www.revolutionsfabrics.com
Open in
urlscan Pro
173.236.179.168
Malicious Activity!
Public Scan
Effective URL: https://www.revolutionsfabrics.com/mastercode/?3ca0eb78-018b-41eb-af47-5487a42be40b3ca0eb78-018b-41eb-af47-5487a42be40b3ca0eb78-018...
Submission: On July 18 via manual from US — Scanned from US
Summary
TLS certificate: Issued by R3 on June 18th 2023. Valid for: 3 months.
This is the only time www.revolutionsfabrics.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Tech Support Scam (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 18 | 173.236.179.168 173.236.179.168 | 26347 (DREAMHOST-AS) (DREAMHOST-AS) | |
17 | 1 |
ASN26347 (DREAMHOST-AS, US)
PTR: apache2-zoo.wheels.dreamhost.com
www.revolutionsfabrics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
revolutionsfabrics.com
1 redirects
www.revolutionsfabrics.com |
264 KB |
17 | 1 |
Domain | Requested by | |
---|---|---|
18 | www.revolutionsfabrics.com |
1 redirects
www.revolutionsfabrics.com
|
17 | 1 |
This site contains links to these domains. Also see Links.
Domain |
---|
www6.waybackmachinedownloader.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.revolutionsfabrics.com R3 |
2023-06-18 - 2023-09-16 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.revolutionsfabrics.com/mastercode/?3ca0eb78-018b-41eb-af47-5487a42be40b3ca0eb78-018b-41eb-af47-5487a42be40b3ca0eb78-018b-41eb-af47-5487a42be40b3ca0eb78-018b-41eb-af47-5487a42be40b
Frame ID: AD33CEE45226CD0EA644E5D6170D3A9D
Requests: 17 HTTP requests in this frame
Screenshot
Page Title
Security Center US-Code(ER87545)Page URL History Show full URLs
-
http://www.revolutionsfabrics.com/mastercode/?3ca0eb78-018b-41eb-af47-5487a42be40b3ca0eb78-018b-41eb-af47-5487...
HTTP 301
https://www.revolutionsfabrics.com/mastercode/?3ca0eb78-018b-41eb-af47-5487a42be40b3ca0eb78-018b-41eb-af47-5487... Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Modernizr (JavaScript Libraries) Expand
Detected patterns
- ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Website Downloader
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://www.revolutionsfabrics.com/mastercode/?3ca0eb78-018b-41eb-af47-5487a42be40b3ca0eb78-018b-41eb-af47-5487a42be40b3ca0eb78-018b-41eb-af47-5487a42be40b3ca0eb78-018b-41eb-af47-5487a42be40b
HTTP 301
https://www.revolutionsfabrics.com/mastercode/?3ca0eb78-018b-41eb-af47-5487a42be40b3ca0eb78-018b-41eb-af47-5487a42be40b3ca0eb78-018b-41eb-af47-5487a42be40b3ca0eb78-018b-41eb-af47-5487a42be40b Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
17 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.revolutionsfabrics.com/mastercode/ Redirect Chain
|
16 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
www.revolutionsfabrics.com/mastercode/npm/bootstrap-4.6.0/dist/css/ |
158 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
www.revolutionsfabrics.com/mastercode/ajax/libs/jquery/2.1.3/ |
82 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.css
www.revolutionsfabrics.com/mastercode/werrx01/ |
12 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
www.revolutionsfabrics.com/mastercode/font-awesome/4.5.0/css/ |
27 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg2.jpg
www.revolutionsfabrics.com/mastercode/werrx01/ |
111 KB 112 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
microsoft.png
www.revolutionsfabrics.com/mastercode/werrx01/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
def.png
www.revolutionsfabrics.com/mastercode/werrx01/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cross.png
www.revolutionsfabrics.com/mastercode/werrx01/ |
43 KB 43 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
virus-images.jpg
www.revolutionsfabrics.com/mastercode/werrx01/ |
8 KB 8 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modernizr.min.js
www.revolutionsfabrics.com/mastercode/ajax/libs/modernizr/2.8.3/ |
11 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.bundle.min.js
www.revolutionsfabrics.com/mastercode/npm/bootstrap-4.6.0/dist/js/ |
82 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fullscreen.js
www.revolutionsfabrics.com/mastercode/werrx01/ |
245 B 236 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
before.js
www.revolutionsfabrics.com/mastercode/werrx01/ |
366 B 342 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
www.revolutionsfabrics.com/mastercode/werrx01/ |
1 KB 503 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light.js
www.revolutionsfabrics.com/mastercode/werrx01/ |
503 B 303 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
alert-en.wav
www.revolutionsfabrics.com/mastercode/werrx01/ |
320 KB 0 |
Media
audio/x-wav |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Tech Support Scam (Consumer)15 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| onbeforetoggle object| onscrollend function| $ function| jQuery function| dsasfsdcscnsmndqweqwe string| phone object| html5 object| Modernizr object| bootstrap function| addEvent object| modal object| btn undefined| span function| play0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
www.revolutionsfabrics.com
173.236.179.168
1de36f579aabdcf1cc147dd7158c644f42681f817b6319e4f0620b5a5183307a
2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515
31681779c6f394370dad146169896e9ec2b8f7c716c4b1db78c459033e48bf95
316e6a6737bd296ab30aca2ef7fa36f119d15786a2432d01e31fdc130272f15c
318698ae5e67c32550d6b40ac09848d598f6317f51a8f09638ba925f6e7cc479
3821ef20f5904fdb993e34d87ff8fb9c5786a382efb0eeee8b4f00c91428b701
3b531d403dc8ce7cbb0efb1a0c307cfb2bbaaf21feaff9f3546f13bebda71887
43703d37b8fe2769cb2e12db7aa281dbcca175124d05ff4b0cc3d152534698a4
4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601
948b1331677d0f9991d50376bfba436033c5a9cc5919cf9f74c03424b6f3e342
b0212543cc5a4a0a31c1b5a9d1e8973261992116b4cfde3e7dfcf33b4e81a97b
bc8281081ed9f54b7c24886ab497db0c6e948955a0f6ed784d65755b55c12406
d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe
d5d2eaec4d8f18123d2db3b457a892a5566da301d10ddb3afa85d059c64df7f6
ee4bc5fe81fa7c1e8497d79c9c8a96485df217092d334e9b48fa8840fed11d03
f67bb6a7cdea1e53700121d00a8f09d9b39bb3059cb25bf81f212b75616ab36f