realestate-page-998854000554.redaltec.es
Open in
urlscan Pro
31.200.243.67
Malicious Activity!
Public Scan
Submission Tags: @ipnigh
Submission: On February 01 via api from GB
Summary
This is the only time realestate-page-998854000554.redaltec.es was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 31.200.243.67 31.200.243.67 | 60494 (UNELINK) (UNELINK) | |
11 | 2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK) | |
1 | 2a03:2880:f01... 2a03:2880:f01c:800e:face:b00c:0:2 | 32934 (FACEBOOK) (FACEBOOK) | |
1 | 2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK) | |
14 | 4 |
ASN60494 (UNELINK, ES)
PTR: comp1.redaltec.com
realestate-page-998854000554.redaltec.es |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
fbcdn.net
static.xx.fbcdn.net |
252 KB |
1 |
facebook.com
facebook.com |
222 B |
1 |
atdmt.com
cs.atdmt.com |
828 B |
1 |
redaltec.es
realestate-page-998854000554.redaltec.es |
16 KB |
14 | 4 |
Domain | Requested by | |
---|---|---|
11 | static.xx.fbcdn.net |
realestate-page-998854000554.redaltec.es
|
1 | facebook.com |
realestate-page-998854000554.redaltec.es
|
1 | cs.atdmt.com |
realestate-page-998854000554.redaltec.es
|
1 | realestate-page-998854000554.redaltec.es | |
14 | 4 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2020-01-16 - 2020-04-15 |
3 months | crt.sh |
*.atlassolutions.com DigiCert SHA2 High Assurance Server CA |
2020-01-20 - 2020-04-19 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
http://realestate-page-998854000554.redaltec.es/
Frame ID: 71D3113CA4F2B14A4A1DC8C2D4A2D7A9
Requests: 14 HTTP requests in this frame
16 Outgoing links
These are links going to different origins than the main page.
Title: Facebook
Search URL Search Domain Scan URL
Title: Forgot account?
Search URL Search Domain Scan URL
Title: Español
Search URL Search Domain Scan URL
Title: Français (France)
Search URL Search Domain Scan URL
Title: 中文(简体)
Search URL Search Domain Scan URL
Title: العربية
Search URL Search Domain Scan URL
Title: Português (Brasil)
Search URL Search Domain Scan URL
Title: Italiano
Search URL Search Domain Scan URL
Title: 한국어
Search URL Search Domain Scan URL
Title: Deutsch
Search URL Search Domain Scan URL
Title: हिन्दी
Search URL Search Domain Scan URL
Title: 日本語
Search URL Search Domain Scan URL
Title: Messenger
Search URL Search Domain Scan URL
Title: Instagram
Search URL Search Domain Scan URL
Title: Developers
Search URL Search Domain Scan URL
Title: Ad Choices
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
14 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
realestate-page-998854000554.redaltec.es/ |
16 KB 16 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
q0K1XF1dJqg.css
static.xx.fbcdn.net/rsrc.php/v3/yL/l/0,cross/ |
221 KB 40 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wqDNZ7EexGE.css
static.xx.fbcdn.net/rsrc.php/v3/yT/l/0,cross/ |
68 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AgWbXHnnBI4.css
static.xx.fbcdn.net/rsrc.php/v3/yp/l/0,cross/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MqqD51vuBuE.css
static.xx.fbcdn.net/rsrc.php/v3/yS/l/0,cross/ |
115 KB 36 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
qgU9brN7kue.css
static.xx.fbcdn.net/rsrc.php/v3/ym/l/0,cross/ |
96 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OpTPdyCY8bm.css
static.xx.fbcdn.net/rsrc.php/v3/yl/l/0,cross/ |
12 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
e1xK7rpV-OV.css
static.xx.fbcdn.net/rsrc.php/v3/yG/l/0,cross/ |
21 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
event
cs.atdmt.com/ |
67 B 828 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hsts-pixel.gif
facebook.com/security/ |
43 B 222 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
oJ1YsFrdN8N.png
static.xx.fbcdn.net/rsrc.php/v3/yf/r/ |
104 KB 104 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wqGAaJG7MX5.png
static.xx.fbcdn.net/rsrc.php/v3/y1/r/ |
14 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
YQNfPR9MJfx.png
static.xx.fbcdn.net/rsrc.php/v3/yO/r/ |
925 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
TBsdibZihjK.png
static.xx.fbcdn.net/rsrc.php/v3/yW/r/ |
17 KB 17 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cs.atdmt.com
facebook.com
realestate-page-998854000554.redaltec.es
static.xx.fbcdn.net
2a03:2880:f01c:800e:face:b00c:0:2
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
31.200.243.67
04f38fdf053f53127065ac26b108139dd33e4f125e77f1f8e355d15442fbb4e7
08135c2785c32e174dda01cdd58e870e1525403dc4440215ec6faf4c1e5191e3
09578393b428b1f12a9b5159f5268738c91ddd09090130fbfda3c409b0019ab8
4944a6e209f7942393cdc23352f26ff120772aa82cfb8e6724f90b02fce8544c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
874ef621da8c8ea4936be16e830f07aee05699c02d0aff2b825adc8718059d68
8dec41ba72c741af21129bf0f910edc61cd9559e729e5ca4161e180bb4e13f25
a4a7ba3775eed24ed60a247e077baa0f0aa610dbb4e2620772bec2d58d7dc648
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aac1a7624e78768815e5e88440c8f1ea42fc3a45c2e03c78a13851240959fc5c
c3220f677f1154a9ffd056c2747a8ac9de701451c56ed97fe884845adb2d2abf
c53abf9bfe56fb6833cd3e35c759190bd722c71c5a0c1d7b64a9e2984a7d5f26
e60e1c170d239ef8628c55986ae1b8e68239665363c6355cfc03336718bc2d7f
f2c6500cdc355ee8bbf4158b93b21eebb7e32a4317bce33155ff5a99e6b8340b