urlscan.io logo urlscan.io
SecurityTrails logo

rswellbra.com Open in urlscan Pro
61.221.35.27  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://vo.la/W80Ug5
Effective URL: https://rswellbra.com/wp-content/.../wp-include/cuenta/santa/ab3012a4ff5550f/login.php?signin
Submission: On November 29 via manual from ES — Scanned from ES
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 3 countries across 3 domains to perform 16 HTTP transactions. The main IP is 61.221.35.27, located in Taipei, Taiwan and belongs to HINET Data Communication Business Group, TW. The main domain is rswellbra.com.
TLS certificate: Issued by R3 on October 19th 2022. Valid for: 3 months.
This is the only time rswellbra.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Santander (Banking)

Domain & IP information

IP Address AS Autonomous System
1 1 3.36.211.47 16509 (AMAZON-02)
1 1 18.229.193.34 16509 (AMAZON-02)
1 17 61.221.35.27 3462 (HINET Dat...)
16 1
Apex Domain
Subdomains		 Transfer
17 rswellbra.com
rswellbra.com
2 MB
1 nutriya.cl
nutriya.cl
282 B
1 vo.la
vo.la
1 KB
16 3
Domain Requested by
17 rswellbra.com 1 redirects rswellbra.com
1 nutriya.cl 1 redirects
1 vo.la 1 redirects
16 3

This site contains no links.

Subject Issuer Validity Valid
rswellbra.com
R3		 2022-10-19 -
2023-01-17		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://rswellbra.com/wp-content/.../wp-include/cuenta/santa/ab3012a4ff5550f/login.php?signin
Frame ID: E05B9FB4692C8B104181FBBD25EB1906
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home

Page URL History Show full URLs

  1. https://vo.la/W80Ug5 HTTP 301
    https://nutriya.cl/html HTTP 301
    https://rswellbra.com/wp-content/.../wp-include/cuenta/santa/ HTTP 302
    https://rswellbra.com/wp-content/.../wp-include/cuenta/santa/ab3012a4ff5550f/login.php?signin Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

16
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

1
IPs

3
Countries

1683 kB
Transfer

1853 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://vo.la/W80Ug5 HTTP 301
    https://nutriya.cl/html HTTP 301
    https://rswellbra.com/wp-content/.../wp-include/cuenta/santa/ HTTP 302
    https://rswellbra.com/wp-content/.../wp-include/cuenta/santa/ab3012a4ff5550f/login.php?signin Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login.php
rswellbra.com/wp-content/.../wp-include/cuenta/santa/ab3012a4ff5550f/
Redirect Chain
  • https://vo.la/W80Ug5
  • https://nutriya.cl/html
  • https://rswellbra.com/wp-content/.../wp-include/cuenta/santa/
  • https://rswellbra.com/wp-content/.../wp-include/cuenta/santa/ab3012a4ff5550f/login.php?signin
16 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rswellbra.com/wp-content/.../wp-include/cuenta/santa/ab3012a4ff5550f/login.php?signin
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
61.221.35.27 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
mail.gp.idv.tw
Software
Apache / PHP/7.4.33
Resource Hash
0e92be927ffafca54bc6abea69b1fb1303ccea1fef175dddcda710097a067216
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
es-ES,es;q=0.9

Response headers

cache-control
max-age=0
content-encoding
gzip
content-length
3888
content-type
text/html; charset=UTF-8
date
Wed, 30 Nov 2022 21:01:03 GMT
expires
Wed, 30 Nov 2022 21:01:03 GMT
server
Apache
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
x-powered-by
PHP/7.4.33

Redirect headers

cache-control
max-age=0
content-length
4
content-type
text/html; charset=UTF-8
date
Wed, 30 Nov 2022 21:00:58 GMT
expires
Wed, 30 Nov 2022 21:00:58 GMT
location
ab3012a4ff5550f/login.php?signin#_
server
Apache
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-frame-options
SAMEORIGIN
x-powered-by
PHP/7.4.33
bootstrap.min.css
rswellbra.com/wp-content/.../wp-include/cuenta/santa/assets/css/ 		152 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rswellbra.com/wp-content/.../wp-include/cuenta/santa/assets/css/bootstrap.min.css
Requested by
Host: rswellbra.com
URL: https://rswellbra.com/wp-content/.../wp-include/cuenta/santa/ab3012a4ff5550f/login.php?signin
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
61.221.35.27 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
mail.gp.idv.tw
Software
Apache /
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://rswellbra.com/wp-content/.../wp-include/cuenta/santa/ab3012a4ff5550f/login.php?signin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Wed, 30 Nov 2022 21:01:03 GMT
last-modified
Wed, 30 Nov 2022 20:20:05 GMT
server
Apache
etag
"2606e-5eeb5d48639fb-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000, public
accept-ranges
bytes
expires
Thu, 30 Nov 2023 21:01:03 GMT
helpers.css
rswellbra.com/wp-content/.../wp-include/cuenta/santa/assets/css/ 		41 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rswellbra.com/wp-content/.../wp-include/cuenta/santa/assets/css/helpers.css
Requested by
Host: rswellbra.com
URL: https://rswellbra.com/wp-content/.../wp-include/cuenta/santa/ab3012a4ff5550f/login.php?signin
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
61.221.35.27 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
mail.gp.idv.tw
Software
Apache /
Resource Hash
f839760d1621714efedeb3eb08b25e619812dcc33d77aceb0daf405ac727a765
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://rswellbra.com/wp-content/.../wp-include/cuenta/santa/ab3012a4ff5550f/login.php?signin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Wed, 30 Nov 2022 21:01:03 GMT
last-modified
Wed, 30 Nov 2022 20:20:05 GMT
server
Apache
etag
"a318-5eeb5d4863ab4-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
5411
expires
Thu, 30 Nov 2023 21:01:03 GMT
fonts.css
rswellbra.com/wp-content/.../wp-include/cuenta/santa/assets/css/ 		2 KB
375 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rswellbra.com/wp-content/.../wp-include/cuenta/santa/assets/css/fonts.css
Requested by
Host: rswellbra.com
URL: https://rswellbra.com/wp-content/.../wp-include/cuenta/santa/ab3012a4ff5550f/login.php?signin
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
61.221.35.27 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
mail.gp.idv.tw
Software
Apache /
Resource Hash
a4592a42945beac4574095cb95f96f482116e2076a20f1ef8629a6021a643f6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://rswellbra.com/wp-content/.../wp-include/cuenta/santa/ab3012a4ff5550f/login.php?signin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Wed, 30 Nov 2022 21:01:03 GMT
last-modified
Wed, 30 Nov 2022 20:20:05 GMT
server
Apache
etag
"6d7-5eeb5d4863a3b-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
317
expires
Thu, 30 Nov 2023 21:01:03 GMT
main.css
rswellbra.com/wp-content/.../wp-include/cuenta/santa/assets/css/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rswellbra.com/wp-content/.../wp-include/cuenta/santa/assets/css/main.css
Requested by
Host: rswellbra.com
URL: https://rswellbra.com/wp-content/.../wp-include/cuenta/santa/ab3012a4ff5550f/login.php?signin
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
61.221.35.27 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
mail.gp.idv.tw
Software
Apache /
Resource Hash
3505486e48b79137b6d578ada4c75651e693c0efbdb429bb9699f437861a167d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://rswellbra.com/wp-content/.../wp-include/cuenta/santa/ab3012a4ff5550f/login.php?signin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Wed, 30 Nov 2022 21:01:03 GMT
last-modified
Wed, 30 Nov 2022 20:20:05 GMT
server
Apache
etag
"2494-5eeb5d4863af1-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
2788
expires
Thu, 30 Nov 2023 21:01:03 GMT
logo.png
rswellbra.com/wp-content/.../wp-include/cuenta/santa/assets/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rswellbra.com/wp-content/.../wp-include/cuenta/santa/assets/images/logo.png
Requested by
Host: rswellbra.com
URL: https://rswellbra.com/wp-content/.../wp-include/cuenta/santa/ab3012a4ff5550f/login.php?signin
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
61.221.35.27 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
mail.gp.idv.tw
Software
Apache /
Resource Hash
e6658f93544817636e6e0bd02bf502fcfda1988ea423f58197766cf2071fc8bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://rswellbra.com/wp-content/.../wp-include/cuenta/santa/ab3012a4ff5550f/login.php?signin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 30 Nov 2022 21:01:04 GMT
last-modified
Wed, 30 Nov 2022 20:20:05 GMT
server
Apache
etag
"d20-5eeb5d4867d06"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
3360
expires
Fri, 30 Dec 2022 21:01:04 GMT
logo2.png
rswellbra.com/wp-content/.../wp-include/cuenta/santa/assets/images/ 		866 B
918 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rswellbra.com/wp-content/.../wp-include/cuenta/santa/assets/images/logo2.png
Requested by
Host: rswellbra.com
URL: https://rswellbra.com/wp-content/.../wp-include/cuenta/santa/ab3012a4ff5550f/login.php?signin
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
61.221.35.27 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
mail.gp.idv.tw
Software
Apache /
Resource Hash
c7ac7f979dd1290780c792473f209313eb0b2b8eb5b60e08459d96e45b35be89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://rswellbra.com/wp-content/.../wp-include/cuenta/santa/ab3012a4ff5550f/login.php?signin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 30 Nov 2022 21:01:04 GMT
last-modified
Wed, 30 Nov 2022 20:20:05 GMT
server
Apache
etag
"362-5eeb5d4867d40"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
866
expires
Fri, 30 Dec 2022 21:01:04 GMT
eye.png
rswellbra.com/wp-content/.../wp-include/cuenta/santa/assets/images/ 		934 B
986 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rswellbra.com/wp-content/.../wp-include/cuenta/santa/assets/images/eye.png
Requested by
Host: rswellbra.com
URL: https://rswellbra.com/wp-content/.../wp-include/cuenta/santa/ab3012a4ff5550f/login.php?signin
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
61.221.35.27 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
mail.gp.idv.tw
Software
Apache /
Resource Hash
40590508eba69ad324f09f3609e8b4af772eb1b0a203b8f6dd51c3cfed0154a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://rswellbra.com/wp-content/.../wp-include/cuenta/santa/ab3012a4ff5550f/login.php?signin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 30 Nov 2022 21:01:04 GMT
last-modified
Wed, 30 Nov 2022 20:20:05 GMT
server
Apache
etag
"3a6-5eeb5d48662c2"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
934
expires
Fri, 30 Dec 2022 21:01:04 GMT
keyboard.png
rswellbra.com/wp-content/.../wp-include/cuenta/santa/assets/images/ 		703 B
755 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rswellbra.com/wp-content/.../wp-include/cuenta/santa/assets/images/keyboard.png
Requested by
Host: rswellbra.com
URL: https://rswellbra.com/wp-content/.../wp-include/cuenta/santa/ab3012a4ff5550f/login.php?signin
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
61.221.35.27 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
mail.gp.idv.tw
Software
Apache /
Resource Hash
e235683c3df30fc231ad2226bbcd9ba0d8e949763fe31b929ac8e8b61aab713e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://rswellbra.com/wp-content/.../wp-include/cuenta/santa/ab3012a4ff5550f/login.php?signin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 30 Nov 2022 21:01:04 GMT
last-modified
Wed, 30 Nov 2022 20:20:05 GMT
server
Apache
etag
"2bf-5eeb5d4867c92"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
703
expires
Fri, 30 Dec 2022 21:01:04 GMT
jquery.min.js
rswellbra.com/wp-content/.../wp-include/cuenta/santa/assets/js/ 		86 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rswellbra.com/wp-content/.../wp-include/cuenta/santa/assets/js/jquery.min.js
Requested by
Host: rswellbra.com
URL: https://rswellbra.com/wp-content/.../wp-include/cuenta/santa/ab3012a4ff5550f/login.php?signin
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
61.221.35.27 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
mail.gp.idv.tw
Software
Apache /
Resource Hash
2b381363dda049f2d49a59037b228bc865d51ffb977c8f5c3547d5c28de48e3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://rswellbra.com/wp-content/.../wp-include/cuenta/santa/ab3012a4ff5550f/login.php?signin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 30 Nov 2022 21:01:03 GMT
last-modified
Wed, 30 Nov 2022 20:20:05 GMT
server
Apache
etag
"15851-5eeb5d48697a2"
x-frame-options
SAMEORIGIN
content-type
text/javascript
cache-control
max-age=2592000, private
accept-ranges
bytes
content-length
88145
expires
Fri, 30 Dec 2022 21:01:03 GMT
popper.min.js
rswellbra.com/wp-content/.../wp-include/cuenta/santa/assets/js/ 		20 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rswellbra.com/wp-content/.../wp-include/cuenta/santa/assets/js/popper.min.js
Requested by
Host: rswellbra.com
URL: https://rswellbra.com/wp-content/.../wp-include/cuenta/santa/ab3012a4ff5550f/login.php?signin
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
61.221.35.27 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
mail.gp.idv.tw
Software
Apache /
Resource Hash
315ac5479007d2e864a4b51f505fd0785ebbbe931a6b511467fa49504a082c58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://rswellbra.com/wp-content/.../wp-include/cuenta/santa/ab3012a4ff5550f/login.php?signin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 30 Nov 2022 21:01:03 GMT
last-modified
Wed, 30 Nov 2022 20:20:05 GMT
server
Apache
etag
"4f74-5eeb5d4869897"
x-frame-options
SAMEORIGIN
content-type
text/javascript
cache-control
max-age=2592000, private
accept-ranges
bytes
content-length
20340
expires
Fri, 30 Dec 2022 21:01:03 GMT
bootstrap.min.js
rswellbra.com/wp-content/.../wp-include/cuenta/santa/assets/js/ 		133 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rswellbra.com/wp-content/.../wp-include/cuenta/santa/assets/js/bootstrap.min.js
Requested by
Host: rswellbra.com
URL: https://rswellbra.com/wp-content/.../wp-include/cuenta/santa/ab3012a4ff5550f/login.php?signin
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
61.221.35.27 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
mail.gp.idv.tw
Software
Apache /
Resource Hash
2caa6404ddb0de2b9d191b1e2c8b5c35c68ca48f2a9521140bbf83b27c063700
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://rswellbra.com/wp-content/.../wp-include/cuenta/santa/ab3012a4ff5550f/login.php?signin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 30 Nov 2022 21:01:03 GMT
last-modified
Wed, 30 Nov 2022 20:20:05 GMT
server
Apache
etag
"21388-5eeb5d4868240"
x-frame-options
SAMEORIGIN
content-type
text/javascript
cache-control
max-age=2592000, private
accept-ranges
bytes
content-length
136072
expires
Fri, 30 Dec 2022 21:01:03 GMT
fontawesome.min.js
rswellbra.com/wp-content/.../wp-include/cuenta/santa/assets/js/ 		1 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://rswellbra.com/wp-content/.../wp-include/cuenta/santa/assets/js/fontawesome.min.js
Requested by
Host: rswellbra.com
URL: https://rswellbra.com/wp-content/.../wp-include/cuenta/santa/ab3012a4ff5550f/login.php?signin
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
61.221.35.27 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
mail.gp.idv.tw
Software
Apache /
Resource Hash
21bd54c766f0a1385f24f0b9a074e83881d82288d9d31bab0e3076721121f52e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://rswellbra.com/wp-content/.../wp-include/cuenta/santa/ab3012a4ff5550f/login.php?signin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 30 Nov 2022 21:01:03 GMT
last-modified
Wed, 30 Nov 2022 20:20:05 GMT
server
Apache
etag
"10314e-5eeb5d48695d4"
x-frame-options
SAMEORIGIN
content-type
text/javascript
cache-control
max-age=2592000, private
accept-ranges
bytes
content-length
1061198
expires
Fri, 30 Dec 2022 21:01:03 GMT
main.js
rswellbra.com/wp-content/.../wp-include/cuenta/santa/assets/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rswellbra.com/wp-content/.../wp-include/cuenta/santa/assets/js/main.js
Requested by
Host: rswellbra.com
URL: https://rswellbra.com/wp-content/.../wp-include/cuenta/santa/ab3012a4ff5550f/login.php?signin
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
61.221.35.27 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
mail.gp.idv.tw
Software
Apache /
Resource Hash
3be8f775f1f5660376b6b16383af12acb1fc07bdf47f249a6b797579f4d01ed1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://rswellbra.com/wp-content/.../wp-include/cuenta/santa/ab3012a4ff5550f/login.php?signin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 30 Nov 2022 21:01:03 GMT
last-modified
Wed, 30 Nov 2022 20:20:05 GMT
server
Apache
etag
"727-5eeb5d486981d"
x-frame-options
SAMEORIGIN
content-type
text/javascript
cache-control
max-age=2592000, private
accept-ranges
bytes
content-length
1831
expires
Fri, 30 Dec 2022 21:01:03 GMT
img2.jpg
rswellbra.com/wp-content/.../wp-include/cuenta/santa/assets/images/ 		348 KB
349 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rswellbra.com/wp-content/.../wp-include/cuenta/santa/assets/images/img2.jpg
Requested by
Host: rswellbra.com
URL: https://rswellbra.com/wp-content/.../wp-include/cuenta/santa/assets/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
61.221.35.27 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
mail.gp.idv.tw
Software
Apache /
Resource Hash
5166b1387fe92826a02ea8167761107415861fd89c14a29423b41673304d9635
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://rswellbra.com/wp-content/.../wp-include/cuenta/santa/assets/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 30 Nov 2022 21:01:04 GMT
last-modified
Wed, 30 Nov 2022 20:20:05 GMT
server
Apache
etag
"571ce-5eeb5d4866b2a"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
356814
expires
Fri, 30 Dec 2022 21:01:04 GMT
secure-asterisk.woff
rswellbra.com/wp-content/.../wp-include/cuenta/santa/assets/fonts/ 		3 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rswellbra.com/wp-content/.../wp-include/cuenta/santa/assets/fonts/secure-asterisk.woff
Requested by
Host: rswellbra.com
URL: https://rswellbra.com/wp-content/.../wp-include/cuenta/santa/assets/css/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
61.221.35.27 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
mail.gp.idv.tw
Software
Apache /
Resource Hash
cc0b81d5e663b8abed0d6035739f40950ae99bcabb9a88f1e92eb910ae769cea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://rswellbra.com/wp-content/.../wp-include/cuenta/santa/assets/css/fonts.css
Origin
https://rswellbra.com
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 30 Nov 2022 21:01:04 GMT
last-modified
Wed, 30 Nov 2022 20:20:05 GMT
server
Apache
etag
"c68-5eeb5d4866292"
x-frame-options
SAMEORIGIN
content-type
font/woff
cache-control
max-age=604800
accept-ranges
bytes
content-length
3176
expires
Fri, 30 Dec 2022 21:01:04 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Santander (Banking)

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| Popper object| bootstrap object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome boolean| isShift string| seperator string| dash function| cc_date function| date_of_birth object| x number| j object| selElmnt object| a object| b object| c function| closeAllSelect string| body_image function| RegexCheck

6 Cookies

Domain/Path Name / Value
vo.la/ Name: AWSALBTG
Value: HxBUml0gj6Y66Z13mo/9Ofl4R+DfLWl64tg+snZ1jS8KZ9GAsavUdHLdyulOI54M7CX71MDuxv1IFxRiIbtdHM9io2ky9TRWeisThRz37EfiQlQWCNDDDg5pdYAJMT/6vQowUR/LtwD5JmParDEYFMjMQ3vSpe0ffbluoITvJxm47D93RmQ=
vo.la/ Name: AWSALBTGCORS
Value: HxBUml0gj6Y66Z13mo/9Ofl4R+DfLWl64tg+snZ1jS8KZ9GAsavUdHLdyulOI54M7CX71MDuxv1IFxRiIbtdHM9io2ky9TRWeisThRz37EfiQlQWCNDDDg5pdYAJMT/6vQowUR/LtwD5JmParDEYFMjMQ3vSpe0ffbluoITvJxm47D93RmQ=
vo.la/ Name: AWSALB
Value: 5GglyAWauLwQowkAx4D2EfAQReqXZhnqr285onoiAvdkwhvC5J/AWHt3zQdXkqq0GKIV2FKwVSD4u/ycLNnomyJezS78YayKfkp0BmxneEAa2rcIHiWuYrHLLNMv
vo.la/ Name: AWSALBCORS
Value: 5GglyAWauLwQowkAx4D2EfAQReqXZhnqr285onoiAvdkwhvC5J/AWHt3zQdXkqq0GKIV2FKwVSD4u/ycLNnomyJezS78YayKfkp0BmxneEAa2rcIHiWuYrHLLNMv
vo.la/ Name: PHPSESSID
Value: e6lj9smuk42os8ugg300n9gfce
vo.la/ Name: short_W80Ug5
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN