foottraffic.us
Open in
urlscan Pro
104.247.78.196
Malicious Activity!
Public Scan
Submission: On February 02 via automatic, source openphish — Scanned from US
Summary
TLS certificate: Issued by R3 on January 5th 2024. Valid for: 3 months.
This is the only time foottraffic.us was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Netflix (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
6 | 104.247.78.196 104.247.78.196 | 54641 (IMH-IAD) (IMH-IAD) | |
6 | 1 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
foottraffic.us
foottraffic.us |
321 KB |
6 | 1 |
Domain | Requested by | |
---|---|---|
6 | foottraffic.us |
foottraffic.us
|
6 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
foottraffic.us R3 |
2024-01-05 - 2024-04-04 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://foottraffic.us/wp-admin/network/C-InFO/clients/c.php
Frame ID: 0547278310F24A089BAD788EB0A66BC8
Requests: 6 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
6 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
c.php
foottraffic.us/wp-admin/network/C-InFO/clients/ |
5 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.css
foottraffic.us/wp-admin/network/C-InFO/css/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
selectlanguage.PNG
foottraffic.us/wp-admin/network/C-InFO/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
junia-framework.js
foottraffic.us/wp-admin/network/C-InFO/js/ |
21 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cc.js
foottraffic.us/wp-admin/network/C-InFO/js/ |
2 KB 942 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
background.jpg
foottraffic.us/wp-admin/network/C-InFO/images/ |
308 KB 308 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Netflix (Online)1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| Cleave0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
foottraffic.us
104.247.78.196
4eddbc6b9a1194b7c26b7289cd5187ac1ae81887ee176ff265706fc7a002c961
6c8c96927fb2b23021a5336ef11c805edcdb31e8c993a385b603ae4e37f51bcd
a6a7fac7ea6df63f97cc2a3d901889cd1b1098dc2d5d614808b4d66e6dd30aa9
a78cf28111d6c1d2c9f2fe03652b6e385b97a1a2828bf2f2133c40b3209766d2
c0f09464fc615241a88a012e590375ec17f6d6ca089232dd21a4a8eb0b5a0704
d82d7057c4aaf8fe1a75beb7fa0d88c62a4a7f0988bac673b6ed974ad84838f8