![](/screenshots/8a8c5307-bfca-424a-b263-afaeaf6ad473.png)
www.jeffreycleveland.com
Open in
urlscan Pro
75.119.202.213
Malicious Activity!
Public Scan
Submission: On November 28 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by R3 on November 26th 2022. Valid for: 3 months.
This is the only time www.jeffreycleveland.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Credit Agricole (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 75.119.202.213 75.119.202.213 | 26347 (DREAMHOST-AS) (DREAMHOST-AS) | |
6 | 2a00:1450:400... 2a00:1450:4001:810::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 65.9.66.92 65.9.66.92 | 16509 (AMAZON-02) (AMAZON-02) | |
4 | 13.224.189.85 13.224.189.85 | 16509 (AMAZON-02) (AMAZON-02) | |
12 | 4 |
ASN26347 (DREAMHOST-AS, US)
PTR: apache2-argon.luckylabrador.dreamhost.com
www.jeffreycleveland.com |
ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-92.fra56.r.cloudfront.net
d15k2d11r6t6rl.cloudfront.net |
ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-85.fra2.r.cloudfront.net
app-rsrc.getbee.io |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 107 |
3 KB |
4 |
getbee.io
app-rsrc.getbee.io — Cisco Umbrella Rank: 15328 |
12 KB |
1 |
cloudfront.net
d15k2d11r6t6rl.cloudfront.net |
14 KB |
1 |
jeffreycleveland.com
www.jeffreycleveland.com |
3 KB |
12 | 4 |
Domain | Requested by | |
---|---|---|
6 | fonts.googleapis.com |
www.jeffreycleveland.com
|
4 | app-rsrc.getbee.io |
www.jeffreycleveland.com
|
1 | d15k2d11r6t6rl.cloudfront.net |
www.jeffreycleveland.com
|
1 | www.jeffreycleveland.com | |
12 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
admiring-driscoll.54-39-209-232.plesk.page |
fr-fr.facebook.com |
twitter.com |
www.instagram.com |
www.youtube.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.jeffreycleveland.com R3 |
2022-11-26 - 2023-02-24 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-11-02 - 2023-01-25 |
3 months | crt.sh |
*.cloudfront.net Amazon |
2022-02-01 - 2023-01-31 |
a year | crt.sh |
*.getbee.io Amazon |
2022-03-05 - 2023-04-02 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.jeffreycleveland.com/cust.html
Frame ID: E22AFC7B98BDEDB4986ED1196B1635AA
Requests: 12 HTTP requests in this frame
Screenshot
![](/screenshots/8a8c5307-bfca-424a-b263-afaeaf6ad473.png)
Detected technologies
![](/vendor/wappa/icons/Google Font API.png)
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Page Statistics
5 Outgoing links
These are links going to different origins than the main page.
Title: ACTIVATION
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
12 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
cust.html
www.jeffreycleveland.com/ |
14 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
722 B 446 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
2 KB 631 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
356 B 791 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
2 KB 595 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
1 KB 528 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
2 KB 554 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
credit-agricole-vector-logo-2022.png
d15k2d11r6t6rl.cloudfront.net/public/users/Integrators/BeeProAgency/892694_876947/ |
13 KB 14 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
facebook@2x.png
app-rsrc.getbee.io/public/resources/social-networks-icon-sets/t-outline-circle-default-gray/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
twitter@2x.png
app-rsrc.getbee.io/public/resources/social-networks-icon-sets/t-outline-circle-default-gray/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
instagram@2x.png
app-rsrc.getbee.io/public/resources/social-networks-icon-sets/t-outline-circle-default-gray/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
youtube@2x.png
app-rsrc.getbee.io/public/resources/social-networks-icon-sets/t-outline-circle-default-gray/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Credit Agricole (Banking)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
app-rsrc.getbee.io
d15k2d11r6t6rl.cloudfront.net
fonts.googleapis.com
www.jeffreycleveland.com
13.224.189.85
2a00:1450:4001:810::200a
65.9.66.92
75.119.202.213
1ba76faa5d4ebb3164eec30f91400d455c0fa552fdfdcab5a7ec4f90b19827f0
1bf18208572a399bfd13c097e683762d0201b3809ce4d9288e6e3070d8aecfc0
1d2966af8e4fdee00173b233f2d437710427471eeee2483820c6a5044fc2711b
731b7179500596455906cca88663e99ccd87c340ebb2c14f170294898a9fc13d
801e6c236eee8e30d71a3d846e6a1bb673f6147061d93d2c77fa6db768289f2f
89dc85aa13da8847f7a4243eb8ab841b40e936ea5cc810a1b174d1507e5a7524
aa0c3fca044d8fdcb10fe44f8fd4289559b67f5284c7bde74d6391d8e8f6a737
aec710c6ba4d907b044d7c7c10d623c9e74d5e5ab3c4c6dc0c37965b360236b8
b3974d529dfe79cc7959c1d293d84fe4d633f1415d60c9c9ff15cbb996fc464b
d2bb3bb3add67a8bd43259e1ef13b72f6adf3c1abc8b66fd92e77a106f12c420
f28779736e27bb448913ebaefef453998e7bd3a37faa14bfeef2fa77e01bae81
ff0b683f20f821e1329f3dedccffeae3a259c9b41701e73a8073a3134bccdccd