www.bensesiyu.com
Open in
urlscan Pro
47.108.169.229
Malicious Activity!
Public Scan
Effective URL: https://www.bensesiyu.com/Spains/Services/unzip%20BBVA.zip/z0n51-bbva/fc63c98811642de/cc.php
Submission: On February 26 via manual from ES
Summary
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G1 on January 21st 2021. Valid for: a year.
This is the only time www.bensesiyu.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: BBVA (Financial)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 104.161.127.22 104.161.127.22 | 53755 (IOFLOOD) (IOFLOOD) | |
1 19 | 47.108.169.229 47.108.169.229 | 37963 (CNNIC-ALI...) (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.) | |
19 | 2 |
ASN53755 (IOFLOOD, US)
PTR: we.love.servers.at.ioflood.net
ekarantechnologies.com |
ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN)
www.bensesiyu.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
19 |
bensesiyu.com
1 redirects
www.bensesiyu.com |
653 KB |
1 |
ekarantechnologies.com
ekarantechnologies.com |
442 B |
19 | 2 |
Domain | Requested by | |
---|---|---|
19 | www.bensesiyu.com |
1 redirects
www.bensesiyu.com
|
1 | ekarantechnologies.com | |
19 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
ekarantechnologies.com cPanel, Inc. Certification Authority |
2021-02-15 - 2021-05-16 |
3 months | crt.sh |
www.bensesiyu.com Encryption Everywhere DV TLS CA - G1 |
2021-01-21 - 2022-01-21 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.bensesiyu.com/Spains/Services/unzip%20BBVA.zip/z0n51-bbva/fc63c98811642de/cc.php
Frame ID: 3D213212B89F5A558A08494FA20E8A40
Requests: 19 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://ekarantechnologies.com/Pending/Service%20onllin/mm)kck/ Page URL
-
https://www.bensesiyu.com/Spains/Services/unzip%20BBVA.zip/z0n51-bbva/
HTTP 302
https://www.bensesiyu.com/Spains/Services/unzip%20BBVA.zip/z0n51-bbva/fc63c98811642de/cc.php Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
LiteSpeed (Web Servers) Expand
Detected patterns
- headers server /^LiteSpeed$/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://ekarantechnologies.com/Pending/Service%20onllin/mm)kck/ Page URL
-
https://www.bensesiyu.com/Spains/Services/unzip%20BBVA.zip/z0n51-bbva/
HTTP 302
https://www.bensesiyu.com/Spains/Services/unzip%20BBVA.zip/z0n51-bbva/fc63c98811642de/cc.php Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
19 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
ekarantechnologies.com/Pending/Service%20onllin/mm)kck/ |
187 B 442 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
cc.php
www.bensesiyu.com/Spains/Services/unzip%20BBVA.zip/z0n51-bbva/fc63c98811642de/ Redirect Chain
|
6 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
www.bensesiyu.com/Spains/Services/unzip%20BBVA.zip/z0n51-bbva/assets/css/ |
152 KB 28 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
helpers.css
www.bensesiyu.com/Spains/Services/unzip%20BBVA.zip/z0n51-bbva/assets/css/ |
41 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fonts.css
www.bensesiyu.com/Spains/Services/unzip%20BBVA.zip/z0n51-bbva/assets/css/ |
1 KB 496 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.css
www.bensesiyu.com/Spains/Services/unzip%20BBVA.zip/z0n51-bbva/assets/css/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo2.png
www.bensesiyu.com/Spains/Services/unzip%20BBVA.zip/z0n51-bbva/assets/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mainmenu.png
www.bensesiyu.com/Spains/Services/unzip%20BBVA.zip/z0n51-bbva/assets/images/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
menu-mobile.png
www.bensesiyu.com/Spains/Services/unzip%20BBVA.zip/z0n51-bbva/assets/images/ |
963 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mainmenu2.png
www.bensesiyu.com/Spains/Services/unzip%20BBVA.zip/z0n51-bbva/assets/images/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
search.png
www.bensesiyu.com/Spains/Services/unzip%20BBVA.zip/z0n51-bbva/assets/images/ |
610 B 815 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
right-side.png
www.bensesiyu.com/Spains/Services/unzip%20BBVA.zip/z0n51-bbva/assets/images/ |
77 KB 77 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
footer.png
www.bensesiyu.com/Spains/Services/unzip%20BBVA.zip/z0n51-bbva/assets/images/ |
20 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
www.bensesiyu.com/Spains/Services/unzip%20BBVA.zip/z0n51-bbva/assets/js/ |
86 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
popper.min.js
www.bensesiyu.com/Spains/Services/unzip%20BBVA.zip/z0n51-bbva/assets/js/ |
20 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
www.bensesiyu.com/Spains/Services/unzip%20BBVA.zip/z0n51-bbva/assets/js/ |
133 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome.min.js
www.bensesiyu.com/Spains/Services/unzip%20BBVA.zip/z0n51-bbva/assets/js/ |
1 MB 419 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.payment.js
www.bensesiyu.com/Spains/Services/unzip%20BBVA.zip/z0n51-bbva/assets/js/ |
18 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
www.bensesiyu.com/Spains/Services/unzip%20BBVA.zip/z0n51-bbva/assets/js/ |
2 KB 948 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: BBVA (Financial)21 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| Popper object| bootstrap object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome boolean| isShift string| seperator string| dash function| cc_date function| date_of_birth0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ekarantechnologies.com
www.bensesiyu.com
104.161.127.22
47.108.169.229
04d7d0f72c458703bc8f4cc12461392f52eb4db599e32ad94fb5f53fd95144f3
0e5bce2ef25c7a859b03b4a248c920af61f04ab3d2b495aa54d8708e51ca57fc
1034ccf0504cfb9e5eaebc79188a77b0bb11cea83c0898d87022670b6a04dd7c
15e4f9088156f72028c47b435781fba9940a9304ba07174041c665e7fca36f27
21bd54c766f0a1385f24f0b9a074e83881d82288d9d31bab0e3076721121f52e
2b381363dda049f2d49a59037b228bc865d51ffb977c8f5c3547d5c28de48e3a
2caa6404ddb0de2b9d191b1e2c8b5c35c68ca48f2a9521140bbf83b27c063700
315ac5479007d2e864a4b51f505fd0785ebbbe931a6b511467fa49504a082c58
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
781a4213fa9ce6705664d028bc11e9600ab4ab197f220b06800e4c5dee4e9340
7e1b6ee8e6f8265fa0682d30aa43e8e1f4458881580d36406015b4425149cfb0
84b3fad88bf40974eb746fd5d6b74c35f0ca752ed608dc5f48aa75d164fdfa18
8a52fc2383264389155dff43f520b8850d08e5ac1670811756577be0c19dcd7d
98b62b715000035bde65a6ada525f27da578202c9996ef4acfd8bcd725a7374c
b39bacc3ff294809bb48ad90d7ff15cc1eabf0110472e78e54e60fd14e125f05
cb22123b21383f904de8aa89d037cbac5ed8e4bc0c03d3c3cf118539fc365998
d7399d77beb8b8da046b06a4e106e28ac095ec09882a6cf6e04d52735396a1b6
df2b271a8ffc8b8a4a8ca57bd39387e7c4c86e984e2dcde984bd9bc498914938
f839760d1621714efedeb3eb08b25e619812dcc33d77aceb0daf405ac727a765