dlsabled-119446211041559.teams-bussiness.me
Open in
urlscan Pro
2606:4700:3033::ac43:a013
Malicious Activity!
Public Scan
Submission: On April 23 via api from US — Scanned from DE
Summary
TLS certificate: Issued by GTS CA 1P5 on April 21st 2024. Valid for: 3 months.
This is the only time dlsabled-119446211041559.teams-bussiness.me was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 2606:4700:303... 2606:4700:3033::ac43:a013 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
13 | 172.67.160.19 172.67.160.19 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
14 | 2 |
ASN13335 (CLOUDFLARENET, US)
dlsabled-119446211041559.teams-bussiness.me |
ASN13335 (CLOUDFLARENET, US)
dlsabled-119446211041559.teams-bussiness.me |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
teams-bussiness.me
dlsabled-119446211041559.teams-bussiness.me |
153 KB |
14 | 1 |
Domain | Requested by | |
---|---|---|
14 | dlsabled-119446211041559.teams-bussiness.me |
dlsabled-119446211041559.teams-bussiness.me
|
14 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
teams-bussiness.me GTS CA 1P5 |
2024-04-21 - 2024-07-20 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://dlsabled-119446211041559.teams-bussiness.me/business
Frame ID: 23AD634751EFDD3385711D740A5E4298
Requests: 14 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
14 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
business
dlsabled-119446211041559.teams-bussiness.me/ |
14 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
b96c38e444b353b8.css
dlsabled-119446211041559.teams-bussiness.me/_next/static/css/ |
18 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
887639dc0dba1ae8.css
dlsabled-119446211041559.teams-bussiness.me/_next/static/css/ |
3 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
webpack-63bc81f4fed73929.js
dlsabled-119446211041559.teams-bussiness.me/_next/static/chunks/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fd9d1056-3d093716a6f9cc42.js
dlsabled-119446211041559.teams-bussiness.me/_next/static/chunks/ |
159 KB 50 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
864-181a121f5627c47a.js
dlsabled-119446211041559.teams-bussiness.me/_next/static/chunks/ |
101 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
main-app-d37764a0d4c9aeed.js
dlsabled-119446211041559.teams-bussiness.me/_next/static/chunks/ |
463 B 718 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
iimNZRgnLNy.png
dlsabled-119446211041559.teams-bussiness.me/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
EKmTgx6kXf-.png
dlsabled-119446211041559.teams-bussiness.me/ |
177 B 670 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
O7nelmd9XSI.png
dlsabled-119446211041559.teams-bussiness.me/ |
95 B 583 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
not-found-d180d63cfbd750c8.js
dlsabled-119446211041559.teams-bussiness.me/_next/static/chunks/app/ |
456 B 807 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
192-3686bb6e82daae53.js
dlsabled-119446211041559.teams-bussiness.me/_next/static/chunks/ |
143 KB 49 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
page-6bf960e981e4611c.js
dlsabled-119446211041559.teams-bussiness.me/_next/static/chunks/app/business/ |
15 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
dlsabled-119446211041559.teams-bussiness.me/ |
4 KB 2 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| __next_f object| webpackChunk_N_E object| next function| __next_require__ function| __next_chunk_load__ undefined| _N_E0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
dlsabled-119446211041559.teams-bussiness.me
172.67.160.19
2606:4700:3033::ac43:a013
0e72344d8578f235f4f724a6bce29f1589ed9efc7a0e55a646aa85b6821cda89
3da5b1050a863720c6002929598987bc166bb1e9851011e18b85912077ceba9f
472639a8d846c67ef23d2b1f8c1695346f22645fb280e75d2408cd425a1edf7f
7a0e57b12cc123a38e7cb607329254f03e4dcebb257634e3869b1b9f74a3fe02
89676a3fb8639d6531c525e5800ff4cc44d06d27ff5607922d27e390eb5b6e62
959c2f12fdd6a9d4035f842a2d355c566c4598b321414b4e098b4a0381429aae
aa6371ce5df554539b1cfcfc0bc783157e0c29ce7359431061afc778c287c145
c0f9968d0fa5f4deff86babccd6df52306138314607a6f3f0acd2e7afc783d1c
c515a77b0c197400903568a17aa340582f900f5a4069ab3bd22faaaa80fe0432
c597d71648062fa8777001c7d10bcd62c367d5cc641a4762560f01be4a915c1e
cb2f0bf05b317662a85588a1b889e99ef0847be9fa3a973ec6f89e3baaf6ff8e
d50af4ba80ae61443f7a755a1708c72d3481fac957c7838024b48a70788c85c6
e2dc4597d74833f85fdaebee448bff0a3b0165552984c8fe46f9b6d772829962
f684a7a74ac1bcaea39d733da7dac6cc6f58c30e0eef987803ce461e2e620070