![](/screenshots/89fbf3f1-32c3-4987-88bf-eb62aaba9938.png)
shangrilacolombo.life
Open in
urlscan Pro
2606:4700:3035::ac43:9ac0
Malicious Activity!
Public Scan
Submission: On June 11 via api from US — Scanned from DE
Summary
TLS certificate: Issued by WE1 on June 8th 2024. Valid for: 3 months.
This is the only time shangrilacolombo.life was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Booking (Travel)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
5 | 2606:4700:303... 2606:4700:3035::ac43:9ac0 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2600:9000:266... 2600:9000:266e:200:5:bf05:acc0:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
14 | 172.67.154.192 172.67.154.192 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
20 | 3 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
19 |
shangrilacolombo.life
shangrilacolombo.life |
93 KB |
1 |
bstatic.com
cf.bstatic.com — Cisco Umbrella Rank: 15696 |
152 KB |
20 | 2 |
Domain | Requested by | |
---|---|---|
19 | shangrilacolombo.life |
shangrilacolombo.life
|
1 | cf.bstatic.com |
shangrilacolombo.life
|
20 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
shangrilacolombo.life WE1 |
2024-06-08 - 2024-09-06 |
3 months | crt.sh |
*.bstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-11-29 - 2024-11-28 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://shangrilacolombo.life/257741252
Frame ID: FF6F1BC83C111426DE0FEF37C0ABC2C5
Requests: 13 HTTP requests in this frame
Frame:
https://shangrilacolombo.life/supportChatFrame/257741252
Frame ID: 6E7E2CA54C0F65C07672441213102A6E
Requests: 7 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
20 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
257741252
shangrilacolombo.life/ |
56 KB 14 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scriptbook1.js
shangrilacolombo.life/js/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
stylesbooking1.css
shangrilacolombo.life/ |
32 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
295690735.jpg
cf.bstatic.com/xdata/images/hotel/max1024x768/ |
151 KB 152 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
support_parent.css
shangrilacolombo.life/css/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3ebd385b-2ec3-4a0e-87da-a2bdf478071e.js
shangrilacolombo.life/ |
0 0 |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
flags.png
shangrilacolombo.life/images/ |
30 KB 30 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
257741252
shangrilacolombo.life/supportChatFrame/ Frame 6E7E |
22 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
supportIcon.svg
shangrilacolombo.life/img/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
support_chat.css
shangrilacolombo.life/css/ Frame 6E7E |
101 KB 17 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
axios.min.js
shangrilacolombo.life/js/ Frame 6E7E |
14 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
support.js
shangrilacolombo.life/js/ Frame 6E7E |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
getMessages
shangrilacolombo.life/api/support/ Frame 6E7E |
597 B 847 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
shangrilacolombo.life/ |
9 B 496 B |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
user-online
shangrilacolombo.life/257741252/ |
24 B 447 B |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
getMessages
shangrilacolombo.life/api/support/ Frame 6E7E |
597 B 840 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
user-online
shangrilacolombo.life/257741252/ |
24 B 438 B |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
user-online
shangrilacolombo.life/257741252/ |
24 B 440 B |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
getMessages
shangrilacolombo.life/api/support/ Frame 6E7E |
597 B 844 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
user-online
shangrilacolombo.life/257741252/ |
24 B 443 B |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Booking (Travel)4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 function| notifyServer function| K function| p2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
shangrilacolombo.life/ | Name: csrfToken Value: 6e427f391cd41b03b4cf3088e2361ad5 |
|
shangrilacolombo.life/ | Name: connect.sid Value: s%3AHz2N2mVI4GTppfcD8uWwSfJRsjFte2Ei.fXteBsr7eQctqAdXME%2BfgSE68sf%2FvlT18diLtkOGUX0 |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Xss-Protection | 0 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cf.bstatic.com
shangrilacolombo.life
172.67.154.192
2600:9000:266e:200:5:bf05:acc0:93a1
2606:4700:3035::ac43:9ac0
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5
149c4a523ca82c166dd7079d8cd45bddd108b6334db065cd8d1ca16f18797a75
2fbb1fe443d2a142ddf391011980e4682a83d50de66378ff18d327a5cf41a1cf
4d8b20cfaad7716381e8a351a39d6323e5266f562d3c9e5bcee1fe0c804bdc57
6e3e7ddd9cd7c5b46de6c43434a603e7728de3ec98437d8f6f7860a54da3a876
809df304b4b563fb4c2b4cc0b9259595a957d6ce12ac627bcb993e00a78cffee
98c713fbef32c558ecd6ccb79ee8e7f727708d93c283f3e2204d03f05bf0a201
9e8a0979aff062d4c79ab5c36599f1de47c75219352076f534373fd1c52cea54
b1a865ed15fe92e4b94b197548f866d19e6f57f8f512fdab3fe2a05043a28cd0
b2e3158656f24d0f69988896ea2facd530904745d286f84eadb67ceb2ce9d4c2
d35e73edc030e667b728e2e626c782ec2b4d3b0a3044730c02b9a25dbf46be59
d40c636c6f5df8e97ce5d56c336a9c1379bfa2b963053386d670b6865be2913f
d7ccc9ee38e42f37b0c9c1f2a06c9fd689d72f78ba49d4dc3576843a19df4cda
ea52c2604519304144d7267cf90f912ee6b092b2c5505576948568fe653dcac0
fc78e1550450ab81964ef660b05cb14fb17e0b895b261925ad7e6e073502dfc4