desarrollowebmaster.com Open in urlscan Pro
75.119.148.43 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://desarrollowebmaster.com/cox/Exo/web/login.php
Submission: On April 05 via manual (April 5th 2024, 2:16:29 pm UTC) from US — Scanned from DE

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 15 HTTP transactions. The main IP is 75.119.148.43, located in Düsseldorf, Germany and belongs to CONTABO, DE. The main domain is desarrollowebmaster.com.
TLS certificate: Issued by R3 on February 10th 2024. Valid for: 3 months.

This is the only time desarrollowebmaster.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Cox (Telecommunication)

Domain & IP information

	IP Address	AS Autonomous System
11	75.119.148.43 75.119.148.43	51167 (CONTABO) (CONTABO)
2	65.9.95.127 65.9.95.127	16509 (AMAZON-02) (AMAZON-02)
1	3.160.150.8 3.160.150.8	16509 (AMAZON-02) (AMAZON-02)
1 2	45.60.47.167 45.60.47.167	19551 (INCAPSULA) (INCAPSULA)
15	4

11 75.119.148.43 (Düsseldorf, Germany)

ASN51167 (CONTABO, DE)
PTR: vmi1031677.contaboserver.net

desarrollowebmaster.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.95.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-127.prg50.r.cloudfront.net

global.oktacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.160.150.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-150-8.fra60.r.cloudfront.net

gateway.foresee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.60.47.167 (United States) 1 redirects

ASN19551 (INCAPSULA, US)

webcdn2.cox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
webcdn.cox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	desarrollowebmaster.com desarrollowebmaster.com	681 KB
2	cox.com 1 redirects webcdn2.cox.com — Cisco Umbrella Rank: 219007 webcdn.cox.com — Cisco Umbrella Rank: 34704	9 KB
2	oktacdn.com global.oktacdn.com — Cisco Umbrella Rank: 11989	47 KB
1	foresee.com gateway.foresee.com — Cisco Umbrella Rank: 6500	3 KB
15	4

	Domain	Requested by
11	desarrollowebmaster.com	desarrollowebmaster.com
2	global.oktacdn.com	desarrollowebmaster.com global.oktacdn.com
1	webcdn.cox.com
1	webcdn2.cox.com	1 redirects
1	gateway.foresee.com	desarrollowebmaster.com
15	5

This site contains no links.

Subject Issuer	Validity	Valid
desarrollowebmaster.com R3	`2024-02-10` - `2024-05-10`	3 months	crt.sh
*.oktacdn.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-15` - `2025-01-02`	a year	crt.sh
foresee.com Amazon RSA 2048 M03	`2024-03-28` - `2025-04-26`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://desarrollowebmaster.com/cox/Exo/web/login.php
Frame ID: 356E90DE032EB838B072872FBFBA0B5B
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Cox Login - Sign Into Your Cox Account

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

15
Requests

93 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

4
IPs

2
Countries

740 kB
Transfer

891 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

https://webcdn2.cox.com/ui/presentation/tsw/faviconrebrand.ico HTTP 301
https://webcdn.cox.com/ui/presentation/tsw/faviconrebrand.ico

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request login.php Show response
desarrollowebmaster.com/cox/Exo/web/ 27 KB
27 KB 99ms
15ms Document
text/html 75.119.148.43
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://desarrollowebmaster.com/cox/Exo/web/login.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 75.119.148.43 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1031677.contaboserver.net
Software: Apache /
Resource Hash: 1947a67145677f2c55277b42bbd964ad4affd677262354f962660f85180dd794

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Fri, 05 Apr 2024 14:16:25 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
Transfer-Encoding: chunked

GET
H2 200 okta-sign-in.min.css
global.oktacdn.com/okta-signin-widget/3.8.2/css/ 180 KB
26 KB 65ms
17ms Stylesheet
text/css 65.9.95.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://global.oktacdn.com/okta-signin-widget/3.8.2/css/okta-sign-in.min.css

Requested by

Host: desarrollowebmaster.com
URL: https://desarrollowebmaster.com/cox/Exo/web/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-127.prg50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

68ef764e2d683a2b137e78e7b4a96cc195e229729bf9f82ad7b92eb0892b3a06

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://desarrollowebmaster.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: VioymT0ami6RAq5l.msmhnEwxweXAIS1
strict-transport-security: max-age=315360000
x-content-type-options: nosniff
date: Fri, 05 Apr 2024 01:57:47 GMT
content-encoding: gzip
x-amz-cf-pop: PRG50-C1
age: 44319
via: 1.1 f3303a5632dc925c26253530523fa328.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 20 Mar 2020 02:19:40 GMT
server: AmazonS3
etag: W/"92cb194fd7896eb0997c23a4a3dbb596"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public,max-age=31536000,s-maxage=1814400
x-amz-cf-id: W2__EsP-UpmyFdx8lhmomwr6m819XFKf02n71SOPNHYJkcfO8sdFCw==

GET
H/1.1 200
OK flex-presentation.css
desarrollowebmaster.com/cox/Exo/web/assets/css/ 173 KB
173 KB 16ms
10ms Stylesheet
text/css 75.119.148.43
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://desarrollowebmaster.com/cox/Exo/web/assets/css/flex-presentation.css
Requested by: Host: desarrollowebmaster.com
URL: https://desarrollowebmaster.com/cox/Exo/web/login.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 75.119.148.43 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1031677.contaboserver.net
Software: Apache /
Resource Hash: 4456f76512cd54420bbc6cd0b1f92db6f087ca96ca2cde36974f7cd6b3edb4f4

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://desarrollowebmaster.com/cox/Exo/web/login.php
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 05 Apr 2024 14:16:25 GMT
Last-Modified: Mon, 18 Oct 2021 22:52:50 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 176683

GET
H/1.1 200
OK cox-residential-aemapp.css
desarrollowebmaster.com/cox/Exo/web/assets/css/ 424 KB
425 KB 35ms
15ms Stylesheet
text/css 75.119.148.43
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://desarrollowebmaster.com/cox/Exo/web/assets/css/cox-residential-aemapp.css
Requested by: Host: desarrollowebmaster.com
URL: https://desarrollowebmaster.com/cox/Exo/web/login.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 75.119.148.43 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1031677.contaboserver.net
Software: Apache /
Resource Hash: c762adc41ad599e970d9abfa68241385a659911d11e96f152670620995d68f5e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://desarrollowebmaster.com/cox/Exo/web/login.php
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 05 Apr 2024 14:16:25 GMT
Last-Modified: Sun, 12 Sep 2021 20:34:34 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 434551

GET
H/1.1 200
OK flex2text-styles.min.css
desarrollowebmaster.com/cox/Exo/web/assets/css/ 5 KB
5 KB 48ms
10ms Stylesheet
text/css 75.119.148.43
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://desarrollowebmaster.com/cox/Exo/web/assets/css/flex2text-styles.min.css
Requested by: Host: desarrollowebmaster.com
URL: https://desarrollowebmaster.com/cox/Exo/web/login.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 75.119.148.43 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1031677.contaboserver.net
Software: Apache /
Resource Hash: b4929a2cc0087f4dc4362c4560fd1fb087168a026c0e798bbc869072ba0c2376

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://desarrollowebmaster.com/cox/Exo/web/login.php
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 05 Apr 2024 14:16:25 GMT
Last-Modified: Sun, 12 Sep 2021 20:34:34 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 5127

GET
H/1.1 200
OK overrides.min.css
desarrollowebmaster.com/cox/Exo/web/assets/css/ 49 KB
49 KB 62ms
21ms Stylesheet
text/css 75.119.148.43
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://desarrollowebmaster.com/cox/Exo/web/assets/css/overrides.min.css
Requested by: Host: desarrollowebmaster.com
URL: https://desarrollowebmaster.com/cox/Exo/web/login.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 75.119.148.43 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1031677.contaboserver.net
Software: Apache /
Resource Hash: 8c4a03e412933e80d79287abd90e2674bf51d408c30e49b850239b2378d7e899

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://desarrollowebmaster.com/cox/Exo/web/login.php
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 05 Apr 2024 14:16:25 GMT
Last-Modified: Sun, 12 Sep 2021 20:34:34 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 50270

GET
H2 200 oo_icon_white.gif
gateway.foresee.com/code/5.10.4-oo/ 2 KB
3 KB 59ms
9ms Image
image/gif 3.160.150.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gateway.foresee.com/code/5.10.4-oo/oo_icon_white.gif

Requested by

Host: desarrollowebmaster.com
URL: https://desarrollowebmaster.com/cox/Exo/web/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.160.150.8 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-160-150-8.fra60.r.cloudfront.net

Software

Resource Hash

c3f012ffdb0be6fe0417057e7debc8c5129eed0476fd765cd93f234bb2cf77a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://desarrollowebmaster.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
date: Fri, 05 Apr 2024 07:22:45 GMT
via: 1.1 88fd4dc311317996718ed4ed98e5cbda.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P7
age: 24820
x-cache: Hit from cloudfront
status: 200
content-length: 2247
last-modified: Thu, 24 Jun 2021 17:07:14 GMT
etag: "f12d8abbdb0cb10ebe21199595d28c4b"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=2419200
access-control-allow-headers: X-Requested-With
x-amz-cf-id: pUhw5NkSin5xVTjwDr4B5CMdpK1wxca3W1bfLGziSUrMateL-t0lPw==
expires: Fri, 03 May 2024 07:22:45 GMT

GET
H/1.1 200
OK cox_logo.png
desarrollowebmaster.com/cox/Exo/web/assets/img/ 2 KB
2 KB 22ms
22ms Image
image/png 75.119.148.43
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://desarrollowebmaster.com/cox/Exo/web/assets/img/cox_logo.png
Requested by: Host: desarrollowebmaster.com
URL: https://desarrollowebmaster.com/cox/Exo/web/login.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 75.119.148.43 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1031677.contaboserver.net
Software: Apache /
Resource Hash: d60826499153bf6fcb4e8a8809d3b10d737cf4990ee4a0c8d796af7d5c0a9175

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://desarrollowebmaster.com/cox/Exo/web/login.php
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 05 Apr 2024 14:16:25 GMT
Last-Modified: Mon, 18 Oct 2021 17:55:26 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1865

GET
H/1.1 200
OK checkbox-default.svg
desarrollowebmaster.com/cox/Exo/web/assets/img/ 270 B
515 B 11ms
11ms Image
image/svg+xml 75.119.148.43
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://desarrollowebmaster.com/cox/Exo/web/assets/img/checkbox-default.svg
Requested by: Host: desarrollowebmaster.com
URL: https://desarrollowebmaster.com/cox/Exo/web/assets/css/cox-residential-aemapp.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 75.119.148.43 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1031677.contaboserver.net
Software: Apache /
Resource Hash: e5647edf02795dbd3d4fb9f5c38e1ffefa0d563c31c9cc060db7320e28bf9844

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://desarrollowebmaster.com/cox/Exo/web/assets/css/cox-residential-aemapp.css
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 05 Apr 2024 14:16:25 GMT
Last-Modified: Sun, 12 Sep 2021 20:34:34 GMT
Server: Apache
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 270

GET
H2 200 okticon.woff
global.oktacdn.com/okta-signin-widget/3.8.2/font/ 20 KB
21 KB 60ms
31ms Font
application/octet-stream 65.9.95.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://global.oktacdn.com/okta-signin-widget/3.8.2/font/okticon.woff

Requested by

Host: global.oktacdn.com
URL: https://global.oktacdn.com/okta-signin-widget/3.8.2/css/okta-sign-in.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-127.prg50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

7eccbb3b4b68f9f24a3b826f2eea4a1bbb48196cb734afc1b62c3d045cb680e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://global.oktacdn.com/okta-signin-widget/3.8.2/css/okta-sign-in.min.css
Origin: https://desarrollowebmaster.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: dDQhkYt0RHrEVEp9cvTtLweQzsWLGlTl
strict-transport-security: max-age=315360000
x-content-type-options: nosniff
date: Fri, 05 Apr 2024 05:01:35 GMT
via: 1.1 b031f43146c9801101822eabdc464390.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 33291
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 20600
last-modified: Fri, 20 Mar 2020 02:19:41 GMT
server: AmazonS3
etag: "db28723126138387cdf40680e6e0fa5d"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public,max-age=31536000,s-maxage=1814400
accept-ranges: bytes
x-amz-cf-id: 5CHBj9fIff_6njnX5XFJotwN3mivGzyEFKgVSM75BqNn0cnSFrzukg==

GET
H/1.1 404
Not Found OpenSans-Regular-webfont.woff
desarrollowebmaster.com/cox/Exo/web/assets/css/fonts/ 0
0 11ms
11ms Font
text/html 75.119.148.43
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://desarrollowebmaster.com/cox/Exo/web/assets/css/fonts/OpenSans-Regular-webfont.woff
Requested by: Host: desarrollowebmaster.com
URL: https://desarrollowebmaster.com/cox/Exo/web/assets/css/flex-presentation.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 75.119.148.43 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1031677.contaboserver.net
Software: Apache /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://desarrollowebmaster.com/cox/Exo/web/assets/css/flex-presentation.css
Origin: https://desarrollowebmaster.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 05 Apr 2024 14:16:25 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found OpenSans-Semibold-webfont.woff
desarrollowebmaster.com/cox/Exo/web/assets/css/fonts/ 0
0 28ms
27ms Font
text/html 75.119.148.43
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://desarrollowebmaster.com/cox/Exo/web/assets/css/fonts/OpenSans-Semibold-webfont.woff
Requested by: Host: desarrollowebmaster.com
URL: https://desarrollowebmaster.com/cox/Exo/web/assets/css/flex-presentation.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 75.119.148.43 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1031677.contaboserver.net
Software: Apache /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://desarrollowebmaster.com/cox/Exo/web/assets/css/flex-presentation.css
Origin: https://desarrollowebmaster.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 05 Apr 2024 14:16:25 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found OpenSans-Regular-webfont.ttf
desarrollowebmaster.com/cox/Exo/web/assets/css/fonts/ 0
0 12ms
11ms Font
text/html 75.119.148.43
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://desarrollowebmaster.com/cox/Exo/web/assets/css/fonts/OpenSans-Regular-webfont.ttf
Requested by: Host: desarrollowebmaster.com
URL: https://desarrollowebmaster.com/cox/Exo/web/assets/css/flex-presentation.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 75.119.148.43 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1031677.contaboserver.net
Software: Apache /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://desarrollowebmaster.com/cox/Exo/web/assets/css/flex-presentation.css
Origin: https://desarrollowebmaster.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 05 Apr 2024 14:16:25 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found OpenSans-Semibold-webfont.ttf
desarrollowebmaster.com/cox/Exo/web/assets/css/fonts/ 0
0 26ms
26ms Font
text/html 75.119.148.43
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://desarrollowebmaster.com/cox/Exo/web/assets/css/fonts/OpenSans-Semibold-webfont.ttf
Requested by: Host: desarrollowebmaster.com
URL: https://desarrollowebmaster.com/cox/Exo/web/assets/css/flex-presentation.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 75.119.148.43 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1031677.contaboserver.net
Software: Apache /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://desarrollowebmaster.com/cox/Exo/web/assets/css/flex-presentation.css
Origin: https://desarrollowebmaster.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 05 Apr 2024 14:16:25 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H2

200

faviconrebrand.ico
webcdn.cox.com/ui/presentation/tsw/
Redirect Chain

https://webcdn2.cox.com/ui/presentation/tsw/faviconrebrand.ico
https://webcdn.cox.com/ui/presentation/tsw/faviconrebrand.ico

8 KB
9 KB

380ms
260ms

Other
image/x-icon

45.60.47.167
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://webcdn.cox.com/ui/presentation/tsw/faviconrebrand.ico

Protocol

Server

45.60.47.167 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

7506b6707d00a8c8ecb5c5d56098452d885e0dde167ab9e77be7fd826a9b2c17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://desarrollowebmaster.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Thu, 04 Apr 2024 13:06:27 GMT
via: 1.1 c15415cccc7260d4bd35b1ca2c497c96.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
x-cdn: Imperva
x-amz-cf-pop: FRA60-P9
age: 90598
x-cache: Hit from cloudfront
x-iinfo: 12-42733259-42733358 NNNN CT(24 10 0) RT(1712326584725 147) q(0 2 3 202) r(3 3) U24
content-length: 8195
last-modified: Tue, 05 Mar 2024 05:58:17 GMT
server: nginx
etag: "65e6b479-2003"
content-type: image/x-icon
access-control-allow-origin: *
cache-control: s-maxage=1209590, must-revalidate
x-incap-sess-cookie-hdr: cUnYaQu84HzcBgv42IGpBbkHEGYAAAAAZKnwT8zjOGXn83/RwPDCVw==
accept-ranges: bytes
x-amz-cf-id: 3RMZ6HEqgJuzTeSBBGUcBZ5rf3nTCNNiqIrrtC2DFo3Jar4EWgCVbA==

Redirect headers

location: https://webcdn.cox.com/ui/presentation/tsw/faviconrebrand.ico
strict-transport-security: max-age=31536000
content-length: 0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Cox (Telecommunication)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| now number| year

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.cox.com/	1970-01-21 04:25:06	Name: visid_incap_2781768 Value: 4ScSZZO5SEqQdLLvET4VnrkHEGYAAAAAQUIPAAAAAACIxklTblOv9UiX04d5+aCx
.cox.com/	1969-12-31 23:59:59	Name: nlbi_2781768 Value: rXDrZNKvPjtFF0JLu5PrqQAAAAArh1GbXBzuidOfabF6q6U7
.cox.com/	1969-12-31 23:59:59	Name: incap_ses_408_2781768 Value: +qsbQqP6X2fcBgv42IGpBbkHEGYAAAAAt27+zUsIZDaIYTe2itKQmA==

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://desarrollowebmaster.com/cox/Exo/web/assets/css/fonts/OpenSans-Regular-webfont.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://desarrollowebmaster.com/cox/Exo/web/assets/css/fonts/OpenSans-Regular-webfont.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://desarrollowebmaster.com/cox/Exo/web/assets/css/fonts/OpenSans-Semibold-webfont.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://desarrollowebmaster.com/cox/Exo/web/assets/css/fonts/OpenSans-Semibold-webfont.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
other	warning	URL: https://desarrollowebmaster.com/cox/Exo/web/login.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://desarrollowebmaster.com/cox/Exo/web/login.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://desarrollowebmaster.com/cox/Exo/web/login.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

desarrollowebmaster.com
gateway.foresee.com
global.oktacdn.com
webcdn.cox.com
webcdn2.cox.com
3.160.150.8
45.60.47.167
65.9.95.127
75.119.148.43
1947a67145677f2c55277b42bbd964ad4affd677262354f962660f85180dd794
4456f76512cd54420bbc6cd0b1f92db6f087ca96ca2cde36974f7cd6b3edb4f4
68ef764e2d683a2b137e78e7b4a96cc195e229729bf9f82ad7b92eb0892b3a06
7506b6707d00a8c8ecb5c5d56098452d885e0dde167ab9e77be7fd826a9b2c17
7eccbb3b4b68f9f24a3b826f2eea4a1bbb48196cb734afc1b62c3d045cb680e1
8c4a03e412933e80d79287abd90e2674bf51d408c30e49b850239b2378d7e899
b4929a2cc0087f4dc4362c4560fd1fb087168a026c0e798bbc869072ba0c2376
c3f012ffdb0be6fe0417057e7debc8c5129eed0476fd765cd93f234bb2cf77a3
c762adc41ad599e970d9abfa68241385a659911d11e96f152670620995d68f5e
d60826499153bf6fcb4e8a8809d3b10d737cf4990ee4a0c8d796af7d5c0a9175
e5647edf02795dbd3d4fb9f5c38e1ffefa0d563c31c9cc060db7320e28bf9844

desarrollowebmaster.com Open in urlscan Pro 75.119.148.43 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

15 Requests

93 %HTTPS

0 %IPv6

4 Domains

5 Subdomains

4 IPs

2 Countries

740 kBTransfer

891 kBSize

3 Cookies

0 Outgoing links

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

2 JavaScript Global Variables

3 Cookies

7 Console Messages

Indicators

desarrollowebmaster.com Open in urlscan Pro
75.119.148.43 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

93 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

4
IPs

2
Countries

740 kB
Transfer

891 kB
Size

3
Cookies

15 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!