baudos.vmi-lt-e.info
Open in
urlscan Pro
2a06:98c1:3120::3
Malicious Activity!
Public Scan
Submission: On September 01 via api from LU — Scanned from NL
Summary
TLS certificate: Issued by GTS CA 1P5 on August 31st 2023. Valid for: 3 months.
This is the only time baudos.vmi-lt-e.info was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Šiaulių bankas (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
19 | 2a06:98c1:312... 2a06:98c1:3120::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
4 | 2606:4700:10:... 2606:4700:10::6814:5ab5 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
23 | 3 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
19 |
vmi-lt-e.info
baudos.vmi-lt-e.info |
255 KB |
4 |
sb.lt
e.sb.lt |
|
23 | 2 |
Domain | Requested by | |
---|---|---|
19 | baudos.vmi-lt-e.info |
baudos.vmi-lt-e.info
|
4 | e.sb.lt |
baudos.vmi-lt-e.info
|
23 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
vmi-lt-e.info GTS CA 1P5 |
2023-08-31 - 2023-11-29 |
3 months | crt.sh |
e.sb.lt Thawte EV RSA CA G2 |
2023-05-22 - 2024-06-21 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://baudos.vmi-lt-e.info/pages/?d=siauliu
Frame ID: 932856BDE2FCADEB11B367FC2BD6A786
Requests: 25 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
23 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
baudos.vmi-lt-e.info/pages/ |
60 KB 14 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.css
baudos.vmi-lt-e.info/front_end/front_end_files/siauliu/ |
494 KB 60 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendors.style.7c11557c27ee6cbf653c.css
baudos.vmi-lt-e.info/front_end/front_end_files/siauliu/ |
2 KB 1019 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
primary-login.4d198f1503472bdd8a16.js
e.sb.lt//primary-login/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.js
baudos.vmi-lt-e.info/front_end/front_end_files/siauliu/ |
87 KB 32 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.js
baudos.vmi-lt-e.info/js/cntdjs/ |
87 KB 32 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.mask.js
baudos.vmi-lt-e.info/js/cntdjs/ |
23 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cntd.js
baudos.vmi-lt-e.info/js/cntdjs/ |
4 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loading.js
baudos.vmi-lt-e.info/js/shared/ |
3 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
online_status.js
baudos.vmi-lt-e.info/js/shared/ |
998 B 780 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Baneris-Atnaujintas-interneto-bankas-LT.jpeg
baudos.vmi-lt-e.info/front_end/front_end_files/siauliu/ |
21 KB 22 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
security-means.7341f08e7455ba2e14f7.js
e.sb.lt//security-means/ |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ibpay-payment.0085fd7c8a1e5dc719bf.js
e.sb.lt//ibpay-payment/ |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
primary-login.4d198f1503472bdd8a16.js
e.sb.lt//primary-login/ |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
13 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
9287a91a9b401b6f9656a34d0e591c69.woff
baudos.vmi-lt-e.info/assets/processed/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
app.iconsFont.367201640f6904f8ed2eb3589aaedb3c.woff2
baudos.vmi-lt-e.info/front_end/front_end_files/siauliu/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
8c1afead3a83a7c475b9337f7d597d34.woff
baudos.vmi-lt-e.info/assets/processed/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
9ad7242d1e83ab53d1aab1739b141b65.woff
baudos.vmi-lt-e.info/assets/processed/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
eae39a5dc4df040c17e0aefc64b27b04.woff
baudos.vmi-lt-e.info/assets/processed/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
f666b53c374bb199844efdb826ea8636.woff2
baudos.vmi-lt-e.info/front_end/front_end_files/siauliu/ |
16 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
956edf2433130317340a5cc19a85f8e2.woff2
baudos.vmi-lt-e.info/front_end/front_end_files/siauliu/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
88f7a145e5d168c52e317f9ef5fcff41.woff2
baudos.vmi-lt-e.info/front_end/front_end_files/siauliu/ |
23 KB 24 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
2f4aa6f6dbace5204d0573ba50666829.woff2
baudos.vmi-lt-e.info/front_end/front_end_files/siauliu/ |
16 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Šiaulių bankas (Banking)9 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture function| $ function| jQuery string| urlroot string| uniqueid object| controller string| url function| reset_form function| disable_tabs1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
baudos.vmi-lt-e.info/ | Name: PHPSESSID Value: p4vb9us72naamk36m174vs3daj |
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
baudos.vmi-lt-e.info
e.sb.lt
2606:4700:10::6814:5ab5
2a06:98c1:3120::3
08b8c62e51c6efa9152558d7838453c8e62c57dd32dc8e983b52bcc3584e7af0
19a8e6b71a4031e9322bb96d5327f9fd16d947e288b6b27ce22d1a655df0b1af
3379f7817d3c7457e77e49f143d9880404e9970d409ef513979a074454d68d3c
48d79e7ae2d3894cacae32203b13115808e834dada700262b8ff1ed45e1482a6
5035fd8d8e3214f23a6e71a91b91bac68d9c8d5c751467d05b16b2f1880392b6
85fa8af1478d1b1cd773445ec757fbdb810c6fa56f535c5e2294710fbf3a9fce
93ee2ca3aa7606dbc9580f00effabb0dcd8cddf82b07bdb8e0ce062c7821820d
944bb0f5e3ad9a88fd14f9f5528528b89ebbbd901de5c9343de9fe5c6defaf84
986f80e622582142a00b8ec4f60b69082f6c1548e5ecf519a0295900a1cf3531
9d546a44de1e57e942423fd761b4a63297a3c76d4afc7ddc81e700825b13b826
a199620fe981df00a825f78761d3f7c8870f8117daa4a890e08018dec386dae8
e37015d83267b01d5c3c6242bb6c020218e391c3125210de8ddf90ea5b212378
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e49ebb8b51dc359e83b8e6ddd0ec882a501f3ed92f293dfc14baa9ba57bd7a2b
e64e9d464beb9fe2717cd8bd8d093bb04d570f08a15c65f14533733904e12be7
f45104d96f9b62f6ee6282f7c6c82aae6784d5278096f0774e210a39f2dca5ef
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e