alisstag.com
Open in
urlscan Pro
2a02:4780:33:a15b:397b:754b:d3f6:46db
Malicious Activity!
Public Scan
Submission Tags: falconsandbox
Submission: On June 13 via api from US — Scanned from DE
Summary
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on April 27th 2024. Valid for: 3 months.
This is the only time alisstag.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Telegram (Instant Messenger)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
4 | 2a02:4780:33:... 2a02:4780:33:a15b:397b:754b:d3f6:46db | 47583 (AS-HOSTINGER) (AS-HOSTINGER) | |
2 | 2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK) | |
2 | 191.96.144.103 191.96.144.103 | 47583 (AS-HOSTINGER) (AS-HOSTINGER) | |
2 | 2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK) | |
10 | 4 |
ASN47583 (AS-HOSTINGER, CY)
alisstag.com |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN32934 (FACEBOOK, US)
www.facebook.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
alisstag.com
alisstag.com |
208 KB |
2 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 114 |
3 KB |
2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 205 |
71 KB |
10 | 3 |
Domain | Requested by | |
---|---|---|
6 | alisstag.com |
alisstag.com
|
2 | www.facebook.com |
alisstag.com
|
2 | connect.facebook.net |
alisstag.com
connect.facebook.net |
10 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
telegram.org |
wh.komedia.top |
Subject Issuer | Validity | Valid | |
---|---|---|---|
alisstag.com ZeroSSL RSA Domain Secure Site CA |
2024-04-27 - 2024-07-26 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2024-03-23 - 2024-06-21 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://alisstag.com/?utm_medium=paid&utm_source=fb&utm_id=120209097206240010&utm_content=120209097206210010&utm_term=120209097206250010&utm_campaign=120209097206240010
Frame ID: 0FD2A2C465A14497316FF7258774FCF9
Requests: 10 HTTP requests in this frame
2 Outgoing links
These are links going to different origins than the main page.
Title: DESCARGA
Search URL Search Domain Scan URL
Title: SUSCRIBETE AL CANAL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
10 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
alisstag.com/ |
6 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.css
alisstag.com/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
placeholder.jpg
alisstag.com/assets/ |
143 KB 144 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.js
alisstag.com/ |
150 B 506 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
219 KB 59 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pattern.svg
alisstag.com/assets/ |
232 KB 58 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
330191060170333
connect.facebook.net/signals/config/ |
57 KB 12 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
0 274 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ |
67 B 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
alisstag.com/ |
2 KB 1 KB |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Telegram (Instant Messenger)5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
undefined| event object| fence object| sharedStorage function| fbq function| _fbq1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.alisstag.com/ | Name: _fbp Value: fb.1.1718295286815.367093429632227074 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | upgrade-insecure-requests |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
alisstag.com
connect.facebook.net
www.facebook.com
191.96.144.103
2a02:4780:33:a15b:397b:754b:d3f6:46db
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8
0d6c8ac76c05048d68c5ac8033c527dd3aba97d3d7be91180841a254f626f863
3d70ce95eb1eb78620cc57fe1a6a479e6f2d70508bf813238e573863df000d6e
572bfa84bf6c7be9687331d1a8a80e4a70e82d41b36b0123a3f044ce928325d0
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab16a7a2215f57bb2ee3945d04a0fd6048aa471f779fb48eae4ae95743bcb2d7
c6590609ad4af5d74cab14e6f65109defdded083a175192d8779a038017ba6bb
c91600f122fce7cecedd1739142bc7d7365c1ba9a5af25a7cbf3ebd5965e70c4
d48c327014f4e15c6521e83571beafda6684d574f106fc1e592cbd7916d867a6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855