bsa.cs24.pro
Open in
urlscan Pro
194.126.161.28
Public Scan
Effective URL: https://bsa.cs24.pro/Auth/RWTSLogin?ReturnUrl=%2F
Submission Tags: phishingrod
Submission: On September 17 via api from DE — Scanned from DE
Summary
TLS certificate: Issued by R3 on September 17th 2023. Valid for: 3 months.
This is the only time bsa.cs24.pro was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 12 | 194.126.161.28 194.126.161.28 | 39337 (CORPSOFT24) (CORPSOFT24) | |
10 | 1 |
ASN39337 (CORPSOFT24, RU)
PTR: 28.161.126.194.static.corpsoft24.ru
bsa.cs24.pro |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
cs24.pro
2 redirects
bsa.cs24.pro |
4 MB |
10 | 1 |
Domain | Requested by | |
---|---|---|
12 | bsa.cs24.pro |
2 redirects
bsa.cs24.pro
|
10 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
bsa.cs24.pro R3 |
2023-09-17 - 2023-12-16 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://bsa.cs24.pro/Auth/RWTSLogin?ReturnUrl=%2F
Frame ID: D0AA77CC83FB2AFA8E154BC5764A3D95
Requests: 10 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://bsa.cs24.pro/
HTTP 302
http://bsa.cs24.pro/Auth/RWTSLogin?ReturnUrl=%2F HTTP 301
https://bsa.cs24.pro/Auth/RWTSLogin?ReturnUrl=%2F Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://bsa.cs24.pro/
HTTP 302
http://bsa.cs24.pro/Auth/RWTSLogin?ReturnUrl=%2F HTTP 301
https://bsa.cs24.pro/Auth/RWTSLogin?ReturnUrl=%2F Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
10 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
RWTSLogin
bsa.cs24.pro/Auth/ Redirect Chain
|
8 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dashlite.css
bsa.cs24.pro/assets/css/ |
837 KB 838 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
theme.css
bsa.cs24.pro/assets/css/ |
176 B 651 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
english.png
bsa.cs24.pro/images/flags/ |
7 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
spanish.png
bsa.cs24.pro/images/flags/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
french.png
bsa.cs24.pro/images/flags/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
turkey.png
bsa.cs24.pro/images/flags/ |
5 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bundle.js
bsa.cs24.pro/assets/js/ |
3 MB 3 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
scripts.js
bsa.cs24.pro/assets/js/ |
35 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Nioicon.ttf
bsa.cs24.pro/assets/fonts/ |
300 KB 300 KB |
Font
application/x-font-ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
27 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture object| NioApp object| q function| $ function| jQuery object| bootstrap function| SimpleBar function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal object| toastr function| ClipboardJS function| Color function| Chart object| noUiSlider function| JSZip function| saveAs object| pdfMake function| createPdf function| Dropzone function| default boolean| PR_SHOULD_USE_CONTINUATION function| prettyPrintOne function| prettyPrint object| PR1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
bsa.cs24.pro/ | Name: .AspNetCore.Antiforgery.UeIKFbSxsb4 Value: CfDJ8OOX_LtwEkBEsEoxCbE_LYEHxSvcfT-l53y-z3xdL5NSZKF9qPnBkINR_ok0OT8TydU4wD2pgrajIcu2wJtclYMCWQX5Kqg-qn3SnCwHHlCp7tW2IW5xExKq3LkpTnBqjWxsUSQ43JHOYRdtJdjA_zA |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bsa.cs24.pro
194.126.161.28
0ee65175ac1263d75437519288b2ddf56c1aabbfa1ba93766df72403ec5e0df5
1c4ec48c2da3ef61cd5409d44b04001a955f93bf9e7a7c00228963cfeb28dc68
8e0c25c199ca440c9a983d372b35a1d4f4dbc6b34ebdcd8636e25ba796cda3d0
96d9ac730828279090f124b338a074e6c176ce6f15e54aec5d5a1cb1f5ae4a61
b09576b9a8150ca2bd07866feed59d7569bbdcf8a3a35f04a33a985d8bdffc33
b7f1741559dd0340a1977744571abebd93076506ba8d5d612bde079d37fa8586
c15d5f07e42d334e64c360ac318b13af5531c7673c1c8beb1d5a34cddf461303
c52f44e7aca7eb8e6c1e490912efb2d41e33b8882e1c2f58ee6edc4bd1748890
d9ba3718fe2dad712950d4d22a6de9cac81d551a55190fd6cbdbb41ace59053d
ea4876d8402170e85b78be6f5860cb57d69f3cdac226919db880c752d6fccf1e