europie.cl
Open in
urlscan Pro
2800:6c0:2::23e
Malicious Activity!
Public Scan
Submission Tags: @phish_report
Submission: On August 20 via api from FI — Scanned from FI
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 29th 2023. Valid for: a year.
This is the only time europie.cl was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Banco de Venezuela (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 9 | 2800:6c0:2::23e 2800:6c0:2::23e | 27823 (Dattatec.com) (Dattatec.com) | |
8 | 1 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
europie.cl
1 redirects
europie.cl |
139 KB |
8 | 1 |
Domain | Requested by | |
---|---|---|
9 | europie.cl |
1 redirects
europie.cl
|
8 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
europie.cl Sectigo RSA Domain Validation Secure Server CA |
2023-11-29 - 2024-11-28 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://europie.cl/home/bvdhome/
Frame ID: C52AA7BF8725BAF3339AD12C32DC1B43
Requests: 8 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 6- https://europie.cl/favicon.ico HTTP 302
- https://europie.cl/wp-includes/images/w-logo-blue-white-bg.png
8 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
europie.cl/home/bvdhome/ |
21 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
europie.cl/home/bvdhome/assets/ |
328 KB 31 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
asi.css
europie.cl/home/bvdhome/assets/ |
52 B 143 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
europie.cl/home/bvdhome/assets/ |
31 KB 31 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jav2.js
europie.cl/home/bvdhome/assets/ |
262 B 224 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.js
europie.cl/home/bvdhome/assets/ |
5 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
background.webp
europie.cl/home/bvdhome/assets/ |
68 KB 66 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
w-logo-blue-white-bg.png
europie.cl/wp-includes/images/ Redirect Chain
|
4 KB 4 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Banco de Venezuela (Banking)6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| ver function| chcs function| chc function| cls function| verificarLongitud number| stage1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
europie.cl/ | Name: PHPSESSID Value: 5a7d091d6deb3875cc22ccb5d97cf91b |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
europie.cl
2800:6c0:2::23e
2db48f3bb76be4f40a324525d4e872882f59208122f0ea552759eb76beb97d3a
4c2be8501c958667208f12c7a74deb028142143a350acd6ee614fc8066ef262a
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
6c0b5af07d620812297ecaef34a583767b98dfde7e1baea19caac49618128e30
93af24c01c94473fc782ea883a4ee554e3e06f2ca0b004af10181ada7fc2e141
abdb6a29431933e6bc647ddca9be214e0dfaca6c26b759211550999693030a3c
d8d0c3763083c8108f468fd6518d0916f651d2e56257aca71abe7541fd034cb0
fb0cb7f47385dc36d0e23bb39ae5b0e4e6cf9f9538e6f157f224975ad45776c4