![](/screenshots/46a7ce27-f1bd-4ae6-84b6-a92e930eb111.png)
www.consulta.cc
Open in
urlscan Pro
83.217.70.251
Public Scan
Effective URL: https://www.consulta.cc/wp-signup.php?new=pca-skin.consulta.cc
Submission Tags: phishingrod
Submission: On March 05 via api from DE — Scanned from DE
Summary
TLS certificate: Issued by R3 on January 4th 2023. Valid for: 3 months.
This is the only time www.consulta.cc was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 18 | 83.217.70.251 83.217.70.251 | 34762 (COMBELL-AS) (COMBELL-AS) | |
2 | 2a02:26f0:11a... 2a02:26f0:11a::217:9a58 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 2a02:26f0:350... 2a02:26f0:3500:16::215:148b | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 2a00:1450:400... 2a00:1450:4001:813::2008 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK) | |
2 | 2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK) | |
25 | 6 |
ASN34762 (COMBELL-AS, BE)
PTR: linweb243.webhosting.be
pca-skin.consulta.cc | |
www.consulta.cc |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN32934 (FACEBOOK, US)
www.facebook.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
consulta.cc
1 redirects
pca-skin.consulta.cc www.consulta.cc |
146 KB |
3 |
typekit.net
use.typekit.net — Cisco Umbrella Rank: 440 p.typekit.net — Cisco Umbrella Rank: 568 |
45 KB |
2 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 105 |
257 B |
2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 151 |
137 KB |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 44 |
63 KB |
25 | 5 |
Domain | Requested by | |
---|---|---|
17 | www.consulta.cc |
www.consulta.cc
|
2 | www.facebook.com |
www.consulta.cc
|
2 | connect.facebook.net |
www.consulta.cc
connect.facebook.net |
2 | use.typekit.net |
www.consulta.cc
use.typekit.net |
1 | www.googletagmanager.com |
www.consulta.cc
|
1 | p.typekit.net |
use.typekit.net
|
1 | pca-skin.consulta.cc | 1 redirects |
25 | 7 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
consulta.cc R3 |
2023-01-04 - 2023-04-04 |
3 months | crt.sh |
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2022-09-14 - 2023-10-15 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-02-08 - 2023-05-03 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2023-01-10 - 2023-03-12 |
2 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://www.consulta.cc/wp-signup.php?new=pca-skin.consulta.cc
Frame ID: 96E9935E0737CA4B2D30EF1658881E5F
Requests: 24 HTTP requests in this frame
Frame:
https://www.facebook.com/tr/
Frame ID: 8A4D908C581D12FCB2C6A06E2113B08B
Requests: 1 HTTP requests in this frame
Screenshot
![](/screenshots/46a7ce27-f1bd-4ae6-84b6-a92e930eb111.png)
Page Title
Consulta - Home - ConsultaPage URL History Show full URLs
-
https://pca-skin.consulta.cc/
HTTP 302
https://www.consulta.cc/wp-signup.php?new=pca-skin.consulta.cc Page URL
Detected technologies
Detected patterns
- <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
- /wp-(?:content|includes)/
Detected patterns
- \.php(?:$|\?)
![](/vendor/wappa/icons/Yoast SEO.png)
Detected patterns
- <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Flickity (JavaScript Libraries) Expand
Detected patterns
- /flickity(?:\.pkgd)?(?:\.min)?\.js
![](/vendor/wappa/icons/Font Awesome.png)
Detected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
![](/vendor/wappa/icons/Google Tag Manager.png)
Detected patterns
- googletagmanager\.com/ns\.html[^>]+></iframe>
- <!-- (?:End )?Google Tag Manager -->
- googletagmanager\.com/gtm\.js
Detected patterns
- ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
![](/vendor/wappa/icons/TrackJs.png)
Detected patterns
- tracker\.js
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Detected patterns
- jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://pca-skin.consulta.cc/
HTTP 302
https://www.consulta.cc/wp-signup.php?new=pca-skin.consulta.cc Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
25 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
wp-signup.php
www.consulta.cc/ Redirect Chain
|
20 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.min.css
www.consulta.cc/wp-includes/css/dist/block-library/ |
87 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
101-layout.css
www.consulta.cc/data/bb-plugin/cache/ |
23 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.min.css
www.consulta.cc/wp-content/plugins/wp-store-locator/css/ |
15 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
www.consulta.cc/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/menu-item/ |
226 B 339 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
www.consulta.cc/wp-content/plugins/types/vendor/toolset/toolset-common/res/lib/font-awesome/css/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
consulta.css
www.consulta.cc/wp-content/themes/consulta/css/ |
70 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
www.consulta.cc/wp-includes/js/jquery/ |
87 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-migrate.min.js
www.consulta.cc/wp-includes/js/jquery/ |
11 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modernizr-3.5.0.min.js
www.consulta.cc/wp-content/themes/consulta/alpha/js/ |
96 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
replaceBuilder.js
www.consulta.cc/wp-content/themes/consulta/bb-blocks/replacement/ |
278 B 369 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
button.js
www.consulta.cc/wp-content/themes/consulta/code/button/ |
1 KB 851 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
flickity.js
www.consulta.cc/wp-content/themes/consulta/alpha/js/ |
53 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
101-layout.js
www.consulta.cc/data/bb-plugin/cache/ |
18 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm4wp-form-move-tracker.js
www.consulta.cc/wp-content/plugins/duracelltomi-google-tag-manager/js/ |
1 KB 574 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hamburger.js
www.consulta.cc/wp-content/themes/consulta/alpha/js/ |
287 B 359 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wp-emoji-release.min.js
www.consulta.cc/wp-includes/js/ |
18 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zuu2lns.css
use.typekit.net/ |
6 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p.css
p.typekit.net/ |
5 B 181 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
165 KB 63 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/32f92a/000000000000000000014869/27/ |
44 KB 44 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
107 KB 28 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
992857587457807
connect.facebook.net/signals/config/ |
377 KB 108 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
0 185 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
www.facebook.com/tr/ Frame 8A4D |
0 72 B |
Document
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
33 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless string| gtm4wp_datalayer_name object| dataLayer object| _wpemojiSettings object| twemoji object| wp undefined| $ function| jQuery object| html5 object| Modernizr object| dataLayer_content function| wpse_getLink function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Flickity function| Unipointer function| Unidragger function| imagesLoaded string| wpAjaxUrl string| flBuilderUrl object| FLBuilderLayoutConfig object| sliderContainer undefined| sliderElement object| FLBuilderLayout function| postscribe object| google_tag_manager_external object| google_tag_manager object| google_tag_data function| fbq function| _fbq2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.consulta.cc/ | Name: _gcl_au Value: 1.1.919842051.1678028422 |
|
.consulta.cc/ | Name: _fbp Value: fb.1.1678028422909.1768953821 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
connect.facebook.net
p.typekit.net
pca-skin.consulta.cc
use.typekit.net
www.consulta.cc
www.facebook.com
www.googletagmanager.com
2a00:1450:4001:813::2008
2a02:26f0:11a::217:9a58
2a02:26f0:3500:16::215:148b
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
83.217.70.251
028509cbdce0fc659594c153e45c56302511abfc33eb8e919eb3f74e39d13314
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0fca0294cfaf24a4db0852415eee7bcdea7b9766d59e443fb2d5f0c77eb23363
108d48c5be4510d5d36ad4bf27922c5789b729d777ae97333a53607edeb0364f
1b305dc3f307231d0c2c5f7acdea8d1287b10d839a40eb01112dd7db816a196e
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
30f81698620503d9f3c61d48a5b8510b22d6802e44a3450dfbca9f31d0abd3f4
3cc7424040322cf8e6ffc0dddbcbf5f56e77130b0e4a8637e6ba7c847922b87e
45bd4e337104422a9468f7106a7a9188b84241f86619da6360db1ccb9b9e5281
46dc06d2408461cb9a8ed7dbe6d325e356405b804e04f0a8d65c3133742bb96b
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
6d82524320851cd20cae529e3b2e8f44041aac4cff1d5352d115fb2f3819d742
711374412102a12b946ef78aa95b21be82dbc2a789e210c2ff957b0a68a17e61
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a2adf4c1187ff44afb6596a750c078a97b07717364daade11a8c337771832e0
85bcdc7a390299e4895c961d00d047b0824d494a392d8f71db41f1418665748b
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c23ed8305bee68694260dd2859c302ed82c4a01a7a51d1a1cdce6f4a5673e0eb
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
e2c309bf94ee4cac5712d8256fc87e922b15629e564e558dda8b7a0f6006d99d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e509f8d9d542ce0fd30b60b8cc7660070b47008f3d567aeff63878550528e522
e8eb07cc6ba32029b3d29cb0a7ec7d9105d74cc310b1b85778db70c09218aaed
f2c809f77b19df64ec8270272ac29ce3d84d242a663e589825a9e4f57b8a5461