metaljeans.com.pe
Open in
urlscan Pro
185.237.252.100
Malicious Activity!
Public Scan
Submission: On September 01 via automatic, source openphish — Scanned from DE
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on June 23rd 2022. Valid for: 3 months.
This is the only time metaljeans.com.pe was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Alpha Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
19 | 185.237.252.100 185.237.252.100 | 51167 (CONTABO) (CONTABO) | |
1 | 51.210.32.106 51.210.32.106 | 16276 (OVH) (OVH) | |
20 | 3 |
ASN51167 (CONTABO, DE)
PTR: server.arpynet.app
metaljeans.com.pe |
Apex Domain Subdomains |
Transfer | |
---|---|---|
19 |
metaljeans.com.pe
metaljeans.com.pe |
381 KB |
1 |
ibb.co
i.ibb.co — Cisco Umbrella Rank: 12750 |
84 KB |
20 | 2 |
Domain | Requested by | |
---|---|---|
19 | metaljeans.com.pe |
metaljeans.com.pe
|
1 | i.ibb.co |
metaljeans.com.pe
|
20 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
metaljeans.com.pe cPanel, Inc. Certification Authority |
2022-06-23 - 2022-09-21 |
3 months | crt.sh |
ibb.co R3 |
2022-08-07 - 2022-11-05 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://metaljeans.com.pe/wp-includes/js/crop/drsalPhaGr/
Frame ID: 317CC6240D71E0FB1F5A2F9983615EBF
Requests: 21 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
20 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
metaljeans.com.pe/wp-includes/js/crop/drsalPhaGr/ |
9 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login
metaljeans.com.pe/wp-includes/js/crop/drsalPhaGr/css-staylGR/ |
631 KB 368 KB |
Stylesheet
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
notification.png
metaljeans.com.pe/wp-includes/js/crop/drsalPhaGr/css-staylGR/ |
451 B 694 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.png
metaljeans.com.pe/wp-includes/js/crop/drsalPhaGr/css-staylGR/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lock.png
metaljeans.com.pe/wp-includes/js/crop/drsalPhaGr/css-staylGR/ |
442 B 684 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
laptop.png
metaljeans.com.pe/wp-includes/js/crop/drsalPhaGr/css-staylGR/ |
311 B 554 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
email.png
metaljeans.com.pe/wp-includes/js/crop/drsalPhaGr/css-staylGR/ |
350 B 593 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
phone.png
metaljeans.com.pe/wp-includes/js/crop/drsalPhaGr/css-staylGR/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
info.png
metaljeans.com.pe/wp-includes/js/crop/drsalPhaGr/css-staylGR/ |
622 B 865 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
shield.png
metaljeans.com.pe/wp-includes/js/crop/drsalPhaGr/css-staylGR/ |
675 B 917 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
345 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login-background-elements-3x.png
i.ibb.co/tBjz5qR/ |
83 KB 84 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
OpenSans-Regular.woff2
metaljeans.com.pe/wp-includes/js/crop/drsalPhaGr/fonts/opensans/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
OpenSans-Bold_1.woff2
metaljeans.com.pe/wp-includes/js/crop/drsalPhaGr/css-staylGR/css/opensans/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
OpenSans-Regular.woff
metaljeans.com.pe/wp-includes/js/crop/drsalPhaGr/fonts/opensans/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
OpenSans-Bold_1.woff
metaljeans.com.pe/wp-includes/js/crop/drsalPhaGr/css-staylGR/css/opensans/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
OpenSans-Bold_1.ttf
metaljeans.com.pe/wp-includes/js/crop/drsalPhaGr/css-staylGR/css/opensans/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
OpenSans-Regular.ttf
metaljeans.com.pe/wp-includes/js/crop/drsalPhaGr/fonts/opensans/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
OpenSans-Bold.woff2
metaljeans.com.pe/wp-includes/js/crop/drsalPhaGr/css-staylGR/css/opensans/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
OpenSans-Bold.woff
metaljeans.com.pe/wp-includes/js/crop/drsalPhaGr/css-staylGR/css/opensans/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
OpenSans-Bold.ttf
metaljeans.com.pe/wp-includes/js/crop/drsalPhaGr/css-staylGR/css/opensans/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Alpha Bank (Banking)9 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
metaljeans.com.pe/ | Name: goya_popup Value: 1 |
|
metaljeans.com.pe/ | Name: yith_wcwl_session_8dfd3eac31328e2780b6d09005a32823 Value: %7B%22session_id%22%3A%222f2c925c631721443b99b6ed49628087%22%2C%22session_expiration%22%3A1664586020%2C%22session_expiring%22%3A1664582420%2C%22cookie_hash%22%3A%22be63dcbe7851590e66819224a2bf801b%22%7D |
9 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
i.ibb.co
metaljeans.com.pe
185.237.252.100
51.210.32.106
06c07c349bdfdfafbe34c8a6b24f04782ed3137a2d364208ea100c78668d3f21
21503eecb48b62604d6855e33399ab5731f3679a03d412065ea47464de612785
432742875ecd2a86f21d0a442de169339caed7ec9cdcbc031870d97157a8aa82
4626e282c2921300f1f087f82643dfe7c3482ef156d4f151d5d892d1a6cb7f49
53e456338f61e8c94f7a2df6122cf317bba0f256e3d6b005dcfd9194f633f500
6b274ff3885891df7ee2e327b314c53d44a4ba0246d362e3470c4ef04f7eafa9
a1612606ef48d6a8c375d4a747b8c1fe4f6927e242ec21c449b27ed0325505f2
a9ba69a712ca83a83213bb90a9f821da8c904c9f954eba6c5e7e23bdad6e2c3e
b9294cf365d3365ce77692019b950cd5c1c1ea1187aa6cc891b0ee1457578643
ccc3857f312489191143a105a811870ae647d7814faeeb54dc9873cd614022af
dd892e8748d7c8b9068fc17b082e57ba012a3e1923f8ea0323f4a325e5367e52
ed71ce33d772d291d9c787d26972c89d581a81b6b5e10bfaa8a18173a9877f4c