urlscan.io logo urlscan.io
SecurityTrails logo

216.244.165.236 Open in urlscan Pro
216.244.165.236  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://216.244.165.236/
Submission: On July 21 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 5 countries across 10 domains to perform 44 HTTP transactions. The main IP is 216.244.165.236, located in Chiclayo, Peru and belongs to America Movil Peru S.A.C., PE. The main domain is 216.244.165.236.
TLS certificate: Issued by GlobalSign Extended Validation CA - S... on April 11th 2022. Valid for: a year.
This is the only time 216.244.165.236 was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Banco de Crédito del Perú (Banking)

Domain & IP information

3    216.244.165.236 (Chiclayo, Peru)

ASN12252 (America Movil Peru S.A.C., PE)
216.244.165.236
bcpzonasegurabeta.viabcp.com
26    2a02:26f0:3500:899::2e48 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
stbcpzonasegura.viabcp.com
1    2600:9000:21f3:2e00:1:1c51:10c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.chatvisor.com
4    136.243.36.90 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.90.36.243.136.clients.your-server.de
app.chatvisor.com
5    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a05:d014:275:cb02:66df:50b:6e56:a6bf (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
unruffled-shannon-1a7413.netlify.com
1    2a05:d014:275:cb00:ec0d:12e2:df27:aa60 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
unruffled-shannon-1a7413.netlify.app
1    52.212.247.225 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-247-225.eu-west-1.compute.amazonaws.com
bcpr42sh.staticmon.com
Apex Domain
Subdomains		 Transfer
28 viabcp.com
stbcpzonasegura.viabcp.com
bcpzonasegurabeta.viabcp.com — Cisco Umbrella Rank: 587528
1 MB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 52
20 KB
5 chatvisor.com
cdn.chatvisor.com — Cisco Umbrella Rank: 178152
app.chatvisor.com — Cisco Umbrella Rank: 178989
40 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 5701
564 B
2 google.com
www.google.com — Cisco Umbrella Rank: 10
598 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 117
495 B
1 staticmon.com
bcpr42sh.staticmon.com — Cisco Umbrella Rank: 585090
510 B
1 netlify.app
unruffled-shannon-1a7413.netlify.app — Cisco Umbrella Rank: 205215
2 KB
1 netlify.com
unruffled-shannon-1a7413.netlify.com — Cisco Umbrella Rank: 843078
150 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 93
55 KB
44 10
Domain Requested by
26 stbcpzonasegura.viabcp.com 216.244.165.236
stbcpzonasegura.viabcp.com
5 www.google-analytics.com 2 redirects 216.244.165.236
www.googletagmanager.com
4 app.chatvisor.com cdn.chatvisor.com
stbcpzonasegura.viabcp.com
2 bcpzonasegurabeta.viabcp.com stbcpzonasegura.viabcp.com
2 www.google.de 216.244.165.236
2 www.google.com 2 redirects
2 stats.g.doubleclick.net 2 redirects
1 bcpr42sh.staticmon.com stbcpzonasegura.viabcp.com
1 unruffled-shannon-1a7413.netlify.app 216.244.165.236
1 unruffled-shannon-1a7413.netlify.com 1 redirects
1 www.googletagmanager.com 216.244.165.236
1 cdn.chatvisor.com 216.244.165.236
44 12

This site contains links to these domains. Also see Links.

Domain
www.viabcp.com
Subject Issuer Validity Valid
bcpzonasegurabeta.viabcp.com
GlobalSign Extended Validation CA - SHA256 - G3		 2022-04-11 -
2023-05-13		 a year crt.sh
st.bcpzonasegura.bcp.com.pe
DigiCert SHA2 Secure Server CA		 2021-09-09 -
2022-09-09		 a year crt.sh
cdn.chatvisor.com
Amazon		 2022-02-06 -
2023-03-07		 a year crt.sh
chatvisor.com
R3		 2022-07-18 -
2022-10-16		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
*.staticmon.com
Go Daddy Secure Certificate Authority - G2		 2022-02-25 -
2023-03-29		 a year crt.sh

This page contains 1 frames:

Primary Page: https://216.244.165.236/
Frame ID: 58195630E7F1A7AD474D87BF7E0D1572
Requests: 41 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Banco de Crédito >>BCP>>

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

44
Requests

86 %
HTTPS

75 %
IPv6

10
Domains

12
Subdomains

10
IPs

5
Countries

1617 kB
Transfer

5586 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://www.google-analytics.com/r/collect?v=1&_v=j66&aip=1&a=267431120&t=pageview&_s=1&dl=https%3A%2F%2F216.244.165.236%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Banco%20de%20Cr%C3%A9dito%20%3E%3EBCP%3E%3E&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABE~&jid=1964537739&gjid=203278062&cid=1549084603.1658430425&tid=UA-79497878-7&_gid=998329921.1658430425&_r=1&z=1014096143 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-79497878-7&cid=1549084603.1658430425&jid=1964537739&_gid=998329921.1658430425&gjid=203278062&_v=j66&z=1014096143 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-79497878-7&cid=1549084603.1658430425&jid=1964537739&_v=j66&z=1014096143 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-79497878-7&cid=1549084603.1658430425&jid=1964537739&_v=j66&z=1014096143&slf_rd=1&random=168152887
Request Chain 16
  • https://unruffled-shannon-1a7413.netlify.com/bcpr42sh.js HTTP 301
  • https://unruffled-shannon-1a7413.netlify.app/bcpr42sh.js
Request Chain 34
  • https://www.google-analytics.com/r/collect?v=1&_v=j66&aip=1&a=267431120&t=event&ni=1&_s=1&dl=https%3A%2F%2F216.244.165.236%2F&dp=%2Finiciar-sesion&ul=en-us&de=UTF-8&dt=Banco%20de%20Cr%C3%A9dito%20%3E%3EBCP%3E%3E&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Respuesta%20de%20Servicio%20Iniciar%20Sesion&ea=%2F%2Fbcpr42sh.staticmon.com%2Ftun%2Fbcpr42sh%2Finput%2F&el=P%C3%A1g.%20Anterior%3A%20%2C%20Tiempo%20de%20respuesta%3A191&_u=aEDAAEABE~&jid=676903832&gjid=1660190028&cid=1549084603.1658430425&tid=UA-79497878-5&_gid=998329921.1658430425&_r=1&gtm=2wg7i0T8LG6J5&z=2098341634 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-79497878-5&cid=1549084603.1658430425&jid=676903832&_gid=998329921.1658430425&gjid=1660190028&_v=j66&z=2098341634 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-79497878-5&cid=1549084603.1658430425&jid=676903832&_v=j66&z=2098341634 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-79497878-5&cid=1549084603.1658430425&jid=676903832&_v=j66&z=2098341634&slf_rd=1&random=4107402097

44 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
216.244.165.236/ 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://216.244.165.236/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
216.244.165.236 Chiclayo, Peru, ASN12252 (America Movil Peru S.A.C., PE),
Reverse DNS
Software
/
Resource Hash
74213f6a243e211ac82a7845e642e7f5d7b3d9c7f3cd843e09424230b3ccf3ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
2568
Content-Type
text/html
Date
Thu, 21 Jul 2022 19:04:28 GMT
Expires
0
Keep-Alive
timeout=10, max=100
Pragma
no-cache
Vary
Accept-Encoding,User-Agent
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
styles.73891af9c5f119165612.bundle.css
stbcpzonasegura.viabcp.com/ 		232 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stbcpzonasegura.viabcp.com/styles.73891af9c5f119165612.bundle.css
Requested by
Host: 216.244.165.236
URL: https://216.244.165.236/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:899::2e48 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
576268ebbf93e3090085fd1c960591a5027a438c3c8dd727e1f46fc017322db4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://216.244.165.236/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jul 2022 19:07:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
server-timing
dtRpid;desc="94412508"
accept-ranges
bytes
vary
Accept-Encoding
content-length
34685
x-xss-protection
1; mode=block
expires
Thu, 21 Jul 2022 19:07:04 GMT
logo_blanco.svg
stbcpzonasegura.viabcp.com/assets/img/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stbcpzonasegura.viabcp.com/assets/img/logo_blanco.svg
Requested by
Host: 216.244.165.236
URL: https://216.244.165.236/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:899::2e48 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
99066f683e36549f1e747a7cfab97606573a4367fe35a4e82dda5c3b03a43287
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://216.244.165.236/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jul 2022 19:07:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
server-timing
dtRpid;desc="2005598130"
accept-ranges
bytes
vary
Accept-Encoding
content-length
2490
x-xss-protection
1; mode=block
expires
Thu, 21 Jul 2022 19:07:04 GMT
56myjZOlu6.js
cdn.chatvisor.com/cdn/js/ 		77 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.chatvisor.com/cdn/js/56myjZOlu6.js
Requested by
Host: 216.244.165.236
URL: https://216.244.165.236/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:2e00:1:1c51:10c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
544ca9589ed2d8c50b8267369ea2b970ffe2a696e3397e9a9db668887eeebba1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://216.244.165.236/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 19:07:03 GMT
content-encoding
gzip
last-modified
Wed, 20 Jul 2022 19:46:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
W/"8dbe92e552d8a0a9e5a3c981423fce41"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
cache-control
max-age=7200,public
x-amz-cf-id
UeW4GqbT_eqEdeGP2VwZc6TxpS0PvVrNxkst8g-3noEpuvf9cI9fSA==
inline.c4833cc1f0603004355a.bundle.js
stbcpzonasegura.viabcp.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stbcpzonasegura.viabcp.com/inline.c4833cc1f0603004355a.bundle.js
Requested by
Host: 216.244.165.236
URL: https://216.244.165.236/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:899::2e48 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6e61b1e2d0639553efe9e959f0a574d15fdab7a7764891dbaa8273b0cd8de2d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://216.244.165.236/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jul 2022 19:07:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
server-timing
dtRpid;desc="739031858"
accept-ranges
bytes
vary
Accept-Encoding
content-length
1405
x-xss-protection
1; mode=block
expires
Thu, 21 Jul 2022 19:07:04 GMT
polyfills.c979baad0a3186ef4457.bundle.js
stbcpzonasegura.viabcp.com/ 		106 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stbcpzonasegura.viabcp.com/polyfills.c979baad0a3186ef4457.bundle.js
Requested by
Host: 216.244.165.236
URL: https://216.244.165.236/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:899::2e48 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
35a0ff464bb7ae3678794e852c4f4e0499d5ce16b170716c4bebb282396d408b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://216.244.165.236/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jul 2022 19:07:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
server-timing
dtRpid;desc="-1713614416"
accept-ranges
bytes
vary
Accept-Encoding
content-length
36810
x-xss-protection
1; mode=block
expires
Thu, 21 Jul 2022 19:07:04 GMT
scripts.09fad8d55f4ac8b7b76d.bundle.js
stbcpzonasegura.viabcp.com/ 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stbcpzonasegura.viabcp.com/scripts.09fad8d55f4ac8b7b76d.bundle.js
Requested by
Host: 216.244.165.236
URL: https://216.244.165.236/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:899::2e48 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ceca405ca0d4e50dd7c27bacb32387d649e42d8d6acf14df08975c546774797e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://216.244.165.236/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jul 2022 19:07:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
server-timing
dtRpid;desc="-830828142"
accept-ranges
bytes
vary
Accept-Encoding
content-length
28356
x-xss-protection
1; mode=block
expires
Thu, 21 Jul 2022 19:07:04 GMT
vendor.65fea5d74d826b4924b6.bundle.js
stbcpzonasegura.viabcp.com/ 		2 MB
374 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stbcpzonasegura.viabcp.com/vendor.65fea5d74d826b4924b6.bundle.js
Requested by
Host: 216.244.165.236
URL: https://216.244.165.236/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:899::2e48 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
91523cfc88605436a38f9599f7f094c9ece7263ba0ac1b33b0771a4a64427db6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://216.244.165.236/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jul 2022 19:07:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
server-timing
dtRpid;desc="-696496942"
accept-ranges
bytes
vary
Accept-Encoding
content-length
381876
x-xss-protection
1; mode=block
expires
Thu, 21 Jul 2022 19:07:04 GMT
main.05b4bcc2d17d47948a09.bundle.js
stbcpzonasegura.viabcp.com/ 		642 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stbcpzonasegura.viabcp.com/main.05b4bcc2d17d47948a09.bundle.js
Requested by
Host: 216.244.165.236
URL: https://216.244.165.236/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:899::2e48 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
89dc64426329406841bb16cec345c0f73c9e1b2aece1ca78b6505467e9b6c4aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://216.244.165.236/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jul 2022 19:07:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
server-timing
dtRpid;desc="74978573"
accept-ranges
bytes
vary
Accept-Encoding
content-length
126101
x-xss-protection
1; mode=block
expires
Thu, 21 Jul 2022 19:07:04 GMT
bcpr42sh-red.js
stbcpzonasegura.viabcp.com/assets/ 		2 KB
1004 B 		Script
General
Check archive.org
Download Go to
Full URL
https://stbcpzonasegura.viabcp.com/assets/bcpr42sh-red.js
Requested by
Host: 216.244.165.236
URL: https://216.244.165.236/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:899::2e48 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5ab31b6f85c701b181dfef7620dc468aca7119a787535cfabac7dd74b68aa7a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://216.244.165.236/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jul 2022 19:07:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
server-timing
dtRpid;desc="497249940"
accept-ranges
bytes
vary
Accept-Encoding
content-length
722
x-xss-protection
1; mode=block
expires
Thu, 21 Jul 2022 19:07:04 GMT
actionRules
app.chatvisor.com/api/in/wg/conf/56myjZOlu6/ 		22 B
147 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.chatvisor.com/api/in/wg/conf/56myjZOlu6/actionRules
Requested by
Host: cdn.chatvisor.com
URL: https://cdn.chatvisor.com/cdn/js/56myjZOlu6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.243.36.90 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.90.36.243.136.clients.your-server.de
Software
istio-envoy /
Resource Hash
0b866ee4f3c09b0e278b0f6fe01c1b8c79263a1ffe36ca1649d8a0a5025a5888
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://216.244.165.236/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jul 2022 19:07:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
istio-envoy
x-frame-options
DENY
content-type
application/json;charset=utf-8
access-control-allow-origin
https://216.244.165.236
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
8
strict-transport-security
max-age=31536000
vary
Origin,Accept-Encoding, User-Agent
x-xss-protection
1; mode=block
expires
0
56myjZOlu6
app.chatvisor.com/api/in/wg/conf/ 		9 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.chatvisor.com/api/in/wg/conf/56myjZOlu6
Requested by
Host: cdn.chatvisor.com
URL: https://cdn.chatvisor.com/cdn/js/56myjZOlu6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.243.36.90 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.90.36.243.136.clients.your-server.de
Software
istio-envoy /
Resource Hash
1caaf29553e35c7b8b15e2419e08caa0023511ba0a9e94a8df739a90cf5d00c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://216.244.165.236/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jul 2022 19:07:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
istio-envoy
x-frame-options
DENY
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://216.244.165.236
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
8
strict-transport-security
max-age=31536000
vary
Origin,Accept-Encoding, User-Agent
x-xss-protection
1; mode=block
expires
0
242863_3_0.973408b83b66574e2bde.woff
stbcpzonasegura.viabcp.com/ 		69 KB
69 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://stbcpzonasegura.viabcp.com/242863_3_0.973408b83b66574e2bde.woff
Requested by
Host: stbcpzonasegura.viabcp.com
URL: https://stbcpzonasegura.viabcp.com/styles.73891af9c5f119165612.bundle.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:899::2e48 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
d6e507e9151c1b691b6d6a2a226455ddf2eaaf03a6314d19c41d129d6215e120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://stbcpzonasegura.viabcp.com/styles.73891af9c5f119165612.bundle.css
Origin
https://216.244.165.236
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jul 2022 19:07:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-type
application/font-woff
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
server-timing
dtRpid;desc="2017073706"
accept-ranges
bytes
timing-allow-origin
*
vary
Accept-Encoding
content-length
70560
x-xss-protection
1; mode=block
expires
Thu, 21 Jul 2022 19:07:04 GMT
es.json
stbcpzonasegura.viabcp.com/assets/literals/ 		129 KB
34 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stbcpzonasegura.viabcp.com/assets/literals/es.json
Requested by
Host: stbcpzonasegura.viabcp.com
URL: https://stbcpzonasegura.viabcp.com/polyfills.c979baad0a3186ef4457.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:899::2e48 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
02742348bd8ffe2d1183a7ad2d195e16134b82b416b3a95dc24792b1a65e4a61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://216.244.165.236/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jul 2022 19:07:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
server-timing
dtRpid;desc="1569179919"
accept-ranges
bytes
timing-allow-origin
*
vary
Accept-Encoding
content-length
34097
x-xss-protection
1; mode=block
expires
Thu, 21 Jul 2022 19:07:05 GMT
0.eb4db6c91bbdb979fe70.chunk.js
stbcpzonasegura.viabcp.com/ 		2 MB
496 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stbcpzonasegura.viabcp.com/0.eb4db6c91bbdb979fe70.chunk.js
Requested by
Host: stbcpzonasegura.viabcp.com
URL: https://stbcpzonasegura.viabcp.com/inline.c4833cc1f0603004355a.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:899::2e48 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5ea36a0e1114f9176096ac50e34a785bcbbf69ba0d1853f3ca624acddd65582f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://216.244.165.236/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jul 2022 19:07:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
server-timing
dtRpid;desc="1246573235"
accept-ranges
bytes
vary
Accept-Encoding
content-length
506008
x-xss-protection
1; mode=block
expires
Thu, 21 Jul 2022 19:07:05 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j66&aip=1&a=267431120&t=pageview&_s=1&dl=https%3A%2F%2F216.244.165.236%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Banco%20de%20Cr%C3%A9dito%20%3E%3EBCP%3E%3E&s...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-79497878-7&cid=1549084603.1658430425&jid=1964537739&_gid=998329921.1658430425&gjid=203278062&_v=j66&z=1014096143
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-79497878-7&cid=1549084603.1658430425&jid=1964537739&_v=j66&z=1014096143
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-79497878-7&cid=1549084603.1658430425&jid=1964537739&_v=j66&z=1014096143&slf_rd=1&random=168152887
42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-79497878-7&cid=1549084603.1658430425&jid=1964537739&_v=j66&z=1014096143&slf_rd=1&random=168152887
Requested by
Host: 216.244.165.236
URL: https://216.244.165.236/
Protocol
H2
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://216.244.165.236/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jul 2022 19:07:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Jul 2022 19:07:05 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-79497878-7&cid=1549084603.1658430425&jid=1964537739&_v=j66&z=1014096143&slf_rd=1&random=168152887
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gtm.js
www.googletagmanager.com/ 		167 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T8LG6J5
Requested by
Host: 216.244.165.236
URL: https://216.244.165.236/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
84197300be689c98a84a16fb9f669d111dcbe050d4932136214132fd81e11de9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://216.244.165.236/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 19:07:05 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55547
x-xss-protection
0
last-modified
Thu, 21 Jul 2022 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 21 Jul 2022 19:07:05 GMT
bcpr42sh.js
unruffled-shannon-1a7413.netlify.app/
Redirect Chain
  • https://unruffled-shannon-1a7413.netlify.com/bcpr42sh.js
  • https://unruffled-shannon-1a7413.netlify.app/bcpr42sh.js
8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unruffled-shannon-1a7413.netlify.app/bcpr42sh.js
Requested by
Host: 216.244.165.236
URL: https://216.244.165.236/
Protocol
H2
Server
2a05:d014:275:cb00:ec0d:12e2:df27:aa60 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
5d327f3ed655cb1afb3e5563110bedb6ec5fee248c393df1595e9447bb096a8c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://216.244.165.236/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-nf-request-id
01G8H2G299FC9YJ73BNAFSJA95
date
Thu, 21 Jul 2022 15:51:21 GMT
content-encoding
br
server
Netlify
age
11745
etag
"85fc5e722b8c043d463edde5b4da797a-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0, must-revalidate
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
2034

Redirect headers

location
https://unruffled-shannon-1a7413.netlify.app/bcpr42sh.js
x-nf-request-id
01G8H2G27K0Z2DAX1ZGVR96AZV
date
Thu, 21 Jul 2022 19:07:05 GMT
server
Netlify
content-length
91
content-type
text/html; charset=utf-8
i18n
app.chatvisor.com/api/in/ 		24 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.chatvisor.com/api/in/i18n?tId=56myjZOlu6&sId=e5f403b4f3084cdb8b433beae85395ef&vId=379e6901b8b34885a262aa3a19392b8b&lang=en-US
Requested by
Host: stbcpzonasegura.viabcp.com
URL: https://stbcpzonasegura.viabcp.com/polyfills.c979baad0a3186ef4457.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.243.36.90 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.90.36.243.136.clients.your-server.de
Software
istio-envoy /
Resource Hash
128066324bb36866d8b64f1a75fa96b60263684824f42dd04a78666d2e44ea1a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://216.244.165.236/
x-cv-ssid
e5f403b4f3084cdb8b433beae85395ef
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 19:07:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-envoy-upstream-service-time
5
vary
Origin,Accept-Encoding, User-Agent
x-xss-protection
1; mode=block
pragma
no-cache
server
istio-envoy
x-frame-options
DENY
strict-transport-security
max-age=31536000
content-type
application/json;charset=utf-8
access-control-allow-origin
https://216.244.165.236
access-control-expose-headers
x-cv-sid
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
0
i18n
app.chatvisor.com/api/in/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.chatvisor.com/api/in/i18n?tId=56myjZOlu6&sId=e5f403b4f3084cdb8b433beae85395ef&vId=379e6901b8b34885a262aa3a19392b8b&lang=en-US
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.243.36.90 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.90.36.243.136.clients.your-server.de
Software
istio-envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
x-cv-ssid
Access-Control-Request-Method
GET
Origin
https://216.244.165.236
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-cv-ssid
access-control-allow-methods
GET
access-control-allow-origin
https://216.244.165.236
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
date
Thu, 21 Jul 2022 19:07:05 GMT
server
istio-envoy
strict-transport-security
max-age=31536000
vary
Origin
x-envoy-upstream-service-time
0
card
bcpzonasegurabeta.viabcp.com/bcp-hbk-web1/app/login/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://bcpzonasegurabeta.viabcp.com/bcp-hbk-web1/app/login/card
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
216.244.165.236 Chiclayo, Peru, ASN12252 (America Movil Peru S.A.C., PE),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN deny SAMEORIGIN, DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,cug5b5,device-print,device-token,device-token-cookie,device-token-fso,deviceid,dom-elements,forms-data,geo-altitude,geo-altitudeaccuracy,geo-heading,geo-horizontalaccuracy,geo-latitude,geo-longitude,geo-speed,geo-status,geo-timestamp,ipaddress,js-events,page-id
Access-Control-Request-Method
POST
Origin
https://216.244.165.236
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
x-requested-with, DR2LP1, session-UID, Content-Type, CUG5B5, DEVICE-PRINT, deviceid, DEVICE-TOKEN-FSO, X-TOKEN-KEYBOARD-ENCRIPTED, X-CAPTCHA-TOKEN, RSA-TRANSACTION-ID, RSA-ACTION-CODE, PAGE-ID, FORMS-DATA, DOM-ELEMENTS, JS-EVENTS, GEO-LONGITUDE, GEO-LATITUDE, GEO-HORIZONTALACCURACY, GEO-ALTITUDE, GEO-ALTITUDEACCURACY, GEO-HEADING, GEO-SPEED, GEO-TIMESTAMP , GEO-STATUS, ipaddress, X-DATA-PRODUCT-TOKEN, X-CURRENCY-EXCHANGE-TOKEN, X-CRC-FLAG-REGISTER-TOKEN, X-OPERATION-COD-TOKEN, X-OPERATION-TRANSFER-TOKEN, X-OPERATION-SERVICE-PAYMENT-TOKEN, X-TCCD, X-TNNC, X-TOPC, X-CREDIT-QUOTA-TOKEN, X-OPERATION-CREDIT-PAYMENT-TOKEN, X-OPERATION-PAYMENT-CREDITCARD-DEFERRED-TOKEN, X-TILE-COMMISSION-TOKEN, X-OPERATION-CREDIT-SALARY-TOKEN, X-PAYMENT-DOCUMENT-TOKEN, X-CONSULT-LETTER-TOKEN, X-OPERATION-LETTER-PAYMENT-TOKEN, X-TIEL-COMMISSION-TOKEN, X-Transaction, DEVICE-TOKEN-COOKIE, DEVICE-TOKEN
Access-Control-Allow-Methods
POST, GET
Access-Control-Allow-Origin
https://bcpzonasegurabeta.viabcp.com
Access-Control-Expose-Headers
x-requested-with, DR2LP1, session-UID, CUG5B5, X-TOKEN-KEYBOARD-ENCRIPTED, X-CAPTCHA-TOKEN, RSA-TRANSACTION-ID, RSA-ACTION-CODE, X-DATA-PRODUCT-TOKEN, X-CURRENCY-EXCHANGE-TOKEN, X-CRC-FLAG-REGISTER-TOKEN, X-OPERATION-COD-TOKEN, X-OPERATION-TRANSFER-TOKEN, X-OPERATION-SERVICE-PAYMENT-TOKEN, X-TCCD, X-TNNC, X-TOPC, X-CREDIT-QUOTA-TOKEN, X-OPERATION-CREDIT-PAYMENT-TOKEN, X-OPERATION-PAYMENT-CREDITCARD-DEFERRED-TOKEN, X-TILE-COMMISSION-TOKEN, X-OPERATION-CREDIT-SALARY-TOKEN, X-PAYMENT-DOCUMENT-TOKEN, X-CONSULT-LETTER-TOKEN, X-OPERATION-LETTER-PAYMENT-TOKEN, X-TIEL-COMMISSION-TOKEN, X-Transaction, Authorization, DEVICE-TOKEN-COOKIE, DEVICE-TOKEN
Access-Control-Max-Age
3600
Cache-Control
no-cache, no-store, must-revalidate, private, max-age=0
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
20
Date
Thu, 21 Jul 2022 19:07:07 GMT
Expires
0
Keep-Alive
timeout=10, max=100
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains max-age=31536000
Vary
User-Agent
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN deny SAMEORIGIN, DENY
X-XSS-Protection
1; mode=block
logo_blanco.svg
stbcpzonasegura.viabcp.com/assets/img/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stbcpzonasegura.viabcp.com/assets/img/logo_blanco.svg
Requested by
Host: stbcpzonasegura.viabcp.com
URL: https://stbcpzonasegura.viabcp.com/vendor.65fea5d74d826b4924b6.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:899::2e48 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
99066f683e36549f1e747a7cfab97606573a4367fe35a4e82dda5c3b03a43287
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://216.244.165.236/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jul 2022 19:07:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
server-timing
dtRpid;desc="2005598130"
accept-ranges
bytes
vary
Accept-Encoding
content-length
2490
x-xss-protection
1; mode=block
expires
Thu, 21 Jul 2022 19:07:05 GMT
HBK-login-fondo.jpg
stbcpzonasegura.viabcp.com/assets/img/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stbcpzonasegura.viabcp.com/assets/img/HBK-login-fondo.jpg
Requested by
Host: 216.244.165.236
URL: https://216.244.165.236/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:899::2e48 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
08241458d3ce1af786b576e47b3b5941f3e32bfd8b2bc953f66960720bee0831
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://216.244.165.236/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jul 2022 19:07:05 GMT
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=0
server-timing
dtRpid;desc="240254968"
accept-ranges
bytes
content-length
44153
x-xss-protection
1; mode=block
expires
Thu, 21 Jul 2022 19:07:05 GMT
242863_E_0.31e6d7cf733065d39be1.woff
stbcpzonasegura.viabcp.com/ 		67 KB
67 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://stbcpzonasegura.viabcp.com/242863_E_0.31e6d7cf733065d39be1.woff
Requested by
Host: stbcpzonasegura.viabcp.com
URL: https://stbcpzonasegura.viabcp.com/styles.73891af9c5f119165612.bundle.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:899::2e48 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
fd9bd5004ae517527e784b3f1b136542697f344c195cedc28a6b89066e163e9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://stbcpzonasegura.viabcp.com/styles.73891af9c5f119165612.bundle.css
Origin
https://216.244.165.236
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jul 2022 19:07:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-type
application/font-woff
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
server-timing
dtRpid;desc="-2060343715"
accept-ranges
bytes
timing-allow-origin
*
vary
Accept-Encoding
content-length
68449
x-xss-protection
1; mode=block
expires
Thu, 21 Jul 2022 19:07:05 GMT
icons.a1179978b826d3cbfd6b.woff
stbcpzonasegura.viabcp.com/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://stbcpzonasegura.viabcp.com/icons.a1179978b826d3cbfd6b.woff
Requested by
Host: stbcpzonasegura.viabcp.com
URL: https://stbcpzonasegura.viabcp.com/styles.73891af9c5f119165612.bundle.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:899::2e48 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
9d91ae324c350a6540627193e4fb0fba0b150279fa9c197537d2ecc84f8ad5c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://stbcpzonasegura.viabcp.com/styles.73891af9c5f119165612.bundle.css
Origin
https://216.244.165.236
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jul 2022 19:07:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-type
application/font-woff
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
server-timing
dtRpid;desc="-1022142541"
accept-ranges
bytes
timing-allow-origin
*
vary
Accept-Encoding
content-length
24117
x-xss-protection
1; mode=block
expires
Thu, 21 Jul 2022 19:07:05 GMT
242863_A_0.3cc8ee720716e80449de.woff
stbcpzonasegura.viabcp.com/ 		76 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://stbcpzonasegura.viabcp.com/242863_A_0.3cc8ee720716e80449de.woff
Requested by
Host: stbcpzonasegura.viabcp.com
URL: https://stbcpzonasegura.viabcp.com/styles.73891af9c5f119165612.bundle.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:899::2e48 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4fad053182cecbfcf0c3458299a394c428799c09caabf73c357ce35affcfcfd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://stbcpzonasegura.viabcp.com/styles.73891af9c5f119165612.bundle.css
Origin
https://216.244.165.236
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jul 2022 19:07:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-type
application/font-woff
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
server-timing
dtRpid;desc="1615821085"
accept-ranges
bytes
timing-allow-origin
*
vary
Accept-Encoding
content-length
77468
x-xss-protection
1; mode=block
expires
Thu, 21 Jul 2022 19:07:05 GMT
card
bcpzonasegurabeta.viabcp.com/bcp-hbk-web1/app/login/ 		0
0
collect
www.google-analytics.com/ 		35 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j66&aip=1&a=267431120&t=pageview&_s=2&dl=https%3A%2F%2F216.244.165.236%2F&dp=%2Finiciar-sesion&ul=en-us&de=UTF-8&dt=Banco%20de%20Cr%C3%A9dito%20%3E%3EBCP%3E%3E&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABE~&jid=&gjid=&cid=1549084603.1658430425&tid=UA-79497878-7&_gid=998329921.1658430425&z=1865603276
Requested by
Host: 216.244.165.236
URL: https://216.244.165.236/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://216.244.165.236/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jul 2022 00:31:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
66950
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
logo.svg
stbcpzonasegura.viabcp.com/assets/img/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stbcpzonasegura.viabcp.com/assets/img/logo.svg
Requested by
Host: 216.244.165.236
URL: https://216.244.165.236/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:899::2e48 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c4bfe03d7dcfff129cf26b11a8757532e5a45322af45ac30f1583542c1e7d3f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://216.244.165.236/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jul 2022 19:07:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
server-timing
dtRpid;desc="17773016"
accept-ranges
bytes
vary
Accept-Encoding
content-length
1134
x-xss-protection
1; mode=block
expires
Thu, 21 Jul 2022 19:07:05 GMT
logo-blue.svg
stbcpzonasegura.viabcp.com/assets/img/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stbcpzonasegura.viabcp.com/assets/img/logo-blue.svg
Requested by
Host: 216.244.165.236
URL: https://216.244.165.236/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:899::2e48 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f92813a83c5c7d37a06fd98e8029668508f34b07cd0eec0423ebafdf2558148d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://216.244.165.236/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jul 2022 19:07:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
server-timing
dtRpid;desc="-2053332527"
accept-ranges
bytes
vary
Accept-Encoding
content-length
1131
x-xss-protection
1; mode=block
expires
Thu, 21 Jul 2022 19:07:05 GMT
chronometer-o-w.svg
stbcpzonasegura.viabcp.com/assets/img/ 		713 B
660 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stbcpzonasegura.viabcp.com/assets/img/chronometer-o-w.svg
Requested by
Host: 216.244.165.236
URL: https://216.244.165.236/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:899::2e48 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b5eed63ded97cecd99982dbe8e8dac723292fc4fbb449605bb2a2fc6b7172d89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://216.244.165.236/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jul 2022 19:07:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
server-timing
dtRpid;desc="-173023689"
accept-ranges
bytes
vary
Accept-Encoding
content-length
375
x-xss-protection
1; mode=block
expires
Thu, 21 Jul 2022 19:07:05 GMT
chronometer-o.svg
stbcpzonasegura.viabcp.com/assets/img/ 		722 B
660 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stbcpzonasegura.viabcp.com/assets/img/chronometer-o.svg
Requested by
Host: 216.244.165.236
URL: https://216.244.165.236/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:899::2e48 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
a426aa56c6f262ec969052b7fe8668067dbbfa0bfbd964fdb854bd4f64811f64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://216.244.165.236/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jul 2022 19:07:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
server-timing
dtRpid;desc="522121374"
accept-ranges
bytes
vary
Accept-Encoding
content-length
376
x-xss-protection
1; mode=block
expires
Thu, 21 Jul 2022 19:07:05 GMT
logo_blanco.svg
stbcpzonasegura.viabcp.com/assets/img/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stbcpzonasegura.viabcp.com/assets/img/logo_blanco.svg
Requested by
Host: stbcpzonasegura.viabcp.com
URL: https://stbcpzonasegura.viabcp.com/vendor.65fea5d74d826b4924b6.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:899::2e48 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
99066f683e36549f1e747a7cfab97606573a4367fe35a4e82dda5c3b03a43287
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://216.244.165.236/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jul 2022 19:07:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
server-timing
dtRpid;desc="2005598130"
accept-ranges
bytes
vary
Accept-Encoding
content-length
2490
x-xss-protection
1; mode=block
expires
Thu, 21 Jul 2022 19:07:05 GMT
/
bcpr42sh.staticmon.com/tun/bcpr42sh/input/ 		16 B
510 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcpr42sh.staticmon.com/tun/bcpr42sh/input/
Requested by
Host: stbcpzonasegura.viabcp.com
URL: https://stbcpzonasegura.viabcp.com/polyfills.c979baad0a3186ef4457.bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
52.212.247.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-247-225.eu-west-1.compute.amazonaws.com
Software
nginx/1.19.1 /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
Strict-Transport-Security max-age=60; includeSubDomains; preload
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://216.244.165.236/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-type
text/plain

Response headers

Date
Thu, 21 Jul 2022 19:07:06 GMT
Allow
POST, OPTIONS
Server
nginx/1.19.1
Access-Control-Allow-Headers
Authorization, Origin, X-Requested-With, Content-Type, Accept
X-Frame-Options
DENY
Strict-Transport-Security
max-age=60; includeSubDomains; preload
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Content-Type
application/json
Access-Control-Allow-Origin
*
Connection
keep-alive
Vary
Cookie
Content-Length
16
X-XSS-Protection
1; mode=block
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T8LG6J5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://216.244.165.236/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
69
date
Thu, 21 Jul 2022 19:05:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 21 Jul 2022 21:05:57 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j66&aip=1&a=267431120&t=event&ni=1&_s=1&dl=https%3A%2F%2F216.244.165.236%2F&dp=%2Finiciar-sesion&ul=en-us&de=UTF-8&dt=Banco%20de%20Cr%C3%A9dito%20%...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-79497878-5&cid=1549084603.1658430425&jid=676903832&_gid=998329921.1658430425&gjid=1660190028&_v=j66&z=2098341634
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-79497878-5&cid=1549084603.1658430425&jid=676903832&_v=j66&z=2098341634
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-79497878-5&cid=1549084603.1658430425&jid=676903832&_v=j66&z=2098341634&slf_rd=1&random=4107402097
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-79497878-5&cid=1549084603.1658430425&jid=676903832&_v=j66&z=2098341634&slf_rd=1&random=4107402097
Protocol
H3
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://216.244.165.236/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jul 2022 19:07:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Jul 2022 19:07:06 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-79497878-5&cid=1549084603.1658430425&jid=676903832&_v=j66&z=2098341634&slf_rd=1&random=4107402097
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
captcha
bcpzonasegurabeta.viabcp.com/bcp-hbk-web1/app/login/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://bcpzonasegurabeta.viabcp.com/bcp-hbk-web1/app/login/captcha
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
216.244.165.236 Chiclayo, Peru, ASN12252 (America Movil Peru S.A.C., PE),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN deny SAMEORIGIN, DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
cug5b5,device-print,device-token,device-token-cookie,device-token-fso,deviceid,dom-elements,forms-data,geo-altitude,geo-altitudeaccuracy,geo-heading,geo-horizontalaccuracy,geo-latitude,geo-longitude,geo-speed,geo-status,geo-timestamp,ipaddress,js-events,page-id
Access-Control-Request-Method
POST
Origin
https://216.244.165.236
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
x-requested-with, DR2LP1, session-UID, Content-Type, CUG5B5, DEVICE-PRINT, deviceid, DEVICE-TOKEN-FSO, X-TOKEN-KEYBOARD-ENCRIPTED, X-CAPTCHA-TOKEN, RSA-TRANSACTION-ID, RSA-ACTION-CODE, PAGE-ID, FORMS-DATA, DOM-ELEMENTS, JS-EVENTS, GEO-LONGITUDE, GEO-LATITUDE, GEO-HORIZONTALACCURACY, GEO-ALTITUDE, GEO-ALTITUDEACCURACY, GEO-HEADING, GEO-SPEED, GEO-TIMESTAMP , GEO-STATUS, ipaddress, X-DATA-PRODUCT-TOKEN, X-CURRENCY-EXCHANGE-TOKEN, X-CRC-FLAG-REGISTER-TOKEN, X-OPERATION-COD-TOKEN, X-OPERATION-TRANSFER-TOKEN, X-OPERATION-SERVICE-PAYMENT-TOKEN, X-TCCD, X-TNNC, X-TOPC, X-CREDIT-QUOTA-TOKEN, X-OPERATION-CREDIT-PAYMENT-TOKEN, X-OPERATION-PAYMENT-CREDITCARD-DEFERRED-TOKEN, X-TILE-COMMISSION-TOKEN, X-OPERATION-CREDIT-SALARY-TOKEN, X-PAYMENT-DOCUMENT-TOKEN, X-CONSULT-LETTER-TOKEN, X-OPERATION-LETTER-PAYMENT-TOKEN, X-TIEL-COMMISSION-TOKEN, X-Transaction, DEVICE-TOKEN-COOKIE, DEVICE-TOKEN
Access-Control-Allow-Methods
POST, GET
Access-Control-Allow-Origin
https://bcpzonasegurabeta.viabcp.com
Access-Control-Expose-Headers
x-requested-with, DR2LP1, session-UID, CUG5B5, X-TOKEN-KEYBOARD-ENCRIPTED, X-CAPTCHA-TOKEN, RSA-TRANSACTION-ID, RSA-ACTION-CODE, X-DATA-PRODUCT-TOKEN, X-CURRENCY-EXCHANGE-TOKEN, X-CRC-FLAG-REGISTER-TOKEN, X-OPERATION-COD-TOKEN, X-OPERATION-TRANSFER-TOKEN, X-OPERATION-SERVICE-PAYMENT-TOKEN, X-TCCD, X-TNNC, X-TOPC, X-CREDIT-QUOTA-TOKEN, X-OPERATION-CREDIT-PAYMENT-TOKEN, X-OPERATION-PAYMENT-CREDITCARD-DEFERRED-TOKEN, X-TILE-COMMISSION-TOKEN, X-OPERATION-CREDIT-SALARY-TOKEN, X-PAYMENT-DOCUMENT-TOKEN, X-CONSULT-LETTER-TOKEN, X-OPERATION-LETTER-PAYMENT-TOKEN, X-TIEL-COMMISSION-TOKEN, X-Transaction, Authorization, DEVICE-TOKEN-COOKIE, DEVICE-TOKEN
Access-Control-Max-Age
3600
Cache-Control
no-cache, no-store, must-revalidate, private, max-age=0
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
20
Date
Thu, 21 Jul 2022 19:07:07 GMT
Expires
0
Keep-Alive
timeout=10, max=99
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains max-age=31536000
Vary
User-Agent
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN deny SAMEORIGIN, DENY
X-XSS-Protection
1; mode=block
captcha
bcpzonasegurabeta.viabcp.com/bcp-hbk-web1/app/login/ 		0
0
turn-o.svg
stbcpzonasegura.viabcp.com/assets/img/ 		712 B
661 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stbcpzonasegura.viabcp.com/assets/img/turn-o.svg
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:899::2e48 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
3ca034dc1c551304cb7550c6293ca145f4326857fe913838b9bdc7b4085250bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://216.244.165.236/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jul 2022 19:07:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
server-timing
dtRpid;desc="876424870"
accept-ranges
bytes
vary
Accept-Encoding
content-length
377
x-xss-protection
1; mode=block
expires
Thu, 21 Jul 2022 19:07:07 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j66&aip=1&a=267431120&t=pageview&_s=3&dl=https%3A%2F%2F216.244.165.236%2F&dp=%2Ferror&ul=en-us&de=UTF-8&dt=Banco%20de%20Cr%C3%A9dito%20%3E%3EBCP%3E%3E&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABE~&jid=&gjid=&cid=1549084603.1658430425&tid=UA-79497878-7&_gid=998329921.1658430425&z=769755827
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://216.244.165.236/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jul 2022 00:09:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
68280
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
robot-bcp-small.svg
stbcpzonasegura.viabcp.com/assets/img/ 		13 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stbcpzonasegura.viabcp.com/assets/img/robot-bcp-small.svg
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:899::2e48 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
0da9af9021c95c03f6df71bd87b12ca89d459d3639dba871a23b0ca795f9fdcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://216.244.165.236/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jul 2022 19:07:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
server-timing
dtRpid;desc="-522215608"
accept-ranges
bytes
vary
Accept-Encoding
content-length
4452
x-xss-protection
1; mode=block
expires
Thu, 21 Jul 2022 19:07:09 GMT
robot-bcp.svg
stbcpzonasegura.viabcp.com/assets/img/ 		13 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stbcpzonasegura.viabcp.com/assets/img/robot-bcp.svg
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:899::2e48 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
1062e0c450a52fbabc15b9f78223eb84e71587ec73b31710be76f478592b42c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://216.244.165.236/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jul 2022 19:07:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
server-timing
dtRpid;desc="-1020664442"
accept-ranges
bytes
vary
Accept-Encoding
content-length
4674
x-xss-protection
1; mode=block
expires
Thu, 21 Jul 2022 19:07:09 GMT
logo-bcp.svg
stbcpzonasegura.viabcp.com/assets/img/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stbcpzonasegura.viabcp.com/assets/img/logo-bcp.svg
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:899::2e48 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
61ef0783e7bce907daf8c88305dbf07117535ae60e795e163966946998dc5146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://216.244.165.236/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jul 2022 19:07:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
server-timing
dtRpid;desc="-1770884253"
accept-ranges
bytes
vary
Accept-Encoding
content-length
1113
x-xss-protection
1; mode=block
expires
Thu, 21 Jul 2022 19:07:09 GMT
242863_C_0.81cffe01c2873bbb9b81.woff
stbcpzonasegura.viabcp.com/ 		64 KB
64 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://stbcpzonasegura.viabcp.com/242863_C_0.81cffe01c2873bbb9b81.woff
Requested by
Host: stbcpzonasegura.viabcp.com
URL: https://stbcpzonasegura.viabcp.com/styles.73891af9c5f119165612.bundle.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:899::2e48 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e222510c8703ed2ca7944a4978dca92140325a96ca6826d7b78f775082b0a418
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://stbcpzonasegura.viabcp.com/styles.73891af9c5f119165612.bundle.css
Origin
https://216.244.165.236
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jul 2022 19:07:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-type
application/font-woff
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
server-timing
dtRpid;desc="267022835"
accept-ranges
bytes
timing-allow-origin
*
vary
Accept-Encoding
content-length
65319
x-xss-protection
1; mode=block
expires
Thu, 21 Jul 2022 19:07:07 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
bcpzonasegurabeta.viabcp.com
URL
https://bcpzonasegurabeta.viabcp.com/bcp-hbk-web1/app/login/card
Domain
bcpzonasegurabeta.viabcp.com
URL
https://bcpzonasegurabeta.viabcp.com/bcp-hbk-web1/app/login/captcha

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banco de Crédito del Perú (Banking)

254 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| CVUtils object| _CV_ object| CV boolean| CV_INITIALIZED function| cvAsyncInit object| CVLoaded function| webpackJsonp object| __core-js_shared__ object| core function| Zone function| __zone_symbol__Promise function| __zone_symbol__ZoneAwarePromise function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader boolean| __zone_symbol__ononabortpatched boolean| __zone_symbol__ononanimationendpatched boolean| __zone_symbol__ononanimationiterationpatched boolean| __zone_symbol__ononauxclickpatched boolean| __zone_symbol__ononblurpatched boolean| __zone_symbol__ononcancelpatched boolean| __zone_symbol__ononcanplaypatched boolean| __zone_symbol__ononcanplaythroughpatched boolean| __zone_symbol__ononchangepatched boolean| __zone_symbol__ononcuechangepatched boolean| __zone_symbol__ononclickpatched boolean| __zone_symbol__ononclosepatched boolean| __zone_symbol__ononcontextmenupatched boolean| __zone_symbol__onondblclickpatched boolean| __zone_symbol__onondragpatched boolean| __zone_symbol__onondragendpatched boolean| __zone_symbol__onondragenterpatched boolean| __zone_symbol__onondragleavepatched boolean| __zone_symbol__onondragoverpatched boolean| __zone_symbol__onondroppatched boolean| __zone_symbol__onondurationchangepatched boolean| __zone_symbol__ononemptiedpatched boolean| __zone_symbol__ononendedpatched boolean| __zone_symbol__ononerrorpatched boolean| __zone_symbol__ononfocuspatched boolean| __zone_symbol__onongotpointercapturepatched boolean| __zone_symbol__ononinputpatched boolean| __zone_symbol__ononinvalidpatched boolean| __zone_symbol__ononkeydownpatched boolean| __zone_symbol__ononkeypresspatched boolean| __zone_symbol__ononkeyuppatched boolean| __zone_symbol__ononloadpatched boolean| __zone_symbol__ononloadstartpatched boolean| __zone_symbol__ononloadeddatapatched boolean| __zone_symbol__ononloadedmetadatapatched boolean| __zone_symbol__ononlostpointercapturepatched boolean| __zone_symbol__ononmousedownpatched boolean| __zone_symbol__ononmouseenterpatched boolean| __zone_symbol__ononmouseleavepatched boolean| __zone_symbol__ononmousemovepatched boolean| __zone_symbol__ononmouseoutpatched boolean| __zone_symbol__ononmouseoverpatched boolean| __zone_symbol__ononmouseuppatched boolean| __zone_symbol__ononmousewheelpatched boolean| __zone_symbol__ononpausepatched boolean| __zone_symbol__ononplaypatched boolean| __zone_symbol__ononplayingpatched boolean| __zone_symbol__ononpointercancelpatched boolean| __zone_symbol__ononpointerdownpatched boolean| __zone_symbol__ononpointerenterpatched boolean| __zone_symbol__ononpointerleavepatched boolean| __zone_symbol__ononpointermovepatched boolean| __zone_symbol__ononpointeroverpatched boolean| __zone_symbol__ononpointeruppatched boolean| __zone_symbol__ononprogresspatched boolean| __zone_symbol__ononratechangepatched boolean| __zone_symbol__ononresetpatched boolean| __zone_symbol__ononresizepatched boolean| __zone_symbol__ononscrollpatched boolean| __zone_symbol__ononseekedpatched boolean| __zone_symbol__ononseekingpatched boolean| __zone_symbol__ononselectpatched boolean| __zone_symbol__ononselectionchangepatched boolean| __zone_symbol__ononselectstartpatched boolean| __zone_symbol__ononstalledpatched boolean| __zone_symbol__ononsubmitpatched boolean| __zone_symbol__ononsuspendpatched boolean| __zone_symbol__onontimeupdatepatched boolean| __zone_symbol__ononvolumechangepatched boolean| __zone_symbol__onontransitioncancelpatched boolean| __zone_symbol__onontransitionendpatched boolean| __zone_symbol__ononwaitingpatched boolean| __zone_symbol__ononwheelpatched boolean| __zone_symbol__onontogglepatched boolean| __zone_symbol__ononafterprintpatched boolean| __zone_symbol__ononappinstalledpatched boolean| __zone_symbol__ononbeforeinstallpromptpatched boolean| __zone_symbol__ononbeforeprintpatched boolean| __zone_symbol__ononbeforeunloadpatched boolean| __zone_symbol__onondevicemotionpatched boolean| __zone_symbol__onondeviceorientationpatched boolean| __zone_symbol__onondeviceorientationabsolutepatched boolean| __zone_symbol__ononhashchangepatched boolean| __zone_symbol__ononlanguagechangepatched boolean| __zone_symbol__ononmessagepatched boolean| __zone_symbol__ononofflinepatched boolean| __zone_symbol__onononlinepatched boolean| __zone_symbol__ononpageshowpatched boolean| __zone_symbol__ononpagehidepatched boolean| __zone_symbol__ononpopstatepatched boolean| __zone_symbol__ononrejectionhandledpatched boolean| __zone_symbol__ononstoragepatched boolean| __zone_symbol__ononunhandledrejectionpatched boolean| __zone_symbol__ononunloadpatched boolean| __zone_symbol__onondragstartpatched boolean| __zone_symbol__ononanimationstartpatched boolean| __zone_symbol__ononsearchpatched boolean| __zone_symbol__onontransitionrunpatched boolean| __zone_symbol__onontransitionstartpatched boolean| __zone_symbol__ononwebkitanimationendpatched boolean| __zone_symbol__ononwebkitanimationiterationpatched boolean| __zone_symbol__ononwebkitanimationstartpatched boolean| __zone_symbol__ononwebkittransitionendpatched boolean| __zone_symbol__ononpointeroutpatched boolean| __zone_symbol__ononmessageerrorpatched function| Hashtable function| startsWith function| DomDataCollection function| IE_FingerPrint function| Mozilla_FingerPrint function| Opera_FingerPrint function| Timer function| randrange function| detectIE function| genRandomNumber function| getRandomPort object| ProxyCollector function| BlackberryLocationCollector function| detectFields string| SEP string| PAIR string| DEV function| FingerPrint function| urlEncode function| encode_deviceprint function| decode_deviceprint function| post_deviceprint function| post_fingerprints function| add_deviceprint function| form_add_data function| form_add_deviceprint string| HTML5 string| BLACKBERRY string| UNDEFINED string| GEO_LOCATION_DEFAULT_STRUCT object| geoLocator boolean| geoLocatorStatus function| detectDeviceCollectionAPIMode function| init function| startCollection function| stopCollection function| getGeolocationStruct function| HTML5LocationCollector object| TimestampCollector object| UIEventCollector function| RSAUIEvent function| InteractionElement function| UIElementList function| activeXDetect function| stripIllegalChars function| stripFullPath object| BrowserDetect function| convertTimestampToGMT function| getTimestampInMillis function| debug function| DomDataCollectionExtend boolean| isIE boolean| isWin boolean| isOpera function| ControlVersion function| GetSwfVer function| DetectFlashVer function| AC_AddExtension function| AC_Generateobj function| AC_FL_RunContent function| AC_GetArgs boolean| callCobrowse function| showStopModal function| loadModalInformation function| initChatvisor function| checkSessionLiveView function| OptimizeSession function| checkI18n function| checkLoadedChatvisor function| initCobrowse function| stopCobrowse function| forceIE89Synchronicity function| __zone_symbol__ON_PROPERTYfocus object| __zone_symbol__focusfalse function| __zone_symbol__ON_PROPERTYblur object| __zone_symbol__blurfalse function| ga object| gaplugins boolean| ngDevMode object| __zone_symbol__ON_PROPERTYmessage object| __zone_symbol__messagefalse object| ng object| __zone_symbol__popstatefalse object| __zone_symbol__hashchangefalse object| gaGlobal function| getAngularTestability function| getAllAngularTestabilities function| getAllAngularRootElements object| frameworkStabilizers object| gaData object| dataLayer function| gtag object| _0x2209 function| _0xc39a object| google_tag_manager object| __zone_symbol__loadfalse function| loadJSON string| prefix string| element_name number| lastComma number| quotation_marks string| t object| plugin object| menuPasos object| _0x1d09 function| _0x494c object| google_tag_data string| GoogleAnalyticsObject function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener undefined| __zone_symbol__eventListeners undefined| __zone_symbol__removeAllListeners function| eventListeners function| removeAllListeners

4 Cookies

Domain/Path Name / Value
216.244.165.236/ Name: _ga
Value: GA1.1.1549084603.1658430425
216.244.165.236/ Name: _gid
Value: GA1.1.998329921.1658430425
216.244.165.236/ Name: _gat
Value: 1
216.244.165.236/ Name: _gat_UA-79497878-5
Value: 1

4 Console Messages

Source Level URL
Text
javascript error URL: https://216.244.165.236/#/iniciar-sesion
Message:
Access to XMLHttpRequest at 'https://bcpzonasegurabeta.viabcp.com/bcp-hbk-web1/app/login/card' from origin 'https://216.244.165.236' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The 'Access-Control-Allow-Origin' header has a value 'https://bcpzonasegurabeta.viabcp.com' that is not equal to the supplied origin.
network error URL: https://bcpzonasegurabeta.viabcp.com/bcp-hbk-web1/app/login/card
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://216.244.165.236/#/iniciar-sesion
Message:
Access to XMLHttpRequest at 'https://bcpzonasegurabeta.viabcp.com/bcp-hbk-web1/app/login/captcha' from origin 'https://216.244.165.236' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The 'Access-Control-Allow-Origin' header has a value 'https://bcpzonasegurabeta.viabcp.com' that is not equal to the supplied origin.
network error URL: https://bcpzonasegurabeta.viabcp.com/bcp-hbk-web1/app/login/captcha
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.chatvisor.com
bcpr42sh.staticmon.com
bcpzonasegurabeta.viabcp.com
cdn.chatvisor.com
stats.g.doubleclick.net
stbcpzonasegura.viabcp.com
unruffled-shannon-1a7413.netlify.app
unruffled-shannon-1a7413.netlify.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
bcpzonasegurabeta.viabcp.com
136.243.36.90
216.244.165.236
2600:9000:21f3:2e00:1:1c51:10c0:93a1
2a00:1450:4001:806::2003
2a00:1450:4001:808::200e
2a00:1450:4001:80f::2004
2a00:1450:4001:82a::2008
2a00:1450:400c:c0c::9c
2a02:26f0:3500:899::2e48
2a05:d014:275:cb00:ec0d:12e2:df27:aa60
2a05:d014:275:cb02:66df:50b:6e56:a6bf
52.212.247.225
02742348bd8ffe2d1183a7ad2d195e16134b82b416b3a95dc24792b1a65e4a61
08241458d3ce1af786b576e47b3b5941f3e32bfd8b2bc953f66960720bee0831
0b866ee4f3c09b0e278b0f6fe01c1b8c79263a1ffe36ca1649d8a0a5025a5888
0da9af9021c95c03f6df71bd87b12ca89d459d3639dba871a23b0ca795f9fdcf
1062e0c450a52fbabc15b9f78223eb84e71587ec73b31710be76f478592b42c9
128066324bb36866d8b64f1a75fa96b60263684824f42dd04a78666d2e44ea1a
1caaf29553e35c7b8b15e2419e08caa0023511ba0a9e94a8df739a90cf5d00c3
35a0ff464bb7ae3678794e852c4f4e0499d5ce16b170716c4bebb282396d408b
3ca034dc1c551304cb7550c6293ca145f4326857fe913838b9bdc7b4085250bc
4fad053182cecbfcf0c3458299a394c428799c09caabf73c357ce35affcfcfd7
544ca9589ed2d8c50b8267369ea2b970ffe2a696e3397e9a9db668887eeebba1
576268ebbf93e3090085fd1c960591a5027a438c3c8dd727e1f46fc017322db4
5ab31b6f85c701b181dfef7620dc468aca7119a787535cfabac7dd74b68aa7a8
5d327f3ed655cb1afb3e5563110bedb6ec5fee248c393df1595e9447bb096a8c
5ea36a0e1114f9176096ac50e34a785bcbbf69ba0d1853f3ca624acddd65582f
61ef0783e7bce907daf8c88305dbf07117535ae60e795e163966946998dc5146
6e61b1e2d0639553efe9e959f0a574d15fdab7a7764891dbaa8273b0cd8de2d4
74213f6a243e211ac82a7845e642e7f5d7b3d9c7f3cd843e09424230b3ccf3ea
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84197300be689c98a84a16fb9f669d111dcbe050d4932136214132fd81e11de9
89dc64426329406841bb16cec345c0f73c9e1b2aece1ca78b6505467e9b6c4aa
91523cfc88605436a38f9599f7f094c9ece7263ba0ac1b33b0771a4a64427db6
99066f683e36549f1e747a7cfab97606573a4367fe35a4e82dda5c3b03a43287
9d91ae324c350a6540627193e4fb0fba0b150279fa9c197537d2ecc84f8ad5c0
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a426aa56c6f262ec969052b7fe8668067dbbfa0bfbd964fdb854bd4f64811f64
b5eed63ded97cecd99982dbe8e8dac723292fc4fbb449605bb2a2fc6b7172d89
c4bfe03d7dcfff129cf26b11a8757532e5a45322af45ac30f1583542c1e7d3f6
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ceca405ca0d4e50dd7c27bacb32387d649e42d8d6acf14df08975c546774797e
d6e507e9151c1b691b6d6a2a226455ddf2eaaf03a6314d19c41d129d6215e120
e222510c8703ed2ca7944a4978dca92140325a96ca6826d7b78f775082b0a418
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f92813a83c5c7d37a06fd98e8029668508f34b07cd0eec0423ebafdf2558148d
fd9bd5004ae517527e784b3f1b136542697f344c195cedc28a6b89066e163e9b