urlscan.io logo urlscan.io
SecurityTrails logo

consultageneraless223.com Open in urlscan Pro
2a02:4780:13:1535:0:3216:8ea1:2  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://consultageneraless223.com/
Effective URL: https://consultageneraless223.com/
Submission Tags: suspect
Submission: On June 27 via api from BR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 8 HTTP transactions. The main IP is 2a02:4780:13:1535:0:3216:8ea1:2, located in São Paulo, Brazil and belongs to AS-HOSTINGER, CY. The main domain is consultageneraless223.com.
TLS certificate: Issued by R10 on June 26th 2024. Valid for: 3 months.
This is the only time consultageneraless223.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Industrial and Commercial Bank of China (Banking)

Domain & IP information

IP Address AS Autonomous System
8 2a02:4780:13:... 47583 (AS-HOSTINGER)
8 1
Apex Domain
Subdomains		 Transfer
8 consultageneraless223.com
consultageneraless223.com
84 KB
8 1
Domain Requested by
8 consultageneraless223.com consultageneraless223.com
8 1

This site contains no links.

Subject Issuer Validity Valid
consultageneraless223.com
R10		 2024-06-26 -
2024-09-24		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://consultageneraless223.com/
Frame ID: 72653CC83C2492232BBA5D734A4A96A6
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Isquelo

Page URL History Show full URLs

  1. http://consultageneraless223.com/ HTTP 307
    https://consultageneraless223.com/ Page URL

Page Statistics

8
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

84 kB
Transfer

131 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://consultageneraless223.com/ HTTP 307
    https://consultageneraless223.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
consultageneraless223.com/
Redirect Chain
  • http://consultageneraless223.com/
  • https://consultageneraless223.com/
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://consultageneraless223.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:13:1535:0:3216:8ea1:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed / PHP/8.1.28
Resource Hash
fbda1f839ee17db7be025422be7a528aa1c79901f994c3778a77a5aaa69bee9e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
referer
https://www.google.com

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
no-store, no-cache, must-revalidate
content-encoding
br
content-length
1467
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Thu, 27 Jun 2024 16:44:59 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
platform
hostinger
pragma
no-cache
server
LiteSpeed
vary
Accept-Encoding
x-powered-by
PHP/8.1.28

Redirect headers

Location
https://consultageneraless223.com/
Non-Authoritative-Reason
HttpsUpgrades
estilo.css
consultageneraless223.com/bigchino/estilos/ 		55 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://consultageneraless223.com/bigchino/estilos/estilo.css
Requested by
Host: consultageneraless223.com
URL: https://consultageneraless223.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:13:1535:0:3216:8ea1:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
cc935041b1a836158e14a88d3323ebfa52d6dc469a2c226015ccccbbe117ae23
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Thu, 27 Jun 2024 16:44:59 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 26 Jun 2024 18:56:02 GMT
server
LiteSpeed
etag
"da3f-667c6442-371fbaf5c038db65;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
11131
expires
Thu, 04 Jul 2024 16:44:59 GMT
logo.png
consultageneraless223.com/bigchino/imagenes/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consultageneraless223.com/bigchino/imagenes/logo.png
Requested by
Host: consultageneraless223.com
URL: https://consultageneraless223.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:13:1535:0:3216:8ea1:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
923c99e1b1340bbf2615529e4004e2eeebcf3cd297930f3d16db2bdecf84d22a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Thu, 27 Jun 2024 16:44:59 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 26 Jun 2024 18:56:03 GMT
server
LiteSpeed
etag
"963-667c6443-9cd0b7fcfcddec45;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
2403
expires
Thu, 04 Jul 2024 16:44:59 GMT
segu.jpg
consultageneraless223.com/bigchino/imagenes/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consultageneraless223.com/bigchino/imagenes/segu.jpg
Requested by
Host: consultageneraless223.com
URL: https://consultageneraless223.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:13:1535:0:3216:8ea1:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
3bf52e02e3c01e751c539cfefeb5e00f18e6b288046973c9de61d0d2ff9e7977
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Thu, 27 Jun 2024 16:44:59 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 26 Jun 2024 18:56:03 GMT
server
LiteSpeed
etag
"7be2-667c6443-6784d3178b56c454;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
31714
expires
Thu, 04 Jul 2024 16:44:59 GMT
atencion.png
consultageneraless223.com/bigchino/imagenes/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consultageneraless223.com/bigchino/imagenes/atencion.png
Requested by
Host: consultageneraless223.com
URL: https://consultageneraless223.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:13:1535:0:3216:8ea1:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
a70b5040a41f3e10d78e3e99cd65dad855a5f82d0d1b11c1aa0715840e237d56
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Thu, 27 Jun 2024 16:44:59 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 26 Jun 2024 18:56:03 GMT
server
LiteSpeed
etag
"27cb-667c6443-12065502e999a99a;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
10187
expires
Thu, 04 Jul 2024 16:44:59 GMT
footer.png
consultageneraless223.com/bigchino/imagenes/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consultageneraless223.com/bigchino/imagenes/footer.png
Requested by
Host: consultageneraless223.com
URL: https://consultageneraless223.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:13:1535:0:3216:8ea1:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
6258926f9fcb4566480b90eaa853d40149fa17edf1e49d5e8b76681083309de9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Thu, 27 Jun 2024 16:45:00 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 26 Jun 2024 18:56:03 GMT
server
LiteSpeed
etag
"6b61-667c6443-65fa0ff90e655701;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
27489
expires
Thu, 04 Jul 2024 16:45:00 GMT
icono.ico
consultageneraless223.com/bigchino/imagenes/ 		1 KB
349 B 		Other
General
Check archive.org
Download Go to
Full URL
https://consultageneraless223.com/bigchino/imagenes/icono.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:13:1535:0:3216:8ea1:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
484a19065105b2ef28a5d4b0bdfd0aaee920f91cf27d4d774820ee4f7e671bd9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Thu, 27 Jun 2024 16:45:00 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 26 Jun 2024 18:56:03 GMT
server
LiteSpeed
etag
"57e-667c6443-696588e90cbc57a5;br"
vary
Accept-Encoding
content-type
image/x-icon
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
276
expires
Thu, 04 Jul 2024 16:45:00 GMT
icono.ico
consultageneraless223.com/bigchino/imagenes/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://consultageneraless223.com/bigchino/imagenes/icono.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:13:1535:0:3216:8ea1:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
484a19065105b2ef28a5d4b0bdfd0aaee920f91cf27d4d774820ee4f7e671bd9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Thu, 27 Jun 2024 16:45:00 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 26 Jun 2024 18:56:03 GMT
server
LiteSpeed
etag
"57e-667c6443-696588e90cbc57a5;br"
vary
Accept-Encoding
content-type
image/x-icon
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
276
expires
Thu, 04 Jul 2024 16:45:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Industrial and Commercial Bank of China (Banking)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage

1 Cookies

Domain/Path Name / Value
consultageneraless223.com/ Name: PHPSESSID
Value: 708n569ju3gs3v0ak7qins8p2t

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://consultageneraless223.com/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests