cristaleriags.es Open in urlscan Pro
62.138.139.30 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://cristaleriags.es/database/$%25%5E&*&%5E%25%5E&%5E%25$%25%5E&$%25%5E&*&%5E%25$$%25%5E&*/step2.php
Submission: On April 18 via automatic, source openphish (April 18th 2018, 9:46:54 pm UTC)

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 16 HTTP transactions. The main IP is 62.138.139.30, located in Germany and belongs to HOSTEUROPE-AS, DE. The main domain is cristaleriags.es.
TLS certificate: Issued by cPanel, Inc. Certification Authority on February 19th 2018. Valid for: 3 months.

This is the only time cristaleriags.es was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic (Online)

Domain & IP information

	IP Address	AS Autonomous System
15	62.138.139.30 62.138.139.30	20773 (HOSTEUROP...) (HOSTEUROPE-AS)
1	54.148.84.95 54.148.84.95	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
16	2

15 62.138.139.30 (Germany)

ASN20773 (HOSTEUROPE-AS, DE)
PTR: dns.jerezciudad.com

cristaleriags.es	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.148.84.95 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-148-84-95.us-west-2.compute.amazonaws.com

www.sitepoint.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	cristaleriags.es cristaleriags.es	52 KB
1	sitepoint.com www.sitepoint.com	6 KB
16	2

	Domain	Requested by
15	cristaleriags.es	cristaleriags.es
1	www.sitepoint.com	cristaleriags.es
16	2

This site contains no links.

Subject Issuer	Validity	Valid
cristaleriags.es cPanel, Inc. Certification Authority	`2018-02-19` - `2018-05-20`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://cristaleriags.es/database/$%25%5E&*&%5E%25%5E&%5E%25$%25%5E&$%25%5E&*&%5E%25$$%25%5E&*/step2.php
Frame ID: 6FD86BD5993EE689E4EF0E296BEE560F
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Page Statistics

16
Requests

94 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

58 kB
Transfer

65 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request step2.php Show response cristaleriags.es/database/$%25%5E&&%5E%25%5E&%5E%25$%25%5E&$%25%5E&&%5E%25$$%25%5E&*/	5 KB 5 KB	122ms 92ms	Document text/html	62.138.139.30 HOSTEUROPE-AS
General Check archive.org Show headers Download Go to Full URL https://cristaleriags.es/database/$%25%5E&&%5E%25%5E&%5E%25$%25%5E&$%25%5E&&%5E%25$$%25%5E&/step2.php Protocol* HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 62.138.139.30 , Germany, ASN20773 (HOSTEUROPE-AS, DE), Reverse DNS dns.jerezciudad.com Software Apache / Resource Hash `f72fa7bf46e0a37b6d6ac030db86e62934e4ccae36370e41c5278bb89ec18d08` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host cristaleriags.es Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Cache-Control no-cache Connection keep-alive Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36 Response headers Date Wed, 18 Apr 2018 21:46:38 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=100 Transfer-Encoding chunked Content-Type text/html; charset=iso-8859-1
GET H/1.1	200 OK	MaskedPassword.js Show response www.sitepoint.com/examples/password/MaskedPassword/	17 KB 6 KB	564ms 188ms	Script application/javascript	54.148.84.95 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://www.sitepoint.com/examples/password/MaskedPassword/MaskedPassword.js Requested by Host: cristaleriags.es URL: https://cristaleriags.es/database/$%25%5E&&%5E%25%5E&%5E%25$%25%5E&$%25%5E&&%5E%25$$%25%5E&/step2.php Protocol* HTTP/1.1 Server 54.148.84.95 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-54-148-84-95.us-west-2.compute.amazonaws.com Software Apache/2.2.22 (Debian) / Resource Hash `7742fb83d98648f94727a40d5c3381b3245805e62b6f998002d933715ac84b6a` Request headers Referer https://cristaleriags.es/database/$%25%5E&&%5E%25%5E&%5E%25$%25%5E&$%25%5E&&%5E%25$$%25%5E&/step2.php User-Agent* Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36 Response headers Date Wed, 18 Apr 2018 20:48:38 GMT Content-Encoding gzip X-Cache-Lookup HIT from ip-172-31-21-242.us-west-2.compute.internal:3128 Last-Modified Fri, 15 Oct 2010 00:03:45 GMT Server Apache/2.2.22 (Debian) Age 3485 ETag "680936-4208-4929c8f629a40" Vary Accept-Encoding X-Cache HIT from ip-172-31-21-242.us-west-2.compute.internal Content-Type application/javascript Accept-Ranges bytes Content-Length 5767
GET H/1.1	200 OK	t7.png cristaleriags.es/database/$%25%5E&&%5E%25%5E&%5E%25$%25%5E&$%25%5E&&%5E%25$$%25%5E&*/images/	12 KB 12 KB	14ms 12ms	Image image/png	62.138.139.30 HOSTEUROPE-AS
General Check archive.org Show headers Download Go to Show image Full URL https://cristaleriags.es/database/$%25%5E&&%5E%25%5E&%5E%25$%25%5E&$%25%5E&&%5E%25$$%25%5E&/images/t7.png Requested by* Host: cristaleriags.es URL: https://cristaleriags.es/database/$%25%5E&&%5E%25%5E&%5E%25$%25%5E&$%25%5E&&%5E%25$$%25%5E&/step2.php Protocol* HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 62.138.139.30 , Germany, ASN20773 (HOSTEUROPE-AS, DE), Reverse DNS dns.jerezciudad.com Software Apache / Resource Hash `9e21b97320cbf2630113447dda968025a56ad2652aea6ccc2e833c52c2e97654` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host cristaleriags.es User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://cristaleriags.es/database/$%25%5E&&%5E%25%5E&%5E%25$%25%5E&$%25%5E&&%5E%25$$%25%5E&/step2.php Connection* keep-alive Cache-Control no-cache Referer https://cristaleriags.es/database/$%25%5E&&%5E%25%5E&%5E%25$%25%5E&$%25%5E&&%5E%25$$%25%5E&/step2.php User-Agent* Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36 Response headers Date Wed, 18 Apr 2018 21:46:38 GMT Last-Modified Wed, 23 Aug 2017 20:06:36 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 12316
GET H/1.1	200 OK	t8.png cristaleriags.es/database/$%25%5E&&%5E%25%5E&%5E%25$%25%5E&$%25%5E&&%5E%25$$%25%5E&*/images/	13 KB 13 KB	10ms 9ms	Image image/png	62.138.139.30 HOSTEUROPE-AS
General Check archive.org Show headers Download Go to Show image Full URL https://cristaleriags.es/database/$%25%5E&&%5E%25%5E&%5E%25$%25%5E&$%25%5E&&%5E%25$$%25%5E&/images/t8.png Requested by* Host: cristaleriags.es URL: https://cristaleriags.es/database/$%25%5E&&%5E%25%5E&%5E%25$%25%5E&$%25%5E&&%5E%25$$%25%5E&/step2.php Protocol* HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 62.138.139.30 , Germany, ASN20773 (HOSTEUROPE-AS, DE), Reverse DNS dns.jerezciudad.com Software Apache / Resource Hash `4917a79f5b9c3e7299bdbeb9fa3d736b291a291f9ea803938f8f094c30369ea6` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host cristaleriags.es User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://cristaleriags.es/database/$%25%5E&&%5E%25%5E&%5E%25$%25%5E&$%25%5E&&%5E%25$$%25%5E&/step2.php Connection* keep-alive Cache-Control no-cache Referer https://cristaleriags.es/database/$%25%5E&&%5E%25%5E&%5E%25$%25%5E&$%25%5E&&%5E%25$$%25%5E&/step2.php User-Agent* Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36 Response headers Date Wed, 18 Apr 2018 21:46:38 GMT Last-Modified Wed, 23 Aug 2017 20:07:00 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 12852
GET H/1.1	200 OK	t9.png cristaleriags.es/database/$%25%5E&&%5E%25%5E&%5E%25$%25%5E&$%25%5E&&%5E%25$$%25%5E&*/images/	2 KB 2 KB	10ms 9ms	Image image/png	62.138.139.30 HOSTEUROPE-AS
General Check archive.org Show headers Download Go to Show image Full URL https://cristaleriags.es/database/$%25%5E&&%5E%25%5E&%5E%25$%25%5E&$%25%5E&&%5E%25$$%25%5E&/images/t9.png Requested by* Host: cristaleriags.es URL: https://cristaleriags.es/database/$%25%5E&&%5E%25%5E&%5E%25$%25%5E&$%25%5E&&%5E%25$$%25%5E&/step2.php Protocol* HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 62.138.139.30 , Germany, ASN20773 (HOSTEUROPE-AS, DE), Reverse DNS dns.jerezciudad.com Software Apache / Resource Hash `375f7f05b05734776d2d5f7858bf7c97c81968b85678c24771fc9653abd77435` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host cristaleriags.es User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://cristaleriags.es/database/$%25%5E&&%5E%25%5E&%5E%25$%25%5E&$%25%5E&&%5E%25$$%25%5E&/step2.php Connection* keep-alive Cache-Control no-cache Referer https://cristaleriags.es/database/$%25%5E&&%5E%25%5E&%5E%25$%25%5E&$%25%5E&&%5E%25$$%25%5E&/step2.php User-Agent* Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36 Response headers Date Wed, 18 Apr 2018 21:46:38 GMT Last-Modified Wed, 23 Aug 2017 20:08:36 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 2184
GET H/1.1	200 OK	t17.png cristaleriags.es/database/$%25%5E&&%5E%25%5E&%5E%25$%25%5E&$%25%5E&&%5E%25$$%25%5E&*/images/	246 B 487 B	10ms 9ms	Image image/png	62.138.139.30 HOSTEUROPE-AS
General Check archive.org Show headers Download Go to Show image Full URL https://cristaleriags.es/database/$%25%5E&&%5E%25%5E&%5E%25$%25%5E&$%25%5E&&%5E%25$$%25%5E&/images/t17.png Requested by* Host: cristaleriags.es URL: https://cristaleriags.es/database/$%25%5E&&%5E%25%5E&%5E%25$%25%5E&$%25%5E&&%5E%25$$%25%5E&/step2.php Protocol* HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 62.138.139.30 , Germany, ASN20773 (HOSTEUROPE-AS, DE), Reverse DNS dns.jerezciudad.com Software Apache / Resource Hash `f1811b26a232ad5c381fff51d8ba2df222c3675abb67ff1f8bc229158ae0e867` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host cristaleriags.es User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://cristaleriags.es/database/$%25%5E&&%5E%25%5E&%5E%25$%25%5E&$%25%5E&&%5E%25$$%25%5E&/step2.php Connection* keep-alive Cache-Control no-cache Referer https://cristaleriags.es/database/$%25%5E&&%5E%25%5E&%5E%25$%25%5E&$%25%5E&&%5E%25$$%25%5E&/step2.php User-Agent* Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36 Response headers Date Wed, 18 Apr 2018 21:46:38 GMT Last-Modified Fri, 17 Mar 2017 23:34:18 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 246
GET H/1.1	200 OK	t18.png cristaleriags.es/database/$%25%5E&&%5E%25%5E&%5E%25$%25%5E&$%25%5E&&%5E%25$$%25%5E&*/images/	596 B 837 B	10ms 9ms	Image image/png	62.138.139.30 HOSTEUROPE-AS
General Check archive.org Show headers Download Go to Show image Full URL https://cristaleriags.es/database/$%25%5E&&%5E%25%5E&%5E%25$%25%5E&$%25%5E&&%5E%25$$%25%5E&/images/t18.png Requested by* Host: cristaleriags.es URL: https://cristaleriags.es/database/$%25%5E&&%5E%25%5E&%5E%25$%25%5E&$%25%5E&&%5E%25$$%25%5E&/step2.php Protocol* HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 62.138.139.30 , Germany, ASN20773 (HOSTEUROPE-AS, DE), Reverse DNS dns.jerezciudad.com Software Apache / Resource Hash `bc8ddeb534a84adc92083112b6ca1f114da4ca51e085867de8882945d70cab27` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host cristaleriags.es User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://cristaleriags.es/database/$%25%5E&&%5E%25%5E&%5E%25$%25%5E&$%25%5E&&%5E%25$$%25%5E&/step2.php Connection* keep-alive Cache-Control no-cache Referer https://cristaleriags.es/database/$%25%5E&&%5E%25%5E&%5E%25$%25%5E&$%25%5E&&%5E%25$$%25%5E&/step2.php User-Agent* Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36 Response headers Date Wed, 18 Apr 2018 21:46:38 GMT Last-Modified Fri, 17 Mar 2017 23:33:46 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=95 Content-Length 596
GET H/1.1	200 OK	t19.png cristaleriags.es/database/$%25%5E&&%5E%25%5E&%5E%25$%25%5E&$%25%5E&&%5E%25$$%25%5E&*/images/	810 B 1 KB	10ms 9ms	Image image/png	62.138.139.30 HOSTEUROPE-AS
General Check archive.org Show headers Download Go to Show image Full URL https://cristaleriags.es/database/$%25%5E&&%5E%25%5E&%5E%25$%25%5E&$%25%5E&&%5E%25$$%25%5E&/images/t19.png Requested by* Host: cristaleriags.es URL: https://cristaleriags.es/database/$%25%5E&&%5E%25%5E&%5E%25$%25%5E&$%25%5E&&%5E%25$$%25%5E&/step2.php Protocol* HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 62.138.139.30 , Germany, ASN20773 (HOSTEUROPE-AS, DE), Reverse DNS dns.jerezciudad.com Software Apache / Resource Hash `ca8ae0ec0cb9e169d7ebe06e3bd50aabbe46ef3da4fe6f6d89811c5ea1846d67` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host cristaleriags.es User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://cristaleriags.es/database/$%25%5E&&%5E%25%5E&%5E%25$%25%5E&$%25%5E&&%5E%25$$%25%5E&/step2.php Connection* keep-alive Cache-Control no-cache Referer https://cristaleriags.es/database/$%25%5E&&%5E%25%5E&%5E%25$%25%5E&$%25%5E&&%5E%25$$%25%5E&/step2.php User-Agent* Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36 Response headers Date Wed, 18 Apr 2018 21:46:38 GMT Last-Modified Fri, 17 Mar 2017 23:55:14 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=94 Content-Length 810
GET H/1.1	200 OK	t20.png cristaleriags.es/database/$%25%5E&&%5E%25%5E&%5E%25$%25%5E&$%25%5E&&%5E%25$$%25%5E&*/images/	2 KB 2 KB	10ms 9ms	Image image/png	62.138.139.30 HOSTEUROPE-AS
General Check archive.org Show headers Download Go to Show image Full URL https://cristaleriags.es/database/$%25%5E&&%5E%25%5E&%5E%25$%25%5E&$%25%5E&&%5E%25$$%25%5E&/images/t20.png Requested by* Host: cristaleriags.es URL: https://cristaleriags.es/database/$%25%5E&&%5E%25%5E&%5E%25$%25%5E&$%25%5E&&%5E%25$$%25%5E&/step2.php Protocol* HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 62.138.139.30 , Germany, ASN20773 (HOSTEUROPE-AS, DE), Reverse DNS dns.jerezciudad.com Software Apache / Resource Hash `21a4a64cd6fe7aa50c8d7278c8c3631a7d6f1afdd4c6b3c829038d9c04202bbc` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host cristaleriags.es User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://cristaleriags.es/database/$%25%5E&&%5E%25%5E&%5E%25$%25%5E&$%25%5E&&%5E%25$$%25%5E&/step2.php Connection* keep-alive Cache-Control no-cache Referer https://cristaleriags.es/database/$%25%5E&&%5E%25%5E&%5E%25$%25%5E&$%25%5E&&%5E%25$$%25%5E&/step2.php User-Agent* Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36 Response headers Date Wed, 18 Apr 2018 21:46:38 GMT Last-Modified Fri, 17 Mar 2017 23:33:32 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=93 Content-Length 2237
GET H/1.1	200 OK	t10.png cristaleriags.es/database/$%25%5E&&%5E%25%5E&%5E%25$%25%5E&$%25%5E&&%5E%25$$%25%5E&*/images/	267 B 508 B	10ms 9ms	Image image/png	62.138.139.30 HOSTEUROPE-AS
General Check archive.org Show headers Download Go to Show image Full URL https://cristaleriags.es/database/$%25%5E&&%5E%25%5E&%5E%25$%25%5E&$%25%5E&&%5E%25$$%25%5E&/images/t10.png Requested by* Host: cristaleriags.es URL: https://cristaleriags.es/database/$%25%5E&&%5E%25%5E&%5E%25$%25%5E&$%25%5E&&%5E%25$$%25%5E&/step2.php Protocol* HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 62.138.139.30 , Germany, ASN20773 (HOSTEUROPE-AS, DE), Reverse DNS dns.jerezciudad.com Software Apache / Resource Hash `4e4bac9334686330b31ad629eb37fe1b047b422242ae6d489ce709fa773c0dcb` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host cristaleriags.es User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://cristaleriags.es/database/$%25%5E&&%5E%25%5E&%5E%25$%25%5E&$%25%5E&&%5E%25$$%25%5E&/step2.php Connection* keep-alive Cache-Control no-cache Referer https://cristaleriags.es/database/$%25%5E&&%5E%25%5E&%5E%25$%25%5E&$%25%5E&&%5E%25$$%25%5E&/step2.php User-Agent* Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36 Response headers Date Wed, 18 Apr 2018 21:46:38 GMT Last-Modified Wed, 23 Aug 2017 20:09:40 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=92 Content-Length 267
GET H/1.1	200 OK	t11.png cristaleriags.es/database/$%25%5E&&%5E%25%5E&%5E%25$%25%5E&$%25%5E&&%5E%25$$%25%5E&*/images/	449 B 690 B	10ms 10ms	Image image/png	62.138.139.30 HOSTEUROPE-AS
General Check archive.org Show headers Download Go to Show image Full URL https://cristaleriags.es/database/$%25%5E&&%5E%25%5E&%5E%25$%25%5E&$%25%5E&&%5E%25$$%25%5E&/images/t11.png Requested by* Host: cristaleriags.es URL: https://cristaleriags.es/database/$%25%5E&&%5E%25%5E&%5E%25$%25%5E&$%25%5E&&%5E%25$$%25%5E&/step2.php Protocol* HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 62.138.139.30 , Germany, ASN20773 (HOSTEUROPE-AS, DE), Reverse DNS dns.jerezciudad.com Software Apache / Resource Hash `1d3771dc03f6feb6a5bac033f212ca106b0963855c295b37b8db996c6b288783` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host cristaleriags.es User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://cristaleriags.es/database/$%25%5E&&%5E%25%5E&%5E%25$%25%5E&$%25%5E&&%5E%25$$%25%5E&/step2.php Connection* keep-alive Cache-Control no-cache Referer https://cristaleriags.es/database/$%25%5E&&%5E%25%5E&%5E%25$%25%5E&$%25%5E&&%5E%25$$%25%5E&/step2.php User-Agent* Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36 Response headers Date Wed, 18 Apr 2018 21:46:38 GMT Last-Modified Wed, 23 Aug 2017 20:09:58 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=91 Content-Length 449
GET H/1.1	200 OK	t21.png cristaleriags.es/database/$%25%5E&&%5E%25%5E&%5E%25$%25%5E&$%25%5E&&%5E%25$$%25%5E&*/images/	5 KB 5 KB	10ms 9ms	Image image/png	62.138.139.30 HOSTEUROPE-AS
General Check archive.org Show headers Download Go to Show image Full URL https://cristaleriags.es/database/$%25%5E&&%5E%25%5E&%5E%25$%25%5E&$%25%5E&&%5E%25$$%25%5E&/images/t21.png Requested by* Host: cristaleriags.es URL: https://cristaleriags.es/database/$%25%5E&&%5E%25%5E&%5E%25$%25%5E&$%25%5E&&%5E%25$$%25%5E&/step2.php Protocol* HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 62.138.139.30 , Germany, ASN20773 (HOSTEUROPE-AS, DE), Reverse DNS dns.jerezciudad.com Software Apache / Resource Hash `d6301c3b12be2964655727cb4ba43ae0f8aad30cc966dd3678f6dd06b7f63910` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host cristaleriags.es User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://cristaleriags.es/database/$%25%5E&&%5E%25%5E&%5E%25$%25%5E&$%25%5E&&%5E%25$$%25%5E&/step2.php Connection* keep-alive Cache-Control no-cache Referer https://cristaleriags.es/database/$%25%5E&&%5E%25%5E&%5E%25$%25%5E&$%25%5E&&%5E%25$$%25%5E&/step2.php User-Agent* Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36 Response headers Date Wed, 18 Apr 2018 21:46:38 GMT Last-Modified Tue, 26 Sep 2017 03:15:32 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=90 Content-Length 4920
GET H/1.1	200 OK	t24.png cristaleriags.es/database/$%25%5E&&%5E%25%5E&%5E%25$%25%5E&$%25%5E&&%5E%25$$%25%5E&*/images/	2 KB 2 KB	10ms 9ms	Image image/png	62.138.139.30 HOSTEUROPE-AS
General Check archive.org Show headers Download Go to Show image Full URL https://cristaleriags.es/database/$%25%5E&&%5E%25%5E&%5E%25$%25%5E&$%25%5E&&%5E%25$$%25%5E&/images/t24.png Requested by* Host: cristaleriags.es URL: https://cristaleriags.es/database/$%25%5E&&%5E%25%5E&%5E%25$%25%5E&$%25%5E&&%5E%25$$%25%5E&/step2.php Protocol* HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 62.138.139.30 , Germany, ASN20773 (HOSTEUROPE-AS, DE), Reverse DNS dns.jerezciudad.com Software Apache / Resource Hash `6dfb6c6f0e9ab88ebf5d32652f02b6fa55d1765467bb4d66dca7ec632b2fa0ba` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host cristaleriags.es User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://cristaleriags.es/database/$%25%5E&&%5E%25%5E&%5E%25$%25%5E&$%25%5E&&%5E%25$$%25%5E&/step2.php Connection* keep-alive Cache-Control no-cache Referer https://cristaleriags.es/database/$%25%5E&&%5E%25%5E&%5E%25$%25%5E&$%25%5E&&%5E%25$$%25%5E&/step2.php User-Agent* Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36 Response headers Date Wed, 18 Apr 2018 21:46:38 GMT Last-Modified Wed, 23 Aug 2017 21:08:24 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=89 Content-Length 1581
GET H/1.1	200 OK	t25.png cristaleriags.es/database/$%25%5E&&%5E%25%5E&%5E%25$%25%5E&$%25%5E&&%5E%25$$%25%5E&*/images/	2 KB 2 KB	10ms 10ms	Image image/png	62.138.139.30 HOSTEUROPE-AS
General Check archive.org Show headers Download Go to Show image Full URL https://cristaleriags.es/database/$%25%5E&&%5E%25%5E&%5E%25$%25%5E&$%25%5E&&%5E%25$$%25%5E&/images/t25.png Requested by* Host: cristaleriags.es URL: https://cristaleriags.es/database/$%25%5E&&%5E%25%5E&%5E%25$%25%5E&$%25%5E&&%5E%25$$%25%5E&/step2.php Protocol* HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 62.138.139.30 , Germany, ASN20773 (HOSTEUROPE-AS, DE), Reverse DNS dns.jerezciudad.com Software Apache / Resource Hash `ddcdeb93b5a2db0f0afe0f441d8e16e2a4eb652da800dda853e062504fc48130` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host cristaleriags.es User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://cristaleriags.es/database/$%25%5E&&%5E%25%5E&%5E%25$%25%5E&$%25%5E&&%5E%25$$%25%5E&/step2.php Connection* keep-alive Cache-Control no-cache Referer https://cristaleriags.es/database/$%25%5E&&%5E%25%5E&%5E%25$%25%5E&$%25%5E&&%5E%25$$%25%5E&/step2.php User-Agent* Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36 Response headers Date Wed, 18 Apr 2018 21:46:38 GMT Last-Modified Wed, 23 Aug 2017 21:08:32 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=88 Content-Length 1615
GET H/1.1	200 OK	mt22.png cristaleriags.es/database/$%25%5E&&%5E%25%5E&%5E%25$%25%5E&$%25%5E&&%5E%25$$%25%5E&*/images/	2 KB 2 KB	11ms 10ms	Image image/png	62.138.139.30 HOSTEUROPE-AS
General Check archive.org Show headers Download Go to Show image Full URL https://cristaleriags.es/database/$%25%5E&&%5E%25%5E&%5E%25$%25%5E&$%25%5E&&%5E%25$$%25%5E&/images/mt22.png Requested by* Host: cristaleriags.es URL: https://cristaleriags.es/database/$%25%5E&&%5E%25%5E&%5E%25$%25%5E&$%25%5E&&%5E%25$$%25%5E&/step2.php Protocol* HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 62.138.139.30 , Germany, ASN20773 (HOSTEUROPE-AS, DE), Reverse DNS dns.jerezciudad.com Software Apache / Resource Hash `bc6feaa21b186140ab5d1366aefe9ac74d26dc9847a892f7efed326d48cd806c` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host cristaleriags.es User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://cristaleriags.es/database/$%25%5E&&%5E%25%5E&%5E%25$%25%5E&$%25%5E&&%5E%25$$%25%5E&/step2.php Connection* keep-alive Cache-Control no-cache Referer https://cristaleriags.es/database/$%25%5E&&%5E%25%5E&%5E%25$%25%5E&$%25%5E&&%5E%25$$%25%5E&/step2.php User-Agent* Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36 Response headers Date Wed, 18 Apr 2018 21:46:38 GMT Last-Modified Tue, 26 Sep 2017 03:02:22 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=87 Content-Length 1609
GET H/1.1	200 OK	subm.png cristaleriags.es/database/$%25%5E&&%5E%25%5E&%5E%25$%25%5E&$%25%5E&&%5E%25$$%25%5E&*/images/	2 KB 3 KB	10ms 9ms	Image image/png	62.138.139.30 HOSTEUROPE-AS
General Check archive.org Show headers Download Go to Show image Full URL https://cristaleriags.es/database/$%25%5E&&%5E%25%5E&%5E%25$%25%5E&$%25%5E&&%5E%25$$%25%5E&/images/subm.png Requested by* Host: cristaleriags.es URL: https://cristaleriags.es/database/$%25%5E&&%5E%25%5E&%5E%25$%25%5E&$%25%5E&&%5E%25$$%25%5E&/step2.php Protocol* HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 62.138.139.30 , Germany, ASN20773 (HOSTEUROPE-AS, DE), Reverse DNS dns.jerezciudad.com Software Apache / Resource Hash `666dcba29d9c75371ee6ceb4f68115aa59e40bc9e925910b526884f59341aba5` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host cristaleriags.es User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://cristaleriags.es/database/$%25%5E&&%5E%25%5E&%5E%25$%25%5E&$%25%5E&&%5E%25$$%25%5E&/step2.php Connection* keep-alive Cache-Control no-cache Referer https://cristaleriags.es/database/$%25%5E&&%5E%25%5E&%5E%25$%25%5E&$%25%5E&&%5E%25$$%25%5E&/step2.php User-Agent* Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36 Response headers Date Wed, 18 Apr 2018 21:46:38 GMT Last-Modified Tue, 26 Sep 2017 03:05:06 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=86 Content-Length 2378

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic (Online)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| MaskedPassword function| unhideBody

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cristaleriags.es
www.sitepoint.com
54.148.84.95
62.138.139.30
1d3771dc03f6feb6a5bac033f212ca106b0963855c295b37b8db996c6b288783
21a4a64cd6fe7aa50c8d7278c8c3631a7d6f1afdd4c6b3c829038d9c04202bbc
375f7f05b05734776d2d5f7858bf7c97c81968b85678c24771fc9653abd77435
4917a79f5b9c3e7299bdbeb9fa3d736b291a291f9ea803938f8f094c30369ea6
4e4bac9334686330b31ad629eb37fe1b047b422242ae6d489ce709fa773c0dcb
666dcba29d9c75371ee6ceb4f68115aa59e40bc9e925910b526884f59341aba5
6dfb6c6f0e9ab88ebf5d32652f02b6fa55d1765467bb4d66dca7ec632b2fa0ba
7742fb83d98648f94727a40d5c3381b3245805e62b6f998002d933715ac84b6a
9e21b97320cbf2630113447dda968025a56ad2652aea6ccc2e833c52c2e97654
bc6feaa21b186140ab5d1366aefe9ac74d26dc9847a892f7efed326d48cd806c
bc8ddeb534a84adc92083112b6ca1f114da4ca51e085867de8882945d70cab27
ca8ae0ec0cb9e169d7ebe06e3bd50aabbe46ef3da4fe6f6d89811c5ea1846d67
d6301c3b12be2964655727cb4ba43ae0f8aad30cc966dd3678f6dd06b7f63910
ddcdeb93b5a2db0f0afe0f441d8e16e2a4eb652da800dda853e062504fc48130
f1811b26a232ad5c381fff51d8ba2df222c3675abb67ff1f8bc229158ae0e867
f72fa7bf46e0a37b6d6ac030db86e62934e4ccae36370e41c5278bb89ec18d08

cristaleriags.es Open in urlscan Pro 62.138.139.30 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

16 Requests

94 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

58 kBTransfer

65 kBSize

0 Cookies

0 Outgoing links

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

2 JavaScript Global Variables

0 Cookies

Indicators

cristaleriags.es Open in urlscan Pro
62.138.139.30 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

94 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

58 kB
Transfer

65 kB
Size

0
Cookies

16 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!