urlscan.io logo urlscan.io
SecurityTrails logo

onlinenewbankbcp.viiabcp.repl.co Open in urlscan Pro
34.149.204.188  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://onlinenewbankbcp.viiabcp.repl.co/
Effective URL: https://onlinenewbankbcp.viiabcp.repl.co/
Submission: On September 28 via api from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 4 countries across 5 domains to perform 19 HTTP transactions. The main IP is 34.149.204.188, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is onlinenewbankbcp.viiabcp.repl.co.
TLS certificate: Issued by R3 on September 27th 2022. Valid for: 3 months.
This is the only time onlinenewbankbcp.viiabcp.repl.co was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Banco de Crédito del Perú (Banking)

Domain & IP information

IP Address AS Autonomous System
1 12 34.149.204.188 15169 (GOOGLE)
6 2600:140b:a80... 20940 (AKAMAI-ASN1)
1 1 2406:da18:880... 16509 (AMAZON-02)
1 2406:da18:880... 16509 (AMAZON-02)
1 52.212.247.225 16509 (AMAZON-02)
19 5
12    34.149.204.188 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 188.204.149.34.bc.googleusercontent.com
onlinenewbankbcp.viiabcp.repl.co
6    2600:140b:a800:89d::2e48 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
stbcpzonasegura.viabcp.com
1    2406:da18:880:3802:bc32:fc44:302b:aad2 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
unruffled-shannon-1a7413.netlify.com
1    2406:da18:880:3800:1655:e904:cce5:66a5 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
unruffled-shannon-1a7413.netlify.app
1    52.212.247.225 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-247-225.eu-west-1.compute.amazonaws.com
bcpr42sh.staticmon.com
Apex Domain
Subdomains		 Transfer
12 repl.co
onlinenewbankbcp.viiabcp.repl.co
1 MB
6 viabcp.com
stbcpzonasegura.viabcp.com
241 KB
1 staticmon.com
bcpr42sh.staticmon.com — Cisco Umbrella Rank: 628283
510 B
1 netlify.app
unruffled-shannon-1a7413.netlify.app — Cisco Umbrella Rank: 231657
3 KB
1 netlify.com
unruffled-shannon-1a7413.netlify.com — Cisco Umbrella Rank: 955147
150 B
19 5
Domain Requested by
12 onlinenewbankbcp.viiabcp.repl.co 1 redirects onlinenewbankbcp.viiabcp.repl.co
6 stbcpzonasegura.viabcp.com onlinenewbankbcp.viiabcp.repl.co
stbcpzonasegura.viabcp.com
1 bcpr42sh.staticmon.com unruffled-shannon-1a7413.netlify.com
1 unruffled-shannon-1a7413.netlify.app onlinenewbankbcp.viiabcp.repl.co
1 unruffled-shannon-1a7413.netlify.com 1 redirects
19 5

This site contains no links.

Subject Issuer Validity Valid
viiabcp.repl.co
R3		 2022-09-27 -
2022-12-26		 3 months crt.sh
st.bcpzonasegura.bcp.com.pe
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-12 -
2023-07-13		 a year crt.sh
*.staticmon.com
Go Daddy Secure Certificate Authority - G2		 2022-02-25 -
2023-03-29		 a year crt.sh

This page contains 1 frames:

Primary Page: https://onlinenewbankbcp.viiabcp.repl.co/
Frame ID: D9CE0EEC1E471F46388C7A372140677C
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Banco de Crédito >>BCP>>

Page URL History Show full URLs

  1. http://onlinenewbankbcp.viiabcp.repl.co/ HTTP 308
    https://onlinenewbankbcp.viiabcp.repl.co/ Page URL

Page Statistics

19
Requests

95 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

5
IPs

4
Countries

1382 kB
Transfer

1591 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://onlinenewbankbcp.viiabcp.repl.co/ HTTP 308
    https://onlinenewbankbcp.viiabcp.repl.co/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://unruffled-shannon-1a7413.netlify.com/bcpr42sh.js HTTP 301
  • https://unruffled-shannon-1a7413.netlify.app/bcpr42sh.js

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
onlinenewbankbcp.viiabcp.repl.co/
Redirect Chain
  • http://onlinenewbankbcp.viiabcp.repl.co/
  • https://onlinenewbankbcp.viiabcp.repl.co/
155 KB
156 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onlinenewbankbcp.viiabcp.repl.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.204.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.204.149.34.bc.googleusercontent.com
Software
/
Resource Hash
a99ca5022d0ed8308096eaf2c6ca4e382eec459f7c164b2dfd0c5db0c1372400
Security Headers
Name Value
Strict-Transport-Security max-age=7762284; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

content-length
159037
content-type
text/html; charset=UTF-8
date
Wed, 28 Sep 2022 00:07:49 GMT
expect-ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
host
onlinenewbankbcp.viiabcp.repl.co
replit-cluster
global
strict-transport-security
max-age=7762284; includeSubDomains

Redirect headers

Content-Length
77
Content-Type
text/html; charset=utf-8
Date
Wed, 28 Sep 2022 00:07:49 GMT
Location
https://onlinenewbankbcp.viiabcp.repl.co/
Replit-Cluster
global
Via
1.1 google
style.css
onlinenewbankbcp.viiabcp.repl.co/assets/css/ 		457 KB
458 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onlinenewbankbcp.viiabcp.repl.co/assets/css/style.css
Requested by
Host: onlinenewbankbcp.viiabcp.repl.co
URL: https://onlinenewbankbcp.viiabcp.repl.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.204.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.204.149.34.bc.googleusercontent.com
Software
/
Resource Hash
21bd0e63e9b06d1320a40049fa76dcafa036f5dc945dfb64a93cb2eec4f11ed9
Security Headers
Name Value
Strict-Transport-Security max-age=7762284; includeSubDomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://onlinenewbankbcp.viiabcp.repl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 00:07:49 GMT
strict-transport-security
max-age=7762284; includeSubDomains
host
onlinenewbankbcp.viiabcp.repl.co
replit-cluster
global
content-length
467916
expect-ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
content-type
text/css; charset=UTF-8
styles.73891af9c5f119165612.bundle.css
stbcpzonasegura.viabcp.com/ 		232 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stbcpzonasegura.viabcp.com/styles.73891af9c5f119165612.bundle.css
Requested by
Host: onlinenewbankbcp.viiabcp.repl.co
URL: https://onlinenewbankbcp.viiabcp.repl.co/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:a800:89d::2e48 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
576268ebbf93e3090085fd1c960591a5027a438c3c8dd727e1f46fc017322db4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://onlinenewbankbcp.viiabcp.repl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 00:07:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
server-timing
dtRpid;desc="1284611329"
accept-ranges
bytes
vary
Accept-Encoding
content-length
34685
x-xss-protection
1; mode=block
expires
Wed, 28 Sep 2022 00:07:52 GMT
bcpr42sh.js
unruffled-shannon-1a7413.netlify.app/
Redirect Chain
  • https://unruffled-shannon-1a7413.netlify.com/bcpr42sh.js
  • https://unruffled-shannon-1a7413.netlify.app/bcpr42sh.js
9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unruffled-shannon-1a7413.netlify.app/bcpr42sh.js
Requested by
Host: onlinenewbankbcp.viiabcp.repl.co
URL: https://onlinenewbankbcp.viiabcp.repl.co/
Protocol
H2
Server
2406:da18:880:3800:1655:e904:cce5:66a5 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
805bb9b076190dce024f76c6d7c0b598c30c77110ad2ae166233c1eba9ca27d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://onlinenewbankbcp.viiabcp.repl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id
01GE0PQM429VJTSCEQZ0C0JCSX
date
Mon, 26 Sep 2022 09:52:28 GMT
content-encoding
gzip
server
Netlify
age
137723
etag
"2728cd1ffed42d26932e4e10bfce0e85-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0, must-revalidate
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
2327

Redirect headers

location
https://unruffled-shannon-1a7413.netlify.app/bcpr42sh.js
x-nf-request-id
01GE0PQKTRC53D9VFT6WHMC01H
date
Wed, 28 Sep 2022 00:07:49 GMT
server
Netlify
content-length
91
content-type
text/html; charset=utf-8
bcpr42sh.js.descarga
onlinenewbankbcp.viiabcp.repl.co/index_files/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://onlinenewbankbcp.viiabcp.repl.co/index_files/bcpr42sh.js.descarga
Requested by
Host: onlinenewbankbcp.viiabcp.repl.co
URL: https://onlinenewbankbcp.viiabcp.repl.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.204.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.204.149.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=7762284; includeSubDomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://onlinenewbankbcp.viiabcp.repl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 00:07:49 GMT
strict-transport-security
max-age=7762284; includeSubDomains
host
onlinenewbankbcp.viiabcp.repl.co
replit-cluster
global
content-length
565
expect-ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
content-type
text/html; charset=UTF-8
0.eb4db6c91bbdb979fe70.chunk.js.descarga
onlinenewbankbcp.viiabcp.repl.co/index_files/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://onlinenewbankbcp.viiabcp.repl.co/index_files/0.eb4db6c91bbdb979fe70.chunk.js.descarga
Requested by
Host: onlinenewbankbcp.viiabcp.repl.co
URL: https://onlinenewbankbcp.viiabcp.repl.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.204.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.204.149.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=7762284; includeSubDomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://onlinenewbankbcp.viiabcp.repl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 00:07:49 GMT
strict-transport-security
max-age=7762284; includeSubDomains
host
onlinenewbankbcp.viiabcp.repl.co
replit-cluster
global
content-length
585
expect-ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
content-type
text/html; charset=UTF-8
style2.css
onlinenewbankbcp.viiabcp.repl.co/css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onlinenewbankbcp.viiabcp.repl.co/css/style2.css
Requested by
Host: onlinenewbankbcp.viiabcp.repl.co
URL: https://onlinenewbankbcp.viiabcp.repl.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.204.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.204.149.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=7762284; includeSubDomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://onlinenewbankbcp.viiabcp.repl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 00:07:49 GMT
strict-transport-security
max-age=7762284; includeSubDomains
host
onlinenewbankbcp.viiabcp.repl.co
replit-cluster
global
content-length
547
expect-ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
content-type
text/html; charset=UTF-8
main.660ac38d.js
onlinenewbankbcp.viiabcp.repl.co/static/js/ 		515 KB
516 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onlinenewbankbcp.viiabcp.repl.co/static/js/main.660ac38d.js
Requested by
Host: onlinenewbankbcp.viiabcp.repl.co
URL: https://onlinenewbankbcp.viiabcp.repl.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.204.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.204.149.34.bc.googleusercontent.com
Software
/
Resource Hash
d5e22ec7822fee9a3590a96cd28c353c7ae4887415179334a93cb498a71c8a03
Security Headers
Name Value
Strict-Transport-Security max-age=7762284; includeSubDomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://onlinenewbankbcp.viiabcp.repl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 00:07:49 GMT
strict-transport-security
max-age=7762284; includeSubDomains
host
onlinenewbankbcp.viiabcp.repl.co
replit-cluster
global
content-length
527229
expect-ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
content-type
application/javascript
main.1d554bf8.css
onlinenewbankbcp.viiabcp.repl.co/static/css/ 		4 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onlinenewbankbcp.viiabcp.repl.co/static/css/main.1d554bf8.css
Requested by
Host: onlinenewbankbcp.viiabcp.repl.co
URL: https://onlinenewbankbcp.viiabcp.repl.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.204.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.204.149.34.bc.googleusercontent.com
Software
/
Resource Hash
8f01cfe58755b41df788024c48ce7a97c46394ebba9d5076b60e55849f753047
Security Headers
Name Value
Strict-Transport-Security max-age=7762284; includeSubDomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://onlinenewbankbcp.viiabcp.repl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 00:07:49 GMT
strict-transport-security
max-age=7762284; includeSubDomains
host
onlinenewbankbcp.viiabcp.repl.co
replit-cluster
global
content-length
4590
expect-ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
content-type
text/css; charset=UTF-8
/
bcpr42sh.staticmon.com/tun/bcpr42sh/input/ 		16 B
510 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcpr42sh.staticmon.com/tun/bcpr42sh/input/
Requested by
Host: unruffled-shannon-1a7413.netlify.com
URL: https://unruffled-shannon-1a7413.netlify.com/bcpr42sh.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
52.212.247.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-247-225.eu-west-1.compute.amazonaws.com
Software
nginx/1.19.1 /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
Strict-Transport-Security max-age=60; includeSubDomains; preload
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://onlinenewbankbcp.viiabcp.repl.co/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
text/plain

Response headers

Date
Wed, 28 Sep 2022 00:07:51 GMT
Allow
POST, OPTIONS
Server
nginx/1.19.1
Access-Control-Allow-Headers
Authorization, Origin, X-Requested-With, Content-Type, Accept
X-Frame-Options
DENY
Strict-Transport-Security
max-age=60; includeSubDomains; preload
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Content-Type
application/json
Access-Control-Allow-Origin
*
Connection
keep-alive
Vary
Cookie
Content-Length
16
X-XSS-Protection
1; mode=block
logo.svg
onlinenewbankbcp.viiabcp.repl.co/assets/img/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onlinenewbankbcp.viiabcp.repl.co/assets/img/logo.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.204.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.204.149.34.bc.googleusercontent.com
Software
/
Resource Hash
c4bfe03d7dcfff129cf26b11a8757532e5a45322af45ac30f1583542c1e7d3f6
Security Headers
Name Value
Strict-Transport-Security max-age=7762281; includeSubDomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://onlinenewbankbcp.viiabcp.repl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 00:07:53 GMT
strict-transport-security
max-age=7762281; includeSubDomains
host
onlinenewbankbcp.viiabcp.repl.co
replit-cluster
global
content-length
2539
expect-ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
content-type
image/svg+xml
chronometer-o-w.svg
onlinenewbankbcp.viiabcp.repl.co/assets/img/ 		713 B
743 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onlinenewbankbcp.viiabcp.repl.co/assets/img/chronometer-o-w.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.204.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.204.149.34.bc.googleusercontent.com
Software
/
Resource Hash
b5eed63ded97cecd99982dbe8e8dac723292fc4fbb449605bb2a2fc6b7172d89
Security Headers
Name Value
Strict-Transport-Security max-age=7762281; includeSubDomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://onlinenewbankbcp.viiabcp.repl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 00:07:53 GMT
strict-transport-security
max-age=7762281; includeSubDomains
host
onlinenewbankbcp.viiabcp.repl.co
replit-cluster
global
content-length
713
expect-ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
content-type
image/svg+xml
chronometer-o.svg
onlinenewbankbcp.viiabcp.repl.co/assets/img/ 		722 B
751 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onlinenewbankbcp.viiabcp.repl.co/assets/img/chronometer-o.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.204.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.204.149.34.bc.googleusercontent.com
Software
/
Resource Hash
a426aa56c6f262ec969052b7fe8668067dbbfa0bfbd964fdb854bd4f64811f64
Security Headers
Name Value
Strict-Transport-Security max-age=7762281; includeSubDomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://onlinenewbankbcp.viiabcp.repl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 00:07:53 GMT
strict-transport-security
max-age=7762281; includeSubDomains
host
onlinenewbankbcp.viiabcp.repl.co
replit-cluster
global
content-length
722
expect-ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
content-type
image/svg+xml
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0e7723c9b55d7d3e4c592f1da81c10242029db080626493647b7c40af8eab54d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
turn-o.svg
onlinenewbankbcp.viiabcp.repl.co/assets/img/ 		712 B
741 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onlinenewbankbcp.viiabcp.repl.co/assets/img/turn-o.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.204.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.204.149.34.bc.googleusercontent.com
Software
/
Resource Hash
3ca034dc1c551304cb7550c6293ca145f4326857fe913838b9bdc7b4085250bc
Security Headers
Name Value
Strict-Transport-Security max-age=7762281; includeSubDomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://onlinenewbankbcp.viiabcp.repl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 00:07:53 GMT
strict-transport-security
max-age=7762281; includeSubDomains
host
onlinenewbankbcp.viiabcp.repl.co
replit-cluster
global
content-length
712
expect-ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
content-type
image/svg+xml
HBK-login-fondo.jpg
stbcpzonasegura.viabcp.com/assets/img/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stbcpzonasegura.viabcp.com/assets/img/HBK-login-fondo.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:a800:89d::2e48 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
08241458d3ce1af786b576e47b3b5941f3e32bfd8b2bc953f66960720bee0831
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://onlinenewbankbcp.viiabcp.repl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 00:07:53 GMT
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=0
server-timing
dtRpid;desc="-2061376483"
accept-ranges
bytes
content-length
44153
x-xss-protection
1; mode=block
expires
Wed, 28 Sep 2022 00:07:53 GMT
242863_3_0.973408b83b66574e2bde.woff
stbcpzonasegura.viabcp.com/ 		69 KB
69 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://stbcpzonasegura.viabcp.com/242863_3_0.973408b83b66574e2bde.woff
Requested by
Host: stbcpzonasegura.viabcp.com
URL: https://stbcpzonasegura.viabcp.com/styles.73891af9c5f119165612.bundle.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:a800:89d::2e48 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
d6e507e9151c1b691b6d6a2a226455ddf2eaaf03a6314d19c41d129d6215e120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://stbcpzonasegura.viabcp.com/styles.73891af9c5f119165612.bundle.css
Origin
https://onlinenewbankbcp.viiabcp.repl.co
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 00:07:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-type
application/font-woff
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
server-timing
dtRpid;desc="433032459"
accept-ranges
bytes
vary
Accept-Encoding
content-length
70560
x-xss-protection
1; mode=block
expires
Wed, 28 Sep 2022 00:07:52 GMT
242863_E_0.31e6d7cf733065d39be1.woff
stbcpzonasegura.viabcp.com/ 		67 KB
67 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://stbcpzonasegura.viabcp.com/242863_E_0.31e6d7cf733065d39be1.woff
Requested by
Host: stbcpzonasegura.viabcp.com
URL: https://stbcpzonasegura.viabcp.com/styles.73891af9c5f119165612.bundle.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:a800:89d::2e48 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
fd9bd5004ae517527e784b3f1b136542697f344c195cedc28a6b89066e163e9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://stbcpzonasegura.viabcp.com/styles.73891af9c5f119165612.bundle.css
Origin
https://onlinenewbankbcp.viiabcp.repl.co
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 00:07:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-type
application/font-woff
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
server-timing
dtRpid;desc="76269215"
accept-ranges
bytes
vary
Accept-Encoding
content-length
68449
x-xss-protection
1; mode=block
expires
Wed, 28 Sep 2022 00:07:52 GMT
icons.a1179978b826d3cbfd6b.woff
stbcpzonasegura.viabcp.com/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://stbcpzonasegura.viabcp.com/icons.a1179978b826d3cbfd6b.woff
Requested by
Host: stbcpzonasegura.viabcp.com
URL: https://stbcpzonasegura.viabcp.com/styles.73891af9c5f119165612.bundle.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:a800:89d::2e48 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
9d91ae324c350a6540627193e4fb0fba0b150279fa9c197537d2ecc84f8ad5c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://stbcpzonasegura.viabcp.com/styles.73891af9c5f119165612.bundle.css
Origin
https://onlinenewbankbcp.viiabcp.repl.co
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 00:07:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-type
application/font-woff
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
server-timing
dtRpid;desc="2145506899"
accept-ranges
bytes
vary
Accept-Encoding
content-length
24117
x-xss-protection
1; mode=block
expires
Wed, 28 Sep 2022 00:07:52 GMT
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
af2f4c73c1bea96636f0c039c036017ff28c8142b0db8b5de0417428ff21446a

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
logo_blanco.svg
stbcpzonasegura.viabcp.com/assets/img/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stbcpzonasegura.viabcp.com/assets/img/logo_blanco.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:a800:89d::2e48 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
99066f683e36549f1e747a7cfab97606573a4367fe35a4e82dda5c3b03a43287
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://onlinenewbankbcp.viiabcp.repl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 00:07:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
server-timing
dtRpid;desc="-197242788"
accept-ranges
bytes
vary
Accept-Encoding
content-length
2490
x-xss-protection
1; mode=block
expires
Wed, 28 Sep 2022 00:07:53 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banco de Crédito del Perú (Banking)

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| _0x4f41 function| _0x12b6

0 Cookies

3 Console Messages

Source Level URL
Text
network error URL: https://onlinenewbankbcp.viiabcp.repl.co/css/style2.css
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://onlinenewbankbcp.viiabcp.repl.co/index_files/bcpr42sh.js.descarga
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://onlinenewbankbcp.viiabcp.repl.co/index_files/0.eb4db6c91bbdb979fe70.chunk.js.descarga
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=7762284; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bcpr42sh.staticmon.com
onlinenewbankbcp.viiabcp.repl.co
stbcpzonasegura.viabcp.com
unruffled-shannon-1a7413.netlify.app
unruffled-shannon-1a7413.netlify.com
2406:da18:880:3800:1655:e904:cce5:66a5
2406:da18:880:3802:bc32:fc44:302b:aad2
2600:140b:a800:89d::2e48
34.149.204.188
52.212.247.225
08241458d3ce1af786b576e47b3b5941f3e32bfd8b2bc953f66960720bee0831
0e7723c9b55d7d3e4c592f1da81c10242029db080626493647b7c40af8eab54d
21bd0e63e9b06d1320a40049fa76dcafa036f5dc945dfb64a93cb2eec4f11ed9
3ca034dc1c551304cb7550c6293ca145f4326857fe913838b9bdc7b4085250bc
576268ebbf93e3090085fd1c960591a5027a438c3c8dd727e1f46fc017322db4
805bb9b076190dce024f76c6d7c0b598c30c77110ad2ae166233c1eba9ca27d0
8f01cfe58755b41df788024c48ce7a97c46394ebba9d5076b60e55849f753047
99066f683e36549f1e747a7cfab97606573a4367fe35a4e82dda5c3b03a43287
9d91ae324c350a6540627193e4fb0fba0b150279fa9c197537d2ecc84f8ad5c0
a426aa56c6f262ec969052b7fe8668067dbbfa0bfbd964fdb854bd4f64811f64
a99ca5022d0ed8308096eaf2c6ca4e382eec459f7c164b2dfd0c5db0c1372400
af2f4c73c1bea96636f0c039c036017ff28c8142b0db8b5de0417428ff21446a
b5eed63ded97cecd99982dbe8e8dac723292fc4fbb449605bb2a2fc6b7172d89
c4bfe03d7dcfff129cf26b11a8757532e5a45322af45ac30f1583542c1e7d3f6
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
d5e22ec7822fee9a3590a96cd28c353c7ae4887415179334a93cb498a71c8a03
d6e507e9151c1b691b6d6a2a226455ddf2eaaf03a6314d19c41d129d6215e120
fd9bd5004ae517527e784b3f1b136542697f344c195cedc28a6b89066e163e9b