customer-active-info-28573.netlify.app Open in urlscan Pro
2a05:d014:275:cb02::c8 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://customer-active-info-28573.netlify.app/
Submission: On February 08 via manual (February 8th 2024, 12:44:34 am UTC) — Scanned from DE

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 13 HTTP transactions. The main IP is 2a05:d014:275:cb02::c8, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is customer-active-info-28573.netlify.app.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on January 15th 2024. Valid for: a year.

This is the only time customer-active-info-28573.netlify.app was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

	IP Address	AS Autonomous System
7	2a05:d014:275... 2a05:d014:275:cb02::c8	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::ac43:45e2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	146.70.101.98 146.70.101.98	9009 (M247) (M247)
13	4

7 2a05:d014:275:cb02::c8 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

customer-active-info-28573.netlify.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:45e2 (United States)

ASN13335 (CLOUDFLARENET, US)

ipapi.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 146.70.101.98 (Frankfurt am Main, Germany)

ASN9009 (M247, RO)

cex.flexflex.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	netlify.app customer-active-info-28573.netlify.app	362 KB
4	flexflex.online cex.flexflex.online	828 B
2	ipapi.co ipapi.co — Cisco Umbrella Rank: 16395	2 KB
13	3

	Domain	Requested by
7	customer-active-info-28573.netlify.app	customer-active-info-28573.netlify.app
4	cex.flexflex.online	customer-active-info-28573.netlify.app
2	ipapi.co	customer-active-info-28573.netlify.app
13	3

This site contains no links.

Subject Issuer	Validity	Valid
*.netlify.app DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-15` - `2025-02-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-16` - `2024-04-15`	a year	crt.sh
cex.flexflex.online R3	`2024-01-29` - `2024-04-28`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://customer-active-info-28573.netlify.app/
Frame ID: D2FC14AA753921C61758F7572934F59D
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Meta for Business

Detected technologies

Netlify (Web Servers) Expand

Overall confidence: 100%
Detected patterns

^https?://[^/]+\.netlify\.(?:com|app)/

Page Statistics

13
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

365 kB
Transfer

644 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
customer-active-info-28573.netlify.app/ 881 B
1 KB 172ms
21ms Document
text/html 2a05:d014:275:cb02::c8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://customer-active-info-28573.netlify.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

477e9519f7b45fea2ce78efc7aaffcdf63a97548497673a75ba0e42ab3aa524c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4052
cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
content-length: 881
content-type: text/html; charset=UTF-8
date: Thu, 08 Feb 2024 00:44:30 GMT
etag: "68edaafc77cc4c4b9b980197e70d4876-ssl"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-nf-request-id: 01HP32RQ4V1NJBRC42Q7AGH4R4

GET
H2 200 main.9c17cf71.js Show response
customer-active-info-28573.netlify.app/static/js/ 245 KB
79 KB 44ms
44ms Script
application/javascript 2a05:d014:275:cb02::c8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://customer-active-info-28573.netlify.app/static/js/main.9c17cf71.js

Requested by

Host: customer-active-info-28573.netlify.app
URL: https://customer-active-info-28573.netlify.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

d0d55e09e097c544d9c1d177529229ec3bf1675f2d40f4835f7d687de0bd3d00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customer-active-info-28573.netlify.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nf-request-id: 01HP32RQ5P4XTHGCZ04PZYW8DA
date: Thu, 08 Feb 2024 00:44:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: Netlify
age: 4052
cache-status: "Netlify Edge"; hit
etag: "6f4efcca5f80b52649d4ca63443d78c7-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes
content-length: 80498

GET
H2 200 main.58f6b59b.css
customer-active-info-28573.netlify.app/static/css/ 134 KB
27 KB 24ms
24ms Stylesheet
text/css 2a05:d014:275:cb02::c8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://customer-active-info-28573.netlify.app/static/css/main.58f6b59b.css

Requested by

Host: customer-active-info-28573.netlify.app
URL: https://customer-active-info-28573.netlify.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

169a5477193adcc53deb4cca640528a3ead532b0ae97909a4e02489d2a156549

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customer-active-info-28573.netlify.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nf-request-id: 01HP32RQ5P18F007N8FP10R1RB
date: Thu, 08 Feb 2024 00:44:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: Netlify
age: 4052
cache-status: "Netlify Edge"; hit
etag: "de993397201a9ea157d9234e66d6416f-ssl-df"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes
content-length: 27755

GET
H2 200 / Show response
ipapi.co/json// 742 B
899 B 274ms
217ms XHR
application/json 2606:4700:20::ac43:45e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ipapi.co/json//

Requested by

Host: customer-active-info-28573.netlify.app
URL: https://customer-active-info-28573.netlify.app/static/js/main.9c17cf71.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:20::ac43:45e2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df225e2081a7072983e096e6c279fd122a56a3f0fbeb288d4a5a3504129aabef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json, text/plain, */*
Referer: https://customer-active-info-28573.netlify.app/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 00:44:31 GMT
content-encoding: br
x-content-type-options: nosniff
referrer-policy: same-origin
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Host, origin
allow: GET, POST, OPTIONS, HEAD, OPTIONS
content-type: application/json
access-control-allow-origin: https://customer-active-info-28573.netlify.app
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GcQTzLONMwXlfdrCbsGTfNRUbs%2F13%2BAdEiVnCOzbxtQYfMAtATs3fJZYfIotXX4WiW%2B5cP1A8Sd7HGLKQ4LzvkR9g%2F3H9S1ARoNVK9gfAiwVDJ8E4qYmnaNq3qAs3tn8aCMtY4pr"}],"group":"cf-nel","max_age":604800}
x-frame-options: DENY
cf-ray: 851fd83559d5361f-FRA

POST
H/1.1 200
OK shadow Show response
cex.flexflex.online/api/activity/ 85 B
311 B 306ms
305ms XHR
application/json 146.70.101.98
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://cex.flexflex.online/api/activity/shadow
Requested by: Host: customer-active-info-28573.netlify.app
URL: https://customer-active-info-28573.netlify.app/static/js/main.9c17cf71.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 146.70.101.98 Frankfurt am Main, Germany, ASN9009 (M247, RO),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 5bca00413d504d784b3974bb8d78ec197273152c0e4ce073d51250e69e8ee53c

Request headers

Accept: application/json, text/plain, */*
Referer: https://customer-active-info-28573.netlify.app/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
Date: Thu, 08 Feb 2024 00:44:31 GMT
access-control-allow-credentials: true
Server: nginx/1.18.0
Connection: keep-alive
Content-Length: 85
Content-Type: application/json

OPTIONS
H/1.1 200
OK shadow
cex.flexflex.online/api/activity/ 0
0 338ms
252ms Preflight
text/plain 146.70.101.98
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://cex.flexflex.online/api/activity/shadow
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 146.70.101.98 Frankfurt am Main, Germany, ASN9009 (M247, RO),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://customer-active-info-28573.netlify.app
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 2
Content-Type: text/plain; charset=utf-8
Date: Thu, 08 Feb 2024 00:44:31 GMT
Server: nginx/1.18.0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://customer-active-info-28573.netlify.app
access-control-max-age: 600
vary: Origin

GET
DATA 200
OK truncated
/ 8 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0c865955063fd1f865128672d6b8f896678b5b4a095b17b3bea8367fb0d94c92

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2 200 metaTextLogo-qbzqabrjfsgixrkm.e8c807fc3bccff5a9b1f.png
customer-active-info-28573.netlify.app/static/media/ 72 KB
72 KB 226ms
226ms Image
image/png 2a05:d014:275:cb02::c8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://customer-active-info-28573.netlify.app/static/media/metaTextLogo-qbzqabrjfsgixrkm.e8c807fc3bccff5a9b1f.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

9f08f9aa36ea4ff172df15351dcc20bbb604c75ec2ae868203eae517005c82c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customer-active-info-28573.netlify.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nf-request-id: 01HP32RR5XGHS3FBEZPP3ENJAE
date: Thu, 08 Feb 2024 00:44:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: Netlify
age: 2
cache-status: "Netlify Edge"; fwd=miss
etag: "46d23bbffbb87352b2334ebb9d0c7dad-ssl"
content-type: image/png
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes
content-length: 73614

GET
H2 200 montserrat-latin-400-normal.acb6629fe45c43ad5d8b.woff2
customer-active-info-28573.netlify.app/static/media/ 12 KB
13 KB 190ms
190ms Font
font/woff2 2a05:d014:275:cb02::c8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://customer-active-info-28573.netlify.app/static/media/montserrat-latin-400-normal.acb6629fe45c43ad5d8b.woff2

Requested by

Host: customer-active-info-28573.netlify.app
URL: https://customer-active-info-28573.netlify.app/static/css/main.58f6b59b.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://customer-active-info-28573.netlify.app/static/css/main.58f6b59b.css
Origin: https://customer-active-info-28573.netlify.app
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nf-request-id: 01HP32RR5ZEYQ1NZA1TBWB7N1F
date: Thu, 08 Feb 2024 00:44:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: Netlify
age: 0
cache-status: "Netlify Edge"; fwd=miss
etag: "0d66afed5edd9e47aeee440caab779f9-ssl"
content-type: font/woff2
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes
content-length: 12708

GET
H2 200 fa-regular-400.b041b1fa4fe241b23445.woff2
customer-active-info-28573.netlify.app/static/media/ 24 KB
24 KB 190ms
190ms Font
font/woff2 2a05:d014:275:cb02::c8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://customer-active-info-28573.netlify.app/static/media/fa-regular-400.b041b1fa4fe241b23445.woff2

Requested by

Host: customer-active-info-28573.netlify.app
URL: https://customer-active-info-28573.netlify.app/static/css/main.58f6b59b.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

9169d8be7a8177e5a92a4d04b6de7f6504b938573bf4da5889871c4f376d3849

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://customer-active-info-28573.netlify.app/static/css/main.58f6b59b.css
Origin: https://customer-active-info-28573.netlify.app
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nf-request-id: 01HP32RR5ZYZ51XAB5E8S4HPWT
date: Thu, 08 Feb 2024 00:44:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: Netlify
age: 0
cache-status: "Netlify Edge"; fwd=miss
etag: "7ec618be3ce4525dc823fd6b74bf2872-ssl"
content-type: font/woff2
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes
content-length: 24488

GET
H2 200 fa-solid-900.b6879d41b0852f01ed5b.woff2
customer-active-info-28573.netlify.app/static/media/ 147 KB
147 KB 131ms
130ms Font
font/woff2 2a05:d014:275:cb02::c8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://customer-active-info-28573.netlify.app/static/media/fa-solid-900.b6879d41b0852f01ed5b.woff2

Requested by

Host: customer-active-info-28573.netlify.app
URL: https://customer-active-info-28573.netlify.app/static/css/main.58f6b59b.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

886c86112a804ef1ddd1cb206af4c8c40e34b73c26652ca231404aa35a6b30d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://customer-active-info-28573.netlify.app/static/css/main.58f6b59b.css
Origin: https://customer-active-info-28573.netlify.app
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nf-request-id: 01HP32RR5ZQ2HM35CXZ24200X3
date: Thu, 08 Feb 2024 00:44:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: Netlify
age: 0
cache-status: "Netlify Edge"; fwd=miss
etag: "dc89f6bd6b40fa3531f65713a07db4dd-ssl"
content-type: font/woff2
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes
content-length: 150020

GET
H/1.1 404
Not Found form Show response
cex.flexflex.online/api/set_status// 22 B
255 B 254ms
254ms XHR
application/json 146.70.101.98
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://cex.flexflex.online/api/set_status//form
Requested by: Host: customer-active-info-28573.netlify.app
URL: https://customer-active-info-28573.netlify.app/static/js/main.9c17cf71.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 146.70.101.98 Frankfurt am Main, Germany, ASN9009 (M247, RO),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 37ec4665a8102d115ffd1ac20dae94c98b4dac64b0c1a68228aa2a531caeb35d

Request headers

Accept: application/json, text/plain, */*
Referer: https://customer-active-info-28573.netlify.app/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Thu, 08 Feb 2024 00:44:32 GMT
access-control-allow-credentials: true
Server: nginx/1.18.0
Connection: keep-alive
Content-Length: 22
Content-Type: application/json

GET
H2 200 / Show response
ipapi.co/json// 742 B
683 B 208ms
208ms XHR
application/json 2606:4700:20::ac43:45e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ipapi.co/json//

Requested by

Host: customer-active-info-28573.netlify.app
URL: https://customer-active-info-28573.netlify.app/static/js/main.9c17cf71.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:20::ac43:45e2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df225e2081a7072983e096e6c279fd122a56a3f0fbeb288d4a5a3504129aabef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json, text/plain, */*
Referer: https://customer-active-info-28573.netlify.app/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 00:44:32 GMT
content-encoding: br
x-content-type-options: nosniff
referrer-policy: same-origin
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Host, origin
allow: POST, OPTIONS, GET, HEAD, OPTIONS
content-type: application/json
access-control-allow-origin: https://customer-active-info-28573.netlify.app
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ext0RCz1DotQI4BMXf9vD2c%2Fih7jfSiqk7hTMQzeTsceEJ6OLNMLhC9aToSrgDAKew7aK8XT8cdV5GKy19QccX8X8ar3aMA%2BYgCX5j99mOl%2BLL9bzSHfXsdyBi%2BaAXIK2u0CtslM"}],"group":"cf-nel","max_age":604800}
x-frame-options: DENY
cf-ray: 851fd83cbf19361f-FRA

GET
H/1.1 200
OK form Show response
cex.flexflex.online/api/set_status/65c423f01d395ad245b94f13/ 36 B
262 B 305ms
305ms XHR
application/json 146.70.101.98
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://cex.flexflex.online/api/set_status/65c423f01d395ad245b94f13/form
Requested by: Host: customer-active-info-28573.netlify.app
URL: https://customer-active-info-28573.netlify.app/static/js/main.9c17cf71.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 146.70.101.98 Frankfurt am Main, Germany, ASN9009 (M247, RO),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 3a81f99aaef5363691cb6067c2fe3c2b5eea5da386a7f80fcf7eafdd42e90de1

Request headers

Accept: application/json, text/plain, */*
Referer: https://customer-active-info-28573.netlify.app/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Thu, 08 Feb 2024 00:44:32 GMT
access-control-allow-credentials: true
Server: nginx/1.18.0
Connection: keep-alive
Content-Length: 36
Content-Type: application/json

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| webpackChunkkidazcooirqzcekp

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cex.flexflex.online/api/set_status//form Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cex.flexflex.online
customer-active-info-28573.netlify.app
ipapi.co
146.70.101.98
2606:4700:20::ac43:45e2
2a05:d014:275:cb02::c8
0c865955063fd1f865128672d6b8f896678b5b4a095b17b3bea8367fb0d94c92
169a5477193adcc53deb4cca640528a3ead532b0ae97909a4e02489d2a156549
37ec4665a8102d115ffd1ac20dae94c98b4dac64b0c1a68228aa2a531caeb35d
3a81f99aaef5363691cb6067c2fe3c2b5eea5da386a7f80fcf7eafdd42e90de1
477e9519f7b45fea2ce78efc7aaffcdf63a97548497673a75ba0e42ab3aa524c
5bca00413d504d784b3974bb8d78ec197273152c0e4ce073d51250e69e8ee53c
886c86112a804ef1ddd1cb206af4c8c40e34b73c26652ca231404aa35a6b30d9
9169d8be7a8177e5a92a4d04b6de7f6504b938573bf4da5889871c4f376d3849
9f08f9aa36ea4ff172df15351dcc20bbb604c75ec2ae868203eae517005c82c6
d0d55e09e097c544d9c1d177529229ec3bf1675f2d40f4835f7d687de0bd3d00
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
df225e2081a7072983e096e6c279fd122a56a3f0fbeb288d4a5a3504129aabef

customer-active-info-28573.netlify.app Open in urlscan Pro 2a05:d014:275:cb02::c8 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

13 Requests

100 %HTTPS

67 %IPv6

3 Domains

3 Subdomains

4 IPs

2 Countries

365 kBTransfer

644 kBSize

0 Cookies

0 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

1 JavaScript Global Variables

0 Cookies

1 Console Messages

Security Headers

Indicators

customer-active-info-28573.netlify.app Open in urlscan Pro
2a05:d014:275:cb02::c8 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

365 kB
Transfer

644 kB
Size

0
Cookies

13 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!