pub-000jou5jtu095505.pages.dev Open in urlscan Pro
2a06:98c1:3121::3 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://pub-000jou5jtu095505.pages.dev/
Submission: On February 16 via automatic, source phishtank (February 16th 2024, 2:49:01 am UTC) — Scanned from NL

Summary HTTP 13 Redirects Links 94 Behaviour Indicators

Summary

This website contacted 5 IPs in 1 countries across 4 domains to perform 13 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is pub-000jou5jtu095505.pages.dev.
TLS certificate: Issued by GTS CA 1P5 on February 15th 2024. Valid for: 3 months.

This is the only time pub-000jou5jtu095505.pages.dev was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Discover (Financial)

Domain & IP information

	IP Address	AS Autonomous System
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	65.9.95.7 65.9.95.7	16509 (AMAZON-02) (AMAZON-02)
2	3.5.11.192 3.5.11.192	14618 (AMAZON-AES) (AMAZON-AES)
1	91.235.132.130 91.235.132.130	30286 (THM) (THM)
13	5

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

pub-000jou5jtu095505.pages.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.95.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-7.prg50.r.cloudfront.net

discoverus.webpush.us2.freshchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.5.11.192 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: s3-1-w.amazonaws.com

fc-use1-99-pics-bkt-00.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.235.132.130 (United States)

ASN30286 (THM, US)
PTR: h.online-metrix.net

h.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	amazonaws.com fc-use1-99-pics-bkt-00.s3.amazonaws.com — Cisco Umbrella Rank: 211298	40 KB
2	freshchat.com discoverus.webpush.us2.freshchat.com — Cisco Umbrella Rank: 229172	33 KB
1	online-metrix.net h.online-metrix.net — Cisco Umbrella Rank: 2748	401 B
1	pages.dev pub-000jou5jtu095505.pages.dev	618 KB
13	4

	Domain	Requested by
2	fc-use1-99-pics-bkt-00.s3.amazonaws.com	srcdoc
2	discoverus.webpush.us2.freshchat.com	srcdoc
1	h.online-metrix.net	srcdoc
1	pub-000jou5jtu095505.pages.dev
13	4

This site contains links to these domains. Also see Links.

Domain
www.discover.com
www.discovercard.com
card.discover.com
investorrelations.discover.com
jobs.discover.com
www.discoverglobalnetwork.com
www.twitter.com
www.facebook.com
www.instagram.com
linkedin.com
info.evidon.com
www.bbb.org
www.fdic.gov

Subject Issuer	Validity	Valid
pub-000jou5jtu095505.pages.dev GTS CA 1P5	`2024-02-15` - `2024-05-15`	3 months	crt.sh
*.us2.freshchat.com Amazon RSA 2048 M03	`2023-11-14` - `2024-12-12`	a year	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-07-03`	9 months	crt.sh
online-metrix.net Viking Cloud Organization Validation CA, Level 1	`2023-10-20` - `2024-10-21`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://pub-000jou5jtu095505.pages.dev/
Frame ID: 48E898B3C6DBCA9F8D683825A452E87F
Requests: 9 HTTP requests in this frame

Frame: https://discoverus.webpush.us2.freshchat.com/fc_logo.png
Frame ID: EC9CBF52FF37C93EDD6A9D8BB014E4A3
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: F70A2AA1583C597156D71F96BE286DDD
Requests: 1 HTTP requests in this frame

Frame: https://fc-use1-99-pics-bkt-00.s3.amazonaws.com/8d7734c02ffae6810bd681f4acd86645991a3869e8154f535f2d166f834de954/f_marketingpicFull/u_26ec3c3b50e331128eddb4c345b9227f3fdca08ab587b2cec271484c5ee5feee/img_1591194745560.png
Frame ID: 5AA145D721A2C8DA90BE172EF9FD58C0
Requests: 3 HTTP requests in this frame

Frame: https://h.online-metrix.net/WHTTt5ayan3RldxH?61ff3224378d2ca4=MCkyiBGzbJ_Ok94JliehpBpF-kgLAaWV43BX32kj2pDxXA_NHuQc0j-f4-ZvoGcxJp1lSzldmg20S2DYy0itIzhBcn3LlkuEmAavTYroeVzKILdSk2qhbC0o1cLjv-G5aXjXNGqSdTWrdaOhCNeeo1GOcIuflrIK-VbsPWjkOfu1C7dVbgh-zIYWes23lHi-GbqHgZU0pnNMki-bfVAOOaEka6qYdQwRzI64XpmLjbPh7LxX&jf=36313626736b6c5f7a6e643d7c6c725d4d5964723a57636b4e653652744d3c59247b696c5f666176673f3937303034303f3a393026736b6c5f7c797065357f65603a6d6b6c7b61267b6b665f6965793533323d393b3033333234323f32613a3436306165336430303831383630383a69383434306b6d3b64303b3233303530333c323238303c6230343430663e31383b3630303564326536646a353f656438383c3067303e303a3a363638613a376765353964663c303b34313232303b6b63643132646b6039353238673d383d393665316c3434373e313b6d3064693531363232393a38676a313d3266663334373a64653231376c3663383732313d636d6262653b3b3335312e7b616c5f7361653f3332343538323039303838343737603b3b6166666666386664633761613e633b623030386c3434383e386a316665396764393264643d38366a383b3763396737313a35663037676c6434303232323c376c363332313f3734613b3b6a303031696460653134626c39363c623f6561643a366630633861613b6d3230613739673f633f3861316c313431323f6d3c6c26736164703d33
Frame ID: 3F458C11B8F34FA15CDA4E6199B49687
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Discover Card: Account Center Log In Error

Page Statistics

13
Requests

46 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

5
IPs

1
Countries

1695 kB
Transfer

3821 kB
Size

0
Cookies

94 Outgoing links

These are links going to different origins than the main page.

URL: https://www.discover.com/?ICMPGN=PUB_HDR_HOME

Search URL Search Domain Scan URL

URL: https://www.discover.com/credit-cards/help-center/?ICMPGN=PUB_HDR_HELP_CC
Title: Card Help Center

Search URL Search Domain Scan URL

URL: https://www.discover.com/credit-cards/resources/?ICMPGN=PUB_HDR_HELP_CRC
Title: Credit Resource Center

Search URL Search Domain Scan URL

URL: https://www.discover.com/online-banking/contact-us/?ICMPGN=PUB_HDR_HELP_BANK
Title: Banking Help Center

Search URL Search Domain Scan URL

URL: https://www.discover.com/home-equity-loans/help-center/?sc=HC492&ICMPGN=PUB_HDR_HELP_HL
Title: Home Loans Help Center

Search URL Search Domain Scan URL

URL: https://www.discover.com/student-loans/help/customer-service.html?acmpgn=O_DIS_CCDR_XS_X_HELP&ICMPGN=HDR_HC_HELP_DSL
Title: Student Loans Help

Search URL Search Domain Scan URL

URL: https://www.discover.com/personal-loans/help/contact-us.html?ICMPGN=PUB_HDR_HELP_DPL
Title: Personal Loans Help

Search URL Search Domain Scan URL

URL: https://www.discover.com/gift-cards/customer-service.shtml?ICMPGN=PUB_HDR_HELP_GIFTCRD
Title: Gift Card Help

Search URL Search Domain Scan URL

URL: https://www.discovercard.com/application/preapproval/initial?ICMPGN=PUB_HDR_CARDS_PREQUAL
Title: See if You're Pre-approved

Search URL Search Domain Scan URL

URL: https://www.discovercard.com/application/website/invite?flavor=it&ICMPGN=PUB_HDR_CARDS_RESPOND_MAIL_OFFER
Title: Respond to a Mail Offer

Search URL Search Domain Scan URL

URL: https://www.discover.com/credit-cards/?ICMPGN=PUB_HDR_CARDS_ALL_CREDIT_CARDS
Title: All Credit Cards

Search URL Search Domain Scan URL

URL: https://www.discover.com/credit-cards/cash-back/?ICMPGN=PUB_HDR_CARDS_CASH_BACK_CC_CAT
Title: Cash Back Credit Cards

Search URL Search Domain Scan URL

URL: https://www.discover.com/credit-cards/cash-back/it-card.html?ICMPGN=PUB_HDR_CARDS_CASH_BACK
Title: Cash Back Card

Search URL Search Domain Scan URL

URL: https://www.discover.com/credit-cards/cash-back/chrome.html?ICMPGN=PUB_HDR_CARDS_GAS_RESTAURANT
Title: Gas & Restaurants Card

Search URL Search Domain Scan URL

URL: https://www.discover.com/credit-cards/cash-back/nhl-card.html?ICMPGN=PUB_HDR_CARDS_NHL
Title: NHL® Card

Search URL Search Domain Scan URL

URL: https://www.discover.com/credit-cards/student/?ICMPGN=PUB_HDR_CARDS_STUD_CC_CAT
Title: Student Credit Cards

Search URL Search Domain Scan URL

URL: https://www.discover.com/credit-cards/student/it-card.html?ICMPGN=PUB_HDR_CARDS_STUD_CASH_BACK
Title: Student Cash Back Card

Search URL Search Domain Scan URL

URL: https://www.discover.com/credit-cards/student/chrome-card.html?ICMPGN=PUB_HDR_CARDS_STUD_GAS_RESTAURANT
Title: Student Gas & Restaurants Card

Search URL Search Domain Scan URL

URL: https://www.discover.com/credit-cards/travel/?ICMPGN=PUB_HDR_CARDS_TRAVEL
Title: Travel Card

Search URL Search Domain Scan URL

URL: https://www.discover.com/credit-cards/secured/?ICMPGN=PUB_HDR_CARDS_CREDIT_BUILDING
Title: Credit Building Card

Search URL Search Domain Scan URL

URL: https://www.discover.com/credit-cards/business/?ICMPGN=PUB_HDR_CARDS_BUSINESS
Title: Business Card

Search URL Search Domain Scan URL

URL: https://www.discover.com/credit-cards/compare/?ICMPGN=PUB_HNAV_CARDS_COMPARE
Title: Discover vs. Competitors

Search URL Search Domain Scan URL

URL: https://www.discover.com/credit-cards/compare/calculator/credit-card-interest-calculator/
Title: Credit Card Interest Calculator

Search URL Search Domain Scan URL

URL: https://www.discover.com/online-banking/?ICMPGN=PUB_HDR_BANK_ALL
Title: Banking

Search URL Search Domain Scan URL

URL: https://www.discover.com/online-banking/checking/?ICMPGN=PUB_HDR_BANK_CHECKING
Title: Checking

Search URL Search Domain Scan URL

URL: https://www.discover.com/online-banking/savings-account/?ICMPGN=PUB_HDR_BANK_SAVINGS
Title: Savings

Search URL Search Domain Scan URL

URL: https://www.discover.com/online-banking/money-market/?ICMPGN=PUB_HDR_BANK_MONMRK
Title: Money Market

Search URL Search Domain Scan URL

URL: https://www.discover.com/online-banking/cd/?ICMPGN=PUB_HDR_BANK_CD
Title: CDs

Search URL Search Domain Scan URL

URL: https://www.discover.com/online-banking/retirement/?ICMPGN=PUB_HDR_BANK_IRART
Title: Retirement Accounts

Search URL Search Domain Scan URL

URL: https://www.discover.com/personal-loans/?ICMPGN=PUB_HDR_LOANS_DPL
Title: Personal Loans

Search URL Search Domain Scan URL

URL: https://www.discover.com/student-loans/?acmpgn=O_DIS_CCDR_XS_X_HDDR&ICMPGN=PUB_HDR_LOANS_DSL
Title: Student Loans

Search URL Search Domain Scan URL

URL: https://www.discover.com/home-equity-loans/?sc=HC490
Title: Home Equity Loans

Search URL Search Domain Scan URL

URL: https://www.discover.com/home-loans/refinance/?sc=HC491
Title: Mortgage Refinance

Search URL Search Domain Scan URL

URL: https://www.discover.com/site-map/?ICMPGN=PUB_HDR_SEEMORE
Title: See MoreProducts

Search URL Search Domain Scan URL

URL: https://www.discover.com/credit-cards/help-center/contact-us/index.html?ICMPGN=PUB_HDR_HELP
Title: Help

Search URL Search Domain Scan URL

URL: https://www.discover.com/?ICMPGN=SA_LOGIN_OVERLAY_HOME

Search URL Search Domain Scan URL

URL: https://www.discover.com/forgot-info/?ICMPGN=SA_LOGIN_OVERLAY_FORGOT
Title: Forgot User ID/Password?

Search URL Search Domain Scan URL

URL: https://card.discover.com/cardmembersvcs/acctxfer/app/Home?ICMPGN=SA_LOGIN_OVERLAY_ACTIVATE
Title: Activate Credit Card

Search URL Search Domain Scan URL

URL: https://www.discover.com/register-account/?ICMPGN=SA_LOGIN_OVERLAY_REGISTER
Title: Register Your Account

Search URL Search Domain Scan URL

URL: https://www.discover.com/credit-cards/?ICMPGN=PUB_FTR_QL_ALL_CREDIT_CARDS
Title: All Credit Cards

Search URL Search Domain Scan URL

URL: https://www.discovercard.com/application/preapproval/initial?ICMPGN=PUB_FTR_QL_PRE_QUALIFIED
Title: See if you're prequalified

Search URL Search Domain Scan URL

URL: https://www.discover.com/credit-cards/credit-cards-for-no-credit/
Title: Credit Cards for No Credit

Search URL Search Domain Scan URL

URL: https://www.discovercard.com/application/website/invite?ICMPGN=ALL_CC_DM_INVITE_ICON&flavor=it&fpp=true&passro=true
Title: Respond to Mail Offer

Search URL Search Domain Scan URL

URL: https://www.discovercard.com/application/self-service/?page=check-status&ICMPGN=PUB_FTR_QL_MODERN_CHECK_STATUS
Title: Check Application Status

Search URL Search Domain Scan URL

URL: https://www.discover.com/credit-cards/cardmember-agreement/?ICMPGN=PUB_FTR_QL_CARD_AGREEMENT
Title: Cardmember Agreement

Search URL Search Domain Scan URL

URL: https://www.discover.com/credit-cards/member-benefits/?ICMPGN=PUB_FTR_QL_MEMBER_BENEFITS
Title: Credit Card Benefits

Search URL Search Domain Scan URL

URL: https://www.discover.com/cash-atm-locator/?ICMPGN=PUB_FTR_QL_ATM_LOCATOR
Title: ATM Locator

Search URL Search Domain Scan URL

URL: https://www.discover.com/credit-cards/cash-back/?ICMPGN=PUB_FTR_CCC_CB_CARD
Title: Cash Back Credit Cards

Search URL Search Domain Scan URL

URL: https://www.discover.com/credit-cards/student-credit-card/?ICMPGN=PUB_FTR_CCC_STUDENT_CARD
Title: Student Credit Cards

Search URL Search Domain Scan URL

URL: https://www.discover.com/credit-cards/secured/?ICMPGN=PUB_FTR_CCC_SECURED_CARD
Title: Secured Credit Card

Search URL Search Domain Scan URL

URL: https://www.discover.com/credit-cards/travel/?ICMPGN=PUB_FTR_CCC_TRAVEL_CARD
Title: Travel Credit Card

Search URL Search Domain Scan URL

URL: https://www.discover.com/credit-cards/no-annual-fee-credit-cards/?ICMPGN=PUB_FTR_CCC_NAF
Title: No Annual Fee Credit Cards

Search URL Search Domain Scan URL

URL: https://www.discover.com/credit-cards/balance-transfer-credit-cards/?ICMPGN=PUB_FTR_CCC_BALANCE_TRANSFER
Title: Balance Transfer Credit Cards

Search URL Search Domain Scan URL

URL: https://www.discover.com/credit-cards/0-percent-intro-apr-credit-cards/
Title: Intro APR Credit Cards

Search URL Search Domain Scan URL

URL: https://www.discover.com/credit-cards/travel/airline-miles-credit-card/?ICMPGN=PUB_FTR_CCC_AIRLINES_CARD
Title: Airline Travel Credit Card

Search URL Search Domain Scan URL

URL: https://www.discover.com/credit-cards/card-smarts/?ICMPGN=PUB_FTR_CRC_CREDIT_RESOURCE_CENTER
Title: Card Smarts

Search URL Search Domain Scan URL

URL: https://www.discover.com/credit-cards/card-smarts/getting-a-credit-card/?ICMPGN=PUB_FTR_CRC_GETTING_CREDIT_CARD
Title: Getting a Credit Card

Search URL Search Domain Scan URL

URL: https://www.discover.com/credit-cards/card-smarts/using-your-credit-card/?ICMPGN=PUB_FTR_CRC_USING_CREDIT_CARD
Title: Using a Credit Card

Search URL Search Domain Scan URL

URL: https://www.discover.com/credit-cards/card-smarts/credit-card-rewards/?ICMPGN=PUB_FTR_CRC_CREDIT_CARD_REWARDS
Title: Credit Card Rewards

Search URL Search Domain Scan URL

URL: https://www.discover.com/credit-cards/calculator/credit-card-interest-calculator/?ICMPGN=PUB_FTR_CRC_INTEREST_CALCULATOR
Title: Credit Card Interest Calculator

Search URL Search Domain Scan URL

URL: https://www.discover.com/credit-cards/contact-us/?ICMPGN=PUB_FTR_ABOUT_US_CONTACT_US
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.discover.com/company/
Title: About Discover

Search URL Search Domain Scan URL

URL: https://www.discover.com/company/esg/
Title: ESG

Search URL Search Domain Scan URL

URL: https://investorrelations.discover.com/investor-relations/overview/default.aspx
Title: Investor Relations

Search URL Search Domain Scan URL

URL: https://www.discover.com/company/newsroom/
Title: Newsroom

Search URL Search Domain Scan URL

URL: https://jobs.discover.com/
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.discoverglobalnetwork.com/our-network/how-we-partner/
Title: Accept Discover

Search URL Search Domain Scan URL

URL: https://www.discover.com/company/dei/home/
Title: Diversity & Inclusion

Search URL Search Domain Scan URL

URL: https://www.twitter.com/discover

Search URL Search Domain Scan URL

URL: https://www.facebook.com/discover

Search URL Search Domain Scan URL

URL: https://www.instagram.com/discover

Search URL Search Domain Scan URL

URL: https://linkedin.com/company/discover-financial-services

Search URL Search Domain Scan URL

URL: https://www.discover.com/credit-cards/member-benefits/mobile?ICMPGN=FTR_ICON_MOBILE
Title: Discover Mobile App

Search URL Search Domain Scan URL

URL: https://www.discover.com/credit-cards/rewards-credit-cards/?ICMPGN=PUB_FTR_CBR_REWARDS_CREDIT_CARDS
Title: Rewards Credit Cards

Search URL Search Domain Scan URL

URL: https://www.discover.com/credit-cards/cash-back/cashback-bonus.html?ICMPGN=PUB_FTR_CBR_CASH_REWARDS
Title: Cash Back Rewards

Search URL Search Domain Scan URL

URL: https://www.discover.com/credit-cards/cash-back/cashback-calendar.html?ICMPGN=PUB_FTR_CBR_CASHBACK_CALENDAR
Title: 5% Cashback Bonus®

Search URL Search Domain Scan URL

URL: https://www.discover.com/credit-cards/cash-back/redeem-cashback.html?ICMPGN=PUB_FTR_CBR_REDEEM_CASHBACK
Title: Redeem Cashback Bonus

Search URL Search Domain Scan URL

URL: https://www.discover.com/credit-cards/exclusives/sharediscover/?ICMPGN=PUB_FTR_CBR_REFER_FRIEND
Title: Refer a Friend

Search URL Search Domain Scan URL

URL: https://www.discover.com/online-banking/?ICMPGN=PUB_FTR_PRODUCTS_BANKING
Title: Banking

Search URL Search Domain Scan URL

URL: https://www.discover.com/home-loans/home-equity-loan/?ICMPGN=PUB_FTR_PRODUCTS_HOME_EQUITY
Title: Home Equity Loans

Search URL Search Domain Scan URL

URL: https://www.discover.com/home-loans/refinance/?ICMPGN=PUB_FTR_PRODUCTS_MORTGAGE
Title: Mortgage Refinance

Search URL Search Domain Scan URL

URL: https://www.discover.com/personal-loans/?ICMPGN=PUB_FTR_PRODUCTS_PERSONAL_LOANS
Title: Personal Loans

Search URL Search Domain Scan URL

URL: https://www.discover.com/student-loans/?ICMPGN=PUB_FTR_PRODUCTS_STUDENT_LOANS
Title: Student Loans

Search URL Search Domain Scan URL

URL: https://www.discover.com/personal-loans/debt-consolidation/?ICMPGN=PUB_FTR_PRODUCTS_DEBT_CONSOLIDATION
Title: Debt Consolidation

Search URL Search Domain Scan URL

URL: https://www.discover.com/site-map/?ICMPGN=PUB_FTR_QUICK_LINKS_SITEMAP
Title: Sitemap

Search URL Search Domain Scan URL

URL: https://www.discover.com/discover-terms-of-use/?ICMPGN=PUB_FTR_QUICK_LINKS_TERMS_OF_USE
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.discover.com/accessibility/?ICMPGN=PUB_FTR_QUICK_LINKS_ACCESSIBILITY
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://www.discover.com/credit-cards/browser-support/?ICMPGN=PUB_FTR_QUICK_LINKS_BROWSER_SUPPORT
Title: Browser Support

Search URL Search Domain Scan URL

URL: https://www.discover.com/credit-cards/member-benefits/?ICMPGN=PUB_FTR_QUICK_LINKS_SECURITY
Title: Security

Search URL Search Domain Scan URL

URL: https://www.discover.com/privacy-statement/?ICMPGN=PUB_FTR_QUICK_LINKS_PRIVACY
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.discover.com/cpra/form
Title: Your California Privacy Choices

Search URL Search Domain Scan URL

URL: https://info.evidon.com/pub_info/1142?v=1
Title: AdChoices

Search URL Search Domain Scan URL

URL: https://www.bbb.org/chicago/business-reviews/credit-cards-and-plans/discover-financial-services-in-riverwoods-il-1004324

Search URL Search Domain Scan URL

URL: https://www.fdic.gov/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
pub-000jou5jtu095505.pages.dev/ 3 MB
618 KB 144ms
83ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pub-000jou5jtu095505.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07284bbc08e670516a65e76a1584c4ec80796fce81761f7ad056be6b5e317b94

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-ray: 8562797abc91362b-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 16 Feb 2024 02:48:56 GMT
etag: W/"c4efc073ad8480433f5fc01027d79dbd"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KqYYEMCGeQPEgvPToQkgAuMbRUtpRtC9f5CvIYQnCUGEW72wjeLr1Ak2XcAdZXInK3otnviF3Q3uVlb8Irpd2S776NQ4fNk3gkGdSWKEAwuL4cf7BBMbL%2BPWvdkjikaMqIkd7ViI2FpOaU7JsTyIh576gZctjZc7DzUZ8zs%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90ff61e1180bef924c563843bba2edc5f5e726c8f7495e896d99765aadb72d74

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 443 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c368b494568114802e37bb3940d7f2763cb4a5e1424403460cb3710442d6125

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 49 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9407c28cd67bb26799629f4dd6c069ca85cda2c40d3c37145f916b155dafa137

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 32 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0a1d0cc413f2522b27f1b4ec61179cc2c8d33eb76c510b544b82328099e0ab29

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 60 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b4604cb725cca6d62d93a64726f968c875eb4697417bbdb0ecac8f47abbf4548

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a1f0c4f33e2d3f552794c63f9bbf36efc3a7592e9a95f9fdd3c85b4c12499616

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 53 KB
53 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1a01b5d40bca3c6066b39ceb9f5113bd4ed7deb8d3a80672c04f7e56c6742cf2

Request headers

Referer
Origin: https://pub-000jou5jtu095505.pages.dev
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: application/x-font-woff

GET
DATA 200
OK truncated
/ 51 KB
51 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a282ad3258db27fbe42e7b970f0771c5336a92553bc99d932b6a14e5e80b4948

Request headers

Referer
Origin: https://pub-000jou5jtu095505.pages.dev
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: application/x-font-woff

GET
H2 200 fc_logo.png
discoverus.webpush.us2.freshchat.com/ Frame EC9C 4 KB
4 KB 594ms
495ms Image
image/png 65.9.95.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://discoverus.webpush.us2.freshchat.com/fc_logo.png
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-7.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a963621b4341552ca61590aa02e93b70f189e8050a105c32c0197c3c34b2d114

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:48:58 GMT
via: 1.1 4bc1976da553dde6dd59c4ea33001b72.cloudfront.net (CloudFront)
last-modified: Thu, 03 Jan 2019 17:14:23 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
etag: "e87df9f10dcf497ae292dc234200465c"
x-cache: RefreshHit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 3777
x-amz-cf-id: EfHFHrpY5dwl0l4J_ij6XsYrQGZ73iyZzVD16WUJQnVdXfAB1_5OpQ==

GET
DATA 200
OK truncated
/ Frame F70A 81 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK img_1591194745560.png
fc-use1-99-pics-bkt-00.s3.amazonaws.com/8d7734c02ffae6810bd681f4acd86645991a3869e8154f535f2d166f834de954/f_marketingpicFull/u_26ec3c3b50e331128eddb4c345b9227f3fdca08ab587b2cec271484c5ee5feee/ Frame 5AA1 11 KB
11 KB 392ms
130ms Image
image/png 3.5.11.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fc-use1-99-pics-bkt-00.s3.amazonaws.com/8d7734c02ffae6810bd681f4acd86645991a3869e8154f535f2d166f834de954/f_marketingpicFull/u_26ec3c3b50e331128eddb4c345b9227f3fdca08ab587b2cec271484c5ee5feee/img_1591194745560.png
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.11.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 29141383291c774d35804ff894c05e0755b92d622ea717f4e4292e87d92bc870

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Fri, 16 Feb 2024 02:48:58 GMT
x-amz-version-id: null
Last-Modified: Wed, 03 Jun 2020 14:32:26 GMT
Server: AmazonS3
x-amz-request-id: KRZY9KGM5FHY9WT7
ETag: "4142132dfb59cb54e3ec0af4d2a5e71c"
x-amz-server-side-encryption: AES256
Content-Type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Length: 10875
x-amz-id-2: qnSxUW3kv3cnWNSIszvDWllbP28um63g95xRNWbECUMXYowXO8dK1IkL3iUrw0IYrWVilQclqqV2VATYLsMEGg==

GET
H/1.1 200
OK img_1547656486264.png
fc-use1-99-pics-bkt-00.s3.amazonaws.com/8d7734c02ffae6810bd681f4acd86645991a3869e8154f535f2d166f834de954/f_marketingpicFull/u_e196520204222e9898a0325105ed107c38b39493e5b9109c6cb9a138aff9678b/ Frame 5AA1 28 KB
29 KB 387ms
125ms Image
image/png 3.5.11.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fc-use1-99-pics-bkt-00.s3.amazonaws.com/8d7734c02ffae6810bd681f4acd86645991a3869e8154f535f2d166f834de954/f_marketingpicFull/u_e196520204222e9898a0325105ed107c38b39493e5b9109c6cb9a138aff9678b/img_1547656486264.png
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.11.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6996895077736485b5d410664549541b355b2433585aadd8ed6e73101f159a04

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Fri, 16 Feb 2024 02:48:58 GMT
x-amz-version-id: null
Last-Modified: Wed, 16 Jan 2019 16:34:47 GMT
Server: AmazonS3
x-amz-request-id: KRZJWEJGWVC5080B
ETag: "7c42b545baaefa134264649f47831200"
x-amz-server-side-encryption: AES256
Content-Type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Length: 29055
x-amz-id-2: C9WUobSAARr9E9BT/Tr8MEFgJX6ypoxc//p36hB/w/dbZ/N9l92mn8nZRjtjaQrYEGLSM1TH9Jnz1B16kJNB7Q==

GET
H2 200 img_1547591387224.png
discoverus.webpush.us2.freshchat.com/8d7734c02ffae6810bd681f4acd86645991a3869e8154f535f2d166f834de954/f_hlimage/u_4e2ac56ae3b953b990b9de2540504e5edb9f24042bf1ba899a5ca1c197a3710a/ Frame 5AA1 28 KB
29 KB 346ms
285ms Image
image/png 65.9.95.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://discoverus.webpush.us2.freshchat.com/8d7734c02ffae6810bd681f4acd86645991a3869e8154f535f2d166f834de954/f_hlimage/u_4e2ac56ae3b953b990b9de2540504e5edb9f24042bf1ba899a5ca1c197a3710a/img_1547591387224.png
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-7.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e01867b90e8abe1654aea6e31cb0fb4cc0017ef6b0a368b42096d3f0a952391b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id: null
date: Fri, 16 Feb 2024 02:48:58 GMT
via: 1.1 4bc1976da553dde6dd59c4ea33001b72.cloudfront.net (CloudFront)
last-modified: Tue, 15 Jan 2019 22:29:48 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
etag: "ba30c226e51f9af2de3e1fb2140c248d"
x-cache: RefreshHit from cloudfront
content-type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
content-length: 29178
x-amz-cf-id: OM7qYbcJuCZmJ8O1PyijXk5UzPSvvC9mEvgoUPK8L-U_NL-He0sZkQ==

GET
H/1.1 204
204 WHTTt5ayan3RldxH
h.online-metrix.net/ Frame 3F45 0
401 B 48ms
13ms Image
image/png 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://h.online-metrix.net/WHTTt5ayan3RldxH?61ff3224378d2ca4=MCkyiBGzbJ_Ok94JliehpBpF-kgLAaWV43BX32kj2pDxXA_NHuQc0j-f4-ZvoGcxJp1lSzldmg20S2DYy0itIzhBcn3LlkuEmAavTYroeVzKILdSk2qhbC0o1cLjv-G5aXjXNGqSdTWrdaOhCNeeo1GOcIuflrIK-VbsPWjkOfu1C7dVbgh-zIYWes23lHi-GbqHgZU0pnNMki-bfVAOOaEka6qYdQwRzI64XpmLjbPh7LxX&jf=36313626736b6c5f7a6e643d7c6c725d4d5964723a57636b4e653652744d3c59247b696c5f666176673f3937303034303f3a393026736b6c5f7c797065357f65603a6d6b6c7b61267b6b665f6965793533323d393b3033333234323f32613a3436306165336430303831383630383a69383434306b6d3b64303b3233303530333c323238303c6230343430663e31383b3630303564326536646a353f656438383c3067303e303a3a363638613a376765353964663c303b34313232303b6b63643132646b6039353238673d383d393665316c3434373e313b6d3064693531363232393a38676a313d3266663334373a64653231376c3663383732313d636d6262653b3b3335312e7b616c5f7361653f3332343538323039303838343737603b3b6166666666386664633761613e633b623030386c3434383e386a316665396764393264643d38366a383b3763396737313a35663037676c6434303232323c376c363332313f3734613b3b6a303031696460653134626c39363c623f6561643a366630633861613b6d3230613739673f633f3861316c313431323f6d3c6c26736164703d33

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Feb 2024 02:48:57 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=100
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Discover (Financial)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

discoverus.webpush.us2.freshchat.com
fc-use1-99-pics-bkt-00.s3.amazonaws.com
h.online-metrix.net
pub-000jou5jtu095505.pages.dev
2a06:98c1:3121::3
3.5.11.192
65.9.95.7
91.235.132.130
07284bbc08e670516a65e76a1584c4ec80796fce81761f7ad056be6b5e317b94
0a1d0cc413f2522b27f1b4ec61179cc2c8d33eb76c510b544b82328099e0ab29
1a01b5d40bca3c6066b39ceb9f5113bd4ed7deb8d3a80672c04f7e56c6742cf2
226fa13676c50ead0d2237108fd2f58a13c8fd87522fc0929cb03813ff9f5801
29141383291c774d35804ff894c05e0755b92d622ea717f4e4292e87d92bc870
2c368b494568114802e37bb3940d7f2763cb4a5e1424403460cb3710442d6125
5e13fa1bce497b1eeb7563972f9fdef5b1780660667d2571981ade6c269c654c
6996895077736485b5d410664549541b355b2433585aadd8ed6e73101f159a04
6b2681e3f14ed112c6e004bcb1ba7cb19b281c01bb91adfbd1cb1b55228260b4
90ff61e1180bef924c563843bba2edc5f5e726c8f7495e896d99765aadb72d74
9407c28cd67bb26799629f4dd6c069ca85cda2c40d3c37145f916b155dafa137
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
9af85a6f0b303c1628114e423143b50ec683177b51b99630fb7ab35afb8b9208
a1f0c4f33e2d3f552794c63f9bbf36efc3a7592e9a95f9fdd3c85b4c12499616
a282ad3258db27fbe42e7b970f0771c5336a92553bc99d932b6a14e5e80b4948
a963621b4341552ca61590aa02e93b70f189e8050a105c32c0197c3c34b2d114
b4604cb725cca6d62d93a64726f968c875eb4697417bbdb0ecac8f47abbf4548
d824bac8e4daa57db6fac1780d7c51df44931219bbad01a5310dbe30a6fa1c7c
e01867b90e8abe1654aea6e31cb0fb4cc0017ef6b0a368b42096d3f0a952391b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1b2391cca107e8119da5d92948a0f87586894a139f9b8d571b1b1894cf7ae26
f2ebe16f3db7a9486858d2dc2705a5f1cb157980f3b308351aef002772c2181b

pub-000jou5jtu095505.pages.dev Open in urlscan Pro 2a06:98c1:3121::3 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

13 Requests

46 %HTTPS

25 %IPv6

4 Domains

4 Subdomains

5 IPs

1 Countries

1695 kBTransfer

3821 kBSize

0 Cookies

94 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

7 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

pub-000jou5jtu095505.pages.dev Open in urlscan Pro
2a06:98c1:3121::3 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

46 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

5
IPs

1
Countries

1695 kB
Transfer

3821 kB
Size

0
Cookies

13 HTTP transactions
2 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!