studentannonser.net
Open in
urlscan Pro
2606:4700:30::6818:7736
Malicious Activity!
Public Scan
Effective URL: https://studentannonser.net/php/Bbva/Particulares/login
Submission: On July 11 via manual from ES
Summary
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on June 6th 2019. Valid for: a year.
This is the only time studentannonser.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: BBVA (Financial)Live information
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 31.186.83.170 31.186.83.170 | 57367 (ECO-ATMAN...) (ECO-ATMAN-PL ECO-ATMAN-) | |
1 | 64.20.35.140 64.20.35.140 | 19318 (IS-AS-1) (IS-AS-1 - Interserver) | |
3 16 | 2606:4700:30:... 2606:4700:30::6818:7736 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
15 | 3 |
ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL)
PTR: panel.evillage.pl
eurodentalclinic.com |
ASN19318 (IS-AS-1 - Interserver, Inc, US)
PTR: server.lifewaysa.com
www.tatbiqati.com |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
studentannonser.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
studentannonser.net
3 redirects
studentannonser.net |
410 KB |
1 |
tatbiqati.com
www.tatbiqati.com |
341 B |
1 |
eurodentalclinic.com
eurodentalclinic.com |
883 B |
15 | 3 |
Domain | Requested by | |
---|---|---|
16 | studentannonser.net |
3 redirects
www.tatbiqati.com
studentannonser.net |
1 | www.tatbiqati.com |
eurodentalclinic.com
|
1 | eurodentalclinic.com | |
15 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com CloudFlare Inc ECC CA-2 |
2019-06-06 - 2020-06-05 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://studentannonser.net/php/Bbva/Particulares/login
Frame ID: C676F96E1FBAE7EC7D2A460CAC360F1A
Requests: 15 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- http://eurodentalclinic.com/sites/bbvwebred.html Page URL
- http://www.tatbiqati.com/vendor//readmore/ Page URL
-
https://studentannonser.net/php/Bbva/
HTTP 302
https://studentannonser.net/php/Bbva/Particulares HTTP 301
https://studentannonser.net/php/Bbva/Particulares/ HTTP 302
https://studentannonser.net/php/Bbva/Particulares/login Page URL
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://eurodentalclinic.com/sites/bbvwebred.html Page URL
- http://www.tatbiqati.com/vendor//readmore/ Page URL
-
https://studentannonser.net/php/Bbva/
HTTP 302
https://studentannonser.net/php/Bbva/Particulares HTTP 301
https://studentannonser.net/php/Bbva/Particulares/ HTTP 302
https://studentannonser.net/php/Bbva/Particulares/login Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
15 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
bbvwebred.html
eurodentalclinic.com/sites/ |
1 KB 883 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
www.tatbiqati.com/vendor//readmore/ |
73 B 341 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
login
studentannonser.net/php/Bbva/Particulares/ Redirect Chain
|
17 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.css
studentannonser.net/php/Bbva/Particulares/style/ |
817 KB 82 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor.css
studentannonser.net/php/Bbva/Particulares/style// |
3 KB 867 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
buzz.css
studentannonser.net/php/Bbva/Particulares/style/ |
49 B 137 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BentonSansBBVA-Book.woff
studentannonser.net/php/Bbva/Particulares/style/ |
69 KB 69 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BentonSansBBVA-Medium.woff
studentannonser.net/php/Bbva/Particulares/style/ |
71 KB 71 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.min.css
studentannonser.net/php/Bbva/Particulares/style/ |
622 KB 71 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
studentannonser.net/php/Bbva/Particulares/style/js/ |
95 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.validate.min.js
studentannonser.net/php/Bbva/Particulares/style/js/ |
23 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.mask.js
studentannonser.net/php/Bbva/Particulares/style/js/ |
18 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bbva-white.svg
studentannonser.net/php/Bbva/Particulares/style/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg-menu.svg
studentannonser.net/php/Bbva/Particulares/style/ |
2 KB 926 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-maiden.woff
studentannonser.net/php/Bbva/Particulares/style/ |
65 KB 65 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: BBVA (Financial)5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.studentannonser.net/ | Name: __cfduid Value: db5239daede76cfa70a5a4379a5cf53db1562830688 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
eurodentalclinic.com
studentannonser.net
www.tatbiqati.com
2606:4700:30::6818:7736
31.186.83.170
64.20.35.140
1f1bc05c1cd20a2d8558e281e3f9d72bb25c9a161b15b39aac241e8e98e46c23
2c5f994c7e37259dbdb83dea4c281c72c38ffeedbfccadfdf8cae6b1597ed9e4
4d68c77631b960f3820093e0e100632c6aa346ab0811082c0c3bed063a5ca509
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
7af3360fe39c201b1ccbe7a726a5d3c2f0253add6616b71176f0d9e7c849a732
998ee8c86eb18f4c615ff33cbf55e9a1381fa803eeff064b16335b1de089dc1a
9d9035736fc97655ec4c6657ab631498af9f53c088d53b65d03c7492c11ef009
aa9337353d0a444db4a8a67973e142dfce03e2f0d6ae87bf85c042a3ce59da33
b06c99ae417a5983d869c3f2950219513af619eff3462665e2a43a99ac0f2152
b280b959ca54373c2768d44eb215a35c657698974e2441bb660440f5363122e5
cb1ae2bfa75f714151e4c97179f15924c8ae74eb2a0e4eb4a062fc46f2d6fd70
cf1f0d954cbbbcb32d170b1ff68c5b082a1086f34f2bbee825ca88b7c9fb213a
f2e4decefe3fbca36852fb6fb41ca7d401d8b3d8915e0b4c0ae1c4826bbce417
f8766d10cecd35c2a31eaf85032c51b4ea09cdc06a1bc6ac3a7b8987bd4e7662
faef4c0bda0c3c95f57f42c990d7623eedb0d7f8174a6640ff4114f1091217ec