bameli.com.mx Open in urlscan Pro
65.99.225.177 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://s.id/1zvf7
Effective URL:
https://bameli.com.mx/wp-admin/includes/cgi-bin/romnet/cc.php
Submission: On February 15 via manual (February 15th 2023, 7:23:15 am UTC) from RO — Scanned from DE

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 10 HTTP transactions. The main IP is 65.99.225.177, located in United States and belongs to AS17378, US. The main domain is bameli.com.mx.
TLS certificate: Issued by cPanel, Inc. Certification Authority on December 2nd 2022. Valid for: 3 months.

This is the only time bameli.com.mx was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Netflix (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 1	45.126.58.78 45.126.58.78	132647 (IDNIC-PAN...) (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia)
6	65.99.225.177 65.99.225.177	17378 (AS17378) (AS17378)
2	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	3

1 45.126.58.78 (Indonesia) 1 redirects

ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID)

s.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 65.99.225.177 (United States)

ASN17378 (AS17378, US)
PTR: svgr301.neubox.net

bameli.com.mx	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	bameli.com.mx bameli.com.mx	27 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 228	166 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 381	43 KB
1	s.id 1 redirects s.id — Cisco Umbrella Rank: 165011	160 B
10	4

	Domain	Requested by
6	bameli.com.mx	bameli.com.mx
2	cdnjs.cloudflare.com	bameli.com.mx cdnjs.cloudflare.com
2	cdn.jsdelivr.net	bameli.com.mx
1	s.id	1 redirects
10	4

This site contains no links.

Subject Issuer	Validity	Valid
bameli.com.mx cPanel, Inc. Certification Authority	`2022-12-02` - `2023-03-02`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://bameli.com.mx/wp-admin/includes/cgi-bin/romnet/cc.php
Frame ID: 619EC0D345DA9B139B35C4D27C1F5182
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Document

Page URL History Show full URLs

https://s.id/1zvf7 HTTP 302
https://bameli.com.mx/wp-admin/includes/cgi-bin/romnet/cc.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

10
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

237 kB
Transfer

523 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://s.id/1zvf7 HTTP 302
https://bameli.com.mx/wp-admin/includes/cgi-bin/romnet/cc.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request cc.php Show response
bameli.com.mx/wp-admin/includes/cgi-bin/romnet/
Redirect Chain

https://s.id/1zvf7
https://bameli.com.mx/wp-admin/includes/cgi-bin/romnet/cc.php

13 KB
14 KB

995ms
277ms

Document
text/html

65.99.225.177
AS17378

General

Check archive.org

Show headers Download Go to

Full URL

https://bameli.com.mx/wp-admin/includes/cgi-bin/romnet/cc.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

65.99.225.177 , United States, ASN17378 (AS17378, US),

Reverse DNS

svgr301.neubox.net

Software

Apache / PHP/7.4.33

Resource Hash

3833d8713ddcf9c721086107a9473f54969f9b5b66dd76e81756ef82025da60f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=UTF-8
date: Wed, 15 Feb 2023 07:23:10 GMT
referrer-policy: no-referrer-when-downgrade
server: Apache
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP/7.4.33
x-xss-protection: 1

Redirect headers

cache-control: private, max-age=30
content-length: 0
date: Wed, 15 Feb 2023 07:23:09 GMT
location: https://bameli.com.mx/wp-admin/includes/cgi-bin/romnet/cc.php
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/ 190 KB
27 KB 249ms
19ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/bootstrap.min.css

Requested by

Host: bameli.com.mx
URL: https://bameli.com.mx/wp-admin/includes/cgi-bin/romnet/cc.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c0bcf7898fdc3b87babca678cd19a8e3ef570e931c80a3afbffcc453738c951a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bameli.com.mx/wp-admin/includes/cgi-bin/romnet/cc.php
Origin: https://bameli.com.mx
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 15 Feb 2023 07:23:10 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 7342160
x-jsd-version: 5.2.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 27506
x-served-by: cache-fra-eddf8230113-FRA, cache-hhn-etou8220075-HHN
x-jsd-version-type: version
etag: W/"2f955-d5HdHzFzoNYsw5wh0q1x/I2tDnI"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 c2.css
bameli.com.mx/wp-admin/includes/cgi-bin/romnet/css/ 4 KB
4 KB 141ms
141ms Stylesheet
text/css 65.99.225.177
AS17378

General

Check archive.org

Show headers Download Go to

Full URL

https://bameli.com.mx/wp-admin/includes/cgi-bin/romnet/css/c2.css

Requested by

Host: bameli.com.mx
URL: https://bameli.com.mx/wp-admin/includes/cgi-bin/romnet/cc.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

65.99.225.177 , United States, ASN17378 (AS17378, US),

Reverse DNS

svgr301.neubox.net

Software

Apache /

Resource Hash

91a5dfd7959b779db18696cbf327cba8b8fa1f42c380a31e6b72e35d72a87244

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bameli.com.mx/wp-admin/includes/cgi-bin/romnet/cc.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 15 Feb 2023 07:23:10 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 15 Feb 2023 05:05:19 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: text/css
accept-ranges: bytes
content-length: 3951
x-xss-protection: 1

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/css/ 100 KB
19 KB 247ms
25ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/css/all.min.css

Requested by

Host: bameli.com.mx
URL: https://bameli.com.mx/wp-admin/includes/cgi-bin/romnet/cc.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6752b9ba151a25703b2e5d17ad9ff42615f8940b591694fa8e42ab1034f476b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://bameli.com.mx
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 07:23:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1224680
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18716
last-modified: Tue, 15 Nov 2022 18:04:22 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "6373d4a6-491c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=chTjLSuc0anrgxqT10EP3%2BqHDmtA5b5so3%2Fq4MgS6sJQPhWDzTXJiGcdlb6idDRvgoERgu3e6xi0%2FL3bBCuT6hQVYKZBfdxbDb7WoJXfjXR9sJEtr67B1kBxpYla5GbGMZfoS51z0sWH3uO90RYeHPWt"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 799c4bee7d9837e8-FRA
expires: Mon, 05 Feb 2024 07:23:10 GMT

GET
H2 200 visa-v3.svg
bameli.com.mx/wp-admin/includes/cgi-bin/romnet/img/ 1 KB
1 KB 146ms
144ms Image
image/svg+xml 65.99.225.177
AS17378

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bameli.com.mx/wp-admin/includes/cgi-bin/romnet/img/visa-v3.svg

Requested by

Host: bameli.com.mx
URL: https://bameli.com.mx/wp-admin/includes/cgi-bin/romnet/cc.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

65.99.225.177 , United States, ASN17378 (AS17378, US),

Reverse DNS

svgr301.neubox.net

Software

Apache /

Resource Hash

d8dc942bdf04e43d4edb17c9d421f9f3a70bd62d5ec2fb502deb91b9b95fc064

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bameli.com.mx/wp-admin/includes/cgi-bin/romnet/cc.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 15 Feb 2023 07:23:10 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 15 Feb 2023 05:05:19 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
content-length: 1208
x-xss-protection: 1

GET
H2 200 mastercard-v2.svg
bameli.com.mx/wp-admin/includes/cgi-bin/romnet/img/ 3 KB
3 KB 147ms
145ms Image
image/svg+xml 65.99.225.177
AS17378

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bameli.com.mx/wp-admin/includes/cgi-bin/romnet/img/mastercard-v2.svg

Requested by

Host: bameli.com.mx
URL: https://bameli.com.mx/wp-admin/includes/cgi-bin/romnet/cc.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

65.99.225.177 , United States, ASN17378 (AS17378, US),

Reverse DNS

svgr301.neubox.net

Software

Apache /

Resource Hash

9a4620a32974adc5764f26a8070cd432aa32ba8be3167320fd32bcd9cdcaed08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bameli.com.mx/wp-admin/includes/cgi-bin/romnet/cc.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 15 Feb 2023 07:23:10 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 15 Feb 2023 05:05:19 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
content-length: 3158
x-xss-protection: 1

GET
H2 200 amex-v2.svg
bameli.com.mx/wp-admin/includes/cgi-bin/romnet/img/ 3 KB
3 KB 146ms
144ms Image
image/svg+xml 65.99.225.177
AS17378

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bameli.com.mx/wp-admin/includes/cgi-bin/romnet/img/amex-v2.svg

Requested by

Host: bameli.com.mx
URL: https://bameli.com.mx/wp-admin/includes/cgi-bin/romnet/cc.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

65.99.225.177 , United States, ASN17378 (AS17378, US),

Reverse DNS

svgr301.neubox.net

Software

Apache /

Resource Hash

7601455c0af7c3e0d8e64a288249c254b8fc1b257350613a6cdd1e1aaca9a3e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bameli.com.mx/wp-admin/includes/cgi-bin/romnet/cc.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 15 Feb 2023 07:23:10 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 15 Feb 2023 05:05:19 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
content-length: 2781
x-xss-protection: 1

GET
H2 200 icon_discover_2x.png
bameli.com.mx/wp-admin/includes/cgi-bin/romnet/img/ 3 KB
3 KB 145ms
143ms Image
image/png 65.99.225.177
AS17378

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bameli.com.mx/wp-admin/includes/cgi-bin/romnet/img/icon_discover_2x.png

Requested by

Host: bameli.com.mx
URL: https://bameli.com.mx/wp-admin/includes/cgi-bin/romnet/cc.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

65.99.225.177 , United States, ASN17378 (AS17378, US),

Reverse DNS

svgr301.neubox.net

Software

Apache /

Resource Hash

121ffba5babd9c3503fe4790fd656539558cc27e11d8f6d156328c07cac53976

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bameli.com.mx/wp-admin/includes/cgi-bin/romnet/cc.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 15 Feb 2023 07:23:10 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 15 Feb 2023 05:05:19 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
content-length: 2570
x-xss-protection: 1

GET
H2 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/js/ 59 KB
16 KB 207ms
20ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/js/bootstrap.min.js

Requested by

Host: bameli.com.mx
URL: https://bameli.com.mx/wp-admin/includes/cgi-bin/romnet/cc.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9bcd4d0f29dc6556ebeeff44eaa0965f0c7f7308ee58394708cce2f698cca1b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bameli.com.mx/wp-admin/includes/cgi-bin/romnet/cc.php
Origin: https://bameli.com.mx
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 15 Feb 2023 07:23:10 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 1920492
x-jsd-version: 5.2.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16133
x-served-by: cache-fra-eddf8230108-FRA, cache-hhn-etou8220075-HHN
x-jsd-version-type: version
etag: W/"ebf4-hH3/iZtbz47kNOOJ4qkQuh26128"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/webfonts/ 147 KB
147 KB 26ms
26ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/css/all.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08892835e828657736cc2fc56b6604a5a2517c0126b4d4df14fbba739969c170

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/css/all.min.css
Origin: https://bameli.com.mx
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 07:23:10 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 980303
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 150516
last-modified: Tue, 15 Nov 2022 18:04:22 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "6373d4a6-24bf4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dsk0IZ65bHv9NKNPk2yG04cH5Doa7sYSEestsZY3q1UVs2J1lOwIOiAfjAkOkFYDEZSKr5aV7bvozdVUlGqJNM6s6dtYEM0%2FLMgAjEo%2Fnfn2E9%2FgR0ZeGoPVCmHD6%2F%2FZhYdKh%2B%2Fx1YBN8I%2FPV4o4q%2Ft1"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 799c4beecdf937e8-FRA
expires: Mon, 05 Feb 2024 07:23:10 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Netflix (Online)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bameli.com.mx
cdn.jsdelivr.net
cdnjs.cloudflare.com
s.id
2606:4700::6811:180e
2a04:4e42::485
45.126.58.78
65.99.225.177
08892835e828657736cc2fc56b6604a5a2517c0126b4d4df14fbba739969c170
121ffba5babd9c3503fe4790fd656539558cc27e11d8f6d156328c07cac53976
3833d8713ddcf9c721086107a9473f54969f9b5b66dd76e81756ef82025da60f
6752b9ba151a25703b2e5d17ad9ff42615f8940b591694fa8e42ab1034f476b5
7601455c0af7c3e0d8e64a288249c254b8fc1b257350613a6cdd1e1aaca9a3e4
91a5dfd7959b779db18696cbf327cba8b8fa1f42c380a31e6b72e35d72a87244
9a4620a32974adc5764f26a8070cd432aa32ba8be3167320fd32bcd9cdcaed08
9bcd4d0f29dc6556ebeeff44eaa0965f0c7f7308ee58394708cce2f698cca1b0
c0bcf7898fdc3b87babca678cd19a8e3ef570e931c80a3afbffcc453738c951a
d8dc942bdf04e43d4edb17c9d421f9f3a70bd62d5ec2fb502deb91b9b95fc064

bameli.com.mx Open in urlscan Pro 65.99.225.177 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

10 Requests

100 %HTTPS

50 %IPv6

4 Domains

4 Subdomains

3 IPs

2 Countries

237 kBTransfer

523 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

10 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

bameli.com.mx Open in urlscan Pro
65.99.225.177 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

237 kB
Transfer

523 kB
Size

0
Cookies

10 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!