bccii.accedecl.sbs Open in urlscan Pro
172.67.171.225 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bccii.accedecl.sbs/1719076814/personas
Effective URL:
https://bccii.accedecl.sbs/1719079418/personas
Submission: On June 22 via api (June 22nd 2024, 6:03:45 pm UTC) from US — Scanned from DE

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 16 HTTP transactions. The main IP is 172.67.171.225, located in United States and belongs to CLOUDFLARENET, US. The main domain is bccii.accedecl.sbs.
TLS certificate: Issued by GTS CA 1P5 on June 3rd 2024. Valid for: 3 months.

This is the only time bccii.accedecl.sbs was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Banco Bci (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:4700:303... 2606:4700:3032::ac43:abe1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	172.67.171.225 172.67.171.225	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2

2 2606:4700:3032::ac43:abe1 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

bccii.accedecl.sbs	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 172.67.171.225 (United States)

ASN13335 (CLOUDFLARENET, US)

bccii.accedecl.sbs	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	accedecl.sbs 1 redirects bccii.accedecl.sbs	302 KB
16	1

	Domain	Requested by
17	bccii.accedecl.sbs	1 redirects bccii.accedecl.sbs
16	1

This site contains no links.

Subject Issuer	Validity	Valid
accedecl.sbs GTS CA 1P5	`2024-06-03` - `2024-09-01`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://bccii.accedecl.sbs/1719079418/personas
Frame ID: 14D1E90E2E1A122EF788EEF6EBD17C7A
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Personas | Banco Bci

Page URL History Show full URLs

https://bccii.accedecl.sbs/1719076814/personas HTTP 302
https://bccii.accedecl.sbs/ Page URL
https://bccii.accedecl.sbs/1719079418/personas Page URL

Page Statistics

16
Requests

100 %
HTTPS

50 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

302 kB
Transfer

910 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bccii.accedecl.sbs/1719076814/personas HTTP 302
https://bccii.accedecl.sbs/ Page URL
https://bccii.accedecl.sbs/1719079418/personas Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://bccii.accedecl.sbs/1719076814/personas HTTP 302
https://bccii.accedecl.sbs/

16 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ bccii.accedecl.sbs/ Redirect Chain https://bccii.accedecl.sbs/1719076814/personas https://bccii.accedecl.sbs/	259 B 501 B	258ms 257ms	Document text/html	2606:4700:3032::ac43:abe1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bccii.accedecl.sbs/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:abe1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/8.2.20 PleskLin Resource Hash Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 897e27fe78ee5caa-FRA content-encoding zstd content-type text/html; charset=UTF-8 date Sat, 22 Jun 2024 18:03:38 GMT expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IDGQtf1RuhpRYVuL0DgjGOzxL2IZUNfdKt9PZpJQ5RXVb78tdsyCEqHtmodLRCHJ9faN5WhVktWQ7vtbb%2F0mihyoGknva%2F6mQhqkc6bk4yKUN%2BkcBW9TV%2FeXnU3pDRgUp%2FsybeC2eQ9S8hHDpesMd3s%3D"}],"group":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/8.2.20 PleskLin Redirect headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 897e27fb7dd05caa-FRA content-type text/html; charset=UTF-8 date Sat, 22 Jun 2024 18:03:38 GMT expires Thu, 19 Nov 1981 08:52:00 GMT location / nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BIud4uqi2t%2FtXExASV8EiJOkr2%2BUzgjmwLUC58nZ59gpb3SBklAu7kxvn4X5V6tT3TcL8ET24x6AlMIwz%2Bl1Lr4%2FeWWKXWbiz33Oh%2BucjXDOEirc5GcxarXyZ0%2F%2BRWszmjEkkV16rwaHZrJ1zxITVPg%3D"}],"group":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/8.2.20 PleskLin
POST H3	200	Primary Request personas Show response bccii.accedecl.sbs/1719079418/	17 KB 5 KB	507ms 494ms	Document text/html	172.67.171.225 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bccii.accedecl.sbs/1719079418/personas Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.171.225 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/8.2.20 PleskLin Resource Hash `70acc22becaf2f6d37d3276c2c92a03ec7c0a855f666706546651da39154b021` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Content-Type application/x-www-form-urlencoded Origin https://bccii.accedecl.sbs Referer https://bccii.accedecl.sbs/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 897e28018f3a5d39-FRA content-encoding br content-type text/html; charset=UTF-8 date Sat, 22 Jun 2024 18:03:39 GMT expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8lxkF2QfxItN8TRAG9Y2LlIcfej7%2BQPlnBxYmaxYNtt%2BXKpdCQ49pa7F0UziY6hW5xDey3wdqci8GvS2rvIhPVGAsPJrruKGWLPva6KnJBbuJLwcZh9osyZJc3lkKBDGtktoEec%3D"}],"group":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/8.2.20 PleskLin
GET H3	200	home2.css bccii.accedecl.sbs/src/estilos/	6 KB 2 KB	475ms 474ms	Stylesheet text/css	172.67.171.225 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bccii.accedecl.sbs/src/estilos/home2.css Requested by Host: bccii.accedecl.sbs URL: https://bccii.accedecl.sbs/1719079418/personas Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.171.225 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash `5ccef08d60ac8fb5c51aaa41da65c2688f09dc9e94dd6130d642d4ab308f7bf9` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://bccii.accedecl.sbs/1719079418/personas Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 22 Jun 2024 18:03:40 GMT content-encoding br cf-cache-status MISS last-modified Thu, 20 Jun 2024 15:12:57 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"667446f9-19cb" x-powered-by PleskLin vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bu9OgnrsNHGxv%2BbfUpPHoCxz0%2FkbemZ58%2F0wSgq%2FNT6q18%2FA6BZN7LlfQGwrG9RN66T98DwBcAdyPvGBNVhybV9tHslipwxVDeDunjXpwCTMo9SXkjWMvqtdJjM%2FpAXR3p5pkX8%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 897e2804ac115d39-FRA alt-svc h3=":443"; ma=86400
GET H3	200	site-style-fd952e28d498ef7f3ca1edd6205ac4fe8db64a6c70832fec5d6f7d07b50b7262.css bccii.accedecl.sbs/src/estilos/	409 KB 49 KB	489ms 488ms	Stylesheet text/css	172.67.171.225 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bccii.accedecl.sbs/src/estilos/site-style-fd952e28d498ef7f3ca1edd6205ac4fe8db64a6c70832fec5d6f7d07b50b7262.css Requested by Host: bccii.accedecl.sbs URL: https://bccii.accedecl.sbs/1719079418/personas Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.171.225 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash `3daeb146682b518b2c2edf4b011ec9f023f5bf3710dc8a079b70c4d154fc8c81` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://bccii.accedecl.sbs/1719079418/personas Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 22 Jun 2024 18:03:40 GMT content-encoding br cf-cache-status REVALIDATED last-modified Thu, 20 Jun 2024 15:39:44 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"66744d40-664ee" x-powered-by PleskLin vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l8LWvf4gAaoToI66em7l%2F4hXE9TfEe3TDasgLq28KL2EcQAFmcfcGu16xIfdhnP2k6rCOGOdqsMDrpyt2TWb2YG0tWWjYmw6MFNgArmxErfIsyGMviC9nL%2FMBd6z7Zp5igzdYx8%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 897e2804ac125d39-FRA alt-svc h3=":443"; ma=86400
GET H3	200	logo_bci_negro.svg bccii.accedecl.sbs/src/imagen/	3 KB 2 KB	540ms 540ms	Image image/svg+xml	172.67.171.225 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bccii.accedecl.sbs/src/imagen/logo_bci_negro.svg Requested by Host: bccii.accedecl.sbs URL: https://bccii.accedecl.sbs/1719079418/personas Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.171.225 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash `72b254d0230e6a3eb770acb0dd3d1b87e9a802309f412961049e5517278ee7f8` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://bccii.accedecl.sbs/1719079418/personas Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 22 Jun 2024 18:03:40 GMT content-encoding br cf-cache-status MISS last-modified Fri, 06 Aug 2021 00:08:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"610c7d6c-d07" x-powered-by PleskLin vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ztDQf3rPQDCl1Y%2F%2BiZidSehLLWg2nlT0ZptFwbHuWVGHsVOU8xt5b%2F%2Bqn93OXpbFHbzaiuavJ1xUQyAtfie9mGjfEBZlTcICmBE%2Bzw5SD3roUQ3ElVw0%2FP3ewQd1OFDkobjV2%2BY%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 897e2804ac145d39-FRA alt-svc h3=":443"; ma=86400
GET H3	200	logo_icono_bci_color.svg bccii.accedecl.sbs/src/imagen/	2 KB 1 KB	479ms 479ms	Image image/svg+xml	172.67.171.225 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bccii.accedecl.sbs/src/imagen/logo_icono_bci_color.svg Requested by Host: bccii.accedecl.sbs URL: https://bccii.accedecl.sbs/1719079418/personas Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.171.225 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash `dde83f3c9bc69643adbfabcdab9d5c8484b4f27ef9d0f03d3e53beb61efcb20d` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://bccii.accedecl.sbs/1719079418/personas Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 22 Jun 2024 18:03:40 GMT content-encoding br cf-cache-status MISS last-modified Fri, 06 Aug 2021 00:08:36 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"610c7d84-7ce" x-powered-by PleskLin vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qtjBkngK6ylYa%2F2KEV1LCwan4S3cCn8W7X3ECYw8dArTKGqhqaeYjMPLb59Cn3PvSkEkM2JFAdvwFAFihvmjhtinc7nGWbLph1aNHUojR8dNH3G2IHgBB%2FXNvxfl%2BbiA%2FX%2FweeE%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 897e2804ac165d39-FRA alt-svc h3=":443"; ma=86400
GET H3	200	serialize-0.2.min.js Show response bccii.accedecl.sbs/src/javascript/	2 KB 955 B	506ms 504ms	Script application/javascript	172.67.171.225 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bccii.accedecl.sbs/src/javascript/serialize-0.2.min.js Requested by Host: bccii.accedecl.sbs URL: https://bccii.accedecl.sbs/1719079418/personas Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.171.225 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash `cb2904f2122d06ea9be31e47eaa2df703e028b64a89fc53f612b21bf2a252c39` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://bccii.accedecl.sbs/1719079418/personas Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 22 Jun 2024 18:03:40 GMT content-encoding br cf-cache-status MISS last-modified Wed, 05 Dec 2018 15:38:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"5c07f0f4-98b" x-powered-by PleskLin vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bhcK9NtVjh2hCvZazqpoFaI8CKFhIV%2F2hR7bGhnyS8TE7qE%2FyMy8Uvuyc8IBt0MPkRVr780ioqoTJUtugqa8fZHzBHlI1POEz2j3lFo9lIcGTXhAGCmsX6ToBOp3AYTsA9qlSWY%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 897e2804bc2b5d39-FRA alt-svc h3=":443"; ma=86400
GET H3	200	oooioioioioiaosid.js Show response bccii.accedecl.sbs/src/javascript/	1 KB 1 KB	472ms 471ms	Script application/javascript	172.67.171.225 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bccii.accedecl.sbs/src/javascript/oooioioioioiaosid.js Requested by Host: bccii.accedecl.sbs URL: https://bccii.accedecl.sbs/1719079418/personas Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.171.225 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash `545a55e07570fca15e6b73445551a99fbd4e9aabf7d8d8aa8e9b5bef010ac4b5` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://bccii.accedecl.sbs/1719079418/personas Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 22 Jun 2024 18:03:40 GMT content-encoding br cf-cache-status MISS last-modified Thu, 25 Jun 2020 20:53:06 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"5ef50eb2-567" x-powered-by PleskLin vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OfhLFf83FE%2F3HrerwtJX6HbpRbE%2FC3wSp0cL1feAQ52CUKqISQBBQKXaqGn5i8f6nvcBDtgdk8bW4tDtWcUAPSV%2BQxawWbbHXbUk3RynhI0Q9vjBOiT1hxRDmWnSQB1q4A7tmT4%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 897e2804bc2d5d39-FRA alt-svc h3=":443"; ma=86400
GET H3	200	bg-login.svg bccii.accedecl.sbs/src/imagen/	29 KB 6 KB	696ms 695ms	Image image/svg+xml	172.67.171.225 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bccii.accedecl.sbs/src/imagen/bg-login.svg Requested by Host: bccii.accedecl.sbs URL: https://bccii.accedecl.sbs/src/estilos/home2.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.171.225 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash `76a2ddaed7ae33fa3d55f4627ddfe85211bb1df373f7b682572494704d2c79fb` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://bccii.accedecl.sbs/src/estilos/home2.css Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 22 Jun 2024 18:03:40 GMT content-encoding br cf-cache-status MISS last-modified Thu, 20 Jun 2024 15:14:20 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6674474c-722f" x-powered-by PleskLin vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qONZOloH6tpzZUYpzv627Etf3w4F%2FB1g%2BF1d%2F8wLIQN%2FYpd7iugVwLvXE%2FQh0P3cBX07JLREy%2B0Ienkgenl48sR27ViSRn2S4tb16UO6MZsNfZpTaR7Gw8TjQeoLxEE%2FUUDI1BE%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 897e2807f8d55d39-FRA alt-svc h3=":443"; ma=86400
GET H3	200	circles_bci.svg bccii.accedecl.sbs/src/imagen/	1 KB 844 B	477ms 476ms	Image image/svg+xml	172.67.171.225 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bccii.accedecl.sbs/src/imagen/circles_bci.svg Requested by Host: bccii.accedecl.sbs URL: https://bccii.accedecl.sbs/src/estilos/site-style-fd952e28d498ef7f3ca1edd6205ac4fe8db64a6c70832fec5d6f7d07b50b7262.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.171.225 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash `cfa4c04228c7eef7d49ec633623413486059d84de182359d13af2207369fb791` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://bccii.accedecl.sbs/src/estilos/site-style-fd952e28d498ef7f3ca1edd6205ac4fe8db64a6c70832fec5d6f7d07b50b7262.css Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 22 Jun 2024 18:03:40 GMT content-encoding br cf-cache-status MISS last-modified Fri, 06 Aug 2021 00:43:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"610c85b4-431" x-powered-by PleskLin vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4G7SVHKzlTfeqlfX8H4NmxGS1monW0wRZkmxkn8Xs3rn3eXd9bnjVTWpVeKFOgsJ1739BQtdVWYEJ2%2BR08JHspVVT5AIXnXwxihtQGw%2FhPHXA55wJpOZvN%2BpO5BAcpmUoDzM5a0%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 897e2807f8d95d39-FRA alt-svc h3=":443"; ma=86400
GET H3	200	monologo-rojo-2dne_1_.png bccii.accedecl.sbs/src/imagen/	66 KB 66 KB	916ms 915ms	Image image/png	172.67.171.225 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bccii.accedecl.sbs/src/imagen/monologo-rojo-2dne_1_.png Requested by Host: bccii.accedecl.sbs URL: https://bccii.accedecl.sbs/src/estilos/home2.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.171.225 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash `8f51e27343e72dd560e92a075c28ab2f34bdb3d8674baaae7da846f7ea6b562f` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://bccii.accedecl.sbs/src/estilos/home2.css Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 22 Jun 2024 18:03:41 GMT cf-cache-status MISS last-modified Thu, 20 Jun 2024 15:17:23 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "66744803-106bf" x-powered-by PleskLin vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kcr0R8HbrhRlncCGUfVEvQrgVeY78u1X16oC0aqml%2FY8%2BkCZEYFdLhIS8aNz6pZcHmGkNoxZF9r2%2Bwyu29oqja7N9vfVVwUOeuFAGH8VF1jb4fXbkVGduylMj%2B04VDu8ASUNISU%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 897e2807f8dc5d39-FRA alt-svc h3=":443"; ma=86400 content-length 67263
GET H3	200	Overpass-SemiBold.ttf bccii.accedecl.sbs/src/estilos/fonts/	111 KB 48 KB	1115ms 1115ms	Font font/ttf	172.67.171.225 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bccii.accedecl.sbs/src/estilos/fonts/Overpass-SemiBold.ttf Requested by Host: bccii.accedecl.sbs URL: https://bccii.accedecl.sbs/src/estilos/site-style-fd952e28d498ef7f3ca1edd6205ac4fe8db64a6c70832fec5d6f7d07b50b7262.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.171.225 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash `8fe8431b8e4d78b9305e1c14cdeba6d9296d18fc358dbb965665722d088beb97` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://bccii.accedecl.sbs/src/estilos/site-style-fd952e28d498ef7f3ca1edd6205ac4fe8db64a6c70832fec5d6f7d07b50b7262.css Origin https://bccii.accedecl.sbs Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 22 Jun 2024 18:03:41 GMT content-encoding br cf-cache-status MISS last-modified Fri, 06 Aug 2021 00:18:18 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"610c7fca-1bcb4" x-powered-by PleskLin vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=efqESzlnBjLcpVDId7fOC2syEgJwqdcmloRrlNYneS%2FkbfqRV43ptXL7JX%2B71Q3Q9D3NXudHWgf1NWFCQSTF1%2FFVYo6xaBM4njY3r%2BXmMMgY1IRm6Pkeyv%2FIKHHuTXevhXyQEtw%3D"}],"group":"cf-nel","max_age":604800} content-type font/ttf cache-control max-age=14400 cf-ray 897e280819005d39-FRA alt-svc h3=":443"; ma=86400
GET H3	200	Overpass-Bold.ttf bccii.accedecl.sbs/src/estilos/fonts/	113 KB 50 KB	1129ms 1128ms	Font font/ttf	172.67.171.225 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bccii.accedecl.sbs/src/estilos/fonts/Overpass-Bold.ttf Requested by Host: bccii.accedecl.sbs URL: https://bccii.accedecl.sbs/src/estilos/site-style-fd952e28d498ef7f3ca1edd6205ac4fe8db64a6c70832fec5d6f7d07b50b7262.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.171.225 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash `03b29209f6929251d6d6ca2e1e95687d04d8be3ce2fcedf52b7f7bc2a40492ae` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://bccii.accedecl.sbs/src/estilos/site-style-fd952e28d498ef7f3ca1edd6205ac4fe8db64a6c70832fec5d6f7d07b50b7262.css Origin https://bccii.accedecl.sbs Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 22 Jun 2024 18:03:41 GMT content-encoding br cf-cache-status MISS last-modified Fri, 06 Aug 2021 00:18:24 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"610c7fd0-1c448" x-powered-by PleskLin vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Kh7rCHuGqdAJ4lDmVbZjOnvSJckS5YuDMBHK6j7fGeCDC3Y%2Bu9tNEao9boYcRqJ8XmPJNkD69KqGVTW3C09UDLmz%2FUmank30P51N9eJ%2Be9nuNTgLTZRiAQN20Pe6BcQXP4rx8HY%3D"}],"group":"cf-nel","max_age":604800} content-type font/ttf cache-control max-age=14400 cf-ray 897e280819065d39-FRA alt-svc h3=":443"; ma=86400
GET H3	200	Overpass-Regular.ttf bccii.accedecl.sbs/src/estilos/fonts/	114 KB 50 KB	1120ms 1120ms	Font font/ttf	172.67.171.225 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bccii.accedecl.sbs/src/estilos/fonts/Overpass-Regular.ttf Requested by Host: bccii.accedecl.sbs URL: https://bccii.accedecl.sbs/src/estilos/site-style-fd952e28d498ef7f3ca1edd6205ac4fe8db64a6c70832fec5d6f7d07b50b7262.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.171.225 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash `f3ede138f9edf778b6fb5fd12d11865c2798805ad18ecc281c88861b851a0a5f` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://bccii.accedecl.sbs/src/estilos/site-style-fd952e28d498ef7f3ca1edd6205ac4fe8db64a6c70832fec5d6f7d07b50b7262.css Origin https://bccii.accedecl.sbs Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 22 Jun 2024 18:03:41 GMT content-encoding br cf-cache-status MISS last-modified Fri, 06 Aug 2021 00:18:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"610c7fc2-1c780" x-powered-by PleskLin vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rqeKK4iYROFMwVgpWY9fp4TjVbUdOIPJnv7MC8CLI8WdbzrKt7WKOiaLMWwe0uISPr96JJtmfK8PFV3cT29JqcIuvJVqZCGxG%2FW0%2BzvZad40Sh%2FX7jgn5WqAm8oQBqVOyRut1Mw%3D"}],"group":"cf-nel","max_age":604800} content-type font/ttf cache-control max-age=14400 cf-ray 897e2808190e5d39-FRA alt-svc h3=":443"; ma=86400
GET H3	200	bci-icons.ttf bccii.accedecl.sbs/src/estilos/fonts/	30 KB 17 KB	747ms 747ms	Font font/ttf	172.67.171.225 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bccii.accedecl.sbs/src/estilos/fonts/bci-icons.ttf?tpbu2k Requested by Host: bccii.accedecl.sbs URL: https://bccii.accedecl.sbs/src/estilos/site-style-fd952e28d498ef7f3ca1edd6205ac4fe8db64a6c70832fec5d6f7d07b50b7262.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.171.225 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash `2e18b8faf119308999b3afa60bcc4a9b3cfb028e184a86037ff32d6a2f07b050` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://bccii.accedecl.sbs/src/estilos/site-style-fd952e28d498ef7f3ca1edd6205ac4fe8db64a6c70832fec5d6f7d07b50b7262.css Origin https://bccii.accedecl.sbs Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 22 Jun 2024 18:03:40 GMT content-encoding br cf-cache-status MISS last-modified Fri, 06 Aug 2021 00:18:42 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"610c7fe2-78bc" x-powered-by PleskLin vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g%2Bjm7Jmt8rVBCoEwrMO%2B2VL9kL0HyqdWyG5mMP3jtD4nm8o%2BMnajBMPE3kZQsNVnaArAablGwGBiwDNoW%2Ftt15oJinG9RqGhbxkv1zTC3Ta3V0DD6Qvm4U26Jk58iIlFwoBtpqU%3D"}],"group":"cf-nel","max_age":604800} content-type font/ttf cache-control max-age=14400 cf-ray 897e2808190f5d39-FRA alt-svc h3=":443"; ma=86400
GET H3	200	favicon-bci4.ico bccii.accedecl.sbs/src/imagen/fav/	4 KB 2 KB	477ms 477ms	Other image/vnd.microsoft.icon	172.67.171.225 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bccii.accedecl.sbs/src/imagen/fav/favicon-bci4.ico Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.171.225 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash `e6c6e44f08819064d5962eea9348b57fc367a8140231834c889a7c86c6c9eedd` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://bccii.accedecl.sbs/1719079418/personas Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 22 Jun 2024 18:03:41 GMT content-encoding br cf-cache-status MISS last-modified Fri, 06 Aug 2021 00:14:26 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"610c7ee2-10be" x-powered-by PleskLin vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dct3CpLC%2BfJ1lR35nAS1ab32jwb3ZmxaWXjFNm02oF3n3LdCqAreXCsFezbn4Y4YIgG6eegKBxe17PcvbF%2F5qfGTQ8cOvGEjvHxYUrCXy2lp4mJshQYdnCKS1iRSbOgx4EJ8LTY%3D"}],"group":"cf-nel","max_age":604800} content-type image/vnd.microsoft.icon cache-control max-age=14400 cf-ray 897e280f3a5c5d39-FRA alt-svc h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banco Bci (Banking)

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			bccii.accedecl.sbs/	1969-12-31 23:59:59	Name: PHPSESSID Value: d9rr33gsu28lj7m09dseiondvo

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bccii.accedecl.sbs
172.67.171.225
2606:4700:3032::ac43:abe1
03b29209f6929251d6d6ca2e1e95687d04d8be3ce2fcedf52b7f7bc2a40492ae
2e18b8faf119308999b3afa60bcc4a9b3cfb028e184a86037ff32d6a2f07b050
3daeb146682b518b2c2edf4b011ec9f023f5bf3710dc8a079b70c4d154fc8c81
545a55e07570fca15e6b73445551a99fbd4e9aabf7d8d8aa8e9b5bef010ac4b5
5ccef08d60ac8fb5c51aaa41da65c2688f09dc9e94dd6130d642d4ab308f7bf9
70acc22becaf2f6d37d3276c2c92a03ec7c0a855f666706546651da39154b021
72b254d0230e6a3eb770acb0dd3d1b87e9a802309f412961049e5517278ee7f8
76a2ddaed7ae33fa3d55f4627ddfe85211bb1df373f7b682572494704d2c79fb
8f51e27343e72dd560e92a075c28ab2f34bdb3d8674baaae7da846f7ea6b562f
8fe8431b8e4d78b9305e1c14cdeba6d9296d18fc358dbb965665722d088beb97
cb2904f2122d06ea9be31e47eaa2df703e028b64a89fc53f612b21bf2a252c39
cfa4c04228c7eef7d49ec633623413486059d84de182359d13af2207369fb791
dde83f3c9bc69643adbfabcdab9d5c8484b4f27ef9d0f03d3e53beb61efcb20d
e6c6e44f08819064d5962eea9348b57fc367a8140231834c889a7c86c6c9eedd
f3ede138f9edf778b6fb5fd12d11865c2798805ad18ecc281c88861b851a0a5f

bccii.accedecl.sbs Open in urlscan Pro 172.67.171.225 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

16 Requests

100 %HTTPS

50 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

302 kBTransfer

910 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

14 JavaScript Global Variables

1 Cookies

Indicators

bccii.accedecl.sbs Open in urlscan Pro
172.67.171.225 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

50 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

302 kB
Transfer

910 kB
Size

1
Cookies

16 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!