test.ellacreate.tech
Open in
urlscan Pro
118.27.95.153
Malicious Activity!
Public Scan
URL:
https://test.ellacreate.tech/wp-content/-/Recibir_paquete.php
Submission: On December 23 via automatic, source openphish — Scanned from JP
Submission: On December 23 via automatic, source openphish — Scanned from JP
Summary
This website contacted 2 IPs
in 1 countries
across 1 domains to perform 26 HTTP transactions.
The main IP is 118.27.95.153, located in
Japan and
belongs to INTERQ GMO Internet,Inc, JP.
The main domain is test.ellacreate.tech.
TLS certificate: Issued by R3 on October 19th 2022. Valid for: 3 months.
This is the only time test.ellacreate.tech was scanned on urlscan.io!
TLS certificate: Issued by R3 on October 19th 2022. Valid for: 3 months.
This is the only time test.ellacreate.tech was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Correos (Transportation)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 25 | 118.27.95.153 118.27.95.153 | 7506 (INTERQ GM...) (INTERQ GMO Internet) | |
| 26 | 2 |
25
118.27.95.153
(Japan)
ASN7506 (INTERQ GMO Internet,Inc, JP)
PTR: www95.conoha.ne.jp
ASN7506 (INTERQ GMO Internet,Inc, JP)
PTR: www95.conoha.ne.jp
| test.ellacreate.tech |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 25 |
ellacreate.tech
test.ellacreate.tech |
468 KB |
| 26 | 1 |
| Domain | Requested by | |
|---|---|---|
| 25 | test.ellacreate.tech |
test.ellacreate.tech
|
| 26 | 1 |
This site contains links to these domains. Also see Links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| test.ellacreate.tech R3 |
2022-10-19 - 2023-01-17 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://test.ellacreate.tech/wp-content/-/Recibir_paquete.php
Frame ID: 14E33FA8B3D489DF2F2F326DF54AC09F
Requests: 26 HTTP requests in this frame
Screenshot
Page Title
Correos | Recibir Paquetecornamusamolecules/badges/desktop/huaweilogos/footer/mastercardlogos/footer/paypallogos/footer/maestrologos/footer/visaDetected technologies
Adobe Experience Manager
(CMS)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- /etc\.clientlibs/
WordPress
(CMS)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- /wp-(?:content|includes)/
PHP
(Programming Languages)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- \.php(?:$|\?)
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery UI
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery-ui[.-]([\d.]*\d)[^/]*\.js
- jquery-ui.*\.js
Page Statistics
26 Outgoing links
These are links going to different origins than the main page.
URL: https://mioficina.correos.es/es/es/login
Title: INICIAR SESIÓN
Title: INICIAR SESIÓN
Search URL Search Domain Scan URL
URL: https://labs.correos.es/es/es/programas
Title: ¡INSCRÍBETE AQUÍ!
Title: ¡INSCRÍBETE AQUÍ!
Search URL Search Domain Scan URL
URL: https://www.correos.es/es/es/herramientas/localizador/envios
Title: Seguimiento de envío
Title: Seguimiento de envío
Search URL Search Domain Scan URL
URL: https://www.correos.es/es/es/particulares/recibir
Title: Recibir
Title: Recibir
Search URL Search Domain Scan URL
URL: https://www.correos.es/es/es/particulares/enviar
Title: Enviar
Title: Enviar
Search URL Search Domain Scan URL
URL: https://www.correos.es/es/es/empresas/enviar
Title: Enviar
Title: Enviar
Search URL Search Domain Scan URL
URL: https://www.correos.es/es/es/empresas/ecommerce
Title: Ecommerce
Title: Ecommerce
Search URL Search Domain Scan URL
URL: https://www.correos.es/es/es/empresas/marketing
Title: Marketing
Title: Marketing
Search URL Search Domain Scan URL
URL: https://www.correos.es/es/es/particulares/ocio-y-viajes/sellos-y-filatelia
Title: Filatelia
Title: Filatelia
Search URL Search Domain Scan URL
URL: https://www.market.correos.es/
Title: Correos Market
Title: Correos Market
Search URL Search Domain Scan URL
URL: https://www.correos.com/?_ga=2.48058663.1272337042.1602486055-1925384938.1602155804
Title: Web institucional
Title: Web institucional
Search URL Search Domain Scan URL
URL: https://www.correos.es/es/es/atencion-al-cliente
Title: Atención al cliente
Title: Atención al cliente
Search URL Search Domain Scan URL
URL: https://www.correos.es/es/es/herramientas/oficinas-buzones-citypaq/detalle
Title: Encuentra tu oficina
Title: Encuentra tu oficina
Search URL Search Domain Scan URL
URL: https://www.facebook.com/correos.es
Search URL Search Domain Scan URL
URL: https://www.instagram.com/correos/
Search URL Search Domain Scan URL
URL: https://twitter.com/correos
Search URL Search Domain Scan URL
URL: https://www.linkedin.com/company/correos/
Search URL Search Domain Scan URL
URL: https://www.youtube.com/user/CanalCorreos
Search URL Search Domain Scan URL
URL: https://apps.apple.com/app/correos-info/id486322953
Search URL Search Domain Scan URL
URL: https://play.google.com/store/apps/details?id=es.correos.widget&hl=es
Search URL Search Domain Scan URL
URL: https://appgallery.huawei.com/#/app/C102638007?pkgName=es.correos.widget&channelId=i&referrer=&detailType=0&callType=AGDLINK
Title: molecules/badges/desktop/huawei
Title: molecules/badges/desktop/huawei
Search URL Search Domain Scan URL
URL: https://www.correos.es/es/es/legales/politica-de-cookies
Title: Política de cookies
Title: Política de cookies
Search URL Search Domain Scan URL
URL: https://www.correos.es/es/es/legales/aviso-legal
Title: Aviso legal
Title: Aviso legal
Search URL Search Domain Scan URL
URL: https://www.correos.es/es/es/legales/privacidad-web
Title: Privacidad web
Title: Privacidad web
Search URL Search Domain Scan URL
URL: https://www.correos.es/es/es/legales/alerta-de-seguridad
Title: Alerta seguridad
Title: Alerta seguridad
Search URL Search Domain Scan URL
URL: https://www.correos.es/es/es/legales/accesibilidad
Title: Accesibilidad
Title: Accesibilidad
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
26 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
Recibir_paquete.php
test.ellacreate.tech/wp-content/-/ |
584 KB 91 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
main.css
test.ellacreate.tech/wp-content/-/Seleccione%20medio%20de%20pago_fichiers/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gtm.js
test.ellacreate.tech/wp-content/-/assets/recibir_paquete_files/ |
78 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
correos-ui-kit.css
test.ellacreate.tech/wp-content/-/assets/recibir_paquete_files/ |
126 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
deco_triangles.svg
test.ellacreate.tech/wp-content/-/assets/recibir_paquete_files/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
deco_bars.svg
test.ellacreate.tech/wp-content/-/assets/recibir_paquete_files/ |
913 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
apple_store.jpg
test.ellacreate.tech/wp-content/-/assets/recibir_paquete_files/ |
11 KB 11 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
google_play.jpg
test.ellacreate.tech/wp-content/-/assets/recibir_paquete_files/ |
12 KB 12 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
clientlib-site.js
test.ellacreate.tech/wp-content/-/assets/recibir_paquete_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
clientlib-provider-correosid.js
test.ellacreate.tech/wp-content/-/assets/recibir_paquete_files/ |
1 KB 570 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
container.js
test.ellacreate.tech/wp-content/-/assets/recibir_paquete_files/ |
752 B 542 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
clientlib-base.js
test.ellacreate.tech/wp-content/-/assets/recibir_paquete_files/ |
126 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-1.js
test.ellacreate.tech/wp-content/-/assets/Seleccione%20medio%20de%20pago_fichiers/ |
242 KB 87 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-1_002.js
test.ellacreate.tech/wp-content/-/assets/Seleccione%20medio%20de%20pago_fichiers/ |
92 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-ui-1.js
test.ellacreate.tech/wp-content/-/assets/Seleccione%20medio%20de%20pago_fichiers/ |
206 KB 63 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cartero-regular-webfont.woff2
test.ellacreate.tech/etc.clientlibs/correos/clientlibs/clientlib-base/resources/assets/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
package.jpg
test.ellacreate.tech/wp-content/-/assets/pic_image/ |
78 KB 78 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cartero-bold-webfont.woff2
test.ellacreate.tech/etc.clientlibs/correos/clientlibs/clientlib-base/resources/assets/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
correos-icons.1648744842199.woff2
test.ellacreate.tech/etc.clientlibs/correos/clientlibs/clientlib-base/resources/assets/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cartero-light-webfont.woff2
test.ellacreate.tech/etc.clientlibs/correos/clientlibs/clientlib-base/resources/assets/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
token.json
test.ellacreate.tech/libs/granite/csrf/ |
0 112 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cartero-regular-webfont.woff
test.ellacreate.tech/etc.clientlibs/correos/clientlibs/clientlib-base/resources/assets/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
correos-icons.1648744842199.woff
test.ellacreate.tech/etc.clientlibs/correos/clientlibs/clientlib-base/resources/assets/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cartero-light-webfont.woff
test.ellacreate.tech/etc.clientlibs/correos/clientlibs/clientlib-base/resources/assets/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cartero-bold-webfont.woff
test.ellacreate.tech/etc.clientlibs/correos/clientlibs/clientlib-base/resources/assets/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
correos-icons.1648744842199.ttf
test.ellacreate.tech/etc.clientlibs/correos/clientlibs/clientlib-base/resources/assets/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- test.ellacreate.tech
- URL
- https://test.ellacreate.tech/wp-content/-/Seleccione%20medio%20de%20pago_fichiers/main.css
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Correos (Transportation)23 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontentvisibilityautostatechange object| google_tag_manager object| dataLayer object| provider object| CQ function| getCookie function| setCookie function| deleteCookie function| getIdiomaCorreosCookie function| checkIdiomaCorreosCookie function| getResolutionDevice function| initDigitalData object| Granite function| $ function| jQuery function| DP_jQuery_1671757413295 function| beggin number| eventposted function| initializeComponents function| validarNro function| confirmarCancelar function| changeMMPP function| setValues2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| test.ellacreate.tech/ | Name: PHPSESSID Value: 0c077bcca03c00194cd55cdc763c9138 |
|
| .ellacreate.tech/ | Name: idiomaCorreos Value: es_ES |
13 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| X-Content-Type-Options | nosniff |
| X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
test.ellacreate.tech
test.ellacreate.tech
118.27.95.153
0e343f72b8fe95c764a97e83ec0b5f47910e7615045487174fb48e1ce6075372
1a8c9179d1d4fef9308485f10fc5a296254604b7b02f449f0c325d704fe9d1fc
2201abbe6f55ac83b0fc8291475349bc74b527e16021698e6a251c7cd0ea075d
2b534d56dd9d708811fcee81bab1aa695f40272cfcd06df5f0fe80ae8a05f316
463d2ec0fd05c876e567b092d01faac06a20c369d7ce7ea1e8542dbd42c0b9cb
509066150aa1da2b163e681cff62f67f0becd0bb65cded95be964371835798f6
794bf1ff4b8bbc981cb280b4efeb6e5b040afb34b85f6e3cd2546ace15910301
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
9fcc241093405946885039df428cfa7f0051a1f2bdbcc5a313a177a9e35f8806
b39606ee6e552345db72d3cadf4f1eb7a02a8ef2e44410d891cb9a835cf91216
bd92e9ab3c8a0d2d41989c3c15810705dcc035803ca1da3949bede0f5d2db7a7
bda17ffead5e3809b288330e7aa2d2b689c45cfadcef8249416d07afe34477a7
c69737729bfeffad46e66417ed01bff74a95b62b5265abafe011777f5d87f09f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f60fb122312d6f897d7ed61b9ee0a89b6551649fdd3a6be513c50bb73b7d2654