www.arreciferesortsvacations.com
Open in
urlscan Pro
193.108.118.229
Malicious Activity!
Public Scan
Effective URL: https://www.arreciferesortsvacations.com/-/www.labanquepostale.fr-0109910192102/hBKbfCgr6w7r545/
Submission: On December 22 via manual from FR
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on November 10th 2020. Valid for: 3 months.
This is the only time www.arreciferesortsvacations.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Banque Postale (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 158.58.186.50 158.58.186.50 | 57497 (FARASOSAM...) (FARASOSAMANEHPASARGAD) | |
1 | 2606:4700::68... 2606:4700::6810:a723 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 21 | 193.108.118.229 193.108.118.229 | 61003 (GLOBALTEL...) (GLOBALTELEHOST) | |
1 | 2a04:4e42:1b:... 2a04:4e42:1b::621 | 54113 (FASTLY) (FASTLY) | |
2 | 2a00:1450:400... 2a00:1450:4001:814::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2606:4700::68... 2606:4700::6812:1734 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
7 | 2606:4700:e6:... 2606:4700:e6::ac40:ca1c | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
32 | 7 |
ASN57497 (FARASOSAMANEHPASARGAD, IR)
PTR: cp100.servercap.com
speakingperfect.com |
ASN61003 (GLOBALTELEHOST, DE)
PTR: cp.hostingclickpanda.com
www.arreciferesortsvacations.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
21 |
arreciferesortsvacations.com
2 redirects
www.arreciferesortsvacations.com |
801 KB |
8 |
fontawesome.com
kit.fontawesome.com ka-f.fontawesome.com |
101 KB |
2 |
googleapis.com
ajax.googleapis.com |
63 KB |
1 |
jsdelivr.net
cdn.jsdelivr.net |
24 KB |
1 |
cloudflare.com
ajax.cloudflare.com |
2 KB |
1 |
speakingperfect.com
speakingperfect.com |
956 B |
32 | 6 |
Domain | Requested by | |
---|---|---|
21 | www.arreciferesortsvacations.com |
2 redirects
www.arreciferesortsvacations.com
|
7 | ka-f.fontawesome.com |
kit.fontawesome.com
www.arreciferesortsvacations.com |
2 | ajax.googleapis.com |
www.arreciferesortsvacations.com
|
1 | kit.fontawesome.com |
www.arreciferesortsvacations.com
|
1 | cdn.jsdelivr.net |
www.arreciferesortsvacations.com
|
1 | ajax.cloudflare.com |
speakingperfect.com
|
1 | speakingperfect.com | |
32 | 7 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
speakingperfect.com Let's Encrypt Authority X3 |
2020-10-21 - 2021-01-19 |
3 months | crt.sh |
ajax.cloudflare.com DigiCert ECC Secure Server CA |
2020-08-11 - 2022-08-16 |
2 years | crt.sh |
arreciferesortsvacation.maber.com.co cPanel, Inc. Certification Authority |
2020-11-10 - 2021-02-08 |
3 months | crt.sh |
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3 |
2020-10-26 - 2021-04-17 |
6 months | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-11-10 - 2021-02-02 |
3 months | crt.sh |
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1 |
2020-11-13 - 2021-12-14 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-10-13 - 2021-10-12 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.arreciferesortsvacations.com/-/www.labanquepostale.fr-0109910192102/hBKbfCgr6w7r545/
Frame ID: 4800B24AB0996FC2BF3AC537FBABE828
Requests: 29 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://speakingperfect.com/contact-us/ Page URL
-
https://www.arreciferesortsvacations.com/-/www.labanquepostale.fr-0109910192102/
HTTP 302
https://www.arreciferesortsvacations.com/-/www.labanquepostale.fr-0109910192102/hBKbfCgr6w7r545 HTTP 301
https://www.arreciferesortsvacations.com/-/www.labanquepostale.fr-0109910192102/hBKbfCgr6w7r545/ Page URL
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://speakingperfect.com/contact-us/ Page URL
-
https://www.arreciferesortsvacations.com/-/www.labanquepostale.fr-0109910192102/
HTTP 302
https://www.arreciferesortsvacations.com/-/www.labanquepostale.fr-0109910192102/hBKbfCgr6w7r545 HTTP 301
https://www.arreciferesortsvacations.com/-/www.labanquepostale.fr-0109910192102/hBKbfCgr6w7r545/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
32 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
speakingperfect.com/contact-us/ |
741 B 956 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cloudflare.min.js
ajax.cloudflare.com/cdn-cgi/nexp/dok3v=fb690a32f5/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
/
www.arreciferesortsvacations.com/-/www.labanquepostale.fr-0109910192102/hBKbfCgr6w7r545/ Redirect Chain
|
11 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ |
157 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style_001.css
www.arreciferesortsvacations.com/-/www.labanquepostale.fr-0109910192102/hBKbfCgr6w7r545/sourcApp/css/ |
2 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style_002.css
www.arreciferesortsvacations.com/-/www.labanquepostale.fr-0109910192102/hBKbfCgr6w7r545/sourcApp/css/ |
5 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ |
87 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
00ce2dd051.js
kit.fontawesome.com/ |
10 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ |
94 KB 33 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
keybord.js
www.arreciferesortsvacations.com/-/www.labanquepostale.fr-0109910192102/hBKbfCgr6w7r545/sourcApp/js/ |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
validation.js
www.arreciferesortsvacations.com/-/www.labanquepostale.fr-0109910192102/hBKbfCgr6w7r545/sourcApp/js/ |
511 B 833 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
aftrmovil.png
www.arreciferesortsvacations.com/-/www.labanquepostale.fr-0109910192102/hBKbfCgr6w7r545/sourcApp/img/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lolbp.png
www.arreciferesortsvacations.com/-/www.labanquepostale.fr-0109910192102/hBKbfCgr6w7r545/sourcApp/img/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
connecter.png
www.arreciferesortsvacations.com/-/www.labanquepostale.fr-0109910192102/hBKbfCgr6w7r545/sourcApp/img/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
contact.png
www.arreciferesortsvacations.com/-/www.labanquepostale.fr-0109910192102/hBKbfCgr6w7r545/sourcApp/img/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
shearch.png
www.arreciferesortsvacations.com/-/www.labanquepostale.fr-0109910192102/hBKbfCgr6w7r545/sourcApp/img/ |
448 B 738 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
box_taht_1.png
www.arreciferesortsvacations.com/-/www.labanquepostale.fr-0109910192102/hBKbfCgr6w7r545/sourcApp/img/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
box_taht_2.png
www.arreciferesortsvacations.com/-/www.labanquepostale.fr-0109910192102/hBKbfCgr6w7r545/sourcApp/img/ |
22 KB 22 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
box_taht_3.png
www.arreciferesortsvacations.com/-/www.labanquepostale.fr-0109910192102/hBKbfCgr6w7r545/sourcApp/img/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
box_taht1_1.png
www.arreciferesortsvacations.com/-/www.labanquepostale.fr-0109910192102/hBKbfCgr6w7r545/sourcApp/img/ |
6 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
box_taht1_2.png
www.arreciferesortsvacations.com/-/www.labanquepostale.fr-0109910192102/hBKbfCgr6w7r545/sourcApp/img/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
box_taht1_3.png
www.arreciferesortsvacations.com/-/www.labanquepostale.fr-0109910192102/hBKbfCgr6w7r545/sourcApp/img/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
box_taht2_1.png
www.arreciferesortsvacations.com/-/www.labanquepostale.fr-0109910192102/hBKbfCgr6w7r545/sourcApp/img/ |
13 KB 14 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
box_taht2_2.png
www.arreciferesortsvacations.com/-/www.labanquepostale.fr-0109910192102/hBKbfCgr6w7r545/sourcApp/img/ |
107 KB 107 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
free.min.css
ka-f.fontawesome.com/releases/v5.15.1/css/ |
0 0 |
Other
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
free-v4-shims.min.css
ka-f.fontawesome.com/releases/v5.15.1/css/ |
0 0 |
Other
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v5.15.1/css/ |
0 0 |
Other
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
free.min.css
ka-f.fontawesome.com/releases/v5.15.1/css/ |
59 KB 13 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
free-v4-shims.min.css
ka-f.fontawesome.com/releases/v5.15.1/css/ |
26 KB 4 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v5.15.1/css/ |
3 KB 1 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Lato-Regular.ttf
www.arreciferesortsvacations.com/-/www.labanquepostale.fr-0109910192102/hBKbfCgr6w7r545/sourcApp/css/ |
593 KB 594 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v5.15.1/webfonts/ |
78 KB 79 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Banque Postale (Banking)28 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| FontAwesomeKitConfig function| myFunction function| run1 function| run2 function| run3 function| run4 function| run5 function| run6 function| run7 function| run8 function| run9 function| run0 function| runC function| reset function| validateForm function| doSomething function| toggle1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.arreciferesortsvacations.com/ | Name: PHPSESSID Value: fd34880476506f98cc454a1c8d9000c1 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.cloudflare.com
ajax.googleapis.com
cdn.jsdelivr.net
ka-f.fontawesome.com
kit.fontawesome.com
speakingperfect.com
www.arreciferesortsvacations.com
158.58.186.50
193.108.118.229
2606:4700::6810:a723
2606:4700::6812:1734
2606:4700:e6::ac40:ca1c
2a00:1450:4001:814::200a
2a04:4e42:1b::621
01a8d61bd9bb710ec94faf399b0fd995ccbac02771968c87d00df45321595a2d
089ab6d4a57e0e6c4dd3b681b6fd50a5184f1b902429d35e1227e52d6ccad1bd
13e48a89992f52969b0363b76fe548c59d3039e1edacc6fbe78c3e6561f146f0
150b30cd159d5f5f4f8c7e5ce0beec22bc886fa212b520e14bc769023cbc1afc
2af5450871d6f92d9fa0c83a79fbc445c9830090f58df5a948f0450431ff88eb
2b08bf78ba963982f481f87a9d9aadf17a7d3c002a6d314bb191d8a78b448edc
41b810ed107a60ca48688f056565e52af1526cbfafccddc83d5111b6e9159d6a
4f02bd6f018d6f08c37c39f2d114101beac342c2c065046635e5ed0c42853590
639465452c363685396e4e8ffb8eea5b8d41fdde91a029e38b7c2c64d3e24d6d
6c2ecc8d8ed497ccfd5de46495d86ec26eb29234a7b65a48cb3bb60ea1519a0a
6c7e4b6c9650fdaefbcc1e21c48c96c08475006aa8768064433838d96c003a7b
782ec07fa257e33016dca0904c46c85d0f984c8f7120d44189109af11a8c5353
79d1744b3148a4b7265a9d2006eb1f6b72fda68490c398e380cb0692aeb8c5e5
8aab31c4f28faa802abb0b458bfa797d83b6fe2388d8aa1fa0396b89a6bf5224
8d0592af66203852ee36bca8f3becc16a7243e2e706bee0c57d627fa0bcaac2c
9e14d04c5c81aa6b3ec72bd9ca02302cc03c9c6f7969f6b39988724a91eb8050
a2d63fc7075567338dbd73ace243ffbbf3757b15699c56d4eee701b3413f31a0
ac9c0a24a434bd8edd82af5a334fbbc5d1983a4137fb97ad90c2a8b2cbbc47e6
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
b581327920e94c6db70647af17178ddca6ecf0c6c0a4e7ccf1b676c5a8a9163b
be872753d3347a204c0a0b2c92dab158b83916c05468e3690b7a6528f0ad5592
c1db7ba5569b038ba42dc0a1621d34fa602f4857620f70e923ffeb494d5a5338
cfff9ea502195a7b96fe38deca9188a59b758deeecc2cd4e78aea7d911e638c6
ddfd781e8b707474cf3ebb0316f82992afc38ecb5992ab45a217c51ad3019cbe
e48c0bc1694c8079c542fc77cee379e84f41c956f39152f3413f372394e48945
f53aaa273d126514f3b23335daf69b6f7833c21c911de2ac7049e3cb286af9ea
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fdedea06a6330b6d9c2c7eeb2c4b6218b498a7b45d7a0aeffe743f7347b9ea6e