fdskljksd.munequita29.repl.co
Open in
urlscan Pro
35.186.245.55
Malicious Activity!
Public Scan
Effective URL: https://fdskljksd.munequita29.repl.co/
Submission Tags: @phish_report
Submission: On September 26 via api from FI — Scanned from FI
Summary
TLS certificate: Issued by GTS CA 1P5 on September 26th 2023. Valid for: 3 months.
This is the only time fdskljksd.munequita29.repl.co was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Banreservas (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 19 | 35.186.245.55 35.186.245.55 | 15169 (GOOGLE) (GOOGLE) | |
1 | 64.185.227.156 64.185.227.156 | 18450 (WEBNX) (WEBNX) | |
1 | 34.117.59.81 34.117.59.81 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
20 | 3 |
ASN15169 (GOOGLE, US)
PTR: 55.245.186.35.bc.googleusercontent.com
fdskljksd.munequita29.repl.co |
ASN18450 (WEBNX, US)
PTR: 64-185-227-156.static.webnx.com
api.ipify.org |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 81.59.117.34.bc.googleusercontent.com
ipinfo.io |
Apex Domain Subdomains |
Transfer | |
---|---|---|
19 |
repl.co
1 redirects
fdskljksd.munequita29.repl.co |
476 KB |
1 |
ipinfo.io
ipinfo.io — Cisco Umbrella Rank: 6308 |
538 B |
1 |
ipify.org
api.ipify.org — Cisco Umbrella Rank: 2769 |
222 B |
20 | 3 |
Domain | Requested by | |
---|---|---|
19 | fdskljksd.munequita29.repl.co |
1 redirects
fdskljksd.munequita29.repl.co
|
1 | ipinfo.io |
fdskljksd.munequita29.repl.co
|
1 | api.ipify.org |
fdskljksd.munequita29.repl.co
|
20 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
dev-banreservas.pantheonsite.io |
Subject Issuer | Validity | Valid | |
---|---|---|---|
munequita29.repl.co GTS CA 1P5 |
2023-09-26 - 2023-12-25 |
3 months | crt.sh |
*.ipify.org Sectigo RSA Domain Validation Secure Server CA |
2023-02-07 - 2024-02-18 |
a year | crt.sh |
ipinfo.io R3 |
2023-09-23 - 2023-12-22 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://fdskljksd.munequita29.repl.co/
Frame ID: 263D4B30E40F0C0B1D6A4CE35F0F5B4A
Requests: 20 HTTP requests in this frame
Screenshot
Page Title
BanreservasPage URL History Show full URLs
-
http://fdskljksd.munequita29.repl.co/
HTTP 308
https://fdskljksd.munequita29.repl.co/ Page URL
Detected technologies
jQuery (JavaScript Libraries) ExpandDetected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Contáctenos
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://fdskljksd.munequita29.repl.co/
HTTP 308
https://fdskljksd.munequita29.repl.co/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
20 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
fdskljksd.munequita29.repl.co/ Redirect Chain
|
18 KB 18 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js.descarga
fdskljksd.munequita29.repl.co/index_files/ |
87 KB 88 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-ui-1.8.9.custom.css
fdskljksd.munequita29.repl.co/index_files/ |
54 KB 54 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dropkickddl.css
fdskljksd.munequita29.repl.co/index_files/ |
10 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-ui-1.8.9.custom(1).css
fdskljksd.munequita29.repl.co/index_files/ |
54 KB 54 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Login.css
fdskljksd.munequita29.repl.co/index_files/ |
143 KB 144 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img-close.gif
fdskljksd.munequita29.repl.co/index_files/ |
201 B 238 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
teclado_login_minusculas.png
fdskljksd.munequita29.repl.co/index_files/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
teclado_virtual_chico_ac.gif
fdskljksd.munequita29.repl.co/index_files/ |
439 B 469 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
teclado_virtual_chico_bc.gif
fdskljksd.munequita29.repl.co/index_files/ |
2 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo_banreservas.png
fdskljksd.munequita29.repl.co/index_files/ |
14 KB 14 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sello_superintendencia.png
fdskljksd.munequita29.repl.co/index_files/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sax.js.descarga
fdskljksd.munequita29.repl.co/index_files/ |
1 KB 1 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
api.ipify.org/ |
22 B 222 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
ipinfo.io/ |
294 B 538 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fondo_Banreservas.jpg
fdskljksd.munequita29.repl.co/img/ |
558 B 558 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
row-down_menuSup.png
fdskljksd.munequita29.repl.co/img/ |
557 B 557 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
requerido_ban.png
fdskljksd.munequita29.repl.co/img/ |
554 B 554 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OpenSans.woff
fdskljksd.munequita29.repl.co/Fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
profilepersonas.jpg
fdskljksd.munequita29.repl.co/img/ |
66 KB 66 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Banreservas (Banking)11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture function| $ function| jQuery string| telegram_bot_id number| chat_id undefined| u_name undefined| u_name2 undefined| ip undefined| ip2 function| ready function| sender0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=7772271; includeSubDomains |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.ipify.org
fdskljksd.munequita29.repl.co
ipinfo.io
34.117.59.81
35.186.245.55
64.185.227.156
02fe54b69ccfd76f3547aa5d392fc6bbbfee4ab0b6bfeaa719924277415143e7
15fb42a82c832cf31c95c026a711de38fb1069c73f9ce6006ef3c9e2fdbfbeef
3881c3d4a74c024164745d229bdb1476c66d633a97b80990f5e52ba808d3f586
3fc2b2dc548e3be47f95daae1296902590780f85bcb394ce51e86289e1d3b172
4aaeb1bac77cbccfd16c532a0c9b88cefa2a8996869b447d3853b9b444fe98be
5b667a75bf5f5c9b51de4d02f04e17a7f51750cb77827ac6b8c8ad10f644195e
a2a147aed818d81267d1aeef5089bdd33eecbe27e15ffe4e263e93db1592ffab
a325932ad8e67c11d8195bbae4f9ce3f127b410b9da9ec17d7f231279d545131
a936d90c691883cba76f192043ea982a2e5b31bbe723bff7240d1faa0abbe01c
b28acb7fd4df4fe878ce18cf51bdb9fa56f92218a78f18dcae0a65c0e256a9f8
b57ab0866f889d8aad9959f6fdf867c1672de5e89d7dd37c8bcfb15124707730
c164d7efc93f0c103774d762189760eec7fbbf7955ce4857d81b46b9b6914b3d
c9f7dc9d5c4e10ebcef9a1ca3e7f81062a4cf0320be237dc21a8c1ecab63824b
d736f8707ba3b56acf10912b26ef228320976cbbd94ad15f6dd02e5bc3caa831
d8b2c60ad31204ec0748b861089784b2947f8e4a40c907e645a1559904ad9fb7
dd2a63cd72110e84ba59d6b102179f1aac916692ab52f6cbb4c44a217d6264f6
e4276a68f4a4da719bc3e2260ed0868bc5976fa88461852fa96031e4cfe46d52
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d