![](/screenshots/014f963b-7c31-4957-992e-ea53d46ccf28.png)
fcrims.com
Open in
urlscan Pro
209.205.123.178
Malicious Activity!
Public Scan
Effective URL: http://fcrims.com/HOX/wetransfer/index.php
Submission: On August 23 via automatic, source openphish
Summary
This is the only time fcrims.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: WeTransfer (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 2 | 209.205.123.178 209.205.123.178 | 7979 (SERVERS) (SERVERS - Servers.com) | |
14 | 13.35.253.116 13.35.253.116 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
6 | 2.18.232.7 2.18.232.7 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
1 | 151.101.113.140 151.101.113.140 | 54113 (FASTLY) (FASTLY - Fastly) | |
1 | 2a02:26f0:6c0... 2a02:26f0:6c00:28c::25ea | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
4 | 2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
2 | 2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
1 | 2a00:1450:400... 2a00:1450:4001:814::200e | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 | 2600:9000:205... 2600:9000:2057:6c00:6:bbf2:440:21 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
2 | 2a00:1450:400... 2a00:1450:4001:81a::2008 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 13.35.253.49 13.35.253.49 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
4 | 2a05:f500:11:... 2a05:f500:11:101::b93f:9005 | 14413 (LINKEDIN) (LINKEDIN - LinkedIn Corporation) | |
1 | 3.225.77.184 3.225.77.184 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
57 | 14 |
ASN7979 (SERVERS - Servers.com, Inc., US)
PTR: srv.emaginationz.net
fcrims.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-253-116.fra6.r.cloudfront.net
prod-cdn.wetransfer.net |
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com
p.teads.tv | |
t.teads.tv |
ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net |
ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com |
ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
d19ptbnuzhibkh.cloudfront.net |
ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-253-49.fra6.r.cloudfront.net
backgrounds.wetransfer.net |
ASN14413 (LINKEDIN - LinkedIn Corporation, US)
px.ads.linkedin.com | |
dc.ads.linkedin.com |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-3-225-77-184.compute-1.amazonaws.com
alb.reddit.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
wetransfer.net
prod-cdn.wetransfer.net backgrounds.wetransfer.net |
357 KB |
6 |
teads.tv
p.teads.tv t.teads.tv |
4 KB |
4 |
linkedin.com
px.ads.linkedin.com dc.ads.linkedin.com |
776 B |
4 |
facebook.net
connect.facebook.net |
163 KB |
2 |
googletagmanager.com
www.googletagmanager.com |
51 KB |
2 |
cloudfront.net
d19ptbnuzhibkh.cloudfront.net |
59 KB |
2 |
facebook.com
www.facebook.com |
423 B |
2 |
fcrims.com
1 redirects
fcrims.com |
100 KB |
1 |
reddit.com
alb.reddit.com |
316 B |
1 |
google-analytics.com
www.google-analytics.com |
17 KB |
1 |
licdn.com
snap.licdn.com |
5 KB |
1 |
redditstatic.com
www.redditstatic.com |
5 KB |
0 |
adnxs.com
Failed
secure.adnxs.com Failed |
|
0 |
amazon-adsystem.com
Failed
s.amazon-adsystem.com Failed |
|
0 |
doubleclick.net
Failed
ad.doubleclick.net Failed |
|
0 |
adzerk.net
Failed
e-10220.adzerk.net Failed |
|
0 |
stripe.com
Failed
js.stripe.com Failed |
|
57 | 17 |
Domain | Requested by | |
---|---|---|
14 | prod-cdn.wetransfer.net |
fcrims.com
|
5 | t.teads.tv |
fcrims.com
p.teads.tv |
4 | connect.facebook.net |
fcrims.com
connect.facebook.net |
2 | dc.ads.linkedin.com |
fcrims.com
|
2 | px.ads.linkedin.com |
fcrims.com
snap.licdn.com |
2 | www.googletagmanager.com |
fcrims.com
|
2 | d19ptbnuzhibkh.cloudfront.net |
fcrims.com
|
2 | www.facebook.com |
fcrims.com
|
2 | fcrims.com | 1 redirects |
1 | alb.reddit.com |
fcrims.com
|
1 | backgrounds.wetransfer.net |
fcrims.com
|
1 | www.google-analytics.com |
fcrims.com
|
1 | snap.licdn.com |
fcrims.com
|
1 | www.redditstatic.com |
fcrims.com
|
1 | p.teads.tv |
fcrims.com
|
0 | secure.adnxs.com Failed |
fcrims.com
|
0 | s.amazon-adsystem.com Failed |
fcrims.com
|
0 | ad.doubleclick.net Failed |
fcrims.com
|
0 | e-10220.adzerk.net Failed |
fcrims.com
|
0 | js.stripe.com Failed |
fcrims.com
|
57 | 20 |
This site contains links to these domains. Also see Links.
Domain |
---|
wetransfer.zendesk.com |
wetransfer.pr.co |
wetransfer.homerun.co |
twitter.com |
www.facebook.com |
www.instagram.com |
www.youtube.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
wetransfer.net Amazon |
2018-08-28 - 2019-09-28 |
a year | crt.sh |
teads.tv Let's Encrypt Authority X3 |
2019-08-22 - 2019-11-20 |
3 months | crt.sh |
*.reddit.com DigiCert SHA2 Secure Server CA |
2018-08-17 - 2020-09-02 |
2 years | crt.sh |
*.licdn.com DigiCert SHA2 Secure Server CA |
2019-04-01 - 2021-05-07 |
2 years | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2019-06-06 - 2019-09-04 |
3 months | crt.sh |
*.google-analytics.com Google Internet Authority G3 |
2019-07-29 - 2019-10-21 |
3 months | crt.sh |
*.cloudfront.net DigiCert Global CA G2 |
2018-10-08 - 2019-10-09 |
a year | crt.sh |
1970-01-01 - 1970-01-01 |
a few seconds | crt.sh | |
px.ads.linkedin.com DigiCert SHA2 Secure Server CA |
2019-05-29 - 2021-06-29 |
2 years | crt.sh |
ads.linkedin.com DigiCert SHA2 Secure Server CA |
2019-06-20 - 2021-06-24 |
2 years | crt.sh |
alb.reddit.com Amazon |
2019-05-20 - 2020-06-20 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
http://fcrims.com/HOX/wetransfer/index.php
Frame ID: 8AF3F6A929C630F51D645AE36A75EFC6
Requests: 55 HTTP requests in this frame
Frame:
https://backgrounds.wetransfer.net/squarespace/1906/static3_us_v1/index.html?_origin=https://wetransfer.com
Frame ID: B62B1C9CF32B5B7C0A78B1FF1A140A6E
Requests: 1 HTTP requests in this frame
Frame:
https://js.stripe.com/v2/m/outer.html
Frame ID: 9062257A9AF07A62A6198CBA9B1AF663
Requests: 1 HTTP requests in this frame
Screenshot
![](/screenshots/014f963b-7c31-4957-992e-ea53d46ccf28.png)
Page Title
Sign in | WeTransfer PlusPage URL History Show full URLs
-
https://fcrims.com/HOX/wetransfer/index.php
HTTP 301
http://fcrims.com/HOX/wetransfer/index.php Page URL
Detected technologies
Detected patterns
- url /\.php(?:$|\?)/i
![](/vendor/wappa/icons/Ruby.png)
Detected patterns
- meta csrf-param /^authenticity_token$/i
![](/vendor/wappa/icons/Ruby on Rails.png)
Detected patterns
- meta csrf-param /^authenticity_token$/i
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
![](/vendor/wappa/icons/Stripe.png)
Detected patterns
- script /js\.stripe\.com/i
Detected patterns
- script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Page Statistics
7 Outgoing links
These are links going to different origins than the main page.
Title: help center
Search URL Search Domain Scan URL
Title: Press
Search URL Search Domain Scan URL
Title: Jobs
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://fcrims.com/HOX/wetransfer/index.php
HTTP 301
http://fcrims.com/HOX/wetransfer/index.php Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
57 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
index.php
fcrims.com/HOX/wetransfer/ Redirect Chain
|
99 KB 99 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
application-798736d5a34a2a124207a400221740795cd13d58d9339b8da45939bdd404204a.css
prod-cdn.wetransfer.net/assets/ |
404 KB 51 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
teads-fellow.js
p.teads.tv/ |
3 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pixel.js
www.redditstatic.com/ads/ |
14 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
insight.min.js
snap.licdn.com/li.lms-analytics/ |
15 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
inferredEvents.js
connect.facebook.net/signals/plugins/ |
1 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
366994960833481
connect.facebook.net/signals/config/ |
228 KB 60 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
88 KB 23 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
facebook-analytics-3c4e80540b122f8288a6c3039a1155d5fdd68e80c752bd2b0502d1f57c9028c8.js
prod-cdn.wetransfer.net/assets/vendor/ |
560 B 925 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
linkedin-analytics-4905767068f3be51b0ec9fb360af991bc6732a4b8470ce292759879a8e1072cd.js
prod-cdn.wetransfer.net/assets/vendor/ |
465 B 832 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
reddit-analytics-3c89cf71ef5b980e555c5598916472f7ed959a697b2dc5c3c98e551636b6f1e7.js
prod-cdn.wetransfer.net/assets/vendor/ |
499 B 865 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
teads-analytics-1eef9039a58a26e87a46c11916cd341feaa2a0cbdcb40deb8576a9cf8f96b74d.js
prod-cdn.wetransfer.net/assets/vendor/ |
341 B 706 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wallpaper-1ad1c6435498594bfe2e.css
prod-cdn.wetransfer.net/assets/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wallpaper-ccf4f9da48e2a38b8fca.js
prod-cdn.wetransfer.net/assets/ |
22 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
js.stripe.com/v3/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
FaktProWeb-Normal-8468a6ca1e0907b839ebc6e8899b4dd39b386b7cfa33743da1ffb30a68c924f6.woff
prod-cdn.wetransfer.net/assets/faktpro/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
valid-icon-1be9d774889ce0ad45a84a3159589b9676acdd9e51d7b58c9c59152ca9be3ca4.svg
prod-cdn.wetransfer.net/assets/ |
218 B 577 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
globe-38209c8fb7d72a610b8354aebf269c82a0bcb7a03eeee94a4f64193e671db2b1.svg
prod-cdn.wetransfer.net/assets/ |
841 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
FaktProWeb-Medium-fd3bbe8c665638bbd898d20dbf232f1bac9d2b11c31eefc006370f43ee8f1994.woff
prod-cdn.wetransfer.net/assets/faktpro/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
GT-Super-Display-Super-03324b6c6896c0cafba1e645929cd5db604ad23109457cb8c7a5020dc5118533.woff
prod-cdn.wetransfer.net/assets/gtsuper/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
FreightSans-Pro-Medium-688ccadb090cbe2e1fabae9933cd09d9fd9d0613099b04c8dda35afdae6f51ad.woff
prod-cdn.wetransfer.net/assets/freightsans/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
FreightSans-Pro-Semibold-054b231d728f2c6bd02c7fcac7adf79475e47cc8a9509a94bd727a25603c8781.woff
prod-cdn.wetransfer.net/assets/freightsans/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
366994960833481
connect.facebook.net/signals/config/ |
307 KB 78 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 324 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
i.gif
e-10220.adzerk.net/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
B22121483.248412111;dc_trk_aid=444538517;dc_trk_cid=117047657;ord=1563196800286;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
ad.doubleclick.net/ddm/trackimp/N718679.288861WETRANSFER.COM/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
43 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sp.js
d19ptbnuzhibkh.cloudfront.net/2.10.2/ |
96 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
93 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en-e110aeec4b20734af477979b4229c2328bf57cff1609f1dbc6ff582210c938f3.js
prod-cdn.wetransfer.net/assets/locale/ |
103 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.html
backgrounds.wetransfer.net/squarespace/1906/static3_us_v1/ Frame B62B |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
advertising-af72fc2e53268ff36ec4fb73e4dd756c514c393eaf213d8c2dbe527c72494405.js
prod-cdn.wetransfer.net/assets/ |
346 B 710 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gtm.js
www.googletagmanager.com/ |
87 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sp.js
d19ptbnuzhibkh.cloudfront.net/2.10.2/ |
96 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runtime.es6-9dd46307a890886ab385.js
prod-cdn.wetransfer.net/assets/ |
5 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor.es6-4aceda1b2cc5ce7014f0.js
prod-cdn.wetransfer.net/assets/ |
353 KB 110 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
application.es6-b97a777d2ad5492311e1.js
prod-cdn.wetransfer.net/assets/ |
573 KB 151 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
iui3
s.amazon-adsystem.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
px
secure.adnxs.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
px.ads.linkedin.com/collect/ |
0 359 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
track
t.teads.tv/ |
23 B 157 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
track
t.teads.tv/ |
23 B 157 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
iui3
s.amazon-adsystem.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
px
secure.adnxs.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
iui3
s.amazon-adsystem.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
px
secure.adnxs.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
dc.ads.linkedin.com/collect/ |
43 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
iui3
s.amazon-adsystem.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
px
secure.adnxs.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
dc.ads.linkedin.com/collect/ |
43 B 217 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 99 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
outer.html
js.stripe.com/v2/m/ Frame 9062 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
px.ads.linkedin.com/collect/ |
0 93 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rp.gif
alb.reddit.com/ |
35 B 316 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
track
t.teads.tv/ |
23 B 157 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
track
t.teads.tv/ |
23 B 157 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
track
t.teads.tv/ |
23 B 157 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- js.stripe.com
- URL
- https://js.stripe.com/v3/
- Domain
- prod-cdn.wetransfer.net
- URL
- https://prod-cdn.wetransfer.net/assets/faktpro/FaktProWeb-Normal-8468a6ca1e0907b839ebc6e8899b4dd39b386b7cfa33743da1ffb30a68c924f6.woff
- Domain
- prod-cdn.wetransfer.net
- URL
- https://prod-cdn.wetransfer.net/assets/faktpro/FaktProWeb-Medium-fd3bbe8c665638bbd898d20dbf232f1bac9d2b11c31eefc006370f43ee8f1994.woff
- Domain
- prod-cdn.wetransfer.net
- URL
- https://prod-cdn.wetransfer.net/assets/gtsuper/GT-Super-Display-Super-03324b6c6896c0cafba1e645929cd5db604ad23109457cb8c7a5020dc5118533.woff
- Domain
- prod-cdn.wetransfer.net
- URL
- https://prod-cdn.wetransfer.net/assets/freightsans/FreightSans-Pro-Medium-688ccadb090cbe2e1fabae9933cd09d9fd9d0613099b04c8dda35afdae6f51ad.woff
- Domain
- prod-cdn.wetransfer.net
- URL
- https://prod-cdn.wetransfer.net/assets/freightsans/FreightSans-Pro-Semibold-054b231d728f2c6bd02c7fcac7adf79475e47cc8a9509a94bd727a25603c8781.woff
- Domain
- e-10220.adzerk.net
- URL
- https://e-10220.adzerk.net/i.gif?e=eyJ2IjoiMS4xIiwiYXYiOjQyODc1OCwiYXQiOjk1OSwiYnQiOjAsImNtIjo5MDM0ODAsImNoIjozNDkwMiwiY2siOnt9LCJjciI6OTgwNDA0MSwiZGkiOiI4N2ZlNWRmMjBkNTM0ZTNjYmQ0ZDNiYmZlZjk2MDA4OCIsImRqIjowLCJpaSI6IjVkOTM1MTJjNWM1OTQ0ZWRhNDI3NTVlNGFhZTg1NmM2IiwiZG0iOjMsImZjIjoxMjcyNTc0NCwiZmwiOjg2NTM2OTksImlwIjoiOTYuMTI1LjE3Mi4xNyIsIm53IjoxMDIyMCwicGMiOjAsImVjIjowLCJwciI6MTQ5Njg2LCJydCI6MSwicnMiOjUwMCwic2EiOiI4Iiwic2IiOiJpLTBhZWI3ZTYxNGI4NjUxZDMyIiwic3AiOjEwNzIzLCJzdCI6MTA1NTkyMiwidWsiOiJ1ZTEtNTZiZjkyYjgwZjAxNDE1ZmJjNWMyNDUwM2ZmZWQwZWIiLCJ6biI6MTk5MDcyLCJ0cyI6MTU2MzE5NjgwMDI5MSwicG4iOiJpZnJhbWUiLCJnYyI6dHJ1ZSwiZ3MiOiJub25lIiwiZGMiOjEsImJhIjoxLCJmcSI6MH0&s=Ta9aD-ymeJUkb4xCNqYvbNHuqrk
- Domain
- ad.doubleclick.net
- URL
- https://ad.doubleclick.net/ddm/trackimp/N718679.288861WETRANSFER.COM/B22121483.248412111;dc_trk_aid=444538517;dc_trk_cid=117047657;ord=1563196800286;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
- Domain
- s.amazon-adsystem.com
- URL
- https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3D09b5c57a-b58c-454a-3153-26d18d0aad39%26type%3D4%26m%3D1&ex-fch=416613&ex-src=https://wetransfer.com/&ex-hargs=v%3D1.0%3Bc%3D8949843630001%3Bp%3D09B5C57A-B58C-454A-3153-26D18D0AAD39
- Domain
- secure.adnxs.com
- URL
- https://secure.adnxs.com/px?id=1127313&seg=18312187&t=2
- Domain
- s.amazon-adsystem.com
- URL
- https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3Dea284ae4-21d3-b221-b4fa-a24e0eb94ed7%26type%3D4%26m%3D1&ex-fch=416613&ex-src=https://wetransfer.com/&ex-hargs=v%3D1.0%3Bc%3D8949843630001%3Bp%3DEA284AE4-21D3-B221-B4FA-A24E0EB94ED7
- Domain
- secure.adnxs.com
- URL
- https://secure.adnxs.com/px?id=1127311&seg=18312130&t=2
- Domain
- s.amazon-adsystem.com
- URL
- https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3D78cbb9c1-227b-b4ae-a0f3-b131a0c3761b%26type%3D21%26m%3D1&ex-fch=416613&ex-src=https://wetransfer.com/&ex-hargs=v%3D1.0%3Bc%3D8949843630001%3Bp%3D78CBB9C1-227B-B4AE-A0F3-B131A0C3761B
- Domain
- secure.adnxs.com
- URL
- https://secure.adnxs.com/px?id=1121979&seg=18137116&t=2
- Domain
- s.amazon-adsystem.com
- URL
- https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3D25cb0003-6c81-cce3-b67d-aed905a1b3f2%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://wetransfer.com/&ex-hargs=v%3D1.0%3Bc%3D8949843630001%3Bp%3D25CB0003-6C81-CCE3-B67D-AED905A1B3F2
- Domain
- secure.adnxs.com
- URL
- https://secure.adnxs.com/px?id=1121968&seg=18137055&t=2
- Domain
- js.stripe.com
- URL
- https://js.stripe.com/v2/m/outer.html
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: WeTransfer (Online)40 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| webpackJsonp function| fbq function| _fbq function| rdt object| teads_e number| teads_adv_id string| _linkedin_partner_id object| _linkedin_data_partner_ids object| google_tag_data function| ga object| gaplugins object| google_tag_manager object| dataLayer function| _typeof object| _snaq object| Snowplow object| _i18n_ object| __app_settings__ object| __session__ object| __manifest__ object| Wallpapers string| id object| GlobalSnowplowNamespace function| __snowplow__ undefined| __trackjs__ object| __recaptcha__ object| recaptchaOptions object| __feature_flags__ object| __launch_darkly__ object| __curated_wallpapers__ boolean| __ads_enabled__ string| __webpack_public_path__ function| assetFailed function| writeScripts function| requiresPolyfill function| supportsModules object| __stripe__ function| _bizo_local_logger function| _bizo_fire_partners boolean| _bizo_main_already_called0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ad.doubleclick.net
alb.reddit.com
backgrounds.wetransfer.net
connect.facebook.net
d19ptbnuzhibkh.cloudfront.net
dc.ads.linkedin.com
e-10220.adzerk.net
fcrims.com
js.stripe.com
p.teads.tv
prod-cdn.wetransfer.net
px.ads.linkedin.com
s.amazon-adsystem.com
secure.adnxs.com
snap.licdn.com
t.teads.tv
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.redditstatic.com
ad.doubleclick.net
e-10220.adzerk.net
js.stripe.com
prod-cdn.wetransfer.net
s.amazon-adsystem.com
secure.adnxs.com
13.35.253.116
13.35.253.49
151.101.113.140
2.18.232.7
209.205.123.178
2600:9000:2057:6c00:6:bbf2:440:21
2a00:1450:4001:814::200e
2a00:1450:4001:81a::2008
2a02:26f0:6c00:28c::25ea
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a05:f500:11:101::b93f:9005
3.225.77.184
075db3e8bde7501b9da7959f163c65598833cb1273a4b73d1e3800a8a0d6c82e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1772bb9221cb908badb4c99fa3eab2f23b638e14f72125673fe8394681bf4d32
1be9d774889ce0ad45a84a3159589b9676acdd9e51d7b58c9c59152ca9be3ca4
1eef9039a58a26e87a46c11916cd341feaa2a0cbdcb40deb8576a9cf8f96b74d
2ca958689429e734052ad6b53c54a617d9d334eaf35237335141dad8c0013366
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
38209c8fb7d72a610b8354aebf269c82a0bcb7a03eeee94a4f64193e671db2b1
3c4e80540b122f8288a6c3039a1155d5fdd68e80c752bd2b0502d1f57c9028c8
3c89cf71ef5b980e555c5598916472f7ed959a697b2dc5c3c98e551636b6f1e7
445f4a6c96be8b6372a00594ce71cdd966a8bff18e22c77b19ae1fefaed60f7e
4905767068f3be51b0ec9fb360af991bc6732a4b8470ce292759879a8e1072cd
6033567e60fcf80a1d846c04316b50651ceeb240f8892026dd0408b5b32e16e0
6348aeedf6126a2510e9f0e6156b2dc39f35bd8392bd0e972df0ec6300cb26ea
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3
6f8a36b1606e48a1b4a359bc885da2862692b80de7a24ccfd34f4ee63d5d113c
70b10a8bab69ef394c589b49395ea655dfb836fb8c104a148482b8845f6da1cf
881dcf88de24289027876bd110ce4fc8c72bf17a2fefe8e96516ed4390940794
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
9f905e7a2386d59358307157caee47c68af62c4411fa9f9dc683110af8a2635a
a28c4615675bf3b8c74db946fb754c722fd40bf78543e0bdd7190049ed35b973
af72fc2e53268ff36ec4fb73e4dd756c514c393eaf213d8c2dbe527c72494405
bc9cef10d07e8da3ce80181de07a056414731f86e0dc12e2c81d652b28ac770b
cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e
cfb93aa4573986ac32a60e8ccd84b3d51f3a30e147a86b137206492dbddb3a5e
d9a9b2a15666ace13ce304e0a34baaa8a82ce5bc9d01480872869c9871dc552c
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e110aeec4b20734af477979b4229c2328bf57cff1609f1dbc6ff582210c938f3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f15f778cd39043a166a29f654b1191bc6fbf8043a8cc3477c42764b14b919dec
fe443886fce389cef13cb63370f1f902c18dd095381a690b1f614449b2d95fb8