108.21.168.34.bc.googleusercontent.com
Open in
urlscan Pro
34.168.21.108
Malicious Activity!
Public Scan
Submission: On November 03 via api from US — Scanned from US
Summary
This is the only time 108.21.168.34.bc.googleusercontent.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Bancolombia (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
18 | 34.168.21.108 34.168.21.108 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
1 | 2607:f8b0:400... 2607:f8b0:4006:809::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 54.91.59.199 54.91.59.199 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 34.117.59.81 34.117.59.81 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
21 | 4 |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 108.21.168.34.bc.googleusercontent.com
108.21.168.34.bc.googleusercontent.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-91-59-199.compute-1.amazonaws.com
api.ipify.org |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 81.59.117.34.bc.googleusercontent.com
ipinfo.io |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
googleusercontent.com
108.21.168.34.bc.googleusercontent.com |
1 MB |
1 |
ipinfo.io
ipinfo.io — Cisco Umbrella Rank: 4894 |
521 B |
1 |
ipify.org
api.ipify.org — Cisco Umbrella Rank: 2725 |
276 B |
1 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 447 |
31 KB |
21 | 4 |
Domain | Requested by | |
---|---|---|
18 | 108.21.168.34.bc.googleusercontent.com |
108.21.168.34.bc.googleusercontent.com
|
1 | ipinfo.io |
ajax.googleapis.com
|
1 | api.ipify.org |
ajax.googleapis.com
|
1 | ajax.googleapis.com |
108.21.168.34.bc.googleusercontent.com
|
21 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
sucursalpersonas.transaccionesbancolombia.com |
www.bancolombia.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
upload.video.google.com GTS CA 1C3 |
2022-10-17 - 2023-01-09 |
3 months | crt.sh |
*.ipify.org Sectigo RSA Domain Validation Secure Server CA |
2022-02-07 - 2023-03-10 |
a year | crt.sh |
ipinfo.io GTS CA 1D4 |
2022-10-11 - 2023-01-09 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
http://108.21.168.34.bc.googleusercontent.com/grupobancolombia/90f3d40d85fbac8e5d6570a184959141/USERscis=ZfZ3R2Fim.html?app=AAdsFgYUIaqNAZI2&id=de6d4a8ab39b49b6b08316c3fe40a7471b7717f&country=Canada&iso=CA
Frame ID: 644AC7C08903F1BC7D45744292286054
Requests: 19 HTTP requests in this frame
Frame:
http://108.21.168.34.bc.googleusercontent.com/grupobancolombia/90f3d40d85fbac8e5d6570a184959141/login_SVP_BC_zonaAA.html
Frame ID: D11F59E821AAAD6BACEE75E0DCAE7157
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
Bancolombia Sucursal Virtual PersonasDetected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery UI (JavaScript Libraries) Expand
Detected patterns
- jquery-ui.*\.js
Page Statistics
5 Outgoing links
These are links going to different origins than the main page.
Title: ¿Olvidaste tu usuario?
Search URL Search Domain Scan URL
Title: Conoce sobre Sucursal Virtual Personas
Search URL Search Domain Scan URL
Title: Aprende sobre Seguridad
Search URL Search Domain Scan URL
Title: Reglamento Sucursal Virtual
Search URL Search Domain Scan URL
Title: Política de Privacidad
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
21 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
USERscis=ZfZ3R2Fim.html
108.21.168.34.bc.googleusercontent.com/grupobancolombia/90f3d40d85fbac8e5d6570a184959141/ |
16 KB 16 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles.css
108.21.168.34.bc.googleusercontent.com/grupobancolombia/90f3d40d85fbac8e5d6570a184959141/css/ |
105 KB 105 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.css
108.21.168.34.bc.googleusercontent.com/grupobancolombia/90f3d40d85fbac8e5d6570a184959141/css/ |
118 KB 119 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.10.1.js.descarga
108.21.168.34.bc.googleusercontent.com/grupobancolombia/90f3d40d85fbac8e5d6570a184959141/js/ |
142 KB 143 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ |
87 KB 31 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.validate-1.11.1.js.descarga
108.21.168.34.bc.googleusercontent.com/grupobancolombia/90f3d40d85fbac8e5d6570a184959141/js/ |
26 KB 26 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-ui.js.descarga
108.21.168.34.bc.googleusercontent.com/grupobancolombia/90f3d40d85fbac8e5d6570a184959141/js/ |
223 KB 223 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bluebird.min.js.descarga
108.21.168.34.bc.googleusercontent.com/grupobancolombia/90f3d40d85fbac8e5d6570a184959141/js/ |
78 KB 78 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-ui.css
108.21.168.34.bc.googleusercontent.com/grupobancolombia/90f3d40d85fbac8e5d6570a184959141/css/ |
31 KB 31 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ui.css
108.21.168.34.bc.googleusercontent.com/grupobancolombia/90f3d40d85fbac8e5d6570a184959141/css/ |
13 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.js.descarga
108.21.168.34.bc.googleusercontent.com/grupobancolombia/90f3d40d85fbac8e5d6570a184959141/js/ |
35 KB 36 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.jclockNew.js.descarga
108.21.168.34.bc.googleusercontent.com/grupobancolombia/90f3d40d85fbac8e5d6570a184959141/js/ |
8 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
api.ipify.org/ |
22 B 276 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
ipinfo.io/ |
261 B 521 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.svg
108.21.168.34.bc.googleusercontent.com/grupobancolombia/90f3d40d85fbac8e5d6570a184959141/img/ |
7 KB 7 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon-user.png
108.21.168.34.bc.googleusercontent.com/grupobancolombia/90f3d40d85fbac8e5d6570a184959141/img/ |
447 B 755 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
OpenSans-Regular.ttf
108.21.168.34.bc.googleusercontent.com/grupobancolombia/90f3d40d85fbac8e5d6570a184959141/css/ |
212 KB 212 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
CIBFontSans-Light.ttf
108.21.168.34.bc.googleusercontent.com/grupobancolombia/90f3d40d85fbac8e5d6570a184959141/css/ |
108 KB 108 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon_font_bc.ttf
108.21.168.34.bc.googleusercontent.com/grupobancolombia/90f3d40d85fbac8e5d6570a184959141/css/ |
31 KB 32 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login_SVP_BC_zonaAA.html
108.21.168.34.bc.googleusercontent.com/grupobancolombia/90f3d40d85fbac8e5d6570a184959141/ Frame D11F |
401 B 709 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
imgPublicidad19sept.png
108.21.168.34.bc.googleusercontent.com/grupobancolombia/90f3d40d85fbac8e5d6570a184959141/ Frame D11F |
101 KB 101 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Bancolombia (Banking)17 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation function| $ function| jQuery function| P function| popup_help_a function| cerrarError number| year function| getTCLIIDVK function| getTSESIDVK function| getTVIEIDVK0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
108.21.168.34.bc.googleusercontent.com
ajax.googleapis.com
api.ipify.org
ipinfo.io
2607:f8b0:4006:809::200a
34.117.59.81
34.168.21.108
54.91.59.199
0265a31c7bea01a32328e09245aad8cf38ba3316a13e93080697b35e338f35b4
13c03e22a633919beb2847c58c8285fb8a735ee97097d7c48fd403f8294b05f8
1e0d05440e9d05a0a8f17a67fd3abcb588a9b047fea26605519cc92ff424624b
23df149b107329b3e406b0f70b5e1bdf2455f7f4ee4e90b00e0dbfcf773e98a1
2c7a6ea74a49a6adc3fad622078895e9b2589448214913d8c035764148aca7d0
40bbcf961798bbca588379db5479b0f1ca48f252e37c7b1c255736849859eb9a
510854a3345288ca81899e28aea0267afb6002c122a6f5020c957cd5fb794c61
751bcbcd434089a9b12e9339a1891607ee99659ae3a674a6709e9a74dab21cd1
75d5b455151a3b1a0a5b100041fee37de2daa0b41d1d177deaa863177c5b5b83
8072615124c5bc2634fdecc09485c8b645c78ea27c212c3d61b80c26112bdcb8
a678fbd5d6c7dbad7ec89b486ad1baf3323296c8dde801141955969fe5026a73
ad0f43b7fd52d2f1574ba930c85ce401f95d69e21ad997ffe8e7ad98fec2ffda
c6abf874d8228e1e37ece02cbd25c86ac1d64200331f7b91b085885eaa5e3074
c9eeb55f7cf16683b871600ce998b61b1031629097be96069d5741f33adaf6d1
d282e5777b29135dd00fb1a2e06c0d6676e1547c5ac61693ddd3be880d66ec9f
d6776251aee962be29bab9f17f124d98c202a7cbf02e507c9d4dea244ff38e58
decf1c3cb09b3e38d867e0d5cf648220584404c9cf8d18a6c51bdfa2af5047cc
e4241398467d9ce8f1eaa77a129141570505af42dcaa9bd493b767e1d971bf37
e7d6f96db1d2dc802487291efac1742134517cdf56a7121ab0dd38dbe3a2195d
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fe5edd66777d896e48c3d3f6427ff48210727850ca9c870f7780d3a6d0da2b6d