toursinlimites.com.mx
Open in
urlscan Pro
65.99.252.191
Malicious Activity!
Public Scan
Effective URL: https://toursinlimites.com.mx/chase/
Submission: On July 09 via api from TW
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 25th 2020. Valid for: a year.
This is the only time toursinlimites.com.mx was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Chase (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 6 | 65.99.252.191 65.99.252.191 | 36024 (AS-TIERP-...) (AS-TIERP-36024) | |
5 | 151.139.128.8 151.139.128.8 | 20446 (HIGHWINDS3) (HIGHWINDS3) | |
9 | 2 |
ASN20446 (HIGHWINDS3, US)
kit.fontawesome.com | |
kit-free.fontawesome.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
toursinlimites.com.mx
2 redirects
toursinlimites.com.mx |
144 KB |
5 |
fontawesome.com
kit.fontawesome.com kit-free.fontawesome.com |
97 KB |
9 | 2 |
Domain | Requested by | |
---|---|---|
6 | toursinlimites.com.mx |
2 redirects
toursinlimites.com.mx
|
4 | kit-free.fontawesome.com |
kit.fontawesome.com
toursinlimites.com.mx |
1 | kit.fontawesome.com |
toursinlimites.com.mx
|
9 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
toursinlimites.com.mx Sectigo RSA Domain Validation Secure Server CA |
2020-03-25 - 2021-04-15 |
a year | crt.sh |
*.fontawesome.com DigiCert SHA2 Secure Server CA |
2019-10-28 - 2020-12-23 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://toursinlimites.com.mx/chase/
Frame ID: 550A3739AF1535785BAFE908219B4609
Requests: 9 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://toursinlimites.com.mx/chase
HTTP 301
https://toursinlimites.com.mx/chase HTTP 301
https://toursinlimites.com.mx/chase/ Page URL
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://toursinlimites.com.mx/chase
HTTP 301
https://toursinlimites.com.mx/chase HTTP 301
https://toursinlimites.com.mx/chase/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
9 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
toursinlimites.com.mx/chase/ Redirect Chain
|
3 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.css
toursinlimites.com.mx/chase/css/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
d41c77e3c5.js
kit.fontawesome.com/ |
6 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
background.jpeg
toursinlimites.com.mx/chase/background/ |
140 KB 141 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.svg
toursinlimites.com.mx/chase/svg/ |
1 KB 953 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
free-v4-shims.min.css
kit-free.fontawesome.com/releases/latest/css/ |
26 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
free-v4-font-face.min.css
kit-free.fontawesome.com/releases/latest/css/ |
3 KB 928 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
free.min.css
kit-free.fontawesome.com/releases/latest/css/ |
59 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
free-fa-brands-400.woff2
kit-free.fontawesome.com/releases/latest/webfonts/ |
76 KB 76 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Chase (Banking)3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| FontAwesomeKitConfig object| prefixesArray string| prefixesSelectorString0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
kit-free.fontawesome.com
kit.fontawesome.com
toursinlimites.com.mx
151.139.128.8
65.99.252.191
0064b70a0859a11e23861d5e4bb2b8516474dffb9254972222348521efc98b7f
07cc3a5d26c5879fea01d7b82a40884f2e8bd72a82b1903cb6179cb309971107
2786b6c039fe516ede5182107b4145eb22ca5b644137c8de097aac7b54f03406
44178ef72c1353afc3d6ed210b86a36fd2667cde29a76fdfdd062d63bd45c43d
56c0f6a2e1337117bcb07da67829b1131f803e19965e033e7d5d621aeff96fee
61bb603429dbc8159b17e74dc71a21a978e0370032d43eac809a871fe3cb951f
717360f1759b6925a3e40ea293d825b50fc17e8bf7e849de44d70769664bf696
d59753f9ec7b0bf1221cc27b7b54a7d0c44f09580497c93d702be0a3e7227d09
fd7b663f9bf4cd0cb0d19d29835a1866750f1cebca296d81a6871033597f59ec