www.bank.devcoreweb.net Open in urlscan Pro
103.48.119.210  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.bank.devcoreweb.net/	3 KB 2 KB	947ms 265ms	Document text/html	103.48.119.210 XEON-BD Xeon
General Check archive.org Show headers Download Go to Full URL https://www.bank.devcoreweb.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.48.119.210 Dhaka, Bangladesh, ASN133938 (XEON-BD Xeon, BD), Reverse DNS venus.mydchub.com Software LiteSpeed / Resource Hash 2d2de09d35b9226c4174ba2790071e5c90b497aa14bcf6205605f721479abff5 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" cache-control no-cache, private content-encoding br content-length 1023 content-type text/html; charset=UTF-8 date Mon, 07 Aug 2023 17:36:28 GMT server LiteSpeed vary Accept-Encoding
GET H2	200	style.css www.bank.devcoreweb.net/frontend/css/	394 KB 64 KB	454ms 453ms	Stylesheet text/css	103.48.119.210 XEON-BD Xeon
General Check archive.org Show headers Download Go to Full URL https://www.bank.devcoreweb.net/frontend/css/style.css Requested by Host: www.bank.devcoreweb.net URL: https://www.bank.devcoreweb.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.48.119.210 Dhaka, Bangladesh, ASN133938 (XEON-BD Xeon, BD), Reverse DNS venus.mydchub.com Software LiteSpeed / Resource Hash 4b7f6e220250aa00aed2024f3c44896da5308d4bab969a91a135c5c01cde48cc Request headers accept-language de-DE,de;q=0.9 Referer https://www.bank.devcoreweb.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Mon, 07 Aug 2023 17:36:28 GMT content-encoding br last-modified Fri, 04 Aug 2023 13:04:50 GMT server LiteSpeed vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes content-length 65718 expires Mon, 14 Aug 2023 17:36:28 GMT
GET H2	200	a-logo-blue.svg www.bank.devcoreweb.net/frontend/img/	9 KB 3 KB	676ms 675ms	Image image/svg+xml	103.48.119.210 XEON-BD Xeon
General Check archive.org Show headers Download Go to Show image Full URL https://www.bank.devcoreweb.net/frontend/img/a-logo-blue.svg Requested by Host: www.bank.devcoreweb.net URL: https://www.bank.devcoreweb.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.48.119.210 Dhaka, Bangladesh, ASN133938 (XEON-BD Xeon, BD), Reverse DNS venus.mydchub.com Software LiteSpeed / Resource Hash 38a42ce77fc4ba90702847f39992aa851bd61417231668eac119cc9f023b1369 Request headers accept-language de-DE,de;q=0.9 Referer https://www.bank.devcoreweb.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Mon, 07 Aug 2023 17:36:28 GMT content-encoding br last-modified Fri, 04 Aug 2023 12:59:38 GMT server LiteSpeed vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=604800 accept-ranges bytes content-length 3326 expires Mon, 14 Aug 2023 17:36:28 GMT
GET H2	200	custom.js Show response www.bank.devcoreweb.net/frontend/js/	239 KB 69 KB	675ms 675ms	Script application/javascript	103.48.119.210 XEON-BD Xeon
General Check archive.org Show headers Download Go to Full URL https://www.bank.devcoreweb.net/frontend/js/custom.js Requested by Host: www.bank.devcoreweb.net URL: https://www.bank.devcoreweb.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.48.119.210 Dhaka, Bangladesh, ASN133938 (XEON-BD Xeon, BD), Reverse DNS venus.mydchub.com Software LiteSpeed / Resource Hash 264fccbee0b7ba98931e70c52ce97f4abe73ba2c815bc917b6673e4ebdb1ea13 Request headers accept-language de-DE,de;q=0.9 Referer https://www.bank.devcoreweb.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Mon, 07 Aug 2023 17:36:28 GMT content-encoding br last-modified Fri, 04 Aug 2023 12:50:56 GMT server LiteSpeed vary Accept-Encoding content-type application/javascript cache-control public, max-age=604800 accept-ranges bytes content-length 70492 expires Mon, 14 Aug 2023 17:36:28 GMT
GET H3	404	arrowrightup.svg www.bank.devcoreweb.net/frontend/images/	6 KB 6 KB	272ms 271ms	Image text/html	103.48.119.210 XEON-BD Xeon
General Check archive.org Show headers Download Go to Show image Full URL https://www.bank.devcoreweb.net/frontend/images/arrowrightup.svg Requested by Host: www.bank.devcoreweb.net URL: https://www.bank.devcoreweb.net/frontend/css/style.css Protocol H3 Security QUIC, , AES_128_GCM Server 103.48.119.210 Dhaka, Bangladesh, ASN133938 (XEON-BD Xeon, BD), Reverse DNS venus.mydchub.com Software LiteSpeed / Resource Hash 8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c Request headers accept-language de-DE,de;q=0.9 Referer https://www.bank.devcoreweb.net/frontend/css/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Mon, 07 Aug 2023 17:36:29 GMT content-encoding br server LiteSpeed vary Accept-Encoding content-type text/html; charset=UTF-8 cache-control no-cache, private alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 2032
GET H3	200	illustrasjon_logginn_alt.svg www.bank.devcoreweb.net/frontend/img/	132 KB 26 KB	232ms 231ms	Image image/svg+xml	103.48.119.210 XEON-BD Xeon
General Check archive.org Show headers Download Go to Show image Full URL https://www.bank.devcoreweb.net/frontend/img/illustrasjon_logginn_alt.svg Requested by Host: www.bank.devcoreweb.net URL: https://www.bank.devcoreweb.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 103.48.119.210 Dhaka, Bangladesh, ASN133938 (XEON-BD Xeon, BD), Reverse DNS venus.mydchub.com Software LiteSpeed / Resource Hash 67afbeff709136bcb6d3ce9f76ba000c56cae923c5fc4278f370d597f4831db5 Request headers accept-language de-DE,de;q=0.9 Referer https://www.bank.devcoreweb.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Mon, 07 Aug 2023 17:36:29 GMT content-encoding br last-modified Fri, 04 Aug 2023 12:52:04 GMT server LiteSpeed vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=604800 accept-ranges bytes content-length 26854 expires Mon, 14 Aug 2023 17:36:29 GMT

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Norwegian Government (Government)

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| setupFormValidation function| showPassword function| setVisibility function| menuHandler function| SearchReportee function| LoadReporteeHeader function| SearchReporteeHeader function| debounce function| listenForAttachmentChanges function| handleFocus function| setupTruncateLines function| toggleFilter boolean| wasDark function| action function| toggleInstant function| mobileNavigation function| LoadMoreReportees function| addListExpandHandler function| feedbackToggle function| setupSelectableCheckbox function| setupOnKeypress function| compareTo undefined| targetNode object| config function| callback object| observer function| setValidatorSettings function| popoverLocalInit undefined| forceFocusTriggerElement function| popoverGlobalInit function| setupExpandContent function| enableIOS11Fix function| disableIOS11Fix function| isAffectedPlatform function| iOS11BugWorkAround function| contactForm function| $ function| jQuery object| bootstrap function| Truncate object| AltinnDropdown object| AltinnLoader object| AltinnModal object| AltinnQuickhelp function| infoportalInit

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.bank.devcoreweb.net/	1970-01-20 13:50:36	Name: XSRF-TOKEN Value: eyJpdiI6IldUTStsTXBRaHMrdElUV2FETzNWMFE9PSIsInZhbHVlIjoiLzA0cWoyNkp4bVlxeGZtZUZkajJXemMyV21vZElWaGZOeFkxR2xxL2YzTjFtMEFxc051THFteWxKZ2l3QVR6dGdyOFJPeHNnUzljK25xY1hVTFBZSGx6RnNBSHM5VEJaQ0F0Qi8wUVpDY2lwbXJsejNzR1ZWT3J0RS8rbHk4Y2QiLCJtYWMiOiJkODhhNjM5MjQ1MTNjNWE4NDEwZWYzYzdhZDA5YjM4ODhkMGJhNzM4MzJmNGE3YTI5YWRjMTM2ZWU0YWQwNzgyIiwidGFnIjoiIn0%3D
			www.bank.devcoreweb.net/	1970-01-20 13:50:36	Name: laravel_session Value: eyJpdiI6IndRdFQyR2E1U3ljcUlNaE5ra0l1SWc9PSIsInZhbHVlIjoiSW9WREd5WGNJV1I4OW5MRlJRdGJmM3NKRXBDdGhkaUFsczJSa3FYbmg4eThndUxkUUlzY01DNXRkejB5S0FvMXFCOFVXcTFNcTdKc2V3bkVFUnlzTTVoS3hVT2pTQ0F6SnZuU2NXMExBU2ZhR1EwdzBvWkRZeVpsSXg0aC8wMFMiLCJtYWMiOiJkOWMyM2RiZWUyNDg4YWI5ZmJiNzEwYTMwM2U1MmQxMTBmMTY1NDRkYjhjYjYyZDBiNWZkYzhiYWI4ZGNlZGMzIiwidGFnIjoiIn0%3D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.bank.devcoreweb.net/frontend/images/arrowrightup.svg Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

www.bank.devcoreweb.net
103.48.119.210
264fccbee0b7ba98931e70c52ce97f4abe73ba2c815bc917b6673e4ebdb1ea13
2d2de09d35b9226c4174ba2790071e5c90b497aa14bcf6205605f721479abff5
38a42ce77fc4ba90702847f39992aa851bd61417231668eac119cc9f023b1369
4b7f6e220250aa00aed2024f3c44896da5308d4bab969a91a135c5c01cde48cc
67afbeff709136bcb6d3ce9f76ba000c56cae923c5fc4278f370d597f4831db5
8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c