registraceodkazu.com Open in urlscan Pro
2606:4700:3030::ac43:8e9c Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://registraceodkazu.com/correos_junia/pay.php
Submission: On August 02 via manual (August 2nd 2023, 9:51:38 am UTC) from ES — Scanned from ES

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 14 HTTP transactions. The main IP is 2606:4700:3030::ac43:8e9c, located in United States and belongs to CLOUDFLARENET, US. The main domain is registraceodkazu.com.
TLS certificate: Issued by GTS CA 1P5 on July 27th 2023. Valid for: 3 months.

This is the only time registraceodkazu.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Correos (Transportation)

Domain & IP information

	IP Address		AS Autonomous System
14	2606:4700:303... 2606:4700:3030::ac43:8e9c		13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	1

14 2606:4700:3030::ac43:8e9c (United States)

ASN13335 (CLOUDFLARENET, US)

registraceodkazu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	registraceodkazu.com registraceodkazu.com	203 KB
14	1

	Domain	Requested by
14	registraceodkazu.com	registraceodkazu.com
14	1

This site contains no links.

Subject Issuer	Validity	Valid
registraceodkazu.com GTS CA 1P5	`2023-07-27` - `2023-10-25`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://registraceodkazu.com/correos_junia/pay.php
Frame ID: 88DAD8D9438F451686FF74B414B67329
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Pago

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

14
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

203 kB
Transfer

273 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request pay.php Show response registraceodkazu.com/correos_junia/	6 KB 2 KB	350ms 252ms	Document text/html	2606:4700:3030::ac43:8e9c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://registraceodkazu.com/correos_junia/pay.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:8e9c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f4948236f233b49e39750c2042b714baec01d05c208746c120e1f27abbea158a` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 accept-language es-ES,es;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7f056c443b828675-MAD content-encoding br content-type text/html; charset=UTF-8 date Wed, 02 Aug 2023 09:51:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BOtYQJOxeL65YqwCnQZT4CJ9AeFwKFTPcRjJvb9GJcsMXaMb%2BsdIUdxPnA9hHkM9oEQDpWEvXmqKac9lTko9Bi1iEt5X5IM8nO9wQWH%2FSAHdScFyhrdygTftpLeUqMF7jLaDv6wxhttjguNtb0gp4L6DbQ%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	head.css registraceodkazu.com/correos_junia/styles/	610 B 681 B	41ms 37ms	Stylesheet text/css	2606:4700:3030::ac43:8e9c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://registraceodkazu.com/correos_junia/styles/head.css Requested by Host: registraceodkazu.com URL: https://registraceodkazu.com/correos_junia/pay.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:8e9c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a78848aa370693b0eee2372a7ef5979c6481a32e10e7d57afdbc6e726bf5c5ca` Request headers accept-language es-ES,es;q=0.9 Referer https://registraceodkazu.com/correos_junia/pay.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 02 Aug 2023 09:51:32 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Tue, 01 Aug 2023 18:48:57 GMT server cloudflare age 1076 cf-polished origSize=882 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rmUhW1j%2B8zVVwfMcUjTHxZ31ReoMQd4C7DgmWN8OUJomzNJNEVXA4%2B%2BiegSKLwHqXODN3bsFrvDE%2FwN%2FQtfmybLfJJpBHxRkZHEzp%2BpH2ezlxmL3kugynBapuNwTqFHLzAp3DGuN%2BhnDT3cx6okqh8HJPw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7f056c45de458675-MAD alt-svc h3=":443"; ma=86400
GET H2	200	main.css registraceodkazu.com/correos_junia/styles/	4 KB 1 KB	78ms 74ms	Stylesheet text/css	2606:4700:3030::ac43:8e9c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://registraceodkazu.com/correos_junia/styles/main.css Requested by Host: registraceodkazu.com URL: https://registraceodkazu.com/correos_junia/pay.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:8e9c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `1ed49dca231ceef168240c1a62457b1d49046d539bfff4eaa5a89f67a5cc4597` Request headers accept-language es-ES,es;q=0.9 Referer https://registraceodkazu.com/correos_junia/pay.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 02 Aug 2023 09:51:32 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Tue, 01 Aug 2023 18:48:57 GMT server cloudflare age 1076 cf-polished origSize=5411 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AdqCkggl2AtKMVIyhfOINEZed0SCxwQ5SMw5A8MqLrgHCOGMMIUR3yLMDf359c1%2B7aVVNo9hBjXh0egm9XyhzwrZL5vVXcUT69yCqhys%2BgKRd7ShzCpUL8CiJ50JYog4X7cV581WTKCx%2BJ6ANpSQAUAXtg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7f056c45de488675-MAD alt-svc h3=":443"; ma=86400
GET H2	200	responsive.css registraceodkazu.com/correos_junia/styles/	940 B 668 B	41ms 38ms	Stylesheet text/css	2606:4700:3030::ac43:8e9c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://registraceodkazu.com/correos_junia/styles/responsive.css Requested by Host: registraceodkazu.com URL: https://registraceodkazu.com/correos_junia/pay.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:8e9c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e54bdcddb0156b010923b3f66c98bb32c0c0988d15cfdf88d43e4fad9d5c4334` Request headers accept-language es-ES,es;q=0.9 Referer https://registraceodkazu.com/correos_junia/pay.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 02 Aug 2023 09:51:32 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Tue, 01 Aug 2023 18:48:57 GMT server cloudflare age 1076 cf-polished origSize=1756 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lyMQ3rU%2B2iRAsBYp5zPXPRu9Slso1E0%2BC4O64j5Mm5Rhgc5quSy%2FDBSSz97dGtOKmfpEdoQlzxJs0y2Z6vs5kB78eNBZi%2BUJJ3Y79crsyt57PxhbgZCgICC0p7Vyx1%2FDhZdKfJ9UYBQBvq4WvSSXLHhT5g%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7f056c45de4a8675-MAD alt-svc h3=":443"; ma=86400
GET H2	200	codigo.Css registraceodkazu.com/correos_junia/styles/	402 B 656 B	77ms 74ms	Stylesheet text/css	2606:4700:3030::ac43:8e9c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://registraceodkazu.com/correos_junia/styles/codigo.Css Requested by Host: registraceodkazu.com URL: https://registraceodkazu.com/correos_junia/pay.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:8e9c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0acab4285d2d3fb2eab655b9bc67acbe4b3d80e41a5ee0ff98d26cfc95948658` Request headers accept-language es-ES,es;q=0.9 Referer https://registraceodkazu.com/correos_junia/pay.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 02 Aug 2023 09:51:32 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Tue, 01 Aug 2023 18:48:57 GMT server cloudflare age 1076 cf-polished origSize=572 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2qZxaBEelJKiAF0pJrKs3XOzuZo0%2B1REPs7jknU%2Bp4psdA7i9B%2F%2FbEemswx8nW%2Fs5AqneafG6daUGXPwNRHRGXPRlIRWozETTUQdqEyLNuEtnZCexAs6UtxZPhHXtvnF5QR0PYl7dzN6W%2BKuWxOiP%2FxY%2FA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7f056c45de4b8675-MAD alt-svc h3=":443"; ma=86400
GET H2	200	corr.css registraceodkazu.com/correos_junia/styles/	3 KB 1001 B	42ms 39ms	Stylesheet text/css	2606:4700:3030::ac43:8e9c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://registraceodkazu.com/correos_junia/styles/corr.css Requested by Host: registraceodkazu.com URL: https://registraceodkazu.com/correos_junia/pay.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:8e9c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `dcae82fdf780b118002de16e90ddbb3c1378bf05aca79f661d9afc4dd147b9fd` Request headers accept-language es-ES,es;q=0.9 Referer https://registraceodkazu.com/correos_junia/pay.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 02 Aug 2023 09:51:32 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Tue, 01 Aug 2023 18:48:57 GMT server cloudflare age 1076 cf-polished origSize=3817 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fDLUjjWiZnWT6ibBCFZOn%2FqlAae%2FJ6bYp3Udhj3zGenSeVnEWo6Gv2V3wfu4ER8Gv6wdSQ5ncq6BQhThOnRJcHkMqFQ10W%2F0T56FPbCG1xlFGGTPfJmbKssFMRQZOyttaveVeBq2SlE%2Bb7ycMpPczCLbXA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7f056c45de4c8675-MAD alt-svc h3=":443"; ma=86400
GET H2	200	LogoCornamusa.svg registraceodkazu.com/correos_junia/images/	3 KB 1 KB	75ms 73ms	Image image/svg+xml	2606:4700:3030::ac43:8e9c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://registraceodkazu.com/correos_junia/images/LogoCornamusa.svg Requested by Host: registraceodkazu.com URL: https://registraceodkazu.com/correos_junia/pay.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:8e9c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `9ca4b4430d80704711911dfc8604b4c12f6697c462cdfa1a52c0ed47c09f99da` Request headers accept-language es-ES,es;q=0.9 Referer https://registraceodkazu.com/correos_junia/pay.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 02 Aug 2023 09:51:32 GMT content-encoding br cf-cache-status HIT last-modified Tue, 01 Aug 2023 18:48:57 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1076 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B57gQf%2BC%2BIltMjbu92alN0Pgqtci8QP11Imhrvftk9IHIX2VF0LSs949Civ5j5SnrJiVBsbTeC14ErXkhE%2FqdivUBVX1j3mxG849eIgQijtbZtCiuUzHb2M%2BgW8GoB3C54Nx5YvvAl2QnYa7c5J9fGQSFg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 7f056c45de518675-MAD alt-svc h3=":443"; ma=86400
GET H2	200	background-login.jpg registraceodkazu.com/correos_junia/images/	129 KB 130 KB	77ms 75ms	Image image/jpeg	2606:4700:3030::ac43:8e9c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://registraceodkazu.com/correos_junia/images/background-login.jpg Requested by Host: registraceodkazu.com URL: https://registraceodkazu.com/correos_junia/pay.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:8e9c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `642875617fb72743a219e89d09dca1ebb4c226cf3549c85f5d29d498e5add3c8` Request headers accept-language es-ES,es;q=0.9 Referer https://registraceodkazu.com/correos_junia/pay.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 02 Aug 2023 09:51:32 GMT cf-cache-status HIT last-modified Tue, 01 Aug 2023 18:48:57 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1076 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L3xV%2FYccHZ1zA1tjj5N8ICYmpvif3WP%2B%2FWg2BVkJveVTjz%2FHQAy4zDQHbZ75eDuraGXxrcPeHv3sxS8I87vmyW%2BX86l%2B4hxu8XUImQPmFZcwRSOLuoAFcr21LV60Ro2taWCvpgJ1UetAlIyAbH%2Fpkkxnqg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 7f056c45de538675-MAD alt-svc h3=":443"; ma=86400 content-length 132523
GET H2	200	livraison.jpg registraceodkazu.com/correos_junia/images/	29 KB 29 KB	43ms 41ms	Image image/jpeg	2606:4700:3030::ac43:8e9c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://registraceodkazu.com/correos_junia/images/livraison.jpg Requested by Host: registraceodkazu.com URL: https://registraceodkazu.com/correos_junia/pay.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:8e9c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `556e932c42ffa56c99e663591065066d4ae3b97292221768fce25c8e91e0807f` Request headers accept-language es-ES,es;q=0.9 Referer https://registraceodkazu.com/correos_junia/pay.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 02 Aug 2023 09:51:32 GMT cf-cache-status HIT last-modified Tue, 01 Aug 2023 18:48:57 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1076 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BhH%2F2Ml7U%2Btgfzb6DRTAD%2FWk7e2djvd5IY1lFtx%2Bi8L4TtCD7DSq748Db%2FOQwnqwUv0gAieGwrwshYgD6AycXGQW69F1Zw5MSSJjg6ACU0N9u04ufMRdO1XrdyhlrxuN3FP5e5WahRgACsUU%2FpymJcPdnA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 7f056c45de558675-MAD alt-svc h3=":443"; ma=86400 content-length 29293
GET H2	200	footer-logo.svg registraceodkazu.com/correos_junia/images/	1 KB 1 KB	81ms 78ms	Image image/svg+xml	2606:4700:3030::ac43:8e9c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://registraceodkazu.com/correos_junia/images/footer-logo.svg Requested by Host: registraceodkazu.com URL: https://registraceodkazu.com/correos_junia/pay.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:8e9c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `dae58e3a35038fe1508d4ce16805960f8722fef2f68de4da845b9f48b9e969df` Request headers accept-language es-ES,es;q=0.9 Referer https://registraceodkazu.com/correos_junia/pay.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 02 Aug 2023 09:51:32 GMT content-encoding br cf-cache-status HIT last-modified Tue, 01 Aug 2023 18:48:57 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1076 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e4%2BBB32fAC6LP1xyT2ZkgMNFxNAE8EqK8ELeIxJRGyGlYl8YFe6WDGuNiuxDa8F%2FodHtNLGyRttiDw3Y8sCV7H%2BLs9Mvje51zqRs3tB148T9C0xWaz4ANpkjaCb%2FtNi%2BJyUn1bTrUgCq19yK0KZplKlyaQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 7f056c460e8b8675-MAD alt-svc h3=":443"; ma=86400
GET H2	200	codigo.js Show response registraceodkazu.com/correos_junia/javascript/	2 KB 785 B	43ms 40ms	Script application/javascript	2606:4700:3030::ac43:8e9c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://registraceodkazu.com/correos_junia/javascript/codigo.js Requested by Host: registraceodkazu.com URL: https://registraceodkazu.com/correos_junia/pay.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:8e9c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `cf0d80a3e24c358b19eb8015b860f6fb59272ad48d43564c0f31ed4b45bae0f7` Request headers accept-language es-ES,es;q=0.9 Referer https://registraceodkazu.com/correos_junia/pay.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 02 Aug 2023 09:51:32 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Tue, 01 Aug 2023 18:48:57 GMT server cloudflare age 1076 cf-polished origSize=3451 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qvu5uqQ%2FW4Hr3iaqjz2xnaKlPuKlD1BASIicDHJQHqNRIt%2F78%2F%2FV%2FAXi%2Bzvw11vd9RPtqT11W39O8S2HWdjF4e9LX1iAzGliCR4JxUawpauhVo3JwlG3rUr5tqKWQrWadMNYwGiGQcw8xucsiuLxl47dbw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 7f056c45de4d8675-MAD alt-svc h3=":443"; ma=86400
GET H2	200	junia.js Show response registraceodkazu.com/correos_junia/javascript/	20 KB 7 KB	50ms 48ms	Script application/javascript	2606:4700:3030::ac43:8e9c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://registraceodkazu.com/correos_junia/javascript/junia.js Requested by Host: registraceodkazu.com URL: https://registraceodkazu.com/correos_junia/pay.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:8e9c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `bdc267ab3ec47b5cf191ae9cffd2cd276eddca9a8236724299e37487b645a4fe` Request headers accept-language es-ES,es;q=0.9 Referer https://registraceodkazu.com/correos_junia/pay.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 02 Aug 2023 09:51:32 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Tue, 01 Aug 2023 18:48:57 GMT server cloudflare age 1076 cf-polished origSize=21408 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JY7FUKMoxuf%2F6Q%2B1GF%2F40W2nlPZ5%2FkMCtbq%2B9INio37kVq1b%2F0Q1yALo2NWrqctEJ9ALTapNOS1%2F2NsMWoKaq%2FbaWY0VI5j0v0UbVw5pRfHUXPaqVAk7id62rFyI4pRGGV1Zb2%2BCSaKkUNdvKBVAAMfmxg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 7f056c45de4e8675-MAD alt-svc h3=":443"; ma=86400
GET H3	200	CarteroRegular.otf registraceodkazu.com/correos_junia/fonts/	37 KB 14 KB	275ms 275ms	Font font/otf	2606:4700:3030::ac43:8e9c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://registraceodkazu.com/correos_junia/fonts/CarteroRegular.otf Requested by Host: registraceodkazu.com URL: https://registraceodkazu.com/correos_junia/styles/head.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:8e9c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e3226d13f953e1ce196cf91fec6bbc878bc91eb65a768491ef90f3495e391fa1` Request headers Referer https://registraceodkazu.com/correos_junia/styles/head.css Origin https://registraceodkazu.com accept-language es-ES,es;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 02 Aug 2023 09:51:33 GMT content-encoding br cf-cache-status REVALIDATED last-modified Tue, 01 Aug 2023 18:48:57 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TVpglZxJ%2F%2FN%2FttIt2LZyH9RC2%2FPT%2Fmo8XpX7F752GMojYkfAs7Jbh%2FUhGgFpCsygrpmIOHTiVDB68jRwqM9levSfFp0JuhUwODisE3YkKNDHmIbh%2B3AKax5264Ta2t1YzLek5mPFZPc8VmhUIBNUA9oT8Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type font/otf cache-control max-age=14400 cf-ray 7f056c46af361bb4-MAD alt-svc h3=":443"; ma=86400
GET H3	200	CarteroLight.otf registraceodkazu.com/correos_junia/fonts/	37 KB 14 KB	244ms 243ms	Font font/otf	2606:4700:3030::ac43:8e9c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://registraceodkazu.com/correos_junia/fonts/CarteroLight.otf Requested by Host: registraceodkazu.com URL: https://registraceodkazu.com/correos_junia/styles/main.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:8e9c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `94ddea49ff5c70e8c9b9eeaf22d9ed72f96abd31f2a3124b222ab9bd1de64446` Request headers Referer https://registraceodkazu.com/correos_junia/styles/main.css Origin https://registraceodkazu.com accept-language es-ES,es;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 02 Aug 2023 09:51:33 GMT content-encoding br cf-cache-status REVALIDATED last-modified Tue, 01 Aug 2023 18:48:57 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Kh%2Bubjk9fF1owx1mhFeSOH%2BkBzWL3vYy7Gg3zPapdgAfj7NnFYXnCQnPq46%2FnRFC%2BUJpqznkk8zzlnelomlG0hK1vDI1mb6IyfRf%2FpzIE9UBkqFkLtX9PiNfzRZJrZGgQWX483r1u7LT6wQWOYoN0npSw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type font/otf cache-control max-age=14400 cf-ray 7f056c46af391bb4-MAD alt-svc h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Correos (Transportation)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| Cleave

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

registraceodkazu.com
2606:4700:3030::ac43:8e9c
0acab4285d2d3fb2eab655b9bc67acbe4b3d80e41a5ee0ff98d26cfc95948658
1ed49dca231ceef168240c1a62457b1d49046d539bfff4eaa5a89f67a5cc4597
556e932c42ffa56c99e663591065066d4ae3b97292221768fce25c8e91e0807f
642875617fb72743a219e89d09dca1ebb4c226cf3549c85f5d29d498e5add3c8
94ddea49ff5c70e8c9b9eeaf22d9ed72f96abd31f2a3124b222ab9bd1de64446
9ca4b4430d80704711911dfc8604b4c12f6697c462cdfa1a52c0ed47c09f99da
a78848aa370693b0eee2372a7ef5979c6481a32e10e7d57afdbc6e726bf5c5ca
bdc267ab3ec47b5cf191ae9cffd2cd276eddca9a8236724299e37487b645a4fe
cf0d80a3e24c358b19eb8015b860f6fb59272ad48d43564c0f31ed4b45bae0f7
dae58e3a35038fe1508d4ce16805960f8722fef2f68de4da845b9f48b9e969df
dcae82fdf780b118002de16e90ddbb3c1378bf05aca79f661d9afc4dd147b9fd
e3226d13f953e1ce196cf91fec6bbc878bc91eb65a768491ef90f3495e391fa1
e54bdcddb0156b010923b3f66c98bb32c0c0988d15cfdf88d43e4fad9d5c4334
f4948236f233b49e39750c2042b714baec01d05c208746c120e1f27abbea158a

registraceodkazu.com Open in urlscan Pro 2606:4700:3030::ac43:8e9c Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

14 Requests

100 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

203 kBTransfer

273 kBSize

0 Cookies

0 Outgoing links

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

1 JavaScript Global Variables

0 Cookies

Indicators

registraceodkazu.com Open in urlscan Pro
2606:4700:3030::ac43:8e9c Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

203 kB
Transfer

273 kB
Size

0
Cookies

14 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!