54-175-0-69.ipv4.nknlabs.io
Open in
urlscan Pro
54.175.0.69
Malicious Activity!
Public Scan
Submission: On October 27 via automatic, source openphish — Scanned from DE
Summary
This is the only time 54-175-0-69.ipv4.nknlabs.io was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Bancolombia (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
16 | 54.175.0.69 54.175.0.69 | 14618 (AMAZON-AES) (AMAZON-AES) | |
16 | 1 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-0-69.compute-1.amazonaws.com
54-175-0-69.ipv4.nknlabs.io |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
nknlabs.io
54-175-0-69.ipv4.nknlabs.io |
780 KB |
16 | 1 |
Domain | Requested by | |
---|---|---|
16 | 54-175-0-69.ipv4.nknlabs.io |
54-175-0-69.ipv4.nknlabs.io
|
16 | 1 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.grupobancolombia.com |
Subject Issuer | Validity | Valid |
---|
This page contains 2 frames:
Primary Page:
http://54-175-0-69.ipv4.nknlabs.io/USER
Frame ID: C80E48E9D112FC844D75505B2175C744
Requests: 14 HTTP requests in this frame
Frame:
http://54-175-0-69.ipv4.nknlabs.io/static/login_SVP_BC_zonaA_Login.html?v=4.5.1.RC2_1628811357932
Frame ID: 3A080F44C5BB274A18161F6812933879
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
Bancolombia Sucursal Virtual PersonasDetected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Mira el DEMO
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
16 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
USER
54-175-0-69.ipv4.nknlabs.io/ |
12 KB 12 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles.css
54-175-0-69.ipv4.nknlabs.io/css/ |
105 KB 106 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.css
54-175-0-69.ipv4.nknlabs.io/css/ |
118 KB 119 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-3.6.0.min.js
54-175-0-69.ipv4.nknlabs.io/js/ |
87 KB 88 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.redirect.js
54-175-0-69.ipv4.nknlabs.io/js/ |
6 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login.js
54-175-0-69.ipv4.nknlabs.io/js/ |
645 B 968 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.js
54-175-0-69.ipv4.nknlabs.io/js/ |
35 KB 36 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Init.js
54-175-0-69.ipv4.nknlabs.io/js/ |
91 B 411 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.jclockNew.js
54-175-0-69.ipv4.nknlabs.io/js/ |
8 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login_SVP_BC_zonaA_Login.html
54-175-0-69.ipv4.nknlabs.io/static/ Frame 3A08 |
268 B 577 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.svg
54-175-0-69.ipv4.nknlabs.io/images/ |
7 KB 7 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon-user.png
54-175-0-69.ipv4.nknlabs.io/images/icons/ |
447 B 756 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
OpenSans-Regular.ttf
54-175-0-69.ipv4.nknlabs.io/fonts/opensans/ |
212 KB 212 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
CIBFontSans-Light.ttf
54-175-0-69.ipv4.nknlabs.io/fonts/opensans/ |
108 KB 108 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon_font_bc.ttf
54-175-0-69.ipv4.nknlabs.io/fonts/iconfont/ |
31 KB 32 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
imgPublicidad2.jpg
54-175-0-69.ipv4.nknlabs.io/static/ Frame 3A08 |
43 KB 43 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Bancolombia (Banking)12 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation function| $ function| jQuery function| Trash number| year0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
54-175-0-69.ipv4.nknlabs.io
54.175.0.69
13c03e22a633919beb2847c58c8285fb8a735ee97097d7c48fd403f8294b05f8
1a99ea321168439217b54f22b45e970918c6f76e95230cf7b214ec050c72f2ef
5864255e25ae00d85e99b8715e50765921f6edc4fda66fe4f2d7527014860eb9
5b4ad7f9f3223bd9801a51f5f26908566cf79980f1001a5848f7a2273b591250
5e7aacc05a5cfe4d2fa8407d5a885b9c2511e0213fb5abd0599cdef3f0e0e524
6d69ae5c4892d35573385da52afebec92fb02feaf7670b0684c1b2aa6f2cfb98
75d5b455151a3b1a0a5b100041fee37de2daa0b41d1d177deaa863177c5b5b83
7d1be670021e4a7ea14dcb6207fa0b6c52249487081f806fff378d68c0b398fc
a678fbd5d6c7dbad7ec89b486ad1baf3323296c8dde801141955969fe5026a73
ad0f43b7fd52d2f1574ba930c85ce401f95d69e21ad997ffe8e7ad98fec2ffda
bfcaba3322c2db79e29d65e5400cb3a889fa3dd02b71e394cc74af24a08ecae9
c6abf874d8228e1e37ece02cbd25c86ac1d64200331f7b91b085885eaa5e3074
d1a8637f4e707fb78ae4331748682a229dfa010a935301ef88a6ceafa7547fa9
decf1c3cb09b3e38d867e0d5cf648220584404c9cf8d18a6c51bdfa2af5047cc
e1a1946613ce2e000dbc69b8459c9f3afa40b3f190f0f8088f76e8ef8ae6619c
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e