bioangels.vc - urlscan.io

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 2 HTTP transactions. The main IP is 103.25.130.240, located in India and belongs to NETMAGIC-AP Netmagic Datacenter Mumbai, IN. The main domain is bioangels.vc.
TLS certificate: Issued by RapidSSL TLS RSA CA G1 on May 11th 2023. Valid for: a year.

This is the only time bioangels.vc was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Acerta (Online)

Domain & IP information

	IP Address		AS Autonomous System
2	103.25.130.240 103.25.130.240		17439 (NETMAGIC-...) (NETMAGIC-AP Netmagic Datacenter Mumbai)
2	2

2 103.25.130.240 (India)

ASN17439 (NETMAGIC-AP Netmagic Datacenter Mumbai, IN)
PTR: lserver039-ind.megavelocity.net

bioangels.vc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	bioangels.vc bioangels.vc	262 KB
2	1

	Domain	Requested by
2	bioangels.vc	bioangels.vc
2	1

This site contains links to these domains. Also see Links.

Domain
login.acerta.be
www.acerta.be
www.facebook.com
twitter.com
www.linkedin.com
www.youtube.com

Subject Issuer	Validity	Valid
bioangels.vc RapidSSL TLS RSA CA G1	`2023-05-11` - `2024-05-17`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://bioangels.vc/online/acerta/form.html
Frame ID: 60CD43438FA682CDEC4F2B04F25DB957
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MyAcerta - Valideren

Page Statistics

2
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

281 kB
Transfer

280 kB
Size

0
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://login.acerta.be/auth/realms/PRD/login-actions/authenticate?client_id=MyAcerta&tab_id=zZlra55YIbM&execution=50d0892c-6b77-4357-9a4a-e9fdb3652ae9&kc_locale=fr
Title: FR

Search URL Search Domain Scan URL

URL: https://www.acerta.be/disclaimer-nl
Title: Disclaimer

Search URL Search Domain Scan URL

URL: https://www.acerta.be/privacy-nl
Title: Privacy en cookies

Search URL Search Domain Scan URL

URL: https://www.acerta.be/external-statement-nl
Title: External statement

Search URL Search Domain Scan URL

URL: https://www.facebook.com/AcertaBelgium

Search URL Search Domain Scan URL

URL: https://twitter.com/AcertaNL

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/162259

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCfyUfrBUIL71ix6UDtplPOw

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request form.html Show response bioangels.vc/online/acerta/	259 KB 259 KB	741ms 161ms	Document text/html	103.25.130.240 NETMAGIC-AP Netma...
General Check archive.org Show headers Download Go to Full URL https://bioangels.vc/online/acerta/form.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 103.25.130.240 , India, ASN17439 (NETMAGIC-AP Netmagic Datacenter Mumbai, IN), Reverse DNS lserver039-ind.megavelocity.net Software Apache / Resource Hash `4f5fe657ab4f20d1db6c7a417857136b093aaea3f74466a8400189d7fa778228` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Connection Keep-Alive Content-Length 265402 Content-Type text/html Date Fri, 01 Dec 2023 13:07:07 GMT Keep-Alive timeout=5, max=100 Last-Modified Wed, 15 Nov 2023 22:27:16 GMT Server Apache
GET H/1.1	200 OK	logo.svg bioangels.vc/online/acerta/images/	3 KB 3 KB	163ms 163ms	Image image/svg+xml	103.25.130.240 NETMAGIC-AP Netma...
General Check archive.org Show headers Download Go to Show image Full URL https://bioangels.vc/online/acerta/images/logo.svg Requested by Host: bioangels.vc URL: https://bioangels.vc/online/acerta/form.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 103.25.130.240 , India, ASN17439 (NETMAGIC-AP Netmagic Datacenter Mumbai, IN), Reverse DNS lserver039-ind.megavelocity.net Software Apache / Resource Hash `e2fab36e6e3f63328945f1c05aa5d7b929a0416f2275b82a899865070ac27939` Request headers accept-language de-DE,de;q=0.9 Referer https://bioangels.vc/online/acerta/form.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Date Fri, 01 Dec 2023 13:07:07 GMT Last-Modified Sun, 15 Jan 2023 15:00:00 GMT Server Apache Content-Type image/svg+xml Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 2573
GET DATA	200 OK	truncated /	266 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	18 KB 18 KB		Font application/octet-stream
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `42c29ac8bfd0a6147e97cb457a12301602c227de7c4bd20f0d91ec27033edfa9` Request headers Referer Origin https://bioangels.vc accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Content-Type application/octet-stream

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Acerta (Online)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| savepage_ShadowLoader

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bioangels.vc
103.25.130.240
42c29ac8bfd0a6147e97cb457a12301602c227de7c4bd20f0d91ec27033edfa9
4f5fe657ab4f20d1db6c7a417857136b093aaea3f74466a8400189d7fa778228
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
e2fab36e6e3f63328945f1c05aa5d7b929a0416f2275b82a899865070ac27939

bioangels.vc Open in urlscan Pro 103.25.130.240 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

2 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

281 kBTransfer

280 kBSize

0 Cookies

8 Outgoing links

Redirected requests

2 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

2 JavaScript Global Variables

0 Cookies

Indicators

bioangels.vc Open in urlscan Pro
103.25.130.240 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

2
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

281 kB
Transfer

280 kB
Size

0
Cookies

2 HTTP transactions
2 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!