15:40:08 GMT server nginx x-powered-by PleskLin content-type text/css
GET H2	200	uTqzUx0zOSn.css jens.com.es/clases/phishing/facebook/index_files/	42 KB 10 KB	46ms 45ms	Stylesheet text/css	82.223.37.188 IONOS-AS This is ...
General Check archive.org Show headers Download Go to Full URL https://jens.com.es/clases/phishing/facebook/index_files/uTqzUx0zOSn.css Requested by Host: jens.com.es URL: https://jens.com.es/clases/phishing/facebook/login.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 82.223.37.188 Madrid, Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE), Reverse DNS Software nginx / PleskLin Resource Hash `107b659ab8c9ecf5312d5d0d08ac88bb1feb04d7b3e972cfc3332fe66c67e73e` Request headers Referer https://jens.com.es/clases/phishing/facebook/login.html Origin https://jens.com.es accept-language es-ES,es;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Fri, 13 May 2022 13:10:01 GMT content-encoding br etag W/"627d2a57-a73b" last-modified Thu, 12 May 2022 15:40:07 GMT server nginx x-powered-by PleskLin content-type text/css
GET H2	200	lZ86cv9aR90.css jens.com.es/clases/phishing/facebook/index_files/	40 KB 26 KB	50ms 50ms	Stylesheet text/css	82.223.37.188 IONOS-AS This is ...
General Check archive.org Show headers Download Go to Full URL https://jens.com.es/clases/phishing/facebook/index_files/lZ86cv9aR90.css Requested by Host: jens.com.es URL: https://jens.com.es/clases/phishing/facebook/login.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 82.223.37.188 Madrid, Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE), Reverse DNS Software nginx / PleskLin Resource Hash `c63295b9a226783c80c36bf2a99a04ec4bf0a7c996df04fad43bb198c6aa193b` Request headers Referer https://jens.com.es/clases/phishing/facebook/login.html Origin https://jens.com.es accept-language es-ES,es;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Fri, 13 May 2022 13:10:01 GMT content-encoding br etag W/"627d2a54-9eb4" last-modified Thu, 12 May 2022 15:40:04 GMT server nginx x-powered-by PleskLin content-type text/css
GET H2	200	pAzbdV2KKwn.js Show response jens.com.es/clases/phishing/facebook/index_files/	24 KB 8 KB	44ms 43ms	Script application/javascript	82.223.37.188 IONOS-AS This is ...
General Check archive.org Show headers Download Go to Full URL https://jens.com.es/clases/phishing/facebook/index_files/pAzbdV2KKwn.js Requested by Host: jens.com.es URL: https://jens.com.es/clases/phishing/facebook/login.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 82.223.37.188 Madrid, Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE), Reverse DNS Software nginx / PleskLin Resource Hash `bf2a811ef864a869b365f74647183a96937b1de9cbc616dc106704658c5c6ed1` Request headers Referer https://jens.com.es/clases/phishing/facebook/login.html Origin https://jens.com.es accept-language es-ES,es;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Fri, 13 May 2022 13:10:01 GMT content-encoding br etag W/"627d2a55-6180" last-modified Thu, 12 May 2022 15:40:05 GMT server nginx x-powered-by PleskLin content-type application/javascript
GET H2	200	KCi7ntWTG14.js Show response jens.com.es/clases/phishing/facebook/index_files/	98 KB 25 KB	47ms 47ms	Script application/javascript	82.223.37.188 IONOS-AS This is ...
General Check archive.org Show headers Download Go to Full URL https://jens.com.es/clases/phishing/facebook/index_files/KCi7ntWTG14.js Requested by Host: jens.com.es URL: https://jens.com.es/clases/phishing/facebook/login.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 82.223.37.188 Madrid, Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE), Reverse DNS Software nginx / PleskLin Resource Hash `097bc9d22b8066f2d83f3ac402f95afe6c0d2f972b4586ee015a28cef7feb93e` Request headers Referer https://jens.com.es/clases/phishing/facebook/login.html Origin https://jens.com.es accept-language es-ES,es;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Fri, 13 May 2022 13:10:01 GMT content-encoding br etag W/"627d2a53-1896e" last-modified Thu, 12 May 2022 15:40:03 GMT server nginx x-powered-by PleskLin content-type application/javascript
GET H2	200	Zv2K34UsWYP.js Show response jens.com.es/clases/phishing/facebook/index_files/	19 KB 7 KB	98ms 97ms	Script application/javascript	82.223.37.188 IONOS-AS This is ...
General Check archive.org Show headers Download Go to Full URL https://jens.com.es/clases/phishing/facebook/index_files/Zv2K34UsWYP.js Requested by Host: jens.com.es URL: https://jens.com.es/clases/phishing/facebook/login.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 82.223.37.188 Madrid, Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE), Reverse DNS Software nginx / PleskLin Resource Hash `978d5db5be8be9294f08f066a538e2c01d34a05c6cba5581a6d2d79594c530a9` Request headers Referer https://jens.com.es/clases/phishing/facebook/login.html Origin https://jens.com.es accept-language es-ES,es;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Fri, 13 May 2022 13:10:01 GMT content-encoding br etag W/"627d2a58-4d66" last-modified Thu, 12 May 2022 15:40:08 GMT server nginx x-powered-by PleskLin content-type application/javascript
GET H2	200	YxMGVj7VwHT.js Show response jens.com.es/clases/phishing/facebook/index_files/	37 KB 10 KB	56ms 54ms	Script application/javascript	82.223.37.188 IONOS-AS This is ...
General Check archive.org Show headers Download Go to Full URL https://jens.com.es/clases/phishing/facebook/index_files/YxMGVj7VwHT.js Requested by Host: jens.com.es URL: https://jens.com.es/clases/phishing/facebook/login.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 82.223.37.188 Madrid, Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE), Reverse DNS Software nginx / PleskLin Resource Hash `73cac5a4b912f631d7667da5eccf5d6e00176a2f83d33278afa2f66df4bc070e` Request headers Referer https://jens.com.es/clases/phishing/facebook/login.html Origin https://jens.com.es accept-language es-ES,es;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Fri, 13 May 2022 13:10:01 GMT content-encoding br etag W/"627d2a58-94d4" last-modified Thu, 12 May 2022 15:40:08 GMT server nginx x-powered-by PleskLin content-type application/javascript
GET H2	200	bemu-nylANY.js Show response jens.com.es/clases/phishing/facebook/index_files/	110 KB 46 KB	98ms 96ms	Script application/javascript	82.223.37.188 IONOS-AS This is ...
General Check archive.org Show headers Download Go to Full URL https://jens.com.es/clases/phishing/facebook/index_files/bemu-nylANY.js Requested by Host: jens.com.es URL: https://jens.com.es/clases/phishing/facebook/login.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 82.223.37.188 Madrid, Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE), Reverse DNS Software nginx / PleskLin Resource Hash `3de62ba1023e4e53e1452f8217f0910c5ac1390b513e20a2577c2f88b6ac39d6` Request headers Referer https://jens.com.es/clases/phishing/facebook/login.html Origin https://jens.com.es accept-language es-ES,es;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Fri, 13 May 2022 13:10:01 GMT content-encoding br etag W/"627d2a52-1b832" last-modified Thu, 12 May 2022 15:40:02 GMT server nginx x-powered-by PleskLin content-type application/javascript
GET H2	200	sG3ppFfyKv1.js Show response jens.com.es/clases/phishing/facebook/index_files/	68 KB 20 KB	98ms 96ms	Script application/javascript	82.223.37.188 IONOS-AS This is ...
General Check archive.org Show headers Download Go to Full URL https://jens.com.es/clases/phishing/facebook/index_files/sG3ppFfyKv1.js Requested by Host: jens.com.es URL: https://jens.com.es/clases/phishing/facebook/login.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 82.223.37.188 Madrid, Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE), Reverse DNS Software nginx / PleskLin Resource Hash `be425c390026699d3598b1ab2976bb24d6bcfa959e630266317ef395baa259aa` Request headers Referer https://jens.com.es/clases/phishing/facebook/login.html Origin https://jens.com.es accept-language es-ES,es;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Fri, 13 May 2022 13:10:01 GMT content-encoding br etag W/"627d2a56-10f6b" last-modified Thu, 12 May 2022 15:40:06 GMT server nginx x-powered-by PleskLin content-type application/javascript
GET H2	200	75A8CjRhJNV.js Show response jens.com.es/clases/phishing/facebook/index_files/	73 KB 21 KB	52ms 50ms	Script application/javascript	82.223.37.188 IONOS-AS This is ...
General Check archive.org Show headers Download Go to Full URL https://jens.com.es/clases/phishing/facebook/index_files/75A8CjRhJNV.js Requested by Host: jens.com.es URL: https://jens.com.es/clases/phishing/facebook/login.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 82.223.37.188 Madrid, Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE), Reverse DNS Software nginx / PleskLin Resource Hash `80c1b684e37d6881f3a1ec786e38fe606829b21fcd5afb2813f96ca0a4a0d0dc` Request headers Referer https://jens.com.es/clases/phishing/facebook/login.html Origin https://jens.com.es accept-language es-ES,es;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Fri, 13 May 2022 13:10:01 GMT content-encoding br etag W/"627d2a51-124ca" last-modified Thu, 12 May 2022 15:40:01 GMT server nginx x-powered-by PleskLin content-type application/javascript
GET H2	200	BH1U8-oWSz-.js Show response jens.com.es/clases/phishing/facebook/index_files/	40 KB 11 KB	98ms 96ms	Script application/javascript	82.223.37.188 IONOS-AS This is ...
General Check archive.org Show headers Download Go to Full URL https://jens.com.es/clases/phishing/facebook/index_files/BH1U8-oWSz-.js Requested by Host: jens.com.es URL: https://jens.com.es/clases/phishing/facebook/login.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 82.223.37.188 Madrid, Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE), Reverse DNS Software nginx / PleskLin Resource Hash `5cf7c87653c8c7b183701865a784a662b566639667301b0d3a97a2c3fcf940b9` Request headers Referer https://jens.com.es/clases/phishing/facebook/login.html Origin https://jens.com.es accept-language es-ES,es;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Fri, 13 May 2022 13:10:01 GMT content-encoding br etag W/"627d2a52-9e02" last-modified Thu, 12 May 2022 15:40:02 GMT server nginx x-powered-by PleskLin content-type application/javascript
GET H2	200	v8LqVVCx3AJ.js Show response jens.com.es/clases/phishing/facebook/index_files/	24 KB 8 KB	98ms 96ms	Script application/javascript	82.223.37.188 IONOS-AS This is ...
General Check archive.org Show headers Download Go to Full URL https://jens.com.es/clases/phishing/facebook/index_files/v8LqVVCx3AJ.js Requested by Host: jens.com.es URL: https://jens.com.es/clases/phishing/facebook/login.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 82.223.37.188 Madrid, Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE), Reverse DNS Software nginx / PleskLin Resource Hash `7df67695d6a182c23a99af0fe66f048fed497747860cb9a98be670af9e32cf1b` Request headers Referer https://jens.com.es/clases/phishing/facebook/login.html Origin https://jens.com.es accept-language es-ES,es;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Fri, 13 May 2022 13:10:01 GMT content-encoding br etag W/"627d2a58-6104" last-modified Thu, 12 May 2022 15:40:08 GMT server nginx x-powered-by PleskLin content-type application/javascript
GET H2	200	3tW4Se3Q8lp.js Show response jens.com.es/clases/phishing/facebook/index_files/	55 KB 13 KB	98ms 97ms	Script application/javascript	82.223.37.188 IONOS-AS This is ...
General Check archive.org Show headers Download Go to Full URL https://jens.com.es/clases/phishing/facebook/index_files/3tW4Se3Q8lp.js Requested by Host: jens.com.es URL: https://jens.com.es/clases/phishing/facebook/login.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 82.223.37.188 Madrid, Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE), Reverse DNS Software nginx / PleskLin Resource Hash `067b6660d4e162a45aae9e66ecc43dca41f6d6667e6677376492a7e2e2d1e3af` Request headers Referer https://jens.com.es/clases/phishing/facebook/login.html Origin https://jens.com.es accept-language es-ES,es;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Fri, 13 May 2022 13:10:01 GMT content-encoding br etag W/"627d2a50-dd47" last-modified Thu, 12 May 2022 15:40:00 GMT server nginx x-powered-by PleskLin content-type application/javascript
GET H2	200	papglo0-Qhp.js Show response jens.com.es/clases/phishing/facebook/index_files/	48 KB 13 KB	98ms 97ms	Script application/javascript	82.223.37.188 IONOS-AS This is ...
General Check archive.org Show headers Download Go to Full URL https://jens.com.es/clases/phishing/facebook/index_files/papglo0-Qhp.js Requested by Host: jens.com.es URL: https://jens.com.es/clases/phishing/facebook/login.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 82.223.37.188 Madrid, Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE), Reverse DNS Software nginx / PleskLin Resource Hash `380c2f2223a2362abbc891766692d165ce879a40c488e3e27f8fe6c267c7e86d` Request headers Referer https://jens.com.es/clases/phishing/facebook/login.html Origin https://jens.com.es accept-language es-ES,es;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Fri, 13 May 2022 13:10:01 GMT content-encoding br etag W/"627d2a54-c002" last-modified Thu, 12 May 2022 15:40:04 GMT server nginx x-powered-by PleskLin content-type application/javascript
GET H2	200	qFPB0xXT86s.js Show response jens.com.es/clases/phishing/facebook/index_files/	16 KB 5 KB	137ms 135ms	Script application/javascript	82.223.37.188 IONOS-AS This is ...
General Check archive.org Show headers Download Go to Full URL https://jens.com.es/clases/phishing/facebook/index_files/qFPB0xXT86s.js Requested by Host: jens.com.es URL: https://jens.com.es/clases/phishing/facebook/login.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 82.223.37.188 Madrid, Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE), Reverse DNS Software nginx / PleskLin Resource Hash `b64079bf8d6714c5642a3f9781c41c79d29ed2cc43b93b8b3b154567a51034b6` Request headers Referer https://jens.com.es/clases/phishing/facebook/login.html Origin https://jens.com.es accept-language es-ES,es;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Fri, 13 May 2022 13:10:01 GMT content-encoding br etag W/"627d2a56-41cf" last-modified Thu, 12 May 2022 15:40:06 GMT server nginx x-powered-by PleskLin content-type application/javascript
GET H2	200	WWXflhzoV6u.js Show response jens.com.es/clases/phishing/facebook/index_files/	138 KB 41 KB	98ms 97ms	Script application/javascript	82.223.37.188 IONOS-AS This is ...
General Check archive.org Show headers Download Go to Full URL https://jens.com.es/clases/phishing/facebook/index_files/WWXflhzoV6u.js Requested by Host: jens.com.es URL: https://jens.com.es/clases/phishing/facebook/login.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 82.223.37.188 Madrid, Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE), Reverse DNS Software nginx / PleskLin Resource Hash `f79a298fbd717a297df62efe9f8e632ac728da7b70df010637dd641475aa1ac2` Request headers Referer https://jens.com.es/clases/phishing/facebook/login.html Origin https://jens.com.es accept-language es-ES,es;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Fri, 13 May 2022 13:10:01 GMT content-encoding br etag W/"627d2a58-226b3" last-modified Thu, 12 May 2022 15:40:08 GMT server nginx x-powered-by PleskLin content-type application/javascript
GET H2	200	5jrVXfAROiJ.js Show response jens.com.es/clases/phishing/facebook/index_files/	47 KB 14 KB	137ms 137ms	Script application/javascript	82.223.37.188 IONOS-AS This is ...
General Check archive.org Show headers Download Go to Full URL https://jens.com.es/clases/phishing/facebook/index_files/5jrVXfAROiJ.js Requested by Host: jens.com.es URL: https://jens.com.es/clases/phishing/facebook/login.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 82.223.37.188 Madrid, Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE), Reverse DNS Software nginx / PleskLin Resource Hash `c240148e12502ca30e6c20d8ca692f85bec5aceeccdc57bb47faea8ab3a00f22` Request headers Referer https://jens.com.es/clases/phishing/facebook/login.html Origin https://jens.com.es accept-language es-ES,es;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Fri, 13 May 2022 13:10:01 GMT content-encoding br etag W/"627d2a50-bac8" last-modified Thu, 12 May 2022 15:40:00 GMT server nginx x-powered-by PleskLin content-type application/javascript
GET H2	200	v4WgC_pJT9B.js Show response jens.com.es/clases/phishing/facebook/index_files/	7 KB 2 KB	136ms 136ms	Script application/javascript	82.223.37.188 IONOS-AS This is ...
General Check archive.org Show headers Download Go to Full URL https://jens.com.es/clases/phishing/facebook/index_files/v4WgC_pJT9B.js Requested by Host: jens.com.es URL: https://jens.com.es/clases/phishing/facebook/login.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 82.223.37.188 Madrid, Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE), Reverse DNS Software nginx / PleskLin Resource Hash `a01808b8a2d6e28821f87b2b3bf59abfb34c2aa9050ecd6ba212d3c2c8f28538` Request headers Referer https://jens.com.es/clases/phishing/facebook/login.html Origin https://jens.com.es accept-language es-ES,es;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Fri, 13 May 2022 13:10:01 GMT content-encoding br etag W/"627d2a57-1df6" last-modified Thu, 12 May 2022 15:40:07 GMT server nginx x-powered-by PleskLin content-type application/javascript
GET H2	200	OBaVg52wtTZ.png jens.com.es/clases/phishing/facebook/index_files/	42 KB 42 KB	137ms 136ms	Image image/png	82.223.37.188 IONOS-AS This is ...
General Check archive.org Show headers Download Go to Show image Full URL https://jens.com.es/clases/phishing/facebook/index_files/OBaVg52wtTZ.png Requested by Host: jens.com.es URL: https://jens.com.es/clases/phishing/facebook/login.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 82.223.37.188 Madrid, Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE), Reverse DNS Software nginx / PleskLin Resource Hash `f4287d1528382e5a28f80ea974fe73f74c6516bcf60cdabfc3f6202f1f6da03f` Request headers accept-language es-ES,es;q=0.9 Referer https://jens.com.es/clases/phishing/facebook/login.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Fri, 13 May 2022 13:10:01 GMT last-modified Thu, 12 May 2022 15:40:04 GMT server nginx x-powered-by PleskLin etag "627d2a54-a645" content-type image/png accept-ranges bytes content-length 42565
GET H2	200	GsNJNwuI-UM.gif jens.com.es/clases/phishing/facebook/index_files/	522 B 691 B	138ms 137ms	Image image/gif	82.223.37.188 IONOS-AS This is ...
General Check archive.org Show headers Download Go to Show image Full URL https://jens.com.es/clases/phishing/facebook/index_files/GsNJNwuI-UM.gif Requested by Host: jens.com.es URL: https://jens.com.es/clases/phishing/facebook/login.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 82.223.37.188 Madrid, Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE), Reverse DNS Software nginx / PleskLin Resource Hash `7f4fbb61e5a1226b421109d4bfeb68b371b240bb6a0131c54581b777cb649908` Request headers accept-language es-ES,es;q=0.9 Referer https://jens.com.es/clases/phishing/facebook/login.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Fri, 13 May 2022 13:10:01 GMT etag "20a-5ded25f0f2b61" last-modified Thu, 12 May 2022 15:40:02 GMT server nginx x-powered-by PleskLin content-type image/gif x-accel-version 0.01 accept-ranges bytes content-length 522
GET DATA	200 OK	truncated /	74 B 0		Stylesheet text/css
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `8627d83666e5f29db4f5ddfba459bf17a542a4b20569815b8055223dbe6d3f75` Request headers accept-language es-ES,es;q=0.9 Referer https://jens.com.es/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Content-Type text/css;charset=utf-8
GET H2	404	referer_frame.html Show response jens.com.es/clases/phishing/facebook/index_files/ Frame 90C6	1 KB 551 B	115ms 115ms	Document text/html	82.223.37.188 IONOS-AS This is ...
General Check archive.org Show headers Download Go to Full URL https://jens.com.es/clases/phishing/facebook/index_files/referer_frame.html Requested by Host: jens.com.es URL: https://jens.com.es/clases/phishing/facebook/login.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 82.223.37.188 Madrid, Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE), Reverse DNS Software nginx / PHP/7.3.33 Resource Hash `16ce845440c38f491f80553aee7a8144dcc0a82c46258deaffdd10a0fa3d2db2` Request headers Referer https://jens.com.es/clases/phishing/facebook/login.html Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 accept-language es-ES,es;q=0.9 Response headers content-encoding br content-type text/html; charset=UTF-8 date Fri, 13 May 2022 13:10:01 GMT server nginx x-powered-by PHP/7.3.33
GET DATA	200 OK	truncated /	15 KB 15 KB		Font font/opentype
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `9a67fc4a7b9baa639b319f162a9a17f982d7e1b653aa12b08ec7a2ab74275773` Request headers Referer Origin https://jens.com.es accept-language es-ES,es;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Content-Type font/opentype

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://jens.com.es/clases/phishing/facebook/index_files/referer_frame.html Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

jens.com.es
82.223.37.188
067b6660d4e162a45aae9e66ecc43dca41f6d6667e6677376492a7e2e2d1e3af
097bc9d22b8066f2d83f3ac402f95afe6c0d2f972b4586ee015a28cef7feb93e
107b659ab8c9ecf5312d5d0d08ac88bb1feb04d7b3e972cfc3332fe66c67e73e
16ce845440c38f491f80553aee7a8144dcc0a82c46258deaffdd10a0fa3d2db2
380c2f2223a2362abbc891766692d165ce879a40c488e3e27f8fe6c267c7e86d
3de62ba1023e4e53e1452f8217f0910c5ac1390b513e20a2577c2f88b6ac39d6
59eeda5bccc87a379162ae0594e643fd98075da49a26e4f963f0a74408c8cd6d
5cf7c87653c8c7b183701865a784a662b566639667301b0d3a97a2c3fcf940b9
73cac5a4b912f631d7667da5eccf5d6e00176a2f83d33278afa2f66df4bc070e
7df67695d6a182c23a99af0fe66f048fed497747860cb9a98be670af9e32cf1b
7f4fbb61e5a1226b421109d4bfeb68b371b240bb6a0131c54581b777cb649908
80c1b684e37d6881f3a1ec786e38fe606829b21fcd5afb2813f96ca0a4a0d0dc
8627d83666e5f29db4f5ddfba459bf17a542a4b20569815b8055223dbe6d3f75
978d5db5be8be9294f08f066a538e2c01d34a05c6cba5581a6d2d79594c530a9
9a67fc4a7b9baa639b319f162a9a17f982d7e1b653aa12b08ec7a2ab74275773
a01808b8a2d6e28821f87b2b3bf59abfb34c2aa9050ecd6ba212d3c2c8f28538
b64079bf8d6714c5642a3f9781c41c79d29ed2cc43b93b8b3b154567a51034b6
be425c390026699d3598b1ab2976bb24d6bcfa959e630266317ef395baa259aa
bf2a811ef864a869b365f74647183a96937b1de9cbc616dc106704658c5c6ed1
c240148e12502ca30e6c20d8ca692f85bec5aceeccdc57bb47faea8ab3a00f22
c63295b9a226783c80c36bf2a99a04ec4bf0a7c996df04fad43bb198c6aa193b
d863e3130d79ed27fc5141a0cb2d0af407a00b6c3989fbb1805db8dc399c7b39
e5446135e4743aa77bc47f5a7d11900b0366448844cc8a6f330026cd5cc89cab
f4287d1528382e5a28f80ea974fe73f74c6516bcf60cdabfc3f6202f1f6da03f
f79a298fbd717a297df62efe9f8e632ac728da7b70df010637dd641475aa1ac2

jens.com.es Open in urlscan Pro 82.223.37.188 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

23 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

377 kBTransfer

1117 kBSize

0 Cookies

48 Outgoing links

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

14 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

jens.com.es Open in urlscan Pro
82.223.37.188 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

377 kB
Transfer

1117 kB
Size

0
Cookies

23 HTTP transactions
2 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!