infernodossa.com Open in urlscan Pro
66.235.200.147  Malicious Activity! Public Scan

URL: https://infernodossa.com/MX/CorreodeMX/pay.php
Submission: On October 29 via automatic, source openphish — Scanned from DE

Summary

This website contacted 2 IPs in 2 countries across 4 domains to perform 13 HTTP transactions. The main IP is 66.235.200.147, located in United States and belongs to CLOUDFLARENET, US. The main domain is infernodossa.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 29th 2023. Valid for: a year.
This is the only time infernodossa.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Correos (Transportation)

Domain & IP information

IP Address AS Autonomous System
12 66.235.200.147 13335 (CLOUDFLAR...)
1 1 89.221.216.129 197019 (WEDOS)
1 1 172.217.16.206 15169 (GOOGLE)
1 172.217.16.193 15169 (GOOGLE)
13 2
Apex Domain
Subdomains
Transfer
12 infernodossa.com
infernodossa.com
201 KB
1 googleusercontent.com
doc-08-bg-docs.googleusercontent.com — Cisco Umbrella Rank: 501689
625 KB
1 google.com
drive.google.com — Cisco Umbrella Rank: 318
1 KB
1 img.onl
img.onl — Cisco Umbrella Rank: 520953
221 B
13 4
Domain Requested by
12 infernodossa.com infernodossa.com
1 doc-08-bg-docs.googleusercontent.com infernodossa.com
1 drive.google.com 1 redirects
1 img.onl 1 redirects
13 4

This site contains no links.

Subject Issuer Validity Valid
infernodossa.com
Cloudflare Inc ECC CA-3
2023-05-29 -
2024-05-27
a year crt.sh

This page contains 1 frames:

Primary Page: https://infernodossa.com/MX/CorreodeMX/pay.php
Frame ID: F4AFB02E70C7C385108FDAD83D4853DD
Requests: 13 HTTP requests in this frame

Screenshot

Page Title

Pago

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Page Statistics

13
Requests

92 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

2
IPs

2
Countries

827 kB
Transfer

898 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://img.onl/htKAr6 HTTP 302
  • https://drive.google.com/uc?export=view&id=1yz_7iLbaE1pi3a52U-1K25A0XhHCe0r6 HTTP 303
  • https://doc-08-bg-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/668f50jiiu5danrvvnbeermrgdor1m6m/1698602850000/10318039330111529760/*/1yz_7iLbaE1pi3a52U-1K25A0XhHCe0r6?e=view&uuid=f7d1dbf1-97d4-4ca0-a0d9-9e7f0025ca30

13 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request pay.php
infernodossa.com/MX/CorreodeMX/
8 KB
2 KB
Document
General
Full URL
https://infernodossa.com/MX/CorreodeMX/pay.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.235.200.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
host77.ipowerweb.com
Software
cloudflare /
Resource Hash
dc9ec7eb87fd868ccd40d4d14a96d509e9ca37320b731900e99e21e7b29b49d0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-cache-status
EXPIRED
cf-ray
81dd5c71fbbc65d7-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 29 Oct 2023 18:07:57 GMT
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified
Sun, 29 Oct 2023 04:11:55 GMT
server
cloudflare
vary
Accept-Encoding
head.css
infernodossa.com/MX/CorreodeMX/styles/
882 B
548 B
Stylesheet
General
Full URL
https://infernodossa.com/MX/CorreodeMX/styles/head.css
Requested by
Host: infernodossa.com
URL: https://infernodossa.com/MX/CorreodeMX/pay.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.235.200.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
host77.ipowerweb.com
Software
cloudflare /
Resource Hash
555fb6d723203f6feda4f9834849fbada17a316fbb07e80f000996cd391258ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://infernodossa.com/MX/CorreodeMX/pay.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sun, 29 Oct 2023 18:07:58 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Thu, 27 Jul 2023 22:26:53 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
accept-ranges
bytes
cf-ray
81dd5c736e4165d7-FRA
content-length
418
main.css
infernodossa.com/MX/CorreodeMX/styles/
5 KB
2 KB
Stylesheet
General
Full URL
https://infernodossa.com/MX/CorreodeMX/styles/main.css
Requested by
Host: infernodossa.com
URL: https://infernodossa.com/MX/CorreodeMX/pay.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.235.200.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
host77.ipowerweb.com
Software
cloudflare /
Resource Hash
9412fa88bd00b693e3899e98cf9ed2cec119236572f0bf8d257c777115fcb41f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://infernodossa.com/MX/CorreodeMX/pay.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sun, 29 Oct 2023 18:07:58 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Thu, 27 Jul 2023 22:26:53 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
accept-ranges
bytes
cf-ray
81dd5c736e4365d7-FRA
content-length
1584
responsive.css
infernodossa.com/MX/CorreodeMX/styles/
2 KB
513 B
Stylesheet
General
Full URL
https://infernodossa.com/MX/CorreodeMX/styles/responsive.css
Requested by
Host: infernodossa.com
URL: https://infernodossa.com/MX/CorreodeMX/pay.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.235.200.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
host77.ipowerweb.com
Software
cloudflare /
Resource Hash
e8dd42f6deace38cd1fae720b398765001207aadccc3cc324da0a4cbbdb8f3e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://infernodossa.com/MX/CorreodeMX/pay.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sun, 29 Oct 2023 18:07:58 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Thu, 27 Jul 2023 22:26:53 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
accept-ranges
bytes
cf-ray
81dd5c736e4465d7-FRA
content-length
453
codigo.Css
infernodossa.com/MX/CorreodeMX/styles/
572 B
361 B
Stylesheet
General
Full URL
https://infernodossa.com/MX/CorreodeMX/styles/codigo.Css
Requested by
Host: infernodossa.com
URL: https://infernodossa.com/MX/CorreodeMX/pay.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.235.200.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
host77.ipowerweb.com
Software
cloudflare /
Resource Hash
1fabc2b240dc75ec913233538d50e47f2244f68374b58a06050530f2f13ab3ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://infernodossa.com/MX/CorreodeMX/pay.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sun, 29 Oct 2023 18:07:58 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Thu, 27 Jul 2023 22:26:53 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
accept-ranges
bytes
cf-ray
81dd5c736e4a65d7-FRA
content-length
302
corr.css
infernodossa.com/MX/CorreodeMX/styles/
4 KB
1011 B
Stylesheet
General
Full URL
https://infernodossa.com/MX/CorreodeMX/styles/corr.css
Requested by
Host: infernodossa.com
URL: https://infernodossa.com/MX/CorreodeMX/pay.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.235.200.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
host77.ipowerweb.com
Software
cloudflare /
Resource Hash
504f97f068a0abd89a9c7b18f7133415655763a1a8df67ca8f753a4869ae3352

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://infernodossa.com/MX/CorreodeMX/pay.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sun, 29 Oct 2023 18:07:58 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Thu, 27 Jul 2023 22:26:53 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
accept-ranges
bytes
cf-ray
81dd5c736e4e65d7-FRA
content-length
951
1yz_7iLbaE1pi3a52U-1K25A0XhHCe0r6
doc-08-bg-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/668f50jiiu5danrvvnbeermrgdor1m6m/1698602850000/10318039330111529760/*/
Redirect Chain
  • https://img.onl/htKAr6
  • https://drive.google.com/uc?export=view&id=1yz_7iLbaE1pi3a52U-1K25A0XhHCe0r6
  • https://doc-08-bg-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/668f50jiiu5danrvvnbeermrgdor1m6m/1698602850000/10318039330111529760/*/1yz_7iLbaE1pi3a52U-1K25A0XhHCe0r6?e...
622 KB
625 KB
Image
General
Full URL
https://doc-08-bg-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/668f50jiiu5danrvvnbeermrgdor1m6m/1698602850000/10318039330111529760/*/1yz_7iLbaE1pi3a52U-1K25A0XhHCe0r6?e=view&uuid=f7d1dbf1-97d4-4ca0-a0d9-9e7f0025ca30
Requested by
Host: infernodossa.com
URL: https://infernodossa.com/MX/CorreodeMX/pay.php
Protocol
H2
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
UploadServer /
Resource Hash
148ef76ab854b80dbca345869fafbe70ada4eb18d65789c94ed80545722e9613
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://infernodossa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sun, 29 Oct 2023 18:08:00 GMT
x-content-type-options
nosniff
x-guploader-uploadid
ABPtcPoU4rmRnt9eSJwGXA8XXvvCHlhG2qZ8m3KuSb_13_3_LNknhNLq_ZAD8CyjMgmvsOQhStUVIAfLwJJdJCZVJFrMfg
content-disposition
inline; filename="64c30a77d827c.png"; filename*=UTF-8''64c30a77d827c.png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
636946
last-modified
Fri, 28 Jul 2023 00:23:22 GMT
server
UploadServer
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
image/png
access-control-allow-origin
*
x-goog-hash
crc32c=RIq0eQ==
cache-control
private, max-age=0
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, developer-token, financial-institution-id, X-Goog-Sn-Metadata, X-Goog-Sn-PatientId, GData-Version, google-cloud-resource-prefix, linked-customer-id, login-customer-id, x-goog-request-params, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, request-id, Slug, Transfer-Encoding, hotrod-board-name, hotrod-chrome-cpu-model, hotrod-chrome-processors, Want-Digest, X-Ad-Manager-Impersonation, x-chrome-connected, X-ClientDetails, X-Client-Version, X-Firebase-Locale, X-Goog-Firebase-Installations-Auth, X-Firebase-Client, X-Firebase-Client-Log-Type, X-Firebase-GMPID, X-Firebase-Auth-Token, X-Firebase-AppCheck, X-Firebase-Token, X-Goog-Drive-Client-Version, X-Goog-Drive-Resource-Keys, X-GData-Client, X-GData-Key, X-GoogApps-Allowed-Domains, X-Goog-AdX-Buyer-Impersonation, X-Goog-Api-Client, X-Goog-Visibilities, X-Goog-AuthUser, X-Google-EOM, x-goog-ext-124712974-jspb, x-goog-ext-467253834-jspb, x-goog-ext-353267353-bin, x-goog-ext-353267353-jspb, x-goog-ext-251363160-jspb, x-goog-ext-259736195-jspb, x-goog-ext-477772811-jspb, x-goog-ext-359275022-bin, x-goog-ext-328800237-jspb, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Request-Reason, X-Goog-Request-Time, X-Goog-Experiments, x-goog-iam-authority-selector, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Travel-Bgr, X-Goog-Travel-Settings, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Header-Content-Encoding, X-Goog-Upload-Header-Content-Length, X-Goog-Upload-Header-Content-Type, X-Goog-Upload-Header-Transfer-Encoding, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, x-goog-user-project, X-Goog-Visitor-Id, X-Goog-FieldMask, X-Google-Project-Override, x-goog-maps-api-salt, x-goog-maps-api-signature, x-goog-maps-client-id, X-Goog-Api-Key, x-goog-spanner-database-role, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Proxied-User-IP, X-Origin, X-Referer, X-Requested-With, X-Stadia-Client-Context, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-Alt-Service, X-Use-HTTP-Status-Code-Override, X-Ios-Bundle-Identifier, X-Android-Package, X-Android-Cert, X-Ariane-Xsrf-Token, X-YouTube-Bootstrap-Logged-In, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp, X-Compass-Routing-Destination, x-framework-xsrf-token, X-Goog-Meeting-ABR, X-Goog-Meeting-Botguardid, X-Goog-Meeting-ClientInfo, X-Goog-Meeting-ClientVersion, X-Goog-Meeting-Debugid, X-Goog-Meeting-Identifier, X-Goog-Meeting-Interop-Cohorts, X-Goog-Meeting-Interop-Type, X-Goog-Meeting-OidcIdToken, X-Goog-Meeting-RtcClient, X-Goog-Meeting-StartSource, X-Goog-Meeting-Token, X-Goog-Meeting-Viewer-Token, X-Client-Data, x-sdm-id-token, X-Sfdc-Authorization, MIME-Version, Content-Transfer-Encoding, X-Earth-Engine-App-ID-Token, X-Earth-Engine-Computation-Profile, X-Earth-Engine-Computation-Profiling, X-Play-Console-Experiments-Override, X-Play-Console-Session-Id, x-alkali-account-key, x-alkali-application-key, x-alkali-auth-apps-namespace, x-alkali-auth-entities-namespace, x-alkali-auth-entity, x-alkali-client-locale, EES-S7E-MODE, cast-device-capabilities, X-Server-Timeout, x-foyer-client-environment, x-goog-greenenergyuserappservice-metadata, x-goog-sherlog-context, X-Server-Token, x-rfui-request-context
expires
Sun, 29 Oct 2023 18:08:00 GMT

Redirect headers

date
Sun, 29 Oct 2023 18:07:59 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
script-src 'report-sample' 'nonce-nLXw94_FclI0AiJX8oaZTw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DriveUntrustedContentHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DriveUntrustedContentHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/DriveUntrustedContentHttp/cspreport
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/binary
location
https://doc-08-bg-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/668f50jiiu5danrvvnbeermrgdor1m6m/1698602850000/10318039330111529760/*/1yz_7iLbaE1pi3a52U-1K25A0XhHCe0r6?e=view&uuid=f7d1dbf1-97d4-4ca0-a0d9-9e7f0025ca30
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
background-login.jpg
infernodossa.com/MX/CorreodeMX/images/
129 KB
130 KB
Image
General
Full URL
https://infernodossa.com/MX/CorreodeMX/images/background-login.jpg
Requested by
Host: infernodossa.com
URL: https://infernodossa.com/MX/CorreodeMX/pay.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.235.200.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
host77.ipowerweb.com
Software
cloudflare /
Resource Hash
642875617fb72743a219e89d09dca1ebb4c226cf3549c85f5d29d498e5add3c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://infernodossa.com/MX/CorreodeMX/pay.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sun, 29 Oct 2023 18:07:58 GMT
cf-cache-status
REVALIDATED
cf-bgj
h2pri
last-modified
Thu, 27 Jul 2023 22:26:53 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/jpeg
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
accept-ranges
bytes
cf-ray
81dd5c736e5165d7-FRA
content-length
132523
livraison.jpg
infernodossa.com/MX/CorreodeMX/images/
29 KB
29 KB
Image
General
Full URL
https://infernodossa.com/MX/CorreodeMX/images/livraison.jpg
Requested by
Host: infernodossa.com
URL: https://infernodossa.com/MX/CorreodeMX/pay.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.235.200.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
host77.ipowerweb.com
Software
cloudflare /
Resource Hash
556e932c42ffa56c99e663591065066d4ae3b97292221768fce25c8e91e0807f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://infernodossa.com/MX/CorreodeMX/pay.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sun, 29 Oct 2023 18:07:58 GMT
cf-cache-status
REVALIDATED
cf-bgj
h2pri
last-modified
Thu, 27 Jul 2023 22:26:53 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/jpeg
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
accept-ranges
bytes
cf-ray
81dd5c736e5365d7-FRA
content-length
29293
codigo.js
infernodossa.com/MX/CorreodeMX/javascript/
3 KB
946 B
Script
General
Full URL
https://infernodossa.com/MX/CorreodeMX/javascript/codigo.js
Requested by
Host: infernodossa.com
URL: https://infernodossa.com/MX/CorreodeMX/pay.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.235.200.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
host77.ipowerweb.com
Software
cloudflare /
Resource Hash
11b019c7cee0159e28de21da4ccd4b405901b85e22d97b7f97d851b7bb3bdda6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://infernodossa.com/MX/CorreodeMX/pay.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sun, 29 Oct 2023 18:07:58 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Thu, 27 Jul 2023 22:26:54 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
accept-ranges
bytes
cf-ray
81dd5c736e5465d7-FRA
content-length
846
junia.js
infernodossa.com/MX/CorreodeMX/javascript/
21 KB
8 KB
Script
General
Full URL
https://infernodossa.com/MX/CorreodeMX/javascript/junia.js
Requested by
Host: infernodossa.com
URL: https://infernodossa.com/MX/CorreodeMX/pay.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.235.200.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
host77.ipowerweb.com
Software
cloudflare /
Resource Hash
f31fc66d7c9773e160a4aeb486fbb6e3ef4db203432911d691eaab93a62b2a34

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://infernodossa.com/MX/CorreodeMX/pay.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sun, 29 Oct 2023 18:07:58 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Thu, 27 Jul 2023 22:26:54 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
accept-ranges
bytes
cf-ray
81dd5c736e5665d7-FRA
content-length
7844
CarteroRegular.otf
infernodossa.com/MX/CorreodeMX/fonts/
37 KB
14 KB
Font
General
Full URL
https://infernodossa.com/MX/CorreodeMX/fonts/CarteroRegular.otf
Requested by
Host: infernodossa.com
URL: https://infernodossa.com/MX/CorreodeMX/styles/head.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.235.200.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
host77.ipowerweb.com
Software
cloudflare /
Resource Hash
e3226d13f953e1ce196cf91fec6bbc878bc91eb65a768491ef90f3495e391fa1

Request headers

Referer
https://infernodossa.com/MX/CorreodeMX/styles/head.css
Origin
https://infernodossa.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sun, 29 Oct 2023 18:07:58 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Thu, 27 Jul 2023 22:26:53 GMT
server
cloudflare
vary
Accept-Encoding
content-type
font/otf
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
cf-ray
81dd5c75190f65d7-FRA
CarteroLight.otf
infernodossa.com/MX/CorreodeMX/fonts/
37 KB
14 KB
Font
General
Full URL
https://infernodossa.com/MX/CorreodeMX/fonts/CarteroLight.otf
Requested by
Host: infernodossa.com
URL: https://infernodossa.com/MX/CorreodeMX/styles/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.235.200.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
host77.ipowerweb.com
Software
cloudflare /
Resource Hash
94ddea49ff5c70e8c9b9eeaf22d9ed72f96abd31f2a3124b222ab9bd1de64446

Request headers

Referer
https://infernodossa.com/MX/CorreodeMX/styles/main.css
Origin
https://infernodossa.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sun, 29 Oct 2023 18:07:58 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Thu, 27 Jul 2023 22:26:53 GMT
server
cloudflare
vary
Accept-Encoding
content-type
font/otf
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
cf-ray
81dd5c75191265d7-FRA

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Correos (Transportation)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| Cleave

0 Cookies