www.wargo.jp Open in urlscan Pro
153.126.135.143 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://cutt.ly/ACmlq6k
Effective URL:
https://www.wargo.jp/column/js/SERVICIO,CaixaBank/LaCaixaBank/Login
Submission: On September 07 via manual (September 7th 2022, 4:45:45 pm UTC) from ES — Scanned from ES

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 3 countries across 3 domains to perform 12 HTTP transactions. The main IP is 153.126.135.143, located in Japan and belongs to SAKURA-A SAKURA Internet Inc., JP. The main domain is www.wargo.jp.
TLS certificate: Issued by GoGetSSL RSA DV CA on January 6th 2022. Valid for: a year.

This is the only time www.wargo.jp was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Caixabank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:10:... 2606:4700:10::6816:e8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	153.126.135.143 153.126.135.143	7684 (SAKURA-A ...) (SAKURA-A SAKURA Internet Inc.)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
12	2

1 2606:4700:10::6816:e8 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cutt.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 153.126.135.143 (Japan)

ASN7684 (SAKURA-A SAKURA Internet Inc., JP)
PTR: ik1-303-11889.vs.sakura.ne.jp

www.wargo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	wargo.jp www.wargo.jp	211 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 480	31 KB
1	cutt.ly 1 redirects cutt.ly — Cisco Umbrella Rank: 54913	396 B
12	3

	Domain	Requested by
11	www.wargo.jp	www.wargo.jp
1	ajax.googleapis.com	www.wargo.jp
1	cutt.ly	1 redirects
12	3

This site contains no links.

Subject Issuer	Validity	Valid
*.wargo.jp GoGetSSL RSA DV CA	`2022-01-06` - `2023-01-06`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.wargo.jp/column/js/SERVICIO,CaixaBank/LaCaixaBank/Login
Frame ID: F0A21DCC5C07948870F9FD4E81B56B90
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

CaixaBank | banca digital CaixaBankNow

Page URL History Show full URLs

https://cutt.ly/ACmlq6k HTTP 301
https://www.wargo.jp/column/js/SERVICIO,CaixaBank/LaCaixaBank/ Page URL
https://www.wargo.jp/column/js/SERVICIO,CaixaBank/LaCaixaBank/Login Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

12
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

2
IPs

3
Countries

242 kB
Transfer

316 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://cutt.ly/ACmlq6k HTTP 301
https://www.wargo.jp/column/js/SERVICIO,CaixaBank/LaCaixaBank/ Page URL
https://www.wargo.jp/column/js/SERVICIO,CaixaBank/LaCaixaBank/Login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://cutt.ly/ACmlq6k HTTP 301
https://www.wargo.jp/column/js/SERVICIO,CaixaBank/LaCaixaBank/

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/
www.wargo.jp/column/js/SERVICIO,CaixaBank/LaCaixaBank/
Redirect Chain

https://cutt.ly/ACmlq6k
https://www.wargo.jp/column/js/SERVICIO,CaixaBank/LaCaixaBank/

115 B
574 B

3299ms
997ms

Document
text/html

153.126.135.143
SAKURA-A SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wargo.jp/column/js/SERVICIO,CaixaBank/LaCaixaBank/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

153.126.135.143 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),

Reverse DNS

ik1-303-11889.vs.sakura.ne.jp

Software

Apache /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

Access-Control-Allow-Origin: http://shop-list.wargo.jp
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 122
Content-Type: text/html
Date: Wed, 07 Sep 2022 16:45:36 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
Vary: Accept-Encoding,User-Agent
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1;mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7470ea5ddc46866e-MAD
content-type: text/html; charset=UTF-8
date: Wed, 07 Sep 2022 16:45:33 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://www.wargo.jp/column/js/SERVICIO,CaixaBank/LaCaixaBank/
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK Primary Request Login Show response
www.wargo.jp/column/js/SERVICIO,CaixaBank/LaCaixaBank/ 5 KB
2 KB 2886ms
2886ms Document
text/html 153.126.135.143
SAKURA-A SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wargo.jp/column/js/SERVICIO,CaixaBank/LaCaixaBank/Login

Requested by

Host: www.wargo.jp
URL: https://www.wargo.jp/column/js/SERVICIO,CaixaBank/LaCaixaBank/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

153.126.135.143 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),

Reverse DNS

ik1-303-11889.vs.sakura.ne.jp

Software

Apache /

Resource Hash

eec67408d21d3fdcd87be73d71a2c8f701eb29efa35f009e87aa731d6e3f0a04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://www.wargo.jp/column/js/SERVICIO,CaixaBank/LaCaixaBank/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

Access-Control-Allow-Origin: http://shop-list.wargo.jp
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 1709
Content-Type: text/html
Date: Wed, 07 Sep 2022 16:45:37 GMT
Keep-Alive: timeout=5, max=99
Server: Apache
Vary: Accept-Encoding,User-Agent
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1;mode=block

GET
H/1.1 200
OK estilos-login.css
www.wargo.jp/column/js/SERVICIO,CaixaBank/LaCaixaBank/style/ 9 KB
3 KB 295ms
294ms Stylesheet
text/css 153.126.135.143
SAKURA-A SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wargo.jp/column/js/SERVICIO,CaixaBank/LaCaixaBank/style/estilos-login.css

Requested by

Host: www.wargo.jp
URL: https://www.wargo.jp/column/js/SERVICIO,CaixaBank/LaCaixaBank/Login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

153.126.135.143 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),

Reverse DNS

ik1-303-11889.vs.sakura.ne.jp

Software

Apache /

Resource Hash

456ef11ad2ad383548b7364a027e2b268fa1bba8afcf6ae4dc8f30aedafa0b6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.wargo.jp/column/js/SERVICIO,CaixaBank/LaCaixaBank/Login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 07 Sep 2022 16:45:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Vary: Accept-Encoding,User-Agent
Content-Length: 2287
X-XSS-Protection: 1;mode=block
Last-Modified: Fri, 23 Apr 2021 19:12:58 GMT
Server: Apache
ETag: "23d7-5c0a895740280-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Access-Control-Allow-Origin: http://shop-list.wargo.jp
Cache-Control: max-age=604800, public
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
31 KB 205ms
61ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: www.wargo.jp
URL: https://www.wargo.jp/column/js/SERVICIO,CaixaBank/LaCaixaBank/Login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.wargo.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 16:40:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 283
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Sep 2023 16:40:57 GMT

GET
H/1.1 200
OK candado.png
www.wargo.jp/column/js/SERVICIO,CaixaBank/LaCaixaBank/style/ 2 KB
2 KB 299ms
298ms Image
image/png 153.126.135.143
SAKURA-A SAKURA I...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wargo.jp/column/js/SERVICIO,CaixaBank/LaCaixaBank/style/candado.png

Requested by

Host: www.wargo.jp
URL: https://www.wargo.jp/column/js/SERVICIO,CaixaBank/LaCaixaBank/Login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

153.126.135.143 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),

Reverse DNS

ik1-303-11889.vs.sakura.ne.jp

Software

Apache /

Resource Hash

9723a6d5f5ea669e43fd75e6af8770704573ebc065e148c13c78c334654f9007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.wargo.jp/column/js/SERVICIO,CaixaBank/LaCaixaBank/Login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 07 Sep 2022 16:45:40 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 14 Apr 2021 06:30:12 GMT
Server: Apache
ETag: "6a2-5bfe8e103e500"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Access-Control-Allow-Origin: http://shop-list.wargo.jp
Cache-Control: max-age=604800, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1698
X-XSS-Protection: 1;mode=block

GET
H/1.1 200
OK dogga.jpg
www.wargo.jp/column/js/SERVICIO,CaixaBank/LaCaixaBank/style/ 13 KB
13 KB 582ms
302ms Image
image/jpeg 153.126.135.143
SAKURA-A SAKURA I...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wargo.jp/column/js/SERVICIO,CaixaBank/LaCaixaBank/style/dogga.jpg

Requested by

Host: www.wargo.jp
URL: https://www.wargo.jp/column/js/SERVICIO,CaixaBank/LaCaixaBank/Login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

153.126.135.143 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),

Reverse DNS

ik1-303-11889.vs.sakura.ne.jp

Software

Apache /

Resource Hash

62000b0a80b0bac6572546054b2806d741dbbbc0ae79211305bf28a05966a9ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.wargo.jp/column/js/SERVICIO,CaixaBank/LaCaixaBank/Login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 07 Sep 2022 16:45:40 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 14 Apr 2021 06:48:10 GMT
Server: Apache
ETag: "326c-5bfe92144de80"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Access-Control-Allow-Origin: http://shop-list.wargo.jp
Cache-Control: max-age=604800, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 12908
X-XSS-Protection: 1;mode=block

GET
H/1.1 200
OK ico_world_login.png
www.wargo.jp/column/js/SERVICIO,CaixaBank/LaCaixaBank/style/ 577 B
1 KB 907ms
315ms Image
image/png 153.126.135.143
SAKURA-A SAKURA I...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wargo.jp/column/js/SERVICIO,CaixaBank/LaCaixaBank/style/ico_world_login.png

Requested by

Host: www.wargo.jp
URL: https://www.wargo.jp/column/js/SERVICIO,CaixaBank/LaCaixaBank/style/estilos-login.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

153.126.135.143 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),

Reverse DNS

ik1-303-11889.vs.sakura.ne.jp

Software

Apache /

Resource Hash

5ac009489ecf0eb04acecc023afe768a7d42e3f90eba65f46353dd2d8d2f6698

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.wargo.jp/column/js/SERVICIO,CaixaBank/LaCaixaBank/style/estilos-login.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 07 Sep 2022 16:45:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 23 Apr 2021 19:06:06 GMT
Server: Apache
ETag: "241-5c0a87ce56380"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Access-Control-Allow-Origin: http://shop-list.wargo.jp
Cache-Control: max-age=604800, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 577
X-XSS-Protection: 1;mode=block

GET
H/1.1 200
OK ico_down_login.png
www.wargo.jp/column/js/SERVICIO,CaixaBank/LaCaixaBank/style/ 158 B
615 B 909ms
315ms Image
image/png 153.126.135.143
SAKURA-A SAKURA I...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wargo.jp/column/js/SERVICIO,CaixaBank/LaCaixaBank/style/ico_down_login.png

Requested by

Host: www.wargo.jp
URL: https://www.wargo.jp/column/js/SERVICIO,CaixaBank/LaCaixaBank/style/estilos-login.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

153.126.135.143 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),

Reverse DNS

ik1-303-11889.vs.sakura.ne.jp

Software

Apache /

Resource Hash

0ca642d9873edab8dd38a9758117aadbb67ead25784d39cb4999df2f6079eebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.wargo.jp/column/js/SERVICIO,CaixaBank/LaCaixaBank/style/estilos-login.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 07 Sep 2022 16:45:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 23 Apr 2021 19:09:34 GMT
Server: Apache
ETag: "9e-5c0a8894b3780"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Access-Control-Allow-Origin: http://shop-list.wargo.jp
Cache-Control: max-age=604800, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 158
X-XSS-Protection: 1;mode=block

GET
H/1.1 200
OK OpenSans-Semibold-webfont.woff
www.wargo.jp/column/js/SERVICIO,CaixaBank/LaCaixaBank/style/ 96 KB
91 KB 303ms
296ms Font
application/font-woff 153.126.135.143
SAKURA-A SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wargo.jp/column/js/SERVICIO,CaixaBank/LaCaixaBank/style/OpenSans-Semibold-webfont.woff

Requested by

Host: www.wargo.jp
URL: https://www.wargo.jp/column/js/SERVICIO,CaixaBank/LaCaixaBank/style/estilos-login.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

153.126.135.143 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),

Reverse DNS

ik1-303-11889.vs.sakura.ne.jp

Software

Apache /

Resource Hash

ab823b2f6201651b4f8d0fc7afa16f0808ff92a96bd5a73273239151bf0e10d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://www.wargo.jp/column/js/SERVICIO,CaixaBank/LaCaixaBank/style/estilos-login.css
Origin: https://www.wargo.jp
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 07 Sep 2022 16:45:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: Keep-Alive
Vary: Accept-Encoding,User-Agent
X-XSS-Protection: 1;mode=block
Last-Modified: Wed, 14 Apr 2021 06:33:00 GMT
Server: Apache
ETag: "180a0-5bfe8eb075f00-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: application/font-woff
Access-Control-Allow-Origin: https://www.wargo.jp
Cache-Control: max-age=604800, public
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK ico_check.png
www.wargo.jp/column/js/SERVICIO,CaixaBank/LaCaixaBank/style/ 7 KB
8 KB 908ms
315ms Image
image/png 153.126.135.143
SAKURA-A SAKURA I...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wargo.jp/column/js/SERVICIO,CaixaBank/LaCaixaBank/style/ico_check.png

Requested by

Host: www.wargo.jp
URL: https://www.wargo.jp/column/js/SERVICIO,CaixaBank/LaCaixaBank/style/estilos-login.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

153.126.135.143 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),

Reverse DNS

ik1-303-11889.vs.sakura.ne.jp

Software

Apache /

Resource Hash

d6ecb42cd8f64d6a0077cb5d871db9b722698158062a4a6317ac611f94372373

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.wargo.jp/column/js/SERVICIO,CaixaBank/LaCaixaBank/style/estilos-login.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 07 Sep 2022 16:45:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 23 Apr 2021 19:12:36 GMT
Server: Apache
ETag: "1c6b-5c0a894245100"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Access-Control-Allow-Origin: http://shop-list.wargo.jp
Cache-Control: max-age=604800, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 7275
X-XSS-Protection: 1;mode=block

GET
H/1.1 200
OK ico_keyboard.svg
www.wargo.jp/column/js/SERVICIO,CaixaBank/LaCaixaBank/style/ 2 KB
1 KB 582ms
301ms Image
image/svg+xml 153.126.135.143
SAKURA-A SAKURA I...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wargo.jp/column/js/SERVICIO,CaixaBank/LaCaixaBank/style/ico_keyboard.svg

Requested by

Host: www.wargo.jp
URL: https://www.wargo.jp/column/js/SERVICIO,CaixaBank/LaCaixaBank/style/estilos-login.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

153.126.135.143 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),

Reverse DNS

ik1-303-11889.vs.sakura.ne.jp

Software

Apache /

Resource Hash

e265b2bd854b829f5a86191e1a3f85e4ec39ca2194556a8be007d27dfc21ed65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.wargo.jp/column/js/SERVICIO,CaixaBank/LaCaixaBank/style/estilos-login.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 07 Sep 2022 16:45:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 23 Apr 2021 19:10:32 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "845-5c0a88cc03a00-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: image/svg+xml
Access-Control-Allow-Origin: http://shop-list.wargo.jp
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 569
X-XSS-Protection: 1;mode=block

GET
H/1.1 200
OK OpenSans-Regular-webfont.woff
www.wargo.jp/column/js/SERVICIO,CaixaBank/LaCaixaBank/style/ 94 KB
89 KB 591ms
303ms Font
application/font-woff 153.126.135.143
SAKURA-A SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wargo.jp/column/js/SERVICIO,CaixaBank/LaCaixaBank/style/OpenSans-Regular-webfont.woff

Requested by

Host: www.wargo.jp
URL: https://www.wargo.jp/column/js/SERVICIO,CaixaBank/LaCaixaBank/style/estilos-login.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

153.126.135.143 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),

Reverse DNS

ik1-303-11889.vs.sakura.ne.jp

Software

Apache /

Resource Hash

3c669add48bf3a45fa266a020fcaac2e6da0fc72d1dd95ba78ac9b77e0afba32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://www.wargo.jp/column/js/SERVICIO,CaixaBank/LaCaixaBank/style/estilos-login.css
Origin: https://www.wargo.jp
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 07 Sep 2022 16:45:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: Keep-Alive
Vary: Accept-Encoding,User-Agent
X-XSS-Protection: 1;mode=block
Last-Modified: Wed, 14 Apr 2021 06:32:10 GMT
Server: Apache
ETag: "17774-5bfe8e80c6e80-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: application/font-woff
Access-Control-Allow-Origin: https://www.wargo.jp
Cache-Control: max-age=604800, public
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Caixabank (Banking)

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			cutt.ly/	1969-12-31 23:59:59	Name: PHPSESSID Value: 9ndiji8h2qj0uv9i0d2vp5b7mj
			.wargo.jp/	1969-12-31 23:59:59	Name: SID Value: livk8rvueagnojts94e55ug092

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cutt.ly
www.wargo.jp
153.126.135.143
2606:4700:10::6816:e8
2a00:1450:4001:811::200a
0ca642d9873edab8dd38a9758117aadbb67ead25784d39cb4999df2f6079eebc
3c669add48bf3a45fa266a020fcaac2e6da0fc72d1dd95ba78ac9b77e0afba32
456ef11ad2ad383548b7364a027e2b268fa1bba8afcf6ae4dc8f30aedafa0b6e
5ac009489ecf0eb04acecc023afe768a7d42e3f90eba65f46353dd2d8d2f6698
62000b0a80b0bac6572546054b2806d741dbbbc0ae79211305bf28a05966a9ec
9723a6d5f5ea669e43fd75e6af8770704573ebc065e148c13c78c334654f9007
ab823b2f6201651b4f8d0fc7afa16f0808ff92a96bd5a73273239151bf0e10d0
d6ecb42cd8f64d6a0077cb5d871db9b722698158062a4a6317ac611f94372373
e265b2bd854b829f5a86191e1a3f85e4ec39ca2194556a8be007d27dfc21ed65
eec67408d21d3fdcd87be73d71a2c8f701eb29efa35f009e87aa731d6e3f0a04
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

www.wargo.jp Open in urlscan Pro 153.126.135.143 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

12 Requests

100 %HTTPS

67 %IPv6

3 Domains

3 Subdomains

2 IPs

3 Countries

242 kBTransfer

316 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

11 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

www.wargo.jp Open in urlscan Pro
153.126.135.143 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

2
IPs

3
Countries

242 kB
Transfer

316 kB
Size

2
Cookies

12 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!