createdweb.de
Open in
urlscan Pro
144.76.75.26
Malicious Activity!
Public Scan
Submission: On October 31 via manual from US
Summary
This is the only time createdweb.de was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Dropbox (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 144.76.75.26 144.76.75.26 | 24940 (HETZNER-AS) (HETZNER-AS) | |
25 | 160.153.63.160 160.153.63.160 | 26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com) | |
6 | 2400:cb00:204... 2400:cb00:2048:1::6810:631d | 13335 (CLOUDFLAR...) (CLOUDFLARENET - CloudFlare) | |
1 | 2a00:1450:400... 2a00:1450:4001:81b::200a | 15169 (GOOGLE) (GOOGLE - Google Inc.) | |
2 | 2a00:1450:400... 2a00:1450:4001:81b::2003 | 15169 (GOOGLE) (GOOGLE - Google Inc.) | |
36 | 6 |
ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: ip-160-153-63-160.ip.secureserver.net
signpqee.info |
ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US)
cfl.dropboxstatic.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
25 |
signpqee.info
signpqee.info Failed |
98 KB |
6 |
dropboxstatic.com
cfl.dropboxstatic.com |
74 KB |
2 |
gstatic.com
fonts.gstatic.com |
17 KB |
1 |
googleapis.com
fonts.googleapis.com |
992 B |
1 |
createdweb.de
createdweb.de |
210 B |
36 | 5 |
Domain | Requested by | |
---|---|---|
25 | signpqee.info |
signpqee.info
|
6 | cfl.dropboxstatic.com |
signpqee.info
|
2 | fonts.gstatic.com |
signpqee.info
|
1 | fonts.googleapis.com |
signpqee.info
|
1 | createdweb.de | |
36 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.dropbox.com |
blog.dropbox.com |
www.dropboxforum.com |
twitter.com |
facebook.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
cfl.dropboxstatic.com DigiCert SHA2 High Assurance Server CA |
2016-03-01 - 2019-03-06 |
3 years | crt.sh |
*.googleapis.com Google Internet Authority G2 |
2017-10-24 - 2017-12-29 |
2 months | crt.sh |
*.google.com Google Internet Authority G2 |
2017-10-24 - 2017-12-29 |
2 months | crt.sh |
This page contains 2 frames:
Frame:
http://signpqee.info/greww/Drop-box/
Frame ID: 24213.1
Requests: 2 HTTP requests in this frame
Frame:
http://signpqee.info/greww/Drop-box/
Frame ID: 24229.1
Requests: 34 HTTP requests in this frame
Screenshot
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
React (JavaScript Frameworks) Expand
Detected patterns
- html /<[^>]+data-react/i
Google Font API (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery.*\.js/i
reCAPTCHA (Captchas) Expand
Detected patterns
- html /(?:<div[^>]+id="recaptcha_image|<link[^>]+recaptcha|document\.getElementById\('recaptcha')/i
Page Statistics
21 Outgoing links
These are links going to different origins than the main page.
Title: create an account
Search URL Search Domain Scan URL
Title: Install
Search URL Search Domain Scan URL
Title: Mobile
Search URL Search Domain Scan URL
Title: Pricing
Search URL Search Domain Scan URL
Title: Business
Search URL Search Domain Scan URL
Title: Enterprise
Search URL Search Domain Scan URL
Title: Dropbox Blog
Search URL Search Domain Scan URL
Title: About
Search URL Search Domain Scan URL
Title: Branding
Search URL Search Domain Scan URL
Title: News
Search URL Search Domain Scan URL
Title: Jobs
Search URL Search Domain Scan URL
Title: Help Centre
Search URL Search Domain Scan URL
Title: Contact us
Search URL Search Domain Scan URL
Title: Copyright
Search URL Search Domain Scan URL
Title: Cookies
Search URL Search Domain Scan URL
Title: Privacy & Terms
Search URL Search Domain Scan URL
Title: Referrals
Search URL Search Domain Scan URL
Title: Forum
Search URL Search Domain Scan URL
Title: Twitter
Search URL Search Domain Scan URL
Title: Facebook
Search URL Search Domain Scan URL
Title: Developers
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
36 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
kent.html
createdweb.de/drupal/page/ |
288 B 210 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
signpqee.info/greww/Drop-box/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
signpqee.info/greww/Drop-box/ Frame 2422 |
9 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
footer.css
signpqee.info/greww/Drop-box/css/ Frame 2422 |
2 KB 695 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
accessibility.css
signpqee.info/greww/Drop-box/css/ Frame 2422 |
723 B 278 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
button.css
signpqee.info/greww/Drop-box/css/ Frame 2422 |
22 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
exp_cards.css
signpqee.info/greww/Drop-box/css/ Frame 2422 |
3 KB 666 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login_form.css
signpqee.info/greww/Drop-box/css/ Frame 2422 |
21 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login_or_register.css
signpqee.info/greww/Drop-box/css/ Frame 2422 |
1 KB 311 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
react_locale_selector.css
signpqee.info/greww/Drop-box/css/ Frame 2422 |
641 B 276 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
layout.css
signpqee.info/greww/Drop-box/css/ Frame 2422 |
591 B 281 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.css
signpqee.info/greww/Drop-box/css/ Frame 2422 |
27 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
base.css
signpqee.info/greww/Drop-box/css/ Frame 2422 |
29 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
components.css
signpqee.info/greww/Drop-box/css/ Frame 2422 |
44 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login_or_register2.css
signpqee.info/greww/Drop-box/css/ Frame 2422 |
3 KB 899 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha_challenge-vflrcf67y.css
cfl.dropboxstatic.com/static/css/ Frame 2422 |
2 KB 558 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha_v2_challenge-vflLfwbvt.css
cfl.dropboxstatic.com/static/css/ Frame 2422 |
459 B 214 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scooter-scoped-vflDMywrd.css
cfl.dropboxstatic.com/static/css/scooter/ Frame 2422 |
38 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
web_sprites-vflv2MHAO.css
cfl.dropboxstatic.com/static/css/sprites/ Frame 2422 |
147 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ Frame 2422 |
9 KB 992 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.js
signpqee.info/greww/Drop-box/js/ Frame 2422 |
94 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dropbox_logo_glyph_2015_m1-vfleInWIl.svg
signpqee.info/greww/Drop-box/images/ Frame 2422 |
314 B 219 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dropbox_logo_text_2015_m1-vflV-vZRB.svg
signpqee.info/greww/Drop-box/images/ Frame 2422 |
3 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sign-in-illo-vfl_t3XMB.png
signpqee.info/greww/Drop-box/images/ Frame 2422 |
12 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
officeother.jpg
signpqee.info/greww/Drop-box/images/ Frame 2422 |
25 KB 25 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon_spacer-vflN3BYt2.gif
cfl.dropboxstatic.com/static/images/icons/ Frame 2422 |
55 B 73 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
AtlasGrotesk-Bold-Web-vfl39K48X.woff2
signpqee.info/static/fonts/paper-atlasgrotesk/ Frame 2422 |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
AtlasGrotesk-Regular-Web-vflk7bxjs.woff2
signpqee.info/static/fonts/paper-atlasgrotesk/ Frame 2422 |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon_caps_lock-vflQIxpDA.png
signpqee.info/static/images/icons/ Frame 2422 |
2 KB 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
web_sprites-vflT1pLW1.png
cfl.dropboxstatic.com/static/images/sprites/ Frame 2422 |
55 KB 55 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
AtlasGrotesk-Regular-Web-vflyEJFZg.woff
signpqee.info/static/fonts/paper-atlasgrotesk/ Frame 2422 |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
AtlasGrotesk-Bold-Web-vflaLofNp.woff
signpqee.info/static/fonts/paper-atlasgrotesk/ Frame 2422 |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
AtlasGrotesk-Bold-Web-vflD33tdn.ttf
signpqee.info/static/fonts/paper-atlasgrotesk/ Frame 2422 |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
AtlasGrotesk-Regular-Web-vflJ3txfq.ttf
signpqee.info/static/fonts/paper-atlasgrotesk/ Frame 2422 |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MTP_ySUJH_bn48VBG8sNShampu5_7CjHW5spxoeN3Vs.woff2
fonts.gstatic.com/s/opensans/v15/ Frame 2422 |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cJZKeOuBrn4kERxqtaUH3ZBw1xU1rKptJj_0jans920.woff2
fonts.gstatic.com/s/opensans/v15/ Frame 2422 |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- signpqee.info
- URL
- http://signpqee.info/greww/Drop-box/
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Dropbox (Consumer)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cfl.dropboxstatic.com
createdweb.de
fonts.googleapis.com
fonts.gstatic.com
signpqee.info
signpqee.info
144.76.75.26
160.153.63.160
2400:cb00:2048:1::6810:631d
2a00:1450:4001:81b::2003
2a00:1450:4001:81b::200a
0e4748b814a2b3ff1fd8b50dccb6fcc8dfdc351dc7b2710b596cb5319e56f787
11dbfbfe0600ee2ef8d7d9dc0e37dc5ca1c1f865ec527576b1596ffdc1475df4
1eeb5a945f74d2e59612f200735a6e55423bf5253dcec0dca4bcef69863d1628
3c3dbf9abc00c05204be607b949df581016f519c5d664f8cd65d44cb3d133658
44300d66f5e24a766d529249f84954ea7b84ee97cdc87d6905538913dea27c07
4dea2f1ee46351cf16b147123b36980d0feb6ee6b63e79958cb890f10776da19
50dda9aac0fcea362bdda27ae7833240485ad5a20ccc105c1cd13ea26802a8bd
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
5455e6c9958e8476a848aa2f9eb3afa3fd58819c6d68e4e1e2f7557f57aaba1a
61b2e1f0b7f2a069aa39e322db29946e5fb1ecc6e0ca6058ae692064ca5e0034
73e03c6bb3c9ed825fbcec63952a3e10e9f32f0d09e7bcf9d088b8f9d39d1735
79fc1a0ee9059cb3f55bb84329a0f134e04a2edaebb455d916a235d38fce2b52
869a1731cb13e9d6c7d7161b124f22c94a42f8126bd722e5b80cfd61e064a413
8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167
8a7c178034a627f9994d632a5a32433ef9df3e9fde7517a7f0fad8457e9e908b
900ddc981a7b82ddea2d9f73e4aec01e212614da65186cc3da537db86d86cb86
970289815dff1cace2ac4eb80361a7d5c75070d3b06d6400dfd0b5400c8e07eb
971bb3accb3712bc44e3dfcebe8deddbda3396536d40911fed591ea000efef73
a585084b03355c53aac7bc751c90385276b19a6a7026c7664d660d35de4d4cba
b17a16ae1e208357544bb3726787b326cbd16a3960179184a1660bc3af3da3b7
bd4e466e9f65f0a2f670298ea3dc365de204f682a9db67d956331098f9c7846d
bda7476cb6be9304d1359782c45b61a304586300ed8ef96de1b90bb388b93608
bdf00160fc0264e10fa4b4c162db79ea81ffa6ae13ba68c8236bbb98ea34d980
c4531425e7772659346901b41202c8ba03d7d3e3901f9651ad9feb03f54373a3
cb504b904cc5958460fcd6b0fb5c5d6d653434faee662ec2adf926d205eeca78
cdc8b52c9402b72ef9c698027c0d2ea63058ed98b832a31d3ac57c9e7f8b35ed
eb54e534e6c5f4188ca4a89159e8fe9bf3821bb0a9ef469173feb7d770b43646
ed36bb8525741f67de9fe61e93441e68e3c73ae867ad791a3fe938772e8cf332
edd05c8c854d6ea5295e5e443a7b520591dbc377403ed0cd32d3f97e34e53f89