correosytelegrafos.cc Open in urlscan Pro
173.82.232.159 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://c.nxw.so/bzwLh
Effective URL:
https://correosytelegrafos.cc/
Submission: On September 03 via manual (September 3rd 2023, 5:41:04 am UTC) from GT — Scanned from DE

Summary HTTP 24 Redirects Links 42 Behaviour Indicators

Summary

This website contacted 1 IPs in 2 countries across 2 domains to perform 24 HTTP transactions. The main IP is 173.82.232.159, located in Los Angeles, United States and belongs to MULTA-ASN1, US. The main domain is correosytelegrafos.cc.
TLS certificate: Issued by R3 on August 29th 2023. Valid for: 3 months.

This is the only time correosytelegrafos.cc was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Correos de Guatemala (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
1 1	117.68.1.61 117.68.1.61	4134 (CHINANET-...) (CHINANET-BACKBONE No.31)
24	173.82.232.159 173.82.232.159	35916 (MULTA-ASN1) (MULTA-ASN1)
24	1

1 117.68.1.61 (China) 1 redirects

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)

c.nxw.so	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 173.82.232.159 (Los Angeles, United States)

ASN35916 (MULTA-ASN1, US)
PTR: mail.aplsgl.com

correosytelegrafos.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	correosytelegrafos.cc correosytelegrafos.cc	2 MB
1	nxw.so 1 redirects c.nxw.so	622 B
24	2

	Domain	Requested by
24	correosytelegrafos.cc	correosytelegrafos.cc
1	c.nxw.so	1 redirects
24	2

This site contains links to these domains. Also see Links.

Domain
correosytelegrafos.civ.gob.gt
sites.google.com
www.facebook.com
twitter.com
www.youtube.com
www.instagram.com
mail.correosytelegrafos.civ.gob.gt
seprem.gob.gt
radiotgw.gob.gt
www.agn.com.gt
dca.gob.gt
www.minfin.gob.gt
www.segeplan.gob.gt
observatorioplanificacion.cepal.org
www.albakeneth.gob.gt
www.sosep.gob.gt
insivumeh.gob.gt
www.cna.gob.gt
conred.gob.gt

Subject Issuer	Validity	Valid
correosytelegrafos.cc R3	`2023-08-29` - `2023-11-27`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://correosytelegrafos.cc/
Frame ID: B28347F7A0EB470215569D458EB18FF9
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://c.nxw.so/bzwLh HTTP 302
https://correosytelegrafos.cc/ Page URL

Detected technologies

Java (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

Socket.io (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

socket\.io.*\.js

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Page Statistics

24
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

2144 kB
Transfer

6622 kB
Size

2
Cookies

42 Outgoing links

These are links going to different origins than the main page.

URL: https://correosytelegrafos.civ.gob.gt/

Search URL Search Domain Scan URL

URL: https://correosytelegrafos.civ.gob.gt/quienes-somos/
Title: QUIENES SOMOS

Search URL Search Domain Scan URL

URL: https://correosytelegrafos.civ.gob.gt/quienes-somos/autoridades/
Title: Autoridades

Search URL Search Domain Scan URL

URL: https://correosytelegrafos.civ.gob.gt/sinacig/
Title: SINACIG

Search URL Search Domain Scan URL

URL: https://correosytelegrafos.civ.gob.gt/sobre-correos/filatelia/
Title: FILATELIA

Search URL Search Domain Scan URL

URL: https://sites.google.com/view/museo-postal/inicio
Title: MUSEO DE CORREOS

Search URL Search Domain Scan URL

URL: https://correosytelegrafos.civ.gob.gt/contacto/
Title: AGENCIAS

Search URL Search Domain Scan URL

URL: https://correosytelegrafos.civ.gob.gt/mapa-del-sitio/
Title: MAPA DEL SITIO

Search URL Search Domain Scan URL

URL: https://correosytelegrafos.civ.gob.gt/codigo-postal-2/
Title: CÓDIGO POSTAL

Search URL Search Domain Scan URL

URL: https://correosytelegrafos.civ.gob.gt/noticias-2/
Title: NOTICIAS

Search URL Search Domain Scan URL

URL: https://correosytelegrafos.civ.gob.gt/tramites-en-linea/
Title: TRAMITES

Search URL Search Domain Scan URL

URL: https://correosytelegrafos.civ.gob.gt/formularios/
Title: FORMULARIOS

Search URL Search Domain Scan URL

URL: https://correosytelegrafos.civ.gob.gt/ley-de-acceso-a-la-informacion-publica/
Title: Ley de Acceso a la Información Pública

Search URL Search Domain Scan URL

URL: https://correosytelegrafos.civ.gob.gt/Idiomas-2021/Espa%C3%B1ol-DECRETO-NUMERO-57-2008.pdf
Title: Idioma Español

Search URL Search Domain Scan URL

URL: https://correosytelegrafos.civ.gob.gt/ley-de-acceso-a-la-informacion-publica/idiomas-mayas/
Title: Idiomas Mayas

Search URL Search Domain Scan URL

URL: https://correosytelegrafos.civ.gob.gt/transparencia/decreto-numero-57-2008-en-lenguaje-de-senas/
Title: Lenguaje de Señas

Search URL Search Domain Scan URL

URL: https://correosytelegrafos.civ.gob.gt/transparencia/laip/
Title: Información Pública de Oficio

Search URL Search Domain Scan URL

URL: https://correosytelegrafos.civ.gob.gt/solicitud-de-informacion-publica/
Title: Solicitud de Información Pública

Search URL Search Domain Scan URL

URL: https://correosytelegrafos.civ.gob.gt/formulario-informacion-publica/
Title: Formulario de Solicitud de Información Pública

Search URL Search Domain Scan URL

URL: https://correosytelegrafos.civ.gob.gt/transparencia/ley-presupuesto/
Title: Transparencia Presupuestaria

Search URL Search Domain Scan URL

URL: https://correosytelegrafos.civ.gob.gt/compras-por-covid-19/
Title: Compras por Covid-19

Search URL Search Domain Scan URL

URL: https://correosytelegrafos.civ.gob.gt/transparencia-activa/
Title: Transparencia Activa

Search URL Search Domain Scan URL

URL: https://correosytelegrafos.civ.gob.gt/tablero-de-rendicion-de-cuentas/
Title: Tablero de Rendición de Cuentas

Search URL Search Domain Scan URL

URL: https://www.facebook.com/correosdeguatemala/

Search URL Search Domain Scan URL

URL: https://twitter.com/correosgt

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCymg8Rlhw7N6Hr0n61In5Zw

Search URL Search Domain Scan URL

URL: https://www.instagram.com/correosdeguatemala/

Search URL Search Domain Scan URL

URL: http://mail.correosytelegrafos.civ.gob.gt/

Search URL Search Domain Scan URL

URL: https://seprem.gob.gt/
Title: like down Seprem

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCh4GjKBcqxOsL_Bt8gCCSLg
Title: plus insecure mid Rutaupon deaustere Cambio

Search URL Search Domain Scan URL

URL: http://radiotgw.gob.gt/
Title: modulate fooey Radioswanling vigilant TGW

Search URL Search Domain Scan URL

URL: https://www.agn.com.gt/
Title: lest AGN

Search URL Search Domain Scan URL

URL: https://dca.gob.gt/noticias-guatemala-diario-centro-america/
Title: moment duh Diarioguerrilla wrong plague depace pro peak Centroscout phooey América

Search URL Search Domain Scan URL

URL: https://www.minfin.gob.gt/index.php/presupuesto-ciudadano
Title: forenenst Presupuestohake blister Ciudadano

Search URL Search Domain Scan URL

URL: https://www.segeplan.gob.gt/nportal/
Title: weasel athwart Segeplan

Search URL Search Domain Scan URL

URL: https://observatorioplanificacion.cepal.org/es/planes/plan-nacional-de-desarrollo-katun-nuestra-guatemala-2032
Title: ah honestly from Planawkwardly Nacionalhowever desermonise expose Desarrollo

Search URL Search Domain Scan URL

URL: https://www.albakeneth.gob.gt/inicio
Title: patron ouch effector Alertastandoff er great Albaouch gadzooks miserably Keneth

Search URL Search Domain Scan URL

URL: https://www.minfin.gob.gt/index.php/2014-08-05-15-43-48
Title: soon ew Pensionadosupward chrysalis delunfortunately terribly flag Estado

Search URL Search Domain Scan URL

URL: http://www.sosep.gob.gt/
Title: yippee oof mind Secretaríaoh um actual deper modulo but Obrayum mortally ew Socialcomponent briefly deamong lamummify midst Esposaovercome delbrightly Presidente

Search URL Search Domain Scan URL

URL: https://insivumeh.gob.gt/
Title: yowza Insivumeh

Search URL Search Domain Scan URL

URL: http://www.cna.gob.gt/
Title: wiry bleakly after CNA

Search URL Search Domain Scan URL

URL: https://conred.gob.gt/site/index.php
Title: incidentally CONRED

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://c.nxw.so/bzwLh HTTP 302
https://correosytelegrafos.cc/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response correosytelegrafos.cc/ Redirect Chain http://c.nxw.so/bzwLh https://correosytelegrafos.cc/	3 KB 2 KB	820ms 162ms	Document text/html	173.82.232.159 MULTA-ASN1
General Check archive.org Show headers Download Go to Full URL https://correosytelegrafos.cc/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 173.82.232.159 Los Angeles, United States, ASN35916 (MULTA-ASN1, US), Reverse DNS mail.aplsgl.com Software nginx/1.24.0 / Resource Hash `75a1dd1c3f9c776199f3e73c4d233e44b25172bc1f30f56280d73ab74c881676` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html Date Sun, 03 Sep 2023 05:40:54 GMT ETag W/"64eb9854-caa" Last-Modified Sun, 27 Aug 2023 18:39:16 GMT Server nginx/1.24.0 Transfer-Encoding chunked Vary Accept-Encoding Redirect headers Cache-Control must-revalidate, no-store Connection keep-alive Content-Length 0 Content-Type text/html;charset=UTF-8 Date Sun, 03 Sep 2023 05:40:54 GMT Location https://correosytelegrafos.cc/#/?_from=__mail Pragma no-cache Server SLT-MID X-Cache-Lookup Cache Miss Cache Miss X-NWS-LOG-UUID 13344164758171046237
GET H/1.1	200 OK	index-20654522.js Show response correosytelegrafos.cc/assets/	6 MB 2 MB	344ms 344ms	Script application/javascript	173.82.232.159 MULTA-ASN1
General Check archive.org Show headers Download Go to Full URL https://correosytelegrafos.cc/assets/index-20654522.js Requested by Host: correosytelegrafos.cc URL: https://correosytelegrafos.cc/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 173.82.232.159 Los Angeles, United States, ASN35916 (MULTA-ASN1, US), Reverse DNS mail.aplsgl.com Software nginx/1.24.0 / Resource Hash `8c2b2ae88ddbc76715b677957cfab7f9577a7ecb5cfa9590f2a3736054ac114e` Request headers Referer https://correosytelegrafos.cc/ Origin https://correosytelegrafos.cc accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers Date Sun, 03 Sep 2023 05:40:55 GMT Content-Encoding gzip Last-Modified Sun, 27 Aug 2023 18:39:26 GMT Server nginx/1.24.0 ETag W/"64eb985e-63cfc7" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Allow-Methods GET Cache-Control max-age=604800 Connection keep-alive Expires Sun, 10 Sep 2023 05:40:55 GMT
GET H/1.1	200 OK	index-b59dbd03.css correosytelegrafos.cc/assets/	767 B 1 KB	478ms 159ms	Stylesheet text/css	173.82.232.159 MULTA-ASN1
General Check archive.org Show headers Download Go to Full URL https://correosytelegrafos.cc/assets/index-b59dbd03.css Requested by Host: correosytelegrafos.cc URL: https://correosytelegrafos.cc/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 173.82.232.159 Los Angeles, United States, ASN35916 (MULTA-ASN1, US), Reverse DNS mail.aplsgl.com Software nginx/1.24.0 / Resource Hash `b59dbd0303bf5398679f90fafa5df094b2f1bd691840eee12a2bd33b4c5f882b` Request headers accept-language de-DE,de;q=0.9 Referer https://correosytelegrafos.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers Date Sun, 03 Sep 2023 05:40:55 GMT Last-Modified Sun, 27 Aug 2023 18:39:16 GMT Server nginx/1.24.0 ETag "64eb9854-2ff" Access-Control-Allow-Methods GET Content-Type text/css Access-Control-Allow-Origin * Cache-Control max-age=604800 Connection keep-alive Accept-Ranges bytes Content-Length 767 Expires Sun, 10 Sep 2023 05:40:55 GMT
GET H/1.1	200 OK	/ Show response correosytelegrafos.cc/socket.io/	118 B 314 B	165ms 164ms	XHR text/plain	173.82.232.159 MULTA-ASN1
General Check archive.org Show headers Download Go to Full URL https://correosytelegrafos.cc/socket.io/?EIO=4&transport=polling&t=OfPZleL Requested by Host: correosytelegrafos.cc URL: https://correosytelegrafos.cc/assets/index-20654522.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 173.82.232.159 Los Angeles, United States, ASN35916 (MULTA-ASN1, US), Reverse DNS mail.aplsgl.com Software nginx/1.24.0 / Resource Hash `5a042c900eded459f1ad6a2481fbe70244b6292d91b4b83533cd20ea994550c5` Request headers Accept / Referer https://correosytelegrafos.cc/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Sun, 03 Sep 2023 05:40:57 GMT Server nginx/1.24.0 Connection keep-alive Content-Length 118 Content-Type text/plain; charset=UTF-8
GET H/1.1	200 OK	Layout-142bed60.js Show response correosytelegrafos.cc/assets/	45 KB 8 KB	161ms 161ms	Script application/javascript	173.82.232.159 MULTA-ASN1
General Check archive.org Show headers Download Go to Full URL https://correosytelegrafos.cc/assets/Layout-142bed60.js Requested by Host: correosytelegrafos.cc URL: https://correosytelegrafos.cc/assets/index-20654522.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 173.82.232.159 Los Angeles, United States, ASN35916 (MULTA-ASN1, US), Reverse DNS mail.aplsgl.com Software nginx/1.24.0 / Resource Hash `71f8494a92875ebbee8b779d662d347a1e25536c5fbadb4bfd4dd54a8cd7934a` Request headers Referer Origin https://correosytelegrafos.cc accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers Date Sun, 03 Sep 2023 05:40:57 GMT Content-Encoding gzip Last-Modified Sun, 27 Aug 2023 18:39:18 GMT Server nginx/1.24.0 ETag W/"64eb9856-b405" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Allow-Methods GET Cache-Control max-age=604800 Connection keep-alive Expires Sun, 10 Sep 2023 05:40:57 GMT
GET H/1.1	200 OK	Layout-670d2d29.css correosytelegrafos.cc/assets/	47 KB 10 KB	322ms 163ms	Stylesheet text/css	173.82.232.159 MULTA-ASN1
General Check archive.org Show headers Download Go to Full URL https://correosytelegrafos.cc/assets/Layout-670d2d29.css Requested by Host: correosytelegrafos.cc URL: https://correosytelegrafos.cc/assets/index-20654522.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 173.82.232.159 Los Angeles, United States, ASN35916 (MULTA-ASN1, US), Reverse DNS mail.aplsgl.com Software nginx/1.24.0 / Resource Hash `670d2d291f4eedd739f106739a896dc1743e49886e19a35c3687629bb6d6c30f` Request headers accept-language de-DE,de;q=0.9 Referer https://correosytelegrafos.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers Date Sun, 03 Sep 2023 05:40:57 GMT Content-Encoding gzip Last-Modified Sun, 27 Aug 2023 18:39:16 GMT Server nginx/1.24.0 ETag W/"64eb9854-bd36" Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/css Access-Control-Allow-Origin * Access-Control-Allow-Methods GET Cache-Control max-age=604800 Connection keep-alive Expires Sun, 10 Sep 2023 05:40:57 GMT
GET H/1.1	200 OK	HomePage-aec6d8eb.js Show response correosytelegrafos.cc/assets/	5 KB 2 KB	465ms 155ms	Script application/javascript	173.82.232.159 MULTA-ASN1
General Check archive.org Show headers Download Go to Full URL https://correosytelegrafos.cc/assets/HomePage-aec6d8eb.js Requested by Host: correosytelegrafos.cc URL: https://correosytelegrafos.cc/assets/index-20654522.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 173.82.232.159 Los Angeles, United States, ASN35916 (MULTA-ASN1, US), Reverse DNS mail.aplsgl.com Software nginx/1.24.0 / Resource Hash `90fc83c77cbce21bd43b1537bbd40c88c9aa4ac363b3913a410f0d661796d2ae` Request headers Referer Origin https://correosytelegrafos.cc accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers Date Sun, 03 Sep 2023 05:40:57 GMT Content-Encoding gzip Last-Modified Sun, 27 Aug 2023 18:39:17 GMT Server nginx/1.24.0 ETag W/"64eb9855-1303" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Allow-Methods GET Cache-Control max-age=604800 Connection keep-alive Expires Sun, 10 Sep 2023 05:40:57 GMT
GET H/1.1	200 OK	_plugin-vue_export-helper-c27b6911.js Show response correosytelegrafos.cc/assets/	1 KB 1 KB	466ms 155ms	Script application/javascript	173.82.232.159 MULTA-ASN1
General Check archive.org Show headers Download Go to Full URL https://correosytelegrafos.cc/assets/_plugin-vue_export-helper-c27b6911.js Requested by Host: correosytelegrafos.cc URL: https://correosytelegrafos.cc/assets/index-20654522.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 173.82.232.159 Los Angeles, United States, ASN35916 (MULTA-ASN1, US), Reverse DNS mail.aplsgl.com Software nginx/1.24.0 / Resource Hash `533a672f292608dc5f2631db10eb8189dead1010e1b493d48674b27ef6ee2be6` Request headers Referer Origin https://correosytelegrafos.cc accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers Date Sun, 03 Sep 2023 05:40:57 GMT Content-Encoding gzip Last-Modified Sun, 27 Aug 2023 18:39:18 GMT Server nginx/1.24.0 ETag W/"64eb9856-53a" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Allow-Methods GET Cache-Control max-age=604800 Connection keep-alive Expires Sun, 10 Sep 2023 05:40:57 GMT
GET H/1.1	200 OK	HomePage-c955018d.css correosytelegrafos.cc/assets/	323 B 698 B	322ms 160ms	Stylesheet text/css	173.82.232.159 MULTA-ASN1
General Check archive.org Show headers Download Go to Full URL https://correosytelegrafos.cc/assets/HomePage-c955018d.css Requested by Host: correosytelegrafos.cc URL: https://correosytelegrafos.cc/assets/index-20654522.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 173.82.232.159 Los Angeles, United States, ASN35916 (MULTA-ASN1, US), Reverse DNS mail.aplsgl.com Software nginx/1.24.0 / Resource Hash `c955018dfe3e5865bf1d1167b43dee6fbf2487acd7545575367143e0a3347800` Request headers accept-language de-DE,de;q=0.9 Referer https://correosytelegrafos.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers Date Sun, 03 Sep 2023 05:40:57 GMT Last-Modified Sun, 27 Aug 2023 18:39:16 GMT Server nginx/1.24.0 ETag "64eb9854-143" Access-Control-Allow-Methods GET Content-Type text/css Access-Control-Allow-Origin * Cache-Control max-age=604800 Connection keep-alive Accept-Ranges bytes Content-Length 323 Expires Sun, 10 Sep 2023 05:40:57 GMT
POST H/1.1	200 OK	/ Show response correosytelegrafos.cc/socket.io/	2 B 180 B	309ms 157ms	XHR text/html	173.82.232.159 MULTA-ASN1
General Check archive.org Show headers Download Go to Full URL https://correosytelegrafos.cc/socket.io/?EIO=4&transport=polling&t=OfPZlh1&sid=Fi84OiZLLb-64liXAA9q Requested by Host: correosytelegrafos.cc URL: https://correosytelegrafos.cc/assets/index-20654522.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 173.82.232.159 Los Angeles, United States, ASN35916 (MULTA-ASN1, US), Reverse DNS mail.aplsgl.com Software nginx/1.24.0 / Resource Hash `2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df` Request headers Accept / Referer https://correosytelegrafos.cc/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Content-type text/plain;charset=UTF-8 Response headers Access-Control-Allow-Origin * Date Sun, 03 Sep 2023 05:40:57 GMT Server nginx/1.24.0 Connection keep-alive Content-Length 2 Content-Type text/html
GET H/1.1	200 OK	/ Show response correosytelegrafos.cc/socket.io/	41 B 236 B	318ms 160ms	XHR application/octet-stream	173.82.232.159 MULTA-ASN1
General Check archive.org Show headers Download Go to Full URL https://correosytelegrafos.cc/socket.io/?EIO=4&transport=polling&t=OfPZlh2&sid=Fi84OiZLLb-64liXAA9q Requested by Host: correosytelegrafos.cc URL: https://correosytelegrafos.cc/assets/index-20654522.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 173.82.232.159 Los Angeles, United States, ASN35916 (MULTA-ASN1, US), Reverse DNS mail.aplsgl.com Software nginx/1.24.0 / Resource Hash `7a1374c035a0a69d20f3519ad19b93c1900b46de7efb0dc13eb8578553b8207e` Request headers Accept / Referer https://correosytelegrafos.cc/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Sun, 03 Sep 2023 05:40:57 GMT Server nginx/1.24.0 Connection keep-alive Content-Length 41 Content-Type text/plain; charset=UTF-8
GET H/1.1	200 OK	/ Show response correosytelegrafos.cc/socket.io/	162 B 358 B	159ms 159ms	XHR text/plain	173.82.232.159 MULTA-ASN1
General Check archive.org Show headers Download Go to Full URL https://correosytelegrafos.cc/socket.io/?EIO=4&transport=polling&t=OfPZlm2&sid=Fi84OiZLLb-64liXAA9q Requested by Host: correosytelegrafos.cc URL: https://correosytelegrafos.cc/assets/index-20654522.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 173.82.232.159 Los Angeles, United States, ASN35916 (MULTA-ASN1, US), Reverse DNS mail.aplsgl.com Software nginx/1.24.0 / Resource Hash `4f0fc32176c3bd8839f980e0fdf6156929f6654aad5ed7a9b60e87cc23541041` Request headers Accept / Referer https://correosytelegrafos.cc/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Sun, 03 Sep 2023 05:40:57 GMT Server nginx/1.24.0 Connection keep-alive Content-Length 162 Content-Type text/plain; charset=UTF-8
POST H/1.1	200 OK	/ Show response correosytelegrafos.cc/socket.io/	2 B 180 B	157ms 157ms	XHR text/html	173.82.232.159 MULTA-ASN1
General Check archive.org Show headers Download Go to Full URL https://correosytelegrafos.cc/socket.io/?EIO=4&transport=polling&t=OfPZlm2.0&sid=Fi84OiZLLb-64liXAA9q Requested by Host: correosytelegrafos.cc URL: https://correosytelegrafos.cc/assets/index-20654522.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 173.82.232.159 Los Angeles, United States, ASN35916 (MULTA-ASN1, US), Reverse DNS mail.aplsgl.com Software nginx/1.24.0 / Resource Hash `2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df` Request headers Accept / Referer https://correosytelegrafos.cc/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Content-type text/plain;charset=UTF-8 Response headers Access-Control-Allow-Origin * Date Sun, 03 Sep 2023 05:40:57 GMT Server nginx/1.24.0 Connection keep-alive Content-Length 2 Content-Type text/html
GET H/1.1	200 OK	/ Show response correosytelegrafos.cc/socket.io/	97 B 292 B	159ms 159ms	XHR application/octet-stream	173.82.232.159 MULTA-ASN1
General Check archive.org Show headers Download Go to Full URL https://correosytelegrafos.cc/socket.io/?EIO=4&transport=polling&t=OfPZloY&sid=Fi84OiZLLb-64liXAA9q Requested by Host: correosytelegrafos.cc URL: https://correosytelegrafos.cc/assets/index-20654522.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 173.82.232.159 Los Angeles, United States, ASN35916 (MULTA-ASN1, US), Reverse DNS mail.aplsgl.com Software nginx/1.24.0 / Resource Hash `07bceafc330f3e5ec84d283d01cd0c207fbeff052577b1d063a9094077ab50e9` Request headers Accept / Referer https://correosytelegrafos.cc/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Sun, 03 Sep 2023 05:40:57 GMT Server nginx/1.24.0 Connection keep-alive Content-Length 97 Content-Type text/plain; charset=UTF-8
POST H/1.1	200 OK	/ Show response correosytelegrafos.cc/socket.io/	2 B 180 B	156ms 156ms	XHR text/html	173.82.232.159 MULTA-ASN1
General Check archive.org Show headers Download Go to Full URL https://correosytelegrafos.cc/socket.io/?EIO=4&transport=polling&t=OfPZloY.0&sid=Fi84OiZLLb-64liXAA9q Requested by Host: correosytelegrafos.cc URL: https://correosytelegrafos.cc/assets/index-20654522.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 173.82.232.159 Los Angeles, United States, ASN35916 (MULTA-ASN1, US), Reverse DNS mail.aplsgl.com Software nginx/1.24.0 / Resource Hash `2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df` Request headers Accept / Referer https://correosytelegrafos.cc/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Content-type text/plain;charset=UTF-8 Response headers Access-Control-Allow-Origin * Date Sun, 03 Sep 2023 05:40:57 GMT Server nginx/1.24.0 Connection keep-alive Content-Length 2 Content-Type text/html
POST H/1.1	201 Created	save-data Show response correosytelegrafos.cc/api/	752 B 1 KB	180ms 180ms	XHR application/json	173.82.232.159 MULTA-ASN1
General Check archive.org Show headers Download Go to Full URL https://correosytelegrafos.cc/api/save-data Requested by Host: correosytelegrafos.cc URL: https://correosytelegrafos.cc/assets/index-20654522.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 173.82.232.159 Los Angeles, United States, ASN35916 (MULTA-ASN1, US), Reverse DNS mail.aplsgl.com Software nginx/1.24.0 / Express Resource Hash `77128ca5bd77eb417d1f2c56e1b169144a60f90dbdad6260343c05376dfb7ad4` Request headers Content-Type application/json Accept application/json, text/plain, / Referer https://correosytelegrafos.cc/ remark 0 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 version 230803 Response headers Date Sun, 03 Sep 2023 05:40:57 GMT Server nginx/1.24.0 X-Powered-By Express ETag W/"2f0-ib1F485urI7NxO24tE8L9fXR91U" Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin * Connection keep-alive Content-Length 752
GET H/1.1	200 OK	get-app-settings Show response correosytelegrafos.cc/api/	1 KB 812 B	168ms 168ms	XHR application/json	173.82.232.159 MULTA-ASN1
General Check archive.org Show headers Download Go to Full URL https://correosytelegrafos.cc/api/get-app-settings Requested by Host: correosytelegrafos.cc URL: https://correosytelegrafos.cc/assets/index-20654522.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 173.82.232.159 Los Angeles, United States, ASN35916 (MULTA-ASN1, US), Reverse DNS mail.aplsgl.com Software nginx/1.24.0 / Express Resource Hash `f0d3e3ec47f65af40cebc8c7954e62bbc51bd2938b034dc910f07f6258deba67` Request headers Accept application/json, text/plain, / Referer https://correosytelegrafos.cc/ remark 0 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 version 230803 Response headers Date Sun, 03 Sep 2023 05:40:57 GMT Content-Encoding gzip Server nginx/1.24.0 X-Powered-By Express ETag W/"5bc-TilCqhIMGI2jd37mkdzPma5t5+M" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin * Connection keep-alive
GET H/1.1	200 OK	get-next-domain Show response correosytelegrafos.cc/api/	0 257 B	170ms 170ms	XHR text/html	173.82.232.159 MULTA-ASN1
General Check archive.org Show headers Download Go to Full URL https://correosytelegrafos.cc/api/get-next-domain Requested by Host: correosytelegrafos.cc URL: https://correosytelegrafos.cc/assets/index-20654522.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 173.82.232.159 Los Angeles, United States, ASN35916 (MULTA-ASN1, US), Reverse DNS mail.aplsgl.com Software nginx/1.24.0 / Express Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept application/json, text/plain, / darcula-data-id 2373 Referer https://correosytelegrafos.cc/ remark 0 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 version 230803 Response headers Date Sun, 03 Sep 2023 05:40:58 GMT Server nginx/1.24.0 X-Powered-By Express ETag W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk" Content-Type text/html; charset=utf-8 Access-Control-Allow-Origin * Connection keep-alive Content-Length 0
GET H/1.1	200 OK	can-active Show response correosytelegrafos.cc/api/	112 B 379 B	165ms 165ms	XHR application/json	173.82.232.159 MULTA-ASN1
General Check archive.org Show headers Download Go to Full URL https://correosytelegrafos.cc/api/can-active Requested by Host: correosytelegrafos.cc URL: https://correosytelegrafos.cc/assets/index-20654522.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 173.82.232.159 Los Angeles, United States, ASN35916 (MULTA-ASN1, US), Reverse DNS mail.aplsgl.com Software nginx/1.24.0 / Express Resource Hash `87d27782b9249aef26f4531541b998cdbe2d70a4cdb8308f6ba51c65f7b0cd67` Request headers Accept application/json, text/plain, / darcula-data-id 2373 Referer https://correosytelegrafos.cc/ remark 0 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers Date Sun, 03 Sep 2023 05:40:58 GMT Server nginx/1.24.0 X-Powered-By Express ETag W/"70-vOB4rL+37JcQqlBU15nHBF6l1d4" Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin * Connection keep-alive Content-Length 112
GET H/1.1	200 OK	get-settings Show response correosytelegrafos.cc/api/	128 B 395 B	166ms 166ms	XHR application/json	173.82.232.159 MULTA-ASN1
General Check archive.org Show headers Download Go to Full URL https://correosytelegrafos.cc/api/get-settings Requested by Host: correosytelegrafos.cc URL: https://correosytelegrafos.cc/assets/index-20654522.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 173.82.232.159 Los Angeles, United States, ASN35916 (MULTA-ASN1, US), Reverse DNS mail.aplsgl.com Software nginx/1.24.0 / Express Resource Hash `905ac3b61def647ff98dd38dcefaca4d50deae6ee05d86814de865f996ea04fc` Request headers Accept application/json, text/plain, / darcula-data-id 2373 Referer https://correosytelegrafos.cc/ remark 0 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 version 230803 Response headers Date Sun, 03 Sep 2023 05:40:58 GMT Server nginx/1.24.0 X-Powered-By Express ETag W/"80-IOq/WvdaIjIxZYM/urXK5PttpbY" Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin * Connection keep-alive Content-Length 128
GET H/1.1	200 OK	7.jpg correosytelegrafos.cc/layout/images/	53 KB 53 KB	309ms 309ms	Image image/jpeg	173.82.232.159 MULTA-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://correosytelegrafos.cc/layout/images/7.jpg Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 173.82.232.159 Los Angeles, United States, ASN35916 (MULTA-ASN1, US), Reverse DNS mail.aplsgl.com Software nginx/1.24.0 / Resource Hash `f37efde19c26bc18e1b670112ab5bb21d73973be63ce75862795dbf6148cf737` Request headers accept-language de-DE,de;q=0.9 Referer https://correosytelegrafos.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers Date Sun, 03 Sep 2023 05:40:58 GMT Last-Modified Sun, 27 Aug 2023 18:38:59 GMT Server nginx/1.24.0 ETag "64eb9843-d248" Content-Type image/jpeg Cache-Control max-age=604800 Connection keep-alive Accept-Ranges bytes Content-Length 53832 Expires Sun, 10 Sep 2023 05:40:58 GMT
POST H/1.1	201 Created	logger Show response correosytelegrafos.cc/api/	0 195 B	169ms 169ms	XHR text/plain	173.82.232.159 MULTA-ASN1
General Check archive.org Show headers Download Go to Full URL https://correosytelegrafos.cc/api/logger Requested by Host: correosytelegrafos.cc URL: https://correosytelegrafos.cc/assets/index-20654522.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 173.82.232.159 Los Angeles, United States, ASN35916 (MULTA-ASN1, US), Reverse DNS mail.aplsgl.com Software nginx/1.24.0 / Express Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers remark 0 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Content-Type application/json Accept application/json, text/plain, / darcula-data-id 2373 Referer https://correosytelegrafos.cc/ version 230803 Response headers Access-Control-Allow-Origin * Date Sun, 03 Sep 2023 05:40:58 GMT Server nginx/1.24.0 Connection keep-alive X-Powered-By Express Transfer-Encoding chunked
GET H/1.1	200 OK	2-2adefcbc.woff2 correosytelegrafos.cc/assets/	75 KB 76 KB	318ms 317ms	Font font/woff2	173.82.232.159 MULTA-ASN1
General Check archive.org Show headers Download Go to Full URL https://correosytelegrafos.cc/assets/2-2adefcbc.woff2 Requested by Host: correosytelegrafos.cc URL: https://correosytelegrafos.cc/assets/Layout-670d2d29.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 173.82.232.159 Los Angeles, United States, ASN35916 (MULTA-ASN1, US), Reverse DNS mail.aplsgl.com Software nginx/1.24.0 / Resource Hash `2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe` Request headers Referer https://correosytelegrafos.cc/assets/Layout-670d2d29.css Origin https://correosytelegrafos.cc accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers Date Sun, 03 Sep 2023 05:40:58 GMT Last-Modified Sun, 27 Aug 2023 18:39:16 GMT Server nginx/1.24.0 ETag "64eb9854-12d68" Content-Type font/woff2 Connection keep-alive Accept-Ranges bytes Content-Length 77160
POST H/1.1	201 Created	save-data Show response correosytelegrafos.cc/api/	740 B 1013 B	174ms 174ms	XHR application/json	173.82.232.159 MULTA-ASN1
General Check archive.org Show headers Download Go to Full URL https://correosytelegrafos.cc/api/save-data Requested by Host: correosytelegrafos.cc URL: https://correosytelegrafos.cc/assets/index-20654522.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 173.82.232.159 Los Angeles, United States, ASN35916 (MULTA-ASN1, US), Reverse DNS mail.aplsgl.com Software nginx/1.24.0 / Express Resource Hash `bc766a9b930b51c8ea2780d5fe401818909b2c42b5fa3cc6dbe02fa58ad773d5` Request headers remark 0 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Content-Type application/json Accept application/json, text/plain, / darcula-data-id 2373 Referer https://correosytelegrafos.cc/ version 230803 Response headers Date Sun, 03 Sep 2023 05:40:59 GMT Server nginx/1.24.0 X-Powered-By Express ETag W/"2e4-qqr7wWmRvOBpMWxmXt5vZhvb8CQ" Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin * Connection keep-alive Content-Length 740

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Correos de Guatemala (Transportation)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.c.nxw.so/	1970-01-20 23:14:15	Name: sitename Value: 0413221684274725bbcc19cd5d408c06
			c.nxw.so/	1970-01-21 00:04:39	Name: jsessionid Value: 7d8c2b0326af4f3db8b805eaa5ac3c5e

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.nxw.so
correosytelegrafos.cc
117.68.1.61
173.82.232.159
07bceafc330f3e5ec84d283d01cd0c207fbeff052577b1d063a9094077ab50e9
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
4f0fc32176c3bd8839f980e0fdf6156929f6654aad5ed7a9b60e87cc23541041
533a672f292608dc5f2631db10eb8189dead1010e1b493d48674b27ef6ee2be6
5a042c900eded459f1ad6a2481fbe70244b6292d91b4b83533cd20ea994550c5
670d2d291f4eedd739f106739a896dc1743e49886e19a35c3687629bb6d6c30f
71f8494a92875ebbee8b779d662d347a1e25536c5fbadb4bfd4dd54a8cd7934a
75a1dd1c3f9c776199f3e73c4d233e44b25172bc1f30f56280d73ab74c881676
77128ca5bd77eb417d1f2c56e1b169144a60f90dbdad6260343c05376dfb7ad4
7a1374c035a0a69d20f3519ad19b93c1900b46de7efb0dc13eb8578553b8207e
87d27782b9249aef26f4531541b998cdbe2d70a4cdb8308f6ba51c65f7b0cd67
8c2b2ae88ddbc76715b677957cfab7f9577a7ecb5cfa9590f2a3736054ac114e
905ac3b61def647ff98dd38dcefaca4d50deae6ee05d86814de865f996ea04fc
90fc83c77cbce21bd43b1537bbd40c88c9aa4ac363b3913a410f0d661796d2ae
b59dbd0303bf5398679f90fafa5df094b2f1bd691840eee12a2bd33b4c5f882b
bc766a9b930b51c8ea2780d5fe401818909b2c42b5fa3cc6dbe02fa58ad773d5
c955018dfe3e5865bf1d1167b43dee6fbf2487acd7545575367143e0a3347800
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f0d3e3ec47f65af40cebc8c7954e62bbc51bd2938b034dc910f07f6258deba67
f37efde19c26bc18e1b670112ab5bb21d73973be63ce75862795dbf6148cf737

correosytelegrafos.cc Open in urlscan Pro 173.82.232.159 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

24 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

1 IPs

2 Countries

2144 kBTransfer

6622 kBSize

2 Cookies

42 Outgoing links

Page URL History

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

5 JavaScript Global Variables

2 Cookies

Indicators

correosytelegrafos.cc Open in urlscan Pro
173.82.232.159 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

2144 kB
Transfer

6622 kB
Size

2
Cookies

24 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!