bdvenlnea-banvenez.site Open in urlscan Pro
2606:4700:3035::ac43:baa8 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bdvenlnea-banvenez.site/
Submission: On July 26 via api (July 26th 2024, 2:45:35 am UTC) from US — Scanned from DE

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 8 HTTP transactions. The main IP is 2606:4700:3035::ac43:baa8, located in United States and belongs to CLOUDFLARENET, US. The main domain is bdvenlnea-banvenez.site.
TLS certificate: Issued by WE1 on July 25th 2024. Valid for: 3 months.

This is the only time bdvenlnea-banvenez.site was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Banco de Venezuela (Banking)

Domain & IP information

	IP Address		AS Autonomous System
8	2606:4700:303... 2606:4700:3035::ac43:baa8		13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	1

8 2606:4700:3035::ac43:baa8 (United States)

ASN13335 (CLOUDFLARENET, US)

bdvenlnea-banvenez.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	bdvenlnea-banvenez.site bdvenlnea-banvenez.site	140 KB
8	1

	Domain	Requested by
8	bdvenlnea-banvenez.site	bdvenlnea-banvenez.site
8	1

This site contains no links.

Subject Issuer	Validity	Valid
bdvenlnea-banvenez.site WE1	`2024-07-25` - `2024-10-23`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://bdvenlnea-banvenez.site/
Frame ID: 2F37D56CB9120530B386C3A76E19CEF3
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BDVenlínea personas

Page Statistics

8
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

140 kB
Transfer

468 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response bdvenlnea-banvenez.site/	22 KB 5 KB	578ms 541ms	Document text/html	2606:4700:3035::ac43:baa8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bdvenlnea-banvenez.site/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:baa8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0c1f970693069b51f7ae4b88f1ff4b43d34f48588bedbe40c7bb097fbb30caf1` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8a910dce6f5d9f3f-FRA content-encoding br content-type text/html; charset=UTF-8 date Fri, 26 Jul 2024 02:45:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pqcPuJNoU1TdZVVQDAaipbsYpNsaqxXM0TEOmRwXDZ%2F5dECeWnjdMRz7hSuS8KCKyu8jB8l%2FmFqsYGax6OQqiLUxWUP5MPNIrr6rmh6tQ02EdGq7KexeI3YrBvsmZJrrJc70GFkC57ranNnvdZCOrmGE49vZAw%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H3	200	style.css bdvenlnea-banvenez.site/assets/	341 KB 32 KB	304ms 303ms	Stylesheet text/css	2606:4700:3035::ac43:baa8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bdvenlnea-banvenez.site/assets/style.css Requested by Host: bdvenlnea-banvenez.site URL: https://bdvenlnea-banvenez.site/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:baa8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `1c7e5ca6564d2c5ab24dc7c975ae30f32dc1df6b5ee848be3cfad40968a3a22c` Request headers Referer https://bdvenlnea-banvenez.site/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 26 Jul 2024 02:45:30 GMT content-encoding gzip cf-cache-status MISS last-modified Mon, 24 Jun 2024 15:37:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "55522-61ba48ded7580-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kWiaLzy0KhWstSOw989OqfUZcj7HqIHQ3BSZdvDzoV557CJtzfpW1zeCeNOJFn7l2Q9x%2Ft91%2F3LrVaBZlS9TNaag1N9V5OrcWQKKd5WYvj1BToITwGHYeOcoJIEgF%2F%2FiDVtzDx4k8ltxcte70RoMWo61PPCRkw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 accept-ranges bytes cf-ray 8a910dd1d9de9f3f-FRA alt-svc h3=":443"; ma=86400 content-length 32230
GET H3	200	asi.css bdvenlnea-banvenez.site/assets/	52 B 520 B	204ms 203ms	Stylesheet text/css	2606:4700:3035::ac43:baa8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bdvenlnea-banvenez.site/assets/asi.css Requested by Host: bdvenlnea-banvenez.site URL: https://bdvenlnea-banvenez.site/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:baa8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `93af24c01c94473fc782ea883a4ee554e3e06f2ca0b004af10181ada7fc2e141` Request headers Referer https://bdvenlnea-banvenez.site/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 26 Jul 2024 02:45:30 GMT content-encoding br cf-cache-status REVALIDATED last-modified Mon, 24 Jun 2024 12:07:42 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"34-61ba1a0d0ff80" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=heloGR8yWpWtcJKa%2F1VHohQixBZl7AV6%2B2PSA426OdmOWaYg5z%2BuBuCNnRsMqiouaszyQb0VW4WUvRuDSxNE9tCaM5gQ557FjF0Ec3PWy11ZiSyrEAEC9fsLqsRF1K5gMatjfjQ2LUq0BXD4wS0qPcJTCFeKUg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 8a910dd1d9df9f3f-FRA alt-svc h3=":443"; ma=86400
GET H3	200	logo.png bdvenlnea-banvenez.site/assets/	31 KB 32 KB	204ms 203ms	Image image/png	2606:4700:3035::ac43:baa8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bdvenlnea-banvenez.site/assets/logo.png Requested by Host: bdvenlnea-banvenez.site URL: https://bdvenlnea-banvenez.site/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:baa8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2db48f3bb76be4f40a324525d4e872882f59208122f0ea552759eb76beb97d3a` Request headers Referer https://bdvenlnea-banvenez.site/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 26 Jul 2024 02:45:30 GMT cf-cache-status REVALIDATED last-modified Mon, 24 Jun 2024 12:51:16 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "7da2-61ba23c9f7900" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e%2FW2qTBqVo6q4yma%2B4oM8dmJoLGoBOBwg6uZTMqM8Ww4MePPgta4bknGuCWB%2FDZaG9LFYwu18wX2bv%2BMrZZ5%2BXjjQQw3%2BHiOdVBsGUZ3BrCJidKUFkej2Q9XgwMxE12DxDXqkAwzopg1W2LImcx%2F%2BmnJPVzx%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 8a910dd1d9e09f3f-FRA alt-svc h3=":443"; ma=86400 content-length 32162
GET H3	200	jav2.js Show response bdvenlnea-banvenez.site/assets/	262 B 629 B	217ms 216ms	Script application/javascript	2606:4700:3035::ac43:baa8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bdvenlnea-banvenez.site/assets/jav2.js Requested by Host: bdvenlnea-banvenez.site URL: https://bdvenlnea-banvenez.site/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:baa8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6c0b5af07d620812297ecaef34a583767b98dfde7e1baea19caac49618128e30` Request headers Referer https://bdvenlnea-banvenez.site/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 26 Jul 2024 02:45:30 GMT content-encoding gzip cf-cache-status EXPIRED last-modified Mon, 24 Jun 2024 12:07:42 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "106-61ba1a0d0ff80-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4b9GjNTwlSnuhd2luEBdkHq944WuV6n428tToT1BX6xW004mz1uEWAZFcLfuWoyuuWjlmlRfOo7cYbAbzojEMSVTFsYG8gROEON1edU8KFeyr8lT65QJ0oZoKEej5xrCUOGuwncaBFjeP01M3f98HL6slfOLKg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 accept-ranges bytes cf-ray 8a910dd1d9e19f3f-FRA alt-svc h3=":443"; ma=86400 content-length 154
GET H3	200	app.js Show response bdvenlnea-banvenez.site/assets/	5 KB 2 KB	204ms 204ms	Script application/javascript	2606:4700:3035::ac43:baa8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bdvenlnea-banvenez.site/assets/app.js Requested by Host: bdvenlnea-banvenez.site URL: https://bdvenlnea-banvenez.site/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:baa8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `da4a7edddf188612214ccd48281a20e1fd884b8ad98ff0dea912db8234e2288c` Request headers Referer https://bdvenlnea-banvenez.site/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 26 Jul 2024 02:45:30 GMT content-encoding gzip cf-cache-status EXPIRED last-modified Mon, 24 Jun 2024 16:10:42 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "15f3-61ba505da2480-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AfD6TOWXT1VJdGu3S9EnVyOMAOnZxtqdln9QTVdKsmxfwSYRRR4yLzn8KztIXGH%2ByAksma3ZxmlA1wh%2FMYgw7VMurAzfTkcZcov2HvzzFLAmDo2GHq0EKKmLTjPOIe6DzVbocd7cQuOIuGFH4X7rApQQgvji7w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 accept-ranges bytes cf-ray 8a910dd1f9f29f3f-FRA alt-svc h3=":443"; ma=86400 content-length 1291
GET H3	200	background.webp bdvenlnea-banvenez.site/assets/	68 KB 68 KB	387ms 387ms	Image image/webp	2606:4700:3035::ac43:baa8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bdvenlnea-banvenez.site/assets/background.webp Requested by Host: bdvenlnea-banvenez.site URL: https://bdvenlnea-banvenez.site/assets/style.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:baa8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `fb0cb7f47385dc36d0e23bb39ae5b0e4e6cf9f9538e6f157f224975ad45776c4` Request headers Referer https://bdvenlnea-banvenez.site/assets/style.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 26 Jul 2024 02:45:31 GMT cf-cache-status MISS last-modified Mon, 24 Jun 2024 12:50:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "10e52-61ba23af43a00" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XZaAA2FoaF%2BDbmfGz9FehuW3yTVYGkieD%2BrGakcJujD4xC75DKIotEuz%2B4yrcUngrWWOVBsSJ533j0iwIr4cRyM3QPKXEL7DwR9UGsuIHQaYYYx2bP7fZsxYHRMk8vr2qG6xhFJ%2Bt41dwoH8siBbRcQa3MlNhQ%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=14400 accept-ranges bytes cf-ray 8a910dd3db239f3f-FRA alt-svc h3=":443"; ma=86400 content-length 69202
GET H3	404	favicon.ico bdvenlnea-banvenez.site/	285 B 675 B	206ms 205ms	Other text/html	2606:4700:3035::ac43:baa8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bdvenlnea-banvenez.site/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:baa8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a26b9518ea20276427ddec63d864f4f1d64e175746d9bf56c60fac57a46c7b29` Request headers Referer https://bdvenlnea-banvenez.site/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 26 Jul 2024 02:45:31 GMT content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qb%2F%2BeDx0ND%2FJOOyBusdLEezodvZ55qtkEaR%2BNshmFD1YuYFBUBHnVeDCoeI8v0fRCcBcZ1T9pmtgEd7K46gEm5MTbMWv8r7Cewh%2Ba1mcksYbAPXXoKoNedE8kqQN0pJEVZN4q8773yn4d7QNU%2BLeJ5iJXU9d5Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 8a910dd65cdf9f3f-FRA alt-svc h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banco de Venezuela (Banking)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://bdvenlnea-banvenez.site/ Message: [DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o
network	error	URL: https://bdvenlnea-banvenez.site/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bdvenlnea-banvenez.site
2606:4700:3035::ac43:baa8
0c1f970693069b51f7ae4b88f1ff4b43d34f48588bedbe40c7bb097fbb30caf1
1c7e5ca6564d2c5ab24dc7c975ae30f32dc1df6b5ee848be3cfad40968a3a22c
2db48f3bb76be4f40a324525d4e872882f59208122f0ea552759eb76beb97d3a
6c0b5af07d620812297ecaef34a583767b98dfde7e1baea19caac49618128e30
93af24c01c94473fc782ea883a4ee554e3e06f2ca0b004af10181ada7fc2e141
a26b9518ea20276427ddec63d864f4f1d64e175746d9bf56c60fac57a46c7b29
da4a7edddf188612214ccd48281a20e1fd884b8ad98ff0dea912db8234e2288c
fb0cb7f47385dc36d0e23bb39ae5b0e4e6cf9f9538e6f157f224975ad45776c4

bdvenlnea-banvenez.site Open in urlscan Pro 2606:4700:3035::ac43:baa8 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

8 Requests

100 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

140 kBTransfer

468 kBSize

0 Cookies

0 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

6 JavaScript Global Variables

0 Cookies

2 Console Messages

Indicators

bdvenlnea-banvenez.site Open in urlscan Pro
2606:4700:3035::ac43:baa8 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

140 kB
Transfer

468 kB
Size

0
Cookies

8 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!