wwwpcbaccomweblogin.htmloutloo.repl.co
Open in
urlscan Pro
35.186.245.55
Malicious Activity!
Public Scan
Effective URL: https://wwwpcbaccomweblogin.htmloutloo.repl.co/%7C
Submission: On March 24 via api from US — Scanned from DE
Summary
TLS certificate: Issued by R3 on February 17th 2022. Valid for: 3 months.
This is the only time wwwpcbaccomweblogin.htmloutloo.repl.co was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Banco Agrícola (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 8 | 35.186.245.55 35.186.245.55 | 15169 (GOOGLE) (GOOGLE) | |
7 | 201.131.122.35 201.131.122.35 | 263695 (BANCO AGR...) (BANCO AGRICOLA) | |
14 | 2 |
ASN15169 (GOOGLE, US)
PTR: 55.245.186.35.bc.googleusercontent.com
wwwpcbaccomweblogin.htmloutloo.repl.co |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
repl.co
1 redirects
wwwpcbaccomweblogin.htmloutloo.repl.co |
990 KB |
7 |
pcbac.com
www.pcbac.com — Cisco Umbrella Rank: 636655 |
1 MB |
14 | 2 |
Domain | Requested by | |
---|---|---|
8 | wwwpcbaccomweblogin.htmloutloo.repl.co |
1 redirects
wwwpcbaccomweblogin.htmloutloo.repl.co
|
7 | www.pcbac.com |
wwwpcbaccomweblogin.htmloutloo.repl.co
|
14 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
htmloutloo.repl.co R3 |
2022-02-17 - 2022-05-18 |
3 months | crt.sh |
www.pcbac.com DigiCert SHA2 Extended Validation Server CA |
2021-10-06 - 2022-10-06 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://wwwpcbaccomweblogin.htmloutloo.repl.co/%7C
Frame ID: A4D07EC0893CDFF9107B6D51F5E69DBC
Requests: 14 HTTP requests in this frame
Screenshot
Page Title
AgrícolaPage URL History Show full URLs
-
https://wwwpcbaccomweblogin.htmloutloo.repl.co//%7C
HTTP 301
https://wwwpcbaccomweblogin.htmloutloo.repl.co/%7C Page URL
Detected technologies
jQuery (JavaScript Libraries) ExpandDetected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://wwwpcbaccomweblogin.htmloutloo.repl.co//%7C
HTTP 301
https://wwwpcbaccomweblogin.htmloutloo.repl.co/%7C Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
14 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
%7C
wwwpcbaccomweblogin.htmloutloo.repl.co/ Redirect Chain
|
5 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.css
wwwpcbaccomweblogin.htmloutloo.repl.co/index_files/ |
896 KB 897 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.6.0.min.js.descarga
wwwpcbaccomweblogin.htmloutloo.repl.co/index_files/ |
87 KB 88 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
help_button_fenix.svg
www.pcbac.com/web/img/ |
6 KB 7 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
positivo.svg
www.pcbac.com/web/img/ |
12 KB 13 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
imagen-fondo-login.jpg
www.pcbac.com/web/img/ |
1 MB 1 MB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
arrow-right.svg
www.pcbac.com/web/img/ |
1 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pencil.svg
www.pcbac.com/web/img/ |
1 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
telephone-icon.svg
www.pcbac.com/web/img/ |
3 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
negro.svg
www.pcbac.com/web/img/ |
3 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CIBFontSans-Light.ttf
wwwpcbaccomweblogin.htmloutloo.repl.co/index_files/font/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CIBFontSans-Bold.ttf
wwwpcbaccomweblogin.htmloutloo.repl.co/index_files/font/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OpenSans-Regular.ttf
wwwpcbaccomweblogin.htmloutloo.repl.co/index_files/font/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OpenSans-SemiBold.ttf
wwwpcbaccomweblogin.htmloutloo.repl.co/index_files/font/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Banco Agrícola (Banking)5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| structuredClone object| oncontextlost object| oncontextrestored function| $ function| jQuery0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=4741352; includeSubDomains |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
www.pcbac.com
wwwpcbaccomweblogin.htmloutloo.repl.co
201.131.122.35
35.186.245.55
2853a9e9c41d06032df4a3c0aa8d16de91f37c765853f498ee75f9635186fcac
2f7a7b328ddb00fd5fd60c9d15eb464b694df54f5e813eeccc453d34b306ea9d
3a1239f849d66ebdf10905da2b566e038a5f5601359982fbb82d99975f606e10
41ff7ea71edd1f8537b04146fb3b9b71391ce490fa5bddb8fe3d4a84435673bf
6f0471bdf289a0a4ee3db37d79bbda80a762fbee0df11e5d3fbd865ed0b1ee66
961f31ae8a32d930bf2be4688a8fa420d292c09c099db79ec86e128a4f9af4d1
9e6dc804b2b4010497921b345c144aecd360e79d58acada1b61b9fd93aeb27a2
c92a3c915df8cc35e7a55be54cf022b77355d14705af9715a8def5fcf1a8b4db
df4429dace07dd1341653a1762d1aceed7c32c33a971dc1d4d3b55bf6dcf6fef
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e