ruarakahousingestate.co.ke Open in urlscan Pro
192.185.147.8 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://ruarakahousingestate.co.ke/app.php?ver=82&serverid=gktodhxyjfrevkdlckysltah
Submission: On November 02 via automatic, source openphish (November 2nd 2022, 1:09:29 am UTC) — Scanned from DE

Summary HTTP 67 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 11 IPs in 5 countries across 6 domains to perform 67 HTTP transactions. The main IP is 192.185.147.8, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is ruarakahousingestate.co.ke.

This is the only time ruarakahousingestate.co.ke was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Poste Italiane (Online)

Domain & IP information

	IP Address	AS Autonomous System
50	192.185.147.8 192.185.147.8	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
2	2620:1ec:bdf::45 2620:1ec:bdf::45	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	62.241.13.20 62.241.13.20	15720 (Viale Europa) (Viale Europa)
1	2606:4700:10:... 2606:4700:10::ac43:88d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.112.193 151.101.112.193	54113 (FASTLY) (FASTLY)
2	51.161.15.92 51.161.15.92	16276 (OVH) (OVH)
1	2606:4700:10:... 2606:4700:10::6816:4aab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.19.39 104.18.19.39	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	67.202.105.34 67.202.105.34	32748 (STEADFAST) (STEADFAST)
1	67.202.105.32 67.202.105.32	32748 (STEADFAST) (STEADFAST)
67	11

50 192.185.147.8 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 192-185-147-8.unifiedlayer.com

ruarakahousingestate.co.ke	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::45 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.poste.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.241.13.20 (Italy)

ASN15720 (Viale Europa, 175, IT)

securelogin.poste.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:88d (United States)

ASN13335 (CLOUDFLARENET, US)

widgets.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.161.15.92 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: ns570935.ip-51-161-15.net

t.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:4aab (United States)

ASN13335 (CLOUDFLARENET, US)

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.19.39 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

cdn.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 67.202.105.34 (Tinley Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip34.67-202-105.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.32 (Tinley Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip32.67-202-105.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
50	ruarakahousingestate.co.ke ruarakahousingestate.co.ke	488 KB
9	tynt.com cdn.tynt.com — Cisco Umbrella Rank: 12799 ic.tynt.com — Cisco Umbrella Rank: 6931 de.tynt.com — Cisco Umbrella Rank: 2274	9 KB
3	poste.it www.poste.it — Cisco Umbrella Rank: 21316 securelogin.poste.it	24 KB
2	dtscout.com t.dtscout.com — Cisco Umbrella Rank: 9314	3 KB
2	amung.us widgets.amung.us — Cisco Umbrella Rank: 13281 whos.amung.us — Cisco Umbrella Rank: 9504	4 KB
1	imgur.com i.imgur.com — Cisco Umbrella Rank: 4852	32 KB
67	6

	Domain	Requested by
50	ruarakahousingestate.co.ke	ruarakahousingestate.co.ke
7	ic.tynt.com	ruarakahousingestate.co.ke
2	t.dtscout.com	widgets.amung.us t.dtscout.com
2	www.poste.it	ruarakahousingestate.co.ke
1	de.tynt.com	cdn.tynt.com
1	cdn.tynt.com	widgets.amung.us
1	whos.amung.us	widgets.amung.us
1	i.imgur.com	ruarakahousingestate.co.ke
1	widgets.amung.us	ruarakahousingestate.co.ke
1	securelogin.poste.it	ruarakahousingestate.co.ke
67	10

This site contains links to these domains. Also see Links.

Domain
www.poste.it
posteid.poste.it

Subject Issuer	Validity	Valid
www.poste.it GlobalSign RSA OV SSL CA 2018	`2022-03-25` - `2023-04-26`	a year	crt.sh
securelogin.poste.it GlobalSign RSA OV SSL CA 2018	`2022-03-25` - `2023-04-26`	a year	crt.sh
*.amung.us Sectigo RSA Domain Validation Secure Server CA	`2022-05-18` - `2023-06-17`	a year	crt.sh
*.imgur.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-03-16`	a year	crt.sh
*.dtscout.com Sectigo RSA Domain Validation Secure Server CA	`2021-10-28` - `2022-11-27`	a year	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-07` - `2023-09-30`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://ruarakahousingestate.co.ke/app.php?ver=82&serverid=gktodhxyjfrevkdlckysltah
Frame ID: 13D49443625FBA5624DF42B5729D74D9
Requests: 69 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Accedi o Registrati