Submitted URL: http://poduran.online/
Effective URL: https://poduran.online/
Submission: On December 13 via api from US — Scanned from IS

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 8 HTTP transactions. The main IP is 172.67.171.161, located in United States and belongs to CLOUDFLARENET, US. The main domain is poduran.online.
TLS certificate: Issued by WE1 on December 13th 2024. Valid for: 3 months.
This is the only time poduran.online was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Banco de Venezuela (Banking)

Domain & IP information

IP Address AS Autonomous System
8 172.67.171.161 13335 (CLOUDFLAR...)
8 1
Apex Domain
Subdomains
Transfer
8 poduran.online
poduran.online
140 KB
8 1
Domain Requested by
8 poduran.online poduran.online
8 1

This site contains no links.

Subject Issuer Validity Valid
poduran.online
WE1
2024-12-13 -
2025-03-13
3 months crt.sh

This page contains 1 frames:

Primary Page: https://poduran.online/
Frame ID: 174F0DD6FBA5295AAEF4831218952463
Requests: 8 HTTP requests in this frame

Screenshot

Page Title

BDVenlĂ­nea personas

Page URL History Show full URLs

  1. http://poduran.online/ HTTP 307
    https://poduran.online/ Page URL

Page Statistics

8
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

140 kB
Transfer

468 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://poduran.online/ HTTP 307
    https://poduran.online/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
poduran.online/
Redirect Chain
  • http://poduran.online/
  • https://poduran.online/
22 KB
5 KB
Document
General
Full URL
https://poduran.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.171.161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c247141720077048cbffdca6ee514be8a1e4073e95e735df9258778d52ff59bd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f180d949a875cbb-KEF
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Fri, 13 Dec 2024 18:35:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CW5BosZQRiPFJbu5nHwlmHH46bWU%2FmcRiB%2B4tLetond5CBWTZww91mzxfr%2BAagHYqZ%2FnrroFT4JQTsNZ4EP0Y7sdlFKd2jFz%2FeZpqa0m241vghZXPZ0Fr0xmYDyMhz3jXw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=90490&min_rtt=88109&rtt_var=16478&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4159&recv_bytes=4479&delivery_rate=231&cwnd=12000&unsent_bytes=0&cid=37afc44543c468a7&ts=393&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding

Redirect headers

Location
https://poduran.online/
Non-Authoritative-Reason
HttpsUpgrades
style.css
poduran.online/assets/
341 KB
32 KB
Stylesheet
General
Full URL
https://poduran.online/assets/style.css
Requested by
Host: poduran.online
URL: https://poduran.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.171.161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c7e5ca6564d2c5ab24dc7c975ae30f32dc1df6b5ee848be3cfad40968a3a22c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://poduran.online/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
"55522-61ba20a328980-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BBdSOAJCszlXXF8I37W8BbJmfK1MhlPOyefa6sJcVoZn%2F2kewogFvp3RG7KwWOEq1cYZDssbioN8SghA3EESzKCJGUEzTNZslRiMv3l%2BkomSNs8It71MHBsYwB8JRZBKkg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=94663&min_rtt=88109&rtt_var=10668&sent=23&recv=20&lost=0&retrans=0&sent_bytes=13572&recv_bytes=6225&delivery_rate=11171&cwnd=12000&unsent_bytes=0&cid=37afc44543c468a7&ts=941&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 13 Dec 2024 18:35:17 GMT
content-type
text/css
last-modified
Mon, 24 Jun 2024 12:37:10 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f180d979bb55cbb-KEF
accept-ranges
bytes
content-length
32230
server
cloudflare
asi.css
poduran.online/assets/
52 B
742 B
Stylesheet
General
Full URL
https://poduran.online/assets/asi.css
Requested by
Host: poduran.online
URL: https://poduran.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.171.161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93af24c01c94473fc782ea883a4ee554e3e06f2ca0b004af10181ada7fc2e141

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://poduran.online/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"34-61b9f1d161380"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cJiX4Z5vDWnnmRc5SreMTPCuh0%2BDf6jW9oIc8Aa7p7mikHil941%2BZa7KWMfO7s26qbHAx3lt4EGXD4gj3oDXVUFrHiYp5MbDhwCXlQL6Sg%2BzIA5TfmrsfhHQZgOkbhQo0A%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f180d979bb65cbb-KEF
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=92275&min_rtt=88109&rtt_var=10521&sent=19&recv=18&lost=0&retrans=0&sent_bytes=9906&recv_bytes=6139&delivery_rate=62989&cwnd=12000&unsent_bytes=0&cid=37afc44543c468a7&ts=823&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 13 Dec 2024 18:35:17 GMT
content-type
text/css
last-modified
Mon, 24 Jun 2024 09:07:42 GMT
vary
Accept-Encoding
priority
u=0,i=?0
logo.png
poduran.online/assets/
31 KB
32 KB
Image
General
Full URL
https://poduran.online/assets/logo.png
Requested by
Host: poduran.online
URL: https://poduran.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.171.161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2db48f3bb76be4f40a324525d4e872882f59208122f0ea552759eb76beb97d3a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://poduran.online/

Response headers

cf-cache-status
MISS
etag
"7da2-61b9fb8e48d00"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hh5uHmPVHaxqQIDGTRjBRd2pyTacESheLJ7UbbadBkUk%2B4HrkES6jl2DnFRX%2Fh9H60lKzQGAtvUz5s%2FZ8kYfdny8QghlJhcorlqLjb5dx1gbbIvZFzu7e3hP9VJKKFhBJw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=94663&min_rtt=88109&rtt_var=10668&sent=33&recv=20&lost=0&retrans=0&sent_bytes=25572&recv_bytes=6225&delivery_rate=11171&cwnd=12000&unsent_bytes=0&cid=37afc44543c468a7&ts=942&x=1", cfExtPri, cfHdrFlush;dur=92
date
Fri, 13 Dec 2024 18:35:17 GMT
content-type
image/png
last-modified
Mon, 24 Jun 2024 09:51:16 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f180d979bb85cbb-KEF
accept-ranges
bytes
content-length
32162
server
cloudflare
jav2.js
poduran.online/assets/
262 B
849 B
Script
General
Full URL
https://poduran.online/assets/jav2.js
Requested by
Host: poduran.online
URL: https://poduran.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.171.161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c0b5af07d620812297ecaef34a583767b98dfde7e1baea19caac49618128e30

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://poduran.online/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
"106-61b9f1d161380-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0qZgjsB1I46obFi7Hl2DKavre6yn5xMks1b6j%2BXtfskrx1pSm1ZCSVnTkCL4l3nlXDO9N1FpaCnJ0fGG8Sa%2FSvbtN6fu%2BLV8o8vOx2%2FGjgAJWyi86dKoKivNFknaQpEyVg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=92275&min_rtt=88109&rtt_var=10521&sent=20&recv=18&lost=0&retrans=0&sent_bytes=10671&recv_bytes=6139&delivery_rate=62989&cwnd=12000&unsent_bytes=0&cid=37afc44543c468a7&ts=826&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 13 Dec 2024 18:35:17 GMT
content-type
text/javascript
last-modified
Mon, 24 Jun 2024 09:07:42 GMT
vary
Accept-Encoding
priority
u=2,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f180d979bb95cbb-KEF
accept-ranges
bytes
content-length
154
server
cloudflare
app.js
poduran.online/assets/
5 KB
2 KB
Script
General
Full URL
https://poduran.online/assets/app.js
Requested by
Host: poduran.online
URL: https://poduran.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.171.161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e843c5aa140c6df9a16514b212b4d8fec5ee8276065dd4c56dde08d0643042aa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://poduran.online/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
"15f1-62589a566f800-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fwnLZya1oNrNz69wTdc62Je3v2yz9X8Hgtil8xih%2FX9aQmlO8o2dGrpsRgS88k9wQZ5EvJLs0DiyOp8xIKHd9KvQvOAnX1DCWKDfERMtBku8c7I7nAJEvyj%2BZFkaliXwsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=92275&min_rtt=88109&rtt_var=10521&sent=21&recv=18&lost=0&retrans=0&sent_bytes=11543&recv_bytes=6139&delivery_rate=62989&cwnd=12000&unsent_bytes=0&cid=37afc44543c468a7&ts=845&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 13 Dec 2024 18:35:17 GMT
content-type
text/javascript
last-modified
Mon, 28 Oct 2024 13:42:56 GMT
vary
Accept-Encoding
priority
u=2,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f180d97bbce5cbb-KEF
accept-ranges
bytes
content-length
1289
server
cloudflare
background.webp
poduran.online/assets/
68 KB
66 KB
Image
General
Full URL
https://poduran.online/assets/background.webp
Requested by
Host: poduran.online
URL: https://poduran.online/assets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.171.161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb0cb7f47385dc36d0e23bb39ae5b0e4e6cf9f9538e6f157f224975ad45776c4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://poduran.online/assets/style.css

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
"10e52-61b9fb7394e00-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YJYxcPryYij0FR89S7RCvk9KQKEx1YrN565ztaJ9%2BOGjWtL%2Bhn9nPKHzmGjbU4XgK7St%2Be9cXA1uaXkgmKMYE9anwHZc3j2zLyfl0I80hehpYNfidY5TXndir%2FoFsT9QTw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f180d9afde15cbb-KEF
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=89522&min_rtt=88109&rtt_var=143&sent=81&recv=49&lost=0&retrans=0&sent_bytes=80796&recv_bytes=7792&delivery_rate=429682&cwnd=40800&unsent_bytes=0&cid=37afc44543c468a7&ts=1496&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 13 Dec 2024 18:35:17 GMT
content-type
image/webp
last-modified
Mon, 24 Jun 2024 09:50:48 GMT
vary
Accept-Encoding
priority
u=3,i
favicon.ico
poduran.online/
260 B
871 B
Other
General
Full URL
https://poduran.online/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.171.161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c399d91eb7ae089d75f61dabbe1a037b59c6250fb93587500f83153159354a8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://poduran.online/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LtyNF6R6R1ItfFOw1ttROxeFPEbhKfY66G%2FLOkDLuZFJQckF6PKGozgBxNZNZDqVBLtFeEHrk8%2B5bH%2BpONWo87BUJqd0IL7N7giLd7SYnU2GRMrxdprVCF13XK5uPo9AGg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f180d9eaf7e5cbb-KEF
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=90008&min_rtt=88109&rtt_var=290&sent=142&recv=66&lost=0&retrans=0&sent_bytes=150162&recv_bytes=8852&delivery_rate=414905&cwnd=40800&unsent_bytes=0&cid=37afc44543c468a7&ts=1955&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 13 Dec 2024 18:35:18 GMT
content-type
text/html; charset=iso-8859-1
vary
Accept-Encoding
server
cloudflare
priority
u=1,i

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banco de Venezuela (Banking)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| ver function| chcs function| chc function| cls function| verificarLongitud number| stage

0 Cookies

2 Console Messages

Source Level URL
Text
recommendation verbose URL: https://poduran.online/
Message:
[DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o
network error URL: https://poduran.online/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()