magnificentwren.build067.wpsandbox.app Open in urlscan Pro
2606:4700:10::6816:4286 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://magnificentwren.build067.wpsandbox.app/Iniciarsesion.php
Submission Tags: falconsandbox
Submission: On January 30 via api (January 30th 2023, 3:13:48 pm UTC) from US — Scanned from DE

Summary HTTP 2 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 2 HTTP transactions. The main IP is 2606:4700:10::6816:4286, located in United States and belongs to CLOUDFLARENET, US. The main domain is magnificentwren.build067.wpsandbox.app.
TLS certificate: Issued by R3 on December 1st 2022. Valid for: 3 months.

This is the only time magnificentwren.build067.wpsandbox.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1	2606:4700:10:... 2606:4700:10::6816:4286		13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2

1 2606:4700:10::6816:4286 (United States)

ASN13335 (CLOUDFLARENET, US)

magnificentwren.build067.wpsandbox.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
1	wpsandbox.app magnificentwren.build067.wpsandbox.app	65 KB
2	1

	Domain	Requested by
1	magnificentwren.build067.wpsandbox.app	magnificentwren.build067.wpsandbox.app
2	1

This site contains links to these domains. Also see Links.

Domain
lkweb.laboralkutxa.com
www.laboralkutxa.com

Subject Issuer	Validity	Valid
*.build067.wpsandbox.app R3	`2022-12-01` - `2023-03-01`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://magnificentwren.build067.wpsandbox.app/Iniciarsesion.php
Frame ID: C067F25799DE99BEA9F889FF538225BA
Requests: 10 HTTP requests in this frame

Frame: https://magnificentwren.build067.wpsandbox.app/cdn-cgi/challenge-platform/h/g/scripts/cb/invisible.js?cb=791b2736ab7c2c25
Frame ID: FE3AF8B6CB98F42668BB55F8F6C343FD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Laboral Kutxa - Banca online

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

2
Requests

50 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

117 kB
Transfer

178 kB
Size

0
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://lkweb.laboralkutxa.com/

Search URL Search Domain Scan URL

URL: https://www.laboralkutxa.com/es/acceso-a-la-banca-online
Title: Alta en la Banca Online

Search URL Search Domain Scan URL

URL: https://www.laboralkutxa.com/es/seguridad
Title: Consejos de seguridad

Search URL Search Domain Scan URL

URL: https://www.laboralkutxa.com/es/buscar-oficinas
Title: Oficinas

Search URL Search Domain Scan URL

URL: https://www.laboralkutxa.com/es/buscar
Title: Buscar

Search URL Search Domain Scan URL

URL: https://www.laboralkutxa.com/es/contacto
Title: Contactar

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions
9 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request Iniciarsesion.php Show response magnificentwren.build067.wpsandbox.app/	123 KB 65 KB	419ms 382ms	Document text/html	2606:4700:10::6816:4286 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://magnificentwren.build067.wpsandbox.app/Iniciarsesion.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:4286 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `bbcefcd2d396121183ed0f2ee97d302f3afc2c20271b9efba4dbe4ad9f94cf3e` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 791b2736ab7c2c25-FRA content-encoding br content-type text/html; charset=UTF-8 date Mon, 30 Jan 2023 15:13:43 GMT server cloudflare vary Accept-Encoding x-hostname gpc067-node1.us-midwest-1.nxcli.net x-robots-tag noindex x-served-by gpc067-node1
GET DATA	200 OK	truncated /	640 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `b3d2e29d525758324cdee9d61f629dc8bbfd1a6f8763c95545ff04fdbbbb5410` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	661 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `5fe99562f950f316ea6cfec58727aa4e6c8792e76bf60ff2898c83eff8798d4e` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	527 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `182825bbfcf00e5942d38c9be27e78264c5e8ff5a854fcf2a52867334807fdc9` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	583 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `a972bea938d5d8dd0cc1fe6f89a0651460c870c0759c66213e30f5b0f62d5d22` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	1 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `b54e5401896ffab4ce79769a8922cd7da9b9daecb90d0e58ea96bc1776c6c6ed` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	11 KB 11 KB		Font font/x-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `416260e68ba0b680487d9fa91a672140ada7d01e280b87f991aa2506cd37239f` Request headers Referer Origin https://magnificentwren.build067.wpsandbox.app accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Content-Type font/x-woff
GET DATA	200 OK	truncated /	21 KB 21 KB		Font application/font-woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `5e6a6d8ab24ac956e8f9e8653f4aec922895d3f2ed660866c4d32b2a626c4f99` Request headers Referer Origin https://magnificentwren.build067.wpsandbox.app accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Content-Type application/font-woff2
GET DATA	200 OK	truncated /	20 KB 20 KB		Font application/font-woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `5036a7e68414313917c5574c896156c3a50ea1685f02319daf61c6a903a50891` Request headers Referer Origin https://magnificentwren.build067.wpsandbox.app accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Content-Type application/font-woff2
GET DATA	200 OK	truncated /	276 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `1a036b2f5c8567d65b53288995493faab09be5022eec0720a9b50d70cfca6a0e` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Content-Type image/svg+xml
GET		invisible.js magnificentwren.build067.wpsandbox.app/cdn-cgi/challenge-platform/h/g/scripts/cb/ Frame FE3A	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: magnificentwren.build067.wpsandbox.app
URL: https://magnificentwren.build067.wpsandbox.app/cdn-cgi/challenge-platform/h/g/scripts/cb/invisible.js?cb=791b2736ab7c2c25

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontentvisibilityautostatechange

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	Message: Refused to load the script 'https://magnificentwren.build067.wpsandbox.app/cdn-cgi/challenge-platform/h/g/scripts/cb/invisible.js?cb=791b2736ab7c2c25' because it violates the following Content Security Policy directive: "script-src 'unsafe-inline' data:". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

magnificentwren.build067.wpsandbox.app
magnificentwren.build067.wpsandbox.app
2606:4700:10::6816:4286
182825bbfcf00e5942d38c9be27e78264c5e8ff5a854fcf2a52867334807fdc9
1a036b2f5c8567d65b53288995493faab09be5022eec0720a9b50d70cfca6a0e
416260e68ba0b680487d9fa91a672140ada7d01e280b87f991aa2506cd37239f
5036a7e68414313917c5574c896156c3a50ea1685f02319daf61c6a903a50891
5e6a6d8ab24ac956e8f9e8653f4aec922895d3f2ed660866c4d32b2a626c4f99
5fe99562f950f316ea6cfec58727aa4e6c8792e76bf60ff2898c83eff8798d4e
a972bea938d5d8dd0cc1fe6f89a0651460c870c0759c66213e30f5b0f62d5d22
b3d2e29d525758324cdee9d61f629dc8bbfd1a6f8763c95545ff04fdbbbb5410
b54e5401896ffab4ce79769a8922cd7da9b9daecb90d0e58ea96bc1776c6c6ed
bbcefcd2d396121183ed0f2ee97d302f3afc2c20271b9efba4dbe4ad9f94cf3e

magnificentwren.build067.wpsandbox.app Open in urlscan Pro 2606:4700:10::6816:4286 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

2 Requests

50 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

117 kBTransfer

178 kBSize

0 Cookies

6 Outgoing links

Redirected requests

2 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

magnificentwren.build067.wpsandbox.app Open in urlscan Pro
2606:4700:10::6816:4286 Public Scan

Screenshot
Live screenshot

Full Image

2
Requests

50 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

117 kB
Transfer

178 kB
Size

0
Cookies

2 HTTP transactions
9 data transactions