customer-active-info-28573.netlify.app
Open in
urlscan Pro
2a05:d014:275:cb02::c8
Malicious Activity!
Public Scan
Submission: On February 08 via manual — Scanned from DE
Summary
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on January 15th 2024. Valid for: a year.
This is the only time customer-active-info-28573.netlify.app was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
7 | 2a05:d014:275... 2a05:d014:275:cb02::c8 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 2606:4700:20:... 2606:4700:20::ac43:45e2 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
4 | 146.70.101.98 146.70.101.98 | 9009 (M247) (M247) | |
13 | 4 |
ASN16509 (AMAZON-02, US)
customer-active-info-28573.netlify.app |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
netlify.app
customer-active-info-28573.netlify.app |
362 KB |
4 |
flexflex.online
cex.flexflex.online |
828 B |
2 |
ipapi.co
ipapi.co — Cisco Umbrella Rank: 16395 |
2 KB |
13 | 3 |
Domain | Requested by | |
---|---|---|
7 | customer-active-info-28573.netlify.app |
customer-active-info-28573.netlify.app
|
4 | cex.flexflex.online |
customer-active-info-28573.netlify.app
|
2 | ipapi.co |
customer-active-info-28573.netlify.app
|
13 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.netlify.app DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2024-01-15 - 2025-02-14 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-04-16 - 2024-04-15 |
a year | crt.sh |
cex.flexflex.online R3 |
2024-01-29 - 2024-04-28 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://customer-active-info-28573.netlify.app/
Frame ID: D2FC14AA753921C61758F7572934F59D
Requests: 13 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
customer-active-info-28573.netlify.app/ |
881 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.9c17cf71.js
customer-active-info-28573.netlify.app/static/js/ |
245 KB 79 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.58f6b59b.css
customer-active-info-28573.netlify.app/static/css/ |
134 KB 27 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
ipapi.co/json// |
742 B 899 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
shadow
cex.flexflex.online/api/activity/ |
85 B 311 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
shadow
cex.flexflex.online/api/activity/ |
0 0 |
Preflight
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
8 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
metaTextLogo-qbzqabrjfsgixrkm.e8c807fc3bccff5a9b1f.png
customer-active-info-28573.netlify.app/static/media/ |
72 KB 72 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
montserrat-latin-400-normal.acb6629fe45c43ad5d8b.woff2
customer-active-info-28573.netlify.app/static/media/ |
12 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fa-regular-400.b041b1fa4fe241b23445.woff2
customer-active-info-28573.netlify.app/static/media/ |
24 KB 24 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fa-solid-900.b6879d41b0852f01ed5b.woff2
customer-active-info-28573.netlify.app/static/media/ |
147 KB 147 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
form
cex.flexflex.online/api/set_status// |
22 B 255 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
ipapi.co/json// |
742 B 683 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
form
cex.flexflex.online/api/set_status/65c423f01d395ad245b94f13/ |
36 B 262 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| webpackChunkkidazcooirqzcekp0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; includeSubDomains; preload |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cex.flexflex.online
customer-active-info-28573.netlify.app
ipapi.co
146.70.101.98
2606:4700:20::ac43:45e2
2a05:d014:275:cb02::c8
0c865955063fd1f865128672d6b8f896678b5b4a095b17b3bea8367fb0d94c92
169a5477193adcc53deb4cca640528a3ead532b0ae97909a4e02489d2a156549
37ec4665a8102d115ffd1ac20dae94c98b4dac64b0c1a68228aa2a531caeb35d
3a81f99aaef5363691cb6067c2fe3c2b5eea5da386a7f80fcf7eafdd42e90de1
477e9519f7b45fea2ce78efc7aaffcdf63a97548497673a75ba0e42ab3aa524c
5bca00413d504d784b3974bb8d78ec197273152c0e4ce073d51250e69e8ee53c
886c86112a804ef1ddd1cb206af4c8c40e34b73c26652ca231404aa35a6b30d9
9169d8be7a8177e5a92a4d04b6de7f6504b938573bf4da5889871c4f376d3849
9f08f9aa36ea4ff172df15351dcc20bbb604c75ec2ae868203eae517005c82c6
d0d55e09e097c544d9c1d177529229ec3bf1675f2d40f4835f7d687de0bd3d00
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
df225e2081a7072983e096e6c279fd122a56a3f0fbeb288d4a5a3504129aabef