belize-property.com
Open in
urlscan Pro
198.204.224.234
Malicious Activity!
Public Scan
Submitted URL: https://belize-property.com/wp-content/official/
Effective URL: https://belize-property.com/wp-content/official/dashboard.php?reference=4933c25dd0f9d8243c30
Submission Tags: @phish_report
Submission: On March 11 via api from FI — Scanned from AU
Effective URL: https://belize-property.com/wp-content/official/dashboard.php?reference=4933c25dd0f9d8243c30
Submission Tags: @phish_report
Submission: On March 11 via api from FI — Scanned from AU
Summary
This website contacted 6 IPs
in 2 countries
across 5 domains to perform 14 HTTP transactions.
The main IP is 198.204.224.234, located in
United States and
belongs to NOCIX, US.
The main domain is belize-property.com.
TLS certificate: Issued by R3 on March 2nd 2024. Valid for: 3 months.
This is the only time belize-property.com was scanned on urlscan.io!
TLS certificate: Issued by R3 on March 2nd 2024. Valid for: 3 months.
This is the only time belize-property.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Qantas (Transportation)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 5 | 198.204.224.234 198.204.224.234 | 33387 (NOCIX) (NOCIX) | |
| 1 | 3.212.217.228 3.212.217.228 | 14618 (AMAZON-AES) (AMAZON-AES) | |
| 1 | 23.32.5.88 23.32.5.88 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
| 7 | 23.32.5.80 23.32.5.80 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
| 1 | 142.250.76.106 142.250.76.106 | 15169 (GOOGLE) (GOOGLE) | |
| 14 | 6 |
1
3.212.217.228
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-217-228.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-217-228.compute-1.amazonaws.com
| qantas.resultspage.com |
1
23.32.5.88
(Sydney, Australia)
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-32-5-88.deploy.static.akamaitechnologies.com
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-32-5-88.deploy.static.akamaitechnologies.com
| cdn.qantasloyalty.com |
7
23.32.5.80
(Sydney, Australia)
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-32-5-80.deploy.static.akamaitechnologies.com
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-32-5-80.deploy.static.akamaitechnologies.com
| www.qantas.com |
1
142.250.76.106
(Plainview, United States)
ASN15169 (GOOGLE, US)
PTR: syd09s24-in-f10.1e100.net
ASN15169 (GOOGLE, US)
PTR: syd09s24-in-f10.1e100.net
| ajax.googleapis.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 7 |
qantas.com
www.qantas.com — Cisco Umbrella Rank: 156278 |
97 KB |
| 5 |
belize-property.com
1 redirects
belize-property.com |
183 KB |
| 1 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 368 |
33 KB |
| 1 |
qantasloyalty.com
cdn.qantasloyalty.com — Cisco Umbrella Rank: 383552 |
664 B |
| 1 |
resultspage.com
qantas.resultspage.com — Cisco Umbrella Rank: 441270 |
1 KB |
| 14 | 5 |
| Domain | Requested by | |
|---|---|---|
| 7 | www.qantas.com |
belize-property.com
|
| 5 | belize-property.com |
1 redirects
belize-property.com
|
| 1 | ajax.googleapis.com |
belize-property.com
|
| 1 | cdn.qantasloyalty.com |
belize-property.com
|
| 1 | qantas.resultspage.com |
belize-property.com
|
| 14 | 5 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.qantas.com |
| travelinsider.qantas.com.au |
| help.qantas.com |
| www.facebook.com |
| twitter.com |
| www.linkedin.com |
| www.youtube.com |
| instagram.com |
| www.jetstar.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.belize-property.com R3 |
2024-03-02 - 2024-05-31 |
3 months | crt.sh |
| *.resultspage.com Starfield Secure Certificate Authority - G2 |
2023-05-05 - 2024-06-05 |
a year | crt.sh |
| qantasloyalty.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-11-06 - 2024-09-10 |
10 months | crt.sh |
| qantas.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-11-06 - 2024-11-05 |
a year | crt.sh |
| upload.video.google.com GTS CA 1C3 |
2024-02-19 - 2024-05-13 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://belize-property.com/wp-content/official/dashboard.php?reference=4933c25dd0f9d8243c30
Frame ID: C65631A52A01F100454FE516309DD04E
Requests: 15 HTTP requests in this frame
Screenshot
Page Title
error iconCheckboxPage URL History Show full URLs
-
https://belize-property.com/wp-content/official/
HTTP 302
https://belize-property.com/wp-content/official/dashboard.php?reference=4933c25dd0f9d8243c30 Page URL
Detected technologies
Adobe Experience Manager
(CMS)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- /etc/designs/
WordPress
(CMS)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- /wp-(?:content|includes)/
PHP
(Programming Languages)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- \.php(?:$|\?)
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
41 Outgoing links
These are links going to different origins than the main page.
URL: https://www.qantas.com/travel/airlines/viewing/global/en
Title: Upgrade my browser
Title: Upgrade my browser
Search URL Search Domain Scan URL
URL: https://www.qantas.com/us/en.html
Search URL Search Domain Scan URL
URL: https://www.qantas.com/au/en/qantas-experience/network-and-partner-airlines/oneworld.html
Title: Oneworld
Title: Oneworld
Search URL Search Domain Scan URL
URL: https://www.qantas.com/travelinsider/en.html
Title: Travel Insider
Title: Travel Insider
Search URL Search Domain Scan URL
URL: https://www.qantas.com/directconnect/affinity
Title: Where can I go?
Title: Where can I go?
Search URL Search Domain Scan URL
URL: https://www.qantas.com/us/en/travel-guides/australia.html?int_cam=us:en:travel-guides-au:nav:en:flights
Search URL Search Domain Scan URL
URL: https://www.qantas.com/us/en/flight-deals/flights-to-australia.html/au
Title: Flights to Australia
Title: Flights to Australia
Search URL Search Domain Scan URL
URL: https://www.qantas.com/us/en/flight-deals/flights-to-new-zealand.html/nz
Title: Flights to New Zealand
Title: Flights to New Zealand
Search URL Search Domain Scan URL
URL: https://www.qantas.com/us/en/flight-deals.html
Title: Flights to Japan
Title: Flights to Japan
Search URL Search Domain Scan URL
URL: https://www.qantas.com/us/en/flight-deals/flights-to-singapore.html/sin
Title: Flights to Singapore
Title: Flights to Singapore
Search URL Search Domain Scan URL
URL: https://www.qantas.com/us/en/flight-deals/flights-to-vanuatu.html/nou
Title: Flights to New Caledonia
Title: Flights to New Caledonia
Search URL Search Domain Scan URL
URL: https://www.qantas.com/us/en/flight-deals/international/flights-to-australia.html/economy/all/lowest?int_cam=us:en:flight-deals-au:nav:en:flights
Search URL Search Domain Scan URL
URL: http://travelinsider.qantas.com.au/qantas-magazine
Title: Qantas magazineOpens external site
Title: Qantas magazineOpens external site
Search URL Search Domain Scan URL
URL: https://www.qantas.com/us/en/book-a-trip/flights/qantas-explorer.html?int_cam=us:en:qantas-explorer:nav:en:flights
Search URL Search Domain Scan URL
URL: http://www.qantas.com/travel/airlines/flight-deals/us/en
Title: Flights to Australia
Title: Flights to Australia
Search URL Search Domain Scan URL
URL: https://www.qantas.com/detect-site/coronavirus.html
Title: COVID-19 information
Title: COVID-19 information
Search URL Search Domain Scan URL
URL: https://www.qantas.com/detect-site/manage-booking.html
Title: Manage booking
Title: Manage booking
Search URL Search Domain Scan URL
URL: https://www.qantas.com/travel/airlines/baggage/global/en
Title: baggage allowances
Title: baggage allowances
Search URL Search Domain Scan URL
URL: https://www.qantas.com/us/en/qantas-experience/australian-domestic-flight-network.html?int_cam=us:en:mega-nav:domestic-network:en:flights
Search URL Search Domain Scan URL
URL: https://help.qantas.com/support/s/
Title: Help Opens external site
Title: Help Opens external site
Search URL Search Domain Scan URL
URL: https://www.qantas.com/au/en/frequent-flyer/discover-and-join/terms-and-conditions.html
Title: Terms and Conditions
Title: Terms and Conditions
Search URL Search Domain Scan URL
URL: https://www.qantas.com/us/en/travel-info/baggage/allowance-and-fees.html
Title: Baggage & Optional Service Fees
Title: Baggage & Optional Service Fees
Search URL Search Domain Scan URL
URL: https://www.qantas.com/us/en/support/customer-service-plan.html
Title: Customer Service Plan
Title: Customer Service Plan
Search URL Search Domain Scan URL
URL: https://www.qantas.com/us/en/qantas-group.html
Title: Qantas Group
Title: Qantas Group
Search URL Search Domain Scan URL
URL: https://www.qantas.com/us/en/about-us/news-room.html
Title: News Room
Title: News Room
Search URL Search Domain Scan URL
URL: https://www.qantas.com/us/en/about-us/qantas-careers.html
Title: Careers
Title: Careers
Search URL Search Domain Scan URL
URL: https://www.qantas.com/us/en/about-us/our-company/our-airline-partners/oneworld.html
Title: oneworld
Title: oneworld
Search URL Search Domain Scan URL
URL: https://www.qantas.com/us/en/about-us.html
Title: More about Qantas
Title: More about Qantas
Search URL Search Domain Scan URL
URL: https://www.qantas.com/us/en/100-years-of-the-spirit-of-australia.html
Title: Qantas Centenary
Title: Qantas Centenary
Search URL Search Domain Scan URL
URL: https://www.qantas.com/content/dam/qantas/pdfs/about-us/corporate-governance/modern-slavery-and-human-trafficking-statement.pdf
Title: Modern Slavery Act Statement
Title: Modern Slavery Act Statement
Search URL Search Domain Scan URL
URL: https://www.facebook.com/Qantas/
Title: 1.4m+ likesOpens external site in a new window
Title: 1.4m+ likesOpens external site in a new window
Search URL Search Domain Scan URL
URL: https://twitter.com/Qantas
Title: 483k+ followersOpens external site in a new window
Title: 483k+ followersOpens external site in a new window
Search URL Search Domain Scan URL
URL: http://www.linkedin.com/company/qantas
Title: 287k+ followersOpens external site in a new window
Title: 287k+ followersOpens external site in a new window
Search URL Search Domain Scan URL
URL: https://www.youtube.com/user/Qantas
Title: 93k+ subscribersOpens external site in a new window
Title: 93k+ subscribersOpens external site in a new window
Search URL Search Domain Scan URL
URL: http://instagram.com/Qantas
Title: 933k+ followersOpens external site in a new window
Title: 933k+ followersOpens external site in a new window
Search URL Search Domain Scan URL
URL: https://www.jetstar.com/
Title: JetstarOpens external site in a new window
Title: JetstarOpens external site in a new window
Search URL Search Domain Scan URL
URL: https://www.qantas.com/us/en/support/essential-accessibility.html
Title: eSSENTIAL AccessibilityTM
Title: eSSENTIAL AccessibilityTM
Search URL Search Domain Scan URL
URL: https://www.qantas.com/us/en/support/privacy-and-security.html
Title: Privacy & Security
Title: Privacy & Security
Search URL Search Domain Scan URL
URL: https://www.qantas.com/us/en/support/terms-of-use.html
Title: Terms of Use
Title: Terms of Use
Search URL Search Domain Scan URL
URL: https://www.qantas.com/us/en/book-a-trip/flights/conditions-of-carriage.html
Title: Conditions of Carriage
Title: Conditions of Carriage
Search URL Search Domain Scan URL
URL: https://www.qantas.com/us/en/book-a-trip/flights/fare-types.html
Title: Fare types
Title: Fare types
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://belize-property.com/wp-content/official/
HTTP 302
https://belize-property.com/wp-content/official/dashboard.php?reference=4933c25dd0f9d8243c30 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
14 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
dashboard.php
belize-property.com/wp-content/official/ Redirect Chain
|
543 KB 59 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
main.css
belize-property.com/wp-content/official/ |
210 KB 27 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sli-rac.css
qantas.resultspage.com/autocomplete/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
login.bundle.css
cdn.qantasloyalty.com/assets/widgets/login/v2/ |
114 B 664 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
main-noncritical.min.39f8b7e771e1f7442c41e2b0eb8c5459.css
www.qantas.com/etc/designs/qcom/site/ |
74 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
qantas-masterbrand-logo-40px.svg
www.qantas.com/content/dam/qantas/logos/ |
10 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
escape-au.jpg
www.qantas.com/images/imb/img/190x440/ |
26 KB 27 KB |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Australia-flight-deals-190x135.jpg
www.qantas.com/images/imb/img/ |
8 KB 9 KB |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
qantas-explorer.jpg
www.qantas.com/images/imb/img/190x440/ |
26 KB 26 KB |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
australian-domestic-network-190x440.jpg
www.qantas.com/images/imb/img/190x440/ |
10 KB 11 KB |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ |
90 KB 33 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
315CA1_3_0.woff2
belize-property.com/wp-content/official/ |
48 KB 49 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
spritesheet-9632fb7044385395ce89846b873ea4e3.png
www.qantas.com/etc/designs/qantas/global/img/ |
11 KB 11 KB |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
736 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
315CA1_1_0.woff2
belize-property.com/wp-content/official/ |
49 KB 49 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Qantas (Transportation)29 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| aler function| aler1 boolean| completed1 boolean| completed2 boolean| completed3 function| aler2 function| tcitle function| return_string function| checkelement2 function| all3 function| checkelement3 function| all4 function| checkelement4 function| all5 function| checkelement5 function| all6 function| checkelement6 function| $ function| jQuery function| formatString function| digitKeyOnly function| normalizeYear function| checkExp function| CCValidationWithType function| barranayek function| validinfo function| alorsondanse function| sleep function| demo0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Content-Security-Policy | object-src 'none' |
| Strict-Transport-Security | max-age=15768000;includeSubdomains |
| X-Content-Type-Options | nosniff |
| X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
belize-property.com
cdn.qantasloyalty.com
qantas.resultspage.com
www.qantas.com
142.250.76.106
198.204.224.234
23.32.5.80
23.32.5.88
3.212.217.228
0664e82539264eafd54fe31718f5f4d885348fe8f8c8268482fe29c0043f3e98
445b7df4c1fa8a4f1847e39edc7476fb8bec4c9e7aa3c4127ce4e61a300f6e00
450bb80667b0393d6caa03b172876b02fd39a64dc3fae3c7d398d22dad852b64
55adb2c8fa18eaba51ebf7ad393246020f4c827146c2d1fe30b38d4a47d2fbda
5a1d9e8f0951eaf775165f9381733d44a10df8b8997d478fb04fadbf8c955d66
763a86d3b22b56dc063a25ec601d018d501c38aed49034fde8e2d3351f614f81
8f84c6ebd3038a5597b355b402381d3300f52c6838be6df12a378d778f4932d1
929994c943e6df422c54cdb9ab4e7b0b7e73cf9cd81d9e8f259789c8c5aacb15
a806e253fea2bb0e575c2be79bceab15da0a99b28b7bae404b3ad10983172a1e
abe83c8f1046deaa45805df9f097a32140095ea26d267b9761fc062c618513a1
acfecce6970a2ec8db6bbf3a51bcec7b2936d8930b0b7c84a079a315adb7b6c3
b2b64e5d45e5f4911d34343f60b7d15ba57d7ce1e4cc5dd69ac424bb79d84455
b964d246defe2ccf6dd3a0d3887ac9d09325a866b94bd57732219406654698a2
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
e33bf0e24ad4a7482d68c48aa84a576e57bd3d8cdd3256de1e72f3b08bff4fed