urlscan.io logo urlscan.io
SecurityTrails logo

pagos-recaudo-fedex.at.ua Open in urlscan Pro
213.174.157.153  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://c0l.link/TcJVq
Effective URL: https://pagos-recaudo-fedex.at.ua/index.html?transactionID=NFpMUFdvZTEwREJ0WTJpYWN0OU56Q0FlbXJIaklEalcza3RPckhYOGxhaz0=
Submission: On January 29 via manual from CO — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 5 domains to perform 4 HTTP transactions. The main IP is 213.174.157.153, located in Ashburn, United States and belongs to ADVANCEDHOSTERS-AS, NL. The main domain is pagos-recaudo-fedex.at.ua.
TLS certificate: Issued by RapidSSL TLS RSA CA G1 on June 16th 2023. Valid for: a year.
This is the only time pagos-recaudo-fedex.at.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 198.54.115.208 22612 (NAMECHEAP...)
1 213.174.157.153 39572 (ADVANCEDH...)
1 205.144.171.241 55778 (WEBWEB-HK...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 162.0.211.53 ()
4 4
2    198.54.115.208 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server205-3.web-hosting.com
c0l.link
1    213.174.157.153 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
pagos-recaudo-fedex.at.ua
1    205.144.171.241 (United States)

ASN55778 (WEBWEB-HK International Trade Centre, HK)
PTR: 205-144-171-241.alchemy.net
alanturin000-001-site1.gtempurl.com
1    2606:4700:20::681a:64 (United States)

ASN13335 (CLOUDFLARENET, US)
get.geojs.io
1    162.0.211.53 (None, )

ASN- ()
iiii.wiki
Apex Domain
Subdomains		 Transfer
2 c0l.link
c0l.link
637 B
1 iiii.wiki
iiii.wiki
616 B
1 geojs.io
get.geojs.io — Cisco Umbrella Rank: 15451
700 B
1 gtempurl.com
alanturin000-001-site1.gtempurl.com
59 KB
1 at.ua
pagos-recaudo-fedex.at.ua
434 B
4 5
Domain Requested by
2 c0l.link 2 redirects
1 iiii.wiki alanturin000-001-site1.gtempurl.com
1 get.geojs.io alanturin000-001-site1.gtempurl.com
1 alanturin000-001-site1.gtempurl.com pagos-recaudo-fedex.at.ua
1 pagos-recaudo-fedex.at.ua
4 5

This site contains no links.

Subject Issuer Validity Valid
*.at.ua
RapidSSL TLS RSA CA G1		 2023-06-16 -
2024-07-16		 a year crt.sh
alanturin000-001-site1.gtempurl.com
R3		 2024-01-03 -
2024-04-02		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-11 -
2024-04-10		 a year crt.sh
iiii.wiki
Sectigo RSA Domain Validation Secure Server CA		 2024-01-01 -
2025-01-01		 a year crt.sh

This page contains 1 frames:

Primary Page: https://pagos-recaudo-fedex.at.ua/index.html?transactionID=NFpMUFdvZTEwREJ0WTJpYWN0OU56Q0FlbXJIaklEalcza3RPckhYOGxhaz0=
Frame ID: 40B75A0F34EDD1A83596C58197C0B401
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://c0l.link/TcJVq HTTP 301
    https://c0l.link/TcJVq HTTP 302
    https://pagos-recaudo-fedex.at.ua/index.html?transactionID=NFpMUFdvZTEwREJ0WTJpYWN0OU56Q0FlbXJIaklEalcza3RPckh... Page URL

Page Statistics

4
Requests

100 %
HTTPS

20 %
IPv6

5
Domains

5
Subdomains

4
IPs

1
Countries

60 kB
Transfer

219 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://c0l.link/TcJVq HTTP 301
    https://c0l.link/TcJVq HTTP 302
    https://pagos-recaudo-fedex.at.ua/index.html?transactionID=NFpMUFdvZTEwREJ0WTJpYWN0OU56Q0FlbXJIaklEalcza3RPckhYOGxhaz0= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.html
pagos-recaudo-fedex.at.ua/
Redirect Chain
  • http://c0l.link/TcJVq
  • https://c0l.link/TcJVq
  • https://pagos-recaudo-fedex.at.ua/index.html?transactionID=NFpMUFdvZTEwREJ0WTJpYWN0OU56Q0FlbXJIaklEalcza3RPckhYOGxhaz0=
129 B
434 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagos-recaudo-fedex.at.ua/index.html?transactionID=NFpMUFdvZTEwREJ0WTJpYWN0OU56Q0FlbXJIaklEalcza3RPckhYOGxhaz0=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.174.157.153 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
afe9495ca4831e6f6f2bd568b64ce08d73bce00f187d00aacc7beea098d272d6
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=1728000
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Mon, 29 Jan 2024 20:39:14 GMT
Expires
Sun, 18 Feb 2024 20:39:14 GMT
Keep-Alive
timeout=15
Server
nginx
Transfer-Encoding
chunked
X-Frame-Options
SAMEORIGIN

Redirect headers

cache-control
no-cache, no-store, must-revalidate, max-age=0
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 29 Jan 2024 20:39:14 GMT
location
https://pagos-recaudo-fedex.at.ua/index.html?transactionID=NFpMUFdvZTEwREJ0WTJpYWN0OU56Q0FlbXJIaklEalcza3RPckhYOGxhaz0=
server
LiteSpeed
x-powered-by
PHP/8.0.30
x-turbo-charged-by
LiteSpeed
index.php
alanturin000-001-site1.gtempurl.com/ 		218 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://alanturin000-001-site1.gtempurl.com/index.php?p=newdexfe-beta
Requested by
Host: pagos-recaudo-fedex.at.ua
URL: https://pagos-recaudo-fedex.at.ua/index.html?transactionID=NFpMUFdvZTEwREJ0WTJpYWN0OU56Q0FlbXJIaklEalcza3RPckhYOGxhaz0=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
205.144.171.241 , United States, ASN55778 (WEBWEB-HK International Trade Centre, HK),
Reverse DNS
205-144-171-241.alchemy.net
Software
Microsoft-IIS/10.0 / PHP/7.4.30, ASP.NET
Resource Hash
518b1d3662ac811a32f92a5d01f12185c8b86b102767c650adddaaaf3fe32dd4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagos-recaudo-fedex.at.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 20:39:16 GMT
content-encoding
br
server
Microsoft-IIS/10.0
x-powered-by
PHP/7.4.30, ASP.NET
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
no-cache
content-length
59887
country.json
get.geojs.io/v1/ip/ 		79 B
700 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://get.geojs.io/v1/ip/country.json
Requested by
Host: alanturin000-001-site1.gtempurl.com
URL: https://alanturin000-001-site1.gtempurl.com/index.php?p=newdexfe-beta
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdb85354d2ada8d136c92ffed4e750c1a5598b1f2ab443d8318db57f3d851658
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagos-recaudo-fedex.at.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 20:39:19 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-request-id
75ed3f99c7a72c4ea537c734bc26876e-AMS
x-geojs-location
AMS
pragma
no-cache
server
cloudflare
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8kiajgzz1LNb8Y9rrK8%2FsGgDd6RGCNtMqG%2F5kmMVhghxGfGsdfj%2FQmOoUm07oHiMASbEQfJ4YZ0flF5DNj1OIs7B5OoibaqSxvH6hH48JjzHVq7Ltl7K3b7w4fm7thgkNEi2k0lzJs8Cig%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate, private, max-age=0
cf-ray
84d448aa888168f8-FRA
blank_face.php
iiii.wiki/faces/ 		676 B
616 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://iiii.wiki/faces/blank_face.php
Requested by
Host: alanturin000-001-site1.gtempurl.com
URL: https://alanturin000-001-site1.gtempurl.com/index.php?p=newdexfe-beta
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.0.211.53 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
ea3c65755afb31e83d1af0295fe4b1075070fa7a99f93f87df47ad3e272ea728

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagos-recaudo-fedex.at.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 20:39:20 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
337

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| _0x2faa44 string| _0x5e33a6 function| _0x1f2194 function| _0x2e8114 function| _0x27d786 object| _0x5d184b function| _0x2a8bb2 function| _0xa419 function| _0x4f0085 function| _0x3400c9 function| _0x4fc4f2 function| _0x490e01 function| _0x3407b0 function| _0x48946f function| _0x4fa94a function| _0x1ef4d8 function| _0x30c836 function| _0x764967 function| _0x4c1017 function| _0x45e7ed function| _0x273a6a function| _0x29bda3 function| _0x1d7d7a function| _0x2d5f4a function| _0x5cd439 function| _0x1835e2 function| _0xb00b2c function| _0x249ef7 function| _0x4f3033 function| _0x3c675e function| _0x54e884 function| _0x283dd2 function| _0xd0bbc2 function| _0x4d0271 function| _0x36a12a function| _0x15a66b function| _0x2fa67b function| _0x41561b function| _0x338ca6 function| _0x4c3bd0 function| _0x5b2339 function| _0x53c8f0 function| _0x4e14b1 function| _0x555bb1 function| _0x2958d4 function| _0x46d50b function| _0x29f428 function| _0x37809d function| _0x2e8d function| _0x3e5e99 function| _0x10da7d function| _0x23352a function| _0x257c73 function| _0x17d760 function| _0x34f906 string| _0x4ff632 string| _0x2601d4 string| _0xe1d23e number| _0x216b45 string| _0x28ddde string| _0x22b942 string| _0x4299e8 string| _0x16f827 string| _0x377230 string| _0x10b51c number| _0x53533f function| _0x9e932f function| _0xe2d6a7 object| CryptoJS

1 Cookies

Domain/Path Name / Value
c0l.link/ Name: nombre_cookie
Value: alanturin

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN