54516274506455227425.us-south.cf.appdomain.cloud
Open in
urlscan Pro
169.62.254.82
Malicious Activity!
Public Scan
Submission: On July 17 via api from TW
Summary
This is the only time 54516274506455227425.us-south.cf.appdomain.cloud was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: WeTransfer (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
28 | 169.62.254.82 169.62.254.82 | 36351 (SOFTLAYER) (SOFTLAYER) | |
28 | 2 |
ASN36351 (SOFTLAYER, US)
54516274506455227425.us-south.cf.appdomain.cloud |
Apex Domain Subdomains |
Transfer | |
---|---|---|
28 |
appdomain.cloud
54516274506455227425.us-south.cf.appdomain.cloud |
199 KB |
28 | 1 |
Domain | Requested by | |
---|---|---|
28 | 54516274506455227425.us-south.cf.appdomain.cloud |
54516274506455227425.us-south.cf.appdomain.cloud
|
28 | 1 |
This site contains links to these domains. Also see Links.
Domain |
---|
wetransfer.zendesk.com |
wetransfer.com |
Subject Issuer | Validity | Valid |
---|
This page contains 4 frames:
Primary Page:
http://54516274506455227425.us-south.cf.appdomain.cloud/
Frame ID: 75BA6F263C299117DCAF2056145041E1
Requests: 3 HTTP requests in this frame
Frame:
http://54516274506455227425.us-south.cf.appdomain.cloud/WeTransfer_files/a.html
Frame ID: 518AE9386D6EEC3792643ED0375D85AD
Requests: 3 HTTP requests in this frame
Frame:
http://54516274506455227425.us-south.cf.appdomain.cloud/WeTransfer_files/a_data/index.html
Frame ID: 666D3ECDD38369C1DC17850EB995DA51
Requests: 14 HTTP requests in this frame
Frame:
http://54516274506455227425.us-south.cf.appdomain.cloud/WeTransfer_files/a_data/index_002.html
Frame ID: 4766F033694ED05832C8B03E59D224C7
Requests: 10 HTTP requests in this frame
7 Outgoing links
These are links going to different origins than the main page.
Title: help center
Search URL Search Domain Scan URL
Title: Help
Search URL Search Domain Scan URL
Title: About
Search URL Search Domain Scan URL
Title: Products
Search URL Search Domain Scan URL
Title: Plus
Search URL Search Domain Scan URL
Title: Advertise
Search URL Search Domain Scan URL
Title: Got Plus?
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
28 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
54516274506455227425.us-south.cf.appdomain.cloud/ |
37 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
application-aeb3139da0ad006d6fe071bc054e9c000c8edad0fc4dbc17.css
54516274506455227425.us-south.cf.appdomain.cloud/WeTransfer_files/ |
392 KB 49 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
a.html
54516274506455227425.us-south.cf.appdomain.cloud/WeTransfer_files/ Frame 518A |
1 KB 907 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.png
54516274506455227425.us-south.cf.appdomain.cloud/WeTransfer_files/ |
125 KB 126 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ri.gif
54516274506455227425.us-south.cf.appdomain.cloud/WeTransfer_files/a_data/ Frame 518A |
43 B 355 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
B20062813.gif
54516274506455227425.us-south.cf.appdomain.cloud/WeTransfer_files/a_data/ Frame 518A |
42 B 354 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.html
54516274506455227425.us-south.cf.appdomain.cloud/WeTransfer_files/a_data/ Frame 666D |
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index_002.html
54516274506455227425.us-south.cf.appdomain.cloud/WeTransfer_files/a_data/ Frame 4766 |
9 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wallpaper-toolbox-2.css
54516274506455227425.us-south.cf.appdomain.cloud/WeTransfer_files/a_data/index_data_002/ Frame 4766 |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wallpaper-api-2.js
54516274506455227425.us-south.cf.appdomain.cloud/WeTransfer_files/a_data/index_data_002/ Frame 4766 |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wallpaper-toolbox-2.js
54516274506455227425.us-south.cf.appdomain.cloud/WeTransfer_files/a_data/index_data_002/ Frame 4766 |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vivus.js
54516274506455227425.us-south.cf.appdomain.cloud/WeTransfer_files/a_data/index_data_002/ Frame 4766 |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wallpaper-toolbox-2.css
54516274506455227425.us-south.cf.appdomain.cloud/WeTransfer_files/a_data/index_data/ Frame 666D |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_white.svg
54516274506455227425.us-south.cf.appdomain.cloud/WeTransfer_files/a_data/index_data/ Frame 666D |
4 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dom4.js
54516274506455227425.us-south.cf.appdomain.cloud/WeTransfer_files/a_data/index_data/ Frame 666D |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
anime.js
54516274506455227425.us-south.cf.appdomain.cloud/WeTransfer_files/a_data/index_data/ Frame 666D |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wallpaper-api-2.html
54516274506455227425.us-south.cf.appdomain.cloud/WeTransfer_files/a_data/index_data/ Frame 666D |
315 B 603 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wallpaper-toolbox-2.html
54516274506455227425.us-south.cf.appdomain.cloud/WeTransfer_files/a_data/index_data/ Frame 666D |
315 B 603 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
video-04.mp4
54516274506455227425.us-south.cf.appdomain.cloud/WeTransfer_files/a_data/index_data/ Frame 666D |
12 KB 0 |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
video-04.mp4
54516274506455227425.us-south.cf.appdomain.cloud/WeTransfer_files/a_data/index_data/ Frame 666D |
12 KB 0 |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
video-04.mp4
54516274506455227425.us-south.cf.appdomain.cloud/WeTransfer_files/a_data/index_data/ Frame 666D |
25 KB 0 |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
video-04.mp4
54516274506455227425.us-south.cf.appdomain.cloud/WeTransfer_files/a_data/index_data/ Frame 666D |
1 MB 0 |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wallpaper-toolbox-2.js
54516274506455227425.us-south.cf.appdomain.cloud/WeTransfer_files/a_data/index_data_002/ Frame 4766 |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Grouch-wt.woff
54516274506455227425.us-south.cf.appdomain.cloud/WeTransfer_files/a_data/assets/fonts/ Frame 4766 |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
FaktProWeb-Blond.woff
54516274506455227425.us-south.cf.appdomain.cloud/WeTransfer_files/a_data/assets/fonts/ Frame 4766 |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
faktsemi.woff
54516274506455227425.us-south.cf.appdomain.cloud/WeTransfer_files/a_data/assets/fonts/ Frame 4766 |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 666D |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 666D |
715 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
anime.js
54516274506455227425.us-south.cf.appdomain.cloud/WeTransfer_files/a_data/index_data/ Frame 666D |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vivus.js
54516274506455227425.us-south.cf.appdomain.cloud/WeTransfer_files/a_data/index_data_002/ Frame 4766 |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: WeTransfer (Online)14 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| validate object| locate string| text function| delineate function| make_blankp1 string| res string| zork1 number| theleft number| theright object| Wallpapers string| message function| clickIE function| clickNS function| disableCtrlKeyCombination0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
54516274506455227425.us-south.cf.appdomain.cloud
169.62.254.82
2747ed9ecfb6d9bfd026b0d37469496d5714ca40cbbbe99903e0d0143a798cab
2c5968a107e4fdbb9a3ae3d67c10780c8a644e8d4d1e73dacc32ec78b5712038
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
87ec6519d182f93c3cc31bcdee4208595e6a8a04abac5b5246f39a2003f3ecf5
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
b46280763840ce40838e0bd3ca13af182a55b13ec516da2ec1b26397f9372635
b76f520e05ec3a7c3d0cb20d72cdf595b259d1a2ebd365cf9f07f6fb174c2c67
baac93855451e14898a6b5aaf78da07ffa9b61bb4d75c3a5353b18bb6660eab5
cb03f92c07b692ce08005daa5f69a374b6bc2f65e0f5bde64aa1e18499b6e8f9
ce643684b97976555a436b01c6a4a7532fbb8acfe685da47f078e5073b9e51a3
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629