vacuum-cleanerr.netlify.app
Open in
urlscan Pro
2a05:d014:58f:6202::64
Malicious Activity!
Public Scan
URL:
https://vacuum-cleanerr.netlify.app/form-4898827331
Submission: On March 08 via automatic, source phishtank — Scanned from DE
Submission: On March 08 via automatic, source phishtank — Scanned from DE
Summary
This website contacted 1 IPs
in 1 countries
across 1 domains to perform 7 HTTP transactions.
The main IP is 2a05:d014:58f:6202::64, located in
Frankfurt am Main, Germany and
belongs to AMAZON-02, US.
The main domain is vacuum-cleanerr.netlify.app.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on January 15th 2024. Valid for: a year.
This is the only time vacuum-cleanerr.netlify.app was scanned on urlscan.io!
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on January 15th 2024. Valid for: a year.
This is the only time vacuum-cleanerr.netlify.app was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 7 | 2a05:d014:58f... 2a05:d014:58f:6202::64 | 16509 (AMAZON-02) (AMAZON-02) | |
| 7 | 1 |
7
2a05:d014:58f:6202::64
(Frankfurt am Main, Germany)
ASN16509 (AMAZON-02, US)
ASN16509 (AMAZON-02, US)
| vacuum-cleanerr.netlify.app |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 7 |
netlify.app
vacuum-cleanerr.netlify.app |
400 KB |
| 7 | 1 |
| Domain | Requested by | |
|---|---|---|
| 7 | vacuum-cleanerr.netlify.app |
vacuum-cleanerr.netlify.app
|
| 7 | 1 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.netlify.app DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2024-01-15 - 2025-02-14 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://vacuum-cleanerr.netlify.app/form-4898827331
Frame ID: 92FA9BCCA26D5634EC3DDF1221FFE77D
Requests: 7 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
7 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
form-4898827331
vacuum-cleanerr.netlify.app/ |
1 KB 712 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
main.5117906a.js
vacuum-cleanerr.netlify.app/static/js/ |
184 KB 55 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
main.19e6c013.css
vacuum-cleanerr.netlify.app/static/css/ |
2 KB 784 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
meta.png
vacuum-cleanerr.netlify.app/resources/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
banner.jpg
vacuum-cleanerr.netlify.app/resources/ |
334 KB 335 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tick.png
vacuum-cleanerr.netlify.app/resources/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cardname.png
vacuum-cleanerr.netlify.app/resources/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| webpackChunkmy_app0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Strict-Transport-Security | max-age=31536000; includeSubDomains; preload |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
vacuum-cleanerr.netlify.app
2a05:d014:58f:6202::64
060f92ecfabf77bebecffd54d843a0563d1c8a9a6c4b9d806c44e72ee1d3c993
1bf32eebc96d971f46d8e5dc0941375b98ece6c2c3e9138502ed4f9d82882d9e
31fd1495478b5fe6c429f12e1f2c9a3d9b3df34127c4d4a02021cfd6e2d003de
3a5cebb6a9879af93a1a01cdf7d1bb3c9a5d47bc83e73422cc207388f0724f1d
3c1735510562dad6097bc3768ae57f5c06567bb4a98421c4ac39928f12d74f15
f85ae19942302afb33ddc15deb32e501c38ae71a83645fbdf96321b1443d4c55
ff07adf92416d61fe8408504940902fac913581b92a9947652c2f8d2db819f2b