banconcordoba.com - urlscan.io

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 7 HTTP transactions. The main IP is 2606:4700:3031::ac43:d796, located in United States and belongs to CLOUDFLARENET, US. The main domain is banconcordoba.com.
TLS certificate: Issued by GTS CA 1P5 on August 19th 2022. Valid for: 3 months.

This is the only time banconcordoba.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Bancor (Banking)

Domain & IP information

	IP Address		AS Autonomous System
7	2606:4700:303... 2606:4700:3031::ac43:d796		13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	1

7 2606:4700:3031::ac43:d796 (United States)

ASN13335 (CLOUDFLARENET, US)

banconcordoba.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	banconcordoba.com banconcordoba.com	827 KB
7	1

	Domain	Requested by
7	banconcordoba.com	banconcordoba.com
7	1

This site contains no links.

Subject Issuer	Validity	Valid
*.banconcordoba.com GTS CA 1P5	`2022-08-19` - `2022-11-17`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://banconcordoba.com/
Frame ID: C02178EB61EB42011F08CAC97BEC4253
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Córdoba

Page Statistics

7
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

827 kB
Transfer

1331 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response banconcordoba.com/	6 KB 3 KB	144ms 122ms	Document text/html	2606:4700:3031::ac43:d796 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://banconcordoba.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:d796 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ca1ec778fe18a173dd9e2db78fe4023f16d31934db29a8605a0a1516cdba70d8` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 73ebb473ee5d9237-FRA content-encoding br content-type text/html; charset=UTF-8 date Mon, 22 Aug 2022 12:45:19 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cyg8t6fZCu4k%2B520PgT0Kp4wkNJ4pG9uv1OVh0jIMb1kF9b3oeGn5QZSP3W%2BYoWemQk6hbUJgtMNAyDrBEU%2Bjjv%2FwqWBD2lA6GEf2lT47SxxaxsMmoSim9dCjN3X5vZMAQupWZurc3eE%2BTPIqre02w%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	main.css banconcordoba.com/index_files/	599 KB 95 KB	472ms 472ms	Stylesheet text/css	2606:4700:3031::ac43:d796 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://banconcordoba.com/index_files/main.css Requested by Host: banconcordoba.com URL: https://banconcordoba.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:d796 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `12629b9527d9b1130961cfe096fce1c44a8148fe505ee09b95b26a01439eb87f` Request headers accept-language de-DE,de;q=0.9 Referer https://banconcordoba.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 22 Aug 2022 12:45:19 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=780801 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Fri, 19 Aug 2022 06:12:08 GMT server cloudflare etag W/"bea01-5e691fa60d4f5-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6xKBRMtBU9%2FylCFXkE0kdksBPoKxBNu9b55FUeA6QVfze78jTu8VODL7rEVQ3ZhgKgH1LkEZEHiabhFXcBnWnasqKK6uiy1Ta%2FCa6%2FezTUqSp66ARlMQPPTujXpWoWPyQdunNQEWGKtF7mytfACA0g%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 73ebb474bf239237-FRA cf-bgj minify
GET H3	200	Logo-Bancor.png banconcordoba.com/index_files/img/	3 KB 4 KB	126ms 125ms	Image image/png	2606:4700:3031::ac43:d796 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://banconcordoba.com/index_files/img/Logo-Bancor.png Requested by Host: banconcordoba.com URL: https://banconcordoba.com/index_files/main.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:d796 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f7b12fffead95dc01a8b49607246204b432e823e68158b7d458dbf3e6c6ab59e` Request headers accept-language de-DE,de;q=0.9 Referer https://banconcordoba.com/index_files/main.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 22 Aug 2022 12:45:20 GMT cf-cache-status HIT last-modified Fri, 19 Aug 2022 06:11:58 GMT server cloudflare etag "c37-5e691f9ca12bb" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ip87vYVBPgDU4i6Spa3K8dY1ywRhD%2BNVv%2FORZPHDsZ2O1MhqIaFE4ymPprKrnUUWi2ej0byuQgl50UZVcO2WCDIdqnYNBCU3ZfyuSIn77AynDsi5loBMZE5rwvAHb6Cq2zQ0rmlMFH%2Bxvv4Fjab4nA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 73ebb477dea59a0b-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 3127
GET H3	200	user-login.png banconcordoba.com/index_files/img/	529 B 1 KB	118ms 117ms	Image image/png	2606:4700:3031::ac43:d796 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://banconcordoba.com/index_files/img/user-login.png Requested by Host: banconcordoba.com URL: https://banconcordoba.com/index_files/main.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:d796 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c64e8b22c500788b25a66e7e212b61cf13743b70e04c04fd19cef07a4df6847b` Request headers accept-language de-DE,de;q=0.9 Referer https://banconcordoba.com/index_files/main.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 22 Aug 2022 12:45:20 GMT cf-cache-status HIT last-modified Fri, 19 Aug 2022 06:12:01 GMT server cloudflare etag "211-5e691f9f028da" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LHCtq42rhuN7ZMFg0AMReEk5798G%2FV%2BNh%2FYjwyJ1pyGL8s0S6l6r%2F0Y%2BVrmD3A1PKfYDfavvlaDZdeVYFPl%2BExQf1ouF9CRmHWiU4Un36YsiUL8xbC0UQH%2BeId7P29OJ4pU0OxzGP0r%2FGsiU4KH9bQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 73ebb477dea89a0b-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 529
GET H3	200	_DSC0103-HDR.jpg banconcordoba.com/index_files/img/	488 KB 488 KB	103ms 103ms	Image image/jpeg	2606:4700:3031::ac43:d796 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://banconcordoba.com/index_files/img/_DSC0103-HDR.jpg Requested by Host: banconcordoba.com URL: https://banconcordoba.com/index_files/main.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:d796 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `13359d4c85ccde3ed5c8f8c4a03c37f48195b23fe4386400ba6bcc322484ea41` Request headers accept-language de-DE,de;q=0.9 Referer https://banconcordoba.com/index_files/main.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 22 Aug 2022 12:45:20 GMT cf-cache-status HIT last-modified Fri, 19 Aug 2022 06:12:04 GMT server cloudflare etag "79eea-5e691fa2206a2" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F5lfb0q2trsragzfDKZ8oBr9Qpr18LIMbmnB1eDrg%2ByRHZms7aTqvc1bzYBpFfLA1X3B0D9z01uFN5gwhCWW8kJROaAjM%2B7JHmhi4Smbar2PKqZCGfiJ6sUtPmZL5nwezj%2Be6uCIpWlc6ILMgOx0NQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 73ebb477deaa9a0b-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 499434
GET H3	200	Roboto-Bold.woff banconcordoba.com/index_files/font/	118 KB 118 KB	149ms 149ms	Font application/font-woff	2606:4700:3031::ac43:d796 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://banconcordoba.com/index_files/font/Roboto-Bold.woff Requested by Host: banconcordoba.com URL: https://banconcordoba.com/index_files/main.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:d796 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `8db365be037d15001c1c622ed585518f136ad0104108b9706d4c10b57d955978` Request headers Referer https://banconcordoba.com/index_files/main.css Origin https://banconcordoba.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 22 Aug 2022 12:45:20 GMT content-encoding br cf-cache-status HIT last-modified Fri, 19 Aug 2022 06:11:52 GMT server cloudflare etag W/"1d69c-5e691f96e65b0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yTqCW4Ca0l0cj600Ulzb3MaNBH%2FfFWQi94IJ2o0syp6Uz2jPOwqkLoLQ5368Kk5cDL9UMVaW0ZNu2Myuci6%2Fqr6q8HNHoVigapYagEtHrtTQ6FG6IlBBrLkyo5B3mPY9cGK65%2BOW3CmbLhzC7RYk9w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/font-woff cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 73ebb477deac9a0b-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	Roboto-Regular.woff banconcordoba.com/index_files/font/	117 KB 117 KB	140ms 139ms	Font application/font-woff	2606:4700:3031::ac43:d796 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://banconcordoba.com/index_files/font/Roboto-Regular.woff Requested by Host: banconcordoba.com URL: https://banconcordoba.com/index_files/main.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:d796 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `851ebd09fbe9dd1a34a8ef682f97fe8db651248bd950ca9475a2bcc5c2cb8e33` Request headers Referer https://banconcordoba.com/index_files/main.css Origin https://banconcordoba.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 22 Aug 2022 12:45:20 GMT content-encoding br cf-cache-status HIT last-modified Fri, 19 Aug 2022 06:11:54 GMT server cloudflare etag W/"1d344-5e691f98047df" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ch7xCtARWwiK%2FUGoHi0O7YviMzJEMnbHduxV%2Bj6LscxSaAfhIp5NrbS2RdwUbFIAmf8%2BRJZd%2B%2Ftl2TnZS54k8wSU8RwDZl%2Ft%2FQ6LIFz5btlL9vre0iTONkhhe5P3IyKaeTaHLSTlsH3bWKB%2FV1AgRA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/font-woff cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 73ebb477dead9a0b-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Bancor (Banking)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

banconcordoba.com
2606:4700:3031::ac43:d796
12629b9527d9b1130961cfe096fce1c44a8148fe505ee09b95b26a01439eb87f
13359d4c85ccde3ed5c8f8c4a03c37f48195b23fe4386400ba6bcc322484ea41
851ebd09fbe9dd1a34a8ef682f97fe8db651248bd950ca9475a2bcc5c2cb8e33
8db365be037d15001c1c622ed585518f136ad0104108b9706d4c10b57d955978
c64e8b22c500788b25a66e7e212b61cf13743b70e04c04fd19cef07a4df6847b
ca1ec778fe18a173dd9e2db78fe4023f16d31934db29a8605a0a1516cdba70d8
f7b12fffead95dc01a8b49607246204b432e823e68158b7d458dbf3e6c6ab59e

banconcordoba.com Open in urlscan Pro 2606:4700:3031::ac43:d796 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

7 Requests

100 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

827 kBTransfer

1331 kBSize

0 Cookies

0 Outgoing links

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

8 JavaScript Global Variables

0 Cookies

Indicators

banconcordoba.com Open in urlscan Pro
2606:4700:3031::ac43:d796 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

827 kB
Transfer

1331 kB
Size

0
Cookies

7 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!