onlinenewbankbcp.viiabcp.repl.co
Open in
urlscan Pro
34.149.204.188
Malicious Activity!
Public Scan
Effective URL: https://onlinenewbankbcp.viiabcp.repl.co/
Submission Tags: replit-anti-abuse
Submission: On September 27 via api from US — Scanned from DE
Summary
TLS certificate: Issued by R3 on September 27th 2022. Valid for: 3 months.
This is the only time onlinenewbankbcp.viiabcp.repl.co was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Banco de Crédito del Perú (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 12 | 34.149.204.188 34.149.204.188 | 15169 (GOOGLE) (GOOGLE) | |
6 | 2a02:26f0:170... 2a02:26f0:1700:494::2e48 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 1 | 2a05:d014:275... 2a05:d014:275:cb00:7dff:602c:d0e7:9c4 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a05:d014:275... 2a05:d014:275:cb00:c26c:5b6d:e2c8:e5a | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 52.212.247.225 52.212.247.225 | 16509 (AMAZON-02) (AMAZON-02) | |
19 | 5 |
ASN15169 (GOOGLE, US)
PTR: 188.204.149.34.bc.googleusercontent.com
onlinenewbankbcp.viiabcp.repl.co |
ASN20940 (AKAMAI-ASN1, NL)
stbcpzonasegura.viabcp.com |
ASN16509 (AMAZON-02, US)
unruffled-shannon-1a7413.netlify.com |
ASN16509 (AMAZON-02, US)
unruffled-shannon-1a7413.netlify.app |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-247-225.eu-west-1.compute.amazonaws.com
bcpr42sh.staticmon.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
repl.co
1 redirects
onlinenewbankbcp.viiabcp.repl.co |
1 MB |
6 |
viabcp.com
stbcpzonasegura.viabcp.com |
241 KB |
1 |
staticmon.com
bcpr42sh.staticmon.com — Cisco Umbrella Rank: 628283 |
510 B |
1 |
netlify.app
unruffled-shannon-1a7413.netlify.app — Cisco Umbrella Rank: 231657 |
3 KB |
1 |
netlify.com
1 redirects
unruffled-shannon-1a7413.netlify.com — Cisco Umbrella Rank: 955147 |
150 B |
19 | 5 |
Domain | Requested by | |
---|---|---|
12 | onlinenewbankbcp.viiabcp.repl.co |
1 redirects
onlinenewbankbcp.viiabcp.repl.co
|
6 | stbcpzonasegura.viabcp.com |
onlinenewbankbcp.viiabcp.repl.co
stbcpzonasegura.viabcp.com |
1 | bcpr42sh.staticmon.com |
unruffled-shannon-1a7413.netlify.com
|
1 | unruffled-shannon-1a7413.netlify.app |
onlinenewbankbcp.viiabcp.repl.co
|
1 | unruffled-shannon-1a7413.netlify.com | 1 redirects |
19 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
viiabcp.repl.co R3 |
2022-09-27 - 2022-12-26 |
3 months | crt.sh |
st.bcpzonasegura.bcp.com.pe DigiCert TLS RSA SHA256 2020 CA1 |
2022-07-12 - 2023-07-13 |
a year | crt.sh |
*.staticmon.com Go Daddy Secure Certificate Authority - G2 |
2022-02-25 - 2023-03-29 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://onlinenewbankbcp.viiabcp.repl.co/
Frame ID: EF2933222E4A5DB3174E68210F9C52DC
Requests: 21 HTTP requests in this frame
Screenshot
Page Title
Banco de Crédito >>BCP>>Page URL History Show full URLs
-
http://onlinenewbankbcp.viiabcp.repl.co/
HTTP 308
https://onlinenewbankbcp.viiabcp.repl.co/ Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://onlinenewbankbcp.viiabcp.repl.co/
HTTP 308
https://onlinenewbankbcp.viiabcp.repl.co/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 2- https://unruffled-shannon-1a7413.netlify.com/bcpr42sh.js HTTP 301
- https://unruffled-shannon-1a7413.netlify.app/bcpr42sh.js
19 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
onlinenewbankbcp.viiabcp.repl.co/ Redirect Chain
|
155 KB 156 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
onlinenewbankbcp.viiabcp.repl.co/assets/css/ |
457 KB 458 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.73891af9c5f119165612.bundle.css
stbcpzonasegura.viabcp.com/ |
232 KB 34 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bcpr42sh.js
unruffled-shannon-1a7413.netlify.app/ Redirect Chain
|
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bcpr42sh.js.descarga
onlinenewbankbcp.viiabcp.repl.co/index_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0.eb4db6c91bbdb979fe70.chunk.js.descarga
onlinenewbankbcp.viiabcp.repl.co/index_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style2.css
onlinenewbankbcp.viiabcp.repl.co/css/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.660ac38d.js
onlinenewbankbcp.viiabcp.repl.co/static/js/ |
515 KB 516 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.1d554bf8.css
onlinenewbankbcp.viiabcp.repl.co/static/css/ |
4 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.svg
onlinenewbankbcp.viiabcp.repl.co/assets/img/ |
2 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chronometer-o-w.svg
onlinenewbankbcp.viiabcp.repl.co/assets/img/ |
713 B 804 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chronometer-o.svg
onlinenewbankbcp.viiabcp.repl.co/assets/img/ |
722 B 751 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
turn-o.svg
onlinenewbankbcp.viiabcp.repl.co/assets/img/ |
712 B 741 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo_blanco.svg
stbcpzonasegura.viabcp.com/assets/img/ |
6 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
HBK-login-fondo.jpg
stbcpzonasegura.viabcp.com/assets/img/ |
43 KB 44 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
242863_3_0.973408b83b66574e2bde.woff
stbcpzonasegura.viabcp.com/ |
69 KB 69 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
242863_E_0.31e6d7cf733065d39be1.woff
stbcpzonasegura.viabcp.com/ |
67 KB 67 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icons.a1179978b826d3cbfd6b.woff
stbcpzonasegura.viabcp.com/ |
24 KB 24 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
bcpr42sh.staticmon.com/tun/bcpr42sh/input/ |
16 B 510 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Banco de Crédito del Perú (Banking)11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| _0x4f41 function| _0x12b60 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=7772381; includeSubDomains |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bcpr42sh.staticmon.com
onlinenewbankbcp.viiabcp.repl.co
stbcpzonasegura.viabcp.com
unruffled-shannon-1a7413.netlify.app
unruffled-shannon-1a7413.netlify.com
2a02:26f0:1700:494::2e48
2a05:d014:275:cb00:7dff:602c:d0e7:9c4
2a05:d014:275:cb00:c26c:5b6d:e2c8:e5a
34.149.204.188
52.212.247.225
08241458d3ce1af786b576e47b3b5941f3e32bfd8b2bc953f66960720bee0831
0e7723c9b55d7d3e4c592f1da81c10242029db080626493647b7c40af8eab54d
21bd0e63e9b06d1320a40049fa76dcafa036f5dc945dfb64a93cb2eec4f11ed9
3ca034dc1c551304cb7550c6293ca145f4326857fe913838b9bdc7b4085250bc
576268ebbf93e3090085fd1c960591a5027a438c3c8dd727e1f46fc017322db4
805bb9b076190dce024f76c6d7c0b598c30c77110ad2ae166233c1eba9ca27d0
8f01cfe58755b41df788024c48ce7a97c46394ebba9d5076b60e55849f753047
99066f683e36549f1e747a7cfab97606573a4367fe35a4e82dda5c3b03a43287
9d91ae324c350a6540627193e4fb0fba0b150279fa9c197537d2ecc84f8ad5c0
a426aa56c6f262ec969052b7fe8668067dbbfa0bfbd964fdb854bd4f64811f64
a99ca5022d0ed8308096eaf2c6ca4e382eec459f7c164b2dfd0c5db0c1372400
b5eed63ded97cecd99982dbe8e8dac723292fc4fbb449605bb2a2fc6b7172d89
b62e7194cd9fb54faaf3fb6ddfa37bb4088ae40f9848c295b3a6235d294606f8
c4bfe03d7dcfff129cf26b11a8757532e5a45322af45ac30f1583542c1e7d3f6
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
d5e22ec7822fee9a3590a96cd28c353c7ae4887415179334a93cb498a71c8a03
d6e507e9151c1b691b6d6a2a226455ddf2eaaf03a6314d19c41d129d6215e120
fd9bd5004ae517527e784b3f1b136542697f344c195cedc28a6b89066e163e9b