nourayatravel.com
Open in
urlscan Pro
135.181.9.38
Malicious Activity!
Public Scan
Submission: On May 06 via manual from RS — Scanned from FI
Summary
TLS certificate: Issued by R3 on April 10th 2022. Valid for: 3 months.
This is the only time nourayatravel.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Orange (Telecommunication)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 135.181.9.38 135.181.9.38 | 24940 (HETZNER-AS) (HETZNER-AS) | |
2 | 2a01:c9c0:a3:... 2a01:c9c0:a3:8::247 | 8891 (FTBGPDM) (FTBGPDM) | |
3 | 2a01:c9c0:a3:... 2a01:c9c0:a3:8::32 | 8891 (FTBGPDM) (FTBGPDM) | |
7 | 4 |
ASN24940 (HETZNER-AS, DE)
PTR: static.38.9.181.135.clients.your-server.de
nourayatravel.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
woopic.com
cdn.woopic.com — Cisco Umbrella Rank: 170260 c.woopic.com — Cisco Umbrella Rank: 176896 |
118 KB |
1 |
nourayatravel.com
nourayatravel.com |
6 KB |
0 |
orange.ma
Failed
espace-client.orange.ma Failed |
|
7 | 3 |
Domain | Requested by | |
---|---|---|
3 | c.woopic.com |
nourayatravel.com
|
2 | cdn.woopic.com |
nourayatravel.com
|
1 | nourayatravel.com | |
0 | espace-client.orange.ma Failed |
nourayatravel.com
|
7 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
nourayatravel.com R3 |
2022-04-10 - 2022-07-09 |
3 months | crt.sh |
cdn.woopic.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-01-20 - 2022-06-27 |
5 months | crt.sh |
images.orangepublicite.fr DigiCert TLS RSA SHA256 2020 CA1 |
2021-07-06 - 2022-07-29 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://nourayatravel.com/login
Frame ID: ECC7C616C82819818594DA20C542C36F
Requests: 7 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
7 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
login
nourayatravel.com/ |
30 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
orange.v1.9.274.css
espace-client.orange.ma/css/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
n1-mobile.99050ee9e29d89cd8746.css
cdn.woopic.com/18d8339538654b1dbf96a30e92745731/css/ |
100 KB 17 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
o_load_responsive_web.js
c.woopic.com/libs/common/ |
46 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-orange.png
c.woopic.com/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
n1-mobile-prospect.2b9f266421b139422569.js
cdn.woopic.com/18d8339538654b1dbf96a30e92745731/js/ |
260 KB 79 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pdb.min.js
c.woopic.com/tools/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- espace-client.orange.ma
- URL
- https://espace-client.orange.ma/css/orange.v1.9.274.css
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Orange (Telecommunication)4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
nourayatravel.com/ | Name: PHPSESSID Value: dgm9npgdcbt0l6bggrr9c5pdfh |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
c.woopic.com
cdn.woopic.com
espace-client.orange.ma
nourayatravel.com
espace-client.orange.ma
135.181.9.38
2a01:c9c0:a3:8::247
2a01:c9c0:a3:8::32
00559532030238e4718f0fc1a6e2354d26392f80608f022c9c80ca23dd6e2e17
151979d2427d3b38cd1462ab56d5c7e066d75b3343883c5fb688a9d92295f525
303e7e7def8e13526a2c9d1d4486b05e7a7629707c391961893b81f5a0cefc7b
74e40893226e33d9b7d356cf2cb0c405f76b42510635d54452988c3ae2429e1c
b36e8ca10880ffc8a3903cd991589fbbe8aa75cbff6315f475be1ed0e9bda472
ed3b0560bc63777f3de8cee30835c993e12db364ea5d1cb3c35b77f38638dd62