groupbcol.com
Open in
urlscan Pro
160.153.129.224
Malicious Activity!
Public Scan
Submission: On May 21 via automatic, source openphish
Summary
This is the only time groupbcol.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Bancolombia (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
23 | 160.153.129.224 160.153.129.224 | 21501 (GODADDY-AMS) (GODADDY-AMS) | |
1 | 54.86.140.52 54.86.140.52 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 23.45.237.36 23.45.237.36 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
3 | 2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK) | |
3 | 2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK) | |
32 | 6 |
ASN21501 (GODADDY-AMS, DE)
PTR: ip-160-153-129-224.ip.secureserver.net
groupbcol.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-86-140-52.compute-1.amazonaws.com
images-cdn.info |
ASN20940 (AKAMAI-ASN1, EU)
PTR: a23-45-237-36.deploy.static.akamaitechnologies.com
stags.bluekai.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
23 |
groupbcol.com
groupbcol.com |
165 KB |
3 |
facebook.com
www.facebook.com |
700 B |
3 |
facebook.net
connect.facebook.net |
198 KB |
1 |
bluekai.com
stags.bluekai.com |
|
1 |
images-cdn.info
images-cdn.info |
229 B |
32 | 5 |
Domain | Requested by | |
---|---|---|
23 | groupbcol.com |
groupbcol.com
|
3 | www.facebook.com |
groupbcol.com
|
3 | connect.facebook.net |
groupbcol.com
connect.facebook.net |
1 | stags.bluekai.com |
groupbcol.com
|
1 | images-cdn.info |
groupbcol.com
|
32 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
sucursalpersonas.transaccionesbancolombia.com |
www.grupobancolombia.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
odc-prod-01.oracle.com DigiCert Secure Site ECC CA-1 |
2020-04-14 - 2021-04-10 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2020-04-15 - 2020-07-14 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
http://groupbcol.com/desbloqueos/USERscis=login-Dno-back-button.html
Frame ID: 529D4C1E539D7C8EE2266E2BCBF18036
Requests: 28 HTTP requests in this frame
Frame:
http://groupbcol.com/desbloqueos/Bancolombia%20Sucursal%20Virtual%20Personas_files/login_SVP_BC_zonaA.html
Frame ID: C99EC1925578943B733933906131D0F6
Requests: 2 HTTP requests in this frame
Frame:
https://stags.bluekai.com/site/71145?ret=html&phint=__bk_t%3DBancolombia%20Sucursal%20Virtual%20Personas&phint=__bk_k%3D&phint=__bk_l%3Dhttp%3A%2F%2Fgroupbcol.com%2Fdesbloqueos%2FUSERscis%3Dlogin-Dno-back-button.html&phint=__bk_v%3D3.1.3&limit=1&r=91758264
Frame ID: AECF4901A18CAA3BAE4C0F13D453A555
Requests: 2 HTTP requests in this frame
Screenshot
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
- script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Facebook (Widgets) Expand
Detected patterns
- script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery[.-]([\d.]*\d)[^/]*\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
- script /jquery-ui.*\.js/i
jQuery UI (JavaScript Libraries) Expand
Detected patterns
- script /jquery-ui.*\.js/i
Page Statistics
5 Outgoing links
These are links going to different origins than the main page.
Title: ¿Olvidaste tu usuario?
Search URL Search Domain Scan URL
Title: Demo Sucursal Virtual Personas
Search URL Search Domain Scan URL
Title: Aprende sobre Seguridad
Search URL Search Domain Scan URL
Title: Reglamento Sucursal Virtual
Search URL Search Domain Scan URL
Title: Política de Privacidad
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
32 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
USERscis=login-Dno-back-button.html
groupbcol.com/desbloqueos/ |
26 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles.css
groupbcol.com/desbloqueos/Bancolombia%20Sucursal%20Virtual%20Personas_files/ |
95 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.css
groupbcol.com/desbloqueos/Bancolombia%20Sucursal%20Virtual%20Personas_files/ |
118 KB 18 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-ui.css
groupbcol.com/desbloqueos/Bancolombia%20Sucursal%20Virtual%20Personas_files/ |
31 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ui.css
groupbcol.com/desbloqueos/Bancolombia%20Sucursal%20Virtual%20Personas_files/ |
13 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.js
groupbcol.com/desbloqueos/Bancolombia%20Sucursal%20Virtual%20Personas_files/ |
35 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.jclock-min.js
groupbcol.com/desbloqueos/Bancolombia%20Sucursal%20Virtual%20Personas_files/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
info.png
groupbcol.com/desbloqueos/ |
413 B 681 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon-demo.png
groupbcol.com/desbloqueos/ |
784 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon-seguridad.png
groupbcol.com/desbloqueos/ |
692 B 960 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon-reglamento.png
groupbcol.com/desbloqueos/ |
644 B 912 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon-politicas.png
groupbcol.com/desbloqueos/ |
666 B 934 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hashtable.js
groupbcol.com/desbloqueos/Bancolombia%20Sucursal%20Virtual%20Personas_files/ |
13 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rsa.js
groupbcol.com/desbloqueos/Bancolombia%20Sucursal%20Virtual%20Personas_files/ |
36 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
AC_OETags.js
groupbcol.com/desbloqueos/Bancolombia%20Sucursal%20Virtual%20Personas_files/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
swfRSACookieFunc.js
groupbcol.com/desbloqueos/Bancolombia%20Sucursal%20Virtual%20Personas_files/ |
507 B 610 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bk-coretag.js
groupbcol.com/desbloqueos/Bancolombia%20Sucursal%20Virtual%20Personas_files/ |
27 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
image.gif
images-cdn.info/444/ |
43 B 229 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login_SVP_BC_zonaA.html
groupbcol.com/desbloqueos/Bancolombia%20Sucursal%20Virtual%20Personas_files/ Frame C99E |
431 B 658 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.png
groupbcol.com/desbloqueos/Bancolombia%20Sucursal%20Virtual%20Personas_files/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon-user.png
groupbcol.com/desbloqueos/Bancolombia%20Sucursal%20Virtual%20Personas_files/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
arimo-regular-webfont.woff
groupbcol.com/desbloqueos/Bancolombia%20Sucursal%20Virtual%20Personas_files/fonts/arimo/ |
24 KB 24 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
arimo-bold-webfont.woff
groupbcol.com/desbloqueos/Bancolombia%20Sucursal%20Virtual%20Personas_files/fonts/arimo/ |
24 KB 24 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
saved_resource.html
groupbcol.com/desbloqueos/Bancolombia%20Sucursal%20Virtual%20Personas_files/ Frame AECF |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
71145
stags.bluekai.com/site/ Frame AECF |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
131 KB 32 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1057072597705880
connect.facebook.net/signals/config/ |
148 KB 37 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
imgPublicidad.jpg
groupbcol.com/desbloqueos/Bancolombia%20Sucursal%20Virtual%20Personas_files/ Frame C99E |
20 KB 20 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
492215554639397
connect.facebook.net/signals/config/ |
516 KB 129 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 350 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 203 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 147 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- groupbcol.com
- URL
- http://groupbcol.com/desbloqueos/Bancolombia%20Sucursal%20Virtual%20Personas_files/saved_resource.html
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Bancolombia (Banking)90 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| popup_help_a string| contError function| reloadValidate function| setTitle function| DameLaFechaHora function| cerrarError number| year function| Hashtable function| startsWith function| DomDataCollection function| IE_FingerPrint function| Mozilla_FingerPrint function| Opera_FingerPrint function| Timer function| randrange function| detectIE function| getRandomPort object| ProxyCollector function| BlackberryLocationCollector function| detectFields string| SEP string| PAIR string| DEV function| FingerPrint function| urlEncode function| encode_deviceprint function| decode_deviceprint function| post_deviceprint function| post_fingerprints function| add_deviceprint function| form_add_data function| form_add_deviceprint string| HTML5 string| BLACKBERRY string| UNDEFINED string| GEO_LOCATION_DEFAULT_STRUCT object| geoLocator boolean| geoLocatorStatus function| detectDeviceCollectionAPIMode function| init function| startCollection function| stopCollection function| getGeolocationStruct function| HTML5LocationCollector object| TimestampCollector object| UIEventCollector function| UIEvent function| InteractionElement function| UIElementList function| activeXDetect function| stripIllegalChars function| stripFullPath object| BrowserDetect function| convertTimestampToGMT function| getTimestampInMillis function| debug function| forceIE89Synchronicity boolean| isIE boolean| isWin boolean| isOpera function| ControlVersion function| GetSwfVer function| DetectFlashVer function| AC_AddExtension function| AC_Generateobj function| AC_FL_RunContent function| AC_GetArgs function| getFlashMovieObject function| fingerprint_userlang function| collect string| flashVars string| flashMovie number| versionStr object| tags object| BKTAG function| bk_addUserCtx function| bk_addPageCtx function| bk_addEmailHash function| bk_addPhoneHash function| bk_doJSTag function| bk_doJSTag2 function| bk_doCarsJSTag function| bk_doPartnerAltTag function| bk_doCallbackTag function| bk_doCallbackTagWithTimeOut function| fbq function| _fbq boolean| bk_allow_multiple_calls1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.groupbcol.com/ | Name: _fbp Value: fb.1.1590022330756.480746064 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
connect.facebook.net
groupbcol.com
images-cdn.info
stags.bluekai.com
www.facebook.com
groupbcol.com
160.153.129.224
23.45.237.36
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
54.86.140.52
0265a31c7bea01a32328e09245aad8cf38ba3316a13e93080697b35e338f35b4
0c6ef1faecf3289978bcaa4f9ae088c4b29ce96de1340e8be5e47c7db04f5a1a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
159c82dfeb20459ed55849f8fa7937e022188195cdd500497e034b31fd425f50
162b894f020f061cff859690f6ac2baecccd7dd804aefaf7005d0a046837c517
23a1c2c5e9d31018a7949c004519d1c9e19cfe359be746dc12df5c9eecc42790
2519f59a7c1a670d15393268d66d60b4a640a9e5e1d40d6722ce971791bb912b
3a892de89bb6c27a3c991a7a5cf5105e68c72e072d178cd8bd141e7ea903a26a
4cb61e44bf63a9e090e666898cd04d382e4c33b55b62cc5e9ff7dab055fbf787
54b84c9b88e315c0668e715b1bbd89874ff41e8791debdc583ecae834c673d37
5cc280e965102224e1c7c0bd1df536c524c3a6fc9762205f4d7f7b345382c724
5e7aacc05a5cfe4d2fa8407d5a885b9c2511e0213fb5abd0599cdef3f0e0e524
64b79bfec474f62d1ac605ff7be30773c1b6b9afbcbafd6f2dbb893c79638f1f
696a0173303164c89f8cfe2d5fc96f45e81b811d80e5dfdfffab56674e7a472a
72bb75acb4498a53ecf522d8b07337c9bfed1c226fb8878fbd0233796c85c418
93bf1714fd8d4cad23861f0017d5b3335f8b009f59d2bd654dcf0c29b7f36031
948ed8889bd1775b18ef053727ed133c133ad222b5f380b0e3ef7e99d9a05743
a678fbd5d6c7dbad7ec89b486ad1baf3323296c8dde801141955969fe5026a73
c1a48b44bf36253d00b5156afc6cb5e3b6d28e4b28037fd6d876606e22aaa332
c2a45263b7318074e14d158d71ed6ca137f7c91f00bfcb2d6e31a5ae73dee41e
c5e39e74348a0e73dc45cf65201ba7a3d40a2945fc2430ed6093261a2ce34557
c9eeb55f7cf16683b871600ce998b61b1031629097be96069d5741f33adaf6d1
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e7161e464dfd00876cc649fe672da5eb4f3e7c188c7467ad034896127b9b81ce
edc37e0d803a7f6ca183a179259b1f7483c4c3516b7a352869b668872c912717
ef62646b0b21053bd22e4069e956d629cd4a64b4e35aeaaca0b522123b242c29
f8c3c0e81918d5435299bcf386c5f851b1779eebbeacae3e3fe5cb7bf57b0e33
fbef20bdaffe65a777ebfebb1f9d314cbc8b916875dcdc680a90442d01f3b190