jela.ca
Open in
urlscan Pro
139.99.236.199
Malicious Activity!
Public Scan
Effective URL: https://jela.ca/logi.php?web.facebook.com/?_rdr=AS1G4RR7DLqd32po&u=100002976115824&mid=52fb240751f38G5af3c1de2c7...
Submission: On January 19 via automatic, source openphish
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on January 13th 2020. Valid for: 3 months.
This is the only time jela.ca was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
4 | 139.99.236.199 139.99.236.199 | 16276 (OVH) (OVH) | |
25 | 2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK) | |
1 | 2a03:2880:f02... 2a03:2880:f02d:e:face:b00c:0:2 | 32934 (FACEBOOK) (FACEBOOK) | |
1 | 2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK) | |
1 | 2a03:2880:f02... 2a03:2880:f02d:5:face:b00c:0:8c | 32934 (FACEBOOK) (FACEBOOK) | |
32 | 6 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
25 |
fbcdn.net
static.xx.fbcdn.net |
1 MB |
4 |
jela.ca
jela.ca |
82 KB |
2 |
atdmt.com
cs.atdmt.com cx.atdmt.com |
1 KB |
1 |
facebook.com
facebook.com |
937 B |
32 | 4 |
Domain | Requested by | |
---|---|---|
25 | static.xx.fbcdn.net |
jela.ca
static.xx.fbcdn.net |
4 | jela.ca |
jela.ca
static.xx.fbcdn.net |
1 | cx.atdmt.com |
jela.ca
|
1 | facebook.com |
jela.ca
|
1 | cs.atdmt.com |
jela.ca
|
32 | 5 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
jela.ca cPanel, Inc. Certification Authority |
2020-01-13 - 2020-04-12 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2019-12-06 - 2020-03-05 |
3 months | crt.sh |
*.atlassolutions.com DigiCert SHA2 High Assurance Server CA |
2019-12-06 - 2020-03-04 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://jela.ca/logi.php?web.facebook.com/?_rdr=AS1G4RR7DLqd32po&u=100002976115824&mid=52fb240751f38G5af3c1de2c70G52fb28a0b220aG32bGd156&_rdr
Frame ID: 8BDBDD430EA4E112F78FAB87A916698F
Requests: 31 HTTP requests in this frame
Frame:
https://jela.ca/intern/common/referer_frame.php
Frame ID: 8B9519E47B9623BB5483979622AE91F0
Requests: 2 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://jela.ca/o.php Page URL
- https://jela.ca/logi.php?web.facebook.com/?_rdr=AS1G4RR7DLqd32po&u=100002976115824&mid=52fb2... Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
Page Statistics
17 Outgoing links
These are links going to different origins than the main page.
Title: Facebook
Search URL Search Domain Scan URL
Title: Forgot account?
Search URL Search Domain Scan URL
Title: Espa�ol
Search URL Search Domain Scan URL
Title: Fran�ais (France)
Search URL Search Domain Scan URL
Title: ??(??)
Search URL Search Domain Scan URL
Title: ???????
Search URL Search Domain Scan URL
Title: Portugu�s (Brasil)
Search URL Search Domain Scan URL
Title: Italiano
Search URL Search Domain Scan URL
Title: ???
Search URL Search Domain Scan URL
Title: Deutsch
Search URL Search Domain Scan URL
Title: ??????
Search URL Search Domain Scan URL
Title: ???
Search URL Search Domain Scan URL
Title: Messenger
Search URL Search Domain Scan URL
Title: Watch
Search URL Search Domain Scan URL
Title: Instagram
Search URL Search Domain Scan URL
Title: Developers
Search URL Search Domain Scan URL
Title: Ad Choices
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://jela.ca/o.php Page URL
- https://jela.ca/logi.php?web.facebook.com/?_rdr=AS1G4RR7DLqd32po&u=100002976115824&mid=52fb240751f38G5af3c1de2c70G52fb28a0b220aG32bGd156&_rdr Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
32 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
o.php
jela.ca/ |
163 B 370 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
logi.php
jela.ca/ |
80 KB 81 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4B_1eEnK4NH.css
static.xx.fbcdn.net/rsrc.php/v3/yC/l/0,cross/ |
215 KB 40 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
r2JHgIVvg2y.css
static.xx.fbcdn.net/rsrc.php/v3/yO/l/0,cross/ |
11 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1uxt1bMNsC3.css
static.xx.fbcdn.net/rsrc.php/v3/yZ/l/0,cross/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
i9kSQ30Hd86.css
static.xx.fbcdn.net/rsrc.php/v3/yX/l/0,cross/ |
132 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hFkQWiRiGco.css
static.xx.fbcdn.net/rsrc.php/v3/yC/l/0,cross/ |
23 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Y-lHUeebDYm.css
static.xx.fbcdn.net/rsrc.php/v3/yo/l/0,cross/ |
99 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2_jpMlpcPdF.css
static.xx.fbcdn.net/rsrc.php/v3/y6/l/0,cross/ |
35 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
LBGKe79sxpr.js
static.xx.fbcdn.net/rsrc.php/v3/y2/r/ |
345 KB 88 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
event
cs.atdmt.com/ |
67 B 829 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MiO2CPhC9BN.png
static.xx.fbcdn.net/rsrc.php/v3/y1/r/ |
14 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
YQNfPR9MJfx.png
static.xx.fbcdn.net/rsrc.php/v3/yO/r/ |
925 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nQxCl4XEmnL.png
static.xx.fbcdn.net/rsrc.php/v3/yM/r/ |
16 KB 16 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hsts-pixel.gif
facebook.com/security/ |
43 B 937 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Tjy4_touG-e.js
static.xx.fbcdn.net/rsrc.php/v3isdv4/yO/l/en_US/ |
2 MB 345 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
74 B 0 |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dpgFSzTfFyZ.js
static.xx.fbcdn.net/rsrc.php/v3ihh34/yl/l/en_US/ |
55 KB 16 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nCoETRgNAOa.js
static.xx.fbcdn.net/rsrc.php/v3iXji4/yO/l/en_US/ |
19 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
x_ISQM9BvDV.js
static.xx.fbcdn.net/rsrc.php/v3ibSm4/yl/l/en_US/ |
2 MB 386 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zJRQi_wEWZC.js
static.xx.fbcdn.net/rsrc.php/v3iYXl4/yK/l/en_US/ |
30 KB 8 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
psc6WdifWxg.js
static.xx.fbcdn.net/rsrc.php/v3/y0/r/ |
47 KB 12 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7PkD3QR6yq4.js
static.xx.fbcdn.net/rsrc.php/v3/yO/r/ |
13 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7olZwJjpX3H.js
static.xx.fbcdn.net/rsrc.php/v3iIvb4/yq/l/en_US/ |
152 KB 35 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2O06Iqcd8IZ.js
static.xx.fbcdn.net/rsrc.php/v3/yg/r/ |
17 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
__7X3eyHnhu.js
static.xx.fbcdn.net/rsrc.php/v3/yc/r/ |
4 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cAwlKIH9oOW.js
static.xx.fbcdn.net/rsrc.php/v3/y4/r/ |
15 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_cS9NfYk9Em.js
static.xx.fbcdn.net/rsrc.php/v3iqES4/yu/l/en_US/ |
42 KB 14 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
svFKQXueTby.js
static.xx.fbcdn.net/rsrc.php/v3/y7/r/ |
8 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
referer_frame.php
jela.ca/intern/common/ Frame 8B95 |
315 B 515 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
-PAXP-deijE.gif
static.xx.fbcdn.net/rsrc.php/v3/y4/r/ |
43 B 240 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
cx.atdmt.com/ Frame 8B95 |
42 B 434 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
bz
jela.ca/ajax/ |
315 B 516 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)68 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate number| _cstart function| envFlush object| Env number| __DEV__ function| CavalryLogger undefined| __p function| emptyFunction function| __annotator function| __bodyWrapper function| __t function| __w function| FB_enumerate function| __m object| babelHelpers function| define function| require function| requireDynamic function| requireLazy function| __d function| $RefreshReg$ function| $RefreshSig$ object| ErrorSerializer object| ErrorGuard object| ErrorUtils object| TimeSlice function| Arbiter object| JSCC function| $ function| ge object| Parent function| ProfilingCounters object| PageEvents function| _domcontentready function| onloadRegister_DEPRECATED function| onloadRegister function| onafterloadRegister_DEPRECATED function| onafterloadRegister function| onleaveRegister function| onbeforeunloadRegister function| onunloadRegister function| wait_for_load function| goURI object| Bootloader function| $E string| _script_path object| onloadhooks object| bigPipe object| onafterunloadhooks object| onunloadhooks object| PageHooks function| _domreadyHook function| _onloadHook function| runHook function| runHooks function| keep_window_set_as_loaded function| AsyncRequest object| onbeforeunloadhooks function| intl_set_xmode function| intl_set_amode function| intl_set_rmode function| intl_set_locale object| onleavehooks object| PageTransitions boolean| domready boolean| loaded object| SnappyJS1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.jela.ca/ | Name: wd Value: 1600x1200 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cs.atdmt.com
cx.atdmt.com
facebook.com
jela.ca
static.xx.fbcdn.net
139.99.236.199
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f02d:5:face:b00c:0:8c
2a03:2880:f02d:e:face:b00c:0:2
2a03:2880:f12d:83:face:b00c:0:25de
088f328050992334ddf9b748524248ade7b23e0be9a7be9be6bed84e6424c27f
0d1999e50439bc788c9804ac45ce8687975c43fe56ed12ef7ba46d7e74a7ac2f
1241479b9d6f62a665d99d69a31e0dad30a3ae99c6fdbb4954466e909e563e8c
1369061260a150352856c8f933d76e984c70d16e4d57c85ed6b435ab7e94281a
217ef9a271a8f466f17bece1efb2248f4a9edb054898f9490d9c6a47cdd8de53
324702071ab5d421547d161edac363c856d998b76cd3aaa64a00c23b52abd9e2
478fe2a7a53b19e8e31d04f2ddfb8072eae847f768d9100a9fb1951da640acc9
522428fd2693381b58705586cb3350c66c4b4ba1d52716086b14a9cefb8130b3
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5a52dbaf980be015c37ea658dc83e753f345ecb7c48a7dafd71bf1ed67e8b4bd
6c37421f3ff70b2a97c63d0bdcc3df4d43860c0e69c5cc8eff0f68ebbfbf206c
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6e727efad13745cd4234e0d03fd52772319f7d6f29e5aa9f56714a0532e3e2c3
7473bb78e9414c3b9c80fcbf5ac32af126b841e0576b33071f8fa2842be46e27
804f18e670772b506802c7f05fabbb4bf1984034fcd787751e425af05c205fd1
8627d83666e5f29db4f5ddfba459bf17a542a4b20569815b8055223dbe6d3f75
9fb8a4425ba4bee203f5a582c7b83349bad95042921c67e8f36a774f21022276
a38a4f6ca44bb3d49fb384e8b3a9bc3fb9ad8257356c770e7d0a42732fb4fd2c
a52795255921611421b8098162401a47168bc2cb5122c42d47c65488ae42eee8
a53807e4abefa0f7eefde309acbad17a88852cc38c9f5deda38de4b3edfc2cec
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab81c19e0f9d67d68c7b43ecad598f3691b49b7f96899c6d4e43c1dce8828a68
afb7dd926aee16b1b9e6459c33f1edd2baa6c0310a3fee62a308d5626bfd06d2
b32fc5a027b1985f220259dcadb00997dab56ccbe42036f4c20758c598888620
bef8d61e307d02df0ce9a902d5f8a4e43e5c992d9fe1760ac7954abd61684eeb
d1432a938432c7f85aa63147716bf8db067fa8b57a11fcc81894026f757996ee
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
de8e0773d9bbf9f38b867d3ea16cdcb9c59c27be424bf22ffa77da36ed8e0f64
e60e1c170d239ef8628c55986ae1b8e68239665363c6355cfc03336718bc2d7f
e6a824205381b0db2691cad3c76c8059cc3850b0d67a1e53a9490ed0b45dae72
fcd1cc0c178aae2d740aac1e33317b3f0137f7e80753a97d74d423ce1d568280
fdb7a71487be5dae25de6bae7d22e1dcfd5a4bd0ff15b5fb9c870a237fa44cb1