sesib8951605.krisna-cloud.com
Open in
urlscan Pro
2606:4700:3037::6815:3f30
Malicious Activity!
Public Scan
Effective URL: http://sesib8951605.krisna-cloud.com/vhsfhqpdhdsih6/
Submission: On August 07 via api from US — Scanned from US
Summary
This is the only time sesib8951605.krisna-cloud.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2606:4700:303... 2606:4700:3036::ac43:a9f1 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
4 | 2606:4700:303... 2606:4700:3037::6815:3f30 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a04:4e42:400... 2a04:4e42:400::485 | 54113 (FASTLY) (FASTLY) | |
1 | 2606:4700::68... 2606:4700::6812:1634 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
5 | 2606:4700:e2:... 2606:4700:e2::ac40:8107 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
11 | 4 |
ASN13335 (CLOUDFLARENET, US)
sesib8951605.krisna-cloud.com |
ASN13335 (CLOUDFLARENET, US)
sesib8951605.krisna-cloud.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 1923 ka-f.fontawesome.com — Cisco Umbrella Rank: 4423 |
181 KB |
5 |
krisna-cloud.com
1 redirects
sesib8951605.krisna-cloud.com |
77 KB |
1 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 369 |
25 KB |
11 | 3 |
Domain | Requested by | |
---|---|---|
5 | ka-f.fontawesome.com |
kit.fontawesome.com
sesib8951605.krisna-cloud.com |
5 | sesib8951605.krisna-cloud.com |
1 redirects
sesib8951605.krisna-cloud.com
|
1 | kit.fontawesome.com |
sesib8951605.krisna-cloud.com
|
1 | cdn.jsdelivr.net |
sesib8951605.krisna-cloud.com
|
11 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4 |
2022-12-23 - 2024-01-24 |
a year | crt.sh |
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-11-22 - 2023-12-23 |
a year | crt.sh |
ka-f.fontawesome.com GTS CA 1P5 |
2023-07-13 - 2023-10-11 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
http://sesib8951605.krisna-cloud.com/vhsfhqpdhdsih6/
Frame ID: 34C9BA3C978B3B0B3AD1BE7C4EBF000A
Requests: 11 HTTP requests in this frame
Screenshot
Page Title
Masuk | Masuk FacebookPage URL History Show full URLs
-
https://sesib8951605.krisna-cloud.com/vhsfhqpdhdsih6
HTTP 301
http://sesib8951605.krisna-cloud.com/vhsfhqpdhdsih6/ Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- kit\.fontawesome\.com/([0-9a-z]+).js
jsDelivr (CDN) Expand
Detected patterns
- <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
- //cdn\.jsdelivr\.net/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://sesib8951605.krisna-cloud.com/vhsfhqpdhdsih6
HTTP 301
http://sesib8951605.krisna-cloud.com/vhsfhqpdhdsih6/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
sesib8951605.krisna-cloud.com/vhsfhqpdhdsih6/ Redirect Chain
|
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/ |
152 KB 25 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fathz.css
sesib8951605.krisna-cloud.com/vhsfhqpdhdsih6/assets/ |
8 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logofb4.jpg
sesib8951605.krisna-cloud.com/vhsfhqpdhdsih6/assets/img/ |
37 KB 37 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fbsesi.jpg
sesib8951605.krisna-cloud.com/vhsfhqpdhdsih6/assets/img/ |
35 KB 36 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
08380760ee.js
kit.fontawesome.com/ |
11 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
free.min.css
ka-f.fontawesome.com/releases/v6.4.2/css/ |
100 KB 23 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
free-v4-shims.min.css
ka-f.fontawesome.com/releases/v6.4.2/css/ |
27 KB 5 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
free-v5-font-face.min.css
ka-f.fontawesome.com/releases/v6.4.2/css/ |
823 B 726 B |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v6.4.2/css/ |
2 KB 1 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v6.4.2/webfonts/ |
147 KB 147 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| FontAwesomeKitConfig0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.jsdelivr.net
ka-f.fontawesome.com
kit.fontawesome.com
sesib8951605.krisna-cloud.com
2606:4700:3036::ac43:a9f1
2606:4700:3037::6815:3f30
2606:4700::6812:1634
2606:4700:e2::ac40:8107
2a04:4e42:400::485
0c7cda6a003bf7152e41c46ddde71082add49a60775d42181142924a822d385c
0e81443469aa4b967191ce19b7474eb223746a2b8d5dc42d3786da84d99dfad9
236e285339a2a692e9491d356489cdf83513cfb1add049a0620123d644e47554
551ff4c8d45f936d4ca93e260436a484ac5419368427ee7cb07a6e87d3b069a6
57873a75629cc860c5861cbf8a6a0501eb596ab375f1dbc4257cfe901c5dfe5d
5e0821588462d15b0ff8e911760fc041332c162e2e30ab4b1071bcc8eb6c8223
6c58c4804370b9c347d517491c450416ca371fb1403aceaa1d6f751403b07c48
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
8474304468ae321be76c829655cd11cd7a21a6310e85427e49b9b11ddd7e15bd
a7cdebf75278e8cb851695315148fcab6e0d16215deb7c32aac72ad0e5fed635
d3e9a900f61c6811de529e4227226b898ce88b65a66347d0088a2da3af5e60b5