faithproperties-kc.com
Open in
urlscan Pro
64.91.243.96
Malicious Activity!
Public Scan
Submission: On June 02 via automatic, source openphish
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on May 6th 2020. Valid for: 3 months.
This is the only time faithproperties-kc.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Microsoft (Consumer) Office 365 (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
12 | 64.91.243.96 64.91.243.96 | 32244 (LIQUIDWEB) (LIQUIDWEB) | |
11 | 64.58.126.236 64.58.126.236 | 7979 (SERVERS) (SERVERS) | |
26 | 3 |
ASN32244 (LIQUIDWEB, US)
PTR: host.proverbsholdingsllc.com
faithproperties-kc.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
faithproperties-kc.com
faithproperties-kc.com |
167 KB |
11 |
lancheck.net
lancheck.net |
2 KB |
0 |
similardeals.net
Failed
rules.similardeals.net Failed |
|
0 |
urlvalidation.com
Failed
urlvalidation.com Failed ww38.urlvalidation.com Failed |
|
26 | 4 |
Domain | Requested by | |
---|---|---|
12 | faithproperties-kc.com |
faithproperties-kc.com
|
11 | lancheck.net |
faithproperties-kc.com
|
0 | ww38.urlvalidation.com Failed |
faithproperties-kc.com
|
0 | rules.similardeals.net Failed |
faithproperties-kc.com
|
0 | urlvalidation.com Failed |
faithproperties-kc.com
|
26 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
mail.faithproperties-kc.com Let's Encrypt Authority X3 |
2020-05-06 - 2020-08-04 |
3 months | crt.sh |
lancheck.net Let's Encrypt Authority X3 |
2020-05-01 - 2020-07-30 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://faithproperties-kc.com/DHL/email%20extract/email%20extract/index.php
Frame ID: C5136BDDC1939A0E3882599B4FC2FB44
Requests: 26 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
26 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
index.php
faithproperties-kc.com/DHL/email%20extract/email%20extract/ |
6 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
whoami
faithproperties-kc.com/DHL/email%20extract/email%20extract/files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
offff.png
faithproperties-kc.com/DHL/email%20extract/email%20extract/files/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wrdd.png
faithproperties-kc.com/DHL/email%20extract/email%20extract/files/ |
6 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
e.jpg
faithproperties-kc.com/DHL/email%20extract/email%20extract/files/ |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
p.jpg
faithproperties-kc.com/DHL/email%20extract/email%20extract/files/ |
4 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
email-validation.js
faithproperties-kc.com/DHL/email%20extract/email%20extract/files/ |
97 B 485 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
oflog.png
faithproperties-kc.com/DHL/email%20extract/email%20extract/files/ |
63 KB 64 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
5cfd9308c50e4f8ae9.js
faithproperties-kc.com/DHL/email%20extract/email%20extract/files/ |
55 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lnkr5.js
faithproperties-kc.com/DHL/email%20extract/email%20extract/files/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bac.jpg
faithproperties-kc.com/DHL/email%20extract/email%20extract/files/ |
32 KB 33 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mm.jpg
faithproperties-kc.com/DHL/email%20extract/email%20extract/ |
22 KB 22 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
lancheck.net/metric/ |
43 B 229 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
whoami
urlvalidation.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
get
lancheck.net/optout/ |
143 B 355 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
lancheck.net/metric/ |
43 B 229 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
lancheck.net/metric/ |
43 B 229 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
lancheck.net/metric/ |
43 B 229 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
userid
lancheck.net/optout/set/ |
0 262 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
strtm
lancheck.net/optout/set/ |
0 274 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lnkr5.min.js
lancheck.net/addons/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
faithproperties-kc.com
rules.similardeals.net/v1.0/whitelist/1108/49499x1487x/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
lancheck.net/metric/ |
43 B 229 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
lancheck.net/metric/ |
43 B 229 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
lancheck.net/metric/ |
43 B 229 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
whoami
ww38.urlvalidation.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- urlvalidation.com
- URL
- https://urlvalidation.com/whoami?jsonp=func83180
- Domain
- rules.similardeals.net
- URL
- https://rules.similardeals.net/v1.0/whitelist/1108/49499x1487x/faithproperties-kc.com?partnerName=S3.Google%20Translator%20extension&partnerLink=http%3A%2F%2Fthisadsfor.us%2Foptout%3Ft%3D1487%26u%3D49499%26block%3D02d38
- Domain
- ww38.urlvalidation.com
- URL
- http://ww38.urlvalidation.com/whoami?jsonp=func83180
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Microsoft (Consumer) Office 365 (Online)11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| login function| getParm object| __twb__5cfd9308c50e4f8ae9 object| _lnkr5 function| func83180 undefined| __twb_cb_52714347 undefined| __twb_cb_709906901 undefined| __twb_cb_928147117 object| EmailField3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
faithproperties-kc.com/ | Name: FORMLIFT_ID Value: formlift_session_5ed5a1e0a5a825.13382624 |
|
faithproperties-kc.com/ | Name: cookielawinfo-checkbox-non-necessary Value: yes |
|
faithproperties-kc.com/ | Name: cookielawinfo-checkbox-necessary Value: yes |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
faithproperties-kc.com
lancheck.net
rules.similardeals.net
urlvalidation.com
ww38.urlvalidation.com
rules.similardeals.net
urlvalidation.com
ww38.urlvalidation.com
64.58.126.236
64.91.243.96
03513176f7a21c4e8972d213100197b61a69b6ede43d41c7b5aa8bc4e8a41dd5
35a932a9200775e7c0c87f89c1a6abd42c2c2d15731f6be0fc9a6574fe8d0b46
3f2e29d6e4c9b6817cc4e3ffe11cfe3a65119002ec63cfffd84ae3b124727e93
4068f2441ef1e7b31cf1b2f3136f35587b019b03e7e654c7dd0f830296eee8c7
50c7ff69872c51c23a5a9a56e8d3605822f954bc91905a0c4e1e6679bf160cb4
66931e0018716a290916fc0dd8c0b27f61bc9ebf7af61fd1c9ccd85f8334b72b
bef4a86a0b251bdd22f59e356f0a5732985dd02e964a3a4a7dc6fafb91e4b8f3
cd42289aab4fb809b361a2f145bec73f23a8c043c6141be417baca5487f94f5a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d8747ec2f7f2781e5544af558f8a56bd18bbe9f50579d7efba243d109d66f31c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c0710c694c897b0bedb91ad70b7eb405cb3b4bc37d767f7d62a6cb9b1c0154
f775aefa9e23f87c9b4d8356a518b802367abdd09c17578ac173174d7fc66773
fcacbe9443312a9ae8d582068921b00a14781c675024452286f2a14b0373b12d