flourishing-lamington-a5926f.netlify.app
Open in
urlscan Pro
2a05:d014:58f:6201::64
Malicious Activity!
Public Scan
Submitted URL: https://flourishing-lamington-a5926f.netlify.app/appeal_case_id/#2750965506
Effective URL: https://flourishing-lamington-a5926f.netlify.app/appeal_case_id/
Submission: On May 15 via api from US — Scanned from DE
Effective URL: https://flourishing-lamington-a5926f.netlify.app/appeal_case_id/
Submission: On May 15 via api from US — Scanned from DE
Summary
This website contacted 1 IPs
in 1 countries
across 1 domains to perform 11 HTTP transactions.
The main IP is 2a05:d014:58f:6201::64, located in
Frankfurt am Main, Germany and
belongs to AMAZON-02, US.
The main domain is flourishing-lamington-a5926f.netlify.app.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on January 15th 2024. Valid for: a year.
This is the only time flourishing-lamington-a5926f.netlify.app was scanned on urlscan.io!
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on January 15th 2024. Valid for: a year.
This is the only time flourishing-lamington-a5926f.netlify.app was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 11 | 2a05:d014:58f... 2a05:d014:58f:6201::64 | 16509 (AMAZON-02) (AMAZON-02) | |
| 11 | 1 |
11
2a05:d014:58f:6201::64
(Frankfurt am Main, Germany)
ASN16509 (AMAZON-02, US)
ASN16509 (AMAZON-02, US)
| flourishing-lamington-a5926f.netlify.app |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 11 |
netlify.app
flourishing-lamington-a5926f.netlify.app |
2 MB |
| 11 | 1 |
| Domain | Requested by | |
|---|---|---|
| 11 | flourishing-lamington-a5926f.netlify.app |
flourishing-lamington-a5926f.netlify.app
|
| 11 | 1 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.netlify.app DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2024-01-15 - 2025-02-14 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://flourishing-lamington-a5926f.netlify.app/appeal_case_id/
Frame ID: 41082FBD70D4E1F79917B480DB90906B
Requests: 11 HTTP requests in this frame
Screenshot
Page Title
Business Confidentiality Division - Appeal OpportunityDetected technologies
Netlify
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- ^https?://[^/]+\.netlify\.(?:com|app)/
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
11 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
flourishing-lamington-a5926f.netlify.app/appeal_case_id/ |
3 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
index.css
flourishing-lamington-a5926f.netlify.app/appeal_case_id/assets/ |
17 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.js
flourishing-lamington-a5926f.netlify.app/appeal_case_id/assets/ |
87 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
brand3.png
flourishing-lamington-a5926f.netlify.app/appeal_case_id/images/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
search.png
flourishing-lamington-a5926f.netlify.app/appeal_case_id/images/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
security1.png
flourishing-lamington-a5926f.netlify.app/appeal_case_id/images/ |
79 KB 79 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
question.png
flourishing-lamington-a5926f.netlify.app/appeal_case_id/images/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
warning.png
flourishing-lamington-a5926f.netlify.app/appeal_case_id/images/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
loading2.gif
flourishing-lamington-a5926f.netlify.app/appeal_case_id/images/ |
2 MB 2 MB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
index.js
flourishing-lamington-a5926f.netlify.app/appeal_case_id/assets/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
logo.png
flourishing-lamington-a5926f.netlify.app/appeal_case_id/images/ |
35 KB 35 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery function| _0x225b function| _0x3f6d0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Strict-Transport-Security | max-age=31536000; includeSubDomains; preload |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
flourishing-lamington-a5926f.netlify.app
2a05:d014:58f:6201::64
067dc8da4c5916fcece6656b30f657f67a1299eb91836e25697608965d173094
0b72d47e66b0b03ae2a525ab8119e03f07b106da0e57d84a00ca9c21e2642274
279da22d9a99f04453330efae04ae7ce5d6e62155ebbd17b7dd6b1f77b1bd721
31b0b88490707c4acb5f0ec7eacd5ff06b9678c93c6b0cd9304f513cf2e862f0
62ebfab29cdf3c417eb48e9c429133d6c4d1b8ddb27fc14820a57b9d5a617ae8
768441fb3a2b196d8113a12db4aeac58c4e763299aa371f05283196ada05bb58
9a2723c21fb1b7dff0e2aa5dc6be24a9670220a17ae21f70fdbc602d1f8acd38
c0f33f67a05689a1b6bb36aa994f99db4c7f868b7b4b12db6612f26bb05e0e70
c7e5ea7d9c5f30e16f90ea4be00f0873dcdf10fb3e3cdab191cde3bfedc0e412
d1bc3d11773d22149bde06f4d50bd2a5f576209846da4990b29fa8daf7d93f51
f035c32ff6053d03cc5e2d26f48b75ac277743926c908eb2d078569bca79f580