teresitaproduccionesperu.com Open in urlscan Pro
2604:6280:108::1:10bb:b87b Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://teresitaproduccionesperu.com/Iniciocod/brou/index1.html
Submission Tags: https://phish.report @phish_report Search All
Submission: On April 28 via api (April 28th 2023, 6:36:22 pm UTC) from FI — Scanned from FI

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 13 HTTP transactions. The main IP is 2604:6280:108::1:10bb:b87b, located in Phoenix, United States and belongs to IOFLOOD, US. The main domain is teresitaproduccionesperu.com.
TLS certificate: Issued by R3 on April 18th 2023. Valid for: 3 months.

This is the only time teresitaproduccionesperu.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Banco de la República Oriental del Uruguay (Banking)

Domain & IP information

	IP Address		AS Autonomous System
7 20	2604:6280:108... 2604:6280:108::1:10bb:b87b		53755 (IOFLOOD) (IOFLOOD)
13	1

20 2604:6280:108::1:10bb:b87b (Phoenix, United States) 7 redirects

ASN53755 (IOFLOOD, US)

teresitaproduccionesperu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	teresitaproduccionesperu.com 7 redirects teresitaproduccionesperu.com	340 KB
13	1

	Domain	Requested by
20	teresitaproduccionesperu.com	7 redirects teresitaproduccionesperu.com
13	1

This site contains no links.

Subject Issuer	Validity	Valid
teresitaproduccionesperu.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://teresitaproduccionesperu.com/Iniciocod/brou/index1.html
Frame ID: A50CCCF90D873C878C42B3E9CF8DE1EA
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Inicio

Detected technologies

Ionicons (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+ionicons(?:\.min)?\.css

Page Statistics

13
Requests

46 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

340 kB
Transfer

1466 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://teresitaproduccionesperu.com/frontend/static/media/selectArrowDown.b3a49a7d.svg HTTP 301
https://teresitaproduccionesperu.com/frontend/static/media/selectArrowDown.b3a49a7d.svg/

Request Chain 6

https://teresitaproduccionesperu.com/Iniciocod/brou/flfs/gotham/GothamBook.woff2 HTTP 301
https://teresitaproduccionesperu.com/Iniciocod/brou/flfs/gotham/GothamBook.woff2/

Request Chain 7

https://teresitaproduccionesperu.com/Iniciocod/brou/flfs/gotham/Gotham-Medium.woff2 HTTP 301
https://teresitaproduccionesperu.com/Iniciocod/brou/flfs/gotham/Gotham-Medium.woff2/

Request Chain 8

https://teresitaproduccionesperu.com/Iniciocod/brou/flfs/gotham/GothamBook.woff HTTP 301
https://teresitaproduccionesperu.com/Iniciocod/brou/flfs/gotham/GothamBook.woff/

Request Chain 9

https://teresitaproduccionesperu.com/Iniciocod/brou/flfs/gotham/Gotham-Medium.woff HTTP 301
https://teresitaproduccionesperu.com/Iniciocod/brou/flfs/gotham/Gotham-Medium.woff/

Request Chain 10

https://teresitaproduccionesperu.com/Iniciocod/brou/flfs/gotham/GothamBook.ttf HTTP 301
https://teresitaproduccionesperu.com/Iniciocod/brou/flfs/gotham/GothamBook.ttf/

Request Chain 11

https://teresitaproduccionesperu.com/Iniciocod/brou/flfs/gotham/Gotham-Medium.ttf HTTP 301
https://teresitaproduccionesperu.com/Iniciocod/brou/flfs/gotham/Gotham-Medium.ttf/

13 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request index1.html Show response teresitaproduccionesperu.com/Iniciocod/brou/	25 KB 8 KB	711ms 201ms	Document text/html	2604:6280:108::1:10bb:b87b IOFLOOD
General Check archive.org Show headers Download Go to Full URL https://teresitaproduccionesperu.com/Iniciocod/brou/index1.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2604:6280:108::1:10bb:b87b Phoenix, United States, ASN53755 (IOFLOOD, US), Reverse DNS Software / Resource Hash `9afde12f75dafba0637d0c7894c3d2426c102ab9f4fd8f330f076c4326a1b0a5` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language fi-FI,fi;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-encoding br content-length 7994 content-type text/html date Fri, 28 Apr 2023 18:36:14 GMT last-modified Wed, 19 Apr 2023 09:11:30 GMT vary Accept-Encoding
GET H2	200	fonts.css teresitaproduccionesperu.com/Iniciocod/brou/flfs/	2 KB 288 B	402ms 398ms	Stylesheet text/css	2604:6280:108::1:10bb:b87b IOFLOOD
General Check archive.org Show headers Download Go to Full URL https://teresitaproduccionesperu.com/Iniciocod/brou/flfs/fonts.css Requested by Host: teresitaproduccionesperu.com URL: https://teresitaproduccionesperu.com/Iniciocod/brou/index1.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2604:6280:108::1:10bb:b87b Phoenix, United States, ASN53755 (IOFLOOD, US), Reverse DNS Software / Resource Hash `367cba5c66dcb77e9efdefae321a5fa51b4ed0773b15ebbd7a8ee35b913e75fe` Request headers accept-language fi-FI,fi;q=0.9 Referer https://teresitaproduccionesperu.com/Iniciocod/brou/index1.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 28 Apr 2023 18:36:14 GMT content-encoding br last-modified Wed, 19 Apr 2023 09:11:36 GMT vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes content-length 256 expires Fri, 05 May 2023 18:36:14 GMT
GET H2	200	ionicons.css teresitaproduccionesperu.com/Iniciocod/brou/flfs/	59 KB 8 KB	205ms 202ms	Stylesheet text/css	2604:6280:108::1:10bb:b87b IOFLOOD
General Check archive.org Show headers Download Go to Full URL https://teresitaproduccionesperu.com/Iniciocod/brou/flfs/ionicons.css Requested by Host: teresitaproduccionesperu.com URL: https://teresitaproduccionesperu.com/Iniciocod/brou/index1.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2604:6280:108::1:10bb:b87b Phoenix, United States, ASN53755 (IOFLOOD, US), Reverse DNS Software / Resource Hash `d4d41483cf38b6182b0a495196cfc55821cfd2e3d310861f32bcd2240806f187` Request headers accept-language fi-FI,fi;q=0.9 Referer https://teresitaproduccionesperu.com/Iniciocod/brou/index1.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 28 Apr 2023 18:36:14 GMT content-encoding br last-modified Wed, 19 Apr 2023 09:11:36 GMT vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes content-length 7610 expires Fri, 05 May 2023 18:36:14 GMT
GET H2	200	2.d18bb301.chunk.css teresitaproduccionesperu.com/Iniciocod/brou/flfs/	34 KB 6 KB	402ms 399ms	Stylesheet text/css	2604:6280:108::1:10bb:b87b IOFLOOD
General Check archive.org Show headers Download Go to Full URL https://teresitaproduccionesperu.com/Iniciocod/brou/flfs/2.d18bb301.chunk.css Requested by Host: teresitaproduccionesperu.com URL: https://teresitaproduccionesperu.com/Iniciocod/brou/index1.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2604:6280:108::1:10bb:b87b Phoenix, United States, ASN53755 (IOFLOOD, US), Reverse DNS Software / Resource Hash `24a91b11b5f18ffcc8d6d6f3707bb263261de6eb7b4867cda0fdb116ced45efa` Request headers accept-language fi-FI,fi;q=0.9 Referer https://teresitaproduccionesperu.com/Iniciocod/brou/index1.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 28 Apr 2023 18:36:14 GMT content-encoding br last-modified Wed, 19 Apr 2023 09:11:34 GMT vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes content-length 5663 expires Fri, 05 May 2023 18:36:14 GMT
GET H2	200	main.8d29879f.chunk.css teresitaproduccionesperu.com/Iniciocod/brou/flfs/	528 KB 75 KB	397ms 396ms	Stylesheet text/css	2604:6280:108::1:10bb:b87b IOFLOOD
General Check archive.org Show headers Download Go to Full URL https://teresitaproduccionesperu.com/Iniciocod/brou/flfs/main.8d29879f.chunk.css Requested by Host: teresitaproduccionesperu.com URL: https://teresitaproduccionesperu.com/Iniciocod/brou/index1.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2604:6280:108::1:10bb:b87b Phoenix, United States, ASN53755 (IOFLOOD, US), Reverse DNS Software / Resource Hash `970a245e193b5fcb6fb9e0fa1ecc9a8ee55f3775aa766fcea860ea2d9af9741f` Request headers accept-language fi-FI,fi;q=0.9 Referer https://teresitaproduccionesperu.com/Iniciocod/brou/index1.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 28 Apr 2023 18:36:14 GMT content-encoding br last-modified Wed, 19 Apr 2023 09:11:36 GMT vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes content-length 76814 expires Fri, 05 May 2023 18:36:14 GMT
GET H3	200	slider-01.jpg teresitaproduccionesperu.com/Iniciocod/brou/flfs/	130 KB 130 KB	194ms 193ms	Image image/jpeg	2604:6280:108::1:10bb:b87b IOFLOOD
General Check archive.org Show headers Download Go to Show image Full URL https://teresitaproduccionesperu.com/Iniciocod/brou/flfs/slider-01.jpg Requested by Host: teresitaproduccionesperu.com URL: https://teresitaproduccionesperu.com/Iniciocod/brou/index1.html Protocol H3 Security QUIC, , AES_128_GCM Server 2604:6280:108::1:10bb:b87b Phoenix, United States, ASN53755 (IOFLOOD, US), Reverse DNS Software / Resource Hash `62ebac9119c82db12553de55773d265db5cc81db125dda0e84443a59f7f9c369` Request headers accept-language fi-FI,fi;q=0.9 Referer https://teresitaproduccionesperu.com/Iniciocod/brou/index1.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 28 Apr 2023 18:36:15 GMT last-modified Wed, 19 Apr 2023 09:11:36 GMT content-type image/jpeg cache-control public, max-age=604800 accept-ranges bytes alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 132994 expires Fri, 05 May 2023 18:36:15 GMT
GET H3	200	/ teresitaproduccionesperu.com/frontend/static/media/selectArrowDown.b3a49a7d.svg/ Redirect Chain https://teresitaproduccionesperu.com/frontend/static/media/selectArrowDown.b3a49a7d.svg https://teresitaproduccionesperu.com/frontend/static/media/selectArrowDown.b3a49a7d.svg/	890 B 890 B	247ms 246ms	Image text/html	2604:6280:108::1:10bb:b87b IOFLOOD
General Check archive.org Show headers Download Go to Show image Full URL https://teresitaproduccionesperu.com/frontend/static/media/selectArrowDown.b3a49a7d.svg/ Requested by Host: teresitaproduccionesperu.com URL: https://teresitaproduccionesperu.com/Iniciocod/brou/flfs/main.8d29879f.chunk.css Protocol H3 Server 2604:6280:108::1:10bb:b87b Phoenix, United States, ASN53755 (IOFLOOD, US), Reverse DNS Software / PHP/7.4.33 Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language fi-FI,fi;q=0.9 Referer https://teresitaproduccionesperu.com/Iniciocod/brou/flfs/main.8d29879f.chunk.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 28 Apr 2023 18:36:15 GMT content-encoding br x-powered-by PHP/7.4.33 x-litespeed-cache hit vary Accept-Encoding etag "245-1682706765;br" content-type text/html; charset=UTF-8 link <https://teresitaproduccionesperu.com/index.php?rest_route=/>; rel="https://api.w.org/", <https://teresitaproduccionesperu.com/index.php?rest_route=/wp/v2/pages/26>; rel="alternate"; type="application/json", <https://teresitaproduccionesperu.com/>; rel=shortlink content-length 19061 Redirect headers location https://teresitaproduccionesperu.com/frontend/static/media/selectArrowDown.b3a49a7d.svg/ date Fri, 28 Apr 2023 18:36:15 GMT x-powered-by PHP/7.4.33 content-length 0 x-litespeed-cache hit x-redirect-by WordPress content-type text/html; charset=UTF-8
GET H3	200	/ teresitaproduccionesperu.com/Iniciocod/brou/flfs/gotham/GothamBook.woff2/ Redirect Chain https://teresitaproduccionesperu.com/Iniciocod/brou/flfs/gotham/GothamBook.woff2 https://teresitaproduccionesperu.com/Iniciocod/brou/flfs/gotham/GothamBook.woff2/	115 KB 19 KB	432ms 431ms	Font text/html	2604:6280:108::1:10bb:b87b IOFLOOD
General Check archive.org Show headers Download Go to Full URL https://teresitaproduccionesperu.com/Iniciocod/brou/flfs/gotham/GothamBook.woff2/ Requested by Host: teresitaproduccionesperu.com URL: https://teresitaproduccionesperu.com/Iniciocod/brou/flfs/fonts.css Protocol H3 Server 2604:6280:108::1:10bb:b87b Phoenix, United States, ASN53755 (IOFLOOD, US), Reverse DNS Software / PHP/7.4.33 Resource Hash `ec7601006dab65ca52c78b44c36a92138c092049eeaa147055c1aa1681d7e7a2` Request headers accept-language fi-FI,fi;q=0.9 Referer https://teresitaproduccionesperu.com/Iniciocod/brou/flfs/fonts.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 28 Apr 2023 18:36:16 GMT content-encoding br x-powered-by PHP/7.4.33 x-litespeed-cache hit vary Accept-Encoding etag "246-1682706766;br" content-type text/html; charset=UTF-8 link <https://teresitaproduccionesperu.com/index.php?rest_route=/>; rel="https://api.w.org/", <https://teresitaproduccionesperu.com/index.php?rest_route=/wp/v2/pages/26>; rel="alternate"; type="application/json", <https://teresitaproduccionesperu.com/>; rel=shortlink content-length 19061 Redirect headers location https://teresitaproduccionesperu.com/Iniciocod/brou/flfs/gotham/GothamBook.woff2/ date Fri, 28 Apr 2023 18:36:15 GMT x-powered-by PHP/7.4.33 content-length 0 x-litespeed-cache hit x-redirect-by WordPress content-type text/html; charset=UTF-8
GET H3	200	/ teresitaproduccionesperu.com/Iniciocod/brou/flfs/gotham/Gotham-Medium.woff2/ Redirect Chain https://teresitaproduccionesperu.com/Iniciocod/brou/flfs/gotham/Gotham-Medium.woff2 https://teresitaproduccionesperu.com/Iniciocod/brou/flfs/gotham/Gotham-Medium.woff2/	115 KB 19 KB	440ms 439ms	Font text/html	2604:6280:108::1:10bb:b87b IOFLOOD
General Check archive.org Show headers Download Go to Full URL https://teresitaproduccionesperu.com/Iniciocod/brou/flfs/gotham/Gotham-Medium.woff2/ Requested by Host: teresitaproduccionesperu.com URL: https://teresitaproduccionesperu.com/Iniciocod/brou/flfs/fonts.css Protocol H3 Server 2604:6280:108::1:10bb:b87b Phoenix, United States, ASN53755 (IOFLOOD, US), Reverse DNS Software / PHP/7.4.33 Resource Hash `ba0d8c2e64698c6e866f42e066a9c44b89493d2076f57bb1df9ce23774080856` Request headers accept-language fi-FI,fi;q=0.9 Referer https://teresitaproduccionesperu.com/Iniciocod/brou/flfs/fonts.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 28 Apr 2023 18:36:16 GMT content-encoding br x-powered-by PHP/7.4.33 x-litespeed-cache hit vary Accept-Encoding etag "247-1682706767;br" content-type text/html; charset=UTF-8 link <https://teresitaproduccionesperu.com/index.php?rest_route=/>; rel="https://api.w.org/", <https://teresitaproduccionesperu.com/index.php?rest_route=/wp/v2/pages/26>; rel="alternate"; type="application/json", <https://teresitaproduccionesperu.com/>; rel=shortlink content-length 19061 Redirect headers location https://teresitaproduccionesperu.com/Iniciocod/brou/flfs/gotham/Gotham-Medium.woff2/ date Fri, 28 Apr 2023 18:36:15 GMT x-powered-by PHP/7.4.33 content-length 0 x-litespeed-cache hit x-redirect-by WordPress content-type text/html; charset=UTF-8
GET H3	200	/ teresitaproduccionesperu.com/Iniciocod/brou/flfs/gotham/GothamBook.woff/ Redirect Chain https://teresitaproduccionesperu.com/Iniciocod/brou/flfs/gotham/GothamBook.woff https://teresitaproduccionesperu.com/Iniciocod/brou/flfs/gotham/GothamBook.woff/	115 KB 19 KB	910ms 910ms	Font text/html	2604:6280:108::1:10bb:b87b IOFLOOD
General Check archive.org Show headers Download Go to Full URL https://teresitaproduccionesperu.com/Iniciocod/brou/flfs/gotham/GothamBook.woff/ Requested by Host: teresitaproduccionesperu.com URL: https://teresitaproduccionesperu.com/Iniciocod/brou/flfs/fonts.css Protocol H3 Server 2604:6280:108::1:10bb:b87b Phoenix, United States, ASN53755 (IOFLOOD, US), Reverse DNS Software / PHP/7.4.33 Resource Hash `8f3e9e3fdda47798277610a4080b0b0e4575ecf3bc046202fea3ea413de2e8f7` Request headers accept-language fi-FI,fi;q=0.9 Referer https://teresitaproduccionesperu.com/Iniciocod/brou/flfs/fonts.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 28 Apr 2023 18:36:17 GMT content-encoding br x-powered-by PHP/7.4.33 x-litespeed-cache hit vary Accept-Encoding etag "248-1682706769;br" content-type text/html; charset=UTF-8 link <https://teresitaproduccionesperu.com/index.php?rest_route=/>; rel="https://api.w.org/", <https://teresitaproduccionesperu.com/index.php?rest_route=/wp/v2/pages/26>; rel="alternate"; type="application/json", <https://teresitaproduccionesperu.com/>; rel=shortlink content-length 19061 Redirect headers location https://teresitaproduccionesperu.com/Iniciocod/brou/flfs/gotham/GothamBook.woff/ date Fri, 28 Apr 2023 18:36:16 GMT x-powered-by PHP/7.4.33 content-length 0 x-litespeed-cache hit x-redirect-by WordPress content-type text/html; charset=UTF-8
GET H3	200	/ teresitaproduccionesperu.com/Iniciocod/brou/flfs/gotham/Gotham-Medium.woff/ Redirect Chain https://teresitaproduccionesperu.com/Iniciocod/brou/flfs/gotham/Gotham-Medium.woff https://teresitaproduccionesperu.com/Iniciocod/brou/flfs/gotham/Gotham-Medium.woff/	115 KB 19 KB	916ms 916ms	Font text/html	2604:6280:108::1:10bb:b87b IOFLOOD
General Check archive.org Show headers Download Go to Full URL https://teresitaproduccionesperu.com/Iniciocod/brou/flfs/gotham/Gotham-Medium.woff/ Requested by Host: teresitaproduccionesperu.com URL: https://teresitaproduccionesperu.com/Iniciocod/brou/flfs/fonts.css Protocol H3 Server 2604:6280:108::1:10bb:b87b Phoenix, United States, ASN53755 (IOFLOOD, US), Reverse DNS Software / PHP/7.4.33 Resource Hash `8f3e9e3fdda47798277610a4080b0b0e4575ecf3bc046202fea3ea413de2e8f7` Request headers accept-language fi-FI,fi;q=0.9 Referer https://teresitaproduccionesperu.com/Iniciocod/brou/flfs/fonts.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 28 Apr 2023 18:36:17 GMT content-encoding br x-powered-by PHP/7.4.33 x-litespeed-cache hit vary Accept-Encoding etag "249-1682706769;br" content-type text/html; charset=UTF-8 link <https://teresitaproduccionesperu.com/index.php?rest_route=/>; rel="https://api.w.org/", <https://teresitaproduccionesperu.com/index.php?rest_route=/wp/v2/pages/26>; rel="alternate"; type="application/json", <https://teresitaproduccionesperu.com/>; rel=shortlink content-length 19061 Redirect headers location https://teresitaproduccionesperu.com/Iniciocod/brou/flfs/gotham/Gotham-Medium.woff/ date Fri, 28 Apr 2023 18:36:16 GMT x-powered-by PHP/7.4.33 content-length 0 x-litespeed-cache hit x-redirect-by WordPress content-type text/html; charset=UTF-8
GET H3	200	/ teresitaproduccionesperu.com/Iniciocod/brou/flfs/gotham/GothamBook.ttf/ Redirect Chain https://teresitaproduccionesperu.com/Iniciocod/brou/flfs/gotham/GothamBook.ttf https://teresitaproduccionesperu.com/Iniciocod/brou/flfs/gotham/GothamBook.ttf/	115 KB 19 KB	432ms 431ms	Font text/html	2604:6280:108::1:10bb:b87b IOFLOOD
General Check archive.org Show headers Download Go to Full URL https://teresitaproduccionesperu.com/Iniciocod/brou/flfs/gotham/GothamBook.ttf/ Requested by Host: teresitaproduccionesperu.com URL: https://teresitaproduccionesperu.com/Iniciocod/brou/flfs/fonts.css Protocol H3 Server 2604:6280:108::1:10bb:b87b Phoenix, United States, ASN53755 (IOFLOOD, US), Reverse DNS Software / PHP/7.4.33 Resource Hash `96544cf74169901223622c888a51a29288d6d4859e06ce38ab4769bbeeba5f66` Request headers accept-language fi-FI,fi;q=0.9 Referer https://teresitaproduccionesperu.com/Iniciocod/brou/flfs/fonts.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 28 Apr 2023 18:36:17 GMT content-encoding br x-powered-by PHP/7.4.33 x-litespeed-cache hit vary Accept-Encoding etag "250-1682706772;br" content-type text/html; charset=UTF-8 link <https://teresitaproduccionesperu.com/index.php?rest_route=/>; rel="https://api.w.org/", <https://teresitaproduccionesperu.com/index.php?rest_route=/wp/v2/pages/26>; rel="alternate"; type="application/json", <https://teresitaproduccionesperu.com/>; rel=shortlink content-length 19060 Redirect headers location https://teresitaproduccionesperu.com/Iniciocod/brou/flfs/gotham/GothamBook.ttf/ date Fri, 28 Apr 2023 18:36:17 GMT x-powered-by PHP/7.4.33 content-length 0 x-litespeed-cache hit x-redirect-by WordPress content-type text/html; charset=UTF-8
GET H3	200	/ teresitaproduccionesperu.com/Iniciocod/brou/flfs/gotham/Gotham-Medium.ttf/ Redirect Chain https://teresitaproduccionesperu.com/Iniciocod/brou/flfs/gotham/Gotham-Medium.ttf https://teresitaproduccionesperu.com/Iniciocod/brou/flfs/gotham/Gotham-Medium.ttf/	115 KB 19 KB	431ms 431ms	Font text/html	2604:6280:108::1:10bb:b87b IOFLOOD
General Check archive.org Show headers Download Go to Full URL https://teresitaproduccionesperu.com/Iniciocod/brou/flfs/gotham/Gotham-Medium.ttf/ Requested by Host: teresitaproduccionesperu.com URL: https://teresitaproduccionesperu.com/Iniciocod/brou/flfs/fonts.css Protocol H3 Server 2604:6280:108::1:10bb:b87b Phoenix, United States, ASN53755 (IOFLOOD, US), Reverse DNS Software / PHP/7.4.33 Resource Hash `96544cf74169901223622c888a51a29288d6d4859e06ce38ab4769bbeeba5f66` Request headers accept-language fi-FI,fi;q=0.9 Referer https://teresitaproduccionesperu.com/Iniciocod/brou/flfs/fonts.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 28 Apr 2023 18:36:17 GMT content-encoding br x-powered-by PHP/7.4.33 x-litespeed-cache hit vary Accept-Encoding etag "251-1682706772;br" content-type text/html; charset=UTF-8 link <https://teresitaproduccionesperu.com/index.php?rest_route=/>; rel="https://api.w.org/", <https://teresitaproduccionesperu.com/index.php?rest_route=/wp/v2/pages/26>; rel="alternate"; type="application/json", <https://teresitaproduccionesperu.com/>; rel=shortlink content-length 19060 Redirect headers location https://teresitaproduccionesperu.com/Iniciocod/brou/flfs/gotham/Gotham-Medium.ttf/ date Fri, 28 Apr 2023 18:36:17 GMT x-powered-by PHP/7.4.33 content-length 0 x-litespeed-cache hit x-redirect-by WordPress content-type text/html; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banco de la República Oriental del Uruguay (Banking)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://teresitaproduccionesperu.com/Iniciocod/brou/index1.html Message: Failed to decode downloaded font: https://teresitaproduccionesperu.com/Iniciocod/brou/flfs/gotham/GothamBook.woff2
other	warning	URL: https://teresitaproduccionesperu.com/Iniciocod/brou/index1.html Message: OTS parsing error: invalid sfntVersion: 1008821359
other	warning	URL: https://teresitaproduccionesperu.com/Iniciocod/brou/index1.html Message: Failed to decode downloaded font: https://teresitaproduccionesperu.com/Iniciocod/brou/flfs/gotham/Gotham-Medium.woff2
other	warning	URL: https://teresitaproduccionesperu.com/Iniciocod/brou/index1.html Message: OTS parsing error: invalid sfntVersion: 1008821359
other	warning	URL: https://teresitaproduccionesperu.com/Iniciocod/brou/index1.html Message: Failed to decode downloaded font: https://teresitaproduccionesperu.com/Iniciocod/brou/flfs/gotham/GothamBook.woff
other	warning	URL: https://teresitaproduccionesperu.com/Iniciocod/brou/index1.html Message: OTS parsing error: invalid sfntVersion: 1008821359
other	warning	URL: https://teresitaproduccionesperu.com/Iniciocod/brou/index1.html Message: Failed to decode downloaded font: https://teresitaproduccionesperu.com/Iniciocod/brou/flfs/gotham/Gotham-Medium.woff
other	warning	URL: https://teresitaproduccionesperu.com/Iniciocod/brou/index1.html Message: OTS parsing error: invalid sfntVersion: 1008821359
other	warning	URL: https://teresitaproduccionesperu.com/Iniciocod/brou/index1.html Message: Failed to decode downloaded font: https://teresitaproduccionesperu.com/Iniciocod/brou/flfs/gotham/GothamBook.ttf
other	warning	URL: https://teresitaproduccionesperu.com/Iniciocod/brou/index1.html Message: OTS parsing error: invalid sfntVersion: 1008821359
other	warning	URL: https://teresitaproduccionesperu.com/Iniciocod/brou/index1.html Message: Failed to decode downloaded font: https://teresitaproduccionesperu.com/Iniciocod/brou/flfs/gotham/Gotham-Medium.ttf
other	warning	URL: https://teresitaproduccionesperu.com/Iniciocod/brou/index1.html Message: OTS parsing error: invalid sfntVersion: 1008821359

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

teresitaproduccionesperu.com
2604:6280:108::1:10bb:b87b
24a91b11b5f18ffcc8d6d6f3707bb263261de6eb7b4867cda0fdb116ced45efa
367cba5c66dcb77e9efdefae321a5fa51b4ed0773b15ebbd7a8ee35b913e75fe
62ebac9119c82db12553de55773d265db5cc81db125dda0e84443a59f7f9c369
8f3e9e3fdda47798277610a4080b0b0e4575ecf3bc046202fea3ea413de2e8f7
96544cf74169901223622c888a51a29288d6d4859e06ce38ab4769bbeeba5f66
970a245e193b5fcb6fb9e0fa1ecc9a8ee55f3775aa766fcea860ea2d9af9741f
9afde12f75dafba0637d0c7894c3d2426c102ab9f4fd8f330f076c4326a1b0a5
ba0d8c2e64698c6e866f42e066a9c44b89493d2076f57bb1df9ce23774080856
d4d41483cf38b6182b0a495196cfc55821cfd2e3d310861f32bcd2240806f187
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec7601006dab65ca52c78b44c36a92138c092049eeaa147055c1aa1681d7e7a2

teresitaproduccionesperu.com Open in urlscan Pro 2604:6280:108::1:10bb:b87b Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

13 Requests

46 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

340 kBTransfer

1466 kBSize

0 Cookies

0 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

1 JavaScript Global Variables

0 Cookies

12 Console Messages

Indicators

teresitaproduccionesperu.com Open in urlscan Pro
2604:6280:108::1:10bb:b87b Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

46 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

340 kB
Transfer

1466 kB
Size

0
Cookies

13 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!