urlscan.io logo urlscan.io
SecurityTrails logo

216.244.165.236 Open in urlscan Pro
216.244.165.236  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://216.244.165.236/
Submission: On January 05 via automatic, source phishtank — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 5 countries across 11 domains to perform 44 HTTP transactions. The main IP is 216.244.165.236, located in Peru and belongs to America Movil Peru S.A.C., PE. The main domain is 216.244.165.236.
TLS certificate: Issued by GlobalSign Extended Validation CA - S... on April 9th 2021. Valid for: a year.
This is the only time 216.244.165.236 was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Banco de Crédito del Perú (Banking)

Domain & IP information

IP Address AS Autonomous System
1 216.244.165.236 12252 (America M...)
23 2a02:26f0:170... 20940 (AKAMAI-ASN1)
1 2600:9000:214... 16509 (AMAZON-02)
4 136.243.36.90 24940 (HETZNER-AS)
2 5 2a00:1450:400... 15169 (GOOGLE)
2 2 2a00:1450:400... 15169 (GOOGLE)
2 2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a05:d014:275... 16509 (AMAZON-02)
1 2a03:b0c0:3:d... 14061 (DIGITALOC...)
2 200.4.200.190 6147 (Telefonic...)
1 52.212.247.225 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
44 12
1    216.244.165.236 (Peru)

ASN12252 (America Movil Peru S.A.C., PE)
216.244.165.236
23    2a02:26f0:1700:1b8::2e48 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
stbcpzonasegura.viabcp.com
1    2600:9000:214f:c400:1:1c51:10c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.chatvisor.com
4    136.243.36.90 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.90.36.243.136.clients.your-server.de
app.chatvisor.com
5    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.co.uk
1    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a05:d014:275:cb01:8d93:e14c:3058:b0f4 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
unruffled-shannon-1a7413.netlify.com
1    2a03:b0c0:3:d0::d25:d001 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
unruffled-shannon-1a7413.netlify.app
2    200.4.200.190 (Huancayo, Peru)

ASN6147 (Telefonica del Peru S.A.A., PE)
bcpzonasegurabeta.viabcp.com
1    52.212.247.225 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-247-225.eu-west-1.compute.amazonaws.com
bcpr42sh.staticmon.com
1    2a00:1450:400e:810::2003 (Ireland)

ASN15169 (GOOGLE, US)
www.google.de
Domain Requested by
23 stbcpzonasegura.viabcp.com 216.244.165.236
stbcpzonasegura.viabcp.com
5 www.google-analytics.com 2 redirects 216.244.165.236
www.googletagmanager.com
4 app.chatvisor.com cdn.chatvisor.com
stbcpzonasegura.viabcp.com
2 bcpzonasegurabeta.viabcp.com stbcpzonasegura.viabcp.com
2 www.google.com 2 redirects
2 stats.g.doubleclick.net 2 redirects
1 www.google.de
1 bcpr42sh.staticmon.com stbcpzonasegura.viabcp.com
1 unruffled-shannon-1a7413.netlify.app 216.244.165.236
1 unruffled-shannon-1a7413.netlify.com 1 redirects
1 www.googletagmanager.com 216.244.165.236
1 www.google.co.uk 216.244.165.236
1 cdn.chatvisor.com 216.244.165.236
44 13

This site contains links to these domains. Also see Links.

Domain
www.viabcp.com
Subject Issuer Validity Valid
bcpzonasegurabeta.viabcp.com
GlobalSign Extended Validation CA - SHA256 - G3		 2021-04-09 -
2022-05-11		 a year crt.sh
st.bcpzonasegura.bcp.com.pe
DigiCert SHA2 Secure Server CA		 2021-09-09 -
2022-09-09		 a year crt.sh
cdn.chatvisor.com
Amazon		 2021-01-08 -
2022-02-05		 a year crt.sh
chatvisor.com
R3		 2021-11-29 -
2022-02-27		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.staticmon.com
Go Daddy Secure Certificate Authority - G2		 2021-02-24 -
2022-03-28		 a year crt.sh

This page contains 1 frames:

Primary Page: https://216.244.165.236/
Frame ID: 5C8A2F1C19481249C50212A4831E8937
Requests: 41 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Banco de Crédito >>BCP>>

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

44
Requests

80 %
HTTPS

71 %
IPv6

11
Domains

13
Subdomains

12
IPs

5
Countries

1597 kB
Transfer

5530 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://www.google-analytics.com/r/collect?v=1&_v=j66&aip=1&a=320839575&t=pageview&_s=1&dl=https%3A%2F%2F216.244.165.236%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Banco%20de%20Cr%C3%A9dito%20%3E%3EBCP%3E%3E&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABE~&jid=1223442167&gjid=529646217&cid=1990589599.1641388224&tid=UA-79497878-7&_gid=772721051.1641388224&_r=1&z=1549472717 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-79497878-7&cid=1990589599.1641388224&jid=1223442167&_gid=772721051.1641388224&gjid=529646217&_v=j66&z=1549472717 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-79497878-7&cid=1990589599.1641388224&jid=1223442167&_v=j66&z=1549472717 HTTP 302
  • https://www.google.co.uk/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-79497878-7&cid=1990589599.1641388224&jid=1223442167&_v=j66&z=1549472717&slf_rd=1&random=500892418
Request Chain 18
  • https://unruffled-shannon-1a7413.netlify.com/bcpr42sh.js HTTP 301
  • https://unruffled-shannon-1a7413.netlify.app/bcpr42sh.js
Request Chain 34
  • https://www.google-analytics.com/r/collect?v=1&_v=j66&aip=1&a=320839575&t=event&ni=1&_s=1&dl=https%3A%2F%2F216.244.165.236%2F&dp=%2Finiciar-sesion&ul=en-us&de=UTF-8&dt=Banco%20de%20Cr%C3%A9dito%20%3E%3EBCP%3E%3E&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Respuesta%20de%20Servicio%20Iniciar%20Sesion&ea=%2F%2Fbcpr42sh.staticmon.com%2Ftun%2Fbcpr42sh%2Finput%2F&el=P%C3%A1g.%20Anterior%3A%20%2C%20Tiempo%20de%20respuesta%3A112&_u=aEDAAEABE~&jid=470973252&gjid=1820148944&cid=1990589599.1641388224&tid=UA-79497878-5&_gid=772721051.1641388224&_r=1&gtm=2wgc10T8LG6J5&z=292969855 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-79497878-5&cid=1990589599.1641388224&jid=470973252&_gid=772721051.1641388224&gjid=1820148944&_v=j66&z=292969855 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-79497878-5&cid=1990589599.1641388224&jid=470973252&_v=j66&z=292969855 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-79497878-5&cid=1990589599.1641388224&jid=470973252&_v=j66&z=292969855&slf_rd=1&random=3256605142

44 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
216.244.165.236/ 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://216.244.165.236/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
216.244.165.236 , Peru, ASN12252 (America Movil Peru S.A.C., PE),
Reverse DNS
Software
/
Resource Hash
0f68f3068e0f0607a4dd14cac7a535cc6c0aa78eba2cbd52fadf80eab743a530
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Wed, 05 Jan 2022 13:10:22 GMT
X-Frame-Options
SAMEORIGIN
Accept-Ranges
bytes
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Pragma
no-cache
Expires
0
Content-Length
2569
Keep-Alive
timeout=10, max=100
Connection
Keep-Alive
Content-Type
text/html
styles.73891af9c5f119165612.bundle.css
stbcpzonasegura.viabcp.com/ 		232 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stbcpzonasegura.viabcp.com/styles.73891af9c5f119165612.bundle.css
Requested by
Host: 216.244.165.236
URL: https://216.244.165.236/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:1700:1b8::2e48 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
576268ebbf93e3090085fd1c960591a5027a438c3c8dd727e1f46fc017322db4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://216.244.165.236/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:10:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
server-timing
dtRpid;desc="1927163616"
accept-ranges
bytes
vary
Accept-Encoding
content-length
34685
x-xss-protection
1; mode=block
expires
Wed, 05 Jan 2022 13:10:22 GMT
logo_blanco.svg
stbcpzonasegura.viabcp.com/assets/img/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stbcpzonasegura.viabcp.com/assets/img/logo_blanco.svg
Requested by
Host: 216.244.165.236
URL: https://216.244.165.236/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:1700:1b8::2e48 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
99066f683e36549f1e747a7cfab97606573a4367fe35a4e82dda5c3b03a43287
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://216.244.165.236/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:10:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
server-timing
dtRpid;desc="1837547802"
accept-ranges
bytes
vary
Accept-Encoding
content-length
2490
x-xss-protection
1; mode=block
expires
Wed, 05 Jan 2022 13:10:22 GMT
56myjZOlu6.js
cdn.chatvisor.com/cdn/js/ 		71 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.chatvisor.com/cdn/js/56myjZOlu6.js
Requested by
Host: 216.244.165.236
URL: https://216.244.165.236/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:c400:1:1c51:10c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ef61827c8d47589470e935827e04e73c0354b4662b47fcea536a84bcd5ef9004

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://216.244.165.236/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 12:05:52 GMT
content-encoding
gzip
last-modified
Mon, 03 Jan 2022 12:45:43 GMT
server
AmazonS3
age
3871
etag
W/"f5dc3e59fbb21d2a8c75d3356503757a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
cache-control
max-age=7200,public
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
bBbsYB3xsMfHmfO4foEXNgCv2TTBVwTzOZNj2CajqEYpV6C1nS2PYA==
inline.9309118842c0e35c4704.bundle.js
stbcpzonasegura.viabcp.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stbcpzonasegura.viabcp.com/inline.9309118842c0e35c4704.bundle.js
Requested by
Host: 216.244.165.236
URL: https://216.244.165.236/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:1700:1b8::2e48 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6abe8a73b181fd1f70b3b719778a84f6ada3153f9191a490be5542484a018124
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://216.244.165.236/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:10:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
server-timing
dtRpid;desc="1729952136"
accept-ranges
bytes
vary
Accept-Encoding
content-length
1405
x-xss-protection
1; mode=block
expires
Wed, 05 Jan 2022 13:10:22 GMT
polyfills.c979baad0a3186ef4457.bundle.js
stbcpzonasegura.viabcp.com/ 		106 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stbcpzonasegura.viabcp.com/polyfills.c979baad0a3186ef4457.bundle.js
Requested by
Host: 216.244.165.236
URL: https://216.244.165.236/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:1700:1b8::2e48 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
35a0ff464bb7ae3678794e852c4f4e0499d5ce16b170716c4bebb282396d408b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://216.244.165.236/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:10:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
server-timing
dtRpid;desc="-1315600247"
accept-ranges
bytes
vary
Accept-Encoding
content-length
36810
x-xss-protection
1; mode=block
expires
Wed, 05 Jan 2022 13:10:22 GMT
scripts.09fad8d55f4ac8b7b76d.bundle.js
stbcpzonasegura.viabcp.com/ 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stbcpzonasegura.viabcp.com/scripts.09fad8d55f4ac8b7b76d.bundle.js
Requested by
Host: 216.244.165.236
URL: https://216.244.165.236/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:1700:1b8::2e48 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ceca405ca0d4e50dd7c27bacb32387d649e42d8d6acf14df08975c546774797e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://216.244.165.236/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:10:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
server-timing
dtRpid;desc="1604231740"
accept-ranges
bytes
vary
Accept-Encoding
content-length
28356
x-xss-protection
1; mode=block
expires
Wed, 05 Jan 2022 13:10:22 GMT
vendor.65fea5d74d826b4924b6.bundle.js
stbcpzonasegura.viabcp.com/ 		2 MB
374 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stbcpzonasegura.viabcp.com/vendor.65fea5d74d826b4924b6.bundle.js
Requested by
Host: 216.244.165.236
URL: https://216.244.165.236/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:1700:1b8::2e48 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
91523cfc88605436a38f9599f7f094c9ece7263ba0ac1b33b0771a4a64427db6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://216.244.165.236/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:10:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
server-timing
dtRpid;desc="1694409041"
accept-ranges
bytes
vary
Accept-Encoding
content-length
381876
x-xss-protection
1; mode=block
expires
Wed, 05 Jan 2022 13:10:22 GMT
main.fbc661d50f60154570ee.bundle.js
stbcpzonasegura.viabcp.com/ 		641 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stbcpzonasegura.viabcp.com/main.fbc661d50f60154570ee.bundle.js
Requested by
Host: 216.244.165.236
URL: https://216.244.165.236/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:1700:1b8::2e48 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
9c0f51d0cfd23912ad07fe1f09487c4d8cf053d1a80aba023c9660d720852d2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://216.244.165.236/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:10:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
server-timing
dtRpid;desc="494060561"
accept-ranges
bytes
vary
Accept-Encoding
content-length
125725
x-xss-protection
1; mode=block
expires
Wed, 05 Jan 2022 13:10:22 GMT
bcpr42sh-red.js
stbcpzonasegura.viabcp.com/assets/ 		2 KB
1005 B 		Script
General
Check archive.org
Download Go to
Full URL
https://stbcpzonasegura.viabcp.com/assets/bcpr42sh-red.js
Requested by
Host: 216.244.165.236
URL: https://216.244.165.236/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:1700:1b8::2e48 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5ab31b6f85c701b181dfef7620dc468aca7119a787535cfabac7dd74b68aa7a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://216.244.165.236/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:10:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
server-timing
dtRpid;desc="1550716850"
accept-ranges
bytes
vary
Accept-Encoding
content-length
722
x-xss-protection
1; mode=block
expires
Wed, 05 Jan 2022 13:10:22 GMT
actionRules
app.chatvisor.com/api/in/wg/conf/56myjZOlu6/ 		22 B
376 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.chatvisor.com/api/in/wg/conf/56myjZOlu6/actionRules
Requested by
Host: cdn.chatvisor.com
URL: https://cdn.chatvisor.com/cdn/js/56myjZOlu6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.243.36.90 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.90.36.243.136.clients.your-server.de
Software
istio-envoy /
Resource Hash
0b866ee4f3c09b0e278b0f6fe01c1b8c79263a1ffe36ca1649d8a0a5025a5888
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://216.244.165.236/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:10:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
istio-envoy
x-frame-options
DENY
content-type
application/json;charset=utf-8
access-control-allow-origin
https://216.244.165.236
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
4
strict-transport-security
max-age=31536000
vary
Origin,Accept-Encoding, User-Agent
x-xss-protection
1; mode=block
expires
0
56myjZOlu6
app.chatvisor.com/api/in/wg/conf/ 		8 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.chatvisor.com/api/in/wg/conf/56myjZOlu6
Requested by
Host: cdn.chatvisor.com
URL: https://cdn.chatvisor.com/cdn/js/56myjZOlu6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.243.36.90 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.90.36.243.136.clients.your-server.de
Software
istio-envoy /
Resource Hash
afed1e7393525e9ef7171aebac6358597ee58f572b1c9db48de28eb386d4ed11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://216.244.165.236/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:10:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
istio-envoy
x-frame-options
DENY
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://216.244.165.236
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
4
strict-transport-security
max-age=31536000
vary
Origin,Accept-Encoding, User-Agent
x-xss-protection
1; mode=block
expires
0
242863_3_0.973408b83b66574e2bde.woff
stbcpzonasegura.viabcp.com/ 		69 KB
69 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://stbcpzonasegura.viabcp.com/242863_3_0.973408b83b66574e2bde.woff
Requested by
Host: stbcpzonasegura.viabcp.com
URL: https://stbcpzonasegura.viabcp.com/styles.73891af9c5f119165612.bundle.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:1700:1b8::2e48 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
d6e507e9151c1b691b6d6a2a226455ddf2eaaf03a6314d19c41d129d6215e120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://stbcpzonasegura.viabcp.com/styles.73891af9c5f119165612.bundle.css
Origin
https://216.244.165.236
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:10:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-type
application/font-woff
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
server-timing
dtRpid;desc="2047621559"
accept-ranges
bytes
timing-allow-origin
*
vary
Accept-Encoding
content-length
70560
x-xss-protection
1; mode=block
expires
Wed, 05 Jan 2022 13:10:22 GMT
i18n
app.chatvisor.com/api/in/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.chatvisor.com/api/in/i18n?tId=56myjZOlu6&sId=f97a1e3b38b14ab8bc7ee86ddcd8387a&vId=0b4ba14ea86642fa9a6480ad54065863&lang=en-US
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.243.36.90 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.90.36.243.136.clients.your-server.de
Software
istio-envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-cv-ssid
Origin
https://216.244.165.236
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 05 Jan 2022 13:10:23 GMT
access-control-allow-origin
https://216.244.165.236
vary
Origin
access-control-allow-methods
GET
access-control-allow-headers
x-cv-ssid
access-control-allow-credentials
true
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
x-envoy-upstream-service-time
1
strict-transport-security
max-age=31536000
server
istio-envoy
es.json
stbcpzonasegura.viabcp.com/assets/literals/ 		129 KB
34 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stbcpzonasegura.viabcp.com/assets/literals/es.json
Requested by
Host: stbcpzonasegura.viabcp.com
URL: https://stbcpzonasegura.viabcp.com/polyfills.c979baad0a3186ef4457.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:1700:1b8::2e48 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
85600b2dfd80084bc92c8edf1b8128e93eeba71b0c862143b138d43bbd3ef409
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://216.244.165.236/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:10:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
server-timing
dtRpid;desc="-355394763"
accept-ranges
bytes
timing-allow-origin
*
vary
Accept-Encoding
content-length
34097
x-xss-protection
1; mode=block
expires
Wed, 05 Jan 2022 13:10:23 GMT
0.f190d81a04625c17feb6.chunk.js
stbcpzonasegura.viabcp.com/ 		2 MB
495 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stbcpzonasegura.viabcp.com/0.f190d81a04625c17feb6.chunk.js
Requested by
Host: stbcpzonasegura.viabcp.com
URL: https://stbcpzonasegura.viabcp.com/inline.9309118842c0e35c4704.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:1700:1b8::2e48 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
be2babdeade4e658a948afa71f9482104925e2682d12857f4c3c63f50ed93e76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://216.244.165.236/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:10:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
server-timing
dtRpid;desc="-1514991558"
accept-ranges
bytes
vary
Accept-Encoding
content-length
505961
x-xss-protection
1; mode=block
expires
Wed, 05 Jan 2022 13:10:23 GMT
ga-audiences
www.google.co.uk/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j66&aip=1&a=320839575&t=pageview&_s=1&dl=https%3A%2F%2F216.244.165.236%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Banco%20de%20Cr%C3%A9dito%20%3E%3EBCP%3E%3E&s...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-79497878-7&cid=1990589599.1641388224&jid=1223442167&_gid=772721051.1641388224&gjid=529646217&_v=j66&z=1549472717
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-79497878-7&cid=1990589599.1641388224&jid=1223442167&_v=j66&z=1549472717
  • https://www.google.co.uk/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-79497878-7&cid=1990589599.1641388224&jid=1223442167&_v=j66&z=1549472717&slf_rd=1&random=500892418
42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-79497878-7&cid=1990589599.1641388224&jid=1223442167&_v=j66&z=1549472717&slf_rd=1&random=500892418
Requested by
Host: 216.244.165.236
URL: https://216.244.165.236/
Protocol
H2
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://216.244.165.236/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:10:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:10:24 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/html; charset=UTF-8
location
https://www.google.co.uk/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-79497878-7&cid=1990589599.1641388224&jid=1223442167&_v=j66&z=1549472717&slf_rd=1&random=500892418
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gtm.js
www.googletagmanager.com/ 		152 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T8LG6J5
Requested by
Host: 216.244.165.236
URL: https://216.244.165.236/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ad978d1e5727bcaf9decccd3c446c6673e188513431bd7238fe86f149b1db5b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://216.244.165.236/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:10:23 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49798
x-xss-protection
0
last-modified
Wed, 05 Jan 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 05 Jan 2022 13:10:23 GMT
i18n
app.chatvisor.com/api/in/ 		19 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.chatvisor.com/api/in/i18n?tId=56myjZOlu6&sId=f97a1e3b38b14ab8bc7ee86ddcd8387a&vId=0b4ba14ea86642fa9a6480ad54065863&lang=en-US
Requested by
Host: stbcpzonasegura.viabcp.com
URL: https://stbcpzonasegura.viabcp.com/polyfills.c979baad0a3186ef4457.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.243.36.90 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.90.36.243.136.clients.your-server.de
Software
istio-envoy /
Resource Hash
ae56c1c06091feacd64ca3bca4f7f8ce8c2581d4386261366bcda7b82fdd3542
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://216.244.165.236/
x-cv-ssid
f97a1e3b38b14ab8bc7ee86ddcd8387a
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:10:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-envoy-upstream-service-time
3
vary
Origin,Accept-Encoding, User-Agent
x-xss-protection
1; mode=block
pragma
no-cache
server
istio-envoy
x-frame-options
DENY
strict-transport-security
max-age=31536000
content-type
application/json;charset=utf-8
access-control-allow-origin
https://216.244.165.236
access-control-expose-headers
x-cv-sid
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
0
bcpr42sh.js
unruffled-shannon-1a7413.netlify.app/
Redirect Chain
  • https://unruffled-shannon-1a7413.netlify.com/bcpr42sh.js
  • https://unruffled-shannon-1a7413.netlify.app/bcpr42sh.js
8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unruffled-shannon-1a7413.netlify.app/bcpr42sh.js
Requested by
Host: 216.244.165.236
URL: https://216.244.165.236/
Protocol
H2
Server
2a03:b0c0:3:d0::d25:d001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
5d327f3ed655cb1afb3e5563110bedb6ec5fee248c393df1595e9447bb096a8c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://216.244.165.236/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nf-request-id
01FRN5SBJFP7MY05EH6VWHVWAV
date
Mon, 03 Jan 2022 18:16:48 GMT
content-encoding
gzip
server
Netlify
age
154416
etag
"85fc5e722b8c043d463edde5b4da797a-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0, must-revalidate
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
2163

Redirect headers

location
https://unruffled-shannon-1a7413.netlify.app/bcpr42sh.js
x-nf-request-id
01FRN5SB8E1R0KXN218RCJAK43
date
Wed, 05 Jan 2022 13:10:23 GMT
server
Netlify
logo_blanco.svg
stbcpzonasegura.viabcp.com/assets/img/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stbcpzonasegura.viabcp.com/assets/img/logo_blanco.svg
Requested by
Host: stbcpzonasegura.viabcp.com
URL: https://stbcpzonasegura.viabcp.com/vendor.65fea5d74d826b4924b6.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:1700:1b8::2e48 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
99066f683e36549f1e747a7cfab97606573a4367fe35a4e82dda5c3b03a43287
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://216.244.165.236/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:10:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
server-timing
dtRpid;desc="1837547802"
accept-ranges
bytes
vary
Accept-Encoding
content-length
2490
x-xss-protection
1; mode=block
expires
Wed, 05 Jan 2022 13:10:24 GMT
HBK-login-fondo.jpg
stbcpzonasegura.viabcp.com/assets/img/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stbcpzonasegura.viabcp.com/assets/img/HBK-login-fondo.jpg
Requested by
Host: 216.244.165.236
URL: https://216.244.165.236/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:1700:1b8::2e48 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
08241458d3ce1af786b576e47b3b5941f3e32bfd8b2bc953f66960720bee0831
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://216.244.165.236/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:10:24 GMT
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=0
server-timing
dtRpid;desc="-1692215900"
accept-ranges
bytes
content-length
44153
x-xss-protection
1; mode=block
expires
Wed, 05 Jan 2022 13:10:24 GMT
242863_E_0.31e6d7cf733065d39be1.woff
stbcpzonasegura.viabcp.com/ 		67 KB
67 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://stbcpzonasegura.viabcp.com/242863_E_0.31e6d7cf733065d39be1.woff
Requested by
Host: stbcpzonasegura.viabcp.com
URL: https://stbcpzonasegura.viabcp.com/styles.73891af9c5f119165612.bundle.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:1700:1b8::2e48 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
fd9bd5004ae517527e784b3f1b136542697f344c195cedc28a6b89066e163e9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://stbcpzonasegura.viabcp.com/styles.73891af9c5f119165612.bundle.css
Origin
https://216.244.165.236
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:10:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-type
application/font-woff
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
server-timing
dtRpid;desc="952251444"
accept-ranges
bytes
timing-allow-origin
*
vary
Accept-Encoding
content-length
68449
x-xss-protection
1; mode=block
expires
Wed, 05 Jan 2022 13:10:24 GMT
icons.a1179978b826d3cbfd6b.woff
stbcpzonasegura.viabcp.com/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://stbcpzonasegura.viabcp.com/icons.a1179978b826d3cbfd6b.woff
Requested by
Host: stbcpzonasegura.viabcp.com
URL: https://stbcpzonasegura.viabcp.com/styles.73891af9c5f119165612.bundle.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:1700:1b8::2e48 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
9d91ae324c350a6540627193e4fb0fba0b150279fa9c197537d2ecc84f8ad5c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://stbcpzonasegura.viabcp.com/styles.73891af9c5f119165612.bundle.css
Origin
https://216.244.165.236
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:10:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-type
application/font-woff
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
server-timing
dtRpid;desc="-2054716059"
accept-ranges
bytes
timing-allow-origin
*
vary
Accept-Encoding
content-length
24117
x-xss-protection
1; mode=block
expires
Wed, 05 Jan 2022 13:10:24 GMT
242863_A_0.3cc8ee720716e80449de.woff
stbcpzonasegura.viabcp.com/ 		76 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://stbcpzonasegura.viabcp.com/242863_A_0.3cc8ee720716e80449de.woff
Requested by
Host: stbcpzonasegura.viabcp.com
URL: https://stbcpzonasegura.viabcp.com/styles.73891af9c5f119165612.bundle.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:1700:1b8::2e48 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4fad053182cecbfcf0c3458299a394c428799c09caabf73c357ce35affcfcfd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://stbcpzonasegura.viabcp.com/styles.73891af9c5f119165612.bundle.css
Origin
https://216.244.165.236
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:10:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-type
application/font-woff
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
server-timing
dtRpid;desc="171196315"
accept-ranges
bytes
timing-allow-origin
*
vary
Accept-Encoding
content-length
77468
x-xss-protection
1; mode=block
expires
Wed, 05 Jan 2022 13:10:24 GMT
card
bcpzonasegurabeta.viabcp.com/bcp-hbk-web1/app/login/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://bcpzonasegurabeta.viabcp.com/bcp-hbk-web1/app/login/card
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
200.4.200.190 Huancayo, Peru, ASN6147 (Telefonica del Peru S.A.A., PE),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN deny SAMEORIGIN, DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,cug5b5,device-print,device-token,device-token-cookie,device-token-fso,deviceid,dom-elements,forms-data,geo-altitude,geo-altitudeaccuracy,geo-heading,geo-horizontalaccuracy,geo-latitude,geo-longitude,geo-speed,geo-status,geo-timestamp,ipaddress,js-events,page-id
Origin
https://216.244.165.236
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Date
Wed, 05 Jan 2022 13:10:26 GMT
X-Frame-Options
SAMEORIGIN deny SAMEORIGIN, DENY
Content-Length
20
Strict-Transport-Security
max-age=31536000; includeSubDomains max-age=31536000
Cache-Control
no-cache, no-store, must-revalidate, private, max-age=0
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Timing-Allow-Origin
*
Server-Timing
dtRpid;desc="-1984832006"
X-OneAgent-JS-Injection
true
Access-Control-Allow-Origin
https://bcpzonasegurabeta.viabcp.com
Access-Control-Allow-Methods
POST, GET
Access-Control-Allow-Headers
x-requested-with, DR2LP1, session-UID, Content-Type, CUG5B5, DEVICE-PRINT, deviceid, DEVICE-TOKEN-FSO, X-TOKEN-KEYBOARD-ENCRIPTED, X-CAPTCHA-TOKEN, RSA-TRANSACTION-ID, RSA-ACTION-CODE, PAGE-ID, FORMS-DATA, DOM-ELEMENTS, JS-EVENTS, GEO-LONGITUDE, GEO-LATITUDE, GEO-HORIZONTALACCURACY, GEO-ALTITUDE, GEO-ALTITUDEACCURACY, GEO-HEADING, GEO-SPEED, GEO-TIMESTAMP , GEO-STATUS, ipaddress, X-DATA-PRODUCT-TOKEN, X-CURRENCY-EXCHANGE-TOKEN, X-CRC-FLAG-REGISTER-TOKEN, X-OPERATION-COD-TOKEN, X-OPERATION-TRANSFER-TOKEN, X-OPERATION-SERVICE-PAYMENT-TOKEN, X-TCCD, X-TNNC, X-TOPC, X-CREDIT-QUOTA-TOKEN, X-OPERATION-CREDIT-PAYMENT-TOKEN, X-OPERATION-PAYMENT-CREDITCARD-DEFERRED-TOKEN, X-TILE-COMMISSION-TOKEN, X-OPERATION-CREDIT-SALARY-TOKEN, X-PAYMENT-DOCUMENT-TOKEN, X-CONSULT-LETTER-TOKEN, X-OPERATION-LETTER-PAYMENT-TOKEN, X-TIEL-COMMISSION-TOKEN, X-Transaction, DEVICE-TOKEN-COOKIE, DEVICE-TOKEN
Access-Control-Expose-Headers
x-requested-with, DR2LP1, session-UID, CUG5B5, X-TOKEN-KEYBOARD-ENCRIPTED, X-CAPTCHA-TOKEN, RSA-TRANSACTION-ID, RSA-ACTION-CODE, X-DATA-PRODUCT-TOKEN, X-CURRENCY-EXCHANGE-TOKEN, X-CRC-FLAG-REGISTER-TOKEN, X-OPERATION-COD-TOKEN, X-OPERATION-TRANSFER-TOKEN, X-OPERATION-SERVICE-PAYMENT-TOKEN, X-TCCD, X-TNNC, X-TOPC, X-CREDIT-QUOTA-TOKEN, X-OPERATION-CREDIT-PAYMENT-TOKEN, X-OPERATION-PAYMENT-CREDITCARD-DEFERRED-TOKEN, X-TILE-COMMISSION-TOKEN, X-OPERATION-CREDIT-SALARY-TOKEN, X-PAYMENT-DOCUMENT-TOKEN, X-CONSULT-LETTER-TOKEN, X-OPERATION-LETTER-PAYMENT-TOKEN, X-TIEL-COMMISSION-TOKEN, X-Transaction, Authorization, DEVICE-TOKEN-COOKIE, DEVICE-TOKEN
Access-Control-Allow-Credentials
true
Access-Control-Max-Age
3600
Content-Encoding
gzip
Expires
0
Vary
User-Agent
Pragma
no-cache
Keep-Alive
timeout=10, max=100
Connection
Keep-Alive
card
bcpzonasegurabeta.viabcp.com/bcp-hbk-web1/app/login/ 		0
0
collect
www.google-analytics.com/ 		35 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j66&aip=1&a=320839575&t=pageview&_s=2&dl=https%3A%2F%2F216.244.165.236%2F&dp=%2Finiciar-sesion&ul=en-us&de=UTF-8&dt=Banco%20de%20Cr%C3%A9dito%20%3E%3EBCP%3E%3E&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABE~&jid=&gjid=&cid=1990589599.1641388224&tid=UA-79497878-7&_gid=772721051.1641388224&z=1478249734
Requested by
Host: 216.244.165.236
URL: https://216.244.165.236/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://216.244.165.236/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 21:02:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
58072
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
logo.svg
stbcpzonasegura.viabcp.com/assets/img/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stbcpzonasegura.viabcp.com/assets/img/logo.svg
Requested by
Host: 216.244.165.236
URL: https://216.244.165.236/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:1700:1b8::2e48 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c4bfe03d7dcfff129cf26b11a8757532e5a45322af45ac30f1583542c1e7d3f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://216.244.165.236/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:10:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
server-timing
dtRpid;desc="-1808643646"
accept-ranges
bytes
vary
Accept-Encoding
content-length
1134
x-xss-protection
1; mode=block
expires
Wed, 05 Jan 2022 13:10:24 GMT
logo-blue.svg
stbcpzonasegura.viabcp.com/assets/img/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stbcpzonasegura.viabcp.com/assets/img/logo-blue.svg
Requested by
Host: 216.244.165.236
URL: https://216.244.165.236/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:1700:1b8::2e48 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f92813a83c5c7d37a06fd98e8029668508f34b07cd0eec0423ebafdf2558148d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://216.244.165.236/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:10:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
server-timing
dtRpid;desc="1274981377"
accept-ranges
bytes
vary
Accept-Encoding
content-length
1131
x-xss-protection
1; mode=block
expires
Wed, 05 Jan 2022 13:10:24 GMT
chronometer-o-w.svg
stbcpzonasegura.viabcp.com/assets/img/ 		713 B
660 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stbcpzonasegura.viabcp.com/assets/img/chronometer-o-w.svg
Requested by
Host: 216.244.165.236
URL: https://216.244.165.236/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:1700:1b8::2e48 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b5eed63ded97cecd99982dbe8e8dac723292fc4fbb449605bb2a2fc6b7172d89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://216.244.165.236/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:10:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
server-timing
dtRpid;desc="-437550260"
accept-ranges
bytes
vary
Accept-Encoding
content-length
375
x-xss-protection
1; mode=block
expires
Wed, 05 Jan 2022 13:10:24 GMT
chronometer-o.svg
stbcpzonasegura.viabcp.com/assets/img/ 		722 B
660 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stbcpzonasegura.viabcp.com/assets/img/chronometer-o.svg
Requested by
Host: 216.244.165.236
URL: https://216.244.165.236/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:1700:1b8::2e48 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
a426aa56c6f262ec969052b7fe8668067dbbfa0bfbd964fdb854bd4f64811f64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://216.244.165.236/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:10:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
server-timing
dtRpid;desc="396116303"
accept-ranges
bytes
vary
Accept-Encoding
content-length
376
x-xss-protection
1; mode=block
expires
Wed, 05 Jan 2022 13:10:24 GMT
logo_blanco.svg
stbcpzonasegura.viabcp.com/assets/img/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stbcpzonasegura.viabcp.com/assets/img/logo_blanco.svg
Requested by
Host: stbcpzonasegura.viabcp.com
URL: https://stbcpzonasegura.viabcp.com/vendor.65fea5d74d826b4924b6.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:1700:1b8::2e48 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
99066f683e36549f1e747a7cfab97606573a4367fe35a4e82dda5c3b03a43287
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://216.244.165.236/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:10:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
server-timing
dtRpid;desc="1837547802"
accept-ranges
bytes
vary
Accept-Encoding
content-length
2490
x-xss-protection
1; mode=block
expires
Wed, 05 Jan 2022 13:10:24 GMT
/
bcpr42sh.staticmon.com/tun/bcpr42sh/input/ 		16 B
510 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcpr42sh.staticmon.com/tun/bcpr42sh/input/
Requested by
Host: stbcpzonasegura.viabcp.com
URL: https://stbcpzonasegura.viabcp.com/polyfills.c979baad0a3186ef4457.bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
52.212.247.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-247-225.eu-west-1.compute.amazonaws.com
Software
nginx/1.19.1 /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
Strict-Transport-Security max-age=60; includeSubDomains; preload
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://216.244.165.236/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type
text/plain

Response headers

Date
Wed, 05 Jan 2022 13:10:24 GMT
Allow
POST, OPTIONS
Server
nginx/1.19.1
Access-Control-Allow-Headers
Authorization, Origin, X-Requested-With, Content-Type, Accept
X-Frame-Options
DENY
Strict-Transport-Security
max-age=60; includeSubDomains; preload
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Content-Type
application/json
Access-Control-Allow-Origin
*
Connection
keep-alive
Vary
Cookie
Content-Length
16
X-XSS-Protection
1; mode=block
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T8LG6J5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://216.244.165.236/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
558
date
Wed, 05 Jan 2022 13:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 05 Jan 2022 15:01:06 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j66&aip=1&a=320839575&t=event&ni=1&_s=1&dl=https%3A%2F%2F216.244.165.236%2F&dp=%2Finiciar-sesion&ul=en-us&de=UTF-8&dt=Banco%20de%20Cr%C3%A9dito%20%...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-79497878-5&cid=1990589599.1641388224&jid=470973252&_gid=772721051.1641388224&gjid=1820148944&_v=j66&z=292969855
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-79497878-5&cid=1990589599.1641388224&jid=470973252&_v=j66&z=292969855
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-79497878-5&cid=1990589599.1641388224&jid=470973252&_v=j66&z=292969855&slf_rd=1&random=3256605142
42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-79497878-5&cid=1990589599.1641388224&jid=470973252&_v=j66&z=292969855&slf_rd=1&random=3256605142
Protocol
H2
Server
2a00:1450:400e:810::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://216.244.165.236/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:10:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:10:24 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-79497878-5&cid=1990589599.1641388224&jid=470973252&_v=j66&z=292969855&slf_rd=1&random=3256605142
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
captcha
bcpzonasegurabeta.viabcp.com/bcp-hbk-web1/app/login/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://bcpzonasegurabeta.viabcp.com/bcp-hbk-web1/app/login/captcha
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
200.4.200.190 Huancayo, Peru, ASN6147 (Telefonica del Peru S.A.A., PE),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN deny SAMEORIGIN, DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
cug5b5,device-print,device-token,device-token-cookie,device-token-fso,deviceid,dom-elements,forms-data,geo-altitude,geo-altitudeaccuracy,geo-heading,geo-horizontalaccuracy,geo-latitude,geo-longitude,geo-speed,geo-status,geo-timestamp,ipaddress,js-events,page-id
Origin
https://216.244.165.236
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Date
Wed, 05 Jan 2022 13:10:27 GMT
X-Frame-Options
SAMEORIGIN deny SAMEORIGIN, DENY
Content-Length
20
Strict-Transport-Security
max-age=31536000; includeSubDomains max-age=31536000
Cache-Control
no-cache, no-store, must-revalidate, private, max-age=0
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Access-Control-Allow-Origin
https://bcpzonasegurabeta.viabcp.com
Access-Control-Allow-Methods
POST, GET
Access-Control-Allow-Headers
x-requested-with, DR2LP1, session-UID, Content-Type, CUG5B5, DEVICE-PRINT, deviceid, DEVICE-TOKEN-FSO, X-TOKEN-KEYBOARD-ENCRIPTED, X-CAPTCHA-TOKEN, RSA-TRANSACTION-ID, RSA-ACTION-CODE, PAGE-ID, FORMS-DATA, DOM-ELEMENTS, JS-EVENTS, GEO-LONGITUDE, GEO-LATITUDE, GEO-HORIZONTALACCURACY, GEO-ALTITUDE, GEO-ALTITUDEACCURACY, GEO-HEADING, GEO-SPEED, GEO-TIMESTAMP , GEO-STATUS, ipaddress, X-DATA-PRODUCT-TOKEN, X-CURRENCY-EXCHANGE-TOKEN, X-CRC-FLAG-REGISTER-TOKEN, X-OPERATION-COD-TOKEN, X-OPERATION-TRANSFER-TOKEN, X-OPERATION-SERVICE-PAYMENT-TOKEN, X-TCCD, X-TNNC, X-TOPC, X-CREDIT-QUOTA-TOKEN, X-OPERATION-CREDIT-PAYMENT-TOKEN, X-OPERATION-PAYMENT-CREDITCARD-DEFERRED-TOKEN, X-TILE-COMMISSION-TOKEN, X-OPERATION-CREDIT-SALARY-TOKEN, X-PAYMENT-DOCUMENT-TOKEN, X-CONSULT-LETTER-TOKEN, X-OPERATION-LETTER-PAYMENT-TOKEN, X-TIEL-COMMISSION-TOKEN, X-Transaction, DEVICE-TOKEN-COOKIE, DEVICE-TOKEN
Access-Control-Expose-Headers
x-requested-with, DR2LP1, session-UID, CUG5B5, X-TOKEN-KEYBOARD-ENCRIPTED, X-CAPTCHA-TOKEN, RSA-TRANSACTION-ID, RSA-ACTION-CODE, X-DATA-PRODUCT-TOKEN, X-CURRENCY-EXCHANGE-TOKEN, X-CRC-FLAG-REGISTER-TOKEN, X-OPERATION-COD-TOKEN, X-OPERATION-TRANSFER-TOKEN, X-OPERATION-SERVICE-PAYMENT-TOKEN, X-TCCD, X-TNNC, X-TOPC, X-CREDIT-QUOTA-TOKEN, X-OPERATION-CREDIT-PAYMENT-TOKEN, X-OPERATION-PAYMENT-CREDITCARD-DEFERRED-TOKEN, X-TILE-COMMISSION-TOKEN, X-OPERATION-CREDIT-SALARY-TOKEN, X-PAYMENT-DOCUMENT-TOKEN, X-CONSULT-LETTER-TOKEN, X-OPERATION-LETTER-PAYMENT-TOKEN, X-TIEL-COMMISSION-TOKEN, X-Transaction, Authorization, DEVICE-TOKEN-COOKIE, DEVICE-TOKEN
Access-Control-Allow-Credentials
true
Access-Control-Max-Age
3600
Content-Encoding
gzip
Expires
0
Vary
User-Agent
Pragma
no-cache
Keep-Alive
timeout=10, max=99
Connection
Keep-Alive
captcha
bcpzonasegurabeta.viabcp.com/bcp-hbk-web1/app/login/ 		0
0
turn-o.svg
stbcpzonasegura.viabcp.com/assets/img/ 		712 B
662 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stbcpzonasegura.viabcp.com/assets/img/turn-o.svg
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:1700:1b8::2e48 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
3ca034dc1c551304cb7550c6293ca145f4326857fe913838b9bdc7b4085250bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://216.244.165.236/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:10:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
server-timing
dtRpid;desc="-2024720134"
accept-ranges
bytes
vary
Accept-Encoding
content-length
377
x-xss-protection
1; mode=block
expires
Wed, 05 Jan 2022 13:10:27 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j66&aip=1&a=320839575&t=pageview&_s=3&dl=https%3A%2F%2F216.244.165.236%2F&dp=%2Ferror&ul=en-us&de=UTF-8&dt=Banco%20de%20Cr%C3%A9dito%20%3E%3EBCP%3E%3E&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABE~&jid=&gjid=&cid=1990589599.1641388224&tid=UA-79497878-7&_gid=772721051.1641388224&z=1491858976
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://216.244.165.236/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 12:17:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
3170
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
robot-bcp-small.svg
stbcpzonasegura.viabcp.com/assets/img/ 		0
0
robot-bcp.svg
stbcpzonasegura.viabcp.com/assets/img/ 		0
0
logo-bcp.svg
stbcpzonasegura.viabcp.com/assets/img/ 		0
0
242863_C_0.81cffe01c2873bbb9b81.woff
stbcpzonasegura.viabcp.com/ 		64 KB
64 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://stbcpzonasegura.viabcp.com/242863_C_0.81cffe01c2873bbb9b81.woff
Requested by
Host: stbcpzonasegura.viabcp.com
URL: https://stbcpzonasegura.viabcp.com/styles.73891af9c5f119165612.bundle.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:1700:1b8::2e48 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e222510c8703ed2ca7944a4978dca92140325a96ca6826d7b78f775082b0a418
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://stbcpzonasegura.viabcp.com/styles.73891af9c5f119165612.bundle.css
Origin
https://216.244.165.236
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:10:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-type
application/font-woff
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
server-timing
dtRpid;desc="775750717"
accept-ranges
bytes
timing-allow-origin
*
vary
Accept-Encoding
content-length
65319
x-xss-protection
1; mode=block
expires
Wed, 05 Jan 2022 13:10:27 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
bcpzonasegurabeta.viabcp.com
URL
https://bcpzonasegurabeta.viabcp.com/bcp-hbk-web1/app/login/card
Domain
bcpzonasegurabeta.viabcp.com
URL
https://bcpzonasegurabeta.viabcp.com/bcp-hbk-web1/app/login/captcha
Domain
stbcpzonasegura.viabcp.com
URL
https://stbcpzonasegura.viabcp.com/assets/img/robot-bcp-small.svg
Domain
stbcpzonasegura.viabcp.com
URL
https://stbcpzonasegura.viabcp.com/assets/img/robot-bcp.svg
Domain
stbcpzonasegura.viabcp.com
URL
https://stbcpzonasegura.viabcp.com/assets/img/logo-bcp.svg

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banco de Crédito del Perú (Banking)

246 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| CVUtils object| _CV_ object| CV function| webpackJsonp object| __core-js_shared__ object| core function| Zone function| __zone_symbol__Promise function| __zone_symbol__ZoneAwarePromise function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader boolean| __zone_symbol__ononabortpatched boolean| __zone_symbol__ononanimationendpatched boolean| __zone_symbol__ononanimationiterationpatched boolean| __zone_symbol__ononauxclickpatched boolean| __zone_symbol__ononblurpatched boolean| __zone_symbol__ononcancelpatched boolean| __zone_symbol__ononcanplaypatched boolean| __zone_symbol__ononcanplaythroughpatched boolean| __zone_symbol__ononchangepatched boolean| __zone_symbol__ononcuechangepatched boolean| __zone_symbol__ononclickpatched boolean| __zone_symbol__ononclosepatched boolean| __zone_symbol__ononcontextmenupatched boolean| __zone_symbol__onondblclickpatched boolean| __zone_symbol__onondragpatched boolean| __zone_symbol__onondragendpatched boolean| __zone_symbol__onondragenterpatched boolean| __zone_symbol__onondragleavepatched boolean| __zone_symbol__onondragoverpatched boolean| __zone_symbol__onondroppatched boolean| __zone_symbol__onondurationchangepatched boolean| __zone_symbol__ononemptiedpatched boolean| __zone_symbol__ononendedpatched boolean| __zone_symbol__ononerrorpatched boolean| __zone_symbol__ononfocuspatched boolean| __zone_symbol__onongotpointercapturepatched boolean| __zone_symbol__ononinputpatched boolean| __zone_symbol__ononinvalidpatched boolean| __zone_symbol__ononkeydownpatched boolean| __zone_symbol__ononkeypresspatched boolean| __zone_symbol__ononkeyuppatched boolean| __zone_symbol__ononloadpatched boolean| __zone_symbol__ononloadstartpatched boolean| __zone_symbol__ononloadeddatapatched boolean| __zone_symbol__ononloadedmetadatapatched boolean| __zone_symbol__ononlostpointercapturepatched boolean| __zone_symbol__ononmousedownpatched boolean| __zone_symbol__ononmouseenterpatched boolean| __zone_symbol__ononmouseleavepatched boolean| __zone_symbol__ononmousemovepatched boolean| __zone_symbol__ononmouseoutpatched boolean| __zone_symbol__ononmouseoverpatched boolean| __zone_symbol__ononmouseuppatched boolean| __zone_symbol__ononmousewheelpatched boolean| __zone_symbol__ononpausepatched boolean| __zone_symbol__ononplaypatched boolean| __zone_symbol__ononplayingpatched boolean| __zone_symbol__ononpointercancelpatched boolean| __zone_symbol__ononpointerdownpatched boolean| __zone_symbol__ononpointerenterpatched boolean| __zone_symbol__ononpointerleavepatched boolean| __zone_symbol__ononpointermovepatched boolean| __zone_symbol__ononpointeroverpatched boolean| __zone_symbol__ononpointeruppatched boolean| __zone_symbol__ononprogresspatched boolean| __zone_symbol__ononratechangepatched boolean| __zone_symbol__ononresetpatched boolean| __zone_symbol__ononresizepatched boolean| __zone_symbol__ononscrollpatched boolean| __zone_symbol__ononseekedpatched boolean| __zone_symbol__ononseekingpatched boolean| __zone_symbol__ononselectpatched boolean| __zone_symbol__ononselectionchangepatched boolean| __zone_symbol__ononselectstartpatched boolean| __zone_symbol__ononstalledpatched boolean| __zone_symbol__ononsubmitpatched boolean| __zone_symbol__ononsuspendpatched boolean| __zone_symbol__onontimeupdatepatched boolean| __zone_symbol__ononvolumechangepatched boolean| __zone_symbol__onontransitioncancelpatched boolean| __zone_symbol__onontransitionendpatched boolean| __zone_symbol__ononwaitingpatched boolean| __zone_symbol__ononwheelpatched boolean| __zone_symbol__onontogglepatched boolean| __zone_symbol__ononafterprintpatched boolean| __zone_symbol__ononappinstalledpatched boolean| __zone_symbol__ononbeforeinstallpromptpatched boolean| __zone_symbol__ononbeforeprintpatched boolean| __zone_symbol__ononbeforeunloadpatched boolean| __zone_symbol__onondevicemotionpatched boolean| __zone_symbol__onondeviceorientationpatched boolean| __zone_symbol__onondeviceorientationabsolutepatched boolean| __zone_symbol__ononhashchangepatched boolean| __zone_symbol__ononlanguagechangepatched boolean| __zone_symbol__ononmessagepatched boolean| __zone_symbol__ononofflinepatched boolean| __zone_symbol__onononlinepatched boolean| __zone_symbol__ononpageshowpatched boolean| __zone_symbol__ononpagehidepatched boolean| __zone_symbol__ononpopstatepatched boolean| __zone_symbol__ononrejectionhandledpatched boolean| __zone_symbol__ononstoragepatched boolean| __zone_symbol__ononunhandledrejectionpatched boolean| __zone_symbol__ononunloadpatched boolean| __zone_symbol__onondragstartpatched boolean| __zone_symbol__ononanimationstartpatched boolean| __zone_symbol__ononsearchpatched boolean| __zone_symbol__onontransitionrunpatched boolean| __zone_symbol__onontransitionstartpatched boolean| __zone_symbol__ononwebkitanimationendpatched boolean| __zone_symbol__ononwebkitanimationiterationpatched boolean| __zone_symbol__ononwebkitanimationstartpatched boolean| __zone_symbol__ononwebkittransitionendpatched boolean| __zone_symbol__ononpointeroutpatched boolean| __zone_symbol__ononmessageerrorpatched function| Hashtable function| startsWith function| DomDataCollection function| IE_FingerPrint function| Mozilla_FingerPrint function| Opera_FingerPrint function| Timer function| randrange function| detectIE function| genRandomNumber function| getRandomPort object| ProxyCollector function| BlackberryLocationCollector function| detectFields string| SEP string| PAIR string| DEV function| FingerPrint function| urlEncode function| encode_deviceprint function| decode_deviceprint function| post_deviceprint function| post_fingerprints function| add_deviceprint function| form_add_data function| form_add_deviceprint string| HTML5 string| BLACKBERRY string| UNDEFINED string| GEO_LOCATION_DEFAULT_STRUCT object| geoLocator boolean| geoLocatorStatus function| detectDeviceCollectionAPIMode function| init function| startCollection function| stopCollection function| getGeolocationStruct function| HTML5LocationCollector object| TimestampCollector object| UIEventCollector function| RSAUIEvent function| InteractionElement function| UIElementList function| activeXDetect function| stripIllegalChars function| stripFullPath object| BrowserDetect function| convertTimestampToGMT function| getTimestampInMillis function| debug function| DomDataCollectionExtend boolean| isIE boolean| isWin boolean| isOpera function| ControlVersion function| GetSwfVer function| DetectFlashVer function| AC_AddExtension function| AC_Generateobj function| AC_FL_RunContent function| AC_GetArgs boolean| callCobrowse function| showStopModal function| loadModalInformation function| initChatvisor function| checkSessionLiveView function| OptimizeSession function| checkI18n function| checkLoadedChatvisor function| initCobrowse function| stopCobrowse function| forceIE89Synchronicity function| __zone_symbol__ON_PROPERTYfocus object| __zone_symbol__focusfalse function| __zone_symbol__ON_PROPERTYblur object| __zone_symbol__blurfalse function| ga object| gaplugins boolean| CV_INITIALIZED object| __zone_symbol__messagefalse function| cvAsyncInit boolean| ngDevMode object| __zone_symbol__ON_PROPERTYmessage object| ng object| __zone_symbol__popstatefalse object| __zone_symbol__hashchangefalse object| gaGlobal function| getAngularTestability function| getAllAngularTestabilities function| getAllAngularRootElements object| frameworkStabilizers object| gaData object| dataLayer function| gtag function| CVLoaded object| _0x2209 function| _0xc39a function| loadJSON string| prefix string| element_name number| lastComma number| quotation_marks string| t object| plugin object| google_tag_manager object| __zone_symbol__loadfalse object| menuPasos object| _0x1d09 function| _0x494c object| google_tag_data string| GoogleAnalyticsObject function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener undefined| __zone_symbol__eventListeners undefined| __zone_symbol__removeAllListeners function| eventListeners function| removeAllListeners

4 Cookies

Domain/Path Name / Value
216.244.165.236/ Name: _ga
Value: GA1.1.1990589599.1641388224
216.244.165.236/ Name: _gid
Value: GA1.1.772721051.1641388224
216.244.165.236/ Name: _gat
Value: 1
216.244.165.236/ Name: _gat_UA-79497878-5
Value: 1

5 Console Messages

Source Level URL
Text
deprecation warning URL: https://stbcpzonasegura.viabcp.com/scripts.09fad8d55f4ac8b7b76d.bundle.js
Message:
'window.webkitStorageInfo' is deprecated. Please use 'navigator.webkitTemporaryStorage' or 'navigator.webkitPersistentStorage' instead.
javascript error URL: https://216.244.165.236/#/iniciar-sesion
Message:
Access to XMLHttpRequest at 'https://bcpzonasegurabeta.viabcp.com/bcp-hbk-web1/app/login/card' from origin 'https://216.244.165.236' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The 'Access-Control-Allow-Origin' header has a value 'https://bcpzonasegurabeta.viabcp.com' that is not equal to the supplied origin.
network error URL: https://bcpzonasegurabeta.viabcp.com/bcp-hbk-web1/app/login/card
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://216.244.165.236/#/iniciar-sesion
Message:
Access to XMLHttpRequest at 'https://bcpzonasegurabeta.viabcp.com/bcp-hbk-web1/app/login/captcha' from origin 'https://216.244.165.236' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The 'Access-Control-Allow-Origin' header has a value 'https://bcpzonasegurabeta.viabcp.com' that is not equal to the supplied origin.
network error URL: https://bcpzonasegurabeta.viabcp.com/bcp-hbk-web1/app/login/captcha
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.chatvisor.com
bcpr42sh.staticmon.com
bcpzonasegurabeta.viabcp.com
cdn.chatvisor.com
stats.g.doubleclick.net
stbcpzonasegura.viabcp.com
unruffled-shannon-1a7413.netlify.app
unruffled-shannon-1a7413.netlify.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.google.de
www.googletagmanager.com
bcpzonasegurabeta.viabcp.com
stbcpzonasegura.viabcp.com
136.243.36.90
200.4.200.190
216.244.165.236
2600:9000:214f:c400:1:1c51:10c0:93a1
2a00:1450:4001:80f::2008
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::200e
2a00:1450:4001:830::2003
2a00:1450:400c:c08::9b
2a00:1450:400e:810::2003
2a02:26f0:1700:1b8::2e48
2a03:b0c0:3:d0::d25:d001
2a05:d014:275:cb01:8d93:e14c:3058:b0f4
52.212.247.225
08241458d3ce1af786b576e47b3b5941f3e32bfd8b2bc953f66960720bee0831
0b866ee4f3c09b0e278b0f6fe01c1b8c79263a1ffe36ca1649d8a0a5025a5888
0f68f3068e0f0607a4dd14cac7a535cc6c0aa78eba2cbd52fadf80eab743a530
35a0ff464bb7ae3678794e852c4f4e0499d5ce16b170716c4bebb282396d408b
3ca034dc1c551304cb7550c6293ca145f4326857fe913838b9bdc7b4085250bc
4fad053182cecbfcf0c3458299a394c428799c09caabf73c357ce35affcfcfd7
576268ebbf93e3090085fd1c960591a5027a438c3c8dd727e1f46fc017322db4
5ab31b6f85c701b181dfef7620dc468aca7119a787535cfabac7dd74b68aa7a8
5d327f3ed655cb1afb3e5563110bedb6ec5fee248c393df1595e9447bb096a8c
6abe8a73b181fd1f70b3b719778a84f6ada3153f9191a490be5542484a018124
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85600b2dfd80084bc92c8edf1b8128e93eeba71b0c862143b138d43bbd3ef409
91523cfc88605436a38f9599f7f094c9ece7263ba0ac1b33b0771a4a64427db6
99066f683e36549f1e747a7cfab97606573a4367fe35a4e82dda5c3b03a43287
9c0f51d0cfd23912ad07fe1f09487c4d8cf053d1a80aba023c9660d720852d2d
9d91ae324c350a6540627193e4fb0fba0b150279fa9c197537d2ecc84f8ad5c0
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a426aa56c6f262ec969052b7fe8668067dbbfa0bfbd964fdb854bd4f64811f64
ad978d1e5727bcaf9decccd3c446c6673e188513431bd7238fe86f149b1db5b9
ae56c1c06091feacd64ca3bca4f7f8ce8c2581d4386261366bcda7b82fdd3542
afed1e7393525e9ef7171aebac6358597ee58f572b1c9db48de28eb386d4ed11
b5eed63ded97cecd99982dbe8e8dac723292fc4fbb449605bb2a2fc6b7172d89
be2babdeade4e658a948afa71f9482104925e2682d12857f4c3c63f50ed93e76
c4bfe03d7dcfff129cf26b11a8757532e5a45322af45ac30f1583542c1e7d3f6
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ceca405ca0d4e50dd7c27bacb32387d649e42d8d6acf14df08975c546774797e
d6e507e9151c1b691b6d6a2a226455ddf2eaaf03a6314d19c41d129d6215e120
e222510c8703ed2ca7944a4978dca92140325a96ca6826d7b78f775082b0a418
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef61827c8d47589470e935827e04e73c0354b4662b47fcea536a84bcd5ef9004
f92813a83c5c7d37a06fd98e8029668508f34b07cd0eec0423ebafdf2558148d
fd9bd5004ae517527e784b3f1b136542697f344c195cedc28a6b89066e163e9b