raspberry14802169.brizy.site
Open in
urlscan Pro
34.237.47.210
Malicious Activity!
Public Scan
Effective URL: https://raspberry14802169.brizy.site/
Submission: On December 11 via automatic, source openphish — Scanned from DE
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on April 1st 2022. Valid for: a year.
This is the only time raspberry14802169.brizy.site was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 2 | 34.237.47.210 34.237.47.210 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 2400:52e0:1e0... 2400:52e0:1e00::865:1 | 200325 (BUNNYCDN) (BUNNYCDN) | |
3 | 2400:52e0:1e0... 2400:52e0:1e00::1055:1 | 200325 (BUNNYCDN) (BUNNYCDN) | |
1 3 | 142.93.150.145 142.93.150.145 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
1 2 | 2606:4700:10:... 2606:4700:10::6816:4aab | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
8 | 6 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-47-210.compute-1.amazonaws.com
raspberry14802169.brizy.site |
ASN13335 (CLOUDFLARENET, US)
whos.amung.us | |
widgets.amung.us |
Apex Domain Subdomains |
Transfer | |
---|---|---|
3 |
newssites09.com
1 redirects
newssites09.com |
502 KB |
3 |
b-cdn.net
b-cloud.b-cdn.net — Cisco Umbrella Rank: 319854 |
156 KB |
2 |
amung.us
1 redirects
whos.amung.us — Cisco Umbrella Rank: 15781 widgets.amung.us — Cisco Umbrella Rank: 23530 |
2 KB |
2 |
brizy.site
1 redirects
raspberry14802169.brizy.site |
2 KB |
1 |
bunny.net
fonts.bunny.net — Cisco Umbrella Rank: 15654 |
2 KB |
8 | 5 |
Domain | Requested by | |
---|---|---|
3 | newssites09.com |
1 redirects
raspberry14802169.brizy.site
|
3 | b-cloud.b-cdn.net |
raspberry14802169.brizy.site
|
2 | raspberry14802169.brizy.site | 1 redirects |
1 | widgets.amung.us | |
1 | whos.amung.us | 1 redirects |
1 | fonts.bunny.net |
raspberry14802169.brizy.site
|
8 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.brizy.site Sectigo RSA Domain Validation Secure Server CA |
2022-04-01 - 2023-05-02 |
a year | crt.sh |
fonts.bunny.net R3 |
2022-10-28 - 2023-01-26 |
3 months | crt.sh |
*.b-cdn.net Sectigo RSA Domain Validation Secure Server CA |
2022-11-07 - 2023-11-11 |
a year | crt.sh |
newssites09.com R3 |
2022-12-07 - 2023-03-07 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://raspberry14802169.brizy.site/
Frame ID: 061F13F43D8798208C365C427D6DAA74
Requests: 10 HTTP requests in this frame
Screenshot
Page Title
Log into Facebook | FacebookPage URL History Show full URLs
-
http://raspberry14802169.brizy.site/
HTTP 301
https://raspberry14802169.brizy.site/ Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://raspberry14802169.brizy.site/
HTTP 301
https://raspberry14802169.brizy.site/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 5- https://newssites09.com/location HTTP 301
- https://newssites09.com/location/
- https://whos.amung.us/widget/aury1991 HTTP 307
- https://widgets.amung.us/classic/00/56.png
8 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
raspberry14802169.brizy.site/ Redirect Chain
|
8 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.bunny.net/ |
44 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
preview.css
b-cloud.b-cdn.net/builds/free/250-cloud/editor/css/ |
271 KB 37 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
newssites09.com/ |
716 KB 501 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
group-jq.js
b-cloud.b-cdn.net/builds/free/250-cloud/editor/js/ |
98 KB 37 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
preview.js
b-cloud.b-cdn.net/builds/free/250-cloud/editor/js/ |
244 KB 81 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
newssites09.com/location/ Redirect Chain
|
1 KB 668 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
56.png
widgets.amung.us/classic/00/ Redirect Chain
|
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
51 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)18 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontentvisibilityautostatechange function| jQuery object| BrizyLibs function| brzPopup object| Brz boolean| IS_MOBILE number| limit_bot string| object string| type string| OUTPUT object| ___ object| params number| tt undefined| to_object string| a function| checking function| creatingInput function| searchingForms0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
b-cloud.b-cdn.net
fonts.bunny.net
newssites09.com
raspberry14802169.brizy.site
whos.amung.us
widgets.amung.us
142.93.150.145
2400:52e0:1e00::1055:1
2400:52e0:1e00::865:1
2606:4700:10::6816:4aab
34.237.47.210
07af47027feb44cea461f153304c15c005bb91fc43033e380fd5473cd996f8ad
0e5ac9cd01d9d801dd8d9e1bcb7154a9af03cafcbb9d022e72b8841c4d9ae2ba
1230532f79456753fb73f559ece9b95c17cfb36325dc313a3eda5ac22dfd9a2b
13a40abb1652971b9dfd83b44d83d1d22284fc0e92ecc9d1be30c757179584f7
3c9fca9d8566ea2f7fd75073bb55438429144c9c0836b093e9ea932d11c9c7a6
7281941fed81ed9caf5728727e05da4a94b442c36796e1a5b1d6106f242ed11f
a6b7cf6b12d3dda3265b40d8106389ca02209846aa5ba44afb23478870407597
ad896313b504c4c70397664e5894379c052d248d1cb384a7772230b9429dff0f
c0124680377030216680cbbfa9d94c935426e26d4e4e78dbb43d900742f51272
f400973ecf3e718d371e5ab591f93a78b845361d1ffa16b7981558a4ab27e8d2