credacessfaturacard.site Open in urlscan Pro
162.240.229.252 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://credacessfaturacard.site/
Submission: On March 23 via api (March 23rd 2023, 3:11:21 pm UTC) from US — Scanned from ES

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 10 HTTP transactions. The main IP is 162.240.229.252, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is credacessfaturacard.site.
TLS certificate: Issued by cPanel, Inc. Certification Authority on March 23rd 2023. Valid for: 3 months.

This is the only time credacessfaturacard.site was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Banco Itau (Banking)

Domain & IP information

	IP Address		AS Autonomous System
10	162.240.229.252 162.240.229.252		46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
10	1

10 162.240.229.252 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: vps-10189424.merlinopks.com

credacessfaturacard.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	credacessfaturacard.site credacessfaturacard.site	321 KB
10	1

	Domain	Requested by
10	credacessfaturacard.site	credacessfaturacard.site
10	1

This site contains no links.

Subject Issuer	Validity	Valid
credacessfaturacard.site cPanel, Inc. Certification Authority	`2023-03-23` - `2023-06-21`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://credacessfaturacard.site/
Frame ID: 9E4F8CA692B350C2F7EE246F25393C7D
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

CREDCARD

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

10
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

321 kB
Transfer

319 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response credacessfaturacard.site/	2 KB 2 KB	1062ms 199ms	Document text/html	162.240.229.252 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://credacessfaturacard.site/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.240.229.252 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS vps-10189424.merlinopks.com Software Apache / Resource Hash `f59fd3dbec580d82f8e7a0b4865ef19254ebfa34f9a739356556de5256d978ef` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 accept-language es-ES,es;q=0.9 Response headers Accept-Ranges bytes Connection Keep-Alive Content-Length 1922 Content-Type text/html Date Thu, 23 Mar 2023 15:11:14 GMT Keep-Alive timeout=5, max=100 Last-Modified Thu, 23 Mar 2023 00:02:54 GMT Server Apache
GET H/1.1	200 OK	jquery-3.2.1.min.js Show response credacessfaturacard.site/js/	85 KB 85 KB	205ms 205ms	Script application/javascript	162.240.229.252 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://credacessfaturacard.site/js/jquery-3.2.1.min.js Requested by Host: credacessfaturacard.site URL: https://credacessfaturacard.site/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.240.229.252 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS vps-10189424.merlinopks.com Software Apache / Resource Hash `87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de` Request headers accept-language es-ES,es;q=0.9 Referer https://credacessfaturacard.site/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers Date Thu, 23 Mar 2023 15:11:14 GMT Last-Modified Thu, 23 Mar 2023 00:06:37 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 86659
GET H/1.1	200 OK	jquery.mask.min.js Show response credacessfaturacard.site/js/	5 KB 5 KB	207ms 206ms	Script application/javascript	162.240.229.252 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://credacessfaturacard.site/js/jquery.mask.min.js Requested by Host: credacessfaturacard.site URL: https://credacessfaturacard.site/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.240.229.252 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS vps-10189424.merlinopks.com Software Apache / Resource Hash `f830833b6661d5fb63e23d3d245e91edc7c52aa547ca19eca7c91c7570483975` Request headers accept-language es-ES,es;q=0.9 Referer https://credacessfaturacard.site/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers Date Thu, 23 Mar 2023 15:11:14 GMT Last-Modified Thu, 23 Mar 2023 00:06:38 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 4860
GET H/1.1	200 OK	home_scripts.js Show response credacessfaturacard.site/js/	1 KB 2 KB	607ms 202ms	Script application/javascript	162.240.229.252 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://credacessfaturacard.site/js/home_scripts.js Requested by Host: credacessfaturacard.site URL: https://credacessfaturacard.site/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.240.229.252 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS vps-10189424.merlinopks.com Software Apache / Resource Hash `d3aa440aaccd68a68d059c8bd1bc0c11aae19f2848b39b8436ec3aaf3c551c6a` Request headers accept-language es-ES,es;q=0.9 Referer https://credacessfaturacard.site/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers Date Thu, 23 Mar 2023 15:11:14 GMT Last-Modified Thu, 23 Mar 2023 00:06:37 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 1466
GET H/1.1	200 OK	home_style.css credacessfaturacard.site/assets/css/	3 KB 4 KB	407ms 200ms	Stylesheet text/css	162.240.229.252 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://credacessfaturacard.site/assets/css/home_style.css Requested by Host: credacessfaturacard.site URL: https://credacessfaturacard.site/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.240.229.252 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS vps-10189424.merlinopks.com Software Apache / Resource Hash `0f611aa1f816e9d8b3979605df5445b6af0a7c39c8a1ee7ca46b39846afd7408` Request headers accept-language es-ES,es;q=0.9 Referer https://credacessfaturacard.site/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers Date Thu, 23 Mar 2023 15:11:14 GMT Last-Modified Thu, 23 Mar 2023 00:06:51 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 3559
GET H/1.1	200 OK	img_about_logo.png credacessfaturacard.site/assets/imagenss/	3 KB 3 KB	205ms 205ms	Image image/png	162.240.229.252 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://credacessfaturacard.site/assets/imagenss/img_about_logo.png Requested by Host: credacessfaturacard.site URL: https://credacessfaturacard.site/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.240.229.252 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS vps-10189424.merlinopks.com Software Apache / Resource Hash `7865895906d34d2c8dc8dd754ce3375dd50d73f549b48e96b835b19d1d278f40` Request headers accept-language es-ES,es;q=0.9 Referer https://credacessfaturacard.site/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers Date Thu, 23 Mar 2023 15:11:14 GMT Last-Modified Thu, 23 Mar 2023 00:06:58 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 2964
GET H/1.1	200 OK	ic_itokenapp.png credacessfaturacard.site/assets/imagenss/	2 KB 2 KB	205ms 205ms	Image image/png	162.240.229.252 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://credacessfaturacard.site/assets/imagenss/ic_itokenapp.png Requested by Host: credacessfaturacard.site URL: https://credacessfaturacard.site/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.240.229.252 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS vps-10189424.merlinopks.com Software Apache / Resource Hash `75851533db3fda044c3fe2bdfbb1dfdf808586387493fc5b3395ba8400391046` Request headers accept-language es-ES,es;q=0.9 Referer https://credacessfaturacard.site/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers Date Thu, 23 Mar 2023 15:11:14 GMT Last-Modified Thu, 23 Mar 2023 00:06:56 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 2047
GET H/1.1	200 OK	ic_ajuda.png credacessfaturacard.site/assets/imagenss/	1 KB 2 KB	206ms 206ms	Image image/png	162.240.229.252 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://credacessfaturacard.site/assets/imagenss/ic_ajuda.png Requested by Host: credacessfaturacard.site URL: https://credacessfaturacard.site/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.240.229.252 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS vps-10189424.merlinopks.com Software Apache / Resource Hash `915e3aea1eda6df53467eb792f487578c127d19740a1eb669d6dba7d2435edb4` Request headers accept-language es-ES,es;q=0.9 Referer https://credacessfaturacard.site/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers Date Thu, 23 Mar 2023 15:11:14 GMT Last-Modified Thu, 23 Mar 2023 00:06:54 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 1374
GET H/1.1	200 OK	img_home_bg.png credacessfaturacard.site/assets/imagenss/	215 KB 216 KB	205ms 205ms	Image image/png	162.240.229.252 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://credacessfaturacard.site/assets/imagenss/img_home_bg.png Requested by Host: credacessfaturacard.site URL: https://credacessfaturacard.site/assets/css/home_style.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.240.229.252 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS vps-10189424.merlinopks.com Software Apache / Resource Hash `1dff57f5c28bc976957e6b8a699acd7c212a5607a1ead199664b4aba479d22b6` Request headers accept-language es-ES,es;q=0.9 Referer https://credacessfaturacard.site/assets/css/home_style.css User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers Date Thu, 23 Mar 2023 15:11:14 GMT Last-Modified Thu, 23 Mar 2023 00:07:00 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 220593
GET H/1.1	200 OK	ic_cadeado.png credacessfaturacard.site/assets/imagenss/	783 B 1 KB	394ms 201ms	Image image/png	162.240.229.252 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://credacessfaturacard.site/assets/imagenss/ic_cadeado.png Requested by Host: credacessfaturacard.site URL: https://credacessfaturacard.site/assets/css/home_style.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.240.229.252 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS vps-10189424.merlinopks.com Software Apache / Resource Hash `3b28fd611f0f51576757693edb78d14b162007c819945963b8ea339a456f5404` Request headers accept-language es-ES,es;q=0.9 Referer https://credacessfaturacard.site/assets/css/home_style.css User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers Date Thu, 23 Mar 2023 15:11:15 GMT Last-Modified Thu, 23 Mar 2023 00:06:54 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 783

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banco Itau (Banking)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

credacessfaturacard.site
162.240.229.252
0f611aa1f816e9d8b3979605df5445b6af0a7c39c8a1ee7ca46b39846afd7408
1dff57f5c28bc976957e6b8a699acd7c212a5607a1ead199664b4aba479d22b6
3b28fd611f0f51576757693edb78d14b162007c819945963b8ea339a456f5404
75851533db3fda044c3fe2bdfbb1dfdf808586387493fc5b3395ba8400391046
7865895906d34d2c8dc8dd754ce3375dd50d73f549b48e96b835b19d1d278f40
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
915e3aea1eda6df53467eb792f487578c127d19740a1eb669d6dba7d2435edb4
d3aa440aaccd68a68d059c8bd1bc0c11aae19f2848b39b8436ec3aaf3c551c6a
f59fd3dbec580d82f8e7a0b4865ef19254ebfa34f9a739356556de5256d978ef
f830833b6661d5fb63e23d3d245e91edc7c52aa547ca19eca7c91c7570483975

credacessfaturacard.site Open in urlscan Pro 162.240.229.252 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

10 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

321 kBTransfer

319 kBSize

0 Cookies

0 Outgoing links

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

6 JavaScript Global Variables

0 Cookies

Indicators

credacessfaturacard.site Open in urlscan Pro
162.240.229.252 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

321 kB
Transfer

319 kB
Size

0
Cookies

10 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!