redasd93400fasd9fv9rt4ed.sigue.la Open in urlscan Pro
45.248.76.26 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://a-ec.in/dneenm
Effective URL:
https://redasd93400fasd9fv9rt4ed.sigue.la/
Submission: On February 24 via manual (February 24th 2023, 8:44:02 am UTC) from IN — Scanned from NL

Summary HTTP 21 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 3 IPs in 4 countries across 5 domains to perform 21 HTTP transactions. The main IP is 45.248.76.26, located in Sydney, Australia and belongs to HOST-AS-AP Host Universal Pty Ltd, AU. The main domain is redasd93400fasd9fv9rt4ed.sigue.la.
TLS certificate: Issued by R3 on February 22nd 2023. Valid for: 3 months.

This is the only time redasd93400fasd9fv9rt4ed.sigue.la was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Banreservas (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a06:98c1:312... 2a06:98c1:3120::c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	168.220.91.95 168.220.91.95	40509 (FLY) (FLY)
1 1	103.251.44.139 103.251.44.139	131775 (IDNIC-JAL...) (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta)
2	172.107.163.116 172.107.163.116	40676 (AS40676) (AS40676)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1a	20446 (STACKPATH...) (STACKPATH-CDN)
18	45.248.76.26 45.248.76.26	136557 (HOST-AS-A...) (HOST-AS-AP Host Universal Pty Ltd)
21	3

1 2a06:98c1:3120::c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a-ec.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 168.220.91.95 (United States) 1 redirects

ASN40509 (FLY, US)

twtr.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.251.44.139 (Indonesia) 1 redirects

ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID)
PTR: redmail.colo.co.id

short.co.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.107.163.116 (Dallas, United States)

ASN40676 (AS40676, US)
PTR: da2.tx.warpline.com

redirecciso3499423904230000.sigue.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 45.248.76.26 (Sydney, Australia)

ASN136557 (HOST-AS-AP Host Universal Pty Ltd, AU)
PTR: syd4.hostingsvr.net

redasd93400fasd9fv9rt4ed.sigue.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	sigue.la redirecciso3499423904230000.sigue.la redasd93400fasd9fv9rt4ed.sigue.la	239 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 693	78 KB
1	short.co.id 1 redirects short.co.id	1010 B
1	twtr.to 1 redirects twtr.to	1 KB
1	a-ec.in 1 redirects a-ec.in	472 B
21	5

	Domain	Requested by
18	redasd93400fasd9fv9rt4ed.sigue.la	redasd93400fasd9fv9rt4ed.sigue.la
2	redirecciso3499423904230000.sigue.la	redirecciso3499423904230000.sigue.la
1	code.jquery.com	redirecciso3499423904230000.sigue.la
1	short.co.id	1 redirects
1	twtr.to	1 redirects
1	a-ec.in	1 redirects
21	6

This site contains links to these domains. Also see Links.

Domain
dev-banreservas.pantheonsite.io

Subject Issuer	Validity	Valid
redirecciso3499423904230000.sigue.la R3	`2023-02-22` - `2023-05-23`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
redasd93400fasd9fv9rt4ed.sigue.la R3	`2023-02-22` - `2023-05-23`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://redasd93400fasd9fv9rt4ed.sigue.la/
Frame ID: 8D24A3F7B2805239A33821346DE71270
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Banreservas

Page URL History Show full URLs

https://a-ec.in/dneenm HTTP 302
https://twtr.to/DyV1 HTTP 301
https://short.co.id/sizf6 HTTP 301
https://redirecciso3499423904230000.sigue.la/loaderbanreserva.html Page URL
https://redasd93400fasd9fv9rt4ed.sigue.la/ Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

21
Requests

100 %
HTTPS

33 %
IPv6

5
Domains

6
Subdomains

3
IPs

4
Countries

317 kB
Transfer

738 kB
Size

4
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://dev-banreservas.pantheonsite.io/banreservas/
Title: Contáctenos

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://a-ec.in/dneenm HTTP 302
https://twtr.to/DyV1 HTTP 301
https://short.co.id/sizf6 HTTP 301
https://redirecciso3499423904230000.sigue.la/loaderbanreserva.html Page URL
https://redasd93400fasd9fv9rt4ed.sigue.la/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://a-ec.in/dneenm HTTP 302
https://twtr.to/DyV1 HTTP 301
https://short.co.id/sizf6 HTTP 301
https://redirecciso3499423904230000.sigue.la/loaderbanreserva.html

21 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

loaderbanreserva.html Show response
redirecciso3499423904230000.sigue.la/
Redirect Chain

https://a-ec.in/dneenm
https://twtr.to/DyV1
https://short.co.id/sizf6
https://redirecciso3499423904230000.sigue.la/loaderbanreserva.html

5 KB
2 KB

1121ms
132ms

Document
text/html

172.107.163.116
AS40676

General

Check archive.org

Show headers Download Go to

Full URL: https://redirecciso3499423904230000.sigue.la/loaderbanreserva.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.107.163.116 Dallas, United States, ASN40676 (AS40676, US),
Reverse DNS: da2.tx.warpline.com
Software: LiteSpeed /
Resource Hash: 564697ee87e10a838ba5557de83239f2374291e5cd44b9c81d2bf40bec7921f0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-encoding: br
content-length: 1373
content-type: text/html
date: Fri, 24 Feb 2023 08:43:57 GMT
etag: "1474-63f64ab7-d8b0e2a3d0d47b75;br"
last-modified: Wed, 22 Feb 2023 17:02:47 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent

Redirect headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: must-revalidate, no-cache, no-store, private
content-encoding: br
content-length: 196
content-type: text/html; charset=UTF-8
date: Fri, 24 Feb 2023 08:43:55 GMT
location: https://redirecciso3499423904230000.sigue.la/loaderbanreserva.html
server: LiteSpeed
vary: Accept-Encoding

GET
H2 404 java.js
redirecciso3499423904230000.sigue.la/netakrehabzvgeg/ 0
0 132ms
131ms Script
text/html 172.107.163.116
AS40676

General

Check archive.org

Show headers Download Go to

Full URL: https://redirecciso3499423904230000.sigue.la/netakrehabzvgeg/java.js
Requested by: Host: redirecciso3499423904230000.sigue.la
URL: https://redirecciso3499423904230000.sigue.la/loaderbanreserva.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.107.163.116 Dallas, United States, ASN40676 (AS40676, US),
Reverse DNS: da2.tx.warpline.com
Software: LiteSpeed /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redirecciso3499423904230000.sigue.la/loaderbanreserva.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 08:43:57 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
server: LiteSpeed
content-length: 1237
vary: User-Agent
content-type: text/html

GET
H2 200 jquery-3.2.1.js Show response
code.jquery.com/ 262 KB
78 KB 103ms
29ms Script
application/javascript 2001:4de0:ac18::1:a:1a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.2.1.js
Requested by: Host: redirecciso3499423904230000.sigue.la
URL: https://redirecciso3499423904230000.sigue.la/loaderbanreserva.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d9027289ffa5d9f6c8b4e0782bb31bbff2cef5ee3708ccbcb7a22df9128bb21

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redirecciso3499423904230000.sigue.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 08:43:57 GMT
content-encoding: gzip
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
server: nginx
etag: W/"620cd6ff-41707"
vary: Accept-Encoding
x-hw: 1677228237.dop150.am5.t,1677228237.cds017.am5.hn,1677228237.cds001.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 79082

GET
H2 200 Primary Request / Show response
redasd93400fasd9fv9rt4ed.sigue.la/ 18 KB
4 KB 1313ms
277ms Document
text/html 45.248.76.26
HOST-AS-AP Host U...

General

Check archive.org

Show headers Download Go to

Full URL

https://redasd93400fasd9fv9rt4ed.sigue.la/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.248.76.26 Sydney, Australia, ASN136557 (HOST-AS-AP Host Universal Pty Ltd, AU),

Reverse DNS

syd4.hostingsvr.net

Software

LiteSpeed /

Resource Hash

a325932ad8e67c11d8195bbae4f9ce3f127b410b9da9ec17d7f231279d545131

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://redirecciso3499423904230000.sigue.la/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-length: 3506
content-security-policy: block-all-mixed-content
content-type: text/html
date: Fri, 24 Feb 2023 08:43:58 GMT
etag: "477d-63f647e4-b346ba2be086377e;br"
last-modified: Wed, 22 Feb 2023 16:50:44 GMT
permissions-policy: geolocation=*, midi=(), sync-xhr=(self "https://redasd93400fasd9fv9rt4ed.sigue.la" "https://www.redasd93400fasd9fv9rt4ed.sigue.la"), microphone=(), camera=(), magnetometer=(), gyroscope=(), payment=(), fullscreen=(self "https://redasd93400fasd9fv9rt4ed.sigue.la" "https://www.redasd93400fasd9fv9rt4ed.sigue.la")
referrer-policy: no-referrer-when-downgrade
server: LiteSpeed
strict-transport-security: max-age=31536000
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: master-only
x-xss-protection: 1; mode=block

GET
H2 200 jquery.min.js.descarga Show response
redasd93400fasd9fv9rt4ed.sigue.la/index_files/ 87 KB
88 KB 636ms
634ms Script
application/octet-stream 45.248.76.26
HOST-AS-AP Host U...

General

Check archive.org

Show headers Download Go to

Full URL

https://redasd93400fasd9fv9rt4ed.sigue.la/index_files/jquery.min.js.descarga

Requested by

Host: redasd93400fasd9fv9rt4ed.sigue.la
URL: https://redasd93400fasd9fv9rt4ed.sigue.la/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.248.76.26 Sydney, Australia, ASN136557 (HOST-AS-AP Host Universal Pty Ltd, AU),

Reverse DNS

syd4.hostingsvr.net

Software

LiteSpeed /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redasd93400fasd9fv9rt4ed.sigue.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 08:43:58 GMT
x-content-type-options: nosniff
last-modified: Wed, 22 Feb 2023 16:51:13 GMT
server: LiteSpeed
etag: "15d84-63f64801-f2f5b41bb2578a5b;;;"
vary: User-Agent
content-type: application/octet-stream
accept-ranges: bytes
content-length: 89476

GET
H2 200 jquery-ui-1.8.9.custom.css
redasd93400fasd9fv9rt4ed.sigue.la/index_files/ 53 KB
8 KB 327ms
326ms Stylesheet
text/css 45.248.76.26
HOST-AS-AP Host U...

General

Check archive.org

Show headers Download Go to

Full URL

https://redasd93400fasd9fv9rt4ed.sigue.la/index_files/jquery-ui-1.8.9.custom.css

Requested by

Host: redasd93400fasd9fv9rt4ed.sigue.la
URL: https://redasd93400fasd9fv9rt4ed.sigue.la/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.248.76.26 Sydney, Australia, ASN136557 (HOST-AS-AP Host Universal Pty Ltd, AU),

Reverse DNS

syd4.hostingsvr.net

Software

LiteSpeed /

Resource Hash

672889370c88571465549ab9720dbce0158ce90e5dcded902c03f9bee67ec52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redasd93400fasd9fv9rt4ed.sigue.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 08:43:58 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 22 Feb 2023 16:51:10 GMT
server: LiteSpeed
etag: "d581-63f647fe-73b751d22a8fb229;br"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7775
expires: Fri, 03 Mar 2023 08:43:58 GMT

GET
H2 200 dropkickddl.css
redasd93400fasd9fv9rt4ed.sigue.la/index_files/ 9 KB
2 KB 634ms
633ms Stylesheet
text/css 45.248.76.26
HOST-AS-AP Host U...

General

Check archive.org

Show headers Download Go to

Full URL

https://redasd93400fasd9fv9rt4ed.sigue.la/index_files/dropkickddl.css

Requested by

Host: redasd93400fasd9fv9rt4ed.sigue.la
URL: https://redasd93400fasd9fv9rt4ed.sigue.la/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.248.76.26 Sydney, Australia, ASN136557 (HOST-AS-AP Host Universal Pty Ltd, AU),

Reverse DNS

syd4.hostingsvr.net

Software

LiteSpeed /

Resource Hash

1dfa948af444533fdc739ef41eba1acdedabb6225d84bab6162bf82c76993631

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redasd93400fasd9fv9rt4ed.sigue.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 08:43:58 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 22 Feb 2023 16:51:09 GMT
server: LiteSpeed
etag: "24a3-63f647fd-72959428bc37c9eb;br"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1963
expires: Fri, 03 Mar 2023 08:43:58 GMT

GET
H2 200 jquery-ui-1.8.9.custom(1).css
redasd93400fasd9fv9rt4ed.sigue.la/index_files/ 53 KB
8 KB 401ms
401ms Stylesheet
text/css 45.248.76.26
HOST-AS-AP Host U...

General

Check archive.org

Show headers Download Go to

Full URL

https://redasd93400fasd9fv9rt4ed.sigue.la/index_files/jquery-ui-1.8.9.custom(1).css

Requested by

Host: redasd93400fasd9fv9rt4ed.sigue.la
URL: https://redasd93400fasd9fv9rt4ed.sigue.la/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.248.76.26 Sydney, Australia, ASN136557 (HOST-AS-AP Host Universal Pty Ltd, AU),

Reverse DNS

syd4.hostingsvr.net

Software

LiteSpeed /

Resource Hash

672889370c88571465549ab9720dbce0158ce90e5dcded902c03f9bee67ec52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redasd93400fasd9fv9rt4ed.sigue.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 08:43:58 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 22 Feb 2023 16:51:10 GMT
server: LiteSpeed
etag: "d581-63f647fe-feacc69d675e2ea;br"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7775
expires: Fri, 03 Mar 2023 08:43:58 GMT

GET
H2 200 Login.css
redasd93400fasd9fv9rt4ed.sigue.la/index_files/ 141 KB
18 KB 768ms
768ms Stylesheet
text/css 45.248.76.26
HOST-AS-AP Host U...

General

Check archive.org

Show headers Download Go to

Full URL

https://redasd93400fasd9fv9rt4ed.sigue.la/index_files/Login.css

Requested by

Host: redasd93400fasd9fv9rt4ed.sigue.la
URL: https://redasd93400fasd9fv9rt4ed.sigue.la/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.248.76.26 Sydney, Australia, ASN136557 (HOST-AS-AP Host Universal Pty Ltd, AU),

Reverse DNS

syd4.hostingsvr.net

Software

LiteSpeed /

Resource Hash

0ffca68be3eb468a03de2b917b9644a6351e2bf32a2faea4c7df78d259f560fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redasd93400fasd9fv9rt4ed.sigue.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 08:43:58 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 22 Feb 2023 16:51:13 GMT
server: LiteSpeed
etag: "23235-63f64801-d3f86f5138942d98;br"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 18480
expires: Fri, 03 Mar 2023 08:43:58 GMT

GET
H3 200 img-close.gif
redasd93400fasd9fv9rt4ed.sigue.la/index_files/ 201 B
343 B 284ms
283ms Image
image/gif 45.248.76.26
HOST-AS-AP Host U...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://redasd93400fasd9fv9rt4ed.sigue.la/index_files/img-close.gif

Requested by

Host: redasd93400fasd9fv9rt4ed.sigue.la
URL: https://redasd93400fasd9fv9rt4ed.sigue.la/

Protocol

Security

QUIC, , AES_128_GCM

Server

45.248.76.26 Sydney, Australia, ASN136557 (HOST-AS-AP Host Universal Pty Ltd, AU),

Reverse DNS

syd4.hostingsvr.net

Software

LiteSpeed /

Resource Hash

a2a147aed818d81267d1aeef5089bdd33eecbe27e15ffe4e263e93db1592ffab

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redasd93400fasd9fv9rt4ed.sigue.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 08:44:00 GMT
x-content-type-options: nosniff
last-modified: Wed, 22 Feb 2023 16:51:08 GMT
server: LiteSpeed
etag: "c9-63f647fc-7f9bb34c67018b8e;;;"
vary: User-Agent
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 201
expires: Fri, 03 Mar 2023 08:44:00 GMT

GET
H3 200 teclado_login_minusculas.png
redasd93400fasd9fv9rt4ed.sigue.la/index_files/ 11 KB
11 KB 283ms
283ms Image
image/png 45.248.76.26
HOST-AS-AP Host U...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://redasd93400fasd9fv9rt4ed.sigue.la/index_files/teclado_login_minusculas.png

Requested by

Host: redasd93400fasd9fv9rt4ed.sigue.la
URL: https://redasd93400fasd9fv9rt4ed.sigue.la/

Protocol

Security

QUIC, , AES_128_GCM

Server

45.248.76.26 Sydney, Australia, ASN136557 (HOST-AS-AP Host Universal Pty Ltd, AU),

Reverse DNS

syd4.hostingsvr.net

Software

LiteSpeed /

Resource Hash

3881c3d4a74c024164745d229bdb1476c66d633a97b80990f5e52ba808d3f586

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redasd93400fasd9fv9rt4ed.sigue.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 08:44:00 GMT
x-content-type-options: nosniff
last-modified: Wed, 22 Feb 2023 16:51:15 GMT
server: LiteSpeed
etag: "2be2-63f64803-9abcd05101c1ebcf;;;"
vary: User-Agent
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 11234
expires: Fri, 03 Mar 2023 08:44:00 GMT

GET
H3 200 teclado_virtual_chico_ac.gif
redasd93400fasd9fv9rt4ed.sigue.la/index_files/ 439 B
514 B 330ms
330ms Image
image/gif 45.248.76.26
HOST-AS-AP Host U...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://redasd93400fasd9fv9rt4ed.sigue.la/index_files/teclado_virtual_chico_ac.gif

Requested by

Host: redasd93400fasd9fv9rt4ed.sigue.la
URL: https://redasd93400fasd9fv9rt4ed.sigue.la/

Protocol

Security

QUIC, , AES_128_GCM

Server

45.248.76.26 Sydney, Australia, ASN136557 (HOST-AS-AP Host Universal Pty Ltd, AU),

Reverse DNS

syd4.hostingsvr.net

Software

LiteSpeed /

Resource Hash

dd2a63cd72110e84ba59d6b102179f1aac916692ab52f6cbb4c44a217d6264f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redasd93400fasd9fv9rt4ed.sigue.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 08:44:00 GMT
x-content-type-options: nosniff
last-modified: Wed, 22 Feb 2023 16:51:16 GMT
server: LiteSpeed
etag: "1b7-63f64804-f29cdd7d8c9f8da5;;;"
vary: User-Agent
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 439
expires: Fri, 03 Mar 2023 08:44:00 GMT

GET
H3 200 teclado_virtual_chico_bc.gif
redasd93400fasd9fv9rt4ed.sigue.la/index_files/ 2 KB
2 KB 330ms
329ms Image
image/gif 45.248.76.26
HOST-AS-AP Host U...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://redasd93400fasd9fv9rt4ed.sigue.la/index_files/teclado_virtual_chico_bc.gif

Requested by

Host: redasd93400fasd9fv9rt4ed.sigue.la
URL: https://redasd93400fasd9fv9rt4ed.sigue.la/

Protocol

Security

QUIC, , AES_128_GCM

Server

45.248.76.26 Sydney, Australia, ASN136557 (HOST-AS-AP Host Universal Pty Ltd, AU),

Reverse DNS

syd4.hostingsvr.net

Software

LiteSpeed /

Resource Hash

02fe54b69ccfd76f3547aa5d392fc6bbbfee4ab0b6bfeaa719924277415143e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redasd93400fasd9fv9rt4ed.sigue.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 08:44:00 GMT
x-content-type-options: nosniff
last-modified: Wed, 22 Feb 2023 16:51:17 GMT
server: LiteSpeed
etag: "8a3-63f64805-622e41f35d8d14b;;;"
vary: User-Agent
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2211
expires: Fri, 03 Mar 2023 08:44:00 GMT

GET
H3 200 logo_banreservas.png
redasd93400fasd9fv9rt4ed.sigue.la/index_files/ 14 KB
14 KB 344ms
343ms Image
image/png 45.248.76.26
HOST-AS-AP Host U...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://redasd93400fasd9fv9rt4ed.sigue.la/index_files/logo_banreservas.png

Requested by

Host: redasd93400fasd9fv9rt4ed.sigue.la
URL: https://redasd93400fasd9fv9rt4ed.sigue.la/

Protocol

Security

QUIC, , AES_128_GCM

Server

45.248.76.26 Sydney, Australia, ASN136557 (HOST-AS-AP Host Universal Pty Ltd, AU),

Reverse DNS

syd4.hostingsvr.net

Software

LiteSpeed /

Resource Hash

b57ab0866f889d8aad9959f6fdf867c1672de5e89d7dd37c8bcfb15124707730

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redasd93400fasd9fv9rt4ed.sigue.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 08:44:00 GMT
x-content-type-options: nosniff
last-modified: Wed, 22 Feb 2023 16:51:14 GMT
server: LiteSpeed
etag: "3822-63f64802-691e5ce80e14ac17;;;"
vary: User-Agent
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 14370
expires: Fri, 03 Mar 2023 08:44:00 GMT

GET
H3 200 sello_superintendencia.png
redasd93400fasd9fv9rt4ed.sigue.la/index_files/ 11 KB
11 KB 434ms
434ms Image
image/png 45.248.76.26
HOST-AS-AP Host U...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://redasd93400fasd9fv9rt4ed.sigue.la/index_files/sello_superintendencia.png

Requested by

Host: redasd93400fasd9fv9rt4ed.sigue.la
URL: https://redasd93400fasd9fv9rt4ed.sigue.la/

Protocol

Security

QUIC, , AES_128_GCM

Server

45.248.76.26 Sydney, Australia, ASN136557 (HOST-AS-AP Host Universal Pty Ltd, AU),

Reverse DNS

syd4.hostingsvr.net

Software

LiteSpeed /

Resource Hash

a936d90c691883cba76f192043ea982a2e5b31bbe723bff7240d1faa0abbe01c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redasd93400fasd9fv9rt4ed.sigue.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 08:44:00 GMT
x-content-type-options: nosniff
last-modified: Wed, 22 Feb 2023 16:51:15 GMT
server: LiteSpeed
etag: "2ccf-63f64803-ddbded90c8045d67;;;"
vary: User-Agent
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 11471
expires: Fri, 03 Mar 2023 08:44:00 GMT

GET
H3 200 sax.js.descarga Show response
redasd93400fasd9fv9rt4ed.sigue.la/index_files/ 1 KB
1 KB 283ms
283ms Script
application/octet-stream 45.248.76.26
HOST-AS-AP Host U...

General

Check archive.org

Show headers Download Go to

Full URL

https://redasd93400fasd9fv9rt4ed.sigue.la/index_files/sax.js.descarga

Requested by

Host: redasd93400fasd9fv9rt4ed.sigue.la
URL: https://redasd93400fasd9fv9rt4ed.sigue.la/

Protocol

Security

QUIC, , AES_128_GCM

Server

45.248.76.26 Sydney, Australia, ASN136557 (HOST-AS-AP Host Universal Pty Ltd, AU),

Reverse DNS

syd4.hostingsvr.net

Software

LiteSpeed /

Resource Hash

15fb42a82c832cf31c95c026a711de38fb1069c73f9ce6006ef3c9e2fdbfbeef

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redasd93400fasd9fv9rt4ed.sigue.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 08:43:59 GMT
x-content-type-options: nosniff
last-modified: Wed, 22 Feb 2023 16:51:14 GMT
server: LiteSpeed
etag: "4a9-63f64802-d381b21c6596707a;;;"
vary: User-Agent
content-type: application/octet-stream
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 1193

GET
H3 404 fondo_Banreservas.jpg
redasd93400fasd9fv9rt4ed.sigue.la/img/ 1 KB
1 KB 474ms
473ms Image
text/html 45.248.76.26
HOST-AS-AP Host U...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://redasd93400fasd9fv9rt4ed.sigue.la/img/fondo_Banreservas.jpg

Requested by

Host: redasd93400fasd9fv9rt4ed.sigue.la
URL: https://redasd93400fasd9fv9rt4ed.sigue.la/index_files/Login.css

Protocol

Security

QUIC, , AES_128_GCM

Server

45.248.76.26 Sydney, Australia, ASN136557 (HOST-AS-AP Host Universal Pty Ltd, AU),

Reverse DNS

syd4.hostingsvr.net

Software

LiteSpeed /

Resource Hash

2ad27bff63ba2028dc394ff11f71fca862f3823e39f228951b4705c561f53f5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redasd93400fasd9fv9rt4ed.sigue.la/index_files/Login.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 08:44:00 GMT
x-content-type-options: nosniff
server: LiteSpeed
vary: User-Agent
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 1238

GET
H3 404 row-down_menuSup.png
redasd93400fasd9fv9rt4ed.sigue.la/img/ 1 KB
1 KB 480ms
480ms Image
text/html 45.248.76.26
HOST-AS-AP Host U...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://redasd93400fasd9fv9rt4ed.sigue.la/img/row-down_menuSup.png

Requested by

Host: redasd93400fasd9fv9rt4ed.sigue.la
URL: https://redasd93400fasd9fv9rt4ed.sigue.la/index_files/Login.css

Protocol

Security

QUIC, , AES_128_GCM

Server

45.248.76.26 Sydney, Australia, ASN136557 (HOST-AS-AP Host Universal Pty Ltd, AU),

Reverse DNS

syd4.hostingsvr.net

Software

LiteSpeed /

Resource Hash

5343de36882ccb07144c432dc07e1b5ddb2701bacf092bd24f3622bcb70acd51

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redasd93400fasd9fv9rt4ed.sigue.la/index_files/Login.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 08:44:00 GMT
x-content-type-options: nosniff
server: LiteSpeed
vary: User-Agent
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 1238

GET
H3 404 requerido_ban.png
redasd93400fasd9fv9rt4ed.sigue.la/img/ 1 KB
1 KB 488ms
488ms Image
text/html 45.248.76.26
HOST-AS-AP Host U...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://redasd93400fasd9fv9rt4ed.sigue.la/img/requerido_ban.png

Requested by

Host: redasd93400fasd9fv9rt4ed.sigue.la
URL: https://redasd93400fasd9fv9rt4ed.sigue.la/index_files/Login.css

Protocol

Security

QUIC, , AES_128_GCM

Server

45.248.76.26 Sydney, Australia, ASN136557 (HOST-AS-AP Host Universal Pty Ltd, AU),

Reverse DNS

syd4.hostingsvr.net

Software

LiteSpeed /

Resource Hash

5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redasd93400fasd9fv9rt4ed.sigue.la/index_files/Login.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 08:44:00 GMT
x-content-type-options: nosniff
server: LiteSpeed
vary: User-Agent
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 1238

GET
H3 404 OpenSans.woff
redasd93400fasd9fv9rt4ed.sigue.la/Fonts/ 0
0 493ms
493ms Font
text/html 45.248.76.26
HOST-AS-AP Host U...

General

Check archive.org

Show headers Download Go to

Full URL

https://redasd93400fasd9fv9rt4ed.sigue.la/Fonts/OpenSans.woff

Requested by

Host: redasd93400fasd9fv9rt4ed.sigue.la
URL: https://redasd93400fasd9fv9rt4ed.sigue.la/index_files/Login.css

Protocol

Security

QUIC, , AES_128_GCM

Server

45.248.76.26 Sydney, Australia, ASN136557 (HOST-AS-AP Host Universal Pty Ltd, AU),

Reverse DNS

syd4.hostingsvr.net

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://redasd93400fasd9fv9rt4ed.sigue.la/index_files/Login.css
Origin: https://redasd93400fasd9fv9rt4ed.sigue.la
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 08:44:00 GMT
x-content-type-options: nosniff
server: LiteSpeed
vary: User-Agent
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 1238

GET
H3 200 profilepersonas.jpg
redasd93400fasd9fv9rt4ed.sigue.la/img/ 66 KB
66 KB 811ms
811ms Image
image/jpeg 45.248.76.26
HOST-AS-AP Host U...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://redasd93400fasd9fv9rt4ed.sigue.la/img/profilepersonas.jpg

Requested by

Host: redasd93400fasd9fv9rt4ed.sigue.la
URL: https://redasd93400fasd9fv9rt4ed.sigue.la/index_files/Login.css

Protocol

Security

QUIC, , AES_128_GCM

Server

45.248.76.26 Sydney, Australia, ASN136557 (HOST-AS-AP Host Universal Pty Ltd, AU),

Reverse DNS

syd4.hostingsvr.net

Software

LiteSpeed /

Resource Hash

c164d7efc93f0c103774d762189760eec7fbbf7955ce4857d81b46b9b6914b3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redasd93400fasd9fv9rt4ed.sigue.la/index_files/Login.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 08:44:00 GMT
x-content-type-options: nosniff
last-modified: Wed, 22 Feb 2023 16:51:05 GMT
server: LiteSpeed
etag: "107cd-63f647f9-e47f11a02719b916;;;"
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 67533
expires: Fri, 03 Mar 2023 08:44:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banreservas (Banking)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
twtr.to/	1970-01-20 10:13:57	Name: XSRF-TOKEN Value: eyJpdiI6InR2ektWZVdESDAvZkZFcVpDOUZ1c1E9PSIsInZhbHVlIjoiZ044YjZIL21xZlZ3VWp1b2RMOUlnbVVSQnZGOHBhakxFRHBQbkFWREs3dHlhbWhyb2dvWERha2ZOazE2V2wxWEMzZjNjNjM3YVRZTC92bmFXSUJpcjZRaTVEeUlXZVlyYy9OVzlESm1UNUI4S0s4VE8wV2RybHBJSWZrejdkc3kiLCJtYWMiOiI2ZGJmODYwOTNhODVhZmFlOTcxNzhkMDE2YmQ5MWJlMjVmM2I2MTNlODQ3YjQzZWVmYWU2MGJmMDg1NGFjYWZlIiwidGFnIjoiIn0%3D
twtr.to/	1970-01-20 10:13:57	Name: tly_session Value: eyJpdiI6IjV0Vk1YeGNqWnRZaHY3M2NKcVJyT0E9PSIsInZhbHVlIjoiMmVTU2VXem81R3hwaDMzdUV6Mksva2tLd3NReEp6K25mYXM3NFN0d0RMcTdyYkN6bFN0aUxNS1BDZXFiT2w1R0EyUzlSWWZQSENSSkFjNFNhZWtJM1RaR0lxamZHUUhIbDBvTCtQRHhPL1RBLy96djJEQjdRSzd1bjA4ZDFhSUgiLCJtYWMiOiI1ZDJmYmRkODYxZGI5MTA3YTNiNzdhYTA5NzQ5ZDI0Y2IxM2EzNTA0NGNiNTk1YTU2NjBlM2QwNmU1ZjE0ODE5IiwidGFnIjoiIn0%3D
short.co.id/	1970-01-20 09:53:55	Name: XSRF-TOKEN Value: eyJpdiI6Im00a0ZVdmE4ZlRzVmlWTVZTVkVob1E9PSIsInZhbHVlIjoiMDRpY21VOFdydFFhRjhYenlZRGRBNTlhd1ZkUUNFMzQ5Qmd4ZEhJa0piNnZ6QURPRWZFVjZ4L2o2N2JrekVNMUlnZ2h2QjJWd0oxd0VaYmtuU3drb0FFSUJFckI4TDVWVzJNZVJhQnJGL3B5RlB6UXZyU0RGNW5JTzJhdUxSOCsiLCJtYWMiOiI3OWNlOTI3NmYxNTUzYTBkZDFjYzRlMjIzOTc1ZjU5MTljYjc1NTFmNGI5OGY0YjIwMTM5NGQ4YWY1MzRiNmI1IiwidGFnIjoiIn0%3D
short.co.id/	1970-01-20 09:53:55	Name: phpshort_session Value: eyJpdiI6Im83cWcydUMwQlczbEhqUkFjU3lDd3c9PSIsInZhbHVlIjoiSWtIUUlLaWE5WUhIUzNYQXUxMHdsRU9iWFMwWmc4dG1NbHhwaUlVN0VacGpqRmpkbkE4OWc1UngySmFjclFxcjZHZjQyTEs2UlVtdXp6Sm8xSnJJVkRNKzJTTDdrUVdkNjJZZmdKZ0lVWERSUEJVR1U4R1hTQ2d0enNlV3I5SjEiLCJtYWMiOiI1ODlhOWUzZDg4ZDUyODA4Zjg2YTNkMzk1MWFmMDNiZjUyNmQ4MzhjZjU5Njk3MTdkNWM4ZWU2YTA0NzIzMzIyIiwidGFnIjoiIn0%3D

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://redirecciso3499423904230000.sigue.la/netakrehabzvgeg/java.js Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://redasd93400fasd9fv9rt4ed.sigue.la/ Message: Refused to execute script from 'https://redasd93400fasd9fv9rt4ed.sigue.la/index_files/jquery.min.js.descarga' because its MIME type ('application/octet-stream') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://redasd93400fasd9fv9rt4ed.sigue.la/ Message: Refused to execute script from 'https://redasd93400fasd9fv9rt4ed.sigue.la/index_files/sax.js.descarga' because its MIME type ('application/octet-stream') is not executable, and strict MIME type checking is enabled.
network	error	URL: https://redasd93400fasd9fv9rt4ed.sigue.la/img/fondo_Banreservas.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://redasd93400fasd9fv9rt4ed.sigue.la/img/row-down_menuSup.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://redasd93400fasd9fv9rt4ed.sigue.la/img/requerido_ban.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://redasd93400fasd9fv9rt4ed.sigue.la/Fonts/OpenSans.woff Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a-ec.in
code.jquery.com
redasd93400fasd9fv9rt4ed.sigue.la
redirecciso3499423904230000.sigue.la
short.co.id
twtr.to
103.251.44.139
168.220.91.95
172.107.163.116
2001:4de0:ac18::1:a:1a
2a06:98c1:3120::c
45.248.76.26
02fe54b69ccfd76f3547aa5d392fc6bbbfee4ab0b6bfeaa719924277415143e7
0d9027289ffa5d9f6c8b4e0782bb31bbff2cef5ee3708ccbcb7a22df9128bb21
0ffca68be3eb468a03de2b917b9644a6351e2bf32a2faea4c7df78d259f560fc
15fb42a82c832cf31c95c026a711de38fb1069c73f9ce6006ef3c9e2fdbfbeef
1dfa948af444533fdc739ef41eba1acdedabb6225d84bab6162bf82c76993631
2ad27bff63ba2028dc394ff11f71fca862f3823e39f228951b4705c561f53f5b
3881c3d4a74c024164745d229bdb1476c66d633a97b80990f5e52ba808d3f586
5343de36882ccb07144c432dc07e1b5ddb2701bacf092bd24f3622bcb70acd51
564697ee87e10a838ba5557de83239f2374291e5cd44b9c81d2bf40bec7921f0
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
672889370c88571465549ab9720dbce0158ce90e5dcded902c03f9bee67ec52c
a2a147aed818d81267d1aeef5089bdd33eecbe27e15ffe4e263e93db1592ffab
a325932ad8e67c11d8195bbae4f9ce3f127b410b9da9ec17d7f231279d545131
a936d90c691883cba76f192043ea982a2e5b31bbe723bff7240d1faa0abbe01c
b57ab0866f889d8aad9959f6fdf867c1672de5e89d7dd37c8bcfb15124707730
c164d7efc93f0c103774d762189760eec7fbbf7955ce4857d81b46b9b6914b3d
dd2a63cd72110e84ba59d6b102179f1aac916692ab52f6cbb4c44a217d6264f6
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

redasd93400fasd9fv9rt4ed.sigue.la Open in urlscan Pro 45.248.76.26 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

21 Requests

100 %HTTPS

33 %IPv6

5 Domains

6 Subdomains

3 IPs

4 Countries

317 kBTransfer

738 kBSize

4 Cookies

1 Outgoing links

Page URL History

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

1 JavaScript Global Variables

4 Cookies

7 Console Messages

Indicators

redasd93400fasd9fv9rt4ed.sigue.la Open in urlscan Pro
45.248.76.26 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

100 %
HTTPS

33 %
IPv6

5
Domains

6
Subdomains

3
IPs

4
Countries

317 kB
Transfer

738 kB
Size

4
Cookies

21 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!