werbung.design
Open in
urlscan Pro
2a00:1158:5:805::
Malicious Activity!
Public Scan
Submission: On January 06 via api from US — Scanned from US
Summary
TLS certificate: Issued by webslave.ispgateway.de on March 22nd 2022. Valid for: 27 years.
This is the only time werbung.design was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Adobe (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
5 | 2a00:1158:5:8... 2a00:1158:5:805:: | 34011 (GD-EMEA-D...) (GD-EMEA-DC-CGN1) | |
5 | 1 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
werbung.design
werbung.design |
384 KB |
5 | 1 |
Domain | Requested by | |
---|---|---|
5 | werbung.design |
werbung.design
|
5 | 1 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.facebook.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
webslave.ispgateway.de webslave.ispgateway.de |
2022-03-22 - 2049-08-07 |
27 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://werbung.design/
Frame ID: 256478624ADF4421EFEABBA62801C1F6
Requests: 5 HTTP requests in this frame
1 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
5 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
werbung.design/ |
5 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Fiebel.JPG
werbung.design/pics/ |
6 KB 6 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fb.png
werbung.design/images/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon.png
werbung.design/ |
329 KB 329 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg2.jpg
werbung.design/pics/ |
43 KB 43 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Adobe (Consumer)1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
werbung.design
2a00:1158:5:805::
2002434a0863b3c76a1027bfbe807dfe9e3748155581dc83f0a0c7ebf06500b3
35d6b5ff288bb35acdf34369164428e02a6898c7f662da4fc86d9208f6edd0e8
5b0ab3a44d46fb67c2a48cf47c7cfb49893c1b59fe03bae87e585dc61787c1e9
865dc360c50dbfedd8064e4ee26a767dff54aaa2dec3e16bccd6608e6af1552b
9b2f1de76f84da2a54e353ee44cfd47b91e9b6b554ef0ee840d5adbffe1bab8e