bvtecnologia.net
Open in
urlscan Pro
186.4.226.235
Malicious Activity!
Public Scan
Effective URL: https://bvtecnologia.net/Open/tsb/Login.php?sslchannel=true&form=AccountVerification&sessionid=I043LtbMPEu66NLjwE0WIFhYHQ...
Submission: On January 21 via manual from GB — Scanned from GB
Summary
TLS certificate: Issued by R3 on December 15th 2021. Valid for: 3 months.
This is the only time bvtecnologia.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: TSB Bank (Banking) Generic (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 144.175.88.23 144.175.88.23 | 33608 (HOOD-COLLEGE) (HOOD-COLLEGE) | |
6 | 186.4.226.235 186.4.226.235 | 27947 (Telconet S.A) (Telconet S.A) | |
7 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
bvtecnologia.net
bvtecnologia.net |
180 KB |
1 |
hood.edu
wyrd.hood.edu |
494 B |
7 | 2 |
Domain | Requested by | |
---|---|---|
6 | bvtecnologia.net |
bvtecnologia.net
wyrd.hood.edu |
1 | wyrd.hood.edu | |
7 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.bvtecnologia.net R3 |
2021-12-15 - 2022-03-15 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://bvtecnologia.net/Open/tsb/Login.php?sslchannel=true&form=AccountVerification&sessionid=I043LtbMPEu66NLjwE0WIFhYHQaNWhDDk54Q8CIEeuNPzu580W5OYdStikCXqZ9hvyqlfwmExJkphNqJ
Frame ID: 455BD4AD07A0786651D5AFC21D7AD8A0
Requests: 7 HTTP requests in this frame
Screenshot
Page Title
LoginPage URL History Show full URLs
- http://wyrd.hood.edu/~prosperity/Prosperity/drupal/sites/default/files/default_images/old.html Page URL
- https://bvtecnologia.net/Open/tsb/ Page URL
- https://bvtecnologia.net/Open/tsb/Login.php?sslchannel=true&form=AccountVerification&sessionid=I043Lt... Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://wyrd.hood.edu/~prosperity/Prosperity/drupal/sites/default/files/default_images/old.html Page URL
- https://bvtecnologia.net/Open/tsb/ Page URL
- https://bvtecnologia.net/Open/tsb/Login.php?sslchannel=true&form=AccountVerification&sessionid=I043LtbMPEu66NLjwE0WIFhYHQaNWhDDk54Q8CIEeuNPzu580W5OYdStikCXqZ9hvyqlfwmExJkphNqJ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
7 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
old.html
wyrd.hood.edu/~prosperity/Prosperity/drupal/sites/default/files/default_images/ |
106 B 494 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
bvtecnologia.net/Open/tsb/ |
563 B 895 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
soa.js
bvtecnologia.net/Open/tsb/ |
20 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
Login.php
bvtecnologia.net/Open/tsb/ |
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
soa.js
bvtecnologia.net/Open/tsb/ |
20 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1.png
bvtecnologia.net/Open/tsb/ |
135 KB 136 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
continue.png
bvtecnologia.net/Open/tsb/assets/img/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: TSB Bank (Banking) Generic (Online)7 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| Aes object| Base64 object| Utf8 string| hea2p string| hea2t string| output string| ctrTxt1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
bvtecnologia.net/ | Name: PHPSESSID Value: 12d30c2a90ae63f05f7c3d2f44107620 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bvtecnologia.net
wyrd.hood.edu
144.175.88.23
186.4.226.235
618b0e96c6bf41f64cb14c9c32219f278311936e6cf5a7ba832230389db3ccb0
6696243bfcf0736a98a98dbb306091544c47b6b89be01f1dedbcd2a37cb8b1d5
847c86ae982abe9180233276125b930b4a1b6f1bd12649b0c07535c1e984def8
a9d00efee50690dc6cee85fe2c03564d22d97f1a62852d6e81f2fa9f07282b93
b71bfd2f1d15c4defc4a8f0687c03feb40d372198f688edc6975f7aa4fd845b3
d22a8fec25e0f44176ac92b1b8adeb7e3a1222be1f0fdb8b7382c02800252d08