freedlsney.plus
Open in
urlscan Pro
2606:4700:3034::6815:564a
Malicious Activity!
Public Scan
Submission: On October 13 via api from US — Scanned from US
Summary
TLS certificate: Issued by GTS CA 1P5 on September 27th 2022. Valid for: 3 months.
This is the only time freedlsney.plus was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Scam (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
18 | 2606:4700:303... 2606:4700:3034::6815:564a | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2600:9000:24f... 2600:9000:24f0:7e00:0:a5b4:dd80:21 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2606:4700::68... 2606:4700::6810:5714 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
5 | 2600:9000:212... 2600:9000:2120:3000:12:a4d0:1300:21 | 16509 (AMAZON-02) (AMAZON-02) | |
25 | 4 |
ASN16509 (AMAZON-02, US)
db81lfl43r06.cloudfront.net |
ASN16509 (AMAZON-02, US)
d35kbxc0t24sp8.cloudfront.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
freedlsney.plus
freedlsney.plus |
235 KB |
6 |
cloudfront.net
db81lfl43r06.cloudfront.net d35kbxc0t24sp8.cloudfront.net |
30 KB |
1 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 394 |
4 KB |
25 | 3 |
Domain | Requested by | |
---|---|---|
18 | freedlsney.plus |
freedlsney.plus
|
5 | d35kbxc0t24sp8.cloudfront.net |
db81lfl43r06.cloudfront.net
|
1 | cdn.jsdelivr.net |
freedlsney.plus
|
1 | db81lfl43r06.cloudfront.net |
freedlsney.plus
|
25 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.freedlsney.plus GTS CA 1P5 |
2022-09-27 - 2022-12-26 |
3 months | crt.sh |
*.cloudfront.net Amazon |
2022-02-01 - 2023-01-31 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-06-02 - 2023-06-01 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://freedlsney.plus/
Frame ID: 03AE3BB7F706DAF15686F3AD2906A3FE
Requests: 25 HTTP requests in this frame
Screenshot
Page Title
Free Disney Plus | Disney Plus Account Generator OnlineDetected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
animate.css (Web Frameworks) Expand
Detected patterns
- <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jsDelivr (CDN) Expand
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
25 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
freedlsney.plus/ |
27 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
freedlsney.plus/css/ |
152 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
animate.css
freedlsney.plus/css/ |
77 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
flag-icon.min.css
freedlsney.plus/css/ |
34 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.css
freedlsney.plus/css/ |
2 KB 988 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
f08324c.js
db81lfl43r06.cloudfront.net/ |
23 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo.png
freedlsney.plus/ |
28 KB 28 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
D.svg
freedlsney.plus/ |
3 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
P.svg
freedlsney.plus/ |
3 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
M.svg
freedlsney.plus/ |
822 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
S.svg
freedlsney.plus/ |
3 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
N.svg
freedlsney.plus/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery-3.4.1.min.js
freedlsney.plus/js/ |
86 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
popper.min.js
freedlsney.plus/js/ |
21 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bootstrap.min.js
freedlsney.plus/js/ |
57 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
typed.js@2.0.11
cdn.jsdelivr.net/npm/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
main.js
freedlsney.plus/js/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
html.1082067.d7567.0.js
d35kbxc0t24sp8.cloudfront.net/public/external/v2/ |
14 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css_front.css
d35kbxc0t24sp8.cloudfront.net/public/external/ |
6 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bg.jpg
freedlsney.plus/ |
81 KB 81 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
AvenirLTStd-Book.woff2
freedlsney.plus/css/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
AvenirLTStd-Medium.woff2
freedlsney.plus/css/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css.css
d35kbxc0t24sp8.cloudfront.net/public/clockers/PrimeApps/ |
1010 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
guid
d35kbxc0t24sp8.cloudfront.net/public/ |
0 277 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
check.php
d35kbxc0t24sp8.cloudfront.net/public/external/ |
78 B 371 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Scam (Online)38 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| CPABUILDSETTINGS object| CPABUILDContentLocker number| __cfRLUnblockHandlers function| CPBContentLocker function| CPABuildLock function| CPABuildGetFeedURL function| CPABuildGetIframeURL function| CPABuildGetIframeHTML function| CPABuildUnlock function| CPABuildOfferComplete function| CPABuildOffersComplete function| CPABuildCheckForLead function| og_load function| CPABuildComplete function| call_locker function| $ function| jQuery function| Popper object| bootstrap function| Typed undefined| EMAIL undefined| MONTHS undefined| PASS function| C1 function| NO function| FINNO function| YES function| FINYES1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
freedlsney.plus/ | Name: _cpguid Value: dj791gx08 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.jsdelivr.net
d35kbxc0t24sp8.cloudfront.net
db81lfl43r06.cloudfront.net
freedlsney.plus
2600:9000:2120:3000:12:a4d0:1300:21
2600:9000:24f0:7e00:0:a5b4:dd80:21
2606:4700:3034::6815:564a
2606:4700::6810:5714
0751374ed51a1a4dc0dbfa14df6939125a9581cf7ef1e2bbc0c769be7df73ce7
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
092faa9c21b66f36c0f9eb4f13bac684606cf97f6af3cef7e74fc9dd4df6579c
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
22f483d0ccbd46d45654c550a12aa7ee57fa098ed55f2ba8a083bfaac6ce9b9f
321fac22cd6da17414b547c87eb67e409a7b542d74cf234f7ef06254a7a996d2
49123b1fc20416f345e32e0ab4acf67aa6c4c0ebf57f2e8871c4ce6ea17008e8
49b8cd37d709cd17dda686bcd9ba97282e6e320fa8a9b5af540ccf96e6c274d7
5e4340df75874485b1a1d524295276c381020a94acfa0d5c576c92035a6e8997
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
6fafc938e69b0cdead8cbb191907aa8d231d8c05312c83f9a015180befaf48f8
7566e82d52c1de05fe02e4fdf91421c7b9bd52f1e74548550ea661cf13ca7ccd
7849827196e5b7836578aacdcec009ea1e04f4e0266a581b8774d3d2676864b1
80b52566f7915f1ce49a4a8f67cf9dfecd57fd834b46c5e7c821460072df7f79
8e5a731a839dd449916abe51459d578f672c00d9ccfac2aaa5ce188e7fb97252
9a34348cc2007220ee03016ab1a0a6b6499e8ec1a0b820aaa15452261862ea6f
9ad8f8379c706e4559ad3325e8da03f5aa7abb9268b890c817de0a99ad603844
9ef4a63fc5e0a14a7301d693d65d6acfc44cdf14853c4a20890198f2d5e52e3b
a7081a117335212b9e7f2e348f7369a64423d51db1666310b3451e7375f0b7de
a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec
ab076af16987e1f62d17a552ccf4631c85348b30b8784c6ae09ac59d26790d7d
b59df715b6900905d7b1e988a39dd55e108377d03be014b68938ce71964162e6
df6ded79a4e028d51a4f3f960f23d2e7eed18cf8226b732316fe034bfb843ea5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855