![](/screenshots/8b855a18-1140-49d9-9827-ae23322b26c6.png)
bringsal1.site
Open in
urlscan Pro
2606:4700:3030::ac43:d3c5
Malicious Activity!
Public Scan
Submission: On June 15 via api from US — Scanned from US
Summary
TLS certificate: Issued by GTS CA 1P5 on May 14th 2023. Valid for: 3 months.
This is the only time bringsal1.site was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Scam (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 2606:4700:303... 2606:4700:3030::ac43:d3c5 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2600:9000:251... 2600:9000:2510:6400:5:c5da:4880:21 | 16509 (AMAZON-02) (AMAZON-02) | |
11 | 2600:9000:210... 2600:9000:210b:3800:18:9670:2700:21 | 16509 (AMAZON-02) (AMAZON-02) | |
4 | 2600:9000:251... 2600:9000:2512:bc00:1c:b3e3:eb40:21 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 2607:f8b0:400... 2607:f8b0:4006:824::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2607:f8b0:400... 2607:f8b0:4006:80f::200e | 15169 (GOOGLE) (GOOGLE) | |
2 | 2607:f8b0:400... 2607:f8b0:4006:823::2003 | 15169 (GOOGLE) (GOOGLE) | |
22 | 7 |
ASN16509 (AMAZON-02, US)
d15skjf5hy9xr6.cloudfront.net |
ASN16509 (AMAZON-02, US)
d3vv4txqnrv4po.cloudfront.net |
ASN16509 (AMAZON-02, US)
d13pxqgp3ixdbh.cloudfront.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
cloudfront.net
d15skjf5hy9xr6.cloudfront.net d3vv4txqnrv4po.cloudfront.net d13pxqgp3ixdbh.cloudfront.net |
290 KB |
2 |
gstatic.com
fonts.gstatic.com |
67 KB |
2 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 80 |
1 KB |
1 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 60 |
21 KB |
1 |
bringsal1.site
bringsal1.site |
792 B |
22 | 5 |
Domain | Requested by | |
---|---|---|
11 | d3vv4txqnrv4po.cloudfront.net |
d15skjf5hy9xr6.cloudfront.net
d3vv4txqnrv4po.cloudfront.net |
4 | d13pxqgp3ixdbh.cloudfront.net |
d3vv4txqnrv4po.cloudfront.net
|
2 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | fonts.googleapis.com |
d3vv4txqnrv4po.cloudfront.net
|
1 | www.google-analytics.com |
d3vv4txqnrv4po.cloudfront.net
|
1 | d15skjf5hy9xr6.cloudfront.net |
bringsal1.site
|
1 | bringsal1.site | |
22 | 7 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
bringsal1.site GTS CA 1P5 |
2023-05-14 - 2023-08-12 |
3 months | crt.sh |
*.cloudfront.net Amazon RSA 2048 M01 |
2022-12-08 - 2023-12-07 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-05-22 - 2023-08-14 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-05-22 - 2023-08-14 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-05-22 - 2023-08-14 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://bringsal1.site/783da26?s1=jiroluger
Frame ID: 76722B38881F761AF6614117B5D44D13
Requests: 9 HTTP requests in this frame
Frame:
https://d3vv4txqnrv4po.cloudfront.net/public/ct?cpguid=hsf0h36hk&s1=jiroluger&it=2285171&w=1600&h=1200&key=84010&m=0&r=
Frame ID: D06F38E72DE9A9FCF2C43188B975F17D
Requests: 13 HTTP requests in this frame
Screenshot
![](/screenshots/8b855a18-1140-49d9-9827-ae23322b26c6.png)
Page Title
LockedDetected technologies
![](/vendor/wappa/icons/Font Awesome.png)
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
22 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
783da26
bringsal1.site/ |
546 B 792 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
XgDdOD.js
d15skjf5hy9xr6.cloudfront.net/ |
24 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
html.2285171.84010.0.js
d3vv4txqnrv4po.cloudfront.net/public/external/v2/ |
10 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css_front.css
d3vv4txqnrv4po.cloudfront.net/public/external/ |
6 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css.css
d3vv4txqnrv4po.cloudfront.net/public/clockers/CustomButton/ |
1010 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ct
d3vv4txqnrv4po.cloudfront.net/public/ Frame D06F |
26 KB 26 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
guid
d3vv4txqnrv4po.cloudfront.net/public/ |
0 276 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
d13pxqgp3ixdbh.cloudfront.net/assets/landing_pages/fa/css/ Frame D06F |
28 KB 29 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ Frame D06F |
418 B 389 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ Frame D06F |
1 KB 903 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1612865763e3fe55bd6cb84f58451f9d59e999450f.png
d13pxqgp3ixdbh.cloudfront.net/uploads/ Frame D06F |
56 KB 56 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
161259242059a642d77e59012c30ee37046eda2d60.gif
d13pxqgp3ixdbh.cloudfront.net/uploads/ Frame D06F |
53 KB 53 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
guid.js
d3vv4txqnrv4po.cloudfront.net/public/external/ Frame D06F |
862 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
t.js
d3vv4txqnrv4po.cloudfront.net/public/external/ Frame D06F |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.js
d13pxqgp3ixdbh.cloudfront.net/assets/content_lockers/ Frame D06F |
95 KB 95 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ Frame D06F |
51 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
check.php
d3vv4txqnrv4po.cloudfront.net/public/external/ Frame D06F |
78 B 371 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6ae-4KCqVa4Zy6Fif-UC2FHX.woff2
fonts.gstatic.com/s/rochester/v18/ Frame D06F |
19 KB 20 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
WnznHAc5bAfYB2QRah7pcpNvOx-pjfJ9eIWpYQ.woff2
fonts.gstatic.com/s/caveat/v17/ Frame D06F |
47 KB 47 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
impression.php
d3vv4txqnrv4po.cloudfront.net/public/external/ |
10 B 306 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
guid
d3vv4txqnrv4po.cloudfront.net/public/ |
0 276 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
check.php
d3vv4txqnrv4po.cloudfront.net/public/external/ |
78 B 371 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Scam (Online)19 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend object| CPABUILDSETTINGS object| CPABUILDContentLocker number| __cfRLUnblockHandlers function| CPBContentLocker function| CPABuildLock function| CPABuildGetFeedURL function| CPABuildGetIframeURL function| CPABuildGetIframeHTML function| CPABuildUnlock function| CPABuildOfferComplete function| CPABuildOffersComplete function| CPABuildCheckForLead function| og_load function| CPABuildComplete function| call_locker1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
bringsal1.site/ | Name: _cpguid Value: hsf0h36hk |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bringsal1.site
d13pxqgp3ixdbh.cloudfront.net
d15skjf5hy9xr6.cloudfront.net
d3vv4txqnrv4po.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
www.google-analytics.com
2600:9000:210b:3800:18:9670:2700:21
2600:9000:2510:6400:5:c5da:4880:21
2600:9000:2512:bc00:1c:b3e3:eb40:21
2606:4700:3030::ac43:d3c5
2607:f8b0:4006:80f::200e
2607:f8b0:4006:823::2003
2607:f8b0:4006:824::200a
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
025226b18ca31651d97864572dcfd3bab8c289dda633a934eedf5e27405d130a
09802b6a3d31c56182e0203cb65771475fba274922d4d3dad7d4309037c20cf3
1711e89a5ab3f0e2d009ab6b171bc8869acd8dd0da785e0dfe60c9c0bca48c6c
3cb08ae6a0783d2612395e3680b91773a33bb4681a5aa51c791bb43dee18f3bd
3efc61bcf3a2a65c875e501412e9db8b00b4b554e4351e01fab46c2793e87b3d
5df6a4c41b0551b4a46bd95558d5898d89003c32e932d790ff9ae29bbd51045f
79272c0b4d73596a13312ba60f6c797ee352e6bc32ebf5d87f68b6c86afee12c
92445f666197e1b36fcfc27229933dd7c3162932a24b1b836b830335faf04980
95a527dace73f97a884967696583538d29fa71514d31e379810f56f7d9548516
9ef4a63fc5e0a14a7301d693d65d6acfc44cdf14853c4a20890198f2d5e52e3b
a28be45144d377ab16527a8b5d2d60fae4d780f9dec17e4327567ad90482f293
a7081a117335212b9e7f2e348f7369a64423d51db1666310b3451e7375f0b7de
a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec
c9e27285c0482228a11bc89ea49e44241dd11e3ab96071874ddf62aa8b249b0e
d048e18c5335f654acb5a76c853bd08f216312c5ca3153965c767499fc082ea9
e1996013bea18595368a7d2452d2a96a8a66b59bd08cde2935e36ffa0f985fda
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
fff2c7e238400b24472e5d6c529d7f625ec50ec4383ac23d33ca05d9c1f07a7d