esalemedia.com
Open in
urlscan Pro
198.204.239.68
Malicious Activity!
Public Scan
Submission: On June 17 via manual from AE
Summary
TLS certificate: Issued by R3 on April 29th 2021. Valid for: 3 months.
This is the only time esalemedia.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Emirates Post (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 19 | 198.204.239.68 198.204.239.68 | 33387 (NOCIX) (NOCIX) | |
1 | 185.126.226.146 185.126.226.146 | 204085 (NGS) (NGS) | |
1 | 2a00:1450:400... 2a00:1450:4001:831::2003 | 15169 (GOOGLE) (GOOGLE) | |
20 | 3 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
19 |
esalemedia.com
1 redirects
esalemedia.com |
786 KB |
1 |
gstatic.com
fonts.gstatic.com |
30 KB |
1 |
onlinewebfonts.com
db.onlinewebfonts.com |
80 KB |
20 | 3 |
Domain | Requested by | |
---|---|---|
19 | esalemedia.com |
1 redirects
esalemedia.com
|
1 | fonts.gstatic.com |
esalemedia.com
|
1 | db.onlinewebfonts.com |
esalemedia.com
|
20 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
esalemedia.com R3 |
2021-04-29 - 2021-07-28 |
3 months | crt.sh |
onlinewebfonts.com Sectigo RSA Domain Validation Secure Server CA |
2020-10-12 - 2021-11-11 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2021-05-24 - 2021-08-16 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://esalemedia.com/emiratepost/emarate/other/
Frame ID: 9B0C2167820F4C46719504B4337D5287
Requests: 20 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://esalemedia.com/emiratepost/emarate/other
HTTP 301
https://esalemedia.com/emiratepost/emarate/other/ Page URL
Detected technologies
Nginx (Web Servers) ExpandDetected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Modernizr (JavaScript Libraries) Expand
Detected patterns
- script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://esalemedia.com/emiratepost/emarate/other
HTTP 301
https://esalemedia.com/emiratepost/emarate/other/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
20 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
esalemedia.com/emiratepost/emarate/other/ Redirect Chain
|
10 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
base.css
esalemedia.com/emiratepost/emarate/other/css/ |
16 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor.css
esalemedia.com/emiratepost/emarate/other/css/ |
50 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.css
esalemedia.com/emiratepost/emarate/other/css/ |
76 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modernizr.js
esalemedia.com/emiratepost/emarate/other/js/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pace.min.js
esalemedia.com/emiratepost/emarate/other/js/ |
12 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
esalemedia.com/emiratepost/emarate/other/image/ |
17 KB 17 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.2.1.min.js
esalemedia.com/emiratepost/emarate/other/js/ |
85 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
plugins.js
esalemedia.com/emiratepost/emarate/other/js/ |
184 KB 55 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
esalemedia.com/emiratepost/emarate/other/js/ |
14 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
esalemedia.com/emiratepost/emarate/other/css/font-awesome/css/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
micons.css
esalemedia.com/emiratepost/emarate/other/css/micons/ |
11 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fonts.css
esalemedia.com/emiratepost/emarate/other/css/ |
4 KB 759 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
13a7a4a64f0a4b39a872e732c91d2375.woff2
db.onlinewebfonts.com/t/ |
80 KB 80 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tsstApxBaigK_hnnQ1iFo0C3.woff2
fonts.gstatic.com/s/almarai/v4/ |
30 KB 30 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
montserrat-medium-webfont.woff2
esalemedia.com/emiratepost/emarate/other/fonts/montserrat/ |
19 KB 19 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
montserrat-regular-webfont.woff2
esalemedia.com/emiratepost/emarate/other/fonts/montserrat/ |
18 KB 19 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lora-regular-webfont.woff2
esalemedia.com/emiratepost/emarate/other/fonts/lora/ |
33 KB 34 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
montserrat-light-webfont.woff2
esalemedia.com/emiratepost/emarate/other/fonts/montserrat/ |
18 KB 19 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg.jpg
esalemedia.com/emiratepost/emarate/other/images/ |
550 KB 550 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Emirates Post (Transportation)33 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| Modernizr object| Pace function| $ function| jQuery function| Waypoint function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Masonry function| EventEmitter object| eventie function| imagesLoaded function| PhotoSwipe function| PhotoSwipeUI_Default boolean| PR_SHOULD_USE_CONTINUATION function| prettyPrintOne function| prettyPrint object| PR object| AOS0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
db.onlinewebfonts.com
esalemedia.com
fonts.gstatic.com
185.126.226.146
198.204.239.68
2a00:1450:4001:831::2003
1fd4c882b277b1733f27be78e59f2318df771113cfc3981f4c4ad1b287238880
2396129a0fa59369b86bb6a508f77b53ff346a7fb28a7396c96601bcf06b5d8d
2d79fb8380c7e66d3dfecfef4e484b1d2ab40c8279705e505c7c4826afec8734
2e6c37dce49aa29359da9f8213274dd675646341fb974561dcd467ad50d65beb
461a476f9db3123182ff2e0556a05c0bd7cd28b0d38976d94593df7e4275120a
4d512653560de29b3246cb489c84d40420444974107a8d047f9149d71094ec01
579a10a2485055e988338be054f866cbe713c8510442130cbda0ce11ced6c49f
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
877315ebe632fd0513eb469fc3caad3704ba8247b14777e7bd6c2a63925ca9ae
8bef209f12c6d39d80462e17c374b0a018aecdb3ea26ad1bc391812c8ae16906
9bd926b1d5e3931f02cdbd8e70af3485683d19588c56d3404aad31c571020c7d
a358c864806a7a93ef2d795bbfaf5eae965c752d4c1751b1d5308f7f43f31df8
a8935188f8afc7b9f6f5a3b4e25f008e89c9c893457cbc542fea8fb83e055837
aeb0f35eb529425a322bbfc9e667d548570ebc5b989c5618cc5277784e2ca085
b8d131282009e7d41bd8dbdd22c943892bc01b4598314ddff7a2f5d9ccc3db29
ba5c21598ed765c1b3679e8336e226b5b93aad5846d5239d6371011d64255caa
e6c80bfb027ccc23b673283f0e7109e5b9cb9597d810380527b46f66e8e034fd
e6caf5474c8664f57ff0d21a4b0afb47291f7f8a5a3dfd7e3949e1055ae34158
fbff254833abe80bd36853a1fba0b6ec33eae05c83fdd615cc2b48fe2b898678
fe2bcf2057fb37fd62bbd86c5653ca411915895684cd6a799e5a1aaf2536c318