fb-7984656879515-com.preview-domain.com
Open in
urlscan Pro
2606:4700::6812:1978
Malicious Activity!
Public Scan
Submission: On September 11 via automatic, source openphish
Summary
This is the only time fb-7984656879515-com.preview-domain.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 2606:4700::68... 2606:4700::6812:1978 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
8 | 74.115.50.110 74.115.50.110 | 27647 (WEEBLY) (WEEBLY) | |
1 | 199.34.228.53 199.34.228.53 | 27647 (WEEBLY) (WEEBLY) | |
10 | 3 |
ASN13335 (CLOUDFLARENET, US)
fb-7984656879515-com.preview-domain.com |
ASN27647 (WEEBLY, US)
PTR: www.weebly.com
www.weebly.com |
ASN27647 (WEEBLY, US)
PTR: pages-wildcard-1.weebly.com
tonkow.weebly.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
weebly.com
www.weebly.com tonkow.weebly.com |
96 KB |
1 |
preview-domain.com
fb-7984656879515-com.preview-domain.com |
6 KB |
10 | 2 |
Domain | Requested by | |
---|---|---|
8 | www.weebly.com |
fb-7984656879515-com.preview-domain.com
www.weebly.com |
1 | tonkow.weebly.com |
fb-7984656879515-com.preview-domain.com
|
1 | fb-7984656879515-com.preview-domain.com | |
10 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.weebly.com DigiCert SHA2 Secure Server CA |
2020-08-10 - 2022-08-15 |
2 years | crt.sh |
*.weebly.com RapidSSL RSA CA 2018 |
2019-10-04 - 2021-12-02 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
http://fb-7984656879515-com.preview-domain.com/payments/Add-Payments-Method.htm
Frame ID: E93C3E6A4639E5E649D5E347D834224A
Requests: 10 HTTP requests in this frame
Screenshot
Detected technologies
CloudFlare (CDN) ExpandDetected patterns
- headers server /^cloudflare$/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
10 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
Add-Payments-Method.htm
fb-7984656879515-com.preview-domain.com/payments/ |
20 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
k7lsz6kzebp.css
www.weebly.com/uploads/1/2/5/8/125855447/ |
2 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rdxxulzowap.css
www.weebly.com/uploads/1/2/5/8/125855447/ |
105 KB 29 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ina-j1hstsu.css
www.weebly.com/uploads/1/2/5/8/125855447/ |
35 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dimqkj1odg6.css
www.weebly.com/uploads/1/2/5/8/125855447/ |
4 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1vv4bii7bxr.css
www.weebly.com/uploads/1/2/5/8/125855447/ |
15 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1j-mox9xpga.css
www.weebly.com/uploads/1/2/5/8/125855447/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vlogo77go.css
www.weebly.com/uploads/1/2/5/8/125855447/ |
336 B 814 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
we-accept-credit-cards_orig.jpg
tonkow.weebly.com/uploads/1/2/5/8/125855447/ |
44 KB 45 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.png
www.weebly.com/uploads/1/2/5/8/125855447/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| trustedTypes function| Form1_Validator string| message function| clickIE function| clickNS1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.preview-domain.com/ | Name: __cfduid Value: d4e529941965c1b3ecfa2bbac5b92de5f1599788154 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fb-7984656879515-com.preview-domain.com
tonkow.weebly.com
www.weebly.com
199.34.228.53
2606:4700::6812:1978
74.115.50.110
06337152ac163e643d15926d44a76e00007fc052b6608a2de1d9571c4d85ab78
3cb38c0015ac502e1101a8619a73aa550758c6c8764487287cbc59ef8cb14f82
5a4160c1b62df0b7279e552c149e3a6aa3024e3d9a0818f5170bb684956c07ee
71262a119250662e3964e7a7095df56ee35b8b0102e9bb5ba63c779ed7b01721
8440eff1a8ab22fb1a5ee0861c2913be96342ed3235b3b28bb5c295cbd706d23
a23faaf3c17c98031799d70ccff8d24f8510922e6a50ea319e93951a416aede2
b62b4ccb0b9649e4cc9f120eeae7c6f1919d78ef5b6ac988596c30eb539887b5
cd8fb946ef1c5efd94bfe1507eb7a9fbf3e6737ff2085da1b5728a06cfb4bf9e
cea2c3678e9aa3ddf11cd991e51bd16b944169e41306ae3ab74ed2b8bf1902de
e68f4501d15f2e5ed1e1610b1c0763a200afabea24abf0dbef645b8dfb0c25f3