infraniumproperties.com
Open in
urlscan Pro
148.66.138.117
Malicious Activity!
Public Scan
Submission: On June 23 via api from US — Scanned from SG
Summary
TLS certificate: Issued by infraniumproperties.com on June 10th 2024. Valid for: a year.
This is the only time infraniumproperties.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Email (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 148.66.138.117 148.66.138.117 | 26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC) | |
5 | 199.36.158.100 199.36.158.100 | 54113 (FASTLY) (FASTLY) | |
1 | 151.101.130.137 151.101.130.137 | 54113 (FASTLY) (FASTLY) | |
1 | 104.17.25.14 104.17.25.14 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 104.18.11.207 104.18.11.207 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 74.125.200.95 74.125.200.95 | 15169 (GOOGLE) (GOOGLE) | |
1 2 | 23.52.40.171 23.52.40.171 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
2 | 23.52.171.58 23.52.171.58 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
4 | 23.50.93.75 23.50.93.75 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
30 | 10 |
ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
infraniumproperties.com |
ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com | |
stackpath.bootstrapcdn.com |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-52-40-171.deploy.static.akamaitechnologies.com
img1.wsimg.com |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-52-171-58.deploy.static.akamaitechnologies.com
events.api.secureserver.net |
ASN16625 (AKAMAI-AS, US)
PTR: a23-50-93-75.deploy.static.akamaitechnologies.com
csp.secureserver.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
secureserver.net
events.api.secureserver.net — Cisco Umbrella Rank: 14322 csp.secureserver.net — Cisco Umbrella Rank: 14402 |
574 B |
5 |
web.app
izu-css.web.app |
71 KB |
2 |
wsimg.com
1 redirects
img1.wsimg.com — Cisco Umbrella Rank: 11139 |
21 KB |
2 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1286 stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 3406 |
31 KB |
2 |
infraniumproperties.com
infraniumproperties.com |
78 KB |
1 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 469 |
30 KB |
1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 268 |
7 KB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 816 |
24 KB |
0 |
topes.com
Failed
mail.topes.com Failed |
|
30 | 9 |
Domain | Requested by | |
---|---|---|
5 | izu-css.web.app |
infraniumproperties.com
izu-css.web.app |
4 | csp.secureserver.net |
img1.wsimg.com
|
2 | events.api.secureserver.net |
img1.wsimg.com
|
2 | img1.wsimg.com |
1 redirects
infraniumproperties.com
|
2 | infraniumproperties.com | |
1 | stackpath.bootstrapcdn.com |
infraniumproperties.com
|
1 | ajax.googleapis.com |
infraniumproperties.com
|
1 | maxcdn.bootstrapcdn.com |
infraniumproperties.com
|
1 | cdnjs.cloudflare.com |
infraniumproperties.com
|
1 | code.jquery.com |
infraniumproperties.com
|
0 | mail.topes.com Failed |
infraniumproperties.com
|
30 | 11 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
infraniumproperties.com infraniumproperties.com |
2024-06-10 - 2025-06-10 |
a year | crt.sh |
web.app WR4 |
2024-05-21 - 2024-08-19 |
3 months | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2023-07-11 - 2024-07-14 |
a year | crt.sh |
cdnjs.cloudflare.com E1 |
2024-06-02 - 2024-08-31 |
3 months | crt.sh |
bootstrapcdn.com GTS CA 1P5 |
2024-05-25 - 2024-08-23 |
3 months | crt.sh |
upload.video.google.com WR2 |
2024-06-03 - 2024-08-26 |
3 months | crt.sh |
*.api.secureserver.net Starfield Secure Certificate Authority - G2 |
2023-07-10 - 2024-08-10 |
a year | crt.sh |
*.secureserver.net Starfield Secure Certificate Authority - G2 |
2023-10-10 - 2024-11-10 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://infraniumproperties.com/arp/index.html
Frame ID: 2BE5C119819C1C545B7553E22B37E80E
Requests: 29 HTTP requests in this frame
Screenshot
Page Title
주식회사 토페스...Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Popper (Miscellaneous) Expand
Detected patterns
- /popper\.js/([0-9.]+)
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 11- https://img1.wsimg.com/traffic-assets/js/tccl.min.js HTTP 301
- https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js
30 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
index.html
infraniumproperties.com/arp/ |
123 KB 78 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
common68f1.css
izu-css.web.app/stress/ |
19 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
jquery-ui.css
mail.topes.com/gw/js/Scripts/jqueryui/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
pudd-1.1.22.min.js
mail.topes.com/gw/js/pudd/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
ico_2_de.png
mail.topes.com/gw/Images/ico/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
ico_2_mo.png
mail.topes.com/gw/Images/ico/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
ico_2_login.png
mail.topes.com/gw/Images/ico/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.2.1.slim.min.js
code.jquery.com/ |
68 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/ |
19 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/ |
48 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ |
84 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/ |
50 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scc-c2.min.js
img1.wsimg.com/signals/js/clients/scc-c2/ Redirect Chain
|
105 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
layout4fcd.css
izu-css.web.app/stress/ |
120 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
contents4fcd.css
izu-css.web.app/stress/ |
355 KB 50 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recalendar4fcd.css
izu-css.web.app/stress/ |
5 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
jquery-1.9.1.min.js
mail.topes.com/gw/js/Scripts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
common.js
mail.topes.com/gw/js/Scripts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
aes.js
mail.topes.com/gw/js/Scripts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
secondCert.js
mail.topes.com/gw/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
securityEncUtil.js
mail.topes.com/gw/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
70 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login_a1_type_txt.png
izu-css.web.app/bg/ |
2 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
checkbox01.png
izu-css.web.app/Images/bg/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
event
events.api.secureserver.net/t/1/tl/ |
43 B 287 B |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
event
events.api.secureserver.net/t/1/tl/ |
43 B 287 B |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
infraniumproperties.com/ |
3 B 121 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
eventbus
csp.secureserver.net/ |
0 0 |
Preflight
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
eventbus
csp.secureserver.net/ |
0 0 |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
eventbus
csp.secureserver.net/ |
0 0 |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
eventbus
csp.secureserver.net/ |
0 0 |
Preflight
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- mail.topes.com
- URL
- http://mail.topes.com/gw/js/Scripts/jqueryui/jquery-ui.css?ver=20201021
- Domain
- mail.topes.com
- URL
- http://mail.topes.com/gw/js/pudd/js/pudd-1.1.22.min.js
- Domain
- mail.topes.com
- URL
- https://mail.topes.com/gw/Images/ico/ico_2_de.png
- Domain
- mail.topes.com
- URL
- https://mail.topes.com/gw/Images/ico/ico_2_mo.png
- Domain
- mail.topes.com
- URL
- https://mail.topes.com/gw/Images/ico/ico_2_login.png
- Domain
- mail.topes.com
- URL
- http://mail.topes.com/gw/js/Scripts/jquery-1.9.1.min.js
- Domain
- mail.topes.com
- URL
- http://mail.topes.com/gw/js/Scripts/common.js?ver=20201021
- Domain
- mail.topes.com
- URL
- http://mail.topes.com/gw/js/Scripts/aes.js?ver=20201021
- Domain
- mail.topes.com
- URL
- http://mail.topes.com/gw/js/secondCert.js?ver=20200923
- Domain
- mail.topes.com
- URL
- http://mail.topes.com/gw/js/securityEncUtil.js
- Domain
- izu-css.web.app
- URL
- https://izu-css.web.app/Images/bg/checkbox01.png
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Email (Online)13 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
undefined| event object| fence object| sharedStorage function| $ function| jQuery function| Popper object| bootstrap object| _trfd object| _tcclInternal object| _expDataLayer object| _signalsDataLayer object| scc-c2 object| _trfq3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.infraniumproperties.com/ | Name: _tccl_visitor Value: 841e87a7-7eed-4812-b6b3-6a584bfa4b43 |
|
.infraniumproperties.com/ | Name: _tccl_visit Value: 841e87a7-7eed-4812-b6b3-6a584bfa4b43 |
|
.infraniumproperties.com/ | Name: _scc_session Value: pc=1&C_TOUCH=2024-06-23T01:50:33.092Z |
22 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
cdnjs.cloudflare.com
code.jquery.com
csp.secureserver.net
events.api.secureserver.net
img1.wsimg.com
infraniumproperties.com
izu-css.web.app
mail.topes.com
maxcdn.bootstrapcdn.com
stackpath.bootstrapcdn.com
izu-css.web.app
mail.topes.com
104.17.25.14
104.18.11.207
148.66.138.117
151.101.130.137
199.36.158.100
23.50.93.75
23.52.171.58
23.52.40.171
74.125.200.95
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0cbadb6d6c35558cba2bb075752a5faaba5376ab4888a98e72f0bdbc7951438e
32758d24a5b7d0712439f1cc71a8f2ff5d8c29d5ce87ee132cdfda67fadc9e4f
3f07a47b9856ab13597664a466b23618f72e1b6e7787bee24c5a690991054671
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
6bceadce2b938bc0b167d5c9032b1a20b15f84f90e6bd63dfd8365aace9ff1bc
8f7092c94ef904c57584706cdb5f1fd9fe1efce52ce3105e99b9a7def487f09f
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398
93e83e55ec668409c225d599060b697a8d6ddfce3a9a4837660bf9bee9bb9dab
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bcdec5718f5764887793fe729423ea665247e73501cc17807474a0433579e5f4
c81b2da5311c44f50b232f07235076ef9fca61488036228ef438a7f71746c61c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b